Pantavisor Configuration¶
Note
This reference page presents the newly unified configuration key syntax. To get to the deprecated but still supported previous format, you will have to go here.
Summary¶
Note
The key syntax is the same for all configuration levels.
Note
All keys are case insensitive.
This table contains the currently supported list of configuration keys.
| Key | Value | Default | Description |
|---|---|---|---|
PH_CREDS_HOST |
IP or hostname | 192.168.53.1 |
set Pantacor Hub address |
PH_CREDS_ID |
string | empty | set Pantacor Hub device ID |
PH_CREDS_PORT |
port | 12365 |
set port for communication with Pantacor Hub |
PH_CREDS_PROXY_HOST |
IP or hostname | empty | set Pantacor Hub proxy address |
PH_CREDS_PROXY_NOPROXYCONNECT |
0 or 1 |
0 |
disable proxy communication with Pantacor Hub |
PH_CREDS_PROXY_PORT |
port | 3218 |
set port for proxy communication with Pantacor Hub |
PH_CREDS_PRN |
string | empty | set Pantacor Hub device PRN |
PH_CREDS_SECRET |
string | empty | set Pantacor Hub credentials secret |
PH_CREDS_TYPE |
builtin |
builtin |
set Pantacor Hub credentials type |
PH_FACTORY_AUTOTOK |
token | empty | set factory auto token for communication with Pantacor Hub |
PH_METADATA_DEVMETA_INTERVAL |
time (in seconds) | 10 |
set push interval for device metadata to Pantacor Hub |
PH_METADATA_USRMETA_INTERVAL |
time (in seconds) | 10 |
set refresh interval for user metadata from Pantacor Hub |
PH_UPDATER_INTERVAL |
time (in seconds) | 60 |
set time between Pantacor Hub update requests |
PH_UPDATER_NETWORK_TIMEOUT |
time (in seconds) | 120 |
set time before rollback if device cannot communicate with Pantacor Hub |
PV_BOOTLOADER_FITCONFIG |
string | empty | set FIT configuration name |
PV_BOOTLOADER_MTD_ENV |
string | empty | set MTD name for bootloader env |
PV_BOOTLOADER_MTD_ONLY |
0 or 1 |
0 |
enable MTD for bootloader env |
PV_BOOTLOADER_TYPE |
uboot, uboot-ab, uboot-pvk, rpiab or grub |
uboot |
set bootloader type |
PV_BOOTLOADER_UBOOTAB_A_NAME |
string | fitA | name of the partition to use as "A" in uboot-ab mode |
PV_BOOTLOADER_UBOOTAB_A_NAME |
string | fitB | name of the partition to use as "B" in uboot-ab mode |
PV_BOOTLOADER_UBOOTAB_ENV_NAME |
string | empty | name of the partition where the uboot environment is stored |
PV_BOOTLOADER_UBOOTAB_ENV_BAK_NAME |
string | empty | name of the partition where the uboot environment is backed up |
PV_BOOTLOADER_UBOOTAB_ENV_OFFSET |
offset in bytes | 0 | environment offset from the beginning of the partition |
PV_BOOTLOADER_UBOOTAB_ENV_SIZE |
size in bytes | 0 | size of the uboot environment |
PV_CACHE_DEVMETADIR |
path | /storage/cache/devmeta |
set persistent device metadata dir |
PV_CACHE_USRMETADIR |
path | /storage/cache/meta |
set persistent user metadata dir |
PV_CONTROL_REMOTE |
0 or 1 |
1 |
enable communication with Pantacor Hub |
PV_CONTROL_REMOTE_ALWAYS |
0 or 1 |
0 |
keep communication with Pantacor Hub even when a local revision is running |
PV_DEBUG_SHELL |
0 or 1 |
1 |
enable debug shell console |
PV_DEBUG_SHELL_AUTOLOGIN |
