-
Notifications
You must be signed in to change notification settings - Fork 2
/
pillar.example
173 lines (168 loc) · 6.31 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# This file includes postgres pillar data example
airflow:
identity:
airflow:
user: airflow
group: airflow
create_user_group: true # false if ldap/oauth/etc
database:
airflow:
install: true # see docs/README
user: airflow
pass: airflow
email: [email protected]
config:
airflow:
pip_cmd: pip3
flask:
# yamllint disable-line rule:line-length
# https://flask-appbuilder.readthedocs.io/en/latest/security.html#authentication-ldap
auth_type: AUTH_DB # AUTH_LDAP
auth_ldap_server: ldap://ldapserver.new # include protocol (ldap or ldaps)
auth_ldap_append_domain: example.com
auth_ldap_uid_field: 'sAMAccountName' # or 'userPrincipalName'
auth_ldap_search: OU=myOrg,DC=example,DC=com
# yamllint disable rule:line-length
## https://confluence.atlassian.com/kb/how-to-write-ldap-search-filters-792496933.html
auth_ldap_search_filter: (&(objectCategory=Person)(sAMAccountName=*)(|memberOf=CN=myGrpRole,OU=myOrg,DC=example,DC=com)
# yamllint enable rule:line-length
# auth_ldap_search: 'OU=ouEngineers_myteam,dc=example,dc=com'
auth_user_registration_role: "Admin" # in addition to any AUTH_ROLES_MAPPING
auth_user_registration: true # allow users who are not already in the FAB DB
auth_roles_mapping:
cn=fab_users,ou=groups,dc=example,dc=com: User
cn=fab_admins,ou=groups,dc=example,dc=com: Admin
auth_roles_sync_at_login: true
webserver:
web_server_host: 0.0.0.0
web_server_port: 18080
content:
api: {}
celery_kubernetes_executor: {}
celery:
# https://docs.celeryproject.org/en/v5.0.2/getting-started/brokers
# yamllint disable-line rule:line-length
broker_url: amqp://airflow:[email protected]:5672/airflow # redis://127.0.0.1:6379/0
## result backend is usually primary airflow host
result_backend: db+postgresql://airflow:[email protected]/airflow
cli: {}
core:
dags_folder: /home/airflow/dags
plugins_folder: /home/airflow/plugins
executor: CeleryExecutor
default_timezone: utc
load_examples: true
# https://stackoverflow.com/questions/45455342
# this is your database host
sql_alchemy_conn: postgresql+psycopg2://airflow:[email protected]/airflow
security: ''
sensitive_var_conn_names: 'treadstone,myfetish'
logging:
log_file_template: dagid/hh/ts_tid_trynumber.log
operators:
default_queue: airflow
webserver:
# yamllint disable-line rule:braces
secret_key: thisMUSTbeSAMEacrossALLhosts
state_colors:
# yamllint disable-line rule:line-length
# https://airflow.apache.org/docs/apache-airflow/stable/howto/customize-state-colors-ui.html
queued: 'darkgray'
running: '#01FF70'
success: '#2ECC40'
failed: 'firebrick'
up_for_retry: 'yellow'
up_for_reschedule: 'turquoise'
upstream_failed: 'orange'
skipped: 'darkorchid'
scheduled: 'tan'
service:
airflow:
enabled:
- airflow-celery-flower
- airflow-scheduler
- airflow-webserver
- airflow-celery-worker
# https://airflow.apache.org/docs/apache-airflow/stable/executor/celery.html
queues: []
firewall:
zone: public
ports:
- 4369/tcp # epmd
- 5432/tcp # postgres
- 5555/tcp # celeryflower
- 5672/tcp # rabbitmq-amqp
- 8793/tcp # airflow-logs
- 15672/tcp # rabbitmq-ui
- 25672/tcp # rabbitmq
- 18080/tcp # airflow-ui
pkg:
airflow:
version: 2.2.2
# https://github.com/pypa/pip/issues/9187
# https://pip.pypa.io/en/latest/user_guide/#dependency-resolution-backtracking
extras:
# yamllint disable rule:line-length
# https://airflow.apache.org/docs/apache-airflow/stable/installation.html#extra-packages
# https://airflow.apache.org/docs/apache-airflow/stable/extra-packages-ref.html
# yamllint enable rule:line-length
# Services Extras
- async
- crypto
- dask
- datadog # Datadog hooks and sensors
- jira # Jira hooks and operators
- sendgrid # Send email using sendgrid
- slack # airflow.providers.slack.operators.slack.SlackAPIOperator
## Software Extras
- celery # CeleryExecutor
- cncf.kubernetes # Kubernetes Executor and operator
- docker # Docker hooks and operators
- ldap # LDAP authentication for users
- microsoft.azure
- microsoft.mssql # Microsoft SQL server
- rabbitmq # RabbitMQ support as a Celery backend
- redis # Redis hooks and sensors
- statsd # Needed by StatsD metrics
- virtualenv
## Standard protocol Extras
- cgroups # Needed To use CgroupTaskRunner
- grpc # Grpc hooks and operators
- http # http hooks and providers
- kerberos # Kerberos integration
- sftp
- sqlite
- ssh # SSH hooks and Operator
- microsoft.winrm # WinRM hooks and operators
linux:
altpriority: 0 # zero disables alternatives
postgres:
version: 13
postgresconf: |-
listen_addresses = '*' # or localhost,192.168.1.1'
users:
airflow:
ensure: present
password: airflow
createdb: true
inherit: true
createroles: true
replication: true
databases:
airflow:
owner: airflow
acls:
# scope, db, user, [ cidr ] ..
- ['local', 'airflow', 'airflow', 'md5']
- ['local', 'all', 'all', 'peer']
- ['host', 'all', 'all', '127.0.0.1/32', 'md5']
- ['host', 'all', 'all', '191.168.1.1/32', 'md5']
- ['host', 'all', 'all', '191.168.1.2/32', 'md5']
- ['host', 'all', 'all', '::1/128', 'md5']
- ['local', 'replication', 'all', 'peer']
- ['host', 'replication', 'all', '127.0.0.1/32', 'md5']
- ['host', 'replication', 'all', '::1/128', 'md5']
...