UI Server Configuration

Cylc UI Server can be configured using a jupyter_config.py.

Site level configuration, such as c.CylcUIServer.site_authorization should be defined in /etc/cylc/uiserver/jupyter_config.py, or, alternatively, the environment variable CYLC_SITE_CONF_PATH. User level configuration should be located in ~/.cylc/uiserver/jupyter_config.py.

Cylc UI Server can be configured using a jupyter_config.py file, loaded from a hierarchy of locations. This hierarchy includes the prepackaged configuration, the site directory (which defaults to /etc/cylc/uiserver but can be set with the environment variable $CYLC_SITE_CONF_PATH) and the user directory (~/.cylc/uiserver). For example, at Cylc UI Server version 0.6.0, the hierarchy (highest priority at the bottom) would be:

  • cylc/uiserver/jupyter_config.py (pre-packaged default)

  • /etc/cylc/uiserver/jupyter_config.py

  • /etc/cylc/uiserver/0/jupyter_config.py

  • /etc/cylc/uiserver/0.6/jupyter_config.py

  • /etc/cylc/uiserver/0.6.0/jupyter_config.py

  • ~/.cylc/uiserver/jupyter_config.py

  • ~/.cylc/uiserver/0/jupyter_config.py

  • ~/.cylc/uiserver/0.6/jupyter_config.py

  • ~/.cylc/uiserver/0.6.0/jupyter_config.py

An example configuration might look like this:

# scan for workflows every 10 seconds
c.CylcUIServer.scan_interval = 10

The Cylc UI Server is a Jupyter Server extension. For generic configuration options see the Jupyter Servers documentation: Config file and command line options. Cylc specific configurations are documented here.

Note

c.CylcUIServer.site_authorization should be defined in /etc/cylc/uiserver/jupyter_config.py, or, alternatively, via the environment variable CYLC_SITE_CONF_PATH.

class cylc.uiserver.app.CylcUIServer(**kwargs: Any)
max_workers c.CylcUIServer.max_workers = Int(1)

Set the maximum number of workers for process pools.

scan_interval c.CylcUIServer.scan_interval = Float(5.0)

Set the interval between workflow scans in seconds.

Workflow scans allow a UI server to detect workflows which have been started from the CLI since the last update.

This involves a number of filesystem operations, to reduce system load set a higher value.

site_authorization c.CylcUIServer.site_authorization = Dict()

Dictionary containing site limits and defaults for authorization.

This configuration should be placed only in the site set configuration file and not the user configuration file (use c.CylcUIServer.user_authorization for user defined authorization).

If this configuration is empty, site authorization defaults to no configurable authorization and users will be unable to set any authorization.

Authorization can be granted at operation (mutation) level, i.e. specifically grant user access to execute Cylc commands, e.g. play, pause, edit, trigger etc. For your convenience, these operations have been mapped to access groups READ, CONTROL and ALL.

To remove permissions, prepend the access group or operation with !.

Permissions are additive but negated permissions take precedence above additions e.g. CONTROL, !stop will permit all operations in the CONTROL group except for stop.

Note

Any authorization permissions granted to a user will be applied to all workflows.

For more information, including the access group mappings, see Authorizing Others to Access Your Workflows.

Example Configuration:

c.CylcUIServer.site_authorization = {
    "*": {  # For all ui-server owners,
        "*": {  # Any authenticated user
            "default": "READ",  # Has default read access
        },
        "user1": {  # user1
            "default": ["!ALL"],  # No privileges for all
            # ui-server owners.
        },  # No limit set, so all ui-server owners
    },  # limit is also "!ALL" for user1
    "server_owner_1": {  # For specific UI Server owner,
        "group:group_a": {  # Any member of group_a
            "default": "READ",  # Will have default read access
            "limit": ["ALL", "!play"],  # server_owner_1 can
        },  # grant All privileges, except play.
    },
    "group:grp_of_svr_owners": {  # Group of UI Server owners
        "group:group_b": {
            "limit": [  # can grant groupB users up to READ and
                "READ",  # CONTROL privileges, without stop and
                "CONTROL",  # kill
                "!stop",
                "!kill",  # No default, so default is no access
            ],
        },
    },
}
ui_build_dir c.CylcUIServer.ui_build_dir = PathType()

The directory containing the UI build.

This can be a directory containing a single UI build e.g:

dir/
    index.html

Or a tree of builds where each build has a version number e.g:

dir/
    1.0/
        index.html
    2.0/
        index.html

By default this points at the UI build tree which was bundled with the UI Server. Change this if you want to pick up a different build e.g. for development or evaluation purposes.

Takes effect on (re)start.

ui_version c.CylcUIServer.ui_version = Unicode('')

Hardcodes the UI version to serve.

If the ui_build_dir is a tree of builds, this config can be used to determine which UI build is used.

By default the highest version is chosen according to PEP440 version sorting rules.

Takes effect on (re)start.

user_authorization c.CylcUIServer.user_authorization = Dict()

Dictionary containing authorized users and permission levels for authorization.

Use this setting to share control of your workflows with other users.

Note that you are only permitted to give away permissions up to your limit for each user, as defined in the site_authorization configuration.

Authorization can be granted at operation (mutation) level, i.e. specifically grant user access to execute Cylc commands, e.g. play, pause, edit, trigger etc. For your convenience, these operations have been mapped to access groups READ, CONTROL and ALL.

To remove permissions, prepend the access group or operation with !.

Permissions are additive but negated permissions take precedence above additions e.g. CONTROL, !stop will permit all operations in the CONTROL group except for stop.

Note

Any authorization permissions granted to a user will be applied to all workflows.

For more information, including the access group mappings, see Authorizing Others to Access Your Workflows.

Example configuration, residing in ~/.cylc/uiserver/jupyter_config.py:

c.CylcUIServer.user_authorization = {
    "*": ["READ"],  # any authenticated user has READ access
    "group:group2": ["ALL"],  # Any user in system group2 has
                              # access to all operations
    "userA": ["ALL", "!stop"],  # userA has ALL operations, not
                                # stop
}