147 lines
4.8 KiB
Text
147 lines
4.8 KiB
Text
[hub]
|
|
|
|
## ConfigParser style config file, similar to ini files
|
|
## https://docs.python.org/library/configparser.html
|
|
##
|
|
## Note that multiline values can be set by indenting subsequent lines
|
|
## (which means you should not indent regular lines)
|
|
|
|
## Basic options ##
|
|
DBName = koji
|
|
DBUser = koji
|
|
#DBHost = db.example.com
|
|
#DBPort = 5432
|
|
#Note, that db password is sensitive and this file shouldn't be publicly readable.
|
|
#DBPass = example_password
|
|
# Same can be achieved with supplying whole dsn string (with potential additional options)
|
|
# DBConnectionString also takes precedence over all other DB* options
|
|
# whose will be deprecated in future
|
|
#DBConnectionString = dbname=koji user=koji host=db.example.com port=5432 password=example_password
|
|
KojiDir = /mnt/koji
|
|
|
|
## Auth-related options ##
|
|
# Use user IP in session management
|
|
# CheckClientIP = True
|
|
|
|
## Kerberos authentication options ##
|
|
|
|
# ProxyPrincipals = koji/kojiweb@EXAMPLE.COM
|
|
## format string for host principals (%s = hostname)
|
|
# HostPrincipalFormat = compile/%s@EXAMPLE.COM
|
|
## Allowed Kerberos Realms separated by ','.
|
|
## Default value "*" indicates any Realm is allowed
|
|
# AllowedKrbRealms = *
|
|
## TODO: this option should be turned True in 1.34
|
|
# DisableURLSessions = False
|
|
|
|
## end Kerberos auth configuration
|
|
|
|
|
|
|
|
## SSL client certificate auth configuration ##
|
|
#note: ssl auth may also require editing the httpd config (conf.d/kojihub.conf)
|
|
|
|
## the client username is the common name of the subject of their client certificate
|
|
# DNUsernameComponent = CN
|
|
## separate multiple DNs with |
|
|
# ProxyDNs = /C=US/ST=Massachusetts/O=Example Org/OU=Example User/CN=example/emailAddress=example@example.com
|
|
|
|
## end SSL client certificate auth configuration
|
|
|
|
|
|
|
|
## Other options ##
|
|
LoginCreatesUser = On
|
|
# Clients with ProxyPrincipals can use different method for proxying user than GSSAPI. In such case
|
|
# it need to be explicitely allowed via AllowProxyAuthType.
|
|
# AllowProxyAuthType = Off
|
|
KojiWebURL = http://kojiweb.example.com/koji
|
|
# The domain name that will be appended to Koji usernames
|
|
# when creating email notifications
|
|
#EmailDomain = example.com
|
|
# whether to send the task owner and package owner email or not on success. this still goes to watchers
|
|
NotifyOnSuccess = True
|
|
## Disables all notifications
|
|
# DisableNotifications = False
|
|
|
|
## Resource limits ##
|
|
## All standard RLIMIT_* can be set here
|
|
# RLIMIT_AS =
|
|
# RLIMIT_CORE =
|
|
# RLIMIT_CPU =
|
|
# RLIMIT_DATA =
|
|
# RLIMIT_FSIZE =
|
|
# RLIMIT_MEMLOCK =
|
|
# RLIMIT_NOFILE =
|
|
# RLIMIT_NPROC =
|
|
# RLIMIT_OFILE =
|
|
# RLIMIT_RSS =
|
|
# RLIMIT_STACK =
|
|
|
|
## If memory consumption raises during handling request for more
|
|
## than MemoryWarnThreshold kilobytes, warning is emitted to log
|
|
# MemoryWarnThreshold = 5000
|
|
|
|
## Maximum request length can be limited on python-side
|
|
# MaxRequestLength = 4194304
|
|
|
|
|
|
## Extended features
|
|
## Support Maven builds
|
|
# EnableMaven = False
|
|
## Support Windows builds
|
|
# EnableWin = False
|
|
|
|
## Koji hub plugins
|
|
## The path where plugins are found
|
|
# PluginPath = /usr/lib/koji-hub-plugins
|
|
## A space-separated list of plugins to load
|
|
# Plugins = echo
|
|
|
|
## If KojiDebug is on, the hub will be /very/ verbose and will report exception
|
|
## details to clients for anticipated errors (i.e. koji's own exceptions --
|
|
## subclasses of koji.GenericError).
|
|
# KojiDebug = On
|
|
#
|
|
## Log level/format for python logging module at hub
|
|
# LogLevel = WARNING
|
|
# LogFormat = %(asctime)s [%(levelname)s] m=%(method)s u=%(user_name)s p=%(process)s r=%(remoteaddr)s %(name)s: %(message)s'
|
|
#
|
|
#
|
|
## If VerbosePolicy (or KojiDebug) is on, 'policy violation'
|
|
## messages will contain also policy rule which caused this denial
|
|
## VerbosePolicy = False
|
|
#
|
|
## If MissingPolicyOk is on, and given policy is not set up,
|
|
## policy test will pass as ok. If 'deny' result is desired, set it
|
|
## to off
|
|
# MissingPolicyOk = True
|
|
#
|
|
## Determines how much detail about exceptions is reported to the client (via faults)
|
|
## Meaningful values:
|
|
## normal - a basic traceback (format_exception)
|
|
## extended - an extended traceback (format_exc_plus)
|
|
## anything else - no traceback, just the error message
|
|
## The extended traceback is intended for debugging only and should NOT be
|
|
## used in production, since it may contain sensitive information.
|
|
# KojiTraceback = normal
|
|
|
|
## These options are intended for planned outages
|
|
# ServerOffline = False
|
|
# OfflineMessage = temporary outage
|
|
# LockOut = False
|
|
## If ServerOffline is True, the server will always report a ServerOffline fault (with
|
|
## OfflineMessage as the fault string).
|
|
## If LockOut is True, the server will report a ServerOffline fault for all non-admin
|
|
## requests.
|
|
|
|
## Determines rules for names (tag, user, ...)
|
|
# MaxNameLengthInternal = 256
|
|
# RegexNameInternal = ^[A-Za-z0-9/_.+-]+$
|
|
# RegexUserName = ^[A-Za-z0-9/_.@-]+$
|
|
|
|
## Determines default checksums
|
|
# RPMDefaultChecksums = md5 sha256
|
|
|
|
# The number of minutes before sessions are required to re-authenticate. Set to 0 for no timeout.
|
|
# SessionRenewalTimeout = 1440
|