From b0e5d1102e126746b837d50196c48b3305a872e2 Mon Sep 17 00:00:00 2001 From: stsnel Date: Fri, 8 Sep 2023 19:21:34 +0000 Subject: [PATCH] =?UTF-8?q?Deploying=20to=20gh-pages=20from=20=20@=20682cf?= =?UTF-8?q?7db0b98937ab648bc3786dac76d592d78a7=20=F0=9F=9A=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../configuring-cleanup-temporary-files.html | 8 ++-- .../configuring-data-access-passwords.html | 8 ++-- administration/configuring-openidc.html | 8 ++-- administration/configuring-yoda.html | 10 ++-- administration/deploying-yoda.html | 8 ++-- administration/deprovision-users.html | 8 ++-- administration/hotfixing-ruleset.html | 8 ++-- administration/index.html | 8 ++-- .../installing-datarequest-module.html | 8 ++-- administration/installing-licenses.html | 8 ++-- .../installing-metadata-schemas.html | 8 ++-- .../installing-preservable-file-formats.html | 8 ++-- administration/installing-terms.html | 8 ++-- administration/local-postfix-mta.html | 8 ++-- administration/local-ruleset-patch.html | 8 ++-- administration/restore-collection.html | 8 ++-- administration/setting-job-flags.html | 8 ++-- administration/supported-distributions.html | 8 ++-- administration/troubleshooting-email.html | 8 ++-- .../troubleshooting-publication.html | 8 ++-- ...troubleshooting-replication-revisions.html | 8 ++-- .../upgrading-metadata-schemas.html | 8 ++-- administration/using-python-irodsclient.html | 8 ++-- assets/js/just-the-docs.js | 19 +------- assets/js/search-data.json | 4 +- design/api/index.html | 8 ++-- design/index.html | 8 ++-- design/metadata/adr-schema-identifiers.html | 8 ++-- design/metadata/index.html | 8 ++-- design/metadata/metadata-form-json.html | 8 ++-- design/metadata/metadata-form.html | 8 ++-- design/metadata/metadata-vault.html | 8 ++-- design/metadata/schema-configuration.html | 8 ++-- design/overview/authentication.html | 8 ++-- design/overview/data-requests.html | 8 ++-- design/overview/data_package_reference.html | 8 ++-- design/overview/deployment.html | 8 ++-- design/overview/deposit-space.html | 8 ++-- design/overview/external-user-service.html | 8 ++-- design/overview/group-manager.html | 8 ++-- design/overview/index.html | 8 ++-- design/overview/intake.html | 8 ++-- design/overview/research-space.html | 8 ++-- design/overview/statistics.html | 8 ++-- design/overview/statistics_1.8.html | 8 ++-- design/overview/theme-packages.html | 8 ++-- design/overview/vault-archive.html | 8 ++-- design/overview/vault-space.html | 8 ++-- design/overview/yoda-moai.html | 8 ++-- design/processes/async-system-execution.html | 8 ++-- design/processes/asynchronous-processes.html | 8 ++-- design/processes/index.html | 8 ++-- design/processes/locking-mechanism.html | 8 ++-- design/processes/publication-process.html | 8 ++-- design/processes/revisions.html | 8 ++-- design/processes/vault-process.html | 8 ++-- development/development-tips.html | 8 ++-- development/docker-setup.html | 8 ++-- development/index.html | 8 ++-- development/mock_tape_archive.html | 8 ++-- development/running-api-ui-tests.html | 8 ++-- .../setting-up-development-environment.html | 8 ++-- development/wall-of-fame.html | 8 ++-- .../yodadrive-development-environment.html | 8 ++-- index.html | 8 ++-- release-notes/index.html | 8 ++-- release-notes/release-0.9.7.html | 8 ++-- release-notes/release-1.0.html | 8 ++-- release-notes/release-1.1.html | 8 ++-- release-notes/release-1.2.html | 8 ++-- release-notes/release-1.3.html | 8 ++-- release-notes/release-1.4.html | 8 ++-- release-notes/release-1.5.html | 8 ++-- release-notes/release-1.6.html | 8 ++-- release-notes/release-1.7.html | 8 ++-- release-notes/release-1.8.html | 8 ++-- release-notes/release-1.9.html | 48 +++++++++++++++++-- 77 files changed, 344 insertions(+), 321 deletions(-) diff --git a/administration/configuring-cleanup-temporary-files.html b/administration/configuring-cleanup-temporary-files.html index f0fa91094..6b1dda7a0 100644 --- a/administration/configuring-cleanup-temporary-files.html +++ b/administration/configuring-cleanup-temporary-files.html @@ -12,11 +12,11 @@ diff --git a/administration/configuring-data-access-passwords.html b/administration/configuring-data-access-passwords.html index d989f927f..b5e1d161e 100644 --- a/administration/configuring-data-access-passwords.html +++ b/administration/configuring-data-access-passwords.html @@ -12,11 +12,11 @@ diff --git a/administration/configuring-openidc.html b/administration/configuring-openidc.html index 32d4ebe9e..2329ef4bd 100644 --- a/administration/configuring-openidc.html +++ b/administration/configuring-openidc.html @@ -12,11 +12,11 @@ diff --git a/administration/configuring-yoda.html b/administration/configuring-yoda.html index 6961a55ca..47a9c0981 100644 --- a/administration/configuring-yoda.html +++ b/administration/configuring-yoda.html @@ -12,11 +12,11 @@ @@ -999,7 +999,7 @@

smtp_server - SMTP server to send mail to + SMTP server to send mail to (smtp://server.name:port or smtps://server.name:port, e.g. smtp://localhost:25) smtp_username diff --git a/administration/deploying-yoda.html b/administration/deploying-yoda.html index 080b491d0..5b24b86cc 100644 --- a/administration/deploying-yoda.html +++ b/administration/deploying-yoda.html @@ -12,11 +12,11 @@ diff --git a/administration/deprovision-users.html b/administration/deprovision-users.html index 849ea11e8..fe52d4e73 100644 --- a/administration/deprovision-users.html +++ b/administration/deprovision-users.html @@ -12,11 +12,11 @@ diff --git a/administration/hotfixing-ruleset.html b/administration/hotfixing-ruleset.html index 6df9d6274..0e6b93f98 100644 --- a/administration/hotfixing-ruleset.html +++ b/administration/hotfixing-ruleset.html @@ -12,11 +12,11 @@ diff --git a/administration/index.html b/administration/index.html index bc0c6204f..2222d5190 100644 --- a/administration/index.html +++ b/administration/index.html @@ -12,11 +12,11 @@ diff --git a/administration/installing-datarequest-module.html b/administration/installing-datarequest-module.html index 1fcfaedf4..b363d492e 100644 --- a/administration/installing-datarequest-module.html +++ b/administration/installing-datarequest-module.html @@ -12,11 +12,11 @@ diff --git a/administration/installing-licenses.html b/administration/installing-licenses.html index 7162c8ebb..09249b69e 100644 --- a/administration/installing-licenses.html +++ b/administration/installing-licenses.html @@ -12,11 +12,11 @@ diff --git a/administration/installing-metadata-schemas.html b/administration/installing-metadata-schemas.html index 52743cbca..6f58e7fe2 100644 --- a/administration/installing-metadata-schemas.html +++ b/administration/installing-metadata-schemas.html @@ -12,11 +12,11 @@ diff --git a/administration/installing-preservable-file-formats.html b/administration/installing-preservable-file-formats.html index 634c78aab..898e3def8 100644 --- a/administration/installing-preservable-file-formats.html +++ b/administration/installing-preservable-file-formats.html @@ -12,11 +12,11 @@ diff --git a/administration/installing-terms.html b/administration/installing-terms.html index f97d4dbdc..05919e53a 100644 --- a/administration/installing-terms.html +++ b/administration/installing-terms.html @@ -12,11 +12,11 @@ diff --git a/administration/local-postfix-mta.html b/administration/local-postfix-mta.html index a33188e0d..62471ade6 100644 --- a/administration/local-postfix-mta.html +++ b/administration/local-postfix-mta.html @@ -12,11 +12,11 @@ diff --git a/administration/local-ruleset-patch.html b/administration/local-ruleset-patch.html index 54e20771d..d39372972 100644 --- a/administration/local-ruleset-patch.html +++ b/administration/local-ruleset-patch.html @@ -12,11 +12,11 @@ diff --git a/administration/restore-collection.html b/administration/restore-collection.html index 2603f32e2..48f127663 100644 --- a/administration/restore-collection.html +++ b/administration/restore-collection.html @@ -12,11 +12,11 @@ diff --git a/administration/setting-job-flags.html b/administration/setting-job-flags.html index be963965a..fafca6a3c 100644 --- a/administration/setting-job-flags.html +++ b/administration/setting-job-flags.html @@ -12,11 +12,11 @@ diff --git a/administration/supported-distributions.html b/administration/supported-distributions.html index 465e6fb60..1f7d76208 100644 --- a/administration/supported-distributions.html +++ b/administration/supported-distributions.html @@ -12,11 +12,11 @@ diff --git a/administration/troubleshooting-email.html b/administration/troubleshooting-email.html index b703d14ac..986890605 100644 --- a/administration/troubleshooting-email.html +++ b/administration/troubleshooting-email.html @@ -12,11 +12,11 @@ diff --git a/administration/troubleshooting-publication.html b/administration/troubleshooting-publication.html index d80d11756..92a0e24d4 100644 --- a/administration/troubleshooting-publication.html +++ b/administration/troubleshooting-publication.html @@ -12,11 +12,11 @@ diff --git a/administration/troubleshooting-replication-revisions.html b/administration/troubleshooting-replication-revisions.html index 9aff719b4..b992e9cdf 100644 --- a/administration/troubleshooting-replication-revisions.html +++ b/administration/troubleshooting-replication-revisions.html @@ -12,11 +12,11 @@ diff --git a/administration/upgrading-metadata-schemas.html b/administration/upgrading-metadata-schemas.html index 81519bfcd..0ddd7568d 100644 --- a/administration/upgrading-metadata-schemas.html +++ b/administration/upgrading-metadata-schemas.html @@ -12,11 +12,11 @@ diff --git a/administration/using-python-irodsclient.html b/administration/using-python-irodsclient.html index 4c794cd30..352ed617c 100644 --- a/administration/using-python-irodsclient.html +++ b/administration/using-python-irodsclient.html @@ -12,11 +12,11 @@ diff --git a/assets/js/just-the-docs.js b/assets/js/just-the-docs.js index 3c15386d9..84844b3e7 100644 --- a/assets/js/just-the-docs.js +++ b/assets/js/just-the-docs.js @@ -29,10 +29,7 @@ function initNav() { } if (target) { e.preventDefault(); - const active = target.parentNode.classList.toggle('active'); - const passive = target.parentNode.classList.toggle('passive'); - if (active && passive) target.parentNode.classList.toggle('passive'); - target.ariaPressed = active; + target.ariaPressed = target.parentNode.classList.toggle('active'); } }); @@ -474,8 +471,7 @@ function scrollNav() { } // Find the nav-list-link that refers to the current page -// then make it and all enclosing nav-list-item elements active, -// and make all other folded collections passive +// then make it and all enclosing nav-list-item elements active. function activateNav() { var target = navLink(); @@ -491,17 +487,6 @@ function activateNav() { target = target.parentNode; } } - const elements = document.getElementsByClassName("nav-category-list"); - for (const element of elements) { - const item = element.children[0]; - const active = item.classList.toggle('active'); - if (active) { - item.classList.toggle('active', false); - item.classList.toggle('passive', true); - } else { - item.classList.toggle('active', true); - } - } } // Document ready diff --git a/assets/js/search-data.json b/assets/js/search-data.json index 7ff171ce5..66bbab446 100644 --- a/assets/js/search-data.json +++ b/assets/js/search-data.json @@ -274,7 +274,7 @@ },"39": { "doc": "Configuring Yoda", "title": "3. Configure (new) Yoda instance", - "content": "To configure a (new) Yoda instance we have to edit the instance configuration in the Yoda instance variables directory (group_vars). In case of a new Yoda instance we can copy a configuration of a full development (environments/development/full/) instance as base. The configuration is split in several parts. Below an overview of these parts and the configuration options available. Ansible configuration . | Variable | Description | . | ansible_user | Administrative user on instance for Ansible | . | ansible_ssh_private_key_file | Path to private key file of administrative user | . | repo_only | Only download packages from repos | . | centos_extras_repository | Name of the CentOS extras repository | . | centos_sclo_rh_repository | Name of the CentOS SCLO-RH repository | . Note: if one of these variables are different for a host then define them in the corresponding host specific variables file (host_vars). Yoda configuration . | Variable | Description | . | instance | Name of Yoda instance, as defined in hosts file | . | yoda_version | Yoda version. Use a git branch (e.g. release-1.8) or a tag (e.g. v1.8.5) | . | yoda_ruleset_version | Version of the main Yoda ruleset to use. Defaults to the value of yoda_version. | . | yoda_portal_version | Version of the Yoda portal to use. Defaults to the value of yoda_version. | . | yoda_environment | Yoda environment: development, testing, acceptance or production | . | yoda_portal_fqdn | Yoda Portal fully qualified domain name (FQDN) | . | yoda_davrods_fqdn | Yoda Davrods WebDAV fully qualified domain name (FQDN) | . | yoda_davrods_anonymous_fqdn | Yoda Davrods anonymous WebDAV fully qualified domain name (FQDN) | . | yoda_davrods_logo_path | Path of the DavRODS logo on the portal. Defaults to the themed logo. | . | yoda_davrods_logo_link | URL that the DavRODS logo is linked to (default: https://www.uu.nl) | . | yoda_enable_httpd | Whether to enable the httpd service (boolean, default value: true). Set to false if manual actions are needed before starting the web server (e.g. mounting encrypted volumes) | . | tcp_keepalive_time | IPv4 TCP keepalives: time until first keepalive (kernel parameter). Can be useful to tune in order to prevent timeouts on long transfers. | . | tcp_keepalive_intvl | IPv4 TCP keepalives: time between keepalives (kernel parameter). Can be useful to tune in order to prevent timeouts on long transfers. | . | yoda_theme | The theme to use for the Yoda Portal. See also the theme documentation. By default, Yoda uses the UU theme. | . | yoda_theme_path | Path where themes for the Yoda Portal are retrieved from. See the theme documentation for more information. | . | portal_session_cookie_samesite | Samesite setting for session cookies Yoda Portal. Should be ‘Lax’ if OIDC is enabled and identity provider is in different domain. Otherwise it should be ‘Strict’. Default value: ‘Strict’. | . Generic logging configuration . | Variable | Description | . | httpd_log_forwarded_for | Whether to log X-Forwarded-For headers in Apache logs (boolean, default value: false). This logs source IP addresses of requests if requests to the Yoda web portal and/or WebDAV interface are routed via a load balancer. | . | httpd_log_user_agent | Whether to log the user agent of browsers and WebDAV clients in the Apache logs (boolean, default value: false) | . | yoda_portal_log_api_call_duration | Whether to log duration and parameters of all API calls from the Yoda portal. This is mainly useful for performance testing (boolean, default value: false) | . iRODS configuration . | Variable | Description | . | irods_admin | iRODS admin username | . | irods_password | iRODS admin password | . | irods_database_user | The iRODS database username | . | irods_database_password | The password for the iRODS database username | . | irods_database_enable_yoda_indexes | Enable indexes to speed up Yoda search operations (default: false). This is mainly useful for medium-sized and large environments (millions of data objects or more). Please note that the indexes can take up a significant amount of diskspace (rough estimate: 10-30% increase in database size). They will be created asynchronously. This can take some time on existing environments with a significant amount of data, and temporarily decrease performance. | . | irods_zone | The name of the iRODS Zone | . | irods_icat_fqdn | iRODS iCAT fully qualified domain name (FQDN) | . | irods_database_fqdn | iRODS database fully qualified domain name (FQDN) | . | irods_resource_fqdn | iRODS resource fully qualified domain name (FQDN). Don’t define this variable if you have multiple resource servers. | . | irods_default_resc | iRODS default resource name | . | irods_resc_trigger_pol | List of text patterns for matching non-primary resources where changes also need to trigger policies (e.g. asynchronous replication). Example: [“^testResc$”,”^myResc$”] | . | irods_ssl_verify_server | Verify TLS certificate, use ‘cert’ for acceptance and production | . | irods_resources | Definition of iRODS resources of this Yoda instance | . | irods_service_type | Possible values: ‘sysv’ (System V) or ‘systemd’ | . | irods_max_open_files | Maximum number of open files for iRODS service (only effective when irods_service_type is set to ‘systemd’) | . | irods_enable_service | Whether to enable the iRODS service. Set to false if manual actions are needed before starting iRODS, e.g. mounting encrypted volumes (only effective when irods_service_type is set to ‘systemd’) | . | irods_rum_job_enabled | Whether to enable the daily RUM job for removing unused metadata entries (default: true) | . | irods_rum_job_hour | Time to run RUM job - hour (default: 20) | . | irods_rum_job_minute | Time to run RUM job - minute (default: 0) | . | irods_enable_gocommands | Whether to install the GoCommands CLI (disabled by default) | . | irods_gocommands_version | GoCommands version | . | irods_gocommands_archive_checksum | MD5 checksum of the GoCommands archive for the version to be installed | . S3 configuration - for iRODS S3 resource plugin and s3cmd utilities . | Variable | Description | . | enable_s3_resource | Enable iRODS S3 Resource Plugin. Default: false | . | s3_access_key | S3 access key of S3 buckets (used by s3cmd, and optionally by S3 resource plugin, if S3 resource context points to .s3auth file) | . | s3_secret_key | S3 secret key of S3 buckets (used by s3cmd, and optionally by S3 resource plugin, if S3 resource context points to .s3auth file) | . | s3_hostname | S3 server hostname (used by s3cmd; the hostname used by the S3 resource plugin is configured in the S3 resource contexts instead) | . | s3_auth_file | S3 authentication file name (default value: /var/lib/irods/.s3auth) | . Research module configuration . | Variable | Description | . | default_yoda_schema | Default Yoda metadata scheme: default-3 | . | yoda_random_id_length | Length of random ID to add to persistent identifier | . | yoda_prefix | Prefix for internal portion of persistent identifier | . | update_rulesets | Update already installed rulesets with git | . | override_resc_install_rulesets | Install rulesets on server even if it is a resource server (default: false). This override parameter can be used on resource servers that have an additional role, e.g. DavRODS server | . | update_schemas | Update already installed schemas, formelements and stylesheets: yes (1) or no (0) | . | credential_files | Location of Yoda credentials files | . | temporary_files | List of temporary files for cleanup functionality | . | metadata_schemas | List of metadata schemas to install on the system | . Replication