Сравнение конфигурационных файлов

В разделе приведено сравнение параметров конфигурационных файлов модуля osmax-core для текущей и предыдущей версий продукта, где:

  • строки с символом «-», выделенные желтым цветом — устаревшие названия параметров/комментариев, которые были частично изменены, полностью заменены или удалены в текущей версии продукта;

  • строки с символом «+», выделенные бледно-зеленым цветом — обновленные названия параметров/комментариев, актуальные для текущей версии продукта;

  • строки с символом «+», выделенные зеленым цветом — новые строки в файле, добавленные в текущей версии продукта.

  • дополнительно:

    • розовым цветом выделены измененные/удаленные элементы;

    • ярко-зеленым цветом выделены новые элементы.

Описание параметров см. в разделах «Конфигурация модуля osmax-core» и «Конфигурация модуля osmax-provisioner» соответственно.
Конфигурационный файл модуля osmax-core
application.properties.1.18.0 → application.properties.1.19.0
@@ -1,515 +1,516 @@
1
1
  ## This is an example of `application.properties` file as main configuration file for osmax-core backend
2
2
 
3
3
  ###############################################################################
4
4
  # HTTP server properties section #
5
5
  ###############################################################################
6
6
 
7
7
  ## Main application port
8
8
  quarkus.http.port=8081
9
9
 
10
10
  ## HTTP body limit, can be changed to big files uploading
11
11
  quarkus.http.limits.max-body-size=100M
12
12
 
13
13
  ## HTTP header limit, can be changed to big kerberos ticket usage
14
14
  quarkus.http.limits.max-header-size=100K
15
15
 
16
16
  ## SSL configuration section.
17
17
  ## To enable serving requests via HTTPS uncomment the following parameters:
18
18
  #quarkus.http.insecure-requests=disabled
19
19
  #quarkus.http.ssl-port=8081
20
20
  #quarkus.http.ssl.certificate.key-store-file=/opt/osmax-core/keystore.jks
21
21
  #quarkus.http.ssl.certificate.key-store-password=keystore@12345
22
22
 
23
23
  # Use async dns resolver from netty.
24
24
  # By default, Quarkus disables it, but since we heavily rely on the HTTP client,
25
25
  # any DNS probes could become a bottleneck
26
26
  #
27
27
  # [WARN] If you experience DNS resolution problems in your environment, comment out this parameter
28
28
  quarkus.vertx.use-async-dns=true
29
29
 
30
30
  ###############################################################################
31
31
  # Authentication & Authorization section #
32
32
  ###############################################################################
33
33
 
34
34
  ## Enable/disable authentication
35
35
  osmax.application.auth.disabled=false
36
36
  ## Enables kerberos authentication debug mode
37
37
  #quarkus.kerberos.debug=true
38
38
  ## There are 2 alternative options for the kerberos credentials [principal realm, name and password] defining:
39
39
  ## 1) via direct defining;
40
40
  ## 2) via keytab file path defining
41
41
  ##
42
42
  ## Direct kerberos credentials defining:
43
43
  quarkus.kerberos.service-principal-name=lcm_backend_svc
44
44
  quarkus.kerberos.service-principal-realm=my.domain.com
45
45
  quarkus.kerberos.service-principal-password=Password123
46
46
  ## Path to keytab:
47
47
  #quarkus.kerberos.keytab-path=/opt/osmax-core/my_file.keytab
48
48
 
49
49
  ## Old deprecated authorization based on LDAP-groups only
50
50
  ## List of LDAP groups whose users are authorized in Admin Console
51
51
  #osmax.authorization.user-groups-white-list[0]=CN=testGroup,CN=Users,DC=inno,DC=test
52
52
 
53
53
  # New RBAC
54
54
  osmax.authorization.rbac.enabled=false
55
55
  # The following users will be mapped to the superuser role when the application starts
56
56
  #osmax.authorization.rbac.super-users[0]=alice@INNO.TEST
57
57
  #osmax.authorization.rbac.super-users[1]=bob@INNO.TEST
58
58
 
59
59
  ###############################################################################
60
60
  # Database properties section #
61
61
  ###############################################################################
62
62
 
63
63
  ## Main datasource
64
64
  quarkus.datasource."lcm-db".username=lcm
65
65
  quarkus.datasource."lcm-db".password=password
66
66
  quarkus.datasource."lcm-db".reactive.url=postgresql://localhost:5432/lcm
67
67
  ## If you need to specify default DB schema use the syntax below
68
68
  #quarkus.datasource."lcm-db".reactive.url=postgresql://localhost:5432/lcm?search_path=lcm_schema_name
69
69
 
70
70
  ## If you need to specify few datasource connections for load-balancing or work with clustered db use the syntax below
71
71
  #quarkus.datasource."lcm-db".reactive.url=postgresql://host1:5432/lcm,postgresql://host2:5432/lcm,postgresql://host3:5432/lcm
72
72
  ## Or this can also be written with indexed property syntax
73
73
  #quarkus.datasource."lcm-db".reactive.url[0]=postgresql://host1:5432/lcm
74
74
  #quarkus.datasource."lcm-db".reactive.url[1]=postgresql://host2:5432/lcm
75
75
  #quarkus.datasource."lcm-db".reactive.url[2]=postgresql://host3:5432/lcm
76
76
 
77
77
  ## Main datasource Liquibase config
78
78
  quarkus.datasource."lcm-db".jdbc.url=jdbc:postgresql://localhost:5432/lcm
79
79
  quarkus.liquibase."lcm-db".default-schema-name=lcm
80
80
  quarkus.liquibase."lcm-db".migrate-at-start=True
81
81
 
82
82
  ## Readonly datasource
83
83
  quarkus.datasource."lcm-db-readonly".username=readonly
84
84
  quarkus.datasource."lcm-db-readonly".password=password
85
85
  quarkus.datasource."lcm-db-readonly".reactive.url=postgresql://localhost:5432/lcm
86
86
  quarkus.datasource."lcm-db-readonly".jdbc.url=jdbc:postgresql://localhost:5432/lcm
87
87
 
88
88
  ###############################################################################
89
89
  # Hardware inventory properties section #
90
90
  ###############################################################################
91
91
 
92
92
  # Remote operation orders
93
93
  # Every 10 minutes
94
94
  osmax.inventory.job.remote-operation-expired-orders.cron.expression=0 */10 * ? * *
95
95
 
