drnic/templates.diff

## templates.diff
2,9c2,31
< <% # Add admin user with random password if it's not already there. -%>
< <% # block is require to keep existing ccdb admin  and services password, or make a unique one. -%>
< <% users = find("properties").fetch("uaa", {}).fetch("scim", {}).fetch("users", []) || [] -%>
< <% admin_user = users.detect { |u| u.match("^admin\\|") } -%>
< <% services_user = users.detect { |u| u.match("^services\\|") } -%>
< <% users.unshift "admin|#{random_string 12, :admin}|scim.write,scim.read,openid,cloud_controller.admin" unless admin_user -%>
< <% users << "services|#{random_string 12, :services}|scim.write,scim.read,openid,cloud_controller.admin" unless services_user -%>
< <% services_userid, services_password = services_user.split("\|")[0..1] if services_user -%>
---
> <%
>   # Add admin user with random password if it's not already there.
>   # block is require to keep existing ccdb admin  and services password, or make a unique one.
>   users = find("properties").fetch("uaa", {}).fetch("scim", {}).fetch("users", []) || []
>   admin_user = users.detect { |u| u.match("^admin\\|") }
>   services_user = users.detect { |u| u.match("^services\\|") }
>   users.unshift "admin|#{random_string 12, :admin}|scim.write,scim.read,openid,cloud_controller.admin" unless admin_user
>   users << "services|#{random_string 12, :services}|scim.write,scim.read,openid,cloud_controller.admin" unless services_user
>   services_userid, services_password = services_user.split("\|")[0..1] if services_user
>
>   def production?
>     find("name") == "cf-cfapps-io"
>   end
>
>   ec2_memory = {
>     "m1.medium" => 3_840,
>     "m1.large" => 7_680,
>     "m2.2xlarge" => 35_020
>   }
>   ec2_disk = {
>     "m1.medium" => 390_000,
>     "m1.large" => 400_000,
>     "m2.2xlarge" => 800_000
>   }
> -%>
>
> # ENV variables for Yeti:
> # $ export SERVICE_BROKER_URL=http://service-broker.<%= find("properties.domain") %>
> # $ export SERVICE_BROKER_TOKEN=broker-token
>
11a34
>
13c36
< - name: cf-release
---
> - name: <%= find("releases")[0]["name"] %>
17c40
<   workers: 3
---
>   workers: 6
28c51
<   max_in_flight: 4
---
>   max_in_flight: 1
51c74
< - name: common
---
> - name: small
53c76
<   size: 7
---
>   size: 1
59a83,100
> - name: medium
>   network: cf1
>   size: 5
>   stemcell:
>     name: bosh-stemcell
>     version: latest
>   cloud_properties:
>     instance_type: m1.medium
>     availability_zone: <%= find('properties.template_only.aws.availability_zone') %>
> - name: large
>   network: cf1
>   size: 4
>   stemcell:
>     name: bosh-stemcell
>     version: latest
>   cloud_properties:
>     instance_type: m1.medium
>     availability_zone: <%= find('properties.template_only.aws.availability_zone') %>
62c103,107
<   size: 1
---
> <% if production? -%>
>   size: <%= find('resource_pools.dea.size') %>
> <% else -%>
>   size: 8
> <% end -%>
66a112,114
> <% if production? -%>
>     instance_type: <%= find('resource_pools.dea.cloud_properties.instance_type') %>
> <% else -%>
67a116
> <% end -%>
71c120
<   size: 1
---
>   size: 2
78a128,132
> <% if production? -%>
>   <% find('resource_pools.router.cloud_properties.elbs').each do |elb|  -%>
>   - <%= elb %>
>   <% end -%>
> <% else -%>
79a134
> <% end -%>
82,83d136
< # ====================== BEGIN CF JOBS =========================
<
87c140
<   resource_pool: common
---
>   resource_pool: medium
92c145
<     - <%= ip( 0, 'cf1.static') %>
---
>     - <%= ip(0, 'cf1.static') %>
97c150
<   resource_pool: common
---
>   resource_pool: medium
101c154
<     - <%= ip( 1, 'cf1.static') %>
---
>     - <%= ip(1, 'cf1.static') %>
105,106c158,159
<   instances: 1
<   resource_pool: common
---
>   instances: 2
>   resource_pool: large
110c163,165
<     - <%= ip( 2, 'cf1.static') %>
---
>     - <%= ip(2, 'cf1.static') %>
>     - <%= ip(7, 'cf1.static') %>
>
114,115c169,170
<   instances: 1
<   resource_pool: common
---
>   instances: 2
>   resource_pool: medium
121,122c176,177
<   instances: 1
<   resource_pool: common
---
>   instances: 2
>   resource_pool: large
