tools/arvbox/lib/arvbox/docker/cluster-config.sh

   1 #!/bin/bash
   2 # Copyright (C) The Arvados Authors. All rights reserved.
   3 #
   4 # SPDX-License-Identifier: AGPL-3.0
   5
   6 exec 2>&1
   7 set -ex -o pipefail
   8
   9 if [[ -s /etc/arvados/config.yml ]] && [[ /var/lib/arvados/cluster_config.yml.override -ot /etc/arvados/config.yml ]] ; then
  10    exit
  11 fi
  12
  13 . /usr/local/lib/arvbox/common.sh
  14
  15 set -u
  16
  17 if ! test -s /var/lib/arvados/api_uuid_prefix ; then
  18   ruby -e 'puts "x#{rand(2**64).to_s(36)[0,4]}"' > /var/lib/arvados/api_uuid_prefix
  19 fi
  20 uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
  21
  22 if ! test -s /var/lib/arvados/api_secret_token ; then
  23     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/api_secret_token
  24 fi
  25 secret_token=$(cat /var/lib/arvados/api_secret_token)
  26
  27 if ! test -s /var/lib/arvados/blob_signing_key ; then
  28     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/blob_signing_key
  29 fi
  30 blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
  31
  32 if ! test -s /var/lib/arvados/management_token ; then
  33     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/management_token
  34 fi
  35 management_token=$(cat /var/lib/arvados/management_token)
  36
  37 if ! test -s /var/lib/arvados/system_root_token ; then
  38     ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/system_root_token
  39 fi
  40 system_root_token=$(cat /var/lib/arvados/system_root_token)
  41
  42 if ! test -s /var/lib/arvados/vm-uuid ; then
  43     echo $uuid_prefix-2x53u-$(ruby -e 'puts rand(2**400).to_s(36)[0,15]') > /var/lib/arvados/vm-uuid
  44 fi
  45 vm_uuid=$(cat /var/lib/arvados/vm-uuid)
  46
  47 if ! test -f /var/lib/arvados/api_database_pw ; then
  48     ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/api_database_pw
  49 fi
  50 database_pw=$(cat /var/lib/arvados/api_database_pw)
  51
  52 if ! (psql postgres -c "\du" | grep "^ arvados ") >/dev/null ; then
  53     psql postgres -c "create user arvados with password '$database_pw'"
  54 fi
  55 psql postgres -c "ALTER USER arvados WITH SUPERUSER;"
  56
  57 if ! test -s /var/lib/arvados/workbench_secret_token ; then
  58   ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/workbench_secret_token
  59 fi
  60 workbench_secret_key_base=$(cat /var/lib/arvados/workbench_secret_token)
  61
  62 if test -s /var/lib/arvados/api_rails_env ; then
  63   database_env=$(cat /var/lib/arvados/api_rails_env)
  64 else
  65   database_env=development
  66 fi
  67
  68 cat >/var/lib/arvados/cluster_config.yml <<EOF
  69 Clusters:
  70   ${uuid_prefix}:
  71     SystemRootToken: $system_root_token
  72     ManagementToken: $management_token
  73     Services:
  74       RailsAPI:
  75         InternalURLs:
  76           "http://localhost:${services[api]}": {}
  77       Workbench1:
  78         ExternalURL: "https://$localip:${services[workbench]}"
  79       Workbench2:
  80         ExternalURL: "https://$localip:${services[workbench2-ssl]}"
  81       Keepproxy:
  82         ExternalURL: "https://$localip:${services[keepproxy-ssl]}"
  83         InternalURLs:
  84           "http://localhost:${services[keepproxy]}": {}
  85       Keepstore:
  86         InternalURLs:
  87           "http://localhost:${services[keepstore0]}": {}
  88           "http://localhost:${services[keepstore1]}": {}
  89       Websocket:
  90         ExternalURL: "wss://$localip:${services[websockets-ssl]}/websocket"
  91         InternalURLs:
  92           "http://localhost:${services[websockets]}": {}
  93       GitSSH:
  94         ExternalURL: "ssh://git@$localip:"
  95       GitHTTP:
  96         InternalURLs:
  97           "http://localhost:${services[arv-git-httpd]}/": {}
  98         ExternalURL: "https://$localip:${services[arv-git-httpd-ssl]}/"
  99       WebDAV:
 100         InternalURLs:
 101           "http://localhost:${services[keep-web]}/": {}
 102         ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
 103       WebDAVDownload:
 104         InternalURLs:
 105           "http://localhost:${services[keep-web]}/": {}
 106         ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
 107       Composer:
 108         ExternalURL: "https://$localip:${services[composer]}"
 109       Controller:
 110         ExternalURL: "https://$localip:${services[controller-ssl]}"
 111         InternalURLs:
 112           "http://localhost:${services[controller]}": {}
 113       RailsAPI:
 114         InternalURLs:
 115           "http://localhost:${services[api]}/": {}
 116     PostgreSQL:
 117       ConnectionPool: 32 # max concurrent connections per arvados server daemon
 118       Connection:
 119         # All parameters here are passed to the PG client library in a connection string;
 120         # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
 121         host: localhost
 122         user: arvados
 123         password: ${database_pw}
 124         dbname: arvados_${database_env}
 125         client_encoding: utf8
 126     API:
 127       RailsSessionSecretToken: $secret_token
 128     Collections:
 129       BlobSigningKey: $blob_signing_key
 130       DefaultReplication: 1
 131       TrustAllContent: true
 132     Login:
 133       Test:
 134         Enable: true
 135     Users:
 136       NewUsersAreActive: true
 137       AutoAdminFirstUser: true
 138       AutoSetupNewUsers: true
 139       AutoSetupNewUsersWithVmUUID: $vm_uuid
 140       AutoSetupNewUsersWithRepository: true
 141     Workbench:
 142       SecretKeyBase: $workbench_secret_key_base
 143       ArvadosDocsite: http://$localip:${services[doc]}/
 144     Git:
 145       GitCommand: /usr/share/gitolite3/gitolite-shell
 146       GitoliteHome: /var/lib/arvados/git
 147       Repositories: /var/lib/arvados/git/repositories
 148     Volumes:
 149       ${uuid_prefix}-nyw5e-000000000000000:
 150         Driver: Directory
 151         DriverParameters:
 152           Root: /var/lib/arvados/keep0
 153         AccessViaHosts:
 154           "http://localhost:${services[keepstore0]}": {}
 155       ${uuid_prefix}-nyw5e-111111111111111:
 156         Driver: Directory
 157         DriverParameters:
 158           Root: /var/lib/arvados/keep1
 159         AccessViaHosts:
 160           "http://localhost:${services[keepstore1]}": {}
 161 EOF
 162
 163 /usr/local/lib/arvbox/yml_override.py /var/lib/arvados/cluster_config.yml
 164
 165 cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
 166
 167 chmod og-rw \
 168       /var/lib/arvados/cluster_config.yml.override \
 169       /var/lib/arvados/cluster_config.yml \
 170       /etc/arvados/config.yml \
 171       /var/lib/arvados/api_secret_token \
 172       /var/lib/arvados/blob_signing_key \
 173       /var/lib/arvados/management_token \
 174       /var/lib/arvados/system_root_token \
 175       /var/lib/arvados/api_database_pw \
 176       /var/lib/arvados/workbench_secret_token \
 177       /var/lib/arvados/superuser_token \
 178
 179 mkdir -p /var/lib/arvados/run_tests
 180 cat >/var/lib/arvados/run_tests/config.yml <<EOF
 181 Clusters:
 182   zzzzz:
 183     PostgreSQL:
 184       Connection:
 185         host: localhost
 186         user: arvados
 187         password: ${database_pw}
 188         dbname: arvados_test
 189         client_encoding: utf8
 190 EOF