Scroll to navigation

OSTREE.REPO-CONFI(5) ostree.repo-config OSTREE.REPO-CONFI(5)

NAME

ostree.repo-config - OSTree repository configuration

DESCRIPTION

The config file in an OSTree repository is a "keyfile" in the XDG Desktop Entry Specification[1] format. It has several global flags, as well as zero or more remote entries which describe how to access remote repositories.
See ostree.repo(5) for more information about OSTree repositories.

[CORE] SECTION OPTIONS

Repository-global options. The following entries are defined:
mode
One of bare, bare-user or archive-z2.
repo_version
Currently, this must be set to 1.
commit-update-summary
Boolean value controlling whether or not to automatically update the summary file after a commit. Defaults to false.
fsync
Boolean value controlling whether or not to ensure files are on stable storage when performing operations such as commits, pulls, and checkouts. Defaults to true.
If you disable fsync, OSTree will no longer be robust against kernel crashes or power loss.
You might choose to disable this for local development repositories, under the assumption they can be recreated from source. Similarly, you could disable for a mirror where you could re-pull.
For the system repository, you might choose to disable fsync if you have uninterruptable power supplies and a well tested kernel.

[REMOTE NAME"] SECTION OPTIONS"

Describes a remote repository location.
url
Must be present; declares URL for accessing this remote. The only supported schemes are the moment are file, http, and https.
proxy
A string value, if given should be a URL for a HTTP proxy to use for access to this repository.
gpg-verify
A boolean value, defaults to true. Controls whether or not OSTree will require commits to be signed by a known GPG key. For more information, see the ostree(1) manual under GPG.
gpg-verify-summary
A boolean value, defaults to false. Controls whether or not OSTree will check if the summary is signed by a known GPG key. For more information, see the ostree(1) manual under GPG.
tls-permissive
A boolean value, defaults to false. By default, server TLS certificates will be checked against the system certificate store. If this variable is set, any certificate will be accepted.
tls-client-cert-path
Path to file for client-side certificate, to present when making requests to this repository.
tls-client-key-path
Path to file containing client-side certificate key, to present when making requests to this repository.
tls-ca-path
Path to file containing trusted anchors instead of the system CA database.
unconfigured-state
If set, pulls from this remote will fail with the configured text. This is intended for OS vendors which have a subscription process to access content.

/ETC/OSTREE/REMOTES.D

In addition to the /ostree/repo/config file, remotes may also be specified in /etc/ostree/remotes.d. The remote configuration file must end in .conf; files whose name does not end in .conf will be ignored.

PER-REMOTE GPG KEYRINGS AND VERIFICATION

OSTree supports a per-remote GPG keyring, as well as a gpgkeypath option. For more information see ostree(1). in the section GPG verification.

PER-REMOTE HTTP COOKIES

Some content providers may want to control access to remote repositories via HTTP cookies. The ostree remote add-cookie and ostree remote delete-cookie commands will update a per-remote lookaside cookie jar, named $remotename.cookies.txt.

SEE ALSO

ostree(1), ostree.repo(5)

NOTES

1.
XDG Desktop Entry Specification
OSTree