tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/arvados.sls

   1 # -*- coding: utf-8 -*-
   2 # vim: ft=yaml
   3 ---
   4 # Copyright (C) The Arvados Authors. All rights reserved.
   5 #
   6 # SPDX-License-Identifier: AGPL-3.0
   7
   8 # The variables commented out are the default values that the formula uses.
   9 # The uncommented values are REQUIRED values. If you don't set them, running
  10 # this formula will fail.
  11 arvados:
  12   ### GENERAL CONFIG
  13   version: '__VERSION__'
  14   ## It makes little sense to disable this flag, but you can, if you want :)
  15   # use_upstream_repo: true
  16
  17   ## Repo URL is built with grains values. If desired, it can be completely
  18   ## overwritten with the pillar parameter 'repo_url'
  19   # repo:
  20   #   humanname: Arvados Official Repository
  21
  22   release: __RELEASE__
  23
  24   ## IMPORTANT!!!!!
  25   ## api, workbench and shell require some gems, so you need to make sure ruby
  26   ## and deps are installed in order to install and compile the gems.
  27   ## We default to `false` in these two variables as it's expected you already
  28   ## manage OS packages with some other tool and you don't want us messing up
  29   ## with your setup.
  30   ruby:
  31
  32     ## We set these to `true` here for testing purposes.
  33     ## They both default to `false`.
  34     manage_ruby: true
  35     manage_gems_deps: true
  36     # pkg: ruby
  37     # gems_deps:
  38     #     - curl
  39     #     - g++
  40     #     - gcc
  41     #     - git
  42     #     - libcurl4
  43     #     - libcurl4-gnutls-dev
  44     #     - libpq-dev
  45     #     - libxml2
  46     #     - libxml2-dev
  47     #     - make
  48     #     - python3-dev
  49     #     - ruby-dev
  50     #     - zlib1g-dev
  51
  52   # config:
  53   #   file: /etc/arvados/config.yml
  54   #   user: root
  55   ## IMPORTANT!!!!!
  56   ## If you're intalling any of the rails apps (api, workbench), the group
  57   ## should be set to that of the web server, usually `www-data`
  58   #   group: root
  59   #   mode: 640
  60
  61   ### ARVADOS CLUSTER CONFIG
  62   cluster:
  63     name: __CLUSTER__
  64     domain: __DOMAIN__
  65
  66     database:
  67       # max concurrent connections per arvados server daemon
  68       # connection_pool_max: 32
  69       name: __CLUSTER___arvados
  70       host: 127.0.0.1
  71       password: "__DATABASE_PASSWORD__"
  72       user: __CLUSTER___arvados
  73       extra_conn_params:
  74         client_encoding: UTF8
  75       # Centos7 does not enable SSL by default, so we disable
  76       # it here just for testing of the formula purposes only.
  77       # You should not do this in production, and should
  78       # configure Postgres certificates correctly
  79       {%- if grains.os_family in ('RedHat',) %}
  80         sslmode: disable
  81       {%- endif %}
  82
  83     tls:
  84       # certificate: ''
  85       # key: ''
  86       # When using arvados-snakeoil certs set insecure: true
  87       insecure: false
  88
  89     resources:
  90       virtual_machines:
  91         shell:
  92           name: webshell
  93           backend: 127.0.1.1
  94           port: 4200
  95
  96     ### TOKENS
  97     tokens:
  98       system_root: __SYSTEM_ROOT_TOKEN__
  99       management: __MANAGEMENT_TOKEN__
 100       anonymous_user: __ANONYMOUS_USER_TOKEN__
 101
 102     ### KEYS
 103     secrets:
 104       blob_signing_key: __BLOB_SIGNING_KEY__
 105       workbench_secret_key: __WORKBENCH_SECRET_KEY__
 106
 107     Login:
 108       Test:
 109         Enable: true
 110         Users:
 111           __INITIAL_USER__:
 112             Email: __INITIAL_USER_EMAIL__
 113             Password: __INITIAL_USER_PASSWORD__
 114
 115     ### VOLUMES
 116     ## This should usually match all your `keepstore` instances
 117     Volumes:
 118       # the volume name will be composed with
 119       # <cluster>-nyw5e-<volume>
 120       __CLUSTER__-nyw5e-000000000000000:
 121         AccessViaHosts:
 122           'http://keep0.__CLUSTER__.__DOMAIN__:25107':
 123             ReadOnly: false
 124         Replication: 2
 125         Driver: Directory
 126         DriverParameters:
 127           Root: /tmp
 128
 129     Users:
 130       NewUsersAreActive: true
 131       AutoAdminFirstUser: true
 132       AutoSetupNewUsers: true
 133       AutoSetupNewUsersWithRepository: true
 134
 135     Services:
 136       Controller:
 137         ExternalURL: 'https://__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 138         InternalURLs:
 139           'http://controller.internal:8003': {}
 140       DispatchCloud:
 141         InternalURLs:
 142           'http://__CLUSTER__.__DOMAIN__:9006': {}
 143       Keepbalance:
 144         InternalURLs:
 145           'http://keep.__CLUSTER__.__DOMAIN__:9005': {}
 146       Keepproxy:
 147         ExternalURL: 'https://keep.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 148         InternalURLs:
 149           'http://keep.internal:25100': {}
 150       Keepstore:
 151         InternalURLs:
 152           'http://keep0.__CLUSTER__.__DOMAIN__:25107': {}
 153       RailsAPI:
 154         InternalURLs:
 155           'http://api.internal:8004': {}
 156       WebDAV:
 157         ExternalURL: 'https://collections.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 158         InternalURLs:
 159           'http://collections.internal:9002': {}
 160       WebDAVDownload:
 161         ExternalURL: 'https://download.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 162       WebShell:
 163         ExternalURL: 'https://webshell.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 164       Websocket:
 165         ExternalURL: 'wss://ws.__CLUSTER__.__DOMAIN__/websocket'
 166         InternalURLs:
 167           'http://ws.internal:8005': {}
 168       Workbench1:
 169         ExternalURL: 'https://workbench.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 170       Workbench2:
 171         ExternalURL: 'https://workbench2.__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'