X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/dcbb5acc0f9767c6b358e5f5d6055b78290430ab..549f4a1deddb41f6abbc493a660d9fb0976da91a:/services/api/config/application.default.yml diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml index e46ff5dd18..827dfe1586 100644 --- a/services/api/config/application.default.yml +++ b/services/api/config/application.default.yml @@ -43,9 +43,20 @@ test: common: secret_token: ~ + blob_signing_key: ~ uuid_prefix: <%= Digest::MD5.hexdigest(`hostname`).to_i(16).to_s(36)[0..4] %> - git_repositories_dir: /var/cache/git + # Git repositories must be readable by api server, or you won't be + # able to submit crunch jobs. To pass the test suites, put a clone + # of the arvados tree in {git_repositories_dir}/arvados.git or + # {git_repositories_dir}/arvados/.git + git_repositories_dir: /var/lib/arvados/git + + # This is a (bare) repository that stores commits used in jobs. When a job + # runs, the source commits are first fetched into this repository, then this + # repository is used to deploy to compute nodes. This should NOT be a + # subdirectory of {git_repositiories_dir}. + git_internal_dir: /var/lib/arvados/internal.git # :none or :slurm_immediate crunch_job_wrapper: :none @@ -57,6 +68,19 @@ common: # crunch-job must be able to stat() it. crunch_refresh_trigger: /tmp/crunch_refresh_trigger + # Maximum number of log events that may be generated by a single job. + crunch_limit_log_events_per_job: 65536 + + # Maximum number of total bytes that may be logged by a single job. + crunch_limit_log_event_bytes_per_job: 67108864 + + # These two settings control how frequently log events are flushed + # to the database. If a job generates two or more events within + # crunch_log_seconds_between_events, the log data is not flushed + # until crunch_log_bytes_per_event has been reached. + crunch_log_bytes_per_event: 4096 + crunch_log_seconds_between_events: 1 + # Path to /etc/dnsmasq.d, or false = do not update dnsmasq data. dnsmasq_conf_dir: false @@ -75,6 +99,9 @@ common: new_users_are_active: false admin_notifier_email_from: arvados@example.com email_subject_prefix: "[ARVADOS] " + user_notifier_email_from: arvados@example.com + new_user_notification_recipients: [ ] + new_inactive_user_notification_recipients: [ ] # Visitors to the API server will be redirected to the workbench workbench_address: https://workbench.local:3001/ @@ -99,3 +126,30 @@ common: # Version of your assets, change this if you want to expire all your assets assets.version: "1.0" + + arvados_theme: default + + # Default: do not advertise a websocket server. + websocket_address: false + + # You can run the websocket server separately from the regular HTTP service + # by setting "ARVADOS_WEBSOCKETS=ws-only" in the environment before running + # the websocket server. When you do this, you need to set the following + # configuration variable so that the primary server can give out the correct + # address of the dedicated websocket server: + #websocket_address: wss://127.0.0.1:3333/websocket + + # Amount of time (in seconds) for which a blob permission signature + # remains valid. Default: 2 weeks (1209600 seconds) + blob_signing_ttl: 1209600 + + # Allow clients to create collections by providing a manifest with + # unsigned data blob locators. IMPORTANT: This effectively disables + # access controls for data stored in Keep: a client who knows a hash + # can write a manifest that references the hash, pass it to + # collections.create (which will create a permission link), use + # collections.get to obtain a signature for that data locator, and + # use that signed locator to retrieve the data from Keep. Therefore, + # do not turn this on if your users expect to keep data private from + # one another! + permit_create_collection_with_unsigned_manifest: false