kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties

# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.


#####################################################
#
# Hooks for specific environment configurations
#
#####################################################
# Indicator for whether to use AAF for authentication
UseAAF: {{ .Values.global.aafEnabled }}

# Stub out southbound calls for Unit Test cases to run.  e.g. not timeout
# Comment out in other environments to get default (No)
#UnitTest: Yes


#####################################################
#
# Settings for Southbound API: Datarouter
#
#####################################################

# URI to retrieve dynamic DR configuration
ProvisioningURI:  /internal/prov

# indicator for handling feed delete:
#  DeleteOnDR - means use the DR API to DELETE a feed.  (default for backwards compatibility)
#  SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL.  Better for cloudify environments.
Feed.deleteHandling: SimulateDelete

###########################################################
# The following properties default to match ONAP DR instance.
# However, there are some non-ONAP DR instances that require other values.
# Sets the X-DR-ON-BEHALF-OF HTTP Header value
#DR.onBehalfHeader:
# Value for the Content-Type Header in DR Feed API
#DR.feedContentType:
# Value for the Content-Type Header in DR Subscription API
#DR.subContentType:
#
# END OF properties helpful for non-ONAP DR instance.
############################################################

#####################################################
#
# Settings for Soutbound API: Postgresql
#
#####################################################
# flag indicates if we are using postgresql
UsePGSQL: {{ .Values.PG.enabled  }}

# postgres host name
# Need to connect to PG primary service, designated by service.name2
DB.host: {{ .Values.postgres.service.name2 }}

# postgres schema name
#DB.schema: {{ .Values.postgres.config.pgDatabase }}

# postgres user name
DB.user: ${PG_USER}

# postgres user password
DB.cred: ${PG_PASSWORD}


#####################################################
#
# Settings for Soutbound API: Message Router
#
#####################################################
# indicator for multi-site (locations) deployment.  Give clue to buscontroller whether
# there is a need for message replication between edge and central.
# ONAP Casablanca is a single site deployment
MR.multisite: false

# FQDN of primary message router.
# In ONAP Casablanca, there is only 1 message router service, so use that.
# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR
MR.CentralCname: {{ .Values.dmaapMessageRouterService }}

# Indicator for whether we want hostname verification on SSL connection to MR
MR.hostnameVerify: false

# MR Client Delete Level thoroughness:
#  0 = don't delete
#  1 = delete from persistent store
#  2 = delete from persistent store (DB) and authorization store (AAF)
MR.ClientDeleteLevel: 1

# namespace of MR Topic Factory
MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory

# AAF Role assigned to Topic Manager Identity
MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client

# MR topic ProjectID (used in certain topic name generation formats)
MR.projectID:  mr

# Use Basic Authentication when provisioning topics
MR.authentication: basicAuth

# MR topic name style (default is FQTN_LEGACY_FORMAT)
#MR.topicStyle: FQTN_LEGACY_FORMAT
#
# end of MR Related Properties
################################################################################


#####################################################
#
# Settings for Southbound API: CADI
#
#####################################################
# path to cadi.properties
cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props

#####################################################
#
# Settings for Southbound API: AAF proxy
#
#####################################################
# URL of the AAF server
aaf.URL: {{ .Values.aafURL }}

# TopicMgr Identity
aaf.TopicMgrUser: {{ .Values.topicMgrUser }}

# Password for TopicMgr identity
aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }}

# Buscontroller Admin Identity
aaf.AdminUser: {{ .Values.adminUser }}

# Admin Password
aaf.AdminPassword: {{ .Values.adminPwd }}

# Identity that is owner of any created namespaces for topics
aaf.NsOwnerIdentity: {{ .Values.adminUser }}


# this overrides the Class used for Decryption.
# This allows for a plugin encryption/decryption method if needed.
# Call this Class for decryption at runtime.
#AafDecryption.Class: com.company.proprietaryDecryptor

# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
# Not used in ONAP, but possibly used with Decryption override class.
#CredentialCodeKeyfile: etc/LocalKey

#
# endof AAF Properties
####################################################


#####################################################
#
# Settings for authorization of DBCAPI
#
#####################################################
# Namespace for URI values for the API used to create AAF permissions
# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients
ApiNamespace: org.onap.dmaap-bc.api

# If API authorization is required, then implement a class to enforce it.
# This overrides the Class used for API permission check.
ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll

#####################################################
#
# Settings for Southbound API: MirrorMaker provisioning
#
#####################################################
# AAF Role of client publishing MM prov cmds
MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov

# AAF identity when publishing MM prov cmds
MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org

# pwd for Identity used to publish MM prov cmds
MM.ProvUserPwd: demo123456!

# AAF Role of MirrorMaker agent subscribed to prov cmds.
MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent

#####################################################
#
# Certificate Management
#
#####################################################

# Indicates how we are expecting certificates to be provided:
#  cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file
#  legacy (default) - artifacts will be installed manually or some other way and details will be in this file
CertificateManagement: cadi

# When CertificateManagement is cadi, then this is where all the cadi properties will be.
# Note that the cadi properties include where the cert is, and the encrypted passwords to read.
cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props

###########################################################################################
# When CertificateManagement is legacy, we need to provide more details about cert handling:
#CertificateManagement: legacy
# the type of keystore for https (for legacy CertificateManagment only)
#KeyStoreType: jks

# path to the keystore file (for legacy CertificateManagment only)
#KeyStoreFile: etc/keystore

# password for the https keystore (for legacy CertificateManagment only)
#KeyStorePassword:  Y@Y5f&gm?PAz,CVQL,lk[VAF
# password for the private key in the https keystore (for legacy CertificateManagment only)
#KeyPassword: changeit

# type of truststore for https (for legacy CertificateManagment only)
#TrustStoreType: jks

# path to the truststore for https (for legacy CertificateManagment only)
#TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks

# password for the https truststore (for legacy CertificateManagment only)
#TrustStorePassword: changeit
#
# END OF legacy CertificateManagement properties
###########################################################################################


#####################################################
#
# HTTP Server Configuration
#
#####################################################

# Allow http access to dbcapi
HttpAllowed: true

# listen to http port within this container (server)
IntHttpPort: 8080

# listen to https port within this container (server)
# set to 0 if no certificates are available.
IntHttpsPort: 8443



inHttpsPort: 0

#####################################################
#
# Deprecated
#
#####################################################
# csit: stubs out some southbound APIs for csit  (deprecated)
#csit: No
# name of this DMaaP instance (deprecated)
#DmaapName: demo
# external port number for https taking port mapping into account  (deprecated)
#ExtHttpsPort: 443
# path to the file used to trigger an orderly shutdown (deprecated)
#QuiesceFile: etc/SHUTDOWN
# FQDN of DR Prov Server (deprecated)
#DR.provhost: dcae-drps.domain.not.set
# root of topic namespace (decrecated)
#topicNsRoot: org.onap.dcae.dmaap