This repository has been archived by the owner on Sep 14, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsettings-yml-configmap.yaml
executable file
·108 lines (97 loc) · 4.53 KB
/
settings-yml-configmap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
apiVersion: v1
data:
settings.yml: |
---
:settings_directory: "/github.com/smart-proxy/config/settings.d"
#:trusted_hosts:
# - localhost
# - foreman-app-1.salt-with-foreman
# - foreman_app_1.salt-with-foreman
:daemon: false
:bind_host:
- 0.0.0.0
:http_port: 9000
:log_file: STDOUT
:log_level: DEBUG
# SSL Setup
# If enabled, all communication would be verified via SSL
# NOTE that both certificates need to be signed by the same CA in order for this to work
# see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information
#:ssl_certificate: ssl/certs/fqdn.pem
#:ssl_ca_file: ssl/certs/ca.pem
#:ssl_private_key: ssl/private_keys/fqdn.key
# Use this option only if you need to disable certain cipher suites.
# Note: we use the OpenSSL suite name, such as "RC4-MD5".
# The complete list of cipher suite names can be found at:
# https://www.openssl.org/docs/manmaster/man1/ciphers.html#CIPHER-SUITE-NAMES
#:ssl_disabled_ciphers: [CIPHER-SUITE-1, CIPHER-SUITE-2]
# Use this option only if you need to strictly specify TLS versions to be
# disabled. SSLv3 and TLS v1.0 are always disabled and cannot be configured.
# Specify versions like: '1.1', or '1.2'
#:tls_disabled_versions: []
# Hosts which the proxy accepts connections from
# commenting the following lines would mean every verified SSL connection allowed
# HTTPS: test the certificate CN
# HTTP: test the reverse DNS entry of the remote IP
#:trusted_hosts:
#- foreman.prod.domain
#- foreman.dev.domain
#to deny access to all hosts use:
#:trusted_hosts: []
# verify a DNS reverse lookup against it's forward lookup
# 1.1.1.1 -> foreman.mycompany.com -> 1.1.1.1
# (default: true)
#:forward_verify: true
#:foreman_url: http://127.0.0.1:3000
# SSL settings for client authentication against Foreman. If undefined, the values
# from general SSL options are used instead. Mainly useful when Foreman uses
# different certificates for its web UI and for smart-proxy requests.
#:foreman_ssl_ca: ssl/certs/ca.pem
#:foreman_ssl_cert: ssl/certs/fqdn.pem
#:foreman_ssl_key: ssl/private_keys/fqdn.pem
# by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting
#:daemon: true
# Only used when 'daemon' is set to true.
# Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid'
#:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid
# host and ports configuration
# an array of interfaces to bind ports to (possible values: *, localhost, 0.0.0.0)
#:bind_host: ['*']
# http is disabled by default. To enable, uncomment 'http_port' setting
#:http_port: 8000
# https is enabled if certificate, CA certificate, and private key are present in locations specifed by
# ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly
# default values for https_port is 8443
#:https_port: 8443
# Log configuration
# Uncomment and modify if you want to change the location of the log file or use STDOUT or SYSLOG values
#:log_file: /var/log/foreman-proxy/proxy.log
# Uncomment and modify if you want to change the log level
# WARN, DEBUG, ERROR, FATAL, INFO, UNKNOWN
#:log_level: INFO
# The maximum size of a log file before it's rolled (in MiB) or zero to use external log rotation (default)
#:file_rolling_size: 0
# The maximum age of a log file before it's rolled (in seconds). Also accepts 'daily', 'weekly', or 'monthly'.
#:file_rolling_age: weekly
# Number of log files to keep
#:file_rolling_keep: 6
# Logging pattern for file-based loging
#:file_logging_pattern: '%d %.8X{request} [%.1l] %m'
# Logging pattern for syslog or journal loging
#:system_logging_pattern: '%m'
# Log buffer size and extra buffer size (for errors). Defaults to 3000 messages in total,
# which is about 500 kB request.
#:log_buffer: 2000
#:log_buffer_errors: 1000
# DNS resolver timeout(s). This may be a single positive number
# or an array of positive numbers representing timeouts in seconds.
# If an array is specified, a DNS request will retry and wait for
# each successive interval in the array until a successful response
# is received. See Ruby Resolv#timeouts documentation for more info.
#:dns_resolv_timeouts: [5, 8, 13]
kind: ConfigMap
metadata:
creationTimestamp: null
labels:
io.kompose.service: salt
name: settings-yml