osm_nbi/nbi.cfg

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.

[/]
# tools.secureheaders.on = True
tools.sessions.on = True
# increase security on sessions
tools.sessions.secure = True
tools.sessions.httponly = True
tools.encode.on: True,
tools.encode.encoding: 'utf-8'
tools.response_headers.on = True

# tools.auth_basic.on: True,
# tools.auth_basic.realm: 'localhost',
# tools.auth_basic.checkpassword: get_tokens


[/static]
tools.staticdir.on: True
tools.staticdir.dir: "/app/NBI/osm_nbi/html_public"


[global]
server.socket_host: "0.0.0.0"
server.socket_port: 9999

server.ssl_module: "builtin"
server.ssl_certificate: "./http/cert.pem"
server.ssl_private_key: "./http/privkey.pem"
server.ssl_pass_phrase: "osm4u"
server.thread_pool: 10

# Uncomment for allow basic authentication apart from bearer
# auth.allow_basic_authentication: True

# comment or set to False to disable /test URL
server.enable_test: True

log.screen: False
log.access_file: ""
log.error_file: ""

log.level: "DEBUG"
#log.file: /var/log/osm/nbi.log


[database]
driver: "mongo"            # mongo or memory
host:   "mongo"            # hostname or IP
port: 27017
name: "osm"
# replicaset: "replicaset"
# user: "user"
# password: "password"
# commonkey: "commonkey"

[prometheus]
host: "prometheus"         #hostname or IP
port: 9090

loglevel:  "DEBUG"
#logfile: /var/log/osm/nbi-database.log

[storage]
driver: "local"            # local filesystem
# for local provide file path
path: "/app/storage"       #"/home/atierno/OSM/osm/NBI/local/storage"

loglevel:  "DEBUG"
#logfile: /var/log/osm/nbi-storage.log

[message]
driver: "kafka"             # local or kafka
# for local provide file path
path: "/app/storage/kafka"
host: "kafka"
port: 9092

loglevel:  "DEBUG"
#logfile: /var/log/osm/nbi-message.log
group_id: "nbi-server"

[authentication]
backend: "keystone"         # internal or keystone or tacacs
# for keystone backend a comma separated list of user adn project _domain_name list can ba provided.
# NBI will try authenticate with all of then if domain is not provided in the content of a POST token
# user_domain_name:         "default,ldap"
# project_domain_name:      "default,ldap"

# Keystone config parameters are
# auth_url: format https://<ip>:<port>/v3       # v3 is necessary
# auth_host: ip address of keystone host.
# auth_port: port number of keystone.
# Provide either auth_url or (auth_host and auth_port)
# service_username: "nbi"
# service_password: "nbi"

# Only for test. It works without authorization using the provided user and project:
# user_not_authorized: "admin"
# project_not_authorized: "admin"

# TACACS configuration
# tacacs_host: ""
# tacacs_secret: ""
# tacacs_port: 49    # Default value
# tacacs_timeout: 10 # Default value

[rbac]
# roles_to_operations: "roles_to_operations.yml"  # initial role generation when database