@loveluthien/carta-frontend 6.0.0-dev
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE/bug_report.md +34 -0
- package/.github/pull_request_template.md +23 -0
- package/.github/workflows/continuous_integration.yml +139 -0
- package/.github/workflows/deploy.yml +30 -0
- package/.husky/pre-commit +16 -0
- package/.husky/pre-push +42 -0
- package/.prettierignore +1 -0
- package/.prettierrc.json +18 -0
- package/CHANGELOG.md +363 -0
- package/COPYING.md +636 -0
- package/README.md +112 -0
- package/babel.config.json +10 -0
- package/build/ast_wrapper.wasm +0 -0
- package/build/carta_computation.wasm +0 -0
- package/build/carta_icon_128px.png +0 -0
- package/build/carta_logo.png +0 -0
- package/build/gsl_wrapper.wasm +0 -0
- package/build/index.html +147 -0
- package/build/manifest.json +15 -0
- package/build/robots.txt +3 -0
- package/build/static/css/546.aa44a897.css +1 -0
- package/build/static/css/async/359.4d8f6ff7.css +1 -0
- package/build/static/css/async/403.ea9edfac.css +1 -0
- package/build/static/css/async/462.8bde08e0.css +1 -0
- package/build/static/css/index.c1f77b92.css +1 -0
- package/build/static/font/blueprint-icons-16.5fb1af27.woff2 +0 -0
- package/build/static/font/blueprint-icons-16.79f603d1.woff +0 -0
- package/build/static/font/blueprint-icons-16.83d51978.eot +0 -0
- package/build/static/font/blueprint-icons-16.af0c342f.ttf +0 -0
- package/build/static/font/blueprint-icons-20.83fddc09.ttf +0 -0
- package/build/static/font/blueprint-icons-20.9a51bc58.woff +0 -0
- package/build/static/font/blueprint-icons-20.d61315fe.eot +0 -0
- package/build/static/font/blueprint-icons-20.ebf16e9a.woff2 +0 -0
- package/build/static/image/allmaps.03f2ba92.png +0 -0
- package/build/static/image/gamma.6fca425b.png +0 -0
- package/build/static/image/linear.c7941b64.png +0 -0
- package/build/static/image/log.7fce6aee.png +0 -0
- package/build/static/image/power.5dac9727.png +0 -0
- package/build/static/image/sqrt.0ec2b3f1.png +0 -0
- package/build/static/image/squared.798b23aa.png +0 -0
- package/build/static/js/546.b5841ade.js +489 -0
- package/build/static/js/546.b5841ade.js.LICENSE.txt +925 -0
- package/build/static/js/async/359.97257512.js +1 -0
- package/build/static/js/async/403.b00f768c.js +1 -0
- package/build/static/js/async/462.92c07a07.js +1 -0
- package/build/static/js/async/905.70044ee8.js +1 -0
- package/build/static/js/async/907.dc17f1d2.js +1 -0
- package/build/static/js/async/blueprint-icons-16px-paths.e17db832.js +1 -0
- package/build/static/js/async/blueprint-icons-20px-paths.6ad43f5f.js +1 -0
- package/build/static/js/async/blueprint-icons-all-paths-loader.61cc0f7b.js +1 -0
- package/build/static/js/async/blueprint-icons-all-paths.0c699441.js +1 -0
- package/build/static/js/async/blueprint-icons-split-paths-by-size-loader.5cff79f5.js +1 -0
- package/build/static/js/index.8fc34b4d.js +1344 -0
- package/build/static/js/index.9a30d560.worker.js +1 -0
- package/build/static/js/zfp_wrapper.wasm +0 -0
- package/build/static/svg/blueprint-icons-16.130888ef.svg +2097 -0
- package/build/static/svg/blueprint-icons-20.c8456d56.svg +2097 -0
- package/build/zfp_wrapper.wasm +0 -0
- package/declarations.d.ts +18 -0
- package/docs_website/.prettierignore +1 -0
- package/docs_website/api/api.md +13 -0
- package/docs_website/babel.config.js +3 -0
- package/docs_website/docs/assets/enable-code-snippets.png +0 -0
- package/docs_website/docs/code-snippet-tutorial/_category_.json +8 -0
- package/docs_website/docs/code-snippet-tutorial/basics.md +97 -0
- package/docs_website/docs/code-snippet-tutorial/image-blending.mdx +57 -0
- package/docs_website/docs/code-snippet-tutorial/image-fitting.mdx +44 -0
- package/docs_website/docs/code-snippet-tutorial/image-properties.mdx +84 -0
- package/docs_website/docs/code-snippet-tutorial/moment-images.mdx +31 -0
- package/docs_website/docs/code-snippet-tutorial/pv-images.mdx +28 -0
- package/docs_website/docs/code-snippet-tutorial/quick-start.mdx +82 -0
- package/docs_website/docs/code-snippet-tutorial/regions.mdx +49 -0
- package/docs_website/docs/contributing/_category_.json +7 -0
- package/docs_website/docs/contributing/developer-tips.md +61 -0
- package/docs_website/docs/contributing/documentation-guidelines.md +87 -0
- package/docs_website/docs/contributing/github-workflow.md +146 -0
- package/docs_website/docs/contributing/release-guidelines.md +73 -0
- package/docs_website/docs/contributing/unit-test-guidelines.md +79 -0
- package/docs_website/docs/documents.mdx +15 -0
- package/docs_website/docusaurus.config.js +167 -0
- package/docs_website/package-lock.json +16769 -0
- package/docs_website/package.json +121 -0
- package/docs_website/patches/@docusaurus+core+3.9.2.patch +20 -0
- package/docs_website/sidebars.js +33 -0
