Skip to content

Settings

The Settings page allows administrators to configure all core behaviors of the system.
It is divided into four sections:

  • Database
  • General
  • SSL
  • Security

Each section controls an important part of the application.
Below is a detailed explanation of each one.

Database

The Database section allows you to initialize or reinitialize the internal database.
This is a destructive operation and should only be performed when setting up a fresh installation or recovering from corruption.

Password *

You must enter your current account password to confirm the action.

Database already initialized

Shows whether the system database has been initialized.
Example: yes

Save

Starts the initialization or reinitialization process.

Warning

Reinitializing the database will remove all registered devices.
You will lose access to every device, and each one must be reconnected manually.

How Database Initialization Works

The initialization process generates a new public and private encryption key pair.
This key pair is used internally to encrypt the SSH keys associated with each registered device.
Because every device depends on this encryption key pair, reinitializing the system has important implications.

When you reinitialize:

  • A new encryption key pair is generated.
  • All previously created devices become unreadable, since their SSH keys were encrypted using the old key pair.
  • You will lose access to all devices through SingleJump.
  • Each device must be recreated manually in order to restore access.

Important

If you have already created devices, do not reinitialize the database unless you fully understand the consequences.
Reinitialization permanently invalidates all existing device data.

After the database has been successfully initialized for the first time, the Database tab is automatically removed from the Settings menu to prevent accidental resets.

If you ever need to intentionally start an initialization process, you must manually delete the following file: storage/app/keys/encryption.pub

General

The General section contains system-wide configuration options.

Max Concurrent Batch Commands *

The execution of tasks across multiple devices is handled through the Command Batches feature.
This mechanism allows the system to open SSH connections to multiple devices simultaneously and execute commands in parallel.

However, it is important to define a reasonable concurrency limit.
Without such a limit, the system might attempt to launch hundreds or even thousands of simultaneous SSH processes, which could overload the server or network.

By setting a maximum number of concurrent batch commands, you ensure:

  • Only a controlled number of processes run at the same time.
  • The remaining tasks are placed in a queue and executed once resources become available.
  • System stability and performance are preserved even when managing a large number of devices.

This setting provides safe and predictable execution of commands across multiple devices.

Defines how many batch commands can run at the same time.

Example value: 10

SSL

The SSL section lets you configure HTTPS support using either:

  • Automatically generated Let’s Encrypt certificates
  • Manually provided SSL certificates

Generate Let’s Encrypt SSL

Requirements for Generating Let’s Encrypt SSL

When using the Generate Let’s Encrypt SSL option, it is important to ensure that the domain you provide
(e.g., login.yourdomain.com) is correctly configured.

For Let’s Encrypt to issue a certificate, the following conditions must be met:

  • The domain must point to the public IP address where SingleJump is running.
  • Port 80/TCP must be open and reachable from the internet.

Let’s Encrypt validates domain ownership through an HTTP challenge.
If the domain does not resolve to the correct IP address or if port 80 is blocked by a firewall, router, or hosting provider, the certificate generation process will fail.

Ensuring both requirements are met will allow the challenge to complete successfully and the SSL certificate to be generated.

Letsencrypt enabled

Toggle to enable automatic SSL generation.

Letsencrypt email *

Email used for Let’s Encrypt certificate creation and renewal notifications.

Letsencrypt domain *

Domain name for issuing the SSL certificate.

Manual SSL Configuration

The second part of the section allows you to manually provide your own certificates.

State

Indicates whether the current SSL configuration is valid.

Examples: valid | invalid

Key *

Paste your private key (.key file) here.

Certificate *

Paste your certificate (.crt or full chain) here.

You may optionally choose to Use full chain certificate if your provider requires it.

Save

After saving, the web server may restart automatically.

Info

After saving SSL settings, the web server may take up to 1 minute to restart.

Security

The Security section focuses on user authentication and access control.

Require Two-Factor Authentication

When enabled, only users with Two-Factor Authentication (2FA) activated may:

  • Log in via SSH
  • Execute batch commands
  • View session recordings

This setting ensures that only properly secured accounts can access sensitive features.

Save

Applies the new security policy.

Warning

If this option is enabled, users without 2FA will immediately lose access until they enable it.

Summary

The Settings page centralizes all core configuration options of the system:
database initialization, concurrency limits, SSL certificates, and authentication policies.

Only administrators should modify these settings, as some actions—such as database reinitialization or SSL updates—may momentarily disrupt functionality or access.