# Configuration for the Rails databases (database names,
# usernames and passwords).
+# Path to a public ssh key you would like to have installed in the
+# root account of the generated images. This is useful for debugging.
+# To enable the SSH server, set the ENABLE_SSH environment variable to
+# true when starting the container.
+PUBLIC_KEY_PATH:
+
# ARVADOS_DOMAIN: the Internet domain of this installation.
# ARVADOS_DNS_SERVER: the authoritative nameserver for ARVADOS_DOMAIN.
ARVADOS_DOMAIN: # e.g. arvados.internal
ARVADOS_DNS_SERVER: # e.g. 192.168.0.1
+# ==============================
+# API server settings
+# ==============================
+
# The API server hostname. Must be a 5-character
# string unique within this installation. This string
# will also be used as config.uuid_prefix.
API_HOSTNAME: # e.g. qr1hi
+# The e-mail address of the user you would like to become marked as an admin
+# user on their first login.
+# In the default configuration, authentication happens through the Arvados SSO
+# server, which uses openid against Google's servers, so in that case this
+# should be an address associated with a Google account.
+API_AUTO_ADMIN_USER:
+
# If a _PW variable is set to an empty string, a password
# will be chosen randomly at build time. This is the
# recommended setting.
ARVADOS_PROD_USER: arvados_prod
ARVADOS_PROD_PW:
+# If a _SECRET variable is set to an empty string, a password
+# will be chosen randomly at build time. This is the
+# recommended setting.
+
+# The signing key shared by Keep at the API server to verify
+# blob permission signatures.
+KEEP_SIGNING_SECRET:
+
+# The value for the Rails config.secret_token setting.
+API_SECRET:
+
+# A "superuser" token with which servers can authenticate to
+# the API server, before an administrative user has been created.
+# Leave this blank to generate a secret randomly at build time (recommended).
+API_SUPERUSER_SECRET:
+
# More than anything this should be auto-generated, but
# we don't presently have a good place to store it. So just
# change it and don't be dumb.
POSTGRES_ROOT_PW: dummy_pw
-# The APP_ID this application presents to Omniauth.
-OMNIAUTH_APP_ID: arvados-server
-
# The URL for this installation's Omniauth server.
-OMNIAUTH_URL: http://auth.clinicalfuture.com
+OMNIAUTH_URL: https://@@SSO_HOSTNAME@@.@@ARVADOS_DOMAIN@@
+
+# ==============================
+# Workbench settings
+# ==============================
+WORKBENCH_RAILS_MODE: production
+WORKBENCH_DATA_IMPORT_DIR: /data/arvados-workbench-upload/data
+WORKBENCH_DATA_EXPORT_DIR: /data/arvados-workbench-download/data
+WORKBENCH_VCF_PIPELINE_UUID:
+WORKBENCH_SITE_NAME: Arvados Workbench
+WORKBENCH_INSECURE_HTTPS: true
+WORKBENCH_ACTIVATION_CONTACT_LINK: mailto:arvados@curoverse.com
+WORKBENCH_ARVADOS_LOGIN_BASE: https://@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@/login
+WORKBENCH_ARVADOS_V1_BASE: https://@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@/arvados/v1
+WORKBENCH_SECRET:
+
+# ==============================
+# SSO settings
+# ==============================
+SSO_HOSTNAME: sso
+SSO_SECRET:
+SSO_CLIENT_NAME: devsandbox
+SSO_CLIENT_APP_ID: devsandbox
+SSO_CLIENT_SECRET: