forked from project-sunbird/sunbird-devops
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.yml
executable file
·156 lines (121 loc) · 10.2 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
#------------------------------------------------------#
#
# Sunbird installaion contains 3 parts
# 1. Install and configure db and deps
# 2. Install and core services
# 3. Configure core services
#
# ALL VARIABLES IN THESE THREE PARTS ARE MANDATORY.
# PLEASE FILL THOSE BEFORE RUNNING CORRESPONDING STEPS.
#
#------------------------------------------------------#
#Basic
env: # The environment type being setup. Typical examples are dev, test, qa, staging, performance, preprod, production etc.
implementation_name: # The name of your sunbird implementation. As a best practice, use the org name that is in the domain (dns) name that you are going to use for this sunbird instance
ssh_ansible_user: # The SSH user name that has sudo access to all servers. If you have followed the user creation sample in the pre-requisites, then this would be sunbird
sudo_passwd: # This variable is not required if you have created a user with passwordless ssh as mentioned in the pre-requisites. This variable would be removed in a future release
ansible_private_key_path: # The path of the private SSH key file for the ssh_ansible_user. Ansible uses this file to SSH to the servers. If you have followed the user creation sample in the pre-requisites, it would be /home/yourcurrentuser/key
#Application
application_host: # The private IP of the designated app server. Every cloud VM would have a private IP associated with it and it can be found by running ifconfig on the VM
app_address_space: # The application server address space in CIDR notation. This has to be calculated from the application_host private IP. For eg. if the application_host IP is 11.12.1.5, then the app_address_space would be 11.12.1.0/24 (derived by setting the last octet in the IP to 0, followed by /24)
#Proxy
dns_name: # The domain name or IP address of your installation. Provide the IP address, if want to access Sunbird over an IP address (http://x.y.z.a). It is best to use a domain name instead of the IP address.
proto: # The protocol to be used, either http or https. Use http if the value of the dns_name variable is an IP address or if you have a domain but do not to enable SSL. Please note that the latest browsers would mark sites without https as insecure.
cert_path: # Path to the .cert file in the SSL certificate for nginx. This variable is not mandatory, if the value of the proto variable is set to http
key_path: # Path to .key file in the SSL certificate for nginx. This variable is not mandatory, if the value of the proto variable is set to http
#Database
database_host: # Db server private ip
database_password: # All the databases will be secured using this password. You will need to use the same password if you want to connect to the sunbird databases for running any queries directly. Please use an alphanumeric string that is atleast 8 characters long as a best practice.
#Keycloak
keycloak_admin_password: # The Keycloak admin user password. The default admin username is admin. You will need to use this password to login to keycloak for any administration. Please use an alphanumeric string that is atleast 8 characters long as a best practice.
sso_password: # The password for the keycloak SSO user. The default username is user-manager. The sunbird backend uses this password to invoke keycloak APIs for user creation, authentication. Please use an alphanumeric string that is atleast 8 characters long as a best practice.
trampoline_secret: # The trampoline secret for Keycloak. This secret is required only while setting up single sign on to sunbird.
# Badger
badger_admin_password: # The password for the Badgr administrator. The default username is admin. This password would be required if you want to invoke APIs on the badger service and is used by the sunbird backend.
# Default admin user is admin, you can create new user using `./manage.py createsuperuser` in badger container.
badger_admin_email: # The email ID of the Badgr administrator
#Ekstep
ekstep_api_base_url: https://qa.ekstep.in/api # The base URL for all EkStep APIs. The URL for staging is: https://qa.ekstep.in/api and production is: https://api.ekstep.in
ekstep_proxy_base_url: https://qa.ekstep.in # The proxy URL for EkStep. The URL for staging is: https://qa.ekstep.in and production: https://community.ekstep.in
ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal.
