1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
|
cat <<!EOF
#
# ============LICENSE_START==========================================
# org.onap.dmaap
# ===================================================================
# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
# ===================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END============================================
# ECOMP is a trademark and service mark of AT&T Intellectual Property.
#
#
#
# Configuration parameters fixed at startup for the DMaaP Bus Controller
#
# CSIT TESTING
csit: ${DMAAPBC_CSIT:-No}
#
# URI to retrieve dynamic DR configuration
#
ProvisioningURI: ${DMAAPBC_INTURI:-/internal/prov}
#
# Allow http access to API
#
HttpAllowed: ${DMAAPBC_HTTPALLOWED:-true}
#
# The port number for http as seen within the server
#
IntHttpPort: ${DMAAPBC_INT_HTTP_PORT:-8080}
#
# The port number for https as seen within the server
# Set to 0 if no certificate is available yet...
#
IntHttpsPort: ${DMAAPBC_INT_HTTPS_PORT:-8443}
#
# The external port number for https taking port mapping into account
#
ExtHttpsPort: ${DMAAPBC_EXT_HTTPS_PORT:-443}
#
# The type of keystore for https
#
KeyStoreType: jks
#
# The path to the keystore for https
#
KeyStoreFile: ${DMAAPBC_KSTOREFILE:-etc/keystore}
#
# The password for the https keystore
#
KeyStorePassword: ${DMAAPBC_KSTOREPASS:-Demolition Artist Floating}
#
# The password for the private key in the https keystore
#
KeyPassword: ${DMAAPBC_PVTKEYPASS:-Demolition Artist Floating}
#
# The type of truststore for https
#
TrustStoreType: jks
#
# The path to the truststore for https
#
TrustStoreFile: ${DMAAPBC_TSTOREFILE}
#
# The password for the https truststore
#
TrustStorePassword: ${DMAAPBC_TSTOREPASS:-changeit}
#
# The path to the file used to trigger an orderly shutdown
#
QuiesceFile: etc/SHUTDOWN
#
# Enable postgress
#
UsePGSQL: ${DMAAPBC_PG_ENABLED:-false}
#
# The host for postgres access
#
DB.host: ${DMAAPBC_PGHOST:-HostNotSet}
#
# For postgres access
#
DB.cred: ${DMAAPBC_PGCRED:-ValueNotSet}
#
# Name of this environment
#
DmaapName: ${DMAAPBC_INSTANCE_NAME:-demo}
#
# Name of DR prov server
#
DR.provhost: ${DMAAPBC_DRPROV_FQDN:-dcae-drps.domain.notset.com}
#
# handling of feed delete
# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility)
# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments
Feed.deleteHandling: ${DMAAPBC_FEED_DELETE:-DeleteOnDR}
################################################################################
# MR Related Properties:
#
# ONAP Beijing is a single site deployment.
MR.multisite: false
#
# Value of the CNAME DNS entry which resolves to the primary central MR cluster (when there are more than one central clusters).
