# Install generated config files
ADD generated/database.yml /usr/src/arvados/services/api/config/database.yml
-ADD generated/secret_token.rb /usr/src/arvados/services/api/config/initializers/secret_token.rb
ADD generated/omniauth.rb /usr/src/arvados/services/api/config/initializers/omniauth.rb
-ADD generated/production.rb /usr/src/arvados/services/api/config/environments/production.rb
+RUN /bin/cp /usr/src/arvados/services/api/config/environments/production.rb.example /usr/src/arvados/services/api/config/environments/production.rb
+ADD generated/application.yml /usr/src/arvados/services/api/config/application.yml
ADD generated/apache2_vhost /etc/apache2/sites-available/arvados
# Configure Rails databases.
--- /dev/null
+# Copy this file to application.yml and edit to suit.
+#
+# Consult application.default.yml for the full list of configuration
+# settings.
+#
+# The order of precedence is:
+# 1. config/environments/{RAILS_ENV}.rb (deprecated)
+# 2. Section in application.yml corresponding to RAILS_ENV (e.g., development)
+# 3. Section in application.yml called "common"
+# 4. Section in application.default.yml corresponding to RAILS_ENV
+# 5. Section in application.default.yml called "common"
+
+development:
+ # The blob_signing_key is a string of alphanumeric characters used
+ # to sign permission hints for Keep locators. It must be identical
+ # to the permission key given to Keep. If you run both apiserver
+ # and Keep in development, change this to a hardcoded string and
+ # make sure both systems use the same value.
+ blob_signing_key: ~
+
+production:
+ # At minimum, you need a nice long randomly generated secret_token here.
+ # Use a long string of alphanumeric characters (at least 36).
+ secret_token: @@API_SECRET@@
+
+ # blob_signing_key is required and must be identical to the
+ # permission secret provisioned to Keep.
+ # Use a long string of alphanumeric characters (at least 36).
+ blob_signing_key: @@KEEP_SIGNING_SECRET@@
+
+ uuid_prefix: @@API_HOSTNAME@@
+
+ # The e-mail address of the user you would like to become marked as an admin
+ # user on their first login.
+ # In the default configuration, authentication happens through the Arvados SSO
+ # server, which uses openid against Google's servers, so in that case this
+ # should be an address associated with a Google account.
+ auto_admin_user: @@API_AUTO_ADMIN_USER@@
+
+ # compute_node_domain: example.org
+ # compute_node_nameservers:
+ # - 127.0.0.1
+ # - 192.168.1.1
+ #
+ # The version below is suitable for AWS.
+ # Uncomment and change <%# to <%= to use it.
+ # compute_node_nameservers: <%#
+ # require 'net/http'
+ # ['local', 'public'].collect do |iface|
+ # Net::HTTP.get(URI("http://169.254.169.254/latest/meta-data/#{iface}-ipv4")).match(/^[\d\.]+$/)[0]
+ # end << '172.16.0.23'
+ # %>
+
+test:
+ uuid_prefix: zzzzz
+ secret_token: <%= rand(2**512).to_s(36) %>
+
+common:
+ #git_repositories_dir: /var/cache/git
+ #git_internal_dir: /var/cache/arvados/internal.git
+
-LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.23/buildout/apache2/mod_passenger.so
-PassengerRoot /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.23
+LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.41/buildout/apache2/mod_passenger.so
+PassengerRoot /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.41
PassengerDefaultRuby /usr/local/rvm/wrappers/ruby-2.1.0/ruby
+++ /dev/null
-Server::Application.configure do
- # Settings specified here will take precedence over those in config/application.rb
-
- # Code is not reloaded between requests
- config.cache_classes = true
-
- # Full error reports are disabled and caching is turned on
- config.consider_all_requests_local = false
- config.action_controller.perform_caching = true
-
- # Disable Rails's static asset server (Apache or nginx will already do this)
- config.serve_static_assets = false
-
- # Compress JavaScripts and CSS
- config.assets.compress = true
-
- # Don't fallback to assets pipeline if a precompiled asset is missed
- config.assets.compile = false
-
- # Generate digests for assets URLs
- config.assets.digest = true
-
- # Defaults to Rails.root.join("public/assets")
- # config.assets.manifest = YOUR_PATH
-
- # Specifies the header that your server uses for sending files
- # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
- # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
-
- # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
- # config.force_ssl = true
-
- # See everything in the log (default is :info)
- # config.log_level = :debug
-
- # Use a different logger for distributed setups
- # config.logger = SyslogLogger.new
-
- # Use a different cache store in production
- # config.cache_store = :mem_cache_store
-
- # Enable serving of images, stylesheets, and JavaScripts from an asset server
- # config.action_controller.asset_host = "http://assets.example.com"
-
- # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
- # config.assets.precompile += %w( search.js )
-
- # Disable delivery errors, bad email addresses will be ignored
- # config.action_mailer.raise_delivery_errors = false
- config.action_mailer.raise_delivery_errors = true
- config.action_mailer.perform_deliveries = true
-
- # Enable threaded mode
- # config.threadsafe!
