~sircmpwn/builds.sr.ht

builds.sr.ht/config.example.ini -rw-r--r-- 4.4 KiB
c2e5cf82Simon Ser contrib/crontab: add freebsd/13.x job 4 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
[sr.ht]
#
# The name of your network of sr.ht-based sites
site-name=sourcehut
#
# The top-level info page for your site
site-info=https://sourcehut.org
#
# {{ site-name }}, {{ site-blurb }}
site-blurb=the hacker's forge
#
# If this != production, we add a banner to each page
environment=development
#
# Contact information for the site owners
owner-name=Drew DeVault
owner-email=sir@cmpwn.com
#
# The source code for your fork of sr.ht
source-url=https://git.sr.ht/~sircmpwn/srht
#
# A key used for encrypting session cookies. Use `srht-keygen service` to
# generate the service key. This must be shared between each node of the same
# service (e.g. git1.sr.ht and git2.sr.ht), but different services may use
# different keys. If you configure all of your services with the same
# config.ini, you may use the same service-key for all of them.
service-key=
#
# A secret key to encrypt internal messages with. Use `srht-keygen network` to
# generate this key. It must be consistent between all services and nodes.
network-key=
#
# The redis host URL. This is used for caching and temporary storage, and must
# be shared between nodes (e.g. git1.sr.ht and git2.sr.ht), but need not be
# shared between services. It may be shared between services, however, with no
# ill effect, if this better suits your infrastructure.
redis-host=

[mail]
#
# Outgoing SMTP settings
smtp-host=
smtp-port=
smtp-user=
smtp-password=
smtp-from=
#
# Application exceptions are emailed to this address
error-to=
error-from=
#
# You should generate a PGP key to allow users to authenticate emails received
# from your services. Use `gpg --edit-key [key id]` to remove the password from
# your private key, then export it to a file and set pgp-privkey to the path to
# that file. pgp-pubkey should be set to the path to your public key, and
# pgp-key-id should be set to the key ID string. Outgoing emails are signed with
# this PGP key.
pgp-privkey=
pgp-pubkey=
pgp-key-id=

[webhooks]
#
# base64-encoded Ed25519 key for signing webhook payloads. This should be
# consistent between all services.
#
# Use the `srht-keygen webhook` command to generate this key. Put the private
# key here and distribute the public key to anyone who would want to verify
# webhook payloads from your service.
private-key=

[builds.sr.ht]
# 
# URL builds.sr.ht is being served at (protocol://domain)
origin=http://builds.sr.ht.local
#
# Address and port to bind the debug server to
debug-host=0.0.0.0
debug-port=5002
#
# Configures the SQLAlchemy connection string for the database.
connection-string=postgresql://postgres@localhost/builds.sr.ht
#
# Set to "yes" to automatically run migrations on package upgrade.
migrate-on-upgrade=yes
#
# The redis connection used for the Celery worker (configure this on both the
# master and workers)
redis=redis://localhost:6379/0
#
# builds.sr.ht's OAuth client ID and secret for meta.sr.ht
# Register your client at meta.example.org/oauth
oauth-client-id=
oauth-client-secret=
#
# Script used to launch on ssh connnection. /usr/bin/master-shell on master,
# /usr/bin/runner-shell for workers.
# If master and worker are on the same system set to /usr/bin/runner-shell
shell=/usr/bin/master-shell

#
# These config options are only necessary for systems running a build runner
[builds.sr.ht::worker]
#
# Name of this build runner (with HTTP port if not 80)
name=runner.sr.ht.local
#
# Path to write build logs
buildlogs=./logs
#
# Path to the build images
images=./images
#
# In production you should NOT put the build user in the docker group. Instead,
# make a scratch user who is and write a sudoers or doas.conf file that allows
# them to execute just the control command, then update this config option. For
# example:
#
#   doas -u docker /var/lib/images/control
#
# Assuming doas.conf looks something like this:
#
#   permit nopass builds as docker cmd /var/lib/images/control
#
# For more information about the security model of builds.sr.ht, visit the wiki:
#
#   https://man.sr.ht/builds.sr.ht/installation.md
controlcmd=./images/control
#
# Max build duration. See https://golang.org/pkg/time/#ParseDuration
timeout=45m
#
# Http bind address for serving local build information/monitoring
bind-address=0.0.0.0:8080
#
# Build trigger email
trigger-from=
#
# Configure the S3 bucket and prefix for object storage. Leave empty to disable
# object storage. Bucket is required to enable object storage; prefix is
# optional.
s3-bucket=
s3-prefix=

[meta.sr.ht]
origin=http://meta.sr.ht.local