tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/arvados.sls

   1 # -*- coding: utf-8 -*-
   2 # vim: ft=yaml
   3 ---
   4 # Copyright (C) The Arvados Authors. All rights reserved.
   5 #
   6 # SPDX-License-Identifier: AGPL-3.0
   7
   8 # The variables commented out are the default values that the formula uses.
   9 # The uncommented values are REQUIRED values. If you don't set them, running
  10 # this formula will fail.
  11 arvados:
  12   ### GENERAL CONFIG
  13   version: '__VERSION__'
  14   ## It makes little sense to disable this flag, but you can, if you want :)
  15   # use_upstream_repo: true
  16
  17   ## Repo URL is built with grains values. If desired, it can be completely
  18   ## overwritten with the pillar parameter 'repo_url'
  19   # repo:
  20   #   humanname: Arvados Official Repository
  21
  22   release: __RELEASE__
  23
  24   ## IMPORTANT!!!!!
  25   ## api, workbench and shell require some gems, so you need to make sure ruby
  26   ## and deps are installed in order to install and compile the gems.
  27   ## We default to `false` in these two variables as it's expected you already
  28   ## manage OS packages with some other tool and you don't want us messing up
  29   ## with your setup.
  30   ruby:
  31     ## We set these to `true` here for testing purposes.
  32     ## They both default to `false`.
  33     manage_ruby: true
  34     manage_gems_deps: true
  35     # pkg: ruby
  36     # gems_deps:
  37     #     - curl
  38     #     - g++
  39     #     - gcc
  40     #     - git
  41     #     - libcurl4
  42     #     - libcurl4-gnutls-dev
  43     #     - libpq-dev
  44     #     - libxml2
  45     #     - libxml2-dev
  46     #     - make
  47     #     - python3-dev
  48     #     - ruby-dev
  49     #     - zlib1g-dev
  50
  51   # config:
  52   #   file: /etc/arvados/config.yml
  53   #   user: root
  54   ## IMPORTANT!!!!!
  55   ## If you're intalling any of the rails apps (api, workbench), the group
  56   ## should be set to that of the web server, usually `www-data`
  57   #   group: root
  58   #   mode: 640
  59
  60   ### ARVADOS CLUSTER CONFIG
  61   cluster:
  62     name: __CLUSTER__
  63     domain: __DOMAIN__
  64
  65     database:
  66       # max concurrent connections per arvados server daemon
  67       # connection_pool_max: 32
  68       name: __CLUSTER___arvados
  69       host: 127.0.0.1
  70       password: "__DATABASE_PASSWORD__"
  71       user: __CLUSTER___arvados
  72       extra_conn_params:
  73         client_encoding: UTF8
  74       # Centos7 does not enable SSL by default, so we disable
  75       # it here just for testing of the formula purposes only.
  76       # You should not do this in production, and should
  77       # configure Postgres certificates correctly
  78       {%- if grains.os_family in ('RedHat',) %}
  79         sslmode: disable
  80       {%- endif %}
  81
  82     tls:
  83       # certificate: ''
  84       # key: ''
  85       # When using arvados-snakeoil certs set insecure: true
  86       insecure: false
  87
  88     resources:
  89       virtual_machines:
  90         shell:
  91           name: webshell
  92           backend: 127.0.0.1
  93           port: 4200
  94
  95     ### TOKENS
  96     tokens:
  97       system_root: __SYSTEM_ROOT_TOKEN__
  98       management: __MANAGEMENT_TOKEN__
  99       anonymous_user: __ANONYMOUS_USER_TOKEN__
 100
 101     ### KEYS
 102     secrets:
 103       blob_signing_key: __BLOB_SIGNING_KEY__
 104       workbench_secret_key: __WORKBENCH_SECRET_KEY__
 105
 106     Login:
 107       Test:
 108         Enable: true
 109         Users:
 110           __INITIAL_USER__:
 111             Email: __INITIAL_USER_EMAIL__
 112             Password: __INITIAL_USER_PASSWORD__
 113
 114     ### VOLUMES
 115     ## This should usually match all your `keepstore` instances
 116     Volumes:
 117       # the volume name will be composed with
 118       # <cluster>-nyw5e-<volume>
 119       __CLUSTER__-nyw5e-000000000000000:
 120         AccessViaHosts:
 121           'http://keep0.__CLUSTER__.__DOMAIN__:25107':
 122             ReadOnly: false
 123         Replication: 2
 124         Driver: Directory
 125         DriverParameters:
 126           Root: /tmp
 127
 128     Users:
 129       NewUsersAreActive: true
 130       AutoAdminFirstUser: true
 131       AutoSetupNewUsers: true
 132       AutoSetupNewUsersWithRepository: true
 133
 134     Services:
 135       Controller:
 136         ExternalURL: 'https://__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 137         InternalURLs:
 138           'http://controller.internal:8003': {}
 139       DispatchCloud:
 140         InternalURLs:
 141           'http://__CLUSTER__.__DOMAIN__:9006': {}
 142       Keepbalance:
 143         InternalURLs:
 144           'http://localhost:9005': {}
 145       Keepproxy:
 146         ExternalURL: 'https://keep.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 147         InternalURLs:
 148           'http://keep.internal:25100': {}
 149       Keepstore:
 150         InternalURLs:
 151           'http://keep0.__CLUSTER__.__DOMAIN__:25107': {}
 152       RailsAPI:
 153         InternalURLs:
 154           'http://api.internal:8004': {}
 155       WebDAV:
 156         ExternalURL: 'https://collections.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 157         InternalURLs:
 158           'http://collections.internal:9002': {}
 159       WebDAVDownload:
 160         ExternalURL: 'https://download.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 161       WebShell:
 162         ExternalURL: 'https://webshell.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 163       Websocket:
 164         ExternalURL: 'wss://ws.__CLUSTER__.__DOMAIN__/websocket'
 165         InternalURLs:
 166           'http://ws.internal:8005': {}
 167       Workbench1:
 168         ExternalURL: 'https://workbench.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 169       Workbench2:
 170         ExternalURL: 'https://workbench2.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'