diff --git a/debian/aptly.conf b/debian/aptly.conf index 4d627fc4..321adc4e 100644 --- a/debian/aptly.conf +++ b/debian/aptly.conf @@ -1,35 +1,59 @@ // vim: : filetype=json +// json configuration file with comments +// validate with: sed '/\/\//d' debian/aptly.conf | json_pp { // General /////////// // Aptly storage directory - // - downloaded packages (`rootDir`/pool) - // - database (`rootDir`/db) - // - published repositories (`rootDir`/public) + // Directory for storing: + // - downloaded packages (`rootDir`/pool) + // - database (`rootDir`/db) + // - published repositories (`rootDir`/public) "rootDir": "~/.aptly", - // number of attempts to open DB if it's locked by other instance; can be overridden with option `-db-open-attempts` + // Number of attempts to open database if it's locked by other instance + // * -1 (no retry) "databaseOpenAttempts": -1, - // - "AsyncAPI": false, - - // - "enableMetricsEndpoint": false, - - // Enable API documentation on /docs - "enableSwaggerEndpoint": false, - - // + // Log Level + // * debug + // * info + // * warning + // * error "logLevel": "info", - // + // Log Format + // * default (text) + // * json "logFormat": "default", - // - "serveInAPIMode": false, + // Default Architectures + // * empty defaults to all available architectures + "architectures": [], + + // Follow contents of `Suggests:` field when processing dependencies for the package + "dependencyFollowSuggests": false, + + // Follow contents of `Recommends:` field when processing dependencies for the package + "dependencyFollowRecommends": false, + + // When dependency looks like `package-a | package-b`, follow both variants always + "dependencyFollowAllVariants": false, + + // Follow dependency from binary package to source package + "dependencyFollowSource": false, + + // Log additional details while resolving dependencies (useful for debugging) + "dependencyVerboseResolve": false, + + // Specifies paramaters for short PPA url expansion + // * empty defaults to output of `lsb_release` command + "ppaDistributorID": "ubuntu", + + // Codename for short PPA url expansion + "ppaCodename": "", // OBSOLETE // in aptly up to version 1.0.0, package files were stored in internal package pool @@ -39,12 +63,29 @@ // upgrading from older versions "skipLegacyPool": true, + +// Aptly Server +//////////////// + + // Serve published repos as well as API + "serveInAPIMode": false, + + // Enable metrics for Prometheus client + "enableMetricsEndpoint": false, + + // Enable API documentation on /docs + "enableSwaggerEndpoint": false, + + // OBSOLETE: use via url param ?_async=true + "AsyncAPI": false, + + // Database //////////// - // + // Database backend "databaseBackend": { - // + // "type": "", // "url": "", @@ -53,196 +94,273 @@ // }, + // Mirroring ///////////// - // downloader to use - // - "default" (normal downloader) - // - "grab" (more robust) + // Downloader + // * "default" + // * "grab" (more robust) "downloader": "default", - // number of parallel download threads to use when downloading packages + // Number of parallel download threads to use when downloading packages "downloadConcurrency": 4, - // limit in kbytes/sec on download speed while mirroring remote repositories + // Limit in kbytes/sec on download speed while mirroring remote repositories "downloadSpeedLimit": 0, - // number of retries for download attempts + // Number of retries for download attempts "downloadRetries": 0, - // download source packages per default + // Download source packages per default "downloadSourcePackages": false, - // list of architectures to process; if left empty defaults to all available architectures; can be overridden with option `-architectures` - "architectures": [], - - // follow contents of `Suggests:` field when processing dependencies for the package - "dependencyFollowSuggests": false, - - // follow contents of `Recommends:` field when processing dependencies for the package - "dependencyFollowRecommends": false, - - // when dependency looks like `package-a | package-b`, follow both variants always - "dependencyFollowAllVariants": false, - - // follow dependency from binary package to source package - "dependencyFollowSource": false, - - // print additional details while resolving dependencies (useful for debugging) - "dependencyVerboseResolve": false, - // Signing /////////// - // gpg provider to use: - // - "internal" (Go internal implementation) - // - 'gpg" (external `gpg` utility, uses GnuPG 1.x if available or GnuPG 2.x otherwise) + // GPG Provider + // * "internal" (Go internal implementation) + // * "gpg" (External `gpg` utility) "gpgProvider": "gpg", - // don't sign published repositories with gpg(1), also can be disabled on per-repo basis using `-skip-signing` flag when publishing + // Disable signing of published repositories "gpgDisableSign": false, - // don't verify remote mirrors with gpg(1), also can be disabled on per-mirror basis using `-ignore-signatures` flag when creating and updating mirrors + // Disable signature verification of remote repositories "gpgDisableVerify": false, -// PPA -/////// +// Publishing +////////////// - // specifies paramaters for short PPA url expansion, if left blank they default to output of `lsb_release` command - "ppaDistributorID": "ubuntu", - - // cwcodename for short PPA url expansion - "ppaCodename": "", - - // + // Do not publish Contents files "skipContentsPublishing": false, - // + // Do not create bz2 files "skipBz2Publishing": false, -// Storage Endpoints -///////////////////// + +// Storage +/////////// // Filesystem publishing endpoints // // aptly defaults to publish to a single publish directory under `rootDir`/public. For // a more advanced publishing strategy, you can define one or more filesystem endpoints in the // `FileSystemPublishEndpoints` list of the aptly configuration file. Each endpoint has a name - // and the following associated settings: - // - // * `rootDir`: - // The publish directory, e.g., `/opt/srv/aptly_public`. - // * `linkMethod`: - // This is one of `hardlink`, `symlink` or `copy`. It specifies how aptly links the - // files from the internal pool to the published directory. - // If not specified, empty or wrong, this defaults to `hardlink`. - // * `verifyMethod`: - // This is used only when setting the `linkMethod` to `copy`. Possible values are - // `md5` and `size`. It specifies how aptly compares existing links from the - // internal pool to the published directory. The `size` method compares only the - // file sizes, whereas the `md5` method calculates the md5 checksum of the found - // file and compares it to the desired one. - // If not specified, empty or wrong, this defaults to `md5`. + // and the following associated settings. // // In order to publish to such an endpoint, specify the endpoint as `filesystem:endpoint-name` // with `endpoint-name` as the name given in the aptly configuration file. For example: // // `aptly publish snapshot wheezy-main filesystem:test1:wheezy/daily` + // "FileSystemPublishEndpoints": { + // // Endpoint Name + // "test1": { + // // Directory for publishing + // "rootDir": "/opt/srv/aptly_public", + // + // // File Link Method for linking files from the internal pool to the published directory + // // * hardlink + // // * symlink + // // * copy + // "linkMethod": "hardlink", + // + // // File Copare Method for comparing existing links from the internal pool to the published directory + // // Only used when "linkMethod" is set to "copy" + // // * md5 (default: compare md5 sum) + // // * size (only compare file size) + // "verifyMethod": "md5" + // } }, // S3 Endpoint Support // // cloud storage). First, publishing // endpoints should be described in aptly configuration file. Each endpoint has name - // and associated settings: - // - // * `region`: - // Amazon region for S3 bucket (e.g. `us-east-1`) - // * `bucket`: - // bucket name - // * `endpoint`: - // (optional) when using S3-compatible cloud storage, specify hostname of service endpoint here, - // region is ignored if endpoint is set (set region to some human-readable name) - // (should be left blank for real Amazon S3) - // * `prefix`: - // (optional) do publishing under specified prefix in the bucket, defaults to - // no prefix (bucket root) - // * `acl`: - // (optional) assign ACL to published files (one of the canned ACLs in Amazon - // terminology). Useful values: `private` (default), `public-read` (public - // repository) or `none` (don't set ACL). Public repositories could be consumed by `apt` using - // HTTP endpoint (Amazon bucket should be configured for "website hosting"), - // for private repositories special apt S3 transport is required. - // * `awsAccessKeyID`, `awsSecretAccessKey`: - // (optional) Amazon credentials to access S3 bucket. If not supplied, - // environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` - // are used. - // * `storageClass`: - // (optional) Amazon S3 storage class, defaults to `STANDARD`. Other values - // available: `REDUCED_REDUNDANCY` (lower price, lower redundancy) - // * `encryptionMethod`: - // (optional) server-side encryption method, defaults to none. Currently - // the only available encryption method is `AES256` - // * `plusWorkaround`: - // (optional) workaround misbehavior in apt and Amazon S3 - // for files with `+` in filename by - // creating two copies of package files with `+` in filename: one original - // and another one with spaces instead of plus signs - // With `plusWorkaround` enabled, package files with plus sign - // would be stored twice. aptly might not cleanup files with spaces when published - // repository is dropped or updated (switched) to new version of repository (snapshot) - // * `disableMultiDel`: - // (optional) for S3-compatible cloud storages which do not support `MultiDel` S3 API, - // enable this setting (file deletion would be slower with this setting enabled) - // * `forceSigV2`: - // (optional) disable Signature V4 support, useful with non-AWS S3-compatible object stores - // which do not support SigV4, shouldn't be enabled for AWS - // * `forceVirtualHostedStyle`: - // (optional) disable path style visit, useful with non-AWS S3-compatible object stores - // which only support virtual hosted style - // * `debug`: - // (optional) enables detailed request/response dump for each S3 operation + // and associated settings. // // In order to publish to S3, specify endpoint as `s3:endpoint-name:` before // publishing prefix on the command line, e.g.: // // `aptly publish snapshot wheezy-main s3:test:` + // "S3PublishEndpoints": { + // // Endpoint Name + // "test": { + // + // // Amazon region for S3 bucket + // "region": "us-east-1", + // + // // Bucket name + // "bucket": "test-bucket", + // + // // Endpoint (optional) + // // When using S3-compatible cloud storage, specify hostname of service endpoint here, + // // region is ignored if endpoint is set (set region to some human-readable name) + // // (should be left blank for real Amazon S3) + // "endpoint": "", + // + // // Prefix (optional) + // // publishing under specified prefix in the bucket, defaults to + // // no prefix (bucket root) + // "prefix": "", + // + // // Default ACLs (optional) + // // assign ACL to published files (one of the canned ACLs in Amazon + // // terminology). Useful values: `private` (default), `public-read` (public + // // repository) or `none` (don't set ACL). Public repositories could be consumed by `apt` using + // // HTTP endpoint (Amazon bucket should be configured for "website hosting"), + // // for private repositories special apt S3 transport is required. + // "acl": "private", + // + // // Credentials (optional) + // // Amazon credentials to access S3 bucket. If not supplied, + // // environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` + // // are used. + // "awsAccessKeyID": "", + // "awsSecretAccessKey": "", + // + // // Storage Class (optional) + // // Amazon S3 storage class, defaults to `STANDARD`. Other values + // // available: `REDUCED_REDUNDANCY` (lower price, lower redundancy) + // "storageClass": "STANDARD", + // + // // Encryption Method (optional) + // // Server-side encryption method, defaults to none. Currently + // // the only available encryption method is `AES256` + // "encryptionMethod": "none", + // + // // Plus Workaround (optional) + // // Workaround misbehavior in apt and Amazon S3 for files with `+` in filename by + // // creating two copies of package files with `+` in filename: one original + // // and another one with spaces instead of plus signs + // // With `plusWorkaround` enabled, package files with plus sign + // // would be stored twice. aptly might not cleanup files with spaces when published + // // repository is dropped or updated (switched) to new version of repository (snapshot) + // "plusWorkaround": false, + // + // // Disable MultiDel (optional) + // // For S3-compatible cloud storages which do not support `MultiDel` S3 