# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
Max: 88
-
# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`
-
@commitlint/travis-cli
- commitlint-travis
- ## Define the rest of the matrix based on Kitchen testing
- # Make sure the instances listed below match up with
- # the `platforms` defined in `kitchen.yml`
- # NOTE: Please try to select up to six instances that add some meaningful
- # testing of the formula's behaviour. If possible, try to refrain from
- # the classical "chosing all the instances because I want to test on
- # another/all distro/s" trap: it will just add time to the testing (see
- # the discussion on #121). As an example, the set chosen below covers
- # the most used distros families, systemd and non-systemd and the latest
- # three supported Saltstack versions with python2 and 3.
- # As for `kitchen.yml`, that should still contain all of the platforms,
- # to allow for comprehensive local testing
- # Ref: https://github.com/saltstack-formulas/template-formula/issues/118
- # Ref: https://github.com/saltstack-formulas/template-formula/issues/121
- - env: INSTANCE=default-debian-10-master-py3
- # - env: INSTANCE=default-ubuntu-1804-master-py3
- - env: INSTANCE=default-centos-8-master-py3
- # - env: INSTANCE=default-fedora-31-master-py3
- # - env: INSTANCE=default-opensuse-leap-151-master-py3
- # - env: INSTANCE=default-amazonlinux-2-master-py3
- # - env: INSTANCE=default-arch-base-latest-master-py2
- # - env: INSTANCE=default-debian-10-3000-1-py3
- - env: INSTANCE=default-ubuntu-1804-3000-1-py3
- # - env: INSTANCE=default-centos-8-3000-1-py3
- # - env: INSTANCE=default-fedora-31-3000-1-py3
- - env: INSTANCE=default-opensuse-leap-151-3000-1-py3
- - env: INSTANCE=default-amazonlinux-2-3000-1-py3
- # - env: INSTANCE=default-arch-base-latest-3000-1-py2
- # - env: INSTANCE=default-debian-10-2019-2-py3
- # - env: INSTANCE=default-debian-9-2019-2-py3
- # - env: INSTANCE=default-ubuntu-1804-2019-2-py3
- # - env: INSTANCE=default-ubuntu-1604-2019-2-py3
- # - env: INSTANCE=default-centos-8-2019-2-py3
+ - env: INSTANCE=api-debian-10-3000-1-py3
+ - env: INSTANCE=workbench-debian-10-3000-1-py3
+ - env: INSTANCE=shell-debian-10-3000-1-py3
+ - env: INSTANCE=keepstore-debian-10-3000-1-py3
+ # - env: INSTANCE=default-ubuntu-1804-3000-1-py3
# - env: INSTANCE=default-centos-7-2019-2-py3
- - env: INSTANCE=default-fedora-31-2019-2-py3
- # - env: INSTANCE=default-opensuse-leap-151-2019-2-py3
- # - env: INSTANCE=default-amazonlinux-2-2019-2-py3
- # - env: INSTANCE=default-ubuntu-1804-2019-2-py2
- # - env: INSTANCE=default-amazonlinux-1-2019-2-py2
- - env: INSTANCE=default-arch-base-latest-2019-2-py2
- # - env: INSTANCE=default-centos-7-2018-3-py3
- # - env: INSTANCE=default-fedora-30-2018-3-py3
- # - env: INSTANCE=default-debian-9-2018-3-py2
- # - env: INSTANCE=default-debian-8-2018-3-py2
- # - env: INSTANCE=default-ubuntu-1804-2018-3-py2
- # - env: INSTANCE=default-ubuntu-1604-2018-3-py2
- - env: INSTANCE=centos6-centos-6-2018-3-py2
- # - env: INSTANCE=default-opensuse-leap-151-2018-3-py2
- # - env: INSTANCE=default-amazonlinux-1-2018-3-py2
- # - env: INSTANCE=default-arch-base-latest-2018-3-py2
## Define the release stage that runs `semantic-release`
- stage: 'release'
ignore: |
node_modules/
test/**/states/**/*.sls
+ test/**/pillar/**/*.sls
.kitchen/
yaml-files:
line-length:
# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
- max: 88
+ max: 100
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true
name: arvados
-os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, Amazon, Suse, openSUSE, Gentoo, Funtoo, Arch, Manjaro, Alpine, FreeBSD, OpenBSD, Solaris, SmartOS, Windows, MacOS
-os_family: Debian, RedHat, Suse, Gentoo, Arch, Alpine, FreeBSD, OpenBSD, Solaris, Windows, MacOS
-version: 1.0.0
+os: Debian, Ubuntu, RedHat, CentOS
+os_family: Debian, RedHat
+version: 0.1.0
release: 1
-minimum_version: 2017.7
+minimum_version: 3000.1
summary: arvados formula
-description: Formula to use as a template for other formulas
+description: Formula to install and configure an Arvados cluster
top_level_dir: arvados
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+{% for gm in arvados.api.gem.name %}
+arvados-api-package-clean-gem-{{ gm }}-removed:
+ gem.removed:
+ - name: {{ gm }}
+ - require_in:
+ - pkg: arvados-api-package-clean-gems-deps-pkg-removed
+{% endfor %}
+
+arvados-api-package-clean-gems-deps-pkg-removed:
+ pkg.removed:
+ - pkgs: {{ arvados.ruby.gems_deps | json }}
+ - only_if: {{ arvados.ruby.manage_gems_deps }}
+
+arvados-api-package-clean-pkg-removed:
+ pkg.removed:
+ - pkgs: {{ arvados.api.pkg.name | json }}
+
+arvados-api-package-clean-ruby-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.ruby.pkg }}
+ - only_if: {{ arvados.ruby.manage_ruby }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+# The API server requires a valid config BEFORE installing...
+include:
+ - {{ sls_config_file }}
+
+arvados-api-package-install-ruby-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.ruby.pkg }}
+ - only_if: {{ arvados.ruby.manage_ruby }}
+
+arvados-api-package-install-gems-deps-pkg-installed:
+ pkg.installed:
+ - pkgs: {{ arvados.ruby.gems_deps | json }}
+ - only_if: {{ arvados.ruby.manage_gems_deps }}
+
+{% for gm in arvados.api.gem.name %}
+arvados-api-package-install-gem-{{ gm }}-installed:
+ gem.installed:
+ - name: {{ gm }}
+ - require:
+ - pkg: arvados-api-package-install-gems-deps-pkg-installed
+ - require_in:
+ - pkg: arvados-api-package-install-pkg-installed
+{% endfor %}
+
+arvados-api-package-install-pkg-installed:
+ pkg.installed:
+ - pkgs: {{ arvados.api.pkg.name | json }}
+ - require:
+ - sls: {{ sls_config_file }}
{%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import arvados with context %}
-arvados-service-clean-service-dead:
+arvados-api-service-clean-service-dead:
service.dead:
- name: {{ arvados.service.name }}
- enable: False
+ - require_in:
+ - pkg: arvados-api-package-clean-pkg-removed
{%- from tplroot ~ "/map.jinja" import arvados with context %}
include:
+ - ..package
- {{ sls_config_file }}
-arvados-service-running-service-running:
+arvados-api-service-running-service-running:
service.running:
- - name: {{ arvados.service.name }}
+ - name: {{ arvados.api.service.name }}
- enable: True
- watch:
- sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-api-package-install-pkg-installed
# vim: ft=sls
include:
- - .subcomponent.clean
- - .service.clean
- .config.clean
- - .package.clean
+ #- .api.clean
+ #- .keepstore.clean
+ #- .websocket.clean
+ #- .keepweb.clean
+ #- .workbench2.clean
+ #- .keepproxy.clean
+ - .shell.clean
+ #- .workbench.clean
+ - .repo.clean
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
-{%- set sls_service_clean = tplroot ~ '.service.clean' %}
{%- from tplroot ~ "/map.jinja" import arvados with context %}
-include:
- - {{ sls_service_clean }}
-
arvados-config-clean-file-absent:
file.absent:
- - name: {{ arvados.config }}
- - require:
- - sls: {{ sls_service_clean }}
+ - name: {{ arvados.config.file }}
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
-{%- set sls_package_install = tplroot ~ '.package.install' %}
{%- from tplroot ~ "/map.jinja" import arvados with context %}
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
-include:
- - {{ sls_package_install }}
-
arvados-config-file-file-managed:
file.managed:
- - name: {{ arvados.config }}
- - source: {{ files_switch(['example.tmpl'],
+ - name: {{ arvados.config.file }}
+ - source: {{ files_switch(['config.tmpl', 'config.tmpl.jinja'],
lookup='arvados-config-file-file-managed'
)
}}
- - mode: 644
- - user: root
- - group: {{ arvados.rootgroup }}
+ - mode: {{ arvados.config.mode }}
+ - user: {{ arvados.config.user }}
+ - group: {{ arvados.config.group }}
- makedirs: True
- template: jinja
- - require:
- - sls: {{ sls_package_install }}
- context:
arvados: {{ arvados | json }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-controller-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.controller.pkg.name }}
# vim: ft=sls
include:
- - .config
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-controller-package-install-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.controller.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-controller-service-clean-service-dead:
+ service.dead:
+ - name: {{ arvados.service.name }}
+ - enable: False
+ - require_in:
+ - pkg: arvados-controller-package-clean-pkg-removed
# vim: ft=sls
include:
- - .file
+ - .running
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+include:
+ - ..package
+ - {{ sls_config_file }}
+
+arvados-controller-service-running-service-running:
+ service.running:
+ - name: {{ arvados.controller.service.name }}
+ - enable: True
+ - watch:
+ - sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-controller-package-install-pkg-installed
# vim: ft=yaml
---
arvados:
- pkg:
- name: arvados
- rootgroup: root
- config: '/etc/arvados'
- service:
- name: arvados
- subcomponent:
- config: '/etc/arvados-subcomponent-formula.conf'
- # Just here for testing
- added_in_defaults: defaults_value
- winner: defaults
+ version: '2.0.2'
+ use_upstream_repo: true
+ repo:
+ humanname: Arvados Official Repository
+ ruby:
+ manage_ruby: false
+ pkg: ruby
+ manage_gems_deps: false
+ gems_deps:
+ - bundler
+ - curl
+ - g++
+ - gcc
+ - git
+ - libcurl4
+ - libcurl4-gnutls-dev
+ - libpam0g-dev
+ - libpq-dev
+ - libxml2
+ - libxml2-dev
+ - make
+ - python-dev
+ - ruby-dev
+ - zlib1g-dev
+
+ config:
+ file: /etc/arvados/config.yml
+ user: root
+ group: root
+ mode: 640
+
+ cluster:
+ database:
+ connection_pool_max: 32
+
+ tls:
+ certificate: ''
+ key: ''
+ insecure: false
+
+ ### SERVICES
+ ##### API
+ api:
+ pkg:
+ name:
+ - arvados-api-server
+ gem:
+ name:
+ - arvados-cli
+ service:
+ name: nginx
+ port: 8004
+ ##### CONTROLLER
+ controller:
+ pkg:
+ name: arvados-controller
+ service:
+ name: arvados-controller
+ port: 8003
+ ##### DISPATCHER
+ dispatcher:
+ pkg:
+ name:
+ - crunch-dispatch-local
+ # - arvados-dispatch-cloud
+ # - crunch-dispatch-slurm
+ service:
+ name: crunch-dispatch-local
+ port: 9006
+ ##### KEEPPROXY
+ keepproxy:
+ pkg:
+ name: keepproxy
+ service:
+ name: keepproxy
+ port: 25107
+ ##### KEEPWEB
+ keepweb:
+ pkg:
+ name: keep-web
+ service:
+ name: keep-web
+ # webdav
+ port: 9002
+ ##### KEEPSTORE
+ keepstore:
+ pkg:
+ name: keepstore
+ service:
+ name: keepstore
+ port: 25107
+ ##### GIT-HTTPD
+ githttpd:
+ pkg:
+ name: arvados-git-httpd
+ service:
+ name: arvados-git-httpd
+ port: 9001
+ ##### SHELL
+ shell:
+ pkg:
+ name:
+ - arvados-client
+ - arvados-src
+ - libpam-arvados
+ - python-arvados-fuse
+ - python-arvados-python-client
+ - python3-arvados-cwl-runner
+ gem:
+ name:
+ - arvados-cli
+ - arvados-login-sync
+ ##### WORKBENCH
+ workbench:
+ pkg:
+ name: arvados-workbench
+ service:
+ name: nginx
+ # just for reference, is where the upstream is configured
+ port: 9000
+ ##### WORKBENCH2
+ workbench2:
+ pkg:
+ name: arvados-workbench2
+ service:
+ name: nginx
+ ##### WEBSOCKET
+ websocket:
+ pkg:
+ name: arvados-ws
+ service:
+ name: arvados-ws
+ port: 8005
+ ##### SSO
+ sso:
+ pkg:
+ name: arvados-sso
+ service:
+ name: arvados-sso
+ port: 8900
--- /dev/null
+---
+########################################################################
+# File managed by Salt at <{{ source }}>.
+# Your changes will be overwritten.
+#
+# Please check https://doc.arvados.org/master/admin/config.html for
+# documentation about the parameters configured here.
+########################################################################
+Clusters:
+ {{ arvados.cluster.name }}:
+ SystemRootToken: "{{ arvados.cluster.tokens.system_root }}"
+ ManagementToken: "{{ arvados.cluster.tokens.management }}"
+
+ API:
+ RailsSessionSecretToken: "{{ arvados.cluster.tokens.rails_secret }}"
+
+ Collections:
+ BlobSigningKey: "{{ arvados.cluster.secrets.blob_signing_key }}"
+ ForwardSlashNameSubstitution: "%2f"
+ DefaultReplication: 1
+ TrustAllContent: true
+
+ Login:
+ ProviderAppSecret: "{{ arvados.cluster.tokens.provider_secret }}"
+ ProviderAppID: arvados-server
+
+ Users:
+ NewUsersAreActive: true
+ AutoAdminFirstUser: true
+ AutoSetupNewUsers: true
+ AutoSetupNewUsersWithVmUUID: x2jbo-2x53u-6maueyy9if4u7vq
+ AutoSetupNewUsersWithRepository: true
+
+ TLS:
+ Certificate: "{{ arvados.cluster.tls.certificate }}"
+ Key: "{{ arvados.cluster.tls.key }}"
+ Insecure: {{ arvados.cluster.tls.insecure }}
+
+ Workbench:
+ SecretKeyBase: {{ arvados.cluster.secrets.workbench_secret_key }}
+ SiteName: {{ arvados.cluster.name | upper }}
+
+ # FIXME!!!!
+ # Git:
+ # GitCommand: /usr/share/gitolite3/gitolite-shell
+ # GitoliteHome: /var/lib/arvados/git
+ # Repositories: /var/lib/arvados/git/repositories
+
+ Volumes:
+ {% for v, p in arvados.cluster.volumes.items() -%}
+ ### {{ v | upper }}
+ {{ p.cluster }}-nyw5e-{{ p.volume_id }}:
+ Driver: {{ p.driver }}
+ DriverParameters: {{ p.driver_parameters | yaml }}
+ AccessViaHosts: {{ p.access_via_hosts | yaml }}
+ Replication: {{ p.replication }}
+ {% endfor -%}
+
+ ### DATABASE CONFIGURATION
+ PostgreSQL:
+ ConnectionPool: {{ arvados.cluster.database.connection_pool_max }}
+ Connection:
+ # All parameters here are passed to the PG client library in a connection string;
+ # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
+ dbname: {{ arvados.cluster.database.name }}
+ host: {{ arvados.cluster.database.host }}
+ password: {{ arvados.cluster.database.password }}
+ user: {{ arvados.cluster.database.user }}
+ client_encoding: {{ arvados.cluster.database.client_encoding }}
+
+ ### SERVICES URLs
+ # This could probably made into a loop, but some consistency check needs to be done
+ # on the arvados side before that's possible
+ Services:
+ # Composer: FIXME!!!
+ Controller:
+ ExternalURL: "https://{{ arvados.cluster.domain }}"
+ InternalURLs:
+ "http://localhost:{{ arvados.controller.service.port }}": {}
+ DispatchCloud:
+ InternalURLs:
+ "http://localhost:{{ arvados.dispatcher.service.port }}": {}
+ # GitSSH: FIXME!!!
+ # Health: FIXME!!!
+ # Keepbalance: FIXME!!!
+ # Keepproxy: FIXME!!!
+ # Keepstore: FIXME!!!
+ # Nodemanager: FIXME!!!
+ RailsAPI:
+ InternalURLs:
+ "http://localhost:{{ arvados.api.service.port }}": {}
+ SSO:
+ ExternalURL: "https://sso.{{ arvados.cluster.domain }}"
+ WebDAV:
+ ExternalURL: https://collections.{{ arvados.cluster.domain }}
+ InternalURLs:
+ "http://localhost:{{ arvados.keepweb.service.port }}": {}
+ WebDAVDownload:
+ ExternalURL: https://download.{{ arvados.cluster.domain }}
+ # WebShell: FIXME!!!
+ Websocket:
+ ExternalURL: wss://ws.{{ arvados.cluster.domain }}/websocket
+ InternalURLs:
+ "http://localhost:{{ arvados.websocket.service.port }}": {}
+ Workbench1:
+ ExternalURL: "https://workbench.{{ arvados.cluster.domain }}"
+ Workbench2:
+ ExternalURL: "https://workbench2.{{ arvados.cluster.domain }}"
+ Keepproxy:
+ ExternalURL: https://keep.{{ arvados.cluster.domain }}
+ InternalURLs:
+ "http://localhost:{{ arvados.keepproxy.service.port }}": {}
+ Keepstore:
+ InternalURLs:
+ "http://keep0.{{ arvados.cluster.domain }}:{{ arvados.keepstore.service.port }}/": {}
+++ /dev/null
-########################################################################
-# File managed by Salt at <{{ source }}>.
-# Your changes will be overwritten.
-########################################################################
-
-This is an example file from SaltStack template-formula.
+++ /dev/null
-########################################################################
-# File managed by Salt at <{{ source }}>.
-# Your changes will be overwritten.
-########################################################################
-
-This is another example file from SaltStack template-formula.
-
-# This is here for testing purposes
-{{ arvados | json }}
-
-winner of the merge: {{ arvados['winner'] }}
# vim: ft=sls
include:
- - .package
- - .config
- - .service
- - .subcomponent
+ - .repo
+ #- .config
+ #- .api
+ #- .keepstore
+ #- .websocket
+ #- .keepweb
+ #- .workbench2
+ #- .keepproxy
+ #- .shell
+ #- .workbench
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepproxy-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.keepproxy.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepproxy-package-install-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.keepproxy.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepproxy-service-clean-service-dead:
+ service.dead:
+ - name: {{ arvados.service.name }}
+ - enable: False
+ - require_in:
+ - pkg: arvados-keepproxy-package-clean-pkg-removed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .running
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+include:
+ - ..package
+ - {{ sls_config_file }}
+
+arvados-keepproxy-service-running-service-running:
+ service.running:
+ - name: {{ arvados.keepproxy.service.name }}
+ - enable: True
+ - watch:
+ - sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-keepproxy-package-install-pkg-installed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepstore-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.keepstore.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepstore-package-install-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.keepstore.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepstore-service-clean-service-dead:
+ service.dead:
+ - name: {{ arvados.service.name }}
+ - enable: False
+ - require_in:
+ - pkg: arvados-keepstore-package-clean-pkg-removed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .running
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+include:
+ - ..package
+ - {{ sls_config_file }}
+
+arvados-keepstore-service-running-service-running:
+ service.running:
+ - name: {{ arvados.keepstore.service.name }}
+ - enable: True
+ - watch:
+ - sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-keepstore-package-install-pkg-installed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepweb-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.keepweb.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
{%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import arvados with context %}
-arvados-package-install-pkg-installed:
+arvados-keepweb-package-install-pkg-installed:
pkg.installed:
- - name: {{ arvados.pkg.name }}
+ - name: {{ arvados.keepweb.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-keepweb-service-clean-service-dead:
+ service.dead:
+ - name: {{ arvados.service.name }}
+ - enable: False
+ - require_in:
+ - pkg: arvados-keepweb-package-clean-pkg-removed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .running
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+include:
+ - ..package
+ - {{ sls_config_file }}
+
+arvados-keepweb-service-running-service-running:
+ service.running:
+ - name: {{ arvados.keepweb.service.name }}
+ - enable: True
+ - watch:
+ - sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-keepweb-package-install-pkg-installed
{%- set tplroot = tpldir.split('/')[0] %}
{#- Start imports as #}
{%- import_yaml tplroot ~ "/defaults.yaml" as default_settings %}
-{%- import_yaml tplroot ~ "/osarchmap.yaml" as osarchmap %}
{%- import_yaml tplroot ~ "/osfamilymap.yaml" as osfamilymap %}
-{%- import_yaml tplroot ~ "/osmap.yaml" as osmap %}
-{%- import_yaml tplroot ~ "/osfingermap.yaml" as osfingermap %}
{#- Retrieve the config dict only once #}
{%- set _config = salt['config.get'](tplroot, default={}) %}
default_settings,
default=tplroot,
merge=salt['grains.filter_by'](
- osarchmap,
- grain='osarch',
+ osfamilymap,
+ grain='os_family',
merge=salt['grains.filter_by'](
- osfamilymap,
- grain='os_family',
- merge=salt['grains.filter_by'](
- osmap,
- grain='os',
- merge=salt['grains.filter_by'](
- osfingermap,
- grain='osfinger',
- merge=salt['grains.filter_by'](
- _config,
- default='lookup'
- )
- )
- )
+ _config,
+ default='lookup'
)
)
)
)
%}
-{#- Change **arvados** to match with your formula's name and then remove this line #}
{%- set arvados = config %}
-
-{#- Post-processing for specific non-YAML customisations #}
-{%- if grains.os == 'MacOS' %}
-{%- set macos_group = salt['cmd.run']("stat -f '%Sg' /dev/console") %}
-{%- do arvados.update({'rootgroup': macos_group}) %}
-{%- endif %}
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
-#
-# Setup variables using grains['osarch'] based logic.
