From fef4be61e49342b2fc28b885f543d22dc02a4378 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Mon, 9 Mar 2020 21:45:46 +0000 Subject: [PATCH] Fix trailing space! Issue-ID: DMAAP-1401 Signed-off-by: Ubuntu Change-Id: I5ab116ee18fe74ac98880d2deb9e064b45d25bde --- etc/dmaapbc.properties | 603 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 439 insertions(+), 164 deletions(-) diff --git a/etc/dmaapbc.properties b/etc/dmaapbc.properties index fa7f2cd..e98fa84 100644 --- a/etc/dmaapbc.properties +++ b/etc/dmaapbc.properties @@ -1,213 +1,488 @@ +#!# +#!# +#!# ============LICENSE_START========================================== +#!# org.onap.dmaap +#!# =================================================================== +#!# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +#!# =================================================================== +#!# Licensed under the Apache License, Version 2.0 (the "License"); +#!# you may not use this file except in compliance with the License. +#!# You may obtain a copy of the License at +#!# +#!# http://www.apache.org/licenses/LICENSE-2.0 +#!# +#!# Unless required by applicable law or agreed to in writing, software +#!# distributed under the License is distributed on an "AS IS" BASIS, +#!# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +#!# See the License for the specific language governing permissions and +#!# limitations under the License. +#!# ============LICENSE_END============================================ +#!# ECOMP is a trademark and service mark of AT&T Intellectual Property. +#!# +#!# +#!# Configuration parameters fixed at startup for the DMaaP Bus Controller +#!# +#!# +#!# URI to retrieve dynamic DR configuration +#!# +#!UnitTest: Yes +#!ProvisioningURI: /internal/prov +#!# +#!# Allow http access to API +#!# +#!HttpAllowed: true +#!# +#!# The port number for http as seen within the server +#!# +#!IntHttpPort: 8080 +#!# +#!# The port number for https as seen within the server +#!# Set to 0 if no certificate is available yet... +#!# +#!IntHttpsPort: 0 +#!# +#!# The external port number for https taking port mapping into account +#!# +#!ExtHttpsPort: 0 +#!# +#!# The type of keystore for https +#!# +#!KeyStoreType: jks +#!# +#!# The path to the keystore for https +#!# +#!KeyStoreFile: etc/keystore +#!# +#!# The password for the https keystore +#!# +#!KeyStorePassword: changeit +#!# +#!# The password for the private key in the https keystore +#!# +#!KeyPassword: changeit +#!# +#!# The type of truststore for https +#!# +#!TrustStoreType: jks +#!# +#!# The path to the truststore for https +#!# +#!TrustStoreFile: ${DMAAPBC_TSTOREFILE} +#!# +#!# The password for the https truststore +#!# +#!TrustStorePassword: changeit +#!# +#!# The path to the file used to trigger an orderly shutdown +#!# +#!QuiesceFile: etc/SHUTDOWN +#!# +#!# Enable postgress +#!# +#!UsePGSQL: false +#!# +#!# The host for postgres access +#!# +#!DB.host: none +#!# +#!# For postgres access +#!# +#!DB.cred: none +#!# +#!# Name of this environment +#!# +#!DmaapName: onap-cit +#!# +#!# Name of DR prov server +#!# +#!DR.provhost: localhost +#!# +#!# handling of feed delete +#!# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) +#!# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments +#!Feed.deleteHandling: DeleteOnDR +#! +#!################################################################################ +#!# MR Related Properties: +#!# +#!# Value of the CNAME DNS entry which resolves to the primary central MR cluster (when there are more than one central clusters). +#!# if there is only one MR cluster in an environment, set this to the DNS name for that cluster +#!# +#!MR.CentralCname: notSet.onap.org +#!# +#!# MR Client Delete Level thoroughness: +#!# 0 = don't delete +#!# 1 = delete from persistent store +#!# 2 = delete from persistent store (DB) and authorization store (AAF) +#!MR.ClientDeleteLevel: 1 +#!# +#!# MR Topic Factory Namespace +#!# +#!MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory +#!# +#!# MR TopicMgr Role +#!MR.TopicMgrRole: org.onap.dmaap-bc.TopicMgr +#! +#!# MR topic name style +#!MR.topicStyle: FQTN_LEGACY_FORMAT +#! +#!# MR topic ProjectID +#!MR.projectID: 23456 +#! +#!MR.multisite: true +#!# +#!# end of MR Related Properties +#!################################################################################ +#! +#!# +#!# The Role and credentials of the MirrorMaker Provisioner. This is used by DMaaP Bus Controller to pub to the provisioning topic +#!# Not part of 1701 +#!# +#!MM.ProvRole: org.onap.dmaapBC.MMprov.prov +#!MM.ProvUserMechId: idNotSet@namespaceNotSet +#!MM.ProvUserPwd: pwdNotSet +#!# +#!# The Role of the MirrorMaker Agent. This is used by MM to sub to provisioning topic +#!# +#!MM.AgentRole: org.onap.dmaapBC.MMagent.agent +#!################# +#!# AAF Properties: +#!# +#!# regarding password encryption: +#!# In the dependencies that Maven retrieves (e.g., under dcae_dmaapbc/target/deps/ is a jar file cadi-core-version.jar. Generate the key file with: +#!# +#!# java \u2013jar wherever/cadi-core-*.jar keygen keyfilename +#!# chmod 400 keyfilename +#!# +#!# To encrypt a key: +#!# +#!# java \u2013jar wherever/cadi-core-*.jar digest password-to-encrypt keyfilename +#!# +#!# This will generate a string. Put \u201Cenc:\u201D on the front of the string, and put the result in this properties file. +#!# +#!# Location of the Codec Keyfile which is used to decrypt passwords in this properties file before they are passed to AAF +#!# +#!# REF: https://wiki.domain.notset.com/display/cadi/CADI+Deployment +#!# +#!CredentialCodecKeyfile: etc/LocalKey +#!# +#!# This overrides the Class used for Decryption. +#!# This allows for a plugin encryption/decryption method if needed. +#!# Call this Class for decryption at runtime. +#!#AafDecryption.Class: com.company.proprietaryDecryptor +#! +#!# +#!# This overrides the Class used for API Permission check. +#!# This allows for a plugin policy check, if needed +#!ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll +#! +#!# +#!# URL of AAF environment to use. +#!# +#!aaf.URL: https://localhost:8100/proxy +#!# +#!# TopicMgr mechid@namespace +#!# +#!aaf.TopicMgrUser: idNotSet@namespaceNotSet +#!# +#!# TopicMgr password +#!# +#!aaf.TopicMgrPassword: pwdNotSet +#!# +#!# Bus Controller Namespace Admin mechid@namespace +#!# +#!aaf.AdminUser: idNotSet@namespaceNotSet +#!# +#!# Bus Controller Namespace Admin password +#!# +#!aaf.AdminPassword: pwdNotSet +#!# +#!# endof AAF Properties +#!################# +#!################# +#!# PolicyEngine Properties +#!# +#!# Name of PolicyEngineApi properties file +#!PolicyEngineProperties: config/PolicyEngineApi.properties +#!# +#!# Namespace for URI values for API used to create AAF permissions +#!# e.g. if ApiNamespace is X.Y..dmaapBC.api then for URI /topics we create an AAF perm X.Y..dmaapBC.api.topics +#!ApiNamespace: org.onap.dmaapBC.api +#!# +#!# endof PolicyEngineProperties +#!################# +######NEW FILE ##### +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # -# -# ============LICENSE_START========================================== -# org.onap.dmaap -# =================================================================== -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# =================================================================== # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# ============LICENSE_END============================================ -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# -# -# Configuration parameters fixed at startup for the DMaaP Bus Controller -# + + +##################################################### # -# URI to retrieve dynamic DR configuration +# Hooks for specific environment configurations # +##################################################### +# Indicator for whether to use AAF for authentication +#UseAAF: false + +# Stub out southbound calls for Unit Test cases to run. e.g. not timeout +# Comment out in other environments to get default (No) UnitTest: Yes -ProvisioningURI: /internal/prov -# -# Allow http access to API -# -HttpAllowed: true -# -# The port number for http as seen within the server -# -IntHttpPort: 8080 -# -# The port number for https as seen within the server -# Set to 0 if no certificate is available yet... -# -IntHttpsPort: 0 -# -# The external port number for https taking port mapping into account -# -ExtHttpsPort: 0 -# -# The type of keystore for https -# -KeyStoreType: jks -# -# The path to the keystore for https -# -KeyStoreFile: etc/keystore -# -# The password for the https keystore -# -KeyStorePassword: changeit -# -# The password for the private key in the https keystore -# -KeyPassword: changeit -# -# The type of truststore for https -# -TrustStoreType: jks -# -# The path to the truststore for https -# -TrustStoreFile: ${DMAAPBC_TSTOREFILE} -# -# The password for the https truststore -# -TrustStorePassword: changeit -# -# The path to the file used to trigger an orderly shutdown -# -QuiesceFile: etc/SHUTDOWN -# -# Enable postgress -# -UsePGSQL: false -# -# The host for postgres access -# -DB.host: none -# -# For postgres access -# -DB.cred: none -# -# Name of this environment -# -DmaapName: onap-cit -# -# Name of DR prov server + + +##################################################### # -DR.provhost: localhost +# Settings for Southbound API: Datarouter # -# handling of feed delete -# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) -# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments +##################################################### + +# URI to retrieve dynamic DR configuration +ProvisioningURI: /internal/prov + +# indicator for handling feed delete: +# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) +# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments. Feed.deleteHandling: DeleteOnDR -################################################################################ -# MR Related Properties: -# -# Value of the CNAME DNS entry which resolves to the primary central MR cluster (when there are more than one central clusters). -# if there is only one MR cluster in an environment, set this to the DNS name for that cluster +########################################################### +# The following properties default to match ONAP DR instance. +# However, there are some non-ONAP DR instances that require other values. +# Sets the X-DR-ON-BEHALF-OF HTTP Header value +#DR.onBehalfHeader: +# Value for the Content-Type Header in DR Feed API +#DR.feedContentType: +# Value for the Content-Type Header in DR Subscription API +#DR.subContentType: +# +# END OF properties helpful for non-ONAP DR instance. +############################################################ + +##################################################### # -MR.CentralCname: notSet.onap.org +# Settings for Soutbound API: Postgresql # -# MR Client Delete Level thoroughness: -# 0 = don't delete -# 1 = delete from persistent store -# 2 = delete from persistent store (DB) and authorization store (AAF) -MR.ClientDeleteLevel: 1 +##################################################### +# flag indicates if we are using postgresql +UsePGSQL: false + +# postgres host name +# Need to connect to PG primary service, designated by service.name2 +DB.host: none + +# postgres schema name +#DB.schema: {{ .Values.postgres.config.pgDatabase }} + +# postgres user name +#DB.user: {{ .Values.postgres.config.pgUserName }} + +# postgres user password +DB.cred: none + + +##################################################### # -# MR Topic Factory Namespace +# Settings for Soutbound API: Message Router # +##################################################### +# indicator for multi-site (locations) deployment. Give clue to buscontroller whether +# there is a need for message replication between edge and central. +# ONAP Casablanca is a single site deployment +MR.multisite: true + +# FQDN of primary message router. +# In ONAP Casablanca, there is only 1 message router service, so use that. +# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR +MR.CentralCname: notSet.onap.org + +# Indicator for whether we want hostname verification on SSL connection to MR +MR.hostnameVerify: false + +# MR Client Delete Level thoroughness: +# 0 = don't delete +# 1 = delete from persistent store +# 2 = delete from persistent store (DB) and authorization