]> git.decadent.org.uk Git - dak.git/blob - config/debian-security/dak.conf
Update ldap cert
[dak.git] / config / debian-security / dak.conf
1 Dinstall
2 {
3    // was non-us.d.o path before
4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
6    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
7    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
8    MyAdminAddress "ftpmaster@debian.org";
9    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
10    MyDistribution "Debian"; // Used in emails
11    BugServer "bugs.debian.org";
12    PackagesServer "packages.debian.org";
13    Bcc "archive@ftp-master.debian.org";
14    // GroupOverrideFilename "override.group-maint";
15    SkipTime 300;
16    CloseBugs "false";
17    OverrideDisparityCheck "false";
18    BXANotify "false";
19    DefaultSuite "stable";
20    SuiteSuffix "updates/";
21    OverrideMaintainer "dak@security.debian.org";
22    LegacyStableHasNoSections "false";
23    AllowSourceOnlyUploads "true";
24 };
25
26 Process-New
27 {
28   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
29   LockDir "/srv/security-master.debian.org/lock/new/";
30 };
31
32 Process-Policy
33 {
34   CopyDir "/srv/security-master.debian.org/queue/accepted";
35 };
36
37 Import-Users-From-Passwd
38 {
39   ValidGID "800";
40   // Comma separated list of users who are in Postgres but not the passwd file
41   KnownPostgres "postgres,dak,www-data,udmsearch,repuser,debian-backup";
42 };
43
44 Queue-Report
45 {
46   Directories
47   {
48     byhand;
49     new;
50     unembargoed;
51     embargoed;
52   };
53 };
54
55 Import-LDAP-Fingerprints
56 {
57   LDAPDn "ou=users,dc=debian,dc=org";
58   LDAPServer "db.debian.org";
59   CACertFile "/etc/ssl/servicecerts/db.debian.org.crt";
60   ExtraKeyrings
61   {
62     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
63     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
64     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
65   };
66   KeyServer "wwwkeys.eu.pgp.net";
67 };
68
69 Check-Overrides
70 {
71   OverrideSuites
72   {
73     Stable
74     {
75       Process "0";
76     };
77
78     Testing
79     {
80       Process "0";
81     };
82
83   };
84 };
85
86 Clean-Queues
87 {
88   Options
89   {
90     Days 14;
91   };
92  MorgueSubDir "queue";
93 };
94
95 Rm
96 {
97   Options
98   {
99     Suite "unstable";
100   };
101
102   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
103   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
104 };
105
106 Clean-Suites
107 {
108   MorgueSubDir "pool";
109 };
110
111 Security-Install
112 {
113   ComponentMappings
114   {
115     main "ftp-master.debian.org:/pub/UploadQueue";
116     contrib "ftp-master.debian.org:/pub/UploadQueue";
117     non-free "ftp-master.debian.org:/pub/UploadQueue";
118     non-US/main "non-us.debian.org:/pub/UploadQueue";
119     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
120     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
121   };
122 };
123
124 SuiteMappings
125 {
126  "silent-map stable-security stable";
127  "silent-map oldstable-security oldstable";
128   "silent-map etch-secure oldstable";
129   "silent-map testing-security testing";
130   "silent-map squeeze-security oldstable";
131   "silent-map wheezy-security stable";
132   "silent-map jessie-security testing";
133 };
134
135 Dir
136 {
137   Base "/srv/security-master.debian.org/";
138   Root "/srv/security-master.debian.org/ftp/";
139   Pool "/srv/security-master.debian.org/ftp/pool/";
140   Export "/srv/security-master.debian.org/export/";
141   Dak "/srv/security-master.debian.org/dak/";
142   Templates "/srv/security-master.debian.org/dak/templates/";
143   Override "/srv/security-master.debian.org/override/";
144   Lock "/srv/security-master.debian.org/lock/";
145   Cache "/srv/security-master.debian.org/database/";
146   Lists "/srv/security-master.debian.org/dak-database/dists/";
147   Log "/srv/security-master.debian.org/dak-log/";
148   Morgue "/srv/security-master.debian.org/morgue/";
149   Override "/srv/security-master.debian.org/scripts/override/";
150   Upload "/srv/queued/ftpmaster/";
151   TempPath "/srv/security-master.debian.org/tmp";
152   Holding "/srv/security-master.debian.org/queue/holding/";
153   Done "/srv/security-master.debian.org/queue/done/";
154   Reject "/srv/security-master.debian.org/queue/reject/";
155
156   Queue
157   {
158     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
159     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
160     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
161   };
162 };
163
164 DB
165 {
166   Service "obscurity";
167   // PoolSize should be at least ThreadCount + 1
168   PoolSize 5;
169   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
170   MaxOverflow 13;
171   // should be false for encoding == SQL_ASCII
172   Unicode "false"
173 };
174
175 ComponentMappings
176 {
177  "main updates/main";
178  "contrib updates/contrib";
179  "non-free updates/non-free";
180  "non-US/main updates/main";
181  "non-US/contrib updates/contrib";
182  "non-US/non-free updates/non-free";
183 };
184
185 Urgency
186 {
187   Default "low";
188   Valid
189   {
190     low;
191     medium;
192     high;
193     emergency;
194     critical;
195   };
196 };