-
Notifications
You must be signed in to change notification settings - Fork 6
/
env.local.example
213 lines (191 loc) · 9.1 KB
/
env.local.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
#############################################################################
# Mandatory vars (will be enforced by pavics-compose.sh)
# Can add new vars but do not remove, else automated deployment will break
#
# Do NOT use environment variables in here since when pavics-compose.sh runs
# inside a container, the environment vars do not have the same value.
#############################################################################
export SSL_CERTIFICATE="/path/to/ssl/cert.pem" # path to the nginx ssl certificate, path and key bundle
export PAVICS_FQDN="hostname.domainname" # Fully qualified domain name of this Pavics installation
export DOC_URL="https://www.example.com/" # URL where /doc gets redirected
export MAGPIE_SECRET=itzaseekrit
export MAGPIE_ADMIN_USERNAME=admin
export MAGPIE_ADMIN_PASSWORD=qwerty
export TWITCHER_PROTECTED_PATH=/twitcher/ows/proxy
export PHOENIX_PASSWORD=phoenix_pass
export PHOENIX_PASSWORD_HASH=sha256:123456789012:1234567890123456789012345678901234567890123456789012345678901234
export TOMCAT_NCWMS_PASSWORD=ncwmspass
export SUPPORT_EMAIL=helpdesk@example.com
export CMIP5_THREDDS_ROOT=birdhouse/CMIP5/CCCMA
export JUPYTERHUB_ADMIN_USERS="{'admin'}" # python set syntax
export CATALOG_USERNAME=admin-catalog
export CATALOG_PASSWORD=qwerty
export CATALOG_THREDDS_SERVICE=thredds
export POSTGRES_PAVICS_USERNAME=postgres-pavics
export POSTGRES_PAVICS_PASSWORD=postgres-qwerty
export POSTGRES_MAGPIE_USERNAME=postgres-magpie
export POSTGRES_MAGPIE_PASSWORD=postgres-qwerty
#############################################################################
# Optional vars
#############################################################################
# Extra dirs containing docker-compose-extra.yml file to override the default
# docker-compose.yml file. Inside each extra dir, there must be a
# docker-compose-extra.yml file. If this file is not found, the dir is
# ignored.
#
# Useful to split configs into different dirs leveraging docker-compose
# override capabilities, see https://docs.docker.com/compose/extends/.
#
# Possible use-cases:
#
# * Split config to have all private and sensitive infos in a different
# config dir.
#
# * Manage different env (prod, stating, dev, ...) with each env specific
# config in its own dir leaving the default config dir with generic/common
# config only.
#
# * Assemble different combinations of components/functionalities by including
# only the config/docker-compose fragment necessary.
#
# Last dir/docker-compose fragment in the list have highest override precedence.
# Ex: last docker-compose volume mount to same destination win over the
# previous docker-compose volume mount.
#
# Format: space separated list of dirs
#
#export EXTRA_CONF_DIRS="/path/to/dir1 ./path/to/dir2 dir3 dir4"
#export EXTRA_CONF_DIRS="./optional-components/canarie-api-full-monitoring
# ./optional-components/emu /path/to/private-config-repo"
# Extra repos, than the current repo, the autodeploy should keep up-to-date.
# Any changes to these extra repos will also trigger autodeploy.
#
# Useful to save the instanciated version of this env.local config file and
# any custom docker-compose-extra.yml from the previous EXTRA_CONF_DIRS var.
#
# Note:
#
# * These extra repos should be git repos for the out-of-date detection to
# work to trigger autodeploy. If you just have a regular folder, do not add
# it here, out-of-date detection currently only works for git repos.
#
# * To preserve write permissions for your user, run once for this repo and
# once each time AUTODEPLOY_EXTRA_REPOS changes:
# deployment/fix-write-perm
#
# Format: space separated list of full path to dirs
#export AUTODEPLOY_EXTRA_REPOS="/path/to/dir1 /path/to/dir2 /path/to/dir3"
#export AUTODEPLOY_EXTRA_REPOS="/path/to/private-config-containing-env.local"
