cp local.params.example.single_host_single_hostname local.params
cp -r config_examples/single_host/single_hostname local_config_dir
@@ -58,10 +89,6 @@ Edit the variables in the local.params file. Pay attention to the *_PO
The single_host examples use self-signed SSL certificates, which are deployed using the same mechanism used to deploy custom certificates.
-{% include 'install_custom_certificates' %}
-
-If you want to use valid certificates provided by Let's Encrypt, please set the variable USE_LETSENCRYPT=yes and make sure that all the FQDNs that you will use for the public-facing applications (API/controller, Workbench, Keepproxy/Keepweb) are reachable.
-
h3(#single_host_multiple_hostnames). Single host / multiple hostnames (Alternative configuration)
cp local.params.example.single_host_multiple_hostnames local.params
@@ -71,6 +98,8 @@ cp -r config_examples/single_host/multiple_hostnames local_config_dir
Edit the variables in the local.params file.
+{% include 'install_custom_certificates' %}
+
h3(#further_customization). Further customization of the installation (modifying the salt pillars and states)
If you want or need further customization, you can edit the Saltstack pillars and states files. Pay particular attention to the pillars/arvados.sls one. Any extra state file you add under local_config_dir/states will be added to the salt run and applied to the host.
@@ -81,7 +110,7 @@ When you finished customizing the configuration, you are ready to copy the files
scp -r provision.sh local* tests user@host:
-# if you use custom certificates (not Let's Encrypt), make sure to copy those too:
+# if you are using bring-your-own certificates, make sure to copy those too:
# scp -r certs user@host:
ssh user@host sudo ./provision.sh
@@ -109,7 +138,7 @@ h2(#final_steps). Final configuration steps
Once the deployment went OK, you'll need to perform a few extra steps in your local browser/host to access the cluster.
-h3(#ca_root_certificate). Install the CA root certificate (required in both alternatives)
+h3(#ca_root_certificate). Install the CA root certificate (SSL_MODE=self-signed only)
Arvados uses SSL to encrypt communications. Its UI uses AJAX which will silently fail if the certificate is not valid or signed by an unknown Certification Authority.
@@ -272,4 +301,4 @@ h2(#post_install). After the installation
Once the installation is complete, it is recommended to keep a copy of your local configuration files. Committing them to version control is a good idea.
-Re-running the Salt-based installer is not recommended for maintaining and upgrading Arvados, please see "Maintenance and upgrading":maintenance-and-upgrading.html for more information.
+Re-running the Salt-based installer is not recommended for maintaining and upgrading Arvados, please see "Maintenance and upgrading":{{site.baseurl}}/admin/maintenance-and-upgrading.html for more information.