#!/bin/sh # All env in this default.env can be overridden by env.local. # All env in this default.env must NOT depend on any other env. If they do, they # must use single quotes to avoid early expansion before overrides in env.local # are applied and must be added to the list of DELAYED_EVAL. # Any default value that should be marked for security concern or recommended modificiation should # use the '${__DEFAULT__{var}}' naming format. These can then be referenced in 'env.local.example' to # avoid literal value duplication, and ensure they remain in sync. Also, those '${__DEFAULT__{var}}' # definitions should *NOT* be exported to avoid unnecessary polution of the environment variables. # Variables with format '${__DEFAULT__{var}}' will be flagged accordingly to their required/optional status # (see also: 'check_default_vars' in 'birdhouse/read-configs.include.sh'). export BASH_IMAGE="bash:5.1.4" export CERTBOT_IMAGE="certbot/certbot:v3.1.0" export CURL_IMAGE="curlimages/curl:7.87.0" export DOCKER_CLI_DOCKER="docker" export DOCKER_CLI_VERSION="28.5.1-cli" export DOCKER_CLI_IMAGE='${DOCKER_CLI_DOCKER}:${DOCKER_CLI_VERSION}' # BIRDHOUSE_COMPOSE_IMAGE is simply DOCKER_CLI_IMAGE plus extra needed by birdhouse-compose.sh. export BIRDHOUSE_COMPOSE_DOCKER="pavics/docker-compose" export BIRDHOUSE_COMPOSE_VERSION="docker-28.5.1-compose-v2.40.0-251016" export BIRDHOUSE_COMPOSE_IMAGE='${BIRDHOUSE_COMPOSE_DOCKER}:${BIRDHOUSE_COMPOSE_VERSION}' export RESTIC_IMAGE='restic/restic:0.18.0' # Root directory under which all data persistence should be nested under export BIRDHOUSE_DATA_PERSIST_ROOT="/data" # shellcheck disable=SC2016 # Root directory for all files that are persisted on disk and may contain links (ie. the files # are "shared" between subdirectories). export BIRDHOUSE_DATA_PERSIST_SHARED_ROOT='${BIRDHOUSE_DATA_PERSIST_ROOT}' # Log directory used for the various scheduler tasks export BIRDHOUSE_LOG_DIR=/var/log/birdhouse # Allow different public and internal hostname. # Default to BIRDHOUSE_FQDN, which must be set in env.local. # Must use single-quote for delayed eval. export BIRDHOUSE_FQDN_PUBLIC='${BIRDHOUSE_FQDN}' # list of all variables to be substituted in templates # some of these variables *could* employ provided values in 'default.env', # but they must ultimately be defined one way or another for the server to work VARS=' $BIRDHOUSE_COMPOSE $BIRDHOUSE_FQDN $BIRDHOUSE_DOC_URL $BIRDHOUSE_SUPPORT_EMAIL $BIRDHOUSE_DATA_PERSIST_ROOT $BIRDHOUSE_DATA_PERSIST_SHARED_ROOT $BIRDHOUSE_LOCAL_ENV $BIRDHOUSE_LOCAL_ENV_REAL_PATH $BIRDHOUSE_LOG_DIR $COMPOSE_DIR $COMPOSE_PROJECT_NAME $BIRDHOUSE_EXE $BIRDHOUSE_BACKUP_RESTIC_ENV_FILE $BIRDHOUSE_BACKUP_VOLUME $RESTIC_IMAGE $DOCKER_CLI_IMAGE ' # list of vars to be substituted in template but they do not have to be set in env.local # their default values are from 'default.env', so they do not have to be defined in 'env.local' if values are adequate # they usually are intended to provide additional features or extended customization of their behavior # when the value provided explicitly, it will be used instead of guessing it by inferred values from other variables OPTIONAL_VARS=' $BIRDHOUSE_FQDN_PUBLIC $BIRDHOUSE_SSL_CERTIFICATE $BIRDHOUSE_EXTRA_PYWPS_CONFIG $BIRDHOUSE_NAME $BIRDHOUSE_DESCRIPTION $BIRDHOUSE_INSTITUTION $BIRDHOUSE_SUBJECT $BIRDHOUSE_TAGS $BIRDHOUSE_DOCUMENTATION_URL $BIRDHOUSE_RELEASE_NOTES_URL $BIRDHOUSE_SUPPORT_URL $BIRDHOUSE_LICENSE_URL $BASH_IMAGE $BIRDHOUSE_BACKUP_RESTIC_FORGET_ARGS $BIRDHOUSE_BACKUP_RESTIC_BACKUP_ARGS $BIRDHOUSE_BACKUP_SSH_KEY_DIR $BIRDHOUSE_BACKWARD_COMPATIBLE_ALLOWED $BIRDHOUSE_LOG_LEVEL $BIRDHOUSE_LOG_QUIET ' # Ensure that the compose project name is set as a variable so that other scripts can refer # to it easily export COMPOSE_PROJECT_NAME="${COMPOSE_PROJECT_NAME:-birdhouse}" # Append to DELAYED_EVAL list. export DELAYED_EVAL=" $DELAYED_EVAL BIRDHOUSE_FQDN_PUBLIC BIRDHOUSE_DOC_URL BIRDHOUSE_SUPPORT_EMAIL BIRDHOUSE_SSL_CERTIFICATE BIRDHOUSE_DATA_PERSIST_SHARED_ROOT BIRDHOUSE_WPS_OUTPUTS_DIR BIRDHOUSE_NAME BIRDHOUSE_DESCRIPTION BIRDHOUSE_INSTITUTION BIRDHOUSE_SUBJECT BIRDHOUSE_TAGS BIRDHOUSE_DOCUMENTATION_URL BIRDHOUSE_RELEASE_NOTES_URL BIRDHOUSE_SUPPORT_URL BIRDHOUSE_LICENSE_URL BIRDHOUSE_BACKUP_SSH_KEY_DIR BIRDHOUSE_BACKUP_RESTIC_ENV_FILE BIRDHOUSE_EXE DOCKER_CLI_IMAGE BIRDHOUSE_COMPOSE_IMAGE " # Server Identification Details # Following definitions should definitenly be updated. # Previous defaults are defined for backward-compatibility. # If not overridden explicitly by their non '__' prefixed variant, # a WARN message will be displayed by birdhouse-compose. __DEFAULT__BIRDHOUSE_NAME="Birdhouse" __DEFAULT__BIRDHOUSE_DESCRIPTION=" The Birdhouse platform is a collection of climate analysis services served through Open Geospatial Consortium (OGC) protocols. These services include data access, processing and visualization. Both data and algorithms can be accessed either programmatically, through OGC-compliant clients such as QGIS or ArcGIS, or a custom web interface. " __DEFAULT__BIRDHOUSE_INSTITUTION="Ouranos" __DEFAULT__BIRDHOUSE_SUBJECT="Climatology" # below can be a CSV list of tags __DEFAULT__BIRDHOUSE_TAGS="Climatology" __DEFAULT__BIRDHOUSE_DOCUMENTATION_URL="https://pavics-sdi.readthedocs.io/en/latest/arch/backend.html" __DEFAULT__BIRDHOUSE_RELEASE_NOTES_URL="https://github.com/bird-house/birdhouse-deploy/blob/master/CHANGES.md" __DEFAULT__BIRDHOUSE_SUPPORT_URL="https://github.com/bird-house/birdhouse-deploy/issues" # NOTE: # This value does not use the previously hard coded default. # Previous default pointed at the wrong repository with a mismatching LICENSE file. __DEFAULT__BIRDHOUSE_LICENSE_URL="https://github.com/bird-house/birdhouse-deploy/blob/master/LICENSE" __DEFAULT__BIRDHOUSE_SUPPORT_EMAIL="helpdesk@example.com" __DEFAULT__BIRDHOUSE_DOC_URL="https://www.example.com/" __DEFAULT__BIRDHOUSE_FQDN="hostname.domainname" __DEFAULT__BIRDHOUSE_SSL_CERTIFICATE="/path/to/ssl/cert.pem" # apply overrides or fallback above defaults with delayed evaluation # exceptions for 'BIRDHOUSE_SUPPORT_EMAIL' and 'BIRDHOUSE_DOC_URL' using the old name for backward compatibility. export BIRDHOUSE_SUPPORT_EMAIL='${__DEFAULT__BIRDHOUSE_SUPPORT_EMAIL}' export BIRDHOUSE_DOC_URL='${__DEFAULT__BIRDHOUSE_DOC_URL}' export BIRDHOUSE_SSL_CERTIFICATE='${__DEFAULT__BIRDHOUSE_SSL_CERTIFICATE}' export BIRDHOUSE_NAME='${__DEFAULT__BIRDHOUSE_NAME}' export BIRDHOUSE_DESCRIPTION='${__DEFAULT__BIRDHOUSE_DESCRIPTION}' export BIRDHOUSE_INSTITUTION='${__DEFAULT__BIRDHOUSE_INSTITUTION}' export BIRDHOUSE_SUBJECT='${__DEFAULT__BIRDHOUSE_SUBJECT}' export BIRDHOUSE_TAGS='${__DEFAULT__BIRDHOUSE_TAGS}' export BIRDHOUSE_DOCUMENTATION_URL='${__DEFAULT__BIRDHOUSE_DOCUMENTATION_URL}' export BIRDHOUSE_RELEASE_NOTES_URL='${__DEFAULT__BIRDHOUSE_RELEASE_NOTES_URL}' export BIRDHOUSE_SUPPORT_URL='${__DEFAULT__BIRDHOUSE_SUPPORT_URL}' export BIRDHOUSE_LICENSE_URL='${__DEFAULT__BIRDHOUSE_LICENSE_URL}' # Defaults for required variables recommended for override for security reasons. # Those will not be set explicitly as defaults to ensure they are overridden explicitly by the instance. # These values would be detected only if the instance was configured using a copy of 'env.local.example'. __DEFAULT__MAGPIE_SECRET="itzaseekrit" __DEFAULT__MAGPIE_ADMIN_USERNAME="admin" __DEFAULT__MAGPIE_ADMIN_PASSWORD="qwertyqwerty!" __DEFAULT__BIRDHOUSE_POSTGRES_USERNAME="postgres-birdhouse" __DEFAULT__BIRDHOUSE_POSTGRES_PASSWORD="postgres-qwerty" __DEFAULT__POSTGRES_MAGPIE_USERNAME="postgres-magpie" __DEFAULT__POSTGRES_MAGPIE_PASSWORD="postgres-qwerty" __DEFAULT__GEOSERVER_ADMIN_USER="admingeo" __DEFAULT__GEOSERVER_ADMIN_PASSWORD="geoserverpass" ############################################################################# # Deprecated vars (for components in the ./deprecated-components directory) ############################################################################# __DEFAULT__TOMCAT_NCWMS_PASSWORD="ncwmspass" __DEFAULT__CATALOG_USERNAME="admin-catalog" __DEFAULT__CATALOG_PASSWORD="qwerty" __DEFAULT__PHOENIX_PASSWORD="phoenix_pass" __DEFAULT__PHOENIX_PASSWORD_HASH="sha256:123456789012:1234567890123456789012345678901234567890123456789012345678901234" # Deprecated