proxy_http_version 1.1;
@@ -120,11 +115,11 @@ Use a text editor to create a new file @/etc/nginx/conf.d/arvados-api-and-contro
# "available keep services" request with either a list of internal keep
# servers (0) or with the keepproxy (1).
#
-# TODO: Following the example here, update the 10.20.30.0/24 netmask
-# to match your private subnet.
-# TODO: Update 1.2.3.4 and add lines as necessary with the public IP
-# address of all servers that can also access the private network to
-# ensure they are not considered 'external'.
+# Following the example here, update the 10.20.30.0/24 netmask
+# to match your private subnet.
+# Update 1.2.3.4 and add lines as necessary with the public IP
+# address of all servers that can also access the private network to
+# ensure they are not considered 'external'.
geo $external_client {
default 1;
@@ -142,12 +137,11 @@ server {
# This configures the public https port that clients will actually connect to,
# the request is reverse proxied to the upstream 'controller'
- listen *:443 ssl;
- server_name xxxxx.example.com;
+ listen 443 ssl;
+ server_name ClusterID.example.com;
- ssl on;
- ssl_certificate /TODO/YOUR/PATH/TO/cert.pem;
- ssl_certificate_key /TODO/YOUR/PATH/TO/cert.key;
+ ssl_certificate /YOUR/PATH/TO/cert.pem;
+ ssl_certificate_key /YOUR/PATH/TO/cert.key;
# Refer to the comment about this setting in the passenger (arvados
# api server) section of your Nginx configuration.
@@ -179,8 +173,8 @@ server {
passenger_enabled on;
- # TODO: If you are using RVM, uncomment the line below.
- # If you're using system ruby, leave it commented out.
+ # If you are using RVM, uncomment the line below.
+ # If you're using system ruby, leave it commented out.
#passenger_ruby /usr/local/rvm/wrappers/default/ruby;
# This value effectively limits the size of API objects users can
@@ -205,21 +199,19 @@ h2(#confirm-working). Confirm working installation
Confirm working controller:
-
-$ curl https://ClusterID.example.com/arvados/v1/config
-
+$ curl https://ClusterID.example.com/arvados/v1/config
+
Confirm working Rails API server:
-
-$ curl https://ClusterID.example.com/discovery/v1/apis/arvados/v1/rest
-
+$ curl https://ClusterID.example.com/discovery/v1/apis/arvados/v1/rest
+
Confirm that you can use the system root token to act as the system root user:
-
-$ curl -H "Authorization: Bearer $system_root_token" https://xxxxx.example.com/arvados/v1/users/current
-
+
+$ curl -H "Authorization: Bearer $system_root_token" https://ClusterID.example.com/arvados/v1/users/current
+
h3. Troubleshooting