- package/docs_website/static/.nojekyll +0 -0
- package/docs_website/static/img/carta_icon_128px.png +0 -0
- package/docs_website/versioned_docs/version-4.1.0/api-packages.json +1 -0
- package/docs_website/versioned_docs/version-4.1.0/api-typedoc.json +214112 -0
- package/docs_website/versioned_docs/version-4.1.0/assets/enable-code-snippets.png +0 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/_category_.json +8 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/basics.md +97 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/image-fitting.mdx +42 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/image-properties.mdx +86 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/moment-images.mdx +31 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/pv-images.mdx +28 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/quick-start.mdx +82 -0
- package/docs_website/versioned_docs/version-4.1.0/code-snippet-tutorial/regions.mdx +49 -0
- package/docs_website/versioned_docs/version-4.1.0/contributing/_category_.json +7 -0
- package/docs_website/versioned_docs/version-4.1.0/contributing/developer-tips.md +36 -0
- package/docs_website/versioned_docs/version-4.1.0/contributing/documentation-guidelines.md +87 -0
- package/docs_website/versioned_docs/version-4.1.0/contributing/github-workflow.md +141 -0
- package/docs_website/versioned_docs/version-4.1.0/contributing/release-guidelines.md +73 -0
- package/docs_website/versioned_docs/version-4.1.0/contributing/unit-test-guidelines.md +79 -0
- package/docs_website/versioned_docs/version-4.1.0/documents.mdx +15 -0
- package/docs_website/versioned_docs/version-5.0.0/api-packages.json +1 -0
- package/docs_website/versioned_docs/version-5.0.0/api-typedoc.json +315266 -0
- package/docs_website/versioned_docs/version-5.0.0/assets/enable-code-snippets.png +0 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/_category_.json +8 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/basics.md +97 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/image-blending.mdx +57 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/image-fitting.mdx +44 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/image-properties.mdx +86 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/moment-images.mdx +31 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/pv-images.mdx +28 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/quick-start.mdx +82 -0
- package/docs_website/versioned_docs/version-5.0.0/code-snippet-tutorial/regions.mdx +49 -0
- package/docs_website/versioned_docs/version-5.0.0/contributing/_category_.json +7 -0
- package/docs_website/versioned_docs/version-5.0.0/contributing/developer-tips.md +36 -0
- package/docs_website/versioned_docs/version-5.0.0/contributing/documentation-guidelines.md +87 -0
- package/docs_website/versioned_docs/version-5.0.0/contributing/github-workflow.md +141 -0
- package/docs_website/versioned_docs/version-5.0.0/contributing/release-guidelines.md +73 -0
- package/docs_website/versioned_docs/version-5.0.0/contributing/unit-test-guidelines.md +79 -0
- package/docs_website/versioned_docs/version-5.0.0/documents.mdx +15 -0
- package/docs_website/versioned_sidebars/version-4.1.0-sidebars.json +8 -0
- package/docs_website/versioned_sidebars/version-5.0.0-sidebars.json +8 -0
- package/docs_website/versions.json +4 -0
- package/eslint.config.mjs +86 -0
- package/jest.config.js +101 -0
- package/package.json +186 -0
- package/patches/golden-layout+1.5.9.patch +24 -0
- package/patches/react-split-pane+0.1.92.patch +20 -0
- package/rsbuild.config.ts +75 -0
- package/schemas/.github/workflows/AddToCartaVisProject.yml +23 -0
- package/schemas/.prettierrc.json +18 -0
- package/schemas/CMakeLists.txt +15 -0
- package/schemas/README.md +1 -0
- package/schemas/_config.yml +7 -0
- package/schemas/controller_config_schema_1.json +343 -0
- package/schemas/controller_config_schema_2.json +685 -0
- package/schemas/layout_schema_2.json +440 -0
- package/schemas/preference_backend_schema_1.json +81 -0
- package/schemas/preference_backend_schema_2.json +118 -0
- package/schemas/preference_schema_1.json +410 -0
- package/schemas/preferences_schema_2.json +421 -0
- package/schemas/schemacompiler.c +200 -0
- package/schemas/snippet_schema_1.json +45 -0
- package/schemas/workspace_schema_1.json +573 -0
- package/scripts/make_colormaps.py +161 -0
|
@@ -0,0 +1,685 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$id": "https://cartavis.org/schemas/controller_config_schema_2.json",
|
|
3
|
+
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
4
|
+
"title": "CARTA controller configuration schema",
|
|
5
|
+
"description": "Schema defining configuration options for the CARTA controller (Version 2)",
|
|
6
|
+
"type": "object",
|
|
7
|
+
"definitions": {
|
|
8
|
+
"keyAlgorithm": {
|
|
9
|
+
"description": "Algorithm used for public/private keys",
|
|
10
|
+
"type": "string",
|
|
11
|
+
"default": "RS256",
|
|
12
|
+
"enum": ["HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512"]
|
|
13
|
+
},
|
|
14
|
+
"googleAuthProvider": {
|
|
15
|
+
"title": "Google AuthProvider",
|
|
16
|
+
"description": "Authentication configuration when using Google authentication",
|
|
17
|
+
"type": "object",
|
|
18
|
+
"additionalProperties": false,
|
|
19
|
+
"required": ["clientId", "userLookupTable", "publicKeyLocation", "privateKeyLocation", "issuer"],
|
|
20
|
+
"properties": {
|
|
21
|
+
"clientId": {
|
|
22
|
+
"description": "Google application client ID",
|
|
23
|
+
"type": "string",
|
|
24
|
+
"pattern": "^\\S+.apps.googleusercontent.com$",
|
|
25
|
+
"examples": ["my-app-id.apps.googleusercontent.com"]
|
|
26
|
+
},
|
|
27
|
+
"validDomain": {
|
|
28
|
+
"description": "Valid domains to accept. If this is empty or undefined, all domains are accepted. Domain specified by `hd` field in Google authentication configuration.",
|
|
29
|
+
"type": "string",
|
|
30
|
+
"examples": ["gmail.com", "my-google-domain.com", ""]
|
|
31
|
+
},
|
|
32
|
+
"useEmailAsId": {
|
|
33
|
+
"description": "Whether to use the email field as a unique identifier",
|
|
34
|
+
"type": "boolean",
|
|
35
|
+
"default": true,
|
|
36
|
+
"examples": [true, false]
|
|
37
|
+
},
|
|
38
|
+
"userLookupTable": {
|
|
39
|
+
"description": "Path to user lookup table, a text file with one entry per line, in the format <unique user ID> <system user>. System usernames may not contain whitespace.",
|
|
40
|
+
"type": "string",
|
|
41
|
+
"examples": ["/etc/carta/userlookup.txt"]
|
|
42
|
+
},
|
|
43
|
+
"publicKeyLocation": {
|
|
44
|
+
"description": "Path to public key (in PEM format) used for verifying JWTs",
|
|
45
|
+
"type": "string",
|
|
46
|
+
"examples": ["/etc/carta/carta_public.pem"]
|
|
47
|
+
},
|
|
48
|
+
"privateKeyLocation": {
|
|
49
|
+
"description": "Path to private key (in PEM format) used for signing JWTs",
|
|
50
|
+
"type": "string",
|
|
51
|
+
"examples": ["/etc/carta/carta_private.pem"]
|
|
52
|
+
},
|
|
53
|
+
"keyAlgorithm": {
|
|
54
|
+
"$ref": "#/definitions/keyAlgorithm",
|
|
55
|
+
"default": "RS256"
|
|
56
|
+
},
|
|
57
|
+
"issuer": {
|
|
58
|
+
"description": "Issuer field for JWT",
|
|
59
|
+
"type": "string",
|
|
60
|
+
"examples": ["my-carta-server"]
|
|
61
|
+
},
|
|
62
|
+
"refreshTokenAge": {
|
|
63
|
+
"description": "Lifetime of refresh tokens",
|
|
64
|
+
"type": "string",
|
|
65
|
+
"default": "1w",
|
|
66
|
+
"examples": ["1w", "15h", "2d"]
|
|
67
|
+
},
|
|
68
|
+
"accessTokenAge": {
|
|
69
|
+
"description": "Lifetime of access tokens",
|
|
70
|
+
"type": "string",
|
|
71
|
+
"default": "15m",
|
|
72
|
+
"examples": ["90s", "1h", "15m"]
|
|
73
|
+
},
|
|
74
|
+
"scriptingTokenAge": {
|
|
75
|
+
"description": "Lifetime of scripting tokens",
|
|
76
|
+
"type": "string",
|
|
77
|
+
"default": "1w",
|
|
78
|
+
"examples": ["1w", "5d", "10h"]
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
},
|
|
82
|
+
"pamAuthProvider": {
|
|
83
|
+
"title": "Local AuthProvider",
|
|
84
|
+
"description": "Authentication configuration when using PAM-based authentication",
|
|
85
|
+
"type": "object",
|
|
86
|
+
"additionalProperties": false,
|
|
87
|
+
"required": ["publicKeyLocation", "privateKeyLocation", "issuer"],
|
|
88
|
+
"properties": {
|
|
89
|
+
"publicKeyLocation": {
|
|
90
|
+
"description": "Path to public key (in PEM format) used for verifying JWTs",
|
|
91
|
+
"type": "string",
|
|
92
|
+
"examples": ["/etc/carta/carta_public.pem"]
|
|
93
|
+
},
|
|
94
|
+
"privateKeyLocation": {
|
|
95
|
+
"description": "Path to private key (in PEM format) used for signing JWTs",
|
|
96
|
+
"type": "string",
|
|
97
|
+
"examples": ["/etc/carta/carta_private.pem"]
|
|
98
|
+
},
|
|
99
|
+
"keyAlgorithm": {
|
|
100
|
+
"$ref": "#/definitions/keyAlgorithm",
|
|
101
|
+
"default": "RS256"
|
|
102
|
+
},
|
|
103
|
+
"issuer": {
|
|
104
|
+
"description": "Issuer field for JWT",
|
|
105
|
+
"type": "string",
|
|
106
|
+
"examples": ["my-carta-server"]
|
|
107
|
+
},
|
|
108
|
+
"refreshTokenAge": {
|
|
109
|
+
"description": "Lifetime of refresh tokens",
|
|
110
|
+
"type": "string",
|
|
111
|
+
"default": "1w",
|
|
112
|
+
"examples": ["1w", "15h", "2d"]
|
|
113
|
+
},
|
|
114
|
+
"accessTokenAge": {
|
|
115
|
+
"description": "Lifetime of access tokens",
|
|
116
|
+
"type": "string",
|
|
117
|
+
"default": "15m",
|
|
118
|
+
"examples": ["90s", "1h", "15m"]
|
|
119
|
+
},
|
|
120
|
+
"scriptingTokenAge": {
|
|
121
|
+
"description": "Lifetime of scripting tokens",
|
|
122
|
+
"type": "string",
|
|
123
|
+
"default": "1w",
|
|
124
|
+
"examples": ["1w", "5d", "10h"]
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
},
|
|
128
|
+
"ldapAuthProvider": {
|
|
129
|
+
"title": "LDAP AuthProvider",
|
|
130
|
+
"description": "Authentication configuration when using LDAP-based authentication",
|
|
131
|
+
"type": "object",
|
|
132
|
+
"additionalProperties": false,
|
|
133
|
+
"required": ["publicKeyLocation", "privateKeyLocation", "issuer", "ldapOptions"],
|
|
134
|
+
"properties": {
|
|
135
|
+
"publicKeyLocation": {
|
|
136
|
+
"description": "Path to public key (in PEM format) used for verifying JWTs",
|
|
137
|
+
"type": "string",
|
|
138
|
+
"examples": ["/etc/carta/carta_public.pem"]
|
|
139
|
+
},
|
|
140
|
+
"privateKeyLocation": {
|
|
141
|
+
"description": "Path to private key (in PEM format) used for signing JWTs",
|
|
142
|
+
"type": "string",
|
|
143
|
+
"examples": ["/etc/carta/carta_private.pem"]
|
|
144
|
+
},
|
|
145
|
+
"keyAlgorithm": {
|
|
146
|
+
"$ref": "#/definitions/keyAlgorithm",
|
|
147
|
+
"default": "RS256"
|
|
148
|
+
},
|
|
149
|
+
"issuer": {
|
|
150
|
+
"description": "Issuer field for JWT",
|
|
151
|
+
"type": "string",
|
|
152
|
+
"examples": ["my-carta-server"]
|
|
153
|
+
},
|
|
154
|
+
"refreshTokenAge": {
|
|
155
|
+
"description": "Lifetime of refresh tokens",
|
|
156
|
+
"type": "string",
|
|
157
|
+
"default": "1w",
|
|
158
|
+
"examples": ["1w", "15h", "2d"]
|
|
159
|
+
},
|
|
160
|
+
"accessTokenAge": {
|
|
161
|
+
"description": "Lifetime of access tokens",
|
|
162
|
+
"type": "string",
|
|
163
|
+
"default": "15m",
|
|
164
|
+
"examples": ["90s", "1h", "15m"]
|
|
165
|
+
},
|
|
166
|
+
"scriptingTokenAge": {
|
|
167
|
+
"description": "Lifetime of scripting tokens",
|
|
168
|
+
"type": "string",
|
|
169
|
+
"default": "1w",
|
|
170
|
+
"examples": ["1w", "5d", "10h"]
|
|
171
|
+
},
|
|
172
|
+
"ldapOptions": {
|
|
173
|
+
"description": "Options to path through to the LDAP auth instance",
|
|
174
|
+
"type": "object",
|
|
175
|
+
"additionalProperties": true,
|
|
176
|
+
"required": ["url", "searchBase"],
|
|
177
|
+
"properties": {
|
|
178
|
+
"url": {
|
|
179
|
+
"description": "LDAP connection URI",
|
|
180
|
+
"type": "string",
|
|
181
|
+
"format": "uri",
|
|
182
|
+
"pattern": "^ldaps?://"
|
|
183
|
+
},
|
|
184
|
+
"searchBase": {
|
|
185
|
+
"description": "Search base",
|
|
186
|
+
"type": "string"
|
|
187
|
+
},
|
|
188
|
+
"searchFilter": {
|
|
189
|
+
"description": "Search filter to use",
|
|
190
|
+
"type": "string",
|
|
191
|
+
"default": "uid={{username}}"
|
|
192
|
+
},
|
|
193
|
+
"starttls": {
|
|
194
|
+
"description": "Whether to start TLS when making a connection",
|
|
195
|
+
"type": "boolean",
|
|
196
|
+
"default": true
|
|
197
|
+
},
|
|
198
|
+
"reconnect": {
|
|
199
|
+
"description": "Whether to automatically reconnect to LDAP",
|
|
200
|
+
"type": "boolean",
|
|
201
|
+
"default": true
|
|
202
|
+
},
|
|
203
|
+
"bindProperty": {
|
|
204
|
+
"description": "Property of the LDAP user object to use when binding to verify the password",
|
|
205
|
+
"type": "string",
|
|
206
|
+
"default": "dn"
|
|
207
|
+
},
|
|
208
|
+
"searchScope": {
|
|
209
|
+
"description": "Scope of the search",
|
|
210
|
+
"type": "string",
|
|
211
|
+
"enum": ["base", "one", "sub"],
|
|
212
|
+
"default": "sub"
|
|
213
|
+
},
|
|
214
|
+
"bindDN": {
|
|
215
|
+
"description": "Admin connection DN, e.g. uid=myapp,ou=users,dc=example,dc=org. If not given at all, admin client is not bound.",
|
|
216
|
+
"type": "string"
|
|
217
|
+
},
|
|
218
|
+
"bindCredentials": {
|
|
219
|
+
"description": "Password for bindDN",
|
|
220
|
+
"type": "string"
|
|
221
|
+
},
|
|
222
|
+
"cache": {
|
|
223
|
+
"description": "If true, then up to 100 credentials at a time will be cached for 5 minutes",
|
|
224
|
+
"type": "boolean",
|
|
225
|
+
"default": false
|
|
226
|
+
},
|
|
227
|
+
"strictDN": {
|
|
228
|
+
"description": "Force strict DN parsing for client methods",
|
|
229
|
+
"type": "boolean",
|
|
230
|
+
"default": true
|
|
231
|
+
},
|
|
232
|
+
"idleTimeout": {
|
|
233
|
+
"description": "Milliseconds after last activity before client emits idle event",
|
|
234
|
+
"type": "number"
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
}
|
|
239
|
+
},
|
|
240
|
+
"externalAuthProvider": {
|
|
241
|
+
"title": "External AuthProvider",
|
|
242
|
+
"description": "OAuth2-compatible authentication configuration",
|
|
243
|
+
"type": "object",
|
|
244
|
+
"additionalProperties": false,
|
|
245
|
+
"required": ["issuers", "publicKeyLocation", "tokenRefreshAddress", "uniqueField"],
|
|
246
|
+
"properties": {
|
|
247
|
+
"issuers": {
|
|
248
|
+
"description": "List of valid issuers in JWT field",
|
|
249
|
+
"type": "array",
|