126c181,182
<     - <%= ip( 3, 'cf1.static') %>
---
>     - <%= ip(3, 'cf1.static') %>
>     - <%= ip(4, 'cf1.static') %>
132c188
<   instances: 1
---
>   instances: 2
140c196,197
<     - <%= ip( 5, 'cf1.static') %>
---
>     - <%= ip(5, 'cf1.static') %>
>     - <%= ip(6, 'cf1.static') %>
142c199
< - name:  health_manager
---
> - name: health_manager
145c202
<   resource_pool: common
---
>   resource_pool: medium
151c208,212
<   instances: 1
---
> <% if production? -%>
>   instances: <%= find('jobs.dea_next.instances') %>
> <% else -%>
>   instances: 8
> <% end -%>
153,154d213
<   update:
<     max_in_flight: 8
159a219,222
>   properties:
>     dea_next:
>       stacks:
>       - lucid64
164c227
<   resource_pool: common
---
>   resource_pool: small
174c237
<   system_domain_organization: <%= find("properties").fetch("system_domain_organization", "''") %>
---
>   system_domain_organization: <%= (find("properties").fetch("system_domain_organization", "") || "").inspect %>
180a244
>
186,187c250,251
<     user: nats
<     password: "c1oudc0wc1oudc0w"
---
>     user: <%= find("properties.nats.user") %>
>     password: <%= find("properties.nats.password") %>
190c254
<     authorization_timeout: 5  # AWS is slow, use longer timeout
---
>     authorization_timeout: 5  # AWS is slow
198c262,278
<     <%= find("properties.uaadb").to_yaml.split("\n")[1..-1].map{|line| " " * 4 + line}.join("\n").gsub(/\A\s{4}/, "") %>
---
>     db_scheme: mysql
>     address: <%= find("properties.uaadb.address") %>
>     port: 3306
>     roles:
> <% find("properties.uaadb.roles").each do |role| -%>
>     - tag: <%= role["tag"] %>
>       name: <%= role["name"] %>
>       password: <%= role["password"] %>
> <% end -%>
>     databases:
> <% find("properties.uaadb.databases").each do |db| -%>
>     - tag: <%= db["tag"] %>
>       name: <%= db["name"] %>
> <% end -%>
>
>
>   cc_api_version: v2   # used by at least service-broker
201c281
<     srv_api_uri: http://ccng.<%= find("properties.domain") %>
---
>     srv_api_uri: https://ccng.<%= find("properties.domain") %>
204c284
<     bulk_api_password: zbTuuLaap44jadlas2l312lk
---
>     bulk_api_password: <%= find("properties.cc.bulk_api_password") %>
206,207c286,288
<     staging_upload_user: zxsfhgjg
<     staging_upload_password: ZNVfdase9
---
>     staging_upload_user: <%= find("properties.cc.staging_upload_user") %>
>     staging_upload_password: <%= find("properties.cc.staging_upload_password") %>
>     max_staging_runtime: 900
230c311,326
<     db_encryption_key: "b9631492f433579"
---
>     quota_definitions:
>       free:
>         memory_limit: 0
>         total_services: 0
>       paid:
>         memory_limit: 10240
>         total_services: -1
>       runaway:
>         memory_limit: 102400
>         total_services: -1
>     stacks:
>     - name: lucid64
>       description: "Ubuntu 10.04"
>     - name: lucid64custom
>       description: "Fake Ubuntu 10.04"
>     db_encryption_key: <%= find("properties.cc.db_encryption_key") %>
238,239c334,335
<       user: sBNUxXlS0pc71wVef
<       password: 7nTmaIf9vPV4mJyBe
---
>       user: <%= find("properties.router.status.user") %>
>       password: <%= find("properties.router.status.password") %>
245,248c341,351
<     memory_mb: 7500
<     memory_overcommit_factor: 4
<     disk_mb: 16384
<     disk_overcommit_factor: 4
---
> <% if production? -%>
>     memory_mb: <%= ec2_memory.fetch("m2.2xlarge") - 2_048 %>
>     memory_overcommit_factor: 1
>     disk_mb: <%= ec2_disk.fetch("m2.2xlarge") %>
>     disk_overcommit_factor: 1
>     num_instances: 256
> <% else -%>
>     memory_mb: <%= ec2_memory.fetch("m1.large") - 1_024 %>
>     memory_overcommit_factor: 1
>     disk_mb: <%= ec2_disk.fetch("m1.large") %>
>     disk_overcommit_factor: 2
249a353
> <% end -%>
253c357
<     - 0.serialization-data-server.default.<%= find("name") %>.bosh
---
>     - 169.254.1.1   # fake, unused but needed by ccng job
257a362,371
>     log_email:
>       enabled: true
>       from_email: <%= find("properties.syslog_aggregator.log_email.from_email") %>
