mirror of
https://github.com/arcan1s/ahriman.git
synced 2025-04-24 15:27:17 +00:00
189 lines
12 KiB
Markdown
189 lines
12 KiB
Markdown
# ahriman configuration
|
|
|
|
Some groups can be specified for each architecture separately. E.g. if there are `build` and `build:x86_64` groups it will use the option from `build:x86_64` for the `x86_64` architecture and `build` for any other (architecture specific group has higher priority). In case if both groups are presented, architecture specific options will be merged into global ones overriding them.
|
|
|
|
There are two variable types which have been added to default ones, they are paths and lists. List values will be read in the same way as shell does:
|
|
|
|
* By default, it splits value by spaces excluding empty elements.
|
|
* In case if quotation mark (`"` or `'`) will be found, any spaces inside will be ignored.
|
|
* In order to use quotation mark inside value it is required to put it to another quotation mark, e.g. `wor"'"d "with quote"` will be parsed as `["wor'd", "with quote"]` and vice versa.
|
|
* Unclosed quotation mark is not allowed and will rise an exception.
|
|
|
|
Path values, except for casting to `pathlib.Path` type, will be also expanded to absolute paths relative to the configuration path. E.g. if path is set to `ahriman.ini.d/logging.ini` and root configuration path is `/etc/ahriman.ini`, the value will be expanded to `/etc/ahriman.ini.d/logging.ini`. In order to disable path expand, use the full path, e.g. `/etc/ahriman.ini.d/logging.ini`.
|
|
|
|
## `settings` group
|
|
|
|
Base configuration settings.
|
|
|
|
* `include` - path to directory with configuration files overrides, string, required.
|
|
* `database` - path to SQLite database, string, required.
|
|
* `logging` - path to logging configuration, string, required. Check `logging.ini` for reference.
|
|
|
|
## `alpm` group
|
|
|
|
libalpm and AUR related configuration.
|
|
|
|
* `aur_url` - base url for AUR, string, required.
|
|
* `database` - path to pacman local database cache, string, required.
|
|
* `repositories` - list of pacman repositories, space separated list of strings, required.
|
|
* `root` - root for alpm library, string, required.
|
|
|
|
## `auth` group
|
|
|
|
Base authorization settings. `OAuth` provider requires `aioauth-client` library to be installed.
|
|
|
|
* `target` - specifies authorization provider, string, optional, default `disabled`. Allowed values are `disabled`, `configuration`, `oauth`.
|
|
* `client_id` - OAuth2 application client ID, string, required in case if `oauth` is used.
|
|
* `client_secret` - OAuth2 application client secret key, string, required in case if `oauth` is used.
|
|
* `max_age` - parameter which controls both cookie expiration and token expiration inside the service, integer, optional, default is 7 days.
|
|
* `oauth_provider` - OAuth2 provider class name as is in `aioauth-client` (e.g. `GoogleClient`, `GithubClient` etc), string, required in case if `oauth` is used.
|
|
* `oauth_scopes` - scopes list for OAuth2 provider, which will allow retrieving user email (which is used for checking user permissions), e.g. `https://www.googleapis.com/auth/userinfo.email` for `GoogleClient` or `user:email` for `GithubClient`, space separated list of strings, required in case if `oauth` is used.
|
|
* `safe_build_status` - allow requesting status page without authorization, boolean, required.
|
|
* `salt` - password hash salt, string, required in case if authorization enabled (automatically generated by `create-user` subcommand).
|
|
|
|
Authorized users are stored inside internal database, if any of external provides are used the password field for non-service users must be empty.
|
|
|
|
## `build:*` groups
|
|
|
|
Build related configuration. Group name can refer to architecture, e.g. `build:x86_64` can be used for x86_64 architecture specific settings.
|
|
|
|
* `archbuild_flags` - additional flags passed to `archbuild` command, space separated list of strings, optional.
|
|
* `build_command` - default build command, string, required.
|
|
* `ignore_packages` - list packages to ignore during a regular update (manual update will still work), space separated list of strings, optional.
|
|
* `makepkg_flags` - additional flags passed to `makepkg` command, space separated list of strings, optional.
|
|
* `makechrootpkg_flags` - additional flags passed to `makechrootpkg` command, space separated list of strings, optional.
|
|
|
|
## `repository` group
|
|
|
|
Base repository settings.
|
|
|
|
* `name` - repository name, string, required.
|
|
* `root` - root path for application, string, required.
|
|
|
|
## `sign:*` groups
|
|
|
|
Settings for signing packages or repository. Group name can refer to architecture, e.g. `sign:x86_64` can be used for x86_64 architecture specific settings.
|
|
|
|
* `target` - configuration flag to enable signing, space separated list of strings, required. Allowed values are `package` (sign each package separately), `repository` (sign repository database file).
|
|
* `key` - default PGP key, string, required. This key will also be used for database signing if enabled.
|
|
* `key_*` settings - PGP key which will be used for specific packages, string, optional. For example, if there is `key_yay` option the specified key will be used for yay package and default key for others.
|
|
|
|
## `report` group
|
|
|
|
Report generation settings.
|
|
|
|
* `target` - list of reports to be generated, space separated list of strings, required. It must point to valid section (or to section with architecture), e.g. `somerandomname` must point to existing section, `email` must point to one of `email` of `email:x86_64` (the one with architecture has higher priority).
|
|
|
|
Type will be read from several ways:
|
|
|
|
* In case if `type` option set inside the section, it will be used.
|
|
* Otherwise, it will look for type from section name removing architecture name.
|
|
* And finally, it will use section name as type.
|
|
|
|
### `console` type
|
|
|
|
Section name must be either `console` (plus optional architecture name, e.g. `console:x86_64`) or random name with `type` set.
|
|
|
|
* `use_utf` - use utf8 symbols in output if set and ascii otherwise, boolean, optional, default `yes`.
|
|
|
|
### `email` type
|
|
|
|
Section name must be either `email` (plus optional architecture name, e.g. `email:x86_64`) or random name with `type` set.
|
|
|
|
* `type` - type of the report, string, optional, must be set to `email` if exists.
|
|
* `full_template_path` - path to Jinja2 template for full package description index, string, optional.
|
|
* `homepage` - link to homepage, string, optional.
|
|
* `host` - SMTP host for sending emails, string, required.
|
|
* `link_path` - prefix for HTML links, string, required.
|
|
* `no_empty_report` - skip report generation for empty packages list, boolean, optional, default `yes`.
|
|
* `password` - SMTP password to authenticate, string, optional.
|
|
* `port` - SMTP port for sending emails, int, required.
|
|
* `receivers` - SMTP receiver addresses, space separated list of strings, required.
|
|
* `sender` - SMTP sender address, string, required.
|
|
* `ssl` - SSL mode for SMTP connection, one of `ssl`, `starttls`, `disabled`, optional, default `disabled`.
|
|
* `template_path` - path to Jinja2 template, string, required.
|
|
* `user` - SMTP user to authenticate, string, optional.
|
|
|
|
### `html` type
|
|
|
|
Section name must be either `html` (plus optional architecture name, e.g. `html:x86_64`) or random name with `type` set.
|
|
|
|
* `type` - type of the report, string, optional, must be set to `html` if exists.
|
|
* `path` - path to html report file, string, required.
|
|
* `homepage` - link to homepage, string, optional.
|
|
* `link_path` - prefix for HTML links, string, required.
|
|
* `template_path` - path to Jinja2 template, string, required.
|
|
|
|
### `telegram` type
|
|
|
|
Section name must be either `telegram` (plus optional architecture name, e.g. `telegram:x86_64`) or random name with `type` set.
|
|
|
|
* `type` - type of the report, string, optional, must be set to `telegram` if exists.
|
|
* `api_key` - telegram bot API key, string, required. Please refer FAQ about how to create chat and bot
|
|
* `chat_id` - telegram chat id, either string with `@` or integer value, required.
|
|
* `homepage` - link to homepage, string, optional.
|
|
* `link_path` - prefix for HTML links, string, required.
|
|
* `template_path` - path to Jinja2 template, string, required.
|
|
* `template_type` - `parse_mode` to be passed to telegram API, one of `MarkdownV2`, `HTML`, `Markdown`, string, optional, default `HTML`.
|
|
|
|
## `upload` group
|
|
|
|
Remote synchronization settings.
|
|
|
|
* `target` - list of synchronizations to be used, space separated list of strings, required. It must point to valid section (or to section with architecture), e.g. `somerandomname` must point to existing section, `github` must point to one of `github` of `github:x86_64` (with architecture it has higher priority).
|
|
|
|
Type will be read from several ways:
|
|
|
|
* In case if `type` option set inside the section, it will be used.
|
|
* Otherwise, it will look for type from section name removing architecture name.
|
|
* And finally, it will use section name as type.
|
|
|
|
### `github` type
|
|
|
|
This feature requires Github key creation (see below). Section name must be either `github` (plus optional architecture name, e.g. `github:x86_64`) or random name with `type` set.
|
|
|
|
* `type` - type of the upload, string, optional, must be set to `github` if exists.
|
|
* `owner` - Github repository owner, string, required.
|
|
* `password` - created Github API key. In order to create it do the following:
|
|
1. Go to [settings page](https://github.com/settings/profile).
|
|
2. Switch to [developers settings](https://github.com/settings/apps).
|
|
3. Switch to [personal access tokens](https://github.com/settings/tokens).
|
|
4. Generate new token. Required scope is `public_repo` (or `repo` for private repository support).
|
|
* `repository` - Github repository name, string, required. Repository must be created before any action and must have active branch (e.g. with readme).
|
|
* `username` - Github authorization user, string, required. Basically the same as `owner`.
|
|
|
|
### `rsync` type
|
|
|
|
Requires `rsync` package to be installed. Do not forget to configure ssh for user `ahriman`. Section name must be either `rsync` (plus optional architecture name, e.g. `rsync:x86_64`) or random name with `type` set.
|
|
|
|
* `type` - type of the upload, string, optional, must be set to `rsync` if exists.
|
|
* `command` - rsync command to run, space separated list of string, required.
|
|
* `remote` - remote server to rsync (e.g. `1.2.3.4:path/to/sync`), string, required.
|
|
|
|
### `s3` type
|
|
|
|
Requires `boto3` library to be installed. Section name must be either `s3` (plus optional architecture name, e.g. `s3:x86_64`) or random name with `type` set.
|
|
|
|
* `type` - type of the upload, string, optional, must be set to `github` if exists.
|
|
* `access_key` - AWS access key ID, string, required.
|
|
* `bucket` - bucket name (e.g. `bucket`), string, required.
|
|
* `chunk_size` - chunk size for calculating entity tags, int, optional, default 8 * 1024 * 1024.
|
|
* `region` - bucket region (e.g. `eu-central-1`), string, required.
|
|
* `secret_key` - AWS secret access key, string, required.
|
|
|
|
## `web:*` groups
|
|
|
|
Web server settings. If any of `host`/`port` is not set, web integration will be disabled. Group name can refer to architecture, e.g. `web:x86_64` can be used for x86_64 architecture specific settings. This feature requires `aiohttp` libraries to be installed.
|
|
|
|
* `address` - optional address in form `proto://host:port` (`port` can be omitted in case of default `proto` ports), will be used instead of `http://{host}:{port}` in case if set, string, optional. This option is required in case if `OAuth` provider is used.
|
|
* `debug` - enable debug toolbar, boolean, optional, default `no`.
|
|
* `debug_check_host` - check hosts to access debug toolbar, boolean, optional, default `no`.
|
|
* `debug_allowed_hosts` - allowed hosts to get access to debug toolbar, space separated list of string, optional.
|
|
* `host` - host to bind, string, optional.
|
|
* `index_url` - full url of the repository index page, string, optional.
|
|
* `password` - password to authorize in web service in order to update service status, string, required in case if authorization enabled.
|
|
* `port` - port to bind, int, optional.
|
|
* `static_path` - path to directory with static files, string, required.
|
|
* `templates` - path to templates directory, string, required.
|
|
* `username` - username to authorize in web service in order to update service status, string, required in case if authorization enabled.
|