Pulp uses dynaconf for its settings which allows you to configure Pulp in a few ways:
To configure Pulp by settings file, you must set the format and location of the config file by specifying the PULP_SETTINGS environment variable. For example, if you wanted to use Python to specify your configuration, and provide it at /etc/pulp/settings.py you could:
export PULP_SETTINGS=/etc/pulp/settings.pyOr in a systemd file you could:
Environment="PULP_SETTINGS=/etc/pulp/settings.py" as the Ansible Installer does.Dynaconf supports settings in multiple file formats <https://dynaconf.readthedocs.io/en/latest/ guides/examples.html>
This file should have permissions of:
- mode: 640
- owner: root
- group: pulp (the group of the account that pulp runs under)
- SELinux context: system_u:object_r:etc_t:s0
If it is in its own directory like /etc/pulp, the directory should have permissions of:
- mode: 750
- owner: root
- group: pulp (the group of the account that pulp runs under)
- SELinux context: unconfined_u:object_r:etc_t:s0
Many users specify their Pulp settings entirely by Environment Variables. Each of the settings can be configured using Dynaconf by prepending PULP_ to the name of the setting and specifying that as an Environment Variable. For example the SECRET_KEY can be specified by exporting the PULP_SECRET_KEY variable.
Pulp uses three types of settings:
Django settings <django-settings>Pulp is configuringPulp defined settings <pulp-settings>RQ settings <rq-settings>Pulp is using
Pulp is a Django project, so any Django Django setting can also be set to configure your Pulp deployment.
In order to get a pulp server up and running a Django SECRET_KEY must be provided.
The following code snippet can be used to generate a random SECRET_KEY.
import random
chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
print(''.join(random.choice(chars) for i in range(50)))By default Pulp uses PostgreSQL on localhost. For all possible configurations please refer to Django documentation on databases <https://docs.djangoproject.com/en/2 .1/ref/settings/#databases>
By default, Pulp uses the local filesystem to store files. The default option which uses the local filesystem is
pulpcore.app.models.storage.FileSystem.This can be configured though to alternatively use Amazon S3. To use S3, set
DEFAULT_FILE_STORAGEtostorages.backends.s3boto3.S3Boto3Storage. For more information about different Pulp storage options, see thestorage documentation <storage>.
The location where Pulp will store files. By default this is /var/lib/pulp/.
If you're using S3, point this to the path in your bucket you want to save files. See the
storage documentation <storage>for more info.It should have permissions of:
- mode: 750
- owner: pulp (the account that pulp runs under)
- group: pulp (the group of the account that pulp runs under)
- SELinux context: system_u:object_r:var_lib_t:s0
By default Pulp logs at an INFO level to syslog. For all possible configurations please refer to Django documenation on logging <https://docs.djangoproject.com/en/2 .1/topics/logging/#configuring-logging>.
By default, Pulp has two types of authentication enabled, and they fall back for each other:
- Basic Auth which is checked against an internal users database
- Webserver authentication that relies on the webserver to perform the authentication.
To change the authentication types Pulp will use, modify the
AUTHENTICATION_BACKENDSsettings. See the Django authentication documentation <https://docs.djangoproject.com/en/2.2/ topics/auth/customizing/#authentication-backends> for more information.
The following RQ settings can be set in your Pulp config:
- REDIS_URL
- REDIS_HOST
- REDIS_PORT
- REDIS_DB
- REDIS_PASSWORD
- SENTINEL
These will be used by any worker loaded with the -c 'pulpcore.rqconfig' option.
Below are some common settings used for RQ configuration. See the RQ settings documentation for information on these settings.
The hostname for Redis. By default Pulp will try to connect to Redis on localhost. RQ documentation contains other Redis settings supported by RQ.
The port for Redis. By default Pulp will try to connect to Redis on port 6380.
The password for Redis.
Pulp defines the following settings itself:
The directory used by workers to stage files temporarily. This defaults to
/var/lib/pulp/tmp/.It should have permissions of:
- mode: 755
- owner: pulp (the account that pulp runs under)
- group: pulp (the group of the account that pulp runs under)
- SELinux context: unconfined_u:object_r:var_lib_t:s0
Note
It is recommended that WORKING_DIRECTORY and MEDIA_ROOT exist on the same storage volume for performance reasons. Files are commonly staged in the WORKING_DIRECTORY and validated before being moved to their permanent home in MEDIA_ROOT.
A string containing the protocol, fqdn, and port where the content app is deployed. This is used when Pulp needs to refer the client to the content serving app from within the REST API, such as the
base_pathattribute for adistribution.This defaults to
Nonewhich returns relative urls.
A string containing the path prefix for the content app. This is used by the REST API when forming URLs to refer clients to the content serving app, and by the content serving application to match incoming URLs.
Defaults to
'/pulp/content/'.
The number of seconds before a content app should be considered lost.
Defaults to
30seconds.
The name of the WSGI environment variable to read for
webserver authentication <webserver-auth>.Warning
Configuring this has serious security implications. See the Django warning at the end of this section in their docs <https://docs.djangoproject.com/en/2.2/howto/auth-remote-user/ #configuration> for more details.
Defaults to
'REMOTE_USER'.
A debugging feature that collects profile data about the Stages API as it runs. See staging api profiling docs for more information.