diff --git a/roles/openshift-apps/mirrormanager/templates/mm.cfg.py b/roles/openshift-apps/mirrormanager/templates/mm.cfg.py index d6adf781b7..5b90a8a595 100644 --- a/roles/openshift-apps/mirrormanager/templates/mm.cfg.py +++ b/roles/openshift-apps/mirrormanager/templates/mm.cfg.py @@ -2,16 +2,16 @@ # This is the config file for MirrorManager as intended to be used in OpenShift # -OIDC_CLIENT_SECRETS = '/etc/mirrormanager-secrets/client_secrets.json' -# This is the directory the code enabled by SHOW_STATISTICS will use -# to locate the statistics files and display them. -STATISTICS_BASE = "/var/www/mirrormanager-statistics/data" +# Set the time after which the session expires. Flask's default is 31 days. +# Default: ``timedelta(hours=1)`` corresponds to 1 hour. +# from datetime import timedelta +# PERMANENT_SESSION_LIFETIME = timedelta(hours=1) {% if env == 'staging' %} # url to the database server: -DB_URL='postgresql://{{ mirrormanager_stg_db_user }}:{{ mirrormanager_stg_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_stg_db_name }}' +SQLALCHEMY_DATABASE_URI = 'postgresql://{{ mirrormanager_stg_db_user }}:{{ mirrormanager_stg_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_stg_db_name }}' # secret key used to generate unique csrf token SECRET_KEY = '{{ mirrormanager_stg_secret_key }}' @@ -23,7 +23,7 @@ PASSWORD_SEED = "{{ mirrormanager_stg_password_seed }}" {% else %} # url to the database server: -DB_URL='postgresql://{{ mirrormanager_db_user }}:{{ mirrormanager_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_db_name }}' +SQLALCHEMY_DATABASE_URI = 'postgresql://{{ mirrormanager_db_user }}:{{ mirrormanager_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_db_name }}' # secret key used to generate unique csrf token SECRET_KEY = '{{ mirrormanager_secret_key }}' @@ -34,35 +34,33 @@ PASSWORD_SEED = "{{ mirrormanager_password_seed }}" {% endif %} -ITEMS_PER_PAGE = 50 +# the number of items to display on the search pages +# Default: ``50``. +# ITEMS_PER_PAGE = 50 + # Make browsers send session cookie only via HTTPS SESSION_COOKIE_SECURE=True - -from datetime import timedelta - -# Set the time after which the session expires. Flask's default is 31 days. -# Default: ``timedelta(hours=1)`` corresponds to 1 hour. -PERMANENT_SESSION_LIFETIME = timedelta(hours=1) - # Folder containing the theme to use. # Default: ``fedora``. -THEME_FOLDER = 'fedora' +# THEME_FOLDER = 'fedora' # Which authentication method to use, defaults to `fas` can be or `local` # Default: ``fas``. -MM_AUTHENTICATION = 'fas' +# MM_AUTHENTICATION = 'fas' + +OIDC_CLIENT_SECRETS = '/etc/mirrormanager-secrets/client_secrets.json' # If the authentication method is `fas`, groups in which should be the user # to be recognized as an admin. ADMIN_GROUP = ['sysadmin-main', 'sysadmin-web'] # Email of the admin to which send notification or error -ADMIN_EMAIL = ['admin@fedoraproject.org'] +# ADMIN_EMAIL = 'admin@fedoraproject.org' # Email address used in the 'From' field of the emails sent. # Default: ``nobody@fedoraproject.org``. -EMAIL_FROM = 'nobody@fedoraproject.org' +# EMAIL_FROM = 'nobody@fedoraproject.org' # SMTP server to use, # Default: ``localhost``. @@ -75,36 +73,36 @@ SMTP_SERVER = 'bastion{{ env_suffix }}.fedoraproject.org' # When this is set to True, an additional menu item is shown which can # be used to browse the different statistics generated by # mirrorlist_statistics.py. -SHOW_STATISTICS = True +# SHOW_STATISTICS = True # This is the directory the code enabled by SHOW_STATISTICS will use # to locate the statistics files and display them. -STATISTICS_BASE = '/var/www/mirrormanager-statistics/data' +# STATISTICS_BASE = '/var/www/mirrormanager-statistics/data' # Countries which have to be excluded. EMBARGOED_COUNTRIES = ['CU', 'IR', 'KP', 'SD', 'SY'] # When this is set to True, an additional menu item is shown which # displays the maps generated with mm2_generate-worldmap. -SHOW_MAPS = True +# SHOW_MAPS = True # Location of the static map displayed in the map tab. -STATIC_MAP = '/map/map.png' +# STATIC_MAP = '/map/map.png' # Location of the interactive openstreetmap based map. -INTERACTIVE_MAP = '/map/mirrors.html' +# INTERACTIVE_MAP = '/map/mirrors.html' # The crawler can generate propagation statistics which can be # converted into svg/pdf with mm2_propagation. These files # can be displayed next to the statistics and maps tab if desired. -SHOW_PROPAGATION = True +# SHOW_PROPAGATION = True # Where to look for the above mentioned propagation images. -PROPAGATION_BASE = '/var/www/mirrormanager-statistics/data/propagation' +# PROPAGATION_BASE = '/var/www/mirrormanager-statistics/data/propagation' # Disable master rsync server ACL # Fedora does not use it and therefore it is set to False -MASTER_RSYNC_ACL = False +# MASTER_RSYNC_ACL = False # When this is set to True, the session cookie will only be returned to the # server via ssl (https). If you connect to the server via plain http, the @@ -112,11 +110,11 @@ MASTER_RSYNC_ACL = False # This may be set to False when testing your application but should always # be set to True in production. # Default: ``True``. -MM_COOKIE_REQUIRES_HTTPS = True +# MM_COOKIE_REQUIRES_HTTPS = True # The name of the cookie used to store the session id. # Default: ``.MirrorManager``. -MM_COOKIE_NAME = 'MirrorManager' +# MM_COOKIE_NAME = 'MirrorManager' # If this variable is set (and the directory exists) the crawler # will create per host log files in MM_LOG_DIR/crawler/.log @@ -130,24 +128,24 @@ MM_LOG_DIR = '-' # The following is the default for Fedora to exclude FTP based # mirrors to be added. Removing this confguration option # or setting it to '' removes any protocol restrictions. -MM_PROTOCOL_REGEX = '^(?!ftp)(.*)$' +# MM_PROTOCOL_REGEX = '^(?!ftp)(.*)$' # The netblock size parameters define which netblock sizes can be # added by a site administrator. Larger networks can only be added by # mirrormanager admins. -MM_IPV4_NETBLOCK_SIZE = '/16' -MM_IPV6_NETBLOCK_SIZE = '/32' +# MM_IPV4_NETBLOCK_SIZE = '/16' +# MM_IPV6_NETBLOCK_SIZE = '/32' # If not specified the application will rely on the root_url when sending # emails, otherwise it will use this URL # Default: ``None``. -APPLICATION_URL = None +# APPLICATION_URL = None # Boolean specifying wether to check the user's IP address when retrieving # its session. This make things more secure (thus is on by default) but # under certain setup it might not work (for example is there are proxies # in front of the application). -CHECK_SESSION_IP = True +# CHECK_SESSION_IP = True # Specify additional rsync parameters for the crawler # # --timeout 14400: abort rsync crawl after 4 hours @@ -174,7 +172,7 @@ CRAWLER_SEND_EMAIL = False # If a host fails for CRAWLER_AUTO_DISABLE times in a row # the host will be disable automatically (user_active) -CRAWLER_AUTO_DISABLE = 4 +# CRAWLER_AUTO_DISABLE = 4 UMDL_PREFIX = '/srv/'