variable names are to the left of the equals sign, their non-deprecated equivalent is to the right. # # Note: if adding to this later on, make sure that you add new overrides to the **END** of this list so that they will be # parsed in the correct order. # BIRDHOUSE_BACKWARDS_COMPATIBLE_VARIABLES=" PAVICS_FQDN=BIRDHOUSE_FQDN PAVICS_FQDN_PUBLIC=BIRDHOUSE_FQDN_PUBLIC POSTGRES_PAVICS_USERNAME=BIRDHOUSE_POSTGRES_USERNAME POSTGRES_PAVICS_PASSWORD=BIRDHOUSE_POSTGRES_PASSWORD OWNER_PAVICS_CHECKOUT=BIRDHOUSE_REPO_CHECKOUT_OWNER PAVICS_LOG_DIR=BIRDHOUSE_LOG_DIR PAVICS_FRONTEND_IP=BIRDHOUSE_FRONTEND_IP PAVICS_FRONTEND_PORT=BIRDHOUSE_FRONTEND_PORT PAVICS_FRONTEND_PROTO=BIRDHOUSE_FRONTEND_PROTO PAVICS_HOST_URL=BIRDHOUSE_HOST_URL PROXY_ROOT_LOCATION=BIRDHOUSE_PROXY_ROOT_LOCATION DATA_PERSIST_ROOT=BIRDHOUSE_DATA_PERSIST_ROOT DATA_PERSIST_SHARED_ROOT=BIRDHOUSE_DATA_PERSIST_SHARED_ROOT SSL_CERTIFICATE=BIRDHOUSE_SSL_CERTIFICATE DOC_URL=BIRDHOUSE_DOC_URL SUPPORT_EMAIL=BIRDHOUSE_SUPPORT_EMAIL EXTRA_CONF_DIRS=BIRDHOUSE_EXTRA_CONF_DIRS DEFAULT_CONF_DIRS=BIRDHOUSE_DEFAULT_CONF_DIRS AUTODEPLOY_EXTRA_REPOS=BIRDHOUSE_AUTODEPLOY_EXTRA_REPOS AUTODEPLOY_DEPLOY_KEY_ROOT_DIR=BIRDHOUSE_AUTODEPLOY_DEPLOY_KEY_ROOT_DIR AUTODEPLOY_PLATFORM_FREQUENCY=BIRDHOUSE_AUTODEPLOY_PLATFORM_FREQUENCY AUTODEPLOY_NOTEBOOK_FREQUENCY=BIRDHOUSE_AUTODEPLOY_NOTEBOOK_FREQUENCY AUTODEPLOY_EXTRA_SCHEDULER_JOBS=BIRDHOUSE_AUTODEPLOY_EXTRA_SCHEDULER_JOBS AUTODEPLOY_CODE_OWNERSHIP=BIRDHOUSE_AUTODEPLOY_CODE_OWNERSHIP LOGROTATE_DATA_DIR=BIRDHOUSE_LOGROTATE_DATA_DIR ALLOW_UNSECURE_HTTP=BIRDHOUSE_ALLOW_UNSECURE_HTTP DOCKER_NOTEBOOK_IMAGES=JUPYTERHUB_DOCKER_NOTEBOOK_IMAGES ENABLE_JUPYTERHUB_MULTI_NOTEBOOKS=JUPYTERHUB_ENABLE_MULTI_NOTEBOOKS MOUNT_IMAGE_SPECIFIC_NOTEBOOKS=JUPYTERHUB_MOUNT_IMAGE_SPECIFIC_NOTEBOOKS EXTRA_PYWPS_CONFIG=BIRDHOUSE_EXTRA_PYWPS_CONFIG GITHUB_CLIENT_ID=MAGPIE_GITHUB_CLIENT_ID GITHUB_CLIENT_SECRET=MAGPIE_GITHUB_CLIENT_SECRET VERIFY_SSL=BIRDHOUSE_VERIFY_SSL SMTP_SERVER=ALERTMANAGER_SMTP_SERVER COMPOSE_UP_EXTRA_OPTS=BIRDHOUSE_COMPOSE_UP_EXTRA_OPTS WPS_OUTPUTS_DIR=BIRDHOUSE_WPS_OUTPUTS_DIR SERVER_NAME=BIRDHOUSE_NAME SERVER_DESCRIPTION=BIRDHOUSE_DESCRIPTION SERVER_INSTITUTION=BIRDHOUSE_INSTITUTION SERVER_SUBJECT=BIRDHOUSE_SUBJECT SERVER_TAGS=BIRDHOUSE_TAGS SERVER_DOCUMENTATION_URL=BIRDHOUSE_DOCUMENTATION_URL SERVER_RELEASE_NOTES_URL=BIRDHOUSE_RELEASE_NOTES_URL SERVER_SUPPORT_URL=BIRDHOUSE_SUPPORT_URL SERVER_LICENSE_URL=BIRDHOUSE_LICENSE_URL " # Enforce the regeneration of '.template' files for any docker compose commands. # By default, only the 'up' and 'restart' command triggers