08. Settings

MAIN CONFIGURATION

SYSTEM

General information about the system related to the Docker container.

GLOBAL SETTINGS

Hostname

Repomanager FQDN, defined during the creation of the Docker container.

Timezone

Specify your timezone. This is especially useful to ensure that scheduled tasks run at the specified time.

Default contact

Default contact for receiving emails. Currently, only scheduled tasks and their reminders are sending emails. You can specify multiple recipients.

Use proxy

If your Repomanager instance runs behind a proxy, you can specify the proxy URL to use to access the internet (optionnal). Example: https://myproxy.com:8080.

---

REPOSITORIES

GLOBAL SETTINGS

Repos URL

Root URL for accessing repositories.

This URL is not browseable for security reasons. To explore the content of a repository snapshot, use the snapshot browsing system, see Browse repository content.

If you still want to enable the web browser directory listing, see: Enable repository web browsing

Retention

Maximum number of snapshots to keep per repository.

Repo configuration file name prefix

Prefix added to repository configuration files when installing on client hosts (e.g. <myprefix>-debian.list or <myprefix>-nginx.repo) Leave empty if you want no prefix.

GLOBAL MIRRORING SETTINGS

Package download timeout (in seconds)

Maximum time (in seconds) allowed to download a package during a mirroring process.

RPM

Enable RPM repositories

Enable RPM package repositories.

Sign packages with GPG

Enable the signing of RPM packages when creating a RPM package repository (mirror or local repository). Packages will be signed using the GPG signing key specified by the GPG key Id parameter.

Default release version

Default release version to use when creating RPM repositories.

Default package architecture

Default package architecture to use when creating RPM repositories.

MIRRORING SETTINGS

When package signature is missing

Package retrieved from a remote repository may not be signed at all (for example, the publisher released the package forgetting to sign it). This parameter allows you to choose what to do in this case.

When package signature is invalid

Package retrieved from a remote repository may have invalid signature (because the GPG key used to sign the package was not imported, or because the publisher signed the package with a different GPG key, or because the package's signature is corrupted or somehow broken). This parameter allows you to choose what to do in this case.

DEB

Enable DEB repositories

Enable DEB package repositories.

Sign repositories with GPG

Enable the signing of DEB repositories when creating a DEB package repository (mirror or local repository). The repository metadata will be signed using the GPG signing key specified by the GPG key Id parameter.

Default package architecture

Default package architecture to use when creating DEB repositories.

MIRRORING SETTINGS

When Release file signature is invalid

InRelease / Release file retrieved from a remote repository may have invalid signature (because the GPG key used to sign the file was not imported, or because the publisher signed the file with a different GPG key, or because the file's signature is corrupted or somehow broken). This parameter allows you to choose what to do in this case.

GPG SIGNING KEY

GPG key Id (email address identifier)

GPG key for signing packages and repositories, identified by its email address. This key is randomly generated upon Repomanager's first startup (4096 bits RSA key).

It is currently not possible to modify the key Id or the passphrase on the fly from the web interface. To modify the key Id, you must do it manually with the following steps:

1. Set a new key Id from the web interface respecting the format keyname@fqdn and Save.

2. Enter the container:

docker exec -it repomanager /bin/bash

3. Delete pubring, macros file and the public key:

rm /var/lib/repomanager/.gnupg/pubring.* /var/lib/repomanager/.rpm/.mcs /home/repo/gpgkeys/* -f

4. Refresh Repomanager (F5) and test.
5. Beware that the packages and repositories signed with the old key will no longer be valid. You must re-sign them with the new key (rebuild repositories metadata).

ENVIRONMENTS

See Manage repositories environments

STATISTICS

Enable repositories statistics

Enable logging and statistics on:

• repositories access
• repositories size
• repositories packages count

---

SCHEDULED TASKS

Enable scheduled tasks reminders

Enable reminders for scheduled tasks. Reminders are sent via email to the recipients defined when adding a new scheduled task.

---

HOSTS & PROFILES

Manage hosts

Enable the management of client hosts. These hosts can register with Repomanager via the API using Linupdate. See Manage hosts

Manage profiles

Enable the management of profiles for configuring client hosts. See Manage profiles

---

CVE (beta)

Import CVEs

Enable the import of CVEs into Repomanager. The import uses feeds from https://nvd.nist.gov/ Eventually, the CVEs tab should be able to list client hosts imported into Repomanager that have vulnerable packages.

Import scheduled time

Every day time at which the import of CVEs runs.

---

USERS

Create an user

From the SETTINGS tab:

1. Use the USERS right panel to create a new user.
2. Specify its username and its role.
3. A new random password is generated and the user is ready to use.

Notes:

• usage role has read-only permissions on Repomanager. It can visualize but cannot create or delete any data.
• administrator role has full permissions. It can create or delete any data.
• Only local accounts are supported. No LDAP or SSO supported at the moment.

---

Delete an user

From the SETTINGS tab:

1. Use the USERS right panel to create a new user.
2. Use the button to delete an user.

---

Reset user password

You must be logged in as an administrator account to reset another user password.

From the SETTINGS tab:

1. Use the button to reset user password.
2. A new random password will be generated.