# Configuration for the Rails databases (database names,
# usernames and passwords).
+# Path to a public ssh key you would like to have installed in the
+# root account of the generated images. This is useful for debugging.
+# To enable the SSH server, set the ENABLE_SSH environment variable to
+# true when starting the container.
+PUBLIC_KEY_PATH:
+
# ARVADOS_DOMAIN: the Internet domain of this installation.
# ARVADOS_DNS_SERVER: the authoritative nameserver for ARVADOS_DOMAIN.
ARVADOS_DOMAIN: # e.g. arvados.internal
# will also be used as config.uuid_prefix.
API_HOSTNAME: # e.g. qr1hi
+# The e-mail address of the user you would like to become marked as an admin
+# user on their first login.
+# In the default configuration, authentication happens through the Arvados SSO
+# server, which uses openid against Google's servers, so in that case this
+# should be an address associated with a Google account.
+API_AUTO_ADMIN_USER:
+
# If a _PW variable is set to an empty string, a password
# will be chosen randomly at build time. This is the
# recommended setting.
ARVADOS_PROD_USER: arvados_prod
ARVADOS_PROD_PW:
+# If a _SECRET variable is set to an empty string, a password
+# will be chosen randomly at build time. This is the
+# recommended setting.
+
+# The signing key shared by Keep at the API server to verify
+# blob permission signatures.
+KEEP_SIGNING_SECRET:
+
+# The value for the Rails config.secret_token setting.
+API_SECRET:
+
+# A "superuser" token with which servers can authenticate to
+# the API server, before an administrative user has been created.
+# Leave this blank to generate a secret randomly at build time (recommended).
+API_SUPERUSER_SECRET:
+
# More than anything this should be auto-generated, but
# we don't presently have a good place to store it. So just
# change it and don't be dumb.
POSTGRES_ROOT_PW: dummy_pw
-# The APP_ID this application presents to Omniauth.
-OMNIAUTH_APP_ID: arvados-server
-
# The URL for this installation's Omniauth server.
-OMNIAUTH_URL: http://auth.clinicalfuture.com
+OMNIAUTH_URL: https://@@SSO_HOSTNAME@@.@@ARVADOS_DOMAIN@@
# ==============================
# Workbench settings
WORKBENCH_DATA_EXPORT_DIR: /data/arvados-workbench-download/data
WORKBENCH_VCF_PIPELINE_UUID:
WORKBENCH_SITE_NAME: Arvados Workbench
-WORKBENCH_INSECURE_HTTPS: false
-WORKBENCH_ACTIVATION_CONTACT_LINK: mailto:arvados@clinicalfuture.com
+WORKBENCH_INSECURE_HTTPS: true
+WORKBENCH_ACTIVATION_CONTACT_LINK: mailto:arvados@curoverse.com
WORKBENCH_ARVADOS_LOGIN_BASE: https://@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@/login
WORKBENCH_ARVADOS_V1_BASE: https://@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@/arvados/v1
-# /Workbench settings
+WORKBENCH_SECRET:
# ==============================
-# Warehouse settings
+# SSO settings
# ==============================
-
-# The password for the MySQL `warehouse' user. Automatically
-# generated if blank.
-WAREHOUSE_MYSQL_PW:
-
+SSO_HOSTNAME: sso
+SSO_SECRET:
+SSO_CLIENT_NAME: devsandbox
+SSO_CLIENT_APP_ID: devsandbox
+SSO_CLIENT_SECRET: