126 lines
5.4 KiB
YAML
126 lines
5.4 KiB
YAML
---
|
|
# https://shinyproxy.io/
|
|
# https://github.com/openanalytics/shinyproxy
|
|
# https://github.com/openanalytics/shinyproxy-config-examples
|
|
shinyproxy_install: true
|
|
shinyproxy_as_docker_service: false
|
|
shinyproxy_docker_privileged_user: true
|
|
shinyproxy_major_ver: 3
|
|
shinyproxy_minor_ver: 0
|
|
shinyproxy_patch_ver: 2
|
|
shinyproxy_version: '{{ shinyproxy_major_ver }}.{{ shinyproxy_minor_ver }}.{{ shinyproxy_patch_ver }}'
|
|
shinyproxy_file_name: 'shinyproxy-{{ shinyproxy_version }}.jar'
|
|
shinyproxy_url: 'https://www.shinyproxy.io/downloads/{{ shinyproxy_file_name }}'
|
|
shinyproxy_app_name: shinyproxy.jar
|
|
shinyproxy_user: shinyproxy
|
|
# shinyproxy_servlet_context_path: '/'
|
|
shinyproxy_spring_name: "ShinyProxy"
|
|
shinyproxy_landing_page: '/'
|
|
shinyproxy_install_dir: /opt/shinyproxy
|
|
shinyproxy_conf_dir: '{{ shinyproxy_install_dir }}'
|
|
shinyproxy_log_dir: /var/log/shinyproxy
|
|
shinyproxy_bind_address: 127.0.0.1
|
|
shinyproxy_http_port: 8080
|
|
shinyproxy_published_http_port: "{{ shinyproxy_http_port }}"
|
|
shinyproxy_docker_http_port_mode: 'ingress'
|
|
shinyproxy_heartbeat_rate: 10000
|
|
shinyproxy_heartbeat_timeout: 60000
|
|
# None, Confirm, Auto
|
|
shinyproxy_default_websocket_reconnection_mode: 'Auto'
|
|
shinyproxy_stop_proxies_on_shutdown: 'false'
|
|
shinyproxy_recover_running_proxies: 'true'
|
|
shinyproxy_recover_running_proxies_from_different_config: 'true'
|
|
shinyproxy_default_stop_proxy_on_logout: 'true'
|
|
# max lifetime, in minutes
|
|
shinyproxy_default_proxy_max_lifetime: 60
|
|
shinyproxy_undertow_loglevel: 'INFO'
|
|
shinyproxy_prometheus_port: 9090
|
|
shinyproxy_expose_prometheus: true
|
|
# 30 minutes
|
|
shinyproxy_server_session_timeout: 1800
|
|
shinyproxy_server_secure_cookies: 'true'
|
|
# disable, deny, sameorigin, allow-from https://site
|
|
shinyproxy_server_frame_options: 'sameorigin'
|
|
# None, Lax, Strict
|
|
shinyproxy_same_site_cookie: 'Lax'
|
|
# For logrotate. In days
|
|
shinyproxy_log_retention: 10
|
|
shinyproxy_default_apps: false
|
|
# Shinyproxy as docker service
|
|
shinyproxy_docker_image: 'openanalytics/shinyproxy:{{ shinyproxy_version }}'
|
|
shinyproxy_as_docker_stack_name: 'shinyproxy'
|
|
shinyproxy_as_docker_service_name: 'shinyproxy'
|
|
shinyproxy_as_docker_src_dir: /srv/{{ shinyproxy_as_docker_stack_name }}_service
|
|
shinyproxy_docker_network: 'shinyproxy'
|
|
shinyproxy_docker_swarm_behind_haproxy: true
|
|
shinyproxy_docker_swarm_replicas: 1
|
|
shinyproxy_docker_mount_conf_file: false
|
|
shinyproxy_docker_log_to_journal: true
|
|
# Shinyproxy configuration
|
|
# docker, docker-swarm, kubernetes
|
|
shinyproxy_container_backend: 'docker'
|
|
shinyproxy_docker_port: 2375
|
|
shinyproxy_docker_host: 'localhost'
|
|
shinyproxy_docker_workers:
|
|
- 'localhost'
|
|
shinyproxy_docker_protocol: http
|
|
shinyproxy_docker_certs_dir: /etc/pki/shinyproxy
|
|
