production.ini
705 lines
| 25.8 KiB
| text/x-ini
|
IniLexer
/ configs / production.ini
r631 | |||
r1 | ################################################################################ | ||
r3270 | ## RHODECODE COMMUNITY EDITION CONFIGURATION ## | ||
r1 | ################################################################################ | ||
[DEFAULT] | |||
r3270 | ## Debug flag sets all loggers to debug, and enables request tracking | ||
debug = false | |||
r631 | |||
r1 | ################################################################################ | ||
r631 | ## EMAIL CONFIGURATION ## | ||
r1 | ## Uncomment and replace with the email address which should receive ## | ||
## any error reports after an application crash ## | |||
## Additionally these settings will be used by the RhodeCode mailing system ## | |||
################################################################################ | |||
r631 | |||
## prefix all emails subjects with given prefix, helps filtering out emails | |||
#email_prefix = [RhodeCode] | |||
## email FROM address all mails will be sent | |||
r1 | #app_email_from = rhodecode-noreply@localhost | ||
r631 | |||
r1 | #smtp_server = mail.server.com | ||
#smtp_username = | |||
#smtp_password = | |||
#smtp_port = | |||
#smtp_use_tls = false | |||
#smtp_use_ssl = true | |||
[server:main] | |||
## COMMON ## | |||
host = 127.0.0.1 | |||
port = 5000 | |||
r2997 | ########################################################### | ||
## WAITRESS WSGI SERVER - Recommended for Development #### | |||
########################################################### | |||
r631 | |||
r122 | #use = egg:waitress#main | ||
r1 | ## number of worker threads | ||
r123 | #threads = 5 | ||
r1 | ## MAX BODY SIZE 100GB | ||
r122 | #max_request_body_size = 107374182400 | ||
r1 | ## Use poll instead of select, fixes file descriptors limits problems. | ||
## May not work on old windows systems. | |||
r122 | #asyncore_use_poll = true | ||
r1 | |||
########################## | |||
## GUNICORN WSGI SERVER ## | |||
########################## | |||
r943 | ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini | ||
r631 | |||
r122 | use = egg:gunicorn#main | ||
r3483 | ## Sets the number of process workers. More workers means more concurrent connections | ||
r2997 | ## RhodeCode can handle at the same time. Each additional worker also it increases | ||
## memory usage as each has it's own set of caches. | |||
## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more | |||
## than 8-10 unless for really big deployments .e.g 700-1000 users. | |||
## `instance_id = *` must be set in the [app:main] section below (which is the default) | |||
## when using more than 1 worker. | |||
r122 | workers = 2 | ||
r2997 | ## process name visible in process list | ||
r122 | proc_name = rhodecode | ||
r1 | ## type of worker class, one of sync, gevent | ||
## recommended for bigger setup is using of of other than sync one | |||
r2506 | worker_class = gevent | ||
r11 | ## The maximum number of simultaneous clients. Valid only for Gevent | ||
r2957 | worker_connections = 10 | ||
r1 | ## max number of requests that worker will handle before being gracefully | ||
## restarted, could prevent memory leaks | |||
r122 | max_requests = 1000 | ||
max_requests_jitter = 30 | |||
r125 | ## amount of time a worker can spend with handling a request before it | ||
r1 | ## gets killed and restarted. Set to 6hrs | ||
r122 | timeout = 21600 | ||
r1 | |||
r1121 | ## prefix middleware for RhodeCode. | ||
r615 | ## recommended when using proxy setup. | ||
r1 | ## allows to set RhodeCode under a prefix in server. | ||
r984 | ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well. | ||
## And set your prefix like: `prefix = /custom_prefix` | |||
## be sure to also set beaker.session.cookie_path = /custom_prefix if you need | |||
## to make your cookies only work on prefix url | |||
r629 | [filter:proxy-prefix] | ||
use = egg:PasteDeploy#prefix | |||
prefix = / | |||
r1 | |||
[app:main] | |||
r2986 | ## The %(here)s variable will be replaced with the absolute path of parent directory | ||
## of this file | |||
## In addition ENVIRONMENT variables usage is possible, e.g | |||
## sqlalchemy.db1.url = {ENV_RC_DB_URL} | |||
r1 | use = egg:rhodecode-enterprise-ce | ||
