exec 2>&1
set -ex -o pipefail
-if [[ -s /etc/arvados/config.yml ]] ; then
+if [[ -s /etc/arvados/config.yml ]] && [[ /var/lib/arvados/cluster_config.yml.override -ot /etc/arvados/config.yml ]] ; then
exit
fi
fi
management_token=$(cat /var/lib/arvados/management_token)
-if ! test -s /var/lib/arvados/sso_app_secret ; then
- ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/sso_app_secret
+if ! test -s /var/lib/arvados/system_root_token ; then
+ ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/system_root_token
fi
-sso_app_secret=$(cat /var/lib/arvados/sso_app_secret)
+system_root_token=$(cat /var/lib/arvados/system_root_token)
if ! test -s /var/lib/arvados/vm-uuid ; then
echo $uuid_prefix-2x53u-$(ruby -e 'puts rand(2**400).to_s(36)[0,15]') > /var/lib/arvados/vm-uuid
cat >/var/lib/arvados/cluster_config.yml <<EOF
Clusters:
${uuid_prefix}:
+ SystemRootToken: $system_root_token
ManagementToken: $management_token
Services:
RailsAPI:
ExternalURL: "https://$localip:${services[workbench]}"
Workbench2:
ExternalURL: "https://$localip:${services[workbench2-ssl]}"
- SSO:
- ExternalURL: "https://$localip:${services[sso]}"
Keepproxy:
ExternalURL: "https://$localip:${services[keepproxy-ssl]}"
InternalURLs:
DefaultReplication: 1
TrustAllContent: true
Login:
- ProviderAppSecret: $sso_app_secret
- ProviderAppID: arvados-server
+ Test:
+ Enable: true
Users:
NewUsersAreActive: true
- AutoAdminFirstUser: true
+ AutoAdminUserWithEmail: admin@example.com
AutoSetupNewUsers: true
AutoSetupNewUsersWithVmUUID: $vm_uuid
AutoSetupNewUsersWithRepository: true
- AnonymousUserToken: $(cat /var/lib/arvados/superuser_token)
Workbench:
SecretKeyBase: $workbench_secret_key_base
ArvadosDocsite: http://$localip:${services[doc]}/
cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
+chmod og-rw \
+ /var/lib/arvados/cluster_config.yml.override \
+ /var/lib/arvados/cluster_config.yml \
+ /etc/arvados/config.yml \
+ /var/lib/arvados/api_secret_token \
+ /var/lib/arvados/blob_signing_key \
+ /var/lib/arvados/management_token \
+ /var/lib/arvados/system_root_token \
+ /var/lib/arvados/api_database_pw \
+ /var/lib/arvados/workbench_secret_token \
+ /var/lib/arvados/superuser_token \
+
mkdir -p /var/lib/arvados/run_tests
cat >/var/lib/arvados/run_tests/config.yml <<EOF
Clusters: