Skip to content

shield-daemon job from shield/6.3.2

Github source: bdd53caf or master branch

Properties

shield

daemon

auth
api_keys

Map of API keys to grant script-level access to SHIELD (keys are names of keys, values are keys themselves)

Example
|+
  api_keys:
    my_script: AwB6iMPhTHiE7V2ngLNv
    autoprovision: KTocoRDwtasU22kiA3Go
basic_password

Password to use with basic auth for SHIELD (disabled if oauth is enabled)

Default
admin
basic_user

Username to use with basic auth for SHIELD (disabled if oauth is enabled)

Default
admin
oauth
authorization
orgs

List of organizations that users must be members of to access SHIELD. This MUST be specified or no one will be able to access SHIELD.

key

Auth Key/Client ID to use with the OAuth2 provider

provider

OAuth2 provider to use with SHIELD (supported values: ‘github’ and ‘cloudfoundry’)

secret

Auth Secret/Client Secret to use with the OAuth2 provider

sessions
db
host

host for postgres database

name

db for postgres database

password

password for postgres database

port

port for postgres database

username

username for postgres database

max_age

Maximum age for an authenticated session in seconds

Default
2.592e+06
database
db

database name

host

database host

password

database password

port

database port

type

database type (postgres or mysql)

username

database username

domain

Hostname/IP SHIELD is accessed with

http_port

Port for http requests

Default
80
name

name to display to `shield status’ calls

Default
(none)
port

port to run daemon (https requests)

Default
443
ssh_private_key

private key to use for communicating with the shield-agent.

log_level

Log level for shield processes

Default
info

provisioning_key

API Key to use when provisioning schedules, retention policies, or stores. Required if shield.schedule, shield.retention, or shield.store have data

retention

expires

expires

name

retention name

schedule

name

schedule name

when

schedule when

skip_ssl_verify

Boolean to determine if SSL certs will be ignored when provisioning SHIELD data

Default
true

store

config

store config

name

store name

plugin

store plugin

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/shield-daemon/ directory (learn more).

  • bin/ctl (from bin/ctl)
  • bin/monit_debugger (from bin/monit_debugger)
  • bin/post-start (from bin/post-start.erb)
  • config/retention.json (from config/retention.json.erb)
  • config/schedule.json (from config/schedule.json.erb)
  • config/shieldd.conf (from config/shieldd.conf.erb)
  • config/store.json (from config/store.json.erb)
  • data/properties.sh (from data/properties.sh.erb)
  • helpers/ctl_setup.sh (from helpers/ctl_setup.sh)
  • helpers/ctl_utils.sh (from helpers/ctl_utils.sh)
  • shared/id_rsa (from shared/id_rsa)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.