08. Settings
General information about the system related to the Docker container.
Hostname
Repomanager FQDN, defined during the creation of the Docker container.
Timezone
Specify your timezone. This is especially useful to ensure that scheduled tasks run at the specified time.
Default contact
Default contact for receiving emails. Currently, only scheduled tasks and their reminders are sending emails. You can specify multiple recipients.
Use proxy
If your Repomanager instance runs behind a proxy, you can specify the proxy URL to use to access the internet (optionnal). Example: https://myproxy.com:8080.
Task execution memory limit (in MB)
Specify the PHP memory limit for tasks execution (create, update, etc ... ). Some repositories with a lot of packages may require more memory to be synced as package list is loaded in memory.
Repos URL
Root URL for accessing repositories.
This URL is not browseable for security reasons. To explore the content of a repository snapshot, use the snapshot browsing system, see Browse repository content.
If you still want to enable the web browser directory listing, see: Enable repository web browsing
Retention
Maximum number of snapshots to keep per repository.
Repo configuration file name prefix
Prefix added to repository configuration files when installing on client hosts (e.g. <myprefix>-debian.list or <myprefix>-nginx.repo)
Leave empty if you want no prefix.
Package download timeout (in seconds)
Maximum time (in seconds) allowed to download a package during a mirroring process.
Enable RPM repositories
Enable RPM package repositories.
Sign packages with GPG
Enable the signing of RPM packages when creating a RPM package repository (mirror or local repository). Packages will be signed using the GPG signing key specified by the GPG key Id parameter.
Default release version
Default release version to use when creating RPM repositories.
Default package architecture
Default package architecture to use when creating RPM repositories.
MIRRORING SETTINGS
When package signature is missing
Package retrieved from a remote repository may not be signed at all (for example, the publisher released the package forgetting to sign it). This parameter allows you to choose what to do in this case.
When package signature is invalid
Package retrieved from a remote repository may have invalid signature (because the GPG key used to sign the package was not imported, or because the publisher signed the package with a different GPG key, or because the package's signature is corrupted or somehow broken). This parameter allows you to choose what to do in this case.
Enable DEB repositories
Enable DEB package repositories.
Sign repositories with GPG
Enable the signing of DEB repositories when creating a DEB package repository (mirror or local repository). The repository metadata will be signed using the GPG signing key specified by the GPG key Id parameter.
Default package architecture
Default package architecture to use when creating DEB repositories.
MIRRORING SETTINGS
When Release file signature is invalid
InRelease / Release file retrieved from a remote repository may have invalid signature (because the GPG key used to sign the file was not imported, or because the publisher signed the file with a different GPG key, or because the file's signature is corrupted or somehow broken). This parameter allows you to choose what to do in this case.
GPG key Id (email address identifier)
GPG key for signing packages and repositories, identified by its email address. This key is randomly generated upon Repomanager's first startup (4096 bits RSA key).
It is currently not possible to modify the key Id or the passphrase on the fly from the web interface. To modify the key Id, you must do it manually with the following steps:
- Set a new key Id from the web interface respecting the format
keyname@fqdnand Save.
- Enter the container:
docker exec -it repomanager /bin/bash- Delete pubring, macros file and the public key:
rm /var/lib/repomanager/.gnupg/pubring.* /var/lib/repomanager/.rpm/.mcs /home/repo/gpgkeys/* -f- Refresh Repomanager (F5) and test.
- Beware that the packages and repositories signed with the old key will no longer be valid. You must re-sign them with the new key (rebuild repositories metadata).
See Manage repositories environments
Enable repositories statistics
Enable logging and statistics on:
- repositories access
- repositories size
- repositories packages count
Enable scheduled tasks reminders
Enable reminders for scheduled tasks. Reminders are sent via email to the recipients defined when adding a new scheduled task.
Manage hosts
Enable the management of client hosts. These hosts can register with Repomanager via the API using Linupdate. See Manage hosts
Manage profiles
Enable the management of profiles for configuring client hosts. See Manage profiles
Import CVEs
Enable the import of CVEs into Repomanager. The import uses feeds from https://nvd.nist.gov/ Eventually, the CVEs tab should be able to list client hosts imported into Repomanager that have vulnerable packages.
Import scheduled time
Every day time at which the import of CVEs runs.
From the SETTINGS tab:
- Use the
USERSright panel to create a new user. - Specify its username and its role.
- A new random password is generated and the user is ready to use.
Notes:
-
usagerole has read-only permissions on Repomanager. It can visualize but cannot create or delete any data. -
administratorrole has full permissions. It can create or delete any data. - Only local accounts are supported. No LDAP or SSO supported at the moment.
From the SETTINGS tab:
- Use the
USERSright panel to create a new user. - Use the
button to delete an user.
You must be logged in as an administrator account to reset another user password.
From the SETTINGS tab:
- Use the
button to reset user password. - A new random password will be generated.
