projects / osm / NBI.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Feature 8532: Added new plugin authconn tacacs
[osm/NBI.git] / osm_nbi / nbi.cfg
diff --git a/osm_nbi/nbi.cfg b/osm_nbi/nbi.cfg
index e206522..60320ad 100644 (file)
--- a/osm_nbi/nbi.cfg
+++ b/osm_nbi/nbi.cfg
@@ -39,15 +39,14 @@ server.ssl_module: "builtin"
 server.ssl_certificate: "./http/cert.pem"
 server.ssl_private_key: "./http/privkey.pem"
 server.ssl_pass_phrase: "osm4u"
-server.thread_pool: 1
-
-# Only for test. It works without authorization using the provided user and project:
-# test.user_not_authorized: "admin"
-# test.project_not_authorized: "admin"
+server.thread_pool: 10
 
 # Uncomment for allow basic authentication apart from bearer
 # auth.allow_basic_authentication: True
 
+# comment or set to False to disable /test URL
+server.enable_test: True
+
 log.screen: False
 log.access_file: ""
 log.error_file: ""
@@ -61,14 +60,18 @@ driver: "mongo"            # mongo or memory
 host:   "mongo"            # hostname or IP
 port: 27017
 name: "osm"
+# replicaset: "replicaset"
 # user: "user"
 # password: "password"
 # commonkey: "commonkey"
 
+[prometheus]
+host: "prometheus"         #hostname or IP
+port: 9090
+
 loglevel:  "DEBUG"
 #logfile: /var/log/osm/nbi-database.log
 
-
 [storage]
 driver: "local"            # local filesystem
 # for local provide file path
@@ -86,6 +89,32 @@ port: 9092
 
 loglevel:  "DEBUG"
 #logfile: /var/log/osm/nbi-message.log
+group_id: "nbi-server"
 
 [authentication]
-backend: "internal"
+backend: "keystone"         # internal or keystone or tacacs
+# for keystone backend a comma separated list of user adn project _domain_name list can ba provided.
+# NBI will try authenticate with all of then if domain is not provided in the content of a POST token
+# user_domain_name:         "default,ldap"
+# project_domain_name:      "default,ldap"
+
+# Keystone config parameters are
+# auth_url: format https://<ip>:<port>/v3       # v3 is necessary
+# auth_host: ip address of keystone host.
+# auth_port: port number of keystone.
+# Provide either auth_url or (auth_host and auth_port)
+# service_username: "nbi"
+# service_password: "nbi"
+
+# Only for test. It works without authorization using the provided user and project:
+# user_not_authorized: "admin"
+# project_not_authorized: "admin"
+
+# TACACS configuration
+# tacacs_host: ""
+# tacacs_secret: ""
+# tacacs_port: 49    # Default value
+# tacacs_timeout: 10 # Default value
+
+[rbac]
+# roles_to_operations: "roles_to_operations.yml"  # initial role generation when database