8 Default: PlanetLab Test</para>
9 <para>The name of this PLC installation. It is used in
10 the name of the default system site (e.g., PlanetLab Central)
11 and in the names of various administrative entities (e.g.,
12 PlanetLab Support).</para>
16 <term>PLC_SLICE_PREFIX</term>
22 <para>The abbreviated name of this PLC
23 installation. It is used as the prefix for system slices
24 (e.g., pl_conf). Warning: Currently, this variable should
25 not be changed.</para>
29 <term>PLC_ROOT_USER</term>
34 Default: root@localhost.localdomain</para>
35 <para>The name of the initial administrative
36 account. We recommend that this account be used only to create
37 additional accounts associated with real
38 administrators, then disabled.</para>
42 <term>PLC_ROOT_PASSWORD</term>
48 <para>The password of the initial administrative
49 account. Also the password of the root account on the Boot
54 <term>PLC_ROOT_SSH_KEY_PUB</term>
59 Default: /etc/planetlab/root_ssh_key.pub</para>
60 <para>The SSH public key used to access the root
61 account on your nodes.</para>
65 <term>PLC_ROOT_SSH_KEY</term>
70 Default: /etc/planetlab/root_ssh_key.rsa</para>
71 <para>The SSH private key used to access the root
72 account on your nodes.</para>
76 <term>PLC_DEBUG_SSH_KEY_PUB</term>
81 Default: /etc/planetlab/debug_ssh_key.pub</para>
82 <para>The SSH public key used to access the root
83 account on your nodes when they are in Debug mode.</para>
87 <term>PLC_DEBUG_SSH_KEY</term>
92 Default: /etc/planetlab/debug_ssh_key.rsa</para>
93 <para>The SSH private key used to access the root
94 account on your nodes when they are in Debug mode.</para>
98 <term>PLC_ROOT_GPG_KEY_PUB</term>
103 Default: /etc/planetlab/pubring.gpg</para>
104 <para>The GPG public keyring used to sign the Boot
105 Manager and all node packages.</para>
109 <term>PLC_ROOT_GPG_KEY</term>
114 Default: /etc/planetlab/secring.gpg</para>
115 <para>The SSH private key used to access the root
116 account on your nodes.</para>
120 <term>PLC_MA_SA_NAMESPACE</term>
126 <para>The namespace of your MA/SA. This should be a
127 globally unique value assigned by PlanetLab
132 <term>PLC_MA_SA_SSL_KEY</term>
137 Default: /etc/planetlab/ma_sa_ssl.key</para>
138 <para>The SSL private key used for signing documents
139 with the signature of your MA/SA. If non-existent, one will
144 <term>PLC_MA_SA_SSL_CRT</term>
149 Default: /etc/planetlab/ma_sa_ssl.crt</para>
150 <para>The corresponding SSL public certificate. By
151 default, this certificate is self-signed. You may replace
152 the certificate later with one signed by the PLC root
157 <term>PLC_MA_SA_CA_SSL_CRT</term>
162 Default: /etc/planetlab/ma_sa_ca_ssl.crt</para>
163 <para>If applicable, the certificate of the PLC root
164 CA. If your MA/SA certificate is self-signed, then this file
165 is the same as your MA/SA certificate.</para>
169 <term>PLC_MA_SA_CA_SSL_KEY_PUB</term>
174 Default: /etc/planetlab/ma_sa_ca_ssl.pub</para>
175 <para>If applicable, the public key of the PLC root
176 CA. If your MA/SA certificate is self-signed, then this file
177 is the same as your MA/SA public key.</para>
181 <term>PLC_MA_SA_API_CRT</term>
186 Default: /etc/planetlab/ma_sa_api.xml</para>
187 <para>The API Certificate is your MA/SA public key
188 embedded in a digitally signed XML document. By default,
189 this document is self-signed. You may replace this
190 certificate later with one signed by the PLC root
195 <term>PLC_NET_DNS1</term>
200 Default: 127.0.0.1</para>
201 <para>Primary DNS server address.</para>
205 <term>PLC_NET_DNS2</term>
211 <para>Secondary DNS server address.</para>
215 <term>PLC_DNS_ENABLED</term>