|
250
|
+
"examples": [["my-auth-server", "my-other-auth-server"]],
|
|
251
|
+
"minItems": 1,
|
|
252
|
+
"items": {
|
|
253
|
+
"type": "string"
|
|
254
|
+
}
|
|
255
|
+
},
|
|
256
|
+
"publicKeyLocation": {
|
|
257
|
+
"description": "Path to public key (in PEM format) used for verifying JWTs",
|
|
258
|
+
"type": "string",
|
|
259
|
+
"examples": ["/etc/carta/my_auth_server_public_key.pem"]
|
|
260
|
+
},
|
|
261
|
+
"keyAlgorithm": {
|
|
262
|
+
"$ref": "#/definitions/keyAlgorithm",
|
|
263
|
+
"default": "RS256"
|
|
264
|
+
},
|
|
265
|
+
"uniqueField": {
|
|
266
|
+
"description": "Name of unique field to use as user ID",
|
|
267
|
+
"type": "string",
|
|
268
|
+
"examples": ["user", "sub", "user_id"]
|
|
269
|
+
},
|
|
270
|
+
"tokenRefreshAddress": {
|
|
271
|
+
"description": "Route for refreshing access tokens",
|
|
272
|
+
"type": "string",
|
|
273
|
+
"format": "uri",
|
|
274
|
+
"pattern": "^https?://"
|
|
275
|
+
},
|
|
276
|
+
"logoutAddress": {
|
|
277
|
+
"description": "Route for logging out",
|
|
278
|
+
"type": "string",
|
|
279
|
+
"format": "uri",
|
|
280
|
+
"pattern": "^https?://"
|
|
281
|
+
},
|
|
282
|
+
"userLookupTable": {
|
|
283
|
+
"description": "Path to user lookup table, a text file with one entry per line, in the format <unique user ID> <system user>. System usernames may not contain whitespace. If no user lookup is needed, this should be omitted.",
|
|
284
|
+
"type": "string",
|
|
285
|
+
"examples": ["/etc/carta/userlookup.txt"]
|
|
286
|
+
}
|
|
287
|
+
}
|
|
288
|
+
},
|
|
289
|
+
"oidcAuthProvider": {
|
|
290
|
+
"title": "OpenID Connect AuthProvider",
|
|
291
|
+
"description": "OpenID Connect authentication configuration",
|
|
292
|
+
"type": "object",
|
|
293
|
+
"additionalProperties": false,
|
|
294
|
+
"required": ["idpUrl", "clientId", "localPublicKeyLocation", "localPrivateKeyLocation", "issuer", "symmetricKeyLocation"],
|
|
295
|
+
"properties": {
|
|
296
|
+
"idpUrl": {
|
|
297
|
+
"description": "Base URL for identity provider endpoint",
|
|
298
|
+
"type": "string",
|
|
299
|
+
"format": "uri",
|
|
300
|
+
"pattern": "^https?://",
|
|
301
|
+
"examples": ["https://domain.xyz/auth/realms/example"]
|
|
302
|
+
},
|
|
303
|
+
"uniqueField": {
|
|
304
|
+
"description": "Name of unique field to use as user ID. Note that as per the OpenID Connect specification only sub/issuer combination is guaranteed to be stable and unique for an arbitrary issuer, though other values such as preferred_username may be usable when the team running the CARTA installation and the issuer are the same.",
|
|
305
|
+
"type": "string",
|
|
306
|
+
"examples": ["sub", "preferred_username"],
|
|
307
|
+
"default": "sub"
|
|
308
|
+
},
|
|
309
|
+
"clientId": {
|
|
310
|
+
"description": "Client ID as registered with identity provider",
|
|
311
|
+
"type": "string",
|
|
312
|
+
"minLength": 1,
|
|
313
|
+
"examples": ["carta"]
|
|
314
|
+
},
|
|
315
|
+
"clientSecret": {
|
|
316
|
+
"description": "Client secret as registered with identity provider",
|
|
317
|
+
"type": "string",
|
|
318
|
+
"minLength": 1
|
|
319
|
+
},
|
|
320
|
+
"scope": {
|
|
321
|
+
"description": "Scopes to request from the OpenID Connect server",
|
|
322
|
+
"type": "string",
|
|
323
|
+
"default": "openid",
|
|
324
|
+
"examples": ["openid", "openid groups"]
|
|
325
|
+
},
|
|
326
|
+
"userLookupTable": {
|
|
327
|
+
"description": "Path to user lookup table, a text file with one entry per line, in the format <unique user ID> <system user>. System usernames may not contain whitespace. If no user lookup is needed, this should be omitted.",
|
|
328
|
+
"type": "string",
|
|
329
|
+
"examples": ["/etc/carta/userlookup.txt"]
|
|
330
|
+
},
|
|
331
|
+
"groupsField": {
|
|
332
|
+
"description": "Name of field containing list of user roles/groups",
|
|
333
|
+
"type": "string",
|
|
334
|
+
"examples": ["groups", "roles"]
|
|
335
|
+
},
|
|
336
|
+
"requiredGroup": {
|
|
337
|
+
"description": "Role to ensure is included among the values in groupsField",
|
|
338
|
+
"type": "string",
|
|
339
|
+
"examples": ["carta-users", "carta-testers"]
|
|
340
|
+
},
|
|
341
|
+
"localPublicKeyLocation": {
|
|
342
|
+
"description": "Path to public key (in PEM format) used for verifying JWTs",
|
|
343
|
+
"type": "string",
|
|
344
|
+
"examples": ["/etc/carta/carta_public.pem"]
|
|
345
|
+
},
|
|
346
|
+
"localPrivateKeyLocation": {
|
|
347
|
+
"description": "Path to private key (in PEM format) used for signing JWTs",
|
|
348
|
+
"type": "string",
|
|
349
|
+
"examples": ["/etc/carta/carta_private.pem"]
|
|
350
|
+
},
|
|
351
|
+
"keyAlgorithm": {
|
|
352
|
+
"$ref": "#/definitions/keyAlgorithm",
|
|
353
|
+
"default": "RS256"
|
|
354
|
+
},
|
|
355
|
+
"issuer": {
|
|
356
|
+
