Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # _____ _ _ _ _
- # |_ _|_ _(_)___| |_| | ___ ___| | __
- # | | \ \ /\ / / / __| __| |/ _ \ / __| |/ /
- # | | \ V V /| \__ \ |_| | (_) | (__| <
- # |_| \_/\_/ |_|___/\__|_|\___/ \___|_|\_\
- # This configuration file contains the setup parameters for Twistlock
- # This file is typically stored in the same directory as the installation script (twistlock.sh)
- # To reconfigure settings, update this configuration file and re-run twistlock.sh; state and unchanged settings will persist
- #############################################
- # Network configuration
- #############################################
- # Each port must be set to a unique value (multiple services cannot share the same port)
- ###### Management console ports #####
- # Sets the ports that the Twistlock management website listens on
- # The system that you use to configure Twistlock must be able to connect to the Twistlock Console on these ports
- # To disable the HTTP listner, leave the value empty (e.g. MANAGEMENT_PORT_HTTP=)
- MANAGEMENT_PORT_HTTP=8081
- MANAGEMENT_PORT_HTTPS=8083
- ##### Inter-system communication port #####
- # Sets the port for communication between the Defender(s) and the Console
- COMMUNICATION_PORT=8084
- ##### Certificate common names (optional) #####
- # Determines how to construct the CN in the Console's certificate
- # This value should not be modified unless instructed to by Twistlock Support
- CONSOLE_CN=cs-6000-devshell-vm-2d8a6bd0-14dc-44d9-a4ec-637523688dd3; if [[ 0 == 1 ]]; then CONSOLE_CN=cs-6000-devshell-vm-2d8a6bd0-14dc-44d9-a4ec-637523688dd3; fi
- # Determines how to construct the CN in the Defenders' certificates
- # Each Defender authenticates to the Console with this certificate and each cert must have a unique CN
- # These values should not be modified unless instructed to by Twistlock Support
- DEFENDER_CN=
- #############################################
- # Twistlock system configuration
- #############################################
- ###### Data recovery #####
- # Data recovery automatically exports the full Twistlock configuration to the specified path every 24 hours
- # Daily, weekly, and monthly snapshots are retained
- # The exported configuration can be stored on durable storage or backed up remotely with other tools
- # Sets data recovery state (enabled or disabled)
- DATA_RECOVERY_ENABLED=true
- # Sets the directory to which Twistlock data is exported
- DATA_RECOVERY_VOLUME=/var/lib/twistlock-backup
- ##### Read only containers #####
- # Sets Twistlock containers file-system to read-only
- READ_ONLY_FS=true
- ##### Storage paths #####
- # Sets the base directory to store Twistlock local data (db and log files)
- DATA_FOLDER=/var/lib/twistlock
- ##### Docker socket #####
- # Sets the location of the Docker socket file
- DOCKER_SOCKET={{ .Values.console.dockerSocket
- # Sets the type of the docker listener (TCP or NONE)
- DEFENDER_LISTENER_TYPE=NONE
- #### SCAP (XCCDF) configuration ####
- # Sets SCAP state (enabled or disabled)
- SCAP_ENABLED=false
- #### systemd configuration ####
- # Installs Twistlock as systemd service
- SYSTEMD_ENABLED=false
- #### userid configuration ####
- # Run Twistlock console processes as root (default, twistlock user account)
- RUN_CONSOLE_AS_ROOT=false
- #### selinux configuration ####
- # If SELINUX is enabled in dockerd, enable running Twistlock console and defender with a dedicated SELINUX label
- # See https://docs.docker.com/engine/reference/run/#security-configuration
- SELINUX_LABEL=disable
- #############################################
- # High availability settings
- #############################################
- # Only to be used when the Console is running outside of a cluster
- # This is native HA provided within Twistlock for use in scenarios where Console available is not cluster managed
- HIGH_AVAILABILITY_ENABLED=false
- HIGH_AVAILABILITY_STATE=PRIMARY
- HIGH_AVAILABILITY_PORT=8086
- #############################################
- # Twistlock repository configuration
- #############################################
- # Sets the version tag of the Twistlock containers
- # Do not modify unless instructed to by Twistlock Support
- DOCKER_TWISTLOCK_TAG={{ .Values.global.imageTag }}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement