252 lines
8.2 KiB
Python
252 lines
8.2 KiB
Python
#
|
|
# This is the config file for MirrorManager as intended to be used in OpenShift
|
|
#
|
|
|
|
|
|
# Set the time after which the session expires. Flask's default is 31 days.
|
|
# Default: ``timedelta(hours=1)`` corresponds to 1 hour.
|
|
# from datetime import timedelta
|
|
# PERMANENT_SESSION_LIFETIME = timedelta(hours=1)
|
|
|
|
{% if env == "staging" %}
|
|
|
|
# url to the database server:
|
|
SQLALCHEMY_DATABASE_URI = "postgresql://{{ mirrormanager_stg_db_user }}:{{ mirrormanager_stg_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_stg_db_name }}"
|
|
|
|
# secret key used to generate unique csrf token
|
|
SECRET_KEY = "{{ mirrormanager_stg_secret_key }}"
|
|
|
|
# Seed used to make the password harder to brute force in case of leaking
|
|
# This should be kept really secret!
|
|
PASSWORD_SEED = "{{ mirrormanager_stg_password_seed }}"
|
|
|
|
{% else %}
|
|
|
|
# url to the database server:
|
|
SQLALCHEMY_DATABASE_URI = "postgresql://{{ mirrormanager_db_user }}:{{ mirrormanager_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_db_name }}"
|
|
|
|
# secret key used to generate unique csrf token
|
|
SECRET_KEY = "{{ mirrormanager_secret_key }}"
|
|
|
|
# Seed used to make the password harder to brute force in case of leaking
|
|
# This should be kept really secret!
|
|
PASSWORD_SEED = "{{ mirrormanager_password_seed }}"
|
|
|
|
{% endif %}
|
|
|
|
# the number of items to display on the search pages
|
|
# Default: ``50``.
|
|
# ITEMS_PER_PAGE = 50
|
|
|
|
# Make browsers send session cookie only via HTTPS
|
|
SESSION_COOKIE_SECURE=True
|
|
|
|
# Folder containing the theme to use.
|
|
# Default: ``fedora``.
|
|
# THEME_FOLDER = "fedora"
|
|
|
|
# Which authentication method to use, defaults to `fas` can be or `local`
|
|
# Default: ``fas``.
|
|
# MM_AUTHENTICATION = "fas"
|
|
|
|
OIDC_CLIENT_SECRETS = "/etc/mirrormanager-secrets/client_secrets.json"
|
|
|
|
# If the authentication method is `fas`, groups in which should be the user
|
|
# to be recognized as an admin.
|
|
ADMIN_GROUP = ["sysadmin-main", "sysadmin-web"]
|
|
|
|
# Email of the admin to which send notification or error
|
|
# ADMIN_EMAIL = "admin@fedoraproject.org"
|
|
|
|
# Email address used in the "From" field of the emails sent.
|
|
# Default: ``nobody@fedoraproject.org``.
|
|
# EMAIL_FROM = "nobody@fedoraproject.org"
|
|
|
|
# SMTP server to use,
|
|
# Default: ``localhost``.
|
|
SMTP_SERVER = "bastion{{ env_suffix }}.fedoraproject.org"
|
|
|
|
# If the SMTP server requires authentication, fill in the information here
|
|
# SMTP_USERNAME = "username"
|
|
# SMTP_PASSWORD = "password"
|
|
|
|
# When this is set to True, an additional menu item is shown which can
|
|
# be used to browse the different statistics generated by
|
|
# mirrorlist_statistics.py.
|
|
# SHOW_STATISTICS = True
|
|
|
|
# This is the directory the code enabled by SHOW_STATISTICS will use
|
|
# to locate the statistics files and display them.
|
|
# STATISTICS_BASE = "/var/lib/mirrormanager/statistics/data"
|
|
|
|
# How long to keep the access stats, in days
|
|
#ACCESS_STATS_KEEP_DAYS = 30
|
|
|
|
# Countries which have to be excluded.
|
|
EMBARGOED_COUNTRIES = ["CU", "IR", "KP", "SD", "SY"]
|
|
|
|
# When this is set to True, an additional menu item is shown which
|
|
# displays the maps generated with mm2_generate-worldmap.
|
|
# SHOW_MAPS = True
|
|
|
|
# Where to look for maps
|
|
# MAPS_BASE = "/var/lib/mirrormanager/statistics/map"
|
|
|
|
# Location of the static map displayed in the map tab.
|
|
# STATIC_MAP = "map.png"
|
|
|
|
# Location of the interactive openstreetmap based map.
|
|
# INTERACTIVE_MAP = "mirrors.html"
|
|
|
|
# The crawler can generate propagation statistics which can be
|
|
# converted into svg/pdf with mm2_propagation. These files
|
|
# can be displayed next to the statistics and maps tab if desired.
|
|
# SHOW_PROPAGATION = True
|
|
|
|
# Where to look for the above mentioned propagation images.
|
|
# PROPAGATION_BASE = "/var/lib/mirrormanager/statistics/data/propagation"
|
|
|
|
# How long to keep the propagation stats, in days
|
|
#PROPAGATION_KEEP_DAYS = 30
|
|
PROPAGATION_KEEP_DAYS = 14
|
|
|
|
# Where the GeoIP database lives
|
|
GEOIP_BASE = "/var/lib/mirrormanager/geoip"
