##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
git: remove GIT_REV_FILTER argument as it's now obsolete with libgit2 implementation
dan -
r3920:03ca5514 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,744 +1,740 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 ################################################################################
6 6
7 7 [DEFAULT]
8 8 ## Debug flag sets all loggers to debug, and enables request tracking
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 #smtp_server = mail.server.com
25 25 #smtp_username =
26 26 #smtp_password =
27 27 #smtp_port =
28 28 #smtp_use_tls = false
29 29 #smtp_use_ssl = true
30 30
31 31 [server:main]
32 32 ## COMMON ##
33 33 host = 127.0.0.1
34 34 port = 5000
35 35
36 36 ###########################################################
37 37 ## WAITRESS WSGI SERVER - Recommended for Development ####
38 38 ###########################################################
39 39
40 40 use = egg:waitress#main
41 41 ## number of worker threads
42 42 threads = 5
43 43 ## MAX BODY SIZE 100GB
44 44 max_request_body_size = 107374182400
45 45 ## Use poll instead of select, fixes file descriptors limits problems.
46 46 ## May not work on old windows systems.
47 47 asyncore_use_poll = true
48 48
49 49
50 50 ##########################
51 51 ## GUNICORN WSGI SERVER ##
52 52 ##########################
53 53 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
54 54
55 55 #use = egg:gunicorn#main
56 56 ## Sets the number of process workers. More workers means more concurrent connections
57 57 ## RhodeCode can handle at the same time. Each additional worker also it increases
58 58 ## memory usage as each has it's own set of caches.
59 59 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
60 60 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
61 61 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
62 62 ## when using more than 1 worker.
63 63 #workers = 2
64 64 ## process name visible in process list
65 65 #proc_name = rhodecode
66 66 ## type of worker class, one of sync, gevent
67 67 ## recommended for bigger setup is using of of other than sync one
68 68 #worker_class = gevent
69 69 ## The maximum number of simultaneous clients. Valid only for Gevent
70 70 #worker_connections = 10
71 71 ## max number of requests that worker will handle before being gracefully
72 72 ## restarted, could prevent memory leaks
73 73 #max_requests = 1000
74 74 #max_requests_jitter = 30
75 75 ## amount of time a worker can spend with handling a request before it
76 76 ## gets killed and restarted. Set to 6hrs
77 77 #timeout = 21600
78 78
79 79
80 80 ## prefix middleware for RhodeCode.
81 81 ## recommended when using proxy setup.
82 82 ## allows to set RhodeCode under a prefix in server.
83 83 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
84 84 ## And set your prefix like: `prefix = /custom_prefix`
85 85 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
86 86 ## to make your cookies only work on prefix url
87 87 [filter:proxy-prefix]
88 88 use = egg:PasteDeploy#prefix
89 89 prefix = /
90 90
91 91 [app:main]
92 92 ## The %(here)s variable will be replaced with the absolute path of parent directory
93 93 ## of this file
94 94 ## In addition ENVIRONMENT variables usage is possible, e.g
95 95 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
96 96
97 97 use = egg:rhodecode-enterprise-ce
98 98
99 99 ## enable proxy prefix middleware, defined above
100 100 #filter-with = proxy-prefix
101 101
102 102 # During development the we want to have the debug toolbar enabled
103 103 pyramid.includes =
104 104 pyramid_debugtoolbar
105 105 rhodecode.lib.middleware.request_wrapper
106 106
107 107 pyramid.reload_templates = true
108 108
109 109 debugtoolbar.hosts = 0.0.0.0/0
110 110 debugtoolbar.exclude_prefixes =
111 111 /css
112 112 /fonts
113 113 /images
114 114 /js
115 115
116 116 ## RHODECODE PLUGINS ##
117 117 rhodecode.includes =
118 118 rhodecode.api
119 119
120 120
121 121 # api prefix url
122 122 rhodecode.api.url = /_admin/api
123 123
124 124
125 125 ## END RHODECODE PLUGINS ##
126 126
127 127 ## encryption key used to encrypt social plugin tokens,
128 128 ## remote_urls with credentials etc, if not set it defaults to
129 129 ## `beaker.session.secret`
130 130 #rhodecode.encrypted_values.secret =
131 131
132 132 ## decryption strict mode (enabled by default). It controls if decryption raises
133 133 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
134 134 #rhodecode.encrypted_values.strict = false
135 135
136 136 ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
137 137 ## fernet is safer, and we strongly recommend switching to it.
138 138 ## Due to backward compatibility aes is used as default.
139 139 #rhodecode.encrypted_values.algorithm = fernet
140 140
141 141 ## return gzipped responses from RhodeCode (static files/application)
142 142 gzip_responses = false
143 143
144 144 ## auto-generate javascript routes file on startup
145 145 generate_js_files = false
146 146
147 147 ## System global default language.
148 148 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
149 149 lang = en
150 150
151 151 ## Perform a full repository scan and import on each server start.
152 152 ## Settings this to true could lead to very long startup time.
153 153 startup.import_repos = false
154 154
155 155 ## Uncomment and set this path to use archive download cache.
156 156 ## Once enabled, generated archives will be cached at this location
157 157 ## and served from the cache during subsequent requests for the same archive of
158 158 ## the repository.
159 159 #archive_cache_dir = /tmp/tarballcache
160 160
161 161 ## URL at which the application is running. This is used for Bootstrapping
162 162 ## requests in context when no web request is available. Used in ishell, or
163 163 ## SSH calls. Set this for events to receive proper url for SSH calls.
164 164 app.base_url = http://rhodecode.local
165 165
166 166 ## Unique application ID. Should be a random unique string for security.
167 167 app_instance_uuid = rc-production
168 168
169 169 ## Cut off limit for large diffs (size in bytes). If overall diff size on
170 170 ## commit, or pull request exceeds this limit this diff will be displayed
171 171 ## partially. E.g 512000 == 512Kb
172 172 cut_off_limit_diff = 512000
173 173
174 174 ## Cut off limit for large files inside diffs (size in bytes). Each individual
175 175 ## file inside diff which exceeds this limit will be displayed partially.
176 176 ## E.g 128000 == 128Kb
177 177 cut_off_limit_file = 128000
178 178
179 179 ## use cached version of vcs repositories everywhere. Recommended to be `true`
180 180 vcs_full_cache = true
181 181
182 182 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
183 183 ## Normally this is controlled by proper http flags sent from http server
184 184 force_https = false
185 185
186 186 ## use Strict-Transport-Security headers
187 187 use_htsts = false
188 188
189 ## git rev filter option, --all is the default filter, if you need to
190 ## hide all refs in changelog switch this to --branches --tags
191 git_rev_filter = --branches --tags
192
193 189 # Set to true if your repos are exposed using the dumb protocol
194 190 git_update_server_info = false
195 191
196 192 ## RSS/ATOM feed options
197 193 rss_cut_off_limit = 256000
198 194 rss_items_per_page = 10
199 195 rss_include_diff = false
200 196
201 197 ## gist URL alias, used to create nicer urls for gist. This should be an
202 198 ## url that does rewrites to _admin/gists/{gistid}.
203 199 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
204 200 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
205 201 gist_alias_url =
206 202
207 203 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
208 204 ## used for access.
209 205 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
210 206 ## came from the the logged in user who own this authentication token.
211 207 ## Additionally @TOKEN syntax can be used to bound the view to specific
212 208 ## authentication token. Such view would be only accessible when used together
213 209 ## with this authentication token
214 210 ##
215 211 ## list of all views can be found under `/_admin/permissions/auth_token_access`
216 212 ## The list should be "," separated and on a single line.
217 213 ##
218 214 ## Most common views to enable:
219 215 # RepoCommitsView:repo_commit_download
220 216 # RepoCommitsView:repo_commit_patch
221 217 # RepoCommitsView:repo_commit_raw
222 218 # RepoCommitsView:repo_commit_raw@TOKEN
223 219 # RepoFilesView:repo_files_diff
224 220 # RepoFilesView:repo_archivefile
225 221 # RepoFilesView:repo_file_raw
226 222 # GistView:*
227 223 api_access_controllers_whitelist =
228 224
229 225 ## Default encoding used to convert from and to unicode
230 226 ## can be also a comma separated list of encoding in case of mixed encodings
231 227 default_encoding = UTF-8
232 228
233 229 ## instance-id prefix
234 230 ## a prefix key for this instance used for cache invalidation when running
235 231 ## multiple instances of RhodeCode, make sure it's globally unique for
236 232 ## all running RhodeCode instances. Leave empty if you don't use it
237 233 instance_id =
238 234
239 235 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
240 236 ## of an authentication plugin also if it is disabled by it's settings.
241 237 ## This could be useful if you are unable to log in to the system due to broken
242 238 ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
243 239 ## module to log in again and fix the settings.
244 240 ##
245 241 ## Available builtin plugin IDs (hash is part of the ID):
246 242 ## egg:rhodecode-enterprise-ce#rhodecode
247 243 ## egg:rhodecode-enterprise-ce#pam
248 244 ## egg:rhodecode-enterprise-ce#ldap
249 245 ## egg:rhodecode-enterprise-ce#jasig_cas
250 246 ## egg:rhodecode-enterprise-ce#headers
251 247 ## egg:rhodecode-enterprise-ce#crowd
252 248 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
253 249
254 250 ## alternative return HTTP header for failed authentication. Default HTTP
255 251 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
256 252 ## handling that causing a series of failed authentication calls.
257 253 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
258 254 ## This will be served instead of default 401 on bad authentication
259 255 auth_ret_code =
260 256
261 257 ## use special detection method when serving auth_ret_code, instead of serving
262 258 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
263 259 ## and then serve auth_ret_code to clients
264 260 auth_ret_code_detection = false
265 261
266 262 ## locking return code. When repository is locked return this HTTP code. 2XX
267 263 ## codes don't break the transactions while 4XX codes do
268 264 lock_ret_code = 423
269 265
270 266 ## allows to change the repository location in settings page
271 267 allow_repo_location_change = true
272 268
273 269 ## allows to setup custom hooks in settings page
274 270 allow_custom_hooks_settings = true
275 271
276 272 ## Generated license token required for EE edition license.
277 273 ## New generated token value can be found in Admin > settings > license page.
278 274 license_token =
279 275
280 276 ## supervisor connection uri, for managing supervisor and logs.
281 277 supervisor.uri =
282 278 ## supervisord group name/id we only want this RC instance to handle
283 279 supervisor.group_id = dev
284 280
285 281 ## Display extended labs settings
286 282 labs_settings_active = true
287 283
288 284 ## Custom exception store path, defaults to TMPDIR
289 285 ## This is used to store exception from RhodeCode in shared directory
290 286 #exception_tracker.store_path =
291 287
292 288 ## File store configuration. This is used to store and serve uploaded files
293 289 file_store.enabled = true
294 290 ## Storage backend, available options are: local
295 291 file_store.backend = local
296 292 ## path to store the uploaded binaries
297 293 file_store.storage_path = %(here)s/data/file_store
298 294
299 295
300 296 ####################################
301 297 ### CELERY CONFIG ####
302 298 ####################################
303 299 ## run: /path/to/celery worker \
304 300 ## -E --beat --app rhodecode.lib.celerylib.loader \
305 301 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
306 302 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
307 303
308 304 use_celery = false
309 305
310 306 ## connection url to the message broker (default redis)
311 307 celery.broker_url = redis://localhost:6379/8
312 308
313 309 ## rabbitmq example
314 310 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
315 311
316 312 ## maximum tasks to execute before worker restart
317 313 celery.max_tasks_per_child = 100
318 314
319 315 ## tasks will never be sent to the queue, but executed locally instead.
320 316 celery.task_always_eager = false
321 317
322 318 #####################################
323 319 ### DOGPILE CACHE ####
324 320 #####################################
325 321 ## Default cache dir for caches. Putting this into a ramdisk
326 322 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
327 323 ## large amount of space
328 324 cache_dir = %(here)s/data
329 325
330 326 ## `cache_perms` cache settings for permission tree, auth TTL.
331 327 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
332 328 rc_cache.cache_perms.expiration_time = 300
333 329
334 330 ## alternative `cache_perms` redis backend with distributed lock
335 331 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
336 332 #rc_cache.cache_perms.expiration_time = 300
337 333 ## redis_expiration_time needs to be greater then expiration_time
338 334 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
339 335 #rc_cache.cache_perms.arguments.socket_timeout = 30
340 336 #rc_cache.cache_perms.arguments.host = localhost
341 337 #rc_cache.cache_perms.arguments.port = 6379
342 338 #rc_cache.cache_perms.arguments.db = 0
343 339 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
344 340 #rc_cache.cache_perms.arguments.distributed_lock = true
345 341
346 342 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
347 343 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
348 344 rc_cache.cache_repo.expiration_time = 2592000
349 345
350 346 ## alternative `cache_repo` redis backend with distributed lock
351 347 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
352 348 #rc_cache.cache_repo.expiration_time = 2592000
353 349 ## redis_expiration_time needs to be greater then expiration_time
354 350 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
355 351 #rc_cache.cache_repo.arguments.socket_timeout = 30
356 352 #rc_cache.cache_repo.arguments.host = localhost
357 353 #rc_cache.cache_repo.arguments.port = 6379
358 354 #rc_cache.cache_repo.arguments.db = 1
359 355 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
360 356 #rc_cache.cache_repo.arguments.distributed_lock = true
361 357
362 358 ## cache settings for SQL queries, this needs to use memory type backend
363 359 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
364 360 rc_cache.sql_cache_short.expiration_time = 30
365 361
366 362 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
367 363 ## type backend as the objects kept are not pickle serializable
368 364 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
369 365 ## by default we use 96H, this is using invalidation on push anyway
370 366 rc_cache.cache_repo_longterm.expiration_time = 345600
371 367 ## max items in LRU cache, reduce this number to save memory, and expire last used
372 368 ## cached objects
373 369 rc_cache.cache_repo_longterm.max_size = 10000
374 370
375 371
376 372 ####################################
377 373 ### BEAKER SESSION ####
378 374 ####################################
379 375
380 376 ## .session.type is type of storage options for the session, current allowed
381 377 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
382 378 beaker.session.type = file
383 379 beaker.session.data_dir = %(here)s/data/sessions
384 380
385 381 ## redis sessions
386 382 #beaker.session.type = ext:redis
387 383 #beaker.session.url = redis://127.0.0.1:6379/2
388 384
389 385 ## db based session, fast, and allows easy management over logged in users
390 386 #beaker.session.type = ext:database
391 387 #beaker.session.table_name = db_session
392 388 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
393 389 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
394 390 #beaker.session.sa.pool_recycle = 3600
395 391 #beaker.session.sa.echo = false
396 392
397 393 beaker.session.key = rhodecode
398 394 beaker.session.secret = develop-rc-uytcxaz
399 395 beaker.session.lock_dir = %(here)s/data/sessions/lock
400 396
401 397 ## Secure encrypted cookie. Requires AES and AES python libraries
402 398 ## you must disable beaker.session.secret to use this
403 399 #beaker.session.encrypt_key = key_for_encryption
404 400 #beaker.session.validate_key = validation_key
405 401
406 402 ## sets session as invalid(also logging out user) if it haven not been
407 403 ## accessed for given amount of time in seconds
408 404 beaker.session.timeout = 2592000
409 405 beaker.session.httponly = true
410 406 ## Path to use for the cookie. Set to prefix if you use prefix middleware
411 407 #beaker.session.cookie_path = /custom_prefix
412 408
413 409 ## uncomment for https secure cookie
414 410 beaker.session.secure = false
415 411
416 412 ## auto save the session to not to use .save()
417 413 beaker.session.auto = false
418 414
419 415 ## default cookie expiration time in seconds, set to `true` to set expire
420 416 ## at browser close
421 417 #beaker.session.cookie_expires = 3600
422 418
423 419 ###################################
424 420 ## SEARCH INDEXING CONFIGURATION ##
425 421 ###################################
426 422 ## Full text search indexer is available in rhodecode-tools under
427 423 ## `rhodecode-tools index` command
428 424
429 425 ## WHOOSH Backend, doesn't require additional services to run
430 426 ## it works good with few dozen repos
431 427 search.module = rhodecode.lib.index.whoosh
432 428 search.location = %(here)s/data/index
433 429
434 430 ########################################
435 431 ### CHANNELSTREAM CONFIG ####
436 432 ########################################
437 433 ## channelstream enables persistent connections and live notification
438 434 ## in the system. It's also used by the chat system
439 435
440 436 channelstream.enabled = false
441 437
442 438 ## server address for channelstream server on the backend
443 439 channelstream.server = 127.0.0.1:9800
444 440
445 441 ## location of the channelstream server from outside world
446 442 ## use ws:// for http or wss:// for https. This address needs to be handled
447 443 ## by external HTTP server such as Nginx or Apache
448 444 ## see Nginx/Apache configuration examples in our docs
449 445 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
450 446 channelstream.secret = secret
451 447 channelstream.history.location = %(here)s/channelstream_history
452 448
453 449 ## Internal application path that Javascript uses to connect into.
