| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or |
| # implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| [/] |
| # tools.secureheaders.on = True |
| tools.sessions.on = True |
| # increase security on sessions |
| tools.sessions.secure = True |
| tools.sessions.httponly = True |
| tools.encode.on: True, |
| tools.encode.encoding: 'utf-8' |
| tools.response_headers.on = True |
| |
| # tools.auth_basic.on: True, |
| # tools.auth_basic.realm: 'localhost', |
| # tools.auth_basic.checkpassword: get_tokens |
| |
| |
| [/static] |
| tools.staticdir.on: True |
| tools.staticdir.dir: "/app/NBI/osm_nbi/html_public" |
| |
| |
| [global] |
| server.socket_host: "0.0.0.0" |
| server.socket_port: 9999 |
| |
| server.ssl_module: "builtin" |
| server.ssl_certificate: "./http/cert.pem" |
| server.ssl_private_key: "./http/privkey.pem" |
| server.ssl_pass_phrase: "osm4u" |
| server.thread_pool: 10 |
| |
| # Uncomment for allow basic authentication apart from bearer |
| # auth.allow_basic_authentication: True |
| |
| # comment or set to False to disable /test URL |
| server.enable_test: True |
| |
| log.screen: False |
| log.access_file: "" |
| log.error_file: "" |
| |
| log.level: "DEBUG" |
| #log.file: /var/log/osm/nbi.log |
| |
| |
| [database] |
| driver: "mongo" # mongo or memory |
| host: "mongo" # hostname or IP |
| port: 27017 |
| name: "osm" |
| # replicaset: "replicaset" |
| # user: "user" |
| # password: "password" |
| # commonkey: "commonkey" |
| |
| [prometheus] |
| host: "prometheus" #hostname or IP |
| port: 9090 |
| |
| loglevel: "DEBUG" |
| #logfile: /var/log/osm/nbi-database.log |
| |
| [storage] |
| driver: "local" # local filesystem |
| # for local provide file path |
| path: "/app/storage" #"/home/atierno/OSM/osm/NBI/local/storage" |
| |
| loglevel: "DEBUG" |
| #logfile: /var/log/osm/nbi-storage.log |
| |
| [message] |
| driver: "kafka" # local or kafka |
| # for local provide file path |
| path: "/app/storage/kafka" |
| host: "kafka" |
| port: 9092 |
| |
| loglevel: "DEBUG" |
| #logfile: /var/log/osm/nbi-message.log |
| group_id: "nbi-server" |
| |
| [authentication] |
| backend: "keystone" # internal or keystone or tacacs |
| # for keystone backend a comma separated list of user adn project _domain_name list can ba provided. |
| # NBI will try authenticate with all of then if domain is not provided in the content of a POST token |
| # user_domain_name: "default,ldap" |
| # project_domain_name: "default,ldap" |
| |
| # Keystone config parameters are |
| # auth_url: format https://<ip>:<port>/v3 # v3 is necessary |
| # auth_host: ip address of keystone host. |
| # auth_port: port number of keystone. |
| # Provide either auth_url or (auth_host and auth_port) |
| # service_username: "nbi" |
| # service_password: "nbi" |
| |
| # Only for test. It works without authorization using the provided user and project: |
| # user_not_authorized: "admin" |
| # project_not_authorized: "admin" |
| |
| # TACACS configuration |
| # tacacs_host: "" |
| # tacacs_secret: "" |
| # tacacs_port: 49 # Default value |
| # tacacs_timeout: 10 # Default value |
| |
| [rbac] |
| # roles_to_operations: "roles_to_operations.yml" # initial role generation when database |