r630 | |||
## enable proxy prefix middleware, defined above | |||
r1 | #filter-with = proxy-prefix | ||
r269 | ## encryption key used to encrypt social plugin tokens, | ||
## remote_urls with credentials etc, if not set it defaults to | |||
## `beaker.session.secret` | |||
#rhodecode.encrypted_values.secret = | |||
r281 | ## decryption strict mode (enabled by default). It controls if decryption raises | ||
## `SignatureVerificationError` in case of wrong key, or damaged encryption data. | |||
#rhodecode.encrypted_values.strict = false | |||
r3483 | ## return gzipped responses from RhodeCode (static files/application) | ||
|
r597 | gzip_responses = false | |
r1 | |||
r3483 | ## auto-generate javascript routes file on startup | ||
r269 | generate_js_files = false | ||
r2997 | ## System global default language. | ||
## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh | |||
r1 | lang = en | ||
r2997 | ## Perform a full repository scan and import on each server start. | ||
## Settings this to true could lead to very long startup time. | |||
r1 | startup.import_repos = false | ||
## Uncomment and set this path to use archive download cache. | |||
## Once enabled, generated archives will be cached at this location | |||
## and served from the cache during subsequent requests for the same archive of | |||
## the repository. | |||
#archive_cache_dir = /tmp/tarballcache | |||
r3483 | ## URL at which the application is running. This is used for Bootstrapping | ||
r2188 | ## requests in context when no web request is available. Used in ishell, or | ||
## SSH calls. Set this for events to receive proper url for SSH calls. | |||
app.base_url = http://rhodecode.local | |||
r2997 | ## Unique application ID. Should be a random unique string for security. | ||
r1 | app_instance_uuid = rc-production | ||
r2997 | ## Cut off limit for large diffs (size in bytes). If overall diff size on | ||
r2070 | ## commit, or pull request exceeds this limit this diff will be displayed | ||
## partially. E.g 512000 == 512Kb | |||
cut_off_limit_diff = 512000 | |||
r2997 | ## Cut off limit for large files inside diffs (size in bytes). Each individual | ||
r2070 | ## file inside diff which exceeds this limit will be displayed partially. | ||
## E.g 128000 == 128Kb | |||
cut_off_limit_file = 128000 | |||
r1 | |||
r2997 | ## use cached version of vcs repositories everywhere. Recommended to be `true` | ||
r1 | vcs_full_cache = true | ||
r2997 | ## Force https in RhodeCode, fixes https redirects, assumes it's always https. | ||
r1 | ## Normally this is controlled by proper http flags sent from http server | ||
force_https = false | |||
## use Strict-Transport-Security headers | |||
use_htsts = false | |||
## git rev filter option, --all is the default filter, if you need to | |||
## hide all refs in changelog switch this to --branches --tags | |||
git_rev_filter = --branches --tags | |||
# Set to true if your repos are exposed using the dumb protocol | |||
git_update_server_info = false | |||
## RSS/ATOM feed options | |||
rss_cut_off_limit = 256000 | |||
rss_items_per_page = 10 | |||
rss_include_diff = false | |||
## gist URL alias, used to create nicer urls for gist. This should be an | |||
r984 | ## url that does rewrites to _admin/gists/{gistid}. | ||
r1 | ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal | ||
r984 | ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid} | ||
r1 | gist_alias_url = | ||
r1943 | ## List of views (using glob pattern syntax) that AUTH TOKENS could be | ||
r1 | ## used for access. | ||
r984 | ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it | ||
r1 | ## came from the the logged in user who own this authentication token. | ||
r3483 | ## Additionally @TOKEN syntax can be used to bound the view to specific | ||
r2004 | ## authentication token. Such view would be only accessible when used together | ||
## with this authentication token | |||
r1 | ## | ||
r2032 | ## list of all views can be found under `/_admin/permissions/auth_token_access` | ||
r1 | ## The list should be "," separated and on a single line. | ||
## | |||
r1943 | ## Most common views to enable: | ||
r1951 | # RepoCommitsView:repo_commit_download | ||
# RepoCommitsView:repo_commit_patch | |||
# RepoCommitsView:repo_commit_raw | |||
r2004 | # RepoCommitsView:repo_commit_raw@TOKEN | ||
r1951 | # RepoFilesView:repo_files_diff | ||
# RepoFilesView:repo_archivefile | |||
# RepoFilesView:repo_file_raw | |||
r1943 | # GistView:* | ||
r1 | api_access_controllers_whitelist = | ||
r2997 | ## Default encoding used to convert from and to unicode | ||
r1 | ## can be also a comma separated list of encoding in case of mixed encodings | ||
default_encoding = UTF-8 | |||
## instance-id prefix | |||
## a prefix key for this instance used for cache invalidation when running | |||
r3483 | ## multiple instances of RhodeCode, make sure it's globally unique for | ||
## all running RhodeCode instances. Leave empty if you don't use it | |||
r1 | instance_id = | ||
r65 | ## Fallback authentication plugin. Set this to a plugin ID to force the usage | ||
## of an authentication plugin also if it is disabled by it's settings. | |||
## This could be useful if you are unable to log in to the system due to broken | |||
r3483 | ## authentication settings. Then you can enable e.g. the internal RhodeCode auth | ||
r65 | ## module to log in again and fix the settings. | ||
## | |||
## Available builtin plugin IDs (hash is part of the ID): | |||
## egg:rhodecode-enterprise-ce#rhodecode | |||
## egg:rhodecode-enterprise-ce#pam | |||
## egg:rhodecode-enterprise-ce#ldap | |||
## egg:rhodecode-enterprise-ce#jasig_cas | |||
## egg:rhodecode-enterprise-ce#headers | |||
## egg:rhodecode-enterprise-ce#crowd | |||
#rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode | |||
r1 | ## alternative return HTTP header for failed authentication. Default HTTP | ||
## response is 401 HTTPUnauthorized. Currently HG clients have troubles with | |||
## handling that causing a series of failed authentication calls. | |||
## Set this variable to 403 to return HTTPForbidden, or any other HTTP code | |||
r3483 | ## This will be served instead of default 401 on bad authentication | ||
r1 | auth_ret_code = | ||
## use special detection method when serving auth_ret_code, instead of serving | |||
## ret_code directly, use 401 initially (Which triggers credentials prompt) | |||
## and then serve auth_ret_code to clients | |||
auth_ret_code_detection = false | |||
## locking return code. When repository is locked return this HTTP code. 2XX | |||
## codes don't break the transactions while 4XX codes do | |||
lock_ret_code = 423 | |||
## allows to change the repository location in settings page | |||
allow_repo_location_change = true | |||
## allows to setup custom hooks in settings page | |||
allow_custom_hooks_settings = true | |||
r2997 | ## Generated license token required for EE edition license. | ||
## New generated token value can be found in Admin > settings > license page. | |||
r1 | license_token = | ||
## supervisor connection uri, for managing supervisor and logs. | |||
supervisor.uri = | |||
## supervisord group name/id we only want this RC instance to handle | |||
supervisor.group_id = prod | |||
## Display extended labs settings | |||
labs_settings_active = true | |||
r3068 | ## Custom exception store path, defaults to TMPDIR | ||
## This is used to store exception from RhodeCode in shared directory | |||
#exception_tracker.store_path = | |||
r3019 | |||
r3432 | ## File store configuration. This is used to store and serve uploaded files | ||
file_store.enabled = true | |||
r3483 | ## Storage backend, available options are: local | ||
r3432 | file_store.backend = local | ||
## path to store the uploaded binaries | |||
file_store.storage_path = %(here)s/data/file_store | |||
r3019 | |||
r1 | #################################### | ||
### CELERY CONFIG #### | |||
#################################### | |||
r2506 | ## run: /path/to/celery worker \ | ||
## -E --beat --app rhodecode.lib.celerylib.loader \ | |||
## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \ | |||
## --loglevel DEBUG --ini /path/to/rhodecode.ini | |||
r1 | use_celery = false | ||
r2506 | ## connection url to the message broker (default rabbitmq) | ||
r2359 | celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost | ||
r1 | |||
r2506 | ## maximum tasks to execute before worker restart | ||
r2359 | celery.max_tasks_per_child = 100 | ||
r1 | |||
