Remove code on master branchHEAD master

As code has been moved to main repo, we remove the code here and add a README explaining Issue-ID: OOM-2513 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id2b728722a91b71240394110bf5815d9394f6d07
author: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2020-12-07 09:50:07 +0100
committer: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2020-12-07 09:50:07 +0100
commit: 9204fcd2732eeda9ea4d25f65996bacf85e059d2 (patch)
tree: 07591d00fbbcd486c65796cc2d4f3806712b3cd5 /resources/config
parent: 18d4bd165e12cb4d03baa318e506f0dda381cd89 (diff)
13 files changed, 0 insertions, 434 deletions
diff --git a/resources/config/aai/aai_keystore b/resources/config/aai/aai_keystore
deleted file mode 100644
index d1ebae8..0000000
--- a/resources/config/aai/aai_keystore
+++ /dev/null
diff --git a/resources/config/auth/truststoreONAPall.jks b/resources/config/auth/truststoreONAPall.jks
deleted file mode 100644
index ff844b1..0000000
--- a/resources/config/auth/truststoreONAPall.jks
+++ /dev/null
diff --git a/resources/config/fproxy/auth/client-cert.p12 b/resources/config/fproxy/auth/client-cert.p12
deleted file mode 100644
index 7a4979a..0000000
--- a/resources/config/fproxy/auth/client-cert.p12
+++ /dev/null
diff --git a/resources/config/fproxy/auth/fproxy_truststore b/resources/config/fproxy/auth/fproxy_truststore
deleted file mode 100644
index f5e4170..0000000
--- a/resources/config/fproxy/auth/fproxy_truststore
+++ /dev/null
diff --git a/resources/config/fproxy/auth/tomcat_keystore b/resources/config/fproxy/auth/tomcat_keystore
deleted file mode 100644
index d68bf73..0000000
--- a/resources/config/fproxy/auth/tomcat_keystore
+++ /dev/null
diff --git a/resources/config/haproxy/aai.pem b/resources/config/haproxy/aai.pem
deleted file mode 100644
index 6390db1..0000000
--- a/resources/config/haproxy/aai.pem
+++ /dev/null
@@ -1,88 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFKzCCBBOgAwIBAgIILW/fiLbps3kwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
-BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
-bnRlcm1lZGlhdGVDQV85MB4XDTIwMDMxNzIwMjg1NloXDTIxMDMxNzIwMjg1Nlow
-WTEMMAoGA1UEAwwDYWFpMR0wGwYDVQQLDBRhYWlAYWFpLm9uYXAub3JnOkRFVjEO
-MAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov4ddmOzRCWAU/sx2Q9kcYZZ0r/x
-agqwDBcmlS2OP0MAou/f/xY2gzE2ugXXGGEXG6PCUx4YEHGeRxyezEQ/+c+kSjFe
-0FTUa8Z1Ojad3VDsJfjfZ1994NpV99KTrrw1Twq9Ei7dpkypUA8kZxEjg7eM11TU
-F4jS6x5NEyVsxih5uJjIF7ErGwimSEKsympcsXezYgG9Z/VPBpZWmYlYl5MWjzT6
-F0FgGfSbajWauMifEPajmvn8ZXn6Lyx0RCI25+BCcOhS6UvYXFX+jE/uOoEbKgwz
-11tIdryEFrXiLVfD01uhacx02YCrzj1u53RWiD6bCPyatKo1hQsf+aDkEQIDAQAB
-o4ICBzCCAgMwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBeAwIAYDVR0lAQH/BBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRNMEuAFIH3mVsQuciM3vNSXupO
-aaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwET05BUDELMAkG
-A1UEBhMCVVOCAQcwHQYDVR0OBBYEFP94WTftXhHcz93nBT6jIdMe6h+6MIIBTQYD
-VR0RBIIBRDCCAUCBH21hcmsuZC5tYW5hZ2VyQHBlb3BsZS5vc2FhZi5jb22CA2Fh
-aYIUYWFpLXNlYXJjaC1kYXRhLm9uYXCCEmFhaS1zcGFya3ktYmUub25hcIIbYWFp
-LmFwaS5zaW1wbGVkZW1vLm9uYXAub3JngiVhYWkuZWxhc3RpY3NlYXJjaC5zaW1w
-bGVkZW1vLm9uYXAub3JngiVhYWkuZ3JlbWxpbnNlcnZlci5zaW1wbGVkZW1vLm9u
-YXAub3Jngh1hYWkuaGJhc2Uuc2ltcGxlZGVtby5vbmFwLm9yZ4IIYWFpLm9uYXCC
-JWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2FhaS5zaW1w
-bGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9yZzANBgkq
-hkiG9w0BAQsFAAOCAQEAVigPPsYd8yscW+U6zpffBc5S6Mg2DQD/gikB0uF//lIq
-oa5qTI3yB0wPoRKmxpeEZiJYDkBs3App2sPM2fPb9GGmGncCLkprqTflM2Y4yxX4
-k/a7w8vEwMoCrBgxEdmniAj9TirsISyLqBIXoGT7WtaXBLZarYhJ4P7TplhyWuwe
-sV6jxkZLIRLj31ihf32adFIhPZQKxaHbbFnyEylLTdPuZGy3nvdmjajZuomOFF8h
-HhDIouSJAtgkuWVsMiX6iR1qG9//6ymnZMvUyDGr8bkZURhMqesAejwP4aKxqDZg
-B0uVjapQTJH4ES0M+2PoY9gP8uh0dc3TusOs1QYJiA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
-MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
-neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
-o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
-nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
-v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
-15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
-gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
-M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
-AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
-ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
-u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
-+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
-QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
-8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
-kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
-aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
-uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
-tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
-BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
------END CERTIFICATE-----
-Bag Attributes
-    friendlyName: aai@aai.onap.org
-    localKeyID: 54 69 6D 65 20 31 35 38 34 34 37 36 39 33 36 35 31 35 
-Key Attributes: <No Attributes>
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCi/h12Y7NEJYBT
-+zHZD2RxhlnSv/FqCrAMFyaVLY4/QwCi79//FjaDMTa6BdcYYRcbo8JTHhgQcZ5H
-HJ7MRD/5z6RKMV7QVNRrxnU6Np3dUOwl+N9nX33g2lX30pOuvDVPCr0SLt2mTKlQ
-DyRnESODt4zXVNQXiNLrHk0TJWzGKHm4mMgXsSsbCKZIQqzKalyxd7NiAb1n9U8G
-llaZiViXkxaPNPoXQWAZ9JtqNZq4yJ8Q9qOa+fxlefovLHREIjbn4EJw6FLpS9hc
-Vf6MT+46gRsqDDPXW0h2vIQWteItV8PTW6FpzHTZgKvOPW7ndFaIPpsI/Jq0qjWF
-Cx/5oOQRAgMBAAECggEAVYWGSf9IKYKP0gDkh+LmrhZzfPxPnHddJgrjqLSNha4P
-YG8CliK+mZmyAGteECGpcUw8g0YwFDi5dtCSldVdyCLmLjO3bxKDnsUz70aHEIAM
-WGQ8PE5Diz6kivMHoFCKnB2jVS4YCNECqco4LIg2nT8q/DU7T9nv6YQtptUlPNdY
-OmJRXfUfcBSUINqVi/VbEjHtbZqc6dgvaRNEF0CYtqHm7P51BXGa3pH+6drL+U+a
-o3T4yHrEsDKUaQzJZoiJneexwN91x42gcyHzg30UZVgCP+9Zt2GQWXqpENNZjGlI
-bwzouvBj266ViBNbuu3tar58MASOCnCKGA0Jrs3P3QKBgQD0ENenvzaqNzV0A47x
-+RI76DM2eorY2dxh+4txAt1pXlkbMZuWXjs1ysBPYaGHZRitiCFcaSwdP2T0oCET
-ojYEU97bJkKlcuw2scAqznSi7U0uSaStwaWzEviGTsQ51MKghRESMfpt3BxZqyi0
-BV+fPeRk3l3xaw1AuZQ/JTn0qwKBgQCq9msPcbRzKvsmfsAVvjKAodzl6EaM+PcF
-YLnJLurjCtdyjj1lRaCBg9bRbaRbt9YPg4VA5oMYm2SuwbJQQHjqaeN+SpnV8GGc
-nPsZgoSlfZrnLovyGgC3muiA3uSPREZWUlp+IE8qlQ8VztSWkNyxNej4nhxk2UTH
-DOE2ZmNyMwKBgFD+yeKkZUrFuZp/l8+bfb6dx2kb77oZSrbFmLfvYHUYV2/b3atg
-KDwoxftSBh39odvs4k1dpcMrB6DbBz8RxOVYxAtsPg/T/KoGASTzkOeE4ukqjVkQ
-e6Ha+NjxiNM8VT6aCllEdrxAoLPtRju/0MTy8Dm9ReXZRfOl4pm2C+6zAoGAY2D6
-uu+NxaSmeaoUXo9BLCTrE3oCCNBwR2ACnz/2qiQTOTQV3FitBJxusy7Y67fhZwM8
-4o0ch6FM1Yki7iOMJjeHVlJnOkWReEiIbjvAf7KT6O7VytXytMgHf2IR2nYFrQgS
-Ml71pfsf2b1xNlTe9OQxmNPQDY9+u3ZxM/4wsKECgYBPvlYMaZNIOLFf7VXzUYGG
-rkXMpbLgLvIHvhF+4nsvspPVSqPeWjh2KMee3tMamy93H4R66G/KfoQw02JuZH+N
-HbGnnpyLa2jGjY0NkXEo08o2wsqv2QFtT/SFRoDLkah8rwZUwpxIg0akgrwwTslO
-rzAazDQvlb0itUxgU4qgqw==
------END PRIVATE KEY-----
diff --git a/resources/config/haproxy/haproxy-pluggable-security.cfg b/resources/config/haproxy/haproxy-pluggable-security.cfg
deleted file mode 100644
index 1c82050..0000000
--- a/resources/config/haproxy/haproxy-pluggable-security.cfg
+++ /dev/null
@@ -1,138 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global
-        log /dev/log    local0
-        stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin
-        stats timeout 30s
-        user root
-        group root
-        daemon
-        #################################
-        # Default SSL material locations#
-        #################################
-        ca-base /etc/ssl/certs
-        crt-base /etc/ssl/private
-
-        # Default ciphers to use on SSL-enabled listening sockets.
-        # For more information, see ciphers(1SSL). This list is from:
-        # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
-        # An alternative list with additional directives can be obtained from
-        # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
-        tune.ssl.default-dh-param 2048
-
-defaults
-        log     global
-        mode    http
-        option  httplog
-        option  ssl-hello-chk
-        option  httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==
-        default-server init-addr none
-#       option  dontlognull
-#       errorfile 400 /etc/haproxy/errors/400.http
-#       errorfile 403 /etc/haproxy/errors/403.http
-#       errorfile 408 /etc/haproxy/errors/408.http
-#       errorfile 500 /etc/haproxy/errors/500.http
-#       errorfile 502 /etc/haproxy/errors/502.http
-#       errorfile 503 /etc/haproxy/errors/503.http
-#       errorfile 504 /etc/haproxy/errors/504.http
-
-        option  http-server-close