>       from_password: <%= find("properties.syslog_aggregator.log_email.from_password") %>
>       to_email:
>       - cfpi-backend@googlegroups.com
>       - cfpi-services@googlegroups.com
>       smtp_server: smtp.gmail.com
>       smtp_port: 587
>       smtp_domain: gmail.com
259,260c373,374
<   serialization_data_server:
<     upload_token: 8f7COGvTlXT7l8IzAgOHxMXurBrG364k
---
>   serialization_data_server:  # fake, unused but needed by ccng job
>     upload_token: <%= find("properties.serialization_data_server.upload_token") %>
268c382
<     protocol: http
---
>     protocol: https
270,272c384,386
<       home: http://console.<%= find("properties.domain") %>
<       passwd: http://console.<%= find("properties.domain") %>/password_resets/new
<       signup: http://console.<%= find("properties.domain") %>/register
---
>       home: https://console.<%= find("properties.domain") %>
>       passwd: https://console.<%= find("properties.domain") %>/password_resets/new
>       signup: https://console.<%= find("properties.domain") %>/register
276c390
<     url: http://uaa.<%= find("properties.domain") %>
---
>     url: https://uaa.<%= find("properties.domain") %>
278c392
<     no_ssl: true
---
>     no_ssl: false
280,302c394,395
<       signing_key: |
<         -----BEGIN RSA PRIVATE KEY-----
<         MIICXAIBAAKBgQDHFr+KICms+tuT1OXJwhCUmR2dKVy7psa8xzElSyzqx7oJyfJ1
<         JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMXqHxf+ZH9BL1gk9Y6kCnbM5R6
<         0gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBugspULZVNRxq7veq/fzwIDAQAB
<         AoGBAJ8dRTQFhIllbHx4GLbpTQsWXJ6w4hZvskJKCLM/o8R4n+0W45pQ1xEiYKdA
<         Z/DRcnjltylRImBD8XuLL8iYOQSZXNMb1h3g5/UGbUXLmCgQLOUUlnYt34QOQm+0
<         KvUqfMSFBbKMsYBAoQmNdTHBaz3dZa8ON9hh/f5TT8u0OWNRAkEA5opzsIXv+52J
<         duc1VGyX3SwlxiE2dStW8wZqGiuLH142n6MKnkLU4ctNLiclw6BZePXFZYIK+AkE
<         xQ+k16je5QJBAN0TIKMPWIbbHVr5rkdUqOyezlFFWYOwnMmw/BKa1d3zp54VP/P8
<         +5aQ2d4sMoKEOfdWH7UqMe3FszfYFvSu5KMCQFMYeFaaEEP7Jn8rGzfQ5HQd44ek
<         lQJqmq6CE2BXbY/i34FuvPcKU70HEEygY6Y9d8J3o6zQ0K9SYNu+pcXt4lkCQA3h
<         jJQQe5uEGJTExqed7jllQ0khFJzLMx0K6tj0NeeIzAaGCQz13oo2sCdeGRHO4aDh
<         HH6Qlq/6UOV5wP8+GAcCQFgRCcB+hrje8hfEEefHcFpyKH+5g1Eu1k0mLrxK2zd+
<         4SlotYRHgPCEubokb2S1zfZDWIXW3HmggnGgM949TlY=
<         -----END RSA PRIVATE KEY-----
<       verification_key: |
<         -----BEGIN PUBLIC KEY-----
<         MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFr+KICms+tuT1OXJwhCUmR2d
<         KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX
<         qHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug
<         spULZVNRxq7veq/fzwIDAQAB
<         -----END PUBLIC KEY-----
---
>       signing_key: <%= find("properties.uaa.jwt.signing_key").inspect %>
>       verification_key: <%= find("properties.uaa.jwt.verification_key").inspect %>
304c397
<       client_secret: "c1oudc0wc1oudc0w"
---
>       client_secret: <%= find("properties.uaa.cc.client_secret").inspect %>
306c399
<       client_secret: MeM5fER8evgEisjj
---
>       client_secret: <%= find("properties.uaa.admin.client_secret").inspect %>
308,309c401,402
<       username: do0H2AKay2jAc
<       password: FSCTiplI5Q83n
---
>       username: <%= find("properties.uaa.batch.username").inspect %>
>       password: <%= find("properties.uaa.batch.password").inspect %>
312a406
>         - vmc
320c414
<         id: login
---
>         override: true
323c417
<         secret: HZtd2FyZS5jb20iL
---
>         secret: <%= find("properties.uaa.clients.login.secret") %>
325c419
<         redirect-uri: http://login.<%= find("properties.domain") %>
---
>         redirect-uri: https://login.<%= find("properties.domain") %>
327,331c421,433
<         id: portal
<         scope: scim.write,scim.read,openid,cloud_controller.read,cloud_controller.write
<         authorities: scim.write,scim.read,openid,cloud_controller.read,cloud_controller.write,password.write,uaa.admin
<         secret: portalsecret
<         authorized-grant-types: authorization_code,client_credentials,password,implicit
---
