# Configuration file for the brep module (note: this is not an apache2 .conf # file but it can be converted to one by prefixing all the options with # brep-). See brep(1) for detailed description of each configuration option. # Commented out options indicate their default values. # # Besides being parsed by the brep module, this file may also be parsed by # brep utilities that are normally only interested in the subset of the # options. To simplify skipping of unrecognized, this file must always have an # option name and its value on the same line. # # Package search page title. It is placed inside XHTML5 <title> element. # # search-title Packages # Web page logo. It is displayed in the page header aligned to the left edge. # The value is treated as an XHTML5 fragment. # # logo "" # Web page menu. Each entry is displayed in the page header in the order # specified and aligned to the right edge. A link target that starts with '/' # or contains ':' is used as is. Otherwise, it is prefixed with the repository # web interface root. # menu Packages= # menu Builds=?builds # menu Configs=?build-configs menu Submit=?submit # menu CI=?ci menu About=?about # Number of packages per page. # # search-page-entries 20 # Number of pages in navigation (pager). # # search-pages 5 # Number of package description characters to display in brief pages. # # package-description 500 # Number of package changes characters to display in brief pages. # # package-changes 5000 # The package database connection configuration. By default, brep will try to # connect to the local instance of PostgreSQL with the operating system- # default mechanism (Unix-domain socket, etc) and use operating system # (login) user name and the database called 'brep_package'. If the role name # is not empty then the login user will be switched (with SET ROLE) to this # user prior to executing any statements. If not specified, then 'brep' is # used. See brep(1) for details. # # package-db-user # package-db-role brep # package-db-password # package-db-name brep_package # package-db-host # package-db-port # The maximum number of concurrent package database connections per web server # process. If 0, then no limitation is applied. # # package-db-max-connections 5 # The maximum number of times to retry package database transactions in the # face of recoverable failures (deadlock, loss of connection, etc). # # package-db-retry 10 # Build configuration file. If not specified (default), then the package # building functionality will be disabled. If specified, then the build # database must be configured (see next). Note: must be an absolute path. # # build-config # Number of build configurations per page. # # build-config-page-entries 20 # Number of pages in navigation (pager). # # build-config-pages 5 # Directory containing build bot agent public keys. If specified, then brep # will perform agent authentication and will reject build results from # unauthenticated ones. If not specified, then build results are accepted from # all agents (which will be a security risk if the brep instance is publicly # accessible). # # The directory is expected to contain one PEM-encoded public key per file with # the .pem extension. All other files and subdirectories are ignored. The brep # instance needs to be restarted after adding new key files for the changes to # take effect. # # build-bot-agent-keys # Number of builds per page. # # build-page-entries 20 # Number of pages in navigation (pager). # # build-pages 5 # Time to wait before considering a package for a forced rebuild. Must be # specified in seconds. Default is 10 minutes. # # build-forced-rebuild-timeout 600 # Time to wait before considering a package for a normal rebuild. Must be # specified in seconds. Default is 24 hours. # # build-normal-rebuild-timeout 86400 # Alternative package rebuild timeout to use instead of the normal rebuild # timeout (see the build-normal-rebuild-timeout option for details) during # the specified time interval. Must be specified in seconds. Default is the # time interval length. # # The alternative rebuild timeout can be used to "pull" the rebuild window to # the specified time of day, for example, to optimize load and/or power # consumption of the build infrastructure (off-work hours, solar, off-peak # electricity tariffs, etc). A shorter than the time interval rebuild timeout # can also be used to force continuous rebuilds, for example, to shake out # flaky tests. Note also that if the alternative rebuild timeout is greater # than the normal rebuild timeout, then this will result in slower rebuilds # during the alternative time interval. In this case, if the build # infrastructure is monitored for delayed package builds, then the alternative # rebuild timeout should only be made slightly greater than the normal timeout # (see brep-monitor(1) for details). # # The time interval boundaries must be specified as times of day (in the local # timezone) in the <hours>:<minutes> form. If the stop time is less than the # start time then the interval extends through midnight. The start and stop # times must both be either specified or absent. If unspecified, then no # alternative rebuild timeout will be used. # # build-alt-rebuild-timeout # build-alt-rebuild-start # build-alt-rebuild-stop # The maximum size of the build task request manifest accepted. Note that the # HTTP POST request body is cached to retry database transactions in the face # of recoverable failures (deadlock, loss of connection, etc). Default is # 100K. # # build-task-request-max-size 102400 # Time to wait before considering the expected task result lost. Must be # specified in seconds. Default is 3 hours. # # build-result-timeout 10800 # The maximum size of the build result manifest accepted. Note that the HTTP # POST request body is cached to retry database transactions in the face of # recoverable failures (deadlock, loss of connection, etc). Default is 10M. # # build-result-request-max-size 10485760 # The build database connection configuration. By default, brep will try to # connect to the local instance of PostgreSQL with the operating system-default # mechanism (Unix-domain socket, etc) and use operating system (login) user # name and the database called 'brep_build'. If the role name is not empty # then the login user will be switched (with SET ROLE) to this user prior # to executing any statements. If not specified, then 'brep' is used. See # brep(1) for details. # # build-db-user # build-db-role brep # build-db-password # build-db-name brep_build # build-db-host # build-db-port # The maximum number of concurrent build database connections per web server # process. If 0, then no limitation is applied. # # build-db-max-connections 5 # The maximum number of times to retry build database transactions in the # face of recoverable failures (deadlock, loss of connection, etc). # # build-db-retry 10 # The openssl program to be used for crypto operations. You can also specify # additional options that should be passed to the openssl program with # openssl-option. If the openssl program is not explicitly specified, then brep # will use openssl by default. # # openssl openssl # Additional option to be passed to the openssl program (see openssl for # details). Repeat this option to specify multiple openssl options. # # openssl-option # Environment variable to be set (<name>=<value>) or unset (just <name>) for # the openssl program (see openssl for details). Repeat this option to specify # multiple openssl variables. Note that unspecified variables are inherited # from the web server process. # # You need to at least set the RANDFILE environment variable to change the # default location of the openssl program seed file and maybe also the # OPENSSL_CONF variable if you would like to use a custom openssl configuration # file. # # openssl-envvar RANDFILE=/home/brep/www-data-openssl.rnd # openssl-envvar OPENSSL_CONF=/home/brep/www-data-openssl.cnf # # To create www-data-openssl.rnd with suitable permissions, run (as user brep): # # $ touch www-data-openssl.rnd # $ setfacl -b -m g:www-data:rw www-data-openssl.rnd # # The directory to save final submission data to. If unspecified, the package # submission functionality will be disabled. If specified, then submit-temp # must be specified as well. # # Note that the directory path must be absolute and the directory itself must # exist and have read, write, and execute permissions granted to the user that # runs the web server. # submit-data /home/brep/submit-data # The directory to save temporary submission data to. Must be specified if the # package submission functionality is enabled. # # Note that this directory must be on the same filesystem and satisfy the same # requirements as submit-data. It is also the user's responsibility to clean # it up after an unclean web server shutdown. # submit-temp /home/brep/submit-temp # The maximum size of the submission data accepted. Note that currently the # entire submission request is read into memory. Default is 10M. # # 100M. # submit-max-size 104857600 # The package submission form fragment. If specified, then its contents are # treated as an XHTML5 fragment that is inserted into the <body> element of # the submission page. If unspecified, then no submission page will be # displayed. Note that the file path must be absolute. # submit-form /home/brep/install/share/brep/www/submit.xhtml # The package submission email. If specified, the submission request and # result manifests will be sent to this address. # # submit-email # The handler program to be executed on package submission. The handler is # executed as part of the submission request and is passed additional # arguments that can be specified with submit-handler-argument followed by # the absolute path to the submission directory. Note that the program path # must be absolute. # submit-handler /home/brep/install/bin/brep-submit-pub # Additional arguments to be passed to the submission handler program (see # submit-handler for details). Repeat this option to specify multiple # arguments. # submit-handler-argument --user submit-handler-argument brep submit-handler-argument --result-url submit-handler-argument http://unknown submit-handler-argument /home/brep/install/bin/brep-load submit-handler-argument --db-name=brep_submit_package submit-handler-argument /var/brep/bpkg/pkg # The handler program timeout in seconds. If specified and the handler does # not exit in the alloted time, then it is killed and its termination is # treated as abnormal. # submit-handler-timeout 120 # The directory to save CI request data to. If unspecified, the package CI # functionality will be disabled. # # Note that the directory path must be absolute and the directory itself must # exist and have read, write, and execute permissions granted to the user that # runs the web server. # # ci-data # The package CI form fragment. If specified, then its contents are treated as # an XHTML5 fragment that is inserted into the <body> element of the CI page. # If unspecified, then no CI page will be displayed. Note that the file path # must be absolute. # # ci-form # The package CI email. If specified, the CI request and result manifests will # be sent to this address. # # ci-email # The handler program to be executed on CI request. The handler is executed as # part of the HTTP request and is passed additional arguments that can be # specified with ci-handler-argument followed by the absolute path to the CI # request directory. Note that the program path must be absolute. # # ci-handler # Additional arguments to be passed to the CI handler program (see ci-handler # for details). Repeat this option to specify multiple arguments. # # ci-handler-argument # The CI handler program timeout in seconds. If specified and the handler does # not exit in the allotted time, then it is killed and its termination is # treated as abnormal. # # ci-handler-timeout # The default view to display for the global repository root. The value is one # of the supported services (packages, builds, submit, ci, etc). Default is # packages. # # root-global-view packages # The default view to display for the tenant repository root. The value is one # of the supported services (packages, builds, submit, ci, etc). Default is # packages. # # root-tenant-view packages # Name to call the tenant values on web pages. If not specified, then 'tenant' # is used. # # tenant-name tenant # Trace verbosity. Disabled by default. # # verbosity 0