X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/ee86983a93c335413c508c5717a8707bbced93e6..7df2da959b583d3646b9fde606f9e74d598d4bb9:/services/api/config/application.yml.example

diff --git a/services/api/config/application.yml.example b/services/api/config/application.yml.example
index 9162fc4445..d6db3a4f8b 100644
--- a/services/api/config/application.yml.example
+++ b/services/api/config/application.yml.example
@@ -11,11 +11,23 @@
 # 5. Section in application.default.yml called "common"
 
 development:
+  # The blob_signing_key is a string of alphanumeric characters used
+  # to sign permission hints for Keep locators. It must be identical
+  # to the permission key given to Keep.  If you run both apiserver
+  # and Keep in development, change this to a hardcoded string and
+  # make sure both systems use the same value.
+  blob_signing_key: ~
 
 production:
   # At minimum, you need a nice long randomly generated secret_token here.
+  # Use a long string of alphanumeric characters (at least 36).
   secret_token: ~
 
+  # blob_signing_key is required and must be identical to the
+  # permission secret provisioned to Keep.
+  # Use a long string of alphanumeric characters (at least 36).
+  blob_signing_key: ~
+
   uuid_prefix: bogus
 
   # compute_node_domain: example.org
@@ -26,11 +38,11 @@ production:
   # The version below is suitable for AWS.
   # Uncomment and change <%# to <%= to use it.
   # compute_node_nameservers: <%#
-    require 'net/http'
-    ['local', 'public'].collect do |iface|
-      Net::HTTP.get(URI("http://169.254.169.254/latest/meta-data/#{iface}-ipv4")).match(/^[\d\.]+$/)[0]
-    end << '172.16.0.23'
-  %>
+  #   require 'net/http'
+  #   ['local', 'public'].collect do |iface|
+  #     Net::HTTP.get(URI("http://169.254.169.254/latest/meta-data/#{iface}-ipv4")).match(/^[\d\.]+$/)[0]
+  #   end << '172.16.0.23'
+  # %>
 
 test:
   uuid_prefix: zzzzz
@@ -39,3 +51,4 @@ test:
 common:
   #git_repositories_dir: /var/cache/git
   #git_internal_dir: /var/cache/arvados/internal.git
+