##// END OF EJS Templates
configs: use new style of comments on .ini files....
marcink -
r4169:089413ab default
parent child Browse files
Show More
This diff has been collapsed as it changes many lines, (904 lines changed) Show them Hide them
@@ -1,788 +1,834 b''
1
1 ## -*- coding: utf-8 -*-
2 2
3 ################################################################################
4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 ################################################################################
3 ; #########################################
4 ; RHODECODE COMMUNITY EDITION CONFIGURATION
5 ; #########################################
6 6
7 7 [DEFAULT]
8 ## Debug flag sets all loggers to debug, and enables request tracking
8 ; Debug flag sets all loggers to debug, and enables request tracking
9 9 debug = true
10 10
11 ################################################################################
12 ## EMAIL CONFIGURATION ##
13 ## Uncomment and replace with the email address which should receive ##
14 ## any error reports after an application crash ##
15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 ################################################################################
11 ; ########################################################################
12 ; EMAIL CONFIGURATION
13 ; Uncomment and replace with the email address which should receive
14 ; any error reports after an application crash
15 ; Additionally these settings will be used by the RhodeCode mailing system
16 ; ########################################################################
17 17
18 ## prefix all emails subjects with given prefix, helps filtering out emails
18 ; prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 ## email FROM address all mails will be sent
21 ; email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 #smtp_server = mail.server.com
25 25 #smtp_username =
26 26 #smtp_password =
27 27 #smtp_port =
28 28 #smtp_use_tls = false
29 29 #smtp_use_ssl = true
30 30
31 31 [server:main]
32 ## COMMON ##
32 ; COMMON HOST/IP CONFIG
33 33 host = 127.0.0.1
34 34 port = 5000
35 35
36 ###########################################################
37 ## WAITRESS WSGI SERVER - Recommended for Development ####
38 ###########################################################
36 ; ##################################################
37 ; WAITRESS WSGI SERVER - Recommended for Development
38 ; ##################################################
39 39
40 ; use server type
40 41 use = egg:waitress#main
41 ## number of worker threads
42
43 ; number of worker threads
42 44 threads = 5
43 ## MAX BODY SIZE 100GB
45
46 ; MAX BODY SIZE 100GB
44 47 max_request_body_size = 107374182400
45 ## Use poll instead of select, fixes file descriptors limits problems.
46 ## May not work on old windows systems.
48
49 ; Use poll instead of select, fixes file descriptors limits problems.
50 ; May not work on old windows systems.
47 51 asyncore_use_poll = true
48 52
49 53
50 ##########################
51 ## GUNICORN WSGI SERVER ##
52 ##########################
53 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
54 ; ###########################
55 ; GUNICORN APPLICATION SERVER
56 ; ###########################
54 57
58 ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
59
60 ; Module to use, this setting shouldn't be changed
55 61 #use = egg:gunicorn#main
56 ## Sets the number of process workers. More workers means more concurrent connections
57 ## RhodeCode can handle at the same time. Each additional worker also it increases
58 ## memory usage as each has it's own set of caches.
59 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
60 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
61 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
62 ## when using more than 1 worker.
62
63 ; Sets the number of process workers. More workers means more concurrent connections
64 ; RhodeCode can handle at the same time. Each additional worker also it increases
65 ; memory usage as each has it's own set of caches.
66 ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
67 ; than 8-10 unless for really big deployments .e.g 700-1000 users.
68 ; `instance_id = *` must be set in the [app:main] section below (which is the default)
69 ; when using more than 1 worker.
63 70 #workers = 2
64 71
65 ## Gunicorn access log level
72 ; Gunicorn access log level
66 73 #loglevel = info
67 74
68 ## process name visible in process list
75 ; Process name visible in process list
69 76 #proc_name = rhodecode
70 77
71 ## type of worker class, one of sync, gevent
72 ## recommended for bigger setup is using of of other than sync one
78 ; Type of worker class, one of `sync`, `gevent`
79 ; Recommended type is `gevent`
73 80 #worker_class = gevent
74 81
75 ## The maximum number of simultaneous clients. Valid only for Gevent
82 ; The maximum number of simultaneous clients. Valid only for gevent
76 83 #worker_connections = 10
77 84
78 ## max number of requests that worker will handle before being gracefully
79 ## restarted, could prevent memory leaks
85 ; Max number of requests that worker will handle before being gracefully restarted.
86 ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
80 87 #max_requests = 1000
81 88 #max_requests_jitter = 30
82 89
83 ## amount of time a worker can spend with handling a request before it
84 ## gets killed and restarted. Set to 6hrs
90 ; Amount of time a worker can spend with handling a request before it
91 ; gets killed and restarted. By default set to 21600 (6hrs)
92 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
85 93 #timeout = 21600
86 94
87 ## The maximum size of HTTP request line in bytes.
88 ## 0 for unlimited
95 ; The maximum size of HTTP request line in bytes.
96 ; 0 for unlimited
89 97 #limit_request_line = 0
90 98
91 ## Limit the number of HTTP headers fields in a request.
92 ## By default this value is 100 and can't be larger than 32768.
99 ; Limit the number of HTTP headers fields in a request.
100 ; By default this value is 100 and can't be larger than 32768.
93 101 #limit_request_fields = 32768
94 102
95 ## Limit the allowed size of an HTTP request header field.
96 ## Value is a positive number or 0.
97 ## Setting it to 0 will allow unlimited header field sizes.
103 ; Limit the allowed size of an HTTP request header field.
104 ; Value is a positive number or 0.
105 ; Setting it to 0 will allow unlimited header field sizes.
98 106 #limit_request_field_size = 0
99 107
100 ## Timeout for graceful workers restart.
101 ## After receiving a restart signal, workers have this much time to finish
102 ## serving requests. Workers still alive after the timeout (starting from the
103 ## receipt of the restart signal) are force killed.
108 ; Timeout for graceful workers restart.
109 ; After receiving a restart signal, workers have this much time to finish
110 ; serving requests. Workers still alive after the timeout (starting from the
111 ; receipt of the restart signal) are force killed.
112 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
104 113 #graceful_timeout = 3600
105 114
106 115 # The number of seconds to wait for requests on a Keep-Alive connection.
107 116 # Generally set in the 1-5 seconds range.
108 117 #keepalive = 2
109 118
110 ## Maximum memory usage that each worker can use before it will receive a
111 ## graceful restart signal, e.g 10MB = 10485760 (10 * 1024 * 1024)
112 # 0 = memory monitoring is disabled
119 ; Maximum memory usage that each worker can use before it will receive a
120 ; graceful restart signal 0 = memory monitoring is disabled
121 ; Examples: 268435456 (256MB), 536870912 (512MB)
122 ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
113 123 #memory_max_usage = 0
114 124
115 ## How often in seconds to check for memory usage for each gunicorn worker
125 ; How often in seconds to check for memory usage for each gunicorn worker
116 126 #memory_usage_check_interval = 60
117 127
118 ## Threshold value for which we don't recycle worker if GarbageCollection
119 ## frees up enough resources. Before each restart we try to run GC on worker
120 ## in case we get enough free memory after that, restart will not happen.
128 ; Threshold value for which we don't recycle worker if GarbageCollection
129 ; frees up enough resources. Before each restart we try to run GC on worker
130 ; in case we get enough free memory after that, restart will not happen.
121 131 #memory_usage_recovery_threshold = 0.8
122 132
123 ## prefix middleware for RhodeCode.
124 ## recommended when using proxy setup.
125 ## allows to set RhodeCode under a prefix in server.
126 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
127 ## And set your prefix like: `prefix = /custom_prefix`
128 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
129 ## to make your cookies only work on prefix url
133
134 ; Prefix middleware for RhodeCode.
135 ; recommended when using proxy setup.
136 ; allows to set RhodeCode under a prefix in server.
137 ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
138 ; And set your prefix like: `prefix = /custom_prefix`
139 ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
140 ; to make your cookies only work on prefix url
130 141 [filter:proxy-prefix]
131 142 use = egg:PasteDeploy#prefix
132 143 prefix = /
133 144
134 145 [app:main]
135 ## The %(here)s variable will be replaced with the absolute path of parent directory
136 ## of this file
137 ## In addition ENVIRONMENT variables usage is possible, e.g
138 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
146 ; The %(here)s variable will be replaced with the absolute path of parent directory
147 ; of this file
148 ; In addition ENVIRONMENT variables usage is possible, e.g
149 ; sqlalchemy.db1.url = {ENV_RC_DB_URL}
139 150
140 151 use = egg:rhodecode-enterprise-ce
141 152
142 ## enable proxy prefix middleware, defined above
153 ; enable proxy prefix middleware, defined above
143 154 #filter-with = proxy-prefix
144 155
156 ; #############
157 ; DEBUG OPTIONS
158 ; #############
159
160 pyramid.reload_templates = true
161
145 162 # During development the we want to have the debug toolbar enabled
146 163 pyramid.includes =
147 164 pyramid_debugtoolbar
148 rhodecode.lib.middleware.request_wrapper
149
150 pyramid.reload_templates = true
151 165
152 166 debugtoolbar.hosts = 0.0.0.0/0
153 167 debugtoolbar.exclude_prefixes =
154 168 /css
155 169 /fonts
156 170 /images
157 171 /js
158 172
159 173 ## RHODECODE PLUGINS ##
160 174 rhodecode.includes =
161 175 rhodecode.api
162 176
163 177
164 178 # api prefix url
165 179 rhodecode.api.url = /_admin/api
166 180
167
168 ## END RHODECODE PLUGINS ##
181 ; enable debug style page
182 debug_style = true
169 183
170 ## encryption key used to encrypt social plugin tokens,
171 ## remote_urls with credentials etc, if not set it defaults to
172 ## `beaker.session.secret`
184 ; #################
185 ; END DEBUG OPTIONS
186 ; #################
187
188 ; encryption key used to encrypt social plugin tokens,
189 ; remote_urls with credentials etc, if not set it defaults to
190 ; `beaker.session.secret`
173 191 #rhodecode.encrypted_values.secret =
174 192
175 ## decryption strict mode (enabled by default). It controls if decryption raises
176 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
193 ; decryption strict mode (enabled by default). It controls if decryption raises
194 ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
177 195 #rhodecode.encrypted_values.strict = false
178 196
179 ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
180 ## fernet is safer, and we strongly recommend switching to it.
181 ## Due to backward compatibility aes is used as default.
197 ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
198 ; fernet is safer, and we strongly recommend switching to it.
199 ; Due to backward compatibility aes is used as default.
182 200 #rhodecode.encrypted_values.algorithm = fernet
183 201
184 ## return gzipped responses from RhodeCode (static files/application)
202 ; Return gzipped responses from RhodeCode (static files/application)
185 203 gzip_responses = false
186 204
187 ## auto-generate javascript routes file on startup
205 ; Auto-generate javascript routes file on startup
188 206 generate_js_files = false
189 207
190 ## System global default language.
191 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
208 ; System global default language.
209 ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
192 210 lang = en
193 211
194 ## Perform a full repository scan and import on each server start.
195 ## Settings this to true could lead to very long startup time.
212 ; Perform a full repository scan and import on each server start.
213 ; Settings this to true could lead to very long startup time.
196 214 startup.import_repos = false
197 215
198 ## Uncomment and set this path to use archive download cache.
199 ## Once enabled, generated archives will be cached at this location
200 ## and served from the cache during subsequent requests for the same archive of
201 ## the repository.
216 ; Uncomment and set this path to use archive download cache.
217 ; Once enabled, generated archives will be cached at this location
218 ; and served from the cache during subsequent requests for the same archive of
219 ; the repository.
202 220 #archive_cache_dir = /tmp/tarballcache
203 221
204 ## URL at which the application is running. This is used for Bootstrapping
205 ## requests in context when no web request is available. Used in ishell, or
206 ## SSH calls. Set this for events to receive proper url for SSH calls.
222 ; URL at which the application is running. This is used for Bootstrapping
223 ; requests in context when no web request is available. Used in ishell, or
224 ; SSH calls. Set this for events to receive proper url for SSH calls.
207 225 app.base_url = http://rhodecode.local
208 226
209 ## Unique application ID. Should be a random unique string for security.
227 ; Unique application ID. Should be a random unique string for security.
