From 1574b32ceba4d051f77411f90c56856c48c9cbc6 Mon Sep 17 00:00:00 2001 From: Jakob Meier Date: Fri, 3 Nov 2023 08:22:12 +0100 Subject: [PATCH] Added docstrings from official sourcehut config --- group_vars/all/default.yml | 47 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/group_vars/all/default.yml b/group_vars/all/default.yml index b7a7ccd..4b5b060 100644 --- a/group_vars/all/default.yml +++ b/group_vars/all/default.yml @@ -3,26 +3,57 @@ # NOTE: As of 29.10.2023 the edge version is outdated alpine_host_version: "v3.17" +# The name of your network of sr.ht-based sites srht_site_name: "sourcehut" +# The top-level info page for your site srht_site_info: "https://sourcehut.org" +# description="$site-name, $site-blurb" srht_site_blurb: "the hacker forge" +# +# Contact information for the site owners srht_owner_name: "Drew DeVault" srht_owner_email: "sir@cmpwn.com" + +# domain on which sr.ht-based sites are exposed +# automatically prepends the service name in front +# i.e - example.com -> hub.example.com (hub) +# - meta.example.com (meta) +# - git.example.com (git) srht_domain: "example.com" +# the protocol using which your exposed services can be reached srht_protocol: "https" + +# Outgoing SMTP settings srht_smtp_host: "" srht_smtp_port: "" srht_smtp_from: "" +# Options: starttls, tls, insecure srht_smtp_encryption: "starttls" +# Options: plain, none srht_smtp_auth: "plain" +# user / password are required if smtp-auth is plain srht_smtp_user: "" srht_smtp_password: "" +# Application exceptions are emailed to this address srht_smtp_error_to: "" srht_smtp_error_from: "" + +# If "no", public registration will not be permitted. srht_enable_registration: "yes" +# Set of IP subnets which are permitted to utilize internal API +# authentication. This should be limited to the subnets from which your +# *.sr.ht services are running. +# +# Comma-separated, CIDR notation. srht_ipnet: "127.0.0.0/8,::1/128,192.168.0.0/16,10.0.0.0/8,10.0.3.0/8" # before running, you have to copy the pgp private and public key +# You should generate a PGP key to allow users to authenticate emails received +# from your services. Use `gpg --edit-key [key id]` to remove the password from +# your private key, then export it to a file and set pgp-privkey to the path to +# that file. pgp-pubkey should be set to the path to your public key, and +# pgp-key-id should be set to the key ID string. Outgoing emails are signed with +# this PGP key. # put the key id here srht_pgp_key_id: "" # the public key itself (without begin/end blocks) here @@ -33,6 +64,22 @@ srht_email_privkey: "" # the following values have to be generated in advance # to do so have a look at: # https://git.sr.ht/~sircmpwn/core.sr.ht/tree/master/item/srht-keygen + +# base64-encoded Ed25519 key for signing webhook payloads. This should be +# consistent between all services. +# +# Use the `srht-keygen webhook` command to generate this key. Put the private +# key here and distribute the public key to anyone who would want to verify +# webhook payloads from your service. srht_private_key: "" + +# A key used for encrypting session cookies. Use `srht-keygen service` to +# generate the service key. This must be shared between each node of the same +# service (e.g. git1.sr.ht and git2.sr.ht), but different services may use +# different keys. If you configure all of your services with the same +# config.ini, you may use the same service-key for all of them. srht_service_key: "" + +# A secret key to encrypt internal messages with. Use `srht-keygen network` to +# generate this key. It must be consistent between all services and nodes. srht_network_key: "" -- 2.38.5