shinyproxy_docker_url: '{{ shinyproxy_docker_protocol }}://{{ shinyproxy_docker_host }}:{{ shinyproxy_docker_port }}'
|
|
shinyproxy_docker_port_range_start: 20000
|
|
shinyproxy_docker_privileged: 'false'
|
|
shinyproxy_docker_cpu_limit: 1
|
|
shinyproxy_docker_memory_request: '1g'
|
|
shinyproxy_docker_memory_limit: '2g'
|
|
# Never, IfNotPresent and Always
|
|
shinyproxy_docker_image_pull_policy: IfNotPresent
|
|
shinyproxy_docker_internal_networking: 'false'
|
|
shinyproxy_container_wait_time: 600000
|
|
shinyproxy_docker_loglevel: 'INFO'
|
|
shinyproxy_hide_navbar: 'false'
|
|
shinyproxy_custom_template: False
|
|
shinyproxy_template_path: '{{ shinyproxy_install_dir }}/web_templates'
|
|
|
|
shinyproxy_app_title: 'Open Analytics Shiny Proxy'
|
|
shinyproxy_logo_url: 'http://www.openanalytics.eu/sites/www.openanalytics.eu/themes/oa/logo.png'
|
|
# ldap, keycloak, openid, none
|
|
# See https://www.shinyproxy.io/documentation/configuration/
|
|
shinyproxy_authentication: 'none'
|
|
shinyproxy_basic_auth: 'false'
|
|
shinyproxy_admin_group: ''
|
|
shinyproxy_ldap_server: 'ldap://ldap.forumsys.com:389/dc=example,dc=com'
|
|
shinyproxy_ldap_admin: cn=read-only-admin,dc=example,dc=com
|
|
shinyproxy_ldap_admin_pwd: password
|
|
shinyproxy_ldap_user_dn_enabled: false
|
|
shinyproxy_ldap_user_dn_pattern: 'uid={0}'
|
|
shinyproxy_ldap_user_search_base_enabled: true
|
|
shinyproxy_ldap_user_search_base: ''
|
|
shinyproxy_ldap_user_search_filter_enabled: true
|
|
shinyproxy_ldap_user_search_filter: '(uid={0})'
|
|
shinyproxy_ldap_group_search_base: ''
|
|
shinyproxy_ldap_group_search_filter: '(uniqueMember={0})'
|
|
shinyproxy_keycloak_realm: 'realm'
|
|
shinyproxy_keycloak_url: 'http://localhost:8180/auth'
|
|
shinyproxy_keycloak_resource: 'shiny_client'
|
|
shinyproxy_keycloak_secret: 'use a vault file'
|
|
shinyproxy_keycloak_ssl_required: 'external'
|
|
# name, preferred_username, nickname, email
|
|
shinyproxy_keycloak_name_attribute: 'preferred_username'
|
|
shinyproxy_keycloak_role_mappings: 'false'
|
|
shinyproxy_oidc_auth_url: 'https://keycloak.example.org/auth/realms/master/protocol/openid-connect/auth'
|
|
shinyproxy_oidc_token_url: 'https:/keycloak.example.org/auth/realms/master/protocol/openid-connect/token'
|
|
shinyproxy_oidc_jwks_url: 'https:/keycloak.example.org/auth/realms/master/protocol/openid-connect/certs'
|
|
shinyproxy_oidc_logout_url: 'https:/keycloak.example.org/auth/realms/master/protocol/openid-connect/logout'
|
|
shinyproxy_oidc_client_id: 'shiny_client'
|
|
shinyproxy_oidc_client_secret: 'use a vault file'
|
|
# name, preferred_username, nickname, email
|
|
shinyproxy_oidc_username_attribute: 'email'
|
|
# See https://www.shinyproxy.io/faq/#authentication-using-openid-does-not-work-because-of-missing-attribute-email-in-attributes-exception
|
|
shinyproxy_oidc_use_roles_claim: true
|
|
shinyproxy_oidc_roles_claim: 'groups'
|
|
|
|
shinyproxy_max_log_size: 20MB
|
|
|
|
# Springboot options
|
|
shinyproxy_max_file_size: 10MB
|
|
shinyproxy_max_request_size: "{{ shinyproxy_max_file_size }}"
|