454 450 ## If you use proxy-prefix the prefix should be added before /_channelstream
455 451 channelstream.proxy_path = /_channelstream
456 452
457 453
458 454 ###################################
459 455 ## APPENLIGHT CONFIG ##
460 456 ###################################
461 457
462 458 ## Appenlight is tailored to work with RhodeCode, see
463 459 ## http://appenlight.com for details how to obtain an account
464 460
465 461 ## Appenlight integration enabled
466 462 appenlight = false
467 463
468 464 appenlight.server_url = https://api.appenlight.com
469 465 appenlight.api_key = YOUR_API_KEY
470 466 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
471 467
472 468 ## used for JS client
473 469 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
474 470
475 471 ## TWEAK AMOUNT OF INFO SENT HERE
476 472
477 473 ## enables 404 error logging (default False)
478 474 appenlight.report_404 = false
479 475
480 476 ## time in seconds after request is considered being slow (default 1)
481 477 appenlight.slow_request_time = 1
482 478
483 479 ## record slow requests in application
484 480 ## (needs to be enabled for slow datastore recording and time tracking)
485 481 appenlight.slow_requests = true
486 482
487 483 ## enable hooking to application loggers
488 484 appenlight.logging = true
489 485
490 486 ## minimum log level for log capture
491 487 appenlight.logging.level = WARNING
492 488
493 489 ## send logs only from erroneous/slow requests
494 490 ## (saves API quota for intensive logging)
495 491 appenlight.logging_on_error = false
496 492
497 493 ## list of additional keywords that should be grabbed from environ object
498 494 ## can be string with comma separated list of words in lowercase
499 495 ## (by default client will always send following info:
500 496 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
501 497 ## start with HTTP* this list be extended with additional keywords here
502 498 appenlight.environ_keys_whitelist =
503 499
504 500 ## list of keywords that should be blanked from request object
505 501 ## can be string with comma separated list of words in lowercase
506 502 ## (by default client will always blank keys that contain following words
507 503 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
508 504 ## this list be extended with additional keywords set here
509 505 appenlight.request_keys_blacklist =
510 506
511 507 ## list of namespaces that should be ignores when gathering log entries
512 508 ## can be string with comma separated list of namespaces
513 509 ## (by default the client ignores own entries: appenlight_client.client)
514 510 appenlight.log_namespace_blacklist =
515 511
516 512 # enable debug style page
517 513 debug_style = true
518 514
519 515 ###########################################
520 516 ### MAIN RHODECODE DATABASE CONFIG ###
521 517 ###########################################
522 518 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
523 519 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
524 520 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
525 521 # pymysql is an alternative driver for MySQL, use in case of problems with default one
526 522 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
527 523
528 524 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
529 525
530 526 # see sqlalchemy docs for other advanced settings
531 527
532 528 ## print the sql statements to output
533 529 sqlalchemy.db1.echo = false
534 530 ## recycle the connections after this amount of seconds
535 531 sqlalchemy.db1.pool_recycle = 3600
536 532 sqlalchemy.db1.convert_unicode = true
537 533
538 534 ## the number of connections to keep open inside the connection pool.
539 535 ## 0 indicates no limit
540 536 #sqlalchemy.db1.pool_size = 5
541 537
542 538 ## the number of connections to allow in connection pool "overflow", that is
543 539 ## connections that can be opened above and beyond the pool_size setting,
544 540 ## which defaults to five.
545 541 #sqlalchemy.db1.max_overflow = 10
546 542
547 543 ## Connection check ping, used to detect broken database connections
548 544 ## could be enabled to better handle cases if MySQL has gone away errors
549 545 #sqlalchemy.db1.ping_connection = true
550 546
551 547 ##################
552 548 ### VCS CONFIG ###
553 549 ##################
554 550 vcs.server.enable = true
555 551 vcs.server = localhost:9900
556 552
557 553 ## Web server connectivity protocol, responsible for web based VCS operations
558 554 ## Available protocols are:
559 555 ## `http` - use http-rpc backend (default)
560 556 vcs.server.protocol = http
561 557
562 558 ## Push/Pull operations protocol, available options are:
563 559 ## `http` - use http-rpc backend (default)
564 560 vcs.scm_app_implementation = http
565 561
566 562 ## Push/Pull operations hooks protocol, available options are:
567 563 ## `http` - use http-rpc backend (default)
568 564 vcs.hooks.protocol = http
569 565
570 566 ## Host on which this instance is listening for hooks. If vcsserver is in other location
571 567 ## this should be adjusted.
572 568 vcs.hooks.host = 127.0.0.1
573 569
574 570 vcs.server.log_level = debug
575 571 ## Start VCSServer with this instance as a subprocess, useful for development
576 572 vcs.start_server = false
577 573
578 574 ## List of enabled VCS backends, available options are:
579 575 ## `hg` - mercurial
580 576 ## `git` - git
581 577 ## `svn` - subversion
582 578 vcs.backends = hg, git, svn
583 579
584 580 vcs.connection_timeout = 3600
585 581 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
586 582 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
587 583 #vcs.svn.compatible_version = pre-1.8-compatible
588 584
589 585
590 586 ############################################################
591 587 ### Subversion proxy support (mod_dav_svn) ###
592 588 ### Maps RhodeCode repo groups into SVN paths for Apache ###
593 589 ############################################################
594 590 ## Enable or disable the config file generation.
595 591 svn.proxy.generate_config = false
596 592 ## Generate config file with `SVNListParentPath` set to `On`.
597 593 svn.proxy.list_parent_path = true
598 594 ## Set location and file name of generated config file.
599 595 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
600 596 ## alternative mod_dav config template. This needs to be a mako template
601 597 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
602 598 ## Used as a prefix to the `Location` block in the generated config file.
603 599 ## In most cases it should be set to `/`.
604 600 svn.proxy.location_root = /
605 601 ## Command to reload the mod dav svn configuration on change.
606 602 ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
607 603 ## Make sure user who runs RhodeCode process is allowed to reload Apache
608 604 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
609 605 ## If the timeout expires before the reload command finishes, the command will
610 606 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
611 607 #svn.proxy.reload_timeout = 10
612 608
613 609 ############################################################
614 610 ### SSH Support Settings ###
615 611 ############################################################
616 612
617 613 ## Defines if a custom authorized_keys file should be created and written on
618 614 ## any change user ssh keys. Setting this to false also disables possibility
619 615 ## of adding SSH keys by users from web interface. Super admins can still
620 616 ## manage SSH Keys.
621 617 ssh.generate_authorized_keyfile = false
622 618
623 619 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
624 620 # ssh.authorized_keys_ssh_opts =
625 621
626 622 ## Path to the authorized_keys file where the generate entries are placed.
627 623 ## It is possible to have multiple key files specified in `sshd_config` e.g.
628 624 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
629 625 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
630 626
631 627 ## Command to execute the SSH wrapper. The binary is available in the
632 628 ## RhodeCode installation directory.
633 629 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
634 630 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
635 631
636 632 ## Allow shell when executing the ssh-wrapper command
637 633 ssh.wrapper_cmd_allow_shell = false
638 634
639 635 ## Enables logging, and detailed output send back to the client during SSH
640 636 ## operations. Useful for debugging, shouldn't be used in production.
641 637 ssh.enable_debug_logging = true
642 638
643 639 ## Paths to binary executable, by default they are the names, but we can
644 640 ## override them if we want to use a custom one
645 641 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
646 642 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
647 643 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
648 644
649 645 ## Enables SSH key generator web interface. Disabling this still allows users
650 646 ## to add their own keys.
651 647 ssh.enable_ui_key_generator = true
652 648
653 649
654 650 ## Dummy marker to add new entries after.
655 651 ## Add any custom entries below. Please don't remove.
656 652 custom.conf = 1
657 653
658 654
659 655 ################################
660 656 ### LOGGING CONFIGURATION ####
661 657 ################################
662 658 [loggers]
663 659 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
664 660
665 661 [handlers]
666 662 keys = console, console_sql
667 663
668 664 [formatters]
669 665 keys = generic, color_formatter, color_formatter_sql
670 666
671 667 #############
672 668 ## LOGGERS ##
673 669 #############
674 670 [logger_root]
675 671 level = NOTSET
676 672 handlers = console
677 673
678 674 [logger_sqlalchemy]
679 675 level = INFO
680 676 handlers = console_sql
681 677 qualname = sqlalchemy.engine
682 678 propagate = 0
683 679
684 680 [logger_beaker]
685 681 level = DEBUG
686 682 handlers =
687 683 qualname = beaker.container
688 684 propagate = 1
689 685
690 686 [logger_rhodecode]
691 687 level = DEBUG
692 688 handlers =
693 689 qualname = rhodecode
694 690 propagate = 1
695 691
696 692 [logger_ssh_wrapper]
697 693 level = DEBUG
698 694 handlers =
699 695 qualname = ssh_wrapper
700 696 propagate = 1
701 697
702 698 [logger_celery]
703 699 level = DEBUG
704 700 handlers =
705 701 qualname = celery
706 702
707 703
708 704 ##############
709 705 ## HANDLERS ##
710 706 ##############
711 707
712 708 [handler_console]
713 709 class = StreamHandler
714 710 args = (sys.stderr, )
715 711 level = DEBUG
716 712 formatter = color_formatter
717 713
718 714 [handler_console_sql]
719 715 # "level = DEBUG" logs SQL queries and results.
720 716 # "level = INFO" logs SQL queries.
721 717 # "level = WARN" logs neither. (Recommended for production systems.)
722 718 class = StreamHandler
723 719 args = (sys.stderr, )
724 720 level = WARN
725 721 formatter = color_formatter_sql
726 722
727 723 ################
728 724 ## FORMATTERS ##
729 725 ################
730 726
731 727 [formatter_generic]
732 728 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
733 729 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
734 730 datefmt = %Y-%m-%d %H:%M:%S
735 731
736 732 [formatter_color_formatter]
737 733 class = rhodecode.lib.logging_formatter.ColorFormatter
738 734 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
739 735 datefmt = %Y-%m-%d %H:%M:%S
740 736
741 737 [formatter_color_formatter_sql]
742 738 class = rhodecode.lib.logging_formatter.ColorFormatterSql
743 739 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
744 740 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,717 +1,713 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 ################################################################################
6 6
7 7 [DEFAULT]
8 8 ## Debug flag sets all loggers to debug, and enables request tracking
9 9 debug = false
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 #smtp_server = mail.server.com
25 25 #smtp_username =
26 26 #smtp_password =
27 27 #smtp_port =
28 28 #smtp_use_tls = false
29 29 #smtp_use_ssl = true
30 30
31 31 [server:main]
32 32 ## COMMON ##
33 33 host = 127.0.0.1
34 34 port = 5000
35 35
36 36 ###########################################################
37 37 ## WAITRESS WSGI SERVER - Recommended for Development ####
38 38 ###########################################################
39 39
40 40 #use = egg:waitress#main
41 41 ## number of worker threads
42 42 #threads = 5
43 43 ## MAX BODY SIZE 100GB
44 44 #max_request_body_size = 107374182400
45 45 ## Use poll instead of select, fixes file descriptors limits problems.
46 46 ## May not work on old windows systems.
47 47 #asyncore_use_poll = true
48 48
49 49
50 50 ##########################
51 51 ## GUNICORN WSGI SERVER ##
52 52 ##########################
53 53 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
54 54
55 55 use = egg:gunicorn#main
56 56 ## Sets the number of process workers. More workers means more concurrent connections
57 57 ## RhodeCode can handle at the same time. Each additional worker also it increases
58 58 ## memory usage as each has it's own set of caches.
59 59 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
60 60 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
61 61 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
62 62 ## when using more than 1 worker.
63 63 workers = 2
64 64 ## process name visible in process list
65 65 proc_name = rhodecode
66 66 ## type of worker class, one of sync, gevent
67 67 ## recommended for bigger setup is using of of other than sync one
68 68 worker_class = gevent
69 69 ## The maximum number of simultaneous clients. Valid only for Gevent
70 70 worker_connections = 10
71 71 ## max number of requests that worker will handle before being gracefully
72 72 ## restarted, could prevent memory leaks
73 73 max_requests = 1000
74 74 max_requests_jitter = 30
75 75 ## amount of time a worker can spend with handling a request before it
76 76 ## gets killed and restarted. Set to 6hrs
77 77 timeout = 21600
78 78
79 79
80 80 ## prefix middleware for RhodeCode.
81 81 ## recommended when using proxy setup.
82 82 ## allows to set RhodeCode under a prefix in server.
83 83 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
84 84 ## And set your prefix like: `prefix = /custom_prefix`
85 85 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
86 86 ## to make your cookies only work on prefix url
87 87 [filter:proxy-prefix]
88 88 use = egg:PasteDeploy#prefix
89 89 prefix = /
90 90
91 91 [app:main]
92 92 ## The %(here)s variable will be replaced with the absolute path of parent directory
93 93 ## of this file
94 94 ## In addition ENVIRONMENT variables usage is possible, e.g
95 95 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
96 96
97 97 use = egg:rhodecode-enterprise-ce
98 98
99 99 ## enable proxy prefix middleware, defined above
100 100 #filter-with = proxy-prefix
101 101
102 102 ## encryption key used to encrypt social plugin tokens,
103 103 ## remote_urls with credentials etc, if not set it defaults to
104 104 ## `beaker.session.secret`
105 105 #rhodecode.encrypted_values.secret =
106 106
107 107 ## decryption strict mode (enabled by default). It controls if decryption raises
108 108 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
109 109 #rhodecode.encrypted_values.strict = false
110 110
111 111 ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
112 112 ## fernet is safer, and we strongly recommend switching to it.
113 113 ## Due to backward compatibility aes is used as default.
114 114 #rhodecode.encrypted_values.algorithm = fernet
115 115
116 116 ## return gzipped responses from RhodeCode (static files/application)
117 117 gzip_responses = false
118 118
119 119 ## auto-generate javascript routes file on startup
120 120 generate_js_files = false
121 121
122 122 ## System global default language.
123 123 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
124 124 lang = en
125 125
126 126 ## Perform a full repository scan and import on each server start.
127 127 ## Settings this to true could lead to very long startup time.
128 128 startup.import_repos = false
129 129
130 130 ## Uncomment and set this path to use archive download cache.
131 131 ## Once enabled, generated archives will be cached at this location
132 132 ## and served from the cache during subsequent requests for the same archive of
133 133 ## the repository.
134 134 #archive_cache_dir = /tmp/tarballcache
135 135
136 136 ## URL at which the application is running. This is used for Bootstrapping
137 137 ## requests in context when no web request is available. Used in ishell, or
138 138 ## SSH calls. Set this for events to receive proper url for SSH calls.
139 139 app.base_url = http://rhodecode.local
140 140
141 141 ## Unique application ID. Should be a random unique string for security.
142 142 app_instance_uuid = rc-production
143 143
144 144 ## Cut off limit for large diffs (size in bytes). If overall diff size on
145 145 ## commit, or pull request exceeds this limit this diff will be displayed
146 146 ## partially. E.g 512000 == 512Kb
147 147 cut_off_limit_diff = 512000
148 148
149 149 ## Cut off limit for large files inside diffs (size in bytes). Each individual
150 150 ## file inside diff which exceeds this limit will be displayed partially.
151 151 ## E.g 128000 == 128Kb
152 152 cut_off_limit_file = 128000
153 153
154 154 ## use cached version of vcs repositories everywhere. Recommended to be `true`
155 155 vcs_full_cache = true
156 156
157 157 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
158 158 ## Normally this is controlled by proper http flags sent from http server
159 159 force_https = false
160 160
161 161 ## use Strict-Transport-Security headers
162 162 use_htsts = false
163 163
164 ## git rev filter option, --all is the default filter, if you need to
165 ## hide all refs in changelog switch this to --branches --tags
166 git_rev_filter = --branches --tags
167
168 164 # Set to true if your repos are exposed using the dumb protocol
169 165 git_update_server_info = false
170 166
171 167 ## RSS/ATOM feed options
172 168 rss_cut_off_limit = 256000
173 169 rss_items_per_page = 10
174 170 rss_include_diff = false
175 171
176 172 ## gist URL alias, used to create nicer urls for gist. This should be an
177 173 ## url that does rewrites to _admin/gists/{gistid}.
178 174 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
179 175 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
180 176 gist_alias_url =
181 177
182 178 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
183 179 ## used for access.
184 180 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
185 181 ## came from the the logged in user who own this authentication token.
186 182 ## Additionally @TOKEN syntax can be used to bound the view to specific
187 183 ## authentication token. Such view would be only accessible when used together
188 184 ## with this authentication token
189 185 ##
190 186 ## list of all views can be found under `/_admin/permissions/auth_token_access`
191 187 ## The list should be "," separated and on a single line.
192 188 ##
193 189 ## Most common views to enable:
194 190 # RepoCommitsView:repo_commit_download
195 191 # RepoCommitsView:repo_commit_patch
196 192 # RepoCommitsView:repo_commit_raw
197 193 # RepoCommitsView:repo_commit_raw@TOKEN
198 194 # RepoFilesView:repo_files_diff
199 195 # RepoFilesView:repo_archivefile
200 196 # RepoFilesView:repo_file_raw
201 197 # GistView:*
202 198 api_access_controllers_whitelist =
203 199
204 200 ## Default encoding used to convert from and to unicode
205 201 ## can be also a comma separated list of encoding in case of mixed encodings
206 202 default_encoding = UTF-8
207 203
208 204 ## instance-id prefix
209 205 ## a prefix key for this instance used for cache invalidation when running
210 206 ## multiple instances of RhodeCode, make sure it's globally unique for
211 207 ## all running RhodeCode instances. Leave empty if you don't use it
212 208 instance_id =
213 209
214 210 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
215 211 ## of an authentication plugin also if it is disabled by it's settings.
216 212 ## This could be useful if you are unable to log in to the system due to broken
217 213 ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
218 214 ## module to log in again and fix the settings.
219 215 ##
220 216 ## Available builtin plugin IDs (hash is part of the ID):
221 217 ## egg:rhodecode-enterprise-ce#rhodecode
222 218 ## egg:rhodecode-enterprise-ce#pam
223 219 ## egg:rhodecode-enterprise-ce#ldap
224 220 ## egg:rhodecode-enterprise-ce#jasig_cas
225 221 ## egg:rhodecode-enterprise-ce#headers
226 222 ## egg:rhodecode-enterprise-ce#crowd
227 223 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
228 224
229 225 ## alternative return HTTP header for failed authentication. Default HTTP
230 226 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
231 227 ## handling that causing a series of failed authentication calls.
232 228 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
233 229 ## This will be served instead of default 401 on bad authentication
234 230 auth_ret_code =
235 231
236 232 ## use special detection method when serving auth_ret_code, instead of serving
237 233 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
238 234 ## and then serve auth_ret_code to clients
239 235 auth_ret_code_detection = false
240 236
241 237 ## locking return code. When repository is locked return this HTTP code. 2XX
242 238 ## codes don't break the transactions while 4XX codes do
243 239 lock_ret_code = 423
244 240
245 241 ## allows to change the repository location in settings page
246 242 allow_repo_location_change = true
247 243
248 244 ## allows to setup custom hooks in settings page
249 245 allow_custom_hooks_settings = true
250 246
251 247 ## Generated license token required for EE edition license.
252 248 ## New generated token value can be found in Admin > settings > license page.
253 249 license_token =
254 250
255 251 ## supervisor connection uri, for managing supervisor and logs.
256 252 supervisor.uri =
257 253 ## supervisord group name/id we only want this RC instance to handle
258 254 supervisor.group_id = prod
259 255
260 256 ## Display extended labs settings
261 257 labs_settings_active = true
262 258
263 259 ## Custom exception store path, defaults to TMPDIR
264 260 ## This is used to store exception from RhodeCode in shared directory
265 261 #exception_tracker.store_path =
266 262
267 263 ## File store configuration. This is used to store and serve uploaded files
268 264 file_store.enabled = true
269 265 ## Storage backend, available options are: local
270 266 file_store.backend = local
271 267 ## path to store the uploaded binaries
272 268 file_store.storage_path = %(here)s/data/file_store
273 269
274 270
275 271 ####################################
276 272 ### CELERY CONFIG ####
277 273 ####################################
278 274 ## run: /path/to/celery worker \
279 275 ## -E --beat --app rhodecode.lib.celerylib.loader \
280 276 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
281 277 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
282 278
283 279 use_celery = false
284 280
285 281 ## connection url to the message broker (default redis)
286 282 celery.broker_url = redis://localhost:6379/8
287 283
288 284 ## rabbitmq example
289 285 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
290 286
291 287 ## maximum tasks to execute before worker restart
292 288 celery.max_tasks_per_child = 100
293 289
294 290 ## tasks will never be sent to the queue, but executed locally instead.
295 291 celery.task_always_eager = false
296 292
297 293 #####################################
298 294 ### DOGPILE CACHE ####
299 295 #####################################
300 296 ## Default cache dir for caches. Putting this into a ramdisk
301 297 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
302 298 ## large amount of space
303 299 cache_dir = %(here)s/data
304 300
305 301 ## `cache_perms` cache settings for permission tree, auth TTL.
306 302 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
307 303 rc_cache.cache_perms.expiration_time = 300
308 304
309 305 ## alternative `cache_perms` redis backend with distributed lock
310 306 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
311 307 #rc_cache.cache_perms.expiration_time = 300
312 308 ## redis_expiration_time needs to be greater then expiration_time
313 309 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
314 310 #rc_cache.cache_perms.arguments.socket_timeout = 30
315 311 #rc_cache.cache_perms.arguments.host = localhost
316 312 #rc_cache.cache_perms.arguments.port = 6379
317 313 #rc_cache.cache_perms.arguments.db = 0
318 314 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
319 315 #rc_cache.cache_perms.arguments.distributed_lock = true
320 316
321 317 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
322 318 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
323 319 rc_cache.cache_repo.expiration_time = 2592000
324 320
325 321 ## alternative `cache_repo` redis backend with distributed lock
326 322 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
327 323 #rc_cache.cache_repo.expiration_time = 2592000
328 324 ## redis_expiration_time needs to be greater then expiration_time
329 325 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
330 326 #rc_cache.cache_repo.arguments.socket_timeout = 30
331 327 #rc_cache.cache_repo.arguments.host = localhost
332 328 #rc_cache.cache_repo.arguments.port = 6379
333 329 #rc_cache.cache_repo.arguments.db = 1
334 330 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
335 331 #rc_cache.cache_repo.arguments.distributed_lock = true
336 332
337 333 ## cache settings for SQL queries, this needs to use memory type backend
338 334 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
339 335 rc_cache.sql_cache_short.expiration_time = 30
340 336
341 337 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
342 338 ## type backend as the objects kept are not pickle serializable
343 339 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
344 340 ## by default we use 96H, this is using invalidation on push anyway
345 341 rc_cache.cache_repo_longterm.expiration_time = 345600
346 342 ## max items in LRU cache, reduce this number to save memory, and expire last used
347 343 ## cached objects
348 344 rc_cache.cache_repo_longterm.max_size = 10000
349 345
350 346
351 347 ####################################
352 348 ### BEAKER SESSION ####
353 349 ####################################
354 350
355 351 ## .session.type is type of storage options for the session, current allowed
356 352 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
357 353 beaker.session.type = file
358 354 beaker.session.data_dir = %(here)s/data/sessions
359 355
360 356 ## redis sessions
361 357 #beaker.session.type = ext:redis
362 358 #beaker.session.url = redis://127.0.0.1:6379/2
363 359
364 360 ## db based session, fast, and allows easy management over logged in users
365 361 #beaker.session.type = ext:database
366 362 #beaker.session.table_name = db_session
367 363 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
368 364 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
369 365 #beaker.session.sa.pool_recycle = 3600
370 366 #beaker.session.sa.echo = false
371 367
372 368 beaker.session.key = rhodecode
373 369 beaker.session.secret = production-rc-uytcxaz
374 370 beaker.session.lock_dir = %(here)s/data/sessions/lock
375 371
376 372 ## Secure encrypted cookie. Requires AES and AES python libraries
377 373 ## you must disable beaker.session.secret to use this
378 374 #beaker.session.encrypt_key = key_for_encryption
379 375 #beaker.session.validate_key = validation_key
380 376
381 377 ## sets session as invalid(also logging out user) if it haven not been
382 378 ## accessed for given amount of time in seconds
383 379 beaker.session.timeout = 2592000
384 380 beaker.session.httponly = true
385 381 ## Path to use for the cookie. Set to prefix if you use prefix middleware
386 382 #beaker.session.cookie_path = /custom_prefix
387 383
388 384 ## uncomment for https secure cookie
389 385 beaker.session.secure = false
390 386
391 387 ## auto save the session to not to use .save()
392 388 beaker.session.auto = false
393 389
394 390 ## default cookie expiration time in seconds, set to `true` to set expire
395 391 ## at browser close
396 392 #beaker.session.cookie_expires = 3600
397 393
398 394 ###################################
399 395 ## SEARCH INDEXING CONFIGURATION ##
400 396 ###################################
401 397 ## Full text search indexer is available in rhodecode-tools under
402 398 ## `rhodecode-tools index` command
403 399
404 400 ## WHOOSH Backend, doesn't require additional services to run
405 401 ## it works good with few dozen repos
406 402 search.module = rhodecode.lib.index.whoosh
407 403 search.location = %(here)s/data/index
408 404
409 405 ########################################
410 406 ### CHANNELSTREAM CONFIG ####
411 407 ########################################
412 408 ## channelstream enables persistent connections and live notification
413 409 ## in the system. It's also used by the chat system
414 410
415 411 channelstream.enabled = false
416 412
417 413 ## server address for channelstream server on the backend
418 414 channelstream.server = 127.0.0.1:9800
419 415
420 416 ## location of the channelstream server from outside world
421 417 ## use ws:// for http or wss:// for https. This address needs to be handled
422 418 ## by external HTTP server such as Nginx or Apache
423 419 ## see Nginx/Apache configuration examples in our docs
424 420 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
425 421 channelstream.secret = secret
426 422 channelstream.history.location = %(here)s/channelstream_history
427 423
428 424 ## Internal application path that Javascript uses to connect into.
