zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-03 05:27:52 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/java/google/registry/config/files/default-config.yaml
gbrodman 50e0a9b532 Refactor common email sending utility 
The main thrust of this is to create a common POJO that contains email content in a simple way, then have one class that converts that to an email and sends it. Any class that uses email should only have to deal with creating that POJO.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=237883643
2019-03-20 14:25:28 -04:00

391 lines
17 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# This is the default configuration file for Nomulus. Do not make changes to it
# unless you are writing new features that requires you to. To customize an
# individual deployment or environment, create a nomulus-config.yaml file in the
# WEB-INF/ directory overriding only the values you wish to change. You may need
# to override some of these values to configure and enable some services used in
# production environments.
appEngine:
# Globally unique App Engine project ID
projectId: registry-project-id
# whether to use local/test credentials when connecting to the servers
isLocal: true
# URLs of the services for the project.
defaultServiceUrl: https://localhost
backendServiceUrl: https://localhost
toolsServiceUrl: https://localhost
pubapiServiceUrl: https://localhost
gSuite:
# Publicly accessible domain name of the running G Suite instance.
domainName: domain-registry.example
# Display name and email address used on outgoing emails through G Suite.
# The email address must be valid and have permission in the GAE app to send
# emails. For more info see:
# https://cloud.google.com/appengine/docs/standard/java/mail/#who_can_send_mail
outgoingEmailDisplayName: Example Registry
outgoingEmailAddress: noreply@project-id.appspotmail.com
# Email address of the admin account on the G Suite app. This is used for
# logging in to perform administrative actions, not sending emails.
adminAccountEmailAddress: admin@example.com
# Group containing the emails of the support accounts. These accounts will be
# given "ADMIN" role on the registrar console.
supportGroupEmailAddress: support@example.com
registryPolicy:
# Repository identifier (ROID) suffix for contacts and hosts.
contactAndHostRoidSuffix: ROID
# Product name of the registry. Used throughout the registrar console.
productName: Nomulus
# Custom logic factory fully-qualified class name.
# See flows/custom/CustomLogicFactory.java
customLogicFactoryClass: google.registry.flows.custom.CustomLogicFactory
# WHOIS command factory fully-qualified class name.
# See whois/WhoisCommandFactory.java
whoisCommandFactoryClass: google.registry.whois.WhoisCommandFactory
# Custom logic class for handling allocation tokens.
# See flows/domain/token/AllocationTokenCustomLogic.java
allocationTokenCustomLogicClass: google.registry.flows.domain.token.AllocationTokenCustomLogic
# Custom logic class for handling DNS query count reporting for ICANN.
# See reporting/icann/DnsCountQueryCoordinator.java
dnsCountQueryCoordinatorClass: google.registry.reporting.icann.BasicDnsCountQueryCoordinator
# Length of time after which contact transfers automatically conclude.
contactAutomaticTransferDays: 5
# Server ID used in the 'svID' element of an EPP 'greeting'.
greetingServerId: Nomulus Registry
# List of email addresses that notifications of registrar and/or registrar
# contact updates should be sent to, or empty list for no notifications.
registrarChangesNotificationEmailAddresses: []
# Default WHOIS server used when not specified on a registrar.
defaultRegistrarWhoisServer: whois.domain-registry.example
# Mode TMCH should run in (PRODUCTION for production environments, PILOT for
# all others including sandbox).
tmchCaMode: PILOT
# URL for the ICANN TMCH Certificate Revocation List.
tmchCrlUrl: http://crl.icann.org/tmch_pilot.crl
# URL for the MarksDB registry interface.
tmchMarksDbUrl: https://test-ry.marksdb.org
# Registrys operations registrar, used for front-end availability/premium
# domain checks.
checkApiServletClientId: TheRegistrar
# The registry admin's registrar. Admins are granted permission to log in
# using this registrar automatically if they are not associated with any
# registrar
registryAdminClientId: TheRegistrar
# Disclaimer at the top of the exported premium terms list.
premiumTermsExportDisclaimer: |
This list contains domains for the TLD offered at a premium price. This
list is subject to change. The most up-to-date source is always the
registry itself, by sending domain check EPP commands.
# Disclaimer at the top of the exported reserved terms list.
reservedTermsExportDisclaimer: |
This list contains reserved terms for the TLD. Other terms may be reserved
but not included in this list, including terms the registry chooses not
to publish. This list is subject to change. The most up-to-date source
is always the registry itself, by sending domain check EPP commands.
# Redaction text for email address in WHOIS
whoisRedactedEmailText: |
Please query the WHOIS server of the owning registrar identified in this
output for information on how to contact the Registrant, Admin, or Tech
contact of the queried domain name.
# Disclaimer at the top of WHOIS results.
whoisDisclaimer: |
WHOIS information is provided by the registry solely for query-based,
informational purposes. Any information provided is "as is" without any
guarantee of accuracy. You may not use such information to (a) allow,
enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations; (b) enable high volume, automated,
electronic processes that access the registry's systems or any
ICANN-Accredited Registrar, except as reasonably necessary to register
domain names or modify existing registrations; or (c) engage in or support
unlawful behavior. We reserve the right to restrict or deny your access to
the WHOIS database, and may modify these terms at any time.
