Comments (4)
Hello! Can you please send the browser console logs and your isardvdi.cfg
? Thanks! :)
from isard.
# Isard main config v2.2.1
# ------ Docker Compose ------------------------------------------------------
## This configuration should generate docker-compose file for the following
## flavour
## Values: (first value is the default one)
## - all-in-one: all services except toolbox in one docker-compose file
## - hypervisor: hypervisor and related service to access to their desktops
## - hypervisor-standalone: hypervisor without related services
## - video-standalone: services to access to desktops
## - toolbox: service to manage desktops disks
## - toolbox-base: base image for toolbox, just to improve CI/CD build
## - web: services to manage desktops
## - monitor: monitoring only host (grafana/loki/influxdb)
## - backupninja: standalone backups
#FLAVOUR=all-in-one
## This configuration should generate docker-compose file for the following
## usage
## Values: (first value is the default one)
## - production: docker-compose file without build section
## ready to pull and up
## (see also: https://github.com/docker/compose/issues/7873)
## - test: like production with docker services to run tests
## - build: like test with build section
## - devel: like build and host source code are mounted into docker volumes
#USAGE=production
## Should stats service will be included
## Values: (first value is the default one)
## - true: add stats service
## - false: doesn't add stats sercice
#ENABLE_STATS=true
# ------ Domain --------------------------------------------------------------
## This server main public domain/ip.
## NOTE: In infrastructure hypervisors should be the reacheable ip/dns from
## isard-engine
DOMAIN=isardvdi.nextline.com.br
# ------ Admin password ------------------------------------------------------
## Initial WEB admin user password. Used also in grafana, influxdb
## and authenticated backend paths (/debug/...)
WEBAPP_ADMIN_PWD=IsardVDI
# ------ Frontend Administration Button --------------------------------------
## Will show/hide Administration menu button for users of role User.
#FRONTEND_SHOW_ADMIN_BTN=True
# ------ Frontend Bookings ---------------------------------------------------
## Will show/hide Resource bookings menu.
#FRONTEND_SHOW_BOOKINGS=False
# ------ Frontend Documentation URI ---------------------------------------------------
## Documentation URI where the user will be redirected.
FRONTEND_DOCS_URI=https://isard.gitlab.io/isardvdi-docs/
# ------ Secrets -------------------------------------------------------------
## Generate your own SECRETS!
## openssl rand -base64 32
WEBAPP_SESSION_SECRET=xq0Z3MP5ujxrQxtMGxgPiijH9xpuxkyP04R6At/V+g4=
API_ISARDVDI_SECRET=kpWpdF0NtI2XCEfzMp36hdSV9S42E7axS8D5TvP9c0A=
INFLUXDB_ADMIN_TOKEN_SECRET=9eFW/Qi29hL3hFGUP8wIGH89XKCH8s1k0il44GCRF2g=
API_HYPERVISORS_SECRET=B5/bUEUzIC+AjNQRmFh3vxR3VeIKirwdeL/xuHPVO+E=
# ------ Letsencrypt certificate ---------------------------------------------
## You can use your own certificates if you concatenate into
## /opt/isard/certs/default/chain.pem
## You can let isard generate autosigned certs (not recommended as
## html5 viewers will not work.
## Or you can let isard generate letsencrypt certs for your domain.
## For this option to work be sure the DOMAIN points to this IP.
## To avoid using letsencrypt let this variable commented.
## The email will be used by letsencrypt to notify you expirations
## although the renovation will be automatic.
#LETSENCRYPT_EMAIL=
# ------ Authentication ------------------------------------------------------
## Local
### Local authentication against isard database
#AUTHENTICATION_AUTHENTICATION_LOCAL_ENABLED=true
## LDAP
#AUTHENTICATION_AUTHENTICATION_LDAP_ENABLED=false
#AUTHENTICATION_AUTHENTICATION_LDAP_PROTOCOL=ldap
#AUTHENTICATION_AUTHENTICATION_LDAP_HOST=
#AUTHENTICATION_AUTHENTICATION_LDAP_PORT=389
### Credentials used for querying the LDAP
#AUTHENTICATION_AUTHENTICATION_LDAP_BIND_DN=
#AUTHENTICATION_AUTHENTICATION_LDAP_PASSWORD=
### Base Search is the DN that all the users share, e.g. ou=people,dc=example,dc=com
#AUTHENTICATION_AUTHENTICATION_LDAP_BASE_SEARCH=
### Filter is the actual filter used to search users. The '%s' represents the user that is sent through the form
### More information: https://confluence.atlassian.com/kb/how-to-write-ldap-search-filters-792496933.html
#AUTHENTICATION_AUTHENTICATION_LDAP_FILTER="(&(objectClass=person)(uid=%s))"
### These are the fields that the LDAP search responds. For example, in some installations, the field for the email is called 'mail'
### Then, a regex is applied to this field, in case we needed to filter inside a LDAP field. By default it collects the whole field. The
### regex match tries to extract the first group, but if there's no group it will extract the whole match
#AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_UID=
#AUTHENTICATION_AUTHENTICATION_LDAP_REGEX_UID=.*
#AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_USERNAME=
#AUTHENTICATION_AUTHENTICATION_LDAP_REGEX_USERNAME=.*
#AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_NAME=
#AUTHENTICATION_AUTHENTICATION_LDAP_REGEX_NAME=.*
#AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_EMAIL=
#AUTHENTICATION_AUTHENTICATION_LDAP_REGEX_EMAIL=.*
#AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_PHOTO=
#AUTHENTICATION_AUTHENTICATION_LDAP_REGEX_PHOTO=.*
### Auto Register the existing ldap users into IsardVDI
#AUTHENTICATION_AUTHENTICATION_LDAP_AUTO_REGISTER=false
### Try guessing the category based in the LDAP search results (must have AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_CATEGORY configured)
#AUTHENTICATION_AUTHENTICATION_LDAP_GUESS_CATEGORY=false
### These are the fields that the LDAP search responds. For example, in some installations, the field for the group is called 'group'
### Then, a regex is applied to this field, in case we needed to filter inside a LDAP field. By default it collects the whole field. The
### regex match tries to extract the first group, but if there's no group it will extract the whole match
#AUTHENTICATION_AUTHENTICATION_LDAP_FIELD_CATEGORY=
#AUTHENTICATION_AUTHENTICATION_LDAP_REGEX_CATEGORY=.*
### The base search for listing all the groups of a user
#AUTHENTICATION_AUTHENTICATION_LDAP_GROUPS_SEARCH=
### Filter is the actual filter used to search all the groups of a user. The '%s' represents the user that is sent through the form
### More information: https://confluence.atlassian.com/kb/how-to-write-ldap-search-filters-792496933.html
#AUTHENTICATION_AUTHENTICATION_LDAP_GROUPS_FILTER="(&(objectClass=posixGroup)(memberUid=%s))"
# If this field is set to true, use the full DN instead of the user that is sent through the form to search for the user groups
#AUTHENTICATION_AUTHENTICATION_LDAP_GROUPS_SEARCH_USE_DN=false
### The field that contains the group in the AUTHENTICATION_AUTHENTICATION_LDAP_GROUPS_FILTER search
#AUTHENTICATION_AUTHENTICATION_LDAP_GROUPS_SEARCH_FIELD=
#AUTHENTICATION_AUTHENTICATION_LDAP_GROUPS_SEARCH_REGEX=.*
### All the users that are in at least one of the groups specified here, will be created in the admin role (comma separated)
#AUTHENTICATION_AUTHENTICATION_LDAP_ROLE_ADMIN_GROUPS=
#AUTHENTICATION_AUTHENTICATION_LDAP_ROLE_MANAGER_GROUPS=
#AUTHENTICATION_AUTHENTICATION_LDAP_ROLE_ADVANCED_GROUPS=
#AUTHENTICATION_AUTHENTICATION_LDAP_ROLE_USER_GROUPS=
# This is the default role that users will have if they don't match in any of the previous groups.
# Values can be 'admin', 'manager', 'advanced', 'user'
#AUTHENTICATION_AUTHENTICATION_LDAP_ROLE_DEFAULT=user
## SAML
#AUTHENTICATION_AUTHENTICATION_SAML_ENABLED=false
#AUTHENTICATION_AUTHENTICATION_SAML_METADATA_URL=
## If the key and cert files don't exist, they will be self signed automatically
#AUTHENTICATION_AUTHENTICATION_SAML_KEY_FILE=/keys/isardvdi.key
#AUTHENTICATION_AUTHENTICATION_SAML_CERT_FILE=/keys/isardvdi.cert
### These are the fields that the SAML search responds. For example, in some installations, the field for the email is called 'mail'
### Then, a regex is applied to this field, in case we needed to filter inside a SAML field. By default it collects the whole field. The
### regex match tries to extract the first group, but if there's no group it will extract the whole match
#AUTHENTICATION_AUTHENTICATION_SAML_FIELD_UID=
#AUTHENTICATION_AUTHENTICATION_SAML_REGEX_UID=.*
#AUTHENTICATION_AUTHENTICATION_SAML_FIELD_USERNAME=
#AUTHENTICATION_AUTHENTICATION_SAML_REGEX_USERNAME=.*
#AUTHENTICATION_AUTHENTICATION_SAML_FIELD_NAME=
#AUTHENTICATION_AUTHENTICATION_SAML_REGEX_NAME=.*
#AUTHENTICATION_AUTHENTICATION_SAML_FIELD_EMAIL=
#AUTHENTICATION_AUTHENTICATION_SAML_REGEX_EMAIL=.*
#AUTHENTICATION_AUTHENTICATION_SAML_FIELD_PHOTO=
#AUTHENTICATION_AUTHENTICATION_SAML_REGEX_PHOTO=.*
## Google
### Create your Google OAUTH credentials at https://console.developers.google.com/apis/credentials
### Authorized redirect URIs: https://domain.tld/authentication/callback
#AUTHENTICATION_AUTHENTICATION_GOOGLE_ENABLED=false
#AUTHENTICATION_AUTHENTICATION_GOOGLE_CLIENT_ID=id
#AUTHENTICATION_AUTHENTICATION_GOOGLE_CLIENT_SECRET=secret
# ------ Backups -------------------------------------------------------------
## Automated backups (https://0xacab.org/liberate/backupninja)
# If BACKUP_NFS_ENABLED is not enabled it will use this directory to create backups
# If BACKUP_NFS_ENABLED is enabled then this variable should be commented
#BACKUP_DIR=/opt/isard-local/backup
# If nfs enabled you need to set server and folder also
#BACKUP_NFS_ENABLED=false
#BACKUP_NFS_SERVER=172.16.0.10
#BACKUP_NFS_FOLDER=/remote/backupfolder
#BACKUP_DB_ENABLED=false
#BACKUP_DB_WHEN="everyday at 01"
#BACKUP_DB_PRUNE="--keep-weekly=8 --keep-monthly=12 --keep-within=14d --save-space"
#BACKUP_DISKS_ENABLED=false
#BACKUP_DISKS_WHEN="everyday at 01"
#BACKUP_DISKS_PRUNE="--keep-weekly=4 --keep-monthly=3 --keep-within=7d --save-space"
#BACKUP_DISKS_TEMPLATES_ENABLED=false
#BACKUP_DISKS_GROUPS_ENABLED=false
#BACKUP_DISKS_MEDIA_ENABLED=false
##################################################################
##################################################################
## DO NOT EDIT FROM HERE UNLESS YOU KNOW WHAT YOU ARE DOING !!! ##
##################################################################
##################################################################
# ------ Docker images prefix ------------------------------------------------
## Image prefix that could include registry and repository
DOCKER_IMAGE_PREFIX=registry.gitlab.com/isard/isardvdi/
# ------ Docker images tags --------------------------------------------------
## Image tag that could be tags or branches from the git repository
## Used for doing docker-compose pull
DOCKER_IMAGE_TAG=main
# ------ Logs ----------------------------------------------------------------
LOG_LEVEL=INFO
# ------ QCOW2 images --------------------------------------------------------
## Cluster size used when creating qcow2 disk images
#QCOW2_CLUSTER_SIZE=4k
## Enable use of extended l2 entries when creating qcow2 disk images
## Options: on / off
#QCOW2_EXTENDED_L2=off
# ------ GPUS --------------------------------------------------------------
## ----- NVIDIA
## New hypervisor: Engine will try to scan new hyper for NVIDIA GPUs and
## will also setup them.
#GPU_NVIDIA_SCAN=false
## Enabled existing hyper: Existing hyper will be scanned for NVIDIA GPUs
## when enabled (from disabled) at web interface.
#GPU_NVIDIA_RESCAN=false
##################################################################
## INFRASTRUCTURE PARAMETERS. Used on remote hypervisors ##
##################################################################
## Remote hypervisors can be:
## docker-compose.hypervisor.yml: Will have an isard-video
## docker-compose.hypervisor-standalone.yml: Will get video on
## the VIDEO_HYPERVISOR_PORTS from the VIDEO_DOMAIN isard-video host.
# ------ Hypervisor Identifier -----------------------------------------------
## Set it to a unique name for hypervisor
#HYPER_ID=isard-hypervisor
## Hypervisor can be disabled when entering system with false value
#HYPER_ENABLED=true
# ------ Hypervisor options ---------------------------------------------------
## ONLY_FORCED_HYP enables only_forced option to only get domains with
## forced_hyp. Values:
## - false (default): get any domain
## - true: only get domains with forced_hyp
#ONLY_FORCED_HYP=false
# ------ Database host -------------------------------------------------------
## Where is the database reacheable?
## Not needed for remote hypervisors, only to split main web install.
#RETHINKDB_HOST=isard-db
#RETHINKDB_PORT=28015
#RETHINKDB_DB=isard
# ------ Authentication host -------------------------------------------------
# Authentication host
## Where is isard-authentication reacheable from clients browser?
## Not needed for remote hypervisors, only to split main web install.
#AUTHENTICATION_AUTHENTICATION_HOST=$DOMAIN
#AUTHENTICATION_DB_HOST=isard-db
# ------ Api host ------------------------------------------------------------
## Where can this host reach the isard-api host?
## Need to be set for flavours:
## - hypervisor
## - hypervisor-standalone
#API_DOMAIN=isard-api
# ------ Static nginx host ----------------------------------------------------
## Where the clients browsers will load static when connecting to this host
## html5 video?
## Need to be set for flavours:
## - hypervisor
## - hypervisor-standalone
#STATIC_DOMAIN=$DOMAIN
# ------ Vpn host ------------------------------------------------------------
## Where can this host reach the isard-vpn host?
## Need to be set for flavours:
## - hypervisor
## - hypervisor-standalone
#VPN_DOMAIN=isard-vpn
## The vpn mtu will allow for infrastructure connection (allow it in your
## switches)
## If using Internet to connect remote hypers this should be lowered.
## https://keremerkan.net/posts/wireguard-mtu-fixes/
## https://mail.openvswitch.org/pipermail/ovs-discuss/2018-June/046932.html
#VPN_MTU=1600
# ------ Video proxy host ----------------------------------------------------
## Where will the client browser reach isard-video to this host?
## Need to be set for flavours:
## - video-standalone (to generate letsencrypt certs)
## - hypervisor (to generate letsencrypt certs and set up hyper in db)
## - hypervisor-standalone ( to set up hyper in db)
#VIDEO_DOMAIN=$DOMAIN
# ------ Video external NAT ports --------------------------------------------
## Where the users browsers will connect to get the video stream for
## their guests started in this hypervisor? (outside NAT ports)
#VIEWER_SPICE=80
#VIEWER_BROWSER=443
#VIEWER_RDPGW=9999
# ------ Video proxy ACL -----------------------------------------------------
## Is this host hosting the isard-video for other hypervisor-standalone
## servers? Then allow here only the hostnames for those hypervisors as
## seen from this host with comma (,) delimiters:
#VIDEO_HYPERVISOR_HOSTNAMES=isard-hypervisor
