---
myst:
  html_meta:
    "description lang=en": "Kasm Workspaces Slip Stream Configuration Items During Install"
    "keywords": "Kasm, Export, Import, Backup, Restore, Install, Slipstream"
    "property=og:locale": "en_US"
---
```{title} Slip-Stream Install Configurations
```

## Slip-Stream Install Configurations
 
Administrators may wish to install an instance of Workspaces preloaded with desired configurations. This may be helpful
for CI/CD or other programmatically deployed environments such as augmenting terraform projects.

This can be accomplished by swapping out the
`default_properties.yaml` file found in the standard installation package after it is extracted
and before `install.sh` is called.

The format of the `default_properties.yaml` file, is the same as one generated from the {ref}`config-export` mechanism,
allowing administrators to more easily restore an existing deployment to another system. 

```{parsed-literal}
cd /tmp
curl -O {{ release_url }}
tar -xf {{ release_url.split('/') | last }}
# Replace default_properties.yaml
cp <custom_config.yaml>  kasm_release/conf/database/seed_data/default_properties.yaml
sudo bash kasm_release/install.sh
```



```{warning}
This feature is primarly intended for partners and system integrators that have advanced understanding and experience
using Kasm Workspaces. Workspaces contains thousands of interconnected configuration items, many of which are
internal-facing elements and thus not fully documented.

Please see {doc}`Configuration Schema Versioning and Details <schema_versioning>` for important implementation concerns.
```


### Default Properties Pre-Processing

When the installer ingests the `default_properites.yaml`, it will first pre-process the file to allow values
to be templated with special variables. This may be helpful when constructing references between objects via uuids, 
or templating values that should be randomized between deployments. It is recommended to inspect the 
`default_properites.yaml` that is provided with the install package for example usage as it represents the standard
configurations for the default install.


````{dropdown} UUIDs
:animate: fade-in

UUIDs can be templated by using the string `${uuid:<some string>}` e.g `${uuid:example1}`. If the same variable is used
multiple times in the yaml, it will be replaced with the same UUID.


```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 3,4,9,10,16

    group_settings:
    - description: Allows users to see and edit all attributes of the Kasm application.
      group_id: "${uuid:group:1}"
      group_setting_id: "${uuid:group_setting_id:1}"
      name: administrator
      value: 'False'
      value_type: bool
    - description: Allow audio streaming for a Kasm.
      group_id: "${uuid:group:1}"
      group_setting_id: "${uuid:group_setting_id:2}"
      name: allow_kasm_audio
      value: 'False'
      value_type: bool
    groups:
    - description: null
      group_id:  "${uuid:group:1}"
      is_system: false
      name: Intenal Administators
      priority: 1000
      program_data: null
```

```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 3,4,9,10,16

    group_settings:
    - description: Allows users to see and edit all attributes of the Kasm application.
      group_id: "e2fd5c8e-82c2-4841-8ef0-824e30f16055"
      group_setting_id: "e7173013-fad7-4de8-860b-94ee5a70dcbf"
      name: administrator
      value: 'False'
      value_type: bool
    - description: Allow audio streaming for a Kasm.
      group_id: "e2fd5c8e-82c2-4841-8ef0-824e30f16055"
      group_setting_id: "b1c4efbe-ddc4-4ebc-839b-483b2e190873"
      name: allow_kasm_audio
      value: 'False'
      value_type: bool
    groups:
    - description: null
      group_id:  "e2fd5c8e-82c2-4841-8ef0-824e30f16055"
      is_system: false
      name: Internal Administators
      priority: 1000
      program_data: null
```

````

````{dropdown} DateTime
:animate: fade-in

Datetime objects can be generated for the current time using the `${datetime:utcnow}` variable.

```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 2,3

    users:
    - created: '${datetime:utcnow}'
      password_set_date: '${datetime:utcnow}'
      pw_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
      realm: local
      salt: 6614c4ba-6c49-4f50-8d9a-ce82de5ac852
      user_id: 11bf8e0a-e08c-4c1b-81ad-518447d75b49
      username: admin@kasm.local
```

```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 2,3

    users:
    - created: '2023-02-05 02:41:43.729155'
      password_set_date: '2023-02-05 02:41:43.729155'
      pw_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
      realm: local
      salt: 6614c4ba-6c49-4f50-8d9a-ce82de5ac852
      user_id: 11bf8e0a-e08c-4c1b-81ad-518447d75b49
      username: admin@kasm.local
```

````

````{dropdown} Random Tokens
:animate: fade-in

Random string tokens can be be generated using a variable `${random_token:<some string>}`. E.g `${random_token:manager_token}`

```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 8

    settings:
    - category: manager
      description: An authentication token used in the communication between Kasm Agents and the Manager API server.
      name: token
      sanitize: false
      services_restart: manager
      title: Token
      value: "${random_token:manager_token}"
      value_type: password
```

```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 8

    settings:
    - category: manager
      description: An authentication token used in the communication between Kasm Agents and the Manager API server.
      name: token
      sanitize: false
      services_restart: manager
      title: Token
      value: "2RZGPY1LUPOph4fmU1kU"
      value_type: password
```

````

````{dropdown} RSA Keys
:animate: fade-in

RSA public and private keys can be be generated using variables: `${rsa:<some string>:private}` and `${rsa:<some string>:public}`

```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 8,16

    settings:
    - category: auth
      description: Private Key used to sign request between Kasm components.
      name: api_private_key
      sanitize: true
      services_restart: null
      title: API Private Key
      value: "${rsa:1:private}"
      value_type: multiline_string
    - category: auth
      description: Public key used by Kasm components to validate internal API calls.
      name: api_public_cert
      sanitize: false
      services_restart: null
      title: API Public Cert
      value: "${rsa:1:public}"
      value_type: multiline_string
```

```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 8-14,22-30

    settings:
    - category: auth
      description: Private Key used to sign request between Kasm components.
      name: api_private_key
      sanitize: true
      services_restart: null
      title: API Private Key
      value: "-----BEGIN PRIVATE KEY-----
        MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDPS/VMFDiHcmYc
        ...
        F0QQggEL0azu+RPZkg2KV2ZqawkFbGeGdhnPbluvmFUZHS0qzs1xbefludeVe9aR
        568UxTAiTOowDRY45zwugW52VdBFASdc3w6z/DzPgD2FfI46ZQPzJD4ariJOMlSY
        ZszdhrNDulOoIsp0Adm/nKtXrT8JJca5
        -----END PRIVATE KEY-----"
      value_type: multiline_string
    - category: auth
      description: Public key used by Kasm components to validate internal API calls.
      name: api_public_cert
      sanitize: false
      services_restart: null
      title: API Public Cert
      value: "-----BEGIN PUBLIC KEY-----
        MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoQu+DCpu6IMVRJBlrxn5
        /SLIzggFi72fkLTuXTi7gGPCtGMV/5QLJnRjcAAYo9zJoFhob268qcK69FMRD3B
        nJ//C3zSW5pWvzh5HdRINrjmdZKgCpudEeXYpd/KpIulHzoWLJuiizEM/jlFpJcB
        ...
        89c22kgSOtyQGFJXQLQeFIqyak3fQ2guJ/ZbdJP6CeNJfjLdKFm9RE4bHuuqr2Bt
        /deSoQfXUXUUZbWf40jqprYTIuaidwBHus8KirY5LAxlDz9RVHvGQHrYq3hRMHcD
        XLnh226+sKxRSxxdXLwFLyMCAwEAAQ==
        -----END PUBLIC KEY-----"
      value_type: multiline_string
```

````