96
96
  # Schedule for checking dynamic MACHINE collections refresh executing time (quartz cron format), every 2 min
97
97
  osmax.inventory.job.dynamic-collections-refresh-executing-time.cron.expr=0 */2 * ? * *
98
98
  # Splay value in seconds for one-time task of dynamic MACHINE collections refresh
99
99
  osmax.inventory.job.dynamic-collections-refresh.splay=10
100
100
 
101
101
  # Schedule for checking dynamic USER collections refresh executing time (quartz cron format), every 2 min
102
102
  osmax.inventory.job.dynamic-user-collections-refresh-executing-time.cron.expr=0 */2 * ? * *
103
103
  # Splay value in seconds for one-time task of dynamic USER collections refresh
104
104
  osmax.inventory.job.dynamic-user-collections-refresh.splay=10
105
105
 
106
106
  # Schedule for starting entity cleanup tasks (quartz cron format)
107
107
  # Every 2 minutes
108
108
  osmax.inventory.job.cleanup-tasks-starter-scheduler.cron.expr=0 */2 * ? * *
109
109
 
110
110
  # Determines the maximum amount of machine custom attributes in one section
111
111
  osmax.inventory.machine-attribute.section.size=20
112
112
 
113
113
  # Determines the maximum amount of user custom attributes in one section
114
114
  osmax.inventory.user-attribute.section.size=20
115
115
 
116
116
  # # Determines default DB lock timeout for entity folders operations
117
117
  osmax.inventory.entity-folders.lock-timeout=2s
118
118
 
119
119
  # The number of minutes since the last agent activity before the device goes into "Offline" status
120
120
  osmax.inventory.settings.agent.minutes-to-become-offline=5
121
121
  # Absolute file path to `wtmp` file which stores historical data of user logins and logouts
122
122
  osmax.machines.user-sessions.linux.wtmp-absolute-path=/var/log/wtmp
123
123
  # Absolute file path to `utmp` file which stores user sessions in real time
124
124
  osmax.machines.user-sessions.linux.utmp-absolute-path=/var/run/utmp
125
125
  # Option, which determines the considered Salt mode (single- or multimaster), can be true or false
126
126
  osmax.agent-installation.settings.multi-master-mode=true
127
127
  # Absolute path, containing all files which are to be included into bootstrap script configuration archive (.tar.gz)
128
128
  osmax.salt.scripts.bootstrap-script-config-path=/config/script-configs/bootstrap/
129
129
  # Optional parameters, matching salt-ssh connection settings,
130
130
  # see https://docs.saltproject.io/en/latest/ref/runners/all/salt.runners.manage.html#salt.runners.manage.bootstrap
131
131
  #osmax.agent-installation.settings.bootstrap-ssh-user=
132
132
  #osmax.agent-installation.settings.bootstrap-ssh-password=
133
133
  #osmax.agent-installation.settings.bootstrap-ssh-private-key-path=
134
134
 
135
135
  ###############################################################################
136
136
  # LDAP integration properties section #
137
137
  ###############################################################################
138
138
 
139
139
  #enable JNDI for the LDAP server discovery inside the MS AD domain when you define option 'osmax.inventory.ldap.datasource[i].dns-srv-record'
140
140
  quarkus.naming.enable-jndi=true
141
141
  ## Determines the page size for any ldap query
142
142
  osmax.inventory.ldap.search-page-size=200
143
143
  ## The first LDAP datasource configuration
144
144
  osmax.inventory.ldap.datasource[0].name=my.domain.com
145
145
  osmax.inventory.ldap.datasource[0].base-dn=DC=my,DC=domain,DC=com
146
146
  ## There are 2 options to set LDAP hostname pools
147
147
  ## 1) direct addresses defining
148
148
  ## 2) using DNS SRV records to discover LDAP servers from MS AS domain
149
149
  ##
150
150
  ## For the direct addresses defining of LDAP datasource please use the following options:
151
151
  ## osmax.inventory.ldap.datasource[i].host=
152
152
  ## osmax.inventory.ldap.datasource[i].port=
153
153
  ##
154
154
  ## extra hosts section is optional
155
155
  ## osmax.inventory.ldap.datasource[i].extra-hosts[j].host=
156
156
  ## osmax.inventory.ldap.datasource[i].extra-hosts[j].port=
157
157
 
158
158
  ## For the using DNS SRV records to discover LDAP servers from MS AS domain use the following options:
159
159
  ### osmax.inventory.ldap.datasource[i].dns-srv-record=
160
160
  ##
161
161
  ## example below:
162
162
  osmax.inventory.ldap.datasource[0].host=localhost
163
163
  osmax.inventory.ldap.datasource[0].port=636
164
164
  osmax.inventory.ldap.datasource[0].username=administrator@my.domain.com
165
165
  osmax.inventory.ldap.datasource[0].password=Welkom123
166
166
  ## Optional section for the LDAP datasource
167
167
  # osmax.inventory.ldap.datasource[0].connect-timeout-millis=10000
168
168
  # osmax.inventory.ldap.datasource[0].response-timeout=10000
169
169
  # osmax.inventory.ldap.datasource[0].abandon-on-timeout=true
170
170
  # osmax.inventory.ldap.datasource[0].allow-concurrent-socket-factory-use=true
171
171
 
172
172
  ## The second and subsequent LDAP datasource configurations are optional
173
173
  #osmax.inventory.ldap.datasource[1].name=my2.domain.com
174
174
  #osmax.inventory.ldap.datasource[1].base-dn=DC=my2,DC=domain,DC=com
175
175
  #osmax.inventory.ldap.datasource[1].dns-srv-record=_ldap._tcp.dc._msdcs.mydomain.com
176
176
  #osmax.inventory.ldap.datasource[1]...
177
177
 
178
178
  ## LDAPS (LDAP over SSL) parameters section.
179
179
 
180
180
  # To configure LDAPS please use the following option
181
181
  #osmax.inventory.ldap.datasource[i].ssl=...
182
182
  # There are 3 options available for this option:
183
183
  # value `false` - use this mode when you want to use LDAP without SSL (usually 389 port)
184
184
  # value `true` - use this mode when you want to use LDAPS (usually 636 port), requires path to the certificate file or truststore file
185
185
  # value `start-tls` - use this mode when you want to establish an insecure connection (usually 389 port),
186
186
  # but then to immediately use the StartTLS extended operation to convert that insecure connection to a secure one
187
187
 
188
188
  # If you want to trust all SSL certificates without direct certificate/truststore definition you can use the option
189
189
  # osmax.inventory.ldap.datasource[i].trust-all-ssl-certificates=true
190
190
 
191
191
  ## The following example shows how to configure LDAPS with certificate file definition for the datasource
192
192
  #osmax.inventory.ldap.datasource[0].ssl=true
193
193
  #osmax.inventory.ldap.datasource[0].ssl-certificate=/opt/osmax-core/samba_cert.pem
194
194
 
195
195
  ## The following example shows how to configure LDAPS with truststore file definition for the datasource
196
196
  #osmax.inventory.ldap.datasource[0].ssl=true
197
197
  #osmax.inventory.ldap.datasource[0].ssl-trust-store=/opt/osmax-core/keystore.jks
198
198
  #osmax.inventory.ldap.datasource[0].ssl-trust-store-type=PKCS12
199
199
  #osmax.inventory.ldap.datasource[0].ssl-trust-store-password=keystore@12345
200
200
 
201
201
  ## The following example shows how to configure LDAPS with truststore file definition for all datasource
202
202
  #osmax.inventory.ldap.ssl-trust-store=/opt/osmax-core/keystore.jks
203
203
  #osmax.inventory.ldap.ssl-trust-store-type=JKS
204
204
  #osmax.inventory.ldap.ssl-trust-store-password=keystore@12345
205
205
 
206
206
 
207
207
  ###############################################################################
208
208
  # Application Store properties section #
209
209
  ###############################################################################
210
210
 
211
211
  # Determines the amount of hours after which order is considered failed
212
212
  osmax.order-management.completion.time.hours=12
213
213
  # Schedule for tracking long-running orders as failed (quartz cron format)
214
214
  # [At second :00 of minute :00 of every hour]
215
215
  osmax.order-management.autocomplete.cron.expr=0 0 * ? * * *
216
216
 
217
217
  ###############################################################################
218
218
  # Kafka messages section #
219
219
  ###############################################################################
220
220
 
221
221
  ## Kafka bootstrap servers (comma separated)
222
222
  mp.messaging.connector.smallrye-kafka.bootstrap.servers=localhost:9092
223
223
  # Kafka topic name
224
224
  mp.messaging.incoming.salt-events-kafka.topic=salt-topic
225
225
  mp.messaging.outgoing.core-os-reinstallation-machines.topic=osmax-core.os.reinstallation.machines
226
226
  mp.messaging.incoming.provisioner-os-reinstallation-machine-registration-statuses.topic=osmax-provisioner.os.reinstallation.machines.registration.statuses
227
227
  mp.messaging.incoming.provisioner-os-installed-events-kafka.topic=provisioner-topic
228
228
  mp.messaging.incoming.provisioner-os-installed-events-kafka.dead-letter-queue.topic=provisioner-dlq-topic
229
229
  mp.messaging.outgoing.assignment-machines-update-tasks-out.topic=assignment-machines-update-tasks
230
230
  mp.messaging.incoming.assignment-machines-update-tasks-in.topic=assignment-machines-update-tasks
231
231
  mp.messaging.incoming.assignment-machines-update-tasks-in.dead-letter-queue.topic=assignment-machines-update-tasks-dlq
232
232
 
233
233
  ## The provisioner-os-installed-events-kafka listener support retry strategy,
234
234
  ## default values are maxRetries=3, delay=100ms and jitter=0, to change retry settings use
235
235
  #tech.inno.lcm.provisioner.events.ProvisionerEventsListener/consume/Retry/maxRetries=0
236
236
  ## See more info https://quarkus.io/guides/smallrye-fault-tolerance#runtime-configuration
237
237
  ## and available options https://github.com/eclipse/microprofile-fault-tolerance/blob/main/api/src/main/java/org/eclipse/microprofile/faulttolerance/Retry.java
238
238
 
239
239
  ## The assignment-machines-update-tasks-in listener support retry strategy,
240
240
  ## default values are delayUnit = ChronoUnit.MINUTES, delay = 10, durationUnit = ChronoUnit.DAYS, maxDuration = 3, maxRetries = -1
241
241
  # to change retry settings use:
242
242
  # tech.inno.lcm.adminconsole.configurations.assignments.kafka.AssignmentMachinesUpdateTasksConsumer/consume/Retry/maxRetries=0
243
243
  ## See more info https://quarkus.io/guides/smallrye-fault-tolerance#runtime-configuration
244
244
  ## and available options https://github.com/eclipse/microprofile-fault-tolerance/blob/main/api/src/main/java/org/eclipse/microprofile/faulttolerance/Retry.java
245
245
 
246
246
  ## Kafka SSL connection parameters section.
247
247
  ## To enable SSL connection mode uncomment three following parameters:
248
248
  #mp.messaging.connector.smallrye-kafka.security.protocol=SSL
249
249
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.location=/etc/ssl/certs/java/cacerts
250
250
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.password=changeit
251
251
  ## Optionally if the custom truststore is used:
252
252
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
253
253
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.type=PKCS12
254
254
 
255
255
  ## To enable mutual TLS connection mode uncomment three following parameters, along with configuration above:
256
256
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.location=/opt/osmax-core/keystore.jks
257
257
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.password=keystore@12345
258
258
  ## Optionally if the custom keystore is used:
259
259
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
260
260
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.type=PKCS12
261
261
 
262
262
  ###############################################################################
263
263
  # REST clients common configuration #
264
264
  ###############################################################################
265
265
 
266
266
  ## SSL connection parameters sections.
267
267
  ## To enable accessing REST endpoints via HTTPS uncomment two following parameters:
268
268
  #quarkus.rest-client.trust-store=/etc/ssl/certs/java/cacerts
269
269
  #quarkus.rest-client.trust-store-password=changeit
270
270
  ## Optionally if the custom truststore is used:
271
271
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
272
272
  #quarkus.rest-client.trust-store-type=PKCS12
273
273
  ## For disabling SSL connection verification you can use option below
274
274
  #quarkus.rest-client.remote-access.trust-all=true
275
275
 
276
276
  ###############################################################################
277
277
  # SaltStack integration section #
278
278
  ###############################################################################
279
279
 
280
280
  osmax.salt-adapter.command-runner.http-scheme=http
281
281
  osmax.salt-adapter.command-runner.master-api-port=8000
282
282
  osmax.salt-adapter.command-runner.global-auth.eauth=pam
283
283
  osmax.salt-adapter.command-runner.global-auth.login=salt_api
284
284
  osmax.salt-adapter.command-runner.global-auth.password=123
285
285
  osmax.salt-adapter.command-runner.retry.number-of-attempts=5
286
286
  osmax.salt-adapter.command-runner.retry.initial-back-off=1s
287
287
  osmax.salt-adapter.command-runner.retry.max-back-off=1s
288
288
 
289
289
  ## Salt masters configuration section.
290
290
  ## Optional, this section should be used when backend server can't resolve salt master by DNS name
291
291
  #osmax.salt-adapter.command-runner.override-masters[0].id=salt-master1
292
292
  #osmax.salt-adapter.command-runner.override-masters[0].uri=http://192.168.0.1:8000
293
293
 
294
294
  ## The second and other Salt masters can be configured in the same way
295
295
  #osmax.salt-adapter.command-runner.override-masters[1].id=salt-master2
296
296
  #osmax.salt-adapter.command-runner.override-masters[1].uri=http://192.168.0.2:8000
297
297
 
298
298
  ###############################################################################
299
299
  # Remote access service integration section #
300
300
  ###############################################################################
301
301
 
302
302
  # URL to the guacamole remote access service
303
303
  quarkus.rest-client.remote-access.url=https://guacamole-host.net:9099/guacamole
304
304
  # for an advanced configuration of the quarkus REST client to the guacamole service you can set up the following settings group
305
305
  # Timeout specified in milliseconds to wait to connect to the remote endpoint.
306
306
  #quarkus.rest-client.remote-access.connect-timeout=<millis>
307
307
  # Timeout specified in milliseconds to wait for a response from the remote endpoint.
308
308
  #quarkus.rest-client.remote-access.read-timeout=<millis>
309
309
  #quarkus.rest-client.remote-access.trust-store
310
310
  #quarkus.rest-client.remote-access.trust-store-password
311
311
  #quarkus.rest-client.remote-access.trust-store-type
312
312
  #quarkus.rest-client.remote-access.key-store
313
313
  #quarkus.rest-client.remote-access.key-store-password
314
314
  #quarkus.rest-client.remote-access.key-store-type
315
315
  #quarkus.rest-client.remote-access.hostname-verifier
316
316
  #quarkus.rest-client.remote-access.connection-ttl
317
317
  #and others
318
318
  #quarkus.rest-client.remote-access.***
319
319
 
320
320
  # system account login for the guacamole remote access service
321
321
  osmax.inventory.remote-access.username=admin
322
322
  # system account login password for the guacamole remote access service
323
323
  osmax.inventory.remote-access.password=password
324
324
 
325
325
  ###############################################################################
326
326
  # S3 integration section #
327
327
  ###############################################################################
328
328
 
329
329
  # contains a list of S3 server URIs
330
330
  osmax.salt-adapter.s3.server-uri-list=http://localhost:9000,http://localhost:9900
331
331
  ## To enable SSL connection mode replace 'osmax.salt-adapter.s3.server-uri-list' parameter with following value:
332
332
  #osmax.salt-adapter.s3.server-uri-list=https://localhost:9000,https://localhost:9900
333
333
  osmax.salt-adapter.s3.access-key-id=s3adminSalt
334
334
  osmax.salt-adapter.s3.secret-access-key=s3adminSaltPassword
335
335
  osmax.salt-adapter.s3.region=ru-location-1
336
336
  osmax.salt-adapter.s3.connection-timeout=1s
337
337
  osmax.salt-adapter.s3.num-retries=3
338
338
  osmax.salt-adapter.s3.initial-retry-delay-millis=100
339
339
  osmax.salt-adapter.s3.max-retry-delay-millis=1000
340
340
  osmax.salt-adapter.s3.state-bucket-name=salt-bucket
341
341
  osmax.salt-adapter.s3.script-bucket-name=script-bucket
342
342
 
343
343
  # Schedule for pillar top.sls update
344
344
  # Every 30 seconds
345
345
  osmax.inventory.job.salt-assignment-mapping-update.cron.expr=0/30 * * ? * *
346
346
  # Schedule for fetching tasks for update salt s3 files (pillars and highstate)
347
347
  # Every 5 seconds
348
348
  osmax.inventory.job.salt-assignment-update.cron.expr=0/5 * * ? * *
349
349
 
350
350
  ###############################################################################
351
351
  # Multimedia service section #
352
352
  ###############################################################################
353
353
 
354
354
  # contains a list of S3 server URIs
355
355
  osmax.multimedia.s3.server-uri-list=http://localhost:9000,http://localhost:9900
356
356
  ## To enable SSL connection mode replace 'osmax.multimedia.s3.server-uri-list' parameter with following value:
357
357
  #osmax.multimedia.s3.server-uri-list=https://localhost:9000,https://localhost:9900
358
358
  osmax.multimedia.s3.access-key-id=s3adminMultimedia
359
359
  osmax.multimedia.s3.secret-access-key=s3adminMultimediaPassword
360
360
  osmax.multimedia.s3.region=ru-location-1
361
361
  osmax.multimedia.s3.connection-timeout=1s
362
362
  osmax.multimedia.s3.num-retries=3
363
363
  osmax.multimedia.s3.initial-retry-delay-millis=100
364
364
  osmax.multimedia.s3.max-retry-delay-millis=1000
365
365
  osmax.multimedia.s3.icons-bucket-name=multimedia-bucket
366
366
  osmax.multimedia.s3.images-bucket-name=multimedia-bucket
367
367
  osmax.multimedia.s3.others-bucket-name=multimedia-bucket
368
368
  osmax.multimedia.s3.script-bucket-name=script-bucket
369
369
  osmax.multimedia.common.max-file-size-kb=1024
370
370
  osmax.multimedia.common.download-token-ttl-seconds=3600
371
371
  osmax.multimedia.common.expired-tokens-deletion-cron=0 0 * ? * *
372
372
  # Contains current nginx frontend uri, used to form bootstrap script installation link
373
373
  osmax.multimedia.common.frontend-uri=http://localhost:8081
374
374
 
375
375
  ###############################################################################
376
376
  # Configurations manager section #
377
377
  ###############################################################################
378
378
 
