forked from cloudfoundry/bosh
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathspec
118 lines (112 loc) · 4.22 KB
/
spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
---
name: registry
templates:
pre-start.erb: bin/pre-start
bpm.yml: config/bpm.yml
bosh-registry: bin/bosh-registry
cacert.pem.erb: config/cacert.pem
registry.yml.erb: config/registry.yml
db_ca.pem.erb: config/db/ca.pem
db_client_certificate.pem.erb: config/db/client_certificate.pem
db_client_private_key.key.erb: config/db/client_private_key.key
registry: bin/registry
packages:
- registry
- libpq
- mysql
- ruby-2.6.5-r0.29.0
properties:
registry.port:
description: TCP port Registry daemon listens on
default: 25777
registry.username:
description: Username clients must use to access Registry via HTTP Basic Auth
registry.password:
description: Password clients must use to access Registry via HTTP Basic Auth
registry.additional_users:
description: |
An array of objects with keys 'username' and 'password'
clients must use to access Registry via HTTP Basic Auth
These users are in addition to the user defined by 'registry.username'/'registry.password'
This is to enable registry credential rotation
env.http_proxy:
description: HTTP proxy that the registry should use
env.https_proxy:
description: HTTPS proxy that the registry should use
env.no_proxy:
description: List of comma-separated hosts that should skip connecting to the proxy in the registry
# Registry Database
registry.db.adapter:
description: The type of database used
default: postgres
registry.db.user:
description: Username used for the registry database
default: bosh
registry.db.password:
description: Password used for the registry database
registry.db.host:
description: Address of the registry database
default: 127.0.0.1
registry.db.port:
description: Port of the registry database
default: 5432
registry.db.database:
description: Name of the registry database
default: bosh_registry
registry.db.connection_options:
description: Additional options for the database
default:
max_connections: 32 #Maximum size of the connection pool
pool_timeout: 10 #Number of seconds to wait if a connection cannot be acquired before raising an error
registry.db.tls.enabled:
description: Flag for enabling tls for database
default: false
registry.db.tls.cert.ca:
description: Database CA certificate
registry.db.tls.cert.certificate:
description: Client certificate for mutual TLS connections to DB
registry.db.tls.cert.private_key:
description: Client private key for mutual TLS connections to DB
# For AWS
aws.credentials_source:
description: AWS credentials source
default: static
aws.access_key_id:
description: AWS IAM Access Key ID
aws.secret_access_key:
description: AWS IAM Secret Access Key
aws.region:
description: AWS EC2 Region
aws.ec2_endpoint:
description: The service endpoint for Amazon EC2 (optional, if not supplied default region endpoint will be used)
aws.elb_endpoint:
description: The service endpoint for Amazon Elastic Load Balancing (optional, if not supplied default region endpoint will be used)
aws.max_retries:
description: Max number of retries to connect to AWS
default: 2
aws.ssl_ca_file:
description: The path to a CA cert bundle in PEM format
aws.ssl_ca_path:
description: The path the a CA cert directory
aws.ssl_verify_peer:
description: When true the HTTP handler validate server certificates for HTTPS requests
# For OpenStack
openstack.auth_url:
description: URL of the OpenStack Identity endpoint to connect to
openstack.username:
description: OpenStack user name
openstack.api_key:
description: OpenStack API key
openstack.tenant:
description: OpenStack tenant name (required for Keystone API version 2)
openstack.project:
description: OpenStack project name (required for Keystone API version 3)
openstack.domain:
description: OpenStack domain (required for Keystone API version 3)
openstack.region:
description: OpenStack region (optional)
openstack.endpoint_type:
description: OpenStack endpoint type (optional, by default publicURL)
default: publicURL
openstack.connection_options:
description: Hash containing optional connection parameters to the OpenStack API