API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 12th, 2018
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 4.15 KB | None | 0 0
raw download clone embed print report
  1. #  _____          _     _   _            _
  2. # |_   _|_      _(_)___| |_| | ___   ___| | __
  3. #   | | \ \ /\ / / / __| __| |/ _ \ / __| |/ /
  4. #   | |  \ V  V /| \__ \ |_| | (_) | (__|   <
  5. #   |_|   \_/\_/ |_|___/\__|_|\___/ \___|_|\_\
  6.  
  7. # This configuration file contains the setup parameters for Twistlock
  8. # This file is typically stored in the same directory as the installation script (twistlock.sh)
  9. # To reconfigure settings, update this configuration file and re-run twistlock.sh; state and unchanged settings will persist
  10.  
  11.  
  12.  
  13. #############################################
  14. #     Network configuration
  15. #############################################
  16. # Each port must be set to a unique value (multiple services cannot share the same port)
  17. ###### Management console ports #####
  18. # Sets the ports that the Twistlock management website listens on
  19. # The system that you use to configure Twistlock must be able to connect to the Twistlock Console on these ports
  20. # To disable the HTTP listner, leave the value empty (e.g. MANAGEMENT_PORT_HTTP=)
  21. MANAGEMENT_PORT_HTTP=8081
  22. MANAGEMENT_PORT_HTTPS=8083
  23.  
  24. ##### Inter-system communication port #####
  25. # Sets the port for communication between the Defender(s) and the Console
  26. COMMUNICATION_PORT=8084
  27.  
  28. ##### Certificate common names (optional) #####
  29. # Determines how to construct the CN in the Console's certificate
  30. # This value should not be modified unless instructed to by Twistlock Support
  31. CONSOLE_CN=cs-6000-devshell-vm-2d8a6bd0-14dc-44d9-a4ec-637523688dd3; if [[ 0 == 1 ]]; then CONSOLE_CN=cs-6000-devshell-vm-2d8a6bd0-14dc-44d9-a4ec-637523688dd3; fi
  32. # Determines how to construct the CN in the Defenders' certificates
  33. # Each Defender authenticates to the Console with this certificate and each cert must have a unique CN
  34. # These values should not be modified unless instructed to by Twistlock Support
  35. DEFENDER_CN=
  36.  
  37. #############################################
  38. #     Twistlock system configuration
  39. #############################################
  40. ###### Data recovery #####
  41. # Data recovery automatically exports the full Twistlock configuration to the specified path every 24 hours
  42. # Daily, weekly, and monthly snapshots are retained
  43. # The exported configuration can be stored on durable storage or backed up remotely with other tools
  44. # Sets data recovery state (enabled or disabled)
  45. DATA_RECOVERY_ENABLED=true
  46. # Sets the directory to which Twistlock data is exported
  47. DATA_RECOVERY_VOLUME=/var/lib/twistlock-backup
  48.  
  49. ##### Read only containers #####
  50. # Sets Twistlock containers file-system to read-only
  51. READ_ONLY_FS=true
  52.  
  53. ##### Storage paths #####
  54. # Sets the base directory to store Twistlock local data (db and log files)
  55. DATA_FOLDER=/var/lib/twistlock
  56.  
  57. ##### Docker socket #####
  58. # Sets the location of the Docker socket file
  59. DOCKER_SOCKET={{ .Values.console.dockerSocket
  60. # Sets the type of the docker listener (TCP or NONE)
  61. DEFENDER_LISTENER_TYPE=NONE
  62.  
  63. #### SCAP (XCCDF) configuration ####
  64. # Sets SCAP state (enabled or disabled)
  65. SCAP_ENABLED=false
  66.  
  67. #### systemd configuration ####
  68. # Installs Twistlock as systemd service
  69. SYSTEMD_ENABLED=false
  70.  
  71. #### userid configuration ####
  72. # Run Twistlock console processes as root (default, twistlock user account)
  73. RUN_CONSOLE_AS_ROOT=false
  74.  
  75. #### selinux configuration ####
  76. # If SELINUX is enabled in dockerd, enable running Twistlock console and defender with a dedicated SELINUX label
  77. # See https://docs.docker.com/engine/reference/run/#security-configuration
  78. SELINUX_LABEL=disable
  79.  
  80. #############################################
  81. #      High availability settings
  82. #############################################
  83. # Only to be used when the Console is running outside of a cluster
  84. # This is native HA provided within Twistlock for use in scenarios where Console available is not cluster managed
  85. HIGH_AVAILABILITY_ENABLED=false
  86. HIGH_AVAILABILITY_STATE=PRIMARY
  87. HIGH_AVAILABILITY_PORT=8086
  88.  
  89.  
  90.  
  91. #############################################
  92. #      Twistlock repository configuration
  93. #############################################
  94. # Sets the version tag of the Twistlock containers
  95. # Do not modify unless instructed to by Twistlock Support
  96. DOCKER_TWISTLOCK_TAG={{ .Values.global.imageTag }}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!