92 lines
3.4 KiB
Bash
92 lines
3.4 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
#
|
|
# Template for eIDAS Connector configuration
|
|
# Script within docker container reads from /etc/eidas-connector/env/ - So make sure to have a volume mount.
|
|
#
|
|
|
|
#
|
|
# Logging settings
|
|
#
|
|
|
|
# Logback log levels
|
|
# There must be a Docker volume mounted to the /etc/eidas-connector directory.
|
|
export IDP_LOG_SETTINGS_FILE=/etc/eidas-connector/loglevels.xml
|
|
|
|
# Process logs go to stdout
|
|
export IDP_LOG_CONSOLE=false
|
|
|
|
# Syslog (for Audit and F-TICKS)
|
|
export IDP_SYSLOG_HOST=log-1.test.sveidas.se
|
|
export IDP_SYSLOG_PORT=514
|
|
|
|
export IDP_PROCESS_SYSLOG_HOST=log-1.test.sveidas.se
|
|
export IDP_PROCESS_SYSLOG_PORT=514
|
|
|
|
export IDP_AUDIT_SYSLOG_FACILITY=LOCAL0
|
|
|
|
export IDP_STATS_SYSLOG_HOST=log-1.test.sveidas.se
|
|
export IDP_STATS_SYSLOG_PORT=514
|
|
export IDP_STATS_SYSLOG_FACILITY=LOCAL4
|
|
|
|
export IDP_FTICKS_FEDERATION_ID=eIDAS
|
|
export IDP_FTICKS_SYSLOG_FACILITY=LOCAL1
|
|
export IDP_PROCESS_SYSLOG_FACILITY=LOCAL2
|
|
|
|
# JVM settings
|
|
export JVM_MAX_HEAP=1536m
|
|
export JVM_START_HEA=512m
|
|
|
|
export IDP_TLS_TRUSTED_CERTS=/etc/ssl/certs/infra.crt
|
|
|
|
export IDP_CREDENTIALS=/etc/eidas-connector/credentials
|
|
export IDP_SEALER_STORE_RESOURCE=$IDP_CREDENTIALS/sealer.jks
|
|
export IDP_SEALER_VERSION_RESOURCES=$IDP_CREDENTIALS/sealer.kver
|
|
|
|
export IDP_PKCS11_ENABLED=true
|
|
export IDP_PKCS11_PIN=$PKCS11_PIN
|
|
export IDP_METADATA_SIGNING_PKCS11_ENABLED=true
|
|
export SP_METADATA_SIGNING_PKCS11_ENABLED=true
|
|
|
|
export IDP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
|
|
export IDP_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
|
export IDP_SIGNING_CERT=$IDP_CREDENTIALS/sign.crt
|
|
|
|
export IDP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
|
|
export IDP_ENCRYPTION_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
|
export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/enc.crt
|
|
|
|
export IDP_METADATA_SIGNING_PKCS11_ALIAS=sctest
|
|
export IDP_METADATA_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
|
export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/test-metadata-signer.crt
|
|
|
|
export SP_CREDENTIALS=/etc/eidas-connector/credentials
|
|
|
|
export SP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
|
|
export SP_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
|
export SP_SIGNING_CERT=$SP_CREDENTIALS/sign.crt
|
|
|
|
export SP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
|
|
export SP_ENCRYPTION_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
|
export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/enc.crt
|
|
|
|
export SP_METADATA_SIGNING_PKCS11_ALIAS=sctest
|
|
export SP_METADATA_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
|
export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/test-metadata-signer.crt
|
|
|
|
# Tomcat settings
|
|
export TOMCAT_CREDENTIALS=/etc/eidas-connector/credentials/tomcat
|
|
export TOMCAT_TLS_SERVER_KEY=$TOMCAT_CREDENTIALS/tomcat-key.pem
|
|
export TOMCAT_TLS_SERVER_CERTIFICATE=$TOMCAT_CREDENTIALS/tomcat-cert.pem
|
|
export TOMCAT_TLS_SERVER_CERTIFICATE_CHAIN=$TOMCAT_CREDENTIALS/tomcat-chain.pem
|
|
|
|
export FEDERATION_METADATA_URL=https://test.md.swedenconnect.se/entities
|
|
export FEDERATION_METADATA_VALIDATION_CERT=/etc/eidas-connector/credentials/test-metadata-signer.crt
|
|
|
|
unset EIDAS_METADATA_SERVICE_LIST_URL=https://test.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
|
|
unset EIDAS_METADATA_SERVICE_LIST_VALIDATION_CERT=/etc/eidas-connector/credentials/test-metadata-signer.crt
|
|
|
|
EIDAS_METADATA_URL=https://test.md.eidas.swedenconnect.se/role/idp.xml
|
|
EIDAS_METADATA_VALIDATION_CERT=/etc/eidas-connector/credentials/test-metadata-signer.crt
|
|
|
|
export IDP_ACCESSIBILITY_URL=https://www.swedenconnect.se/om/om-webbplatsen/tillganglighet/svenska-eidas-noden
|