forked from cloudfoundry/cf-deployment
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathenable-smb-volume-service.yml
134 lines (134 loc) · 3.68 KB
/
enable-smb-volume-service.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
- type: replace
path: /instance_groups/name=api/jobs/name=cloud_controller_ng/properties/cc/volume_services_enabled?
value: true
- type: replace
path: /instance_groups/name=cc-worker/jobs/name=cloud_controller_worker/properties/cc/volume_services_enabled?
value: true
- type: replace
path: /instance_groups/name=scheduler/jobs/name=cloud_controller_clock/properties/cc/volume_services_enabled?
value: true
- type: replace
path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/smb-broker-client?
value:
authorities: cloud_controller.admin,clients.read
authorized-grant-types: client_credentials
secret: ((smb-broker-uaa-client-secret))
- type: replace
path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/smb-broker-credhub-client?
value:
authorities: credhub.read,credhub.write
authorized-grant-types: client_credentials
secret: ((smb-broker-credhub-uaa-client-secret))
- type: replace
path: /instance_groups/name=credhub/jobs/name=credhub/properties/credhub/authorization/permissions/-
value:
actors:
- uaa-client:smb-broker-credhub-client
operations:
- read
- write
- delete
- read_acl
- write_acl
path: /smbbroker/*
- type: replace
path: /instance_groups/-
value:
azs:
- z1
instances: 1
jobs:
- name: smbbrokerpush
properties:
app_domain: ((system_domain))
cf:
client_id: smb-broker-client
client_secret: ((smb-broker-uaa-client-secret))
credhub:
store_id: smbbroker
uaa_client_id: smb-broker-credhub-client
uaa_client_secret: ((smb-broker-credhub-uaa-client-secret))
url: https://credhub.service.cf.internal:8844
domain: ((system_domain))
organization: system
password: ((smb-broker-password))
skip_cert_verify: true
space: smb-broker-space
syslog_url: ""
username: smb-broker
release: smb-volume
- name: cf-cli-7-linux
release: cf-cli
lifecycle: errand
name: smb-broker-push
networks:
- name: default
stemcell: default
vm_type: minimal
- type: replace
path: /instance_groups/name=diego-cell/jobs/name=smbdriver?
value:
name: smbdriver
properties:
tls:
ca_cert: ((smbdriver_cert.ca))
client_cert: ((smbdriver_client_cert.certificate))
client_key: ((smbdriver_client_cert.private_key))
server_cert: ((smbdriver_cert.certificate))
server_key: ((smbdriver_cert.private_key))
release: smb-volume
- type: replace
path: /variables/-
value:
name: smb-broker-password
type: password
- type: replace
path: /variables/-
value:
name: smb-broker-uaa-client-secret
type: password
- type: replace
path: /variables/-
value:
name: smb-broker-credhub-uaa-client-secret
type: password
- type: replace
path: /variables/-
value:
name: smb_ca
type: certificate
options:
common_name: smb-ca
is_ca: true
- type: replace
path: /variables/-
value:
name: smbdriver_cert
type: certificate
options:
ca: smb_ca
common_name: 127.0.0.1
alternative_names:
- 127.0.0.1
extended_key_usage:
- server_auth
- type: replace
path: /variables/-
value:
name: smbdriver_client_cert
type: certificate
update_mode: converge
options:
ca: smb_ca
common_name: smb-client
alternative_names:
- smb-client
extended_key_usage:
- client_auth
- type: replace
path: /releases/-
value:
name: smb-volume
sha1: a73587cd607cf44f8c5acf191616cdb8d4d5cda7
url: https://bosh.io/d/github.com/cloudfoundry/smb-volume-release?v=3.1.0
version: 3.1.0