-
Notifications
You must be signed in to change notification settings - Fork 13
/
grendel.toml.sample
233 lines (183 loc) · 6.76 KB
/
grendel.toml.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
#------------------------------------------------------------------------------
# Grendel Config
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# General
#------------------------------------------------------------------------------
#
# Path database file. Defaults to ":memory:" which uses in-memory store. Change
# this to a filepath for persisent storage.
#
dbpath = ":memory:"
#
# By default, all loggers are on. You can turn off logging for specific
# services here.
#
loggers = {cli="on", tftp="off", dhcp="on", dns="off", provision="on", api="on", pxe="off"}
#
# Admin ssh public keys. These are used in provision templates and elsewhere for
# administrative ssh access
#
admin_ssh_pubkeys = []
#------------------------------------------------------------------------------
# HTTP Provision Server
#------------------------------------------------------------------------------
[provision]
# Listen address for provision server
listen = "0.0.0.0:80"
# Set static hostname for grendel (should match SSL certificate and resolve in DNS)
#hostname = "my.host.name"
# Path to ssl cert (.crt file)
#cert = "/path/to/cert/file/hostname.crt"
# Path to ssl key (.key file)
#key = "/path/to/cert/file/hostname.key"
# TTL in seconds for provision tokens. Defaults to 1 hour
token_ttl = 3600
# Can generate secret with `openssl rand -hex 16`
#secret = "_provisioning_secret_here_"
# Hashed root password used in kickstart template
root_password = ""
# Default OS image name
default_image = ""
# Path to repo directory
repo_dir = "/var/lib/grendel/repo"
# Enable prometheus service discover endpoint
enable_prometheus_sd = false
# Prometheus service discovery refresh interval in seconds
prometheus_sd_refresh_interval = 3600
#------------------------------------------------------------------------------
# DHCP Server
#------------------------------------------------------------------------------
[dhcp]
listen = "0.0.0.0:67"
# Default lease time
lease_time = "24h"
# List of default DNS servers
dns_servers = []
# List of default DNS search domains
domain_search = []
# Default MTU
mtu = 1500
# Only run DHCP Proxy server
proxy_only = false
# Dynamic router configuration. Grendel will generate the router option 3 for
# DHCP responses based on the hosts IP address, netmask, and router_octet4. For
# example, if all subnets in your data center have routers 10.x.x.254 you can
# set router_octet4 = 254. If a host ip address is 10.104.13.10, Grendel will
# set the router option in the dhcp response to 10.104.13.254. This setting is
# off by default.
router_octet4 = 0
# Hard code a static default gateway. (Not set by default)
#gateway = ""
# Configure settings for specific subnets. If a hosts IP address is contained
# inside the subnet, the static dhcp response will contain the gateway IP
# address, dns, and MTU settings for the given subnet. The gateway defines both
# the gateway IP and the netmask prefix for the subnet. For example, gateway =
# "10.17.41.254/23" will check if host IP falls in the network prefix
# 10.17.40.0/23 and if so set the dhcp gateway/router to 10.17.41.254.
#
#subnets = [
# {gateway = "10.17.41.254/23", dns = "10.17.40.248", mtu="1500"}
# ]
#------------------------------------------------------------------------------
# DNS Server
#------------------------------------------------------------------------------
[dns]
listen = "0.0.0.0:53"
# Default TTL for dns responses
ttl = 86400
#------------------------------------------------------------------------------
# TFTP Server
#------------------------------------------------------------------------------
[tftp]
listen = "0.0.0.0:69"
#------------------------------------------------------------------------------
# PXE Server
#------------------------------------------------------------------------------
[pxe]
listen = "0.0.0.0:4011"
#------------------------------------------------------------------------------
# API Server
#------------------------------------------------------------------------------
[api]
# Can generate secret with `openssl rand -hex 16`
#secret = "_api_secret_here_"
# Path to unix socket
socket_path = "grendel-api.socket"
#------------------------------------------------------------------------------
# API Client Config
#------------------------------------------------------------------------------
[client]
# Grendel API endpoint
api_endpoint = "grendel-api.socket"
# Verify ssl certs? false (yes) true (no)
insecure = false
#------------------------------------------------------------------------------
# Global BMC Config
#------------------------------------------------------------------------------
[bmc]
user = ""
password = ""
switch_admin_username = "admin"
switch_admin_password = ""
# Allow unsigned https certs for redfish queries
insecure = true
# bmc runner settings:
# sets number of active queries allowed at one time
fanout = 20
# number of seconds after a query completes to wait before sending another
delay = 1
# IP sent to the BMC for import system config, should be an IP of the provision server which is reachable by the BMCs
#config_share_ip = "0.0.0.0"
# Import System Config setting: Set to "Enabled" if using a self signed certificate on the provision server
#config_ignore_certificate_warning = "Disabled"
#------------------------------------------------------------------------------
# Automatic Host Discovery Config
#------------------------------------------------------------------------------
[discovery]
user = ""
password = ""
domain = ""
#------------------------------------------------------------------------------
# Frontend Config
#------------------------------------------------------------------------------
[frontend]
# Address and port to listen
listen = "0.0.0.0:8081"
# Favicon file path
# favicon = ""
# HTTPS cert and key file paths. Setting these will enable https
# key = ""
# cert = ""
# Floorplan table config. Rows are ascending, Cols are descending
rows_start = "f"
rows_end = "v"
cols_start = 28
cols_end = 5
# Rack table config
rack_min = 3
rack_max = 42
# Export CSV default template
#export_csv_default_template = """"""
# Session storage driver. Valid options: redis, sqlite3, memory.
session_storage = "memory"
[frontend.redis]
# url = "redis://<user>:<pass>@127.0.0.1:6379/<db>"
[frontend.sqlite]
# path = ""
# First interface default vals in Rack -> Add Hosts -> Interface Details
[frontend.first_iface]
# Maps port number to rack u
auto_mapping = true
interface_name = ""
interface_domain = ""
interface_bmc = "true"
interface_vlan = ""
interface_mtu = ""
# Other interfaces default vals in Rack -> Add Hosts -> Interface Details
[frontend.other_ifaces]
interface_name = ""
interface_domain = ""
interface_bmc = "false"
interface_vlan = ""
interface_mtu = ""