## tasks will never be sent to the queue, but executed locally instead. | |||
r2359 | celery.task_always_eager = false | ||
r1 | |||
r2846 | ##################################### | ||
### DOGPILE CACHE #### | |||
##################################### | |||
## Default cache dir for caches. Putting this into a ramdisk | |||
r2957 | ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require | ||
r2965 | ## large amount of space | ||
cache_dir = %(here)s/data | |||
r2846 | |||
r2957 | ## `cache_perms` cache settings for permission tree, auth TTL. | ||
r2846 | rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace | ||
rc_cache.cache_perms.expiration_time = 300 | |||
r2957 | ## alternative `cache_perms` redis backend with distributed lock | ||
r2846 | #rc_cache.cache_perms.backend = dogpile.cache.rc.redis | ||
#rc_cache.cache_perms.expiration_time = 300 | |||
r2957 | ## redis_expiration_time needs to be greater then expiration_time | ||
#rc_cache.cache_perms.arguments.redis_expiration_time = 7200 | |||
#rc_cache.cache_perms.arguments.socket_timeout = 30 | |||
r2846 | #rc_cache.cache_perms.arguments.host = localhost | ||
#rc_cache.cache_perms.arguments.port = 6379 | |||
#rc_cache.cache_perms.arguments.db = 0 | |||
r3483 | ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends | ||
r2846 | #rc_cache.cache_perms.arguments.distributed_lock = true | ||
r2957 | ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS | ||
r2846 | rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace | ||
rc_cache.cache_repo.expiration_time = 2592000 | |||
r2957 | ## alternative `cache_repo` redis backend with distributed lock | ||
r2846 | #rc_cache.cache_repo.backend = dogpile.cache.rc.redis | ||
#rc_cache.cache_repo.expiration_time = 2592000 | |||
r2957 | ## redis_expiration_time needs to be greater then expiration_time | ||
r2846 | #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400 | ||
r2957 | #rc_cache.cache_repo.arguments.socket_timeout = 30 | ||
r2846 | #rc_cache.cache_repo.arguments.host = localhost | ||
#rc_cache.cache_repo.arguments.port = 6379 | |||
#rc_cache.cache_repo.arguments.db = 1 | |||
r3483 | ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends | ||
r2846 | #rc_cache.cache_repo.arguments.distributed_lock = true | ||
r2957 | ## cache settings for SQL queries, this needs to use memory type backend | ||
r2883 | rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru | ||
rc_cache.sql_cache_short.expiration_time = 30 | |||
r2957 | ## `cache_repo_longterm` cache for repo object instances, this needs to use memory | ||
## type backend as the objects kept are not pickle serializable | |||
rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru | |||
r2965 | ## by default we use 96H, this is using invalidation on push anyway | ||
r2957 | rc_cache.cache_repo_longterm.expiration_time = 345600 | ||
r2965 | ## max items in LRU cache, reduce this number to save memory, and expire last used | ||
## cached objects | |||
r2957 | rc_cache.cache_repo_longterm.max_size = 10000 | ||
r2846 | |||
r1 | #################################### | ||
### BEAKER SESSION #### | |||
#################################### | |||
## .session.type is type of storage options for the session, current allowed | |||
r2846 | ## types are file, ext:memcached, ext:redis, ext:database, and memory (default). | ||
r14 | beaker.session.type = file | ||
r2846 | beaker.session.data_dir = %(here)s/data/sessions | ||
r1 | |||
r630 | ## db based session, fast, and allows easy management over logged in users | ||
r1 | #beaker.session.type = ext:database | ||
#beaker.session.table_name = db_session | |||
#beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode | |||
#beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode | |||
#beaker.session.sa.pool_recycle = 3600 | |||
#beaker.session.sa.echo = false | |||
beaker.session.key = rhodecode | |||
beaker.session.secret = production-rc-uytcxaz | |||
r122 | beaker.session.lock_dir = %(here)s/data/sessions/lock | ||
r1 | |||
## Secure encrypted cookie. Requires AES and AES python libraries | |||
## you must disable beaker.session.secret to use this | |||
r984 | #beaker.session.encrypt_key = key_for_encryption | ||
#beaker.session.validate_key = validation_key | |||
r1 | |||