-# You just need to add the key:values for an `osarch` that differ
-# from `defaults.yaml`.
-# Only add an `osarch` which is/will be supported by the formula.
-#
-# If you do not need to provide defaults via the `osarch` grain,
-# you will need to provide at least an empty dict in this file, e.g.
-# osarch: {}
----
-amd64:
- arch: amd64
-
-x86_64:
- arch: amd64
-
-386:
- arch: 386
-
-arm64:
- arch: arm64
-
-armv6l:
- arch: armv6l
-
-armv7l:
- arch: armv7l
-
-ppc64le:
- arch: ppc64le
-
-s390x:
- arch: s390x
# osfamilymap: {}
---
Debian:
- pkg:
- name: arvados-debian
- config: /etc/arvados.d/custom.conf
+ repo:
+ url_base: 'http://apt.arvados.org'
+ file: /etc/apt/sources.list.d/arvados.list
+ key_url: 'http://apt.arvados.org/pubkey.gpg'
RedHat:
- pkg:
- name: arvados-redhat
- config: /etc/arvados.conf
-
-Suse:
- pkg:
- name: arvados-suse
-
-Gentoo: {}
-
-Arch:
- pkg:
- name: arvados-arch
- service:
- name: service-arch
-
-Alpine: {}
-
-FreeBSD:
- rootgroup: wheel
-
-OpenBSD:
- rootgroup: wheel
-
-Solaris: {}
-
-Windows: {}
-
-MacOS: {}
+ repo:
+ url_base: 'http://rpm.arvados.org/CentOS/$releasever/os/$basearch/'
+ file: /etc/yum.repos.d/arvados.repo
+ key_url: 'http://rpm.arvados.org/CentOS/RPM-GPG-KEY-curoverse'
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
-#
-# Setup variables using grains['osfinger'] based logic.
-# You just need to add the key:values for an `osfinger` that differ
-# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`.
-# Only add an `osfinger` which is/will be supported by the formula.
-#
-# If you do not need to provide defaults via the `os_finger` grain,
-# you will need to provide at least an empty dict in this file, e.g.
-# osfingermap: {}
----
-# os: Debian
-Debian-10: {}
-Debian-9: {}
-Debian-8: {}
-
-# os: Ubuntu
-Ubuntu-18.04:
- config: /etc/arvados.d/custom-ubuntu-18.04.conf
-Ubuntu-16.04: {}
-
-# os: Fedora
-Fedora-31: {}
-Fedora-30: {}
-
-# os: CentOS
-CentOS Linux-8: {}
-CentOS Linux-7: {}
-CentOS-6:
- pkg:
- name: arvados-centos-6
- config: /etc/arvados.d/custom-centos-6.conf
-
-# os: Amazon
-Amazon Linux-2: {}
-Amazon Linux AMI-2018: {}
-
-# os: SUSE
-Leap-15: {}
-
-# os: FreeBSD
-FreeBSD-12: {}
-
-# os: Windows
-Windows-8.1: {}
-
-# os: Gentoo
-Gentoo-2: {}
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
-#
-# Setup variables using grains['os'] based logic.
-# You just need to add the key:values for an `os` that differ
-# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`.
-# Only add an `os` which is/will be supported by the formula.
-#
-# If you do not need to provide defaults via the `os` grain,
-# you will need to provide at least an empty dict in this file, e.g.
-# osmap: {}
----
-# os_family: Debian
-Ubuntu:
- pkg:
- name: arvados-ubuntu
- config: /etc/arvados.d/custom-ubuntu.conf
-Raspbian: {}
-
-# os_family: RedHat
-Fedora:
- pkg:
- name: arvados-fedora
- service:
- name: service-fedora
-CentOS: {}
-Amazon: {}
-
-# os_family: Suse
-SUSE: {}
-openSUSE: {}
-
-# os_family: Gentoo
-Funtoo: {}
-
-# os_family: Arch
-Manjaro: {}
-
-# os_family: Solaris
-SmartOS: {}
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=sls
-
-{#- Get the `tplroot` from `tpldir` #}
-{%- set tplroot = tpldir.split('/')[0] %}
-{%- set sls_config_clean = tplroot ~ '.config.clean' %}
-{%- from tplroot ~ "/map.jinja" import arvados with context %}
-
-include:
- - {{ sls_config_clean }}
-
-arvados-package-clean-pkg-removed:
- pkg.removed:
- - name: {{ arvados.pkg.name }}
- - require:
- - sls: {{ sls_config_clean }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+{% if arvados.use_upstream_repo -%}
+ {% if grains.get('os_family') == 'Debian' -%}
+arvados-repo-clean-repo-absent:
+ pkgrepo.absent:
+ - file: {{ arvados.repo.file }}
+ - key_url: {{ arvados.repo.key_url }}
+
+ {%- elif grains.get('os_family') == 'RedHat' %}
+arvados-repo-clean-repo-absent:
+ pkgrepo.absent:
+ - file: {{ arvados.repo.file }}
+ - gpgkey: {{ arvados.repo.gpgkey }}
+
+ {%- else %}
+arvados_repo-clean-repo-absent: {}
+ {%- endif %}
+{%- endif %}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+{% if arvados.use_upstream_repo -%}
+ {% if grains.get('os_family') == 'Debian' -%}
+arvados-repo-install-pkgrepo-managed:
+ pkgrepo.managed:
+ - humanname: {{ arvados.repo.humanname }}
+ - name: deb {{ arvados.repo.url_base }}/ {{ grains.get('lsb_distrib_codename') }} main
+ - file: {{ arvados.repo.file }}
+ - key_url: {{ arvados.repo.key_url }}
+
+ {%- elif grains.get('os_family') == 'RedHat' %}
+arvados-repo-install-pkgrepo-managed:
+ pkgrepo.managed:
+ - name: arvados
+ - file: {{ arvados.repo.file }}
+ - humanname: {{ arvados.repo.humanname }}
+ - baseurl: {{ arvados.repo.url_base }}
+ - gpgcheck: 1
+ - gpgkey: {{ arvados.repo.gpgkey }}
+
+ {%- else %}
+arvados-repo-install-pkgrepo-managed: {}
+ {%- endif %}
+{%- endif %}
# vim: ft=sls
include:
- - .config.clean
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+{% for gm in arvados.shell.gem.name %}
+arvados-shell-package-clean-gem-{{ gm }}-removed:
+ gem.removed:
+ - name: {{ gm }}
+ - require_in:
+ - pkg: arvados-shell-package-clean-gems-deps-pkg-removed
+{% endfor %}
+
+arvados-shell-package-clean-gems-deps-pkg-removed:
+ pkg.removed:
+ - pkgs: {{ arvados.ruby.gems_deps | json }}
+ - only_if: {{ arvados.ruby.manage_gems_deps }}
+
+arvados-shell-package-clean-pkg-removed:
+ pkg.removed:
+ - pkgs: {{ arvados.shell.pkg.name | json }}
+
+arvados-shell-package-clean-ruby-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.ruby.pkg }}
+ - only_if: {{ arvados.ruby.manage_ruby }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-shell-package-install-pkg-installed:
+ pkg.installed:
+ - pkgs: {{ arvados.shell.pkg.name | json }}
+
+arvados-shell-package-install-ruby-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.ruby.pkg }}
+ - only_if: {{ arvados.ruby.manage_ruby }}
+
+arvados-shell-package-install-gems-deps-pkg-installed:
+ pkg.installed:
+ - pkgs: {{ arvados.ruby.gems_deps | json }}
+ - only_if: {{ arvados.ruby.manage_gems_deps }}
+
+{% for gm in arvados.shell.gem.name %}
+arvados-shell-package-install-gem-{{ gm }}-installed:
+ gem.installed:
+ - name: {{ gm }}
+ - require:
+ - pkg: arvados-shell-package-install-gems-deps-pkg-installed
+{% endfor %}
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=sls
-
-{#- Get the `tplroot` from `tpldir` #}
-{%- set tplroot = tpldir.split('/')[0] %}
-{%- set sls_service_clean = tplroot ~ '.service.clean' %}
-{%- from tplroot ~ "/map.jinja" import arvados with context %}
-
-include:
- - {{ sls_service_clean }}
-
-arvados-subcomponent-config-clean-file-absent:
- file.absent:
- - name: {{ arvados.subcomponent.config }}
- - watch_in:
- - sls: {{ sls_service_clean }}
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=sls
-
-{#- Get the `tplroot` from `tpldir` #}
-{%- set tplroot = tpldir.split('/')[0] %}
-{%- set sls_config_file = tplroot ~ '.config.file' %}
-{%- from tplroot ~ "/map.jinja" import arvados with context %}
-{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
-
-include:
- - {{ sls_config_file }}
-
-arvados-subcomponent-config-file-file-managed:
- file.managed:
- - name: {{ arvados.subcomponent.config }}
- - source: {{ files_switch(['subcomponent-example.tmpl'],
- lookup='arvados-subcomponent-config-file-file-managed',
- use_subpath=True
- )
- }}
- - mode: 644
- - user: root
- - group: {{ arvados.rootgroup }}
- - makedirs: True
- - template: jinja
- - require_in:
- - sls: {{ sls_config_file }}
+++ /dev/null
-########################################################################
-# File managed by Salt at <{{ source }}>.