-
- # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
- # the I18n.default_locale when a translation can not be found)
- config.i18n.fallbacks = true
-
- # Send deprecation notices to registered listeners
- config.active_support.deprecation = :notify
-
- config.git_repositories_dir = '/var/cache/git'
-
- config.crunch_job_wrapper = :slurm_immediate
- config.crunch_job_user = 'crunch' # if false, do not set uid when running jobs
-
- # The web service must be able to create/write this file, and
- # crunch-job must be able to stat() it.
- config.crunch_refresh_trigger = '/tmp/crunch_refresh_trigger'
-
- # config.dnsmasq_conf_dir = '/etc/dnsmasq.d'
-
- # config.compute_node_ami = 'ami-cbca41a2'
- # config.compute_node_ec2run_args = '-g arvados-compute'
- # config.compute_node_spot_bid = 0.11
-
- # config.compute_node_domain = `hostname --domain`.strip
-
- # config.compute_node_nameservers = ['1.2.3.4', '1.2.3.5']
- require 'net/http'
- config.compute_node_nameservers = [ '@@ARVADOS_DNS_SERVER@@' ]
- config.compute_node_domain = false
- config.uuid_prefix = '@@API_HOSTNAME@@'
-
- # Authentication stub: hard code pre-approved API tokens.
- # config.accept_api_token = { rand(2**256).to_s(36) => true }
- config.accept_api_token = {}
-
- config.new_users_are_active = false
- config.admin_notifier_email_from = 'arvados@example.com'
- config.email_subject_prefix = '[ARVADOS] '
-
- # The e-mail address of the user you would like to become marked as an admin
- # user on their first login.
- # In the default configuration, authentication happens through the Arvados SSO
- # server, which uses openid against Google's servers, so in that case this
- # should be an address associated with a Google account.
- config.auto_admin_user = '@@API_AUTO_ADMIN_USER@@'
-end
+++ /dev/null
-# Be sure to restart your server when you modify this file.
-
-# Your secret key for verifying the integrity of signed cookies.
-# If you change this key, all old signed cookies will become invalid!
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-Server::Application.config.secret_token = '@@API_SECRET@@'
-
-# The blob_signing_key is a string of alphanumeric characters used
-# to sign permission hints for Keep locators. It must be identical
-# to the permission key given to Keep.
-Server::Application.config.blob_signing_key = '@@KEEP_SIGNING_SECRET@@'
#!/bin/bash
ENABLE_SSH=false
+DOCKER=`which docker.io`
+
+if [[ "$DOCKER" == "" ]]; then
+ DOCKER=`which docker`
+fi
function usage {
echo >&2
function ip_address {
local container=$1
- echo `docker inspect $container |grep IPAddress |cut -f4 -d\"`
+ echo `$DOCKER inspect $container |grep IPAddress |cut -f4 -d\"`
}
function start_container {
args="$args -e ENABLE_SSH=$ENABLE_SSH"
fi
- `docker ps |grep -P "$name[^/]" -q`
+ `$DOCKER ps |grep -P "$name[^/]" -q`
if [[ "$?" == "0" ]]; then
echo "You have a running container with name $name -- skipping."
return
fi
# Remove any existing container by this name.
- docker rm "$name" 2>/dev/null
+ $DOCKER rm "$name" 2>/dev/null
echo "Starting container:"
- echo " docker run $args $image"
- container=`docker run $args $image`
+ echo " $DOCKER run $args $image"
+ container=`$DOCKER run $args $image`
if [[ "$?" != "0" ]]; then
echo "Unable to start container"
exit 1
echo " ssh root@$ip"
echo
fi
+
+ if [[ "$name" == "doc_server" ]]; then
+ echo
+ echo "*****************************************************************"
+ echo "You can access the Arvados documentation at http://localhost:${port%:*}"
+ echo "*****************************************************************"
+ echo
+ fi
+
+ if [[ "$name" == "workbench_server" ]]; then
+ echo
+ echo "*****************************************************************"
+ echo "You can access the Arvados workbench at http://localhost:${port%:*}"
+ echo "*****************************************************************"
+ echo
+ fi
+
+
}
declare -a keep_volumes
# Mount a keep volume if we don't already have one
for mountpoint in $(cut -d ' ' -f 2 /proc/mounts); do
if [[ -d "$mountpoint/keep" && "$mountpoint" != "/" ]]; then
- keep_volumes+=($mountpoint)
+ keep_volumes+=($mountpoint)
fi
done
# Create any keep volumes that do not yet exist.
while [ ${#keep_volumes[*]} -lt 2 ]
do
- new_keep=$(mktemp -d)
- echo >&2 "mounting 512M tmpfs keep volume in $new_keep"
- sudo mount -t tmpfs -o size=512M tmpfs $new_keep
- mkdir $new_keep/keep
- keep_volumes+=($new_keep)
+ new_keep=$(mktemp -d)
+ echo >&2 "mounting 512M tmpfs keep volume in $new_keep"
+ sudo mount -t tmpfs -o size=512M tmpfs $new_keep
+ mkdir $new_keep/keep
+ keep_volumes+=($new_keep)
done
}
while [ $# -ge 1 ]
do
case $1 in
- -d | --doc)
- case "$2" in
- "") start_doc=9898; shift 2 ;;
- *) start_doc=$2; shift 2 ;;
- esac
- ;;
- -s | --sso)
- case "$2" in
- "") start_sso=9901; shift 2 ;;
- *) start_sso=$2; shift 2 ;;
- esac
- ;;
- -a | --api)
- case "$2" in
- "") start_api=9900; shift 2 ;;
- *) start_api=$2; shift 2 ;;
- esac
- ;;
- -w | --workbench)
- case "$2" in
- "") start_workbench=9899; shift 2 ;;
- *) start_workbench=$2; shift 2 ;;
- esac
- ;;
- -k | --keep )
- start_keep=true
- shift
- ;;
- --ssh)
- # ENABLE_SSH is a global variable
- ENABLE_SSH=true
- shift
- ;;
- --)
- shift
- break
- ;;
- *)
- usage
- exit 1
- ;;
- esac
+ -d | --doc)
+ case "$2" in
+ "") start_doc=9898; shift 2 ;;
+ *) start_doc=$2; shift 2 ;;
+ esac
+ ;;
+ -s | --sso)
+ case "$2" in
+ "") start_sso=9901; shift 2 ;;
+ *) start_sso=$2; shift 2 ;;
+ esac
+ ;;
+ -a | --api)
+ case "$2" in
+ "") start_api=9900; shift 2 ;;
+ *) start_api=$2; shift 2 ;;
+ esac
+ ;;
+ -w | --workbench)
+ case "$2" in
+ "") start_workbench=9899; shift 2 ;;
+ *) start_workbench=$2; shift 2 ;;
+ esac
+ ;;
+ -k | --keep )
+ start_keep=true
+ shift
+ ;;
+ --ssh)
+ # ENABLE_SSH is a global variable
+ ENABLE_SSH=true
+ shift
+ ;;
+ --)
+ shift
+ break
+ ;;
+ *)
+ usage
+ exit 1
+ ;;
+ esac
done
# If no options were selected, then start all servers.
if [[ $start_doc == false &&
- $start_sso == false &&
- $start_api == false &&
- $start_workbench == false &&
- $start_keep == false ]]
+ $start_sso == false &&
+ $start_api == false &&
+ $start_workbench == false &&
+ $start_keep == false ]]
then
- start_doc=9898
- start_sso=9901
- start_api=9900
- start_workbench=9899
- start_keep=true
+ start_doc=9898
+ start_sso=9901
+ start_api=9900
+ start_workbench=9899
+ start_keep=true
fi
- if [[ $start_doc != false ]]
+ if [[ $start_sso != false ]]
then
- start_container "9898:80" "doc_server" '' '' "arvados/doc"
+ start_container "$start_sso:443" "sso_server" '' '' "arvados/sso"
fi
- if [[ $start_sso != false ]]
+ if [[ $start_api != false ]]
then
- start_container "9901:443" "sso_server" '' '' "arvados/sso"
+ start_container "$start_api:443" "api_server" '' "sso_server:sso" "arvados/api"
fi
- if [[ $start_api != false ]]
+ if [[ $start_keep != false ]]
then
- start_container "9900:443" "api_server" '' "sso_server:sso" "arvados/api"
+ # create `keep_volumes' array with a list of keep mount points
+ # remove any stale metadata from those volumes before starting them
+ make_keep_volumes
+ for v in ${keep_volumes[*]}
+ do
+ [ -f $v/keep/.metadata.yml ] && sudo rm $v/keep/.metadata.yml
+ done
+ start_container "25107:25107" "keep_server_0" \
+ "${keep_volumes[0]}:/dev/keep-0" \
+ "api_server:api" \
+ "arvados/keep"
+ start_container "25108:25107" "keep_server_1" \
+ "${keep_volumes[1]}:/dev/keep-0" \
+ "api_server:api" \
+ "arvados/keep"
fi
- if [[ $start_workbench != false ]]
+ if [[ $start_doc != false ]]
then
- start_container "9899:80" "workbench_server" '' "api_server:api" "arvados/workbench"
+ start_container "$start_doc:80" "doc_server" '' '' "arvados/doc"
fi
- if [[ $start_keep != false ]]
+ if [[ $start_workbench != false ]]
then
- # create `keep_volumes' array with a list of keep mount points
- # remove any stale metadata from those volumes before starting them
- make_keep_volumes
- for v in ${keep_volumes[*]}
- do
- [ -f $v/keep/.metadata.yml ] && sudo rm $v/keep/.metadata.yml
- done
- start_container "25107:25107" "keep_server_0" \
- "${keep_volumes[0]}:/dev/keep-0" \
- "api_server:api" \
- "arvados/warehouse"
- start_container "25108:25107" "keep_server_1" \
- "${keep_volumes[1]}:/dev/keep-0" \
- "api_server:api" \
- "arvados/warehouse"
+ start_container "$start_workbench:80" "workbench_server" '' "api_server:api" "arvados/workbench"
fi
if [ -d $HOME/.config/arvados ] || mkdir -p $HOME/.config/arvados
then
- cat >$HOME/.config/arvados/settings.conf <<EOF
+ cat >$HOME/.config/arvados/settings.conf <<EOF
ARVADOS_API_HOST=$(ip_address "api_server")
ARVADOS_API_HOST_INSECURE=yes
ARVADOS_API_TOKEN=$(cat api/generated/superuser_token)
EOF
fi
+
}
function do_stop {
while [ $# -ge 1 ]
do
case $1 in
- -d | --doc)
- stop_doc=doc_server ; shift 2 ;;
- -s | --sso)
- stop_sso=sso_server ; shift 2 ;;
- -a | --api)
- stop_api=api_server ; shift 2 ;;
- -w | --workbench)
- stop_workbench=workbench_server ; shift 2 ;;
- -k | --keep )
- stop_keep="keep_server_0 keep_server_1" ; shift ;;
- --ssh)
- shift
- ;;
- --)
- shift
- break
- ;;
- *)
- usage
- exit 1
- ;;
- esac
+ -d | --doc)
+ stop_doc=doc_server ; shift 2 ;;
+ -s | --sso)
+ stop_sso=sso_server ; shift 2 ;;
+ -a | --api)
+ stop_api=api_server ; shift 2 ;;
+ -w | --workbench)
+ stop_workbench=workbench_server ; shift 2 ;;
+ -k | --keep )
+ stop_keep="keep_server_0 keep_server_1" ; shift ;;
+ --ssh)
+ shift
+ ;;
+ --)
+ shift
+ break
+ ;;
+ *)
+ usage
+ exit 1
+ ;;
+ esac
done
- # If no options were selected, then start all servers.
+ # If no options were selected, then stop all servers.
if [[ $stop_doc == "" &&
- $stop_sso == "" &&
- $stop_api == "" &&
- $stop_workbench == "" &&
- $stop_keep == "" ]]
+ $stop_sso == "" &&
+ $stop_api == "" &&
+ $stop_workbench == "" &&
+ $stop_keep == "" ]]
then
- stop_doc=doc_server
- stop_sso=sso_server
- stop_api=api_server
- stop_workbench=workbench_server
- stop_keep="keep_server_0 keep_server_1"
+ stop_doc=doc_server
+ stop_sso=sso_server
+ stop_api=api_server
+ stop_workbench=workbench_server
+ stop_keep="keep_server_0 keep_server_1"
fi
- docker stop $stop_doc $stop_sso $stop_api $stop_workbench $stop_keep \
- 2>/dev/null
+ $DOCKER stop $stop_doc $stop_sso $stop_api $stop_workbench $stop_keep \
+ 2>/dev/null
}
function do_test {
local alltests
if [ $# -lt 1 ]
then
- alltests="python-sdk api"
+ alltests="python-sdk api"
else
- alltests="$@"
+ alltests="$@"
fi
for testname in $alltests
do
- echo "testing $testname..."
- case $testname in
- python-sdk)
- do_start --api --keep --sso
- export ARVADOS_API_HOST=$(ip_address "api_server")
- export ARVADOS_API_HOST_INSECURE=yes
- export ARVADOS_API_TOKEN=$(cat api/generated/superuser_token)
- python -m unittest discover ../sdk/python
- ;;
- api)
- docker run -t -i arvados/api \
- /usr/src/arvados/services/api/script/rake_test.sh
- ;;
- *)
- echo >&2 "unknown test $testname"
- ;;
- esac
+ echo "testing $testname..."
+ case $testname in
+ python-sdk)
+ do_start --api --keep --sso
+ export ARVADOS_API_HOST=$(ip_address "api_server")
+ export ARVADOS_API_HOST_INSECURE=yes
+ export ARVADOS_API_TOKEN=$(cat api/generated/superuser_token)
+ python -m unittest discover ../sdk/python
+ ;;
+ api)
+ $DOCKER run -t -i arvados/api \
+ /usr/src/arvados/services/api/script/rake_test.sh
+ ;;
+ *)
+ echo >&2 "unknown test $testname"
+ ;;
+ esac
done
}
case $1 in
start)
- shift
- do_start $@
- ;;
+ shift
+ do_start $@
+ ;;
stop)
- shift
- do_stop $@
- ;;
+ shift
+ do_stop $@
+ ;;
restart)
- shift
- do_stop $@
- do_start $@
- ;;
+ shift
+ do_stop $@
+ do_start $@
+ ;;
test)
- shift
- do_test $@
- ;;
+ shift
+ do_test $@
+ ;;
*)
- usage
- exit 1
- ;;
+ usage
+ exit 1
+ ;;
esac
-all: api-image doc-image workbench-image warehouse-image sso-image
+all: api-image doc-image workbench-image keep-image sso-image
# `make clean' removes the files generated in the build directory
# but does not remove any docker images generated in previous builds
# `make realclean' will also remove the docker images and force
# subsequent makes to build the entire chain from the ground up
realclean: clean
- -[ -n "`docker ps -q`" ] && docker stop `docker ps -q`
- -docker rm `docker ps -a -q`
- -docker rmi `docker images -q`
+ -[ -n "`$(DOCKER) ps -q`" ] && $(DOCKER) stop `$(DOCKER) ps -q`
+ -$(DOCKER) rm `$(DOCKER) ps -a -q`
+ -$(DOCKER) rmi `$(DOCKER) images -q`
# ============================================================
# Dependencies for */generated files which are prerequisites
workbench/passenger.conf \
$(WORKBENCH_GENERATED)
-WAREHOUSE_DEPS = warehouse/Dockerfile \
- warehouse/supervisor.conf \
- $(WAREHOUSE_GENERATED)
+KEEP_DEPS = keep/Dockerfile
SSO_DEPS = sso/passenger.conf $(SSO_GENERATED)
api/generated/config_databases.sh \
api/generated/database.yml \
api/generated/omniauth.rb \
- api/generated/production.rb \
- api/generated/secret_token.rb \
+ api/generated/application.yml \
api/generated/superuser_token
API_GENERATED_IN = \
api/config_databases.sh.in \
api/database.yml.in \
api/omniauth.rb.in \
- api/production.rb.in \
- api/secret_token.rb.in \
+ api/application.yml.in \
api/superuser_token.in
WORKBENCH_GENERATED = \
workbench/generated/apache2_vhost \
- workbench/generated/production.rb \
- workbench/generated/secret_token.rb
+ workbench/generated/application.yml
WORKBENCH_GENERATED_IN = \
workbench/apache2_vhost.in \
- workbench/production.rb.in \
- workbench/secret_token.rb.in
-
-WAREHOUSE_GENERATED = warehouse/generated/warehouse.conf
-
-WAREHOUSE_GENERATED_IN = warehouse/warehouse.conf.in
+ workbench/application.yml.in
SSO_GENERATED = \
sso/generated/apache2_vhost \
# The docker build -q option suppresses verbose build output.
# Necessary to prevent failure on building warehouse; see
# https://github.com/dotcloud/docker/issues/3172
-DOCKER_BUILD = docker build -q
+DOCKER_BUILD = $(DOCKER) build -q
# ============================================================
# The main Arvados servers: api, doc, workbench, warehouse
$(DOCKER_BUILD) -t arvados/doc doc
date >doc-image
+keep-image: debian-image $(BUILD) $(KEEP_DEPS)
+ $(DOCKER_BUILD) -t arvados/keep keep
+ date >keep-image
+
jobs-image: base-image $(BUILD) $(JOBS_DEPS)
$(DOCKER_BUILD) -t arvados/jobs jobs
date >jobs-image
# - TODO: mount cgroup automatically
# - TODO: start the docker service if not started
- docker_path = %x(which docker).chomp
+ docker_path = %x(which docker.io).chomp
+
+ if docker_path.empty?
+ docker_path = %x(which docker).chomp
+ end
+
if docker_path.empty?
warn "Docker not found."
warn ""
warn ""
warn "Installation instructions for a variety of platforms can be found at"
warn "http://docs.docker.io/en/latest/installation/"
- exit
- elsif not docker_ok?
+ exit 1
+ elsif not docker_ok? docker_path
warn "WARNING: docker could not be run."
warn "Please make sure that:"
warn " * You have permission to read and write /var/run/docker.sock"
warn " * a 'cgroup' volume is mounted on your machine"
warn " * the docker daemon is running"
- exit
+ exit 2
end
# Check that debootstrap is installed.
print "Generating config.yml.\n"
print "Arvados needs to know the email address of the administrative user,\n"
print "so that when that user logs in they are automatically made an admin.\n"
- print "This should be the email address you use to log in to Google.\n"
+ print "This should be an email address associated with a Google account.\n"
print "\n"
admin_email_address = ""
until is_valid_email? admin_email_address
# If all prerequisites are met, go ahead and build.
if ip_forwarding_enabled? and
- docker_ok? and
+ docker_ok? docker_path and
debootstrap_ok? and
File.exists? 'config.yml'
warn "Building Arvados."
- system '/usr/bin/make', '-f', options[:makefile], *ARGV
+ system({"DOCKER" => docker_path}, '/usr/bin/make', '-f', options[:makefile], *ARGV)
end
end
# docker_ok?
# Returns 'true' if docker can be run as the current user.
#
-def docker_ok?
- return system 'docker images > /dev/null 2>&1'
+def docker_ok?(docker_path)
+ return system "#{docker_path} images > /dev/null 2>&1"
end
# find_or_create_ssh_key arvados_name
if not linux_release.match '^1[234]\.'
warn "Arvados requires at least Ubuntu 12.04 (Precise Pangolin)."
warn "Your system is Ubuntu #{linux_release}."
- exit
+ exit 3
end
if linux_release.match '^12' and kernel_release.start_with? '3.2'
# Ubuntu Precise ships with a 3.2 kernel and must be upgraded.
warn " sudo apt-get update"
warn " sudo apt-get install linux-image-generic-lts-raring linux-headers-generic-lts-raring"
warn " sudo reboot"
- exit
+ exit 4
else
# install AUFS
sudo 'apt-get', 'update'
when 'Debian'
else
warn "Must be running a Debian or Ubuntu release in order to run Docker."
- exit
+ exit 5
end
end
--- /dev/null
+# Based on Debian Wheezy
+FROM arvados/debian:wheezy
+MAINTAINER Ward Vandewege <ward@curoverse.com>
+
+RUN echo 'deb http://apt.arvados.org/ wheezy main' > /etc/apt/sources.list.d/apt.arvados.org.list
+
+RUN /usr/bin/apt-key adv --keyserver pgp.mit.edu --recv 1078ECD7
+
+RUN /usr/bin/apt-get update
+
+RUN /usr/bin/apt-get install keep
+
+# Start keep
+CMD ["/usr/bin/keep"]
fi
# some rudimentary detection for whether we need to "sudo" our docker calls
-docker=''
-if docker version > /dev/null 2>&1; then
- docker='docker'
-elif sudo docker version > /dev/null 2>&1; then
- docker='sudo docker'
-elif command -v docker > /dev/null 2>&1; then
- docker='docker'
+docker=`which docker.io`
+if [[ "$docker" == "" ]]; then
+ docker=`which docker`
+fi
+
+if $docker version > /dev/null 2>&1; then
+ docker="$docker"
+elif sudo $docker version > /dev/null 2>&1; then
+ docker="sudo $docker"
+elif command -v $docker > /dev/null 2>&1; then
+ docker="$docker"
else
echo >&2 "warning: either docker isn't installed, or your current user cannot run it;"
echo >&2 " this script is not likely to work as expected"
-LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.23/buildout/apache2/mod_passenger.so
-PassengerRoot /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.23
+LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.41/buildout/apache2/mod_passenger.so
+PassengerRoot /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.41
PassengerDefaultRuby /usr/local/rvm/wrappers/ruby-2.1.0/ruby
+++ /dev/null
-FROM arvados/base
-MAINTAINER Tim Pierce <twp@curoverse.com>
-
-RUN apt-get update && \
- apt-get -q -y install dpkg-dev debhelper libdbi-perl libwww-perl \
- libtest-pod-perl libtest-pod-coverage-perl libjson-perl flex \
- libgnupg-interface-perl libunix-syslog-perl libbsd-resource-perl \
- bioperl perlmagick imagemagick gnuplot libbz2-dev libfftw3-3 libfftw3-dev \
- xsltproc realpath supervisor libgpgme11-dev libcache-memcached-perl \
- libio-compress-perl
-
-# Install warehouse-apps source and build.
-# Remove failing test t/pod-coverage.t.
-RUN \
- perl -MCPAN -e 'install MogileFS::Client;' \
- -e 'install Crypt::GpgME' && \
- git clone https://github.com/curoverse/warehouse-apps.git /usr/src/warehouse-apps && \
- rm /usr/src/warehouse-apps/libwarehouse-perl/t/pod-coverage.t && \
- cd /usr/src/warehouse-apps && \
- sh install.sh /usr/local && \
- dpkg -i libwarehouse-perl*.deb && \
- /bin/mkdir -p /data/keep-0
-
-ADD supervisor.conf /etc/supervisor/conf.d/keepd.conf
-ADD generated/warehouse.conf /etc/warehouse/warehouse-client.conf
-
-# Start the supervisor.