429 425 ## If you use proxy-prefix the prefix should be added before /_channelstream
430 426 channelstream.proxy_path = /_channelstream
431 427
432 428
433 429 ###################################
434 430 ## APPENLIGHT CONFIG ##
435 431 ###################################
436 432
437 433 ## Appenlight is tailored to work with RhodeCode, see
438 434 ## http://appenlight.com for details how to obtain an account
439 435
440 436 ## Appenlight integration enabled
441 437 appenlight = false
442 438
443 439 appenlight.server_url = https://api.appenlight.com
444 440 appenlight.api_key = YOUR_API_KEY
445 441 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
446 442
447 443 ## used for JS client
448 444 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
449 445
450 446 ## TWEAK AMOUNT OF INFO SENT HERE
451 447
452 448 ## enables 404 error logging (default False)
453 449 appenlight.report_404 = false
454 450
455 451 ## time in seconds after request is considered being slow (default 1)
456 452 appenlight.slow_request_time = 1
457 453
458 454 ## record slow requests in application
459 455 ## (needs to be enabled for slow datastore recording and time tracking)
460 456 appenlight.slow_requests = true
461 457
462 458 ## enable hooking to application loggers
463 459 appenlight.logging = true
464 460
465 461 ## minimum log level for log capture
466 462 appenlight.logging.level = WARNING
467 463
468 464 ## send logs only from erroneous/slow requests
469 465 ## (saves API quota for intensive logging)
470 466 appenlight.logging_on_error = false
471 467
472 468 ## list of additional keywords that should be grabbed from environ object
473 469 ## can be string with comma separated list of words in lowercase
474 470 ## (by default client will always send following info:
475 471 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
476 472 ## start with HTTP* this list be extended with additional keywords here
477 473 appenlight.environ_keys_whitelist =
478 474
479 475 ## list of keywords that should be blanked from request object
480 476 ## can be string with comma separated list of words in lowercase
481 477 ## (by default client will always blank keys that contain following words
482 478 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
483 479 ## this list be extended with additional keywords set here
484 480 appenlight.request_keys_blacklist =
485 481
486 482 ## list of namespaces that should be ignores when gathering log entries
487 483 ## can be string with comma separated list of namespaces
488 484 ## (by default the client ignores own entries: appenlight_client.client)
489 485 appenlight.log_namespace_blacklist =
490 486
491 487
492 488 ###########################################
493 489 ### MAIN RHODECODE DATABASE CONFIG ###
494 490 ###########################################
495 491 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
496 492 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
497 493 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
498 494 # pymysql is an alternative driver for MySQL, use in case of problems with default one
499 495 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
500 496
501 497 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
502 498
503 499 # see sqlalchemy docs for other advanced settings
504 500
505 501 ## print the sql statements to output
506 502 sqlalchemy.db1.echo = false
507 503 ## recycle the connections after this amount of seconds
508 504 sqlalchemy.db1.pool_recycle = 3600
509 505 sqlalchemy.db1.convert_unicode = true
510 506
511 507 ## the number of connections to keep open inside the connection pool.
512 508 ## 0 indicates no limit
513 509 #sqlalchemy.db1.pool_size = 5
514 510
515 511 ## the number of connections to allow in connection pool "overflow", that is
516 512 ## connections that can be opened above and beyond the pool_size setting,
517 513 ## which defaults to five.
518 514 #sqlalchemy.db1.max_overflow = 10
519 515
520 516 ## Connection check ping, used to detect broken database connections
521 517 ## could be enabled to better handle cases if MySQL has gone away errors
522 518 #sqlalchemy.db1.ping_connection = true
523 519
524 520 ##################
525 521 ### VCS CONFIG ###
526 522 ##################
527 523 vcs.server.enable = true
528 524 vcs.server = localhost:9900
529 525
530 526 ## Web server connectivity protocol, responsible for web based VCS operations
531 527 ## Available protocols are:
532 528 ## `http` - use http-rpc backend (default)
533 529 vcs.server.protocol = http
534 530
535 531 ## Push/Pull operations protocol, available options are:
536 532 ## `http` - use http-rpc backend (default)
537 533 vcs.scm_app_implementation = http
538 534
539 535 ## Push/Pull operations hooks protocol, available options are:
540 536 ## `http` - use http-rpc backend (default)
541 537 vcs.hooks.protocol = http
542 538
543 539 ## Host on which this instance is listening for hooks. If vcsserver is in other location
544 540 ## this should be adjusted.
545 541 vcs.hooks.host = 127.0.0.1
546 542
547 543 vcs.server.log_level = info
548 544 ## Start VCSServer with this instance as a subprocess, useful for development
549 545 vcs.start_server = false
550 546
551 547 ## List of enabled VCS backends, available options are:
552 548 ## `hg` - mercurial
553 549 ## `git` - git
554 550 ## `svn` - subversion
555 551 vcs.backends = hg, git, svn
556 552
557 553 vcs.connection_timeout = 3600
558 554 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
559 555 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
560 556 #vcs.svn.compatible_version = pre-1.8-compatible
561 557
562 558
563 559 ############################################################
564 560 ### Subversion proxy support (mod_dav_svn) ###
565 561 ### Maps RhodeCode repo groups into SVN paths for Apache ###
566 562 ############################################################
567 563 ## Enable or disable the config file generation.
568 564 svn.proxy.generate_config = false
569 565 ## Generate config file with `SVNListParentPath` set to `On`.
570 566 svn.proxy.list_parent_path = true
571 567 ## Set location and file name of generated config file.
572 568 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
573 569 ## alternative mod_dav config template. This needs to be a mako template
574 570 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
575 571 ## Used as a prefix to the `Location` block in the generated config file.
576 572 ## In most cases it should be set to `/`.
577 573 svn.proxy.location_root = /
578 574 ## Command to reload the mod dav svn configuration on change.
579 575 ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
580 576 ## Make sure user who runs RhodeCode process is allowed to reload Apache
581 577 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
582 578 ## If the timeout expires before the reload command finishes, the command will
583 579 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
584 580 #svn.proxy.reload_timeout = 10
585 581
586 582 ############################################################
587 583 ### SSH Support Settings ###
588 584 ############################################################
589 585
590 586 ## Defines if a custom authorized_keys file should be created and written on
591 587 ## any change user ssh keys. Setting this to false also disables possibility
592 588 ## of adding SSH keys by users from web interface. Super admins can still
593 589 ## manage SSH Keys.
594 590 ssh.generate_authorized_keyfile = false
595 591
596 592 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
597 593 # ssh.authorized_keys_ssh_opts =
598 594
599 595 ## Path to the authorized_keys file where the generate entries are placed.
600 596 ## It is possible to have multiple key files specified in `sshd_config` e.g.
601 597 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
602 598 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
603 599
604 600 ## Command to execute the SSH wrapper. The binary is available in the
605 601 ## RhodeCode installation directory.
606 602 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
607 603 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
608 604
609 605 ## Allow shell when executing the ssh-wrapper command
610 606 ssh.wrapper_cmd_allow_shell = false
611 607
612 608 ## Enables logging, and detailed output send back to the client during SSH
613 609 ## operations. Useful for debugging, shouldn't be used in production.
614 610 ssh.enable_debug_logging = false
615 611
616 612 ## Paths to binary executable, by default they are the names, but we can
617 613 ## override them if we want to use a custom one
618 614 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
619 615 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
620 616 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
621 617
622 618 ## Enables SSH key generator web interface. Disabling this still allows users
623 619 ## to add their own keys.
624 620 ssh.enable_ui_key_generator = true
625 621
626 622
627 623 ## Dummy marker to add new entries after.
628 624 ## Add any custom entries below. Please don't remove.
629 625 custom.conf = 1
630 626
631 627
632 628 ################################
633 629 ### LOGGING CONFIGURATION ####
634 630 ################################
635 631 [loggers]
636 632 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
637 633
638 634 [handlers]
639 635 keys = console, console_sql
640 636
641 637 [formatters]
642 638 keys = generic, color_formatter, color_formatter_sql
643 639
644 640 #############
645 641 ## LOGGERS ##
646 642 #############
647 643 [logger_root]
648 644 level = NOTSET
649 645 handlers = console
650 646
651 647 [logger_sqlalchemy]
652 648 level = INFO
653 649 handlers = console_sql
654 650 qualname = sqlalchemy.engine
655 651 propagate = 0
656 652
657 653 [logger_beaker]
658 654 level = DEBUG
659 655 handlers =
660 656 qualname = beaker.container
661 657 propagate = 1
662 658
663 659 [logger_rhodecode]
664 660 level = DEBUG
665 661 handlers =
666 662 qualname = rhodecode
667 663 propagate = 1
668 664
669 665 [logger_ssh_wrapper]
670 666 level = DEBUG
671 667 handlers =
672 668 qualname = ssh_wrapper
673 669 propagate = 1
674 670
675 671 [logger_celery]
676 672 level = DEBUG
677 673 handlers =
678 674 qualname = celery
679 675
680 676
681 677 ##############
682 678 ## HANDLERS ##
683 679 ##############
684 680
685 681 [handler_console]
686 682 class = StreamHandler
687 683 args = (sys.stderr, )
688 684 level = INFO
689 685 formatter = generic
690 686
691 687 [handler_console_sql]
692 688 # "level = DEBUG" logs SQL queries and results.
693 689 # "level = INFO" logs SQL queries.
694 690 # "level = WARN" logs neither. (Recommended for production systems.)
695 691 class = StreamHandler
696 692 args = (sys.stderr, )
697 693 level = WARN
698 694 formatter = generic
699 695
700 696 ################
701 697 ## FORMATTERS ##
702 698 ################
703 699
704 700 [formatter_generic]
705 701 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
706 702 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
707 703 datefmt = %Y-%m-%d %H:%M:%S
708 704
709 705 [formatter_color_formatter]
710 706 class = rhodecode.lib.logging_formatter.ColorFormatter
711 707 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
712 708 datefmt = %Y-%m-%d %H:%M:%S
713 709
714 710 [formatter_color_formatter_sql]
715 711 class = rhodecode.lib.logging_formatter.ColorFormatterSql
716 712 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
717 713 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,755 +1,754 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import os
22 22 import sys
23 23 import logging
24 24 import collections
25 25 import tempfile
26 26 import time
27 27
28 28 from paste.gzipper import make_gzip_middleware
29 29 import pyramid.events
30 30 from pyramid.wsgi import wsgiapp
31 31 from pyramid.authorization import ACLAuthorizationPolicy
32 32 from pyramid.config import Configurator
33 33 from pyramid.settings import asbool, aslist
34 34 from pyramid.httpexceptions import (
35 35 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
36 36 from pyramid.renderers import render_to_response
37 37
38 38 from rhodecode.model import meta
39 39 from rhodecode.config import patches
40 40 from rhodecode.config import utils as config_utils
41 41 from rhodecode.config.environment import load_pyramid_environment
42 42
43 43 import rhodecode.events
44 44 from rhodecode.lib.middleware.vcs import VCSMiddleware
45 45 from rhodecode.lib.request import Request
46 46 from rhodecode.lib.vcs import VCSCommunicationError
47 47 from rhodecode.lib.exceptions import VCSServerUnavailable
48 48 from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
49 49 from rhodecode.lib.middleware.https_fixup import HttpsFixup
50 50 from rhodecode.lib.celerylib.loader import configure_celery
51 51 from rhodecode.lib.plugins.utils import register_rhodecode_plugin
52 52 from rhodecode.lib.utils2 import aslist as rhodecode_aslist, AttributeDict
53 53 from rhodecode.lib.exc_tracking import store_exception
54 54 from rhodecode.subscribers import (
55 55 scan_repositories_if_enabled, write_js_routes_if_enabled,
56 56 write_metadata_if_needed, inject_app_settings)
57 57
58 58
59 59 log = logging.getLogger(__name__)
60 60
61 61
62 62 def is_http_error(response):
63 63 # error which should have traceback
64 64 return response.status_code > 499
65 65
66 66
67 67 def should_load_all():
68 68 """
69 69 Returns if all application components should be loaded. In some cases it's
70 70 desired to skip apps loading for faster shell script execution
71 71 """
72 72 ssh_cmd = os.environ.get('RC_CMD_SSH_WRAPPER')
73 73 if ssh_cmd:
74 74 return False
75 75
76 76 return True
77 77
78 78
79 79 def make_pyramid_app(global_config, **settings):
80 80 """
81 81 Constructs the WSGI application based on Pyramid.
82 82
83 83 Specials:
84 84
85 85 * The application can also be integrated like a plugin via the call to
86 86 `includeme`. This is accompanied with the other utility functions which
87 87 are called. Changing this should be done with great care to not break
88 88 cases when these fragments are assembled from another place.
89 89
90 90 """
91 91
92 92 # Allows to use format style "{ENV_NAME}" placeholders in the configuration. It
93 93 # will be replaced by the value of the environment variable "NAME" in this case.
94 94 start_time = time.time()
95 95
96 96 debug = asbool(global_config.get('debug'))
97 97 if debug:
98 98 enable_debug()
99 99
100 100 environ = {'ENV_{}'.format(key): value for key, value in os.environ.items()}
101 101
102 102 global_config = _substitute_values(global_config, environ)
103 103 settings = _substitute_values(settings, environ)
104 104
105 105 sanitize_settings_and_apply_defaults(global_config, settings)
106 106
107 107 config = Configurator(settings=settings)
108 108
109 109 # Apply compatibility patches
110 110 patches.inspect_getargspec()
111 111
112 112 load_pyramid_environment(global_config, settings)
113 113
114 114 # Static file view comes first
115 115 includeme_first(config)
116 116
117 117 includeme(config)
118 118
119 119 pyramid_app = config.make_wsgi_app()
120 120 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
121 121 pyramid_app.config = config
122 122
123 123 config.configure_celery(global_config['__file__'])
124 124 # creating the app uses a connection - return it after we are done
125 125 meta.Session.remove()
126 126 total_time = time.time() - start_time
127 127 log.info('Pyramid app `%s` created and configured in %.2fs',
128 128 pyramid_app.func_name, total_time)
129 129
130 130 return pyramid_app
131 131
132 132
133 133 def not_found_view(request):
134 134 """
135 135 This creates the view which should be registered as not-found-view to
136 136 pyramid.
137 137 """
138 138
139 139 if not getattr(request, 'vcs_call', None):
140 140 # handle like regular case with our error_handler
141 141 return error_handler(HTTPNotFound(), request)
142 142
143 143 # handle not found view as a vcs call
144 144 settings = request.registry.settings
145 145 ae_client = getattr(request, 'ae_client', None)
146 146 vcs_app = VCSMiddleware(
147 147 HTTPNotFound(), request.registry, settings,
148 148 appenlight_client=ae_client)
149 149
150 150 return wsgiapp(vcs_app)(None, request)
151 151
152 152
153 153 def error_handler(exception, request):
154 154 import rhodecode
155 155 from rhodecode.lib import helpers
156 156
157 157 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
158 158
159 159 base_response = HTTPInternalServerError()
160 160 # prefer original exception for the response since it may have headers set
161 161 if isinstance(exception, HTTPException):
162 162 base_response = exception
163 163 elif isinstance(exception, VCSCommunicationError):
164 164 base_response = VCSServerUnavailable()
165 165
166 166 if is_http_error(base_response):
167 167 log.exception(
168 168 'error occurred handling this request for path: %s', request.path)
169 169
170 170 error_explanation = base_response.explanation or str(base_response)
171 171 if base_response.status_code == 404:
172 172 error_explanation += " Optionally you don't have permission to access this page."
173 173 c = AttributeDict()
174 174 c.error_message = base_response.status
175 175 c.error_explanation = error_explanation
176 176 c.visual = AttributeDict()
177 177
178 178 c.visual.rhodecode_support_url = (
179 179 request.registry.settings.get('rhodecode_support_url') or
180 180 request.route_url('rhodecode_support')
181 181 )
182 182 c.redirect_time = 0
183 183 c.rhodecode_name = rhodecode_title
184 184 if not c.rhodecode_name:
185 185 c.rhodecode_name = 'Rhodecode'
186 186
187 187 c.causes = []
188 188 if is_http_error(base_response):
189 189 c.causes.append('Server is overloaded.')
