# Config file for ldap scripts
+# ud-replicate client configuration:
+# host from which to rsync the information (the one running ud-generate)
+synchost = "db";
+# hosts on which to use a local path to get the data (used as a shell glob later)
+localsyncon = "*draghi*";
+
# Basic LDAP configuration
ldaphost = "db.debian.org";
+usessl = True;
basedn = "ou=users,dc=debian,dc=org";
+basebasedn = "dc=debian,dc=org";
+hostbasedn = "ou=hosts,dc=debian,dc=org";
adminuser = "admin";
+#import re
+#ignoreusersforuidnumbergen = ['nobody', re.compile('\$$') ]
+
# Printable email addresses are shown as: 'cn mn sn <uid@emailappend>'
emailappend = "debian.org";
+rtc_realm = "rtc.debian.org";
+rtc_append = "@debian.org";
+
+# Domain for hosts, defaults to emailappend if not present
+#hostdomain = "debian.org"
+
# For the mail interface
maildomain = "db.debian.org";
replyto = "admin@" + maildomain;
pingfrom = "ping@" + maildomain;
chpassfrom = "chpasswd@" + maildomain;
+changefrom = "change@" + maildomain;
templatesdir = "/etc/userdir-ldap/templates/";
-replaycachefile = "/var/cache/userdir-ldap/replay";
+replaycachefile = "/var/cache/userdir-ldap/mail/replay";
#replaycachefile = "/tmp/replay";
+fingerprintfile = "/etc/userdir-ldap/badfingerprints"
+
+# do we have a debian-private like list that we should ask about in ud-useradd
+haveprivatelist = True;
-# User properties
-defaultgid = 800;
+# Echelon
+ech_errorlog = "/srv/db.debian.org/mail/Log/ech-errors.log"
+ech_mainlog = "/srv/db.debian.org/mail/Log/ech.log"
# For the output generator
-generateconf = "/etc/userdir-ldap/generate.conf"
generatedir = "/var/cache/userdir-ldap/hosts/";
-#generatedir = "/tmp/hosts";
passdir = "/etc/userdir-ldap/";
+allowedgroupspreload = "adm";
+homeprefix = "/home/";
# GPG Things
gpg = "/usr/bin/gpg";
-keyrings = "/usr/share/keyrings/debian-keyring.gpg:/usr/share/keyrings/debian-keyring.pgp";
+# The whole set of all keyrings
+keyrings = "/srv/keyring.debian.org/keyrings/debian-keyring.gpg:/srv/db.debian.org/keyring-guest/guest-keyring/debian-guest.gpg:/srv/keyring.debian.org/keyrings/debian-maintainers.gpg"
+# Keyrings synced to other machines, if they need them
+sync_keyrings = "/srv/keyring.debian.org/keyrings/debian-keyring.gpg:/srv/keyring.debian.org/keyrings/debian-maintainers.gpg"
+# Keyrings used to search in when new developers get added
+add_keyrings = "/srv/keyring.debian.org/keyrings/debian-keyring.gpg"
+add_keyrings_guest = "/srv/keyring.debian.org/keyrings/debian-maintainers.gpg:/srv/db.debian.org/keyring-guest/guest-keyring/debian-guest.gpg"
# For the WEB interface
webloginhtml = "login.html";
websearchhtml = "searchform.html";
websearchresulthtml = "searchresults.html";
webupdatehtml = "update.html";
+hosthtml = "hostinfo.html";
+webuilocation = "https://db.debian.org";
webloginurl = "login.cgi";
websearchurl = "search.cgi";
webupdateurl = "update.cgi";
+weblogfile = "/var/log/userldap-web.log";
+
# When should authentication tokens expire?
authexpires = 600;
+# Where should totp tickets be stored while waiting for pickup?
+totpticketdirectory = "/var/cache/userdir-ldap/totp";
+
# How many bytes to use for the blowfish key (max = 56 (448 bits))
blowfishkeylen = 10;
# Change this!
authtokenpath = "/var/cache/userdir-ldap/web-cookies";
countrylist = "/var/www/userdir-ldap/domains.tab";
+
+# Finger daemon settings
+# use_inetd = 1;
+
+# only create sshfp and A records for hostnames matching this:
+dns_hostmatch = "[a-zA-Z0-9\.]+\.debian\.org$"
+
+MX_remap = '{"0 INCOMING-MX": ["10 mailly.debian.org.", "10 merikanto.debian.org.", "10 muffat.debian.org."]}'
+
+# MQ notification
+use_mq = True;
projects / mirror / userdir-ldap.git / blobdiff