config/debian-security/dak.conf

   1 Dinstall
   2 {
   3    // was non-us.d.o path before
   4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
   5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
   6    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
   7    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
   8    MyAdminAddress "ftpmaster@debian.org";
   9    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
  10    MyDistribution "Debian"; // Used in emails
  11    BugServer "bugs.debian.org";
  12    PackagesServer "packages.debian.org";
  13    Bcc "archive@ftp-master.debian.org";
  14    // GroupOverrideFilename "override.group-maint";
  15    SkipTime 300;
  16    CloseBugs "false";
  17    OverrideDisparityCheck "false";
  18    BXANotify "false";
  19    DefaultSuite "stable";
  20    SuiteSuffix "updates/";
  21    OverrideMaintainer "dak@security.debian.org";
  22    LegacyStableHasNoSections "false";
  23    AllowSourceOnlyUploads "true";
  24 };
  25
  26 Process-New
  27 {
  28   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
  29   LockDir "/srv/security-master.debian.org/lock/new/";
  30 };
  31
  32 Process-Policy
  33 {
  34   CopyDir "/srv/security-master.debian.org/queue/accepted";
  35 };
  36
  37 Import-Users-From-Passwd
  38 {
  39   ValidGID "800";
  40   // Comma separated list of users who are in Postgres but not the passwd file
  41   KnownPostgres "postgres,dak,www-data,udmsearch,repuser,debian-backup";
  42 };
  43
  44 Queue-Report
  45 {
  46   Directories
  47   {
  48     byhand;
  49     new;
  50     unembargoed;
  51     embargoed;
  52   };
  53 };
  54
  55 Import-LDAP-Fingerprints
  56 {
  57   LDAPDn "ou=users,dc=debian,dc=org";
  58   LDAPServer "db.debian.org";
  59   // CACertFile "/etc/ssl/certs/db.debian.org.pem";
  60   ExtraKeyrings
  61   {
  62     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
  63     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
  64     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
  65   };
  66   KeyServer "wwwkeys.eu.pgp.net";
  67 };
  68
  69 Check-Overrides
  70 {
  71   OverrideSuites
  72   {
  73     Stable
  74     {
  75       Process "0";
  76     };
  77
  78     Testing
  79     {
  80       Process "0";
  81     };
  82
  83   };
  84 };
  85
  86 Clean-Queues
  87 {
  88   Options
  89   {
  90     Days 14;
  91   };
  92  MorgueSubDir "queue";
  93 };
  94
  95 Rm
  96 {
  97   Options
  98   {
  99     Suite "unstable";
 100   };
 101
 102   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
 103   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
 104 };
 105
 106 Clean-Suites
 107 {
 108   MorgueSubDir "pool";
 109 };
 110
 111 Security-Install
 112 {
 113   ComponentMappings
 114   {
 115     main "ftp-master.debian.org:/pub/UploadQueue";
 116     contrib "ftp-master.debian.org:/pub/UploadQueue";
 117     non-free "ftp-master.debian.org:/pub/UploadQueue";
 118     non-US/main "non-us.debian.org:/pub/UploadQueue";
 119     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
 120     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
 121   };
 122 };
 123
 124 SuiteMappings
 125 {
 126  "silent-map stable-security stable";
 127  "silent-map stable-kfreebsd-security stable-kfreebsd";
 128  "silent-map oldstable-security oldstable";
 129  "silent-map oldoldstable-security oldoldstable";
 130   "silent-map testing-security testing";
 131   "silent-map squeeze-security oldoldstable";
 132   "silent-map wheezy-security oldstable";
 133   "silent-map jessie-security stable";
 134   "silent-map jessie-kfreebsd-security stable-kfreebsd";
 135   "silent-map stretch-security testing";
 136
 137   "reject oldoldstable";
 138 };
 139
 140 Dir
 141 {
 142   Base "/srv/security-master.debian.org/";
 143   Root "/srv/security-master.debian.org/ftp/";
 144   Pool "/srv/security-master.debian.org/ftp/pool/";
 145   Export "/srv/security-master.debian.org/export/";
 146   Dak "/srv/security-master.debian.org/dak/";
 147   Templates "/srv/security-master.debian.org/dak/templates/";
 148   Override "/srv/security-master.debian.org/override/";
 149   Lock "/srv/security-master.debian.org/lock/";
 150   Cache "/srv/security-master.debian.org/database/";
 151   Lists "/srv/security-master.debian.org/dak-database/dists/";
 152   Log "/srv/security-master.debian.org/dak-log/";
 153   Morgue "/srv/security-master.debian.org/morgue/";
 154   Override "/srv/security-master.debian.org/scripts/override/";
 155   Upload "/srv/queued/ftpmaster/";
 156   TempPath "/srv/security-master.debian.org/tmp";
 157   Holding "/srv/security-master.debian.org/queue/holding/";
 158   Done "/srv/security-master.debian.org/queue/done/";
 159   Reject "/srv/security-master.debian.org/queue/reject/";
 160
 161   Queue
 162   {
 163     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
 164     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
 165     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
 166   };
 167 };
 168
 169 DB
 170 {
 171   Service "obscurity";
 172   // PoolSize should be at least ThreadCount + 1
 173   PoolSize 5;
 174   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
 175   MaxOverflow 13;
 176   // should be false for encoding == SQL_ASCII
 177   Unicode "false"
 178 };
 179
 180 ComponentMappings
 181 {
 182  "main updates/main";
 183  "contrib updates/contrib";
 184  "non-free updates/non-free";
 185  "non-US/main updates/main";
 186  "non-US/contrib updates/contrib";
 187  "non-US/non-free updates/non-free";
 188 };
 189
 190 Urgency
 191 {
 192   Default "low";
 193   Valid
 194   {
 195     low;
 196     medium;
 197     high;
 198     emergency;
 199     critical;
 200   };
 201 };