379
379
  # Determines maximum amount of categories per one configuration
380
380
  osmax.catalog.category.configuration-limit=5
381
381
  # Determines total amount of categories
382
382
  osmax.catalog.category.total-limit=15
383
383
  # Determines maximum salt-agent installation script file size in megabytes
384
384
  osmax.catalog.script.max-script-size-mbytes=10
385
385
  # Determines allowed interval in milliseconds between comparing dates
386
386
  # Under this interval the two dates will be considered equal
387
387
  # Deprecated since 1.11.0
388
388
  # osmax.catalog.common.dates-comparing-accuracy-millis=100
389
389
  # use osmax.optimistic-locks.dates-comparing-accuracy-millis
390
390
 
391
391
 
392
392
  ###############################################################################
393
393
  # Logging section #
394
394
  ###############################################################################
395
395
 
396
396
  # Common logging config
397
397
  quarkus.log.file.enable=true
398
398
  quarkus.log.json.file.enable=true
399
399
  quarkus.log.json.console.enable=false
400
400
 
401
401
  # File logging config
402
402
  quarkus.log.file.path=/var/log/osmax/core/osmax-core.log
403
403
  quarkus.log.file.rotation.max-file-size=10M
404
404
  quarkus.log.file.rotation.max-backup-index=5
405
405
  quarkus.log.file.rotation.file-suffix=.yyyy-MM-dd.gz
406
406
 
407
407
  # Json format config
408
408
  quarkus.log.json.fields.mdc.flat-fields=true
409
409
  quarkus.log.json.fields.timestamp.date-format=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
410
410
  quarkus.log.json.fields.timestamp.zone-id=UTC
411
411
 
412
412
  # Audit logging config
413
413
  quarkus.log.handler.file.audit-handler.enable=true
414
414
  quarkus.log.handler.file.audit-handler.path=/var/log/osmax/core/audit-osmax-core.log
415
415
  quarkus.log.handler.file.audit-handler.rotation.max-file-size=10M
416
416
  quarkus.log.handler.file.audit-handler.rotation.max-backup-index=50
417
417
  quarkus.log.handler.file.audit-handler.rotation.file-suffix=.yyyy-MM-dd
418
418
 
419
419
  quarkus.log.category."AUDIT".level=INFO
420
420
  quarkus.log.category."AUDIT".handlers=audit-handler
421
421
  quarkus.log.category."AUDIT".use-parent-handlers=false
422
422
 
423
423
  ###############################################################################
424
424
  # Debug section #
425
425
  # Enable all logging events via environment variable `QUARKUS_PROFILE=debug` #
426
426
  # or delete `%debug.` prefix #
427
427
  ###############################################################################
428
428
 
429
429
  # HTTP server access logs (uri + status)
430
430
  %debug.quarkus.http.access-log.enabled=true
431
431
 
432
432
  # Internal rest-client
433
433
  %debug.quarkus.rest-client.logging.scope=request-response
434
434
  %debug.quarkus.rest-client.logging.body-limit=500
435
435
  %debug.quarkus.log.category."org.jboss.resteasy.reactive.client.logging".level=DEBUG
436
436
  %debug.quarkus.log.category."org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext".level=DEBUG
437
437
 
438
438
  # SaltStack events
439
439
  %debug.quarkus.log.category."tech.inno.lcm.salt.events".level=DEBUG
440
440
 
441
441
  # All backend services
442
442
  %debug.quarkus.log.category."tech.inno.lcm".level=DEBUG
443
443
 
444
444
  # Kerberos
445
445
  %debug.quarkus.kerberos.debug=true
446
446
  %debug.quarkus.log.category."io.quarkiverse.kerberos.runtime.KerberosIdentityProvider".level=TRACE
447
447
  %debug.quarkus.log.category."io.quarkiverse.kerberos.runtime.KerberosIdentityProvider".min-level=TRACE
448
448
 
449
449
  # AWS client
450
450
  %debug.quarkus.log.category."software.amazon.awssdk.request".level=DEBUG
451
451
 
452
452
  ###############################################################################
453
453
  # Quarkus framework section #
454
454
  ###############################################################################
455
455
 
456
456
  # application is run under specific user, those settings allow not clashing with other quarkus apps on the same server
457
457
  quarkus.http.body.uploads-directory=${java.io.tmpdir}/osmax_core_uploads
458
458
  quarkus.management.body.uploads-directory=${java.io.tmpdir}/osmax_core_uploads
459
459
 
460
460
  ###############################################################################
461
461
  # Locks section #
462
462
  ###############################################################################
463
463
  osmax.pessimistic-locks.enabled=true
464
464
  osmax.pessimistic-locks.auto-unlock.threshold.seconds=3600
465
465
  osmax.pessimistic-locks.auto-unlock.job.interval.seconds=600
466
466
 
467
467
  osmax.optimistic-locks.enabled=true
468
468
  # Determines allowed interval in milliseconds between comparing dates
469
469
  # Under this interval the two dates will be considered equal hen checking optimistic lock by date
470
470
  #osmax.optimistic-locks.dates-comparing-accuracy-millis=100
471
471
 
472
472
  ###############################################################################
473
473
  # Predefined objects properties section #
474
474
  ###############################################################################
475
475
  osmax.predefined-objects-import.enabled=true
476
476
  osmax.predefined-objects-import.custom-grains.src=custom-grains
477
477
  osmax.predefined-objects-import.execution-modules.src=execution-modules
478
478
  osmax.predefined-objects-import.salt-scripts.src=salt-scripts
479
479
  osmax.predefined-objects-import.formulas.src=formulas
480
480
  osmax.predefined-objects-import.formulas.meta.src=formulas-meta
481
481
  osmax.predefined-objects-import.configurations.meta.src=specifications/meta
482
482
  osmax.predefined-objects-import.scripts.src=scripts
483
+ osmax.predefined-objects-import.salt-reactors.src=salt-reactors
483
484
 
484
485
  ###############################################################################
485
486
  # Observability section #
486
487
  ###############################################################################
487
488
 
488
489
  # Whether LDAP healthcheck is enabled
489
490
  osmax.management.healthcheck.ldap.enabled=false
490
491
  # Whether S3 healthcheck is enabled
491
492
  osmax.management.healthcheck.s3.enabled=false
492
493
  # Whether Guacamole healthcheck is enabled
493
494
  osmax.management.healthcheck.guacamole.enabled=true
494
495
  # URL to the guacamole remote access service, used only for health checks
495
496
  quarkus.rest-client.remote-access-health.url=http://localhost:8082
496
497
 
