| GOTD-SECRETS.CONF(5) | File Formats Manual | GOTD-SECRETS.CONF(5) |
gotd-secrets.conf —
gotd secrets file
gotd-secrets.conf contains authentication
credentials for use with gotd(8) notifications. This file
must be owned by the root user and must not be readable by any other
users.
The file format is line-based, with one entry per line. Comments can appear at the start of a line using a hash mark (‘#’), and extend to the end of the line. Empty lines are ignored.
Each entry consists of whitespace-separated tokens and defines a set of credentials. Any credential parameters containing whitespace should be surrounded by single or double quotes.
Each set of credentials must be given a label which can be used to refer to credentials in gotd.conf(5). This label must be unique among all credentials of the same type.
The supported credential types and their parameters are:
auth
label user
user password
passwordauth type represents HTTP Basic Authentication
credentials consisting of a user and a
password.hmac
label secrethmac type represents shared secrets for use
with HMAC signatures of HTTP request bodies. A suitable
secret can be generated with
openssl(1) as follows:
$ openssl rand -base64
32gotd-secrets.conf configuration
file.Define credentials for HTTP basic authentication and HMAC signatures:
# /etc/gotd-secrets.conf auth mochi user "flan" password "super-strong-password!" hmac hacker q0tcl8QhjYs7U75MW/2rwB30CpdbAhONkfLGxFHm/+8=
These credentials can be referenced in gotd.conf(5) as follows:
# /etc/gotd.conf
repository "openbsd/src" {
path "/var/git/src.git"
permit rw :hackers
notify {
url https://example.com/ci/ auth mochi hmac hacker
}
}
| January 31, 2025 | Debian |