config-security-upload 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146
  1. #
  2. # example configuration file for debianqueued
  3. #
  4. # set to != 0 for debugging output (to log file)
  5. $debug = 0;
  6. # general options to ssh/scp
  7. $ssh_options = "-o'BatchMode yes' -o'FallBackToRsh no' ".
  8. "-o'ForwardAgent no' -o'ForwardX11 no' ".
  9. "-o'PasswordAuthentication no' -o'StrictHostKeyChecking yes'";
  10. # ssh key file to use for connects to master (empty: default ~/.ssh/identity)
  11. $ssh_key_file = "";
  12. # the incoming dir we live in
  13. $incoming = "/srv/security.upload.debian.org/SecurityUploadQueue/";
  14. # the delayed incoming directories
  15. $incoming_delayed = "/srv/security.upload.debian.org/UploadQueue/DELAYED/%d-day";
  16. # maximum delay directory, -1 for no delayed directory,
  17. # incoming_delayed and target_delayed need to exist.
  18. $max_delayed = -1;
  19. # files not to delete in $incoming (regexp)
  20. $keep_files = '(status|\.message|README)$';
  21. # file patterns that aren't deleted right away
  22. $valid_files = '(\.changes|\.tar\.(?:gz|bz2|xz)|\.dsc|\.u?deb|diff\.gz|\.sh|\.asc|\.buildinfo)(\.[A-Za-z0-9]{6})?$';
  23. # Change files to mode 644 locally (after md5 check) or only on master?
  24. $chmod_on_target = 0;
  25. # Do an md5sum check after upload?
  26. $check_md5sum = 0;
  27. # name of the status file or named pipe in the incoming dir
  28. $statusfile = "$incoming/status";
  29. # if 0, status file implemented as FIFO; if > 0, status file is plain
  30. # file and updated with a delay of this many seconds
  31. $statusdelay = 30;
  32. # names of the keyring files
  33. @keyrings = ( "/srv/ftp-master.debian.org/dak/config/debian-common/keyrings/automatic-source-uploads.kbx",
  34. "/srv/keyring.debian.org/keyrings/debian-keyring.gpg",
  35. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-all-keyring.gpg",
  36. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-amd64-keyring.gpg",
  37. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-arm64-keyring.gpg",
  38. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-armhf-keyring.gpg",
  39. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-armel-keyring.gpg",
  40. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-hurd-i386-keyring.gpg",
  41. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-i386-keyring.gpg",
  42. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-ia64-keyring.gpg",
  43. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-kfreebsd-amd64-keyring.gpg",
  44. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-kfreebsd-i386-keyring.gpg",
  45. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-mips64el-keyring.gpg",
  46. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-mipsel-keyring.gpg",
  47. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-mips-keyring.gpg",
  48. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-powerpc-keyring.gpg",
  49. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-ppc64el-keyring.gpg",
  50. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-s390-keyring.gpg",
  51. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-s390x-keyring.gpg",
  52. "/srv/keyring.debian.org/keyrings/buildd-keyrings/buildd-sparc-keyring.gpg");
  53. # our log file
  54. $logfile = "$queued_dir/run/log";
  55. # our pid file
  56. $pidfile = "$queued_dir/run/pid";
  57. # upload method (ssh, copy, ftp)
  58. $upload_method = "copy";
  59. # default umask:
  60. # copied files should *not* be world-readable for security uploads
  61. $umask = 0027;
  62. # name of target host (ignored on copy method)
  63. $target = "localhost";
  64. # login name on target host (for ssh, always 'ftp' for ftp, ignored for copy)
  65. $targetlogin = "queue";
  66. # incoming on target host
  67. $targetdir = "/srv/security.upload.debian.org/for-security-master/";
  68. # incoming/delayed on target host
  69. $targetdir_delayed = "/srv/security.upload.debian.org/DEFERRED/%d-day";
  70. # select FTP debugging
  71. #$ftpdebug = 0;
  72. # FTP timeout
  73. $ftptimeout = 900;
  74. # max. number of tries to upload
  75. $max_upload_retries = 8;
  76. # delay after first failed upload
  77. $upload_delay_1 = 30*60; # 30 min.
  78. # delay between successive failed uploads
  79. $upload_delay_2 = 4*60*60; # 4 hours
  80. # packages that must go to nonus.debian.org and thus are rejected here
  81. #@nonus_packages = qw(gpg-rsaidea);
  82. # timings:
  83. # --------
  84. # time between two queue checks
  85. $queue_delay = 5*60; # 5 min.
  86. # when are stray files deleted?
  87. $stray_remove_timeout = 24*60*60; # 1 day
  88. # delay before reporting problems with a .changes file (not
  89. # immediately for to-be-continued uploads)
  90. $problem_report_timeout = 30*60; # 30 min.
  91. # delay before reporting that a .changes file is missing (not
  92. # immediately for to-be-continued uploads)
  93. $no_changes_timeout = 30*60; # 30 min.
  94. # when are .changes with persistent problems removed?
  95. $bad_changes_timeout = 2*24*60*60; # 2 days
  96. # how long may a remote operation (ssh/scp) take?
  97. $remote_timeout = 3*60*60; # 3 hours
  98. # mail address of maintainer
  99. $maintainer_mail = "ftpmaster\@debian.org";
  100. # to override the TO address of ALL outgoing mail, set this value.
  101. $overridemail = 'dak@security.debian.org';
  102. # logfile rotating:
  103. # -----------------
  104. # how often to rotate (in days)
  105. $log_age = 7;
  106. # how much old logs to keep
  107. $log_keep = 4;
  108. # send summary mail when rotating logs?
  109. $mail_summary = 1;
  110. # write summary to file when rotating logs? (no if name empty)
  111. $summary_file = "$queued_dir/summary";
  112. # don't remove this, Perl needs it!
  113. 1;