Sensus/SensusInfra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
SensusInfra/env.example
Sergey Antropoff 4db3e01513 feat: Add PostgreSQL SSL support with sslmode=require 
- Add SSL configuration to PostgreSQL in docker-compose.yml
- Create PostgreSQL SSL certificate generation script
- Add PostgreSQL SSL environment variables to env.example and .env
- Update Makefile with PostgreSQL SSL commands (ssl-generate, ssl-clean, ssl-info)
- Update .gitignore to exclude PostgreSQL SSL certificates
- Update documentation in README.md and QUICKSTART.md
- Test PostgreSQL SSL certificate generation

Features:
- PostgreSQL SSL mode: require (mandatory encryption)
- Self-signed certificates for development
- Automatic certificate generation via make ssl-generate
- SSL certificate management via Makefile commands

Author: Сергей Антропов
Site: https://devops.org.ru
2025-09-10 11:36:31 +03:00

106 lines
3.7 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Автор: Сергей Антропов, сайт: https://devops.org.ru
# Назначение: Пример переменных окружения для инфраструктуры SensusAgent и SensusWorker
# ВНИМАНИЕ: Этот файл содержит примеры значений для настройки!
# =============================================================================
# ZOOKEEPER КОНФИГУРАЦИЯ
# =============================================================================
ZOOKEEPER_CLIENT_PORT=2181
ZOOKEEPER_TICK_TIME=2000
# =============================================================================
# KAFKA КОНФИГУРАЦИЯ
# =============================================================================
KAFKA_BROKER_ID=1
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP=PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT,SSL:SSL
KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://kafka:29092,PLAINTEXT_HOST://10.99.0.90:9092,SSL://10.99.0.90:9093
KAFKA_EXTERNAL_PORT=9092
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1
KAFKA_TRANSACTION_STATE_LOG_MIN_ISR=1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR=1
KAFKA_AUTO_CREATE_TOPICS_ENABLE=true
KAFKA_NUM_PARTITIONS=3
KAFKA_DEFAULT_REPLICATION_FACTOR=1
KAFKA_LOG_RETENTION_HOURS=168
KAFKA_LOG_SEGMENT_BYTES=1073741824
KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS=300000
# Kafka UI
KAFKA_UI_PORT=8080
KAFKA_CLUSTERS_0_NAME=sensus-cluster
KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=kafka:29092
KAFKA_CLUSTERS_0_ZOOKEEPER=zookeeper:2181
DYNAMIC_CONFIG_ENABLED=true
# Kafka UI авторизация
KAFKA_UI_AUTH_TYPE=LOGIN_FORM
KAFKA_UI_USERNAME=admin
KAFKA_UI_PASSWORD=admin
KAFKA_UI_USER_ROLES=ADMIN
# Kafka топики
KAFKA_TOPIC=sensus.metrics
KAFKA_GROUP_ID=sensus-worker
KAFKA_CLIENT_ID=sensus-worker
# Kafka SSL
KAFKA_SSL_PORT=9093
KAFKA_SSL_KEYSTORE_PASSWORD=kafka123
KAFKA_SSL_KEY_PASSWORD=kafka123
KAFKA_SSL_TRUSTSTORE_PASSWORD=kafka123
KAFKA_SSL_CLIENT_AUTH=none
KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM=https
# Kafka SSL для клиентов (SensusAgent, SensusWorker)
KAFKA_SSL_ENABLED=false
# =============================================================================
# POSTGRESQL КОНФИГУРАЦИЯ
# =============================================================================
POSTGRES_DB=sensus
POSTGRES_USER=sensus
POSTGRES_PASSWORD=sensus_secure_password_2024
POSTGRES_PORT=5432
# PostgreSQL SSL
POSTGRES_SSL_MODE=require
POSTGRES_SSL_CERT_FILE=/var/lib/postgresql/ssl/server.crt
POSTGRES_SSL_KEY_FILE=/var/lib/postgresql/ssl/server.key
POSTGRES_SSL_CA_FILE=/var/lib/postgresql/ssl/ca.crt
POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
# =============================================================================
# CLICKHOUSE КОНФИГУРАЦИЯ
# =============================================================================
CLICKHOUSE_DB=sensus_metrics
CLICKHOUSE_USER=sensus
CLICKHOUSE_PASSWORD=clickhouse_secure_password_2024
CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT=1
CLICKHOUSE_SECURE=true
# ClickHouse реплика 1
CLICKHOUSE_1_PORT=8123
CLICKHOUSE_1_HTTP_PORT=9000
# ClickHouse реплика 2
CLICKHOUSE_2_PORT=8124
CLICKHOUSE_2_HTTP_PORT=9001
# ClickHouse Load Balancer
CLICKHOUSE_LB_HTTP_PORT=8125
CLICKHOUSE_LB_TCP_PORT=9002
# =============================================================================
# ПРИЛОЖЕНИЯ КОНФИГУРАЦИЯ
# =============================================================================
# SensusAgent
AGENT_LOG_LEVEL=info
# SensusWorker
WORKER_LOG_LEVEL=info
# =============================================================================
# СЕТЬ
# =============================================================================
# Docker network subnet для sensus-network
NETWORK_SUBNET=172.20.0.0/16
Reference in New Issue View Git Blame Copy Permalink