3 #!# ============LICENSE_START==========================================
5 #!# ===================================================================
6 #!# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
7 #!# ===================================================================
8 #!# Licensed under the Apache License, Version 2.0 (the "License");
9 #!# you may not use this file except in compliance with the License.
10 #!# You may obtain a copy of the License at
12 #!# http://www.apache.org/licenses/LICENSE-2.0
14 #!# Unless required by applicable law or agreed to in writing, software
15 #!# distributed under the License is distributed on an "AS IS" BASIS,
16 #!# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 #!# See the License for the specific language governing permissions and
18 #!# limitations under the License.
19 #!# ============LICENSE_END============================================
20 #!# ECOMP is a trademark and service mark of AT&T Intellectual Property.
23 #!# Configuration parameters fixed at startup for the DMaaP Bus Controller
26 #!# URI to retrieve dynamic DR configuration
29 #!ProvisioningURI: /internal/prov
31 #!# Allow http access to API
35 #!# The port number for http as seen within the server
39 #!# The port number for https as seen within the server
40 #!# Set to 0 if no certificate is available yet...
44 #!# The external port number for https taking port mapping into account
48 #!# The type of keystore for https
52 #!# The path to the keystore for https
54 #!KeyStoreFile: etc/keystore
56 #!# The password for the https keystore
58 #!KeyStorePassword: changeit
60 #!# The password for the private key in the https keystore
62 #!KeyPassword: changeit
64 #!# The type of truststore for https
68 #!# The path to the truststore for https
70 #!TrustStoreFile: ${DMAAPBC_TSTOREFILE}
72 #!# The password for the https truststore
74 #!TrustStorePassword: changeit
76 #!# The path to the file used to trigger an orderly shutdown
78 #!QuiesceFile: etc/SHUTDOWN
84 #!# The host for postgres access
88 #!# For postgres access
92 #!# Name of this environment
96 #!# Name of DR prov server
98 #!DR.provhost: localhost
100 #!# handling of feed delete
101 #!# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility)
102 #!# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments
103 #!Feed.deleteHandling: DeleteOnDR
105 #!################################################################################
106 #!# MR Related Properties:
108 #!# Value of the CNAME DNS entry which resolves to the primary central MR cluster (when there are more than one central clusters).
109 #!# if there is only one MR cluster in an environment, set this to the DNS name for that cluster
111 #!MR.CentralCname: notSet.onap.org
113 #!# MR Client Delete Level thoroughness:
115 #!# 1 = delete from persistent store
116 #!# 2 = delete from persistent store (DB) and authorization store (AAF)
117 #!MR.ClientDeleteLevel: 1
119 #!# MR Topic Factory Namespace
121 #!MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory
124 #!MR.TopicMgrRole: org.onap.dmaap-bc.TopicMgr
126 #!# MR topic name style
127 #!MR.topicStyle: FQTN_LEGACY_FORMAT
129 #!# MR topic ProjectID
130 #!MR.projectID: 23456
134 #!# end of MR Related Properties
135 #!################################################################################
138 #!# The Role and credentials of the MirrorMaker Provisioner. This is used by DMaaP Bus Controller to pub to the provisioning topic
141 #!MM.ProvRole: org.onap.dmaapBC.MMprov.prov
142 #!MM.ProvUserMechId: idNotSet@namespaceNotSet
143 #!MM.ProvUserPwd: pwdNotSet
145 #!# The Role of the MirrorMaker Agent. This is used by MM to sub to provisioning topic
147 #!MM.AgentRole: org.onap.dmaapBC.MMagent.agent
151 #!# regarding password encryption:
152 #!# In the dependencies that Maven retrieves (e.g., under dcae_dmaapbc/target/deps/ is a jar file cadi-core-version.jar. Generate the key file with:
154 #!# java \u2013jar wherever/cadi-core-*.jar keygen keyfilename
155 #!# chmod 400 keyfilename
157 #!# To encrypt a key:
159 #!# java \u2013jar wherever/cadi-core-*.jar digest password-to-encrypt keyfilename
161 #!# This will generate a string. Put \u201Cenc:\u201D on the front of the string, and put the result in this properties file.
163 #!# Location of the Codec Keyfile which is used to decrypt passwords in this properties file before they are passed to AAF
165 #!# REF: https://wiki.domain.notset.com/display/cadi/CADI+Deployment
167 #!CredentialCodecKeyfile: etc/LocalKey
169 #!# This overrides the Class used for Decryption.