190 190 c.causes.append('Server database connection is lost.')
191 191 c.causes.append('Server expected unhandled error.')
192 192
193 193 if hasattr(base_response, 'causes'):
194 194 c.causes = base_response.causes
195 195
196 196 c.messages = helpers.flash.pop_messages(request=request)
197 197
198 198 exc_info = sys.exc_info()
199 199 c.exception_id = id(exc_info)
200 200 c.show_exception_id = isinstance(base_response, VCSServerUnavailable) \
201 201 or base_response.status_code > 499
202 202 c.exception_id_url = request.route_url(
203 203 'admin_settings_exception_tracker_show', exception_id=c.exception_id)
204 204
205 205 if c.show_exception_id:
206 206 store_exception(c.exception_id, exc_info)
207 207
208 208 response = render_to_response(
209 209 '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
210 210 response=base_response)
211 211
212 212 return response
213 213
214 214
215 215 def includeme_first(config):
216 216 # redirect automatic browser favicon.ico requests to correct place
217 217 def favicon_redirect(context, request):
218 218 return HTTPFound(
219 219 request.static_path('rhodecode:public/images/favicon.ico'))
220 220
221 221 config.add_view(favicon_redirect, route_name='favicon')
222 222 config.add_route('favicon', '/favicon.ico')
223 223
224 224 def robots_redirect(context, request):
225 225 return HTTPFound(
226 226 request.static_path('rhodecode:public/robots.txt'))
227 227
228 228 config.add_view(robots_redirect, route_name='robots')
229 229 config.add_route('robots', '/robots.txt')
230 230
231 231 config.add_static_view(
232 232 '_static/deform', 'deform:static')
233 233 config.add_static_view(
234 234 '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
235 235
236 236
237 237 def includeme(config):
238 238 log.debug('Initializing main includeme from %s', os.path.basename(__file__))
239 239 settings = config.registry.settings
240 240 config.set_request_factory(Request)
241 241
242 242 # plugin information
243 243 config.registry.rhodecode_plugins = collections.OrderedDict()
244 244
245 245 config.add_directive(
246 246 'register_rhodecode_plugin', register_rhodecode_plugin)
247 247
248 248 config.add_directive('configure_celery', configure_celery)
249 249
250 250 if asbool(settings.get('appenlight', 'false')):
251 251 config.include('appenlight_client.ext.pyramid_tween')
252 252
253 253 load_all = should_load_all()
254 254
255 255 # Includes which are required. The application would fail without them.
256 256 config.include('pyramid_mako')
257 257 config.include('rhodecode.lib.rc_beaker')
258 258 config.include('rhodecode.lib.rc_cache')
259 259
260 260 config.include('rhodecode.apps._base.navigation')
261 261 config.include('rhodecode.apps._base.subscribers')
262 262 config.include('rhodecode.tweens')
263 263 config.include('rhodecode.authentication')
264 264
265 265 if load_all:
266 266 config.include('rhodecode.integrations')
267 267
268 268 if load_all:
269 269 from rhodecode.authentication import discover_legacy_plugins
270 270 # load CE authentication plugins
271 271 config.include('rhodecode.authentication.plugins.auth_crowd')
272 272 config.include('rhodecode.authentication.plugins.auth_headers')
273 273 config.include('rhodecode.authentication.plugins.auth_jasig_cas')
274 274 config.include('rhodecode.authentication.plugins.auth_ldap')
275 275 config.include('rhodecode.authentication.plugins.auth_pam')
276 276 config.include('rhodecode.authentication.plugins.auth_rhodecode')
277 277 config.include('rhodecode.authentication.plugins.auth_token')
278 278
279 279 # Auto discover authentication plugins and include their configuration.
280 280 discover_legacy_plugins(config)
281 281
282 282 # apps
283 283 if load_all:
284 284 config.include('rhodecode.apps._base')
285 285 config.include('rhodecode.apps.ops')
286 286 config.include('rhodecode.apps.admin')
287 287 config.include('rhodecode.apps.channelstream')
288 288 config.include('rhodecode.apps.file_store')
289 289 config.include('rhodecode.apps.login')
290 290 config.include('rhodecode.apps.home')
291 291 config.include('rhodecode.apps.journal')
292 292 config.include('rhodecode.apps.repository')
293 293 config.include('rhodecode.apps.repo_group')
294 294 config.include('rhodecode.apps.user_group')
295 295 config.include('rhodecode.apps.search')
296 296 config.include('rhodecode.apps.user_profile')
297 297 config.include('rhodecode.apps.user_group_profile')
298 298 config.include('rhodecode.apps.my_account')
299 299 config.include('rhodecode.apps.svn_support')
300 300 config.include('rhodecode.apps.ssh_support')
301 301 config.include('rhodecode.apps.gist')
302 302 config.include('rhodecode.apps.debug_style')
303 303 config.include('rhodecode.api')
304 304
305 305 config.add_route('rhodecode_support', 'https://rhodecode.com/help/', static=True)
306 306 config.add_translation_dirs('rhodecode:i18n/')
307 307 settings['default_locale_name'] = settings.get('lang', 'en')
308 308
309 309 # Add subscribers.
310 310 if load_all:
311 311 config.add_subscriber(inject_app_settings,
312 312 pyramid.events.ApplicationCreated)
313 313 config.add_subscriber(scan_repositories_if_enabled,
314 314 pyramid.events.ApplicationCreated)
315 315 config.add_subscriber(write_metadata_if_needed,
316 316 pyramid.events.ApplicationCreated)
317 317 config.add_subscriber(write_js_routes_if_enabled,
318 318 pyramid.events.ApplicationCreated)
319 319
320 320 # request custom methods
321 321 config.add_request_method(
322 322 'rhodecode.lib.partial_renderer.get_partial_renderer',
323 323 'get_partial_renderer')
324 324
325 325 config.add_request_method(
326 326 'rhodecode.lib.request_counter.get_request_counter',
327 327 'request_count')
328 328
329 329 # Set the authorization policy.
330 330 authz_policy = ACLAuthorizationPolicy()
331 331 config.set_authorization_policy(authz_policy)
332 332
333 333 # Set the default renderer for HTML templates to mako.
334 334 config.add_mako_renderer('.html')
335 335
336 336 config.add_renderer(
337 337 name='json_ext',
338 338 factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
339 339
340 340 # include RhodeCode plugins
341 341 includes = aslist(settings.get('rhodecode.includes', []))
342 342 for inc in includes:
343 343 config.include(inc)
344 344
345 345 # custom not found view, if our pyramid app doesn't know how to handle
346 346 # the request pass it to potential VCS handling ap
347 347 config.add_notfound_view(not_found_view)
348 348 if not settings.get('debugtoolbar.enabled', False):
349 349 # disabled debugtoolbar handle all exceptions via the error_handlers
350 350 config.add_view(error_handler, context=Exception)
351 351
352 352 # all errors including 403/404/50X
353 353 config.add_view(error_handler, context=HTTPError)
354 354
355 355
356 356 def wrap_app_in_wsgi_middlewares(pyramid_app, config):
357 357 """
358 358 Apply outer WSGI middlewares around the application.
359 359 """
360 360 registry = config.registry
361 361 settings = registry.settings
362 362
363 363 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
364 364 pyramid_app = HttpsFixup(pyramid_app, settings)
365 365
366 366 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
367 367 pyramid_app, settings)
368 368 registry.ae_client = _ae_client
369 369
370 370 if settings['gzip_responses']:
371 371 pyramid_app = make_gzip_middleware(
372 372 pyramid_app, settings, compress_level=1)
373 373
374 374 # this should be the outer most middleware in the wsgi stack since
375 375 # middleware like Routes make database calls
376 376 def pyramid_app_with_cleanup(environ, start_response):
377 377 try:
378 378 return pyramid_app(environ, start_response)
379 379 finally:
380 380 # Dispose current database session and rollback uncommitted
381 381 # transactions.
382 382 meta.Session.remove()
383 383
384 384 # In a single threaded mode server, on non sqlite db we should have
385 385 # '0 Current Checked out connections' at the end of a request,
386 386 # if not, then something, somewhere is leaving a connection open
387 387 pool = meta.Base.metadata.bind.engine.pool
388 388 log.debug('sa pool status: %s', pool.status())
389 389 log.debug('Request processing finalized')
390 390
391 391 return pyramid_app_with_cleanup
392 392
393 393
394 394 def sanitize_settings_and_apply_defaults(global_config, settings):
395 395 """
396 396 Applies settings defaults and does all type conversion.
397 397
398 398 We would move all settings parsing and preparation into this place, so that
399 399 we have only one place left which deals with this part. The remaining parts
400 400 of the application would start to rely fully on well prepared settings.
401 401
402 402 This piece would later be split up per topic to avoid a big fat monster
403 403 function.
404 404 """
405 405
406 406 settings.setdefault('rhodecode.edition', 'Community Edition')
407 407
408 408 if 'mako.default_filters' not in settings:
409 409 # set custom default filters if we don't have it defined
410 410 settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
411 411 settings['mako.default_filters'] = 'h_filter'
412 412
413 413 if 'mako.directories' not in settings:
414 414 mako_directories = settings.setdefault('mako.directories', [
415 415 # Base templates of the original application
416 416 'rhodecode:templates',
417 417 ])
418 418 log.debug(
419 419 "Using the following Mako template directories: %s",
420 420 mako_directories)
421 421
422 422 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
423 423 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
424 424 raw_url = settings['beaker.session.url']
425 425 if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
426 426 settings['beaker.session.url'] = 'redis://' + raw_url
427 427
428 428 # Default includes, possible to change as a user
429 429 pyramid_includes = settings.setdefault('pyramid.includes', [
430 430 'rhodecode.lib.middleware.request_wrapper',
431 431 ])
432 432 log.debug(
433 433 "Using the following pyramid.includes: %s",
434 434 pyramid_includes)
435 435
436 436 # TODO: johbo: Re-think this, usually the call to config.include
437 437 # should allow to pass in a prefix.
438 438 settings.setdefault('rhodecode.api.url', '/_admin/api')
439 439 settings.setdefault('__file__', global_config.get('__file__'))
440 440
441 441 # Sanitize generic settings.
442 442 _list_setting(settings, 'default_encoding', 'UTF-8')
443 443 _bool_setting(settings, 'is_test', 'false')
444 444 _bool_setting(settings, 'gzip_responses', 'false')
445 445
446 446 # Call split out functions that sanitize settings for each topic.
447 447 _sanitize_appenlight_settings(settings)
448 448 _sanitize_vcs_settings(settings)
449 449 _sanitize_cache_settings(settings)
450 450
451 451 # configure instance id
452 452 config_utils.set_instance_id(settings)
453 453
454 454 return settings
455 455
456 456
457 457 def enable_debug():
458 458 """
459 459 Helper to enable debug on running instance
460 460 :return:
461 461 """
462 462 import tempfile
463 463 import textwrap
464 464 import logging.config
465 465
466 466 ini_template = textwrap.dedent("""
467 467 #####################################
468 468 ### DEBUG LOGGING CONFIGURATION ####
469 469 #####################################
470 470 [loggers]
471 471 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
472 472
473 473 [handlers]
474 474 keys = console, console_sql
475 475
476 476 [formatters]
477 477 keys = generic, color_formatter, color_formatter_sql
478 478
479 479 #############
480 480 ## LOGGERS ##
481 481 #############
482 482 [logger_root]
483 483 level = NOTSET
484 484 handlers = console
485 485
486 486 [logger_sqlalchemy]
487 487 level = INFO
488 488 handlers = console_sql
489 489 qualname = sqlalchemy.engine
490 490 propagate = 0
491 491
492 492 [logger_beaker]
493 493 level = DEBUG
494 494 handlers =
495 495 qualname = beaker.container
496 496 propagate = 1
497 497
498 498 [logger_rhodecode]
499 499 level = DEBUG
500 500 handlers =
501 501 qualname = rhodecode
502 502 propagate = 1
503 503
504 504 [logger_ssh_wrapper]
505 505 level = DEBUG
506 506 handlers =
507 507 qualname = ssh_wrapper
508 508 propagate = 1
509 509
510 510 [logger_celery]
511 511 level = DEBUG
512 512 handlers =
513 513 qualname = celery
514 514
515 515
516 516 ##############
517 517 ## HANDLERS ##
518 518 ##############
519 519
520 520 [handler_console]
521 521 class = StreamHandler
522 522 args = (sys.stderr, )
523 523 level = DEBUG
524 524 formatter = color_formatter
525 525
526 526 [handler_console_sql]
527 527 # "level = DEBUG" logs SQL queries and results.
528 528 # "level = INFO" logs SQL queries.
529 529 # "level = WARN" logs neither. (Recommended for production systems.)
530 530 class = StreamHandler
531 531 args = (sys.stderr, )
532 532 level = WARN
533 533 formatter = color_formatter_sql
534 534
535 535 ################
536 536 ## FORMATTERS ##
537 537 ################
538 538
539 539 [formatter_generic]
540 540 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
541 541 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s | %(req_id)s
542 542 datefmt = %Y-%m-%d %H:%M:%S
543 543
544 544 [formatter_color_formatter]
545 545 class = rhodecode.lib.logging_formatter.ColorRequestTrackingFormatter
546 546 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s | %(req_id)s
547 547 datefmt = %Y-%m-%d %H:%M:%S
548 548
549 549 [formatter_color_formatter_sql]
550 550 class = rhodecode.lib.logging_formatter.ColorFormatterSql
551 551 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
552 552 datefmt = %Y-%m-%d %H:%M:%S
553 553 """)
554 554
555 555 with tempfile.NamedTemporaryFile(prefix='rc_debug_logging_', suffix='.ini',
556 556 delete=False) as f:
557 557 log.info('Saved Temporary DEBUG config at %s', f.name)
558 558 f.write(ini_template)
559 559
560 560 logging.config.fileConfig(f.name)
561 561 log.debug('DEBUG MODE ON')
562 562 os.remove(f.name)
563 563
564 564
565 565 def _sanitize_appenlight_settings(settings):
566 566 _bool_setting(settings, 'appenlight', 'false')
567 567
568 568
569 569 def _sanitize_vcs_settings(settings):
570 570 """
571 571 Applies settings defaults and does type conversion for all VCS related
572 572 settings.
