# Configuration file for the brep module (note: this is not an apache2 .conf
# file but it can be converted to one by prefixing all the options with
# brep-). See brep(1) for detailed description of each configuration option.
# Commented out options indicate their default values.
#
# Besides being parsed by the brep module, this file may also be parsed by
# brep utilities that are normally only interested in the subset of the
# options. To simplify skipping of unrecognized, this file must always have an
# option name and its value on the same line.
#
# Package search page title. It is placed inside XHTML5
element.
#
# search-title Packages
# Package search page description. If specified, it is displayed before the
# search form on the first page only. The value is treated as an XHTML5
# fragment.
#
# search-description ""
# Web page logo. It is displayed in the page header aligned to the left edge.
# The value is treated as an XHTML5 fragment.
#
# logo ""
# Web page menu. Each entry is displayed in the page header in the order
# specified and aligned to the right edge. A link target that starts with '/'
# or contains ':' is used as is. Otherwise, it is prefixed with the repository
# web interface root.
#
menu Packages=
# menu Builds=?builds
# menu Configs=?build-configs
menu Submit=?submit
# menu CI=?ci
# menu Advanced Search=?advanced-search
menu About=?about
# Number of packages per page.
#
# search-page-entries 20
# Number of pages in navigation (pager).
#
# search-pages 5
# Number of package description characters to display in brief pages.
#
# package-description 500
# Number of package changes characters to display in brief pages.
#
# package-changes 5000
# The package database connection configuration. By default, brep will try to
# connect to the local instance of PostgreSQL with the operating system-
# default mechanism (Unix-domain socket, etc) and use operating system
# (login) user name and the database called 'brep_package'. If the role name
# is not empty then the login user will be switched (with SET ROLE) to this
# user prior to executing any statements. If not specified, then 'brep' is
# used. See brep(1) for details.
#
# package-db-user
# package-db-role brep
# package-db-password
# package-db-name brep_package
# package-db-host
# package-db-port
# The maximum number of concurrent package database connections per web server
# process. If 0, then no limitation is applied.
#
# package-db-max-connections 5
# The maximum number of times to retry package database transactions in the
# face of recoverable failures (deadlock, loss of connection, etc).
#
# package-db-retry 10
# Build configuration file. If not specified (default), then the package
# building functionality will be disabled. If specified, then the build
# database must be configured (see next). Note: must be an absolute path.
#
# build-config
# Number of build configurations per page.
#
# build-config-page-entries 20
# Number of pages in navigation (pager).
#
# build-config-pages 5
# Directory containing build bot agent public keys. If specified, then brep
# will perform agent authentication and will reject build results from
# unauthenticated ones. If not specified, then build results are accepted from
# all agents (which will be a security risk if the brep instance is publicly
# accessible).
#
# The directory is expected to contain one PEM-encoded public key per file with
# the .pem extension. All other files and subdirectories are ignored. The brep
# instance needs to be restarted after adding new key files for the changes to
# take effect.
#
# build-bot-agent-keys
# Regular expressions in the /// form for transforming the
# interactive build login information, for example, into the actual command
# that can be used by the user. The regular expressions are matched against
# the " " string containing the respective task
# request manifest values. The first matching expression is used for the
# transformation. If no expression matches, then the task request is
# considered invalid, unless no expressions are specified. Repeat this option
# to specify multiple expressions.
#
# build-interactive-login
# Order in which packages are considered for build. The valid values are
# 'stable' and 'random'. If not specified, then 'stable' is assumed. Note that
# interactive builds are always preferred.
#
#build-package-order stable
# Number of builds per page.
#
# build-page-entries 20
# Number of pages in navigation (pager).
#
# build-pages 5
# Time to wait before considering a package for a forced rebuild. Must be
# specified in seconds. Default is 10 minutes.
#
# build-forced-rebuild-timeout 600
# Time to wait before considering a package for a soft rebuild (only to be
# performed if the build environment or any of the package dependencies have
# changed). Must be specified in seconds. The special zero value disables soft
# rebuilds. Default is 24 hours.
#
# build-soft-rebuild-timeout 86400
# Alternative package soft rebuild timeout to use instead of the soft rebuild
# timeout (see the build-soft-rebuild-timeout option for details) during the
# specified time interval. Must be specified in seconds. Default is the time
# interval length plus (build-soft-rebuild-timeout - 24h) if soft rebuild
# timeout is greater than 24 hours (thus the rebuild is only triggered within
# the last 24 hours of the build-soft-rebuild-timeout expiration).
#
# The alternative rebuild timeout can be used to "pull" the rebuild window to
# the specified time of day, for example, to optimize load and/or power
# consumption of the build infrastructure (off-work hours, solar, off-peak
# electricity tariffs, etc). A shorter than the time interval rebuild timeout
# can also be used to force continuous rebuilds, for example, to shake out
# flaky tests. Note also that if the alternative rebuild timeout is greater
# than the normal rebuild timeout, then this will result in slower rebuilds
# during the alternative time interval. In this case, if the build
# infrastructure is monitored for delayed package builds, then the alternative
# rebuild timeout should only be made slightly greater than the normal timeout
# (see brep-monitor(1) for details).
#
# The time interval boundaries must be specified as times of day (in the local
# timezone) in the : form. If the stop time is less than the
# start time then the interval extends through midnight. The start and stop
# times must both be either specified or absent. If unspecified, then no
# alternative rebuild timeout will be used.
#
# build-alt-soft-rebuild-timeout
# build-alt-soft-rebuild-start
# build-alt-soft-rebuild-stop
# Time to wait before considering a package for a hard rebuild (to be
# performed unconditionally). Must be specified in seconds. The special zero
# value disables hard rebuilds. Default is 7 days.
#
# build-hard-rebuild-timeout 604800
# Alternative package hard rebuild timeout. The semantics is the same as for
# the build-alt-soft-rebuild-* options but for the build-hard-rebuild-timeout
# option.
#
# build-alt-hard-rebuild-timeout
# build-alt-hard-rebuild-start
# build-alt-hard-rebuild-stop
# Time to wait before assuming the 'queued' notifications are delivered for
# package CI requests submitted via third-party services (GitHub, etc). During
# this time a package is not considered for a build. Must be specified in
# seconds. Default is 30 seconds.
#
# build-queued-timeout 30
# The maximum size of the build task request manifest accepted. Note that the
# HTTP POST request body is cached to retry database transactions in the face
# of recoverable failures (deadlock, loss of connection, etc). Default is
# 100K.
#
# build-task-request-max-size 102400
# Time to wait before considering the expected task result lost. Must be
# specified in seconds. Default is 3 hours.
#
# build-result-timeout 10800
# The maximum size of the build result manifest accepted. Note that the HTTP
# POST request body is cached to retry database transactions in the face of
# recoverable failures (deadlock, loss of connection, etc). Default is 10M.
#
# build-result-request-max-size 10485760
# Enable or disable package build notification emails in the =
# form. The valid values are 'none', 'latest', and 'all'. If 'all' is
# specified for a toolchain name, then emails are sent according to the
# build-*email package manifest values when all versions of a package are
# built with this toolchain. If 'latest' is specified, then for this toolchain
# name the emails are only sent for the latest version of a package. If 'none'
# is specified, then no emails are sent for this toolchain name. By default
# the 'latest' mode is assumed. Repeat this option to enable/disable emails
# for multiple toolchains.
#
# build-toolchain-email =latest|none|all
# The build database connection configuration. By default, brep will try to
# connect to the local instance of PostgreSQL with the operating system-default
# mechanism (Unix-domain socket, etc) and use operating system (login) user
# name and the database called 'brep_build'. If the role name is not empty
# then the login user will be switched (with SET ROLE) to this user prior
# to executing any statements. If not specified, then 'brep' is used. See
# brep(1) for details.
#
# build-db-user
# build-db-role brep
# build-db-password
# build-db-name brep_build
# build-db-host
# build-db-port
# The maximum number of concurrent build database connections per web server
# process. If 0, then no limitation is applied.
#
# build-db-max-connections 5
# The maximum number of times to retry build database transactions in the
# face of recoverable failures (deadlock, loss of connection, etc).
#
# build-db-retry 10
# The root directory where the uploaded binary distribution packages are
# saved to under the following directory hierarchy:
#
# [/]/////
#
# The package configuration directory symlinks that match these paths are
# mapped to web URLs based on the bindist-url value and displayed on the
# package version details page. If this option is specified, then bindist-url
# must be specified as well."
#
# bindist-root
# The root URL of the directory specified with the bindist-root option. This
# option must be specified if bindist-root is specified.
#
# bindist-url
# The base URL for the reviews manifest files. If this option is specified,
# then the review information is displayed on the package version details
# page.
#
# The complete URL is formed by adding the following path to the base:
#
# ///reviews.manifest
#
# Note that no separator is added between the base and this path.
#
# reviews-url
# The openssl program to be used for crypto operations. You can also specify
# additional options that should be passed to the openssl program with
# openssl-option. If the openssl program is not explicitly specified, then brep
# will use openssl by default.
#
# openssl openssl
# Additional option to be passed to the openssl program (see openssl for
# details). Repeat this option to specify multiple openssl options.
#
# openssl-option
# Environment variable to be set (=) or unset (just ) for
# the openssl program (see openssl for details). Repeat this option to specify
# multiple openssl variables. Note that unspecified variables are inherited
# from the web server process.
#
# You need to at least set the RANDFILE environment variable to change the
# default location of the openssl program seed file and maybe also the
# OPENSSL_CONF variable if you would like to use a custom openssl configuration
# file.
#
# openssl-envvar RANDFILE=/home/brep/www-data-openssl.rnd
# openssl-envvar OPENSSL_CONF=/home/brep/www-data-openssl.cnf
#
# To create www-data-openssl.rnd with suitable permissions, run (as user brep):
#
# $ touch www-data-openssl.rnd
# $ setfacl -b -m g:www-data:rw www-data-openssl.rnd
#
# The directory to save final submission data to. If unspecified, the package
# submission functionality will be disabled. If specified, then submit-temp
# must be specified as well.
#
# Note that the directory path must be absolute and the directory itself must
# exist and have read, write, and execute permissions granted to the user that
# runs the web server.
#
submit-data /home/brep/submit-data
# The directory to save temporary submission data to. Must be specified if the
# package submission functionality is enabled.
#
# Note that this directory must be on the same filesystem and satisfy the same
# requirements as submit-data. It is also the user's responsibility to clean
# it up after an unclean web server shutdown.
#
submit-temp /home/brep/submit-temp
# The maximum size of the submission data accepted. Note that currently the
# entire submission request is read into memory. Default is 10M.
#
# 100M.
#
submit-max-size 104857600
# The package submission form fragment. If specified, then its contents are
# treated as an XHTML5 fragment that is inserted into the element of
# the submission page. If unspecified, then no submission page will be
# displayed. Note that the file path must be absolute.
#
submit-form /home/brep/install/share/brep/www/submit.xhtml
# The package submission email. If specified, the submission request and
# result manifests will be sent to this address.
#
# submit-email
# The handler program to be executed on package submission. The handler is
# executed as part of the HTTP request and is passed additional arguments that
# can be specified with submit-handler-argument followed by the absolute path
# to the submission directory. Note that the program path must be absolute.
#
submit-handler /home/brep/install/bin/brep-submit-pub
# Additional arguments to be passed to the submission handler program (see
# submit-handler for details). Repeat this option to specify multiple
# arguments.
#
submit-handler-argument --user
submit-handler-argument brep
submit-handler-argument --result-url
submit-handler-argument http://unknown
submit-handler-argument /home/brep/install/bin/brep-load
submit-handler-argument --db-name=brep_submit_package
submit-handler-argument /var/brep/bpkg/pkg
# The handler program timeout in seconds. If specified and the handler does
# not exit in the alloted time, then it is killed and its termination is
# treated as abnormal.
#
submit-handler-timeout 120
# The directory to save CI request data to. If unspecified, the package CI
# functionality will be disabled.
#
# Note that the directory path must be absolute and the directory itself must
# exist and have read, write, and execute permissions granted to the user that
# runs the web server.
#
# ci-data
# The package CI form fragment. If specified, then its contents are treated as
# an XHTML5 fragment that is inserted into the element of the CI page.
# If unspecified, then no CI page will be displayed. Note that the file path
# must be absolute.
#
# ci-form
# The package CI email. If specified, the CI request and result manifests will
# be sent to this address.
#
# ci-email
# The handler program to be executed on CI request. The handler is executed as
# part of the HTTP request and is passed additional arguments that can be
# specified with ci-handler-argument followed by the absolute path to the CI
# request directory. Note that the program path must be absolute.
#
# ci-handler
# Additional arguments to be passed to the CI handler program (see ci-handler
# for details). Repeat this option to specify multiple arguments.
#
# ci-handler-argument
# The CI handler program timeout in seconds. If specified and the handler does
# not exit in the allotted time, then it is killed and its termination is
# treated as abnormal.
#
# ci-handler-timeout
# The GitHub App ID. Found in the app's settings on GitHub.
#
# ci-github-app-id
# The GitHub App's configured webhook secret. If not set, then the GitHub CI
# service is disabled. Note: make sure to choose a strong (random) secret.
#
# ci-github-app-webhook-secret
# The private key used during GitHub API authentication. Created in the GitHub
# App's settings.
#
# ci-github-app-private-key
# The number of seconds a JWT (authentication token) should be valid for. The
# maximum allowed by GitHub is 10 minutes.
#
# ci-github-jwt-validity-period 600
# The directory to save upload data to for the specified upload type. If
# unspecified, the build artifacts upload functionality will be disabled for
# this type.
#
# Note that the directory path must be absolute and the directory itself must
# exist and have read, write, and execute permissions granted to the user that
# runs the web server.
#
# upload-data =
# The maximum size of the upload data accepted for the specified upload type.
# Note that currently the entire upload request is read into memory. The
# default is 10M.
#
# upload-max-size =10485760
# The build artifacts upload email. If specified, the upload request and
# result manifests will be sent to this address.
#
# upload-email =
# The handler program to be executed on build artifacts upload of the
# specified type. The handler is executed as part of the HTTP request and is
# passed additional arguments that can be specified with
# upload-handler-argument followed by the absolute path to the upload
# directory (upload-data). Note that the program path must be absolute.
#
# upload-handler =
# Additional arguments to be passed to the upload handler program for the
# specified upload type (see upload-handler for details). Repeat this option
# to specify multiple arguments.
#
# upload-handler-argument =
# The upload handler program timeout in seconds for the specified upload type.
# If specified and the handler does not exit in the allotted time, then it is
# killed and its termination is treated as abnormal.
#
# upload-handler-timeout =
# Disable upload of the specified type for the specified toolchain name.
# Repeat this option to disable uploads for multiple toolchains.
#
# upload-toolchain-exclude =
# Disable upload of the specified type for packages from the repository with
# the specified canonical name. Repeat this option to disable uploads for
# multiple repositories.
#
# upload-repository-exclude =
# The default view to display for the global repository root. The value is one
# of the supported services (packages, builds, submit, ci, etc). Default is
# packages.
#
# root-global-view packages
# The default view to display for the tenant repository root. The value is one
# of the supported services (packages, builds, submit, ci, etc). Default is
# packages.
#
# root-tenant-view packages
# Name to call the tenant values on web pages. If not specified, then 'tenant'
# is used.
#
# tenant-name tenant
# Trace verbosity. Disabled by default.
#
# verbosity 0