5.3 RMT Configuration Files

The main RMT configuration file is /etc/rmt.conf. You can set most of the options with the YaST RMT Server module.

5.3.1 /etc/rmt.conf

The only supported way of doing the initial configuration is with yast2 rmt as described in Section 1.3, RMT Configuration with YaST. Only the proxy configuration has to be entered manually. The other configuration parameters are documented for reference.

All available configuration options can be found in the /etc/rmt.conf file.

Mirroring settings

The mirroring section lets you adjust mirroring behavior.

mirror_src

Decides whether to mirror source RPM packages (architecture is src).

dedup_method

Creates hardlinks during mirroring when set to hardlink. If the file system does not support hardlinks, can be set to copy instead. Possible values: hardlink, copy.

HTTP Client Settings

The http_client section defines the global HTTP connection settings of RMT.

verbose

Enables additional debug output to the systemd journal.

proxy

The proxy server URL.

proxy_auth

This setting determines the proxy authentication mechanism. Possible values are: none, basic, digest, gssnegotiate, ntlm, digest_ie, ntlm_wb.

proxy_user

The proxy server user name.

proxy_password

The proxy server password.

Settings for Accessing SUSE Repositories

The scc section contains your mirroring credentials for contacting the SUSE Customer Center. To obtain your mirroring credentials, see Section 3.1, Mirroring Credentials.

Valid configuration keys for the section are:

username

Mirroring credentials user name.

password

Mirroring credentials password.

5.3.2 SSL Certificates and HTTPS

By default access to API endpoints consumed by SUSEConnect is limited to HTTPS only. nginx is configured to use SSL certificate and private key from the following locations:

  • Certificate: /etc/rmt/ssl/rmt-server.crt

  • Private key: /etc/rmt/ssl/rmt-server.key

YaST RMT module generates a custom certificate authority which is used to sign HTTPS certificates, which means that to register, this certificate authority must be trusted by the client machines:

  • For registrations during installation from the media or with YaST Registration module, a message will appear, prompting to trust the server certificate.

  • For registering a client system on the command line, use the rmt-client-setup script. For details, see Section 4.3, Configuring Clients with rmt-client-setup.