## sets session as invalid(also logging out user) if it haven not been | |||
## accessed for given amount of time in seconds | |||
beaker.session.timeout = 2592000 | |||
beaker.session.httponly = true | |||
r984 | ## Path to use for the cookie. Set to prefix if you use prefix middleware | ||
#beaker.session.cookie_path = /custom_prefix | |||
r1 | |||
## uncomment for https secure cookie | |||
beaker.session.secure = false | |||
## auto save the session to not to use .save() | |||
beaker.session.auto = false | |||
## default cookie expiration time in seconds, set to `true` to set expire | |||
## at browser close | |||
#beaker.session.cookie_expires = 3600 | |||
################################### | |||
## SEARCH INDEXING CONFIGURATION ## | |||
################################### | |||
r124 | ## Full text search indexer is available in rhodecode-tools under | ||
## `rhodecode-tools index` command | |||
r1 | |||
r984 | ## WHOOSH Backend, doesn't require additional services to run | ||
## it works good with few dozen repos | |||
r1 | search.module = rhodecode.lib.index.whoosh | ||
search.location = %(here)s/data/index | |||
r526 | ######################################## | ||
### CHANNELSTREAM CONFIG #### | |||
######################################## | |||
r545 | ## channelstream enables persistent connections and live notification | ||
## in the system. It's also used by the chat system | |||
r3270 | |||
r1264 | channelstream.enabled = false | ||
r526 | |||
r1264 | ## server address for channelstream server on the backend | ||
r526 | channelstream.server = 127.0.0.1:9800 | ||
r1264 | |||
r631 | ## location of the channelstream server from outside world | ||
r1264 | ## use ws:// for http or wss:// for https. This address needs to be handled | ||
## by external HTTP server such as Nginx or Apache | |||
r3483 | ## see Nginx/Apache configuration examples in our docs | ||
r1264 | channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream | ||
r526 | channelstream.secret = secret | ||
r543 | channelstream.history.location = %(here)s/channelstream_history | ||
r1264 | ## Internal application path that Javascript uses to connect into. | ||
## If you use proxy-prefix the prefix should be added before /_channelstream | |||
channelstream.proxy_path = /_channelstream | |||
r526 | |||
r1 | ################################### | ||
r124 | ## APPENLIGHT CONFIG ## | ||
r1 | ################################### | ||
## Appenlight is tailored to work with RhodeCode, see | |||
## http://appenlight.com for details how to obtain an account | |||
r3483 | ## Appenlight integration enabled | ||
r1 | appenlight = false | ||
appenlight.server_url = https://api.appenlight.com | |||
appenlight.api_key = YOUR_API_KEY | |||
r122 | #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5 | ||
r1 | |||
r3483 | ## used for JS client | ||
r1 | appenlight.api_public_key = YOUR_API_PUBLIC_KEY | ||
## TWEAK AMOUNT OF INFO SENT HERE | |||
## enables 404 error logging (default False) | |||
appenlight.report_404 = false | |||
## time in seconds after request is considered being slow (default 1) | |||
appenlight.slow_request_time = 1 | |||
## record slow requests in application | |||
## (needs to be enabled for slow datastore recording and time tracking) | |||
appenlight.slow_requests = true | |||
## enable hooking to application loggers | |||
appenlight.logging = true | |||
## minimum log level for log capture | |||
appenlight.logging.level = WARNING | |||
## send logs only from erroneous/slow requests | |||
## (saves API quota for intensive logging) | |||
appenlight.logging_on_error = false | |||
r3483 | ## list of additional keywords that should be grabbed from environ object | ||
r1 | ## can be string with comma separated list of words in lowercase | ||
## (by default client will always send following info: | |||
## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that | |||
## start with HTTP* this list be extended with additional keywords here | |||
appenlight.environ_keys_whitelist = | |||
## list of keywords that should be blanked from request object | |||
## can be string with comma separated list of words in lowercase | |||
## (by default client will always blank keys that contain following words | |||
## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' | |||
## this list be extended with additional keywords set here | |||
appenlight.request_keys_blacklist = | |||
## list of namespaces that should be ignores when gathering log entries | |||
## can be string with comma separated list of namespaces | |||
## (by default the client ignores own entries: appenlight_client.client) | |||
appenlight.log_namespace_blacklist = | |||
r1264 | ########################################### | ||
### MAIN RHODECODE DATABASE CONFIG ### | |||
########################################### | |||
r1 | #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30 | ||
r630 | #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode | ||
r3068 | #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8 | ||
r2957 | # pymysql is an alternative driver for MySQL, use in case of problems with default one | ||
r2846 | #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode | ||
r1 | sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode | ||
# see sqlalchemy docs for other advanced settings | |||
## print the sql statements to output | |||
sqlalchemy.db1.echo = false | |||
r984 | ## recycle the connections after this amount of seconds | ||
r1 | sqlalchemy.db1.pool_recycle = 3600 | ||
sqlalchemy.db1.convert_unicode = true | |||
## the number of connections to keep open inside the connection pool. | |||
## 0 indicates no limit | |||
#sqlalchemy.db1.pool_size = 5 | |||
## the number of connections to allow in connection pool "overflow", that is | |||
## connections that can be opened above and beyond the pool_size setting, | |||
## which defaults to five. | |||
#sqlalchemy.db1.max_overflow = 10 | |||
r2846 | ## Connection check ping, used to detect broken database connections | ||
## could be enabled to better handle cases if MySQL has gone away errors | |||
#sqlalchemy.db1.ping_connection = true | |||
r1 | |||
################## | |||
### VCS CONFIG ### | |||
################## | |||
vcs.server.enable = true | |||
vcs.server = localhost:9900 | |||
r14 | |||
r3483 | ## Web server connectivity protocol, responsible for web based VCS operations | ||
r113 | ## Available protocols are: | ||
|
r957 | ## `http` - use http-rpc backend (default) | |
vcs.server.protocol = http | |||
r113 | |||
## Push/Pull operations protocol, available options are: | |||
|
r957 | ## `http` - use http-rpc backend (default) | |
vcs.scm_app_implementation = http | |||
r14 | |||
r113 | ## Push/Pull operations hooks protocol, available options are: | ||
|
r957 | ## `http` - use http-rpc backend (default) | |
vcs.hooks.protocol = http | |||
r3270 | |||
r2833 | ## Host on which this instance is listening for hooks. If vcsserver is in other location | ||
## this should be adjusted. | |||
vcs.hooks.host = 127.0.0.1 | |||
r113 | |||
r139 | vcs.server.log_level = info | ||
r2965 | ## Start VCSServer with this instance as a subprocess, useful for development | ||
r1 | vcs.start_server = false | ||
|
r587 | ||
## List of enabled VCS backends, available options are: | |||
## `hg` - mercurial | |||
## `git` - git | |||
## `svn` - subversion | |||
r1 | vcs.backends = hg, git, svn | ||
|
r587 | ||
r1 | vcs.connection_timeout = 3600 | ||
## Compatibility version when creating SVN repositories. Defaults to newest version when commented out. | |||
r2032 | ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible | ||
r1 | #vcs.svn.compatible_version = pre-1.8-compatible | ||
|
r562 | ||
r631 | ############################################################ | ||
### Subversion proxy support (mod_dav_svn) ### | |||
### Maps RhodeCode repo groups into SVN paths for Apache ### | |||
############################################################ | |||
|
r562 | ## Enable or disable the config file generation. | |
svn.proxy.generate_config = false | |||
## Generate config file with `SVNListParentPath` set to `On`. | |||
svn.proxy.list_parent_path = true | |||
## Set location and file name of generated config file. | |||
svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf | |||
r2161 | ## alternative mod_dav config template. This needs to be a mako template | ||
#svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako | |||
r1164 | ## Used as a prefix to the `Location` block in the generated config file. | ||
r984 | ## In most cases it should be set to `/`. | ||
|
r562 | svn.proxy.location_root = / | |
|
r1009 | ## Command to reload the mod dav svn configuration on change. | |
r3483 | ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh | ||
## Make sure user who runs RhodeCode process is allowed to reload Apache | |||
|
r1009 | #svn.proxy.reload_cmd = /etc/init.d/apache2 reload | |
|
r1015 | ## If the timeout expires before the reload command finishes, the command will | |
## be killed. Setting it to zero means no timeout. Defaults to 10 seconds. | |||
#svn.proxy.reload_timeout = 10 | |||
|
r562 | ||
r1994 | ############################################################ | ||
### SSH Support Settings ### | |||
############################################################ | |||
r2125 | ## Defines if a custom authorized_keys file should be created and written on | ||
r3483 | ## any change user ssh keys. Setting this to false also disables possibility | ||
r2125 | ## of adding SSH keys by users from web interface. Super admins can still | ||
## manage SSH Keys. | |||
r1994 | ssh.generate_authorized_keyfile = false | ||
## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding` | |||
# ssh.authorized_keys_ssh_opts = | |||
r3483 | ## Path to the authorized_keys file where the generate entries are placed. | ||
r2043 | ## It is possible to have multiple key files specified in `sshd_config` e.g. | ||
## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode | |||
ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode | |||
## Command to execute the SSH wrapper. The binary is available in the | |||
r3483 | ## RhodeCode installation directory. | ||
r2119 | ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper | ||
ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper | |||
r2043 | |||
## Allow shell when executing the ssh-wrapper command | |||
ssh.wrapper_cmd_allow_shell = false | |||
r1994 | |||
r2125 | ## Enables logging, and detailed output send back to the client during SSH | ||
r3483 | ## operations. Useful for debugging, shouldn't be used in production. | ||
r2043 | ssh.enable_debug_logging = false | ||
r2125 | ## Paths to binary executable, by default they are the names, but we can | ||
r2043 | ## override them if we want to use a custom one | ||
ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg | |||
ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git | |||
ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve | |||
r3478 | ## Enables SSH key generator web interface. Disabling this still allows users | ||
## to add their own keys. | |||
ssh.enable_ui_key_generator = true | |||
r1994 | |||
r1264 | ## Dummy marker to add new entries after. | ||
## Add any custom entries below. Please don't remove. | |||
custom.conf = 1 | |||
|
r562 | ||
r1 | ################################ | ||
### LOGGING CONFIGURATION #### | |||
################################ | |||
[loggers] | |||
r2846 | keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper | ||
r1 | |||
[handlers] | |||
keys = console, console_sql | |||
[formatters] | |||
keys = generic, color_formatter, color_formatter_sql | |||
############# | |||
## LOGGERS ## | |||
############# | |||
[logger_root] | |||
level = NOTSET | |||
handlers = console | |||
r2125 | [logger_sqlalchemy] | ||
level = INFO | |||
handlers = console_sql | |||
qualname = sqlalchemy.engine | |||
propagate = 0 | |||
r1 | |||
[logger_beaker] | |||
level = DEBUG | |||
handlers = | |||
qualname = beaker.container | |||
propagate = 1 | |||
[logger_rhodecode] | |||
level = DEBUG | |||
handlers = | |||
qualname = rhodecode | |||
propagate = 1 | |||
r2043 | [logger_ssh_wrapper] | ||
level = DEBUG | |||
handlers = | |||
qualname = ssh_wrapper | |||
propagate = 1 | |||
r2359 | [logger_celery] | ||
level = DEBUG | |||
handlers = | |||
qualname = celery | |||
r2043 | |||
r1 | ############## | ||
## HANDLERS ## | |||
############## | |||
[handler_console] | |||
class = StreamHandler | |||
r1264 | args = (sys.stderr, ) | ||
r1 | level = INFO | ||
formatter = generic | |||
[handler_console_sql] | |||
r2846 | # "level = DEBUG" logs SQL queries and results. | ||
# "level = INFO" logs SQL queries. | |||
# "level = WARN" logs neither. (Recommended for production systems.) | |||
r1 | class = StreamHandler | ||
r1264 | args = (sys.stderr, ) | ||