7152f1d262
Prior to this commit, `sushy-emulator` served all libvirt domains and OpenStack instances to Redfish clients. This might impose security risks by exposing too much through Redfish. This change introduces a way to limit backend VMs exposure to Redfish clients by way of configuring allowed instance identities via `SUSHY_EMULATOR_ALLOWED_INSTANCES` configuration option. Story: 2004305 Task: 27865 Change-Id: Iff194ec63a27300b7687bfcdcb4fca579f111183
34 lines
963 B
Plaintext
34 lines
963 B
Plaintext
# sushy emulator configuration file build on top of Flask application
|
|
# configuration infrastructure: http://flask.pocoo.org/docs/config/
|
|
|
|
# Listen on all local IP interfaces
|
|
SUSHY_EMULATOR_LISTEN_IP = ''
|
|
|
|
# Bind to TCP port 8000
|
|
SUSHY_EMULATOR_LISTEN_PORT = 8000
|
|
|
|
# Serve this SSL certificate to the clients
|
|
SUSHY_EMULATOR_SSL_CERT = None
|
|
|
|
# If SSL certificate is being served, this is its RSA private key
|
|
SUSHY_EMULATOR_SSL_KEY = None
|
|
|
|
# The OpenStack cloud ID to use. This option enables OpenStack driver.
|
|
SUSHY_EMULATOR_OS_CLOUD = None
|
|
|
|
# The libvirt URI to use. This option enables libvirt driver.
|
|
SUSHY_EMULATOR_LIBVIRT_URI = 'qemu:///system'
|
|
|
|
# The map of firmware loaders dependant on the boot mode and
|
|
# system architecture
|
|
SUSHY_EMULATOR_BOOT_LOADER_MAP = {
|
|
'Uefi': {
|
|
'x86_64': '/usr/share/OVMF/OVMF_CODE.fd',
|
|
'aarch64': '/usr/share/AAVMF/AAVMF_CODE.fd'
|
|
},
|
|
'Legacy': {
|
|
'x86_64': None,
|
|
'aarch64': None
|
|
}
|
|
}
|