configuration . | Variable | Description | . | enable_async_replication | Enable asynchronous replication: yes (1) or no (0) | . | async_replication_jobs | Number of asynchronous replication jobs, when decreasing the number of jobs, manually remove jobs from the crontab (default: 1) | . | async_replication_batch_size | Asynchronous replication jobs batch size (default: 1000) | . | async_replication_verbose_mode | Run asynchronous replication job in verbose mode (default: true) | . | async_replication_delay_time | Delay after last modification to data object before replication job can process it (in seconds, default: 0) | . Revision configuration . | Variable | Description | . | enable_revisions | Enable asynchronous revisions: yes (1) or no (0) | . | revision_strategy | Revision strategy: A, B, J or Simple (default: B) | . | async_revision_jobs | Number of asynchronous replication jobs, when decreasing the number of jobs, manually remove jobs from the crontab (default: 1) | . | async_revision_batch_size | Asynchronous revision jobs batch size (default: 1000) | . | async_revision_verbose_mode | Run asynchronous revision job in verbose mode (default: true) | . | async_revision_delay_time | Delay after last modification to data object before revision job can process it (in seconds, default: 0) | . | enable_revision_cleanup: true | Enable revision cleanup job (true/false) | . Deposit module configuration . | Variable | Description | . | enable_deposit | Enable deposit module | . Intake module configuration . | Variable | Description | . | enable_intake | Enable intake module | . | intake_groups | List of intake groups (without the “grp-intake-“ prefix) | . | intake_extended_timeout | If the intake module is enabled, portal iRODS session timeouts and portal VHost timeouts will be changed to this value (in seconds), in order to be able to handle long synchronous operations, such as intake scans (default: 1800) | . Datarequest module configuration . | Variable | Description | . | enable_datarequest | Enable datarequest module | . | datarequest_help_contact_name | Help contact name | . | datarequest_help_contact_email | Help contact email address | . OpenSearch configuration . | Variable | Description | . | enable_open_search | Enable OpenSearch and indexing plugin | . | opensearch_server | FQDN of the OpenSearch server (typically the provider) | . Yoda notifications configuration . | Variable | Description | . | send_notifications | Enable notifications: yes (1) or no (0) | . | notifications_sender_email | Notifications sender email address | . | notifications_reply_to | Notifications Reply-To email address | . Yoda internal SMTP settings configuration . These settings also affect the External User Service (EUS). | Variable | Description | . | smtp_server | SMTP server to send mail to | . | smtp_username | SMTP server username | . | smtp_password | SMTP server password | . | smtp_auth | Whether to use SMTP authentication (true/false, default: true) | . | smtp_starttls | Whether to force StartTLS on non-SMTP connections (true/false, default: true) | . PostgreSQL database configuration . | Variable | Description | . | pgsql_version | PostgreSQL version (default: 11) | . | postgresql_max_connections | Maximum number of database connections (default: 100) | . | postgresql_shared_buffers | Amount of memory database should use for shared buffers. Rule of thumb: set to 25% of memory on dedicated database server; on a shared server, it should probably be lower. Default value: 32 MB. | . | postgresql_work_mem | Maximum amount of worker memory. Rule of thumb: increasing worker memory can help with improving performance, but it is necessary to ensure that sufficient memory is available, considering the maximum number of database connections. Default value: 1 MB. | . | postgresql_maintenance_work_mem | Maximum amount of memory for maintenance processes, such as VACUUM. Default value: 16 MB. | . | postgresql_effective_cache_size | Tells the query planner how much memory it can expect to be available for disk caching for the database. Rule of thumb: set to approximately 50-75% on dedicated database server. Default value: 128 MB. | . | postgresql_random_page_cost | Tells the query planner about the relative cost of random access versus sequential access. You could use a tool like fio to get an estimate, or use a ballpark estimate based on the type of storage of the database volume (e.g. 1.0 for SSD-based storage). Default value is 4.0. | . | postgresql_log_line_prefix: | Format of log message prefix in the PostgreSQL log, for adding timestamps etc. to log messages. The default value adds a timestamp and process number, which is sufficient for most purposes. It might be useful to log additional information in specific situations, such as when troubleshooting database issues. | . | postgresql_log_min_duration_statement | Minimum number of milliseconds for slow query logging (default: -1 / disabled) | . | postgresql_log_autovacuum_min_duration | Minimum number of milliseconds for logging slow autovacuum actions (default: -1 / disabled) | . | postgresql_timezone | Timezone that PostgreSQL uses. Defaults to Europe/Amsterdam. | . PgBouncer configuration . | Variable | Description | . | enable_pgbouncer | Whether to enable PgBouncer (default: false) | . | pgbouncer_pool_mode | Specifies when a server connection can be reused by other clients (default: session) | . | pgbouncer_max_client_conn | Maximum number of client connections allowed (default: 200) | . | pgbouncer_default_pool_size | How many server connections to allow per user/database pair (default: 50) | . | pgbouncer_reserve_pool_size | How many additional connections to allow to a pool (default: 25) | . | pgbouncer_reserve_pool_timeout | If a client has not been serviced in this time, use additional connections from the reserve pool (default: 2) | . | pgbouncer_override_ignore_startup_parameters | Adjust ignore_startup_parameters setting of PGbouncer (default: undefined / use OS default value) | . Postfix configuration . | Variable | Description | . | enable_postfix | Whether to enable the Postfix local MTA (default: false) | . | postfix_myhostname | Hostname of server where Postfix will be installed (compulsory parameter if Postfix is enabled) | . | postfix_relayhost | Relay host, the server that Postfix should send emails to (compulsory parameter if Postfix is enabled) | . | postfix_relayhost_port | Port of relay host (default: 587) | . | postfix_relayhost_username | User name for authentication on relay host (compulsory parameter if Postfix is enabled) | . | postfix_relayhost_password | Password for authentication on relay host (compulsory parameter if Postfix is enabled) | . | postfix_smtp_enable_tls | Whether to enable TLS on connections to relay host. This also enables authentication on connections to the relay host (default: true) | . | postfix_smtp_enable_authentication | Enables authentication on connection to relay host. Only works if TLS is also enabled. (default: true) | . | postfix_relayhost_username | User name for authentication on relay host (compulsory parameter if authentication is enabled) | . | postfix_relayhost_password | Password for authentication on relay host (compulsory parameter if authentication is enabled) | . | postfix_enable_debugging | This enables additional logging on connections to the relay host. Useful for troubleshooting. (default: false) | . | postfix_myorigin | Sets origin domain for emails sent on the system. Defaults to the postfix_myhostname domain. | . | postfix_inet_protocols | Refers to Postfix inet_protocols setting. Can be useful for running Postfix in IPv4 only mode, if no IPv6 connectivity is available (default: “all”) | . | postfix_canonical_map | An optional dictionary of rewrite rules for email addresses. See the local Postfix MTA page for further information. | . DataCite Configuration . | Variable | Description | . | datacite_username | DataCite username | . | datacite_password | DataCite password | . | datacite_prefix | DataCite DOI prefix | . | datacite_rest_api_url | DataCite REST API URL | . | datacite_tls_verify | Enable TLS verification for Datacite API calls (0: no, 1: yes). Enabled by default, but disabled on development environments because these use a mock service with a self-signed certificate. | . SRAM Configuration (experimental) . | Variable | Description | . | enable_sram | Enable SRAM configuration | . | sram_rest_api_url | SRAM Rest API URL | . | sram_api_key | SRAM Rest API key | . | sram_verbose_logging | SRAM verbose logging | . | sram_tls_verify | Enable TLS verification for SRAM API calls. Enabled by default, but disabled on development environments because these use a mock service with a self-signed certificate. | . EPIC PID Configuration . | Variable | Description | . | epic_url | EPIC PID server URI (undefined disables EPIC PID) | . | epic_handle_prefix | EPIC PID prefix | . | epic_key | EPIC PID key (base64 encoded) | . | epic_cert | EPIC PID cert (base64 encoded) | . Data Access Tokens configuration . | Variable | Description | . | enable_tokens | Boolean indicating if Data Access Tokens for webDAV and iCommands are enabled. Must be true or false | . | token_database | Location of the database that contain the tokens | . | token_database_password | Token database password | . | token_length | Length of data access tokens | . | token_lifetime | Lifetime of data access tokens (in hours) | . | token_expiration_notification | Send notification before token expiration (in hours) | . | enable_radius_fallback | Fall back on RADIUS authentication if token authentication fails (default: false). Only enables RADIUS fallback if enable_tokens is set to true.This is a legacy parameter that will be removed in a future version of Yoda. | . Data Package Archive configuration . | Variable | Description | . | enable_data_package_archive | Enable data package archive functionality | . | enable_data_package_download | Enable data package download functionality | . | data_package_archive_fqdn | Fully qualified domain name (FQDN) of iRODS server connected to data archive | . | data_package_archive_minimum | Minimum data package archive size (1 GB), -1 for no limit | . | data_package_archive_maximum | Maximum data package archive size (100 GB), -1 for no limit | . | data_package_archive_resource | Resource to use for data package archive functionality | . Public host configuration . | Variable | Description | . | yoda_public_host | Yoda public host | . | yoda_public_fqdn | Yoda public fully qualified domain name (FQDN) | . | upload_priv_key | Yoda public upload private key (base64 encoded) | . | upload_pub_key | Yoda public upload public key (base64 encoded) | . | yoda_moai_version | Version of MOAI (the OAI-PMH server) to use. Defaults to the value of yoda_version. | . External user service configuration . | Variable | Description |   | . | yoda_eus_fqdn | Yoda External User Service fully qualified domain name (FQDN) |   | . | yoda_eus_version | Version of External User Service to use. Defaults to the value of yoda_version. |   | . | eus_api_fqdn | External User Service API fully qualified domain name (FQDN) |   | . | eus_api_port | External User Service API port |   | . | eus_api_secret | External User Service API secret |   | . | eus_api_tls_verify | Enable TLS verification for EUS API calls. Enabled by default |   | . | eus_db_password | External User Service database password |   | . | eus_smtp_from_name | External User Service email from name |   | . | eus_smtp_from_address | External User Service email from address |   | . | eus_smtp_replyto_name | External User Service email reply-to name |   | . | eus_smtp_replyto_address | External User Service email reply-to address |   | . | eus_mail_template | External User Service mail template |   | . | eus_mail_validate_address | External User Service: validate email address before sending email. If this option is enabled, EUS will only send emails to users if their username is a valid email address. It is intended to be used on environments where admins want to use an iRODS user with a non-email username to invite external users. This parameter is not meant to be enabled if the test data set installed by the test playbook has been loaded. Default value: false. |   | . | external_users_domain_filter | Domains to filter, separated by | and wildcard character * | . OpenID Connect (OIDC) configuration . | Variable | Description | . | oidc_active | Boolean indicating whether OpenId Connect with the following parameters is enabled of not. Must be true or false | . | oidc_domains | Domains that should use OIDC (list, wildcard character *). If this parameter is set, the first domain in the list is also used to generate the user name placeholder on the portal gate and login pages. | . | oidc_client_id | OIDC Client Id | . | oidc_client_secret | OIDC Client Secret/Password | . | oidc_callback_url | OIDC Callback url | . | oidc_auth_base_uri | OIDC Authorization URI without parameters | . | oidc_login_hint | Boolean indicating whether login hint should be added to Authorization URI (default: True) | . | oidc_token_uri | OIDC Token URI | . | oidc_userinfo_uri | OIDC Userinfo URI | . | oidc_scopes | OIDC Scopes | . | oidc_acr_values | OIDC Authentication Context Class Reference Values | . | oidc_email_field | The identifier of the JSON field in the id_token containing the email address. Default: email the email address (default: email) | . | oidc_jwks_uri | The url where the JWKS can be found (Java web key sets) | . | oidc_jwt_issuer | The issuer of the JWT tokens (‘iss’ value in JWT, for verification) | . | oidc_req_exp | Check that exp (expiration) claim is present | . | oidc_req_iat | Check that iat (issued at) claim is present | . | oidc_req_nbf | Check that nbf (not before) claim is present | . | oidc_verify_aud | Check that aud (audience) claim matches audience | . | oidc_verify_iat | Check that iat (issued at) claim value is an integer | . | oidc_verify_exp | Check that exp (expiration) claim value is OK | . | oidc_verify_iss | Check that iss (issue) claim is as expected | . Mailpit configuration . | Variable | Description | . | enable_mailpit | Enable Mailpit for email testing. Should only be enabled on local development environments for security reasons. Mailpit and Postfix shouldn’t be enabled simultaneously. Default: false | . | mailpit_version | Mailpit version to install | . | mailpit_max_messages | Maximum number of messages to store (default: 10000) | . | mailpit_smtp_bind_address | Address to bind on for SMTP interface (default: 0.0.0.0) | . | mailpit_smtp_port | TCP port for SMTP interface (default: 25) | . Tooling . | Variable | Description | . | enable_irods_consistency_check | Install iRODS consistency checker tool (ichk) | . | irods_consistency_check_version | iRODS consistency checker (ichk) version | . | enable_icat_database_checker | Install iCAT database checker | . | icat_database_checker_version | iCAT database checker version | . ", + "content": "To configure a (new) Yoda instance we have to edit the instance configuration in the Yoda instance variables directory (group_vars). In case of a new Yoda instance we can copy a configuration of a full development (environments/development/full/) instance as base. The configuration is split in several parts. Below an overview of these parts and the configuration options available. Ansible configuration . | Variable | Description | . | ansible_user | Administrative user on instance for Ansible | . | ansible_ssh_private_key_file | Path to private key file of administrative user | . | repo_only | Only download packages from repos | . | centos_extras_repository | Name of the CentOS extras repository | . | centos_sclo_rh_repository | Name of the CentOS SCLO-RH repository | . Note: if one of these variables are different for a host then define them in the corresponding host specific variables file (host_vars). Yoda configuration . | Variable | Description | . | instance | Name of Yoda instance, as defined in hosts file | . | yoda_version | Yoda version. Use a git branch (e.g. release-1.8) or a tag (e.g. v1.8.5) | . | yoda_ruleset_version | Version of the main Yoda ruleset to use. Defaults to the value of yoda_version. | . | yoda_portal_version | Version of the Yoda portal to use. Defaults to the value of yoda_version. | . | yoda_environment | Yoda environment: development, testing, acceptance or production | . | yoda_portal_fqdn | Yoda Portal fully qualified domain name (FQDN) | . | yoda_davrods_fqdn | Yoda Davrods WebDAV fully qualified domain name (FQDN) | . | yoda_davrods_anonymous_fqdn | Yoda Davrods anonymous WebDAV fully qualified domain name (FQDN) | . | yoda_davrods_logo_path | Path of the DavRODS logo on the portal. Defaults to the themed logo. | . | yoda_davrods_logo_link | URL that the DavRODS logo is linked to (default: https://www.uu.nl) | . | yoda_enable_httpd | Whether to enable the httpd service (boolean, default value: true). Set to false if manual actions are needed before starting the web server (e.g. mounting encrypted volumes) | . | tcp_keepalive_time | IPv4 TCP keepalives: time until first keepalive (kernel parameter). Can be useful to tune in order to prevent timeouts on long transfers. | . | tcp_keepalive_intvl | IPv4 TCP keepalives: time between keepalives (kernel parameter). Can be useful to tune in order to prevent timeouts on long transfers. | . | yoda_theme | The theme to use for the Yoda Portal. See also the theme documentation. By default, Yoda uses the UU theme. | . | yoda_theme_path | Path where themes for the Yoda Portal are retrieved from. See the theme documentation for more information. | . | portal_session_cookie_samesite | Samesite setting for session cookies Yoda Portal. Should be ‘Lax’ if OIDC is enabled and identity provider is in different domain. Otherwise it should be ‘Strict’. Default value: ‘Strict’. | . Generic logging configuration . | Variable | Description | . | httpd_log_forwarded_for | Whether to log X-Forwarded-For headers in Apache logs (boolean, default value: false). This logs source IP addresses of requests if requests to the Yoda web portal and/or WebDAV interface are routed via a load balancer. | . | httpd_log_user_agent | Whether to log the user agent of browsers and WebDAV clients in the Apache logs (boolean, default value: false) | . | yoda_portal_log_api_call_duration | Whether to log duration and parameters of all API calls from the Yoda portal. This is mainly useful for performance testing (boolean, default value: false) | . iRODS configuration . | Variable | Description | . | irods_admin | iRODS admin username | . | irods_password | iRODS admin password | . | irods_database_user | The iRODS database username | . | irods_database_password | The password for the iRODS database username | . | irods_database_enable_yoda_indexes | Enable indexes to speed up Yoda search operations (default: false). This is mainly useful for medium-sized and large environments (millions of data objects or more). Please note that the indexes can take up a significant amount of diskspace (rough estimate: 10-30% increase in database size). They will be created asynchronously. This can take some time on existing environments with a significant amount of data, and temporarily decrease performance. | . | irods_zone | The name of the iRODS Zone | . | irods_icat_fqdn | iRODS iCAT fully qualified domain name (FQDN) | . | irods_database_fqdn | iRODS database fully qualified domain name (FQDN) | . | irods_resource_fqdn | iRODS resource fully qualified domain name (FQDN). Don’t define this variable if you have multiple resource servers. | . | irods_default_resc | iRODS default resource name | . | irods_resc_trigger_pol | List of text patterns for matching non-primary resources where changes also need to trigger policies (e.g. asynchronous replication). Example: [“^testResc$”,”^myResc$”] | . | irods_ssl_verify_server | Verify TLS certificate, use ‘cert’ for acceptance and production | . | irods_resources | Definition of iRODS resources of this Yoda instance | . | irods_service_type | Possible values: ‘sysv’ (System V) or ‘systemd’ | . | irods_max_open_files | Maximum number of open files for iRODS service (only effective when irods_service_type is set to ‘systemd’) | . | irods_enable_service | Whether to enable the iRODS service. Set to false if manual actions are needed before starting iRODS, e.g. mounting encrypted volumes (only effective when irods_service_type is set to ‘systemd’) | . | irods_rum_job_enabled | Whether to enable the daily RUM job for removing unused metadata entries (default: true) | . | irods_rum_job_hour | Time to run RUM job - hour (default: 20) | . | irods_rum_job_minute | Time to run RUM job - minute (default: 0) | . | irods_enable_gocommands | Whether to install the GoCommands CLI (disabled by default) | . | irods_gocommands_version | GoCommands version | . | irods_gocommands_archive_checksum | MD5 checksum of the GoCommands archive for the version to be installed | . S3 configuration - for iRODS S3 resource plugin and s3cmd utilities . | Variable | Description | . | enable_s3_resource | Enable iRODS S3 Resource Plugin. Default: false | . | s3_access_key | S3 access key of S3 buckets (used by s3cmd, and optionally by S3 resource plugin, if S3 resource context points to .s3auth file) | . | s3_secret_key | S3 secret key of S3 buckets (used by s3cmd, and optionally by S3 resource plugin, if S3 resource context points to .s3auth file) | . | s3_hostname | S3 server hostname (used by s3cmd; the hostname used by the S3 resource plugin is configured in the S3 resource contexts instead) | . | s3_auth_file | S3 authentication file name (default value: /var/lib/irods/.s3auth) | . Research module configuration . | Variable | Description | . | default_yoda_schema | Default Yoda metadata scheme: default-3 | . | yoda_random_id_length | Length of random ID to add to persistent identifier | . | yoda_prefix | Prefix for internal portion of persistent identifier | . | update_rulesets | Update already installed rulesets with git | . | override_resc_install_rulesets | Install rulesets on server even if it is a resource server (default: false). This override parameter can be used on resource servers that have an additional role, e.g. DavRODS server | . | update_schemas | Update already installed schemas, formelements and stylesheets: yes (1) or no (0) | . | credential_files | Location of Yoda credentials files | . | temporary_files | List of temporary files for cleanup functionality | . | metadata_schemas | List of metadata schemas to install on the system | . Replication configuration . | Variable | Description | . | enable_async_replication | Enable asynchronous replication: yes (1) or no (0) | . | async_replication_jobs | Number of asynchronous replication jobs, when decreasing the number of jobs, manually remove jobs from the crontab (default: 1) | . | async_replication_batch_size | Asynchronous replication jobs batch size (default: 1000) | . | async_replication_verbose_mode | Run asynchronous replication job in verbose mode (default: true) | . | async_replication_delay_time | Delay after last modification to data object before replication job can process it (in seconds, default: 0) | . Revision configuration . | Variable | Description | . | enable_revisions | Enable asynchronous revisions: yes (1) or no (0) | . | revision_strategy | Revision strategy: A, B, J or Simple (default: B) | . | async_revision_jobs | Number of asynchronous replication jobs, when decreasing the number of jobs, manually remove jobs from the crontab (default: 1) | . | async_revision_batch_size | Asynchronous revision jobs batch size (default: 1000) | . | async_revision_verbose_mode | Run asynchronous revision job in verbose mode (default: true) | . | async_revision_delay_time | Delay after last modification to data object before revision job can process it (in seconds, default: 0) | . | enable_revision_cleanup: true | Enable revision cleanup job (true/false) | . Deposit module configuration . | Variable | Description | . | enable_deposit | Enable deposit module | . Intake module configuration . | Variable | Description | . | enable_intake | Enable intake module | . | intake_groups | List of intake groups (without the “grp-intake-“ prefix) | . | intake_extended_timeout | If the intake module is enabled, portal iRODS session timeouts and portal VHost timeouts will be changed to this value (in seconds), in order to be able to handle long synchronous operations, such as intake scans (default: 1800) | . Datarequest module configuration . | Variable | Description | . | enable_datarequest | Enable datarequest module | . | datarequest_help_contact_name | Help contact name | . | datarequest_help_contact_email | Help contact email address | . OpenSearch configuration . | Variable | Description | . | enable_open_search | Enable OpenSearch and indexing plugin | . | opensearch_server | FQDN of the OpenSearch server (typically the provider) | . Yoda notifications configuration . | Variable | Description | . | send_notifications | Enable notifications: yes (1) or no (0) | . | notifications_sender_email | Notifications sender email address | . | notifications_reply_to | Notifications Reply-To email address | . Yoda internal SMTP settings configuration . These settings also affect the External User Service (EUS). | Variable | Description | . | smtp_server | SMTP server to send mail to (smtp://server.name:port or smtps://server.name:port, e.g. smtp://localhost:25) | . | smtp_username | SMTP server username | . | smtp_password | SMTP server password | . | smtp_auth | Whether to use SMTP authentication (true/false, default: true) | . | smtp_starttls | Whether to force StartTLS on non-SMTP connections (true/false, default: true) | . PostgreSQL database configuration . | Variable | Description | . | pgsql_version | PostgreSQL version (default: 11) | . | postgresql_max_connections | Maximum number of database connections (default: 100) | . | postgresql_shared_buffers | Amount of memory database should use for shared buffers. Rule of thumb: set to 25% of memory on dedicated database server; on a shared server, it should probably be lower. Default value: 32 MB. | . | postgresql_work_mem | Maximum amount of worker memory. Rule of thumb: increasing worker memory can help with improving performance, but it is necessary to ensure that sufficient memory is available, considering the maximum number of database connections. Default value: 1 MB. | . | postgresql_maintenance_work_mem | Maximum amount of memory for maintenance processes, such as VACUUM. Default value: 16 MB. | . | postgresql_effective_cache_size | Tells the query planner how much memory it can expect to be available for disk caching for the database. Rule of thumb: set to approximately 50-75% on dedicated database server. Default value: 128 MB. | . | postgresql_random_page_cost | Tells the query planner about the relative cost of random access versus sequential access. You could use a tool like fio to get an estimate, or use a ballpark estimate based on the type of storage of the database volume (e.g. 1.0 for SSD-based storage). Default value is 4.0. | . | postgresql_log_line_prefix: | Format of log message prefix in the PostgreSQL log, for adding timestamps etc. to log messages. The default value adds a timestamp and process number, which is sufficient for most purposes. It might be useful to log additional information in specific situations, such as when troubleshooting database issues. | . | postgresql_log_min_duration_statement | Minimum number of milliseconds for slow query logging (default: -1 / disabled) | . | postgresql_log_autovacuum_min_duration | Minimum number of milliseconds for logging slow autovacuum actions (default: -1 / disabled) | . | postgresql_timezone | Timezone that PostgreSQL uses. Defaults to Europe/Amsterdam. | . PgBouncer configuration . | Variable | Description | . | enable_pgbouncer | Whether to enable PgBouncer (default: false) | . | pgbouncer_pool_mode | Specifies when a server connection can be reused by other clients (default: session) | . | pgbouncer_max_client_conn | Maximum number of client connections allowed (default: 200) | . | pgbouncer_default_pool_size | How many server connections to allow per user/database pair (default: 50) | . | pgbouncer_reserve_pool_size | How many additional connections to allow to a pool (default: 25) | . | pgbouncer_reserve_pool_timeout | If a client has not been serviced in this time, use additional connections from the reserve pool (default: 2) | . | pgbouncer_override_ignore_startup_parameters | Adjust ignore_startup_parameters setting of PGbouncer (default: undefined / use OS default value) | . Postfix configuration . | Variable | Description | . | enable_postfix | Whether to enable the Postfix local MTA (default: false) | . | postfix_myhostname | Hostname of server where Postfix will be installed (compulsory parameter if Postfix is enabled) | . | postfix_relayhost | Relay host, the server that Postfix should send emails to (compulsory parameter if Postfix is enabled) | . | postfix_relayhost_port | Port of relay host (default: 587) | . | postfix_relayhost_username | User name for authentication on relay host (compulsory parameter if Postfix is enabled) | . | postfix_relayhost_password | Password for authentication on relay host (compulsory parameter if Postfix is enabled) | . | postfix_smtp_enable_tls | Whether to enable TLS on connections to relay host. This also enables authentication on connections to the relay host (default: true) | . | postfix_smtp_enable_authentication | Enables authentication on connection to relay host. Only works if TLS is also enabled. (default: true) | . | postfix_relayhost_username | User name for authentication on relay host (compulsory parameter if authentication is enabled) | . | postfix_relayhost_password | Password for authentication on relay host (compulsory parameter if authentication is enabled) | . | postfix_enable_debugging | This enables additional logging on connections to the relay host. Useful for troubleshooting. (default: false) | . | postfix_myorigin | Sets origin domain for emails sent on the system. Defaults to the postfix_myhostname domain. | . | postfix_inet_protocols | Refers to Postfix inet_protocols setting. Can be useful for running Postfix in IPv4 only mode, if no IPv6 connectivity is available (default: “all”) | . | postfix_canonical_map | An optional dictionary of rewrite rules for email addresses. See the local Postfix MTA page for further information. | . DataCite Configuration . | Variable | Description | . | datacite_username | DataCite username | . | datacite_password | DataCite password | . | datacite_prefix | DataCite DOI prefix | . | datacite_rest_api_url | DataCite REST API URL | . | datacite_tls_verify | Enable TLS verification for Datacite API calls (0: no, 1: yes). Enabled by default, but disabled on development environments because these use a mock service with a self-signed certificate. | . SRAM Configuration (experimental) . | Variable | Description | . | enable_sram | Enable SRAM configuration | . | sram_rest_api_url | SRAM Rest API URL | . | sram_api_key | SRAM Rest API key | . | sram_verbose_logging | SRAM verbose logging | . | sram_tls_verify | Enable TLS verification for SRAM API calls. Enabled by default, but disabled on development environments because these use a mock service with a self-signed certificate. | . EPIC PID Configuration . | Variable | Description | . | epic_url | EPIC PID server URI (undefined disables EPIC PID) | . | epic_handle_prefix | EPIC PID prefix | . | epic_key | EPIC PID key (base64 encoded) | . | epic_cert | EPIC PID cert (base64 encoded) | . Data Access Tokens configuration . | Variable | Description | . | enable_tokens | Boolean indicating if Data Access Tokens for webDAV and iCommands are enabled. Must be true or false | . | token_database | Location of the database that contain the tokens | . | token_database_password | Token database password | . | token_length | Length of data access tokens | . | token_lifetime | Lifetime of data access tokens (in hours) | . | token_expiration_notification | Send notification before token expiration (in hours) | . | enable_radius_fallback | Fall back on RADIUS authentication if token authentication fails (default: false). Only enables RADIUS fallback if enable_tokens is set to true.This is a legacy parameter that will be removed in a future version of Yoda. | . Data Package Archive configuration . | Variable | Description | . | enable_data_package_archive | Enable data package archive functionality | . | enable_data_package_download | Enable data package download functionality | . | data_package_archive_fqdn | Fully qualified domain name (FQDN) of iRODS server connected to data archive | . | data_package_archive_minimum | Minimum data package archive size (1 GB), -1 for no limit | . | data_package_archive_maximum | Maximum data package archive size (100 GB), -1 for no limit | . | data_package_archive_resource | Resource to use for data package archive functionality | . Public host configuration . | Variable | Description | . | yoda_public_host | Yoda public host | . | yoda_public_fqdn | Yoda public fully qualified domain name (FQDN) | . | upload_priv_key | Yoda public upload private key (base64 encoded) | . | upload_pub_key | Yoda public upload public key (base64 encoded) | . | yoda_moai_version | Version of MOAI (the OAI-PMH server) to use. Defaults to the value of yoda_version. | . External user service configuration . | Variable | Description |   | . | yoda_eus_fqdn | Yoda External User Service fully qualified domain name (FQDN) |   | . | yoda_eus_version | Version of External User Service to use. Defaults to the value of yoda_version. |   | . | eus_api_fqdn | External User Service API fully qualified domain name (FQDN) |   | . | eus_api_port | External User Service API port |   | . | eus_api_secret | External User Service API secret |   | . | eus_api_tls_verify | Enable TLS verification for EUS API calls. Enabled by default |   | . | eus_db_password | External User Service database password |   | . | eus_smtp_from_name | External User Service email from name |   | . | eus_smtp_from_address | External User Service email from address |   | . | eus_smtp_replyto_name | External User Service email reply-to name |   | . | eus_smtp_replyto_address | External User Service email reply-to address |   | . | eus_mail_template | External User Service mail template |   | . | eus_mail_validate_address | External User Service: validate email address before sending email. If this option is enabled, EUS will only send emails to users if their username is a valid email address. It is intended to be used on environments where admins want to use an iRODS user with a non-email username to invite external users. This parameter is not meant to be enabled if the test data set installed by the test playbook has been loaded. Default value: false. |   | . | external_users_domain_filter | Domains to filter, separated by | and wildcard character * | . OpenID Connect (OIDC) configuration . | Variable | Description | . | oidc_active | Boolean indicating whether OpenId Connect with the following parameters is enabled of not. Must be true or false | . | oidc_domains | Domains that should use OIDC (list, wildcard character *). If this parameter is set, the first domain in the list is also used to generate the user name placeholder on the portal gate and login pages. | . | oidc_client_id | OIDC Client Id | . | oidc_client_secret | OIDC Client Secret/Password | . | oidc_callback_url | OIDC Callback url | . | oidc_auth_base_uri | OIDC Authorization URI without parameters | . | oidc_login_hint | Boolean indicating whether login hint should be added to Authorization URI (default: True) | . | oidc_token_uri | OIDC Token URI | . | oidc_userinfo_uri | OIDC Userinfo URI | . | oidc_scopes | OIDC Scopes | . | oidc_acr_values | OIDC Authentication Context Class Reference Values | . | oidc_email_field | The identifier of the JSON field in the id_token containing the email address. Default: email the email address (default: email) | . | oidc_jwks_uri | The url where the JWKS can be found (Java web key sets) | . | oidc_jwt_issuer | The issuer of the JWT tokens (‘iss’ value in JWT, for verification) | . | oidc_req_exp | Check that exp (expiration) claim is present | . | oidc_req_iat | Check that iat (issued at) claim is present | . | oidc_req_nbf | Check that nbf (not before) claim is present | . | oidc_verify_aud | Check that aud (audience) claim matches audience | . | oidc_verify_iat | Check that iat (issued at) claim value is an integer | . | oidc_verify_exp | Check that exp (expiration) claim value is OK | . | oidc_verify_iss | Check that iss (issue) claim is as expected | . Mailpit configuration . | Variable | Description | . | enable_mailpit | Enable Mailpit for email testing. Should only be enabled on local development environments for security reasons. Mailpit and Postfix shouldn’t be enabled simultaneously. Default: false | . | mailpit_version | Mailpit version to install | . | mailpit_max_messages | Maximum number of messages to store (default: 10000) | . | mailpit_smtp_bind_address | Address to bind on for SMTP interface (default: 0.0.0.0) | . | mailpit_smtp_port | TCP port for SMTP interface (default: 25) | . Tooling . | Variable | Description | . | enable_irods_consistency_check | Install iRODS consistency checker tool (ichk) | . | irods_consistency_check_version | iRODS consistency checker (ichk) version | . | enable_icat_database_checker | Install iCAT database checker | . | icat_database_checker_version | iCAT database checker version | . ", "url": "/yoda/administration/configuring-yoda.html#3-configure-new-yoda-instance", "relUrl": "/administration/configuring-yoda.html#3-configure-new-yoda-instance" @@ -1702,7 +1702,7 @@ },"243": { "doc": "v1.9", "title": "Upgrading from previous release", - "content": "The playbook requires Ansible 2.11.x or higher. Version constraints: . | Requires Yoda external user service to be on version 1.9.x or higher. | Requires Yoda public server to be on version 1.9.x or higher. | . | Backup/copy custom configurations made to Yoda version 1.8. To view what files were changed from the defaults, run git diff. | After making sure the configurations are stored safely in another folder, reset the Yoda folder using git stash or when you want to delete all changes made: git reset --hard. | Checkout tag v1.9.0-beta.1 of the Yoda Git repository. git checkout v1.9.0-beta.1 . | Set the Yoda version to release-1.9 in the configuration. yoda_version: v1.9.0-beta.1 . | Change the default schema from default-2 to default-3 in the configuration. Person identifiers must be valid and new dependency between license and data access restriction. This requires an intervention by the responsible datamanager beforehand. default_yoda_schema: default-3 . | Metadata schemas are configurable per research group. To configure the metadata schemas available the metadata_schemas configuration can be used. See also this documentation for more information on installing metadata schemas. metadata_schemas: - name: default-2 install: true active: false - name: default-3 install: true active: true . | Set postgresql_perform_db_upgrade to true in the configuration to perform the database upgrase from Postgresql 9 to 15. Optionally set postgresql_remove_old_data_after_upgrade to true in the configuration to clean up PostgreSQL 9 data and shim after the upgrade. postgresql_perform_db_upgrade: true postgresql_remove_old_data_after_upgrade: false . | Install all Ansible collections needed to deploy Yoda: ansible-galaxy collection install -r requirements.yml . | Run the Ansible playbook in check mode. ansible-playbook -i <path-to-your-environment> playbook.yml --check ### EXAMPLE ### ansible-playbook -i /environments/development/allinone playbook.yml --check . | If the playbook has finished successfully in check mode, run the Ansible playbook normally. ansible-playbook -i <path-to-your-environment> playbook.yml ### EXAMPLE ### ansible-playbook -i /environments/development/allinone playbook.yml . | Update all publication metadata to support DOI versioning. irule -r irods_rule_engine_plugin-python-instance -F /etc/irods/yoda-ruleset/tools/transform-existing-publications.r . | Update all metadata JSON in the vault to latest metadata JSON version (default-2 to default-3). irule -r irods_rule_engine_plugin-irods_rule_language-instance -F /etc/irods/yoda-ruleset/tools/check-metadata-for-schema-updates.r . | Update publication endpoints if there are published packages (DataCite, landingpages and OAI-PMH): irule -r irods_rule_engine_plugin-irods_rule_language-instance -F /etc/irods/yoda-ruleset/tools/update-publications.r . | . ", + "content": "The playbook requires Ansible 2.11.x or higher. Version constraints: . | Requires Yoda external user service to be on version 1.9.x or higher. | Requires Yoda public server to be on version 1.9.x or higher. | . | Backup/copy custom configurations made to Yoda version 1.8. To view what files were changed from the defaults, run git diff. | After making sure the configurations are stored safely in another folder, reset the Yoda folder using git stash or when you want to delete all changes made: git reset --hard. | Checkout tag v1.9.0-beta.1 of the Yoda Git repository. git checkout v1.9.0-beta.1 . | Set the Yoda version to release-1.9 in the configuration. yoda_version: v1.9.0-beta.1 . | Change the default schema from default-2 to default-3 in the configuration. Person identifiers must be valid and new dependency between license and data access restriction. This requires an intervention by the responsible datamanager beforehand. default_yoda_schema: default-3 . | Metadata schemas are configurable per research group. To configure the metadata schemas available the metadata_schemas configuration can be used. See also this documentation for more information on installing metadata schemas. metadata_schemas: - name: default-2 install: true active: false - name: default-3 install: true active: true . | If you use the External User Service (EUS): some EUS parameters have changed from Yoda 1.8 to 1.9. Yoda 1.9 performs server certificate validation of requests from the provider to the EUS server by default. This can be disabled by setting eus_api_tls_verify to false. For some SMTP parameters, EUS uses joint parameters with the provider in Yoda 1.9: | . | Old parameter (1.8) | New parameter | Notes | . | eus_smtp_host | smtp_server | New format. e.g. smtp://localhost:25 | . | eus_smtp_port | smtp_server | New format. e.g. smtp://localhost:25 | . | eus_smtp_auth | smtp_auth |   | . | eus_smtp_security | smtp_server | New format. e.g. smtp://localhost:25 | . Please see the configuration guide for more information. | Set postgresql_perform_db_upgrade to true in the configuration to perform the database upgrade from Postgresql 9 to 15. Optionally set postgresql_remove_old_data_after_upgrade to true in the configuration to clean up PostgreSQL 9 data and shim after the upgrade. postgresql_perform_db_upgrade: true postgresql_remove_old_data_after_upgrade: false . | Install all Ansible collections needed to deploy Yoda: ansible-galaxy collection install -r requirements.yml . | Run the Ansible playbook in check mode. ansible-playbook -i <path-to-your-environment> playbook.yml --check ### EXAMPLE ### ansible-playbook -i /environments/development/allinone playbook.yml --check . | If the playbook has finished successfully in check mode, run the Ansible playbook normally. ansible-playbook -i <path-to-your-environment> playbook.yml ### EXAMPLE ### ansible-playbook -i /environments/development/allinone playbook.yml . | Update all publication metadata to support DOI versioning. irule -r irods_rule_engine_plugin-python-instance -F /etc/irods/yoda-ruleset/tools/transform-existing-publications.r . | Update all metadata JSON in the vault to latest metadata JSON version (default-2 to default-3). irule -r irods_rule_engine_plugin-irods_rule_language-instance -F /etc/irods/yoda-ruleset/tools/check-metadata-for-schema-updates.r . | Update publication endpoints if there are published packages (DataCite, landingpages and OAI-PMH): irule -r irods_rule_engine_plugin-irods_rule_language-instance -F /etc/irods/yoda-ruleset/tools/update-publications.r . | . ", "url": "/yoda/release-notes/release-1.9.html#upgrading-from-previous-release", "relUrl": "/release-notes/release-1.9.html#upgrading-from-previous-release" diff --git a/design/api/index.html b/design/api/index.html index 15febc910..993ff1a6c 100644 --- a/design/api/index.html +++ b/design/api/index.html @@ -12,11 +12,11 @@ diff --git a/design/index.html b/design/index.html index 552733f30..f6ee7b021 100644 --- a/design/index.html +++ b/design/index.html @@ -12,11 +12,11 @@ diff --git a/design/metadata/adr-schema-identifiers.html b/design/metadata/adr-schema-identifiers.html index a54226ded..ec556bbde 100644 --- a/design/metadata/adr-schema-identifiers.html +++ b/design/metadata/adr-schema-identifiers.html @@ -12,11 +12,11 @@ diff --git a/design/metadata/index.html b/design/metadata/index.html index 42bba096c..f4fbada93 100644 --- a/design/metadata/index.html +++ b/design/metadata/index.html @@ -12,11 +12,11 @@ diff --git a/design/metadata/metadata-form-json.html b/design/metadata/metadata-form-json.html index 94a39ec8b..20a0973b0 100644 --- a/design/metadata/metadata-form-json.html +++ b/design/metadata/metadata-form-json.html @@ -12,11 +12,11 @@ diff --git a/design/metadata/metadata-form.html b/design/metadata/metadata-form.html index 66daa628a..d29eabeb8 100644 --- a/design/metadata/metadata-form.html +++ b/design/metadata/metadata-form.html @@ -12,11 +12,11 @@ diff --git a/design/metadata/metadata-vault.html b/design/metadata/metadata-vault.html index 0be88ba60..c99275c63 100644 --- a/design/metadata/metadata-vault.html +++ b/design/metadata/metadata-vault.html @@ -12,11 +12,11 @@ diff --git a/design/metadata/schema-configuration.html b/design/metadata/schema-configuration.html index 69efab331..b2afae383 100644 --- a/design/metadata/schema-configuration.html +++ b/design/metadata/schema-configuration.html @@ -12,11 +12,11 @@ diff --git a/design/overview/authentication.html b/design/overview/authentication.html index 4ee2185fa..1d369d243 100644 --- a/design/overview/authentication.html +++ b/design/overview/authentication.html @@ -12,11 +12,11 @@ diff --git a/design/overview/data-requests.html b/design/overview/data-requests.html index 9f6856b7b..0b9d23db8 100644 --- a/design/overview/data-requests.html +++ b/design/overview/data-requests.html @@ -12,11 +12,11 @@ diff --git a/design/overview/data_package_reference.html b/design/overview/data_package_reference.html index 802d451e6..c64097b1e 100644 --- a/design/overview/data_package_reference.html +++ b/design/overview/data_package_reference.html @@ -12,11 +12,11 @@ diff --git a/design/overview/deployment.html b/design/overview/deployment.html index 5c3cd686a..d8cad2b28 100644 --- a/design/overview/deployment.html +++ b/design/overview/deployment.html @@ -12,11 +12,11 @@ diff --git a/design/overview/deposit-space.html b/design/overview/deposit-space.html index fd7ee4096..133ac96cd 100644 --- a/design/overview/deposit-space.html +++ b/design/overview/deposit-space.html @@ -12,11 +12,11 @@ diff --git a/design/overview/external-user-service.html b/design/overview/external-user-service.html