1 files changed, 42 insertions, 0 deletions

diff --git a/puppet/modules/tapicero/templates/tapicero.yaml.erb b/puppet/modules/tapicero/templates/tapicero.yaml.erb
new file mode 100644
index 00000000..8e19b22f
--- /dev/null
+++ b/puppet/modules/tapicero/templates/tapicero.yaml.erb
@@ -0,0 +1,42 @@
+#
+# Default configuration options for Tapicero
+#
+
+# couch connection configuration
+connection:
+  protocol: "http"
+  host: "localhost"
+  port: <%= @couchdb_port %>
+  username: <%= @couchdb_admin_user %>
+  password: <%= @couchdb_admin_password %>
+  prefix : ""
+  suffix : ""
+
+# file to store the last processed user record in so we can resume after
+# a restart:
+seq_file: "/var/lib/leap/tapicero/tapicero.seq"
+
+# Configure log_file like this if you want to log to a file instead of syslog:
+# log_file: "/var/leap/log/tapicero.log"
+log_level: info
+
+# tapicero specific options
+options:
+  # prefix for per user databases:
+  db_prefix: "user-"
+
+  # security settings to be used for the per user databases
+  security:
+    admins:
+      names:
+        # We explicitly allow the admin user to access per user databases, even
+        # though admin access ignores per database security we just do this to be
+        # explicit about this
+        - <%= @couchdb_admin_user %>
+      roles: []
+    readers:
+      names:
+        - <%= @couchdb_soledad_user %>
+        - <%= @couchdb_leap_mx_user %>
+      roles: []
+