tools/arvbox/lib/arvbox/docker/cluster-config.sh

   1 #!/bin/bash
   2 # Copyright (C) The Arvados Authors. All rights reserved.
   3 #
   4 # SPDX-License-Identifier: AGPL-3.0
   5
   6 exec 2>&1
   7 set -ex -o pipefail
   8
   9 if [[ -s /etc/arvados/config.yml ]] && [[ /var/lib/arvados/cluster_config.yml.override -ot /etc/arvados/config.yml ]] ; then
  10    exit
  11 fi
  12
  13 . /usr/local/lib/arvbox/common.sh
  14
  15 set -u
  16
  17 if ! test -s /var/lib/arvados/api_uuid_prefix ; then
  18   ruby -e 'puts "x#{rand(2**64).to_s(36)[0,4]}"' > /var/lib/arvados/api_uuid_prefix
  19 fi
  20 uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
  21
  22 if ! test -s /var/lib/arvados/api_secret_token ; then
  23     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/api_secret_token
  24 fi
  25 secret_token=$(cat /var/lib/arvados/api_secret_token)
  26
  27 if ! test -s /var/lib/arvados/blob_signing_key ; then
  28     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/blob_signing_key
  29 fi
  30 blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
  31
  32 if ! test -s /var/lib/arvados/management_token ; then
  33     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/management_token
  34 fi
  35 management_token=$(cat /var/lib/arvados/management_token)
  36
  37 if ! test -s /var/lib/arvados/system_root_token ; then
  38     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/system_root_token
  39 fi
  40 system_root_token=$(cat /var/lib/arvados/system_root_token)
  41
  42 if ! test -s /var/lib/arvados/vm-uuid ; then
  43     echo $uuid_prefix-2x53u-$(ruby -e 'puts rand(2**400).to_s(36)[0,15]') > /var/lib/arvados/vm-uuid
  44 fi
  45 vm_uuid=$(cat /var/lib/arvados/vm-uuid)
  46
  47 if ! test -f /var/lib/arvados/api_database_pw ; then
  48     ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/api_database_pw
  49 fi
  50 database_pw=$(cat /var/lib/arvados/api_database_pw)
  51
  52 if ! (psql postgres -c "\du" | grep "^ arvados ") >/dev/null ; then
  53     psql postgres -c "create user arvados with password '$database_pw'"
  54 fi
  55 psql postgres -c "ALTER USER arvados WITH SUPERUSER;"
  56
  57 if ! test -s /var/lib/arvados/workbench_secret_token ; then
  58   ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/workbench_secret_token
  59 fi
  60 workbench_secret_key_base=$(cat /var/lib/arvados/workbench_secret_token)
  61
  62 if test -s /var/lib/arvados/api_rails_env ; then
  63   database_env=$(cat /var/lib/arvados/api_rails_env)
  64 else
  65   database_env=development
  66 fi
  67
  68 cat >/var/lib/arvados/cluster_config.yml <<EOF
  69 Clusters:
  70   ${uuid_prefix}:
  71     SystemRootToken: $system_root_token
  72     ManagementToken: $management_token
  73     Services:
  74       RailsAPI:
  75         InternalURLs:
  76           "http://localhost:${services[api]}": {}
  77       Workbench1:
  78         ExternalURL: "https://$localip:${services[workbench]}"
  79       Workbench2:
  80         ExternalURL: "https://$localip:${services[workbench2-ssl]}"
  81       Keepproxy:
  82         ExternalURL: "https://$localip:${services[keepproxy-ssl]}"
  83         InternalURLs:
  84           "http://localhost:${services[keepproxy]}": {}
  85       Keepstore:
  86         InternalURLs:
  87           "http://localhost:${services[keepstore0]}": {}
  88           "http://localhost:${services[keepstore1]}": {}
  89       Websocket:
  90         ExternalURL: "wss://$localip:${services[websockets-ssl]}/websocket"
  91         InternalURLs:
  92           "http://localhost:${services[websockets]}": {}
  93       GitSSH:
  94         ExternalURL: "ssh://git@$localip:"
  95       GitHTTP:
  96         InternalURLs:
  97           "http://localhost:${services[arv-git-httpd]}/": {}
  98         ExternalURL: "https://$localip:${services[arv-git-httpd-ssl]}/"
  99       WebDAV:
 100         InternalURLs:
 101           "http://localhost:${services[keep-web]}/": {}
 102         ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
 103       WebDAVDownload:
 104         InternalURLs:
 105           "http://localhost:${services[keep-web]}/": {}
 106         ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
 107         InternalURLs:
 108           "http://localhost:${services[keep-web]}/": {}
 109       Composer:
 110         ExternalURL: "https://$localip:${services[composer]}"
 111       Controller:
 112         ExternalURL: "https://$localip:${services[controller-ssl]}"
 113         InternalURLs:
 114           "http://localhost:${services[controller]}": {}
 115       RailsAPI:
 116         InternalURLs:
 117           "http://localhost:${services[api]}/": {}
 118     PostgreSQL:
 119       ConnectionPool: 32 # max concurrent connections per arvados server daemon
 120       Connection:
 121         # All parameters here are passed to the PG client library in a connection string;
 122         # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
 123         host: localhost
 124         user: arvados
 125         password: ${database_pw}
 126         dbname: arvados_${database_env}
 127         client_encoding: utf8
 128     API:
 129       RailsSessionSecretToken: $secret_token
 130     Collections:
 131       BlobSigningKey: $blob_signing_key
 132       DefaultReplication: 1
 133       TrustAllContent: true
 134     Login:
 135       Test:
 136         Enable: true
 137     Users:
 138       NewUsersAreActive: true
 139       AutoAdminUserWithEmail: admin@example.com
 140       AutoSetupNewUsers: true
 141       AutoSetupNewUsersWithVmUUID: $vm_uuid
 142       AutoSetupNewUsersWithRepository: true
 143     Workbench:
 144       SecretKeyBase: $workbench_secret_key_base
 145       ArvadosDocsite: http://$localip:${services[doc]}/
 146     Git:
 147       GitCommand: /usr/share/gitolite3/gitolite-shell
 148       GitoliteHome: /var/lib/arvados/git
 149       Repositories: /var/lib/arvados/git/repositories
 150     Volumes:
 151       ${uuid_prefix}-nyw5e-000000000000000:
 152         Driver: Directory
 153         DriverParameters:
 154           Root: /var/lib/arvados/keep0
 155         AccessViaHosts:
 156           "http://localhost:${services[keepstore0]}": {}
 157       ${uuid_prefix}-nyw5e-111111111111111:
 158         Driver: Directory
 159         DriverParameters:
 160           Root: /var/lib/arvados/keep1
 161         AccessViaHosts:
 162           "http://localhost:${services[keepstore1]}": {}
 163 EOF
 164
 165 /usr/local/lib/arvbox/yml_override.py /var/lib/arvados/cluster_config.yml
 166
 167 cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
 168
 169 chmod og-rw \
 170       /var/lib/arvados/cluster_config.yml.override \
 171       /var/lib/arvados/cluster_config.yml \
 172       /etc/arvados/config.yml \
 173       /var/lib/arvados/api_secret_token \
 174       /var/lib/arvados/blob_signing_key \
 175       /var/lib/arvados/management_token \
 176       /var/lib/arvados/system_root_token \
 177       /var/lib/arvados/api_database_pw \
 178       /var/lib/arvados/workbench_secret_token \
 179       /var/lib/arvados/superuser_token \
 180
 181 mkdir -p /var/lib/arvados/run_tests
 182 cat >/var/lib/arvados/run_tests/config.yml <<EOF
 183 Clusters:
 184   zzzzz:
 185     PostgreSQL:
 186       Connection:
 187         host: localhost
 188         user: arvados
 189         password: ${database_pw}
 190         dbname: arvados_test
 191         client_encoding: utf8
 192 EOF