index 83ede2365..e56f07f45 100644 --- a/design/overview/external-user-service.html +++ b/design/overview/external-user-service.html @@ -12,11 +12,11 @@ diff --git a/design/overview/group-manager.html b/design/overview/group-manager.html index 4f1ac768e..ba0f7100a 100644 --- a/design/overview/group-manager.html +++ b/design/overview/group-manager.html @@ -12,11 +12,11 @@ diff --git a/design/overview/index.html b/design/overview/index.html index 394ab4bac..110ea9c66 100644 --- a/design/overview/index.html +++ b/design/overview/index.html @@ -12,11 +12,11 @@ diff --git a/design/overview/intake.html b/design/overview/intake.html index 72f2c6313..73275d9f3 100644 --- a/design/overview/intake.html +++ b/design/overview/intake.html @@ -12,11 +12,11 @@ diff --git a/design/overview/research-space.html b/design/overview/research-space.html index f263fbde3..bf6849a39 100644 --- a/design/overview/research-space.html +++ b/design/overview/research-space.html @@ -12,11 +12,11 @@ diff --git a/design/overview/statistics.html b/design/overview/statistics.html index 8bad54438..7e763c562 100644 --- a/design/overview/statistics.html +++ b/design/overview/statistics.html @@ -12,11 +12,11 @@ diff --git a/design/overview/statistics_1.8.html b/design/overview/statistics_1.8.html index 23331695a..89f034ea6 100644 --- a/design/overview/statistics_1.8.html +++ b/design/overview/statistics_1.8.html @@ -12,11 +12,11 @@ diff --git a/design/overview/theme-packages.html b/design/overview/theme-packages.html index 489bc91a8..c47a88d60 100644 --- a/design/overview/theme-packages.html +++ b/design/overview/theme-packages.html @@ -12,11 +12,11 @@ diff --git a/design/overview/vault-archive.html b/design/overview/vault-archive.html index 4b34ef7b9..28e49f2be 100644 --- a/design/overview/vault-archive.html +++ b/design/overview/vault-archive.html @@ -12,11 +12,11 @@ diff --git a/design/overview/vault-space.html b/design/overview/vault-space.html index 7b4a05d24..948acbdc5 100644 --- a/design/overview/vault-space.html +++ b/design/overview/vault-space.html @@ -12,11 +12,11 @@ diff --git a/design/overview/yoda-moai.html b/design/overview/yoda-moai.html index 8ef58de7d..dc4568488 100644 --- a/design/overview/yoda-moai.html +++ b/design/overview/yoda-moai.html @@ -12,11 +12,11 @@ diff --git a/design/processes/async-system-execution.html b/design/processes/async-system-execution.html index 87d5e304a..a284afb38 100644 --- a/design/processes/async-system-execution.html +++ b/design/processes/async-system-execution.html @@ -12,11 +12,11 @@ diff --git a/design/processes/asynchronous-processes.html b/design/processes/asynchronous-processes.html index 342768e19..d70d22fa1 100644 --- a/design/processes/asynchronous-processes.html +++ b/design/processes/asynchronous-processes.html @@ -12,11 +12,11 @@ diff --git a/design/processes/index.html b/design/processes/index.html index 86f56dfc7..d792152b8 100644 --- a/design/processes/index.html +++ b/design/processes/index.html @@ -12,11 +12,11 @@ diff --git a/design/processes/locking-mechanism.html b/design/processes/locking-mechanism.html index bb201a44a..e99a21dc0 100644 --- a/design/processes/locking-mechanism.html +++ b/design/processes/locking-mechanism.html @@ -12,11 +12,11 @@ diff --git a/design/processes/publication-process.html b/design/processes/publication-process.html index 5b530a52a..a2d060d9f 100644 --- a/design/processes/publication-process.html +++ b/design/processes/publication-process.html @@ -12,11 +12,11 @@ diff --git a/design/processes/revisions.html b/design/processes/revisions.html index 1ddac0262..190b0734b 100644 --- a/design/processes/revisions.html +++ b/design/processes/revisions.html @@ -12,11 +12,11 @@ diff --git a/design/processes/vault-process.html b/design/processes/vault-process.html index 7f61ba534..36a38956c 100644 --- a/design/processes/vault-process.html +++ b/design/processes/vault-process.html @@ -12,11 +12,11 @@ diff --git a/development/development-tips.html b/development/development-tips.html index 4c9cf13fe..daf92ca11 100644 --- a/development/development-tips.html +++ b/development/development-tips.html @@ -12,11 +12,11 @@ diff --git a/development/docker-setup.html b/development/docker-setup.html index 3ff4c6aaf..b8021c268 100644 --- a/development/docker-setup.html +++ b/development/docker-setup.html @@ -12,11 +12,11 @@ diff --git a/development/index.html b/development/index.html index b420eb79c..3c0858822 100644 --- a/development/index.html +++ b/development/index.html @@ -12,11 +12,11 @@ diff --git a/development/mock_tape_archive.html b/development/mock_tape_archive.html index 32b97ff2a..a499e350e 100644 --- a/development/mock_tape_archive.html +++ b/development/mock_tape_archive.html @@ -12,11 +12,11 @@ diff --git a/development/running-api-ui-tests.html b/development/running-api-ui-tests.html index 9d8f6a651..6744c72c9 100644 --- a/development/running-api-ui-tests.html +++ b/development/running-api-ui-tests.html @@ -12,11 +12,11 @@ diff --git a/development/setting-up-development-environment.html b/development/setting-up-development-environment.html index ccfacc289..949512619 100644 --- a/development/setting-up-development-environment.html +++ b/development/setting-up-development-environment.html @@ -12,11 +12,11 @@ diff --git a/development/wall-of-fame.html b/development/wall-of-fame.html index f5961af36..b72b80fb7 100644 --- a/development/wall-of-fame.html +++ b/development/wall-of-fame.html @@ -12,11 +12,11 @@ diff --git a/development/yodadrive-development-environment.html b/development/yodadrive-development-environment.html index 9250e4885..531d70fc9 100644 --- a/development/yodadrive-development-environment.html +++ b/development/yodadrive-development-environment.html @@ -12,11 +12,11 @@ diff --git a/index.html b/index.html index 54180aca6..3b26892f4 100644 --- a/index.html +++ b/index.html @@ -12,11 +12,11 @@ diff --git a/release-notes/index.html b/release-notes/index.html index 8bbbb33bf..41687d417 100644 --- a/release-notes/index.html +++ b/release-notes/index.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-0.9.7.html b/release-notes/release-0.9.7.html index 28e377603..776426590 100644 --- a/release-notes/release-0.9.7.html +++ b/release-notes/release-0.9.7.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.0.html b/release-notes/release-1.0.html index 180035105..6a36b2d49 100644 --- a/release-notes/release-1.0.html +++ b/release-notes/release-1.0.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.1.html b/release-notes/release-1.1.html index 5a2ac7141..4898b1fa3 100644 --- a/release-notes/release-1.1.html +++ b/release-notes/release-1.1.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.2.html b/release-notes/release-1.2.html index 0d20bde72..355694487 100644 --- a/release-notes/release-1.2.html +++ b/release-notes/release-1.2.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.3.html b/release-notes/release-1.3.html index b2f600662..c135be275 100644 --- a/release-notes/release-1.3.html +++ b/release-notes/release-1.3.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.4.html b/release-notes/release-1.4.html index 2cc94b9e3..ca0af389d 100644 --- a/release-notes/release-1.4.html +++ b/release-notes/release-1.4.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.5.html b/release-notes/release-1.5.html index 2fd96d1b1..fdbf8bf04 100644 --- a/release-notes/release-1.5.html +++ b/release-notes/release-1.5.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.6.html b/release-notes/release-1.6.html index 8cf428d8c..352817a40 100644 --- a/release-notes/release-1.6.html +++ b/release-notes/release-1.6.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.7.html b/release-notes/release-1.7.html index 45d35e6da..b57b09cf5 100644 --- a/release-notes/release-1.7.html +++ b/release-notes/release-1.7.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.8.html b/release-notes/release-1.8.html index b74398a90..1aa6b44bf 100644 --- a/release-notes/release-1.8.html +++ b/release-notes/release-1.8.html @@ -12,11 +12,11 @@ diff --git a/release-notes/release-1.9.html b/release-notes/release-1.9.html index 30ed85978..40a683c13 100644 --- a/release-notes/release-1.9.html +++ b/release-notes/release-1.9.html @@ -12,11 +12,11 @@ @@ -366,7 +366,45 @@

active: true -
  • Set postgresql_perform_db_upgrade to true in the configuration to perform the database upgrase from Postgresql 9 to 15. +
  • If you use the External User Service (EUS): some EUS parameters have changed from Yoda 1.8 to 1.9. Yoda 1.9 performs server certificate validation of requests from the provider to the EUS server by default. This can be disabled by setting eus_api_tls_verify to false. For some SMTP parameters, EUS uses joint parameters with the provider in Yoda 1.9:
    • + + +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Old parameter (1.8)New parameterNotes
    eus_smtp_hostsmtp_serverNew format. e.g. smtp://localhost:25
    eus_smtp_portsmtp_serverNew format. e.g. smtp://localhost:25
    eus_smtp_authsmtp_auth 
    eus_smtp_securitysmtp_serverNew format. e.g. smtp://localhost:25
    + +

    Please see the configuration guide for more information.

    + +
      +
    1. Set postgresql_perform_db_upgrade to true in the configuration to perform the database upgrade from Postgresql 9 to 15. Optionally set postgresql_remove_old_data_after_upgrade to true in the configuration to clean up PostgreSQL 9 data and shim after the upgrade. 
      postgresql_perform_db_upgrade: true
 postgresql_remove_old_data_after_upgrade: false