forked from ucphhpc/docker-migrid
-
Notifications
You must be signed in to change notification settings - Fork 0
/
advanced_dev.erda.dk_full.env
178 lines (161 loc) · 5.44 KB
/
advanced_dev.erda.dk_full.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# IMPORTANT: this is a sample env file with the setup used for the default simple
# docker build. To adjust the build settings you can copy it to ./.env and
# make your desired changes before running
# make init && make build
# The build type specifies the version of MiGrid that should be build
# Fow now, the following types are supported.
# {basic,advanced}
# IMPORTANT: no build difference so we just reuse basic and rely on profiles!
#BUILD_TYPE=advanced
BUILD_TYPE=basic
# Which target system is the image being generated for
# {development, production}
BUILD_TARGET=development
# The domain in which the instance should be accessible
DOMAIN=dev.erda.dk
WILDCARD_DOMAIN=dev*.erda.dk
PUBLIC_DOMAIN=dev-www.erda.dk
MIGCERT_DOMAIN=
EXTCERT_DOMAIN=dev-cert.erda.dk
MIGOID_DOMAIN=dev-ext.erda.dk
EXTOID_DOMAIN=dev-oid.erda.dk
# NOTE: uncoment next domain for testing external OpenID Connect provider
#EXTOIDC_DOMAIN=dev-oidc.erda.dk
EXTOIDC_DOMAIN=
SID_DOMAIN=dev-sid.erda.dk
IO_DOMAIN=dev-io.erda.dk
OPENID_DOMAIN=dev-ext.erda.dk
FTPS_DOMAIN=dev-io.erda.dk
SFTP_DOMAIN=dev-io.erda.dk
WEBDAVS_DOMAIN=dev-io.erda.dk
MIG_OID_PROVIDER=https://dev-ext.erda.dk/openid/
EXT_OID_PROVIDER=https://openid.ku.dk/
EXT_OIDC_PROVIDER_META_URL=unset
EXT_OIDC_CLIENT_NAME=unset
EXT_OIDC_CLIENT_ID=unset
EXT_OIDC_SCOPE="profile email"
EXT_OIDC_REMOTE_USER_CLAIM=sub
PUBLIC_HTTP_PORT=80
PUBLIC_HTTPS_PORT=443
MIGCERT_HTTPS_PORT=443
EXTCERT_HTTPS_PORT=443
MIGOID_HTTPS_PORT=443
EXTOID_HTTPS_PORT=443
EXTOIDC_HTTPS_PORT=443
SID_HTTPS_PORT=443
SFTP_PORT=2222
SFTP_SUBSYS_PORT=22222
SFTP_SHOW_PORT=2222
DAVS_PORT=4443
DAVS_SHOW_PORT=4443
OPENID_PORT=8443
OPENID_SHOW_PORT=443
FTPS_CTRL_PORT=8021
FTPS_CTRL_SHOW_PORT=21
FTPS_PASSIVE_PORTS=8100-8200
# Various helpers
ADMIN_EMAIL="ERDA Info <mig@dev.erda.dk>"
ADMIN_LIST= "/C=DK/ST=NA/L=NA/O=FAKSEK/OU=NA/CN=Jonas Bardino/emailAddress=bardino@science.ku.dk"
LOG_LEVEL=info
TITLE="Electronic Research Data Archive"
SHORT_TITLE=ERDA
MIG_OID_TITLE="Non-KU/UCPH"
EXT_OID_TITLE="KU/UCPH"
PEERS_PERMIT="role_name:.*(vip|tap)"
VGRID_CREATORS="role_name:.*(vip|tap)"
VGRID_MANAGERS="distinguished_name:.*"
