257 lines
8.6 KiB
Text
257 lines
8.6 KiB
Text
# -------------------------------------------------------------------------- #
|
|
# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems #
|
|
# #
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
|
# not use this file except in compliance with the License. You may obtain #
|
|
# a copy of the License at #
|
|
# #
|
|
# http://www.apache.org/licenses/LICENSE-2.0 #
|
|
# #
|
|
# Unless required by applicable law or agreed to in writing, software #
|
|
# distributed under the License is distributed on an "AS IS" BASIS, #
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
|
|
# See the License for the specific language governing permissions and #
|
|
# limitations under the License. #
|
|
#--------------------------------------------------------------------------- #
|
|
|
|
################################################################################
|
|
# Server Configuration
|
|
################################################################################
|
|
|
|
# Directory to store temp files when uploading images
|
|
#
|
|
:tmpdir: /var/tmp
|
|
|
|
# OpenNebula sever contact information
|
|
#
|
|
:one_xmlrpc: http://localhost:2633/RPC2
|
|
:one_xmlrpc_timeout: 60
|
|
|
|
# :subscriber_endpoint to subscribe for OpenNebula events must match those in
|
|
# oned.conf
|
|
:subscriber_endpoint: tcp://localhost:2101
|
|
|
|
# Server Configuration
|
|
#
|
|
# Sinatra fails if the IP is specified in k8s
|
|
#:host: 127.0.0.1
|
|
:port: 9869
|
|
|
|
# Place where to store sessions, this value can be memory, memcache or memcache-dalli
|
|
# Use memcache when starting multiple server processes, for example,
|
|
# with passenger
|
|
#
|
|
# NOTE. memcache needs a separate memcached server to be configured. Refer
|
|
# to memcached documentation to configure the server.
|
|
:sessions: memory
|
|
|
|
# Memcache configuration
|
|
:memcache_host: localhost
|
|
:memcache_port: 11211
|
|
:memcache_namespace: opennebula.sunstone
|
|
|
|
# Excution environment for Sunstone
|
|
# dev, Instead of pulling the minified js all the files will be pulled (app/main.js)
|
|
# Check the Building from Source guide in the docs, for details on how to run
|
|
# Sunstone in development
|
|
# prod, the minified js will be used (dist/main.js)
|
|
:env: 'prod'
|
|
|
|
|
|
################################################################################
|
|
# Log
|
|
################################################################################
|
|
|
|
# Log debug level
|
|
# 0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG
|
|
#
|
|
:debug_level: 3
|
|
|
|
################################################################################
|
|
# Proxy
|
|
################################################################################
|
|
|
|
# Enable an http proxy for the support portal and to download MarketPlaceApps
|
|
# from the MarketPlace to the user's desktop.
|
|
# :proxy: http://<hostname>:<port>
|
|
|
|
################################################################################
|
|
# Auth
|
|
################################################################################
|
|
|
|
# Authentication driver for incomming requests
|
|
# sunstone: for OpenNebula's user-password scheme
|
|
# x509: for x509 certificates based authentication
|
|
# opennebula: the authentication will be done by the opennebula core using the
|
|
# driver defined for the user
|
|
# remote: performs the login based on a Kerberos REMOTE_USER
|
|
#
|
|
:auth: opennebula
|
|
|
|
# Authentication driver to communicate with OpenNebula core
|
|
# cipher, for symmetric cipher encryption of tokens
|
|
# x509, for x509 certificate encryption of tokens
|
|
#
|
|
:core_auth: cipher
|
|
|
|
# Two Factor Authentication Issuer Label
|
|
:two_factor_auth_issuer: opennebula
|
|
|
|
################################################################################
|
|
# WebAuthn
|
|
################################################################################
|
|
|
|
# This value needs to match `window.location.origin` evaluated by the User Agent
|
|
# during registration and authentication ceremonies. Remember that WebAuthn
|
|
# requires TLS on anything else than localhost.
|
|
#:webauthn_origin: http://localhost:9869
|
|
:webauthn_origin: https://{{ tpl .Values.fqdn . }}
|
|
|
|
# Relying Party name for display purposes
|
|
:webauthn_rpname: 'OpenNebula Cloud'
