ansible-role-shinyproxy/templates/shinyproxy-conf.yml.j2

server:
{% if shinyproxy_version is version_compare('2.4.0', '>=') %}
  forward-headers-strategy: native
{% else %}
  useForwardHeaders: true
{% endif %}
  servlet.session.timeout: {{ shinyproxy_server_session_timeout }}
{% if shinyproxy_servlet_context_path is defined %}
  servlet.context-path: {{ shinyproxy_servlet_context_path }}
{% endif %}
  secure-cookies: {{ shinyproxy_server_secure_cookies }}
  frame-options: {{ shinyproxy_server_frame_options }}

proxy:
{% if shinyproxy_container_backend == 'docker-swarm' %}
  bind-address: 0.0.0.0
{% else %}
  bind-address: {{ shinyproxy_bind_address }}
{% endif %}
  port: {{ shinyproxy_http_port }}
  hide-navbar: {{ shinyproxy_hide_navbar }}
  title: {{ shinyproxy_app_title }}
  logo-url: {{ shinyproxy_logo_url }}
  landing-page: {{ shinyproxy_landing_page }}
  heartbeat-rate: {{ shinyproxy_heartbeat_rate }}
  heartbeat-timeout: {{ shinyproxy_heartbeat_timeout }}
  container-wait-time: {{ shinyproxy_container_wait_time }}
{% if shinyproxy_version is version_compare('2.6.0', '>=') %}
  default-webSocket-reconnection-mode: {{ shinyproxy_default_websocket_reconnection_mode }}
  stop-proxies-on-shutdown: {{ shinyproxy_stop_proxies_on_shutdown }}
  recover-running-proxies: {{ shinyproxy_recover_running_proxies }}
  recover-running-proxies-from-different-config: {{ shinyproxy_recover_running_proxies_from_different_config }}
  default-stop-proxy-on-logout: {{ shinyproxy_default_stop_proxy_on_logout }}
  default-proxy-max-lifetime: {{ shinyproxy_default_proxy_max_lifetime }}
  same-site-cookie: {{ shinyproxy_same_site_cookie }}
{% endif %}
{% if shinyproxy_custom_template %}
  template-path: {{ shinyproxy_template_path }}
{% endif %}
  authentication: {{ shinyproxy_authentication }}
{% if shinyproxy_expose_prometheus and shinyproxy_version is version_compare('2.5.0', '>=') %}
  usage-stats-url: micrometer
{% endif %}
  admin-groups: {{ shinyproxy_admin_group }}
  container-backend: {{ shinyproxy_container_backend }}
{% if shinyproxy_container_backend == 'docker' or shinyproxy_container_backend == 'docker-swarm' %}
  docker:
    container-memory-request: {{ shinyproxy_docker_memory_request }}
    container-memory-limit: {{ shinyproxy_docker_memory_limit }}
    container-cpu-limit: {{ shinyproxy_docker_cpu_limit }}
    image-pull-policy: {{ shinyproxy_docker_image_pull_policy }}
{% if not shinyproxy_as_docker_service %}
    cert-path: {{ shinyproxy_docker_certs_dir }}
    container-protocol: {{ shinyproxy_docker_protocol }}
    privileged: {{ shinyproxy_docker_privileged }}
    port-range-start: {{ shinyproxy_docker_port_range_start }}
    url: {{ shinyproxy_docker_url }}
    internal-networking: {{ shinyproxy_docker_internal_networking }}
{% else %}
    privileged: {{ shinyproxy_docker_privileged }}
    internal-networking: true
{% endif %}
{% endif %}

{% if shinyproxy_authentication == 'ldap' %}
  # LDAP configuration
  ldap:
    url: {{ shinyproxy_ldap_server }}
{% if shinyproxy_ldap_user_dn_enabled %}
    user-dn-pattern: {{ shinyproxy_ldap_user_dn_pattern }}
{% endif %}
{% if shinyproxy_ldap_user_search_base_enabled %}
    user-search-base: {{ shinyproxy_ldap_user_search_base }}
{% endif %}
{% if shinyproxy_ldap_user_search_filter_enabled %}
    user-search-filter: {{ shinyproxy_ldap_user_search_filter }}
{% endif %}
    group-search-base: {{ shinyproxy_ldap_group_search_base }}
    group-search-filter: {{ shinyproxy_ldap_group_search_filter }}
    manager-dn: {{ shinyproxy_ldap_admin }}
    manager-password: {{ shinyproxy_ldap_admin_pwd }}
{% endif %}
{% if shinyproxy_authentication == 'keycloak' %}
  keycloak:
    realm: {{ shinyproxy_keycloak_realm }}
    auth-server-url: {{ shinyproxy_keycloak_url }}
    resource: {{ shinyproxy_keycloak_resource }}
    credentials-secret: {{ shinyproxy_keycloak_secret }}
    ssl-required: {{ shinyproxy_keycloak_ssl_required }}
    name-attribute: {{ shinyproxy_keycloak_name_attribute }}
    use-resource-role-mappings: {{ shinyproxy_keycloak_role_mappings }}
{% endif %}
{% if shinyproxy_authentication == 'openid' %}
  openid:
    auth-url: {{ shinyproxy_oidc_auth_url }}
    token-url: {{ shinyproxy_oidc_token_url }}
    jwks-url: {{ shinyproxy_oidc_jwks_url }}
    logout-url: {{ shinyproxy_oidc_logout_url }}
    client-id: {{ shinyproxy_oidc_client_id }}
    client-secret: {{ shinyproxy_oidc_client_secret }}
    username-attribute: {{ shinyproxy_oidc_username_attribute }}

{% if shinyproxy_oidc_use_roles_claim %}
    roles-claim: {{ shinyproxy_oidc_roles_claim }}
{% endif %}

{% endif %}

  specs:
{% if shinyproxy_default_apps %}
  - id: 01_hello
    display-name: Hello Application
    description: Application which demonstrates the basics of a Shiny app
    container-cmd: ["R", "-e shinyproxy::run_01_hello()"]
    container-image: openanalytics/shinyproxy-demo
  - id: 06_tabsets
    docker-cmd: ["R", "-e shinyproxy::run_06_tabsets()"]
    container-image: openanalytics/shinyproxy-demo
{% endif %}
{% if shinyproxy_apps is defined %}
{% for app in shinyproxy_apps %}
  - id: {{ app.name }}
    display-name: {{ app.display_name }}
    description: {{ app.description }}
    {% if app.cmd is defined %}container-cmd: ["R", "-e {{ app.cmd }}"]{% endif %}

    {% if app.full_cmd is defined %}container-cmd: [{{ app.full_cmd }}]{% endif %}

    container-image: {{ app.docker_image }}
    container-privileged: {{ app.container_privileged | default('false') }}
    container-memory-request: {{ app.container_memory_request | default('256m')}}
    container-memory-limit: {{ app.docker_memory | default('2g') }}
    container-cpu-request: {{ app.container_cpu_request | default('1') }}

    {% if app.container_cpu_limit is defined %}container-cpu-limit: {{ app.container_cpu_limit }}{% endif %}

{% if shinyproxy_version is version_compare('2.6.0', '>=') %}

    stop-on-logout: {{ app.stop_on_logout | default('true') }}
    max-lifetime: {{ app.max_lifetime | default(shinyproxy_default_proxy_max_lifetime) }}

{% if app.extra_options is defined %}
{% for opt in app.extra_options %}
    {{ opt.key }}: {{ opt.value }}
{% endfor %}
{% endif %}

{% endif %}

{% if app.environment is defined %}
    container-env:
{% for env in app.environment %}
      {{ env.name }}: {{ env.value }}
{% endfor %}
{% endif %}

  {% if app.groups is defined %}

    access-groups: [{{ app.groups }}]

  {% endif %}

    {% if app.port is defined %}port: {{ app.port }}{% endif %}

    {% if app.container_volumes is defined %}container-volumes: [ {% for vol in app.container_volumes %} "{{ vol }}"{% if not loop.last %}, {% endif %}{% endfor %} ]{% endif %}

{% if shinyproxy_as_docker_service %}
  {% if shinyproxy_container_backend == 'docker-swarm' %}

    container-network: {{ shinyproxy_as_docker_stack_name }}_{{ shinyproxy_docker_network }}

  {% else %}

    container-network: {{ shinyproxy_docker_network }}

  {% endif %}
  {% endif %}

{% endfor %}
{% endif %}

security:
  basic:
    enabled: {{ shinyproxy_basic_auth }}

{% if shinyproxy_expose_prometheus and shinyproxy_version is version_compare('2.5.0', '>=') %}
management:
  metrics:
    export:
      prometheus:
        enabled: true
{% endif %}

{% if shinyproxy_version is version_compare('2.6.0', '>=') %}
spring:
  application:
    name: "{{ shinyproxy_spring_name }}"
  servlet:
    multipart:
      max-file-size: {{ shinyproxy_max_file_size }}
      max-request-size: {{ shinyproxy_max_request_size }}
{% endif %}

logging:
  file: {{ shinyproxy_log_dir }}/shinyproxy.log
  #max-size: {{ shinyproxy_max_log_size }}
  level:
    com.spotify.docker: {{ shinyproxy_docker_loglevel }}
    io.undertow: {{ shinyproxy_undertow_loglevel }}