#VIDEO_HYPERVISOR_PORTS=5900-6899
# ------ Docker networking ---------------------------------------------------
## Assign a docker /24 network. The host part will be set by system
## You should avoid setting a network that exists in your infrastructure
## or in isard configuration. Set only the /24 part!
#DOCKER_NET=172.31.255
# ------ Guests networking ---------------------------------------------------
## All the sub networks needed for infrastructure wireguard will
## fall within this sub networks
WG_MAIN_NET=10.0.0.0/14
## Users at home will get a unique /32 IP from this range.
## Set a network that will allow as many clients as you will have.
WG_USERS_NET=10.0.0.0/16
## UDP port for users at home to connect wireguard to this server.
WG_USERS_PORT=443
## Only in infrastructure this will be used by remote hypers to
## send wireguard guests network to the main Isard.
WG_HYPERS_NET=10.1.0.0/24
## UDP port for remote hypervisors to connect to this server.
WG_HYPERS_PORT=4443
## This is the main range to be used by wireguard interface in
## guests in your system. Will be subdivided in smaller ranges
## for each hypervisor.
WG_GUESTS_NETS=10.2.0.0/16
## 23: 512 GUESTS -2
## 24: 256 GUESTS -2
## Each hypervisor will get one subnet from WG_GUESTS_NETS
## Last network will be subdivided /29 to connect wireguard hyper
## clients (isard-vpnc) to the wireguard server (isard-vpn)
WG_GUESTS_DHCP_MASK=23
## This sets a reserved dhcp range if you want.
WG_GUESTS_RESERVED_HOSTS=20
# ------ Trunk port & vlans --------------------------------------------------
## Uncomment to map host interface name inside hypervisor container.
## If static vlans are commented then hypervisor will initiate an
## auto-discovery process. The discovery process will last for 260
## seconds and this will delay the hypervisor from being available.
## So it is recommended to set also the static vlans.
## Note: It will create VlanXXX automatically on webapp. You need to
## assign who is allowed to use this VlanXXX interfaces.
#HYPERVISOR_HOST_TRUNK_INTERFACE=
## This environment variable depends on previous one. When setting
## vlans number comma separated it will disable auto-discovery and
## fix this as forced vlans inside hypervisor.
#HYPERVISOR_STATIC_VLANS=
## NOTE: The interface name should not be changed from defaults.
## Newer kernels use cgroups2 that doens't work. To get the
## old cgroups add to /etc/default/grub:
## GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=0"
## and update-grub, and reboot.
# ------ Override hosts in isard-portal haproxy ------------------------------
#WEBAPP_HOST=isard-webapp
##################################################################
## STATS PARAMETERS ##
##################################################################
# ------ Grafana ------------------------------------------------------
#GRAFANA_HOST=isard-grafana
# ------ Prometheus -----------------------------------------------------
#PROMETHEUS_ADDRESS=http://isard-prometheus:9090
# ------ Stats -----------------------------------------------------
#STATS_DIRECTORY=/opt/isard/stats
#STATS_GLANCES_REFRESH=2
#STATS_GLANCES_DATA_RETENTION=2w
# ------ Loki -----------------------------------------------------
#LOKI_ADDRESS=http://isard-loki:3100
# ------ OCI Collector -----------------------------------------------------
#STATS_COLLECTORS_OCI_ENABLE=false
#TF_VAR_tenancy_ocid=
#TF_VAR_user_ocid=
#TF_VAR_fingerprint=
#TF_VAR_region=
#TF_VAR_private_key=
from isard.
It seems that you don't have the default category created. Or you disabled it to appear in the advanced settings. I'd stop everything, remove the /opt/isard
and /opt/isard-local
directories and start it again. You may want to try accessing it through https://<domain>/login/default
and see if there's any luck!
from isard.
OK, this resolve my problem.
from isard.
Related Issues (20)
- Migrar vm de la version 2 a la version 4
- Error when I try to create a desktop.
- docker-compose link broken HOT 1
- Hypervisor status still error.. HOT 14
- Issues between creating a VM using an image and connecting to a VM created as a template HOT 3
- Inquiries about NVIDIA vGPU support HOT 4
- Hypervisors now self register in system when they start. Check parameters in isardvdi.cfg HOT 4
- I can't change the IP of the Hypervisor HOT 9
- Docker network change and AD LDAP authentication method HOT 1
- Using Isardvdi in different port (No port linking in RDP Viewer Page) HOT 1
- Hypervisors now self register in system when they start - VMware - Ubuntu HOT 1
- Can't pull images HOT 1
- Put an eye on password field to be able to see it HOT 1
- After downal iso show failed isard-hypervisor error HOT 1
- Share desktops between users HOT 1
- Ajax Error
- 403 forbidden error while running the docker-compose pull command
- Problema con hypervisor HOT 2
- Media - Upload from URL only HTTPS allowed ? HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from isard.