eid-ops/eidas-node/overlay/etc/eidas-connector/eidas-connector.conf

#!/usr/bin/env bash

#
# Template for eIDAS Connector configuration
# Script within docker container reads from /etc/eidas-connector/env/ - So make sure to have a volume mount.
#

#
# Logging settings
#

# Logback log levels
#   There must be a Docker volume mounted to the /etc/eidas-connector directory.
export IDP_LOG_SETTINGS_FILE=/etc/eidas-connector/loglevels.xml

# Process logs go to stdout
export IDP_LOG_CONSOLE=true

# Syslog (for Audit and F-TICKS)
export IDP_SYSLOG_HOST=syslog.nordu.net
export IDP_SYSLOG_PORT=514

# F-TICKS and Audit
export IDP_FTICKS_FEDERATION_ID=eIDAS

# Different formats -> different facilities (?)
export IDP_FTICKS_SYSLOG_FACILITY=AUTHPRIV
export IDP_AUDIT_SYSLOG_FACILITY=AUTH


# JVM settings
export JVM_MAX_HEAP=1536m
export JVM_START_HEA=512m

export IDP_TLS_TRUSTED_CERTS=/etc/ssl/certs/infra.crt

export IDP_CREDENTIALS=/etc/eidas-connector/credentials/idp
export IDP_SEALER_STORE_RESOURCE=$IDP_CREDENTIALS/sealer.jks
export IDP_SEALER_VERSION_RESOURCES=$IDP_CREDENTIALS/sealer.kver
export IDP_SIGNING_KEY=$IDP_CREDENTIALS/idp-signing.key
export IDP_SIGNING_CERT=$IDP_CREDENTIALS/idp-signing.crt
export IDP_ENCRYPTION_KEY=$IDP_CREDENTIALS/idp-encryption.key
export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/idp-encryption.crt
export IDP_METADATA_SIGNING_KEY=$IDP_CREDENTIALS/metadata-signing.key
export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/metadata-signing.crt

export SP_CREDENTIALS=/etc/eidas-connector/credentials/sp
export SP_SIGNING_KEY=$SP_CREDENTIALS/sp-signing.key
export SP_SIGNING_CERT=$SP_CREDENTIALS/sp-signing.crt
export SP_ENCRYPTION_KEY=$SP_CREDENTIALS/sp-encryption.key
export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/sp-encryption.crt
export SP_METADATA_SIGNING_KEY=$SP_CREDENTIALS/metadata-signing.key
export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/metadata-signing.crt

# Tomcat settings
export TOMCAT_CREDENTIALS=/etc/eidas-connector/credentials/tomcat
export TOMCAT_TLS_SERVER_KEY=$TOCMAT_CREDENTIALS/tomcat-key.pem
export TOMCAT_TLS_SERVER_CERTIFICATE=$TOMCAT_CREDENTIALS/tomcat-cert.pem
export TOMCAT_TLS_SERVER_CERTIFICATE_CHAIN=$TOMCAT_CREDENTIALS/tomcat-chain.pem
connector template config 2017-10-27 14:07:36 +02:00			`#!/usr/bin/env bash`

			`#`
			`# Template for eIDAS Connector configuration`
			`# Script within docker container reads from /etc/eidas-connector/env/ - So make sure to have a volume mount.`
			`#`

			`#`
			`# Logging settings`
			`#`

			`# Logback log levels`
			`# There must be a Docker volume mounted to the /etc/eidas-connector directory.`
switch to using config file 2017-12-11 13:22:29 +01:00			`export IDP_LOG_SETTINGS_FILE=/etc/eidas-connector/loglevels.xml`
connector template config 2017-10-27 14:07:36 +02:00
			`# Process logs go to stdout`
switch to using config file 2017-12-11 13:22:29 +01:00			`export IDP_LOG_CONSOLE=true`
connector template config 2017-10-27 14:07:36 +02:00
			`# Syslog (for Audit and F-TICKS)`
switch to using config file 2017-12-11 13:22:29 +01:00			`export IDP_SYSLOG_HOST=syslog.nordu.net`
			`export IDP_SYSLOG_PORT=514`
connector template config 2017-10-27 14:07:36 +02:00
			`# F-TICKS and Audit`
switch to using config file 2017-12-11 13:22:29 +01:00			`export IDP_FTICKS_FEDERATION_ID=eIDAS`
connector template config 2017-10-27 14:07:36 +02:00
			`# Different formats -> different facilities (?)`
switch to using config file 2017-12-11 13:22:29 +01:00			`export IDP_FTICKS_SYSLOG_FACILITY=AUTHPRIV`
			`export IDP_AUDIT_SYSLOG_FACILITY=AUTH`
connector template config 2017-10-27 14:07:36 +02:00

			`# JVM settings`
switch to using config file 2017-12-11 13:22:29 +01:00			`export JVM_MAX_HEAP=1536m`
			`export JVM_START_HEA=512m`

			`export IDP_TLS_TRUSTED_CERTS=/etc/ssl/certs/infra.crt`
prep for 1.0.6 2017-11-23 21:28:14 +01:00
correct defaults 2017-12-11 14:25:51 +01:00			`export IDP_CREDENTIALS=/etc/eidas-connector/credentials/idp`
			`export IDP_SEALER_STORE_RESOURCE=$IDP_CREDENTIALS/sealer.jks`
			`export IDP_SEALER_VERSION_RESOURCES=$IDP_CREDENTIALS/sealer.kver`
			`export IDP_SIGNING_KEY=$IDP_CREDENTIALS/idp-signing.key`
			`export IDP_SIGNING_CERT=$IDP_CREDENTIALS/idp-signing.crt`
			`export IDP_ENCRYPTION_KEY=$IDP_CREDENTIALS/idp-encryption.key`
			`export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/idp-encryption.crt`
			`export IDP_METADATA_SIGNING_KEY=$IDP_CREDENTIALS/metadata-signing.key`
			`export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/metadata-signing.crt`

			`export SP_CREDENTIALS=/etc/eidas-connector/credentials/sp`
			`export SP_SIGNING_KEY=$SP_CREDENTIALS/sp-signing.key`
			`export SP_SIGNING_CERT=$SP_CREDENTIALS/sp-signing.crt`
			`export SP_ENCRYPTION_KEY=$SP_CREDENTIALS/sp-encryption.key`
			`export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/sp-encryption.crt`
			`export SP_METADATA_SIGNING_KEY=$SP_CREDENTIALS/metadata-signing.key`
			`export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/metadata-signing.crt`
prep for 1.0.6 2017-11-23 21:28:14 +01:00
			`# Tomcat settings`
correct defaults 2017-12-11 14:25:51 +01:00			`export TOMCAT_CREDENTIALS=/etc/eidas-connector/credentials/tomcat`
			`export TOMCAT_TLS_SERVER_KEY=$TOCMAT_CREDENTIALS/tomcat-key.pem`
			`export TOMCAT_TLS_SERVER_CERTIFICATE=$TOMCAT_CREDENTIALS/tomcat-cert.pem`
			`export TOMCAT_TLS_SERVER_CERTIFICATE_CHAIN=$TOMCAT_CREDENTIALS/tomcat-chain.pem`