# For each git repo in AUTODEPLOY_EXTRA_REPOS that use ssh to clone/fetch
# instead of https, provide its corresponding ssh deploy key in this dir.
#
# See instructions in deployment/deploy.sh or
# https://developer.github.com/v3/guides/managing-deploy-keys/#deploy-keys for
# how to create deploy key for your git repos.
#
# The autodeploy mechanism runs inside its own container so environment
# variables are not the same inside and outside the container. Do not use
# any environment vars, use their fully resolved values.
#
# Format of keys inside the dir: {repo-name-1}_deploy_key,
# {repo-name-2}_deploy_key, ...
#
# If '{repo-name}_deploy_key' file is not found, default to
# 'id_rsa_git_ssh_read_only' so if multiple private repos share the same ssh
# deploy key, you can just name that shared key id_rsa_git_ssh_read_only and
# create {repo-name}_deploy_key only for repo specific key.
#
# Example of keys inside the dir: dir1_deploy_key, dir2_deploy_key,
# private-config-containing-env.local_deploy_key,
# id_rsa_git_ssh_read_only
#
#export AUTODEPLOY_DEPLOY_KEY_ROOT_DIR="/path/to/ssh-deploy-keys-for-all-repos"
# Frequency to trigger the various autodeploy tasks.
# See common.env for default.
#
# For all possible syntax, see implementation at
# https://github.com/Ouranosinc/docker-crontab/blob/3ac8cfa363b3f2ffdd0ead6089d355ff84521dc9/docker-entrypoint#L137-L184
#
# Ex:
# - daily at 5:07 AM: "7 5 * * *"
# - daily at midnight: "0 0 * * *" or "@daily"/"@midnight"
# - hourly: ""0 * * * *" or "@hourly"
# - every 2 hours: "*/120 * * * *" or "@every 2h"
# - every 5 minutes: "*/5 * * * *" or "@every 5m"
#
#export AUTODEPLOY_PLATFORM_FREQUENCY="@every 5m"
#export AUTODEPLOY_NOTEBOOK_FREQUENCY="@every 5m"
# Add more jobs to ./components/scheduler/config.yml
#
# Potential usages: other deployment, backup jobs on the same machine
#
#export AUTODEPLOY_EXTRA_SCHEDULER_JOBS=""
# Public (on the internet) fully qualified domain name of this Pavics
# installation. This is optional so default to the same internal PAVICS_FQDN if
# not set.
#export PAVICS_FQDN_PUBLIC="$PAVICS_FQDN"
# If ALLOW_UNSECURE_HTTP is enabled, port 80 will not redirect to 443
# anymore and will have the same service definitions as 443.
#
# This is so we can use pagekite proper SSL certificate. Pagekite will
# hit port 80 instead of 443 and will be the one providing the SSL cert.
#
# Port 443 is still active with whatever the SSL cert it was given before.
#
# Set to "True" to allow traffic on unsecure port 80.
# This is for debugging only, do Not set this on a Production server.
#
#export ALLOW_UNSECURE_HTTP=""
# allow jupyterhub user selection of which notebook image to run
# see https://jupyter-docker-stacks.readthedocs.io/en/latest/using/selecting.html
#export ENABLE_JUPYTERHUB_MULTI_NOTEBOOKS="
#c.DockerSpawner.image_whitelist = {'pavics': os.environ['DOCKER_NOTEBOOK_IMAGE'],
# 'jupyter/scipy-notebook': 'jupyter/scipy-notebook',
# 'jupyter/r-notebook': 'jupyter/r-notebook',
# 'jupyter/tensorflow-notebook': 'jupyter/tensorflow-notebook',
# 'jupyter/datascience-notebook': 'jupyter/datascience-notebook',
# 'jupyter/pyspark-notebook': 'jupyter/pyspark-notebook',
# 'jupyter/all-spark-notebook': 'jupyter/all-spark-notebook',
# }
#"
# The parent folder where all the user notebooks will be stored.
# For example, a user named "bob" will have his data in $JUPYTERHUB_USER_DATA_DIR/bob
# and this folder will be mounted when he logs into JupyterHub.
#export JUPYTERHUB_USER_DATA_DIR=/data/jupyterhub_user_data
# Extra PyWPS config for **all** WPS services (currently only Flyingpigeon, Finch and Raven supported).
# export EXTRA_PYWPS_CONFIG="
# [logging]
# level = DEBUG
# "
# Thredds server customization
#
# Name of organization hosting the Thredds server
#export THREDDS_ORGANIZATION="Birdhouse"
# Allow using Github as external AuthN/AuthZ provider with Magpie
# To setup Github as login, goto <https://github.com/settings/developers> under section [OAuth Apps]
# and create a new Magpie application with configurations:
#
# Homepage URL: https://${PAVICS_FQDN}
# Authorization callback URL: https://${PAVICS_FQDN}/magpie/providers/github/signin
#
# Then, specify obtained Github client ID/Secret for this Magpie OAuth App with following variables.
#
#export GITHUB_CLIENT_ID=####
#export GITHUB_CLIENT_SECRET=####
# Magpie DB name
#export MAGPIE_DB_NAME="magpiedb"
# Set to 'false' if using self-signed SSL certificate
#export VERIFY_SSL="true"
# Jupyter public demo account with limited computing resources for security reasons
#export JUPYTER_DEMO_USER="demo"
# Changing any limits requires restarting the jupyter user server
#export JUPYTER_DEMO_USER_MEM_LIMIT="2G" # ex: 2G, 500M
# See config/jupyterhub/custom_templates/login.html.template
#export JUPYTER_LOGIN_BANNER_TOP_SECTION=""
#export JUPYTER_LOGIN_BANNER_BOTTOM_SECTION=""
#############################################################################
# Emu optional vars
#############################################################################
# To enable emu: add './optional-components/emu' to EXTRA_CONF_DIRS above.
# Emu WPS service image if that testing component is enabled
#export EMU_IMAGE="tlvu/emu:watchdog"