-        option forwardfor except 127.0.0.1
-        retries 6
-        option redispatch
-        maxconn 50000
-        timeout connect 50000
-        timeout client  480000
-        timeout server  480000
-        timeout http-keep-alive 30000
-
-
-frontend IST_8443
-        mode http
-        bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
-#       log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
-        log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
-        option httplog
-        log global
-        option logasap
-        option forwardfor
-        capture request header  Host len 100
-        capture response header Host len 100
-        option log-separate-errors
-        option forwardfor
-        http-request set-header X-Forwarded-Proto https if { ssl_fc }
-        http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used }
-        http-request set-header X-AAI-SSL                       %[ssl_fc]
-        http-request set-header X-AAI-SSL-Client-Verify         %[ssl_c_verify]
-        http-request set-header X-AAI-SSL-Client-DN             %{+Q}[ssl_c_s_dn]
-        http-request set-header X-AAI-SSL-Client-CN             %{+Q}[ssl_c_s_dn(cn)]
-        http-request set-header X-AAI-SSL-Issuer                %{+Q}[ssl_c_i_dn]
-        http-request set-header X-AAI-SSL-Client-NotBefore      %{+Q}[ssl_c_notbefore]
-        http-request set-header X-AAI-SSL-Client-NotAfter       %{+Q}[ssl_c_notafter]
-        http-request set-header X-AAI-SSL-ClientCert-Base64   %{+Q}[ssl_c_der,base64]
-        http-request set-header X-AAI-SSL-Client-OU             %{+Q}[ssl_c_s_dn(OU)]
-        http-request set-header X-AAI-SSL-Client-L              %{+Q}[ssl_c_s_dn(L)]
-        http-request set-header X-AAI-SSL-Client-ST             %{+Q}[ssl_c_s_dn(ST)]
-        http-request set-header X-AAI-SSL-Client-C              %{+Q}[ssl_c_s_dn(C)]
-        http-request set-header X-AAI-SSL-Client-O              %{+Q}[ssl_c_s_dn(O)]
-        reqadd X-Forwarded-Proto:\ https
-        reqadd X-Forwarded-Port:\ 8443
-
-#######################
-#ACLS FOR PORT 8446####
-#######################
-
-        acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$
-        acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$
-        acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$
-        acl is_named-query path_beg -i /aai/search/named-query
-        acl is_search-model path_beg -i /aai/search/model
-        use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model
-
-        default_backend IST_Default_8447
-
-
-#######################
-#DEFAULT BACKEND 847###
-#######################
-
-backend IST_Default_8447
-        balance roundrobin
-        http-request set-header X-Forwarded-Port %[src_port]
-        http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
-
-
-#######################
-# BACKEND 8446#########
-#######################
-
-backend IST_AAI_8446
-        balance roundrobin
-        http-request set-header X-Forwarded-Port %[src_port]
-        http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
-
-listen IST_AAI_STATS
-        mode http
-        bind *:8080
-        stats uri /stats
-        stats enable
-        stats refresh 30s
-        stats hide-version
-        stats auth admin:admin
-        stats show-legends
-        stats show-desc IST AAI APPLICATION NODES
-        stats admin if TRUE
diff --git a/resources/config/haproxy/haproxy.cfg b/resources/config/haproxy/haproxy.cfg
deleted file mode 100644
index 4606a42..0000000
--- a/resources/config/haproxy/haproxy.cfg
+++ /dev/null
@@ -1,126 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global
-        log /dev/log    local0
-        stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin
-        stats timeout 30s
-        daemon
-        #################################
-        # Default SSL material locations#
-        #################################
-        ca-base /etc/ssl/certs
-        crt-base /etc/ssl/private
-
-        # Default ciphers to use on SSL-enabled listening sockets.
-        # For more information, see ciphers(1SSL). This list is from:
-        # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
-        # An alternative list with additional directives can be obtained from
-        # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
-        tune.ssl.default-dh-param 2048
-
-defaults
-        log     global
-        mode    http
-        option  httplog
-        option  ssl-hello-chk
-        option  httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
-        default-server init-addr none
-#       option  dontlognull
-#       errorfile 400 /etc/haproxy/errors/400.http
-#       errorfile 403 /etc/haproxy/errors/403.http
-#       errorfile 408 /etc/haproxy/errors/408.http
-#       errorfile 500 /etc/haproxy/errors/500.http
-#       errorfile 502 /etc/haproxy/errors/502.http
-#       errorfile 503 /etc/haproxy/errors/503.http
-#       errorfile 504 /etc/haproxy/errors/504.http
-
-        option  http-server-close
-        option forwardfor except 127.0.0.1
-        retries 6
-        option redispatch
-        maxconn 50000
-        timeout connect 50000
-        timeout client  480000
-        timeout server  480000
-        timeout http-keep-alive 30000
-
-
-frontend IST_8443
-        mode http
-        bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
-#       log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
-        log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
-        option httplog
-        log global
-        option logasap
-        option forwardfor
-        capture request header  Host len 100
-        capture response header Host len 100
-        option log-separate-errors
-        option forwardfor
-        http-request set-header X-Forwarded-Proto https if { ssl_fc }
-        http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used }
-        http-request set-header X-AAI-SSL                       %[ssl_fc]
-        http-request set-header X-AAI-SSL-Client-Verify         %[ssl_c_verify]
-        http-request set-header X-AAI-SSL-Client-DN             %{+Q}[ssl_c_s_dn]
-        http-request set-header X-AAI-SSL-Client-CN             %{+Q}[ssl_c_s_dn(cn)]
-        http-request set-header X-AAI-SSL-Issuer                %{+Q}[ssl_c_i_dn]
-        http-request set-header X-AAI-SSL-Client-NotBefore      %{+Q}[ssl_c_notbefore]
-        http-request set-header X-AAI-SSL-Client-NotAfter       %{+Q}[ssl_c_notafter]
-        http-request set-header X-AAI-SSL-ClientCert-Base64   %{+Q}[ssl_c_der,base64]
-        http-request set-header X-AAI-SSL-Client-OU             %{+Q}[ssl_c_s_dn(OU)]
-        http-request set-header X-AAI-SSL-Client-L              %{+Q}[ssl_c_s_dn(L)]
-        http-request set-header X-AAI-SSL-Client-ST             %{+Q}[ssl_c_s_dn(ST)]
-        http-request set-header X-AAI-SSL-Client-C              %{+Q}[ssl_c_s_dn(C)]
-        http-request set-header X-AAI-SSL-Client-O              %{+Q}[ssl_c_s_dn(O)]
-        reqadd X-Forwarded-Proto:\ https
-        reqadd X-Forwarded-Port:\ 8443
-
-#######################
-#ACLS FOR PORT 8446####
-#######################
-
-        acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$
-        acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$
-        acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$
-        acl is_dsl path_reg -i ^/aai/v[0-9]+/dsl$
-        acl is_named-query path_beg -i /aai/search/named-query
-        acl is_search-model path_beg -i /aai/search/model
-        use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model or is_dsl
-
-        default_backend IST_Default_8447
-
-
-#######################
-#DEFAULT BACKEND 847###
-#######################
-
-backend IST_Default_8447
-        balance roundrobin
-        http-request set-header X-Forwarded-Port %[src_port]
-        http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
-
-
-#######################
-# BACKEND 8446#########
-#######################
-
-backend IST_AAI_8446
-        balance roundrobin
-        http-request set-header X-Forwarded-Port %[src_port]
-        http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
-
diff --git a/resources/config/log/filebeat/filebeat.yml b/resources/config/log/filebeat/filebeat.yml
deleted file mode 100644
index 39cc6db..0000000
--- a/resources/config/log/filebeat/filebeat.yml
+++ /dev/null
@@ -1,55 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-filebeat.prospectors:
-#it is mandatory, in our case it's log
-- input_type: log
-  #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
-  paths:
-    - /var/log/onap/*/*/*/*.log
-    - /var/log/onap/*/*/*.log
-    - /var/log/onap/*/*.log
-  #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
-  ignore_older: 48h
-  # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
-  clean_inactive: 96h
-
-
-# Name of the registry file. If a relative path is used, it is considered relative to the
-# data path. Else full qualified file name.
-#filebeat.registry_file: ${path.data}/registry
-
-
-output.logstash:
-  #List of logstash server ip addresses with port number.
-  #But, in our case, this will be the loadbalancer IP address.
-  #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
-  hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
-  #If enable will do load balancing among availabe Logstash, automatically.
-  loadbalance: true
-
-  #The list of root certificates for server verifications.
-  #If certificate_authorities is empty or not set, the trusted
-  #certificate authorities of the host system are used.
-  #ssl.certificate_authorities: $ssl.certificate_authorities
-
-  #The path to the certificate for SSL client authentication. If the certificate is not specified,
-  #client authentication is not available.
-  #ssl.certificate: $ssl.certificate
-
-  #The client certificate key used for client authentication.
-  #ssl.key: $ssl.key
-
-  #The passphrase used to decrypt an encrypted key stored in the configured key file
-  #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/resources/config/rproxy/auth/client-cert.p12 b/resources/config/rproxy/auth/client-cert.p12
deleted file mode 100644
index dbf4fca..0000000
--- a/resources/config/rproxy/auth/client-cert.p12
+++ /dev/null
diff --git a/resources/config/rproxy/auth/org.onap.aai.p12 b/resources/config/rproxy/auth/org.onap.aai.p12
deleted file mode 100644
index 023e2ea..0000000
--- a/resources/config/rproxy/auth/org.onap.aai.p12
+++ /dev/null
diff --git a/resources/config/rproxy/auth/tomcat_keystore b/resources/config/rproxy/auth/tomcat_keystore
deleted file mode 100644
index 99129c1..0000000
--- a/resources/config/rproxy/auth/tomcat_keystore
+++ /dev/null
diff --git a/resources/config/rproxy/security/keyfile b/resources/config/rproxy/security/keyfile
deleted file mode 100644
index 3416d4a..0000000
--- a/resources/config/rproxy/security/keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
-jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
-4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
-moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
-GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
-74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
-iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
-p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
-3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
-hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
-RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
-xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
-8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
-ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
-5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
-GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
-_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
-zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
-S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
-LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
-hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
-nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
-bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
-JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
-Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
-J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
-mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
-\ No newline at end of file
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2020-12-07 09:50:07 +0100
committer	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2020-12-07 09:50:07 +0100
commit	9204fcd2732eeda9ea4d25f65996bacf85e059d2 (patch)
tree	07591d00fbbcd486c65796cc2d4f3806712b3cd5 /resources/config
parent	18d4bd165e12cb4d03baa318e506f0dda381cd89 (diff)