573 573 """
574 574 _string_setting(settings, 'vcs.svn.compatible_version', '')
575 _string_setting(settings, 'git_rev_filter', '--all')
576 575 _string_setting(settings, 'vcs.hooks.protocol', 'http')
577 576 _string_setting(settings, 'vcs.hooks.host', '127.0.0.1')
578 577 _string_setting(settings, 'vcs.scm_app_implementation', 'http')
579 578 _string_setting(settings, 'vcs.server', '')
580 579 _string_setting(settings, 'vcs.server.log_level', 'debug')
581 580 _string_setting(settings, 'vcs.server.protocol', 'http')
582 581 _bool_setting(settings, 'startup.import_repos', 'false')
583 582 _bool_setting(settings, 'vcs.hooks.direct_calls', 'false')
584 583 _bool_setting(settings, 'vcs.server.enable', 'true')
585 584 _bool_setting(settings, 'vcs.start_server', 'false')
586 585 _list_setting(settings, 'vcs.backends', 'hg, git, svn')
587 586 _int_setting(settings, 'vcs.connection_timeout', 3600)
588 587
589 588 # Support legacy values of vcs.scm_app_implementation. Legacy
590 589 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
591 590 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
592 591 scm_app_impl = settings['vcs.scm_app_implementation']
593 592 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
594 593 settings['vcs.scm_app_implementation'] = 'http'
595 594
596 595
597 596 def _sanitize_cache_settings(settings):
598 597 temp_store = tempfile.gettempdir()
599 598 default_cache_dir = os.path.join(temp_store, 'rc_cache')
600 599
601 600 # save default, cache dir, and use it for all backends later.
602 601 default_cache_dir = _string_setting(
603 602 settings,
604 603 'cache_dir',
605 604 default_cache_dir, lower=False, default_when_empty=True)
606 605
607 606 # ensure we have our dir created
608 607 if not os.path.isdir(default_cache_dir):
609 608 os.makedirs(default_cache_dir, mode=0o755)
610 609
611 610 # exception store cache
612 611 _string_setting(
613 612 settings,
614 613 'exception_tracker.store_path',
615 614 temp_store, lower=False, default_when_empty=True)
616 615
617 616 # cache_perms
618 617 _string_setting(
619 618 settings,
620 619 'rc_cache.cache_perms.backend',
621 620 'dogpile.cache.rc.file_namespace', lower=False)
622 621 _int_setting(
623 622 settings,
624 623 'rc_cache.cache_perms.expiration_time',
625 624 60)
626 625 _string_setting(
627 626 settings,
628 627 'rc_cache.cache_perms.arguments.filename',
629 628 os.path.join(default_cache_dir, 'rc_cache_1'), lower=False)
630 629
631 630 # cache_repo
632 631 _string_setting(
633 632 settings,
634 633 'rc_cache.cache_repo.backend',
635 634 'dogpile.cache.rc.file_namespace', lower=False)
636 635 _int_setting(
637 636 settings,
638 637 'rc_cache.cache_repo.expiration_time',
639 638 60)
640 639 _string_setting(
641 640 settings,
642 641 'rc_cache.cache_repo.arguments.filename',
643 642 os.path.join(default_cache_dir, 'rc_cache_2'), lower=False)
644 643
645 644 # cache_license
646 645 _string_setting(
647 646 settings,
648 647 'rc_cache.cache_license.backend',
649 648 'dogpile.cache.rc.file_namespace', lower=False)
650 649 _int_setting(
651 650 settings,
652 651 'rc_cache.cache_license.expiration_time',
653 652 5*60)
654 653 _string_setting(
655 654 settings,
656 655 'rc_cache.cache_license.arguments.filename',
657 656 os.path.join(default_cache_dir, 'rc_cache_3'), lower=False)
658 657
659 658 # cache_repo_longterm memory, 96H
660 659 _string_setting(
661 660 settings,
662 661 'rc_cache.cache_repo_longterm.backend',
663 662 'dogpile.cache.rc.memory_lru', lower=False)
664 663 _int_setting(
665 664 settings,
666 665 'rc_cache.cache_repo_longterm.expiration_time',
667 666 345600)
668 667 _int_setting(
669 668 settings,
670 669 'rc_cache.cache_repo_longterm.max_size',
671 670 10000)
672 671
673 672 # sql_cache_short
674 673 _string_setting(
675 674 settings,
676 675 'rc_cache.sql_cache_short.backend',
677 676 'dogpile.cache.rc.memory_lru', lower=False)
678 677 _int_setting(
679 678 settings,
680 679 'rc_cache.sql_cache_short.expiration_time',
681 680 30)
682 681 _int_setting(
683 682 settings,
684 683 'rc_cache.sql_cache_short.max_size',
685 684 10000)
686 685
687 686
688 687 def _int_setting(settings, name, default):
689 688 settings[name] = int(settings.get(name, default))
690 689 return settings[name]
691 690
692 691
693 692 def _bool_setting(settings, name, default):
694 693 input_val = settings.get(name, default)
695 694 if isinstance(input_val, unicode):
696 695 input_val = input_val.encode('utf8')
697 696 settings[name] = asbool(input_val)
698 697 return settings[name]
699 698
700 699
701 700 def _list_setting(settings, name, default):
702 701 raw_value = settings.get(name, default)
703 702
704 703 old_separator = ','
705 704 if old_separator in raw_value:
706 705 # If we get a comma separated list, pass it to our own function.
707 706 settings[name] = rhodecode_aslist(raw_value, sep=old_separator)
708 707 else:
709 708 # Otherwise we assume it uses pyramids space/newline separation.
710 709 settings[name] = aslist(raw_value)
711 710 return settings[name]
712 711
713 712
714 713 def _string_setting(settings, name, default, lower=True, default_when_empty=False):
715 714 value = settings.get(name, default)
716 715
717 716 if default_when_empty and not value:
718 717 # use default value when value is empty
719 718 value = default
720 719
721 720 if lower:
722 721 value = value.lower()
723 722 settings[name] = value
724 723 return settings[name]
725 724
726 725
727 726 def _substitute_values(mapping, substitutions):
728 727 result = {}
729 728
730 729 try:
731 730 for key, value in mapping.items():
732 731 # initialize without substitution first
733 732 result[key] = value
734 733
735 734 # Note: Cannot use regular replacements, since they would clash
736 735 # with the implementation of ConfigParser. Using "format" instead.
737 736 try:
738 737 result[key] = value.format(**substitutions)
739 738 except KeyError as e:
740 739 env_var = '{}'.format(e.args[0])
741 740
742 741 msg = 'Failed to substitute: `{key}={{{var}}}` with environment entry. ' \
743 742 'Make sure your environment has {var} set, or remove this ' \
744 743 'variable from config file'.format(key=key, var=env_var)
745 744
746 745 if env_var.startswith('ENV_'):
747 746 raise ValueError(msg)
748 747 else:
749 748 log.warning(msg)
750 749
751 750 except ValueError as e:
752 751 log.warning('Failed to substitute ENV variable: %s', e)
753 752 result = mapping
754 753
755 754 return result
Show file before | Show file after | Hide comments
@@ -1,94 +1,93 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2010-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import os
22 22 import shlex
23 23 import platform
24 24
25 25 from rhodecode.model import init_model
26 26
27 27
28 28 def configure_vcs(config):
29 29 """
30 30 Patch VCS config with some RhodeCode specific stuff
31 31 """
32 32 from rhodecode.lib.vcs import conf
33 33 import rhodecode.lib.vcs.conf.settings
34 34
35 35 conf.settings.BACKENDS = {
36 36 'hg': 'rhodecode.lib.vcs.backends.hg.MercurialRepository',
37 37 'git': 'rhodecode.lib.vcs.backends.git.GitRepository',
38 38 'svn': 'rhodecode.lib.vcs.backends.svn.SubversionRepository',
39 39 }
40 40
41 41 conf.settings.HOOKS_PROTOCOL = config['vcs.hooks.protocol']
42 42 conf.settings.HOOKS_HOST = config['vcs.hooks.host']
43 43 conf.settings.HOOKS_DIRECT_CALLS = config['vcs.hooks.direct_calls']
44 conf.settings.GIT_REV_FILTER = shlex.split(config['git_rev_filter'])
45 44 conf.settings.DEFAULT_ENCODINGS = config['default_encoding']
46 45 conf.settings.ALIASES[:] = config['vcs.backends']
47 46 conf.settings.SVN_COMPATIBLE_VERSION = config['vcs.svn.compatible_version']
48 47
49 48
50 49 def initialize_database(config):
51 50 from rhodecode.lib.utils2 import engine_from_config, get_encryption_key
52 51 engine = engine_from_config(config, 'sqlalchemy.db1.')
53 52 init_model(engine, encryption_key=get_encryption_key(config))
54 53
55 54
56 55 def initialize_test_environment(settings, test_env=None):
57 56 if test_env is None:
58 57 test_env = not int(os.environ.get('RC_NO_TMP_PATH', 0))
59 58
60 59 from rhodecode.lib.utils import (
61 60 create_test_directory, create_test_database, create_test_repositories,
62 61 create_test_index)
63 62 from rhodecode.tests import TESTS_TMP_PATH
64 63 from rhodecode.lib.vcs.backends.hg import largefiles_store
65 64 from rhodecode.lib.vcs.backends.git import lfs_store
66 65
67 66 # test repos
68 67 if test_env:
69 68 create_test_directory(TESTS_TMP_PATH)
70 69 # large object stores
71 70 create_test_directory(largefiles_store(TESTS_TMP_PATH))
72 71 create_test_directory(lfs_store(TESTS_TMP_PATH))
73 72
74 73 create_test_database(TESTS_TMP_PATH, settings)
75 74 create_test_repositories(TESTS_TMP_PATH, settings)
76 75 create_test_index(TESTS_TMP_PATH, settings)
77 76
78 77
79 78 def get_vcs_server_protocol(config):
80 79 return config['vcs.server.protocol']
81 80
82 81
83 82 def set_instance_id(config):
84 83 """
85 84 Sets a dynamic generated config['instance_id'] if missing or '*'
86 85 E.g instance_id = *cluster-1 or instance_id = *
87 86 """
88 87
89 88 config['instance_id'] = config.get('instance_id') or ''
90 89 instance_id = config['instance_id']
91 90 if instance_id.startswith('*') or not instance_id:
92 91 prefix = instance_id.lstrip('*')
93 92 _platform_id = platform.uname()[1] or 'instance'
94 93 config['instance_id'] = '%s%s-%s' % (prefix, _platform_id, os.getpid())
Show file before | Show file after | Hide comments
@@ -1,79 +1,76 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2014-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 Internal settings for vcs-lib
23 23 """
24 24
25 25 # list of default encoding used in safe_unicode/safe_str methods
26 26 DEFAULT_ENCODINGS = ['utf8']
27 27
28 # Optional arguments to rev-filter, it has to be a list
29 # It can also be ['--branches', '--tags']
30 GIT_REV_FILTER = ['--all']
31 28
32 29 # Compatibility version when creating SVN repositories. None means newest.
33 30 # Other available options are: pre-1.4-compatible, pre-1.5-compatible,
34 31 # pre-1.6-compatible, pre-1.8-compatible
35 32 SVN_COMPATIBLE_VERSION = None
36 33
37 34 ALIASES = ['hg', 'git', 'svn']
38 35
39 36 BACKENDS = {
40 37 'hg': 'rhodecode.lib.vcs.backends.hg.MercurialRepository',
41 38 'git': 'rhodecode.lib.vcs.backends.git.GitRepository',
42 39 'svn': 'rhodecode.lib.vcs.backends.svn.SubversionRepository',
43 40 }
44 41
45 42
46 43 ARCHIVE_SPECS = [
47 44 ('tbz2', 'application/x-bzip2', 'tbz2'),
48 45 ('tbz2', 'application/x-bzip2', '.tar.bz2'),
49 46
50 47 ('tgz', 'application/x-gzip', '.tgz'),
51 48 ('tgz', 'application/x-gzip', '.tar.gz'),
52 49
53 50 ('zip', 'application/zip', '.zip'),
54 51 ]
55 52
56 53 HOOKS_PROTOCOL = None
57 54 HOOKS_DIRECT_CALLS = False
58 55 HOOKS_HOST = '127.0.0.1'
59 56
60 57
61 58 MERGE_MESSAGE_TMPL = (
62 59 u'Merge pull request #{pr_id} from {source_repo} {source_ref_name}\n\n '
63 60 u'{pr_title}')
64 61 MERGE_DRY_RUN_MESSAGE = 'dry_run_merge_message_from_rhodecode'
65 62 MERGE_DRY_RUN_USER = 'Dry-Run User'
66 63 MERGE_DRY_RUN_EMAIL = 'dry-run-merge@rhodecode.com'
67 64
68 65
69 66 def available_aliases():
70 67 """
71 68 Mercurial is required for the system to work, so in case vcs.backends does
72 69 not include it, we make sure it will be available internally
73 70 TODO: anderson: refactor vcs.backends so it won't be necessary, VCS server
74 71 should be responsible to dictate available backends.