API, + // // enable this setting (file deletion would be slower with this setting enabled) + // "disableMultiDel": false, + // + // // ForceSig2 (optional) + // // Disable Signature V4 support, useful with non-AWS S3-compatible object stores + // // which do not support SigV4, shouldn't be enabled for AWS + // "forceSigV2": false, + // + // // ForceVirtualHostedStyle (optional) + // // Disable path style visit, useful with non-AWS S3-compatible object stores + // // which only support virtual hosted style + // "forceVirtualHostedStyle": false, + // + // // Debug (optional) + // // Enables detailed request/response dump for each S3 operation + // "debug": false + // } }, // Swift Endpoint Support // // aptly could be configured to publish repository directly to OpenStack Swift. First, // publishing endpoints should be described in aptly configuration file. Each endpoint - // has name and associated settings: - // - // * `container`: - // container name - // * `prefix`: - // (optional) do publishing under specified prefix in the container, defaults to - // no prefix (container root) - // * `osname`, `password`: - // (optional) OpenStack credentials to access Keystone. If not supplied, - // environment variables `OS_USERNAME` and `OS_PASSWORD` are used. - // * `tenant`, `tenantid`: - // (optional) OpenStack tenant name and id (in order to use v2 authentication). - // * `authurl`: - // (optional) the full url of Keystone server (including port, and version). - // example `http://identity.example.com:5000/v2.0` + // has name and associated settings. // // In order to publish to Swift, specify endpoint as `swift:endpoint-name:` before // publishing prefix on the command line, e.g.: // // `aptly publish snapshot jessie-main swift:test:` + // "SwiftPublishEndpoints": { + // // Endpoint Name + // "test": { + // + // // Container Name + // "container": "container1", + // + // // Prefix (optional) + // // Publish under specified prefix in the container, defaults to no prefix (container root) + // "prefix": "", + + // // Credentials (optional) + // // OpenStack credentials to access Keystone. If not supplied, environment variables `OS_USERNAME` and `OS_PASSWORD` are used + // "osname": "", + // "password": "", + + // // Tenant (optional) + // // OpenStack tenant name and id (in order to use v2 authentication) + // "tenant": "", + // "tenantid": "", + + // // Auth URL (optional) + // // Full url of Keystone server (including port, and version). + // // Example `http://identity.example.com:5000/v2.0` + // "authurl": "" + // } }, // Azure Endpoint Support // + // aptly can be configured to publish repositories directly to Microsoft Azure Blob + // Storage. First, publishing endpoints should be described in the aptly + // configuration file. Each endpoint has its name and associated settings. "AzurePublishEndpoints": { + // // Endpoint Name + // "test": { + // + // // Container Name + // "container": "container1", + // + // // Prefix (optional) + // // Publishing under specified prefix in the container, defaults to no prefix (container root) + // "prefix": "", + // + // // Credentials + // // Azure storage account access key to access blob storage + // "accountName": "", + // "accountKey": "", + // + // // Endpoint URL + // // See: Azure documentation https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string + // // defaults to "https://$accountName.blob.core.windows.net" + // "endpoint": "" + // } + }, + + // Package Pool + // Location for storing downloaded packages + // Type must be one of: + // * local + // * azure + "packagePoolStorage": { + // Local Pool Path + "type": "local", + "path": "$ROOTDIR/pool" + + // // Azure Azure Blob Storage Pool + // "type": "azure", + // "azure": { + // // Container Name + // "container": "pool1", + // + // // Prefix (optional) + // // Publishing under specified prefix in the container, defaults to no prefix (container root) + // "prefix": "", + // + // // Credentials + // // Azure storage account access key to access blob storage + // "accountName": "", + // "accountKey": "", + // + // // Endpoint URL + // // See: Azure documentation https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string + // // defaults to "https://$accountName.blob.core.windows.net" + // "endpoint": "" + // } } +// End of config }