# pcsd configuration file

# Set PCSD_DEBUG to true for advanced pcsd debugging information
PCSD_DEBUG=false
# Set DISABLE_GUI to true to disable GUI frontend in pcsd
PCSD_DISABLE_GUI=false
# Set web UI sesions lifetime in seconds
PCSD_SESSION_LIFETIME=3600
# List of IP addresses pcsd should bind to delimited by ',' character
#PCSD_BIND_ADDR='::'
# Set port on which pcsd should be available
#PCSD_PORT=2224

# If set to true:
# - When creating new cluster, pcs sends pcsd's SSL certificate from the local
#   node to all nodes in the new cluster. Thus all pcsds in the cluster have the
#   same SSL certificate.
# - When adding new node to an existing cluster, pcs sends pcsd's SSL
#   certificate from the local node to the new node. Thus pcsd on the new node
#   has the same SSL certificate as the local node.
# If set to false, the behavior described above is disabled.
#PCSD_SSL_CERT_SYNC_ENABLED=true


# SSL settings
# set SSL options delimited by ',' character
# list of valid options can be obtained by running
# ruby -e 'require "openssl"; puts OpenSSL::SSL.constants.grep /^OP_/'
#PCSD_SSL_OPTIONS='OP_NO_SSLv2,OP_NO_SSLv3,OP_NO_TLSv1,OP_NO_TLSv1_1'

# set SSL ciphers
#PCSD_SSL_CIPHERS='DEFAULT:!RC4:!3DES:@STRENGTH'

# set a DH key for key exchange, this overrides PCSD_SSL_DH_KEX_BITS
# set to an empty string to disable this option and generate a random DH key
#PCSD_SSL_DH_KEX_FILE=/usr/lib/pcsd/rfc7919-ffdhe2048.pem

# set length (in bits) of a DH key for key exchange
#PCSD_SSL_DH_KEX_BITS=1024

# Reject client initiated SSL/TLS renegotiation. Set this to true to make pcsd
# close a connection when a client requests a renegotiation. For more details
# about the renegotiation see
# http://www.educatedguesswork.org/2011/10/ssltls_and_computational_dos.html
#PCSD_REJECT_SSL_RENEG=false


# Proxy settings for pcsd node to node communication
# See ENVIRONMENT section in curl(1) man page for more details.
# Proxy address
#HTTPS_PROXY=
# Do not use proxy for specified hostnames
#NO_PROXY=

# Do not change
RACK_ENV=production