>         override: true
>         scope: openid,cloud_controller.read,cloud_controller.write,password.write
>         authorities: scim.write,scim.read,cloud_controller.read,cloud_controller.write,password.write,uaa.admin,uaa.resource,cloud_controller.admin
>         secret: <%= find("properties.uaa.clients.portal.secret") %>
>         authorized-grant-types: authorization_code,client_credentials
>         access-token-validity: 1209600
>         refresh-token-validity: 1209600
>       billing:
>         override: true
>         scope: uaa.none
>         authorities: cloud_controller.read,cloud_controller.write,cloud_controller.admin,uaa.resource,scim.read,scim.write
>         secret: <%= find("properties.uaa.clients.billing.secret") %>
>         authorized-grant-types: client_credentials
333a436,443
>       app-direct:
>         override: true
>         authorities: app_direct_invoice.write
>         secret: <%= find("properties.uaa.clients.app-direct.secret") %>
>         authorized-grant-types: authorization_code,client_credentials,password,refresh_token,implicit
>         access-token-validity: 1209600
>         refresh-token-validity: 1209600
>         redirect-uri: http://console.<%= find("properties.domain") %>
336,337c446
<         secret: ssosecretsso
<         id: support-services
---
>         secret: <%= find("properties.uaa.clients.support-services.secret") %>
343,348c452
<       oauth2service:
<         secret: oauth2servicesecret
<         scope: openid,cloud_controller.read,cloud_controller.write
<         authorities: uaa.resource,oauth.service,clients.read,clients.write,clients.secret
<         authorized-grant-types: client_credentials,implicit
<         redirect-uri: http://rewritten-later.cloudfoundry.com/whatever
---
>       vmc:
350c454,456
<         autoapprove: true
---
>         authorized-grant-types: password,implicit
>         authorities: uaa.none
>         scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
352d457
<         id: cf
354c459
<         authorized-grant-types: password,implicit,refresh_token
---
>         authorized-grant-types: implicit,password,refresh_token
357,358d461
<         access-token-validity: 7200
<         refresh-token-validity: 1209600
360c463
<         secret: serivcesmgmtsecret
---
>         secret: <%= find("properties.uaa.clients.servicesmgmt.secret") %>
364d466
<         id: servicesmgmt
367a470,477
>       space-mail:
>         override: true
>         authorities: scim.read,scim.write,cloud_controller.admin
>         secret: <%= find("properties.uaa.clients.space-mail.secret") %>
>         authorized-grant-types: client_credentials
>         access-token-validity: 1209600
>         refresh-token-validity: 1209600
>
373d482
<
376,378c485,488
<     use_aws_cloudwatch: true
<     aws_access_key_id: <%= find('properties.template_only.aws.access_key_id') %>
<     aws_secret_access_key: <%= find('properties.template_only.aws.secret_access_key') %>
---
>     use_aws_cloudwatch: false
>     use_datadog: true
>     datadog_api_key: <%= find('properties.template_only.datadog.datadog_api_key') %>
>     datadog_application_key: <%= find('properties.template_only.datadog.datadog_application_key') %>
	2,9c2,31
	< <% # Add admin user with random password if it's not already there. -%>
	< <% # block is require to keep existing ccdb admin and services password, or make a unique one. -%>
	< <% users = find("properties").fetch("uaa", {}).fetch("scim", {}).fetch("users", []) \|\| [] -%>
	< <% admin_user = users.detect { \|u\| u.match("^admin\\\|") } -%>
	< <% services_user = users.detect { \|u\| u.match("^services\\\|") } -%>
	< <% users.unshift "admin\|#{random_string 12, :admin}\|scim.write,scim.read,openid,cloud_controller.admin" unless admin_user -%>
	< <% users << "services\|#{random_string 12, :services}\|scim.write,scim.read,openid,cloud_controller.admin" unless services_user -%>
	< <% services_userid, services_password = services_user.split("\\|")[0..1] if services_user -%>
	---
	> <%
	> # Add admin user with random password if it's not already there.
