2 # Copyright (C) The Arvados Authors. All rights reserved.
4 # SPDX-License-Identifier: AGPL-3.0
9 if [[ -s /etc/arvados/config.yml ]] && [[ /var/lib/arvados/cluster_config.yml.override -ot /etc/arvados/config.yml ]] ; then
13 . /usr/local/lib/arvbox/common.sh
17 if ! test -s /var/lib/arvados/api_uuid_prefix ; then
18 ruby -e 'puts "x#{rand(2**64).to_s(36)[0,4]}"' > /var/lib/arvados/api_uuid_prefix
20 uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
22 if ! test -s /var/lib/arvados/api_secret_token ; then
23 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/api_secret_token
25 secret_token=$(cat /var/lib/arvados/api_secret_token)
27 if ! test -s /var/lib/arvados/blob_signing_key ; then
28 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/blob_signing_key
30 blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
32 if ! test -s /var/lib/arvados/management_token ; then
33 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/management_token
35 management_token=$(cat /var/lib/arvados/management_token)
37 if ! test -s /var/lib/arvados/system_root_token ; then
38 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/system_root_token
40 system_root_token=$(cat /var/lib/arvados/system_root_token)
42 if ! test -s /var/lib/arvados/vm-uuid ; then
43 echo $uuid_prefix-2x53u-$(ruby -e 'puts rand(2**400).to_s(36)[0,15]') > /var/lib/arvados/vm-uuid
45 vm_uuid=$(cat /var/lib/arvados/vm-uuid)
47 if ! test -f /var/lib/arvados/api_database_pw ; then
48 ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/api_database_pw
50 database_pw=$(cat /var/lib/arvados/api_database_pw)
52 if ! (psql postgres -c "\du" | grep "^ arvados ") >/dev/null ; then
53 psql postgres -c "create user arvados with password '$database_pw'"
55 psql postgres -c "ALTER USER arvados WITH SUPERUSER;"
57 if ! test -s /var/lib/arvados/workbench_secret_token ; then
58 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/workbench_secret_token
60 workbench_secret_key_base=$(cat /var/lib/arvados/workbench_secret_token)
62 if test -s /var/lib/arvados/api_rails_env ; then
63 database_env=$(cat /var/lib/arvados/api_rails_env)
65 database_env=development
68 cat >/var/lib/arvados/cluster_config.yml <<EOF
71 SystemRootToken: $system_root_token
72 ManagementToken: $management_token
76 "http://localhost:${services[api]}": {}
78 ExternalURL: "https://$localip:${services[workbench]}"
80 ExternalURL: "https://$localip:${services[workbench2-ssl]}"
82 ExternalURL: "https://$localip:${services[keepproxy-ssl]}"
84 "http://localhost:${services[keepproxy]}": {}
87 "http://localhost:${services[keepstore0]}": {}
88 "http://localhost:${services[keepstore1]}": {}
90 ExternalURL: "wss://$localip:${services[websockets-ssl]}/websocket"
92 "http://localhost:${services[websockets]}": {}
94 ExternalURL: "ssh://git@$localip:"
97 "http://localhost:${services[arv-git-httpd]}/": {}
98 ExternalURL: "https://$localip:${services[arv-git-httpd-ssl]}/"
101 "http://localhost:${services[keep-web]}/": {}
102 ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
105 "http://localhost:${services[keep-web]}/": {}
106 ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
108 ExternalURL: "https://$localip:${services[composer]}"
110 ExternalURL: "https://$localip:${services[controller-ssl]}"
112 "http://localhost:${services[controller]}": {}
115 "http://localhost:${services[api]}/": {}
117 ConnectionPool: 32 # max concurrent connections per arvados server daemon
119 # All parameters here are passed to the PG client library in a connection string;
120 # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
123 password: ${database_pw}
124 dbname: arvados_${database_env}
125 client_encoding: utf8
127 RailsSessionSecretToken: $secret_token
129 BlobSigningKey: $blob_signing_key
130 DefaultReplication: 1
131 TrustAllContent: true
136 NewUsersAreActive: true
137 AutoAdminFirstUser: true
138 AutoSetupNewUsers: true
139 AutoSetupNewUsersWithVmUUID: $vm_uuid
140 AutoSetupNewUsersWithRepository: true
142 SecretKeyBase: $workbench_secret_key_base
143 ArvadosDocsite: http://$localip:${services[doc]}/
145 GitCommand: /usr/share/gitolite3/gitolite-shell
146 GitoliteHome: /var/lib/arvados/git
147 Repositories: /var/lib/arvados/git/repositories
149 ${uuid_prefix}-nyw5e-000000000000000:
152 Root: /var/lib/arvados/keep0
154 "http://localhost:${services[keepstore0]}": {}
155 ${uuid_prefix}-nyw5e-111111111111111:
158 Root: /var/lib/arvados/keep1
160 "http://localhost:${services[keepstore1]}": {}
163 /usr/local/lib/arvbox/yml_override.py /var/lib/arvados/cluster_config.yml
165 cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
168 /var/lib/arvados/cluster_config.yml.override \
169 /var/lib/arvados/cluster_config.yml \
170 /etc/arvados/config.yml \
171 /var/lib/arvados/api_secret_token \
172 /var/lib/arvados/blob_signing_key \
173 /var/lib/arvados/management_token \
174 /var/lib/arvados/system_root_token \
175 /var/lib/arvados/api_database_pw \
176 /var/lib/arvados/workbench_secret_token \
177 /var/lib/arvados/superuser_token \
179 mkdir -p /var/lib/arvados/run_tests
180 cat >/var/lib/arvados/run_tests/config.yml <<EOF
187 password: ${database_pw}
189 client_encoding: utf8