|
|
|
|
# Disable master rsync server ACL
|
|
# Fedora does not use it and therefore it is set to False
|
|
# MASTER_RSYNC_ACL = False
|
|
|
|
# When this is set to True, the session cookie will only be returned to the
|
|
# server via ssl (https). If you connect to the server via plain http, the
|
|
# cookie will not be sent. This prevents sniffing of the cookie contents.
|
|
# This may be set to False when testing your application but should always
|
|
# be set to True in production.
|
|
# Default: ``True``.
|
|
# MM_COOKIE_REQUIRES_HTTPS = True
|
|
|
|
# The name of the cookie used to store the session id.
|
|
# Default: ``.MirrorManager``.
|
|
# MM_COOKIE_NAME = "MirrorManager"
|
|
|
|
# If this variable is set (and the directory exists) the crawler
|
|
# will create per host log files in MM_LOG_DIR/crawler/<hostid>.log
|
|
# which can the be used in the web interface by the mirror admins.
|
|
# Other parts besides the crawler are also using this variable to
|
|
# decide where to store log files.
|
|
MM_LOG_DIR = "/var/log/mirrormanager"
|
|
|
|
# This is used to exclude certain protocols to be entered
|
|
# for host category URLs at all.
|
|
# The following is the default for Fedora to exclude FTP based
|
|
# mirrors to be added. Removing this confguration option
|
|
# or setting it to "" removes any protocol restrictions.
|
|
# MM_PROTOCOL_REGEX = "^(?!ftp)(.*)$"
|
|
|
|
# The netblock size parameters define which netblock sizes can be
|
|
# added by a site administrator. Larger networks can only be added by
|
|
# mirrormanager admins.
|
|
# MM_IPV4_NETBLOCK_SIZE = "/16"
|
|
# MM_IPV6_NETBLOCK_SIZE = "/32"
|
|
|
|
# If not specified the application will rely on the root_url when sending
|
|
# emails, otherwise it will use this URL
|
|
# Default: ``None``.
|
|
# APPLICATION_URL = None
|
|
|
|
# Boolean specifying wether to check the user's IP address when retrieving
|
|
# its session. This make things more secure (thus is on by default) but
|
|
# under certain setup it might not work (for example is there are proxies
|
|
# in front of the application).
|
|
# CHECK_SESSION_IP = True
|
|
|
|
# Specify additional rsync parameters for the crawler
|
|
# # --timeout 14400: abort rsync crawl after 4 hours
|
|
# # --no-human-readable: because rsync made things pretty by default in 3.1.x
|
|
CRAWLER_RSYNC_PARAMETERS = "--no-motd --timeout 14400 --exclude=lost+found --no-human-readable"
|
|
|
|
# This is a list of directories which MirrorManager will ignore while guessing
|
|
# the version and architecture from a path.
|
|
SKIP_PATHS_FOR_VERSION = [
|
|
"pub/alt",
|
|
"pub/fedora/linux/releases/test",
|
|
"pub/archive",
|
|
"pub/fedora-secondary/development/rawhide/s390/"
|
|
"pub/fedora-secondary/development/rawhide/Modular/ppc64/os",
|
|
"pub/fedora-secondary/development/rawhide/Modular/ppc64/debug/tree"
|
|
]
|
|
|
|
###
|
|
# Configuration options used by the crons
|
|
###
|
|
|
|
# Specify whether the crawler should send a report by email
|
|
CRAWLER_SEND_EMAIL = False
|
|
|
|
# If a host fails for CRAWLER_AUTO_DISABLE times in a row
|
|
# the host will be disable automatically (user_active)
|
|
# CRAWLER_AUTO_DISABLE = 4
|
|
|
|
# To get the current versions
|
|
BODHI_URL = "https://bodhi{{ env_suffix }}.fedoraproject.org"
|
|
|
|
UMDL_PREFIX = "/srv/"
|
|
|
|
UMDL_MASTER_DIRECTORIES = [
|
|
{
|
|
"type": "directory",
|
|
"path": "/srv/pub/epel/",
|
|
"category": "Fedora EPEL"
|
|
},
|
|
{
|
|
"type": "directory",
|
|
"path": "/srv/pub/fedora/linux/",
|
|
"category": "Fedora Linux"
|
|
},
|
|
{
|
|
"type": "directory",
|
|
"path": "/srv/pub/fedora-secondary/",
|
|
"category": "Fedora Secondary Arches"
|
|
},
|
|
{
|
|
"type": "directory",
|
|
"path": "/srv/pub/archive/",
|
|
"category": "Fedora Archive"
|
|
},
|
|
{
|
|
"type": "directory",
|
|
"path": "/srv/pub/alt/",
|
|
"category": "Fedora Other"
|
|
},
|
|
{
|
|
"type": "directory",
|
|
"path": "/srv/codecs.fedoraproject.org/",
|
|
"category": "Fedora Codecs"
|
|
},
|
|
# {
|
|
# "type":"directory",
|
|
# "path":"../testdata/pub/fedora/linux/",
|
|
# "category":"Fedora Linux",
|
|
# "excludes":[".*/core/?.*", ".*/extras/?.*", ".*/[7-8]/?.*" ]
|
|
# },
|
|
# {
|
|
# "type":"rsync",
|
|
# "url":"rsync://archive.ubuntu.com/ubuntu/",
|
|
# "category":"Ubuntu Archive"
|
|
# },
|
|
# {
|
|
# "type":"rsync",
|
|
# "url":"rsync://releases.ubuntu.com/releases/",
|
|
# "category":"Ubuntu CD Images"
|
|
# },
|
|
# {
|
|
# "type":"rsync",
|
|
# "url":"rsync://ports.ubuntu.com/ubuntu-ports/",
|
|
# "category":"Ubuntu Ports Archive"
|
|
# },
|
|
# {
|
|
# "type":"rsync",
|
|
# "url":"rsync://security.ubuntu.com/ubuntu/",
|
|
# "category":"Ubuntu Security Archive"
|
|
# },
|
|
]
|