X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osm_nbi%2Fnbi.cfg;h=383b462469d1bbe0c7d03a424678e89805d80fbd;hb=8bf978ed8d25bfdc9fe91033b57555946fef8e36;hp=b8db711c4592e6d9bc47fbdf938e906bb9412d5d;hpb=e1eb3b2c0bdb7462d330703702677b3354ceb9ff;p=osm%2FNBI.git diff --git a/osm_nbi/nbi.cfg b/osm_nbi/nbi.cfg index b8db711..383b462 100644 --- a/osm_nbi/nbi.cfg +++ b/osm_nbi/nbi.cfg @@ -44,6 +44,9 @@ server.thread_pool: 10 # Uncomment for allow basic authentication apart from bearer # auth.allow_basic_authentication: True +# comment or set to False to disable /test URL +server.enable_test: True + log.screen: False log.access_file: "" log.error_file: "" @@ -57,6 +60,7 @@ driver: "mongo" # mongo or memory host: "mongo" # hostname or IP port: 27017 name: "osm" +# replicaset: "replicaset" # user: "user" # password: "password" # commonkey: "commonkey" @@ -68,7 +72,6 @@ port: 9090 loglevel: "DEBUG" #logfile: /var/log/osm/nbi-database.log - [storage] driver: "local" # local filesystem # for local provide file path @@ -89,10 +92,33 @@ loglevel: "DEBUG" group_id: "nbi-server" [authentication] -backend: "internal" # internal or keystone +backend: "keystone" # internal or keystone or tacacs +# for keystone backend a comma separated list of user adn project _domain_name list can ba provided. +# NBI will try authenticate with all of then if domain is not provided in the content of a POST token +# user_domain_name: "default,ldap" +# project_domain_name: "default,ldap" + +# Keystone config parameters are +# auth_url: format https://:/v3 # v3 is necessary +# auth_host: ip address of keystone host. +# auth_port: port number of keystone. +# Provide either auth_url or (auth_host and auth_port) +# service_username: "nbi" +# service_password: "nbi" + # Only for test. It works without authorization using the provided user and project: # user_not_authorized: "admin" # project_not_authorized: "admin" +# TACACS configuration +# tacacs_host: "" +# tacacs_secret: "" +# tacacs_port: 49 # Default value +# tacacs_timeout: 10 # Default value + +# Password expiry configuration +# pwd_expiry_check: True # Uncomment to enable the password expiry check +# days: 30 # Default value + [rbac] # roles_to_operations: "roles_to_operations.yml" # initial role generation when database