"description": "Issuer field for JWT",
|
|
357
|
+
"type": "string",
|
|
358
|
+
"examples": ["my-carta-server"]
|
|
359
|
+
},
|
|
360
|
+
"cacheAccessTokenMinValidity": {
|
|
361
|
+
"description": "If an access token was previously issued from the upstream server with at least this many seconds of lifetime remaining, a new upstream query will not be performed and a local token with the previous token's remaining lifetime will be issued instead",
|
|
362
|
+
"type": "integer",
|
|
363
|
+
"default": 100
|
|
364
|
+
},
|
|
365
|
+
"symmetricKeyLocation": {
|
|
366
|
+
"description": "Path to symmetric key (base64-encoded) used for refresh tokens. At present this uses the A256GCM algorithm which requires 32 bytes of random data which can be generated using `openssl rand -base64 32`",
|
|
367
|
+
"type": "string",
|
|
368
|
+
"examples": ["/etc/carta/carta_symmetric.pem"]
|
|
369
|
+
},
|
|
370
|
+
"symmetricKeyType": {
|
|
371
|
+
"description": "Selected from the 'JSON Web Signature and Encryption Algorithms' section of https://www.iana.org/assignments/jose/jose.xhtml",
|
|
372
|
+
"type": "string",
|
|
373
|
+
"default": "A256GCM"
|
|
374
|
+
},
|
|
375
|
+
"additionalAuthParams": {
|
|
376
|
+
"description": "Additional parameters to include in authentication requests to deal with identity providers. The example contains the additional arguments required to ensure that Google provide a refresh token when using it with OIDC.",
|
|
377
|
+
"type": "array",
|
|
378
|
+
"default": [],
|
|
379
|
+
"examples": [
|
|
380
|
+
[
|
|
381
|
+
[
|
|
382
|
+
["access_type", "offline"],
|
|
383
|
+
["prompt", "consent"]
|
|
384
|
+
]
|
|
385
|
+
]
|
|
386
|
+
],
|
|
387
|
+
"items": {
|
|
388
|
+
"type": "array",
|
|
389
|
+
"minItems": 2,
|
|
390
|
+
"maxItems": 2
|
|
391
|
+
}
|
|
392
|
+
},
|
|
393
|
+
"postLogoutRedirect": {
|
|
394
|
+
"description": "Optional parameter for specifying an alternate address to redirect to after logout",
|
|
395
|
+
"type": "string",
|
|
396
|
+
"format": "uri-reference",
|
|
397
|
+
"examples": ["https://my-organisation.com/"]
|
|
398
|
+
}
|
|
399
|
+
}
|
|
400
|
+
}
|
|
401
|
+
},
|
|
402
|
+
"additionalProperties": false,
|
|
403
|
+
"properties": {
|
|
404
|
+
"$schema": {
|
|
405
|
+
"description": "Reference to configuration schema file",
|
|
406
|
+
"type": "string"
|
|
407
|
+
},
|
|
408
|
+
"controllerConfigVersion": {
|
|
409
|
+
"description": "The version of this controller configuration",
|
|
410
|
+
"type": "string",
|
|
411
|
+
"default": "2.0"
|
|
412
|
+
},
|
|
413
|
+
"authProviders": {
|
|
414
|
+
"title": "AuthProviders",
|
|
415
|
+
"description": "Configuration option for authentication providers",
|
|
416
|
+
"type": "object",
|
|
417
|
+
"properties": {
|
|
418
|
+
"google": {
|
|
419
|
+
"description": "Google AuthProvider",
|
|
420
|
+
"$ref": "#/definitions/googleAuthProvider"
|
|
421
|
+
},
|
|
422
|
+
"pam": {
|
|
423
|
+
"description": "PAM AuthProvider",
|
|
424
|
+
"$ref": "#/definitions/pamAuthProvider"
|
|
425
|
+
},
|
|
426
|
+
"ldap": {
|
|
427
|
+
"description": "LDAP AuthProvider",
|
|
428
|
+
"$ref": "#/definitions/ldapAuthProvider"
|
|
429
|
+
},
|
|
430
|
+
"external": {
|
|
431
|
+
"description": "External AuthProvider",
|
|
432
|
+
"$ref": "#/definitions/externalAuthProvider"
|
|
433
|
+
},
|
|
434
|
+
"oidc": {
|
|
435
|
+
"description": "OpenID Connect AuthProvider",
|
|
436
|
+
"$ref": "#/definitions/oidcAuthProvider"
|
|
437
|
+
}
|
|
438
|
+
},
|
|
439
|
+
"default": {
|
|
440
|
+
"pam": {
|
|
441
|
+
"publicKeyLocation": "/etc/carta/carta_public.pem",
|
|
442
|
+
"privateKeyLocation": "/etc/carta/carta_private.pem",
|
|
443
|
+
"issuer": "carta"
|
|
444
|
+
}
|
|
445
|
+
}
|
|
446
|
+
},
|
|
447
|
+
"database": {
|
|
448
|
+
"description": "Database configuration",
|
|
449
|
+
"type": "object",
|
|
450
|
+
"additionalProperties": false,
|
|
451
|
+
"properties": {
|
|
452
|
+
"uri": {
|
|
453
|
+
"description": "MongoDB connection URI used to connect to a MongoDB deployment",
|
|
454
|
+
"type": "string",
|
|
455
|
+
"format": "uri",
|
|
456
|
+
"pattern": "^mongodb://",
|
|
457
|
+
"default": "mongodb://localhost:27017"
|
|
458
|
+
},
|
|
459
|
+
"databaseName": {
|
|
460
|
+
"description": "Default database to connect to",
|
|
461
|
+
"type": "string",
|
|
462
|
+
"default": "CARTA"
|
|
463
|
+
}
|
|
464
|
+
},
|
|
465
|
+
"default": {
|
|
466
|
+
"uri": "mongodb://localhost:27017",
|
|
467
|
+
"databaseName": "CARTA"
|
|
468
|
+
}
|
|
469
|
+
},
|
|
470
|
+
"serverPort": {
|
|
471
|
+
"description": "Port to listen on. It is advised to listen on a port other than 80 or 443, behind an SSL proxy",
|
|
472
|
+
"anyOf": [
|
|
473
|
+
{
|
|
474
|
+
"type": "integer",
|
|
475
|
+
"minimum": 0,
|
|
476
|
+
"maximum": 65535
|
|
477
|
+
},
|
|
478
|
+
{
|
|
479
|
+
"type": "string",
|
|
480
|
+
"minLength": 2
|
|
481
|
+
}
|
|
482
|
+
],
|
|
483
|
+
"default": 8000,
|
|
484
|
+
"examples": [8000, 8080, "/run/carta-controller", "var/run/carta"]
|
|
485
|
+
},
|
|
486
|
+
"serverInterface": {
|
|
487
|
+
"description": "Host interface to listen on. If empty, all interfaces are used",
|
|
488
|
+
"type": "string",
|
|
489
|
+
"examples": ["localhost", "127.0.0.1"]
|
|
490
|
+
},
|
|
491
|
+
"httpOnly": {
|
|
492
|
+
"description": "Allow HTTP-only connections. For testing or internal networks only",
|
|
493
|
+
"type": "boolean",
|
|
494
|
+
"default": false
|
|
495
|
+
},
|
|
496
|
+
"serverAddress": {
|
|
497
|
+
"description": "Public-facing server address. If this is specified, all requests will be redirected to this address, otherwise any address used will be preserved",
|
|
498
|
+
"type": "string",
|
|
499
|
+
"format": "uri"
|
|
500
|
+
},
|
|
501
|
+
"dashboardAddress": {
|
|
502
|
+
"description": "Optional parameter for explicitly configuring the dashboard address. This can be absolute or relative. This is required if running the controller on a subdirectory",
|
|
503
|
+
"type": "string",
|
|
504
|
+
"format": "uri-reference",
|
|
505
|
+
"examples": ["https://my-server.com/carta/dashboard", "/carta/dashboard", "/carta-versions/dev/dashboard"]
|
|
506
|
+
},
|
|
507
|
+
"apiAddress": {
|
|
508
|
+
"description": "Optional parameter for explicitly configuring a custom API base address. This can be absolute or relative. This is required if running the controller on a subdirectory",
|
|
509
|
+
"type": "string",
|
|
510
|
+
"format": "uri-reference",
|
|
511
|
+
"examples": ["https://my-server.com/carta/api", "/carta/api", "/carta-versions/dev/api"]
|
|
512
|
+
},
|
|
513
|
+
"frontendPath": {
|
|
514
|
+
"description": "Path to the built frontend folder. If no path is provided, the packaged version will be used",
|
|
515
|
+
"type": "string"
|
|
516
|
+
},
|
|
517
|
+
"backendPorts": {
|
|
518
|
+
"description": "Port range to use for the CARTA backend process",
|
|
519
|
+
"type": "object",
|
|
520
|
+
"additionalProperties": false,
|
|
521
|
+
"default": {
|
|
522
|
+
"min": 3003,
|
|
523
|
+
"max": 3500
|
|
524
|
+
},
|
|
525
|
+
"required": ["min", "max"],
|
|
526
|
+
"properties": {
|
|
527
|
+
"min": {
|
|
528
|
+
"minimum": 1024,
|
|
529
|
+
"maximum": 65535,
|
|
530
|
+
"type": "integer"
|
|
531
|
+
},
|
|
532
|
+
"max": {
|
|
533
|
+
"minimum": 1024,
|
|
534
|
+
"maximum": 65535,
|
|
535
|
+
"type": "integer"
|
|
536
|
+
}
|
|
537
|
+
}
|
|
538
|
+
},
|
|
539
|
+
"processCommand": {
|
|
540
|
+
"description": "Path to CARTA backend executable",
|
|
541
|
+
"type": "string",
|
|
542
|
+
"examples": ["/usr/bin/carta_backend", "/usr/local/bin/carta_backend"],
|
|
543
|
+
"default": "/usr/bin/carta_backend"
|
|
544
|
+
},
|
|
545
|
+
"preserveEnv": {
|
|
546
|
+
"description": "Use the --preserve-env argument when calling sudo",
|
|
547
|
+
"type": "boolean",
|
|
548
|
+
"default": true
|
|
549
|
+
},
|
|
550
|
+
"killCommand": {
|
|
551
|
+
"description": "Path to CARTA kill script",
|
|
552
|
+
"type": "string",
|
|
553
|
+
"examples": ["/usr/local/bin/carta-kill-script"],
|
|
554
|
+
"default": "/usr/local/bin/carta-kill-script"
|
|
555
|
+
},
|
|
556
|
+
"rootFolderTemplate": {
|
|
557
|
+
"description": "Top-level path of directories accessible to CARTA. The `{username}` placeholder will be replaced with the username. Defaults to `/usr/share/carta` if it exists, or `/usr/local/share/carta` if it exists. If neither exists and no default is provided, the controller exits with an error",
|
|
558
|
+
"type": "string",
|
|
559
|
+
"examples": ["/home/{username}", "/"]
|
|
560
|
+
},
|
|
561
|
+
"baseFolderTemplate": {
|
|
562
|
+
"description": "Starting directory of CARTA. Must be a subfolder of rootFolderTemplate. The `{username}` placeholder will be replaced with the username. Defaults to the same value as `rootFolderTemplate`",
|
|
563
|
+
"type": "string",
|
|
564
|
+
"examples": ["/home/{username}/CARTA", "/data", "/"]
|
|
565
|
+
},
|
|
566
|
+
"logFileTemplate": {
|
|
567
|
+
"description": "(Deprecated) Location of log file for backends. This has been renamed to `backendLogFileTemplate` and will be removed in a future version. The `{username}`, `{pid}` and `{datetime}` placeholders will be replaced with the username, process ID. and dat/time formatted as `YYYYMMDD.h_mm_ss` respectively",
|
|
568
|
+
"type": "string"
|
|
569
|
+
},
|
|
570
|
+
"backendLogFileTemplate": {
|
|
571
|
+
"description": "Location of log file for backends. The `{username}`, `{pid}` and `{datetime}` placeholders will be replaced with the username, process ID. and dat/time formatted as `YYYYMMDD.h_mm_ss` respectively",