# if there is only one MR cluster in an environment, set this to the DNS name for that cluster
#
MR.CentralCname: ${DMAAPBC_MR_CNAME:-dmaap.onap}
#
# MR Client Delete Level thoroughness:
# 0 = don't delete
# 1 = delete from persistent store
# 2 = delete from persistent store (DB) and authorization store (AAF)
MR.ClientDeleteLevel: 1
#
# MR Topic Factory Namespace
#
MR.TopicFactoryNS: org.onap.dcae.dmaap.topicFactory
#
# MR TopicMgr Role
MR.TopicMgrRole: org.onap.dmaapBC.TopicMgr
# MR topic name style
MR.topicStyle: FQTN_LEGACY_FORMAT
# MR topic ProjectID
MR.projectID: 23456
#
# end of MR Related Properties
################################################################################
#
# The Role and credentials of the MirrorMaker Provisioner. This is used by DMaaP Bus Controller to pub to the provisioning topic
# Not part of 1701
#
MM.ProvRole: ${DMAAPBC_MMPROV_ROLE:-org.onap.dmaapBC.MMprov.prov}
MM.ProvUserMechId: ${DMAAPBC_MMPROV_ID:-idNotSet@namespaceNotSet}
MM.ProvUserPwd: ${DMAAPBC_MMPROV_PWD:-pwdNotSet}
#
# The Role of the MirrorMaker Agent. This is used by MM to sub to provisioning topic
#
MM.AgentRole: ${DMAAPBC_MMAGENT_ROLE:-org.onap.dmaapBC.MMagent.agent}
#################
# AAF Properties:
#
# regarding password encryption:
# In the dependencies that Maven retrieves (e.g., under dcae_dmaapbc/target/deps/ is a jar file cadi-core-version.jar. Generate the key file with:
#
# java \u2013jar wherever/cadi-core-*.jar keygen keyfilename
# chmod 400 keyfilename
#
# To encrypt a key:
#
# java \u2013jar wherever/cadi-core-*.jar digest password-to-encrypt keyfilename
#
# This will generate a string. Put \u201Cenc:\u201D on the front of the string, and put the result in this properties file.
#
# Location of the Codec Keyfile which is used to decrypt passwords in this properties file before they are passed to AAF
#
# REF: https://wiki.domain.notset.com/display/cadi/CADI+Deployment
#
CredentialCodecKeyfile: ${DMAAPBC_CODEC_KEYFILE:-etc/LocalKey}
#
# This overrides the Class used for Decryption.
# This allows for a plugin encryption/decryption method if needed.
# Call this Class for decryption at runtime.
#AafDecryption.Class: com.company.proprietaryDecryptor
#
# This overrides the Class used for API Permission check.
# This allows for a plugin policy check, if needed
#ApiPermission.Class: com.company.policy.DecisionPolicy
#
# URL of AAF environment to use.
#
aaf.URL: ${DMAAPBC_AAF_URL:-https://authentication.simpledemo.onap.org:8095/proxy/}
#
# TopicMgr mechid@namespace
#
aaf.TopicMgrUser: ${DMAAPBC_TOPICMGR_USER:-idNotSet@namespaceNotSet}
#
# TopicMgr password
#
aaf.TopicMgrPassword: ${DMAAPBC_TOPICMGR_PWD:-pwdNotSet}
#
# Bus Controller Namespace Admin mechid@namespace
#
aaf.AdminUser: ${DMAAPBC_ADMIN_USER:-idNotSet@namespaceNotSet}
#
# Bus Controller Namespace Admin password
#
aaf.AdminPassword: ${DMAAPBC_ADMIN_PWD:-pwdNotSet}
#
# endof AAF Properties
#################
#################
# PolicyEngine Properties
#
# Flag to turn on/off Authentication
UsePE: ${DMAAPBC_PE_ENABLED:-false}
#
# Argument to decisionAttributes.put("AAF_ENVIRONMENT", X);
# where X is: TEST= UAT, PROD = PROD, DEVL = TEST
#
PeAafEnvironment: ${DMAAPBC_PE_AAF_ENV:-CSIT}
PeAafUrl.CSIT: ${DMAAPBC_AAF_URL:-http://localhost:8095/proxy/}
PeAafUrl.DEVL: https://aafdev.onap.org:8095/proxy/
PeAafUrl.TEST: https://aafist..onap.org:8095/proxy/
PeAafUrl.PROD: https://aafprod.onap.org:8095/proxy/
#
# Name of PolicyEngineApi properties file
PolicyEngineProperties: config/PolicyEngineApi.properties
#
# Namespace for URI values for API used to create AAF permissions
# e.g. if ApiNamespace is X.Y..dmaapBC.api then for URI /topics we create an AAF perm X.Y..dmaapBC.api.topics
ApiNamespace: ${DMAAPBC_API_NAMESPACE:-org.onap.dmaapBC.api}
#
# endof PolicyEngineProperties
#################
!EOF
|