75 72 """
76 73 aliases = ALIASES[:]
77 74 if 'hg' not in aliases:
78 75 aliases += ['hg']
79 76 return aliases
Show file before | Show file after | Hide comments
@@ -1,205 +1,204 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2019 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21
22 22 import pytest
23 23
24 24 from rhodecode.tests import no_newline_id_generator
25 25 from rhodecode.config.middleware import (
26 26 _sanitize_vcs_settings, _bool_setting, _string_setting, _list_setting,
27 27 _int_setting)
28 28
29 29
30 30 class TestHelperFunctions(object):
31 31 @pytest.mark.parametrize('raw, expected', [
32 32 ('true', True), (u'true', True),
33 33 ('yes', True), (u'yes', True),
34 34 ('on', True), (u'on', True),
35 35 ('false', False), (u'false', False),
36 36 ('no', False), (u'no', False),
37 37 ('off', False), (u'off', False),
38 38 ('invalid-bool-value', False),
39 39 ('invalid-∫øø@-√Γ₯@¨€', False),
40 40 (u'invalid-∫øø@-√Γ₯@¨€', False),
41 41 ])
42 42 def test_bool_setting_helper(self, raw, expected):
43 43 key = 'dummy-key'
44 44 settings = {key: raw}
45 45 _bool_setting(settings, key, None)
46 46 assert settings[key] is expected
47 47
48 48 @pytest.mark.parametrize('raw, expected', [
49 49 ('', ''),
50 50 ('test-string', 'test-string'),
51 51 ('CaSe-TeSt', 'case-test'),
52 52 ('test-string-烩€', 'test-string-烩€'),
53 53 (u'test-string-烩€', u'test-string-烩€'),
54 54 ])
55 55 def test_string_setting_helper(self, raw, expected):
56 56 key = 'dummy-key'
57 57 settings = {key: raw}
58 58 _string_setting(settings, key, None)
59 59 assert settings[key] == expected
60 60
61 61 @pytest.mark.parametrize('raw, expected', [
62 62 ('', []),
63 63 ('test', ['test']),
64 64 ('CaSe-TeSt', ['CaSe-TeSt']),
65 65 ('test-string-烩€', ['test-string-烩€']),
66 66 (u'test-string-烩€', [u'test-string-烩€']),
67 67 ('hg git svn', ['hg', 'git', 'svn']),
68 68 ('hg,git,svn', ['hg', 'git', 'svn']),
69 69 ('hg, git, svn', ['hg', 'git', 'svn']),
70 70 ('hg\ngit\nsvn', ['hg', 'git', 'svn']),
71 71 (' hg\n git\n svn ', ['hg', 'git', 'svn']),
72 72 (', hg , git , svn , ', ['', 'hg', 'git', 'svn', '']),
73 73 ('cheese,free node,other', ['cheese', 'free node', 'other']),
74 74 ], ids=no_newline_id_generator)
75 75 def test_list_setting_helper(self, raw, expected):
76 76 key = 'dummy-key'
77 77 settings = {key: raw}
78 78 _list_setting(settings, key, None)
79 79 assert settings[key] == expected
80 80
81 81 @pytest.mark.parametrize('raw, expected', [
82 82 ('0', 0),
83 83 ('-0', 0),
84 84 ('12345', 12345),
85 85 ('-12345', -12345),
86 86 (u'-12345', -12345),
87 87 ])
88 88 def test_int_setting_helper(self, raw, expected):
89 89 key = 'dummy-key'
90 90 settings = {key: raw}
91 91 _int_setting(settings, key, None)
92 92 assert settings[key] == expected
93 93
94 94 @pytest.mark.parametrize('raw', [
95 95 ('0xff'),
96 96 (''),
97 97 ('invalid-int'),
98 98 ('invalid-⁄~†'),
99 99 (u'invalid-⁄~†'),
100 100 ])
101 101 def test_int_setting_helper_invalid_input(self, raw):
102 102 key = 'dummy-key'
103 103 settings = {key: raw}
104 104 with pytest.raises(Exception):
105 105 _int_setting(settings, key, None)
106 106
107 107
108 108 class TestSanitizeVcsSettings(object):
109 109 _bool_settings = [
110 110 ('vcs.hooks.direct_calls', False),
111 111 ('vcs.server.enable', True),
112 112 ('vcs.start_server', False),
113 113 ('startup.import_repos', False),
114 114 ]
115 115
116 116 _string_settings = [
117 117 ('vcs.svn.compatible_version', ''),
118 ('git_rev_filter', '--all'),
119 118 ('vcs.hooks.protocol', 'http'),
120 119 ('vcs.hooks.host', '127.0.0.1'),
121 120 ('vcs.scm_app_implementation', 'http'),
122 121 ('vcs.server', ''),
123 122 ('vcs.server.log_level', 'debug'),
124 123 ('vcs.server.protocol', 'http'),
125 124 ]
126 125
127 126 _list_settings = [
128 127 ('vcs.backends', 'hg git'),
129 128 ]
130 129
131 130 @pytest.mark.parametrize('key, default', _list_settings)
132 131 def test_list_setting_spacesep_list(self, key, default):
133 132 test_list = ['test', 'list', 'values', 'for', key]
134 133 input_value = ' '.join(test_list)
135 134 settings = {key: input_value}
136 135 _sanitize_vcs_settings(settings)
137 136 assert settings[key] == test_list
138 137
139 138 @pytest.mark.parametrize('key, default', _list_settings)
140 139 def test_list_setting_newlinesep_list(self, key, default):
141 140 test_list = ['test', 'list', 'values', 'for', key]
142 141 input_value = '\n'.join(test_list)
143 142 settings = {key: input_value}
144 143 _sanitize_vcs_settings(settings)
145 144 assert settings[key] == test_list
146 145
147 146 @pytest.mark.parametrize('key, default', _list_settings)
148 147 def test_list_setting_commasep_list(self, key, default):
149 148 test_list = ['test', 'list', 'values', 'for', key]
150 149 input_value = ','.join(test_list)
151 150 settings = {key: input_value}
152 151 _sanitize_vcs_settings(settings)
153 152 assert settings[key] == test_list
154 153
155 154 @pytest.mark.parametrize('key, default', _list_settings)
156 155 def test_list_setting_comma_and_space_sep_list(self, key, default):
157 156 test_list = ['test', 'list', 'values', 'for', key]
158 157 input_value = ', '.join(test_list)
159 158 settings = {key: input_value}
160 159 _sanitize_vcs_settings(settings)
161 160 assert settings[key] == test_list
162 161
163 162 @pytest.mark.parametrize('key, default', _string_settings)
164 163 def test_string_setting_string(self, key, default):
165 164 test_value = 'test-string-for-{}'.format(key)
166 165 settings = {key: test_value}
167 166 _sanitize_vcs_settings(settings)
168 167 assert settings[key] == test_value
169 168
170 169 @pytest.mark.parametrize('key, default', _string_settings)
171 170 def test_string_setting_default(self, key, default):
172 171 settings = {}
173 172 _sanitize_vcs_settings(settings)
174 173 assert settings[key] == default
175 174
176 175 @pytest.mark.parametrize('key, default', _string_settings)
177 176 def test_string_setting_lowercase(self, key, default):
178 177 test_value = 'Test-String-For-{}'.format(key)
179 178 settings = {key: test_value}
180 179 _sanitize_vcs_settings(settings)
181 180 assert settings[key] == test_value.lower()
182 181
183 182 @pytest.mark.parametrize('key, default', _bool_settings)
184 183 def test_bool_setting_true(self, key, default):
185 184 settings = {key: 'true'}
186 185 _sanitize_vcs_settings(settings)
187 186 assert settings[key] is True
188 187
189 188 @pytest.mark.parametrize('key, default', _bool_settings)
190 189 def test_bool_setting_false(self, key, default):
191 190 settings = {key: 'false'}
192 191 _sanitize_vcs_settings(settings)
193 192 assert settings[key] is False
194 193
195 194 @pytest.mark.parametrize('key, default', _bool_settings)
196 195 def test_bool_setting_invalid_string(self, key, default):
197 196 settings = {key: 'no-bool-val-string'}
198 197 _sanitize_vcs_settings(settings)
199 198 assert settings[key] is False
200 199
201 200 @pytest.mark.parametrize('key, default', _bool_settings)
202 201 def test_bool_setting_default(self, key, default):
203 202 settings = {}
204 203 _sanitize_vcs_settings(settings)
205 204 assert settings[key] is default
Show file before | Show file after | Hide comments
@@ -1,669 +1,665 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 #smtp_server = mail.server.com
29 29 #smtp_username =
30 30 #smtp_password =
31 31 #smtp_port =
32 32 #smtp_use_tls = false
33 33 #smtp_use_ssl = true
34 34
35 35 [server:main]
36 36 ## COMMON ##
37 37 host = 0.0.0.0
38 38 port = 5000
39 39
40 40 ##########################
41 41 ## GUNICORN WSGI SERVER ##
42 42 ##########################
43 43 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
44 44
45 45 use = egg:gunicorn#main
46 46 ## Sets the number of process workers. You must set `instance_id = *`
47 47 ## when this option is set to more than one worker, recommended
48 48 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
49 49 ## The `instance_id = *` must be set in the [app:main] section below
50 50 #workers = 2
51 51 ## number of threads for each of the worker, must be set to 1 for gevent
52 52 ## generally recommened to be at 1
53 53 #threads = 1
54 54 ## process name
55 55 #proc_name = rhodecode
56 56 ## type of worker class, one of sync, gevent
57 57 ## recommended for bigger setup is using of of other than sync one
58 58 #worker_class = sync
59 59 ## The maximum number of simultaneous clients. Valid only for Gevent
60 60 #worker_connections = 10
61 61 ## max number of requests that worker will handle before being gracefully
62 62 ## restarted, could prevent memory leaks
63 63 #max_requests = 1000
64 64 #max_requests_jitter = 30
65 65 ## amount of time a worker can spend with handling a request before it
66 66 ## gets killed and restarted. Set to 6hrs
67 67 #timeout = 21600
68 68
69 69 ## prefix middleware for RhodeCode.
70 70 ## recommended when using proxy setup.
71 71 ## allows to set RhodeCode under a prefix in server.
72 72 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
73 73 ## And set your prefix like: `prefix = /custom_prefix`
74 74 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
75 75 ## to make your cookies only work on prefix url
76 76 [filter:proxy-prefix]
77 77 use = egg:PasteDeploy#prefix
78 78 prefix = /
79 79
80 80 [app:main]
81 81 is_test = True
82 82 use = egg:rhodecode-enterprise-ce
83 83
84 84 ## enable proxy prefix middleware, defined above
85 85 #filter-with = proxy-prefix
86 86
87 87
88 88 ## RHODECODE PLUGINS ##
89 89 rhodecode.includes = rhodecode.api
90 90
91 91 # api prefix url
92 92 rhodecode.api.url = /_admin/api
93 93
94 94
95 95 ## END RHODECODE PLUGINS ##
96 96
97 97 ## encryption key used to encrypt social plugin tokens,
98 98 ## remote_urls with credentials etc, if not set it defaults to
99 99 ## `beaker.session.secret`
100 100 #rhodecode.encrypted_values.secret =
101 101
102 102 ## decryption strict mode (enabled by default). It controls if decryption raises
103 103 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
104 104 #rhodecode.encrypted_values.strict = false
105 105
106 106 ## return gzipped responses from Rhodecode (static files/application)
107 107 gzip_responses = false
108 108
109 109 ## autogenerate javascript routes file on startup
110 110 generate_js_files = false
111 111
112 112 ## Optional Languages
113 113 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
114 114 lang = en
115 115
116 116 ## perform a full repository scan on each server start, this should be
117 117 ## set to false after first startup, to allow faster server restarts.
118 118 startup.import_repos = true
119 119
120 120 ## Uncomment and set this path to use archive download cache.
121 121 ## Once enabled, generated archives will be cached at this location
122 122 ## and served from the cache during subsequent requests for the same archive of
123 123 ## the repository.
124 124 #archive_cache_dir = /tmp/tarballcache
125 125
126 126 ## URL at which the application is running. This is used for bootstraping
127 127 ## requests in context when no web request is available. Used in ishell, or
128 128 ## SSH calls. Set this for events to receive proper url for SSH calls.
129 129 app.base_url = http://rhodecode.local
130 130
131 131 ## change this to unique ID for security
132 132 app_instance_uuid = rc-production
133 133
134 134 ## cut off limit for large diffs (size in bytes)
135 135 cut_off_limit_diff = 1024000
136 136 cut_off_limit_file = 256000
137 137
138 138 ## use cache version of scm repo everywhere
139 139 vcs_full_cache = false
140 140
141 141 ## force https in RhodeCode, fixes https redirects, assumes it's always https
142 142 ## Normally this is controlled by proper http flags sent from http server
143 143 force_https = false
144 144
145 145 ## use Strict-Transport-Security headers
146 146 use_htsts = false
147 147
148 ## git rev filter option, --all is the default filter, if you need to
149 ## hide all refs in changelog switch this to --branches --tags
150 git_rev_filter = --all
151
152 148 # Set to true if your repos are exposed using the dumb protocol
153 149 git_update_server_info = false
154 150
155 151 ## RSS/ATOM feed options
156 152 rss_cut_off_limit = 256000
157 153 rss_items_per_page = 10
158 154 rss_include_diff = false
159 155
160 156 ## gist URL alias, used to create nicer urls for gist. This should be an
161 157 ## url that does rewrites to _admin/gists/{gistid}.
162 158 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
163 159 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
164 160 gist_alias_url =
165 161
166 162 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
167 163 ## used for access.
168 164 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
169 165 ## came from the the logged in user who own this authentication token.
170 166 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
171 167 ## authentication token. Such view would be only accessible when used together
172 168 ## with this authentication token
173 169 ##
174 170 ## list of all views can be found under `/_admin/permissions/auth_token_access`
175 171 ## The list should be "," separated and on a single line.
176 172 ##
177 173 ## Most common views to enable:
178 174 # RepoCommitsView:repo_commit_download
179 175 # RepoCommitsView:repo_commit_patch
180 176 # RepoCommitsView:repo_commit_raw
181 177 # RepoCommitsView:repo_commit_raw@TOKEN
182 178 # RepoFilesView:repo_files_diff
183 179 # RepoFilesView:repo_archivefile
184 180 # RepoFilesView:repo_file_raw
185 181 # GistView:*
186 182 api_access_controllers_whitelist =
187 183
188 184 ## default encoding used to convert from and to unicode
189 185 ## can be also a comma separated list of encoding in case of mixed encodings
190 186 default_encoding = UTF-8
191 187
192 188 ## instance-id prefix
193 189 ## a prefix key for this instance used for cache invalidation when running
194 190 ## multiple instances of rhodecode, make sure it's globally unique for
195 191 ## all running rhodecode instances. Leave empty if you don't use it
196 192 instance_id =
197 193
198 194 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
199 195 ## of an authentication plugin also if it is disabled by it's settings.
200 196 ## This could be useful if you are unable to log in to the system due to broken
201 197 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
202 198 ## module to log in again and fix the settings.
203 199 ##
204 200 ## Available builtin plugin IDs (hash is part of the ID):
205 201 ## egg:rhodecode-enterprise-ce#rhodecode
206 202 ## egg:rhodecode-enterprise-ce#pam
207 203 ## egg:rhodecode-enterprise-ce#ldap
208 204 ## egg:rhodecode-enterprise-ce#jasig_cas
209 205 ## egg:rhodecode-enterprise-ce#headers
210 206 ## egg:rhodecode-enterprise-ce#crowd
211 207 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
212 208
213 209 ## alternative return HTTP header for failed authentication. Default HTTP
214 210 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
215 211 ## handling that causing a series of failed authentication calls.
216 212 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
217 213 ## This will be served instead of default 401 on bad authnetication
218 214 auth_ret_code =
219 215
220 216 ## use special detection method when serving auth_ret_code, instead of serving
221 217 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
222 218 ## and then serve auth_ret_code to clients
223 219 auth_ret_code_detection = false
224 220
225 221 ## locking return code. When repository is locked return this HTTP code. 2XX
226 222 ## codes don't break the transactions while 4XX codes do
227 223 lock_ret_code = 423
228 224
229 225 ## allows to change the repository location in settings page
230 226 allow_repo_location_change = true
231 227
232 228 ## allows to setup custom hooks in settings page
233 229 allow_custom_hooks_settings = true
234 230
235 231 ## generated license token, goto license page in RhodeCode settings to obtain
236 232 ## new token
237 233 license_token = abra-cada-bra1-rce3
238 234
239 235 ## supervisor connection uri, for managing supervisor and logs.
