2 ; Configuration for onak, an OpenPGP compatible keyserver
6 backends_dir=@CMAKE_INSTALL_FULL_LIBDIR@/onak/backends
7 logfile=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/log/onak.log
8 ; Loglevel : 0 is highest debug, default is 3, nothing is 7+
10 ; Should we use the keyd backend?
12 sock_dir=@CMAKE_INSTALL_FULL_RUNSTATEDIR@
13 ; Maximum number of keys to return in a reply to an index, verbose index or
14 ; get. Setting it to -1 will allow any size of reply.
17 ; Settings related to key verification options available.
19 ; Verify signature hashes - verify that the hash a signature claims to be
20 ; over matches the hash of the data. Does not actually verify the signature.
22 ; Drop v3 (and older) keys. These are long considered insecure, so unless there
23 ; is a good reason you should accept this default.
26 ; Settings related to the email interface to onak.
28 maintainer_email=PGP Key Server Administrator <pgp-keyserver-admin@the.earth.li>
29 mail_dir=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/spool/onak
30 ; Specify the envelope sender address as the -f argument to
31 ; sendmail. This is the address which will receive any bounces.
32 ; If you don't use sendmail, then change this to an equivalent command.
33 ; If you do not want to process mail requests, leave this unset.
34 mta=/usr/sbin/sendmail -t -oi -fmailer-daemon
35 ; Where the main onak binary lives, so the script that handles incoming
36 ; email knows where to find it.
38 ; Email address outgoing incremental messages will come from.
39 ; Needs to match the syncsite entries others sites have for this site.
40 this_site=pgp-public-keys@the.earth.li
41 ; Include a syncsite line for each site with which you are exchanging
42 ; incremental requests.
43 ;syncsite=pgp-public-keys@keys.nl.pgp.net
44 ;syncsite=pgp-public-keys@blackhole.pca.dfn.de
45 ;syncsite=pgp-public-keys@pgp.es.net
46 ;syncsite=pgp-public-keys@keyserver.linux.it
47 ;syncsite=pgp-public-keys@pgp.dtype.org
48 ;syncsite=pgp-public-keys@kjsl.com
50 ; Database backend configurations below here
53 ; The default DB4 backend. Recommended.
55 location=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/lib/onak
58 ; An example HKP backend; all operations will be done against the
59 ; provided keyserver, with no local storage.
61 location=hkp://the.earth.li/
63 [backend:examplestacked]
64 ; A stacked set of backends. All fetch operations will be tried against
65 ; the provided list of backends, from left to right, until one succeeds.
66 ; All store operations are against the first backend.
67 ; If a fetch does not succeed against the first backend, but against a
68 ; later one, then the returned keys are also stored in the first backend.
69 ; This example configuration essentially produces a caching keyserver,
70 ; with any key fetched from the HKP backend being stored in the DB4
72 ; Note keys are not expired from the DB4 backend, so without any other
73 ; update mechanism configured this will result in stale data eventually.
75 location=defaultdb4:examplehkp