the operation. BIRDHOUSE_COMPOSE_TEMPLATE_FORCE="${BIRDHOUSE_COMPOSE_TEMPLATE_FORCE:-false}" # Process only these backwards compatible variables before the components default.env files are processed BIRDHOUSE_BACKWARDS_COMPATIBLE_VARIABLES_PRE_COMPONENTS=" EXTRA_CONF_DIRS DEFAULT_CONF_DIRS " BIRDHOUSE_BACKWARDS_COMPATIBLE_DEFAULTS=""" POSTGRES_PAVICS_USERNAME=postgres-pavics """ BIRDHOUSE_BACKWARDS_COMPATIBLE_HARDCODED_DEFAULTS=""" BIRDHOUSE_POSTGRES_DB=pavics GRAFANA_DEFAULT_PROVIDER_FOLDER=Local-PAVICS GRAFANA_DEFAULT_PROVIDER_FOLDER_UUID=local-pavics GRAFANA_PROMETHEUS_DATASOURCE_UUID=local_pavics_prometheus """ export BIRDHOUSE_DEFAULT_CONF_DIRS=' ./components/proxy ./components/magpie ./components/twitcher ./components/cowbird ./components/stac ./components/logging ' export USER_WORKSPACE_UID=1000 export USER_WORKSPACE_GID=1000 export BIRDHOUSE_WPS_OUTPUTS_DIR='${BIRDHOUSE_DATA_PERSIST_SHARED_ROOT}/wps_outputs' # Sets the command to run in order to execute docker compose commands. If you are using a # (very very) old version of docker you may need to override this in the local environment file # as 'docker-compose'. export DOCKER_COMPOSE='docker compose' # Variable that stores the location of the birdhouse command line interface. export BIRDHOUSE_EXE='${COMPOSE_DIR}/../bin/birdhouse' # Location of the default restic environment file (used for backups) export BIRDHOUSE_BACKUP_RESTIC_ENV_FILE='${COMPOSE_DIR}/restic.env' # Location of the ssh keys used to access a remote restic container, that is accessible using sftp. # Default is to mount an empty directory (no ssh keys). export BIRDHOUSE_BACKUP_SSH_KEY_DIR='$(mkdir -p ${COMPOSE_DIR}/blank.ssh && echo ${COMPOSE_DIR}/blank.ssh)' # volume used to temporarily store all backups locally before they can be moved to their final location # Note: this must be a named volume (not a bind mount) due to limitations of the scheduler service # Note: exceptions to named volume allows a directory if '--no-restic' is employed or scheduler is not used # Note: default value is checked against itself to allow explicit inline override by 'birdhouse backup' command # The ':-' replacement typically used everywhere else is not applied here to avoid auto-resolution to named volume # by default if the variable was explicitly set empty. This is to avoid ambiguous resolutions leading to different # behavior of the 'birdhouse backup' command (ie: using a directory vs creating a named volume). # This empty value case will be validated by the 'birdhouse backup' command after resolving any directly # provided command-line overrides, as applicable. export BIRDHOUSE_BACKUP_VOLUME="${BIRDHOUSE_BACKUP_VOLUME-birdhouse-external-backup}"