shield-daemon job from shield/6.3.0

Github source: ef8fee8c or master branch

Properties¶

shield¶

daemon¶

auth¶

api_keys¶

Map of API keys to grant script-level access to SHIELD (keys are names of keys, values are keys themselves)

Example

|+
  api_keys:
    my_script: AwB6iMPhTHiE7V2ngLNv
    autoprovision: KTocoRDwtasU22kiA3Go

basic_password¶

Password to use with basic auth for SHIELD (disabled if oauth is enabled)

Default

admin

basic_user¶

Username to use with basic auth for SHIELD (disabled if oauth is enabled)

Default

admin

oauth¶

authorization¶

orgs¶

List of organizations that users must be members of to access SHIELD. This MUST be specified or no one will be able to access SHIELD.

key¶

Auth Key/Client ID to use with the OAuth2 provider

provider¶

OAuth2 provider to use with SHIELD (supported values: ‘github’ and ‘cloudfoundry’)

secret¶

Auth Secret/Client Secret to use with the OAuth2 provider

sessions¶

db¶

host¶

host for postgres database

name¶

db for postgres database

password¶

password for postgres database

port¶

port for postgres database

username¶

username for postgres database

max_age¶

Maximum age for an authenticated session in seconds

Default

2.592e+06

database¶

db¶

db for postgres database

host¶

host for postgres database

password¶

password for postgres database

port¶

port for postgres database

username¶

username for postgres database

domain¶

Hostname/IP SHIELD is accessed with

http_port¶

Port for http requests

Default

80

name¶

name to display to `shield status’ calls

Default

(none)

port¶

port to run daemon (https requests)

Default

443

ssh_private_key¶

private key to use for communicating with the shield-agent.

log_level¶

Log level for shield processes

Default

info

provisioning_key¶

API Key to use when provisioning schedules, retention policies, or stores. Required if shield.schedule, shield.retention, or shield.store have data

retention¶

expires¶

expires

name¶

retention name

schedule¶

name¶

schedule name

when¶

schedule when

skip_ssl_verify¶

Boolean to determine if SSL certs will be ignored when provisioning SHIELD data

Default

true

store¶

config¶

store config

name¶

store name

plugin¶

store plugin

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/shield-daemon/ directory (learn more).

• bin/ctl (from bin/ctl)
• bin/monit_debugger (from bin/monit_debugger)
• bin/post-start (from bin/post-start.erb)
• config/retention.json (from config/retention.json.erb)
• config/schedule.json (from config/schedule.json.erb)
• config/shieldd.conf (from config/shieldd.conf.erb)
• config/store.json (from config/store.json.erb)
• data/properties.sh (from data/properties.sh.erb)
• helpers/ctl_setup.sh (from helpers/ctl_setup.sh)
• helpers/ctl_utils.sh (from helpers/ctl_utils.sh)
• shared/id_rsa (from shared/id_rsa)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• shield
• utils