221 <para>Enable the internal DNS server. The server does
222 not provide reverse resolution and is not a production
223 quality or scalable DNS solution. Use the internal DNS
224 server only for small deployments or for
229 <term>PLC_MAIL_ENABLED</term>
234 Default: false</para>
235 <para>Set to false to suppress all e-mail notifications
240 <term>PLC_MAIL_SUPPORT_ADDRESS</term>
245 Default: root+support@localhost.localdomain</para>
246 <para>This address is used for support
247 requests. Support requests may include traffic complaints,
248 security incident reporting, web site malfunctions, and
249 general requests for information. We recommend that the
250 address be aliased to a ticketing system such as Request
255 <term>PLC_MAIL_BOOT_ADDRESS</term>
260 Default: root+install-msgs@localhost.localdomain</para>
261 <para>The API will notify this address when a problem
262 occurs during node installation or boot.</para>
266 <term>PLC_MAIL_SLICE_ADDRESS</term>
271 Default: root+SLICE@localhost.localdomain</para>
272 <para>This address template is used for sending
273 e-mail notifications to slices. SLICE will be replaced with
274 the name of the slice.</para>
278 <term>PLC_DB_ENABLED</term>
284 <para>Enable the database server on this
289 <term>PLC_DB_TYPE</term>
294 Default: postgresql</para>
295 <para>The type of database server. Currently, only
296 postgresql is supported.</para>
300 <term>PLC_DB_HOST</term>
303 Type: hostname</para>
305 Default: localhost.localdomain</para>
306 <para>The fully qualified hostname of the database
311 <term>PLC_DB_IP</term>
316 Default: 127.0.0.1</para>
317 <para>The IP address of the database server, if not
318 resolvable by the configured DNS servers.</para>
322 <term>PLC_DB_PORT</term>
328 <para>The TCP port number through which the database
329 server should be accessed.</para>
333 <term>PLC_DB_NAME</term>
338 Default: planetlab4</para>
339 <para>The name of the database to access.</para>
343 <term>PLC_DB_USER</term>
348 Default: pgsqluser</para>
349 <para>The username to use when accessing the
354 <term>PLC_DB_PASSWORD</term>
357 Type: password</para>
360 <para>The password to use when accessing the
361 database. If left blank, one will be
366 <term>PLC_API_ENABLED</term>
372 <para>Enable the API server on this
377 <term>PLC_API_DEBUG</term>
382 Default: false</para>
383 <para>Enable verbose API debugging. Do not enable on
384 a production system!</para>
388 <term>PLC_API_HOST</term>
391 Type: hostname</para>
393 Default: localhost.localdomain</para>
394 <para>The fully qualified hostname of the API
399 <term>PLC_API_IP</term>
404 Default: 127.0.0.1</para>
405 <para>The IP address of the API server, if not
406 resolvable by the configured DNS servers.</para>
410 <term>PLC_API_PORT</term>
416 <para>The TCP port number through which the API
417 should be accessed.</para>
421 <term>PLC_API_PATH</term>
426 Default: /PLCAPI/</para>
427 <para>The base path of the API URL.</para>
431 <term>PLC_API_MAINTENANCE_USER</term>
436 Default: maint@localhost.localdomain</para>
437 <para>The username of the maintenance account. This
438 account is used by local scripts that perform automated
439 tasks, and cannot be used for normal logins.</para>
443 <term>PLC_API_MAINTENANCE_PASSWORD</term>
446 Type: password</para>
449 <para>The password of the maintenance account. If
450 left blank, one will be generated. We recommend that the
451 password be changed periodically.</para>
455 <term>PLC_API_MAINTENANCE_SOURCES</term>
458 Type: hostname</para>
461 <para>A space-separated list of IP addresses allowed
462 to access the API through the maintenance account. The value
463 of this variable is set automatically to allow only the API,