240 236 supervisor.uri =
241 237 ## supervisord group name/id we only want this RC instance to handle
242 238 supervisor.group_id = dev
243 239
244 240 ## Display extended labs settings
245 241 labs_settings_active = true
246 242
247 243 ####################################
248 244 ### CELERY CONFIG ####
249 245 ####################################
250 246 use_celery = false
251 247 broker.host = localhost
252 248 broker.vhost = rabbitmqhost
253 249 broker.port = 5672
254 250 broker.user = rabbitmq
255 251 broker.password = qweqwe
256 252
257 253 celery.imports = rhodecode.lib.celerylib.tasks
258 254
259 255 celery.result.backend = amqp
260 256 celery.result.dburi = amqp://
261 257 celery.result.serialier = json
262 258
263 259 #celery.send.task.error.emails = true
264 260 #celery.amqp.task.result.expires = 18000
265 261
266 262 celeryd.concurrency = 2
267 263 #celeryd.log.file = celeryd.log
268 264 celeryd.log.level = debug
269 265 celeryd.max.tasks.per.child = 1
270 266
271 267 ## tasks will never be sent to the queue, but executed locally instead.
272 268 celery.always.eager = false
273 269
274 270 ####################################
275 271 ### BEAKER CACHE ####
276 272 ####################################
277 273 # default cache dir for templates. Putting this into a ramdisk
278 274 ## can boost performance, eg. %(here)s/data_ramdisk
279 275 cache_dir = %(here)s/data
280 276
281 277 ## locking and default file storage for Beaker. Putting this into a ramdisk
282 278 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
283 279 beaker.cache.data_dir = %(here)s/rc/data/cache/beaker_data
284 280 beaker.cache.lock_dir = %(here)s/rc/data/cache/beaker_lock
285 281
286 282 beaker.cache.regions = long_term
287 283
288 284 beaker.cache.long_term.type = memory
289 285 beaker.cache.long_term.expire = 36000
290 286 beaker.cache.long_term.key_length = 256
291 287
292 288
293 289 #####################################
294 290 ### DOGPILE CACHE ####
295 291 #####################################
296 292
297 293 ## permission tree cache settings
298 294 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
299 295 rc_cache.cache_perms.expiration_time = 0
300 296 rc_cache.cache_perms.arguments.filename = /tmp/rc_cache_1
301 297
302 298
303 299 ## cache settings for SQL queries
304 300 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
305 301 rc_cache.sql_cache_short.expiration_time = 0
306 302
307 303
308 304 ####################################
309 305 ### BEAKER SESSION ####
310 306 ####################################
311 307
312 308 ## .session.type is type of storage options for the session, current allowed
313 309 ## types are file, ext:memcached, ext:database, and memory (default).
314 310 beaker.session.type = file
315 311 beaker.session.data_dir = %(here)s/rc/data/sessions/data
316 312
317 313 ## db based session, fast, and allows easy management over logged in users
318 314 #beaker.session.type = ext:database
319 315 #beaker.session.table_name = db_session
320 316 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
321 317 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
322 318 #beaker.session.sa.pool_recycle = 3600
323 319 #beaker.session.sa.echo = false
324 320
325 321 beaker.session.key = rhodecode
326 322 beaker.session.secret = test-rc-uytcxaz
327 323 beaker.session.lock_dir = %(here)s/rc/data/sessions/lock
328 324
329 325 ## Secure encrypted cookie. Requires AES and AES python libraries
330 326 ## you must disable beaker.session.secret to use this
331 327 #beaker.session.encrypt_key = key_for_encryption
332 328 #beaker.session.validate_key = validation_key
333 329
334 330 ## sets session as invalid(also logging out user) if it haven not been
335 331 ## accessed for given amount of time in seconds
336 332 beaker.session.timeout = 2592000
337 333 beaker.session.httponly = true
338 334 ## Path to use for the cookie. Set to prefix if you use prefix middleware
339 335 #beaker.session.cookie_path = /custom_prefix
340 336
341 337 ## uncomment for https secure cookie
342 338 beaker.session.secure = false
343 339
344 340 ## auto save the session to not to use .save()
345 341 beaker.session.auto = false
346 342
347 343 ## default cookie expiration time in seconds, set to `true` to set expire
348 344 ## at browser close
349 345 #beaker.session.cookie_expires = 3600
350 346
351 347 ###################################
352 348 ## SEARCH INDEXING CONFIGURATION ##
353 349 ###################################
354 350 ## Full text search indexer is available in rhodecode-tools under
355 351 ## `rhodecode-tools index` command
356 352
357 353 ## WHOOSH Backend, doesn't require additional services to run
358 354 ## it works good with few dozen repos
359 355 search.module = rhodecode.lib.index.whoosh
360 356 search.location = %(here)s/data/index
361 357
362 358 ########################################
363 359 ### CHANNELSTREAM CONFIG ####
364 360 ########################################
365 361 ## channelstream enables persistent connections and live notification
366 362 ## in the system. It's also used by the chat system
367 363
368 364 channelstream.enabled = false
369 365
370 366 ## server address for channelstream server on the backend
371 367 channelstream.server = 127.0.0.1:9800
372 368 ## location of the channelstream server from outside world
373 369 ## use ws:// for http or wss:// for https. This address needs to be handled
374 370 ## by external HTTP server such as Nginx or Apache
375 371 ## see nginx/apache configuration examples in our docs
376 372 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
377 373 channelstream.secret = secret
378 374 channelstream.history.location = %(here)s/channelstream_history
379 375
380 376 ## Internal application path that Javascript uses to connect into.
381 377 ## If you use proxy-prefix the prefix should be added before /_channelstream
382 378 channelstream.proxy_path = /_channelstream
383 379
384 380
385 381 ###################################
386 382 ## APPENLIGHT CONFIG ##
387 383 ###################################
388 384
389 385 ## Appenlight is tailored to work with RhodeCode, see
390 386 ## http://appenlight.com for details how to obtain an account
391 387
392 388 ## appenlight integration enabled
393 389 appenlight = false
394 390
395 391 appenlight.server_url = https://api.appenlight.com
396 392 appenlight.api_key = YOUR_API_KEY
397 393 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
398 394
399 395 # used for JS client
400 396 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
401 397
402 398 ## TWEAK AMOUNT OF INFO SENT HERE
403 399
404 400 ## enables 404 error logging (default False)
405 401 appenlight.report_404 = false
406 402
407 403 ## time in seconds after request is considered being slow (default 1)
408 404 appenlight.slow_request_time = 1
409 405
410 406 ## record slow requests in application
411 407 ## (needs to be enabled for slow datastore recording and time tracking)
412 408 appenlight.slow_requests = true
413 409
414 410 ## enable hooking to application loggers
415 411 appenlight.logging = true
416 412
417 413 ## minimum log level for log capture
418 414 appenlight.logging.level = WARNING
419 415
420 416 ## send logs only from erroneous/slow requests
421 417 ## (saves API quota for intensive logging)
422 418 appenlight.logging_on_error = false
423 419
424 420 ## list of additonal keywords that should be grabbed from environ object
425 421 ## can be string with comma separated list of words in lowercase
426 422 ## (by default client will always send following info:
427 423 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
428 424 ## start with HTTP* this list be extended with additional keywords here
429 425 appenlight.environ_keys_whitelist =
430 426
431 427 ## list of keywords that should be blanked from request object
432 428 ## can be string with comma separated list of words in lowercase
433 429 ## (by default client will always blank keys that contain following words
434 430 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
435 431 ## this list be extended with additional keywords set here
436 432 appenlight.request_keys_blacklist =
437 433
438 434 ## list of namespaces that should be ignores when gathering log entries
439 435 ## can be string with comma separated list of namespaces
440 436 ## (by default the client ignores own entries: appenlight_client.client)
441 437 appenlight.log_namespace_blacklist =
442 438
443 439
444 440 ################################################################################
445 441 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
446 442 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
447 443 ## execute malicious code after an exception is raised. ##
448 444 ################################################################################
449 445 set debug = false
450 446
451 447
452 448 ##############
453 449 ## STYLING ##
454 450 ##############
455 451 debug_style = false
456 452
457 453 ###########################################
458 454 ### MAIN RHODECODE DATABASE CONFIG ###
459 455 ###########################################
460 456 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
461 457 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode_test
462 458 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode_test
463 459 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
464 460
465 461 # see sqlalchemy docs for other advanced settings
466 462
467 463 ## print the sql statements to output
468 464 sqlalchemy.db1.echo = false
469 465 ## recycle the connections after this amount of seconds
470 466 sqlalchemy.db1.pool_recycle = 3600
471 467 sqlalchemy.db1.convert_unicode = true
472 468
473 469 ## the number of connections to keep open inside the connection pool.
474 470 ## 0 indicates no limit
475 471 #sqlalchemy.db1.pool_size = 5
476 472
477 473 ## the number of connections to allow in connection pool "overflow", that is
478 474 ## connections that can be opened above and beyond the pool_size setting,
479 475 ## which defaults to five.
480 476 #sqlalchemy.db1.max_overflow = 10
481 477
482 478
483 479 ##################
484 480 ### VCS CONFIG ###
485 481 ##################
486 482 vcs.server.enable = true
487 483 vcs.server = localhost:9901
488 484
489 485 ## Web server connectivity protocol, responsible for web based VCS operatations
490 486 ## Available protocols are:
491 487 ## `http` - use http-rpc backend (default)
492 488 vcs.server.protocol = http
493 489
494 490 ## Push/Pull operations protocol, available options are:
495 491 ## `http` - use http-rpc backend (default)
496 492 ## `vcsserver.scm_app` - internal app (EE only)
497 493 vcs.scm_app_implementation = http
498 494
499 495 ## Push/Pull operations hooks protocol, available options are:
500 496 ## `http` - use http-rpc backend (default)
501 497 vcs.hooks.protocol = http
502 498 vcs.hooks.host = 127.0.0.1
503 499
504 500 vcs.server.log_level = debug
505 501 ## Start VCSServer with this instance as a subprocess, Useful for development
506 502 vcs.start_server = false
507 503
508 504 ## List of enabled VCS backends, available options are:
509 505 ## `hg` - mercurial
510 506 ## `git` - git
511 507 ## `svn` - subversion
512 508 vcs.backends = hg, git, svn
513 509
514 510 vcs.connection_timeout = 3600
515 511 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
516 512 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
517 513 #vcs.svn.compatible_version = pre-1.8-compatible
518 514
519 515
520 516 ############################################################
521 517 ### Subversion proxy support (mod_dav_svn) ###
522 518 ### Maps RhodeCode repo groups into SVN paths for Apache ###
523 519 ############################################################
524 520 ## Enable or disable the config file generation.
525 521 svn.proxy.generate_config = false
526 522 ## Generate config file with `SVNListParentPath` set to `On`.
527 523 svn.proxy.list_parent_path = true
528 524 ## Set location and file name of generated config file.
529 525 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
530 526 ## Used as a prefix to the `Location` block in the generated config file.
531 527 ## In most cases it should be set to `/`.
532 528 svn.proxy.location_root = /
533 529 ## Command to reload the mod dav svn configuration on change.
534 530 ## Example: `/etc/init.d/apache2 reload`
535 531 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
536 532 ## If the timeout expires before the reload command finishes, the command will
537 533 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
538 534 #svn.proxy.reload_timeout = 10
539 535
540 536 ############################################################
541 537 ### SSH Support Settings ###
542 538 ############################################################
543 539
544 540 ## Defines if the authorized_keys file should be written on any change of
545 541 ## user ssh keys, setting this to false also disables posibility of adding
546 542 ## ssh keys for users from web interface.
547 543 ssh.generate_authorized_keyfile = true
548 544
549 545 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
550 546 # ssh.authorized_keys_ssh_opts =
551 547
552 548 ## File to generate the authorized keys together with options
553 549 ## It is possible to have multiple key files specified in `sshd_config` e.g.
554 550 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
555 551 ssh.authorized_keys_file_path = %(here)s/rc/authorized_keys_rhodecode
556 552
557 553 ## Command to execute the SSH wrapper. The binary is available in the
558 554 ## rhodecode installation directory.
559 555 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
560 556 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
561 557
562 558 ## Allow shell when executing the ssh-wrapper command
563 559 ssh.wrapper_cmd_allow_shell = false
564 560
565 561 ## Enables logging, and detailed output send back to the client. Useful for
566 562 ## debugging, shouldn't be used in production.
567 563 ssh.enable_debug_logging = false
568 564
569 565 ## Paths to binary executrables, by default they are the names, but we can
570 566 ## override them if we want to use a custom one
571 567 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
572 568 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
573 569 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
574 570
575 571 ## Enables SSH key generator web interface. Disabling this still allows users
576 572 ## to add their own keys.
577 573 ssh.enable_ui_key_generator = true
578 574
579 575
580 576 ## Dummy marker to add new entries after.
581 577 ## Add any custom entries below. Please don't remove.
582 578 custom.conf = 1
583 579
584 580
585 581 ################################
586 582 ### LOGGING CONFIGURATION ####
587 583 ################################
588 584 [loggers]
589 585 keys = root, sqlalchemy, beaker, rhodecode, ssh_wrapper
590 586
591 587 [handlers]
592 588 keys = console, console_sql
593 589
594 590 [formatters]
595 591 keys = generic, color_formatter, color_formatter_sql
596 592
597 593 #############
598 594 ## LOGGERS ##
599 595 #############
600 596 [logger_root]
601 597 level = NOTSET
602 598 handlers = console
603 599
604 600 [logger_routes]
605 601 level = DEBUG
606 602 handlers =
607 603 qualname = routes.middleware
608 604 ## "level = DEBUG" logs the route matched and routing variables.
609 605 propagate = 1
610 606
611 607 [logger_beaker]
612 608 level = DEBUG
613 609 handlers =
614 610 qualname = beaker.container
615 611 propagate = 1
616 612
617 613 [logger_rhodecode]
618 614 level = DEBUG
619 615 handlers =
620 616 qualname = rhodecode
621 617 propagate = 1
622 618
623 619 [logger_sqlalchemy]
624 620 level = ERROR
625 621 handlers = console_sql
626 622 qualname = sqlalchemy.engine
627 623 propagate = 0
628 624
629 625 [logger_ssh_wrapper]
630 626 level = DEBUG
631 627 handlers =
632 628 qualname = ssh_wrapper
633 629 propagate = 1
634 630
635 631
636 632 ##############
637 633 ## HANDLERS ##
638 634 ##############
639 635
640 636 [handler_console]
641 637 class = StreamHandler
642 638 args = (sys.stderr,)
643 639 level = DEBUG
644 640 formatter = generic
645 641
646 642 [handler_console_sql]
647 643 class = StreamHandler
648 644 args = (sys.stderr,)
649 645 level = WARN
650 646 formatter = generic
651 647
652 648 ################
653 649 ## FORMATTERS ##
654 650 ################
655 651
656 652 [formatter_generic]
657 653 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
658 654 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
659 655 datefmt = %Y-%m-%d %H:%M:%S
660 656
661 657 [formatter_color_formatter]
662 658 class = rhodecode.lib.logging_formatter.ColorFormatter
663 659 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
664 660 datefmt = %Y-%m-%d %H:%M:%S
665 661
666 662 [formatter_color_formatter_sql]
667 663 class = rhodecode.lib.logging_formatter.ColorFormatterSql
668 664 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
669 665 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now