store (AAF) +MR.ClientDeleteLevel: 1 + +# namespace of MR Topic Factory MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory -# -# MR TopicMgr Role -MR.TopicMgrRole: org.onap.dmaap-bc.TopicMgr -# MR topic name style -MR.topicStyle: FQTN_LEGACY_FORMAT +# AAF Role assigned to Topic Manager Identity +MR.TopicMgrRole: org.onap.dmaap-bc.TopicMgr -# MR topic ProjectID +# MR topic ProjectID (used in certain topic name generation formats) MR.projectID: 23456 -MR.multisite: true +# Use Basic Authentication when provisioning topics +#MR.authentication: basicAuth + +# MR topic name style (default is FQTN_LEGACY_FORMAT) +MR.topicStyle: FQTN_LEGACY_FORMAT # # end of MR Related Properties ################################################################################ + +##################################################### # -# The Role and credentials of the MirrorMaker Provisioner. This is used by DMaaP Bus Controller to pub to the provisioning topic -# Not part of 1701 -# -MM.ProvRole: org.onap.dmaapBC.MMprov.prov -MM.ProvUserMechId: idNotSet@namespaceNotSet -MM.ProvUserPwd: pwdNotSet -# -# The Role of the MirrorMaker Agent. This is used by MM to sub to provisioning topic -# -MM.AgentRole: org.onap.dmaapBC.MMagent.agent -################# -# AAF Properties: -# -# regarding password encryption: -# In the dependencies that Maven retrieves (e.g., under dcae_dmaapbc/target/deps/ is a jar file cadi-core-version.jar. Generate the key file with: -# -# java \u2013jar wherever/cadi-core-*.jar keygen keyfilename -# chmod 400 keyfilename -# -# To encrypt a key: -# -# java \u2013jar wherever/cadi-core-*.jar digest password-to-encrypt keyfilename -# -# This will generate a string. Put \u201Cenc:\u201D on the front of the string, and put the result in this properties file. -# -# Location of the Codec Keyfile which is used to decrypt passwords in this properties file before they are passed to AAF +# Settings for Southbound API: CADI # -# REF: https://wiki.domain.notset.com/display/cadi/CADI+Deployment +##################################################### +# path to cadi.properties +#cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props + +##################################################### # -CredentialCodecKeyfile: etc/LocalKey +# Settings for Southbound API: AAF proxy # -# This overrides the Class used for Decryption. +##################################################### +# URL of the AAF server +aaf.URL: https://localhost:8100/proxy + +# TopicMgr Identity +aaf.TopicMgrUser: idNotSet@namespaceNotSet + +# Password for TopicMgr identity +aaf.TopicMgrPassword: pwdNotSet + +# Buscontroller Admin Identity +aaf.AdminUser: idNotSet@namespaceNotSet + +# Admin Password +aaf.AdminPassword: pwdNotSet + +# Identity that is owner of any created namespaces for topics +#aaf.NsOwnerIdentity: ownerNotSet@namespaceNotSet.org + + +# this overrides the Class used for Decryption. # This allows for a plugin encryption/decryption method if needed. # Call this Class for decryption at runtime. -#AafDecryption.Class: com.company.proprietaryDecryptor +#AafDecryption.Class: com.company.proprietaryDecryptor -# -# This overrides the Class used for API Permission check. -# This allows for a plugin policy check, if needed -ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll +# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF +# Not used in ONAP, but possibly used with Decryption override class. +CredentialCodecKeyfile: etc/LocalKey # -# URL of AAF environment to use. -# -aaf.URL: https://localhost:8100/proxy -# -# TopicMgr mechid@namespace -# -aaf.TopicMgrUser: idNotSet@namespaceNotSet +# endof AAF Properties +#################################################### + + +##################################################### # -# TopicMgr password -# -aaf.TopicMgrPassword: pwdNotSet +# Settings for authorization of DBCAPI # -# Bus Controller Namespace Admin mechid@namespace +##################################################### +# Namespace for URI values for the API used to create AAF permissions +# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients +ApiNamespace: org.onap.dmaapBC.api + +# If API authorization is required, then implement a class to enforce it. +# This overrides the Class used for API permission check. +ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll + +##################################################### # -aaf.AdminUser: idNotSet@namespaceNotSet +# Settings for Southbound API: MirrorMaker provisioning # -# Bus Controller Namespace Admin password +##################################################### +# AAF Role of client publishing MM prov cmds +MM.ProvRole: org.onap.dmaapBC.MMprov.prov + +# AAF identity when publishing MM prov cmds +MM.ProvUserMechId: idNotSet@namespaceNotSet + +# pwd for Identity used to publish MM prov cmds +MM.ProvUserPwd: pwdNotSet + +# AAF Role of MirrorMaker agent subscribed to prov cmds. +MM.AgentRole: org.onap.dmaapBC.MMagent.agent + +##################################################### # -aaf.AdminPassword: pwdNotSet +# Certificate Management # -# endof AAF Properties -################# -################# -# PolicyEngine Properties +##################################################### + +# Indicates how we are expecting certificates to be provided: +# cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file +# legacy (default) - artifacts will be installed manually or some other way and details will be in this file +CertificateManagement: legacy + +# When CertificateManagement is cadi, then this is where all the cadi properties will be. +# Note that the cadi properties include where the cert is, and the encrypted passwords to read. +cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props + +########################################################################################### +# When CertificateManagement is legacy, we need to provide more details about cert handling: +#CertificateManagement: legacy +# the type of keystore for https (for legacy CertificateManagment only) +KeyStoreType: jks + +# path to the keystore file (for legacy CertificateManagment only) +KeyStoreFile: etc/keystore + +# password for the https keystore (for legacy CertificateManagment only) +KeyStorePassword: changeit +# password for the private key in the https keystore (for legacy CertificateManagment only) +KeyPassword: changeit + +# type of truststore for https (for legacy CertificateManagment only) +TrustStoreType: jks + +# path to the truststore for https (for legacy CertificateManagment only) +TrustStoreFile: ${DMAAPBC_TSTOREFILE} + +# password for the https truststore (for legacy CertificateManagment only) +TrustStorePassword: changeit # -# Name of PolicyEngineApi properties file -PolicyEngineProperties: config/PolicyEngineApi.properties +# END OF legacy CertificateManagement properties +########################################################################################### + + +##################################################### # -# Namespace for URI values for API used to create AAF permissions -# e.g. if ApiNamespace is X.Y..dmaapBC.api then for URI /topics we create an AAF perm X.Y..dmaapBC.api.topics -ApiNamespace: org.onap.dmaapBC.api +# HTTP Server Configuration # -# endof PolicyEngineProperties -################# +##################################################### + +# Allow http access to dbcapi +HttpAllowed: true + +# listen to http port within this container (server) +IntHttpPort: 8080 + +# listen to https port within this container (server) +# set to 0 if no certificates are available. +IntHttpsPort: 0 + + +inHttpsPort: 0 + +##################################################### +# +# Deprecated properties +# +##################################################### +# csit: stubs out some southbound APIs for csit (deprecated) +#csit: No +# name of this DMaaP instance (deprecated) +#DmaapName: onap-cit +# external port number for https taking port mapping into account (deprecated) +#ExtHttpsPort: 443 +# path to the file used to trigger an orderly shutdown (deprecated) +#QuiesceFile: etc/SHUTDOWN +# FQDN of DR Prov Server (deprecated) +#DR.provhost: localhost +# root of topic namespace (decrecated) +#topicNsRoot: org.onap.dcae.dmaap -- 2.16.6