diff options
Diffstat (limited to 'base/deploy/etc/default.cfg')
-rw-r--r-- | base/deploy/etc/default.cfg | 74 |
1 files changed, 72 insertions, 2 deletions
diff --git a/base/deploy/etc/default.cfg b/base/deploy/etc/default.cfg index f665bb829..56686c080 100644 --- a/base/deploy/etc/default.cfg +++ b/base/deploy/etc/default.cfg @@ -57,12 +57,12 @@ destroy_scriplets= # case someone wants to override them in their config file. # # Tomcat instances: -# pki_subsystem_name=pki_tomcat +# pki_instance_name=pki_tomcat # pki_https_port=8443 # pki_http_port=8080 # # Apache instances: -# pki_subsystem_name=pki_tomcat +# pki_instance_name=pki_tomcat # pki_https_port=443 # pki_http_port=80 @@ -113,6 +113,16 @@ pki_token_name=internal pki_token_password= pki_user=pkiuser +# Paths: +# These are used in the processing of pkispawn and are not supposed +# to be overwritten by user configuration files. +# +pki_source_conf_path=/usr/share/pki/%{pki_subsystem_type}/conf +pki_source_setup_path=/usr/share/pki/setup +pki_source_server_path=/usr/share/pki/server/conf +pki_source_cs_cfg=/usr/share/pki/%{pki_subsystem_type}/conf/CS.cfg +pki_source_registry=/usr/share/pki/setup/pkidaemon_registry + ############################################################################### ## Apache Configuration: ## ## ## @@ -122,6 +132,19 @@ pki_user=pkiuser ############################################################################### [Apache] +# Paths +# These are used in the processing of pkispawn and are not supposed +# to be overwritten by user configuration files. +# +pki_systemd_service=/lib/systemd/system/pki-apached@.service +pki_systemd_target=/lib/systemd/system/pki-apached.target +pki_systemd_target_wants=/etc/systemd/system/pki-apached.target.wants +pki_systemd_service_link=%(pki_systemd_target_wants)s/pki-apached@%(pki_instance_name)s.service +pki_cgroup_systemd_service_path=/sys/fs/cgroup/systemd/system/%(pki_systemd_service)s +pki_cgroup_systemd_service=%(pki_cgroup_systemd_service_path)s/%(pki_instance_name)s +pki_cgroup_cpu_systemd_service_path=/sys/fs/cgroup/cpu\,cpuacct/system/%(pki_systemd_service)s +pki_cgroup_cpu_systemd_service=%(pki_cgroup_cpu_systemd_service_path)s/%(pki_systemd_service)s + ############################################################################### ## Tomcat Configuration: ## ## ## @@ -154,6 +177,28 @@ pki_proxy_https_port=443 pki_security_manager=true pki_tomcat_server_port=8005 +# Paths +# These are used in the processing of pkispawn and are not supposed +# to be overwritten by user configuration files. +# +pki_systemd_service=/lib/systemd/system/pki-tomcatd@.service +pki_systemd_target=/lib/systemd/system/pki-tomcatd.target +pki_systemd_target_wants=/etc/systemd/system/pki-tomcatd.target.wants +pki_systemd_service_link=%(pki_systemd_target_wants)s/pki-tomcatd@%(pki_instance_name)s.service +pki_cgroup_systemd_service_path=/sys/fs/cgroup/systemd/system/%(pki_systemd_service)s +pki_cgroup_systemd_service=%(pki_cgroup_systemd_service_path)s/%(pki_instance_name)s +pki_cgroup_cpu_systemd_service_path=/sys/fs/cgroup/cpu\,cpuacct/system/%(pki_systemd_service)s +pki_cgroup_cpu_systemd_service=%(pki_cgroup_cpu_systemd_service_path)s/%(pki_systemd_service)s +pki_tomcat_bin_path=/usr/share/tomcat/bin +pki_tomcat_lib_path=/usr/share/tomcat/lib +pki_tomcat_systemd=/usr/sbin/tomcat-sysd +pki_source_catalina_properties=%(pki_source_server_path)s/catalina.properties +pki_source_servercertnick_conf=%(pki_source_server_path)s/serverCertNick.conf +pki_source_server_xml=%(pki_source_server_path)s/server.xml +pki_source_context_xml=%(pki_source_server_path)s/context.xml +pki_source_tomcat_conf=%(pki_source_server_path)s/tomcat.conf + + ############################################################################### ## CA Configuration: ## ## ## @@ -206,6 +251,22 @@ pki_subsystem_name=CA %(pki_hostname)s %(pki_https_port)s pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s CA pki_subsystem_subject_dn=cn=CA Subsystem Certificate,o=%(pki_security_domain_name)s +# Paths +# These are used in the processing of pkispawn and are not supposed +# to be overwritten by user configuration files. +# +pki_source_emails=/usr/share/pki/ca/emails +pki_source_flatfile_txt=%(pki_source_conf_path)s/flatfile.txt +pki_source_profiles=/usr/share/pki/ca/profiles +pki_source_proxy_conf=%(pki_source_conf_path)s/proxy.conf +pki_source_registry_cfg=%(pki_source_conf_path)s/registry.cfg +pki_source_admincert_profile=%(pki_source_conf_path)s/adminCert.profile +pki_source_caauditsigningcert_profile=%(pki_source_conf_path)s/caAuditSigningCert.profile +pki_source_cacert_profile=%(pki_source_conf_path)s/caCert.profile +pki_source_caocspcert_profile=%(pki_source_conf_path)s/caOCSPCert.profile +pki_source_servercert_profile=%(pki_source_conf_path)s/serverCert.profile +pki_source_subsystemcert_profile=%(pki_source_conf_path)s/subsystemCert.profile + ############################################################################### ## KRA Configuration: ## @@ -244,6 +305,15 @@ pki_subsystem_name=KRA %(pki_hostname)s %(pki_https_port)s pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s KRA pki_subsystem_subject_dn=cn=KRA Subsystem Certificate,o=%(pki_security_domain_name)s +# Paths +# These are used in the processing of pkispawn and are not supposed +# to be overwritten by user configuration files. +# +pki_source_servercert_profile=%(pki_source_conf_path)s/serverCert.profile +pki_source_storagecert_profile=%(pki_source_conf_path)s/storageCert.profile +pki_source_subsystemcert_profile=%(pki_source_conf_path)s/subsystemCert.profile +pki_source_transportcert_profile=%(pki_source_conf_path)s/transportCert.profile + ############################################################################### ## OCSP Configuration: ## ## ## |