---
# defaults file for mbs

# Which module-build-service pkg we want to deploy/install (pinning a version instead of latest)
mbs_pkg_version: 3.6.1-7

mbs_platform_url: "https://gitlab.com/redhat/centos-stream/modules/platform/-/raw/el9/platform.yaml"
mbs_buildtools_repo_gpgkey: "{{ kojid_buildtools_repo_gpgkey | default('') }}"
mbs_env: "{{ centos_infra_env | default('prod') }}"
mbs_frontend: True
mbs_backend: True
mbs_cert_prefix: mbs
mbs_import_default_modules: true
mbs_upgrade_db: true
mbs_num_workers: 3
mbs_celery_max_worker_tasks: 10
mbs_default_modules_dir: default-modules
mbs_pki_store: "{{ pkistore | default('./') }}"

# psql
mbs_postgres_local: True
mbs_postgres_hostname: localhost
mbs_postgres_username: mbs
mbs_postgres_password: mbs
mbs_postgres_database: mbs

# rabbitmq
mbs_rabbitmq_local: True
mbs_rabbitmq_vhost: mbs
mbs_rabbitmq_username: mbs
mbs_rabbitmq_password: mbs

# kojihub
mbs_kojihub_top_url: https://cbs.centos.org
mbs_kojihub_use_fast_upload: true
mbs_kojihub_auth_type: kerberos
mbs_kojihub_kerberos_rdns: false

# mbs config.py settings
mbs_config_broker_url: 'amqp://{{ mbs_rabbitmq_username }}:{{ mbs_rabbitmq_password }}@localhost/{{ mbs_rabbitmq_vhost }}'
mbs_config_debug: false
mbs_config_secret_key: a1b2c3d4
mbs_config_database_url: postgresql://{{ mbs_postgres_username }}:{{ mbs_postgres_password }}@{{ mbs_postgres_hostname }}/{{ mbs_postgres_database }}
# which koji profile to use to kick builds (see mbs_kojihub)
mbs_config_system: koji
mbs_config_koji_profile: koji

# which message bus to use (we support fedmsg - legacy - or umb)
mbs_config_messaging: fedmsg
# common settings for fedmsg/umb
# for fedmsg, something like ['org.centos.prod'] , Fedora messaging style
# for umb, something like '/queue/Consumer.<service_account>.<env>.VirtualTopic.eng', see with umb admin
mbs_config_messaging_topic_prefix: ['org.centos.prod']

# fedora-messaging (when using fedmsg)
mbs_fedora_messaging_addrs: ["tcp://hub.fedoraproject.org:9940"]

# umb settings
mbs_umb_koji_topic_prefix: "{{ mbs_config_messaging_topic_prefix }}"
mbs_umb_mbs_topic_prefix: /topic/VirtualTopic.mbs
mbs_umb_services: 
  - koji
  - mbs
mbs_umb_client_crt: my-stomp-umb.crt
mbs_umb_client_key: my-stomp-umb.key
mbs_umb_stomp_uri: umb.my-domain.com:61612

mbs_config_koji_file: /etc/module-build-service/koji.conf
mbs_config_arches:
  - x86_64
mbs_config_koji_proxy_user: true
mbs_config_koji_repository_url: https://cbs.centos.org/repos
mbs_config_scm_urls: []
mbs_config_polling_interval: 3600
mbs_config_default_repository_url: 'git+https://git.centos.org/rpms/'
mbs_config_allow_rpm_repository: false
mbs_config_rpm_default_cache_url: 'https://git.centos.org/repo/pkgs/'
mbs_config_rpm_allow_cache: false
mbs_config_modules_repository_url: 'git+https://git.centos.org/centos/modules'
mbs_config_modules_allow_repository: false
mbs_config_log_backend: file
mbs_config_log_file: /var/log/mbs/module_build_service.log
mbs_config_log_level: info
mbs_config_logs_build_dir: /var/tmp
mbs_config_krb_keytab: /etc/module-build-service/mbs-{{ mbs_env }}.centos.org.keytab
mbs_config_krb_principal: cbs-koji@DEV.CENTOS.ORG
mbs_config_allowed_groups:
  - packager
mbs_config_admin_groups:
  - factory2
  - releng-team
mbs_config_allowed_users: []
mbs_config_rebuild_strategy: only-changed
mbs_config_rebuild_strategy_override: true
mbs_config_resolver: db
mbs_config_content_generator: true
mbs_config_base_module_names:
  - platform
  - bootstrap
mbs_config_koji_build_tag: modular-updates-candidate
mbs_config_koji_tag_prefixes:
  - module
mbs_config_koji_tag_extra_opts:
  mock.package_manager: dnf
  repo_include_all: true
  mock.new_chroot: 0
  mock.yum.module_hotfixes: 1
mbs_config_dist_tag_prefix: module_
mbs_config_koji_delete_time: 3600
mbs_config_no_auth: false
mbs_config_yaml_allowed: false
mbs_config_build_priority: 0
mbs_config_koji_devel_module: false
mbs_config_modules_allow_scratch: true
mbs_config_modules_only_compatible: false
mbs_koji_tag_permission: admin
mbs_koji_cg_tag_build: true
mbs_allow_name_override_from_scm: false
mbs_allow_stream_override_from_scm: false
mbs_num_concurrent_builds: 5
mbs_allowed_privileged_module_names: []
mbs_allowed_groups_to_import_module: []
mbs_br_stream_override_module: "platform"
mbs_br_stream_override_regexes: []
mbs_product_pages_url: ''
mbs_product_pages_schedule_task_name: ''
mbs_product_pages_module_streams: {}
mbs_scratch_build_only_branches: ["^private-.*"]
mbs_fedmsg_endpoints: ["tcp://127.0.0.1:3001"]

# relay
mbs_relay_inbound_addrs: ["tcp://127.0.0.1:3999"]
mbs_relay_outbound_addrs: ["tcp://127.0.0.1:9941"]

# moksha
mbs_moksha_monitoring_addr: tcp://0.0.0.0:10030
# frontend
mbs_wsgi_procs: 1
mbs_wsgi_threads: 1
mbs_wsgi_log_level: DEBUG
mbs_scheduler_consumer: false
mbs_scheduler_poller: false

# httpd hostname for tls cert
mbs_frontend_host: localhost
mbs_frontend_https_enabled: false
mbs_frontend_https_port: 443
mbs_frontend_http_enabled: true
mbs_frontend_http_port: 80
mbs_frontend_auth_type: kerberos
# HTTP keytab distributed from pkistore for httpd vhost
mbs_frontend_krb_keytab: localhost.keytab
mbs_frontend_krb_host: 'localhost'
mbs_frontend_ldap_uri: ''
mbs_frontend_ldap_dn_groups: ''


# Zabbix monitoring additional groups and templates specific to mbs
# Worth knowing that because we import other roles, it has already some attached templates like http server, and also one for tls monitoring, so just adding mbs features in new template
mbs_zabbix_templates:
  - Template CentOS MBS
mbs_zabbix_groups: []