Variable Name |
Description |
Value type |
Default Value |
Version |
CONFIG_PAP |
Set this variable to no if you don't want yaim to create the PAP configuration files |
string |
yes |
1.0.0-1 |
CONFIG_PDP |
Set this variable to no if you don't want yaim to create the PDP configuration file |
string |
yes |
1.0.0-1 |
CONFIG_PEP |
Set this variable to no if you don't want yaim to create the PEP Server configuration file |
string |
yes |
1.0.0-1 |
PAP_HOME |
Home directory of the pap service |
path |
${PAP_HOME:-"/usr/share/argus/pap"} |
1.3.0-1 |
PAP_ENTITY_ID |
This is a unique identifier for the PAP. It must be a URI (URL or URN) and the same entity ID should be used for all PAP instances that make up a single logical PAP. If a URL is used it doesn't neet to resolve to any specific webpage. |
URI |
${PAP_ENTITY_ID:-"http://${ARGUS_HOST}/pap"} |
1.1.0-1 |
PAP_HOST |
Set this variable to another value if PAP_HOST is not installed in the same host as PDP and PEP. |
IP/DNS name |
${ARGUS_HOST} |
1.0.0-1 |
PAP_CONF_INI |
Configuration file for the pap service |
path |
${PAP_CONF_INI:-"${PAP_HOME}/conf/pap_configuration.ini"} |
1.0.0-1 |
PAP_AUTHZ_INI |
Configuration file for the pap service authorization policies |
path |
${PAP_AUTHZ_INI:-"${PAP_HOME}/conf/pap_authorization.ini"} |
1.0.0-1 |
PAP_ADMIN_PROPS |
Configuration properties for the pap-admin client |
path |
${PAP_ADMIN_PROPS:-"${PAP_HOME}/conf/pap-admin.properties"} |
1.3.0-1 |
PAP_REPO_LOCATION |
Path to the repository directory |
path |
${PAP_REPO_LOCATION:-"${PAP_HOME}/repository"} |
1.0.0-1 |
PAP_POLL_INTERVAL |
The polling interval (in seconds) for retrieving remote policies |
number |
14400 |
1.0.0-1 |
PAP_ORDERING |
Comma separated list of pap aliases. Example: alias-1, alias-2, ..., alias-n. Defines the order of evaluation of the policies of the paps, that means that the policies of pap "alias-1" are evaluated for first, then the policies of pap "alias-2" and so on. |
string |
default |
1.0.0-1 |
PAP_CONSISTENCY_CHECK |
Forces a consistency check of the repository at startup. |
boolean |
false |
1.0.0-1 |
PAP_CONSISTENCY_CHECK_REPAIR |
if set to true automatically fixes problems detected by the consistency check (usually means deleting the corrupted policies). |
boolean |
false |
1.0.0-1 |
PAP_PORT |
PAP standalone service port |
port |
8150 |
1.0.0-1 |
PAP_SHUTDOWN_PORT |
PAP standalone shutdown service port |
port |
8151 |
1.0.0-1 |
PAP_SHUTDOWN_COMMAND |
PAP standalone shutdown command (password) |
port |
generated pseudo random |
1.1.0-1 |
PDP_HOME |
Home directory of the pdp service |
path |
${PDP_HOME:-"/usr/share/argus/pdp"} |
1.3.0-1 |
PDP_CONF_INI |
Configuration file for the PDP service |
path |
${PDP_CONF_INI:-"/etc/argus/pdp/pdp.ini"} |
1.3.0-1 |
PDP_ENTITY_ID |
This is a unique identifier for the PEP. It must be a URI (URL or URN) and the same entity ID should be used for all PEP instances that make up a single logical PEP. If a URL is used it need not resolve to any specific webpage. |
URI |
${PDP_ENTITY_ID:-"http://${ARGUS_HOST}/pdp"} |
1.1.0-1 |
PDP_HOST |
Set this variable to another value if PDP_HOST is not installed in the same host as PAP and PEP. |
IP/DNS name |
${ARGUS_HOST} |
1.4.0-1 |
PDP_PORT |
PDP standalone service port |
port |
8152 |
1.0.0-1 |
PDP_ADMIN_PORT |
PDP admin service port |
port |
8153 |
1.1.0-1 |
PDP_ADMIN_PASSWORD |
PDP admin service password for shutdown, reload policy, ..., commands |
port |
generated pseudo random |
1.1.0-1 |
PDP_RETENTION_INTERVAL |
The number of minutes the PDP will retain (cache) a policy retrieved from the PAP. After this time is passed the PDP will again call out to the PAP and retrieve the policy |
number |
240 |
1.0.0-1 |
PDP_PAP_ENDPOINTS |
Space separated list of PAP endpoint URLs for the PDP to use. Endpoints will be tried in turn until one returns a successful response. This provides limited failover support. If more intelligent failover is necessary or load balancing is required, a dedicated load-balancer/failover appliance should be used. |
URLs |
${PDP_PAP_ENDPOINTS:-"https://${PAP_HOST}:8150/pap/services/ProvisioningService"} |
1.1.0-1 |
PEP_HOME |
Home directory for the pep service |
path |
${PEP_HOME:-"/usr/share/argus/pepd"} |
1.3.0-1 |
PEP_CONF_INI |
Configuration for the pep service |
path |
${PEP_CONF_INI:-"/etc/argus/pepd/pepd.ini"} |
1.3.0-1 |
PEP_ENTITY_ID |
This is a unique identifier for the PEP. It must be a URI (URL or URN) and the same entity ID should be used for all PEP instances that make up a single logical PEP. If a URL is used it need not resolve to any specific webpage. |
URI |
${PEP_ENTITY_ID:-"http://${ARGUS_HOST}/pepd"} |
1.1.0-1 |
PEP_HOST |
Set this variable to another value if PEP_HOST is not installed in the same host as PAP and PDP. But remember to use the hostname and not 127.0.0.1 ! |
IP/DNS name |
${ARGUS_HOST} |
1.1.0-1 |
PEP_PORT |
PEP service port |
port |
8154 |
1.0.0-1 |
PEP_ADMIN_PORT |
PEP admin service port |
port |
8155 |
1.1.0-1 |
PEP_ADMIN_PASSWORD |
PEP admin service password for shutdown, clear cache, ..., commands |
port |
generated pseudo random |
1.1.0-1 |
PEP_MAX_CACHEDRESP |
The maximum number of responses from any PDP that will be cached. Setting this value to 0 (zero) will disable caching. |
number |
500 |
1.0.0-1 |
PEP_PDP_ENDPOINTS |
Space separated list of PDP endpoint URLs for the PEP to use. Endpoints will be tried in turn until one returns a successful response. This provides limited failover support. If more intelligent failover is necessary or load balancing is required, a dedicated load-balancer/failover appliance should be used. |
URLs |
${PEP_PDP_ENDPOINTS:-"https://${PDP_HOST}:8152/authz"} |
1.1.0-1 |