S.Çağlar Onur | a95895d | 2015-02-09 13:34:11 -0500 | [diff] [blame] | 1 | #!/usr/bin/env python |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 2 | |
| 3 | # --------------------------------- |
| 4 | # This is the configuration file used by the Syndicate observer. |
| 5 | # It is a well-formed Python file, and will be imported into the |
| 6 | # observer as a Python module. This means you can run any config- |
| 7 | # generation code here you like, but all of the following global |
| 8 | # variables must be defined. |
| 9 | # --------------------------------- |
| 10 | |
| 11 | # URL to the Syndicate SMI. For example, https://syndicate-metadata.appspot.com |
| 12 | SYNDICATE_SMI_URL="http://localhost:8080" |
| 13 | |
Tony Mack | 3de59e3 | 2015-08-19 11:58:18 -0400 | [diff] [blame] | 14 | # If you are going to use OpenID to authenticate the Syndicate instance daemon, |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 15 | # this is the OpenID provider URL. It is currently used only to generate |
| 16 | # identity pages for users, so you can put whatever you want here for now. |
| 17 | SYNDICATE_OPENID_TRUSTROOT="http://localhost:8081" |
| 18 | |
| 19 | # This is the observer's user account on Syndicate. You must create it out-of-band |
| 20 | # prior to using the observer, and it must be an admin user since it will |
| 21 | # create other users (i.e. for slices). |
| 22 | SYNDICATE_OPENCLOUD_USER="jcnelson@cs.princeton.edu" |
| 23 | |
| 24 | # This is the password for the observer to authenticate itself to Syndicate. |
| 25 | SYNDICATE_OPENCLOUD_PASSWORD="nya" |
| 26 | |
| 27 | # If the observer uses public-key authentication with Syndicate, you will |
| 28 | # need to identify the absolute path to its private key here. It must be |
| 29 | # a 4096-bit PEM-encoded RSA key, and the Syndicate observer's user account |
| 30 | # must have been given the public key on activation. |
| 31 | SYNDICATE_OPENCLOUD_PKEY=None |
| 32 | |
| 33 | # This is the location on disk where Syndicate observer code can be found, |
| 34 | # if it is not already in the Python path. This is optional. |
| 35 | SYNDICATE_PYTHONPATH="/root/syndicate/build/out/python" |
| 36 | |
| 37 | # This is the location of the observer's private key. It must be an absolute |
| 38 | # path, and refer to a 4096-bit PEM-encoded RSA key. |
Scott Baker | 166f4b8 | 2015-02-09 11:18:46 -0800 | [diff] [blame] | 39 | SYNDICATE_PRIVATE_KEY="/opt/xos/syndicate_observer/syndicatelib_config/pollserver.pem" |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 40 | |
| 41 | # This is the master secret used to generate secrets to seal sensitive information sent to the |
Tony Mack | 3de59e3 | 2015-08-19 11:58:18 -0400 | [diff] [blame] | 42 | # Syndicate instance mount daemons. It is also used to seal sensitive information |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 43 | # stored to the Django database. |
| 44 | # TODO: think of a way to not have to store this on disk. Maybe we feed into the |
| 45 | # observer when it starts up? |
| 46 | SYNDICATE_OPENCLOUD_SECRET="e4988309a5005edb8ea185f16f607938c0fb7657e4d7609853bcb7c4884d1c92" |
| 47 | |
| 48 | # This is the default port number on which a Syndicate Replica Gateway |
| 49 | # will be provisioned. It's a well-known port, and can be the same across |
Tony Mack | 3de59e3 | 2015-08-19 11:58:18 -0400 | [diff] [blame] | 50 | # instances, since in OpenCloud, an RG instance only listens to localhost. |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 51 | SYNDICATE_RG_DEFAULT_PORT=38800 |
| 52 | |
| 53 | # This is the absolute path to the RG's storage driver (which will be automatically |
Tony Mack | 3de59e3 | 2015-08-19 11:58:18 -0400 | [diff] [blame] | 54 | # pushed to instances by Syndicate). See https://github.com/jcnelson/syndicate/wiki/Replica-Gateways |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 55 | SYNDICATE_RG_CLOSURE=None |
| 56 | |
Tony Mack | 3de59e3 | 2015-08-19 11:58:18 -0400 | [diff] [blame] | 57 | # This is the port number the observer listens on for GETs from the Syndicate instance mount |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 58 | # daemons. Normally, the oserver pushes (encrypted) commands to the daemons, but if the |
| 59 | # daemons are NAT'ed or temporarily partitioned, they will pull commands instead. |
| 60 | SYNDICATE_HTTP_PORT=65321 |
| 61 | |
| 62 | # This is the path to the logfile for the observer's HTTP server. |
| 63 | SYNDICATE_HTTP_LOGFILE="/tmp/syndicate-observer.log" |
| 64 | |
| 65 | # This is the number of seconds to wait for pushing a slice credential before timing out. |
| 66 | SYNDICATE_HTTP_PUSH_TIMEOUT=60 |
| 67 | |
Tony Mack | 3de59e3 | 2015-08-19 11:58:18 -0400 | [diff] [blame] | 68 | # This is the port number the Syndicate instance mount daemons listen on. The observer will |
Sapan Bhatia | bf7856b | 2014-11-19 15:09:38 -0500 | [diff] [blame] | 69 | # push commands to them on this port. |
| 70 | SYNDICATE_SLIVER_PORT=65322 |
| 71 | |
| 72 | # If true, print verbose debug messages. |
| 73 | DEBUG=True |