login job from cf/191
Github source:
43c823b7
or
master branch
Properties¶
domain
¶
The domain name for this CloudFoundry deploy
env
¶
http_proxy
¶The http_proxy accross the VMs
https_proxy
¶The https_proxy accross the VMs
no_proxy
¶Set No_Proxy accross the VMs
login
¶
analytics
¶
code
¶Analytics code
domain
¶Analytics domain
asset_base_url
¶Base url for static assets, allows custom styling of the login server. Use ‘/resources/pivotal’ for Pivotal style.
brand
¶The brand to use for the reset password emails, available values are oss and pivotal
- Default
oss
catalina_opts
¶
entity_id
¶Deprecated: Use login.saml.entityid
ldap
¶
localPasswordCompare
¶deprecated. use UAA configuration.
- Default
"true"
passwordAttributeName
¶deprecated. use UAA configuration.
- Default
userPassword
passwordEncoder
¶deprecated. use UAA configuration.
- Default
org.cloudfoundry.identity.uaa.login.ldap.DynamicPasswordComparator
profile_type
¶deprecated. use UAA configuration.
searchBase
¶deprecated. use UAA configuration.
- Default
""
searchFilter
¶deprecated. use UAA configuration.
- Default
cn={0}
sslCertificate
¶deprecated. use UAA configuration.
sslCertificateAlias
¶deprecated. use UAA configuration.
url
¶deprecated. use UAA configuration.
userDN
¶deprecated. use UAA configuration.
userDNPattern
¶deprecated. use UAA configuration.
userPassword
¶deprecated. use UAA configuration.
links
¶A hash of home/passwd/signup URLS (see commented examples below)
home
¶URL for primary console/dashboard for users
- Default
https://console.run.pivotal.io
network
¶URL for Pivotal Network
- Default
https://network.gopivotal.com/login
passwd
¶URL for requesting password reset
- Default
https://console.run.pivotal.io/password_resets/new
signup
¶URL for requesting to signup/register for an account
- Default
https://console.run.pivotal.io/register
signup-network
¶URL for requesting to signup/register for an account at Pivotal Network
- Default
https://network.gopivotal.com/registrations/new
port
¶
- Default
8080
protocol
¶The scheme in which login server should use to contact the UAA
- Default
http
saml
¶
assertion_consumer_index
¶Deprecated: Use login.saml.providers list objects
- Default
1
entityid
¶The ID to represent this server
idpEntityAlias
¶Deprecated: Use login.saml.providers list objects
idpMetadataURL
¶Deprecated: Use login.saml.providers list objects
idp_metadata_file
¶Deprecated: Use login.saml.providers list objects
keystore_key
¶Key name of the SAML login server keystore.
- Default
selfsigned
keystore_name
¶Name of the SAML login server keystore.
- Default
samlKeystore.jks
keystore_password
¶Key password to the SAML login server keystore.
- Default
password
metadataTrustCheck
¶Deprecated: Use login.saml.providers list objects
- Default
true
nameidFormat
¶Deprecated: Use login.saml.providers list objects
- Default
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
providers
¶Contains a hash of SAML Identity Providers, the key is the IDP Alias, followed by key/value pairs for idpMetadata, nameID, assertionConsumerIndex, metadataTrustCheck, showSamlLoginLink, linkText, iconUrl
serviceProviderCertificate
¶Service provider certificate.
serviceProviderKey
¶Private key for the service provider certificate.
serviceProviderKeyPassword
¶Password to protect the service provider private key.
socket
¶
connectionManagerTimeout
¶Timeout in milliseconds for connection pooling for SAML metadata HTTP requests
soTimeout
¶Read timeout in milliseconds for SAML metadata HTTP requests
signups_enabled
¶Enable account creation flow in the login server. Enabled by default.
smtp
¶SMTP server configuration, for password reset emails etc.
host
¶SMTP server host address
- Default
localhost
password
¶SMTP server password
port
¶SMTP server port
- Default
2525
user
¶SMTP server username
spring_profiles
¶deprecated. use UAA configuration.
tiles
¶A list of links to other services to show on the landing page after logging in and/or signing up, depending on whether login-link and/or signup-link is specified.
uaa_base
¶Location of the UAA.
uaa_certificate
¶Certificate to import if the UAA is using self-signed certificates
nats
¶
machines
¶IP of each NATS cluster member.
password
¶Password for NATS login
port
¶TCP port of NATS server
user
¶User name for NATS login
networks
¶
apps
¶The Login network name
syslog_aggregator
¶
address
¶IP address for syslog aggregator
all
¶Define whether forwarders should send all their syslog data to our aggregator.
- Default
false
port
¶TCP port of syslog aggregator
transport
¶Transport to be used when forwarding logs (tcp|udp|relp).
- Default
tcp
uaa
¶
clients
¶
login
¶
secret
¶Login client secret - overrides uaa.login.client_secret
dump_requests
¶
login
¶
client_secret
¶Deprecated. Default login client secret if no login client is defined
require_https
¶
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/login/
directory
(learn more).
bin/install_crt
(frominstall_crt.erb
)bin/login_cf-registrar_ctl
(fromcf-registrar_ctl
)bin/login_ctl
(fromlogin_ctl.erb
)config/cf-registrar/config.yml
(fromcf-registrar.config.yml.erb
)config/log4j.properties
(fromlog4j.properties.erb
)config/login.yml
(fromlogin.yml.erb
)config/syslog_forwarder.conf
(fromsyslog_forwarder.conf.erb
)config/tomcat/logging.properties
(fromtomcat.logging.properties
)config/tomcat/server.xml
(fromtomcat.server.xml.erb
)config/tomcat/web.xml
(fromweb.xml.erb
)config/uaa.crt
(fromuaa.crt.erb
)config/varz.yml
(fromvarz.yml.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.