	> # block is require to keep existing ccdb admin and services password, or make a unique one.
	> users = find("properties").fetch("uaa", {}).fetch("scim", {}).fetch("users", []) \|\| []
	> admin_user = users.detect { \|u\| u.match("^admin\\\|") }
	> services_user = users.detect { \|u\| u.match("^services\\\|") }
	> users.unshift "admin\|#{random_string 12, :admin}\|scim.write,scim.read,openid,cloud_controller.admin" unless admin_user
	> users << "services\|#{random_string 12, :services}\|scim.write,scim.read,openid,cloud_controller.admin" unless services_user
	> services_userid, services_password = services_user.split("\\|")[0..1] if services_user
	>
	> def production?
	> find("name") == "cf-cfapps-io"
	> end
	>
	> ec2_memory = {
	> "m1.medium" => 3_840,
	> "m1.large" => 7_680,
	> "m2.2xlarge" => 35_020
	> }
	> ec2_disk = {
	> "m1.medium" => 390_000,
	> "m1.large" => 400_000,
	> "m2.2xlarge" => 800_000
	> }
	> -%>
	>
	> # ENV variables for Yeti:
	> # $ export SERVICE_BROKER_URL=http://service-broker.<%= find("properties.domain") %>
	> # $ export SERVICE_BROKER_TOKEN=broker-token
	>
	11a34
	>
	13c36
	< - name: cf-release
	---
	> - name: <%= find("releases")[0]["name"] %>
	17c40
	< workers: 3
	---
	> workers: 6
	28c51
	< max_in_flight: 4
	---
	> max_in_flight: 1
	51c74
	< - name: common
	---
	> - name: small
	53c76
	< size: 7
	---
	> size: 1
	59a83,100
	> - name: medium
	> network: cf1
	> size: 5
	> stemcell:
	> name: bosh-stemcell
	> version: latest
	> cloud_properties:
	> instance_type: m1.medium
	> availability_zone: <%= find('properties.template_only.aws.availability_zone') %>
	> - name: large
	> network: cf1
	> size: 4
	> stemcell:
	> name: bosh-stemcell
	> version: latest
	> cloud_properties:
	> instance_type: m1.medium
	> availability_zone: <%= find('properties.template_only.aws.availability_zone') %>
	62c103,107
	< size: 1
	---
	> <% if production? -%>
	> size: <%= find('resource_pools.dea.size') %>
	> <% else -%>
	> size: 8
	> <% end -%>
	66a112,114
	> <% if production? -%>
	> instance_type: <%= find('resource_pools.dea.cloud_properties.instance_type') %>
	> <% else -%>
	67a116
	> <% end -%>
	71c120
	< size: 1
	---
	> size: 2
	78a128,132
	> <% if production? -%>
	> <% find('resource_pools.router.cloud_properties.elbs').each do \|elb\| -%>
	> - <%= elb %>
	> <% end -%>
	> <% else -%>
	79a134
	> <% end -%>
	82,83d136
	< # ====================== BEGIN CF JOBS =========================
	<
	87c140
	< resource_pool: common
	---
	> resource_pool: medium
	92c145
	< - <%= ip( 0, 'cf1.static') %>
	---
	> - <%= ip(0, 'cf1.static') %>
	97c150
	< resource_pool: common
	---
	> resource_pool: medium
	101c154
	< - <%= ip( 1, 'cf1.static') %>
	---
	> - <%= ip(1, 'cf1.static') %>
	105,106c158,159
	< instances: 1
	< resource_pool: common
	---
	> instances: 2
	> resource_pool: large
	110c163,165
	< - <%= ip( 2, 'cf1.static') %>
	---
	> - <%= ip(2, 'cf1.static') %>
	> - <%= ip(7, 'cf1.static') %>
	>
	114,115c169,170
	< instances: 1
	< resource_pool: common
	---
	> instances: 2
	> resource_pool: medium
	121,122c176,177
	< instances: 1
	< resource_pool: common
	---
	> instances: 2
	> resource_pool: large
	126c181,182
	< - <%= ip( 3, 'cf1.static') %>
	---
	> - <%= ip(3, 'cf1.static') %>
	> - <%= ip(4, 'cf1.static') %>
	132c188
	< instances: 1
	---
	> instances: 2
	140c196,197
	< - <%= ip( 5, 'cf1.static') %>
	---
	> - <%= ip(5, 'cf1.static') %>
