cleaning up manifest

exex.manifest.template

@@ -4,8 +4,7 @@
 # Rust manifest example
 
 libos.entrypoint = "/gramine-ratls" 
- loader.log_level = "{{ log_level }}"
-
+loader.log_level = "{{ log_level }}"
 
 loader.env.LD_LIBRARY_PATH = "/usr/local/lib:/usr{{ arch_libdir }}:{{ arch_libdir }}"
 
@@ -17,23 +16,23 @@ loader.env.RUST_LOG = "info"
 loader.argv = [
     "gramine-ratls", "/tmp/crt.pem", "/tmp/key.pem", "--",
     "target/release/exex",
-	]
+]
+
 loader.uid = 65534
 loader.gid = 65534
 
 fs.mounts = [
-  { type = "encrypted", path = "/main.db", uri = "file:main.db", key_name = "teleportexex" },
     { path = "/teleport.env", uri = "file:teleport.env" },
   { path = "/lib", uri = "file:{{ gramine.runtimedir() }}" },
       { path = "/gramine-ratls", uri = "file:{{ entrypoint }}" },
   { path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" },
     { path = "/tmp", type = "tmpfs" },
   { path = "/usr/lib/ssl/certs/", uri = "file:/usr/lib/ssl/certs/" },  # add this line
   { path = "/etc/ssl/certs/", uri = "file:/etc/ssl/certs/" },  # add this line
-
+    { path = "/tmp/botCert.pem", uri = "file:/home/ecs-user/fullchain.pem" },
+    { path = "/tmp/botKey.pem", uri = "file:/home/ecs-user/privkey.pem" },
 ]
 
-fs.insecure__keys.teleportexex = "38EBF5306BC11707AD66F60FC12F212D"
 
 sys.enable_extra_runtime_domain_names_conf = true
 
@@ -50,6 +49,8 @@ sgx.trusted_files = [
   "file:{{ arch_libdir }}/",
     "file:teleport.env",
     "file:main.db",
+"file:/home/ecs-user/privkey.pem",
+"file:/home/ecs-user/fullchain.pem",
   "file:/usr/lib/ssl/certs/",
   "file:/etc/ssl/certs/",
 
@@ -62,4 +63,8 @@ sgx.trusted_files = [
 # - any threads and threadpools you might be starting
 # - helper threads internal to Gramine — see:
 #   https://gramine.readthedocs.io/en/stable/manifest-syntax.html#number-of-threads
-sgx.max_threads = {{ '1' if env.get('EDMM', '0') == '1' else '32' }}
+sgx.enclave_size = "2G"
+sgx.max_threads = 128
+sys.insecure__allow_eventfd = true
+sys.stack.size = "2M"
+sys.brk.max_size = "256M"