|
|
|
|
# Optional client timeout hint, in milliseconds. Specifies how long the browser
|
|
# should wait for any interaction with the user.
|
|
:webauthn_timeout: 60000
|
|
|
|
# Optional differing Relying Party ID
|
|
# See https://www.w3.org/TR/webauthn/#relying-party-identifier
|
|
# :webauthn_rpid: example.com
|
|
|
|
# Supported cryptographic algorithms
|
|
# See https://www.iana.org/assignments/jose/jose.xhtml
|
|
# Possible is any list of
|
|
# ES256 | ES384 | ES512 | PS256 | PS384 | PS512 | RS256 | RS384 | RS512 | RS1
|
|
# :webauthn_algorithms: [ES256, PS256, RS256]
|
|
|
|
################################################################################
|
|
# Check Upgrades
|
|
################################################################################
|
|
|
|
# To check for the latest release. Comment this value if you don't want to check
|
|
# this.
|
|
:remote_version: http://downloads.opennebula.org/latest
|
|
|
|
################################################################################
|
|
# UI Settings
|
|
################################################################################
|
|
# :vnc_proxy_
|
|
# port: port where the vnc proxy will listen
|
|
# support_wss: no | yes | only. For yes and only, provide path to
|
|
# cert and key. "yes" means both ws and wss connections will be
|
|
# supported.
|
|
# vnc_proxy_cert: Certificate to encrypt wss connections.
|
|
# vnc_proxy_key: Key for wss connections. Only necessary if not included in cert.
|
|
# vnc_proxy_ipv6: Enable ipv6 support for novnc-server
|
|
#
|
|
# :vnc_request_password: true | false
|
|
# Request VNC password for external windows, by default it will not be requested
|
|
#
|
|
:vnc_proxy_port: 29876
|
|
:vnc_proxy_support_wss: yes
|
|
:vnc_proxy_cert: /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem
|
|
:vnc_proxy_key: /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/privkey.pem
|
|
:vnc_proxy_ipv6: yes
|
|
:vnc_request_password: false
|
|
|
|
# Login Session Length in seconds, defaults to 1 hour.
|
|
#:session_expire_time: 3600
|
|
|
|
|
|
# Default language setting
|
|
:lang: en_US
|
|
|
|
# Default table order
|
|
:table_order: desc
|
|
|
|
# Default views directory
|
|
:mode: 'mixed'
|
|
|
|
# True to display 'Keep me logged in' option.
|
|
:keep_me_logged: true
|
|
|
|
# this display button and clock icon in table of vm
|
|
:leases:
|
|
suspend:
|
|
time: "+1209600"
|
|
color: "#000000"
|
|
warning:
|
|
time: "-86400"
|
|
color: "#085aef"
|
|
terminate:
|
|
time: "+1209600"
|
|
color: "#e1ef08"
|
|
warning:
|
|
time: "-86400"
|
|
color: "#ef2808"
|
|
|
|
# This change the thresholds of dashboard resource usage
|
|
:threshold_min: 0
|
|
:threshold_low: 33
|
|
:threshold_high: 66
|
|
|
|
#support filesystem
|
|
:support_fs:
|
|
- ext4
|
|
- ext3
|
|
- ext2
|
|
- xfs
|
|
|
|
|
|
################################################################################
|
|
# Marketplace
|
|
################################################################################
|
|
|
|
# Marketplace username and password
|
|
# If no credentials are provided, an anonymous client will be used
|
|
#
|
|
#:marketplace_username:
|
|
#:marketplace_password:
|
|
|
|
# Marketplace endpoint
|
|
# The url should not include the /appliance path since it will be automatically
|
|
# included
|
|
#
|
|
:marketplace_url: http://marketplace.opennebula.systems/
|
|
|
|
################################################################################
|
|
# OneFlow
|
|
################################################################################
|
|
|
|
# OneFlow endpoint
|
|
#
|
|
:oneflow_server: http://localhost:2474/
|
|
|
|
################################################################################
|
|
# Routes
|
|
################################################################################
|
|
|
|
# Array of files containing ruby code to extend the default sunstone-server
|
|
# routes. These files must be placed inside the custom_routes directory
|
|
# in the sunstone root dir (/usr/lib/one/sunstone/routes)
|
|
#
|
|
# Example:
|
|
# $ ls /usr/lib/one/sunstone/routes
|
|
# custom.rb other.rb
|
|
#
|
|
# $ cat /usr/lib/one/sunstone/routes/example.rb
|
|
# get '/custom' do
|
|
# body "It works"
|
|
# end
|
|
#
|
|
#:routes:
|
|
# - custom
|
|
# - other
|
|
|
|
:routes:
|
|
- oneflow
|
|
- vcenter
|
|
- support
|
|
- nsx
|
|
|
|
################################################################################
|
|
# FireEdge
|
|
################################################################################
|
|
|
|
#:private_fireedge_endpoint: http://localhost:2616
|
|
#:public_fireedge_endpoint: http://localhost:2616
|