active_record.auto_explain_threshold_in_seconds: 0.5
assets.compress: false
assets.debug: true
- local_modified: <%= '-modified' if `git status -s` %>
+ local_modified: "<%= '-modified' if `git status -s` != '' %>"
production:
force_ssl: true
blob_signing_key: zfhgfenhffzltr9dixws36j1yhksjoll2grmku38mi7yxd66h5j4q9w4jzanezacp8s6q0ro3hxakfye02152hncy6zml2ed0uc
user_profile_notification_address: arvados@example.com
workbench_address: https://localhost:3001/
+ websocket_address: ws://127.0.0.1:3333/websocket
common:
uuid_prefix: <%= Digest::MD5.hexdigest(`hostname`).to_i(16).to_s(36)[0..4] %>
+ # If not false, this is the hostname that will be used for root_url and
+ # advertised in the discovery document. By default, use the default Rails
+ # logic for deciding on a hostname.
+ host: false
+
# If this is not false, HTML requests at the API server's root URL
# are redirected to this location, and it is provided in the text of
# user activation notification email messages to remind them where
# crunch-job must be able to stat() it.
crunch_refresh_trigger: /tmp/crunch_refresh_trigger
- # Maximum number of log events that may be generated by a single job.
- crunch_limit_log_events_per_job: 65536
-
- # Maximum number of total bytes that may be logged by a single job.
- crunch_limit_log_event_bytes_per_job: 67108864
-
- # These two settings control how frequently log events are flushed
- # to the database. If a job generates two or more events within
- # crunch_log_seconds_between_events, the log data is not flushed
- # until crunch_log_bytes_per_event has been reached.
+ # These two settings control how frequently log events are flushed to the
+ # database. Log lines are buffered until either crunch_log_bytes_per_event
+ # has been reached or crunch_log_seconds_between_events has elapsed since
+ # the last flush.
crunch_log_bytes_per_event: 4096
crunch_log_seconds_between_events: 1
- # Path to /etc/dnsmasq.d, or false = do not update dnsmasq data.
- dnsmasq_conf_dir: false
+ # The sample period for throttling logs, in seconds.
+ crunch_log_throttle_period: 60
+
+ # Maximum number of bytes that job can log over crunch_log_throttle_period
+ # before being silenced until the end of the period.
+ crunch_log_throttle_bytes: 65536
+
+ # Maximum number of lines that job can log over crunch_log_throttle_period
+ # before being silenced until the end of the period.
+ crunch_log_throttle_lines: 1024
+
+ # Maximum bytes that may be logged by a single job. Log bytes that are
+ # silenced by throttling are not counted against this total.
+ crunch_limit_log_bytes_per_job: 67108864
+
+ # Path to dns server configuration directory (e.g. /etc/unbound.d/conf.d),
+ # or false = do not update dns server data.
+ dns_server_conf_dir: false
- # Set to AMI id (ami-123456) to auto-start nodes. See app/models/node.rb
- compute_node_ami: false
- compute_node_ec2run_args: -g arvados-compute
- compute_node_spot_bid: 0.11
+ # Template for the dns server host snippets. See unbound.template in this directory for
+ # an example. Set to false to disable.
+ dns_server_conf_template: false
+
+ # Dns server reload command, or false = do not reload dns server after data change
+ dns_server_reload_command: false
+
+ # Example for unbound
+ #dns_server_conf_dir: /etc/unbound/conf.d
+ #dns_server_conf_template: /path/to/your/api/server/config/unbound.template
+ #dns_server_reload_command: /etc/init.d/unbound reload
compute_node_domain: false
compute_node_nameservers:
- 192.168.1.1
- compute_node_ec2_tag_enable: false
# The version below is suitable for AWS.
# To use it, copy it to your application.yml, uncomment, and change <%# to <%=
# should be an address associated with a Google account.
auto_admin_user: false
+ # If auto_admin_first_user is set to true, the first user to log in when no
+ # other admin users exist will automatically become an admin user.
+ auto_admin_first_user: false
+
## Set Time.zone default to the specified zone and make Active
## Record auto-convert to this zone. Run "rake -D time" for a list
## of tasks for finding time zone names. Default is UTC.
arvados_theme: default
- # Default: do not advertise a websocket server.
- websocket_address: false
-
- # You can run the websocket server separately from the regular HTTP service
- # by setting "ARVADOS_WEBSOCKETS=ws-only" in the environment before running
- # the websocket server. When you do this, you need to set the following
- # configuration variable so that the primary server can give out the correct
- # address of the dedicated websocket server:
+ # The ARVADOS_WEBSOCKETS environment variable determines whether to
+ # serve http, websockets, or both.
+ #
+ # If ARVADOS_WEBSOCKETS="true", http and websockets are both served
+ # from the same process.
+ #
+ # If ARVADOS_WEBSOCKETS="ws-only", only websockets is served.
+ #
+ # If ARVADOS_WEBSOCKETS="false" or not set at all, only http is
+ # served. In this case, you should have a separate process serving
+ # websockets, and the address of that service should be given here
+ # as websocket_address.
+ #
+ # If websocket_address is false (which is the default), the
+ # discovery document will tell clients to use the current server as
+ # the websocket service, or (if the current server does not have
+ # websockets enabled) not to use websockets at all.
+ #
+ # Example: Clients will connect to the specified endpoint.
#websocket_address: wss://127.0.0.1:3333/websocket
+ # Default: Clients will connect to this server if it's running
+ # websockets, otherwise none at all.
+ websocket_address: false
# blob_signing_key is a string of alphanumeric characters used to
# generate permission signatures for Keep locators. It must be
auto_setup_name_blacklist: [arvados, git, gitolite, gitolite-admin, root, syslog]
# source_version
- source_version: "<%= `git log -n 1 --format=%h` %>"
+ source_version: "<%= `git log -n 1 --format=%h`.strip %>"
local_modified: false
# Default lifetime for ephemeral collections: 2 weeks.
default_trash_lifetime: 1209600
+
+ # Permit insecure (OpenSSL::SSL::VERIFY_NONE) connections to the Single Sign
+ # On (sso) server. Should only be enabled during development when the SSO
+ # server is using a self-signed cert.
+ sso_insecure: false
\ No newline at end of file