2 # Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
18 #####################################################
20 # Hooks for specific environment configurations
22 #####################################################
23 # Indicator for whether to use AAF for authentication
24 UseAAF: {{ .Values.global.aafEnabled }}
26 # Stub out southbound calls for Unit Test cases to run. e.g. not timeout
27 # Comment out in other environments to get default (No)
31 #####################################################
33 # Settings for Southbound API: Datarouter
35 #####################################################
37 # URI to retrieve dynamic DR configuration
38 ProvisioningURI: /internal/prov
40 # indicator for handling feed delete:
41 # DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility)
42 # SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments.
43 Feed.deleteHandling: SimulateDelete
45 ###########################################################
46 # The following properties default to match ONAP DR instance.
47 # However, there are some non-ONAP DR instances that require other values.
48 # Sets the X-DR-ON-BEHALF-OF HTTP Header value
50 # Value for the Content-Type Header in DR Feed API
52 # Value for the Content-Type Header in DR Subscription API
55 # END OF properties helpful for non-ONAP DR instance.
56 ############################################################
58 #####################################################
60 # Settings for Soutbound API: Postgresql
62 #####################################################
63 # flag indicates if we are using postgresql
64 UsePGSQL: {{ .Values.PG.enabled }}
67 # Need to connect to PG primary service, designated by service.name2
68 DB.host: {{ .Values.postgres.service.name2 }}
70 # postgres schema name
71 #DB.schema: {{ .Values.postgres.config.pgDatabase }}
76 # postgres user password
77 DB.cred: ${PG_PASSWORD}
80 #####################################################
82 # Settings for Soutbound API: Message Router
84 #####################################################
85 # indicator for multi-site (locations) deployment. Give clue to buscontroller whether
86 # there is a need for message replication between edge and central.
87 # ONAP Casablanca is a single site deployment
90 # FQDN of primary message router.
91 # In ONAP Casablanca, there is only 1 message router service, so use that.
92 # In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR
93 MR.CentralCname: {{ .Values.dmaapMessageRouterService }}
95 # Indicator for whether we want hostname verification on SSL connection to MR
96 MR.hostnameVerify: false
98 # MR Client Delete Level thoroughness:
100 # 1 = delete from persistent store
101 # 2 = delete from persistent store (DB) and authorization store (AAF)
102 MR.ClientDeleteLevel: 1
104 # namespace of MR Topic Factory
105 MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory
107 # AAF Role assigned to Topic Manager Identity
108 MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client
110 # MR topic ProjectID (used in certain topic name generation formats)
113 # Use Basic Authentication when provisioning topics
114 MR.authentication: basicAuth
116 # MR topic name style (default is FQTN_LEGACY_FORMAT)
117 #MR.topicStyle: FQTN_LEGACY_FORMAT
119 # end of MR Related Properties
120 ################################################################################
123 #####################################################
125 # Settings for Southbound API: CADI
127 #####################################################
128 # path to cadi.properties
129 cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props
131 #####################################################
133 # Settings for Southbound API: AAF proxy
135 #####################################################
136 # URL of the AAF server
137 aaf.URL: {{ .Values.aafURL }}
140 aaf.TopicMgrUser: {{ .Values.topicMgrUser }}
142 # Password for TopicMgr identity
143 aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }}
145 # Buscontroller Admin Identity
146 aaf.AdminUser: {{ .Values.adminUser }}
149 aaf.AdminPassword: {{ .Values.adminPwd }}
151 # Identity that is owner of any created namespaces for topics
152 aaf.NsOwnerIdentity: {{ .Values.adminUser }}
155 # this overrides the Class used for Decryption.
156 # This allows for a plugin encryption/decryption method if needed.
157 # Call this Class for decryption at runtime.
158 #AafDecryption.Class: com.company.proprietaryDecryptor
160 # location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
161 # Not used in ONAP, but possibly used with Decryption override class.
162 #CredentialCodeKeyfile: etc/LocalKey
165 # endof AAF Properties
166 ####################################################
169 #####################################################
171 # Settings for authorization of DBCAPI
173 #####################################################
174 # Namespace for URI values for the API used to create AAF permissions
175 # e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients
176 ApiNamespace: org.onap.dmaap-bc.api
178 # If API authorization is required, then implement a class to enforce it.
179 # This overrides the Class used for API permission check.
180 ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll
182 #####################################################
184 # Settings for Southbound API: MirrorMaker provisioning
186 #####################################################
187 # AAF Role of client publishing MM prov cmds
188 MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov
190 # AAF identity when publishing MM prov cmds
191 MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org
193 # pwd for Identity used to publish MM prov cmds
194 MM.ProvUserPwd: demo123456!
196 # AAF Role of MirrorMaker agent subscribed to prov cmds.
197 MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent
199 #####################################################
201 # Certificate Management
203 #####################################################
205 # Indicates how we are expecting certificates to be provided:
206 # cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file
207 # legacy (default) - artifacts will be installed manually or some other way and details will be in this file
208 CertificateManagement: cadi
210 # When CertificateManagement is cadi, then this is where all the cadi properties will be.
211 # Note that the cadi properties include where the cert is, and the encrypted passwords to read.
212 cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props
214 ###########################################################################################
215 # When CertificateManagement is legacy, we need to provide more details about cert handling:
216 #CertificateManagement: legacy
217 # the type of keystore for https (for legacy CertificateManagment only)
220 # path to the keystore file (for legacy CertificateManagment only)
221 #KeyStoreFile: etc/keystore
223 # password for the https keystore (for legacy CertificateManagment only)
224 #KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF
225 # password for the private key in the https keystore (for legacy CertificateManagment only)
226 #KeyPassword: changeit
228 # type of truststore for https (for legacy CertificateManagment only)
231 # path to the truststore for https (for legacy CertificateManagment only)
232 #TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks
234 # password for the https truststore (for legacy CertificateManagment only)
235 #TrustStorePassword: changeit
237 # END OF legacy CertificateManagement properties
238 ###########################################################################################
241 #####################################################
243 # HTTP Server Configuration
245 #####################################################
247 # Allow http access to dbcapi
250 # listen to http port within this container (server)
253 # listen to https port within this container (server)
254 # set to 0 if no certificates are available.
261 #####################################################
265 #####################################################
266 # csit: stubs out some southbound APIs for csit (deprecated)
268 # name of this DMaaP instance (deprecated)
270 # external port number for https taking port mapping into account (deprecated)
272 # path to the file used to trigger an orderly shutdown (deprecated)
273 #QuiesceFile: etc/SHUTDOWN
274 # FQDN of DR Prov Server (deprecated)
275 #DR.provhost: dcae-drps.domain.not.set
276 # root of topic namespace (decrecated)
277 #topicNsRoot: org.onap.dcae.dmaap