497
498
  # Whether publishing metrics to Kafka is enabled
498
499
  osmax.micrometer.export.kafka.enabled=false
499
500
  # The step size (reporting frequency) to use. The default is 1 minute.
500
501
  osmax.micrometer.export.kafka.step=60s
501
502
 
502
503
  # Topic for Kafka Meter Registry
503
504
  mp.messaging.outgoing.osmax-observer-metrics.topic=osmax-observer.metrics
504
505
 
505
506
  # Topic for Observer Events
506
507
  mp.messaging.outgoing.osmax-observer-events.topic=osmax-observer.events
507
508
 
508
509
  osmax.metrics.calculation.cron = 0/10 * * * * ?
509
510
 
510
511
  ###############################################################################
511
512
  # Internationalization configuration section #
512
513
  ###############################################################################
513
514
 
514
515
  # Set default locale for application localized messages
515
516
  osmax.i18n.default-locale=ru
Конфигурационный файл модуля osmax-provisioner
application.properties.1.18.0 → application.properties.1.19.0
@@ -1,240 +1,269 @@
1
1
  ## This is an example of `application.properties` file as main configuration file for osmax-provisioner backend
2
2
 
3
3
  ###############################################################################
4
4
  # HTTP server properties section #
5
5
  ###############################################################################
6
6
 
7
7
  ## Main application port
8
8
  quarkus.http.port=8082
9
9
 
10
10
  ###############################################################################
11
11
  # SSL configuration section. #
12
12
  ###############################################################################
13
13
 
14
14
  ## To enable serving requests via HTTPS uncomment the following parameters:
15
15
  #quarkus.http.insecure-requests=disabled
16
16
  #quarkus.http.ssl-port=8082
17
17
  #quarkus.http.ssl.certificate.key-store-file=/opt/osmax-provisioner/keystore.jks
18
18
  #quarkus.http.ssl.certificate.key-store-password=keystore@12345
19
19
 
20
20
  ###############################################################################
21
21
  # REST clients common configuration #
22
22
  ###############################################################################
23
23
 
24
24
  ## SSL connection parameters sections.
25
25
  ## To enable accessing REST endpoints via HTTPS uncomment two following parameters:
26
26
  #quarkus.rest-client.trust-store=/etc/ssl/certs/java/cacerts
27
27
  #quarkus.rest-client.trust-store-password=changeit
28
28
  ## Optionally if the custom truststore is used:
29
29
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
30
30
  #quarkus.rest-client.trust-store-type=PKCS12
31
31
  ## For disabling SSL connection verification you can use option below
32
32
  #quarkus.rest-client.remote-access.trust-all=true
33
33
 
34
34
  ###############################################################################
35
35
  # Security section #
36
36
  ###############################################################################
37
37
 
38
38
  ## Enable/disable authentication
39
39
  osmax.provisioner.security.authentication.enabled=true
40
40
 
41
41
  ## Enable/disable role-based authorization
42
42
  osmax.provisioner.security.rbac.enabled=false
43
43
 
44
44
  ## osmax-core base url (source of user permissions info)
45
45
  # Should be set even if osmax.provisioner.security.rbac.enabled is false
46
46
  # To enable access via HTTPS use corresponding prefix in base url
47
47
  # and configure REST client using REST clients common configuration section above
48
48
  quarkus.rest-client."tech.inno.lcm.provisioner.common.security.OsmaxPermissionsService".url=<osmax-core base url>
49
49
 
50
50
  ## Kerberos authentication configuration section
51
51
  ## There are 2 alternative options for defining Kerberos credentials [principal realm, name and password]:
52
52
  ## 1) via setting values in properties directly
53
53
  ## 2) via setting path to keytab file
54
54
  ##
55
55
  ## Direct Kerberos credentials definition:
56
56
  quarkus.kerberos.service-principal-name=<service_principal_name>
57
57
  quarkus.kerberos.service-principal-realm=<service.domain>
58
58
  quarkus.kerberos.service-principal-password=<service_principal_password>
59
59
  ## Direct Kerberos credentials definition for REST client, reuse service settings:
60
60
  kerberos-client.user-principal-name=${quarkus.kerberos.service-principal-name}
61
61
  kerberos-client.user-principal-password=${quarkus.kerberos.service-principal-password}
62
62
  kerberos-client.user-principal-realm=${quarkus.kerberos.service-principal-realm}
63
63
  kerberos-client.service-principal-name=${quarkus.kerberos.service-principal-name}
64
64
  ## Kerberos keytab file definition:
65
65
  #quarkus.kerberos.keytab-path=</path/to/keytab/file>
66
66
  #kerberos-client.keytab-path=</path/to/keytab/file>
67
67
 
68
68
  ## Enables Kerberos authentication debug mode
69
69
  #quarkus.kerberos.debug=true
70
70
  #kerberos-client.debug=true
71
71
  ## REST client debug
72
72
  #quarkus.rest-client.logging.scope=request-response
73
73
  #quarkus.rest-client.logging.body-limit=50
74
74
  #quarkus.log.category."org.jboss.resteasy.reactive.client.logging".level=DEBUG
75
75
 
76
76
  ###############################################################################
77
77
  # Database properties section #
78
78
  ###############################################################################
79
79
 
80
80
  ## Common configuration for datasources
81
81
  quarkus.datasource.username=<db-username>
82
82
  quarkus.datasource.password=<db-password>
83
83
  ## Reactive datasource configuration for app
84
84
  quarkus.datasource.reactive.url=postgresql://<db-host>:<db-port>/<db-name>
85
85
  ## Datasource configuration for Liquibase
86
86
  quarkus.datasource.jdbc.url=jdbc:postgresql://<db-host>:<db-port>/<db-name>
87
87
 
88
88
  ## If you need to specify multiple datasource connections for load-balancing or working with clustered db use the syntax below
89
89
  #quarkus.datasource."osmax_provisioner_db".reactive.url=postgresql://host1:5432/lcm_provisioner,postgresql://host2:5432/lcm_provisioner,postgresql://host3:5432/lcm_provisioner
90
90
  ## Or this can also be written with indexed property syntax
91
91
  #quarkus.datasource."osmax_provisioner_db".reactive.url[0]=postgresql://host1:5432/lcm_provisioner
92
92
  #quarkus.datasource."osmax_provisioner_db".reactive.url[1]=postgresql://host2:5432/lcm_provisioner
93
93
  #quarkus.datasource."osmax_provisioner_db".reactive.url[2]=postgresql://host3:5432/lcm_provisioner
94
94
 