	> - <%= ip(6, 'cf1.static') %>
	142c199
	< - name: health_manager
	---
	> - name: health_manager
	145c202
	< resource_pool: common
	---
	> resource_pool: medium
	151c208,212
	< instances: 1
	---
	> <% if production? -%>
	> instances: <%= find('jobs.dea_next.instances') %>
	> <% else -%>
	> instances: 8
	> <% end -%>
	153,154d213
	< update:
	< max_in_flight: 8
	159a219,222
	> properties:
	> dea_next:
	> stacks:
	> - lucid64
	164c227
	< resource_pool: common
	---
	> resource_pool: small
	174c237
	< system_domain_organization: <%= find("properties").fetch("system_domain_organization", "''") %>
	---
	> system_domain_organization: <%= (find("properties").fetch("system_domain_organization", "") \|\| "").inspect %>
	180a244
	>
	186,187c250,251
	< user: nats
	< password: "c1oudc0wc1oudc0w"
	---
	> user: <%= find("properties.nats.user") %>
	> password: <%= find("properties.nats.password") %>
	190c254
	< authorization_timeout: 5 # AWS is slow, use longer timeout
	---
	> authorization_timeout: 5 # AWS is slow
	198c262,278
	< <%= find("properties.uaadb").to_yaml.split("\n")[1..-1].map{\|line\| " " * 4 + line}.join("\n").gsub(/\A\s{4}/, "") %>
	---
	> db_scheme: mysql
	> address: <%= find("properties.uaadb.address") %>
	> port: 3306
	> roles:
	> <% find("properties.uaadb.roles").each do \|role\| -%>
	> - tag: <%= role["tag"] %>
	> name: <%= role["name"] %>
	> password: <%= role["password"] %>
	> <% end -%>
	> databases:
	> <% find("properties.uaadb.databases").each do \|db\| -%>
	> - tag: <%= db["tag"] %>
	> name: <%= db["name"] %>
	> <% end -%>
	>
	>
	> cc_api_version: v2 # used by at least service-broker
	201c281
	< srv_api_uri: http://ccng.<%= find("properties.domain") %>
	---
	> srv_api_uri: https://ccng.<%= find("properties.domain") %>
	204c284
	< bulk_api_password: zbTuuLaap44jadlas2l312lk
	---
	> bulk_api_password: <%= find("properties.cc.bulk_api_password") %>
	206,207c286,288
	< staging_upload_user: zxsfhgjg
	< staging_upload_password: ZNVfdase9
	---
	> staging_upload_user: <%= find("properties.cc.staging_upload_user") %>
	> staging_upload_password: <%= find("properties.cc.staging_upload_password") %>
	> max_staging_runtime: 900
	230c311,326
	< db_encryption_key: "b9631492f433579"
	---
	> quota_definitions:
	> free:
	> memory_limit: 0
	> total_services: 0
	> paid:
	> memory_limit: 10240
	> total_services: -1
	> runaway:
	> memory_limit: 102400
	> total_services: -1
	> stacks:
	> - name: lucid64
	> description: "Ubuntu 10.04"
	> - name: lucid64custom
	> description: "Fake Ubuntu 10.04"
	> db_encryption_key: <%= find("properties.cc.db_encryption_key") %>
	238,239c334,335
	< user: sBNUxXlS0pc71wVef
	< password: 7nTmaIf9vPV4mJyBe
	---
	> user: <%= find("properties.router.status.user") %>
	> password: <%= find("properties.router.status.password") %>
	245,248c341,351
	< memory_mb: 7500
	< memory_overcommit_factor: 4
	< disk_mb: 16384
	< disk_overcommit_factor: 4
	---
	> <% if production? -%>
	> memory_mb: <%= ec2_memory.fetch("m2.2xlarge") - 2_048 %>
	> memory_overcommit_factor: 1
	> disk_mb: <%= ec2_disk.fetch("m2.2xlarge") %>
	> disk_overcommit_factor: 1
	> num_instances: 256
	> <% else -%>
	> memory_mb: <%= ec2_memory.fetch("m1.large") - 1_024 %>
	> memory_overcommit_factor: 1
	> disk_mb: <%= ec2_disk.fetch("m1.large") %>
	> disk_overcommit_factor: 2
	249a353
	> <% end -%>
	253c357
	< - 0.serialization-data-server.default.<%= find("name") %>.bosh