464 web, and boot servers, and should not be
469 <term>PLC_API_SSL_KEY</term>
474 Default: /etc/planetlab/api_ssl.key</para>
475 <para>The SSL private key to use for encrypting HTTPS
476 traffic. If non-existent, one will be
481 <term>PLC_API_SSL_CRT</term>
486 Default: /etc/planetlab/api_ssl.crt</para>
487 <para>The corresponding SSL public certificate. By
488 default, this certificate is self-signed. You may replace
489 the certificate later with one signed by a root
494 <term>PLC_API_CA_SSL_CRT</term>
499 Default: /etc/planetlab/api_ca_ssl.crt</para>
500 <para>The certificate of the root CA, if any, that
501 signed your server certificate. If your server certificate is
502 self-signed, then this file is the same as your server
507 <term>PLC_WWW_ENABLED</term>
513 <para>Enable the web server on this
518 <term>PLC_WWW_DEBUG</term>
523 Default: false</para>
524 <para>Enable debugging output on web pages. Do not
525 enable on a production system!</para>
529 <term>PLC_WWW_HOST</term>
532 Type: hostname</para>
534 Default: localhost.localdomain</para>
535 <para>The fully qualified hostname of the web
540 <term>PLC_WWW_IP</term>
545 Default: 127.0.0.1</para>
546 <para>The IP address of the web server, if not
547 resolvable by the configured DNS servers.</para>
551 <term>PLC_WWW_PORT</term>
557 <para>The TCP port number through which the
558 unprotected portions of the web site should be
563 <term>PLC_WWW_SSL_PORT</term>
569 <para>The TCP port number through which the protected
570 portions of the web site should be accessed.</para>
574 <term>PLC_WWW_SSL_KEY</term>
579 Default: /etc/planetlab/www_ssl.key</para>
580 <para>The SSL private key to use for encrypting HTTPS
581 traffic. If non-existent, one will be
586 <term>PLC_WWW_SSL_CRT</term>
591 Default: /etc/planetlab/www_ssl.crt</para>
592 <para>The corresponding SSL public certificate for
593 the HTTP server. By default, this certificate is
594 self-signed. You may replace the certificate later with one
595 signed by a root CA.</para>
599 <term>PLC_WWW_CA_SSL_CRT</term>
604 Default: /etc/planetlab/www_ca_ssl.crt</para>
605 <para>The certificate of the root CA, if any, that
606 signed your server certificate. If your server certificate is
607 self-signed, then this file is the same as your server
612 <term>PLC_BOOT_ENABLED</term>
618 <para>Enable the boot server on this
623 <term>PLC_BOOT_HOST</term>
626 Type: hostname</para>
628 Default: localhost.localdomain</para>
629 <para>The fully qualified hostname of the boot
634 <term>PLC_BOOT_IP</term>
639 Default: 127.0.0.1</para>
640 <para>The IP address of the boot server, if not
641 resolvable by the configured DNS servers.</para>
645 <term>PLC_BOOT_PORT</term>
651 <para>The TCP port number through which the
652 unprotected portions of the boot server should be
657 <term>PLC_BOOT_SSL_PORT</term>
663 <para>The TCP port number through which the protected
664 portions of the boot server should be
669 <term>PLC_BOOT_SSL_KEY</term>
674 Default: /etc/planetlab/boot_ssl.key</para>
675 <para>The SSL private key to use for encrypting HTTPS
680 <term>PLC_BOOT_SSL_CRT</term>
685 Default: /etc/planetlab/boot_ssl.crt</para>
686 <para>The corresponding SSL public certificate for
687 the HTTP server. By default, this certificate is
688 self-signed. You may replace the certificate later with one
689 signed by a root CA.</para>
693 <term>PLC_BOOT_CA_SSL_CRT</term>
698 Default: /etc/planetlab/boot_ca_ssl.crt</para>
699 <para>The certificate of the root CA, if any, that
700 signed your server certificate. If your server certificate is
701 self-signed, then this file is the same as your server