/
.env
209 lines (193 loc) · 8.37 KB
/
.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
# Here are defined the environement variables to configure the docker image inseefrlab/onyxia-web.
# Thoses parameters are mostly related to cosmetic configurations.
#
# Example of a value.yaml file:
#
# web:
# # Parameters inseefrlab/onyxia-web, you are reading the file where they are defined.
# env:
# THEME_ID=ultraviolet
# TERMS_OF_SERVICES: |
# {
# "en": "https://www.sspcloud.fr/tos_en.md",
# "fr": "https://www.sspcloud.fr/tos_fr.md"
# }
# api:
# # Parameters of the Docker image inseefrlab/onyxia-api, defined in /api/README.md
# env:
# security.cors.allowed_origins: http://localhost:3000
# authentication.mode: openidconnect
# keycloak.realm: datalab
# keycloak.auth-server-url: https://auth.lab.my-domain.net/auth
# regions:
# [
# {
# "id":"demo",
# "name":"Demo",
#
#
# As you can see in the example above, you can omit the REACT_APP_ prefix when defining the parameters in the values.yaml file.
# ===== Keycloak parameters =====
# OPTIONAL, optional, if not specified, when user authentication is requested, a Jhon Doe user will be assumed connected.
REACT_APP_KEYCLOAK_URL=
REACT_APP_KEYCLOAK_CLIENT_ID=onyxia
# MANDATORY if OIDC_URL provided
REACT_APP_KEYCLOAK_REALM=
# Expect either an url that point to a CORS enabled Markdown
# e.g.: =https://www.sspcloud.fr/tos_en.md
# or a record language-url:
# TERMS_OF_SERVICES: |
# { "en": "https://sspcloud.fr/tos_en.md" "fr": "https://sspcloud.fr/tos_fr.md" }
REACT_APP_TERMS_OF_SERVICES=
# ===== UI Customization ======
# Can be one of onyxia, france or ultraviolet
REACT_APP_THEME_ID=onyxia
# This parameter allows you to override some, or all, of the color palette values for the selected theme.
#
# Please adhere to the JSON format outlined in the following object:
# https://github.com/InseeFrLab/onyxia-ui/blob/0fa8667227aac328cb685cc140f3cd2186956304/src/lib/color.ts#L15-L53
#
# Should you desire to personalize the color palette without the assistance of a UI designer,
# there is a simple way. You can copy and paste the default palette and request ChatGPT to
# propose a variation. For instance, you might want to emphasize a specific color, like
# "TypeScript's blue". ChatGPT can use that as a reference to generate a new color scheme
# tailored to your preference.
#
# Example:
#
# PALETTE_OVERRIDE: |
# {
# "focus": {
# "main": "#00824D",
# "light": "#00824D",
# "light2": "#00FFC2"
# }
# }
REACT_APP_PALETTE_OVERRIDE=
# For Customizing this text: https://user-images.githubusercontent.com/6702424/152652494-7c2e2515-23f2-4b06-bd9f-15c00173bb66.png
REACT_APP_HEADER_ORGANIZATION=
# For customizing this text: https://user-images.githubusercontent.com/6702424/152652533-b97512ca-f6f4-4aa8-a91f-96988181902c.png
REACT_APP_HEADER_USECASE_DESCRIPTION=Datalab
# If we should hide: https://user-images.githubusercontent.com/6702424/152916796-f93de2e4-b3d8-4214-bb01-628704562421.png
