#------------------------------------------------------------------------------- # Sample p4broker configuration file # # The following paragraphs illustrate the configuration of the Perforce # Broker by example. Change the values and configuration to suit your # environment and requirements. # # Note that by default this broker will simply allow all commands to pass # through, and be executed against the target server. Uncomment and edit # the examples below to get started. #------------------------------------------------------------------------------- target = {{ perforce_p4broker_target_port }}; listen = {{ perforce_p4broker_port }}; directory = /p4/common/bin; logfile = /p4/1/logs/p4broker.log; debug-level = server=1; admin-name = "Perforce Admins"; admin-phone = 999/911; admin-email = {{ perforce_mailto_email}}; server.id = {{ perforce_master_id }}-broker; # Compress broker <-> server connection. If the broker is across a slow link # such as a WAN, compression can increase performance. If the broker is near # the server (such as on the same machine,) then avoiding recompressing the # client's protocol stream saves work. compress = false; # Optional user account to authenticate the broker to the target server with. #service-user = "svc-user-broker"; # Optional alternate P4TICKETS location. #ticket-file = "/p4/broker/.p4tickets"; # # Redirection mode. Pedantic redirection always redirects a command when it # matches a rule in the broker config. Selective redirection permits # redirection of commands within a single TCP/IP connection until a command # has been executed against the master server, at which point all commands # for the connection are sent to the master server. Selective redirection is # the default as it gives GUI users a better experience when replication # delays might otherwise cause incorrect results to be returned. redirection = selective; #redirection = pedantic; #------------------------------------------------------------------------------- # Definitions of all altservers in the environment. #------------------------------------------------------------------------------- # Note that the altserver name can not be 'random' as that is reserved for use # in the destination field of command handlers to specify that the altserver # should be chosen randomly. # # altserver: {{ perforce_replica_id }} { # Address of target server. Note that target servers must be configured # to use P4AUTH to ensure that login tickets are valid for all servers in # the brokered environment. I.e. the target and alternate servers must # share their authentication. # # target = perforce_standby_dnsname :{{ perforce_p4_port }}; # } #------------------------------------------------------------------------------- # Command policies #------------------------------------------------------------------------------- # # The general syntax is: # # command: # { # # Conditions for the command to meet (optional) # # Note that with the exception of 'flags', these are regex patterns. # # See 'p4 help grep' for an explanation of the regex syntax. # flags = ; # args = ; # user = ; # workspace = ; # prog = ; # version = ; # # # What to do with matching commands (required) # action = pass | reject | redirect | filter ; # # # How to go about it # destination = ; # Required for action = redirect # execute = ; # Required for action = filter # message = ; # Required for action = reject #} # # Note that when specifying regex patterns, bare strings like 'integ' will also # match 'integrate'. To match an exact string, append the beginning/end of line # anchors. E.g. '^integ$'. # # Uncomment the lines below to block all access to the server during # periods of maintenance. # command: .* { action = reject; message = "Server down for maintenance. Back soon"; } # # Use of the 'p4 changes' command is filtered. The script might decide # that requests for information about older changes can be served by # an alternate server. # #command: changes #{ # action = filter; # execute = ./check_changes.rb; #} # Redirect read only commands to the standby server. # When the destination is 'random', the altserver is chosen arbitrarily. # # By pass commands coming from a proxy. #command: .* #{ # action = filter; # execute = "perl /p4/common/config/broker_proxy_filter.pl"; #} #command: ^(branches|clients|counters|depots|dirs|discover|filelog|files|fstat|groups|interchanges|jobs|labels|opened|sizes|fixes|where|workspaces|users)$ #{ # action = redirect; # destination = random; #} # Specifications using the -o flag to output to STDOUT also do not # write to the DB except "p4 resolve -o", "p4 integrate -o" and "p4 # print -o" which should pass to the production server because those # flags have a different meaning on those commands. #command: ^(change|resolve|integ|integrate|print)$ #{ # flags = -o; # action = pass; #} #command: .* #{ # flags = -o; # action = redirect; # destination = random; #} #command: ^(annotate|diff2|grep|print)$ #{ # action = redirect; # destination = random; #} # Read/Write Commands with Read-Only flags: # # sync -p does not write anything to db.have, so it goes to the replica: #command: ^sync$ #{ # flags = -p; # action = redirect; # destination = random; #} # Catch all command for the proxy by pass script. #command: .* #{ # action = pass; #} # # The combination of the following two command handlers lets you create two # classes of super user - one with full 'super' privileges, and another that # can only run a subset of the full 'super' command set. This separation is # only effective if all user requests are passing through the broker. # # The first rule assumes a naming scheme where full super users have names # prefixed by 'super-'. The second one rejects all requests for the 'super' # commands that we don't want the rest of the super users (or anyone else) # to run. Note that we're specifically not matching 'protects' since P4V # requires it to log in. # #command: admin|protect|obliterate #{ # user = ^super-; # action = pass; #} # #command: admin|^protect$|obliterate #{ # action = reject; # message = "permission denied."; #}