PlantUML Server is a web application to generate UML diagrams on-the-fly.
PlantUML is not affected by the log4j vulnerability.
Breaking changes:
The PlantUML core removed the deprecatedALLOW_PLANTUML_INCLUDE
environment property feature and switch to thePLANTUML_SECURITY_PROFILE
concept with versionv1.2023.9
. All details about PlantUML's security can be found on https://plantuml.com/security.By default PlantUML server sets the
PLANTUML_SECURITY_PROFILE
toINTERNET
. If you need more access to e.g. other ports than 80 (http) and 443 (https) or even access to local files, please consider using one of the allowlist features. It is strongly advised not to set thePLANTUML_SECURITY_PROFILE
belowINTERNET
!
More examples and features about the Web UI can be found in docs/WebUI.
To know more about PlantUML, please visit https://plantuml.com.
Just run:
mvn jetty:run
The server is now listening to http://localhost:8080/plantuml. In this way the server is run on an embedded jetty server.
You can specify the port at which it runs:
mvn jetty:run -Djetty.http.port=9999
You can run Plantuml with jetty or tomcat container
docker run -d -p 8080:8080 plantuml/plantuml-server:jetty
docker run -d -p 8080:8080 plantuml/plantuml-server:tomcat
The server is now listening to http://localhost:8080.
The jetty container supports read-only files system, you can run the read-only mode with:
docker run -d -p 8080:8080 --read-only -v /tmp/jetty plantuml/plantuml-server:jetty
This makes the container compatible with more restricted environment such as OpenShift, just make sure you mount a volume (can be ephemeral) on /tmp/jetty
.
To run plantuml using different base url, change the docker-compose.yml
file:
environment:
- BASE_URL=plantuml
And run docker-compose up
. This will start a modified version of the image using the base url /plantuml
, e.g. http://localhost:8080/plantuml
You can apply some option to your PlantUML server with environment variable.
If you run the directly the jar:
# NOTE: jetty-runner is deprecated.
# build war file and jetty-runner
mvn package
# start directly
# java $JVM_ARGS -jar jetty-runner.jar $JETTY_ARGS
java -jar target/dependency/jetty-runner.jar --config src/main/config/jetty.xml --port 9999 --path /plantuml target/plantuml.war
# see help for more possible options
java -jar target/dependency/jetty-runner.jar --help
Note: --config src/main/config/jetty.xml
is only necessary if you need support for empty path segments in URLs (e.g. for the old proxy)
Alternatively, start over maven and pass the option with -D
flag
mvn jetty:run -D THE_ENV_VARIABLE=THE_ENV_VALUE -Djetty.http.port=9999
If you use docker, you can use the -e
flag:
docker run -d -p 9999:8080 -e THE_ENV_VARIABLE=THE_ENV_VALUE plantuml/plantuml-server:jetty
You can set all the following variables:
BASE_URL
ROOT
PLANTUML_SECURITY_PROFILE
plantuml.allowlist.path
plantuml.include.path
plantuml.allowlist.url
PLANTUML_SECURITY_PROFILE
below INTERNET
!INTERNET
PLANTUML_PROPERTY_FILE
-Dpropertyname=value
syntax).java.util.Properties.load
.null
PLANTUML_CONFIG_FILE
-config
flag on the CLI)null
PLANTUML_LIMIT_SIZE
4096
PLANTUML_STATS
on
to enable statistics reportoff
HTTP_AUTHORIZATION
proxy
endpoint, the value of HTTP_AUTHORIZATION
will be used to set the HTTP Authorization headernull
HTTP_PROXY_READ_TIMEOUT
proxy
endpoint, the value of HTTP_PROXY_READ_TIMEOUT
will be the connection read timeout in milliseconds10000
(10 seconds)This method uses maven to run the application. That requires internet connectivity. So, you can use following command to create a self-contained docker image that will "just work".
docker image build -f Dockerfile.jetty -t plantuml-server:local .
docker run -d -p 8080:8080 plantuml-server:local
The server is now listening to http://localhost:8080.
You may specify the port in -p
Docker command line argument.
To build the war, just run:
mvn package
at the root directory of the project to produce plantuml.war in the target/ directory.
NOTE: If you want that the generated war includes the apache-jsp
artifact run:
mvn package -Dapache-jsp.scope=compile
If you want to generate the war with java 8 as target just remove the src/test directory and use pom.jdk8.xml
.
rm -rf src/test
mvn package -f pom.jdk8.xml [-Dapache-jsp.scope=compile]
It is possible to use PlantUML with a reverse proxy.
You can find this and other examples here.