95
95
  ## Liquibase parameters which are used in changelog files
96
+ ## Do not change these parameters after DB initialization finished on first application start
97
+ ## As it will break Liquibase changelog hash sums and application won't start
96
98
  quarkus.liquibase.change-log-parameters.index_tablespace=pg_default
97
99
  quarkus.liquibase.change-log-parameters.data_tablespace=pg_default
100
+ ## DEPRECATED
101
+ ## When updating application version to 1.7.0 or later parameters should be left with values defined on previous versions deploy
102
+ ## When installing version 1.7.0 or later from scratch parameters should be omitted
98
103
  quarkus.liquibase.change-log-parameters.installation_distro_repository_url=http://<astra-linux-repository-location>
99
104
  quarkus.liquibase.change-log-parameters.installation_distro_kernel=</path/to/kernel>
100
105
  quarkus.liquibase.change-log-parameters.installation_distro_initrd=</path/to/initrd>
101
106
  quarkus.liquibase.change-log-parameters.distro_repository_hostname=<astra-linux-repository-location>
102
107
  quarkus.liquibase.change-log-parameters.distro_repository_directory=</path/to/repository>
103
108
 
104
109
  ###############################################################################
110
+ # Application bootstrap properties section #
111
+ ###############################################################################
112
+
113
+ ## If examples import is enabled, application will load example entities into DB on start
114
+ #osmax.provisioner.bootstrap.examples.import.enabled=true
115
+ ## By default examples import skips for example entities which already present in DB
116
+ ## When examples force override is enabled, application will clear existing entities, and replace them with predefines ones
117
+ #osmax.provisioner.bootstrap.examples.import.force-override=true
118
+ ## If examples import is enabled, it is required to set example Astra 1.7.5.9 SE and Astra 1.8.1 SE repository paths
119
+ #osmax.provisioner.bootstrap.examples.astra-17.repository-url=http://<astra-linux-17-repository-location>
120
+ #osmax.provisioner.bootstrap.examples.astra-17.kernel-path=</path/to/kernel>
121
+ #osmax.provisioner.bootstrap.examples.astra-17.initrd-path=</path/to/initrd>
122
+ #osmax.provisioner.bootstrap.examples.astra-18.repository-url=http://<astra-linux-18-repository-location>
123
+ #osmax.provisioner.bootstrap.examples.astra-18.kernel-path=</path/to/kernel>
124
+ #osmax.provisioner.bootstrap.examples.astra-18.initrd-path=</path/to/initrd>
125
+
126
+ ###############################################################################
105
127
  # Template engine properties section #
106
128
  ###############################################################################
107
129
 
108
130
  ## To specify custom template placeholders which can be used in Jinja templates use a key-value format like
109
131
  ## 'osmax.provisioner.template-engine.template-placeholders.my_custom_placeholder=my-value-for-custom-placeholder'
110
132
  ## Be aware that specified custom template placeholders
111
133
  ## should be used in exact format as they are specified in this configuration
134
+
135
+ osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url=http://<osmax-provisioner-host>:<port>
112
136
  ## To enable SSL connection mode replace
113
137
  ## 'osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url' parameter with following value:
114
138
  #osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url=https://<osmax-provisioner-host>:<port>
115
- osmax.provisioner.template-engine.template-placeholders.osmax_provisioner_base_url=http://<osmax-provisioner-host>:<port>
116
139
  osmax.provisioner.template-engine.template-placeholders.unattended_install_file_url=/v1/unattended_install_files
117
- osmax.provisioner.template-engine.template-placeholders.repository_cert_url=</path/to/certificate>
140
+ ## Example Astra Linux installation templates by default runs in secure mode, calling inner resources via HTTPS
141
+ ## In order for example installation to work it is required to set paths for CA certificate and file named as this certificate's hash
142
+ ## This CA certificate should provide access to inner resources via HTTPS
143
+ #osmax.provisioner.template-engine.template-placeholders.certificates_repository_url=http://<certificate_repository_location>
144
+ #osmax.provisioner.template-engine.template-placeholders.ca_certificate_path=</path/to/certificate>
145
+ #osmax.provisioner.template-engine.template-placeholders.hashed_ca_certificate_path=</path/to/file/with/hashed/name>
118
146
 
119
147
  ###############################################################################
120
148
  # Installation process properties section #
121
149
  ###############################################################################
122
150
 
123
151
  osmax.provisioner.installation-process.steps.READY_TO_INSTALL=\u0413\u043E\u0442\u043E\u0432\u043E \u043A \u0443\u0441\u0442\u0430\u043D\u043E\u0432\u043A\u0435
124
152
  osmax.provisioner.installation-process.steps.IN_PROCESS_EARLY=\u0417\u0430\u043F\u0443\u0449\u0435\u043D \u043F\u0440\u043E\u0446\u0435\u0441\u0441 \u0443\u0441\u0442\u0430\u043D\u043E\u0432\u043A\u0438 Astra Linux SE
125
153
  osmax.provisioner.installation-process.steps.INSTALL_ERROR_KERNEL=\u041E\u0448\u0438\u0431\u043A\u0430 \u043F\u043E\u043B\u0443\u0447\u0435\u043D\u0438\u044F \u0444\u0430\u0439\u043B\u0430 kernel
126
154
  osmax.provisioner.installation-process.steps.INSTALL_ERROR_INITRD=\u041E\u0448\u0438\u0431\u043A\u0430 \u043F\u043E\u043B\u0443\u0447\u0435\u043D\u0438\u044F \u0444\u0430\u0439\u043B\u0430 initrd
127
155
  osmax.provisioner.installation-process.steps.INSTALL_ERROR_BOOT=\u041E\u0448\u0438\u0431\u043A\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043A\u0438 \u044F\u0434\u0440\u0430
156
+ osmax.provisioner.installation-process.steps.INSTALL_ERROR_CERTIFICATE=\u041E\u0448\u0438\u0431\u043A\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043A\u0438 \u043A\u043E\u0440\u043D\u0435\u0432\u043E\u0433\u043E \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043A\u0430\u0442\u0430
128
157
  osmax.provisioner.installation-process.steps.FINISHED=\u041E\u0421 \u0443\u0441\u0442\u0430\u043D\u043E\u0432\u043B\u0435\u043D\u0430
129
158
 
