tapir-pop.sample.yaml

# manually maintained

cli:
   tapir-pop:
      url:		https://127.0.0.1:9099/api/v1
      tlsurl:		https://127.0.0.1:9098/api/v1
      apikey:		be-nice-to-a-bad-tempered-tapir

apiserver:
   key:			be-nice-to-a-bad-tempered-tapir
   addresses:		[ 127.0.0.1:9099 ]
   tlsaddresses:	[ 127.0.0.1:9098 ]

# Note: This should only be active for a TEM bootstrapserver
bootstrapserver:
   active:		false
   addresses:		[]
   tlsaddresses:	[]

dnsengine:
   active:		true
   addresses:		[ 127.0.0.1:5360 ]
   logfile:		/var/log/dnstapir/pop-dnsengine.log

services:
   reaper:
      interval: 60 # seconds, time between runs of deleting expired data
   rpz:
      zonename:		rpz.
      primary:		127.0.0.1:5359	# must be an address that the dnsengine listens to
      serialcache:	/etc/dnstapir/rpz-serial.yaml
   refreshengine:
      active:		true
      name:		TAPIR-POP Source Refresher

tapir:
   mqtt:
      logfile:		/var/log/dnstapir/pop-mqtt.log
      server:		tls://mqtt.dev.dnstapir.se:8883
      uid:		johani
      clientid:		this-must-be-unique
      cacert:		/etc/dnstapir/certs/tapirCA.crt
      clientcert:	/etc/dnstapir/certs/tapir-edge.crt
      clientkey:	/etc/dnstapir/certs/tapir-edge.pem
      qos:		2

   observations:
      srcname:		dns-tapir
      topic:		events/up/johani/observations
      validatorkey:	/etc/dnstapir/certs/mqttsigner-pub.pem

   config:
      srcname:		dns-tapir
      topic:		config/down/tapir-pop/johani
      validatorkey:	/etc/dnstapir/certs/mqttsigner-pub.pem

   status:
      topic:		status/up/tapir-pop/must-be-unique
      signingkey:	/etc/dnstapir/certs/mqttsigner-key.pem

certs:
   certdir:	/etc/dnstapir/certs
   cacertfile:	/etc/dnstapir/certs/tapirCA.crt
   tem:
      cert:	/etc/dnstapir/certs/tapir-egde.crt
      key:	/etc/dnstapir/certs/tapir-edge.key
   tapir-cli:
      cert:	/etc/dnstapir/certs/tapir-edge.crt
      key:	/etc/dnstapir/certs/tapir-edge.key

log:
   file:	/var/log/dnstapir/tapir-pop.log