X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/aad9cd74e61cff985944c400c40fe3f85907a1e7..7a8b20bd1613c22c7629aa84b0fff51b2434dcf7:/services/api/config/application.default.yml diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml index a3ff6800be..dc00e33477 100644 --- a/services/api/config/application.default.yml +++ b/services/api/config/application.default.yml @@ -68,6 +68,19 @@ common: # crunch-job must be able to stat() it. crunch_refresh_trigger: /tmp/crunch_refresh_trigger + # Maximum number of log events that may be generated by a single job. + crunch_limit_log_events_per_job: 65536 + + # Maximum number of total bytes that may be logged by a single job. + crunch_limit_log_event_bytes_per_job: 67108864 + + # These two settings control how frequently log events are flushed + # to the database. If a job generates two or more events within + # crunch_log_seconds_between_events, the log data is not flushed + # until crunch_log_bytes_per_event has been reached. + crunch_log_bytes_per_event: 4096 + crunch_log_seconds_between_events: 1 + # Path to /etc/dnsmasq.d, or false = do not update dnsmasq data. dnsmasq_conf_dir: false @@ -87,6 +100,8 @@ common: admin_notifier_email_from: arvados@example.com email_subject_prefix: "[ARVADOS] " user_notifier_email_from: arvados@example.com + new_user_notification_recipients: [ ] + new_inactive_user_notification_recipients: [ ] # Visitors to the API server will be redirected to the workbench workbench_address: https://workbench.local:3001/ @@ -124,6 +139,28 @@ common: # address of the dedicated websocket server: #websocket_address: wss://127.0.0.1:3333/websocket + # blob_signing_key is a string of alphanumeric characters used to + # generate permission signatures for Keep locators. It must be + # identical to the permission key given to Keep. IMPORTANT: This is + # a site secret. It should be at least 50 characters. + blob_signing_key: ~ + # Amount of time (in seconds) for which a blob permission signature # remains valid. Default: 2 weeks (1209600 seconds) blob_signing_ttl: 1209600 + + # Allow clients to create collections by providing a manifest with + # unsigned data blob locators. IMPORTANT: This effectively disables + # access controls for data stored in Keep: a client who knows a hash + # can write a manifest that references the hash, pass it to + # collections.create (which will create a permission link), use + # collections.get to obtain a signature for that data locator, and + # use that signed locator to retrieve the data from Keep. Therefore, + # do not turn this on if your users expect to keep data private from + # one another! + permit_create_collection_with_unsigned_manifest: false + + # secret_token is a string of alphanumeric characters used by Rails + # to sign session tokens. IMPORTANT: This is a site secret. It + # should be at least 50 characters. + secret_token: ~