Skip to content

Commit

Permalink
webui: use RUCIO_WEBUI_COMMUNITY_LOGO_URL consistently
Browse files Browse the repository at this point in the history
  • Loading branch information
@maany
maany committed Nov 26, 2024
1 parent 4b2243f commit 0f483de
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 23 deletions.
43 changes: 21 additions & 22 deletions webui/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ docker run --rm --name rucio-webui \
-e RUCIO_WEBUI_HOSTNAME=<public_hostname_of_webui> \
-e RUCIO_WEBUI_ENABLE_SSL=false \
-e RUCIO_WEBUI_RUCIO_HOST=<rucio_server_url> \
-e RUCIO_COMMUNITY_LOGO_URL="https://cds.cern.ch/record/2771224/files/ATLAS_logo_black_square.jpg?subformat=icon-1440" \
-e RUCIO_WEBUI_COMMUNITY_LOGO_URL="https://cds.cern.ch/record/2771224/files/ATLAS_logo_black_square.jpg?subformat=icon-1440" \
-e RUCIO_WEBUI_RUCIO_AUTH_HOST=<rucio_auth_server_url> \
-e RUCIO_WEBUI_PROJECT_URL=atlas.cern.ch \
-e RUCIO_WEBUI_MULTIVO_ENABLED=true \
Expand Down Expand Up @@ -77,30 +77,29 @@ The following sections list the available configuration variables:

The following environment variables are used to configure the NextJS App. As a convention, the environment variables are prefixed with `RUCIO_WEBUI_` and are generated by the [env-generator](https://github.com/rucio/webui/tree/master/tools/env-generator) tool , which creates the environment file used by the NextJS application. When running the container, the `-e` flag must specify the `FULL_NAME` of the corresponding environment variable.

**NOTE** By default, the rule activity is set to `User Subscription`. This can be changed by setting the `RULE_ACTIVITY` variable in the `.env.base` file.
**NOTE** By default, the rule activity is set to `User Subscriptions`. This can be changed by setting the `RULE_ACTIVITY` variable in the `.env.base` file.
**NOTE** In order to support DID schemas that use special characters like "/", a new configuration option has been added to the new webui to enable or disable this functionality.
In cases where DID schemas use any such special characters, the Apache configuration of the Rucio Server most likely uses `AllowEncodedSlashes` or `AllowEncode` directives.
The `PARAMS_ENCODING_ENABLED` in the helm chart config of the Rucio WebUI tells the webui to encode the URI parameters when requests are sent out to the rucio server.
**NOTE** Please provide a valid `COMMUNITY_LOGO_URL` to display the logo of the community on the login page. The default logo is `atlas_logo`.

| Variable Name | Full Name | Description | Example | Default |
| ----------------------- | ----------------------------------- | ---------------------------------------------------------------------------------------- | ------------------------------ | ----------------- |
| RUCIO_HOST | RUCIO_WEBUI_RUCIO_HOST | URL for the Rucio Server | https://rucio-lb-prod.cern.ch | |
| RUCIO_AUTH_HOST | RUCIO_WEBUI_RUCIO_AUTH_HOST | URL for the Rucio authentication server | https://rucio-auth-host.ch:443 | |
| HOSTNAME | RUCIO_WEBUI_HOSTNAME | Public HOSTNAME at which Rucio WebUI will be accessible. It may include port number. | rucio-ui.cern.ch | |
| ENABLE_SSL | RUCIO_WEBUI_ENABLE_SSL | Enable or Disable TLS Termination (true or false) | true | false |
| PARAMS_ENCODING_ENABLED | RUCIO_WEBUI_PARAMS_ENCODING_ENABLED | If your DID schema has special characters like '/' or '+' in the name, set this to true. | true | false |
| SERVER_CA_BUNDLE | RUCIO_WEBUI_SERVER_CA_BUNDLE | A CA that can verify the certificate of your Rucio Server | | |
| PROJECT_URL | RUCIO_WEBUI_PROJECT_URL | Public URL for your project | https://atlas.cern.ch | |
| COMMUNITY_LOGO_URL | RUCIO_WEBUI_COMMUNITY_LOGO_URL | URL to the logo of the community that will be rendered on the login page | | atlas_logo |
| ENABLE_USERPASS_LOGIN | RUCIO_WEBUI_ENABLE_USERPASS_LOGIN | Show the Userpass Login option in the WebUI's Login Page | true | true |
| RULE_ACTIVITY | RUCIO_WEBUI_RULE_ACTIVITY | The `Activity` to associate with rules created with WebUI | User Subscription | User Subscription |

