shield-daemon job from shield/6.3.6
Github source:
299da624
or
master branch
Properties¶
shield
¶
daemon
¶
auth
¶
api_keys
¶Map of API keys to grant script-level access to SHIELD (keys are names of keys, values are keys themselves)
- Example
|+ api_keys: my_script: AwB6iMPhTHiE7V2ngLNv autoprovision: KTocoRDwtasU22kiA3Go
basic_password
¶Password to use with basic auth for SHIELD (disabled if oauth is enabled)
- Default
admin
basic_user
¶Username to use with basic auth for SHIELD (disabled if oauth is enabled)
- Default
admin
oauth
¶authorization
¶orgs
¶List of organizations that users must be members of to access SHIELD. This MUST be specified or no one will be able to access SHIELD.
key
¶Auth Key/Client ID to use with the OAuth2 provider
provider
¶OAuth2 provider to use with SHIELD (supported values: ‘github’ and ‘cloudfoundry’)
secret
¶Auth Secret/Client Secret to use with the OAuth2 provider
sessions
¶db
¶host
¶host for postgres database
name
¶db for postgres database
password
¶password for postgres database
port
¶port for postgres database
username
¶username for postgres database
max_age
¶Maximum age for an authenticated session in seconds
- Default
2.592e+06
database
¶
db
¶database name
host
¶database host
password
¶database password
port
¶database port
type
¶database type (postgres or mysql)
username
¶database username
domain
¶Hostname/IP SHIELD is accessed with
http_port
¶Port for http requests
- Default
80
name
¶name to display to `shield status’ calls
- Default
(none)
port
¶port to run daemon (https requests)
- Default
443
ssh_private_key
¶private key to use for communicating with the shield-agent.
log_level
¶Log level for shield processes
- Default
info
provisioning_key
¶API Key to use when provisioning schedules, retention policies, or stores. Required if shield.schedule, shield.retention, or shield.store have data
- Default
""
retention
¶
expires
¶expires
name
¶retention name
retentions
¶An array of retentions to be added
- Example
|+ week: 604800
schedule
¶
name
¶schedule name
when
¶schedule when
schedules
¶An array of the schedules to be added
- Example
|+ weekly: Monday 3d
skip_ssl_verify
¶Boolean to determine if SSL certs will be ignored when provisioning SHIELD data
- Default
true
store
¶
config
¶store config
name
¶store name
plugin
¶store plugin
stores
¶An array of stores to be added
- Example
|+ amazon: plugin: s3 config: s3_host: url access_key_id: id secret_access_key: key bucket: name skip_ssl_validation: true signature_version: "2"
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/shield-daemon/
directory
(learn more).
bin/ctl
(frombin/ctl
)bin/monit_debugger
(frombin/monit_debugger
)bin/post-start
(frombin/post-start.erb
)config/shieldd.conf
(fromconfig/shieldd.conf.erb
)data/properties.sh
(fromdata/properties.sh.erb
)helpers/ctl_setup.sh
(fromhelpers/ctl_setup.sh
)helpers/ctl_utils.sh
(fromhelpers/ctl_utils.sh
)shared/id_rsa
(fromshared/id_rsa
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.