I hereby claim:
- I am calebwashburn on github.
- I am cwashburn (https://keybase.io/cwashburn) on keybase.
- I have a public key ASAOk0KIfME_FwIoqeZV16tUSEtfAOfnNaOmGsFu9cDnWwo
To claim this, I am signing this object:
vm_types: | |
- name: nano | |
cloud_properties: | |
ram: 512 | |
cpu: 1 | |
disk: 8192 | |
- name: micro | |
cloud_properties: | |
ram: 1024 | |
cpu: 1 |
I hereby claim:
To claim this, I am signing this object:
--- | |
name: concourse | |
releases: | |
- name: concourse | |
version: ((concourse_version)) | |
sha1: ((concourse_sha1)) | |
url: https://bosh.io/d/github.com/concourse/concourse?v=((concourse_version)) | |
- name: garden-runc | |
version: ((garden_runc_version)) |
#!/bin/bash -e | |
map_group() { | |
token=$1 | |
group=$2 | |
uaa_host=$3 | |
dn='ou=acme,ou=groups,dc=company,dc=net' | |
curl -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -d "{\"displayName\":\"$group\"}" ${uaa_host}/Groups > /dev/null | |
curl -k -H "Authorization: Bearer $token" -H "Content-Type: application/json" -d "{\"displayName\":\"$group\",\"externalGroup\":\"cn=$group,$dn\",\"origin\":\"ldap\"}" ${uaa_host}/Groups/External > /dev/null |
--- | |
name: concourse | |
releases: | |
- name: concourse | |
- name: garden-runc | |
- name: postgres | |
- name: uaa | |
- name: credhub |
--- | |
- type: replace | |
path: /variables?/- | |
value: | |
name: postgres_password | |
type: password | |
- type: replace | |
path: /variables?/- | |
value: | |
name: token_signing_key |
instance_groups: | |
- azs: | |
- ((az_name)) | |
instances: 1 | |
jobs: | |
- name: postgres | |
properties: | |
databases: | |
databases: | |
- name: atc |
uaac client add -i | |
Client ID: NEW_CLIENT_NAME | |
New client secret: DESIRED_PASSWORD | |
Verify new client secret: DESIRED_PASSWORD | |
scope (list): opsman.admin | |
authorized grant types (list): client_credentials | |
authorities (list): opsman.admin | |
access token validity (seconds): 43200 | |
refresh token validity (seconds): 43200 | |
redirect uri (list): |
--- | |
- type: replace | |
path: /instance_groups/name=web/jobs/name=atc/properties/credhub? | |
value: | |
client_id: concourse_to_credhub | |
client_secret: ((concourse_to_credhub_secret)) | |
tls: | |
ca_cert: | |
certificate: ((atc_tls.ca)) | |
url: https://((concourse_host_name)):8844 |
##### Commands to generate SSL certs/artifcts | |
# Download the temp.cnf file using the wget command below | |
# Edit temp.cnf and add your information | |
# Run the uncommented out commands to generate a self-signed cert (cert.pem) and private key (keyfile.pem) | |
wget https://gist.githubusercontent.com/dwallraff/c1ed31291ac7cf19304b/raw/e06feacbb85ac63659e6c1c40c70d5481522b390/temp.cnf | |
# Generate a new keyfile. A 2048 bit key size is TOTALLY fine. Jack it up to 4096 and wait if you must... | |
openssl genrsa -out keyfile.key 2048 |