130
159
  ## Unprovisioned machines export configuration
131
160
  osmax.provisioner.installation-process.machine-export.scheduler-cron-expression=0 */10 * ? * *
132
161
  osmax.provisioner.installation-process.machine-export.batch-size=100
133
162
 
134
163
  ## Unprovisioned machines import configuration
135
164
  osmax.provisioner.installation-process.machine-import.default-network-interface-names=eth0,enp0s3
136
165
 
137
166
  ###############################################################################
138
167
  # Scheduler properties section #
139
168
  ###############################################################################
140
169
 
141
170
  # Defines how often the scheduler checks for tasks due to execution
142
171
  osmax.provisioner.scheduler.polling-interval=10s
143
172
 
144
173
  ###############################################################################
145
174
  # Bootable images properties section #
146
175
  ###############################################################################
147
176
 
148
177
  ## Universal boot image paths
149
178
  osmax.provisioner.universal-boot-image.ipxe_lkrn_url=insert-your-path
150
179
  osmax.provisioner.universal-boot-image.isohdpxf_bin_url=insert-your-path
151
180
  osmax.provisioner.universal-boot-image.isolinux_bin_url=insert-your-path
152
181
  osmax.provisioner.universal-boot-image.ldlinux_c32_url=insert-your-path
153
182
  osmax.provisioner.universal-boot-image.menu_c32_url=insert-your-path
154
183
  osmax.provisioner.universal-boot-image.ipxe_x86_64_efi_url=insert-your-path
155
184
 
156
185
  ###############################################################################
157
186
  # S3 integration section #
158
187
  ###############################################################################
159
188
 
160
189
  ## S3 server configuration
161
190
  ## To enable SSL connection mode replace 'osmax.provisioner.s3.server-uri' parameter with following value:
162
191
  #osmax.provisioner.s3.server-uri=https://<s3-host>:<s3-port>
163
192
  osmax.provisioner.s3.server-uri=http://<s3-host>:<s3-port>
164
193
  osmax.provisioner.s3.access-key-id=<s3-access-key-id>
165
194
  osmax.provisioner.s3.secret-access-key=<s3-secret-access-key>
166
195
  osmax.provisioner.s3.region=ru-location-1
167
196
 
168
197
  ## Path to ISO images bucket where generated ISO images will be located
169
198
  osmax.provisioner.s3.bootable-images-bucket-name=os-installation-iso-images-bucket
170
199
 
171
200
  ###############################################################################
172
201
  # Kafka integration section #
173
202
  ###############################################################################
174
203
 
175
204
  mp.messaging.connector.smallrye-kafka.bootstrap.servers=localhost:19092
176
205
  mp.messaging.outgoing.machine-installation-status.topic=provisioner-topic
177
206
  mp.messaging.incoming.reinstallation-machines-import.topic=osmax-core.os.reinstallation.machines
178
207
  mp.messaging.outgoing.reinstallation-machines-import-result.topic=osmax-provisioner.os.reinstallation.machines.registration.statuses
179
208
 
180
209
  ## Kafka SSL connection parameters section.
181
210
  ## To enable SSL connection mode uncomment three following parameters:
182
211
  #mp.messaging.connector.smallrye-kafka.security.protocol=SSL
183
212
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.location=/etc/ssl/certs/java/cacerts
184
213
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.password=changeit
185
214
  ## Optionally if the custom truststore is used:
186
215
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
187
216
  #mp.messaging.connector.smallrye-kafka.ssl.truststore.type=PKCS12
188
217
 
189
218
  ## To enable mutual TLS connection mode uncomment three following parameters, along with configuration above:
190
219
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.location=/opt/osmax-provisioner/keystore.jks
191
220
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.password=keystore@12345
192
221
  ## Optionally if the custom keystore is used:
193
222
  ## To change the format use one of JKS, JCEKS, P12, PKCS12, PFX. Default format is JKS
194
223
  #mp.messaging.connector.smallrye-kafka.ssl.keystore.type=PKCS12
195
224
 
196
225
  ###############################################################################
197
226
  # Logging section #
198
227
  ###############################################################################
199
228
 
200
229
  # Common logging config
201
230
  quarkus.log.file.enable=true
202
231
  quarkus.log.json.file.enable=true
203
232
  quarkus.log.json.console.enable=false
204
233
 
205
234
  # Json log format config
206
235
  quarkus.log.json.fields.mdc.flat-fields=true
207
236
  quarkus.log.json.fields.timestamp.date-format=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
208
237
  quarkus.log.json.fields.timestamp.zone-id=UTC
209
238
 
210
239
  # File logging config
211
240
  quarkus.log.file.path=/var/log/osmax/provisioner/osmax-provisioner.log
212
241
  quarkus.log.file.rotation.max-file-size=10M
213
242
  quarkus.log.file.rotation.max-backup-index=5
214
243
  quarkus.log.file.rotation.file-suffix=.yyyy-MM-dd.gz
215
244
 
216
245
  # Audit logging config
217
246
  quarkus.log.handler.file.audit-handler.enable=true
218
247
  quarkus.log.handler.file.audit-handler.path=/var/log/osmax/provisioner/audit-osmax-provisioner.log
219
248
  quarkus.log.handler.file.audit-handler.rotation.max-file-size=10M
220
249
  quarkus.log.handler.file.audit-handler.rotation.max-backup-index=50
221
250
  quarkus.log.handler.file.audit-handler.rotation.file-suffix=.yyyy-MM-dd
222
251
  quarkus.log.category."AUDIT".level=INFO
223
252
  quarkus.log.category."AUDIT".handlers=audit-handler
224
253
  quarkus.log.category."AUDIT".use-parent-handlers=false
225
254
 
226
255
  ###############################################################################
227
256
  # Observability section #
228
257
  ###############################################################################
229
258
 
230
259
  ## To enable metrics publication to Kafka uncomment the following parameters
231
260
  #osmax.micrometer.export.kafka.enabled=true
232
261
  #mp.messaging.outgoing.kafka-meter-registry.topic=osmax-observer.metrics
233
262
  ## Kafka metrics publication frequency configuration
234
263
  osmax.micrometer.export.kafka.step=1m
235
264
 
236
265
  ## To enable observability events publication to Kafka uncomment the following properties
237
266
  #osmax.observability.events.export.kafka.enabled=true
238
267
  #mp.messaging.outgoing.kafka-event-sink.topic=osmax-observer.events
239
268
 
240
269
  ## For setting target Kafka bootstrap servers and SSL configuration see Kafka integration section