API tools faq
paste
Advertisement
Guest User

server.conf

a guest
Jul 25th, 2016
148
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.13 KB | None | 0 0
raw download clone embed print report
  1. # =========================
  2. # Pulp Server Configuration
  3. # =========================
  4.  
  5. # The settings in this file are all commented by default, and the commented settings show the
  6. # default values that Pulp Server will choose if not specified here.
  7.  
  8. # -- Common Configuration -----------------------------------------------------
  9.  
  10. # = Database =
  11. #
  12. # Controls the behavior of MongoDB under Pulp's usage.
  13. #
  14. # Authentication - If the username and the password keys have values provided,
  15. # the pulp server will attempt to authenticate to the MongoDB server. The
  16. # username and password provided here will be used to authenticate with the
  17. # database specified in the name field.
  18. #
  19. # Replica Sets - If more than one seed is provided, a connection will be attempted to each seed
  20. # until a connection is made. When multiple seeds are provided, the 'replica_set' value must also
  21. # be specified.
  22. #
  23. # name: name of the database to use
  24. # seeds: comma-separated list of hostname:port of database replica seed hosts
  25. # username: The user name to use for authenticating to the MongoDB server
  26. # password: The password to use for authenticating to the MongoDB server
  27. # replica_set: uncomment and set this value to the name of replica set configured in MongoDB,
  28. # if one is in use
  29. # ssl: If True, create the connection to the server using SSL.
  30. # ssl_keyfile: A path to the private keyfile used to identify the local connection against
  31. # mongod. If included with the certfile then only the ssl_certfile is needed.
  32. # ssl_certfile: The certificate file used to identify the local connection against mongod.
  33. # verify_ssl: Specifies whether a certificate is required from the other side of the
  34. # connection, and whether it will be validated if provided. If it is true, then
  35. # the ssl_ca_certs parameter must point to a file of CA certificates used to
  36. # validate the connection.
  37. # ca_path: The ca_certs file contains a set of concatenated “certification authority”
  38. # certificates, which are used to validate certificates passed from the other end
  39. # of the connection.
  40. # unsafe_autoretry: If true, retry commands to the database if there is a connection error.
  41. # Warning: if set to true, this setting can result in duplicate records.
  42. # write_concern: Write concern of 'majority' or 'all'. When 'all' is specified, 'w' is set to
  43. # number of seeds specified. For version of MongoDB < 2.6, replica_set must also
  44. # be specified. Please note that 'all' will cause Pulp to halt if any of the
  45. # replica set members is not available. 'majority' is used by default.
  46.  
  47.  
  48. [database]
  49. # name: pulp_database
  50. # seeds: localhost:27017
  51. # username:
  52. # password:
  53. # replica_set:
  54. # ssl: false
  55. # ssl_keyfile:
  56. # ssl_certfile:
  57. # verify_ssl: true
  58. # ca_path: /etc/pki/tls/certs/ca-bundle.crt
  59. # unsafe_autoretry: false
  60. # write_concern: majority
  61.  
  62.  
  63. # = Server =
  64. #
  65. # Controls general Pulp web server behavior.
  66. #
  67. # server_name: hostname the admin client and consumers should use when accessing
  68. # the server; if not specified, this defaults to the server's fully qualified
  69. # domain name (FQDN)
  70. # default_login: default admin username of the Pulp server; this user will be
  71. # the first time the server is started
  72. # default_password: default password for admin when it is first created; this
  73. # should be changed once the server is operational
  74. # debugging_mode: boolean; toggles Pulp's debugging capabilities
  75. # log_level: The desired logging level. Options are: CRITICAL, ERROR, WARNING, INFO, DEBUG,
  76. # and NOTSET. Pulp will default to INFO.
  77. # working_directory:path to where pulp workers can create working directories needed to complete tasks
  78. [server]
  79. # server_name: server_hostname
  80. # key_url: /pulp/gpg
  81. # ks_url: /pulp/ks
  82. # default_login: admin
  83. # default_password: admin
  84. # debugging_mode: false
  85. log_level: DEBUG
  86. # working_directory: /var/cache/pulp
  87.  
  88.  
  89. # = Authentication =
  90. #
  91. # Keys used for message authentication.
  92. #
  93. # rsa_key:
  94. # The RSA private key used for authentication.
  95. # rsa_pub:
  96. # The RSA public key used for authentication.
  97.  
  98. [authentication]
  99. # rsa_key = /etc/pki/pulp/rsa.key
  100. # rsa_pub = /etc/pki/pulp/rsa_pub.key
  101.  
  102.  
  103. # = Security =
  104. #
  105. # Controls aspects of the Pulp web server security.
  106. #
  107. # For production installations, it is recommended that a new CA certificate be
  108. # generated for the signing of user and consumer certificates and configured
  109. # using the following properties.
  110. #
  111. # cacert: full path to the CA certificate that will be used to sign consumer
  112. # and admin identification certificates; this must match the value of
  113. # SSLCACertificateFile in /etc/httpd/conf.d/pulp.conf
  114. # Deprecated! - Please note that both cacert and cakey settings will be
  115. # removed in the next major release since Pulp will not sign certificates.
  116. # However, Pulp will continue to support client certificates generated
  117. # by users through Apache and pulp-admin.
  118. #
  119. # cakey: path to the private key for the above CA certificate
  120. #
  121. # ssl_ca_certificate: full path to the CA certificate used to sign the Pulp
  122. # server's SSL certificate; consumers will use this to verify the
  123. # Pulp server's SSL certificate during the SSL handshake
  124. # Deprecated! - Please note that this setting will be removed in the next
  125. # major release and will be replaced by a setting in the consumer.conf file
  126. # that will allow the user to specify a directory path containing certificates.
  127. #
  128. # user_cert_expiration: number of days a user certificate is valid
  129. #
  130. # consumer_cert_expiration: number of days a consumer certificate is valid
  131. #
  132.  
  133. [security]
  134. # cacert: /etc/pki/pulp/ca.crt # Deprecated! See above description for details.
  135. # cakey: /etc/pki/pulp/ca.key # Deprecated! See above description for details.
  136. # ssl_ca_certificate: /etc/pki/pulp/ssl_ca.crt # Deprecated! See above description for details.
  137. # user_cert_expiration: 7
  138. # consumer_cert_expiration: 3650
  139. # serial_number_path: /var/lib/pulp/sn.dat
  140.  
  141.  
  142. # -- Advanced Configuration ---------------------------------------------------
  143.  
  144. # = Consumer History =
  145. #
  146. # Controls the storage of recorded consumer events.
  147. #
  148. # lifetime: number of days to store consumer events; events older
  149. # than this will be purged; set to -1 to disable
  150.  
  151. [consumer_history]
  152. # lifetime: 180
  153.  
  154.  
  155. # = Data Reaping =
  156. #
  157. # Controls the frequency in which reporting data is automatically removed from
  158. # the database. Database entries that exceed the given thresholds will be
  159. # deleted from the database when the reaper runs.
  160. #
  161. # reaper_interval: float; time in days between checks for old data in
  162. # the database
  163. #
  164. # consumer_history: float; time in days to store consumer history events
  165. #
  166. # repo_sync_history: float; time in days to store repository sync history events
  167. #
  168. # repo_publish_history: float; time in days to store repository publish history
  169. # events
  170. #
  171. # repo_group_publish_history: float; time in days to store repository group
  172. # publish history events
  173. #
  174. # task_status_history: float; time in days to store task status history in the db
  175. # task_result_history: float; time in days to store task results history
  176.  
  177. [data_reaping]
  178. # reaper_interval: 0.25
  179. # consumer_history: 60
  180. # repo_sync_history: 60
  181. # repo_publish_history: 60
  182. # repo_group_publish_history: 60
  183. # task_status_history: 7
  184. # task_result_history: 3
  185.  
  186.  
  187. # = LDAP =
  188. #
  189. # Uncomment the below section with appropriate values to use an external LDAP
  190. # server for user authentication.
  191. #
  192. # enabled: boolean; controls whether or not LDAP authentication is enabled
  193. #
  194. # uri: url of LDAP server
  195. #
  196. # base: location in the directory from which the LDAP search begins
  197. #
  198. # tls: boolean; controls whether or not to use TLS security
  199. #
  200. # default_role: Id of the role to assign LDAP users to by default. This is
  201. # optional. This role must first be created on the Pulp server. If
  202. # default_role is not set or doesn't exist, LDAP users are given same
  203. # default permissions as local users.
  204. #
  205. # filter: directive to set more restrictive LDAP filter to limit the LDAP
  206. # users who can authenticate to Pulp
  207.  
  208. # Deprecated! Please use apache's mod_authnz_ldap to do preauthentication. See
  209. # pulp's user guide for details.
  210. # [ldap]
  211. # enabled: true # are you sure? This has been deprecated.
  212. # uri: ldap://localhost
  213. # base: dc=localhost
  214. # tls: no
  215. # default_role: <role-id>
  216. # filter: (gidNumber=200)
  217.  
  218.  
  219. # = OAuth =
  220. #
  221. # Uncomment the below section with appropriate values to use OAuth
  222. # authentication.
  223. #
  224. # enabled: boolean; controls whether OAuth authentication is enabled
  225. #
  226. # oauth_key: string; key to enable OAuth style authentication
  227. #
  228. # oauth_secret: string; shared secret that can be used for OAuth style
  229. # authentication
  230.  
  231. [oauth]
  232. # enabled: true
  233. # oauth_key:
  234. # oauth_secret:
  235.  
  236.  
  237. # = Messaging =
  238. #
  239. # Controls Pulp's configuration of broker settings for communicating to the Consumer Agent.
  240. #
  241. # url: the url used to contact the broker. This setting uses the form:
  242. #
  243. # <protocol>://<host>:<port>/<virtual-host>
  244. #
  245. # Or to use a username and password:
  246. #
  247. # <protocol>://<user>:<password>@<host>:<port>/<virtual-host>
  248. #
  249. # Supported <protocol> values are 'tcp' or 'ssl' depending on if SSL should be used or not.
  250. # The <virtual-host> is optional, and is only applicable to RabbitMQ broker environments.
  251. #
  252. # The default broker string is 'tcp://localhost:5672'.
  253. #
  254. # transport: The type of broker you are connecting to. The default is 'qpid'. For RabbitMQ,
  255. # 'rabbitmq' should be used.
  256. #
  257. # cacert: Absolute path to PEM encoded CA certificate file, used by Pulp to validate the identity
  258. # of the broker using SSL. The default is '/etc/pki/qpid/ca/ca.crt'.
  259. #
  260. # clientcert: Absolute path to PEM encoded file containing both the private key and
  261. # certificate Pulp should present to the broker to be authenticated by the broker. The default
  262. # is '/etc/pki/qpid/client/client.pem'.
  263. #
  264. # auth_enabled:
  265. # Message authentication enabled flag. The default is 'true' which enables authentication.
  266. # To disable authentication, use 'false'.
  267. #
  268. # topic_exchange: The name of the exchange to use. The exchange must be a topic exchange. The
  269. # default is 'amq.topic', which is a default exchange that is guaranteed to exist on a Qpid
  270. # broker. This setting is a string, and therefore includes the single quotes.
  271. #
  272. # event_notifications_enabled:
  273. # Enables or disables Pulp event notfications on the message bus. Defaults to 'false'.
  274. #
  275. # event_notification_url:
  276. # The AMQP URL for event notifications. Defaults to 'qpid://localhost:5672/'.
  277.  
  278. [messaging]
  279. # url: tcp://localhost:5672
  280. transport: rabbitmq
  281. # auth_enabled: true
  282. # cacert: /etc/pki/qpid/ca/ca.crt
  283. # clientcert: /etc/pki/qpid/client/client.pem
  284. # topic_exchange: 'amq.topic'
  285. # event_notifications_enabled: false
  286. event_notification_url: amqp://guest:guest@localhost:5672/
  287.  
  288.  
  289. # = Asynchronous Tasks =
  290. #
  291. # Controls Pulp's Celery settings. These settings are used by the Pulp Server and Pulp Workers to
  292. # perform asynchronous, server-side task work such as syncing, publishing, or deletion of content.
  293. # Communication between these different components occurs through the broker.
  294. #
  295. # broker_url: A URL to a broker that Celery can use to queue tasks. For example, to configure
  296. # Celery with a Qpid backend, set broker_url to:
  297. #
  298. # qpid://<username>:<password>@<hostname>:<port>/
  299. #
  300. # For RabbitMQ you can use the following broker_url style:
  301. #
  302. # amqp://<username>:<password>@<hostname>:<port>/<vhost>
  303. #
  304. # celery_require_ssl: Require SSL if set to 'true', otherwise do not require SSL. The default is
  305. # 'false'.
  306. #
  307. # cacert: The absolute path to the PEM encoded CA Certificate allowing identity validation of the
  308. # message bus. The default is '/etc/pki/pulp/qpid/ca.crt'.
  309. #
  310. # keyfile: The absolute path to the keyfile used for authentication to the message bus. This is the
  311. # private key that corresponds with the certificate. The default value is
  312. # '/etc/pki/pulp/qpid/client.crt'. Sometimes the key is kept in the same file as the
  313. # certificate it corresponds with, and the default assumes this is the case.
  314. #
  315. # certfile: The absolute path to the PEM encoded certificate used for authentication to the message
  316. # bus. The default value is '/etc/pki/pulp/qpid/client.crt'.
  317. #
  318. # login_method: Select the SASL login method used to connect to the broker. This should be left
  319. # unset except in special cases such as SSL client certificate authentication.
  320.  
  321. [tasks]
  322. broker_url: amqp://guest:guest@localhost/
  323. # celery_require_ssl: false
  324. # cacert: /etc/pki/pulp/qpid/ca.crt
  325. # keyfile: /etc/pki/pulp/qpid/client.crt
  326. # certfile: /etc/pki/pulp/qpid/client.crt
  327. # login_method:
  328.  
  329.  
  330. # = Email =
  331. #
  332. # Settings that allow the system to send email. It is recommended that
  333. # the system relay through a local MTA on the machine. Pulp does not retry in
  334. # case of error, so it is important to have a real MTA available locally.
  335. #
  336. # If there is a need to test email sending, it is recommended to run this:
  337. # $ python -m smtpd -n -c DebuggingServer localhost:1025
  338. # which will write each message to stdout.
  339. #
  340. # host: host name of the MTA pulp should relay through
  341. #
  342. # port: destination port to connect on
  343. #
  344. # from: the "From" address of each email the system sends
  345. #
  346. # enabled: boolean controls whether or not emails will be sent
  347.  
  348. [email]
  349. # host: localhost
  350. # port: 25
  351. # from: no-reply@your.domain
  352. # enabled: false
  353.  
  354.  
  355. # = Lazy =
  356. #
  357. # Settings for lazy content loading.
  358. #
  359. # redirect_host:
  360. # The host FQDN or IP to which requests are redirected. Defaults to
  361. # the local host's fully qualified domain name.
  362. #
  363. # redirect_port:
  364. # The TCP port to which requests are redirected. By default no port
  365. # is stated explicitly so an HTTP redirect will use port 80 and an
  366. # HTTPS redirect will use port 443. The protocol used will match the
  367. # protocol the client used for the initial request.
  368. #
  369. # redirect_path:
  370. # The base path to which requests are redirected. Defaults to /streamer/
  371. #
  372. # https_retrieval:
  373. # boolean; controls whether Pulp uses HTTPS or HTTP to
  374. # retrieve content from the streamer.
  375. # WARNING: Setting this to 'false' is not safe if you wish
  376. # to use Pulp to provide repository entitlement
  377. # enforcement. It is strongly recommended to keep
  378. # this set to 'true' and use certificates that are
  379. # signed by a trusted authority on the web server
  380. # that serves as the streamer reverse proxy.
  381. #
  382. # download_interval:
  383. # The interval in minutes between checks for content cached
  384. # by the Squid proxy.
  385. #
  386. # download_concurrency:
  387. # The number of downloads to perform concurrently when
  388. # downloading content from the Squid cache.
  389.  
  390. [lazy]
  391. # redirect_host:
  392. # redirect_port:
  393. # redirect_path:
  394. # https_retrieval: true
  395. # download_interval: 30
  396. # download_concurrency: 5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!