summaryrefslogtreecommitdiff
path: root/puppet/modules/tapicero/templates/tapicero.yaml.erb
blob: d6ea56fa8826c7b8314322a5c763c92bcaafaaf3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<%- require 'json' -%>

#
# Default configuration options for Tapicero
#

# couch connection configuration
connection:
  protocol: "http"
  host: "localhost"
  port: <%= @couchdb_port %>
  username: <%= @couchdb_admin_user %>
  password: <%= @couchdb_admin_password %>
  prefix : ""
  suffix : ""

# file to store the last processed user record in so we can resume after
# a restart:
seq_file: "/var/lib/leap/tapicero/tapicero.seq"

# Configure log_file like this if you want to log to a file instead of syslog:
# log_file: "/var/leap/log/tapicero.log"
log_level: info

# tapicero specific options
options:
  # prefix for per user databases:
  db_prefix: "user-"
  mode: <%= @couchdb_mode %>
<%- if @couchdb_replication %>
  replication: <%= @couchdb_replication.to_json %>
<%- end -%>

  # security settings to be used for the per user databases
  security:
    admins:
      names:
        # We explicitly allow the admin user to access per user databases, even
        # though admin access ignores per database security we just do this to be
        # explicit about this
        - <%= @couchdb_admin_user %>
      roles: []
    readers:
      names:
        - <%= @couchdb_soledad_user %>
        - <%= @couchdb_leap_mx_user %>
      roles: []