##// END OF EJS Templates
migration: detach permissions defaults migration from current models....
migration: detach permissions defaults migration from current models. This was causing that latest code was used results in potential problems during migration. Now we use the bound migraiton code that always will perform the same exact migrations independent of the current code changes.

File last commit:

r1409:c1ce56be default
r1544:cf0c0eb2 default
Show More
rhodecode.ini
707 lines | 22.9 KiB | text/x-ini | IniLexer
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971
################################################################################
## RHODECODE ENTERPRISE CONFIGURATION ##
# The %(here)s variable will be replaced with the parent directory of this file#
################################################################################
[DEFAULT]
debug = true
################################################################################
## EMAIL CONFIGURATION ##
## Uncomment and replace with the email address which should receive ##
## any error reports after an application crash ##
## Additionally these settings will be used by the RhodeCode mailing system ##
################################################################################
## prefix all emails subjects with given prefix, helps filtering out emails
#email_prefix = [RhodeCode]
## email FROM address all mails will be sent
#app_email_from = rhodecode-noreply@localhost
## Uncomment and replace with the address which should receive any error report
## note: using appenlight for error handling doesn't need this to be uncommented
#email_to = admin@localhost
## in case of Application errors, sent an error email form
#error_email_from = rhodecode_error@localhost
## additional error message to be send in case of server crash
#error_message =
#smtp_server = mail.server.com
#smtp_username =
#smtp_password =
#smtp_port =
#smtp_use_tls = false
#smtp_use_ssl = true
## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
#smtp_auth =
[server:main]
## COMMON ##
host = 0.0.0.0
port = 5000
##################################
## WAITRESS WSGI SERVER ##
## Recommended for Development ##
##################################
use = egg:waitress#main
## number of worker threads
threads = 5
## MAX BODY SIZE 100GB
max_request_body_size = 107374182400
## Use poll instead of select, fixes file descriptors limits problems.
## May not work on old windows systems.
asyncore_use_poll = true
##########################
## GUNICORN WSGI SERVER ##
##########################
## run with gunicorn --log-config <inifile.ini> --paste <inifile.ini>
#use = egg:gunicorn#main
## Sets the number of process workers. You must set `instance_id = *`
## when this option is set to more than one worker, recommended
## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
## The `instance_id = *` must be set in the [app:main] section below
#workers = 2
## number of threads for each of the worker, must be set to 1 for gevent
## generally recommened to be at 1
#threads = 1
## process name
#proc_name = rhodecode
## type of worker class, one of sync, gevent
## recommended for bigger setup is using of of other than sync one
#worker_class = sync
## The maximum number of simultaneous clients. Valid only for Gevent
#worker_connections = 10
## max number of requests that worker will handle before being gracefully
## restarted, could prevent memory leaks
#max_requests = 1000
#max_requests_jitter = 30
## amount of time a worker can spend with handling a request before it
## gets killed and restarted. Set to 6hrs
#timeout = 21600
## UWSGI ##
## run with uwsgi --ini-paste-logged <inifile.ini>
#[uwsgi]
#socket = /tmp/uwsgi.sock
#master = true
#http = 127.0.0.1:5000
## set as deamon and redirect all output to file
#daemonize = ./uwsgi_rhodecode.log
## master process PID
#pidfile = ./uwsgi_rhodecode.pid
## stats server with workers statistics, use uwsgitop
## for monitoring, `uwsgitop 127.0.0.1:1717`
#stats = 127.0.0.1:1717
#memory-report = true
## log 5XX errors
#log-5xx = true
## Set the socket listen queue size.
#listen = 256
## Gracefully Reload workers after the specified amount of managed requests
## (avoid memory leaks).
#max-requests = 1000
## enable large buffers
#buffer-size=65535
## socket and http timeouts ##
#http-timeout=3600
#socket-timeout=3600
## Log requests slower than the specified number of milliseconds.
#log-slow = 10
## Exit if no app can be loaded.
#need-app = true
## Set lazy mode (load apps in workers instead of master).
#lazy = true
## scaling ##
## set cheaper algorithm to use, if not set default will be used
#cheaper-algo = spare
## minimum number of workers to keep at all times
#cheaper = 1
## number of workers to spawn at startup
#cheaper-initial = 1
## maximum number of workers that can be spawned
#workers = 4
## how many workers should be spawned at a time
#cheaper-step = 1
docs: fix apache as subdirectory instructions....
r1121 ## prefix middleware for RhodeCode.
