common:
secret_token: ~
+ blob_signing_key: ~
uuid_prefix: <%= Digest::MD5.hexdigest(`hostname`).to_i(16).to_s(36)[0..4] %>
# Git repositories must be readable by api server, or you won't be
# crunch-job must be able to stat() it.
crunch_refresh_trigger: /tmp/crunch_refresh_trigger
+ # Maximum number of log events that may be generated by a single job.
+ crunch_limit_log_events_per_job: 65536
+
+ # Maximum number of total bytes that may be logged by a single job.
+ crunch_limit_log_event_bytes_per_job: 67108864
+
+ # These two settings control how frequently log events are flushed
+ # to the database. If a job generates two or more events within
+ # crunch_log_seconds_between_events, the log data is not flushed
+ # until crunch_log_bytes_per_event has been reached.
+ crunch_log_bytes_per_event: 4096
+ crunch_log_seconds_between_events: 1
+
# Path to /etc/dnsmasq.d, or false = do not update dnsmasq data.
dnsmasq_conf_dir: false
admin_notifier_email_from: arvados@example.com
email_subject_prefix: "[ARVADOS] "
user_notifier_email_from: arvados@example.com
+ new_user_notification_recipients: [ ]
+ new_inactive_user_notification_recipients: [ ]
# Visitors to the API server will be redirected to the workbench
workbench_address: https://workbench.local:3001/
assets.version: "1.0"
arvados_theme: default
+
+ # Default: do not advertise a websocket server.
+ websocket_address: false
+
+ # You can run the websocket server separately from the regular HTTP service
+ # by setting "ARVADOS_WEBSOCKETS=ws-only" in the environment before running
+ # the websocket server. When you do this, you need to set the following
+ # configuration variable so that the primary server can give out the correct
+ # address of the dedicated websocket server:
+ #websocket_address: wss://127.0.0.1:3333/websocket
+
+ # Amount of time (in seconds) for which a blob permission signature
+ # remains valid. Default: 2 weeks (1209600 seconds)
+ blob_signing_ttl: 1209600
+
+ # Allow clients to create collections by providing a manifest with
+ # unsigned data blob locators. IMPORTANT: This effectively disables
+ # access controls for data stored in Keep: a client who knows a hash
+ # can write a manifest that references the hash, pass it to
+ # collections.create (which will create a permission link), use
+ # collections.get to obtain a signature for that data locator, and
+ # use that signed locator to retrieve the data from Keep. Therefore,
+ # do not turn this on if your users expect to keep data private from
+ # one another!
+ permit_create_collection_with_unsigned_manifest: false
projects / arvados.git / blobdiff