0 or 1 |
0 |
always prompt debug shell console without having to press any key |
PV_DEBUG_SSH |
0 or 1 |
1 |
enable debug ssh server |
PV_DEBUG_SSH_AUTHORIZED_KEYS |
string | empty | set name of the [debug ssh server]((inspect-device.md#ssh) public key file |
PV_DISK_EXPORTSDIR |
path | /exports |
set exports directory |
PV_DISK_VOLDIR |
path | /volumes |
set volumes directory |
PV_DISK_WRITABLEDIR |
path | /writable |
set writable directory |
PV_DROPBEAR_CACHE_DIR |
path | /storage/cache/dropbear |
set debug ssh server cache directory |
PV_LIBTHTTP_CERTSDIR |
path | /certs |
set certificates directory for libthttp |
PV_LIBTHTTP_LOG_LEVEL |
0 (FATAL), 1 (ERROR), 2 (WARN), 3 (INFO), 4 (DEBUG) or 5 (ALL) |
3 |
set libthttp log verbosity level |
PV_LOG_CAPTURE |
0 or 1 |
1 |
activate Log Server |
PV_LOG_CAPTURE_DMESG |
0 or 1 |
1 |
pump dmesg into Log Server |
PV_LOG_BUF_NITEMS |
size (in KB) | 128 |
set in-memory logs buffer size |
PV_LOG_DIR |
path | /storage/logs/ |
set logs directory |
PV_LOG_FILETREE_TIMESTAMP_FORMAT |
golang:constant or strftime:format |
empty | set timestamp format for filetree Log Server output |
PV_LOG_LEVEL |
0 (FATAL), 1 (ERROR), 2 (WARN), 3 (INFO), 4 (DEBUG) or 5 (ALL) |
0 |
set Log Server verbosity level |
PV_LOG_LOGGERS |
0 or 1 |
1 |
enable container loggers |
PV_LOG_MAXSIZE |
size (in B) | 2097152 (2 MB) |
set max size of a Log Server stored log file before compression |
PV_LOG_PUSH |
0 or 1 |
1 |
enable pushing stored logs into Pantacor Hub |
PV_LOG_SERVER_OUTPUTS |
comma-separated list of: filetree, nullsink, singlefile, stdout, stdout_direct, stdout.containers and/or stdout.pantavisor |
filetree |
set output format of Log Server; NOTE: for stdout output you need to tweak kernel cmdline |
PV_LOG_SINGLEFILE_TIMESTAMP_FORMAT |
golang:constant or strftime:format |
empty | set timestamp format for singlefile Log Server output |
PV_LOG_STDOUT_TIMESTAMP_FORMAT |
golang:constant or strftime:format |
empty | set timestamp format for stdout Log Server output |
PV_LXC_LOG_LEVEL |
0 (TRACE), 1 (DEBUG), 2 (INFO), 3 (NOTICE), 4 (WARN), 5 (ERROR), 6 (CRITICAL), 7 (ALERT) or 8 (FATAL) |
2 |
set lxc library log verbosity level |
PV_NET_BRADDRESS4 |
IP or hostname | 10.0.3.1 |
set container network bridge address |
PV_NET_BRDEV |
string | lxcbr0 |
set container network bridge name |
PV_NET_BRMASK4 |
IP or hostname | 255.255.255.0 |
set container bridge mask address |
PV_OEM_NAME |
string | empty | set OEM configuration file path and the expected subject CN name for the OEM root certificate validation |
PV_POLICY |
string without / character |
empty | set configuration policy and OEM file name |
PV_REMOUNT_POLICY |
string | "default" | set remount policy |
PV_REVISION_RETRIES |
number of retries | 10 |
set number of updates retries before rollback |
PV_SECUREBOOT_CHECKSUM |
0 or 1 |
1 |
enable artifact checksum validation |
PV_SECUREBOOT_HANDLERS |
0 or 1 |
1 |
enable the use of script handlers for checksum validation |
PV_SECUREBOOT_MODE |
disabled, audit, lenient or strict |
