Home
Administering HCL Nomad
The following topics provide instructions on how to configure and manage HCL Nomad.
Nomad server on Domino
The Nomad server on Domino serves Nomad directly from your Domino server. It has been designed to simplify Nomad deployment.
Using the Nomad server behind a load balancer / reverse proxy
You can use the Nomad server for Domino behind a reverse proxy.

Administering HCL Nomad
The following topics provide instructions on how to configure and manage HCL Nomad.
- System architecture
  This topic describes the system architecture for HCL Nomad for web browsers, iOS, and Android.
- Nomad server on Domino
  The Nomad server on Domino serves Nomad directly from your Domino server. It has been designed to simplify Nomad deployment.
  - Prerequisites and system requirements
  - Installation
  - Verify the configuration
  - Using the Nomad server behind a load balancer / reverse proxy
    You can use the Nomad server for Domino behind a reverse proxy.
  - Configuration options for the Nomad server for Domino
- SafeLinx as the Nomad server
  An HCL SafeLinx 1.2 or later server configured as a HCL Nomad server is required to handle communications with Nomad clients.
- HCL Nomad and panagenda MarvelClient
  The HCL Nomad management solution MarvelClient from panagenda is now provided with all installations of HCL Nomad on iOS, Android, and HCL Nomad for web browsers. panagenda MarvelClient allows administrators to manage HCL Nomad clients by defining their own settings.
- Managing HCL Nomad via an MDM provider (mobile)
  Starting with version 1.0.4 for HCL Nomad for iOS, and version 1.0.13 for HCL Nomad for Android, managed configuration via most common Mobile Device Management (MDM) providers is supported. All MDM providers are slightly different in how they implement managed configurations for applications.
- Configuring Nomad federated login
  When you configure Nomad federated login, HCL Nomad for web browser users are not prompted for their HCL Notes ID passwords when they set up Nomad. Instead, they are prompted only for credentials from a SAML identity provider (IdP) that is accessed through the Nomad server.
- Configuring Nomad via notes.ini settings
  This topic describes how to configure notes.ini settings.
- Configuring application switcher (Nomad for web browsers)
  Application (app) switcher is an optional, configurable dropdown menu displayed on the left of HCL Nomad for web browsers' navigation bar. Each app switcher menu entry shows an application icon followed by the application’s name. Clicking on an app switcher menu entry navigates to the corresponding application address in a new browser tab.
- Shared usage (Nomad for web browsers)
  Nomad for web browsers administrators can force local user data to clear on shutdown. This option is only recommended when the usage pattern will be a new user each time Nomad is loaded or reloaded.
- Granting Persistent Storage permission (Nomad for web browsers)
  HCL Nomad for web browsers stores files in the browser's local site storage. The browser has automatic storage eviction logic that will delete this data if the local site storage gets too large. The files that Nomad stores are generally small and unlikely to be evicted. However, with replication, the Nomad storage could be very large and very likely to be evicted. To prevent this eviction, HCL Nomad needs the Persistent Storage permission.
- Troubleshooting (Nomad for web browsers)
  This topic describles troubleshooting for administrators.

Using the Nomad server behind a load balancer / reverse proxy

You can use the Nomad server for Domino behind a reverse proxy.

Note: As of the Nomad Server's general availabilty (Nomad for web browsers 1.0.5), SafeLinx is not able to correctly serve as a reverse proxy / load balancer in front of the Nomad server. An update to resolve this issue is currently in progress.

Note: You must ensure that the web socket connections are upgraded by the proxy and not left as-is to be upgraded by the Nomad server for Domino.

The following is an NGINX sample config:

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server {
  listen 443 ssl;
  server_name nomad.example.com;

  ssl_certificate     /run/secrets/chain.pem;
  ssl_certificate_key /run/secrets/server.key;

  location / {
    proxy_ssl_server_name on;

    proxy_pass https://domino.example.com:8443;
    proxy_set_header   Host $host;
  }

  location /nrpc-wss {
    proxy_ssl_server_name on;

    proxy_pass https://domino.example.com:8443/nrpc-wss;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
  }
}

Load balancing

To load balance traffic over two or more servers, you must set the cookie secret across all nodes to the same value. For more information, see "Configuring the session cookie" in Configuration options for the Nomad server for Domino.