ssh_proxy job from diego/1.17.0
Github source:
9513168d
or
master branch
Properties¶
diego
¶
ssh_proxy
¶
allowed_ciphers
¶Comma separated list of allowed cipher algorithms
allowed_keyexchanges
¶Comma separated list of allowed key exchange algorithms
allowed_macs
¶Comma separated list of allowed MAC algorithms
bbs
¶
api_location
¶Address to the BBS Server
- Default
bbs.service.cf.internal:8889
ca_cert
¶PEM-encoded CA certificate
client_cert
¶PEM-encoded client certificate
client_key
¶PEM-encoded client key
client_session_cache_size
¶capacity of the tls client cache
max_idle_conns_per_host
¶maximum number of idle http connections
require_ssl
¶enable ssl for all communication with the bbs
- Default
true
cc
¶
external_port
¶External port of the Cloud Controller API
- Default
9022
internal_service_hostname
¶Internal service hostname of Cloud Controller Api
- Default
cloud-controller-ng.service.cf.internal
debug_addr
¶address at which to serve debug info
- Default
127.0.0.1:17016
diego_credentials
¶Diego Credentials to be used with the Diego authenitcation method
dropsonde_port
¶local metron agent’s port
- Default
3457
enable_cf_auth
¶Allow ssh access for cf applications
- Default
false
enable_diego_auth
¶Allow ssh access for diego applications
- Default
false
healthcheck_listen_addr
¶address for the ssh proxy healthcheck server
- Default
0.0.0.0:2223
host_key
¶PEM encoded RSA private key used to identify host
listen_addr
¶address for the proxy to listen on
- Default
0.0.0.0:2222
log_level
¶Log level
- Default
info
uaa
¶
ca_cert
¶The CA certificate of the UAA
port
¶The port to contact UAA on
url
¶The domain name of the UAA
- Default
https://uaa.service.cf.internal
uaa_secret
¶The oauth client secret used to authenticate the ssh-proxy with the uaa
uaa_token_url
¶URL of the UAA token endpoint
ssl
¶
skip_cert_verify
¶when connecting over https, ignore bad ssl certificates
- Default
false
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/ssh_proxy/
directory
(learn more).
bin/ssh_proxy_as_vcap
(fromssh_proxy_as_vcap.erb
)bin/ssh_proxy_ctl
(fromssh_proxy_ctl.erb
)config/certs/bbs/ca.crt
(frombbs_ca.crt.erb
)config/certs/bbs/client.crt
(frombbs_client.crt.erb
)config/certs/bbs/client.key
(frombbs_client.key.erb
)config/certs/uaa/ca.crt
(fromuaa_ca.crt.erb
)config/ssh_proxy.json
(fromssh_proxy.json.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.