ENV GEM_PATH /var/lib/gems
ENV PATH $PATH:/var/lib/gems/bin
-ENV GOVERSION 1.11.5
+ENV GOVERSION 1.12.7
# Install golang binary
RUN curl -f http://storage.googleapis.com/golang/go${GOVERSION}.linux-amd64.tar.gz | \
keep-setup.sh common.sh createusers.sh \
logger runsu.sh waitforpostgres.sh \
yml_override.py api-setup.sh \
- go-setup.sh devenv.sh \
+ go-setup.sh devenv.sh cluster-config.sh \
/usr/local/lib/arvbox/
ADD runit /etc/runit
if test -a /usr/src/arvados/services/api/config/arvados_config.rb ; then
rm -f config/application.yml config/database.yml
+ flock /var/lib/arvados/cluster_config.yml.lock /usr/local/lib/arvbox/cluster-config.sh
else
cat >config/application.yml <<EOF
$RAILS_ENV:
--- /dev/null
+#!/bin/bash
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+exec 2>&1
+set -ex -o pipefail
+
+if [[ -s /etc/arvados/config.yml ]] ; then
+ exit
+fi
+
+uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
+secret_token=$(cat /var/lib/arvados/api_secret_token)
+blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
+management_token=$(cat /var/lib/arvados/management_token)
+sso_app_secret=$(cat /var/lib/arvados/sso_app_secret)
+vm_uuid=$(cat /var/lib/arvados/vm-uuid)
+database_pw=$(cat /var/lib/arvados/api_database_pw)
+
+workbench_secret_key_base=$(cat /var/lib/arvados/workbench_secret_token)
+
+if test -s /var/lib/arvados/api_rails_env ; then
+ database_env=$(cat /var/lib/arvados/api_rails_env)
+else
+ database_env=development
+fi
+
+cat >/var/lib/arvados/cluster_config.yml <<EOF
+Clusters:
+ ${uuid_prefix}:
+ ManagementToken: $management_token
+ Services:
+ Workbench1:
+ ExternalURL: "https://$localip:${services[workbench]}"
+ Workbench2:
+ ExternalURL: "https://$localip:${services[workbench2-ssl]}"
+ SSO:
+ ExternalURL: "https://$localip:${services[sso]}"
+ Websocket:
+ ExternalURL: "wss://$localip:${services[websockets-ssl]}/websocket"
+ GitSSH:
+ ExternalURL: "ssh://git@$localip:"
+ GitHTTP:
+ ExternalURL: "http://$localip:${services[arv-git-httpd]}/"
+ WebDAV:
+ ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
+ Composer:
+ ExternalURL: "http://$localip:${services[composer]}"
+ Controller:
+ ExternalURL: "https://$localip:${services[controller-ssl]}"
+ NodeProfiles: # to be deprecated in favor of "Services" section
+ "*":
+ arvados-controller:
+ Listen: ":${services[controller]}" # choose a port
+ arvados-api-server:
+ Listen: ":${services[api]}" # must match Rails server port in your Nginx config
+ PostgreSQL:
+ ConnectionPool: 32 # max concurrent connections per arvados server daemon
+ Connection:
+ # All parameters here are passed to the PG client library in a connection string;
+ # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
+ host: localhost
+ user: arvados
+ password: ${database_pw}
+ dbname: arvados_${database_env}
+ client_encoding: utf8
+ API:
+ RailsSessionSecretToken: $secret_token
+ Collections:
+ BlobSigningKey: $blob_signing_key
+ DefaultReplication: 1
+ Containers:
+ SupportedDockerImageFormats: ["v2"]
+ Login:
+ ProviderAppSecret: $sso_app_secret
+ ProviderAppID: arvados-server
+ Users:
+ NewUsersAreActive: true
+ AutoAdminFirstUser: true
+ AutoSetupNewUsers: true
+ AutoSetupNewUsersWithVmUUID: $vm_uuid
+ AutoSetupNewUsersWithRepository: true
