155 lines
4.7 KiB
INI
155 lines
4.7 KiB
INI
[sr.ht]
|
|
#
|
|
# The name of your network of sr.ht-based sites
|
|
site-name=sourcehut
|
|
#
|
|
# The top-level info page for your site
|
|
site-info=https://sourcehut.org
|
|
#
|
|
# {{ site-name }}, {{ site-blurb }}
|
|
site-blurb=the hacker's forge
|
|
#
|
|
# If this != production, we add a banner to each page
|
|
environment=development
|
|
#
|
|
# Contact information for the site owners
|
|
owner-name=Drew DeVault
|
|
owner-email=sir@cmpwn.com
|
|
#
|
|
# The source code for your fork of sr.ht
|
|
source-url=https://git.sr.ht/~sircmpwn/srht
|
|
#
|
|
# A key used for encrypting session cookies. Use `srht-keygen service` to
|
|
# generate the service key. This must be shared between each node of the same
|
|
# service (e.g. git1.sr.ht and git2.sr.ht), but different services may use
|
|
# different keys. If you configure all of your services with the same
|
|
# config.ini, you may use the same service-key for all of them.
|
|
service-key=
|
|
#
|
|
# A secret key to encrypt internal messages with. Use `srht-keygen network` to
|
|
# generate this key. It must be consistent between all services and nodes.
|
|
network-key=
|
|
#
|
|
# The redis host URL. This is used for caching and temporary storage, and must
|
|
# be shared between nodes (e.g. git1.sr.ht and git2.sr.ht), but need not be
|
|
# shared between services. It may be shared between services, however, with no
|
|
# ill effect, if this better suits your infrastructure.
|
|
redis-host=
|
|
|
|
[mail]
|
|
#
|
|
# Outgoing SMTP settings
|
|
smtp-host=
|
|
smtp-port=
|
|
smtp-user=
|
|
smtp-password=
|
|
smtp-from=
|
|
#
|
|
# Application exceptions are emailed to this address
|
|
error-to=
|
|
error-from=
|
|
#
|
|
# You should generate a PGP key to allow users to authenticate emails received
|
|
# from your services. Use `gpg --edit-key [key id]` to remove the password from
|
|
# your private key, then export it to a file and set pgp-privkey to the path to
|
|
# that file. pgp-pubkey should be set to the path to your public key, and
|
|
# pgp-key-id should be set to the key ID string. Outgoing emails are signed with
|
|
# this PGP key.
|
|
pgp-privkey=
|
|
pgp-pubkey=
|
|
pgp-key-id=
|
|
|
|
[webhooks]
|
|
#
|
|
# base64-encoded Ed25519 key for signing webhook payloads. This should be
|
|
# consistent between all services.
|
|
#
|
|
# Use the `srht-keygen webhook` command to generate this key. Put the private
|
|
# key here and distribute the public key to anyone who would want to verify
|
|
# webhook payloads from your service.
|
|
private-key=
|
|
|
|
[builds.sr.ht]
|
|
#
|
|
# URL builds.sr.ht is being served at (protocol://domain)
|
|
origin=http://builds.sr.ht.local
|
|
#
|
|
# Address and port to bind the debug server to
|
|
debug-host=0.0.0.0
|
|
debug-port=5002
|
|
#
|
|
# Configures the SQLAlchemy connection string for the database.
|
|
connection-string=postgresql://postgres@localhost/builds.sr.ht
|
|
#
|
|
# Set to "yes" to automatically run migrations on package upgrade.
|
|
migrate-on-upgrade=yes
|
|
#
|
|
# The redis connection used for the Celery worker (configure this on both the
|
|
# master and workers)
|
|
redis=redis://localhost:6379/0
|
|
#
|
|
# builds.sr.ht's OAuth client ID and secret for meta.sr.ht
|
|
# Register your client at meta.example.org/oauth
|
|
oauth-client-id=
|
|
oauth-client-secret=
|
|
#
|
|
# Script used to launch on ssh connection. /usr/bin/master-shell on master,
|
|
# /usr/bin/runner-shell for workers.
|
|
# If master and worker are on the same system set to /usr/bin/runner-shell
|
|
shell=/usr/bin/master-shell
|
|
#
|
|
# Set to "yes" to allow nonpaying users to submit builds
|
|
allow-free=yes
|
|
#
|
|
# Origin URL for the API
|
|
# Only needed if not run behind a reverse proxy, e.g. for local development.
|
|
# By default, the API port is 100 more than the web port
|
|
#api-origin=http://localhost:5102
|
|
|
|
#
|
|
# These config options are only necessary for systems running a build runner
|
|
[builds.sr.ht::worker]
|
|
#
|
|
# Name of this build runner (with HTTP port if not 80)
|
|
name=runner.sr.ht.local
|
|
#
|
|
# Path to write build logs
|
|
buildlogs=./logs
|
|
#
|
|
# Path to the build images
|
|
images=./images
|
|
#
|
|
# In production you should NOT put the build user in the docker group. Instead,
|
|
# make a scratch user who is and write a sudoers or doas.conf file that allows
|
|
# them to execute just the control command, then update this config option. For
|
|
# example:
|
|
#
|
|
# doas -u docker /var/lib/images/control
|
|
#
|
|
# Assuming doas.conf looks something like this:
|
|
#
|
|
# permit nopass builds as docker cmd /var/lib/images/control
|
|
#
|
|
# For more information about the security model of builds.sr.ht, visit the wiki:
|
|
#
|
|
# https://man.sr.ht/builds.sr.ht/installation.md
|
|
controlcmd=./images/control
|
|
#
|
|
# Max build duration. See https://golang.org/pkg/time/#ParseDuration
|
|
timeout=45m
|
|
#
|
|
# Http bind address for serving local build information/monitoring
|
|
bind-address=0.0.0.0:8080
|
|
#
|
|
# Build trigger email
|
|
trigger-from=
|
|
#
|
|
# Configure the S3 bucket and prefix for object storage. Leave empty to disable
|
|
# object storage. Bucket is required to enable object storage; prefix is
|
|
# optional.
|
|
s3-bucket=
|
|
s3-prefix=
|
|
|
|
[meta.sr.ht]
|
|
origin=http://meta.sr.ht.local
|