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971 ## recommended when using proxy setup.
## allows to set RhodeCode under a prefix in server.
## eg https://server.com/<prefix>. Enable `filter-with =` option below as well.
## optionally set prefix like: `prefix = /<your-prefix>`
[filter:proxy-prefix]
use = egg:PasteDeploy#prefix
prefix = /
[app:main]
is_test = True
use = egg:rhodecode-enterprise-ce
## enable proxy prefix middleware, defined above
#filter-with = proxy-prefix
## RHODECODE PLUGINS ##
rhodecode.includes = rhodecode.api
# api prefix url
rhodecode.api.url = /_admin/api
## END RHODECODE PLUGINS ##
## encryption key used to encrypt social plugin tokens,
## remote_urls with credentials etc, if not set it defaults to
## `beaker.session.secret`
#rhodecode.encrypted_values.secret =
## decryption strict mode (enabled by default). It controls if decryption raises
## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
#rhodecode.encrypted_values.strict = false
## return gzipped responses from Rhodecode (static files/application)
gzip_responses = false
## autogenerate javascript routes file on startup
generate_js_files = false
## Optional Languages
## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
lang = en
## perform a full repository scan on each server start, this should be
## set to false after first startup, to allow faster server restarts.
startup.import_repos = true
## Uncomment and set this path to use archive download cache.
## Once enabled, generated archives will be cached at this location
## and served from the cache during subsequent requests for the same archive of
## the repository.
#archive_cache_dir = /tmp/tarballcache
## change this to unique ID for security
app_instance_uuid = rc-production
## cut off limit for large diffs (size in bytes)
cut_off_limit_diff = 1024000
cut_off_limit_file = 256000
## use cache version of scm repo everywhere
vcs_full_cache = false
## force https in RhodeCode, fixes https redirects, assumes it's always https
## Normally this is controlled by proper http flags sent from http server
force_https = false
## use Strict-Transport-Security headers
use_htsts = false
## number of commits stats will parse on each iteration
commit_parse_limit = 25
## git rev filter option, --all is the default filter, if you need to
## hide all refs in changelog switch this to --branches --tags
git_rev_filter = --all
# Set to true if your repos are exposed using the dumb protocol
git_update_server_info = false
## RSS/ATOM feed options
rss_cut_off_limit = 256000
rss_items_per_page = 10
rss_include_diff = false
## gist URL alias, used to create nicer urls for gist. This should be an
## url that does rewrites to _admin/gists/<gistid>.
## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/<gistid>
gist_alias_url =
## List of controllers (using glob pattern syntax) that AUTH TOKENS could be
## used for access.
## Adding ?auth_token = <token> to the url authenticates this request as if it
## came from the the logged in user who own this authentication token.
##
## Syntax is <ControllerClass>:<function_pattern>.
## To enable access to raw_files put `FilesController:raw`.
## To enable access to patches add `ChangesetController:changeset_patch`.
## The list should be "," separated and on a single line.
##
## Recommended controllers to enable:
# ChangesetController:changeset_patch,
# ChangesetController:changeset_raw,
# FilesController:raw,
# FilesController:archivefile,
# GistsController:*,
api_access_controllers_whitelist =
## default encoding used to convert from and to unicode
## can be also a comma separated list of encoding in case of mixed encodings
default_encoding = UTF-8
## instance-id prefix
## a prefix key for this instance used for cache invalidation when running
## multiple instances of rhodecode, make sure it's globally unique for
## all running rhodecode instances. Leave empty if you don't use it
instance_id =
## Fallback authentication plugin. Set this to a plugin ID to force the usage
## of an authentication plugin also if it is disabled by it's settings.
## This could be useful if you are unable to log in to the system due to broken
## authentication settings. Then you can enable e.g. the internal rhodecode auth
## module to log in again and fix the settings.
##
## Available builtin plugin IDs (hash is part of the ID):
## egg:rhodecode-enterprise-ce#rhodecode
## egg:rhodecode-enterprise-ce#pam
## egg:rhodecode-enterprise-ce#ldap
## egg:rhodecode-enterprise-ce#jasig_cas
## egg:rhodecode-enterprise-ce#headers
## egg:rhodecode-enterprise-ce#crowd
#rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