+ Workbench:
+ SecretKeyBase: $workbench_secret_key_base
+ ArvadosDocsite: http://$localip:${services[doc]}/
+EOF
+
+/usr/local/lib/arvbox/yml_override.py /var/lib/arvados/cluster_config.yml
+
+cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
export GOPATH=/var/lib/gopath
EOF
+ mkdir -p /etc/arvados
+ chown -R arvbox:arvbox /etc/arvados
fi
if ! grep "^fuse:" /etc/group >/dev/null 2>/dev/null ; then
exit
fi
-uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
-secret_token=$(cat /var/lib/arvados/api_secret_token)
-blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
-management_token=$(cat /var/lib/arvados/management_token)
-sso_app_secret=$(cat /var/lib/arvados/sso_app_secret)
-vm_uuid=$(cat /var/lib/arvados/vm-uuid)
-database_pw=$(cat /var/lib/arvados/api_database_pw)
-
-workbench_secret_key_base=$(cat /var/lib/arvados/workbench_secret_token)
-
-if test -s /var/lib/arvados/api_rails_env ; then
- database_env=$(cat /var/lib/arvados/api_rails_env)
-else
- database_env=development
-fi
-
-mkdir -p /etc/arvados
-
-cat >/var/lib/arvados/cluster_config.yml <<EOF
-Clusters:
- ${uuid_prefix}:
- ManagementToken: $management_token
- Services:
- Workbench1:
- ExternalURL: "https://$localip:${services[workbench]}"
- Workbench2:
- ExternalURL: "https://$localip:${services[workbench2-ssl]}"
- SSO:
- ExternalURL: "https://$localip:${services[sso]}"
- Websocket:
- ExternalURL: "wss://$localip:${services[websockets-ssl]}/websocket"
- GitSSH:
- ExternalURL: "ssh://git@$localip:"
- GitHTTP:
- ExternalURL: "http://$localip:${services[arv-git-httpd]}/"
- WebDAV:
- ExternalURL: "https://$localip:${services[keep-web-ssl]}/"
- Composer:
- ExternalURL: "http://$localip:${services[composer]}"
- Controller:
- ExternalURL: "https://$localip:${services[controller-ssl]}"
- NodeProfiles: # to be deprecated in favor of "Services" section
- "*":
- arvados-controller:
- Listen: ":${services[controller]}" # choose a port
- arvados-api-server:
- Listen: ":${services[api]}" # must match Rails server port in your Nginx config
- PostgreSQL:
- ConnectionPool: 32 # max concurrent connections per arvados server daemon
- Connection:
- # All parameters here are passed to the PG client library in a connection string;
- # see https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
- host: localhost
- user: arvados
- password: ${database_pw}
- dbname: arvados_${database_env}
- client_encoding: utf8
- API:
- RailsSessionSecretToken: $secret_token
- Collections:
- BlobSigningKey: $blob_signing_key
- DefaultReplication: 1
- Containers:
- SupportedDockerImageFormats: ["v2"]
- Login:
- ProviderAppSecret: $sso_app_secret
- ProviderAppID: arvados-server
- Users:
- NewUsersAreActive: true
- AutoAdminFirstUser: true
- AutoSetupNewUsers: true
- AutoSetupNewUsersWithVmUUID: $vm_uuid
- AutoSetupNewUsersWithRepository: true
- Workbench:
- SecretKeyBase: $workbench_secret_key_base
- ArvadosDocsite: http://$localip:${services[doc]}/
-EOF
-
-/usr/local/lib/arvbox/yml_override.py /var/lib/arvados/cluster_config.yml
-
-cp /var/lib/arvados/cluster_config.yml /etc/arvados/config.yml
+flock /var/lib/arvados/cluster_config.yml.lock /usr/local/lib/arvbox/cluster-config.sh
exec /usr/local/lib/arvbox/runsu.sh /usr/local/bin/arvados-controller