---
myst:
html_meta:
"description lang=en": "Kasm Workspaces Slip Stream Configuration Items During Install"
"keywords": "Kasm, Export, Import, Backup, Restore, Install, Slipstream"
"property=og:locale": "en_US"
---
```{title} Slip-Stream Install Configurations
```
## Slip-Stream Install Configurations
Administrators may wish to install an instance of Workspaces preloaded with desired configurations. This may be helpful
for CI/CD or other programmatically deployed environments such as augmenting terraform projects.
This can be accomplished by swapping out the
`default_properties.yaml` file found in the standard installation package after it is extracted
and before `install.sh` is called.
The format of the `default_properties.yaml` file, is the same as one generated from the {ref}`config-export` mechanism,
allowing administrators to more easily restore an existing deployment to another system.
```{parsed-literal}
cd /tmp
curl -O {{ release_url }}
tar -xf {{ release_url.split('/') | last }}
# Replace default_properties.yaml
cp kasm_release/conf/database/seed_data/default_properties.yaml
sudo bash kasm_release/install.sh
```
```{warning}
This feature is primarly intended for partners and system integrators that have advanced understanding and experience
using Kasm Workspaces. Workspaces contains thousands of interconnected configuration items, many of which are
internal-facing elements and thus not fully documented.
Please see {doc}`Configuration Schema Versioning and Details ` for important implementation concerns.
```
### Default Properties Pre-Processing
When the installer ingests the `default_properites.yaml`, it will first pre-process the file to allow values
to be templated with special variables. This may be helpful when constructing references between objects via uuids,
or templating values that should be randomized between deployments. It is recommended to inspect the
`default_properites.yaml` that is provided with the install package for example usage as it represents the standard
configurations for the default install.
````{dropdown} UUIDs
:animate: fade-in
UUIDs can be templated by using the string `${uuid:}` e.g `${uuid:example1}`. If the same variable is used
multiple times in the yaml, it will be replaced with the same UUID.
```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 3,4,9,10,16
group_settings:
- description: Allows users to see and edit all attributes of the Kasm application.
group_id: "${uuid:group:1}"
group_setting_id: "${uuid:group_setting_id:1}"
name: administrator
value: 'False'
value_type: bool
- description: Allow audio streaming for a Kasm.
group_id: "${uuid:group:1}"
group_setting_id: "${uuid:group_setting_id:2}"
name: allow_kasm_audio
value: 'False'
value_type: bool
groups:
- description: null
group_id: "${uuid:group:1}"
is_system: false
name: Intenal Administators
priority: 1000
program_data: null
```
```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 3,4,9,10,16
group_settings:
- description: Allows users to see and edit all attributes of the Kasm application.
group_id: "e2fd5c8e-82c2-4841-8ef0-824e30f16055"
group_setting_id: "e7173013-fad7-4de8-860b-94ee5a70dcbf"
name: administrator
value: 'False'
value_type: bool
- description: Allow audio streaming for a Kasm.
group_id: "e2fd5c8e-82c2-4841-8ef0-824e30f16055"
group_setting_id: "b1c4efbe-ddc4-4ebc-839b-483b2e190873"
name: allow_kasm_audio
value: 'False'
value_type: bool
groups:
- description: null
group_id: "e2fd5c8e-82c2-4841-8ef0-824e30f16055"
is_system: false
name: Internal Administators
priority: 1000
program_data: null
```
````
````{dropdown} DateTime
:animate: fade-in
Datetime objects can be generated for the current time using the `${datetime:utcnow}` variable.
```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 2,3
users:
- created: '${datetime:utcnow}'
password_set_date: '${datetime:utcnow}'
pw_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
realm: local
salt: 6614c4ba-6c49-4f50-8d9a-ce82de5ac852
user_id: 11bf8e0a-e08c-4c1b-81ad-518447d75b49
username: admin@kasm.local
```
```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 2,3
users:
- created: '2023-02-05 02:41:43.729155'
password_set_date: '2023-02-05 02:41:43.729155'
pw_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
realm: local
salt: 6614c4ba-6c49-4f50-8d9a-ce82de5ac852
user_id: 11bf8e0a-e08c-4c1b-81ad-518447d75b49
username: admin@kasm.local
```
````
````{dropdown} Random Tokens
:animate: fade-in
Random string tokens can be be generated using a variable `${random_token:}`. E.g `${random_token:manager_token}`
```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 8
settings:
- category: manager
description: An authentication token used in the communication between Kasm Agents and the Manager API server.
name: token
sanitize: false
services_restart: manager
title: Token
value: "${random_token:manager_token}"
value_type: password
```
```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 8
settings:
- category: manager
description: An authentication token used in the communication between Kasm Agents and the Manager API server.
name: token
sanitize: false
services_restart: manager
title: Token
value: "2RZGPY1LUPOph4fmU1kU"
value_type: password
```
````
````{dropdown} RSA Keys
:animate: fade-in
RSA public and private keys can be be generated using variables: `${rsa::private}` and `${rsa::public}`
```{code-block} yaml
:caption: '**Templated Config**'
:emphasize-lines: 8,16
settings:
- category: auth
description: Private Key used to sign request between Kasm components.
name: api_private_key
sanitize: true
services_restart: null
title: API Private Key
value: "${rsa:1:private}"
value_type: multiline_string
- category: auth
description: Public key used by Kasm components to validate internal API calls.
name: api_public_cert
sanitize: false
services_restart: null
title: API Public Cert
value: "${rsa:1:public}"
value_type: multiline_string
```
```{code-block} yaml
:caption: '**Resultant Config**'
:emphasize-lines: 8-14,22-30
settings:
- category: auth
description: Private Key used to sign request between Kasm components.
name: api_private_key
sanitize: true
services_restart: null
title: API Private Key
value: "-----BEGIN PRIVATE KEY-----
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDPS/VMFDiHcmYc
...
F0QQggEL0azu+RPZkg2KV2ZqawkFbGeGdhnPbluvmFUZHS0qzs1xbefludeVe9aR
568UxTAiTOowDRY45zwugW52VdBFASdc3w6z/DzPgD2FfI46ZQPzJD4ariJOMlSY
ZszdhrNDulOoIsp0Adm/nKtXrT8JJca5
-----END PRIVATE KEY-----"
value_type: multiline_string
- category: auth
description: Public key used by Kasm components to validate internal API calls.
name: api_public_cert
sanitize: false
services_restart: null
title: API Public Cert
value: "-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoQu+DCpu6IMVRJBlrxn5
/SLIzggFi72fkLTuXTi7gGPCtGMV/5QLJnRjcAAYo9zJoFhob268qcK69FMRD3B
nJ//C3zSW5pWvzh5HdRINrjmdZKgCpudEeXYpd/KpIulHzoWLJuiizEM/jlFpJcB
...
89c22kgSOtyQGFJXQLQeFIqyak3fQ2guJ/ZbdJP6CeNJfjLdKFm9RE4bHuuqr2Bt
/deSoQfXUXUUZbWf40jqprYTIuaidwBHus8KirY5LAxlDz9RVHvGQHrYq3hRMHcD
XLnh226+sKxRSxxdXLwFLyMCAwEAAQ==
-----END PUBLIC KEY-----"
value_type: multiline_string
```
````