1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265
|
# A sample goiardi config file, with nonsense entries to get the point across
# IP address to listen on. Set to "0.0.0.0" to listen on all interfaces
ipaddress = "127.0.0.2"
# TCP port to listen on
port = 4646
# Hostname goiardi should use. Used for sending links to resources back to the
# client
hostname = "moomernoo.local"
# Where to send log data instead of stdout
log-file = "/tmp/goiardi.log"
# Or log to syslog. log-file, syslog, or neither can be used, but you cannot use
# both.
syslog = false
# Log level. Options are "debug", "info", "warning", "error", "critical", and
# "fatal". May be specified on the command line with one or more -V flags.
log-level = "error"
# If these two options are both set, goiardi will save the data store and index
# data to disk. It will cause an error to only set one of the options, unless
# you are using MySQL or Postgres as your data store backend. In that case,
# do not set data-file. Furthermore, if you are running postgres and using the
# postgres-backed search instead of the default ersatz trie-based Solr search,
# goiardi will print a non-fatal message warning you that setting index-file is
# not very useful in that case.
index-file = "/tmp/goiardi-index.bin"
data-file = "/tmp/goiardi-data.bin"
# How often to save the index and data files from the background. Not
# particularly useful without setting index-file and data-file
freeze-interval = 120
# Use the faster, but less safe, old method of storing data in the in-memory data
# store with pointers, rather than encoding the data with gob and giving a new
# copy of the object to each requestor. If this is enabled goiardi will run
# faster in in-memory mode, but one goroutine could change an object while it's
# being used by another. Has no effect when using an SQL backend.
# use-unsafe-mem-store = false
# Time slew: the time difference allowed between the server's clock and the time
# in the X-Ops-Timestamp header. Formatted like 5m, 150s, etc. Defaults to 15m.
time-slew = "15m"
# Conf root: root directory for configs and certificates. Default: the directory
# the config file is in, or the current directory if no config file is setl
# conf-root = "/etc/goiardi"
# Use auth: Use authentication? If this is set to true, clients will have to
# be created on the server and have proper keys (which is the normal chef-server
# behavior). If it is not set, no authentication checks are performed. This is
# how chef-zero behaves, and goiardi's only mode previously. Defaults to false.
use-auth = true
# Use SSL: Use SSL for connections to the server. Defaults to false. If set to
# true, ssl-cert and ssl-key must be set. If the port is set to 80, this will
# be forced to false. If port is set to 443, it will be forced to true.
use-ssl = false
# SSL certificate file. If a relative path, it will be set relative to
# conf-root.
# ssl-cert="/path/to/goiardi/conf/cert.pem"
# SSL key file. If a relative path, it will be set relative to conf-root.
# ssl-key="/path/to/goiardi/conf/key.pem"
# HTTPS urls: If true, URLs generated by the server will use 'https://'. Useful
# when goiardi is sitting behind a reverse proxy that uses SSL, but is
# communicating with the proxy over HTTP.
https-urls = false
# Proxy hostname and proxy port: If goiardi is sitting behind a reverse proxy
# that's listening on a different host or port than goiardi itself is using,
# set these to the values the proxy is using so URLs are properly crafted.
# proxy-hostname = "nginx.frontend.chef"
# proxy-port = 80
# Disable webui: If true, connections and logins from the webui interface will
# not be allowed.
disable-webui = false
# Log events. Keep track of changes to chef objects by logging events that
# change them. They are accessible through the /events endpoint.
log-events = true
# How many log events to keep. If set, will periodically purge logged events to
# keep the number of events stored to this number.
# log-event-keep = 1000
# Skip logging extended object information in the event log.
# skip-log-extended = false
# Purge old reports after this period. Specified in golang's duration format
# (like, "720h15m30s").
# purge-reports-after = "720h"
# Purge old node statuses after this period of time. Like the above, specified
# in the golang time format.
# purge-status-after = "720h"
# Purge old sandboxes after they've been around for this period of time. By
# default, they are purged after one week.
# purge-sandboxes-after = "168h"
# Maximum object size in bytes for the file store. Default 10485760 bytes
# (10MB).
# obj-max-size = 10485760
# Maximum size for a JSON request from the client. Default is 1000000.
#json-req-max-size = 1000000
# Use the faster, but less safe, old method of storing data in the in-memory
# data store with pointers, rather than encoding the data with gob and giving a
# new copy of the object to each requestor. If this is enabled goiardi will run
# faster in in-memory mode, but one goroutine could change an object while it's
# being used by another. Has no effect when using an SQL backend.
# use-unsafe-mem-store = false
# Number of idle db connections to maintain. Default is 0 - no idle connections
# retained.
# db-pool-size = 25
# Maximum number of connections allowed for the database. Default is 0 -
# unlimited.
# max-connections = 50
# Have goiardi send and receive events and queries from a serf cluster. Required
# for shovey
# use-serf = true
# Announce logged events over serf, as serf user events. If enabled, something
# needs to be reading the events from the queue, otherwise they'll pile up in
# the serf event queue and eventually make it so new events can't be added.
# serf-event-announce = false
# IP address and port for RPC connection with a serf agent. Defaults to
# 127.0.0.1:7373
# serf-addr = "127.0.0.1:7373"
# Enable using shovey for sending jobs to nodes. Requires use-serf.
# use-shovey = true
# Path to RSA private key used to sign shovey requests.
# sign-priv-key = "/path/to/shovey.key"
# Local directory for storing cookbook files on the filesystem. Optional in
# in-memory mode (standard behavior is to keep the files in memory), and
# mandatory for SQL mode (unless using S3 uploads).
# local-filestore-dir = "/var/goiardi/file_checksums"
# Postgres and advanced search options
# dot-search = false # set to true to use . instead of _ to separate path items
# # in the search key paths. Always true if pg-search is
# # true.
# convert-search = true # Set to false to not convert searches with the old
# # underscore separator to dots. Recommended to be set to
# # true, at least for now. Only meaningful if dot-search
# # is also true.
# pg-search = false # Use the postgres search backend instead of the default
# # in-memory search index. Not surprisingly, this requires
# # using Postgres for the storage backend.
# Statsd options
# With this, you can send some metrics about goiardi to statsd, which can in
# turn be sent on to graphite or similar and, when used with something like
# grafana, can be visualized or if used with something like bosun you could set
# alerts on it, like if the number of chef-client runs that fail suddenly jumps
# dramatically.
#
# use-statsd = false
# statsd-addr = "127.0.0.1:8125"
# statsd-type = "standard" # can also be "datadog", for their statsd format
# stastd-instance = "my_goiardi_server" # should be the hostname. "." will
# # automatically be converted to "_".
# MySQL options. If "use-mysql" is true on the command line or in the
# configuration file, connect to mysql with the options in [mysql]. All of the
# MySQL options must be strings.
use-mysql = false
[mysql]
username = "foo" # technically optional, although you probably want it
password = "s3kr1t" # optional, if you have no password set for MySQL
protocol = "tcp" # optional, but set to "unix" for connecting to MySQL
# through a Unix socket.
address = "localhost"
port = "3306" # optional, defaults to 3306. Not used with sockets.
dbname = "goiardi_test"
# See https://github.com/go-sql-driver/mysql#parameters for an
# explanation of available parameters
#[mysql.extra_params]
# tls = "false"
# foo = "bar"
# Environment variables - if, for some reason, you need to pass environment
# variables to goiardi but can't easily do so in the usual way, you can do so
# here.
# env-vars = [
# "FOO=bar",
# "BAZ=blugh",
# "AWS_THINGY=sos3kr1t"
# ]
# Amazon S3 uploads
#
# Settings for S3, if using S3 (or a compatible service) to store uploaded
# cookbooks.
#
## Whether to use s3 uploads
# use-s3-upload = true
#
## AWS region to use
# aws-region = "us-west"
#
## Disable SSL with s3. Mostly for testing with fakes3 or somesuch.
# aws-disable-ssl = false
#
## S3 endpoint. Again, mostly for testing with fakes3 or similar.
# s3-endpoint = "s3.amazonaws.com"
#
## Length of time, in minutes, for URLs generated to upload or download files
## to/from S3 to remain valid. Default is 15 minutes.
# s3-file-period = 15
## vault settings
##
## For goiardis compiled with the appropriate support, you can store secrets
## like passwords and signing keys in vault. See the docs for configuration.
##
# use-external-secrets = false
# vault-addr =
# vault-shovey-key = keys/shovey/signing
# index-val-trim
# If set to a value greater than 0, values being indexed for chef search will be
# truncated at this number of characters to help keep memory usage sane and/or
# keep table size a little bit more reasonable. (Probably should make it a
# reasonably long length where the values indexed are likely to be meaningful,
# but not so long that there's no memory savings. Keys are left untouched.
#
# NB: At this time, if no value for this flag is set nothing will be trimmed.
# *This will change* to a reasonable default with the next major release. After
# that, you'll need to explicitly set a value to disable trimming values to be
# indexed.
index-val-trim = 0
use-postgresql = false
# PostgreSQL options. If "use-postgres" is set to true on the command line or in
# the configuration file, connect to postgres with the options in [postgres].
# These options are all strings. See
# http://godoc.org/github.com/lib/pq#hdr-Connection_String_Parameters for details
# on the connection parameters. All of these parameters are technically optional,
# although chances are pretty good that you'd want to set at least some of them.
[postgresql]
username = "foo"
password = "s3kr1t"
host = "localhost"
port = "5432"
dbname = "mydb"
sslmode = "disable"
|