| VO_DEFAULT | RUCIO_WEBUI_VO_DEFAULT | Short name for the default VO used for authentication | def | def |
| VO_LIST | RUCIO_WEBUI_VO_LIST | CSV string containing the list of supported VOs | def, atl, cms | def |
| MULTIVO_ENABLED | RUCIO_WEBUI_MULTIVO_ENABLED | Whether to enable multi-VO config (true or false) | true | |
| OIDC_ENABLED | RUCIO_WEBUI_OIDC_ENABLED | Enable or Disable OIDC Authentication (true or false) | true | |
| OIDC_PROVIDERS | RUCIO_WEBUI_OIDC_PROVIDERS | CSV string containing names of OIDC Providers | cern, indigo | |
**NOTE** Please provide a valid `RUCIO_WEBUI_COMMUNITY_LOGO_URL` to display the logo of the community on the login page. The default logo is `atlas_logo`.

| Variable Name | Full Name | Description | Example | Default |
| ----------------------- | ----------------------------------- | ---------------------------------------------------------------------------------------- | ------------------------------ | ------------------ |
| RUCIO_HOST | RUCIO_WEBUI_RUCIO_HOST | URL for the Rucio Server | https://rucio-lb-prod.cern.ch | |
| RUCIO_AUTH_HOST | RUCIO_WEBUI_RUCIO_AUTH_HOST | URL for the Rucio authentication server | https://rucio-auth-host.ch:443 | |
| HOSTNAME | RUCIO_WEBUI_HOSTNAME | Public HOSTNAME at which Rucio WebUI will be accessible. It may include port number. | rucio-ui.cern.ch | |
| ENABLE_SSL | RUCIO_WEBUI_ENABLE_SSL | Enable or Disable TLS Termination (true or false) | true | false |
| PARAMS_ENCODING_ENABLED | RUCIO_WEBUI_PARAMS_ENCODING_ENABLED | If your DID schema has special characters like '/' or '+' in the name, set this to true. | true | false |
| SERVER_CA_BUNDLE | RUCIO_WEBUI_SERVER_CA_BUNDLE | A CA that can verify the certificate of your Rucio Server | | |
| PROJECT_URL | RUCIO_WEBUI_PROJECT_URL | Public URL for your project | https://atlas.cern.ch | |
| COMMUNITY_LOGO_URL | RUCIO_WEBUI_COMMUNITY_LOGO_URL | URL to the logo of the community that will be rendered on the login page | | atlas_logo |
| ENABLE_USERPASS_LOGIN | RUCIO_WEBUI_ENABLE_USERPASS_LOGIN | Show the Userpass Login option in the WebUI's Login Page | true | true |
| RULE_ACTIVITY | RUCIO_WEBUI_RULE_ACTIVITY | The `Activity` to associate with rules created with WebUI | User Subscriptions | User Subscriptions |
| VO_DEFAULT | RUCIO_WEBUI_VO_DEFAULT | Short name for the default VO used for authentication | def | def |
| VO_LIST | RUCIO_WEBUI_VO_LIST | CSV string containing the list of supported VOs | def, atl, cms | def |
| MULTIVO_ENABLED | RUCIO_WEBUI_MULTIVO_ENABLED | Whether to enable multi-VO config (true or false) | true | |
| OIDC_ENABLED | RUCIO_WEBUI_OIDC_ENABLED | Enable or Disable OIDC Authentication (true or false) | true | |
| OIDC_PROVIDERS | RUCIO_WEBUI_OIDC_PROVIDERS | CSV string containing names of OIDC Providers | cern, indigo | |

For each `VO` specified in the `VO_LIST` variable, additional variables need to be specified. These variables should be added in the following format:
`RUCIO_WEBUI_VO_<VO_SHORT_NAME>_<VARIABLE_NAME>=<VARIABLE_VALUE>`. An example for the default VO is shown below:
Expand Down
2 changes: 1 addition & 1 deletion webui/docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ log "removing httpd example ssl config"
rm -rf /etc/httpd/conf.d/ssl.conf

if [ -z "${RUCIO_WEBUI_COMMUNITY_LOGO_URL}" ]; then
log "Environment variable RUCIO_COMMUNITY_ICON_URL is not set. The default experiment-icon will be used."
log "Environment variable RUCIO_COMMUNITY_LOGO_URL is not set. The default experiment-icon will be used."
else
log "Downloading community logo from ${RUCIO_WEBUI_COMMUNITY_LOGO_URL}"
wget -O /opt/rucio/webui/public/experiment-icon.png ${RUCIO_WEBUI_COMMUNITY_LOGO_URL}
Expand Down

0 comments on commit 0f483de

Please sign in to comment.