-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathconfig.yaml.defaults
158 lines (130 loc) · 4.62 KB
/
config.yaml.defaults
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
app:
title: Baselayer Example App
secret_key: abc01234 # This secret key can be any random string of
# characters.
#
# You should re-generate this for your application
# using:
#
# base64.b64encode(os.urandom(50)).decode('ascii')
factory:
database:
database:
host: localhost
port: 5432
user:
password:
paths:
downloads_folder: '/tmp'
server:
# Set this to true if the URL of your server is expected to be secure, i.e.
# https://...
# E.g., if you are using an HTTPS load balancer, this value will likely be true.
#
# Also see `ssl_certificate` for running nginx in SSL mode.
ssl: False
# If you are using certificates, you can specify them here
# See http://nginx.org/en/docs/http/configuring_https_servers.html for details
ssl_certificate:
ssl_certificate_key:
# According to the Tornado docs at
# https://www.tornadoweb.org/en/stable/guide/running.html#processes-and-ports:
#
# Due to the Python GIL (Global Interpreter Lock), it is necessary
# to run multiple Python processes to take full advantage of
# multi-CPU machines. Typically it is best to run one process per
# CPU.
processes: 4
# How many of the above processes should be dedicated to
# frontend only (i.e., no token authorized API requests)
dedicated_frontend_processes: 2
# The max size of a request body in megabytes (M)
max_body_size: 10
# nginx parameter which sets both the time in seconds before which
# the server is considered unavailable and the subsequent period of
# time the server will be unavailable
fail_timeout: 20
# Rate limit: number of requests per second (see https://www.nginx.com/blog/rate-limiting-nginx/)
rate_limit: 5
# Rate limit burst size (https://www.nginx.com/blog/rate-limiting-nginx/#bursts)
burst: 10
# In addition to the local network, specify any IP addresses that are to be
# exempt from API rate limiting
whitelisted_ips: []
# Specify IPs or address ranges (e.g., 130.211.0.0/22) that are associated
# with upstream load balancing.
# These trusted addresses are used to uncover the originating IP.
loadbalancer_ips: []
# From https://console.developers.google.com/
#
# - Create Client ID
# - Javascript origins: https://localhost:5000
# - Authorized redirect URLs: http://localhost:5000/complete/google-oauth2/
#
# You need to have Google+ API enabled; it takes a few minutes to activate.
auth:
debug_login: False
google_oauth2_key:
google_oauth2_secret:
google_oauth2_timeout: 15
services:
paths:
- ./baselayer/services
- ./services
# By default, all services other than dask are enabled.
# Use this list to add services if 'disabled' is set to '*'
enabled:
# A list of service names, or '*'
disabled:
- dask
# You can use disabled to disable specific services, or '*' to disable them all
log:
# if true, log all API calls, including successful ones, if false,
# log only those that trigger a warning / error
api_calls: False
# SQL logging
# see e.g. https://docs.sqlalchemy.org/en/20/core/engines.html#configuring-logging
# if True, enable SQL echoing.
database: False
# if True, enable connection pool logging
database_pool: False
ports:
websocket: 64000
fake_oauth: 63000
app: 5000
app_http_proxy: 5001
app_internal: 65000 # nginx forwards this port to ports:app
dask: 63500
websocket_path_in: 'ipc://run/message_flow_in'
websocket_path_out: 'ipc://run/message_flow_out'
status: 64500
migration_manager: 64501
external_logging:
papertrail:
# get an account at https://papertrailapp.com
enabled: False
# change url to the correct subdomain for your account
# and change the port as well
url:
port:
# which log files, if any do you not want to send over to the 3rd party?
excluded_log_files: [""]
security:
strict: true
slack:
enabled: false
url: null
# You can schedule jobs to run at a certain time interval (given in minutes).
#
# If baselayer is not running at the time the job is supposed to run,
# it will be run when fired up the next time.
#
# If a "limit" is provided, the cron job will only executed between
# the start and end times given.
#
# cron:
# - interval: 1
# script: tools/1_minute.py
# - interval: 5
# script: tools/5_minute.py
# limit: ["01:00", "02:00"]