-
Notifications
You must be signed in to change notification settings - Fork 2
/
config.yml
189 lines (137 loc) · 6.66 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
################################################################################
# Existing RootCA and Patches Server Certificate Configuration #
################################################################################
# If you already have a CA key and crt you want to provide you can provide #
# them in the CERT_DIRECTORY/ROOT_CERT_DIRECTORY. By default, this is #
# server_certs/root_certs. The code will search for files with the name #
# {ROOT_CA_NAME}.key/{ROOT_CA_NAME}.crt or {ROOT_CA_NAME}.pem. By default #
# ROOT_CA_NAME is rootCA #
################################################################################
################################################################################
# New RootCA and Patches Server Certificate Configuration #
################################################################################
# The name you want to use for your root CA. If you want to use an existing root CA, you can use the same name.
ROOT_CA_NAME: "rootCA"
ROOT_CA_DOMAIN: "lan"
# The name you want to use for the certificate/CN for the Patches server. This cannot have any spaces.
SERVER_NAME: "patches"
SERVER_DOMAIN: "lan"
# The country name for the certificate
country: "US"
# The state or province name for the certificate
state: "Ohio"
# The locality name for the certificate
locality: "Dayton"
# The organization name for the certificate
organization_name: "Dell"
# The organizational unit name for the certificate
organization_unit: "Federal"
# How many days the certs should be valid. Default is three years.
days: 1095
# A list of client names you want to generate certificates for. You can add more as needed.
# Make sure one of these is the same as PATCHES_ADMINISTRATOR if you are not using your
# own certificates.
clients:
gelante: # CHANGE THIS TO YOUR CLIENT NAME - SPACES ARE NOT SUPPORTED
# The domain name to use for the certificate
domain: "lan"
# The country name for the certificate
country: "US"
# The state or province name for the certificate
state: "Ohio"
# The locality name for the certificate
locality: "Dayton"
# The organization name for the certificate
organization_name: "Dell"
# The organizational unit name for the certificate
organization_unit: "Federal"
# The primary DNS name for the server certificate
dns_1: "gelante.lan"
# The secondary DNS name for the server certificate (optional)
dns_2:
# The primary IP address for the certificate (optional)
ip_1:
# The secondary IP address for the certificate (optional)
ip_2:
# How many days the certs should be valid. Default is three years.
days: 1095
geleisi: # CHANGE THIS TO YOUR CLIENT NAME - SPACES ARE NOT SUPPORTED
# The domain name to use for the certificate
domain: "lan"
# The country name for the certificate
country: "US"
# The state or province name for the certificate
state: "Ohio"
# The locality name for the certificate
locality: "Dayton"
# The organization name for the certificate
organization_name: "Dell"
# The organizational unit name for the certificate
organization_unit: "Federal"
# The primary DNS name for the server certificate
dns_1: "geleisi.lan"
# The secondary DNS name for the server certificate (optional)
dns_2:
# The primary IP address for the certificate (optional)
ip_1:
# The secondary IP address for the certificate (optional)
ip_2:
# How many days the certs should be valid. Default is three years.
days: 1095
# ADD MORE CLIENTS HERE IF NEEDED
################################################################################
# PostgreSQL Settings #
################################################################################
# These are the username and password for the backend PSQL database used to store Patches metadata
# Note the PSQL password is currently stored insecurely in an environment file. The Patches database
# itself only has publicly available Dell metadata, a list of users who can see download statistics
# and the download statistics themselves.
# This is a known problem with the PSQL container. See https://github.com/docker-library/postgres/issues/111
PSQL_USERNAME: "patches"
PSQL_PASSWORD: "1qaz!QAZ2wsx@WSX"
# The name of the Patches administrator. This *MUST* match the common name on the certificate of the administrator.
PATCHES_ADMINISTRATOR:
################################################################################
# Developer Options #
################################################################################
# WARNING: These are meant for developer use. It is likely you will break things
# by changing these values. Do not change these unless you know what you are
# doing.
# This is the port that Node JS will listen on
BACKEND_PORT: "9000"
# This is the port the React JS app will listen on.
FRONTEND_PORT: "3000"
# This is the port for that PostgreSQL will use
PSQL_PORT: "5432"
# This is the name of the patches database. Changing this will break the code
# currently
POSTGRES_DB: "patches"
# The hostname for the backend certificate
BACKEND_CERT_NAME: "patches-backend"
# The hostname for the frontend certificate
FRONTEND_CERT_NAME: "frontend"
# This is the PostGreSQL container label. It is used as `docker.io/library/postgres:${PSQL_VERSION}`
PSQL_VERSION: "15.3"
# This is the HTTPD version we will run
HTTPD_VERSION: "2.4"
# This is the nginx container label. It is used as `docker.io/library/nginx:${NGINX_VERSION}`
NGINX_VERSION: "1.23.4"
# The directory to use to store server certificates
CERT_DIRECTORY: "server_certs"
ROOT_CERT_DIRECTORY: "root_certs"
# DRM required disk space. Currently set at 80. You better be sure you know what you're doing before lowering this.
REQUIRED_SPACE: "80"
# This is filled in with the install script. DO NOT edit this manually or it will break things.
# This value is only used when the user doesn't want to provide any sudo credentials so they run
# nginx as user and they have to pick a high port.
NGINX_PORT:
# There isn't a good way to programmatically get this. DRM is available at
# https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverid=8GDHG
# Currently we are rehosting this with git LFS
DRM_NAME: "DRMInstaller_3.4.3.869.bin"
# These fields are populated automatically by the code when import_keys runs or
# generate keys runs. They are used to keep track of the keys files. They should
# not be manually manipulated.
ROOT_CA_PEM:
SERVER_PEM:
PKCS_FILE: