});
<% end %>
<div id="intropage">
- <img class="arvados-logo" src="<%= asset_path('logo.png') %>" style="display:block; margin:2em auto"/>
+ <img class="arvados-logo" src="<%= asset_path('logo.png') %>" style="display:block; margin:2em auto" alt="arvados logo"/>
<div style="width:30em; margin:2em auto 0 auto">
<h1>Welcome</h1>
<h4>ARVADOS</h4>
<div id="intropage">
- <img class="arvados-logo" src="<%= asset_path('logo.png') rescue '/logo.png' %>" style="display:block; margin:2em auto"/>
+ <img class="arvados-logo" src="<%= asset_path('logo.png') rescue '/logo.png' %>" style="display:block; margin:2em auto" alt="arvados logo" />
<div style="width:30em; margin:2em auto 0 auto">
<h1>Error</h1>
FROM arvados/arvbox-base
ARG arvados_version
-ARG composer_version=arvados-fork
ARG workbench2_version=main
RUN cd /usr/src && \
git clone --no-checkout https://git.arvados.org/arvados.git && \
git -C arvados checkout ${arvados_version} && \
- git clone --no-checkout https://github.com/arvados/composer.git && \
- git -C composer checkout ${composer_version} && \
git clone --no-checkout https://git.arvados.org/arvados-workbench2.git workbench2 && \
git -C workbench2 checkout ${workbench2_version} && \
chown -R 1000:1000 /usr/src
RUN /usr/local/lib/arvbox/createusers.sh
RUN sudo -u arvbox /var/lib/arvbox/service/api/run-service --only-deps
-RUN sudo -u arvbox /var/lib/arvbox/service/composer/run-service --only-deps
RUN sudo -u arvbox /var/lib/arvbox/service/workbench2/run-service --only-deps
RUN sudo -u arvbox /var/lib/arvbox/service/keep-web/run-service --only-deps
RUN sudo -u arvbox /var/lib/arvbox/service/workbench/run-service --only-deps
InternalURLs:
"http://localhost:${services[keep-web]}/": {}
ExternalURL: "https://$localip:${services[keep-web-dl-ssl]}/"
- Composer:
- ExternalURL: "https://$localip:${services[composer]}"
Controller:
ExternalURL: "https://$localip:${services[controller-ssl]}"
InternalURLs:
BlobSigningKey: $blob_signing_key
DefaultReplication: 1
TrustAllContent: true
+ Containers:
+ RuntimeEngine: singularity
Login:
Test:
Enable: true
[api]=8004
[controller]=8003
[controller-ssl]=8000
- [composer]=4200
[arv-git-httpd-ssl]=9000
[arv-git-httpd]=9001
[keep-web]=9003
+++ /dev/null
-/usr/local/lib/arvbox/logger
\ No newline at end of file
+++ /dev/null
-#!/bin/sh
-# Copyright (C) The Arvados Authors. All rights reserved.
-#
-# SPDX-License-Identifier: AGPL-3.0
-
-set -e
-
-exec /usr/local/lib/arvbox/runsu.sh $0-service $1
+++ /dev/null
-#!/bin/bash
-# Copyright (C) The Arvados Authors. All rights reserved.
-#
-# SPDX-License-Identifier: AGPL-3.0
-
-exec 2>&1
-set -ex -o pipefail
-
-. /usr/local/lib/arvbox/common.sh
-
-cd /usr/src/composer
-
-npm -d install --prefix /usr/local --global yarn@1.17.3
-
-yarn install
-
-if test "$1" = "--only-deps" ; then
- exit
-fi
-
-cat >/usr/src/composer/src/composer.yml <<EOF
-API_HOST: ${localip}:${services[controller-ssl]}
-EOF
-exec node_modules/.bin/ng serve --host 0.0.0.0 --port 4200 --env=webdev --ssl=true --sslCert="${server_cert}" --sslKey="${server_cert_key}"
cd /usr/src/workbench2
-npm -d install --prefix /usr/local --global yarn@1.17.3
-
yarn install
if test "$1" = "--only-deps" ; then
### SERVER
server:
config:
+ # Needed for RVM, harmless otherwise. Cf. https://dev.arvados.org/issues/19015
+ env: GEM_HOME
# As we now differentiate where passenger is required or not, we need to
# load this module conditionally, so we add this conditional just to use
# the same pillar file
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+ {%- set group = 'nginx' %}
+{%- else %}
+ {%- set group = 'www-data' %}
+{%- endif %}
+
+# Make sure that /var/www/.passenger exists with the proper ownership
+# so that passenger can build passenger_native_support.so
+extra_var_www_passenger:
+ file.directory:
+ - name: /var/www/.passenger
+ - user: {{ group }}
+ - group: {{ group }}
+ - mode: '0755'
+ - makedirs: True
+
+{%- if grains.osfinger in ('CentOS Linux-7', 'Ubuntu-18.04', 'Debian-10') %}
+# Work around passenger issue when RVM is in use, cf
+# https://dev.arvados.org/issues/19015
+extra_nginx_set_gem_home:
+ file.managed:
+ - name: /etc/systemd/system/nginx.service.d/override.conf
+ - mode: '0644'
+ - user: root
+ - group: root
+ - makedirs: True
+ - replace: False
+ - contents: |
+ [Service]
+ ExecStart=
+ ExecStart=/bin/bash -a -c "GEM_HOME=`[ -x /usr/local/rvm/bin/rvm-exec ] && /usr/local/rvm/bin/rvm-exec default env |grep GEM_HOME=|cut -f2 -d= || true` && /usr/sbin/nginx -g 'daemon on; master_process on;'"
+ cmd.run:
+ - name: systemctl daemon-reload
+ - require:
+ - file: extra_nginx_set_gem_home
+ - file: extra_var_www_passenger
+ - onchanges:
+ - file: extra_nginx_set_gem_home
+{%- endif -%}
### SERVER
server:
config:
+ # Needed for RVM, harmless otherwise. Cf. https://dev.arvados.org/issues/19015
+ env: GEM_HOME
# As we now differentiate where passenger is required or not, we need to
# load this module conditionally, so we add this conditional just to use
# the same pillar file
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+ {%- set group = 'nginx' %}
+{%- else %}
+ {%- set group = 'www-data' %}
+{%- endif %}
+
+# Make sure that /var/www/.passenger exists with the proper ownership
+# so that passenger can build passenger_native_support.so
+extra_var_www_passenger:
+ file.directory:
+ - name: /var/www/.passenger
+ - user: {{ group }}
+ - group: {{ group }}
+ - mode: '0755'
+ - makedirs: True
+
+{%- if grains.osfinger in ('CentOS Linux-7', 'Ubuntu-18.04', 'Debian-10') %}
+# Work around passenger issue when RVM is in use, cf
+# https://dev.arvados.org/issues/19015
+extra_nginx_set_gem_home:
+ file.managed:
+ - name: /etc/systemd/system/nginx.service.d/override.conf
+ - mode: '0644'
+ - user: root
+ - group: root
+ - makedirs: True
+ - replace: False
+ - contents: |
+ [Service]
+ ExecStart=
+ ExecStart=/bin/bash -a -c "GEM_HOME=`[ -x /usr/local/rvm/bin/rvm-exec ] && /usr/local/rvm/bin/rvm-exec default env |grep GEM_HOME=|cut -f2 -d= || true` && /usr/sbin/nginx -g 'daemon on; master_process on;'"
+ cmd.run:
+ - name: systemctl daemon-reload
+ - require:
+ - file: extra_nginx_set_gem_home
+ - file: extra_var_www_passenger
+ - onchanges:
+ - file: extra_nginx_set_gem_home
+{%- endif -%}
### SERVER
server:
config:
+ # Needed for RVM, harmless otherwise. Cf. https://dev.arvados.org/issues/19015
+ env: GEM_HOME
# As we now differentiate where passenger is required or not, we need to
# load this module conditionally, so we add this conditional just to use
# the same pillar file
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+{%- if grains.os_family in ('RedHat',) %}
+ {%- set group = 'nginx' %}
+{%- else %}
+ {%- set group = 'www-data' %}
+{%- endif %}
+
+# Make sure that /var/www/.passenger exists with the proper ownership
+# so that passenger can build passenger_native_support.so
+extra_var_www_passenger:
+ file.directory:
+ - name: /var/www/.passenger
+ - user: {{ group }}
+ - group: {{ group }}
+ - mode: '0755'
+ - makedirs: True
+
+{%- if grains.osfinger in ('CentOS Linux-7', 'Ubuntu-18.04', 'Debian-10') %}
+# Work around passenger issue when RVM is in use, cf
+# https://dev.arvados.org/issues/19015
+extra_nginx_set_gem_home:
+ file.managed:
+ - name: /etc/systemd/system/nginx.service.d/override.conf
+ - mode: '0644'
+ - user: root
+ - group: root
+ - makedirs: True
+ - replace: False
+ - contents: |
+ [Service]
+ ExecStart=
+ ExecStart=/bin/bash -a -c "GEM_HOME=`[ -x /usr/local/rvm/bin/rvm-exec ] && /usr/local/rvm/bin/rvm-exec default env |grep GEM_HOME=|cut -f2 -d= || true` && /usr/sbin/nginx -g 'daemon on; master_process on;'"
+ cmd.run:
+ - name: systemctl daemon-reload
+ - require:
+ - file: extra_nginx_set_gem_home
+ - file: extra_var_www_passenger
+ - onchanges:
+ - file: extra_nginx_set_gem_home
+{%- endif -%}
# Make sure that the value configured as IP_INT is a real IP on the system.
# If we don't error out early here when there is a mismatch, the formula will
# fail with hard to interpret nginx errors later on.
- ip addr list |grep -q "${IP_INT}/"
+ ip addr list |grep "${IP_INT}/" >/dev/null
if [[ $? -ne 0 ]]; then
echo "Unable to find the IP_INT address '${IP_INT}' on the system, please correct the value in local.params. Exiting..."
exit 1
yum install -y curl git jq
;;
"debian"|"ubuntu")
- DEBIAN_FRONTEND=noninteractive apt update
+ # Wait 2 minutes for any apt locks to clear
+ # This option is supported from apt 1.9.1 and ignored in older apt versions.
+ # Cf. https://blog.sinjakli.co.uk/2021/10/25/waiting-for-apt-locks-without-the-hacky-bash-scripts/
+ DEBIAN_FRONTEND=noninteractive apt -o DPkg::Lock::Timeout=120 update
DEBIAN_FRONTEND=noninteractive apt install -y curl git jq
;;
esac
echo " - arvados" >> ${S_DIR}/top.sls
echo " - extra.shell_sudo_passwordless" >> ${S_DIR}/top.sls
echo " - extra.shell_cron_add_login_sync" >> ${S_DIR}/top.sls
+ echo " - extra.passenger_rvm" >> ${S_DIR}/top.sls
# Pillars
echo " - docker" >> ${P_DIR}/top.sls
else
echo " - nginx.passenger" >> ${S_DIR}/top.sls
fi
+ echo " - extra.passenger_rvm" >> ${S_DIR}/top.sls
### If we don't install and run LE before arvados-api-server, it fails and breaks everything
### after it. So we add this here as we are, after all, sharing the host for api and controller
if [ "${SSL_MODE}" = "lets-encrypt" ]; then