2023-09-26 12:15:59 +00:00
|
|
|
[vars]
|
|
|
|
internal_gateway = "<%= @reva_domain %>"
|
|
|
|
provider_domain = "<%= @reva_domain %>"
|
|
|
|
external_reva_endpoint = "https://<%= @reva_domain %>" # append here any route if applicable
|
|
|
|
efss_sciencemesh_endpoint = "https://<%= @customer %>.<%= @domain %>/index.php/apps/sciencemesh/"
|
|
|
|
machine_api_key = "<%= @iopsecret %>"
|
|
|
|
efss_shared_secret = "<%= @shared_secret %>"
|
|
|
|
|
|
|
|
[http]
|
|
|
|
certfile = "/etc/revad/tls/<%= @domain %>.crt"
|
|
|
|
keyfile = "/etc/revad/tls/<%= @domain %>.key"
|
|
|
|
|
2023-02-13 09:44:56 +00:00
|
|
|
[log]
|
|
|
|
level = "debug"
|
|
|
|
|
|
|
|
[shared]
|
2023-09-26 12:15:59 +00:00
|
|
|
gatewaysvc = "{{ vars.internal_gateway }}:19000"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.gateway]
|
2023-09-26 12:15:59 +00:00
|
|
|
address = ":19000"
|
|
|
|
authregistrysvc = "{{ grpc.services.authregistry.address }}"
|
|
|
|
appregistrysvc = "{{ grpc.services.appregistry.address }}"
|
|
|
|
storageregistrysvc = "{{ grpc.services.storageregistry.address }}"
|
|
|
|
preferencessvc = "{{ grpc.services.userprovider.address }}"
|
|
|
|
userprovidersvc = "{{ grpc.services.userprovider.address }}"
|
|
|
|
usershareprovidersvc = "{{ grpc.services.usershareprovider.address }}"
|
|
|
|
ocmcoresvc = "{{ grpc.services.ocmcore.address }}"
|
|
|
|
ocmshareprovidersvc = "{{ grpc.services.ocmshareprovider.address }}"
|
|
|
|
ocminvitemanagersvc = "{{ grpc.services.ocminvitemanager.address }}"
|
|
|
|
ocmproviderauthorizersvc = "{{ grpc.services.ocmproviderauthorizer.address }}"
|
|
|
|
datagateway = "https://{{ http.services.datagateway.address }}/data"
|
|
|
|
|
|
|
|
transfer_expires = 6 # give it a moment
|
|
|
|
commit_share_to_storage_grant = true
|
|
|
|
commit_share_to_storage_ref = true
|
|
|
|
|
|
|
|
[grpc.services.appregistry]
|
|
|
|
driver = "static"
|
|
|
|
|
|
|
|
[grpc.services.appregistry.drivers.static]
|
|
|
|
mime_types = [
|
|
|
|
{"mime_type" = "text/plain", "extension" = "txt", "name" = "Text file", "description" = "Text file", "allow_creation" = true},
|
|
|
|
{"mime_type" = "text/markdown", "extension" = "md", "name" = "Markdown file", "description" = "Markdown file", "allow_creation" = true},
|
|
|
|
{"mime_type" = "application/vnd.oasis.opendocument.text", "extension" = "odt", "name" = "OpenDocument", "description" = "OpenDocument text document", "default_app" = "Collabora", "allow_creation" = true},
|
|
|
|
{"mime_type" = "application/vnd.oasis.opendocument.spreadsheet", "extension" = "ods", "name" = "OpenSpreadsheet", "description" = "OpenDocument spreadsheet document", "default_app" = "Collabora", "allow_creation" = true},
|
|
|
|
{"mime_type" = "application/vnd.oasis.opendocument.presentation", "extension" = "odp", "name" = "OpenPresentation", "description" = "OpenDocument presentation document", "default_app" = "Collabora", "allow_creation" = true},
|
|
|
|
{"mime_type" = "application/vnd.jupyter", "extension" = "ipynb", "name" = "Jupyter Notebook", "description" = "Jupyter Notebook"}
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
### AUTH PROVIDERS ###
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.authregistry]
|
|
|
|
driver = "static"
|
|
|
|
|
|
|
|
[grpc.services.authregistry.drivers.static.rules]
|
2023-09-26 12:15:59 +00:00
|
|
|
basic = "{{ grpc.services.authprovider[0].address }}"
|
|
|
|
machine = "{{ grpc.services.authprovider[1].address }}"
|
|
|
|
ocmshares = "{{ grpc.services.authprovider[2].address }}"
|
|
|
|
|
|
|
|
[[grpc.services.authprovider]]
|
|
|
|
auth_manager = "nextcloud"
|
|
|
|
|
|
|
|
[grpc.services.authprovider.auth_managers.nextcloud]
|
|
|
|
endpoint = "{{ vars.efss_sciencemesh_endpoint }}"
|
|
|
|
shared_secret = "{{ vars.efss_shared_secret }}"
|
|
|
|
mock_http = false
|
|
|
|
|
|
|
|
[[grpc.services.authprovider]]
|
|
|
|
auth_manager = "machine"
|
|
|
|
|
|
|
|
[grpc.services.authprovider.auth_managers.machine]
|
|
|
|
api_key = "{{ vars.machine_api_key }}"
|
|
|
|
gateway_addr = "{{ vars.internal_gateway }}:19000"
|
|
|
|
|
|
|
|
[[grpc.services.authprovider]]
|
|
|
|
auth_manager = "ocmshares"
|
|
|
|
|
|
|
|
|
|
|
|
### STORAGE PROVIDERS ###
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.storageregistry]
|
|
|
|
driver = "static"
|
|
|
|
|
|
|
|
[grpc.services.storageregistry.drivers.static]
|
|
|
|
home_provider = "/home"
|
|
|
|
|
|
|
|
[grpc.services.storageregistry.drivers.static.rules]
|
2023-09-26 12:15:59 +00:00
|
|
|
"/home" = {"address" = "{{ grpc.services.storageprovider[0].address }}"}
|
|
|
|
"nextcloud" = {"address" = "{{ grpc.services.storageprovider[0].address }}"}
|
|
|
|
"/ocm" = {"address" = "{{ grpc.services.storageprovider[1].address }}"}
|
|
|
|
"ocm" = {"address" = "{{ grpc.services.storageprovider[1].address }}"}
|
|
|
|
|
|
|
|
[[grpc.services.storageprovider]]
|
|
|
|
driver = "nextcloud"
|
|
|
|
mount_id = "nextcloud"
|
|
|
|
expose_data_server = true
|
|
|
|
enable_home_creation = false
|
|
|
|
data_server_url = "https://localhost:{{ http.services.dataprovider[0].address.port }}/data"
|
|
|
|
|
|
|
|
[grpc.services.storageprovider.drivers.nextcloud]
|
|
|
|
endpoint = "{{ vars.efss_sciencemesh_endpoint }}"
|
|
|
|
shared_secret = "{{ vars.efss_shared_secret }}"
|
|
|
|
mock_http = false
|
|
|
|
|
|
|
|
[[grpc.services.storageprovider]]
|
|
|
|
driver = "ocmoutcoming"
|
|
|
|
mount_id = "ocm"
|
|
|
|
mount_path = "/ocm"
|
|
|
|
expose_data_server = true
|
|
|
|
enable_home_creation = false
|
|
|
|
data_server_url = "{{ vars.external_reva_endpoint }}/data"
|
|
|
|
|
|
|
|
[grpc.services.storageprovider.drivers.ocmoutcoming]
|
|
|
|
machine_secret = "{{ vars.machine_api_key }}"
|
|
|
|
|
|
|
|
|
|
|
|
### OTHER PROVIDERS ###
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.usershareprovider]
|
|
|
|
driver = "memory"
|
|
|
|
|
|
|
|
[grpc.services.ocmcore]
|
|
|
|
driver = "nextcloud"
|
|
|
|
|
|
|
|
[grpc.services.ocmcore.drivers.nextcloud]
|
2023-09-26 12:15:59 +00:00
|
|
|
host = "{{ vars.external_reva_endpoint }}"
|
|
|
|
endpoint = "{{ vars.efss_sciencemesh_endpoint }}"
|
|
|
|
shared_secret = "{{ vars.efss_shared_secret }}"
|
2023-02-13 09:44:56 +00:00
|
|
|
mock_http = false
|
|
|
|
|
|
|
|
[grpc.services.ocminvitemanager]
|
2023-09-26 12:15:59 +00:00
|
|
|
# TODO the driver should be "nextcloud" once it is implemented
|
2023-02-13 09:44:56 +00:00
|
|
|
driver = "json"
|
2023-09-26 12:15:59 +00:00
|
|
|
provider_domain = "{{ vars.provider_domain }}"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.ocmshareprovider]
|
|
|
|
driver = "nextcloud"
|
2023-09-26 12:15:59 +00:00
|
|
|
provider_domain = "{{ vars.provider_domain }}"
|
|
|
|
webdav_endpoint = "{{ vars.external_reva_endpoint }}"
|
|
|
|
webdav_prefix = "{{ vars.external_reva_endpoint }}/remote.php/dav/files"
|
|
|
|
# TODO the following should become {{ vars.external_reva_endpoint }}/external/{{.Token}}/...
|
|
|
|
webapp_template = "https://your.revad.org/external/sciencemesh/{{.Token}}/{relative-path-to-shared-resource}"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.ocmshareprovider.drivers.nextcloud]
|
2023-09-26 12:15:59 +00:00
|
|
|
webdav_host = "{{ vars.external_reva_endpoint }}"
|
|
|
|
endpoint = "{{ vars.efss_sciencemesh_endpoint }}"
|
|
|
|
shared_secret = "{{ vars.efss_shared_secret }}"
|
2023-02-13 09:44:56 +00:00
|
|
|
mock_http = false
|
2023-09-26 12:15:59 +00:00
|
|
|
mount_id = "nextcloud"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.ocmproviderauthorizer]
|
2023-09-26 12:15:59 +00:00
|
|
|
driver = "mentix"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[grpc.services.ocmproviderauthorizer.drivers.mentix]
|
|
|
|
url = "https://iop.sciencemesh.uni-muenster.de/iop/mentix/cs3"
|
2023-09-26 12:15:59 +00:00
|
|
|
verify_request_hostname = true
|
2023-02-13 09:44:56 +00:00
|
|
|
insecure = false
|
|
|
|
timeout = 10
|
|
|
|
refresh = 900
|
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.ocmproviderauthorizer.drivers.json]
|
|
|
|
# this is used by the docker-based test deployment, not in production
|
|
|
|
providers = "providers.testnet.json"
|
|
|
|
verify_request_hostname = true
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.userprovider]
|
|
|
|
driver = "nextcloud"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.userprovider.drivers.nextcloud]
|
|
|
|
endpoint = "{{ vars.efss_sciencemesh_endpoint }}"
|
|
|
|
shared_secret = "{{ vars.efss_shared_secret }}"
|
|
|
|
mock_http = false
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.datatx]
|
|
|
|
txdriver = "rclone"
|
|
|
|
storagedriver = "json"
|
|
|
|
remove_transfer_on_cancel = true
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.datatx.txdrivers.rclone]
|
|
|
|
# rclone endpoint
|
|
|
|
endpoint = "http://rclone.docker"
|
|
|
|
# basic auth is used
|
|
|
|
auth_user = "rcloneuser"
|
|
|
|
auth_pass = "eilohtho9oTahsuongeeTh7reedahPo1Ohwi3aek"
|
|
|
|
auth_header = "x-access-token"
|
|
|
|
job_status_check_interval = 2000
|
|
|
|
job_timeout = 120000
|
|
|
|
storagedriver = "json"
|
|
|
|
remove_transfer_job_on_cancel = true
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.datatx.storagedrivers.json]
|
|
|
|
file = ""
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[grpc.services.datatx.txdrivers.rclone.storagedrivers.json]
|
|
|
|
file = ""
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
### HTTP ENDPOINTS ###
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[http.services.appprovider]
|
|
|
|
address = ":443"
|
|
|
|
insecure = true
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[http.services.datagateway]
|
|
|
|
address = ":443"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[[http.services.dataprovider]]
|
2023-02-13 09:44:56 +00:00
|
|
|
driver = "nextcloud"
|
|
|
|
|
|
|
|
[http.services.dataprovider.drivers.nextcloud]
|
2023-09-26 12:15:59 +00:00
|
|
|
endpoint = "{{ vars.efss_sciencemesh_endpoint }}"
|
|
|
|
shared_secret = "{{ vars.efss_shared_secret }}"
|
2023-02-13 09:44:56 +00:00
|
|
|
mock_http = false
|
|
|
|
|
2023-09-26 12:15:59 +00:00
|
|
|
[[http.services.dataprovider]]
|
|
|
|
address = ":443"
|
|
|
|
driver = "ocmoutcoming"
|
|
|
|
|
|
|
|
[http.services.dataprovider.drivers.ocmoutcoming]
|
|
|
|
machine_secret = "{{ vars.machine_api_key }}"
|
|
|
|
|
|
|
|
[http.services.sciencemesh]
|
|
|
|
address = ":443"
|
|
|
|
provider_domain = "{{ vars.provider_domain }}"
|
|
|
|
mesh_directory_url = "https://sciencemesh.cesnet.cz/iop/meshdir"
|
|
|
|
ocm_mount_point = "/sciencemesh"
|
|
|
|
|
|
|
|
[http.services.sciencemesh.smtp_credentials]
|
|
|
|
disable_auth = false
|
2023-09-26 12:38:44 +00:00
|
|
|
sender_mail = "noreply@<%= @domain %>"
|
|
|
|
sender_login = "noreply@<%= @domain %>"
|
|
|
|
sender_password = "<%= @smtp_credentials %>"
|
2023-09-26 12:15:59 +00:00
|
|
|
smtp_server = "smtp.sunet.se"
|
|
|
|
smtp_port = 587
|
|
|
|
|
|
|
|
[http.services.ocmprovider]
|
|
|
|
address = ":443"
|
|
|
|
ocm_prefix = "ocm"
|
|
|
|
provider = "Reva for ownCloud/Nextcloud"
|
|
|
|
endpoint = "{{ vars.external_reva_endpoint }}"
|
|
|
|
enable_webapp = true
|
|
|
|
enable_datatx = true
|
|
|
|
|
2023-02-13 09:44:56 +00:00
|
|
|
[http.services.ocmd]
|
2023-09-26 12:15:59 +00:00
|
|
|
address = ":443"
|
2023-02-13 09:44:56 +00:00
|
|
|
prefix = "ocm"
|
|
|
|
|
|
|
|
[http.services.ocmd.config]
|
2023-09-26 12:15:59 +00:00
|
|
|
host = "{{ vars.provider_domain }}"
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[http.services.ocs]
|
2023-09-26 12:15:59 +00:00
|
|
|
address = ":443"
|
2023-02-13 09:44:56 +00:00
|
|
|
prefix = "ocs"
|
|
|
|
|
|
|
|
[http.services.ocdav]
|
2023-09-26 12:15:59 +00:00
|
|
|
address = ":443"
|
|
|
|
|
|
|
|
[http.services.prometheus]
|
|
|
|
address = ":443"
|
|
|
|
|
|
|
|
[http.services.metrics]
|
|
|
|
address = ":443"
|
|
|
|
metrics_data_driver_type = "json"
|
|
|
|
metrics_data_location = "/etc/revad/metrics.json"
|
|
|
|
metrics_record_interval = 5000
|
|
|
|
|
|
|
|
[http.services.sysinfo]
|
2023-02-13 09:44:56 +00:00
|
|
|
|
|
|
|
[http.middlewares.cors]
|
2023-09-26 12:15:59 +00:00
|
|
|
[http.middlewares.log]
|