Skip to content

blobstore job from capi/1.199.0

Github source: 7a80a99b or master branch

Properties

blobstore

admin_users

List of Username and Password pairs that have admin access to the blobstore. Cloud Controller must use one of these to access the blobstore via HTTP Basic Auth. Example: users: - username: user1 password: password1 - username: user2 password: password2

internal_access_rules

List of allow / deny rules for the blobstore internal server. Defaults to RFC 1918 Private Networks. Will be followed by ‘deny all’. See http://nginx.org/en/docs/http/ngx_http_access_module.html for valid rules

Default
  - allow 10.0.0.0/8;
  - allow 172.16.0.0/12;
  - allow 192.168.0.0/16;

max_upload_size

Max allowed file size for upload

Default
"0"

nginx_workers_per_core

Number of NGINX worker processes per CPU core

Default
2

port

TCP port on which the blobstore server (nginx) listens

Default
8080

public_tls

cert

The PEM-encoded certificate (optionally as a certificate chain) for serving blobs over TLS/SSL

private_key

The PEM-encoded private key for signing TLS/SSL traffic

public_tls_port

TCP port on which the blobstore server (nginx) listens

Default
8081
secret

The secret used for signing URLs. Must not contain $, or any other variables that are used by and cannot be escaped in the Nginx config.

tls

cert

The PEM-encoded certificate (optionally as a certificate chain) for serving blobs over TLS/SSL

port

The TCP port on which the internal blobstore server listens

Default
4443
private_key

The PEM-encoded private key for signing TLS/SSL traffic

domain

DEPRECATED: The system domain. The public server will listen on host ‘blobstore.system-domain.tld’

release_level_backup

toggle to enable backups of the blobstore with bbr

Default
true

select_directories_to_backup

The list of directories to backup using BBR. Valid values are: buildpacks, droplets, packages. Remove directories that you do not want to backup.

Default
  - buildpacks
  - droplets
  - packages

system_domain

The system domain. The public server will listen on host ‘blobstore.system-domain.tld’

temporary_disable_non_tls_endpoints

nginx_cc and cc_uploader components disable non-TLS endpoints

Default
false

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/blobstore/ directory (learn more).

  • bin/bbr/backup (from backup.erb)
  • bin/bbr/restore (from restore.erb)
  • bin/blobstore_nginx (from bin/blobstore_nginx.erb)
  • bin/dns_health_check (from dns_health_check.erb)
  • bin/pre-start (from pre-start.sh.erb)
  • config/bpm.yml (from bpm.yml.erb)
  • config/mime.types (from mime.types)
  • config/nginx.conf (from nginx.conf.erb)
  • config/sites/blobstore.conf (from blobstore.conf.erb)
  • config/write_users (from write_users.erb)
  • ssl/blobstore.crt (from blobstore.crt.erb)
  • ssl/blobstore.key (from blobstore.key.erb)
  • ssl/blobstore_public.crt (from blobstore_public.crt.erb)
  • ssl/blobstore_public.key (from blobstore_public.key.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.