Last active
April 6, 2018 14:48
-
-
Save calebwashburn/7b469942844a51d331f563ae27a2c7bd to your computer and use it in GitHub Desktop.
concourse-3.10-credhub
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| instance_groups: | |
| - azs: | |
| - ((az_name)) | |
| instances: 1 | |
| jobs: | |
| - name: postgres | |
| properties: | |
| databases: | |
| databases: | |
| - name: atc | |
| - name: credhub | |
| - name: uaa | |
| port: 5432 | |
| roles: | |
| - name: concourse | |
| password: ((postgres_password)) | |
| - name: credhub | |
| password: ((credhub-db-password)) | |
| - name: uaa | |
| password: ((uaa-db-password)) | |
| release: postgres | |
| name: db | |
| networks: | |
| - name: ((network_name)) | |
| static_ips: | |
| - ((concourse_db_ip)) | |
| persistent_disk_type: ((db_persistent_disk_type)) | |
| stemcell: trusty | |
| vm_type: ((db_vm_type)) | |
| - azs: | |
| - ((az_name)) | |
| instances: ((web_instances)) | |
| jobs: | |
| - name: atc | |
| properties: | |
| basic_auth_password: ((atc_basic_auth.password)) | |
| basic_auth_username: ((atc_basic_auth.username)) | |
| credhub: | |
| client_id: concourse_to_credhub | |
| client_secret: ((concourse_to_credhub_secret)) | |
| tls: | |
| ca_cert: | |
| certificate: ((credhub-tls.ca)) | |
| url: https://((concourse_fqdn)):8844 | |
| external_url: https://((concourse_fqdn)) | |
| postgresql: | |
| database: atc | |
| role: | |
| name: concourse | |
| password: ((postgres_password)) | |
| tls_bind_port: 443 | |
| tls_cert: ((atc_tls.certificate)) | |
| tls_key: ((atc_tls.private_key)) | |
| token_signing_key: ((token_signing_key)) | |
| release: concourse | |
| - name: tsa | |
| properties: | |
| authorized_keys: | |
| - ((worker_key.public_key)) | |
| host_key: ((tsa_host_key)) | |
| token_signing_key: ((token_signing_key)) | |
| release: concourse | |
| - name: credhub | |
| properties: | |
| credhub: | |
| authentication: | |
| uaa: | |
| ca_certs: | |
| - ((credhub-tls.ca)) | |
| url: https://((concourse_fqdn)):8443 | |
| verification_key: ((uaa-jwt.public_key)) | |
| data_storage: | |
| database: credhub | |
| host: ((concourse_db_ip)) | |
| password: ((credhub-db-password)) | |
| port: 5432 | |
| require_tls: false | |
| type: postgres | |
| username: credhub | |
| encryption: | |
| keys: | |
| - active: true | |
| encryption_password: ((credhub-encryption-password)) | |
| provider_name: int | |
| providers: | |
| - name: int | |
| type: internal | |
| port: 8844 | |
| tls: ((credhub-tls)) | |
| release: credhub | |
| - name: uaa | |
| properties: | |
| login: | |
| saml: | |
| serviceProviderCertificate: ((credhub-tls.certificate)) | |
| serviceProviderKey: ((credhub-tls.private_key)) | |
| serviceProviderKeyPassword: "" | |
| uaa: | |
| admin: | |
| client_secret: ((uaa-admin)) | |
| clients: | |
| concourse_to_credhub: | |
| access-token-validity: 1200 | |
| authorities: credhub.read,credhub.write | |
| authorized-grant-types: client_credentials | |
| override: true | |
| refresh-token-validity: 3600 | |
| scope: "" | |
| secret: ((concourse_to_credhub_secret)) | |
| credhub_cli: | |
| access-token-validity: 1200 | |
| authorities: uaa.resource | |
| authorized-grant-types: password,refresh_token | |
| override: true | |
| refresh-token-validity: 3600 | |
| scope: credhub.read,credhub.write | |
| secret: "" | |
| jwt: | |
| policy: | |
| active_key_id: key-1 | |
| keys: | |
| key-1: | |
| signingKey: ((uaa-jwt.private_key)) | |
| revocable: true | |
| login: | |
| client_secret: ((uaa-login)) | |
| port: -1 | |
| scim: | |
| users: | |
| - groups: | |
| - scim.write | |
| - scim.read | |
| - bosh.admin | |