# RDAP Terms of Service text displayed at the /rdap/help/tos endpoint.
rdapTos: >
By querying our Domain Database as part of the RDAP pilot program (RDAP
Domain Database), you are agreeing to comply with these terms, so please
read them carefully.
Any information provided is 'as is' without any guarantee of accuracy.
Please do not misuse the RDAP Domain Database. It is intended solely for
query-based access on an experimental basis and should not be used for or
relied upon for any other purpose.
Don't use the RDAP Domain Database to allow, enable, or otherwise support
the transmission of mass unsolicited, commercial advertising or
solicitations.
Don't access our RDAP Domain Database through the use of high volume,
automated electronic processes that send queries or data to the systems
of any ICANN-accredited registrar.
You may only use the information contained in the RDAP Domain Database for
lawful purposes.
Do not compile, repackage, disseminate, or otherwise use the information
contained in the RDAP Domain Database in its entirety, or in any
substantial portion, without our prior written permission.
We may retain certain details about queries to our RDAP Domain Database
for the purposes of detecting and preventing misuse.
We reserve the right to restrict or deny your access to the RDAP Domain
Database if we suspect that you have failed to comply with these terms.
We reserve the right to modify or discontinue our participation in the
RDAP pilot program and suspend or terminate access to the RDAP Domain
Database at any time and for any reason in our sole discretion.
We reserve the right to modify this agreement at any time.
# Link to static Web page with RDAP terms of service. Displayed in RDAP
# responses. If null, no static Web page link is generated.
rdapTosStaticUrl: null
# Name of the registry for use in spec 11 emails
registryName: Example Registry
# A list of resources we send to registrars when informing them of
# spec 11 threats
spec11WebResources: []
# Whether to require an SSL certificate hash in order to be able to log in
# via EPP and run commands. This can be false for testing environments but
# should generally be true for production environments, for added security.
requireSslCertificates: true
datastore:
# Number of commit log buckets in Datastore. Lowering this after initial
# install risks losing up to a days' worth of differential backups.
commitLogBucketsNum: 397
# Number of EPP resource index buckets in Datastore. Dont change after
# initial install.
eppResourceIndexBucketsNum: 997
# Milliseconds that Objectify waits to retry a Datastore transaction (this
# doubles after each failure).
baseOfyRetryMillis: 100
cloudDns:
# Set both properties to null in Production.
# The root url for the Cloud DNS API. Set this to a non-null value to
# override the default API server used by the googleapis library.
rootUrl: https://staging-www.sandbox.googleapis.com
# The service endpoint path for the Cloud DNS API. Set this to a non-null
# value to override the default API path used by the googleapis library.
servicePath: dns/v2beta1_staging/projects/
caching:
# Length of time that a singleton should be cached before expiring.
singletonCacheRefreshSeconds: 600
# Length of time that a reserved/premium list should be cached before expiring.
domainLabelCachingSeconds: 3600
# Length of time that a long-lived singleton in persist mode should be cached.
singletonCachePersistSeconds: 31557600 # This is one year.
# Maximum total number of static premium list entry entities to cache in
# memory, across all premium lists for all TLDs. Tuning this up will use more
# memory (and might require using larger App Engine instances). Note that
# premium list entries that are absent are cached in addition to ones that are
# present, so the total cache size is not bounded by the total number of
# premium price entries that exist.
staticPremiumListMaxCachedEntries: 200000
# Whether to enable caching of EPP resource entities and keys. Enabling this
# caching allows for much higher domain create/update throughput when hosts
# and/or contacts are being frequently used (which is commonly the case).
# However, this may introduce transactional inconsistencies, such as allowing
# hosts or contacts to be used that are actually deleted (though in practice
# this will only happen for non-widely-used entities). Only set this to true
# if you need the performance, i.e. if you need >10 domain mutations per
# frequently used contact or host. This situation is typically caused by
# registrars reusing the same contact/host across many operations, e.g. a
# privacy/proxy contact or a common host pointing to a registrar-run
# nameserver.
eppResourceCachingEnabled: false
# Length of time that EPP resource entities and keys are cached in memory
# before expiring. This should always be shorter than asyncDeleteDelaySeconds,
# to prevent deleted contacts or hosts from being used on domains.
eppResourceCachingSeconds: 60
# The maximum number of EPP resource entities and keys to cache in memory.
# LoadingCache evicts rarely-used keys first, so in practice this does not
# have to be very large to achieve the vast majority of possible gains.
eppResourceMaxCachedEntries: 500
oAuth:
# OAuth scopes to detect on access tokens. Superset of requiredOauthScopes.
availableOauthScopes:
- https://www.googleapis.com/auth/userinfo.email
# OAuth scopes required for authenticating. Subset of availableOauthScopes.
requiredOauthScopes:
- https://www.googleapis.com/auth/userinfo.email
# OAuth client IDs that are allowed to authenticate and communicate with
# backend services, e. g. nomulus tool, EPP proxy, etc. The client_id value
# used in registryTool.clientId field for associated tooling should be included
# in this list. Client IDs are typically of the format
# numbers-alphanumerics.apps.googleusercontent.com
allowedOauthClientIds: []
credentialOAuth:
# OAuth scopes required for accessing Google APIs using the default
# credential.
defaultCredentialOauthScopes:
# View and manage data in all Google Cloud APIs.
- https://www.googleapis.com/auth/cloud-platform
# View and manage files in Google Drive, e.g., Docs and Sheets.
- https://www.googleapis.com/auth/drive
# OAuth scopes required for delegated admin access to G Suite domain.
# Deployment of changes to this list must be coordinated with G Suite admin
# configuration, which can be managed in the admin console:
# - New scopes must be added to the G Suite domain configuration before the
# release is deployed.
# - Removed scopes must remain on G Suite domain configuration until the
# release is deployed.
delegatedCredentialOauthScopes:
# View and manage groups on your domain in Directory API.
- https://www.googleapis.com/auth/admin.directory.group
# View and manage group settings in Group Settings API.
- https://www.googleapis.com/auth/apps.groups.settings
# OAuth scopes required to create a credential locally in for the nomulus tool.
localCredentialOauthScopes:
# View and manage data in all Google Cloud APIs.
- https://www.googleapis.com/auth/cloud-platform
# Call App Engine APIs locally.
- https://www.googleapis.com/auth/appengine.apis
# View your email address.
- https://www.googleapis.com/auth/userinfo.email
# View and manage your applications deployed on Google App Engine
- https://www.googleapis.com/auth/appengine.admin
icannReporting:
# URL we PUT monthly ICANN transactions reports to.
icannTransactionsReportingUploadUrl: https://ry-api.icann.org/report/registrar-transactions
# URL we PUT monthly ICANN activity reports to.
icannActivityReportingUploadUrl: https://ry-api.icann.org/report/registry-functions-activity
billing:
invoiceEmailRecipients: []
invoiceFilePrefix: REG-INV
rde:
# URL prefix of ICANN's server to upload RDE reports to. Nomulus adds /TLD/ID
# to the end of this to construct the full URL.
reportUrlPrefix: https://test-ry-api.icann.org:8543/report/registry-escrow-report
# SFTP URL to which RDE deposits are uploaded. This should contain a username
# but not the password.
uploadUrl: sftp://username@rde-provider.example
# Identity of the SSH keys (stored in the Keyring) used for RDE SFTP uploads.
sshIdentityEmailAddress: rde@example.com
registrarConsole:
# Filename of the logo to use in the header of the console. This filename is
# relative to ui/assets/images/
logoFilename: logo.png
# Contact phone number for support with the registry.
supportPhoneNumber: +1 (888) 555 0123
# Contact email address for support with the registry.
supportEmailAddress: support@example.com
# From: email address used to send announcements from the registry.
announcementsEmailAddress: announcements@example.com
# Contact email address for questions about integrating with the registry.
integrationEmailAddress: integration@example.com
# URL linking to directory of technical support docs on the registry.
technicalDocsUrl: http://example.com/your_support_docs/
monitoring:
# Max queries per second for the Google Cloud Monitoring V3 (aka Stackdriver)
# API. The limit can be adjusted by contacting Cloud Support.
stackdriverMaxQps: 30
# Max number of points that can be sent to Stackdriver in a single
# TimeSeries.Create API call.
stackdriverMaxPointsPerRequest: 200
# How often metrics are exported to BigQuery.
writeIntervalSeconds: 60
misc:
# The ID of the Google Sheet (as found in the URL) to export registrar details
# to. Leave this null to disable syncing.
sheetExportId: null
# Address we send alert summary emails to.
alertRecipientEmailAddress: email@example.com
# Address to which the Spec 11 emails to registrars should be replied. This needs
# to be a deliverable email address in case the registrars want to contact us.
spec11ReplyToEmailAddress: reply-to@example.com
# How long to delay processing of asynchronous deletions. This should always
# be longer than eppResourceCachingSeconds, to prevent deleted contacts or
# hosts from being used on domains.
asyncDeleteDelaySeconds: 90
# Number of times to retry a GAE operation when a transient exception is thrown.
# The number of milliseconds it'll sleep before giving up is (2^n - 2) * 100.
transientFailureRetries: 12
beam:
# The default zone to run Apache Beam (Cloud Dataflow) jobs in.
defaultJobZone: us-east1-c
keyring:
# The name of the active keyring, either "KMS" or "Dummy".
activeKeyring: Dummy
# Configuration options specific to Google Cloud KMS.
kms:
# GCP project containing the KMS keyring. Should only be used for KMS in
# order to keep a simple locked down IAM configuration.
projectId: registry-kms-project-id
# The name to use for the Cloud KMS KeyRing which will store encryption keys
# for Nomulus secrets.
keyringName: nomulus
# Configuration options relevant to the "nomulus" registry tool.
registryTool:
# OAuth client Id used by the tool.
clientId: YOUR_CLIENT_ID
# OAuth client secret used by the tool.
clientSecret: YOUR_CLIENT_SECRET
Reference in a new issue View git blame Copy permalink