path: root/etc/dmaapbc.properties

#!#
#!#
#!# ============LICENSE_START==========================================
#!# org.onap.dmaap
#!# ===================================================================
#!# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
#!# ===================================================================
#!# Licensed under the Apache License, Version 2.0 (the "License");
#!# you may not use this file except in compliance with the License.
#!# You may obtain a copy of the License at
#!#
#!#        http://www.apache.org/licenses/LICENSE-2.0
#!#
#!# Unless required by applicable law or agreed to in writing, software
#!# distributed under the License is distributed on an "AS IS" BASIS,
#!# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#!# See the License for the specific language governing permissions and
#!# limitations under the License.
#!# ============LICENSE_END============================================
#!# ECOMP is a trademark and service mark of AT&T Intellectual Property.
#!#
#!#
#!#	Configuration parameters fixed at startup for the DMaaP Bus Controller
#!#
#!#
#!#	URI to retrieve dynamic DR configuration
#!#
#!UnitTest: Yes
#!ProvisioningURI:	/internal/prov
#!#
#!#	Allow http access to API
#!#
#!HttpAllowed:	true
#!#
#!#	The port number for http as seen within the server
#!#
#!IntHttpPort:	8080
#!#
#!#	The port number for https as seen within the server
#!#   Set to 0 if no certificate is available yet...
#!#
#!IntHttpsPort:	0
#!#
#!#	The external port number for https taking port mapping into account
#!#
#!ExtHttpsPort:	0
#!#
#!#	The type of keystore for https
#!#
#!KeyStoreType:	jks
#!#
#!#	The path to the keystore for https
#!#
#!KeyStoreFile:	etc/keystore
#!#
#!#	The password for the https keystore
#!#
#!KeyStorePassword:	changeit
#!#
#!#	The password for the private key in the https keystore
#!#
#!KeyPassword:	changeit
#!#
#!#	The type of truststore for https
#!#
#!TrustStoreType:	jks
#!#
#!#	The path to the truststore for https
#!#
#!TrustStoreFile:	${DMAAPBC_TSTOREFILE}
#!#
#!#	The password for the https truststore
#!#
#!TrustStorePassword:	changeit
#!#
#!#	The path to the file used to trigger an orderly shutdown
#!#
#!QuiesceFile:	etc/SHUTDOWN
#!#
#!#	Enable postgress
#!#
#!UsePGSQL:	false
#!#
#!#	The host for postgres access
#!#
#!DB.host:	none
#!#
#!#	For postgres access
#!#
#!DB.cred:	none
#!#
#!#	Name of this environment
#!#
#!DmaapName:	onap-cit
#!#
#!#	Name of DR prov server
#!#
#!DR.provhost:	localhost
#!#
#!# handling of feed delete
#!# DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility)
#!# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL.  Better for cfy environments
#!Feed.deleteHandling: DeleteOnDR
#!
#!################################################################################
#!# MR Related Properties:
#!#
#!#   Value of the CNAME DNS entry which resolves to the primary central MR cluster (when there are more than one central clusters).
#!#   if there is only one MR cluster in an environment, set this to the DNS name for that cluster
#!#
#!MR.CentralCname:  notSet.onap.org
#!#
#!#   MR Client Delete Level thoroughness:
#!#   0 = don't delete
#!#   1 = delete from persistent store
#!#   2 = delete from persistent store (DB) and authorization store (AAF)
#!MR.ClientDeleteLevel: 1
#!#
#!#   MR Topic Factory Namespace
#!#
#!MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory
#!#
#!#   MR TopicMgr Role
#!MR.TopicMgrRole:    org.onap.dmaap-bc.TopicMgr
#!
#!#   MR topic name style
#!MR.topicStyle:	FQTN_LEGACY_FORMAT
#!
#!#   MR topic ProjectID
#!MR.projectID:  23456
#!
#!MR.multisite:  true
#!#
#!# end of MR Related Properties
#!################################################################################
#!
#!#
#!#	The Role and credentials of the MirrorMaker Provisioner.  This is used by DMaaP Bus Controller to pub to the provisioning topic
#!#   Not part of 1701
#!#
#!MM.ProvRole: org.onap.dmaapBC.MMprov.prov
#!MM.ProvUserMechId: idNotSet@namespaceNotSet
#!MM.ProvUserPwd: pwdNotSet
#!#
#!#	The Role of the MirrorMaker Agent. This is used by MM to sub to provisioning topic
#!#
#!MM.AgentRole: org.onap.dmaapBC.MMagent.agent
#!#################
#!# AAF Properties:
#!#
#!# regarding password encryption:
#!# In the dependencies that Maven retrieves (e.g., under dcae_dmaapbc/target/deps/ is a jar file cadi-core-version.jar.  Generate the key file with:
#!#
#!# java \u2013jar wherever/cadi-core-*.jar keygen keyfilename
#!# chmod 400 keyfilename
#!#
#!# To encrypt a key:
#!#
#!# java \u2013jar wherever/cadi-core-*.jar digest password-to-encrypt keyfilename
#!#
#!# This will generate a string.  Put \u201Cenc:\u201D on the front of the string, and put the result in this properties file.
#!#
#!# Location of the Codec Keyfile which is used to decrypt passwords in this properties file before they are passed to AAF
#!#
#!# REF: https://wiki.domain.notset.com/display/cadi/CADI+Deployment
#!#
#!CredentialCodecKeyfile:	etc/LocalKey
#!#
#!# This overrides the Class used for Decryption.
#!# This allows for a plugin encryption/decryption method if needed.
#!# Call this Class for decryption at runtime.
#!#AafDecryption.Class: com.company.proprietaryDecryptor
#!
#!#
#!# This overrides the Class used for API Permission check.
#!# This allows for a plugin policy check, if needed
#!ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll
#!
#!#
#!# URL of AAF environment to use.
#!#
#!aaf.URL:	https://localhost:8100/proxy
#!#
#!# TopicMgr mechid@namespace
#!#
#!aaf.TopicMgrUser:	idNotSet@namespaceNotSet
#!#
#!# TopicMgr password
#!# 
#!aaf.TopicMgrPassword:	pwdNotSet
#!#
#!# Bus Controller Namespace Admin  mechid@namespace
#!#
#!aaf.AdminUser:	idNotSet@namespaceNotSet
#!#
#!# Bus Controller Namespace Admin password
#!#
#!aaf.AdminPassword:	pwdNotSet
#!#
#!# endof AAF Properties
#!#################
#!#################
#!# PolicyEngine Properties
#!#
#!# Name of PolicyEngineApi properties file
#!PolicyEngineProperties: config/PolicyEngineApi.properties
#!#
#!# Namespace for URI values for API used to create AAF permissions
#!# e.g. if ApiNamespace is X.Y..dmaapBC.api then for URI /topics we create an AAF perm X.Y..dmaapBC.api.topics
#!ApiNamespace: org.onap.dmaapBC.api
#!#
#!# endof PolicyEngineProperties
#!#################
######NEW FILE  #####
# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.


#####################################################
#
# Hooks for specific environment configurations
#
#####################################################
# Indicator for whether to use AAF for authentication
#UseAAF: false

# Stub out southbound calls for Unit Test cases to run.  e.g. not timeout
# Comment out in other environments to get default (No)
UnitTest: Yes


#####################################################
#
# Settings for Southbound API: Datarouter
#
#####################################################

# URI to retrieve dynamic DR configuration
ProvisioningURI:  /internal/prov

# indicator for handling feed delete:
#  DeleteOnDR - means use the DR API to DELETE a feed.  (default for backwards compatibility)
#  SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL.  Better for cloudify environments.
Feed.deleteHandling: DeleteOnDR

###########################################################
# The following properties default to match ONAP DR instance.
# However, there are some non-ONAP DR instances that require other values.
# Sets the X-DR-ON-BEHALF-OF HTTP Header value
#DR.onBehalfHeader:
# Value for the Content-Type Header in DR Feed API
#DR.feedContentType:
# Value for the Content-Type Header in DR Subscription API
#DR.subContentType:
#
# END OF properties helpful for non-ONAP DR instance.
############################################################

#####################################################
#
# Settings for Soutbound API: Postgresql
#
#####################################################
# flag indicates if we are using postgresql
UsePGSQL: false

# postgres host name
# Need to connect to PG primary service, designated by service.name2
DB.host: none

# postgres schema name
#DB.schema: {{ .Values.postgres.config.pgDatabase }}

# postgres user name
#DB.user: {{ .Values.postgres.config.pgUserName }}

# postgres user password
DB.cred: none


#####################################################
#
# Settings for Soutbound API: Message Router
#
#####################################################
# indicator for multi-site (locations) deployment.  Give clue to buscontroller whether
# there is a need for message replication between edge and central.
# ONAP Casablanca is a single site deployment
MR.multisite: true

# FQDN of primary message router.
# In ONAP Casablanca, there is only 1 message router service, so use that.
# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR
MR.CentralCname: notSet.onap.org

# Indicator for whether we want hostname verification on SSL connection to MR
MR.hostnameVerify: false

# MR Client Delete Level thoroughness:
#  0 = don't delete
#  1 = delete from persistent store
#  2 = delete from persistent store (DB) and authorization store (AAF)
MR.ClientDeleteLevel: 1

