/[pdpsoft]/trunk/aarc.master-portal/ansible/masterportal_env.yml.template
ViewVC logotype

Contents of /trunk/aarc.master-portal/ansible/masterportal_env.yml.template

Parent Directory Parent Directory | Revision Log Revision Log


Revision 3022 - (show annotations) (download)
Mon May 23 14:40:21 2016 UTC (5 years, 11 months ago) by tamasb
File size: 2272 byte(s)
sample passwords for DB secrets

1 ---
2
3 # DB Passwords
4
5 mariadb_root_password: MYSQL_ROOT_PW
6
7 # OA4MP Client
8
9 # The keystore is used for BOTH mp_client and mp_server to access the Credential Store
10 # therefor the two passwords KEYSTORE_PW should be the same. This way the two components
11 # can share a single keystore. The keystore usually contains the hostcert of the Master Portal
12
13 # The truststore contains trusted root certificates, and it's used to establish connection
14 # to the delegation server (/token and /getcert endpoints are backchannel calls)
15
16 # The mp_client_id and mp_client_secret should be filled from the client ID and SECRET
17 # provided by the delegation server while registering the master portal. Got to
18 # {{ delegation_server_auth }}/register and follow the registration steps to get an ID and SECRET
19
20 mp_client_keystore_pw: KEYSTORE_PW
21 mp_client_truststore_pw: TRUSTSTORE_PW
22 mp_client_id: MP_CLIENT_ID
23 mp_client_secret: MP_CLIENT_SECRET
24
25 mp_client_db_pw: MP_CLIENT_DB_PW
26
27 # OA4MP Server
28
29 # Make sure mp_server_keystore_pw matches the keystore password set above at mp_client_keystore_pw!
30
31 mp_server_keystore_pw: KEYSTORE_PW
32
33 mp_server_db_pw: MP_SERVER_DB_PW
34
35 # Credential Store
36
37 # Set the MyProxy Credential Store that will store all the incoming used proxies. Make sure to
38 # fill in the right hostname (even if it's localhost!), othewise the SSL connection will break!
39 # The MYPROXY_PWD will be used to encrypt every incoming user proxy.
40
41 credstore_host: host.myproxy.com
42 credstore_port: 7512
43 credstore_pw: MYPROXY_PWD
44
45 # Delegation Server
46
47 # Fill in the delegation server oauth2 endpoint that which will be used by this Master Portal
48
49 deleg_server_auth: https://www.example.com/oauth2
50
51 # VO Portal
52
53 # The VO Portal is only deployed for testing purposes! Usually, a VO Portal would like on a different
54 # host. Leave these variables empty for the first run of ansible, since there is no Master Portal
55 # to register with yet. After the first ansible run, the Master Portal should be up and running.
56 # Now you can naviagete to {{ masterportal }}/{{ mp_server }}/register and register your VO Portal.
57 # Once you have the ID and SECRET, you can fill them in here, and rerun ansible
58
59 vo_portal_id: VP_CLIENT_ID
60 vo_portal_secret: VP_CLIENT_SECRET
61 vo_portal_truststore_pw: VO_TRUSTSTORE_PW
62

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28