generated from saltstack-formulas/template-formula
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathpillar.example
330 lines (314 loc) · 9.99 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# Copyright (C) The Arvados Authors. All rights reserved.
#
# SPDX-License-Identifier: Apache-2.0
# The variables commented out are the default values that the formula uses.
# The uncommented values are REQUIRED values. If you don't set them, running
# this formula will fail.
arvados:
### GENERAL CONFIG
# version: '2.1.0'
# release: production
### It makes little sense to disable this flag, but you can, if you want :)
# use_upstream_repo: true
### Repo URL is built with grains values. If desired, it can be completely
### overwritten with the pillar parameter 'repo_url'
# repo:
# humanname: Arvados Official Repository
# IMPORTANT!!!!!
# api, workbench and shell require some gems, so you need to make sure ruby
# and deps are installed in order to install and compile the gems.
# We default to `false` in these two variables as it's expected you already
# manage OS packages with some other tool and you don't want us messing up
# with your setup.
ruby:
# We set these to `true` here for testing purposes.
# They both default to `false`.
manage_ruby: true
# pkg: ruby # Can specify a backport name like ruby3.2
manage_gems_deps: true
# gems_deps:
# - curl
# - g++
# - gcc
# - git
# - libcurl4
# - libcurl4-gnutls-dev
# - libpq-dev
# - libxml2
# - libxml2-dev
# - make
# - python3-dev
# - ruby-dev
# - zlib1g-dev
# config:
# file: /etc/arvados/config.yml
# user: root
### IMPORTANT!!!!!
### If you're installing any of the rails apps (api, workbench), the group
### should be set to that of the web server, usually `www-data`
# group: root
# mode: 640
#
### This is the command run to verify the configuration is correct before
### deploying it. By default it uses `-strict=true`, so it will error on
### warnings (ie, unknown/deprecated parameters)
#
# check_command: /usr/bin/arvados-server config-check -config
#
### To fail only on errors, you can use
#
# check_command: /usr/bin/arvados-server config-check -strict=false -config
#
### and to disable configuration checking (not recommended), just set it to
### any command that returns true
#
# check_command: /bin/true
### ARVADOS CLUSTER CONFIG
cluster:
name: fixme
domain: example.net
database:
# max concurrent connections per arvados server daemon
# connection_pool_max: 32
name: arvados
host: 127.0.0.1
password: changeme_arvados
user: arvados
# You can pass extra database connections parameters here,
# which will be rendered as yaml.
# extra_conn_params:
# sslmode: prefer
# verify-ca: false
# client_encoding: UTF8
tls:
# certificate: ''
# key: ''
# required to test with snakeoil certs
insecure: true
### TOKENS
tokens:
# Secrets and tokens have to be +32 alphanumeric,
# it does not accept underscores or special characters.
# See https://dev.arvados.org/issues/17150
system_root: systemroottokenmushaveatleast32characters
management: managementtokenmushaveatleast32characters
# The AnonymousUserToken can be set here or in the
# Users dictionary below. The latter will be used if set.
anonymous_user: anonymoususertokenmushaveatleast32characters
### KEYS
secrets:
