fedora-infra_ansible/roles/anubis/templates/policies.yaml.j2

---
#openGraph:
  # Enables Open Graph passthrough
#  enabled: true
  # Enables the use of the HTTP host in the cache key, this enables
  # caching metadata for multiple http hosts at once.
#  considerHost: true
  # How long cached OpenGraph metadata should last in memory
#  ttl: 24h
bots:
  # allow rss feeds in bodhi and badges:
  # https://badges.fedoraproject.org/explore/badges/rss/
  # https://bodhi.fedoraproject.org/rss/updates/?querys
  # We can just allow /rss/ for now.
  - name: bodhi and badges rss feeds
    path_regex: /rss/
    action: ALLOW
  - name: allow POSTs
    expression: method == "POST"
    action: ALLOW
  - name: allow ostree
    path_regex: ^/ostree
    action: ALLOW
  - name: allow iot
    path_regex: ^/iot
    action: ALLOW
  - name: allow iot compose
    path_regex: ^/compose/iot
    action: ALLOW
  - name: allow src extras
    path_regex: ^/extras/
    action: ALLOW
  - name: allow checking for dead.package files
    path_regex: '.*/f/dead.package'
    action: ALLOW
  - name: allow packit
    user_agent_regex: packit.dev/packit
    action: ALLOW
  - name: productmd
    user_agent_regex: productmd
    action: ALLOW
  - name: zchunk
    path_regex: '.*zck'
    action: ALLOW
  - name: atlassian
    user_agent_regex: Atlassian-Jira-Automation/*
    action: ALLOW
  - name: forks
    action: WEIGH
    weight:
      adjust: 20
    path_regex: ^/fork/
  # these are solid defaults from
  # https://github.com/TecharoHQ/anubis/blob/main/data/botPolicies.yaml
  - import: (data)/meta/default-config.yaml

# Custom allowlist of API endpoint specified by each copr instance will live here
# - import: /etc/anubis/endpoint-allowlist.yaml