X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fnbi.cfg;h=60320ad87dc62f224e5e12bc59606e8886366b26;hp=9255a8cba6d7903b4baaea784dfea886d3eec11b;hb=HEAD;hpb=0aa89ae83e5f60a2a42a914d4063a95ad12f5139 diff --git a/osm_nbi/nbi.cfg b/osm_nbi/nbi.cfg index 9255a8c..7035cae 100644 --- a/osm_nbi/nbi.cfg +++ b/osm_nbi/nbi.cfg @@ -60,6 +60,7 @@ driver: "mongo" # mongo or memory host: "mongo" # hostname or IP port: 27017 name: "osm" +# replicaset: "replicaset" # user: "user" # password: "password" # commonkey: "commonkey" @@ -91,15 +92,40 @@ loglevel: "DEBUG" group_id: "nbi-server" [authentication] -backend: "internal" # internal or keystone +backend: "keystone" # internal or keystone or tacacs # for keystone backend a comma separated list of user adn project _domain_name list can ba provided. # NBI will try authenticate with all of then if domain is not provided in the content of a POST token # user_domain_name: "default,ldap" # project_domain_name: "default,ldap" +# Keystone config parameters are +# auth_url: format https://:/v3 # v3 is necessary +# auth_host: ip address of keystone host. +# auth_port: port number of keystone. +# Provide either auth_url or (auth_host and auth_port) +# service_username: "nbi" +# service_password: "nbi" + # Only for test. It works without authorization using the provided user and project: # user_not_authorized: "admin" # project_not_authorized: "admin" +# TACACS configuration +# tacacs_host: "" +# tacacs_secret: "" +# tacacs_port: 49 # Default value +# tacacs_timeout: 10 # Default value + +# User Management configuration +user_management: True +pwd_expire_days: 30 # Password expiry Default value +max_pwd_attempt: 5 +account_expire_days: 90 # Account expiry Default value + +# CEF Configuration +version: "0" +deviceVendor: "OSM" +deviceProduct: "OSM" + [rbac] # roles_to_operations: "roles_to_operations.yml" # initial role generation when database