| - credhub.read | |
| - credhub.write | |
| name: admin | |
| password: ((uaa-users-admin)) | |
| sslCertificate: ((credhub-tls.certificate)) | |
| sslPrivateKey: ((credhub-tls.private_key)) | |
| url: https://((concourse_fqdn)):8443 | |
| zones: | |
| internal: | |
| hostnames: [] | |
| uaadb: | |
| address: ((concourse_db_ip)) | |
| databases: | |
| - name: uaa | |
| tag: uaa | |
| db_scheme: postgresql | |
| port: 5432 | |
| roles: | |
| - name: uaa | |
| password: ((uaa-db-password)) | |
| tag: admin | |
| release: uaa | |
| name: web | |
| networks: | |
| - name: ((network_name)) | |
| static_ips: | |
| - ((web_static_ips)) | |
| stemcell: trusty | |
| vm_type: ((web_vm_type)) | |
| - azs: | |
| - ((az_name)) | |
| instances: ((worker_instances)) | |
| jobs: | |
| - consumes: | |
| baggageclaim: | |
| from: worker-baggageclaim | |
| name: worker | |
| properties: | |
| drain_timeout: 10m | |
| http_proxy_url: ((proxy_url)) | |
| https_proxy_url: ((proxy_url)) | |
| no_proxy: ((no_proxy)) | |
| tsa: | |
| worker_key: ((worker_key)) | |
| release: concourse | |
| - name: baggageclaim | |
| properties: {} | |
| provides: | |
| baggageclaim: | |
| as: worker-baggageclaim | |
| release: concourse | |
| - name: garden | |
| properties: | |
| garden: | |
| listen_address: 0.0.0.0:7777 | |
| listen_network: tcp | |
| release: garden-runc | |
| name: worker | |
| networks: | |
| - name: ((network_name)) | |
| stemcell: trusty | |
| vm_type: ((worker_vm_type)) | |
| name: concourse | |
| releases: | |
| - name: concourse | |
| version: latest | |
| - name: garden-runc | |
| version: latest | |
| - name: postgres | |
| version: latest | |
| - name: uaa | |
| version: latest | |
| - name: credhub | |
| version: latest | |
| stemcells: | |
| - alias: trusty | |
| os: ubuntu-trusty | |
| version: latest | |
| update: | |
| canaries: 1 | |
| canary_watch_time: 30000-1200000 | |
| max_in_flight: 3 | |
| serial: false | |
| update_watch_time: 5000-1200000 | |
| variables: | |
| - name: postgres_password | |
| type: password | |
| - name: token_signing_key | |
| type: rsa | |
| - name: tsa_host_key | |
| type: ssh | |
| - name: worker_key | |
| type: ssh | |
| - name: concourse_ca | |
| options: | |
| common_name: ((concourse_fqdn)) | |
| is_ca: true | |
| type: certificate | |
| - name: atc_tls | |
| options: | |
| alternative_names: | |
| - ((concourse_fqdn)) | |
| - 127.0.0.1 | |
| ca: concourse_ca | |
| common_name: ((concourse_fqdn)) | |
| type: certificate | |
| - name: atc-db-password | |
| type: password | |
| - name: credhub-encryption-password | |
| options: | |
| length: 40 | |
| type: password | |
| - name: credhub-db-password | |
| type: password | |
| - name: uaa-jwt | |
| options: | |
| key_length: 4096 | |
| type: rsa | |
| - name: uaa-users-admin | |
| type: password | |
| - name: uaa-admin | |
| type: password | |
| - name: uaa-login | |
| type: password | |
| - name: uaa-credhub-admin | |
| type: password | |
| - name: uaa-db-admin | |
| type: password | |
| - name: uaa-db-password | |
| type: password | |
| - name: concourse_to_credhub_secret | |
| type: password | |
| - name: credhub_cli_password | |
| type: password | |
| - name: concourse_client_secret | |
| type: password | |
| - name: main-team-password | |
| type: password | |
| - name: credhub-ca | |
| options: | |
| common_name: Credhub CA | |
| is_ca: true | |
| type: certificate | |
| - name: credhub-tls | |
| options: | |
| alternative_names: | |
| - ((concourse_fqdn)) | |
| - 127.0.0.1 | |
| ca: credhub-ca | |
| common_name: ((concourse_fqdn)) | |
| type: certificate | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment