2 # Copyright (C) The Arvados Authors. All rights reserved.
4 # SPDX-License-Identifier: AGPL-3.0
9 if [[ -s /etc/arvados/config.yml ]] && [[ /var/lib/arvados/cluster_config.yml.override -ot /etc/arvados/config.yml ]] ; then
13 . /usr/local/lib/arvbox/common.sh
17 if ! test -s /var/lib/arvados/api_uuid_prefix ; then
18 ruby -e 'puts "x#{rand(2**64).to_s(36)[0,4]}"' > /var/lib/arvados/api_uuid_prefix
20 uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
22 if ! test -s /var/lib/arvados/api_secret_token ; then
23 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/api_secret_token
25 secret_token=$(cat /var/lib/arvados/api_secret_token)
27 if ! test -s /var/lib/arvados/blob_signing_key ; then
28 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/blob_signing_key
30 blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
32 if ! test -s /var/lib/arvados/management_token ; then
33 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/management_token
35 management_token=$(cat /var/lib/arvados/management_token)
37 if ! test -s /var/lib/arvados/system_root_token ; then
38 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/system_root_token
40 system_root_token=$(cat /var/lib/arvados/system_root_token)
42 if ! test -s /var/lib/arvados/sso_app_secret ; then
43 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/sso_app_secret
45 sso_app_secret=$(cat /var/lib/arvados/sso_app_secret)
47 if ! test -s /var/lib/arvados/vm-uuid ; then
48 echo $uuid_prefix-2x53u-$(ruby -e 'puts rand(2**400).to_s(36)[0,15]') > /var/lib/arvados/vm-uuid
50 vm_uuid=$(cat /var/lib/arvados/vm-uuid)
52 if ! test -f /var/lib/arvados/api_database_pw ; then
53 ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/api_database_pw
55 database_pw=$(cat /var/lib/arvados/api_database_pw)
57 if ! (psql postgres -c "\du" | grep "^ arvados ") >/dev/null ; then
58 psql postgres -c "create user arvados with password '$database_pw'"
60 psql postgres -c "ALTER USER arvados WITH SUPERUSER;"
62 if ! test -s /var/lib/arvados/workbench_secret_token ; then
63 ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/workbench_secret_token
65 workbench_secret_key_base=$(cat /var/lib/arvados/workbench_secret_token)
67 if test -s /var/lib/arvados/api_rails_env ; then
68 database_env=$(cat /var/lib/arvados/api_rails_env)
70 database_env=development
73 cat >/var/lib/arvados/cluster_config.yml <<EOF
76 SystemRootToken: $system_root_token
77 ManagementToken: $management_token
81 "http://localhost:${services[api]}": {}
83 ExternalURL: "https://$localip:${services[workbench]}"
85 ExternalURL: "https://$localip:${services[workbench2-ssl]}"
87 ExternalURL: "https://$localip:${services[sso]}"
89 ExternalURL: "https://$localip:${services[keepproxy-ssl]}"
91 "http://localhost:${services[keepproxy]}": {}
94 "http://localhost:${services[keepstore0]}": {}
95 "http://localhost:${services[keepstore1]}": {}
97 ExternalURL: "wss://$localip:${services[websockets-ssl]}/websocket"
99 "http://localhost:${services[websockets]}": {}
101 ExternalURL: "ssh://git@$localip:"
104 "http://localhost:${services[arv-git-httpd]}/": {}
105 ExternalURL: "https://$localip:${services[arv-git-httpd-ssl]}/"
108 "http://localhost:${services[keep-web]}/": {}
109 ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
112 "http://localhost:${services[keep-web]}/": {}
113 ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
115 "http://localhost:${services[keep-web]}/": {}
117 ExternalURL: "https://$localip:${services[composer]}"
119 ExternalURL: "https://$localip:${services[controller-ssl]}"
121 "http://localhost:${services[controller]}": {}
124 "http://localhost:${services[api]}/": {}
126 ConnectionPool: 32 # max concurrent connections per arvados server daemon
128 # All parameters here are passed to the PG client library in a connection string;
129 # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
132 password: ${database_pw}
133 dbname: arvados_${database_env}
134 client_encoding: utf8
136 RailsSessionSecretToken: $secret_token
138 BlobSigningKey: $blob_signing_key
139 DefaultReplication: 1
140 TrustAllContent: true
144 ProviderAppSecret: $sso_app_secret
145 ProviderAppID: arvados-server
147 NewUsersAreActive: true
148 AutoAdminFirstUser: true
149 AutoSetupNewUsers: true
150 AutoSetupNewUsersWithVmUUID: $vm_uuid
151 AutoSetupNewUsersWithRepository: true
153 SecretKeyBase: $workbench_secret_key_base
154 ArvadosDocsite: http://$localip:${services[doc]}/
156 GitCommand: /usr/share/gitolite3/gitolite-shell
157 GitoliteHome: /var/lib/arvados/git
158 Repositories: /var/lib/arvados/git/repositories
160 ${uuid_prefix}-nyw5e-000000000000000:
163 Root: /var/lib/arvados/keep0
165 "http://localhost:${services[keepstore0]}": {}
166 ${uuid_prefix}-nyw5e-111111111111111:
169 Root: /var/lib/arvados/keep1
171 "http://localhost:${services[keepstore1]}": {}
174 /usr/local/lib/arvbox/yml_override.py /var/lib/arvados/cluster_config.yml
176 cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
178 mkdir -p /var/lib/arvados/run_tests
179 cat >/var/lib/arvados/run_tests/config.yml <<EOF
186 password: ${database_pw}
188 client_encoding: utf8