170 #!# This allows for a plugin encryption/decryption method if needed.
171 #!# Call this Class for decryption at runtime.
172 #!#AafDecryption.Class: com.company.proprietaryDecryptor
175 #!# This overrides the Class used for API Permission check.
176 #!# This allows for a plugin policy check, if needed
177 #!ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll
180 #!# URL of AAF environment to use.
182 #!aaf.URL: https://localhost:8100/proxy
184 #!# TopicMgr mechid@namespace
186 #!aaf.TopicMgrUser: idNotSet@namespaceNotSet
188 #!# TopicMgr password
190 #!aaf.TopicMgrPassword: pwdNotSet
192 #!# Bus Controller Namespace Admin mechid@namespace
194 #!aaf.AdminUser: idNotSet@namespaceNotSet
196 #!# Bus Controller Namespace Admin password
198 #!aaf.AdminPassword: pwdNotSet
200 #!# endof AAF Properties
203 #!# PolicyEngine Properties
205 #!# Name of PolicyEngineApi properties file
206 #!PolicyEngineProperties: config/PolicyEngineApi.properties
208 #!# Namespace for URI values for API used to create AAF permissions
209 #!# e.g. if ApiNamespace is X.Y..dmaapBC.api then for URI /topics we create an AAF perm X.Y..dmaapBC.api.topics
210 #!ApiNamespace: org.onap.dmaapBC.api
212 #!# endof PolicyEngineProperties
215 # Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
217 # Licensed under the Apache License, Version 2.0 (the "License");
218 # you may not use this file except in compliance with the License.
219 # You may obtain a copy of the License at
221 # http://www.apache.org/licenses/LICENSE-2.0
223 # Unless required by applicable law or agreed to in writing, software
224 # distributed under the License is distributed on an "AS IS" BASIS,
225 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
226 # See the License for the specific language governing permissions and
227 # limitations under the License.
230 #####################################################
232 # Hooks for specific environment configurations
234 #####################################################
235 # Indicator for whether to use AAF for authentication
238 # Stub out southbound calls for Unit Test cases to run. e.g. not timeout
239 # Comment out in other environments to get default (No)
243 #####################################################
245 # Settings for Southbound API: Datarouter
247 #####################################################
249 # URI to retrieve dynamic DR configuration
250 ProvisioningURI: /internal/prov
252 # indicator for handling feed delete:
253 # DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility)
254 # SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments.
255 Feed.deleteHandling: DeleteOnDR
257 ###########################################################
258 # The following properties default to match ONAP DR instance.
259 # However, there are some non-ONAP DR instances that require other values.
260 # Sets the X-DR-ON-BEHALF-OF HTTP Header value
262 # Value for the Content-Type Header in DR Feed API
264 # Value for the Content-Type Header in DR Subscription API
267 # END OF properties helpful for non-ONAP DR instance.
268 ############################################################
270 #####################################################
272 # Settings for Soutbound API: Postgresql
274 #####################################################
275 # flag indicates if we are using postgresql
279 # Need to connect to PG primary service, designated by service.name2
282 # postgres schema name
283 #DB.schema: {{ .Values.postgres.config.pgDatabase }}
286 #DB.user: {{ .Values.postgres.config.pgUserName }}
288 # postgres user password
292 #####################################################
294 # Settings for Soutbound API: Message Router
296 #####################################################
297 # indicator for multi-site (locations) deployment. Give clue to buscontroller whether
298 # there is a need for message replication between edge and central.
299 # ONAP Casablanca is a single site deployment
302 # FQDN of primary message router.
303 # In ONAP Casablanca, there is only 1 message router service, so use that.