-# Your changes will be overwritten.
-########################################################################
-
-This is a subcomponent example file from SaltStack template-formula.
+++ /dev/null
-########################################################################
-# File managed by Salt at <{{ source }}>.
-# Your changes will be overwritten.
-########################################################################
-
-This is another subcomponent example file from SaltStack template-formula.
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-websocket-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.websocket.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-websocket-package-install-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.websocket.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-websocket-service-clean-service-dead:
+ service.dead:
+ - name: {{ arvados.service.name }}
+ - enable: False
+ - require_in:
+ - pkg: arvados-websocket-package-clean-pkg-removed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .running
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+include:
+ - ..package
+ - {{ sls_config_file }}
+
+arvados-websocket-service-running-service-running:
+ service.running:
+ - name: {{ arvados.websocket.service.name }}
+ - enable: True
+ - watch:
+ - sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-websocket-package-install-pkg-installed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .service.dead
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
+ - .service
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-workbench-package-clean-gems-deps-pkg-removed:
+ pkg.removed:
+ - pkgs: {{ arvados.ruby.gems_deps | json }}
+ - only_if: {{ arvados.ruby.manage_gems_deps }}
+
+arvados-workbench-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.workbench.pkg.name }}
+
+arvados-workbench-package-clean-ruby-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.ruby.pkg }}
+ - only_if: {{ arvados.ruby.manage_ruby }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+# The API server requires a valid config BEFORE installing...
+include:
+ - {{ sls_config_file }}
+
+arvados-workbench-package-install-ruby-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.ruby.pkg }}
+ - only_if: {{ arvados.ruby.manage_ruby }}
+
+arvados-workbench-package-install-gems-deps-pkg-installed:
+ pkg.installed:
+ - pkgs: {{ arvados.ruby.gems_deps | json }}
+ - only_if: {{ arvados.ruby.manage_gems_deps }}
+
+arvados-workbench-package-install-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.workbench.pkg.name }}
+ - require:
+ - sls: {{ sls_config_file }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-workbench-service-clean-service-dead:
+ service.dead:
+ - name: {{ arvados.service.name }}
+ - enable: False
+ - require_in:
+ - pkg: arvados-workbench-package-clean-pkg-removed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .running
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+include:
+ - ..package
+ - {{ sls_config_file }}
+
+arvados-workbench-service-running-service-running:
+ service.running:
+ - name: {{ arvados.workbench.service.name }}
+ - enable: True
+ - watch:
+ - sls: {{ sls_config_file }}
+ - require:
+ - pkg: arvados-workbench-package-install-pkg-installed
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package.clean
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .package
+ - ..config
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-workbench2-package-clean-pkg-removed:
+ pkg.removed:
+ - name: {{ arvados.workbench2.pkg.name }}
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+ - .install
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_config_file = tplroot ~ '.config.file' %}
+{%- from tplroot ~ "/map.jinja" import arvados with context %}
+
+arvados-workbench2-package-install-pkg-installed:
+ pkg.installed:
+ - name: {{ arvados.workbench2.pkg.name }}
+ - require:
+ - sls: {{ sls_config_file }}
:scale: 100%
:target: https://github.com/semantic-release/semantic-release
-A SaltStack formula that is empty. It has dummy content to help with a quick
-start on a new formula and it serves as a style guide.
+A SaltStack formula to install and configure an `Arvados cluster <https://arvados.org>`_.
.. contents:: **Table of Contents**
Special notes
-------------
-None
+Arvados **requires** a Postgres database for its API server and SSL for communications. If you don't satisfy these two requirements, things
+won't work. It also uses an Nginx server as a redirector but probably almost any other webserver/redirector can be used instead.
+
+We suggest you use the `postgres-formula <https://github.com/saltstack-formulas/postgres-formula/>`_,
+the `nginx-formula <https://github.com/saltstack-formulas/nginx-formula/>`_ and the
+`letsencrypt-formula <https://github.com/saltstack-formulas/letsencrypt-formula/>`_ to install satisfy these dependencies.
+In the FIXME directory there are some example pillar YAMLs to set up these packages as Arvados needs it.
+
+Also, please note that the individual subcomponents `clean` states **won't remove the config**: as the config is common to all the suite
+components and they can be installed in the same host, removing it with a subcomponent might break others.
+
+If you want to remove the config in a host where you're removing a subcomponent, use the `arvados.config.clean` state after the
+`arvados.<subcomponent>.clean` state.
+
+The `arvados.clean` state will remove everything, config included, and can be used in any host to remove all of arvados files.
Available states
----------------
*Meta-state (This is a state that includes other states)*.
-This installs the arvados package,
+This installs the WHOLE arvados suite in a single host,
manages the arvados configuration file and then
-starts the associated arvados service.
+starts the associated arvados services.
-``arvados.package``
-^^^^^^^^^^^^^^^^^^^^
+``arvados.clean``
+^^^^^^^^^^^^^^^^^^
+
+*Meta-state (This is a state that includes other states)*.
-This state will install the arvados package only.
+this state will undo everything performed in the ``arvados`` meta-state in reverse order, i.e.
+stops the services, removes the configuration file and then uninstalls the packages.
``arvados.config``
^^^^^^^^^^^^^^^^^^^
-This state will configure the arvados service and has a dependency on ``arvados.install``
-via include list.
+This state will configure the arvados cluster. As all the arvados components use the same config
+file, any of the following components will include this state and you will rarely need to call it
+independently. You can still do, as to get a parsed config file to use somewhere else.
-``arvados.service``
-^^^^^^^^^^^^^^^^^^^^
+``arvados.repo``
+^^^^^^^^^^^^^^^^
-This state will start the arvados service and has a dependency on ``arvados.config``
-via include list.
+This state will configure the arvados repository.
-``arvados.clean``
-^^^^^^^^^^^^^^^^^^
+``arvados.repo.clean``
+^^^^^^^^^^^^^^^^^^^^^^^
+
+This state will remove the arvados repository configuration.
+
+``arvados.shell``
+^^^^^^^^^^^^^^^^^
*Meta-state (This is a state that includes other states)*.
-this state will undo everything performed in the ``arvados`` meta-state in reverse order, i.e.
-stops the service,
-removes the configuration file and
-then uninstalls the package.
+This state installs an `arvados shell node <https://doc.arvados.org/master/install/install-shell-server.html>`_.
+
+``arvados.shell.clean``
+^^^^^^^^^^^^^^^^^^^^^^^
+
+*Meta-state (This is a state that includes other states)*.
+
+this state will undo everything performed in the ``arvados.shell`` meta-state in reverse order, i.e.
+uninstalls the packages and gems.
+
+``arvados.shell.package``
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This state will install the arvados shell packages and gems only.
+
+``arvados.shell.package.clean``
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This state will remove the packages and gems of the arvados shell node.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+``arvados.service``
+^^^^^^^^^^^^^^^^^^^^
+
+This state will start the arvados service and has a dependency on ``arvados.config``
+via include list.
``arvados.service.clean``
^^^^^^^^^^^^^^^^^^^^^^^^^^
This state will remove the arvados package and has a depency on
``arvados.config.clean`` via include list.
-``arvados.subcomponent``
-^^^^^^^^^^^^^^^^^^^^^^^^^
-
-*Meta-state (This is a state that includes other states)*.
-
-This state installs a subcomponent configuration file before
-configuring and starting the arvados service.
-
-``arvados.subcomponent.config``
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-This state will configure the arvados subcomponent and has a
-dependency on ``arvados.config`` via include list.
-
-``arvados.subcomponent.config.clean``
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-This state will remove the configuration of the arvados subcomponent
-and reload the arvados service by a dependency on
-``arvados.service.running`` via include list and ``watch_in``
-requisite.
-
Testing
-------
$ bin/kitchen test [platform]
Where ``[platform]`` is the platform name defined in ``kitchen.yml``,
-e.g. ``debian-9-2019-2-py3``.
+e.g. ``debian-10-3000-1-py3``.
``bin/kitchen converge``
^^^^^^^^^^^^^^^^^^^^^^^^
# Make sure the platforms listed below match up with
# the `env.matrix` instances defined in `.travis.yml`
platforms:
- ## SALT `master`
- - name: debian-10-master-py3
- driver:
- image: netmanagers/salt-master-py3:debian-10
- - name: ubuntu-1804-master-py3
- driver:
- image: netmanagers/salt-master-py3:ubuntu-18.04
- - name: centos-8-master-py3
- driver:
- image: netmanagers/salt-master-py3:centos-8
- - name: fedora-31-master-py3
- driver:
- image: netmanagers/salt-master-py3:fedora-31
- - name: opensuse-leap-151-master-py3
- driver:
- image: netmanagers/salt-master-py3:opensuse-leap-15.1
- run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
- # => SCP did not finish successfully (255): (Net::SCP::Error)
- transport:
- max_ssh_sessions: 1
- - name: amazonlinux-2-master-py3
- driver:
- image: netmanagers/salt-master-py3:amazonlinux-2
- - name: arch-base-latest-master-py2
- driver:
- image: netmanagers/salt-master-py2:arch-base-latest
- run_command: /usr/lib/systemd/systemd
-
## SALT `3000.1`
- name: debian-10-3000-1-py3
driver:
image: netmanagers/salt-3000.1-py3:debian-10
- - name: ubuntu-1804-3000-1-py3
- driver:
- image: netmanagers/salt-3000.1-py3:ubuntu-18.04
- - name: centos-8-3000-1-py3
- driver:
- image: netmanagers/salt-3000.1-py3:centos-8
- - name: fedora-31-3000-1-py3
- driver:
- image: netmanagers/salt-3000.1-py3:fedora-31
- - name: opensuse-leap-151-3000-1-py3
- driver:
- image: netmanagers/salt-3000.1-py3:opensuse-leap-15.1
- run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
- # => SCP did not finish successfully (255): (Net::SCP::Error)
- transport:
- max_ssh_sessions: 1
- - name: amazonlinux-2-3000-1-py3
- driver:
- image: netmanagers/salt-3000.1-py3:amazonlinux-2
- - name: arch-base-latest-3000-1-py2
- driver:
- image: netmanagers/salt-3000.1-py2:arch-base-latest
- run_command: /usr/lib/systemd/systemd
- ## SALT `2019.2`
- - name: debian-10-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:debian-10
- - name: debian-9-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:debian-9
- - name: ubuntu-1804-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:ubuntu-18.04
- - name: ubuntu-1604-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:ubuntu-16.04
- - name: centos-8-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:centos-8
- - name: centos-7-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:centos-7
- - name: fedora-31-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:fedora-31
- - name: opensuse-leap-151-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:opensuse-leap-15.1
- run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
- # => SCP did not finish successfully (255): (Net::SCP::Error)
- transport:
- max_ssh_sessions: 1
- - name: amazonlinux-2-2019-2-py3
- driver:
- image: netmanagers/salt-2019.2-py3:amazonlinux-2
- - name: ubuntu-1804-2019-2-py2
- driver:
- image: netmanagers/salt-2019.2-py2:ubuntu-18.04
- - name: amazonlinux-1-2019-2-py2
- driver:
- image: netmanagers/salt-2019.2-py2:amazonlinux-1
- run_command: /sbin/init
- - name: arch-base-latest-2019-2-py2
- driver:
- image: netmanagers/salt-2019.2-py2:arch-base-latest
- run_command: /usr/lib/systemd/systemd
+# - name: ubuntu-1804-3000-1-py3
+# driver:
+# image: netmanagers/salt-3000.1-py3:ubuntu-18.04
- ## SALT `2018.3`
- - name: centos-7-2018-3-py3
- driver:
- image: netmanagers/salt-2018.3-py3:centos-7
- - name: fedora-30-2018-3-py3
- driver:
- image: netmanagers/salt-2018.3-py3:fedora-30
- - name: debian-9-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:debian-9
- - name: debian-8-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:debian-8
- - name: ubuntu-1804-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:ubuntu-18.04
- - name: ubuntu-1604-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:ubuntu-16.04
- - name: centos-6-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:centos-6
- run_command: /sbin/init
- - name: opensuse-leap-151-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:opensuse-leap-15.1
- run_command: /usr/lib/systemd/systemd
- # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
- # => SCP did not finish successfully (255): (Net::SCP::Error)
- transport:
- max_ssh_sessions: 1
- - name: amazonlinux-1-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:amazonlinux-1
- run_command: /sbin/init
- - name: arch-base-latest-2018-3-py2
- driver:
- image: netmanagers/salt-2018.3-py2:arch-base-latest
- run_command: /usr/lib/systemd/systemd
+# ## SALT `2019.2`
+# - name: centos-7-2019-2-py3
+# driver:
+# image: netmanagers/salt-2019.2-py3:centos-7
provisioner:
name: salt_solo
- cli
suites:
- - name: default
- excludes:
- - centos-6-2018-3-py2
+ #### api,websocket,keepproxy,keepweb,controller
+ - name: api
+ driver:
+ hostname: example.net
provisioner:
state_top:
base:
'*':
- - arvados
+ - example_add_snakeoil_certs
+ - nginx.passenger
+ - postgres
+ - arvados.repo
+ - arvados.api
+ - arvados.websocket
+ # keepproxy complains when using snakeoil certs, so we can't
+ # properly test it here until next version removes this limitation
+ # - arvados.keepproxy
+ - arvados.keepweb
+ - arvados.controller
pillars:
top.sls:
base:
'*':
- arvados
- - define_roles
+ - example_postgres
+ - example_nginx
+ - example_nginx_api
+ - example_nginx_websocket
+ - example_nginx_keepweb
+ - example_nginx_controller
+ # keepproxy expects to retrieve a list of services from API, so
+ # installing/testing it without an api server running will fail
+ # - example_nginx_keepproxy
pillars_from_files:
arvados.sls: pillar.example
- define_roles.sls: test/salt/pillar/define_roles.sls
+ example_postgres.sls: test/salt/pillar/examples/postgresql.sls
+ example_nginx.sls: test/salt/pillar/examples/nginx_passenger.sls
+ example_nginx_api.sls: test/salt/pillar/examples/nginx_api_configuration.sls
+ example_nginx_websocket.sls: test/salt/pillar/examples/nginx_websocket_configuration.sls
+ example_nginx_keepweb.sls: test/salt/pillar/examples/nginx_keepweb_configuration.sls
+ # example_nginx_keepproxy.sls: test/salt/pillar/examples/nginx_keepproxy_configuration.sls
+ example_nginx_controller.sls: test/salt/pillar/examples/nginx_controller_configuration.sls
+ dependencies:
+ - name: example_add_snakeoil_certs
+ path: test/salt/states
+ - name: postgres
+ repo: git
+ source: https://github.com/saltstack-formulas/postgres-formula.git
+ - name: nginx
+ repo: git
+ source: https://github.com/saltstack-formulas/nginx-formula.git
verifier:
inspec_tests:
- - path: test/integration/default
- - name: centos6
- includes:
- - centos-6-2018-3-py2
+ - path: test/integration/api
+ - path: test/integration/websocket
+ # - path: test/integration/keepproxy
+ - path: test/integration/keepweb
+ - path: test/integration/controller
+
+ #### workbench,workbench2
+ - name: workbench
+ driver:
+ hostname: workbench.example.net
provisioner:
state_top:
base:
'*':
- - arvados
+ - example_add_snakeoil_certs
+ - nginx.passenger
+ - arvados.repo
+ - arvados.workbench
+ - arvados.workbench2
pillars:
top.sls:
base:
'*':
- arvados
- - define_roles
+ - example_nginx
+ - example_nginx_workbench
+ - example_nginx_workbench2
pillars_from_files:
- arvados.sls: test/salt/pillar/centos6.sls
- define_roles.sls: test/salt/pillar/define_roles.sls
+ arvados.sls: pillar.example
+ example_nginx.sls: test/salt/pillar/examples/nginx_passenger.sls
+ example_nginx_workbench.sls: test/salt/pillar/examples/nginx_workbench_configuration.sls
+ example_nginx_workbench2.sls: test/salt/pillar/examples/nginx_workbench2_configuration.sls
+ dependencies:
+ - name: example_add_snakeoil_certs
+ path: test/salt/states
+ - name: nginx
+ repo: git
+ source: https://github.com/saltstack-formulas/nginx-formula.git
+ verifier:
+ inspec_tests:
+ - path: test/integration/workbench
+ - path: test/integration/workbench2
+
+ #### shell
+ - name: shell
+ driver:
+ hostname: shell.example.net
+ provisioner:
+ state_top:
+ base:
+ '*':
+ # We also test repo here. No sense for a whole separate suite
+ - arvados.repo
+ - arvados.shell
+ pillars:
+ top.sls:
+ base:
+ '*':
+ - arvados
+ pillars_from_files:
+ arvados.sls: pillar.example
+ verifier:
+ inspec_tests:
+ - path: test/integration/repo
+ - path: test/integration/shell
+
+ #### keepstore
+ - name: keepstore
+ driver:
+ hostname: keep0.example.net
+ provisioner:
+ state_top:
+ base:
+ '*':
+ - arvados.repo
+ - arvados.keepstore.service
+ # - arvados.clean
+ pillars:
+ top.sls:
+ base:
+ '*':
+ - arvados
+ pillars_from_files:
+ arvados.sls: pillar.example
verifier:
inspec_tests:
- - path: test/integration/default
+ - path: test/integration/keepstore
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
+# The variables commented out are the default values that the formula uses.
+# The uncommented values are REQUIRED values. If you don't set them, running
+# this formula will fail.
arvados:
- lookup:
- master: template-master
- # Just for testing purposes
- winner: lookup
- added_in_lookup: lookup_value
-
- # Using bash package and udev service as an example. This allows us to
- # test the template formula itself. You should set these parameters to
- # examples that make sense in the contexto of the formula you're writing.
- pkg:
- name: bash
- service:
- name: systemd-journald
- config: /etc/template-formula.conf
-
- tofs:
- # The files_switch key serves as a selector for alternative
- # directories under the formula files directory. See TOFS pattern
- # doc for more info.
- # Note: Any value not evaluated by `config.get` will be used literally.
- # This can be used to set custom paths, as many levels deep as required.
- files_switch:
- - any/path/can/be/used/here
- - id
- - roles
- - osfinger
- - os
- - os_family
- # All aspects of path/file resolution are customisable using the options below.
- # This is unnecessary in most cases; there are sensible defaults.
- # Default path: salt://< path_prefix >/< dirs.files >/< dirs.default >
- # I.e.: salt://arvados/files/default
- # path_prefix: template_alt
- # dirs:
- # files: files_alt
- # default: default_alt
- # The entries under `source_files` are prepended to the default source files
- # given for the state
- # source_files:
- # arvados-config-file-file-managed:
- # - 'example_alt.tmpl'
- # - 'example_alt.tmpl.jinja'
-
- # For testing purposes
- source_files:
- arvados-config-file-file-managed:
- - 'example.tmpl.jinja'
- arvados-subcomponent-config-file-file-managed:
- - 'subcomponent-example.tmpl.jinja'
-
- # Just for testing purposes
- winner: pillar
- added_in_pillar: pillar_value
+ ### GENERAL CONFIG
+ # version: '2.0.2'
+ ## It makes little sense to disable this flag, but you can, if you want :)
+ # use_upstream_repo: true
+
+ ## Repo URL is built with grains values. If desired, it can be completely
+ ## overwritten with the pillar parameter 'repo_url'
+ # repo:
+ # humanname: Arvados Official Repository
+
+ ## IMPORTANT!!!!!
+ ## api, workbench and shell require some gems, so you need to make sure ruby
+ ## and deps are installed in order to install and compile the gems.
+ ## We default to `false` in these two variables as it's expected you already
+ ## manage OS packages with some other tool and you don't want us messing up
+ ## with your setup.
+ ruby:
+ ## We set these to `true` here for testing purposes.
+ ## They both default to `false`.
+ manage_ruby: true
+ manage_gems_deps: true
+ # pkg: ruby
+ # gems_deps:
+ # - curl
+ # - g++
+ # - gcc
+ # - git
+ # - libcurl4
+ # - libcurl4-gnutls-dev
+ # - libpq-dev
+ # - libxml2
+ # - libxml2-dev
+ # - make
+ # - python-dev
+ # - ruby-dev
+ # - zlib1g-dev
+
+ # config:
+ # file: /etc/arvados/config.yml
+ # user: root
+ ## IMPORTANT!!!!!
+ ## If you're intalling any of the rails apps (api, workbench), the group
+ ## should be set to that of the web server, usually `www-data`
+ # group: root
+ # mode: 640
+
+ ### ARVADOS CLUSTER CONFIG
+ cluster:
+ name: fixme
+ domain: example.net
+
+ database:
+ # max concurrent connections per arvados server daemon
+ # connection_pool_max: 32
+ name: arvados
+ host: 127.0.0.1
+ password: changeme_arvados
+ user: arvados
+ encoding: en_US.utf8
+ client_encoding: UTF8
+
+ tls:
+ # certificate: ''
+ # key: ''
+ # required to test with snakeoil certs
+ insecure: true
+
+ ### TOKENS
+ tokens:
+ system_root: changeme_system_root_token
+ management: changeme_management_token
+ rails_secret: changeme_rails_secret_token
+ anonymous_user: changeme_anonymous_user_token
+ provider_secret: changeme_provider_secret_token
+
+ ### KEYS
+ secrets:
+ blob_signing_key: changeme_blob_signing_key
+ workbench_secret_key: changeme_workbench_secret_key
+ dispatcher_access_key: changeme_dispatcher_access_key
+ dispatcher_secret_key: changeme_dispatcher_secret_key
+ keep_access_key: changeme_keep_access_key
+ keep_secret_key: changeme_keep_secret_key
+
+ ### VOLUMES
+ ## This should usually match all your `keepstore` instances
+ volumes:
+ volume_one:
+ # the volume name will be composed with
+ # <cluster>-nyw5e-<volume>
+ cluster: fixme
+ volume_id: '000000000000000'
+ access_via_hosts:
+ "http://keep0.example.net:25107/": {}
+ replication: 2
+ driver: Directory
+ driver_parameters:
+ Root: /tmp
+
+# ## SERVICES
+# #### API
+# api:
+# pkg:
+# name:
+# - arvados-api-server
+# - arvados-dispatch-cloud
+# gem:
+# name:
+# - arvados-cli
+# service:
+# name:
+# - nginx
+# port: 8004
+# #### CONTROLLER
+# controller:
+# pkg:
+# name: arvados-controller
+# service:
+# name: arvados-controller
+# port: 8003
+# #### DISPATCHER
+# dispatcher:
+# pkg:
+# name:
+# - crunch-dispatch-local
+# # - arvados-dispatch-cloud
+# # - crunch-dispatch-slurm
+# service:
+# name: crunch-dispatch-local
+# port: 9006
+# #### KEEPPROXY
+# keepproxy:
+# pkg:
+# name: keepproxy
+# service:
+# name: keepproxy
+# port: 25107
+# #### KEEPWEB
+# keepweb:
+# pkg:
+# name: keep-web
+# service:
+# name: keep-web
+# # webdav
+# port: 9002
+# #### KEEPSTORE
+# keepstore:
+# pkg:
+# name: keepstore
+# service:
+# name: keepstore
+# port: 25107
+# #### GIT-HTTPD
+# githttpd:
+# pkg:
+# name: arvados-git-httpd
+# service:
+# name: arvados-git-httpd
+# port: 9001
+# #### SHELL
+# shell:
+# pkg:
+# name:
+# - arvados-client
+# - arvados-src
+# - libpam-arvados
+# - python-arvados-fuse
+# - python-arvados-python-client
+# - python3-arvados-cwl-runner
+# gem:
+# name:
+# - arvados-cli
+# - arvados-login-sync
+# #### WORKBENCH
+# workbench:
+# pkg:
+# name: arvados-workbench
+# service:
+# name: nginx
+# #### WORKBENCH2
+# workbench2:
+# pkg:
+# name: arvados-workbench2
+# service:
+# name: nginx
+# #### WEBSOCKET
+# websocket:
+# pkg:
+# name: arvados-ws
+# service:
+# name: arvados-ws
+# port: 8005
+# #### SSO
+# sso:
+# pkg:
+# name: arvados-sso
+# service:
+# name: arvados-sso
+# port: 8900
+
+# ## SALTSTACK FORMULAS TOFS configuration
+# https://template-formula.readthedocs.io/en/latest/TOFS_pattern.html
+# tofs:
+# # The files_switch key serves as a selector for alternative
+# # directories under the formula files directory. See TOFS pattern
+# # doc for more info.
+# # Note: Any value not evaluated by `config.get` will be used literally.
+# # This can be used to set custom paths, as many levels deep as required.
+# files_switch:
+# - any/path/can/be/used/here
+# - id
+# - roles
+# - osfinger
+# - os
+# - os_family
+# # All aspects of path/file resolution are customisable using the options below.
+# # This is unnecessary in most cases; there are sensible defaults.
+# # Default path: salt://< path_prefix >/< dirs.files >/< dirs.default >
+# # I.e.: salt://arvados/files/default
+# # path_prefix: template_alt
+# # dirs:
+# # files: files_alt
+# # default: default_alt
+# # The entries under `source_files` are prepended to the default source files
+# # given for the state
+# # source_files:
+# # arvados-config-file-file-managed:
+# # - 'example_alt.tmpl'
+# # - 'example_alt.tmpl.jinja'
--- /dev/null
+# frozen_string_literal: true
+
+api_stanza = <<-API_STANZA
+ API:
+ RailsSessionSecretToken: "changeme_rails_secret_token"
+API_STANZA
+
+rails_stanza = <<-RAILS_STANZA
+ RailsAPI:
+ InternalURLs:
+ "http://localhost:8004": {}
+RAILS_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired api lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(api_stanza) }
+ its('content') { should include(rails_stanza) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados api package' do
+ title 'should be installed'
+
+ describe package('arvados-api-server') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados api service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('nginx') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+
+ describe port(8004) do
+ it { should be_listening }
+ its('processes') { should include 'nginx' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: api
+title: arvados formula api submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula api is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+controller_stanza = <<-CONTROLLER_STANZA
+ Keepstore:
+ InternalURLs:
+ "http://keep0.example.net:25107/": {}
+CONTROLLER_STANZA
+
+volumes_stanza = <<-VOLUMES_STANZA
+ Volumes:
+ ### VOLUME_ONE
+ fixme-nyw5e-000000000000000:
+ Driver: Directory
+ DriverParameters: {Root: /tmp}
+ AccessViaHosts: {'http://keep0.example.net:25107/': {}}
+ Replication: 2
+VOLUMES_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired controller lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ # We're testing it in the API instance, so group will be nginx's
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(controller_stanza) }
+ its('content') { should include(volumes_stanza) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados controller package' do
+ title 'should be installed'
+
+ describe package('keep-web') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados controller service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('keep-web') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+ describe port(9002) do
+ it { should be_listening }
+ its('processes') { should include 'keep-web' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: controller
+title: arvados formula controller submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula controller is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
+++ /dev/null
-# InSpec Profile: `default`
-
-This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
-
-## Verify a profile
-
-InSpec ships with built-in features to verify a profile structure.
-
-```bash
-$ inspec check default
-Summary
--------
-Location: default
-Profile: profile
-Controls: 4
-Timestamp: 2019-06-24T23:09:01+00:00
-Valid: true
-
-Errors
-------
-
-Warnings
---------
-```
-
-## Execute a profile
-
-To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
-
-```bash
-$ inspec exec default
-..
-
-Finished in 0.0025 seconds (files took 0.12449 seconds to load)
-8 examples, 0 failures
-```
-
-## Execute a specific control from a profile
-
-To run one control from the profile use `inspec exec /path/to/profile --controls name`.
-
-```bash
-$ inspec exec default --controls package
-.
-
-Finished in 0.0025 seconds (files took 0.12449 seconds to load)
-1 examples, 0 failures
-```
-
-See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
+++ /dev/null
-# frozen_string_literal: true
-
-control 'arvados configuration' do
- title 'should match desired lines'
-
- describe file('/etc/template-formula.conf') do
- it { should be_file }
- it { should be_owned_by 'root' }
- it { should be_grouped_into 'root' }
- its('mode') { should cmp '0644' }
- its('content') do
- should include(
- 'This is another example file from SaltStack template-formula.'
- )
- end
- its('content') { should include '"added_in_pillar": "pillar_value"' }
- its('content') { should include '"added_in_defaults": "defaults_value"' }
- its('content') { should include '"added_in_lookup": "lookup_value"' }
- its('content') { should include '"config": "/etc/template-formula.conf"' }
- its('content') { should include '"lookup": {"added_in_lookup": "lookup_value",' }
- its('content') { should include '"pkg": {"name": "' }
- its('content') { should include '"service": {"name": "' }
- its('content') do
- should include(
- '"tofs": {"files_switch": ["any/path/can/be/used/here", "id", '\
- '"roles", "osfinger", "os", "os_family"], "source_files": '\
- '{"arvados-config-file-file-managed": ["example.tmpl.jinja"], '\
- '"arvados-subcomponent-config-file-file-managed": '\
- '["subcomponent-example.tmpl.jinja"]}'
- )
- end
- its('content') { should include '"arch": "amd64"' }
- its('content') { should include '"winner": "pillar"}' }
- its('content') { should include 'winner of the merge: pillar' }
- end
-end
+++ /dev/null
-# frozen_string_literal: true
-
-# Overide by OS
-package_name = 'bash'
-package_name = 'cronie' if (os[:name] == 'centos') && os[:release].start_with?('6')
-
-control 'arvados package' do
- title 'should be installed'
-
- describe package(package_name) do
- it { should be_installed }
- end
-end
+++ /dev/null
-# frozen_string_literal: true
-
-# Overide by OS
-service_name = 'systemd-journald'
-service_name = 'crond' if (os[:name] == 'centos') && os[:release].start_with?('6')
-
-control 'arvados service' do
- impact 0.5
- title 'should be running and enabled'
-
- describe service(service_name) do
- it { should be_enabled }
- it { should be_running }
- end
-end
+++ /dev/null
-# frozen_string_literal: true
-
-control 'arvados subcomponent configuration' do
- title 'should match desired lines'
-
- describe file('/etc/arvados-subcomponent-formula.conf') do
- it { should be_file }
- it { should be_owned_by 'root' }
- it { should be_grouped_into 'root' }
- its('mode') { should cmp '0644' }
- its('content') do
- should include(
- '# File managed by Salt at '\
- '<salt://arvados/subcomponent/config/files/default/'\
- 'subcomponent-example.tmpl.jinja>.'
- )
- end
- its('content') do
- should include(
- 'This is another subcomponent example file from SaltStack '\
- 'template-formula.'
- )
- end
- end
-end
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
----
-name: default
-title: arvados formula
-maintainer: SaltStack Formulas
-license: Apache-2.0
-summary: Verify that the arvados formula is setup and configured correctly
-supports:
- - platform-name: debian
- - platform-name: ubuntu
- - platform-name: centos
- - platform-name: fedora
- - platform-name: opensuse
- - platform-name: suse
- - platform-name: freebsd
- - platform-name: amazon
- - platform-name: arch
--- /dev/null
+# frozen_string_literal: true
+
+keepproxy_stanza = <<-KEEPPROXY_STANZA
+ Keepstore:
+ InternalURLs:
+ "http://keep0.example.net:25107/": {}
+KEEPPROXY_STANZA
+
+volumes_stanza = <<-VOLUMES_STANZA
+ Volumes:
+ ### VOLUME_ONE
+ fixme-nyw5e-000000000000000:
+ Driver: Directory
+ DriverParameters: {Root: /tmp}
+ AccessViaHosts: {'http://keep0.example.net:25107/': {}}
+ Replication: 2
+VOLUMES_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired keepproxy lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ # We're testing it in the API instance, so group will be nginx's
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(keepproxy_stanza) }
+ its('content') { should include(volumes_stanza) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados keepproxy package' do
+ title 'should be installed'
+
+ describe package('keepproxy') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados keepproxy service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('keepproxy') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+ describe port(25_107) do
+ it { should be_listening }
+ its('processes') { should include 'keepproxy' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: keepproxy
+title: arvados formula keepproxy submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula keepproxy is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+keepstore_stanza = <<-KEEPSTORE_STANZA
+ Keepstore:
+ InternalURLs:
+ "http://keep0.example.net:25107/": {}
+KEEPSTORE_STANZA
+
+volumes_stanza = <<-VOLUMES_STANZA
+ Volumes:
+ ### VOLUME_ONE
+ fixme-nyw5e-000000000000000:
+ Driver: Directory
+ DriverParameters: {Root: /tmp}
+ AccessViaHosts: {'http://keep0.example.net:25107/': {}}
+ Replication: 2
+VOLUMES_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired keepstore lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'root' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(keepstore_stanza) }
+ its('content') { should include(volumes_stanza) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados keepstore package' do
+ title 'should be installed'
+
+ describe package('keepstore') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados keepstore service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('keepstore') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+ describe port(25_107) do
+ it { should be_listening }
+ its('processes') { should include 'keepstore' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: keepstore
+title: arvados formula keepstore submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula keepstore is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+keepweb_stanza = <<-KEEPWEB_STANZA
+ WebDAV:
+ ExternalURL: https://collections.example.net
+ InternalURLs:
+ "http://localhost:9002": {}
+ WebDAVDownload:
+ ExternalURL: https://download.example.net
+KEEPWEB_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired keepweb lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ # We're testing it in the API instance, so group will be nginx's
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(keepweb_stanza) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados keepweb package' do
+ title 'should be installed'
+
+ describe package('keep-web') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados keepweb service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('keep-web') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+ describe port(9002) do
+ it { should be_listening }
+ its('processes') { should include 'keep-web' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: keepweb
+title: arvados formula keepweb submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula keepweb is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+case os[:name]
+when 'centos'
+ repo_file = '/etc/yum.repos.d/arvados.repo'
+ repo_url = 'baseurl=http://rpm.arvados.org/CentOS/$releasever/os/$basearch/'
+when 'debian'
+ repo_file = '/etc/apt/sources.list.d/arvados.list'
+ repo_url = 'deb http://apt.arvados.org buster main'
+end
+
+control 'arvados repository' do
+ impact 1
+ title 'should be configured'
+ desc 'Ensures arvados source is correctly configured'
+ describe file(repo_file) do
+ its('content') { should match repo_url }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: repo
+title: arvados formula repo submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados repository is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+packages_list = %w[
+ arvados-client
+ arvados-src
+ libpam-arvados
+ python-arvados-fuse
+ python-arvados-python-client
+ python3-arvados-cwl-runner
+]
+
+gems_list = %w[
+ arvados-cli
+ arvados-login-sync
+]
+
+control 'arvados shell packages' do
+ title 'should be installed'
+
+ packages_list.each do |p|
+ describe package(p) do
+ it { should be_installed }
+ end
+ end
+end
+
+control 'arvados shell gems' do
+ title 'should be installed'
+
+ gems_list.each do |p|
+ describe gem(p) do
+ it { should be_installed }
+ end
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: shell
+title: arvados formula shell submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula shell submodule is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+websocket_stanza = <<-WEBSOCKET_STANZA
+ Websocket:
+ ExternalURL: wss://ws.example.net/websocket
+ InternalURLs:
+ "http://localhost:8005": {}
+WEBSOCKET_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired websocket lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ # We're testing it in the API instance, so group will be nginx's
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(websocket_stanza) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados websocket package' do
+ title 'should be installed'
+
+ describe package('arvados-ws') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados websocket service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('arvados-ws') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+
+ describe port(8005) do
+ it { should be_listening }
+ its('processes') { should include 'arvados-ws' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: websocket
+title: arvados formula websocket submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula websocket is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+workbench_config = <<-WORKBENCH_STANZA
+ Workbench:
+ SecretKeyBase: changeme_workbench_secret_key
+ SiteName: FIXME
+WORKBENCH_STANZA
+
+workbench_service = <<-WORKBENCH_SERVICE_STANZA
+ Workbench1:
+ ExternalURL: "https://workbench.example.net"
+WORKBENCH_SERVICE_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired workbench lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(workbench_config) }
+ its('content') { should include(workbench_service) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados workbench package' do
+ title 'should be installed'
+
+ describe package('arvados-workbench') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados workbench service' do
+ impact 0.5
+ title 'should be running and enabled'
+
+ describe service('nginx') do
+ it { should be_enabled }
+ it { should be_running }
+ end
+
+ describe port(9000) do
+ it { should be_listening }
+ its('processes') { should include 'nginx' }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: workbench
+title: arvados formula workbench submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula workbench is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
--- /dev/null
+# frozen_string_literal: true
+
+workbench2_service = <<-WORKBENCH2_STANZA
+ Workbench2:
+ ExternalURL: "https://workbench2.example.net"
+WORKBENCH2_STANZA
+
+control 'arvados configuration' do
+ title 'should match desired workbench2 lines'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'www-data' }
+ its('mode') { should cmp '0640' }
+ its('content') do
+ should include(
+ 'File managed by Salt at <salt://arvados/files/default/config.tmpl.jinja>.'
+ )
+ end
+ its('content') { should include(workbench2_service) }
+ end
+end
--- /dev/null
+# frozen_string_literal: true
+
+control 'arvados workbench2 package' do
+ title 'should be installed'
+
+ describe package('arvados-workbench2') do
+ it { should be_installed }
+ end
+end
--- /dev/null
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: workbench2
+title: arvados formula workbench2 submodule
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: Verify that the arvados formula workbench2 is setup and configured correctly
+supports:
+ - platform-name: debian
+ - platform-name: ubuntu
+ - platform-name: centos
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
----
-arvados:
- lookup:
- master: template-master
- # Just for testing purposes
- winner: lookup
- added_in_lookup: lookup_value
-
- # Using bash package and udev service as an example. This allows us to
- # test the template formula itself. You should set these parameters to
- # examples that make sense in the contexto of the formula you're writing.
- pkg:
- name: cronie
- service:
- name: crond
- config: /etc/template-formula.conf
-
- tofs:
- # The files_switch key serves as a selector for alternative
- # directories under the formula files directory. See TOFS pattern
- # doc for more info.
- # Note: Any value not evaluated by `config.get` will be used literally.
- # This can be used to set custom paths, as many levels deep as required.
- files_switch:
- - any/path/can/be/used/here
- - id
- - roles
- - osfinger
- - os
- - os_family
- # All aspects of path/file resolution are customisable using the options below.
- # This is unnecessary in most cases; there are sensible defaults.
- # path_prefix: template_alt
- # dirs:
- # files: files_alt
- # default: default_alt
- # The entries under `source_files` are prepended to the default source files
- # given for the state
- # source_files:
- # template-config-file-file-managed:
- # - 'example_alt.tmpl'
- # - 'example_alt.tmpl.jinja'
-
- # For testing purposes
- source_files:
- arvados-config-file-file-managed:
- - 'example.tmpl.jinja'
- arvados-subcomponent-config-file-file-managed:
- - 'subcomponent-example.tmpl.jinja'
-
- # Just for testing purposes
- winner: pillar
- added_in_pillar: pillar_value
+++ /dev/null
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
----
-# libtofs.jinja must work with tofs.files_switch looked up list
-roles:
- - foo
- - bar
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### ARVADOS
+arvados:
+ config:
+ group: www-data
+
+### NGINX
+nginx:
+ ### SITES
+ servers:
+ managed:
+ arvados_api:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - listen: '127.0.0.1:8004'
+ - server_name: api
+ - root: /var/www/arvados-api/current/public
+ - index: index.html index.htm
+ - access_log: {{ nginx_log }}/api.example.net-upstream.access.log combined
+ - error_log: {{ nginx_log }}/api.example.net-upstream.error.log
+ - passenger_enabled: 'on'
+ - client_max_body_size: 128m
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### NGINX
+nginx:
+ ### SERVER
+ server:
+ config:
+
+ ### STREAMS
+ http:
+ 'geo $external_client':
+ default: 1
+ '127.0.0.0/24': 0
+ upstream controller_upstream:
+ - server: 'localhost:8003 fail_timeout=10s'
+
+ ### SITES
+ servers:
+ managed:
+ ### DEFAULT
+ arvados_controller_default:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: example.net api.example.net
+ - listen:
+ - 80 default
+ - location /.well-known:
+ - root: /var/www
+ - location /:
+ - return: '301 https://$host$request_uri'
+
+ arvados_controller:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: example.net
+ - listen:
+ - 443 http2 ssl
+ - index: index.html index.htm
+ - location /:
+ - proxy_pass: 'http://controller_upstream'
+ - proxy_read_timeout: 300
+ - proxy_connect_timeout: 90
+ - proxy_redirect: 'off'
+ - proxy_set_header: X-Forwarded-Proto https
+ - proxy_set_header: 'Host $http_host'
+ - proxy_set_header: 'X-Real-IP $remote_addr'
+ - proxy_set_header: 'X-Forwarded-For $proxy_add_x_forwarded_for'
+ - proxy_set_header: 'X-External-Client $external_client'
+ # - include: 'snippets/letsencrypt.conf'
+ - include: 'snippets/snakeoil.conf'
+ - access_log: {{ nginx_log }}/example.net.access.log combined
+ - error_log: {{ nginx_log }}/example.net.error.log
+ - client_max_body_size: 128m
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### NGINX
+nginx:
+ ### SERVER
+ server:
+ config:
+ ### STREAMS
+ http:
+ upstream keepproxy_upstream:
+ - server: '127.0.0.1:25107 fail_timeout=10s'
+
+ servers:
+ managed:
+ ### DEFAULT
+ arvados_keep_default:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: keep.example.net
+ - listen:
+ - 80
+ - location /.well-known:
+ - root: /var/www
+ - location /:
+ - return: '301 https://$host$request_uri'
+
+ arvados_keepproxy:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: keep.example.net
+ - listen:
+ - 443 http2 ssl
+ - index: index.html index.htm
+ - location /:
+ - proxy_pass: 'http://keepproxy_upstream'
+ - proxy_read_timeout: 90
+ - proxy_connect_timeout: 90
+ - proxy_redirect: 'off'
+ - proxy_set_header: X-Forwarded-Proto https
+ - proxy_set_header: 'Host $http_host'
+ - proxy_set_header: 'X-Real-IP $remote_addr'
+ - proxy_set_header: 'X-Forwarded-For $proxy_add_x_forwarded_for'
+ - proxy_buffering: 'off'
+ - client_body_buffer_size: 64M
+ - client_max_body_size: 64M
+ - proxy_http_version: '1.1'
+ - proxy_request_buffering: 'off'
+ # - include: 'snippets/letsencrypt.conf'
+ - include: 'snippets/snakeoil.conf'
+ - access_log: {{ nginx_log }}/keepproxy.example.net.access.log combined
+ - error_log: {{ nginx_log }}/keepproxy.example.net.error.log
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### NGINX
+nginx:
+ ### SERVER
+ server:
+ config:
+ ### STREAMS
+ http:
+ upstream collections_downloads_upstream:
+ - server: '127.0.0.1:9002 fail_timeout=10s'
+
+ servers:
+ managed:
+ ### DEFAULT
+ arvados_collections_default:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: collections.example.net download.example.net
+ - listen:
+ - 80
+ - location /.well-known:
+ - root: /var/www
+ - location /:
+ - return: '301 https://$host$request_uri'
+
+ ### COLLECTIONS / DOWNLOAD
+ arvados_collections_downloads:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: collections.example.net download.example.net
+ - listen:
+ - 443 http2 ssl
+ - index: index.html index.htm
+ - location /:
+ - proxy_pass: 'http://collections_downloads_upstream'
+ - proxy_read_timeout: 90
+ - proxy_connect_timeout: 90
+ - proxy_redirect: 'off'
+ - proxy_set_header: X-Forwarded-Proto https
+ - proxy_set_header: 'Host $http_host'
+ - proxy_set_header: 'X-Real-IP $remote_addr'
+ - proxy_set_header: 'X-Forwarded-For $proxy_add_x_forwarded_for'
+ - proxy_buffering: 'off'
+ - client_max_body_size: 0
+ - proxy_http_version: '1.1'
+ - proxy_request_buffering: 'off'
+ # - include: 'snippets/letsencrypt.conf'
+ - include: 'snippets/snakeoil.conf'
+ - access_log: {{ nginx_log }}/collections.example.net.access.log combined
+ - error_log: {{ nginx_log }}/collections.example.net.error.log
--- /dev/null
+---
+states:
+ - nginx.passenger
+
+{% set nginx_log = '/var/log/nginx' %}
+
+### NGINX
+nginx:
+ install_from_phusionpassenger: true
+ lookup:
+ passenger_package: libnginx-mod-http-passenger
+ passenger_config_file: /etc/nginx/conf.d/mod-http-passenger.conf
+
+ ### SERVER
+ server:
+ config:
+ include: 'modules-enabled/*.conf'
+ worker_processes: 4
+
+ ### SITES
+ servers:
+ managed:
+ # Remove default webserver
+ default:
+ enabled: false
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### NGINX
+nginx:
+ ### SERVER
+ server:
+ config:
+ ### STREAMS
+ http:
+ upstream websocket_upstream:
+ - server: '127.0.0.1:8005 fail_timeout=10s'
+
+ servers:
+ managed:
+ ### DEFAULT
+ arvados_ws_default:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: ws.example.net
+ - listen:
+ - 80
+ - location /.well-known:
+ - root: /var/www
+ - location /:
+ - return: '301 https://$host$request_uri'
+
+ arvados_websocket:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: ws.example.net
+ - listen:
+ - 443 http2 ssl
+ - index: index.html index.htm
+ - location /:
+ - proxy_pass: 'http://websocket_upstream'
+ - proxy_read_timeout: 90
+ - proxy_connect_timeout: 90
+ - proxy_redirect: 'off'
+ - proxy_set_header: X-Forwarded-Proto https
+ - proxy_set_header: 'Host $http_host'
+ - proxy_set_header: 'X-Real-IP $remote_addr'
+ - proxy_set_header: 'X-Forwarded-For $proxy_add_x_forwarded_for'
+ - proxy_buffering: 'off'
+ - client_body_buffer_size: 64M
+ - client_max_body_size: 64M
+ - proxy_http_version: '1.1'
+ - proxy_request_buffering: 'off'
+ # - include: 'snippets/letsencrypt.conf'
+ - include: 'snippets/snakeoil.conf'
+ - access_log: {{ nginx_log }}/ws.example.net.access.log combined
+ - error_log: {{ nginx_log }}/ws.example.net.error.log
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### ARVADOS
+arvados:
+ config:
+ group: www-data
+
+### NGINX
+nginx:
+ ### SITES
+ servers:
+ managed:
+ ### DEFAULT
+ arvados_workbench2_default:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: workbench2.example.net
+ - listen:
+ - 80
+ - location /.well-known:
+ - root: /var/www
+ - location /:
+ - return: '301 https://$host$request_uri'
+
+ arvados_workbench2:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: workbench2.example.net
+ - listen:
+ - 443 http2 ssl
+ - index: index.html index.htm
+ - location /:
+ - root: /var/www/arvados-workbench2/workbench2
+ - try_files: '$uri $uri/ /index.html'
+ - 'if (-f $document_root/maintenance.html)':
+ - return: 503
+ # - include: 'snippets/letsencrypt.conf'
+ - include: 'snippets/snakeoil.conf'
+ - access_log: {{ nginx_log }}/workbench2.example.net.access.log combined
+ - error_log: {{ nginx_log }}/workbench2.example.net.error.log
--- /dev/null
+---
+{% set nginx_log = '/var/log/nginx' %}
+
+### ARVADOS
+arvados:
+ config:
+ group: www-data
+
+### NGINX
+nginx:
+ ### SERVER
+ server:
+ config:
+
+ ### STREAMS
+ http:
+ upstream workbench_upstream:
+ - server: '127.0.0.1:9000 fail_timeout=10s'
+
+ ### SITES
+ servers:
+ managed:
+ ### DEFAULT
+ arvados_workbench_default:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: workbench.example.net
+ - listen:
+ - 80
+ - location /.well-known:
+ - root: /var/www
+ - location /:
+ - return: '301 https://$host$request_uri'
+
+ arvados_workbench:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - server_name: workbench.example.net
+ - listen:
+ - 443 http2 ssl
+ - index: index.html index.htm
+ - location /:
+ - proxy_pass: 'http://workbench_upstream'
+ - proxy_read_timeout: 300
+ - proxy_connect_timeout: 90
+ - proxy_redirect: 'off'
+ - proxy_set_header: X-Forwarded-Proto https
+ - proxy_set_header: 'Host $http_host'
+ - proxy_set_header: 'X-Real-IP $remote_addr'
+ - proxy_set_header: 'X-Forwarded-For $proxy_add_x_forwarded_for'
+ # - include: 'snippets/letsencrypt.conf'
+ - include: 'snippets/snakeoil.conf'
+ - access_log: {{ nginx_log }}/workbench.example.net.access.log combined
+ - error_log: {{ nginx_log }}/workbench.example.net.error.log
+
+ arvados_workbench_upstream:
+ enabled: true
+ overwrite: true
+ config:
+ - server:
+ - listen: '127.0.0.1:9000'
+ - server_name: workbench
+ - root: /var/www/arvados-workbench/current/public
+ - index: index.html index.htm
+ - access_log: {{ nginx_log }}/workbench.example.net-upstream.access.log combined
+ - error_log: {{ nginx_log }}/workbench.example.net-upstream.error.log
+
--- /dev/null
+---
+states:
+ - postgres
+
+### POSTGRESQL
+postgres:
+ use_upstream_repo: false
+ pkgs_extra:
+ - postgresql-contrib
+ postgresconf: |-
+ listen_addresses = '*' # listen on all interfaces
+ acls:
+ - ['local', 'all', 'postgres', 'peer']
+ - ['local', 'all', 'all', 'peer']
+ - ['host', 'all', 'all', '127.0.0.1/32', 'md5']
+ - ['host', 'all', 'all', '::1/128', 'md5']
+ - ['host', 'arvados', 'arvados', '127.0.0.1/32']
+ users:
+ arvados:
+ ensure: present
+ password: changeme_arvados
+
+ # tablespaces:
+ # arvados_tablespace:
+ # directory: /path/to/some/tbspace/arvados_tbsp
+ # owner: arvados
+
+ databases:
+ arvados:
+ owner: arvados
+ template: template0
+ lc_ctype: en_US.utf8
+ lc_collate: en_US.utf8
+ # tablespace: arvados_tablespace
+ schemas:
+ public:
+ owner: arvados
+ extensions:
+ pg_trgm:
+ if_not_exists: true
+ schema: public
--- /dev/null
+snake_oil_certs:
+ pkg.installed:
+ - name: ssl-cert