|
|
572
|
+
"type": "string",
|
|
573
|
+
"default": "/var/log/carta/{username}_{datetime}_{pid}.log",
|
|
574
|
+
"examples": ["/var/log/carta/{username}_{pid}.log", "/home/{username}/CARTA/log/{datatime}_{pid}.log"]
|
|
575
|
+
},
|
|
576
|
+
"logLevelConsole": {
|
|
577
|
+
"description": "Level of messages to log to console.",
|
|
578
|
+
"type": "string",
|
|
579
|
+
"enum": ["none", "emerg", "alert", "crit", "error", "warning", "notice", "info", "debug"],
|
|
580
|
+
"default": "info"
|
|
581
|
+
},
|
|
582
|
+
"logTypeConsole": {
|
|
583
|
+
"description": "Output format to console",
|
|
584
|
+
"type": "string",
|
|
585
|
+
"enum": ["text", "json"],
|
|
586
|
+
"default": "text"
|
|
587
|
+
},
|
|
588
|
+
"logLevelFile": {
|
|
589
|
+
"description": "Level of messages to log to file.",
|
|
590
|
+
"type": "string",
|
|
591
|
+
"enum": ["none", "emerg", "alert", "crit", "error", "warning", "notice", "info", "debug"],
|
|
592
|
+
"default": "info"
|
|
593
|
+
},
|
|
594
|
+
"logTypeFile": {
|
|
595
|
+
"description": "Output format to file",
|
|
596
|
+
"type": "string",
|
|
597
|
+
"enum": ["text", "json"],
|
|
598
|
+
"default": "json"
|
|
599
|
+
},
|
|
600
|
+
"logFile": {
|
|
601
|
+
"description": "Name of file to send log messages to.",
|
|
602
|
+
"type": "string",
|
|
603
|
+
"examples": ["/var/log/carta-controller.log", "/var/spool/carta/controller.log"]
|
|
604
|
+
},
|
|
605
|
+
"timezone": {
|
|
606
|
+
"description": "Timezone to use in logs. If not specified, the local timezone is used.",
|
|
607
|
+
"type": "string",
|
|
608
|
+
"examples": ["Africa/Johannesburg", "America/New_York", "Asia/Tokyo", "Europe/London"]
|
|
609
|
+
},
|
|
610
|
+
"additionalArgs": {
|
|
611
|
+
"description": "Additional arguments to be passed to the backend process, defined as an array of strings. See backend documentation for details.",
|
|
612
|
+
"type": "array",
|
|
613
|
+
"examples": [["--omp_threads", "4", "--initial_timeout", "30", "--exit_timeout", "0"]],
|
|
614
|
+
"items": {
|
|
615
|
+
"type": "string"
|
|
616
|
+
}
|
|
617
|
+
},
|
|
618
|
+
"startDelay": {
|
|
619
|
+
"description": "Wait time before checking whether started process is still running and sending a response to the connecting client",
|
|
620
|
+
"type": "integer",
|
|
621
|
+
"minimum": 0,
|
|
622
|
+
"default": 250
|
|
623
|
+
},
|
|
624
|
+
"dashboard": {
|
|
625
|
+
"description": "Dashboard appearance configuration",
|
|
626
|
+
"type": "object",
|
|
627
|
+
"properties": {
|
|
628
|
+
"backgroundColor": {
|
|
629
|
+
"description": "Background color for the dashboard",
|
|
630
|
+
"type": "string",
|
|
631
|
+
"default": "#f6f8fa",
|
|
632
|
+
"examples": ["red", "rgb(171 66 66)", "#ff11ee"]
|
|
633
|
+
},
|
|
634
|
+
"bannerColor": {
|
|
635
|
+
"description": "Background color for the institutional logo banner",
|
|
636
|
+
"type": "string",
|
|
637
|
+
"default": "#606f7e",
|
|
638
|
+
"examples": ["red", "rgb(171 66 66)", "#ff11ee"]
|
|
639
|
+
},
|
|
640
|
+
"bannerImage": {
|
|
641
|
+
"description": "Path to institutional logo in PNG or SVG format",
|
|
642
|
+
"type": "string"
|
|
643
|
+
},
|
|
644
|
+
"infoText": {
|
|
645
|
+
"description": "Text displayed before and after sign in. Plain text or HTML",
|
|
646
|
+
"type": "string",
|
|
647
|
+
"examples": ["Welcome to the server", "<span>Welcome to <b>the</b> server</span>"]
|
|
648
|
+
},
|
|
649
|
+
"loginText": {
|
|
650
|
+
"description": "Text displayed before sign-in only. Plain text or HTML",
|
|
651
|
+
"type": "string",
|
|
652
|
+
"examples": ["Please enter your username and password", "<span>Click <b>Sign in</b> to log in via Google</span>"]
|
|
653
|
+
},
|
|
654
|
+
"footerText": {
|
|
655
|
+
"description": "Footer text. Plain text or HTML",
|
|
656
|
+
"type": "string",
|
|
657
|
+
"examples": [
|
|
658
|
+
"Please contact the CARTA helpdesk for more information",
|
|
659
|
+
"<span>If you would like to access the server, or have any problems, comments or suggestions, please <a href='mailto:test@test.com'>contact us.</a></span>"
|
|
660
|
+
]
|
|
661
|
+
}
|
|
662
|
+
}
|
|
663
|
+
},
|
|
664
|
+
"scriptingAccess": {
|
|
665
|
+
"description": "Control scripting access for users.",
|
|
666
|
+
"type": "string",
|
|
667
|
+
"enum": ["enabled-all-users", "disabled-all-users", "opt-in"],
|
|
668
|
+
"default": "disabled-all-users"
|
|
669
|
+
}
|
|
670
|
+
},
|
|
671
|
+
"if": {
|
|
672
|
+
"properties": {
|
|
673
|
+
"serverPort": {
|
|
674
|
+
"type": "string"
|
|
675
|
+
}
|
|
676
|
+
}
|
|
677
|
+
},
|
|
678
|
+
"then": {
|
|
679
|
+
"properties": {
|
|
680
|
+
"serverInterface": {
|
|
681
|
+
"type": "null"
|
|
682
|
+
}
|
|
683
|
+
}
|
|
684
|
+
}
|
|
685
|
+
}
|