## alternative return HTTP header for failed authentication. Default HTTP
## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
## handling that causing a series of failed authentication calls.
## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
## This will be served instead of default 401 on bad authnetication
auth_ret_code =
## use special detection method when serving auth_ret_code, instead of serving
## ret_code directly, use 401 initially (Which triggers credentials prompt)
## and then serve auth_ret_code to clients
auth_ret_code_detection = false
## locking return code. When repository is locked return this HTTP code. 2XX
## codes don't break the transactions while 4XX codes do
lock_ret_code = 423
## allows to change the repository location in settings page
allow_repo_location_change = true
## allows to setup custom hooks in settings page
allow_custom_hooks_settings = true
## generated license token, goto license page in RhodeCode settings to obtain
## new token
license_token = abra-cada-bra1-rce3
## supervisor connection uri, for managing supervisor and logs.
supervisor.uri =
## supervisord group name/id we only want this RC instance to handle
supervisor.group_id = dev
## Display extended labs settings
labs_settings_active = true
####################################
### CELERY CONFIG ####
####################################
use_celery = false
broker.host = localhost
broker.vhost = rabbitmqhost
broker.port = 5672
broker.user = rabbitmq
broker.password = qweqwe
celery.imports = rhodecode.lib.celerylib.tasks
celery.result.backend = amqp
celery.result.dburi = amqp://
celery.result.serialier = json
#celery.send.task.error.emails = true
#celery.amqp.task.result.expires = 18000
celeryd.concurrency = 2
#celeryd.log.file = celeryd.log
celeryd.log.level = debug
celeryd.max.tasks.per.child = 1
## tasks will never be sent to the queue, but executed locally instead.
celery.always.eager = false
####################################
### BEAKER CACHE ####
####################################
# default cache dir for templates. Putting this into a ramdisk
## can boost performance, eg. %(here)s/data_ramdisk
cache_dir = %(here)s/data
## locking and default file storage for Beaker. Putting this into a ramdisk
## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
beaker.cache.data_dir = %(here)s/rc/data/cache/beaker_data
beaker.cache.lock_dir = %(here)s/rc/data/cache/beaker_lock
beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
beaker.cache.super_short_term.type = memory
beaker.cache.super_short_term.expire = 1
beaker.cache.super_short_term.key_length = 256
beaker.cache.short_term.type = memory
beaker.cache.short_term.expire = 60
beaker.cache.short_term.key_length = 256
beaker.cache.long_term.type = memory
beaker.cache.long_term.expire = 36000
beaker.cache.long_term.key_length = 256
beaker.cache.sql_cache_short.type = memory
beaker.cache.sql_cache_short.expire = 1
beaker.cache.sql_cache_short.key_length = 256
## default is memory cache, configure only if required
## using multi-node or multi-worker setup
#beaker.cache.auth_plugins.type = ext:database
#beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
#beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
#beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
#beaker.cache.auth_plugins.sa.pool_recycle = 3600
#beaker.cache.auth_plugins.sa.pool_size = 10
#beaker.cache.auth_plugins.sa.max_overflow = 0
beaker.cache.repo_cache_long.type = memorylru_base
beaker.cache.repo_cache_long.max_items = 4096
beaker.cache.repo_cache_long.expire = 2592000
## default is memorylru_base cache, configure only if required
## using multi-node or multi-worker setup
#beaker.cache.repo_cache_long.type = ext:memcached
#beaker.cache.repo_cache_long.url = localhost:11211
#beaker.cache.repo_cache_long.expire = 1209600
#beaker.cache.repo_cache_long.key_length = 256
####################################
### BEAKER SESSION ####
####################################
## .session.type is type of storage options for the session, current allowed
## types are file, ext:memcached, ext:database, and memory (default).
beaker.session.type = file
beaker.session.data_dir = %(here)s/rc/data/sessions/data
## db based session, fast, and allows easy management over logged in users
#beaker.session.type = ext:database
#beaker.session.table_name = db_session
#beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
#beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
#beaker.session.sa.pool_recycle = 3600
#beaker.session.sa.echo = false
beaker.session.key = rhodecode
beaker.session.secret = test-rc-uytcxaz
beaker.session.lock_dir = %(here)s/rc/data/sessions/lock