-CMD ["/usr/bin/supervisord", "-n"]
+++ /dev/null
-[program:keepd]
-user=root
-command=/usr/src/warehouse-apps/libwarehouse-perl/server/keepd
+++ /dev/null
-#!/usr/bin/perl
-
-$Warehouse::warehouses = [
- {'name'=>'@@API_HOSTNAME@@',
- 'keep_name'=>'@@API_HOSTNAME@@',
- 'keeps' => [
- 'keep0.@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@:25107',
- 'keep0.@@API_HOSTNAME@@.@@ARVADOS_DOMAIN@@:25108',
- ],
- 'api_auth_token'=>'@@API_SUPERUSER_SECRET@@',
- },
-];
# Update Arvados source
RUN /bin/mkdir -p /usr/src/arvados/apps
ADD generated/workbench.tar.gz /usr/src/arvados/apps/
-ADD generated/secret_token.rb /usr/src/arvados/apps/workbench/config/initializers/secret_token.rb
-ADD generated/production.rb /usr/src/arvados/apps/workbench/config/environments/production.rb
+RUN /bin/cp /usr/src/arvados/apps/workbench/config/environments/production.rb.example /usr/src/arvados/apps/workbench/config/environments/production.rb
+ADD generated/application.yml /usr/src/arvados/apps/workbench/config/application.yml
ADD passenger.conf /etc/apache2/conf.d/passenger
touch /usr/src/arvados/apps/workbench/log/production.log && \
chmod 666 /usr/src/arvados/apps/workbench/log/production.log && \
touch /usr/src/arvados/apps/workbench/db/production.sqlite3 && \
- bundle install --gemfile=/usr/src/arvados/apps/workbench/Gemfile && \
cd /usr/src/arvados/apps/workbench && \
rake assets:precompile && \
chown -R www-data:www-data /usr/src/arvados/apps/workbench
/etc/init.d/ssh start
fi
+# Override the default API server address if necessary.
+if [[ "$API_PORT_443_TCP_ADDR" != "" ]]; then
+ sed -i "s/localhost:9900/$API_PORT_443_TCP_ADDR/" /usr/src/arvados/apps/workbench/config/application.yml
+fi
+
source /etc/apache2/envvars
/usr/sbin/apache2 -D FOREGROUND
--- /dev/null
+# Copy this file to application.yml and edit to suit.
+#
+# Consult application.default.yml for the full list of configuration
+# settings.
+#
+# The order of precedence is:
+# 1. config/environments/{RAILS_ENV}.rb (deprecated)
+# 2. Section in application.yml corresponding to RAILS_ENV (e.g., development)
+# 3. Section in application.yml called "common"
+# 4. Section in application.default.yml corresponding to RAILS_ENV
+# 5. Section in application.default.yml called "common"
+
+common:
+ # At minimum, you need a nice long randomly generated secret_token here.
+ secret_token: @@WORKBENCH_SECRET@@
+
+ # You probably also want to point to your API server.
+ arvados_login_base: 'https://localhost:9900/login'
+ arvados_v1_base: 'https://localhost:9900/arvados/v1'
+ arvados_insecure_https: @@WORKBENCH_INSECURE_HTTPS@@
+
+ data_import_dir: @@WORKBENCH_DATA_IMPORT_DIR@@
+ data_export_dir: @@WORKBENCH_DATA_EXPORT_DIR@@
+
+ site_name: @@WORKBENCH_SITE_NAME@@
+ activation_contact_link: @@WORKBENCH_ACTIVATION_CONTACT_LINK@@
+
-LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.23/buildout/apache2/mod_passenger.so
-PassengerRoot /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.23
+LoadModule passenger_module /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.41/buildout/apache2/mod_passenger.so
+PassengerRoot /usr/local/rvm/gems/ruby-2.1.0/gems/passenger-4.0.41
PassengerDefaultRuby /usr/local/rvm/wrappers/ruby-2.1.0/ruby