X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/1f798f8be40a6b4abc6bcc2393302fc4d3062640..80a90301263f46ebb7b26297093763882f2cf582:/lib/config/config.default.yml diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml index f84c60192f..2aa53a4329 100644 --- a/lib/config/config.default.yml +++ b/lib/config/config.default.yml @@ -12,6 +12,8 @@ Clusters: xxxxx: + # Token used internally by Arvados components to authenticate to + # one another. Use a string of at least 50 random alphanumerics. SystemRootToken: "" # Token to be included in all healthcheck requests. Disabled by default. @@ -212,11 +214,6 @@ Clusters: # serving a single incoming multi-cluster (federated) request. MaxRequestAmplification: 4 - # RailsSessionSecretToken is a string of alphanumeric characters - # used by Rails to sign session tokens. IMPORTANT: This is a - # site secret. It should be at least 50 characters. - RailsSessionSecretToken: "" - # Maximum wall clock time to spend handling an incoming request. RequestTimeout: 5m @@ -287,6 +284,20 @@ Clusters: # address is used. PreferDomainForUsername: "" + UserSetupMailText: | + <% if not @user.full_name.empty? -%> + <%= @user.full_name %>, + <% else -%> + Hi there, + <% end -%> + + Your Arvados account has been set up. You can log in at + + <%= Rails.configuration.Services.Workbench1.ExternalURL %> + + Thanks, + Your Arvados administrator. + AuditLogs: # Time to keep audit logs, in seconds. (An audit log is a row added # to the "logs" table in the PostgreSQL database each time an @@ -708,6 +719,22 @@ Clusters: # remain valid before it needs to be revalidated. RemoteTokenRefresh: 5m + # How long a client token created from a login flow will be valid without + # asking the user to re-login. Example values: 60m, 8h. + # Default value zero means tokens don't have expiration. + TokenLifetime: 0s + + # When the token is returned to a client, the token itself may + # be restricted from manipulating other tokens based on whether + # the client is "trusted" or not. The local Workbench1 and + # Workbench2 are trusted by default, but if this is a + # LoginCluster, you probably want to include the other Workbench + # instances in the federation in this list. + TrustedClients: + SAMPLE: + "https://workbench.federate1.example": {} + "https://workbench.federate2.example": {} + Git: # Path to git or gitolite-shell executable. Each authenticated # request will execute this program with the single argument "http-backend" @@ -933,6 +960,11 @@ Clusters: # Time before repeating SIGTERM when killing a container. TimeoutSignal: 5s + # Time to give up on a process (most likely arv-mount) that + # still holds a container lockfile after its main supervisor + # process has exited, and declare the instance broken. + TimeoutStaleRunLock: 5s + # Time to give up on SIGTERM and write off the worker. TimeoutTERM: 2m @@ -940,6 +972,12 @@ Clusters: # unlimited). MaxCloudOpsPerSecond: 0 + # Maximum concurrent node creation operations (0 = unlimited). This is + # recommended by Azure in certain scenarios (see + # https://docs.microsoft.com/en-us/azure/virtual-machines/linux/capture-image) + # and can be used with other cloud providers too, if desired. + MaxConcurrentInstanceCreateOps: 0 + # Interval between cloud provider syncs/updates ("list all # instances"). SyncInterval: 1m @@ -1309,7 +1347,7 @@ Clusters: # a link to the multi-site search page on a "home" Workbench site. # # Example: - # https://workbench.qr1hi.arvadosapi.com/collections/multisite + # https://workbench.zzzzz.arvadosapi.com/collections/multisite MultiSiteSearch: "" # Should workbench allow management of local git repositories? Set to false if @@ -1327,6 +1365,10 @@ Clusters: VocabularyURL: "" FileViewersConfigURL: "" + # Idle time after which the user's session will be auto closed. + # This feature is disabled when set to zero. + IdleTimeout: 0s + # Workbench welcome screen, this is HTML text that will be # incorporated directly onto the page. WelcomePageHTML: |