Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 9953016f6529419625a7dbea00c45e85e8e04834 / . / docker / swarm / stack / security_monkey.yml
blob: f7b5980e0a0cc3c790cbab2cef2a929ce825176e [file] [log] [blame]
Volodymyr Stoiko085cc1e2017-04-23 14:01:26 +0300[diff] [blame]1parameters:
2 _param:
3 docker_security_monkey_api_replicas: 1
4 docker_security_monkey_scheduler_replicas: 1
Volodymyr Stoiko804ff722017-08-17 13:19:16 +0300[diff] [blame]5 docker_image_security_monkey_api: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-api
6 docker_image_security_monkey_scheduler: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-scheduler
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]7 security_monkey_bind_host: security-audit-api
8 security_monkey_bind_port: ${_param:haproxy_security_monkey_bind_port}
9 security_monkey_ssl:
10 enabled: false
Volodymyr Stoiko085cc1e2017-04-23 14:01:26 +0300[diff] [blame]11 security_monkey_db: secmonkey
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]12 notification_service_url: http://${_param:pushkin_bind_host}:${_param:haproxy_pushkin_bind_port}/post_notification_json
Volodymyr Stoiko4320d742017-05-12 16:46:36 +0300[diff] [blame]13 security_monkey_user: devopsportal@devopsportal.local
14 security_monkey_password: devopsportal
15 security_monkey_role: Justify
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]16 security_monkey_fqdn: ${_param:security_monkey_bind_host}
17 security_monkey_web_port: ${_param:security_monkey_bind_port}
18 security_monkey_api_port: ${_param:security_monkey_bind_port}
19 security_monkey_nginx_port: ${_param:security_monkey_bind_port}
Volodymyr Stoikofdefe2f2017-06-06 10:15:47 +0300[diff] [blame]20 devops_portal_sm_wtf_csrf_enabled: False
Vladislav Naumovddb85072017-07-14 11:43:21 +0300[diff] [blame]21 security_monkey_sync_interval: 15
Volodymyr Stoiko4320d742017-05-12 16:46:36 +0300[diff] [blame]22 security_monkey_openstack:
23 os_account_id: mcp_cloud
24 os_account_name: mcp_cloud
25 username: ""
26 password: ""
27 auth_url: ""
28 project_domain_name: Default
29 project_name: admin
30 user_domain_name: Default
Volodymyr Stoiko085cc1e2017-04-23 14:01:26 +0300[diff] [blame]31 docker:
32 client:
33 stack:
34 security_monkey:
35 environment:
36 SECURITY_MONKEY_POSTGRES_USER: ${_param:secmonkey_db_user}
37 SECURITY_MONKEY_POSTGRES_PASSWORD: ${_param:secmonkey_db_user_password}
38 SECURITY_MONKEY_POSTGRES_HOST: ${_param:secmonkey_db_host}
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]39 SECURITY_MONKEY_POSTGRES_PORT: ${_param:postgresql_bind_port}
Volodymyr Stoiko12db8312017-06-30 12:02:14 +0300[diff] [blame]40 SECURITY_MONKEY_FQDN: ${_param:security_monkey_fqdn}
41 WEB_PORT: ${_param:security_monkey_web_port}
42 API_PORT: ${_param:security_monkey_api_port}
43 NGINX_PORT: ${_param:security_monkey_nginx_port}
Volodymyr Stoiko4320d742017-05-12 16:46:36 +0300[diff] [blame]44 NOTIFICATIONS_SERVICE_URL: ${_param:notification_service_url}
45 DEFAULT_USER: ${_param:security_monkey_user}
46 DEFAULT_PASSWORD: ${_param:security_monkey_password}
47 DEFAULT_ROLE: ${_param:security_monkey_role}
48 OS_ACCOUNT_ID: ${_param:security_monkey_openstack:os_account_id}
49 OS_ACCOUNT_NAME: ${_param:security_monkey_openstack:os_account_name}
50 OS_USERNAME: ${_param:security_monkey_openstack:username}
51 OS_PASSWORD: ${_param:security_monkey_openstack:password}
52 OS_AUTH_URL: ${_param:security_monkey_openstack:auth_url}
53 OS_PROJECT_DOMAIN_NAME: ${_param:security_monkey_openstack:project_domain_name}
54 OS_PROJECT_NAME: ${_param:security_monkey_openstack:project_name}
55 USER_DOMAIN_NAME: ${_param:security_monkey_openstack:user_domain_name}
Volodymyr Stoikofdefe2f2017-06-06 10:15:47 +0300[diff] [blame]56 SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
Vladislav Naumovddb85072017-07-14 11:43:21 +0300[diff] [blame]57 SECURITY_MONKEY_SYNC_INTERVAL: ${_param:security_monkey_sync_interval}
Volodymyr Stoikoe24d9e22017-07-11 11:29:07 +0300[diff] [blame]58 SQLALCHEMY_DATABASE_URI: postgresql://${_param:secmonkey_db_user}:${_param:secmonkey_db_user_password}@${_param:secmonkey_db_host}:${_param:haproxy_postgresql_bind_port}/${_param:security_monkey_db}
59 SQLALCHEMY_POOL_RECYCLE: 14400
Volodymyr Stoiko085cc1e2017-04-23 14:01:26 +0300[diff] [blame]60 service:
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]61 security-audit-api:
Volodymyr Stoiko085cc1e2017-04-23 14:01:26 +0300[diff] [blame]62 image: ${_param:docker_image_security_monkey_api}
63 deploy:
64 replicas: ${_param:docker_security_monkey_api_replicas}
65 restart_policy:
66 condition: any
67 ports:
68 - ${_param:haproxy_security_monkey_exposed_port}:${_param:haproxy_security_monkey_bind_port}
69 volumes:
Volodymyr Stoiko4320d742017-05-12 16:46:36 +0300[diff] [blame]70 - /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]71 security-audit-scheduler:
Volodymyr Stoiko085cc1e2017-04-23 14:01:26 +0300[diff] [blame]72 image: ${_param:docker_image_security_monkey_scheduler}
73 deploy:
74 replicas: ${_param:docker_security_monkey_scheduler_replicas}
75 restart_policy:
76 condition: any
77 volumes:
Vladislav Naumov0ec79c72017-07-02 16:36:05 +0300[diff] [blame]78 - /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
Volodymyr Stoiko1ae92ce2017-08-11 11:45:12 +0300[diff] [blame]79 network:
80 default:
81 external:
82 name: oss_backend