-
Notifications
You must be signed in to change notification settings - Fork 333
/
kowl-business.yaml
83 lines (76 loc) · 2.78 KB
/
kowl-business.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
###################################################################
# Commented config settings are optional and show the defaults
###################################################################
kafka:
brokers:
- broker-0.mycompany.com:19092
- broker-1.mycompany.com:19092
- broker-2.mycompany.com:19092
# clientId: kowl
# sasl:
# enabled: false
# useHandshake: true
# username:
# password: # This can be set via the --kafka.sasl.password flag as well
# mechanism: PLAIN # PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 and GSSAPI are supported
# gssapi:
# authType:
# keyTabPath:
# kerberosConfigPath:
# serviceName:
# username:
# password: # can be set via the --kafka.sasl.gssapi.password flag as well
# realm:
# tls:
# enabled: false
# caFilepath:
# certFilepath:
# keyFilepath:
# passphrase: # This can be set via the --kafka.tls.passphrase flag as well
# insecureSkipTlsVerify: false
# server:
# listenPort: 8080
# gracefulShutdownTimeout: 30s
# listenPort: 8080
# readTimeout: 30s
# writeTimeout: 30s
# idleTimeout: 30s
# compressionLevel: 4
# logger:
# level: info
# Only relevant for developers, who might want to run the frontend separately
# serveFrontend: true
# Prefix for all exported prometheus metrics
# metricsNamespace: kowl
###################################################################
# Below flags are only available in Kowl Business
###################################################################
# companyName: # Used for white labeling in the frontend
cloudHut:
licenseToken: # This can be set via the --cloudhut.license-token flag as well
login:
# jwtSecret can be any random password, but it must be the same across all replicas you run. It is used to sign JWTs
# which are used for user sessions. If you change the JWT secret all users will need to login again.
jwtSecret: # This can be set via the --login.jwt-secret flag as well
# At least one Login provider must be enabled
google:
enabled: false
clientId:
clientSecret: # This can be set via the --login.google.client-secret flag as well
# Below properties are required if you want to create roleBindings on Google groups instead of users
# directory:
# serviceAccountFilepath:
# targetPrincipal:
github:
enabled: false
clientId:
clientSecret: # This can be set via the --login.github.client-secret flag as well
# Below properties are required if you want to create roleBindings on GitHub teams instead of users
# directory:
# personalAccessToken: # This can be set via the --login.github.directory.personal-access-token flag as well
business:
rolesFilepath:
roleBindingsFilepath:
auditLog:
enabled: false
additionalHeaders: []