-
Notifications
You must be signed in to change notification settings - Fork 15
/
.env
179 lines (138 loc) · 6.97 KB
/
.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
# DB image settings
POSTGRES_PASSWORD=ckan
DATASTORE_READONLY_PASSWORD=datastore
# Basic
CKAN_SITE_ID=default
PORT=5000
CKAN_SITE_URL=http://ckan:5000
CKAN_SYSADMIN_NAME=admin
CKAN_SYSADMIN_PASSWORD=password
TZ=UTC
# CKAN_INI=/app/ckan/setup/ckan.ini
# Database connections (TODO: avoid duplication)
CKAN_SQLALCHEMY_URL=postgresql://ckan:ckan@db/ckan
CKAN_DATASTORE_WRITE_URL=postgresql://ckan:ckan@db/datastore
CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@db/datastore
CKAN___BEAKER__SESSION__URL=postgresql://ckan:ckan@db/ckan
# Test database connections
TEST_CKAN_SQLALCHEMY_URL=postgres://ckan:ckan@db/ckan_test
TEST_CKAN_DATASTORE_WRITE_URL=postgresql://ckan:ckan@db/datastore_test
TEST_CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@db/datastore_test
# Other services connections
CKAN_SOLR_BASE_URL=http://solr:8983
CKAN_SOLR_USER=catalog
CKAN_SOLR_PASSWORD='Bleeding-Edge'
COLLECTION_NAME=ckan
CKAN_SOLR_URL="http://solr:8983/solr/${COLLECTION_NAME}"
CKAN_REDIS_URL=redis://redis:6379/1
TEST_CKAN_SOLR_URL="http://${CKAN_SOLR_USER}:${CKAN_SOLR_PASSWORD}@solr:8983/solr/${COLLECTION_NAME}"
TEST_CKAN_REDIS_URL=redis://redis:6379/1
# Core settings
CKAN__STORAGE_PATH=/var/lib/ckan
CKAN_SMTP_SERVER=smtp.corporateict.domain:25
CKAN_SMTP_STARTTLS=True
CKAN_SMTP_USER=user
CKAN_SMTP_PASSWORD=pass
CKAN_SMTP_MAIL_FROM=ckan@localhost
# Extensions
# TODO: Reenable pending https://github.com/GSA/data.gov/issues/3986
# qa archiver
CKAN__PLUGINS=image_view text_view recline_view metrics_dashboard report ckan_harvester datajson_validator datajson_harvest geodatagov datagovtheme datagov_harvest geodatagov_miscs z3950_harvester arcgis_harvester geodatagov_geoportal_harvester waf_harvester_collection geodatagov_csw_harvester geodatagov_doc_harvester geodatagov_waf_harvester spatial_metadata spatial_query spatial_harvest_metadata_api dcat dcat_json_interface structured_data datagovcatalog envvars
# Extensions that exist but are not used in dev:
# - ckanext-saml2
#
# Enable ckanext-saml2 in local development
# add "saml2auth" to CKAN__PLUGINS list
# Harvest settings
CKAN__HARVEST__MQ__TYPE=redis
CKAN__HARVEST__MQ__HOSTNAME=redis
CKAN__HARVEST__MQ__PORT=6379
CKAN__HARVEST__MQ__REDIS_DB=1
CKAN__HARVEST__LOG_LEVEL=info
CKAN__HARVEST__STATUS_MAIL__ALL=True
CKANEXT__GEODATAGOV__BUREAU_CSV__URL=https://resources.data.gov/schemas/dcat-us/v1.1/omb_bureau_codes.csv
CKANEXT__GEODATAGOV__BUREAU_CSV__URL_DEFAULT=https://resources.data.gov/schemas/dcat-us/v1.1/omb_bureau_codes.csv
CKAN__SPATIAL__SRID=4326
CKAN__SPATIAL__VALIDATOR__PROFILES=iso19139ngdc
CKANEXT__SPATIAL__SEARCH_BACKEND=solr-bbox
CKAN__SEARCH__SOLR_ALLOWED_QUERY_PARSERS = frange
# Customize map widget
CKANEXT__SPATIAL__COMMON_MAP__TYPE=custom
# map tile servers options are described at
# https://github.com/GSA/data.gov/issues/4493#issuecomment-1791347298
# it is ok to use any of the three options for development purpose without
# worrying about the tile server usage limits or CDN caching
CKANEXT__SPATIAL__COMMON_MAP__CUSTOM_URL=https://tile.openstreetmap.org/{z}/{x}/{y}.png
CKANEXT__SPATIAL__COMMON_MAP__ATTRIBUTION=<a href=https://openstreetmap.org/>OpenStreetMap</a> contributors
CKAN___GOOGLEANALYTICS__ID=UA-00000000-0
CKAN__TRACKING_ENABLED=true
CKAN___BROKER_BACKEND=redis
CKAN___BROKER_HOST=redis://redis/1
CKAN___CELERY_RESULT_BACKEND=redis
CKAN___REDIS_HOST=redis
CKAN___REDIS_PORT=6379
CKAN___REDIS_DB=0
CKAN___REDIS_CONNECT_RETRY=True
# New Relic
NEW_RELIC_LICENSE_KEY=
NEW_RELIC_APP_NAME=catalog-next
NEW_RELIC_MONITOR_MODE=false
NEW_RELIC_LOG=/var/log/new_relic.log
NEW_RELIC_LOG_LEVEL=info
NEW_RELIC_HOST=gov-collector.newrelic.com
# saml2
# Specifies the metadata location type
# Options: local or remote
CKANEXT__SAML2AUTH__IDP_METADATA__LOCATION=local
# Path to a local file accessible on the server the service runs on
# Ignore this config if the idp metadata location is set to: remote
CKANEXT__SAML2AUTH__IDP_METADATA__LOCAL_PATH=/srv/app/saml2/idp.xml
# A remote URL serving aggregate metadata
# Ignore this config if the idp metadata location is set to: local
# CKANEXT__SAML2AUTH__IDP_METADATA__REMOTE_URL=
# Path to a local file accessible on the server the service runs on
# Ignore this config if the idp metadata location is set to: local
# CKANEXT__SAML2AUTH__IDP_METADATA__REMOTE_CERT=
# Corresponding SAML user field for firstname
CKANEXT__SAML2AUTH__USER_FIRSTNAME=first_name
# Corresponding SAML user field for lastname
CKANEXT__SAML2AUTH__USER_LASTNAME=last_name
# Corresponding SAML user field for email
CKANEXT__SAML2AUTH__USER_EMAIL=email
### saml2 Optional:
# List of email addresses from users that should be created as sysadmins (system administrators)
# Indicates that attributes that are not recognized (they are not configured in attribute-mapping),
# will not be discarded.
# Default: True
CKANEXT__SAML2AUTH__ALLOW_UNKNOWN_ATTRIBUTES=true
# Indicates if CKAN should auto create a user for a new SAML login
# If set False, a new user must be manually created in CKAN before they can log in using SAML
# If set False, existing user must be in active state to able to log in.
# Default: True
CKANEXT__SAML2AUTH__CREATE_USER_VIA_SAML=false
# A list of string values that will be used to set the <NameIDFormat> element of the metadata of an entity.
# Default: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
CKANEXT__SAML2AUTH__SP__NAME_ID_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress
CKANEXT__SAML2AUTH__ENTITY_ID=urn:gov:gsa:SAML:2.0.profiles:sp:sso:gsa:catalog-dev
CKANEXT__SAML2AUTH__WANT_RESPONSE_SIGNED=false
CKANEXT__SAML2AUTH__WANT_ASSERTIONS_SIGNED=false
CKANEXT__SAML2AUTH__WANT_ASSERTIONS_OR_RESPONSE_SIGNED=true
CKANEXT__SAML2AUTH__KEY_FILE_PATH=/srv/app/saml2/pki/mykey.pem
CKANEXT__SAML2AUTH__CERT_FILE_PATH=/srv/app/saml2/pki/mycert.pem
# CKANEXT__SAML2AUTH__ATTRIBUTE_MAP_DIR=/srv/app/saml2/attributemaps
CKANEXT__SAML2AUTH__ENABLE_CKAN_INTERNAL_LOGIN=true
# Ask for a PIV card https://developers.login.gov/oidc/#aal-values
CKANEXT__SAML2AUTH__REQUESTED_AUTHN_CONTEXT=http://idmanagement.gov/ns/assurance/aal/3?hspd12=true
# Comparison could be one of this: exact, minimum, maximum or better
CKANEXT__SAML2AUTH__REQUESTED_AUTHN_CONTEXT_COMPARISON=exact
# Avoid double package_show call to add tracking info
CKANEXT__DATAGOVCATALOG__ADD_PACKAGES_TRACKING_INFO=false
# Render recent view using AJAX call to boost page loading speed
CKANEXT__DATAGOVTHEME__JS_RECENT_VIEW=true
# Max number of resources to be allowed in a dataset to be harvested
CKANEXT__DATAJSON__MAX_RESOURCE_COUNT=1500
# Remove all translated pages, for less crawling
CKAN__LOCALES_FILTERED_OUT=am ar bg bs ca cs_CZ da_DK de el en_AU en_GB es es_AR eu fa_IR fi fr gl he hr hu id is it ja km ko_KR lt lv mk mn_MN my_MM nb_NO ne nl no pl pt_BR pt_PT ro ru sk sl sq sr sr_Latn sv th tl tr uk uk_UA vi zh_Hans_CN zh_Hant_TW
CKAN__FAVICON=/images/favicon.ico