# Which site setup flavor to emulate regarding skin, etc.
# {migrid, idmc, erda, sif}
EMULATE_FLAVOR=erda
# and the corresponding FQDN used e.g. in that flavor index-FQDN.html
EMULATE_FQDN=erda.dk
#SKIN_SUFFIX=basic
SKIN_SUFFIX=ucph-science
# Site settings
ENABLE_OPENID=True
ENABLE_SFTP=True
ENABLE_SFTP_SUSBSYS=True
ENABLE_DAVS=True
ENABLE_FTPS=True
ENABLE_SHARELINKS=True
ENABLE_TRANSFERS=True
ENABLE_DUPLICATI=True
ENABLE_SEAFILE=False
ENABLE_SANDBOXES=False
ENABLE_VMACHINES=False
ENABLE_CRONTAB=True
ENABLE_JOBS=False
ENABLE_RESOURCES=False
ENABLE_EVENTS=False
ENABLE_FREEZE=True
ENABLE_CRACKLIB=True
ENABLE_IMNOTIFY=False
ENABLE_NOTIFY=True
ENABLE_PREVIEW=False
ENABLE_WORKFLOWS=False
ENABLE_VERIFY_CERTS=True
ENABLE_JUPYTER=True
ENABLE_TWOFACTOR=True
ENABLE_TWOFACTOR_STRICT_ADDRESS=False
ENABLE_PEERS=True
PEERS_MANDATORY=True
PEERS_EXPLICIT_FIELDS="full_name email"
PEERS_CONTACT_HINT="employed at UCPH and authorized to invite you as peer"
ENABLE_MIGADMIN=True
ENABLE_GDP=False
GDP_EMAIL_NOTIFY=False
ENABLE_SELF_SIGNED_CERTS=False
UPGRADE_MOD_AUTH_OPENIDC=False
PUBKEY_FROM_DNS=False
MODERN_WSGIDAV=True
PREFER_PYTHON3=True
SIGNUP_METHODS="migoid migcert"
LOGIN_METHODS="migoid migcert"
USER_INTERFACES="V3 V2"
AUTO_ADD_CERT_USER=True
AUTO_ADD_OID_USER=True
AUTO_ADD_OIDC_USER=True
CERT_VALID_DAYS=365
OID_VALID_DAYS=365
GENERIC_VALID_DAYS=365
VGRID_LABEL=Workgroup
# Menu options override default and available extra Apps on personal Home page
DEFAULT_MENU="home files vgrids archives jupyter settings setup logout"
USER_MENU="sharelinks seafile crontab transfers cloud people downloads peers docs migadmin"
# Site-specific javascript and stylesheets to inject on user pages
#EXTRA_USERPAGE_SCRIPTS="https://ui-sid.erda.dk/images/js/hello.js"
EXTRA_USERPAGE_SCRIPTS=""
EXTRA_USERPAGE_STYLES=""
# Which svn repo and version of migrid should be used
MIG_SVN_REPO=https://svn.code.sf.net/p/migrid/code/trunk
MIG_SVN_REV=5571
# NOTE: use 'git experimental' here for future python3 version
# Which git repo and version of migrid should be used
MIG_GIT_REPO=https://github.com/ucphhpc/migrid-sync.git
#MIG_GIT_BRANCH=edge
#MIG_GIT_REV=135ef7485801f3a7436b92ad48e620ca241dda28
MIG_GIT_BRANCH=experimental
MIG_GIT_REV=35dd1a2a55ef25858bca15f1c3e43cb261b76484
# Run migrid IO daemons from individual isolated containers
COMPOSE_PROFILES=multi
# Toggle future Python3 support
WITH_PY3=True
# Toggle git support - effectively switches from SVN to GIT options above
WITH_GIT=True
# Which timezone should the service use
TZ=Europe/Copenhagen
# The URL of the of designated jupyter services
# The url is prefixed by the name of the service itself
JUPYTER_SERVICES="dag.http://dag.test"
# The description associated with each jupyter service
# The key is the name of the service it describes
JUPYTER_SERVICES_DESC="{'dag': '/home/mig/state/wwwpublic/dag_desc.html'}"
# Jupyterhub variables
# Required when the 'auth_state' flag is enabled
# means that the 'hub/setup_jup_crypt_secrets.sh script
# must be sourced before the stack is deployed
# https://jupyterhub.readthedocs.io/en/stable/reference/authenticators.html
JUPYTERHUB_CRYPT_KEY=${JUPYTERHUB_CRYPT_KEY}
# https://jupyterhub.readthedocs.io/en/stable/getting-started/security-basics.html#generating-and-storing-as-an-environment-variable
# Used by the proxy and JupyterHub for authentication
CONFIGPROXY_AUTH_TOKEN=${CONFIGPROXY_AUTH_TOKEN}