# -*- coding: utf-8 -*- # vim: ft=yaml --- # Copyright (C) The Arvados Authors. All rights reserved. # # SPDX-License-Identifier: Apache-2.0 # The variables commented out are the default values that the formula uses. # The uncommented values are REQUIRED values. If you don't set them, running # this formula will fail. arvados: ### GENERAL CONFIG # version: '2.1.0' # release: production ### It makes little sense to disable this flag, but you can, if you want :) # use_upstream_repo: true ### Repo URL is built with grains values. If desired, it can be completely ### overwritten with the pillar parameter 'repo_url' # repo: # humanname: Arvados Official Repository # IMPORTANT!!!!! # api, workbench and shell require some gems, so you need to make sure ruby # and deps are installed in order to install and compile the gems. # We default to `false` in these two variables as it's expected you already # manage OS packages with some other tool and you don't want us messing up # with your setup. ruby: # We set these to `true` here for testing purposes. # They both default to `false`. manage_ruby: true use_rvm: false # If you want to use rvm. Defaults to true for centos-7 # pkg: ruby # Can specify a version like ruby-2.5.7 for rvm manage_gems_deps: true # gems_deps: # - curl # - g++ # - gcc # - git # - libcurl4 # - libcurl4-gnutls-dev # - libpq-dev # - libxml2 # - libxml2-dev # - make # - python3-dev # - ruby-dev # - zlib1g-dev # config: # file: /etc/arvados/config.yml # user: root ### IMPORTANT!!!!! ### If you're installing any of the rails apps (api, workbench), the group ### should be set to that of the web server, usually `www-data` # group: root # mode: 640 # ### This is the command run to verify the configuration is correct before ### deploying it. By default it uses `-strict=true`, so it will error on ### warnings (ie, unknown/deprecated parameters) # # check_command: /usr/bin/arvados-server config-check -config # ### To fail only on errors, you can use # # check_command: /usr/bin/arvados-server config-check -strict=false -config # ### and to disable configuration checking (not recommended), just set it to ### any command that returns true # # check_command: /bin/true ### ARVADOS CLUSTER CONFIG cluster: name: fixme domain: example.net database: # max concurrent connections per arvados server daemon # connection_pool_max: 32 name: arvados host: 127.0.0.1 password: changeme_arvados user: arvados # You can pass extra database connections parameters here, # which will be rendered as yaml. # extra_conn_params: # sslmode: prefer # verify-ca: false # client_encoding: UTF8 tls: # certificate: '' # key: '' # required to test with snakeoil certs insecure: true ### TOKENS tokens: # Secrets and tokens have to be +32 alphanumeric, # it does not accept underscores or special characters. # See https://dev.arvados.org/issues/17150 system_root: systemroottokenmushaveatleast32characters management: managementtokenmushaveatleast32characters # The AnonymousUserToken can be set here or in the # Users dictionary below. The latter will be used if set. anonymous_user: anonymoususertokenmushaveatleast32characters ### KEYS secrets: blob_signing_key: blobsigningkeymushaveatleast32characters workbench_secret_key: workbenchsecretkeymushaveatleast32characters dispatcher_access_key: changemedispatcheraccesskey dispatcher_secret_key: changemedispatchersecretkey keep_access_key: changemekeepaccesskey keep_secret_key: changemekeepsecretkey ### ARVADOS RESOURCES # This dict allows you to create various resources in the Arvados # database so they're ready to use. # Check the `arvados.api.resources.* states to see which can be # currently managed ### SHELL / WEBSHELL REGISTRATION # In order to use shell nodes via webshell, Arvados needs to know of # their existence and they need to be configured as upstreams in nginx # (see https://doc.arvados.org/v2.0/install/install-webshell.html) # This could be achieved in various ways (ie, through salt mine if you # want them to be dinamically created), but that's outside the scope of # this formula. The following dict is just an example that will be used # by the `arvados.api.resources.virtual_machines` state to add entries # in Arvados' database of the cluster's resources' # It's additionally used in the `test/salt/pillar/examples/nginx_webshell_configuration.sls` # pillar to add the corresponding `location` entries in nginx's webshell vhosts & upstreams resources: virtual_machines: shell1: name: webshell1 # if not set, will match the one of the dict key above backend: 1.2.3.4 # upstream host ip/name that has the shell role port: 4200 # port where shellinabox is listening # when no other parameter is set: # `name` will match the name of the key # backend` will match `name` # `port` will default to shellinabox's 4200 webshell2: {} ### VOLUMES ## This should usually match all your `keepstore` instances Volumes: # the volume name will be composed with # -nyw5e- fixme-nyw5e-000000000000000: AccessViaHosts: http://keep0.fixme.example.net:25107: ReadOnly: false Replication: 2 Driver: Directory DriverParameters: Root: /tmp Users: NewUsersAreActive: true AutoAdminFirstUser: true AutoSetupNewUsers: true AutoSetupNewUsersWithRepository: true Services: Controller: ExternalURL: https://fixme.example.net InternalURLs: http://localhost:8003: {} DispatchCloud: InternalURLs: http://fixme.example.net:9006: {} Keepbalance: InternalURLs: http://fixme.example.net:9005: {} Keepproxy: ExternalURL: https://keep.fixme.example.net InternalURLs: http://localhost:25100: {} Keepstore: InternalURLs: http://keep0.fixme.example.net:25107: {} RailsAPI: InternalURLs: http://localhost:8004: {} WebDAV: ExternalURL: https://collections.fixme.example.net InternalURLs: http://localhost:9002: {} WebDAVDownload: ExternalURL: https://download.fixme.example.net WebShell: ExternalURL: https://webshell.fixme.example.net Websocket: ExternalURL: wss://ws.fixme.example.net/websocket InternalURLs: http://localhost:8005: {} Workbench1: ExternalURL: https://workbench.fixme.example.net Workbench2: ExternalURL: https://workbench2.fixme.example.net # ### THESE ARE THE PACKAGES AND DAEMONS BASIC CONFIGS # #### API # api: # pkg: # name: # - arvados-api-server # - arvados-dispatch-cloud # gem: # name: # - arvados-cli # service: # name: # - nginx # port: 8004 # #### CONTROLLER # controller: # pkg: # name: arvados-controller # gem: # name: # - arvados-cli # service: # name: arvados-controller # port: 8003 # #### DISPATCHER # dispatcher: # pkg: # name: # - crunch-dispatch-local # # - arvados-dispatch-cloud # # - crunch-dispatch-slurm # service: # name: crunch-dispatch-local # port: 9006 # #### KEEPPROXY # keepproxy: # pkg: # name: keepproxy # service: # name: keepproxy # port: 25107 # #### KEEPWEB # keepweb: # pkg: # name: keep-web # service: # name: keep-web # # webdav # port: 9002 # #### KEEPSTORE # keepstore: # pkg: # name: keepstore # service: # name: keepstore # port: 25107 # #### SHELL # shell: # pkg: # name: # - arvados-client # - arvados-src # - python3-arvados-fuse # - python3-arvados-python-client # - python3-arvados-cwl-runner # gem: # name: # - arvados-cli # - arvados-login-sync # shellinabox: # config: /etc/default/shellinabox # service: # name: shellinabox # port: 4200 # #### WORKBENCH # workbench: # pkg: # name: arvados-workbench # service: # name: nginx # #### WORKBENCH2 # workbench2: # pkg: # name: arvados-workbench2 # service: # name: nginx # #### WEBSOCKET # websocket: # pkg: # name: arvados-ws # service: # name: arvados-ws # port: 8005 # ## SALTSTACK FORMULAS TOFS configuration # https://template-formula.readthedocs.io/en/latest/TOFS_pattern.html # tofs: # # The files_switch key serves as a selector for alternative # # directories under the formula files directory. See TOFS pattern # # doc for more info. # # Note: Any value not evaluated by `config.get` will be used literally. # # This can be used to set custom paths, as many levels deep as required. # files_switch: # - any/path/can/be/used/here # - id # - roles # - osfinger # - os # - os_family # # All aspects of path/file resolution are customisable using the options below. # # This is unnecessary in most cases; there are sensible defaults. # # Default path: salt://< path_prefix >/< dirs.files >/< dirs.default > # # I.e.: salt://arvados/files/default # # path_prefix: template_alt # # dirs: # # files: files_alt # # default: default_alt # # The entries under `source_files` are prepended to the default source files # # given for the state # # source_files: # # arvados-config-file-file-managed: # # - 'example_alt.tmpl' # # - 'example_alt.tmpl.jinja'