	---
	> - 169.254.1.1 # fake, unused but needed by ccng job
	257a362,371
	> log_email:
	> enabled: true
	> from_email: <%= find("properties.syslog_aggregator.log_email.from_email") %>
	> from_password: <%= find("properties.syslog_aggregator.log_email.from_password") %>
	> to_email:
	> - cfpi-backend@googlegroups.com
	> - cfpi-services@googlegroups.com
	> smtp_server: smtp.gmail.com
	> smtp_port: 587
	> smtp_domain: gmail.com
	259,260c373,374
	< serialization_data_server:
	< upload_token: 8f7COGvTlXT7l8IzAgOHxMXurBrG364k
	---
	> serialization_data_server: # fake, unused but needed by ccng job
	> upload_token: <%= find("properties.serialization_data_server.upload_token") %>
	268c382
	< protocol: http
	---
	> protocol: https
	270,272c384,386
	< home: http://console.<%= find("properties.domain") %>
	< passwd: http://console.<%= find("properties.domain") %>/password_resets/new
	< signup: http://console.<%= find("properties.domain") %>/register
	---
	> home: https://console.<%= find("properties.domain") %>
	> passwd: https://console.<%= find("properties.domain") %>/password_resets/new
	> signup: https://console.<%= find("properties.domain") %>/register
	276c390
	< url: http://uaa.<%= find("properties.domain") %>
	---
	> url: https://uaa.<%= find("properties.domain") %>
	278c392
	< no_ssl: true
	---
	> no_ssl: false
	280,302c394,395
	< signing_key: \|
	< -----BEGIN RSA PRIVATE KEY-----
	< MIICXAIBAAKBgQDHFr+KICms+tuT1OXJwhCUmR2dKVy7psa8xzElSyzqx7oJyfJ1
	< JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMXqHxf+ZH9BL1gk9Y6kCnbM5R6
	< 0gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBugspULZVNRxq7veq/fzwIDAQAB
	< AoGBAJ8dRTQFhIllbHx4GLbpTQsWXJ6w4hZvskJKCLM/o8R4n+0W45pQ1xEiYKdA
	< Z/DRcnjltylRImBD8XuLL8iYOQSZXNMb1h3g5/UGbUXLmCgQLOUUlnYt34QOQm+0
	< KvUqfMSFBbKMsYBAoQmNdTHBaz3dZa8ON9hh/f5TT8u0OWNRAkEA5opzsIXv+52J
	< duc1VGyX3SwlxiE2dStW8wZqGiuLH142n6MKnkLU4ctNLiclw6BZePXFZYIK+AkE
	< xQ+k16je5QJBAN0TIKMPWIbbHVr5rkdUqOyezlFFWYOwnMmw/BKa1d3zp54VP/P8
	< +5aQ2d4sMoKEOfdWH7UqMe3FszfYFvSu5KMCQFMYeFaaEEP7Jn8rGzfQ5HQd44ek
	< lQJqmq6CE2BXbY/i34FuvPcKU70HEEygY6Y9d8J3o6zQ0K9SYNu+pcXt4lkCQA3h
	< jJQQe5uEGJTExqed7jllQ0khFJzLMx0K6tj0NeeIzAaGCQz13oo2sCdeGRHO4aDh
	< HH6Qlq/6UOV5wP8+GAcCQFgRCcB+hrje8hfEEefHcFpyKH+5g1Eu1k0mLrxK2zd+
	< 4SlotYRHgPCEubokb2S1zfZDWIXW3HmggnGgM949TlY=
	< -----END RSA PRIVATE KEY-----
	< verification_key: \|
	< -----BEGIN PUBLIC KEY-----
	< MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFr+KICms+tuT1OXJwhCUmR2d
	< KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX
	< qHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug
	< spULZVNRxq7veq/fzwIDAQAB
	< -----END PUBLIC KEY-----
	---
	> signing_key: <%= find("properties.uaa.jwt.signing_key").inspect %>
	> verification_key: <%= find("properties.uaa.jwt.verification_key").inspect %>
	304c397
	< client_secret: "c1oudc0wc1oudc0w"
	---
	> client_secret: <%= find("properties.uaa.cc.client_secret").inspect %>
	306c399
	< client_secret: MeM5fER8evgEisjj
	---
	> client_secret: <%= find("properties.uaa.admin.client_secret").inspect %>
	308,309c401,402
	< username: do0H2AKay2jAc
	< password: FSCTiplI5Q83n
	---
	> username: <%= find("properties.uaa.batch.username").inspect %>
	> password: <%= find("properties.uaa.batch.password").inspect %>
	312a406
	> - vmc
	320c414
	< id: login
	---
	> override: true
	323c417
	< secret: HZtd2FyZS5jb20iL
	---
	> secret: <%= find("properties.uaa.clients.login.secret") %>