# namespace of MR Topic Factory
MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory

# AAF Role assigned to Topic Manager Identity
MR.TopicMgrRole: org.onap.dmaap-bc.TopicMgr

# MR topic ProjectID (used in certain topic name generation formats)
MR.projectID:  23456

# Use Basic Authentication when provisioning topics
#MR.authentication: basicAuth

# MR topic name style (default is FQTN_LEGACY_FORMAT)
MR.topicStyle: FQTN_LEGACY_FORMAT
#
# end of MR Related Properties
################################################################################


#####################################################
#
# Settings for Southbound API: CADI
#
#####################################################
# path to cadi.properties
#cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props

#####################################################
#
# Settings for Southbound API: AAF proxy
#
#####################################################
# URL of the AAF server
aaf.URL: https://localhost:8100/proxy

# TopicMgr Identity
aaf.TopicMgrUser: idNotSet@namespaceNotSet

# Password for TopicMgr identity
aaf.TopicMgrPassword: pwdNotSet

# Buscontroller Admin Identity
aaf.AdminUser: idNotSet@namespaceNotSet

# Admin Password
aaf.AdminPassword: pwdNotSet

# Identity that is owner of any created namespaces for topics
#aaf.NsOwnerIdentity: ownerNotSet@namespaceNotSet.org


# this overrides the Class used for Decryption.
# This allows for a plugin encryption/decryption method if needed.
# Call this Class for decryption at runtime.
#AafDecryption.Class: com.company.proprietaryDecryptor

# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
# Not used in ONAP, but possibly used with Decryption override class.
CredentialCodecKeyfile: etc/LocalKey

#
# endof AAF Properties
####################################################


#####################################################
#
# Settings for authorization of DBCAPI
#
#####################################################
# Namespace for URI values for the API used to create AAF permissions
# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients
ApiNamespace: org.onap.dmaapBC.api

# If API authorization is required, then implement a class to enforce it.
# This overrides the Class used for API permission check.
ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll

#####################################################
#
# Settings for Southbound API: MirrorMaker provisioning
#
#####################################################
# AAF Role of client publishing MM prov cmds
MM.ProvRole: org.onap.dmaapBC.MMprov.prov

# AAF identity when publishing MM prov cmds
MM.ProvUserMechId: idNotSet@namespaceNotSet

# pwd for Identity used to publish MM prov cmds
MM.ProvUserPwd: pwdNotSet

# AAF Role of MirrorMaker agent subscribed to prov cmds. 
MM.AgentRole: org.onap.dmaapBC.MMagent.agent

#####################################################
#
# Certificate Management
#
#####################################################

# Indicates how we are expecting certificates to be provided:
#  cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file
#  legacy (default) - artifacts will be installed manually or some other way and details will be in this file
CertificateManagement: legacy

# When CertificateManagement is cadi, then this is where all the cadi properties will be.
# Note that the cadi properties include where the cert is, and the encrypted passwords to read.
cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props

###########################################################################################
# When CertificateManagement is legacy, we need to provide more details about cert handling:
#CertificateManagement: legacy
# the type of keystore for https (for legacy CertificateManagment only)
KeyStoreType: jks

# path to the keystore file (for legacy CertificateManagment only)
KeyStoreFile: etc/keystore

# password for the https keystore (for legacy CertificateManagment only)
KeyStorePassword:  changeit
# password for the private key in the https keystore (for legacy CertificateManagment only)
KeyPassword: changeit

# type of truststore for https (for legacy CertificateManagment only)
TrustStoreType: jks

# path to the truststore for https (for legacy CertificateManagment only)
TrustStoreFile: ${DMAAPBC_TSTOREFILE}

# password for the https truststore (for legacy CertificateManagment only)
TrustStorePassword: changeit
#
# END OF legacy CertificateManagement properties
###########################################################################################


#####################################################
#
# HTTP Server Configuration
#
#####################################################

# Allow http access to dbcapi
HttpAllowed: true

# listen to http port within this container (server)
IntHttpPort: 8080

# listen to https port within this container (server)
# set to 0 if no certificates are available.
IntHttpsPort: 0


inHttpsPort: 0

#####################################################
#
# Deprecated properties
#
#####################################################
# csit: stubs out some southbound APIs for csit  (deprecated)
#csit: No
# name of this DMaaP instance (deprecated)
#DmaapName: onap-cit
# external port number for https taking port mapping into account  (deprecated)
#ExtHttpsPort: 443
# path to the file used to trigger an orderly shutdown (deprecated)
#QuiesceFile: etc/SHUTDOWN
# FQDN of DR Prov Server (deprecated)
#DR.provhost: localhost
# root of topic namespace (decrecated)
#topicNsRoot: org.onap.dcae.dmaap