304 # In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR
305 MR.CentralCname: notSet.onap.org
307 # Indicator for whether we want hostname verification on SSL connection to MR
308 MR.hostnameVerify: false
310 # MR Client Delete Level thoroughness:
312 # 1 = delete from persistent store
313 # 2 = delete from persistent store (DB) and authorization store (AAF)
314 MR.ClientDeleteLevel: 1
316 # namespace of MR Topic Factory
317 MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory
319 # AAF Role assigned to Topic Manager Identity
320 MR.TopicMgrRole: org.onap.dmaap-bc.TopicMgr
322 # MR topic ProjectID (used in certain topic name generation formats)
325 # Use Basic Authentication when provisioning topics
326 #MR.authentication: basicAuth
328 # MR topic name style (default is FQTN_LEGACY_FORMAT)
329 MR.topicStyle: FQTN_LEGACY_FORMAT
331 # end of MR Related Properties
332 ################################################################################
335 #####################################################
337 # Settings for Southbound API: CADI
339 #####################################################
340 # path to cadi.properties
341 #cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props
343 #####################################################
345 # Settings for Southbound API: AAF proxy
347 #####################################################
348 # URL of the AAF server
349 aaf.URL: https://localhost:8100/proxy
352 aaf.TopicMgrUser: idNotSet@namespaceNotSet
354 # Password for TopicMgr identity
355 aaf.TopicMgrPassword: pwdNotSet
357 # Buscontroller Admin Identity
358 aaf.AdminUser: idNotSet@namespaceNotSet
361 aaf.AdminPassword: pwdNotSet
363 # Identity that is owner of any created namespaces for topics
364 #aaf.NsOwnerIdentity: ownerNotSet@namespaceNotSet.org
367 # this overrides the Class used for Decryption.
368 # This allows for a plugin encryption/decryption method if needed.
369 # Call this Class for decryption at runtime.
370 #AafDecryption.Class: com.company.proprietaryDecryptor
372 # location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
373 # Not used in ONAP, but possibly used with Decryption override class.
374 CredentialCodecKeyfile: etc/LocalKey
377 # endof AAF Properties
378 ####################################################
381 #####################################################
383 # Settings for authorization of DBCAPI
385 #####################################################
386 # Namespace for URI values for the API used to create AAF permissions
387 # e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients
388 ApiNamespace: org.onap.dmaapBC.api
390 # If API authorization is required, then implement a class to enforce it.
391 # This overrides the Class used for API permission check.
392 ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll
394 #####################################################
396 # Settings for Southbound API: MirrorMaker provisioning
398 #####################################################
399 # AAF Role of client publishing MM prov cmds
400 MM.ProvRole: org.onap.dmaapBC.MMprov.prov
402 # AAF identity when publishing MM prov cmds
403 MM.ProvUserMechId: idNotSet@namespaceNotSet
405 # pwd for Identity used to publish MM prov cmds
406 MM.ProvUserPwd: pwdNotSet
408 # AAF Role of MirrorMaker agent subscribed to prov cmds.
409 MM.AgentRole: org.onap.dmaapBC.MMagent.agent
411 #####################################################
413 # Certificate Management
415 #####################################################
417 # Indicates how we are expecting certificates to be provided:
418 # cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file
419 # legacy (default) - artifacts will be installed manually or some other way and details will be in this file
420 CertificateManagement: legacy
422 # When CertificateManagement is cadi, then this is where all the cadi properties will be.
423 # Note that the cadi properties include where the cert is, and the encrypted passwords to read.
424 cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props
426 ###########################################################################################
427 # When CertificateManagement is legacy, we need to provide more details about cert handling:
428 #CertificateManagement: legacy
429 # the type of keystore for https (for legacy CertificateManagment only)
432 # path to the keystore file (for legacy CertificateManagment only)
433 KeyStoreFile: etc/keystore
435 # password for the https keystore (for legacy CertificateManagment only)
436 KeyStorePassword: changeit
437 # password for the private key in the https keystore (for legacy CertificateManagment only)
438 KeyPassword: changeit
440 # type of truststore for https (for legacy CertificateManagment only)
443 # path to the truststore for https (for legacy CertificateManagment only)
444 TrustStoreFile: ${DMAAPBC_TSTOREFILE}
446 # password for the https truststore (for legacy CertificateManagment only)
447 TrustStorePassword: changeit
449 # END OF legacy CertificateManagement properties
450 ###########################################################################################
453 #####################################################
455 # HTTP Server Configuration
457 #####################################################
459 # Allow http access to dbcapi
462 # listen to http port within this container (server)
465 # listen to https port within this container (server)
466 # set to 0 if no certificates are available.
472 #####################################################
474 # Deprecated properties
476 #####################################################
477 # csit: stubs out some southbound APIs for csit (deprecated)
479 # name of this DMaaP instance (deprecated)
481 # external port number for https taking port mapping into account (deprecated)
483 # path to the file used to trigger an orderly shutdown (deprecated)
484 #QuiesceFile: etc/SHUTDOWN
485 # FQDN of DR Prov Server (deprecated)
486 #DR.provhost: localhost
487 # root of topic namespace (decrecated)
488 #topicNsRoot: org.onap.dcae.dmaap