	325c419
	< redirect-uri: http://login.<%= find("properties.domain") %>
	---
	> redirect-uri: https://login.<%= find("properties.domain") %>
	327,331c421,433
	< id: portal
	< scope: scim.write,scim.read,openid,cloud_controller.read,cloud_controller.write
	< authorities: scim.write,scim.read,openid,cloud_controller.read,cloud_controller.write,password.write,uaa.admin
	< secret: portalsecret
	< authorized-grant-types: authorization_code,client_credentials,password,implicit
	---
	> override: true
	> scope: openid,cloud_controller.read,cloud_controller.write,password.write
	> authorities: scim.write,scim.read,cloud_controller.read,cloud_controller.write,password.write,uaa.admin,uaa.resource,cloud_controller.admin
	> secret: <%= find("properties.uaa.clients.portal.secret") %>
	> authorized-grant-types: authorization_code,client_credentials
	> access-token-validity: 1209600
	> refresh-token-validity: 1209600
	> billing:
	> override: true
	> scope: uaa.none
	> authorities: cloud_controller.read,cloud_controller.write,cloud_controller.admin,uaa.resource,scim.read,scim.write
	> secret: <%= find("properties.uaa.clients.billing.secret") %>
	> authorized-grant-types: client_credentials
	333a436,443
	> app-direct:
	> override: true
	> authorities: app_direct_invoice.write
	> secret: <%= find("properties.uaa.clients.app-direct.secret") %>
	> authorized-grant-types: authorization_code,client_credentials,password,refresh_token,implicit
	> access-token-validity: 1209600
	> refresh-token-validity: 1209600
	> redirect-uri: http://console.<%= find("properties.domain") %>
	336,337c446
	< secret: ssosecretsso
	< id: support-services
	---
	> secret: <%= find("properties.uaa.clients.support-services.secret") %>
	343,348c452
	< oauth2service:
	< secret: oauth2servicesecret
	< scope: openid,cloud_controller.read,cloud_controller.write
	< authorities: uaa.resource,oauth.service,clients.read,clients.write,clients.secret
	< authorized-grant-types: client_credentials,implicit
	< redirect-uri: http://rewritten-later.cloudfoundry.com/whatever
	---
	> vmc:
	350c454,456
	< autoapprove: true
	---
	> authorized-grant-types: password,implicit
	> authorities: uaa.none
	> scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
	352d457
	< id: cf
	354c459
	< authorized-grant-types: password,implicit,refresh_token
	---
	> authorized-grant-types: implicit,password,refresh_token
	357,358d461
	< access-token-validity: 7200
	< refresh-token-validity: 1209600
	360c463
	< secret: serivcesmgmtsecret
	---
	> secret: <%= find("properties.uaa.clients.servicesmgmt.secret") %>
	364d466
	< id: servicesmgmt
	367a470,477
	> space-mail:
	> override: true
	> authorities: scim.read,scim.write,cloud_controller.admin
	> secret: <%= find("properties.uaa.clients.space-mail.secret") %>
	> authorized-grant-types: client_credentials
	> access-token-validity: 1209600
	> refresh-token-validity: 1209600
	>
	373d482
	<
	376,378c485,488
	< use_aws_cloudwatch: true
	< aws_access_key_id: <%= find('properties.template_only.aws.access_key_id') %>
	< aws_secret_access_key: <%= find('properties.template_only.aws.secret_access_key') %>
	---
	> use_aws_cloudwatch: false
	> use_datadog: true
	> datadog_api_key: <%= find('properties.template_only.datadog.datadog_api_key') %>
	> datadog_application_key: <%= find('properties.template_only.datadog.datadog_application_key') %>
No results found