#!/usr/bin/env bash # # Template for eIDAS Connector configuration # Script within docker container reads from /etc/eidas-connector/env/ - So make sure to have a volume mount. # # The hostname that the connector exposes externally - Set in "docker run" #IDP_SERVER_HOSTNAME=eunode.qa.sveidas.se # Connector IdP entityID IDP_ENTITY_ID=https://${IDP_SERVER_HOSTNAME}/eidas # Connector SP entityID SP_ENTITY_ID=https://${IDP_SERVER_HOSTNAME}/idp/metadata/sp # # Logging settings # # Logback log levels # There must be a Docker volume mounted to the /etc/eidas-connector directory. IDP_LOG_SETTINGS_FILE=/etc/eidas-connector/loglevels.xml # Process logs go to stdout IDP_LOG_CONSOLE=true # Syslog (for Audit and F-TICKS) IDP_SYSLOG_HOST=syslog.nordu.net IDP_SYSLOG_PORT=514 # F-TICKS and Audit IDP_FTICKS_FEDERATION_ID=eIDAS #IDP_FTICKS_SALT=changeme # Different formats -> different facilities (?) IDP_FTICKS_SYSLOG_FACILITY=AUTHPRIV IDP_AUDIT_SYSLOG_FACILITY=AUTH # JVM settings JVM_MAX_HEAP=1536m JVM_START_HEAP=512m IDP_CREDENTIALS=/etc/eidas-connector/credentials IDP_SEALER_STORE_RESOURCE=$IDP_CREDENTIALS/idp/sealer.jks IDP_SEALER_VERSION_RESOURCES=$IDP_CREDENTIALS/idp/sealer.kver IDP_SIGNING_KEY=$IDP_CREDENTIALS/idp/idp-signing.key IDP_SIGNING_CERT=$IDP_CREDENTIALS/idp/idp-signing.crt IDP_ENCRYPTION_KEY=$IDP_CREDENTIALS/idp/idp-encryption.key IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/idp/idp-encryption.crt IDP_METADATA_SIGNING_KEY=$IDP_CREDENTIALS/idp/metadata-signing.key IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/idp/metadata-signing.crt SP_SIGNING_KEY=$SP_CREDENTIALS/sp/sp-signing.key SP_SIGNING_CERT=$SP_CREDENTIALS/sp/sp-signing.crt SP_ENCRYPTION_KEY=$SP_CREDENTIALS/sp/sp-encryption.key SP_ENCRYPTION_CERT=$SP_CREDENTIALS/sp/sp-encryption.crt SP_METADATA_SIGNING_KEY=$SP_CREDENTIALS/sp/metadata-signing.key SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/sp/metadata-signing.crt # Tomcat settings TOMCAT_TLS_SERVER_KEY=$IDP_CREDENTIALS/tomcat/tomcat-key.pem TOMCAT_TLS_SERVER_CERTIFICATE=$IDP_CREDENTIALS/tomcat/tomcat-cert.pem TOMCAT_TLS_SERVER_CERTIFICATE_CHAIN=$IDP_CREDENTIALS/tomcat/tomcat-chain.pem