lenient |
set secureboot severity level |
PV_SECUREBOOT_OEM_TRUSTORE |
string | ca-oem-certificates |
set OEM trustore name to be used by secureboot |
PV_SECUREBOOT_TRUSTSTORE |
string | ca-certificates |
set default truststore name to used by secureboot |
PV_STORAGE_DEVICE |
LABEL=XXXX, UUID=XXXX or string |
N/A (mandatory) | set storage device with a partition label, UUID or /dev name |
PV_STORAGE_FSTYPE |
ext4, ubifs or jffs2 |
N/A (mandatory) | set storage file system type |
PV_STORAGE_GC_KEEP_FACTORY |
0 or 1 |
0 |
avoid deletion of revision 0 artifacts by the garbage collector |
PV_STORAGE_GC_RESERVED |
percentage | 5 |
the garbage collector will try to always keep this percentage of disk free |
PV_STORAGE_GC_THRESHOLD_DEFERTIME |
time (in seconds) | 600 |
time the garbage collector threshold will be deferred after a new object has been put from the control socket objects endpoint |
PV_STORAGE_GC_THRESHOLD |
percentage | 0 |
the garbage collector will be triggered if there is less than this percentage of disk free |
PV_STORAGE_LOGTEMPSIZE |
size (with k, m g or % suffix) | empty | set logs to be stored on memory |
PV_STORAGE_MNTPOINT |
path | N/A (mandatory) | set storage mount point |
PV_STORAGE_MNTTYPE |
ext4 |
empty | set storage mount point file system |
PV_STORAGE_PHCONFIG_VOL |
0 or 1 |
0 |
use Pantacor Hub credentials volume |
PV_STORAGE_WAIT |
time (in seconds) | 5 |
set wait time for storage device to be available |
PV_SYSCTL_KERNEL_CORE_PATTERN |
core pattern | string|/lib/pv/pvcrash --skip |
set sysctl kernel core_pattern |
PV_SYSCTL_* |
sysctl.conf format | N/A (mandatory) | set sysctl /proc/sys hierarchy |
PV_SYSTEM_APPARMOR_PROFILES |
comma-separated list of AppArmor profile names | empty | list of AppArmor profiles to be loaded during device initialisation |
PV_SYSTEM_CONFDIR |
path | /configs |
set config directory |
PV_SYSTEM_DRIVERS_LOAD_EARLY_AUTO |
0 or 1 |
0 |
load all drivers automatically during device initialisation |
PV_SYSTEM_ETCDIR |
path | /etc |
set etc directory |
PV_SYSTEM_INIT_MODE |
embedded, standalone or appengine |
embedded |
set init mode |
PV_SYSTEM_LIBDIR |
path | /lib |
set lib directory |
PV_SYSTEM_MEDIADIR |
path | /media |
set media directory |
PV_SYSTEM_MOUNT_SECURITYFS |
0 or 1 |
0 |
mount /sys/kernel/security during device initialisation |
PV_SYSTEM_RUNDIR |
path | /pv |
set run directory |
PV_SYSTEM_USRDIR |
path | /usr |
set urs directory |
PV_UPDATER_COMMIT_DELAY |
time (in seconds) | 25 |
set testing time after an update |
PV_UPDATER_GOALS_TIMEOUT |
time (in seconds) | 120 |
set time to wait for a container to reach its status goal |
PV_UPDATER_USE_TMP_OBJECTS |
0 or 1 |
0 |
download objects in an on-disk temporary location. If disabled, objects will be stored in memory while downloading |
PV_WDT_MODE |
disabled, shutdown, startup or always |
shutdown |
set watchdog mode |
PV_WDT_TIMEOUT |
time (in seconds) | 15 |
set watchdog timeout |
Levels¶
This table shows the configuration levels that are allowed for each configuration key.
| Key | pv.conf | ph.conf | env,bootargs | Policy | OEM | User meta | Command |
|---|---|---|---|---|---|---|---|
PH_CREDS_HOST |
|||||||
PH_CREDS_ID |
|||||||
PH_CREDS_PORT |
|||||||
PH_CREDS_PROXY_HOST |
|||||||
PH_CREDS_PROXY_NOPROXYCONNECT |
|||||||
PH_CREDS_PROXY_PORT |
|||||||
PH_CREDS_PRN |
|||||||
PH_CREDS_SECRET |
|||||||
PH_CREDS_TYPE |
|||||||
PH_FACTORY_AUTOTOK |
|||||||
PH_METADATA_DEVMETA_INTERVAL |
|||||||
PH_METADATA_USRMETA_INTERVAL |
|||||||
PH_UPDATER_INTERVAL |
|||||||
PH_UPDATER_NETWORK_TIMEOUT |
|||||||
PV_BOOTLOADER_FITCONFIG |
|||||||
PV_BOOTLOADER_MTD_ENV |
|||||||
PV_BOOTLOADER_MTD_ONLY |
|||||||
PV_BOOTLOADER_TYPE |
|||||||
PV_BOOTLOADER_UBOOTAB_A_NAME |
|||||||
PV_BOOTLOADER_UBOOTAB_A_NAME |
|||||||
PV_BOOTLOADER_UBOOTAB_ENV_NAME |
|||||||
PV_BOOTLOADER_UBOOTAB_ENV_BAK_NAME |
|||||||
PV_BOOTLOADER_UBOOTAB_ENV_OFFSET |
|||||||
PV_BOOTLOADER_UBOOTAB_ENV_SIZE |
|||||||
PV_CACHE_DEVMETADIR |
|||||||
PV_CACHE_USRMETADIR |
|||||||
PV_CONTROL_REMOTE |
|||||||
PV_CONTROL_REMOTE_ALWAYS |
|||||||
PV_DEBUG_SHELL |
|||||||
PV_DEBUG_SHELL_AUTOLOGIN |
|||||||
PV_DEBUG_SSH |
|||||||
PV_DEBUG_SSH_AUTHORIZED_KEYS |
|||||||
PV_DISK_EXPORTSDIR |
|||||||
PV_DISK_VOLDIR |
|||||||
PV_DISK_WRITABLEDIR |
|||||||
PV_DROPBEAR_CACHE_DIR |
|||||||
PV_LIBTHTTP_CERTSDIR |
|||||||
PV_LIBTHTTP_LOG_LEVEL |
|||||||
PV_LOG_CAPTURE |
|||||||
PV_LOG_CAPTURE_DMESG |
|||||||
PV_LOG_BUF_NITEMS |
|||||||
PV_LOG_DIR |
|||||||
PV_LOG_FILETREE_TIMESTAMP_FORMAT |
|||||||
PV_LOG_LEVEL |
|||||||
PV_LOG_LOGGERS |
|||||||
PV_LOG_MAXSIZE |
|||||||
PV_LOG_PUSH |
|||||||
PV_LOG_SERVER_OUTPUTS |
|||||||
PV_LOG_SINGLEFILE_TIMESTAMP_FORMAT |
|||||||
PV_LOG_STDOUT_TIMESTAMP_FORMAT |
|||||||
PV_LXC_LOG_LEVEL |
|||||||
PV_NET_BRADDRESS4 |
|||||||
PV_NET_BRDEV |
|||||||
PV_NET_BRMASK4 |
|||||||
PV_OEM_NAME |
|||||||
PV_POLICY |
|||||||
PV_REMOUNT_POLICY |
|||||||
PV_REVISION_RETRIES |
|||||||
PV_SECUREBOOT_CHECKSUM |
|||||||
PV_SECUREBOOT_HANDLERS |
|||||||
PV_SECUREBOOT_MODE |
|||||||
PV_SECUREBOOT_TRUSTSTORE |
|||||||
PV_STORAGE_DEVICE |
|||||||
PV_STORAGE_FSTYPE |
|||||||
PV_STORAGE_GC_KEEP_FACTORY |
|||||||
PV_STORAGE_GC_RESERVED |
|||||||
PV_STORAGE_GC_THRESHOLD_DEFERTIME |
|||||||
PV_STORAGE_GC_THRESHOLD |
|||||||
PV_STORAGE_LOGTEMPSIZE |
|||||||
PV_STORAGE_MNTPOINT |
|||||||
PV_STORAGE_MNTTYPE |
|||||||
PV_STORAGE_WAIT |
|||||||
PV_SYSTEM_APPARMOR_PROFILES |
|||||||
PV_SYSTEM_CONFDIR |
|||||||
PV_SYSTEM_DRIVERS_LOAD_EARLY_AUTO |
|||||||
PV_SYSTEM_ETCDIR |
|||||||
PV_SYSTEM_INIT_MODE |
|||||||
PV_SYSTEM_LIBDIR |
|||||||
PV_SYSTEM_MEDIADIR |
|||||||
PV_SYSTEM_MOUNT_SECURITYFS |
|||||||
PV_SYSTEM_RUNDIR |
|||||||
PV_SYSTEM_USRDIR |
|||||||
PV_UPDATER_COMMIT_DELAY |
|||||||
PV_UPDATER_GOALS_TIMEOUT |
|||||||
PV_UPDATER_USE_TMP_OBJECTS |
|||||||
PV_WDT_MODE |
|||||||
PV_WDT_TIMEOUT |