mirrormanager-rocky/mirrormanager2.cfg
Neil Hanlon 363191a9b5
update theme for latest mirrormanager
various fixes and updates for running in ECS, too
2024-12-20 12:30:23 -05:00

235 lines
7.3 KiB
INI

'''
MirrorManager2 sample configuration.
'''
import os
###
# Most important configuration items
###
# url to the database server:
SQLALCHEMY_DATABASE_URI = os.environ.get('MM2_SQLALCHEMY_DATABASE_URI', 'sqlite:////var/tmp/mirrormanager2_dev.sqlite')
# the number of items to display on the search pages
# Default: ``50``.
#ITEMS_PER_PAGE = 50
# secret key used to generate unique csrf token
SECRET_KEY = os.environ.get('MM2_SECRET_KEY')
# Seed used to make the password harder to brute force in case of leaking
# This should be kept really secret!
PASSWORD_SEED = os.environ.get('MM2_PASSWORD_SEED') # only valid for local auth
###
# Other configuration items for the web-app
###
# Set the time after which the session expires. Flask's default is 31 days.
# Default: ``timedelta(hours=1)`` corresponds to 1 hour.
#from datetime import timedelta
#PERMANENT_SESSION_LIFETIME = timedelta(hours=1)
# Folder containing the theme to use.
# Default: ``fedora``.
#THEME_FOLDER = "fedora"
THEME_FOLDER = os.environ.get('MM2_THEME_FOLDER', 'fedora')
# Which authentication method to use, defaults to `fas` can be or `local`
# Default: ``fas``.
# Note that this previously used openid, now it uses openid connect oidc
#MM_AUTHENTICATION = "fas"
OIDC_CLIENT_SECRETS = "/etc/mirrormanager/client_secrets.json"
OIDC_SCOPES = " ".join(
[
"openid",
"email",
"profile",
"https://id.fedoraproject.org/scope/groups",
"https://id.fedoraproject.org/scope/agreements",
]
)
# If the authentication method is `fas`, groups in which should be the user
# to be recognized as an admin.
ADMIN_GROUP = ["infrastructure"]
# Email of the admin to which send notification or error
ADMIN_EMAIL = "infrastructure@rockylinux.org"
# Email address used in the "From" field of the emails sent.
# Default: ``nobody@fedoraproject.org``.
EMAIL_FROM = "nobody@rockylinux.org"
# SMTP server to use,
# Default: ``localhost``.
#SMTP_SERVER = "localhost"
# If the SMTP server requires authentication, fill in the information here
# SMTP_USERNAME = 'username'
# SMTP_PASSWORD = 'password'
# Countries which have to be excluded.
EMBARGOED_COUNTRIES = ["CU", "IR", "KP", "SD", "SY", "RU"]
# When this is set to True, an additional menu item is shown which
# displays the maps generated with mm2_generate-worldmap.
#SHOW_MAPS = True
# Location of the static map displayed in the map tab.
#STATIC_MAP = "map.png"
# Location of the interactive openstreetmap based map.
#INTERACTIVE_MAP = "mirrors.html"
# The crawler can generate propagation statistics which can be
# converted into svg/pdf with mm2_propagation. These files
# can be displayed next to the statistics and maps tab if desired.
#SHOW_PROPAGATION = True
# Where to look for the above mentioned propagation images.
#PROPAGATION_BASE = "/var/lib/mirrormanager/statistics/data/propagation"
# Where the GeoIP database lives
#GEOIP_BASE = "/usr/share/GeoIP"
# Disable master rsync server ACL
# Fedora does not use it and therefore it is set to False
#MASTER_RSYNC_ACL = False
# When this is set to True, the session cookie will only be returned to the
# server via ssl (https). If you connect to the server via plain http, the
# cookie will not be sent. This prevents sniffing of the cookie contents.
# This may be set to False when testing your application but should always
# be set to True in production.
# Default: ``True``.
#MM_COOKIE_REQUIRES_HTTPS = True
# The name of the cookie used to store the session id.
# Default: ``.MirrorManager``.
#MM_COOKIE_NAME = "MirrorManager"
# If this variable is set (and the directory exists) the crawler
# will create per host log files in MM_LOG_DIR/crawler/<hostid>.log
# which can the be used in the web interface by the mirror admins.
# Other parts besides the crawler are also using this variable to
# decide where to store log files.
#MM_LOG_DIR = "/var/log/mirrormanager"
# This is used to exclude certain protocols to be entered
# for host category URLs at all.
# The following is the default for Fedora to exclude FTP based
# mirrors to be added. Removing this confguration option
# or setting it to "" removes any protocol restrictions.
#MM_PROTOCOL_REGEX = "^(?!ftp)(.*)$"
# The netblock size parameters define which netblock sizes can be
# added by a site administrator. Larger networks can only be added by
# mirrormanager admins.
#MM_IPV4_NETBLOCK_SIZE = "/16"
#MM_IPV6_NETBLOCK_SIZE = "/32"
# If not specified the application will rely on the root_url when sending
# emails, otherwise it will use this URL
# Default: ``None``.
#APPLICATION_URL = None
# Boolean specifying wether to check the user's IP address when retrieving
# its session. This make things more secure (thus is on by default) but
# under certain setup it might not work (for example is there are proxies
# in front of the application).
#CHECK_SESSION_IP = True
# Specify additional rsync parameters for the crawler
# # --timeout 14400: abort rsync crawl after 4 hours
# # --no-human-readable: because rsync made things pretty by default in 3.1.x
#CRAWLER_RSYNC_PARAMETERS = "--no-motd"
# This is a list of directories which MirrorManager will ignore while guessing
# the version and architecture from a path.
#SKIP_PATHS_FOR_VERSION = []
###
# Configuration options used by the utilities
###
# Specify whether the crawler should send a report by email
CRAWLER_SEND_EMAIL = True
# Specify additional rsync parameters for the crawler
# --timeout 14400: abort rsync crawl after 4 hours
# Depending on the setup and the crawler frequency rsync's timeout option
# can be used decrease the probability of stale rsync processes
#CRAWLER_RSYNC_PARAMETERS = "--no-motd --timeout 14400"
# If a host fails for CRAWLER_AUTO_DISABLE times in a row
# the host will be disable automatically (user_active)
#CRAWLER_AUTO_DISABLE = 4
# This is a list of directories which MirrorManager will ignore while guessing
# the version and architecture from a path.
#SKIP_PATHS_FOR_VERSION = ["pub/alt"]
# Whether to use Fedora Messaging for notifications
#USE_FEDORA_MESSAGING = True
UMDL_PREFIX = "/srv/"
UMDL_MASTER_DIRECTORIES = [
{
'type': 'directory',
'path': '../testdata/pub/epel/',
'category': 'Fedora EPEL'
},
{
'type': 'directory',
'path': '../testdata/pub/fedora/linux/',
'category': 'Fedora Linux'
},
{
'type': 'directory',
'path': '../testdata/pub/fedora-secondary/',
'category': 'Fedora Secondary Arches'
},
{
'type': 'directory',
'path': '../testdata/pub/archive/',
'category': 'Fedora Archive'
},
{
'type': 'directory',
'path': '../testdata/pub/alt/',
'category': 'Fedora Other'
},
# {
# 'type':'directory',
# 'path':'../testdata/pub/fedora/linux/',
# 'category':'Fedora Linux',
# 'excludes':['.*/core/?.*', '.*/extras/?.*', '.*/[7-8]/?.*' ]
# },
# {
# 'type':'rsync',
# 'url':'rsync://archive.ubuntu.com/ubuntu/',
# 'category':'Ubuntu Archive'
# },
# {
# 'type':'rsync',
# 'url':'rsync://releases.ubuntu.com/releases/',
# 'category':'Ubuntu CD Images'
# },
# {
# 'type':'rsync',
# 'url':'rsync://ports.ubuntu.com/ubuntu-ports/',
# 'category':'Ubuntu Ports Archive'
# },
# {
# 'type':'rsync',
# 'url':'rsync://security.ubuntu.com/ubuntu/',
# 'category':'Ubuntu Security Archive'
# },
]