-
Notifications
You must be signed in to change notification settings - Fork 21
/
Copy pathmain.yml
490 lines (466 loc) · 14.7 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
---
# dataverse/defaults/main.yml
# un-nested so we can pass them at the CLI
dataverse_branch: release
dataverse_repo: https://github.com/IQSS/dataverse.git
# To use a dvinstall.zip from a different location than IQSS:
# dataverse_installer_url: https://example.com/path/to/dvinstall.zip
# set this to true for troubleshooting
any_errors_fatal: false
apache:
enabled: true
public_fqdn:
ssl:
enabled: false
remote_cert: false
port: 443
cert:
interm:
key:
pem:
cert:
key:
interm:
port: 80
use_ajp: true
behind_reverse_proxy: false
behind_ssl_reverse_proxy: false
block:
admin: true
builtin_users: true
destroy: true
sword: false
letsencrypt:
enabled: false
certbot:
autorenew: true
email:
user: certbot
# Use the letsencrypt staging server for deployment tests
# to avoid rate limiting:
# https://letsencrypt.org/docs/duplicate-certificate-limit/
test_cert: false
dataverse_misc_files_dir: '/opt/dv'
dataverse:
adminpass: admin1
allow_signups: true
api:
allow_lookup: false
blocked_endpoints: "admin,builtin-users,test"
blocked_policy: "localhost-only"
location: "http://localhost:8080/api"
test_suite: false
# possible test values from https://github.com/IQSS/dataverse/blob/develop/conf/docker-aio/run-test-suite.sh#L11
# beware DataversesIT and DatasetsIT at minimum must be run for any other tests to succeed. have fun.
#tests: "DataversesIT,DatasetsIT,AdminIT"
tests: default
branding:
enabled: false
directory: "{{ playbook_dir }}/files/branding"
favicons_directory: "{{ playbook_dir }}/files/favicons"
fileSettings:
- setting: HeaderCustomizationFile
file: custom-header.html
- setting: StyleCustomizationFile
file: custom-stylesheet.css
- setting: LogoCustomizationFile
file: topbanner001w425_darkbg.png'
otherSettings:
- setting: FooterCopyright
value: Your institute name here
language:
enabled: false # setting this to true allows the language task to run
languages:
- locale: en_US
title: English
- locale: de_DE
title: Deutsch
language_packs:
source: https://github.com/GlobalDataverseCommunityConsortium/dataverse-language-packs.git
version: develop
lang_directory: "{{ dataverse_misc_files_dir }}/lang"
licenses:
enabled: false
user: dataverseAdmin
licenses:
- name: CC0 1.0
uri: http://creativecommons.org/publicdomain/zero/1.0
shortDescription: Creative Commons CC0 1.0 Universal Public Domain Dedication.
iconUrl: https://licensebuttons.net/p/zero/1.0/88x31.png
active: true
sortOrder: 1
- name: CC BY 4.0
uri: http://creativecommons.org/licenses/by/4.0
shortDescription: Creative Commons Attribution 4.0 International License.
iconUrl: https://licensebuttons.net/l/by/4.0/88x31.png
active: true
sortOrder: 2
- name: CC BY-NC 4.0
uri: http://creativecommons.org/licenses/by-nc/4.0
shortDescription: Creative Commons Attribution-NonCommercial 4.0 International License.
iconUrl: https://licensebuttons.net/l/by-nc/4.0/88x31.png
active: true
sortOrder: 3
- name: CC BY-NC-ND 4.0
uri: http://creativecommons.org/licenses/by-nc-nd/4.0
shortDescription: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
iconUrl: https://licensebuttons.net/l/by-nc-nd/4.0/88x31.png
active: true
sortOrder: 4
- name: CC BY-NC-SA 4.0
uri: http://creativecommons.org/licenses/by-nc-sa/4.0
shortDescription: Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
iconUrl: https://licensebuttons.net/l/by-nc-sa/4.0/88x31.png
active: true
sortOrder: 5
- name: CC BY-ND 4.0
uri: http://creativecommons.org/licenses/by-nd/4.0
shortDescription: Creative Commons Attribution-NoDerivatives 4.0 International License.
iconUrl: https://licensebuttons.net/l/by-nd/4.0/88x31.png
active: true
sortOrder: 6
- name: CC BY-SA 4.0
uri: http://creativecommons.org/licenses/by-sa/4.0
shortDescription: Creative Commons Attribution-ShareAlike 4.0 International License.
iconUrl: https://licensebuttons.net/l/by-sa/4.0/88x31.png
active: true
sortOrder: 7
copyright: "Your Institution"
counter:
enabled: false
#geoipdir: maxmind_geoip
#geoipfile: GeoLite2-Country.mmdb
hub_api_token: set_me_in_secrets
hub_base_url: "https://api.datacite.org"
machines_url: "https://raw.githubusercontent.com/CDLUC3/Make-Data-Count/master/user-agents/lists/machine.txt"
maxmind_geoip_country_path: "maxmind_geoip/GeoLite2-Country.mmdb"
output_file: "/dataverse/sushi_sample_logs"
output_format: json
platform: dash
robots_url: "https://raw.githubusercontent.com/CDLUC3/Make-Data-Count/master/user-agents/lists/robot.txt"
version: "0.1.04"
upload_to_hub: False
user: counter
year_month: "2018-05"
custom_metadata_blocks:
enabled: false
urls:
- https://github.com/IQSS/dataverse/files/3744336/codemeta.tsv.txt
default:
config:
storage_id: file
demo: false
pid:
authority: "10.5072"
protocol: doi
shoulder: "FK2/"
doi:
baseurl: "https://mds.test.datacite.org/"
dataciterestapiurl: "https://api.test.datacite.org"
mdcbaseurl: "https://api.test.datacite.org/"
provider: FAKE
username: "testaccount"
password: "notmypassword"
## Handlenet variables are only used if dataverse.pid.protocol is set to 'hdl'
handlenet:
independenthandleservice: 'false'
# handleauthhandle: YOUR:HANDLE/USERNAME
admcredfile: "{{ dataverse_misc_files_dir }}/admpriv.bin"
admcredfile_source: files/handlenet/admcredfile
# admprivphrase:
# index: 300
externaltools:
datacurationtool:
enabled: false
method: demo
dataexplorer:
enabled: true
wholetale:
enabled: false
## The first item of 'filesdirs' is the default filestore
## If you change the label, be prepared to change the SQL database if there are already files here
## It is better practice to add a new data store and then migrate to it later
## Also, changing the default storage takes effect immediately for temp files, but
## only after restart for publishing (i.e. without restart the temp files will be moved to the old default data store at publish time).
filesdirs:
- label: file
path: /usr/local/dvn/data
# - label: label
# path: /path/to/filestore ## this is a sample entry for further file stores
frontend:
branch: develop
enabled: false
docroot:
base: /var/www/html
dir: spa
nodejs:
version: 18
repo: "http://github.com/IQSS/dataverse-frontend"
srcdir: /tmp/dataverse-frontend
payara:
user: dataverse
group: dataverse
domain: domain1
logformat: ulf
adminuser: admin
adminpass: notPr0d
siteurl:
launch_timeout: 180
request_timeout: 1800
root: /usr/local
dir: payara6
zipurl: https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/6.2023.8/payara-6.2023.8.zip
zipchecksum: sha256:108ed0fa7f97bb3833ff00610a4951dd41389e2647dffe28132ad54231af694a
google_analytics_key:
jacoco:
enabled: false
home: /tmp/jacoco
version: 0.8.12
file_fixity_checksum_algorithm: "MD5"
memheap: 4096
options:
filepids:
maxfileuploadsizeinbytes:
provcollectionenabled:
tabularingestsizelimit:
previewers:
enabled: true
on_same_server: true
zip_url: https://github.com/gdcc/dataverse-previewers/releases/download/1.2/dataverse-previewers-1.2.zip
dir: /var/www/html
sampledata:
enabled: false
dir: /tmp/sampledata
repo: https://github.com/IQSS/dataverse-sample-data.git
branch: master
venv: /tmp/sampledata/venv
custom_sampledata:
enabled: false
custom_sampledir: "{{ playbook_dir }}/custom_sampledata"
custom_sampledatasets: "{{ playbook_dir }}/custom_sampledata/datasets"
custom_sampledataverses: "{{ playbook_dir }}/custom_sampledata/dataverses"
custom_sampleusers: "{{ playbook_dir }}/custom_sampledata/users"
custom_samplefiles: "{{ playbook_dir }}/custom_sampledata/files"
service_email: noreply@dataverse.yourinstitution.edu
smtp: localhost # or the FQDN of your organization's SMTP relay
solr:
download_url: https://archive.apache.org/dist/solr/solr/9.4.1/solr-9.4.1.tgz
group: solr
root: /usr/local/solr
user: solr
version: 9.4.1
listen: 127.0.0.1
checksum: sha256:41015d7a693fefa4b8a537f5d0982adae8f13f382edf39c94a3497f9b3783250
srcdir: /opt/dataverse/dataverse
thumbnails: false
unittests:
enabled: false
argument: '-DcompilerArgument=-Xlint:unchecked test -P all-unit-tests'
uploads_dir: /tmp
usermgmtkey: burrito
deployment:
upgrade_only: false
version: '6.4'
# robots_txt_url: https://guides.dataverse.org/en/latest/_downloads/3a5cd7a283eecd5e93289e30af713554/robots.txt
build_guides: false
db:
postgres:
enabled: true
adminpass: DVn33dsth1s
name: dvndb
host: localhost
user: dvnuser
pass: dvnsecret
jdbcurl:
log_lock_waits: true
log_statements: none
version: 13
port: 5432
replication:
enabled: false
# all servers must be defined so firewalls may be opened accordingly
servers:
- 192.168.0.1
- 192.168.0.2
user: rep
# pass: WRITE SOME GOOD PASSWORD
backups:
enabled: false
rootdir: /opt/pg_backups
backupdir: backups
host: localhost
user: postgres
custom: 'yes'
globals: 'no'
plain: 'no'
use_rds: false
docker:
cidr: 10.0.0.99/24
repo: https://download.docker.com/linux/centos/docker-ce.repo
grafana:
grafana_user: 'admin'
grafana_password: 'adm1n'
java:
version: 17
java_home: /usr/lib/jvm/java-{{ java.version }}
localstack:
enabled: false
container_name: dev_localstack
# set to /tmp/localstack/data to enable persistence
data_dir: /tmp/localstack/data
debug: true
hostname_external: localstack
port: 4566
web_ui: 8888
buckets:
- label: LocalStack
id: localstack1
bucket_name: mybucket
enabled: false
access_key: 4cc355_k3y
secret_access_key: s3cr3t_4cc355_k3y
# for non-amazon services.
custom_endpoint_url: "http://localhost:4566"
# note: direct upload and download require CORS on the bucket
download_redirect: true
upload_redirect: true
files_type: s3
ingestsizelimit: 2000000000
# for localstack this must be true
path_style_access: true
region: us-east-2
url_expiration_minutes: 60
payload_signing: false
chunked_encoding: true
maven:
version: 3.8.8
minio:
enabled: false
docker:
version: "latest"
service_name: "minio"
network:
name: "minio"
external: false
project_location: "/home/dataverse/minio"
timezone: "America/New_York"
user: dataverse
group: dataverse
server_port: 9000
console_port: 9001
root_user: "4cc355_k3y"
root_password: "s3cr3t_4cc355_k3y"
default_bucket: "mybucket"
label: MinIO
custom_endpoint_url: "http://localhost:9000"
custom_endpoint_region: us-east-1
path-style-access: true
access_key: 4cc355_k3y
secret_key: s3cr3t_4cc355_k3y
munin:
install: false
admin:
user: admin
passwd: p4sswurd
postfix:
enabled: true
prometheus:
install: false
node_exporter: https://github.com/prometheus/node_exporter/releases/download/v1.0.1/node_exporter-1.0.1.linux-amd64.tar.gz
root: /usr/local/prometheus
url: https://github.com/prometheus/prometheus/releases/download/v2.19.1/prometheus-2.19.1.linux-amd64.tar.gz
user: prometheus
rserve:
install: false
host: localhost
user: rserve
group: rserve
pass: rserve
port: 6311
workdir: /tmp/Rserv
s3:
enabled: false
access_key: 4cc355_k3y
secret_access_key: s3cr3t_4cc355_k3y
bucket_name: s3-test
cors_already_set: false
create_bucket: true
# for non-amazon services. for localstack, you might set
#custom_endpoint_url: "http://localhost:4572"
custom_endpoint_url:
# note: direct upload and download require CORS on the bucket
download_redirect: true
upload_redirect: true
files_type: s3
ingestsizelimit:
label: s3-test
# for localstack this must be true
path_style_access: true
region: us-east-1
storage_driver_id: s3
url_expiration_minutes: 60
payload_signing: false
chunked_encoding: true
schemaspy:
enabled: false
jarurl: https://github.com/schemaspy/schemaspy/releases/download/v6.1.0/schemaspy-6.1.0.jar
shibboleth:
enabled: false
email: TODO
organizationName: TODO
organizationalUnitName: TODO
requestedAttributes:
# the ones marked Required seem to be really required by dataverse
- '<md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" isRequired="true"/>'
- '<md:RequestedAttribute FriendlyName="email" Name="urn:oid:0.9.2342.19200300.100.1.3" isRequired="true"/>'
- '<md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" isRequired="true"/>'
- '<md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" isRequired="true"/>'
- '<md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" />'
# - '<md:RequestedAttribute FriendlyName="affiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" />'
organizationDisplayName: TODO
organizationURL: TODO
UIInfo: []
## this is an example below
# - lang: en
# DisplayName: TODO
# Description: TODO
# InformationURL: TODO
# PrivacyStatementURL: TODO
# Logo:
# url: TODO
# height: TODO
# width: TODO
contactPerson: []
## this is an example below
# - type: technical
# givenName: TODO
# surName: TODO
# emailAddress: TODO
# - type: support
# givenName: TODO
# surName: TODO
# emailAddress: TODO
# - type: administrative
# givenName: TODO
# surName: TODO
# emailAddress: TODO
SSO: "<SSO>SAML2 SAML1</SSO>"
MetadataProvider: '<MetadataProvider type="XML" file="dataverse-idp-metadata.xml" backingFilePath="local-idp-metadata.xml" legacyOrgNames="true" reloadInterval="7200"/>'
showListFirst: 'true'
orcid:
enabled: false
clientId: SETME
clientSecret: SETME
sshkeys:
enabled: false
files:
urls:
user:
extra_certificates:
# this should be a list of certificate files in x509 format put in your files/ ansible directory
files: []
java_keystores:
- path: '{{ payara_dir }}/glassfish/domains/{{ dataverse.payara.domain }}/config/cacerts.jks'
pass: changeit
- path: '{{ java.home }}/lib/security/cacerts'
pass: changeit