blob_signing_key: blobsigningkeymushaveatleast32characters
workbench_secret_key: workbenchsecretkeymushaveatleast32characters
dispatcher_access_key: changemedispatcheraccesskey
dispatcher_secret_key: changemedispatchersecretkey
keep_access_key: changemekeepaccesskey
keep_secret_key: changemekeepsecretkey
### ARVADOS RESOURCES
# This dict allows you to create various resources in the Arvados
# database so they're ready to use.
# Check the `arvados.api.resources.* states to see which can be
# currently managed
### SHELL / WEBSHELL REGISTRATION
# In order to use shell nodes via webshell, Arvados needs to know of
# their existence and they need to be configured as upstreams in nginx
# (see https://doc.arvados.org/v2.0/install/install-webshell.html)
# This could be achieved in various ways (ie, through salt mine if you
# want them to be dinamically created), but that's outside the scope of
# this formula. The following dict is just an example that will be used
# by the `arvados.api.resources.virtual_machines` state to add entries
# in Arvados' database of the cluster's resources'
# It's additionally used in the
# `test/salt/pillar/examples/nginx_webshell_configuration.sls`
# pillar to add the corresponding `location` entries in nginx's webshell
# vhosts & upstreams
resources:
virtual_machines:
shell1:
name: webshell1 # if not set, will match the one of the dict key above
backend: 1.2.3.4 # upstream host ip/name that has the shell role
port: 4200 # port where shellinabox is listening
# when no other parameter is set:
# `name` will match the name of the key
# backend` will match `name`
# `port` will default to shellinabox's 4200
webshell2: {}
### VOLUMES
## This should usually match all your `keepstore` instances
Volumes:
# the volume name will be composed with
# <cluster>-nyw5e-<volume>
fixme-nyw5e-000000000000000:
AccessViaHosts:
http://keep0.fixme.example.net:25107:
ReadOnly: false
Replication: 2
Driver: Directory
DriverParameters:
Root: /tmp
Users:
NewUsersAreActive: true
AutoAdminFirstUser: true
AutoSetupNewUsers: true
AutoSetupNewUsersWithRepository: true
Services:
Controller:
ExternalURL: https://fixme.example.net
InternalURLs:
http://localhost:8003: {}
DispatchCloud:
InternalURLs:
http://fixme.example.net:9006: {}
Keepbalance:
InternalURLs:
http://fixme.example.net:9005: {}
Keepproxy:
ExternalURL: https://keep.fixme.example.net
InternalURLs:
http://localhost:25100: {}
Keepstore:
InternalURLs:
http://keep0.fixme.example.net:25107: {}
RailsAPI:
InternalURLs:
http://localhost:8004: {}
WebDAV:
ExternalURL: https://collections.fixme.example.net
InternalURLs:
http://localhost:9002: {}
WebDAVDownload:
ExternalURL: https://download.fixme.example.net
WebShell:
ExternalURL: https://webshell.fixme.example.net
Websocket:
ExternalURL: wss://ws.fixme.example.net/websocket
InternalURLs:
http://localhost:8005: {}
Workbench1:
ExternalURL: https://workbench.fixme.example.net
Workbench2:
ExternalURL: https://workbench2.fixme.example.net
# ### THESE ARE THE PACKAGES AND DAEMONS BASIC CONFIGS
# #### API
# api:
# pkg:
# name:
# - arvados-api-server
# - arvados-dispatch-cloud
# gem:
# name:
# - arvados-cli
# service:
# name:
# - nginx
# port: 8004
# #### CONTROLLER
# controller:
# pkg:
# name: arvados-controller
# gem:
# name:
# - arvados-cli
# service:
# name: arvados-controller
# port: 8003
# #### DISPATCHER
# dispatcher:
# pkg:
# name:
# - crunch-dispatch-local
# # - arvados-dispatch-cloud
# # - crunch-dispatch-slurm
# service:
# name: crunch-dispatch-local
# port: 9006
# #### KEEPPROXY
# keepproxy:
# pkg:
# name: keepproxy
# service:
# name: keepproxy
# port: 25107
# #### KEEPWEB
# keepweb:
# pkg:
# name: keep-web
# service:
# name: keep-web
# # webdav
# port: 9002
# #### KEEPSTORE
# keepstore:
# pkg:
# name: keepstore
# service:
# name: keepstore
# port: 25107
# #### SHELL
# shell:
# pkg:
# name:
# - arvados-client
# - arvados-src
# - python3-arvados-fuse
# - python3-arvados-python-client
# - python3-arvados-cwl-runner
# gem:
# name:
# - arvados-cli
# - arvados-login-sync
# shellinabox:
# config: /etc/default/shellinabox
# service:
# name: shellinabox
# port: 4200
# #### WORKBENCH
# workbench:
# pkg:
# name: arvados-workbench
# service:
# name: nginx
# #### WORKBENCH2
# workbench2:
# pkg:
# name: arvados-workbench2
# service:
# name: nginx
# #### WEBSOCKET
# websocket:
# pkg:
# name: arvados-ws
# service:
# name: arvados-ws
# port: 8005
# ## SALTSTACK FORMULAS TOFS configuration
# https://template-formula.readthedocs.io/en/latest/TOFS_pattern.html
# tofs:
# # The files_switch key serves as a selector for alternative
# # directories under the formula files directory. See TOFS pattern
# # doc for more info.
# # Note: Any value not evaluated by `config.get` will be used literally.
# # This can be used to set custom paths, as many levels deep as required.
# files_switch:
# - any/path/can/be/used/here
# - id
# - roles
# - osfinger
# - os
# - os_family
# # All aspects of path/file resolution are customisable using the options below.
# # This is unnecessary in most cases; there are sensible defaults.
# # Default path: salt://< path_prefix >/< dirs.files >/< dirs.default >
# # I.e.: salt://arvados/files/default
# # path_prefix: template_alt
# # dirs:
# # files: files_alt
# # default: default_alt
# # The entries under `source_files` are prepended to the default source files
# # given for the state
# # source_files:
# # arvados-config-file-file-managed:
# # - 'example_alt.tmpl'
# # - 'example_alt.tmpl.jinja'