REACT_APP_HEADER_HIDE_ONYXIA=false
REACT_APP_DISABLE_HOME_PAGE=false
# Enable to share a communication message to all users, it will be displayed in a banner on the top of the page.
# https://github.com/inseefrlab/onyxia/assets/6702424/5c3345a6-b3e1-4620-af21-d8a4dad72af9
#
# Examples:
#
# GLOBAL_ALERT: "See what's **new**! [Blog post](https://example.com)!"
#
# You can also provide a severity among info, success, warning, error
#
# GLOBAL_ALERT: |
# {
# "severity": "success",
# "message": "See what's **new**! [Blog post](https://example.com)!"
# }
#
# You can localize the message by providing a map language iso2 -> message
#
# GLOBAL_ALERT: |
# {
# "en": "See what's **new**! [Blog post](https://example.com)!",
# "fr": "Voyez ce qui est **nouveau**! [Article de blog](https://example.fr)!"
# }
#
# It works the same when you have a severity
#
# GLOBAL_ALERT: |
# {
# "severity": "success",
# "message": {
# "en": "See what's **new**! [Blog post](https://example.com)!",
# "fr": "Voyez ce qui est **nouveau**! [Article de blog](https://example.fr)!"
# }
# }
#
# Note regarding accessibility, when the message isn't provided under the form of a map language iso2 -> message
# We will assume the message is in english and screen reader will read it with the english synthetizer.
# Even if 100% of your users as french (for example) it's better to provide the message as a map { "fr": "Le message" }
# rather that just "Le message".
#
REACT_APP_GLOBAL_ALERT=
# To add external links in the left bar.
# In Values.yaml you can go multi line by using '|' but in .env file it must be on a sigle line. (see .env.local.sample)
# 'icon' must be a valid icon identifier from: https://github.com/inseefrlab/onyxia/blob/main/src/ui/theme.tsx#L115-L159
# 'label' can either be a string or a map language iso2 -> text. Not every supported language have to include a translation.
# EXTRA_LEFTBAR_ITEMS: |
# [
# {
# "label": "Legacy",
# "iconId": "search",
# "url": "https://aws.amazon.com/",
# },
# {
# "label": { "en": "My link", "fr": "Mon lien" },
# "iconId": "code",
# "url": "https://example.com/",
# }
# ];
REACT_APP_EXTRA_LEFTBAR_ITEMS=
# Same format as the above but for the links in the header
# https://user-images.githubusercontent.com/6702424/152692462-33a8589e-485f-45c9-93c7-0b945980aaf5.png
REACT_APP_HEADER_LINKS=
# Description used in the preview card for social media: https://user-images.githubusercontent.com/6702424/152668805-d1e055e0-2d9d-4b6c-9bc7-fba0093855aa.png
REACT_APP_DESCRIPTION=Data science oriented container launcher
# =============================================================================
# Environment Variable: DISABLE_AUTO_LAUNCH
# =============================================================================
#
# Default Value: false
#
# Description:
# The DISABLE_AUTO_LAUNCH environment variable controls the automatic service
# launching behavior of Onyxia based on URL query parameters. When set to true,
# the "autoLaunch" feature is disabled, enhancing the security of the platform
# by requiring users to manually launch services.
#
# Context:
# - AutoLaunch Feature: Onyxia allows sharing URLs that encode a particular
# service configuration. These URLs support an autoLaunch=true query parameter
# that triggers automatic service launch upon user authentication.
# - Use Case: Our training platform (https://www.sspcloud.fr/formation) makes
# heavy use of this feature for seamless integration between the course catalog
# and Onyxia instances.
#
# Security Concerns:
# The autoLaunch feature may introduce security vulnerabilities as the URL can
# be configured to execute scripts within the user's Kubernetes namespace.
#
# Behavior:
# - When DISABLE_AUTO_LAUNCH=true:
# - The "autoLaunch" feature is deactivated.
# - Users clicking a URL with autoLaunch=true will see a message prompting them
# to review service parameters. The message cautions: "Someone might be attempting
# to get access to your cluster information. Make sure everything looks good,
# particularly check for any suspicious initialization scripts."
# - Users must manually launch services, offering a chance to review parameters.
# - When DISABLE_AUTO_LAUNCH=false (Default):
# - The "autoLaunch" feature is active.
# - Services are automatically launched based on URL configuration post-authentication.
# - Note: To enhance security, you can define an x-security pattern in your catalog
# options. This allows fine-tuning of what's considered a sensitive parameter.
# If such a parameter is changed, auto-launch is prevented. Documentation for
# the x-security feature is forthcoming.
#
REACT_APP_DISABLE_AUTO_LAUNCH=false
# DISABLE_PERSONAL_INFOS_INJECTION_IN_GROUP Configuration
# Default Value: false
#
# When this variable is set to 'true', it disables the injection of personal information
# into the Onyxia values for group projects. Specifically, it prevents:
# - Git credentials from being injected
# - Vault credentials from being injected
# - S3 credentials from being injected
# - Kaggle token from being injected
#
# To enable this security feature, set the value to 'true'.
REACT_APP_DISABLE_PERSONAL_INFOS_INJECTION_IN_GROUP=false
# ===== Devlevel params ======
REACT_APP_ONYXIA_API_URL=/api
# https://github.com/facebook/create-react-app/discussions/11767#discussioncomment-1968889
GENERATE_SOURCEMAP=false