## Secure encrypted cookie. Requires AES and AES python libraries
## you must disable beaker.session.secret to use this
#beaker.session.encrypt_key = <key_for_encryption>
#beaker.session.validate_key = <validation_key>
## sets session as invalid(also logging out user) if it haven not been
## accessed for given amount of time in seconds
beaker.session.timeout = 2592000
beaker.session.httponly = true
## Path to use for the cookie.
#beaker.session.cookie_path = /<your-prefix>
## uncomment for https secure cookie
beaker.session.secure = false
## auto save the session to not to use .save()
beaker.session.auto = false
## default cookie expiration time in seconds, set to `true` to set expire
## at browser close
#beaker.session.cookie_expires = 3600
###################################
## SEARCH INDEXING CONFIGURATION ##
###################################
## Full text search indexer is available in rhodecode-tools under
## `rhodecode-tools index` command
# WHOOSH Backend, doesn't require additional services to run
# it works good with few dozen repos
search.module = rhodecode.lib.index.whoosh
search.location = %(here)s/data/index
########################################
### CHANNELSTREAM CONFIG ####
########################################
## channelstream enables persistent connections and live notification
## in the system. It's also used by the chat system
channelstream.enabled = false
# location of channelstream server on the backend
channelstream.server = 127.0.0.1:9800
## location of the channelstream server from outside world
## most likely this would be an http server special backend URL, that handles
## websocket connections see nginx example for config
channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
channelstream.secret = secret
channelstream.history.location = %(here)s/channelstream_history
###################################
## APPENLIGHT CONFIG ##
###################################
## Appenlight is tailored to work with RhodeCode, see
## http://appenlight.com for details how to obtain an account
## appenlight integration enabled
appenlight = false
appenlight.server_url = https://api.appenlight.com
appenlight.api_key = YOUR_API_KEY
#appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
# used for JS client
appenlight.api_public_key = YOUR_API_PUBLIC_KEY
## TWEAK AMOUNT OF INFO SENT HERE
## enables 404 error logging (default False)
appenlight.report_404 = false
## time in seconds after request is considered being slow (default 1)
appenlight.slow_request_time = 1
## record slow requests in application
## (needs to be enabled for slow datastore recording and time tracking)
appenlight.slow_requests = true
## enable hooking to application loggers
appenlight.logging = true
## minimum log level for log capture
appenlight.logging.level = WARNING
## send logs only from erroneous/slow requests
## (saves API quota for intensive logging)
appenlight.logging_on_error = false
## list of additonal keywords that should be grabbed from environ object
## can be string with comma separated list of words in lowercase
## (by default client will always send following info:
## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
## start with HTTP* this list be extended with additional keywords here
appenlight.environ_keys_whitelist =
## list of keywords that should be blanked from request object
## can be string with comma separated list of words in lowercase
## (by default client will always blank keys that contain following words
## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
## this list be extended with additional keywords set here
appenlight.request_keys_blacklist =
## list of namespaces that should be ignores when gathering log entries
## can be string with comma separated list of namespaces
## (by default the client ignores own entries: appenlight_client.client)
appenlight.log_namespace_blacklist =
################################################################################
## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
## execute malicious code after an exception is raised. ##
################################################################################
set debug = false
##############
## STYLING ##
##############
debug_style = false
#########################################################
### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
#########################################################
#sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db
#sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode_test
#sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode_test
sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db
# see sqlalchemy docs for other advanced settings
## print the sql statements to output
sqlalchemy.db1.echo = false
## recycle the connections after this ammount of seconds
sqlalchemy.db1.pool_recycle = 3600
sqlalchemy.db1.convert_unicode = true
## the number of connections to keep open inside the connection pool.
## 0 indicates no limit
#sqlalchemy.db1.pool_size = 5
## the number of connections to allow in connection pool "overflow", that is
## connections that can be opened above and beyond the pool_size setting,
## which defaults to five.
#sqlalchemy.db1.max_overflow = 10
##################
### VCS CONFIG ###
##################
vcs.server.enable = true
vcs.server = localhost:9901
## Web server connectivity protocol, responsible for web based VCS operatations
## Available protocols are:
## `http` - using http-rpc backend
Martin Bornhold
tests: Use http backend in rhodecode test ini file.
r973 vcs.server.protocol = http
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971
## Push/Pull operations protocol, available options are:
## `rhodecode.lib.middleware.utils.scm_app_http` - Http based, recommended
## `vcsserver.scm_app` - internal app (EE only)
Martin Bornhold
tests: Use http backend in rhodecode test ini file.
r973 vcs.scm_app_implementation = http
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971
## Push/Pull operations hooks protocol, available options are:
## `http` - using http-rpc backend
Martin Bornhold
tests: Use http backend in rhodecode test ini file.
r973 vcs.hooks.protocol = http
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971
vcs.server.log_level = debug
## Start VCSServer with this instance as a subprocess, usefull for development
Martin Bornhold
pytest: Fix settings in test-ini files.
r976 vcs.start_server = false
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971
## List of enabled VCS backends, available options are:
## `hg` - mercurial
## `git` - git
## `svn` - subversion
vcs.backends = hg, git, svn
vcs.connection_timeout = 3600
## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible
#vcs.svn.compatible_version = pre-1.8-compatible
############################################################
### Subversion proxy support (mod_dav_svn) ###
### Maps RhodeCode repo groups into SVN paths for Apache ###
############################################################
## Enable or disable the config file generation.
svn.proxy.generate_config = false
## Generate config file with `SVNListParentPath` set to `On`.
svn.proxy.list_parent_path = true
## Set location and file name of generated config file.
svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
## File system path to the directory containing the repositories served by
## RhodeCode.
svn.proxy.parent_path_root = /path/to/repo_store
## Used as a prefix to the <Location> block in the generated config file. In
## most cases it should be set to `/`.
svn.proxy.location_root = /
################################
### LOGGING CONFIGURATION ####
################################
[loggers]
core: removed pyro4 from Enterprise code. Fixes #5198
r1409 keys = root, routes, rhodecode, sqlalchemy, beaker, templates
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971
[handlers]
keys = console, console_sql
[formatters]
keys = generic, color_formatter, color_formatter_sql
#############
## LOGGERS ##
#############
[logger_root]
level = NOTSET
handlers = console
[logger_routes]
level = DEBUG
handlers =
qualname = routes.middleware
## "level = DEBUG" logs the route matched and routing variables.
propagate = 1
[logger_beaker]
level = DEBUG
handlers =
qualname = beaker.container
propagate = 1
[logger_templates]
level = INFO
handlers =
qualname = pylons.templating
propagate = 1
[logger_rhodecode]
level = DEBUG
handlers =
qualname = rhodecode
propagate = 1
[logger_sqlalchemy]
level = ERROR
handlers = console_sql
qualname = sqlalchemy.engine
propagate = 0
##############
## HANDLERS ##
##############
[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = DEBUG
formatter = generic
[handler_console_sql]
class = StreamHandler
args = (sys.stderr,)
level = WARN
formatter = generic
################
## FORMATTERS ##
################
[formatter_generic]
core: removed pyro4 from Enterprise code. Fixes #5198
r1409 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
Martin Bornhold
tests: Move rhodecode ini file into tests directory
r971 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %Y-%m-%d %H:%M:%S
[formatter_color_formatter]
class = rhodecode.lib.logging_formatter.ColorFormatter
format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %Y-%m-%d %H:%M:%S
[formatter_color_formatter_sql]
class = rhodecode.lib.logging_formatter.ColorFormatterSql
format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %Y-%m-%d %H:%M:%S