# Configuration for the Rails databases (database names,
# usernames and passwords).
+# Path to a public ssh key you would like to have installed in the
+# root account of the generated images. This is useful for debugging.
+# To enable the SSH server, set the ENABLE_SSH environment variable to
+# true when starting the container.
+PUBLIC_KEY_PATH:
+
+# Username for your Arvados user. This will be used as your shell login name
+# as well as the name for your git repository.
+ARVADOS_USER_NAME:
+
# ARVADOS_DOMAIN: the Internet domain of this installation.
# ARVADOS_DNS_SERVER: the authoritative nameserver for ARVADOS_DOMAIN.
ARVADOS_DOMAIN: # e.g. arvados.internal
ARVADOS_DNS_SERVER: # e.g. 192.168.0.1
+# ==============================
+# API server settings
+# ==============================
+
# The API server hostname. Must be a 5-character
# string unique within this installation. This string
# will also be used as config.uuid_prefix.
API_HOSTNAME: # e.g. qr1hi
+# The e-mail address of the user you would like to become marked as an admin
+# user on their first login.
+# In the default configuration, authentication happens through the Arvados SSO
+# server, which uses openid against Google's servers, so in that case this
+# should be an address associated with a Google account.
+API_AUTO_ADMIN_USER:
+
+# The location of the Workbench application where users should be
+# redirected if they point their browsers at the API server, e.g.,
+# https://localhost:9899
+API_WORKBENCH_ADDRESS:
+
# If a _PW variable is set to an empty string, a password
# will be chosen randomly at build time. This is the
# recommended setting.
ARVADOS_PROD_USER: arvados_prod
ARVADOS_PROD_PW:
+# If a _SECRET variable is set to an empty string, a password
+# will be chosen randomly at build time. This is the
+# recommended setting.
+
+# The signing key shared by Keep at the API server to verify
+# blob permission signatures.
+KEEP_SIGNING_SECRET:
+
+# The value for the Rails config.secret_token setting.
+API_SECRET:
+
+# A "superuser" token with which servers can authenticate to
+# the API server, before an administrative user has been created.
+# Leave this blank to generate a secret randomly at build time (recommended).
+API_SUPERUSER_SECRET:
+
# More than anything this should be auto-generated, but
# we don't presently have a good place to store it. So just
# change it and don't be dumb.
POSTGRES_ROOT_PW: dummy_pw
-# The APP_ID this application presents to Omniauth.
-OMNIAUTH_APP_ID: arvados-server
+# The URL of the SSO server that you want your API server to use. If
+# blank, use the sso docker container.
+OMNIAUTH_URL:
+
+# ==============================
+# Workbench settings
+# ==============================
+WORKBENCH_RAILS_MODE: production
+WORKBENCH_DATA_IMPORT_DIR: /data/arvados-workbench-upload/data
+WORKBENCH_DATA_EXPORT_DIR: /data/arvados-workbench-download/data
+WORKBENCH_VCF_PIPELINE_UUID:
+WORKBENCH_SITE_NAME: Arvados Workbench
+WORKBENCH_INSECURE_HTTPS: true
+WORKBENCH_ACTIVATION_CONTACT_LINK: mailto:arvados@curoverse.com
+WORKBENCH_ARVADOS_LOGIN_BASE: https://@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@/login
+WORKBENCH_ARVADOS_V1_BASE: https://@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@/arvados/v1
+WORKBENCH_SECRET:
-# The URL for this installation's Omniauth server.
-OMNIAUTH_URL: http://auth.clinicalfuture.com
+# ==============================
+# SSO settings
+# ==============================
+SSO_HOSTNAME: sso
+SSO_SECRET:
+SSO_CLIENT_NAME: devsandbox
+# ==============================
+# Default to using auth.curoverse.com as SSO server
+# To use your a local Docker SSO server, set OMNIAUTH_URL and SSO_CLIENT_SECRET
+# to the empty string
+# ==============================
+OMNIAUTH_URL: https://auth.curoverse.com
+SSO_CLIENT_APP_ID: local_docker_installation
+SSO_CLIENT_SECRET: yohbai4eecohshoo1Yoot7tea9zoca9Eiz3Tajahweo9eePaeshaegh9meiye2ph