diff options
Diffstat (limited to 'docker/chef-repo/cookbooks')
12 files changed, 674 insertions, 0 deletions
diff --git a/docker/chef-repo/cookbooks/dcae-dt/README.md b/docker/chef-repo/cookbooks/dcae-dt/README.md new file mode 100644 index 0000000..de00ec4 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/README.md @@ -0,0 +1,4 @@ +# dcae-dt + +TODO: Enter the cookbook description here. + diff --git a/docker/chef-repo/cookbooks/dcae-dt/attributes/default.rb b/docker/chef-repo/cookbooks/dcae-dt/attributes/default.rb new file mode 100644 index 0000000..05e9fd8 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/attributes/default.rb @@ -0,0 +1,19 @@ +default['JETTY_BASE'] = "/var/lib/jetty" +default['JETTY_HOME'] = "/usr/local/jetty" +default['APP_LOG_DIR'] = "/opt/logs/dcae-dt" + +default['DCAE']['BE'][:http_port] = 8082 +default['DCAE']['BE'][:https_port] = 8444 + +default['DCAE']['FE'][:http_port] = 8183 +default['DCAE']['FE'][:https_port] = 9444 + +default['DCAE']['DT'][:http_port] = 8186 +default['DCAE']['DT'][:https_port] = 9446 + +default['jetty']['keystore_pwd'] = "rTIS;B4kM]2GHcNK2c3B4&Ng" +default['jetty']['keymanager_pwd'] = "rTIS;B4kM]2GHcNK2c3B4&Ng" +default['jetty']['truststore_pwd'] = "Y,f975ZNJfVZhV*{+Y[}pA?0" + +default['disableHttp'] = true + diff --git a/docker/chef-repo/cookbooks/dcae-dt/chefignore b/docker/chef-repo/cookbooks/dcae-dt/chefignore new file mode 100644 index 0000000..ba30af6 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/chefignore @@ -0,0 +1,11 @@ +# Put files/directories that should be ignored in this file. +# Lines that start with '# ' are comments. + +# emacs +*~ + +# vim +*.sw[a-z] + +# subversion +*/.svn/* diff --git a/docker/chef-repo/cookbooks/dcae-dt/files/default/org.onap.sdc.p12 b/docker/chef-repo/cookbooks/dcae-dt/files/default/org.onap.sdc.p12 Binary files differnew file mode 100644 index 0000000..ee000dc --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/files/default/org.onap.sdc.p12 diff --git a/docker/chef-repo/cookbooks/dcae-dt/files/default/org.onap.sdc.trust.jks b/docker/chef-repo/cookbooks/dcae-dt/files/default/org.onap.sdc.trust.jks Binary files differnew file mode 100644 index 0000000..342c4f2 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/files/default/org.onap.sdc.trust.jks diff --git a/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb b/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb new file mode 100644 index 0000000..69d5a03 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb @@ -0,0 +1,63 @@ +dcae_fe_vip = node['DCAE_FE_VIP'] + +if node['disableHttp'] + protocol = "https" + dcae_fe_port = node['DCAE']['FE'][:https_port] + dcae_dt_port = node['DCAE']['DT'][:https_port] +else + protocol = "http" + dcae_fe_port = node['DCAE']['FE'][:http_port] + dcae_dt_port = node['DCAE']['DT'][:http_port] +end + +printf("DEBUG: [%s]:[%s] disableHttp=[%s], protocol=[%s], dcae_dt_port=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], protocol, dcae_dt_port ) + + +directory "DT_tempdir_creation" do + path "#{ENV['JETTY_BASE']}/temp" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +directory "#{ENV['JETTY_BASE']}/config" do + owner "jetty" + group "jetty" + mode '0755' + recursive true + action :create +end + +directory "#{ENV['JETTY_BASE']}/config/dcae-dt" do + owner "jetty" + group "jetty" + mode '0755' + recursive true + action :create +end + +template "dcae-dt-config" do + sensitive true + path "#{ENV['JETTY_BASE']}/config/dcae-dt/application.properties" + source "dcae-application.properties.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :dcae_fe_vip => dcae_fe_vip, + :dcae_fe_port => dcae_fe_port, + :protocol => protocol, + :dcae_dt_port => dcae_dt_port + }) +end + + +template "dcae-logback-spring-config" do + sensitive true + path "#{ENV['JETTY_BASE']}/config/dcae-dt/logback-spring.xml" + source "dcae-logback-spring.erb" + owner "jetty" + group "jetty" + mode "0755" +end diff --git a/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb b/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb new file mode 100644 index 0000000..28bbf3c --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb @@ -0,0 +1,83 @@ +#Set the http module option +if node['disableHttp'] + http_option = "#--module=http" +else + http_option = "--module=http" +end + + +printf("DEBUG: [%s]:[%s] disableHttp=[%s], http_option=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], http_option ) + + +directory "Jetty_etcdir_creation" do + path "#{ENV['JETTY_BASE']}/etc" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +# Create Keystore +cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do + source "org.onap.sdc.p12" + owner "jetty" + group "jetty" + mode 0755 +end + +# Create Trustore +cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do + source "org.onap.sdc.trust.jks" + owner "jetty" + group "jetty" + mode 0755 +end + +bash "create-jetty-modules" do + cwd "#{ENV['JETTY_BASE']}" + code <<-EOH + cd "#{ENV['JETTY_BASE']}" + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,console-capture,setuid + EOH +end + +# configure Jetty modules +template "http-ini" do + path "#{ENV['JETTY_BASE']}/start.d/http.ini" + source "http-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :http_option => http_option , + :http_port => "#{node['DCAE']['DT'][:http_port]}" + }) +end + +template "https-ini" do + path "#{ENV['JETTY_BASE']}/start.d/https.ini" + source "https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :https_port => "#{node['DCAE']['DT'][:https_port]}" + }) +end + +template "ssl-ini" do + path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" + source "ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :https_port => "#{node['DCAE']['DT'][:https_port]}" , + :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , + :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , + :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" + }) +end + diff --git a/docker/chef-repo/cookbooks/dcae-dt/templates/default/dcae-application.properties.erb b/docker/chef-repo/cookbooks/dcae-dt/templates/default/dcae-application.properties.erb new file mode 100644 index 0000000..789d103 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/templates/default/dcae-application.properties.erb @@ -0,0 +1,4 @@ +server.port=<%= @dcae_dt_port %> +server.context-path=/dcae +newFeUrl=<%= @protocol %>://<%= @dcae_fe_vip %>:<%= @dcae_fe_port %> +newFeContextPath=/dcaed diff --git a/docker/chef-repo/cookbooks/dcae-dt/templates/default/dcae-logback-spring.erb b/docker/chef-repo/cookbooks/dcae-dt/templates/default/dcae-logback-spring.erb new file mode 100644 index 0000000..7c0bfb6 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/templates/default/dcae-logback-spring.erb @@ -0,0 +1,342 @@ +<!-- Copyright (c) 2016 AT&T Intellectual Property. All rights reserved. --> +<configuration scan="true" scanPeriod="3 seconds"> + <include resource="org/springframework/boot/logging/logback/base.xml"/> + <!--<jmxConfigurator /> --> + + <!-- specify the component name --> + <property name="componentName" value="DCAE"></property> + + <!-- log file names --> + <property name="generalLogName" value="application" /> + <property name="securityLogName" value="security" /> + <property name="performanceLogName" value="performance" /> + <property name="serverLogName" value="server" /> + <property name="policyLogName" value="policy" /> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + + <property name="defaultPattern" value="%date{ISO8601,UTC}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" /> + + <property name="auditLoggerPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" /> + <property name="metricsLoggerPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" /> + <property name="errorLoggerPattern" value="%date{ISO8601,UTC}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}| %msg%n" /> + <property name="debugLoggerPattern" value="%date{ISO8601,UTC}|%X{RequestId}| %msg%n" /> + + <property name="logDirectory" value="${log.home}/${componentName}" /> + + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + + <appender name="EELF" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + <!-- EELF Security Appender. This appender is used to record security events + to the security log file. Security events are separate from other loggers + in EELF so that security log records can be captured and managed in a secure + way separate from the other logs. This appender is set to never discard any + events. --> + <appender name="EELFSecurity" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${securityLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <discardingThreshold>0</discardingThreshold> + <appender-ref ref="EELFSecurity" /> + </appender> + + <!-- EELF Performance Appender. This appender is used to record performance + records. --> + <appender name="EELFPerformance" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${performanceLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFPerformance" /> + </appender> + + <!-- EELF Server Appender. This appender is used to record Server related + logging events. The Server logger and appender are specializations of the + EELF application root logger and appender. This can be used to segregate Server + events from other components, or it can be eliminated to record these events + as part of the application root log. --> + <appender name="EELFServer" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${serverLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFServer" /> + </appender> + + + <!-- EELF Policy Appender. This appender is used to record Policy engine + related logging events. The Policy logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <appender name="EELFPolicy" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${policyLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFPolicy" /> + </appender> + + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <!-- Audit log --> + <appender name="EELFAudit" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <!-- Audit messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + <marker>AUDIT</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${auditLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + +<appender name="EELFMetrics" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${metricsLoggerPattern}</pattern> + </encoder> + </appender> + + + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> + </appender> + + <appender name="EELFError" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${errorLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${errorLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFError"/> + </appender> + + <appender name="EELFDebug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${debugLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + </logger> + <logger name="com.att.eelf.security" level="info" additivity="false"> + <appender-ref ref="asyncEELFSecurity" /> + </logger> + <logger name="com.att.eelf.perf" level="info" additivity="false"> + <appender-ref ref="asyncEELFPerformance" /> + </logger> + <logger name="com.att.eelf.server" level="info" additivity="false"> + <appender-ref ref="asyncEELFServer" /> + </logger> + <logger name="com.att.eelf.policy" level="info" additivity="false"> + <appender-ref ref="asyncEELFPolicy" /> + </logger> + + <logger name="org.openecomp.sdc.common.ecomplog.EcompLoggerAudit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + + <logger name="com.att.eelf.error" level="error" additivity="false"> + <appender-ref ref="asyncEELFError" /> + </logger> + + <logger name="com.att.eelf.debug" level="debug" additivity="false"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + + + + <root level="INFO"> + <appender-ref ref="asyncEELF" /> + </root> + +</configuration> diff --git a/docker/chef-repo/cookbooks/dcae-dt/templates/default/http-ini.erb b/docker/chef-repo/cookbooks/dcae-dt/templates/default/http-ini.erb new file mode 100644 index 0000000..8f26690 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/templates/default/http-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +<%= @http_option %> + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port=<%= @http_port %> + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/docker/chef-repo/cookbooks/dcae-dt/templates/default/https-ini.erb b/docker/chef-repo/cookbooks/dcae-dt/templates/default/https-ini.erb new file mode 100644 index 0000000..9999a41 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/templates/default/https-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/docker/chef-repo/cookbooks/dcae-dt/templates/default/ssl-ini.erb b/docker/chef-repo/cookbooks/dcae-dt/templates/default/ssl-ini.erb new file mode 100644 index 0000000..278fdea --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/templates/default/ssl-ini.erb @@ -0,0 +1,90 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12 + +## Truststore file path (relative to $jetty.base) +jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks + +## Keystore password +# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g +jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> + +## Truststore password +# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +# jetty.sslContext.needClientAuth=false + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 |