X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/d77bf0c67422a259afacc17660698729328a1ed3..1b47c040b802c09d8652b952704e2ad09f31aa27:/doc/install/install-api-server.html.textile.liquid
diff --git a/doc/install/install-api-server.html.textile.liquid b/doc/install/install-api-server.html.textile.liquid
index 91e2c69892..a6b843b160 100644
--- a/doc/install/install-api-server.html.textile.liquid
+++ b/doc/install/install-api-server.html.textile.liquid
@@ -3,6 +3,11 @@ layout: default
navsection: installguide
title: Install the API server
...
+{% comment %}
+Copyright (C) The Arvados Authors. All rights reserved.
+
+SPDX-License-Identifier: CC-BY-SA-3.0
+{% endcomment %}
h2. Install prerequisites
@@ -12,10 +17,6 @@ h3(#install_ruby_and_bundler). Install Ruby and Bundler
{% include 'install_ruby_and_bundler' %}
-h3(#install_postgres). Install PostgreSQL
-
-{% include 'install_postgres' %}
-
h2(#install_apiserver). Install API server and dependencies
On a Debian-based system, install the following packages:
@@ -36,37 +37,12 @@ On a Red Hat-based system, install the following packages:
h2(#configure). Set up the database
-Generate a new database password. Nobody ever needs to memorize it or type it, so we'll make a strong one:
-
- Install runit to supervise the Puma daemon. {% include 'install_runit' %} Install the script below as the run script for the Puma service, modifying it as directed by the comments. Edit the http section of your Nginx configuration to run the Passenger server, and act as a front-end for both it and Puma. You might add a block like the following, adding SSL and logging parameters to taste:~$ ruby -e 'puts rand(2**128).to_s(36)'
-6gqa1vu492idd7yca9tfandj3
-
~$ sudo -u postgres createuser --encrypted -R -S --pwprompt arvados
-[sudo] password for you: yourpassword
-Enter password for new role: paste-password-you-generated
-Enter it again: paste-password-again
+
~$ editor /etc/arvados/api/database.yml
-~$ sudo -u postgres createdb arvados_production -T template0 -E UTF8 -O arvados
-
-
-#!/bin/bash
+Disabling the jobs API means methods involving @jobs@, @job_tasks@, @pipeline_templates@ and @pipeline_instances@ are disabled. This functionality is superceded by the containers API which consists of @container_requests@, @containers@ and @workflows@. Arvados clients (such as @arvados-cwl-runner@) detect which APIs are available and adjust behavior accordingly.
-set -e
-exec 2>&1
+* auto -- (default) enable the Jobs API only if it has been used before (i.e., there are job records in the database), otherwise disable jobs API .
+* true -- enable the Jobs API even if there are no existing job records.
+* false -- disable the Jobs API even in the presence of existing job records.
-# Uncomment the line below if you're using RVM.
-#source /etc/profile.d/rvm.sh
+
+ enable_legacy_jobs_api: auto
+
server {
+
-
+server {
listen 127.0.0.1:8000;
server_name localhost-api;
@@ -245,11 +207,6 @@ upstream api {
server 127.0.0.1:8000 fail_timeout=10s;
}
-upstream websockets {
- # The address below must match the one specified in puma's -b option.
- server 127.0.0.1:8100 fail_timeout=10s;
-}
-
proxy_http_version 1.1;
# When Keep clients request a list of Keep services from the API server, the
@@ -261,68 +218,14 @@ geo $external_client {
default 1;
10.20.30.0/24 0;
}
-
-server {
- listen [your public IP address]:443 ssl;
- server_name uuid_prefix.your.domain;
-
- ssl on;
- ssl_certificate /YOUR/PATH/TO/cert.pem;
- ssl_certificate_key /YOUR/PATH/TO/cert.key;
-
- index index.html index.htm index.php;
-
- # Refer to the comment about this setting in the server section above.
- client_max_body_size 128m;
-
- location / {
- proxy_pass http://api;
- proxy_redirect off;
- proxy_connect_timeout 90s;
- proxy_read_timeout 300s;
-
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header Host $http_host;
- proxy_set_header X-External-Client $external_client;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
-}
-
-server {
- listen [your public IP address]:443 ssl;
- server_name ws.uuid_prefix.your.domain;
-
- ssl on;
- ssl_certificate /YOUR/PATH/TO/cert.pem;
- ssl_certificate_key /YOUR/PATH/TO/cert.key;
-
- index index.html index.htm index.php;
-
- location / {
- proxy_pass http://websockets;
- proxy_redirect off;
- proxy_connect_timeout 90s;
- proxy_read_timeout 300s;
-
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
-}
Restart Nginx:
+Restart Nginx to apply the new configuration. +~$ sudo nginx -s reload
-
-Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will -break this application for all non-root users on this machine.-
fatal: Not a git repository (or any of the parent directories): .git+ +
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will +break this application for all non-root users on this machine.
fatal: Not a git repository (or any of the parent directories): .git