# Please go through this url for more about jwt:
# https://community.ekstep.in/developer-knowledgebase/45-getting-started-with-apis
#Azure Storage information for core services
sunbird_image_storage_url: # Azure storage url ex: https://sunbirdtest.blob.core.windows.net/dial/
sunbird_azure_storage_key: # Azure account storage key for the player, content, Badger Service
sunbird_azure_storage_account: # Azure account storage name for the player, content, Badger Service
#Sunbird System Initialisation - First organisation and user in Sunbird will be created with these details
sunbird_default_channel: # Enter the channel name which you want to create in the sunbird installation
sunbird_custodian_tenant_name: # Custodian Organisation Name
sunbird_custodian_tenant_description: # Custodian Organisation Description
sunbird_custodian_tenant_channel: # Custodian Organisation Channel
sunbird_root_user_firstname: # first name of the Sunbird admin user
sunbird_root_user_lastname: # last name of the Sunbird admin user(optional field)
sunbird_root_user_username: # username to be used for login to Sunbird
sunbird_root_user_password: # password to be used for login to Sunbird
sunbird_root_user_email: # email address of the Sunbird admin user
sunbird_root_user_phone: # mobile number of the Sunbird admin user
# After Running ./sunbird_install.sh get the sso_publickey from keycloak and update in config,then follow the below Steps:
# 1> run `./sunbird_install.sh -s core` this script will install all the core services(Player, Content, Learner, Badger)
# 2> run `./sunbird_install.sh -s systeminit` this script will configure the default channel and create user to login to sunbird
# 3> run `./sunbird_install.sh -s posttest` this script will validate the sunbird installation and check whether all services are running
sunbird_sso_publickey: # Follow the below to get the key
# http://dns_name/auth -> realm settings -> keys -> public keys (click on public keys) and paste the value
# Referral: http://www.sunbird.org/developer-docs/configuring_sunbird/
#----------------------------------------------------------------------#
## Advanced config
# !! If you don't need all customizations, like only multiple db instances but all applications are in same instance,
# !! please fill `application_host`, as this ip will be taken for all default configurations
# DB IPs, Default will be database_host
elasticsearch_host:
cassandra_host:
postgres_master_host:
postgres_slave_host:
swarm_manager_host:
swarm_node_host:
keycloak_host:
log_es_host:
# Variables for monitoring
prometheus_host:
grafana_host:
alertmanager_host:
# Unique DB passwords, Default will be database_password
# If you have dbs pre installed, you have to fill the passwords, it's mandatory.
postgres_keycloak_password:
postgres_app_password:
postgres_kong_password:
postgres_badger_password:
cassandra_password:
sunbird_telemetry_pdata_id: #some telemetry id which should available in ekstep
sunbird_installation_email: #
#Logging (mandatory fields if logging is required)
vault_google_client_id: # Google oauth client id
vault_google_client_secret: # Google oauth client secret
vault_cookie_secret: # Google oauth cookie secret
kibana_oauth_authenticated_email_domains: # Kibana access for all the users with this domain
kibana_oauth_authenticated_email_ids: # Kibana access for the mentioned users
#Monitoring (mandatory fields if monitoring is required)
proxy_prometheus: false # Please set this variable to true if you want to use monitoring and fill the below details under monitoring Section
mail_server_host: #mail server host ex: smtp.sendgrid.net
mail_server_port: #mail server host ex: 587
mail_server_username: #username
mail_server_password: #password
vault_postgres_exporter_password: #password for the postgres exporter password
grafana_admin_password: #grafana admin password
monitor_alerts_slack_url: #slack webhook url
monitor_alerts_slack_channel: #slack channel for alerts
alerts_mailing_list: #list of user mail id's who need alerts.
kong__test_jwt: #kong test jwt token
vault_proxy_prometheus_admin_creds:
#es config
es_etc_node_datagroups['es']:
es_api_host: "{{inventory_hostname}}"
es_heap_size: 1500m
es_etc_discovery_zen_minimum_master_nodes: 1
es_snapshot_host: "{{ groups['es'][0] }}"
es_restore_host: "{{ groups['es'][0] }}"
snapshot_base_path: application
backup_storage_key: BackupStorageKey # The Azure Account Storage key for prometheus, elasticsearch backups
backup_storage_name: BackupStorageName # The Azure Account Storage Name for prometheus, elasticsearch backups
#----------------------------------------------------------------#
# System generated values. Please don't edit