sample-ppem-manager.yml
sample-ppem-manager.yml — Sample YAML configuration file for the manager
Overview
This is the sample configuration file for the PPEM manager.
The corresponding configuration file reference contains the detailed parameter descriptions.
Sample Configuration File
# Configuring parameter handling use_storage_config: false # Logging parameters log: level:logging_levelformat: "json" options: csv_field_delimiter: "," file: path:absolute_path_to_log_filemode:access_mode_of_log_file# Repository database parameters repo: schema: "public" url: "" host: "" port: 5432 name: "" user: "" password: "" fallback_addresses: [] target_session_attrs: "any" sslmode: "prefer" sslrootcert: "" sslcert: "" sslkey: "" max_conns: 4 max_conn_lifetime: "1h" max_conn_idle_time: "10m" instance_objects_repo_pool: max_conns: 4 max_conn_lifetime: "1h" max_conn_idle_time: "10m" # Integration parameters integrations: askpostgres: enabled: false base_url: "https://ask.postgrespro.ru" source: "ppem" timeouts: base: "20s" time_to_first_token: "120s" idle: "60s" # HTTP parameters http: server: address: "localhost" port: 8080 # HTTPS is disabled by default tls: cert_file: "" key_file: "" static_files_path: "" timeout: 60s security: enabled: false csp_policy: >- default-src 'none'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self'; connect-src 'self'; media-src 'self'; form-action 'self'; base-uri 'self'; frame-ancestors 'none'; frame-src https://postgrespro.com/; object-src 'none' cache_control: "no-store, no-cache, must-revalidate" pragma: "no-cache" expires: 0 frame_options: "" content_type_options: "" permissions_policy: >- accelerometer=(), autoplay=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() referrer_policy: "strict-origin-when-cross-origin" strict_transport_security: "" cross_origin_embedder_policy:cross_origin_embedder_policy_headercross_origin_opener_policy:cross_origin_opener_policy_headercross_origin_resource_policy:cross_origin_resource_policy_headercors: allowed_origins: [] allowed_methods: [] exposed_headers: [] allow_credentials: false max_age: 0 real_ip_header_name: "" client: timeouts: http: "60s" tls_handshake: "2s" dialer: "2s" response_header: "20s" insecure_skip_verify: false root_ca_files: [] pagination: max_page_size: 100 api: disabled: {} # JWT session parameters jwt: secret: "secret" lifetime: access: "30m" refresh: "24h" max_sessions_per_user: 10 max_failed_login_attempts: 0 password_policy: length_min: 8 length_max: 64 allowed_symbols: "" entropy_min: 0 history_depth: 0 # Encryption parameters crypto: enabled: false key: "" salt: "" # Backup integration parameters backups: scheduler: interval: "10s" commands: timeout: "5h" # OIDC integration parameters oidc: issuer:OpenID_provider_URLclient_id:relying_party_IDclient_secret:relying_party_secretcallback_host:relying_party_hostlogin_timeout: "10m" scopes: - "openid" - "profile" - "email" # LDAP integration parameters ldap: type:directory_service_typeurl:directory_service_network_addressbind_username:directory_service_usernamebind_password:directory_service_user_passwordbase_dn:directory_service_base_DNprefix_user_dn: "" prefix_group_dn: "" user_class:user_object_classuser_name_attr:user_login_attributeuser_first_name_attr: "givenName" user_last_name_attr: "sn" user_display_name_attr: "displayName" user_email_attr: "mail" user_phone_attr: "telephoneNumber" user_job_title_attr: "title" user_id_attr: "sAMAccountName" group_class: "group" group_name_attr: "cn" group_filter: "" group_list_size_limit: 0 group_members_attr: "" group_membership_filter: "" user_membership_attr: "memberOf" user_sync_interval: "5m" ssl_cert_skip_verify: false ssl_root_ca: [] # Package manager parameters package_managers: scheduler: interval: "10m" initial_delay: "1m" commands: timeout: "1h" # Metrics collector parameters metrics: enabled: true timeout: "60s" # Alert and notification parameters alerts: metrics: request_chunk_size: 100 logs: request_chunk_size: 100 cleanup_grace_period: "6h" scheduler: interval: "50s" initial_delay: "10s" timeout: "10m" delayed_data: is_enabled: false data_delay: "180s" datasource_delays: metrics:delay_for_metrics_arrivallogs:delay_for_log_arrivalmax_delay: "600s" is_adaptive_delay: true notifier: num_workers: 5 worker_batch_size: 20 worker_interval: "30s" backoff_base: "10s" max_retries: 3 notification_timeout: "20s" janitor_interval: "1m" stale_processing_timeout: "10m" email: is_enabled: false pool_size: 10 smtp: host: "localhost" port: 25 username: "" password: "" from: "admin@localdomain.local" timeout: "10s" use_starttls: false use_ssl: false tls: insecure_skip_verify: false root_ca_path: "" # Executor parameters executor: get_tasks_frequency:task_gathering_frequencyget_tasks_timeout:task_gathering_timeoutget_tasks_batch_size:task_gathering_batch_sizeprocessing_at_update_frequency:updating_processing_at_frequencystop_running_tasks_frequency:task_stopping_frequency# OpenTelemetry (OTLP) parameters otlp: traces: sampler_ratio: 1.0 exporter: protocol: "" endpoint_url:collector_endpoint_URL_for_exporting_tracestls: insecure_skip_verify: false # Audit event log parameters audit: enabled: false syslog: protocol:one_of_supported_transport_protocolsaddress:address_of_Syslog_serverport:port_of_Syslog_serverfacility: "kern" tag: "" log: path:path_to_log_filemode:access_mode_for_log_file# Agent connection parameters agents_connection: read_timeout: "30s" write_timeout: "2s" max_connections_per_second: 100 log_pings: false # Miscellaneous time interval and timeout parameters collectors: agent_time_desync_allowance: "1m" replication: worker: interval: "5s" operations: watcher_timeout:operation_state_checking_timeoutnotifications: cleanup_age: "168h" commands: cleanup_age: "720h"