210 228 app_instance_uuid = rc-production
211 229
212 ## Cut off limit for large diffs (size in bytes). If overall diff size on
213 ## commit, or pull request exceeds this limit this diff will be displayed
214 ## partially. E.g 512000 == 512Kb
230 ; Cut off limit for large diffs (size in bytes). If overall diff size on
231 ; commit, or pull request exceeds this limit this diff will be displayed
232 ; partially. E.g 512000 == 512Kb
215 233 cut_off_limit_diff = 512000
216 234
217 ## Cut off limit for large files inside diffs (size in bytes). Each individual
218 ## file inside diff which exceeds this limit will be displayed partially.
219 ## E.g 128000 == 128Kb
235 ; Cut off limit for large files inside diffs (size in bytes). Each individual
236 ; file inside diff which exceeds this limit will be displayed partially.
237 ; E.g 128000 == 128Kb
220 238 cut_off_limit_file = 128000
221 239
222 ## use cached version of vcs repositories everywhere. Recommended to be `true`
240 ; Use cached version of vcs repositories everywhere. Recommended to be `true`
223 241 vcs_full_cache = true
224 242
225 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
226 ## Normally this is controlled by proper http flags sent from http server
243 ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
244 ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
227 245 force_https = false
228 246
229 ## use Strict-Transport-Security headers
247 ; use Strict-Transport-Security headers
230 248 use_htsts = false
231 249
232 # Set to true if your repos are exposed using the dumb protocol
250 ; Set to true if your repos are exposed using the dumb protocol
233 251 git_update_server_info = false
234 252
235 ## RSS/ATOM feed options
253 ; RSS/ATOM feed options
236 254 rss_cut_off_limit = 256000
237 255 rss_items_per_page = 10
238 256 rss_include_diff = false
239 257
240 ## gist URL alias, used to create nicer urls for gist. This should be an
241 ## url that does rewrites to _admin/gists/{gistid}.
242 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
243 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
258 ; gist URL alias, used to create nicer urls for gist. This should be an
259 ; url that does rewrites to _admin/gists/{gistid}.
260 ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
261 ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
244 262 gist_alias_url =
245 263
246 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
247 ## used for access.
248 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
249 ## came from the the logged in user who own this authentication token.
250 ## Additionally @TOKEN syntax can be used to bound the view to specific
251 ## authentication token. Such view would be only accessible when used together
252 ## with this authentication token
253 ##
254 ## list of all views can be found under `/_admin/permissions/auth_token_access`
255 ## The list should be "," separated and on a single line.
256 ##
257 ## Most common views to enable:
264 ; List of views (using glob pattern syntax) that AUTH TOKENS could be
265 ; used for access.
266 ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
267 ; came from the the logged in user who own this authentication token.
268 ; Additionally @TOKEN syntax can be used to bound the view to specific
269 ; authentication token. Such view would be only accessible when used together
270 ; with this authentication token
271 ; list of all views can be found under `/_admin/permissions/auth_token_access`
272 ; The list should be "," separated and on a single line.
273 ; Most common views to enable:
274
258 275 # RepoCommitsView:repo_commit_download
259 276 # RepoCommitsView:repo_commit_patch
260 277 # RepoCommitsView:repo_commit_raw
261 278 # RepoCommitsView:repo_commit_raw@TOKEN
262 279 # RepoFilesView:repo_files_diff
263 280 # RepoFilesView:repo_archivefile
264 281 # RepoFilesView:repo_file_raw
265 282 # GistView:*
266 283 api_access_controllers_whitelist =
267 284
268 ## Default encoding used to convert from and to unicode
269 ## can be also a comma separated list of encoding in case of mixed encodings
285 ; Default encoding used to convert from and to unicode
286 ; can be also a comma separated list of encoding in case of mixed encodings
270 287 default_encoding = UTF-8
271 288
272 ## instance-id prefix
273 ## a prefix key for this instance used for cache invalidation when running
274 ## multiple instances of RhodeCode, make sure it's globally unique for
275 ## all running RhodeCode instances. Leave empty if you don't use it
289 ; instance-id prefix
290 ; a prefix key for this instance used for cache invalidation when running
291 ; multiple instances of RhodeCode, make sure it's globally unique for
292 ; all running RhodeCode instances. Leave empty if you don't use it
276 293 instance_id =
277 294
278 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
279 ## of an authentication plugin also if it is disabled by it's settings.
280 ## This could be useful if you are unable to log in to the system due to broken
281 ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
282 ## module to log in again and fix the settings.
283 ##
284 ## Available builtin plugin IDs (hash is part of the ID):
285 ## egg:rhodecode-enterprise-ce#rhodecode
286 ## egg:rhodecode-enterprise-ce#pam
287 ## egg:rhodecode-enterprise-ce#ldap
288 ## egg:rhodecode-enterprise-ce#jasig_cas
289 ## egg:rhodecode-enterprise-ce#headers
290 ## egg:rhodecode-enterprise-ce#crowd
295 ; Fallback authentication plugin. Set this to a plugin ID to force the usage
296 ; of an authentication plugin also if it is disabled by it's settings.
297 ; This could be useful if you are unable to log in to the system due to broken
298 ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
299 ; module to log in again and fix the settings.
300 ; Available builtin plugin IDs (hash is part of the ID):
301 ; egg:rhodecode-enterprise-ce#rhodecode
302 ; egg:rhodecode-enterprise-ce#pam
303 ; egg:rhodecode-enterprise-ce#ldap
304 ; egg:rhodecode-enterprise-ce#jasig_cas
305 ; egg:rhodecode-enterprise-ce#headers
306 ; egg:rhodecode-enterprise-ce#crowd
307
291 308 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
292 309
293 ## Flag to control loading of legacy plugins in py:/path format
310 ; Flag to control loading of legacy plugins in py:/path format
294 311 auth_plugin.import_legacy_plugins = true
295 312
296 ## alternative return HTTP header for failed authentication. Default HTTP
297 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
298 ## handling that causing a series of failed authentication calls.
299 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
300 ## This will be served instead of default 401 on bad authentication
313 ; alternative return HTTP header for failed authentication. Default HTTP
314 ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
315 ; handling that causing a series of failed authentication calls.
316 ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
317 ; This will be served instead of default 401 on bad authentication
301 318 auth_ret_code =
302 319
303 ## use special detection method when serving auth_ret_code, instead of serving
304 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
305 ## and then serve auth_ret_code to clients
320 ; use special detection method when serving auth_ret_code, instead of serving
321 ; ret_code directly, use 401 initially (Which triggers credentials prompt)
322 ; and then serve auth_ret_code to clients
306 323 auth_ret_code_detection = false
307 324
308 ## locking return code. When repository is locked return this HTTP code. 2XX
309 ## codes don't break the transactions while 4XX codes do
325 ; locking return code. When repository is locked return this HTTP code. 2XX
326 ; codes don't break the transactions while 4XX codes do
310 327 lock_ret_code = 423
311 328
312 ## allows to change the repository location in settings page
329 ; allows to change the repository location in settings page
313 330 allow_repo_location_change = true
314 331
315 ## allows to setup custom hooks in settings page
332 ; allows to setup custom hooks in settings page
316 333 allow_custom_hooks_settings = true
317 334
318 ## Generated license token required for EE edition license.
319 ## New generated token value can be found in Admin > settings > license page.
335 ; Generated license token required for EE edition license.
336 ; New generated token value can be found in Admin > settings > license page.
320 337 license_token =
321 338
322 ## This flag would hide sensitive information on the license page
339 ; This flag hides sensitive information on the license page such as token, and license data
323 340 license.hide_license_info = false
324 341
325 ## supervisor connection uri, for managing supervisor and logs.
342 ; supervisor connection uri, for managing supervisor and logs.
326 343 supervisor.uri =
327 ## supervisord group name/id we only want this RC instance to handle
344
345 ; supervisord group name/id we only want this RC instance to handle
328 346 supervisor.group_id = dev
329 347
330 ## Display extended labs settings
348 ; Display extended labs settings
331 349 labs_settings_active = true
332 350
333 ## Custom exception store path, defaults to TMPDIR
334 ## This is used to store exception from RhodeCode in shared directory
351 ; Custom exception store path, defaults to TMPDIR
352 ; This is used to store exception from RhodeCode in shared directory
335 353 #exception_tracker.store_path =
336 354
337 ## File store configuration. This is used to store and serve uploaded files
355 ; File store configuration. This is used to store and serve uploaded files
338 356 file_store.enabled = true
339 ## Storage backend, available options are: local
357
358 ; Storage backend, available options are: local
340 359 file_store.backend = local
341 ## path to store the uploaded binaries
360
361 ; path to store the uploaded binaries
342 362 file_store.storage_path = %(here)s/data/file_store
343 363
344 364
345 ####################################
346 ### CELERY CONFIG ####
347 ####################################
348 ## run: /path/to/celery worker \
349 ## -E --beat --app rhodecode.lib.celerylib.loader \
350 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
351 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
365 ; #############
366 ; CELERY CONFIG
367 ; #############
368
369 ; run: /path/to/celery worker \
370 ; -E --beat --app rhodecode.lib.celerylib.loader \
371 ; --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
372 ; --loglevel DEBUG --ini /path/to/rhodecode.ini
352 373
353 374 use_celery = false
354 375
355 ## connection url to the message broker (default redis)
376 ; connection url to the message broker (default redis)
356 377 celery.broker_url = redis://localhost:6379/8
357 378
358 ## rabbitmq example
379 ; rabbitmq example
359 380 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
360 381
361 ## maximum tasks to execute before worker restart
382 ; maximum tasks to execute before worker restart
362 383 celery.max_tasks_per_child = 100
363 384
364 ## tasks will never be sent to the queue, but executed locally instead.
385 ; tasks will never be sent to the queue, but executed locally instead.
365 386 celery.task_always_eager = false
366 387
367 #####################################
368 ### DOGPILE CACHE ####
369 #####################################
370 ## Default cache dir for caches. Putting this into a ramdisk
371 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
372 ## large amount of space
388 ; #############
389 ; DOGPILE CACHE
390 ; #############
391
392 ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
393 ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
373 394 cache_dir = %(here)s/data
374 395
375 ## `cache_perms` cache settings for permission tree, auth TTL.
396 ; *********************************************
397 ; `sql_cache_short` cache for heavy SQL queries
398 ; Only supported backend is `memory_lru`
399 ; *********************************************
400 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
401 rc_cache.sql_cache_short.expiration_time = 30
402
403
404 ; *****************************************************
405 ; `cache_repo_longterm` cache for repo object instances
406 ; Only supported backend is `memory_lru`
407 ; *****************************************************
408 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
409 ; by default we use 30 Days, cache is still invalidated on push
410 rc_cache.cache_repo_longterm.expiration_time = 2592000
411 ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
412 rc_cache.cache_repo_longterm.max_size = 10000
413
414
415 ; *************************************************
416 ; `cache_perms` cache for permission tree, auth TTL
417 ; *************************************************
376 418 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
377 419 rc_cache.cache_perms.expiration_time = 300
378 420
379 ## alternative `cache_perms` redis backend with distributed lock
421 ; alternative `cache_perms` redis backend with distributed lock
380 422 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
381 423 #rc_cache.cache_perms.expiration_time = 300
382 ## redis_expiration_time needs to be greater then expiration_time
424
425 ; redis_expiration_time needs to be greater then expiration_time
383 426 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
384 #rc_cache.cache_perms.arguments.socket_timeout = 30
427
385 428 #rc_cache.cache_perms.arguments.host = localhost
386 429 #rc_cache.cache_perms.arguments.port = 6379
387 430 #rc_cache.cache_perms.arguments.db = 0
388 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
431 #rc_cache.cache_perms.arguments.socket_timeout = 30
432 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
389 433 #rc_cache.cache_perms.arguments.distributed_lock = true
390 434
391 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
435
436 ; ***************************************************
437 ; `cache_repo` cache for file tree, Readme, RSS FEEDS
438 ; ***************************************************
392 439 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
393 440 rc_cache.cache_repo.expiration_time = 2592000
394 441
395 ## alternative `cache_repo` redis backend with distributed lock
442 ; alternative `cache_repo` redis backend with distributed lock
396 443 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
397 444 #rc_cache.cache_repo.expiration_time = 2592000
398 ## redis_expiration_time needs to be greater then expiration_time
445
446 ; redis_expiration_time needs to be greater then expiration_time
399 447 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
400 #rc_cache.cache_repo.arguments.socket_timeout = 30
448
401 449 #rc_cache.cache_repo.arguments.host = localhost
402 450 #rc_cache.cache_repo.arguments.port = 6379
403 451 #rc_cache.cache_repo.arguments.db = 1
404 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
452 #rc_cache.cache_repo.arguments.socket_timeout = 30
453 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
405 454 #rc_cache.cache_repo.arguments.distributed_lock = true
406 455
407 ## cache settings for SQL queries, this needs to use memory type backend
408 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
409 rc_cache.sql_cache_short.expiration_time = 30
410 456
411 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
412 ## type backend as the objects kept are not pickle serializable
413 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
414 ## by default we use 96H, this is using invalidation on push anyway
415 rc_cache.cache_repo_longterm.expiration_time = 345600
416 ## max items in LRU cache, reduce this number to save memory, and expire last used
417 ## cached objects
418 rc_cache.cache_repo_longterm.max_size = 10000
457 ; ##############
458 ; BEAKER SESSION
459 ; ##############
419 460
420
421 ####################################
422 ### BEAKER SESSION ####
423 ####################################
424
425 ## .session.type is type of storage options for the session, current allowed
426 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
461 ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
462 ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
463 ; Fastest ones are Redis and ext:database
427 464 beaker.session.type = file
428 465 beaker.session.data_dir = %(here)s/data/sessions
429 466
430 ## redis sessions
467 ; Redis based sessions
431 468 #beaker.session.type = ext:redis
432 469 #beaker.session.url = redis://127.0.0.1:6379/2
433 470
434 ## db based session, fast, and allows easy management over logged in users
471 ; DB based session, fast, and allows easy management over logged in users
435 472 #beaker.session.type = ext:database
436 473 #beaker.session.table_name = db_session
437 474 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
438 475 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
439 476 #beaker.session.sa.pool_recycle = 3600
440 477 #beaker.session.sa.echo = false
441 478
442 479 beaker.session.key = rhodecode
443 480 beaker.session.secret = develop-rc-uytcxaz
444 481 beaker.session.lock_dir = %(here)s/data/sessions/lock
445 482
446 ## Secure encrypted cookie. Requires AES and AES python libraries
447 ## you must disable beaker.session.secret to use this
483 ; Secure encrypted cookie. Requires AES and AES python libraries
484 ; you must disable beaker.session.secret to use this
448 485 #beaker.session.encrypt_key = key_for_encryption
449 486 #beaker.session.validate_key = validation_key
450 487
451 ## sets session as invalid(also logging out user) if it haven not been
452 ## accessed for given amount of time in seconds
488 ; Sets session as invalid (also logging out user) if it haven not been
489 ; accessed for given amount of time in seconds
453 490 beaker.session.timeout = 2592000
454 491 beaker.session.httponly = true
455 ## Path to use for the cookie. Set to prefix if you use prefix middleware
492
493 ; Path to use for the cookie. Set to prefix if you use prefix middleware
456 494 #beaker.session.cookie_path = /custom_prefix
457 495
458 ## uncomment for https secure cookie
496 ; Set https secure cookie
459 497 beaker.session.secure = false
460 498
461 ## auto save the session to not to use .save()
462 beaker.session.auto = false
463
464 ## default cookie expiration time in seconds, set to `true` to set expire
465 ## at browser close
499 ; default cookie expiration time in seconds, set to `true` to set expire
500 ; at browser close
466 501 #beaker.session.cookie_expires = 3600
467 502
468 ###################################
469 ## SEARCH INDEXING CONFIGURATION ##
470 ###################################
471 ## Full text search indexer is available in rhodecode-tools under
472 ## `rhodecode-tools index` command
503 ; #############################
504 ; SEARCH INDEXING CONFIGURATION
505 ; #############################
473 506
474 ## WHOOSH Backend, doesn't require additional services to run
475 ## it works good with few dozen repos
507 ; Full text search indexer is available in rhodecode-tools under
508 ; `rhodecode-tools index` command
509
510 ; WHOOSH Backend, doesn't require additional services to run
511 ; it works good with few dozen repos
476 512 search.module = rhodecode.lib.index.whoosh
477 513 search.location = %(here)s/data/index
478 514
479 ########################################
480 ### CHANNELSTREAM CONFIG ####
481 ########################################
482 ## channelstream enables persistent connections and live notification
483 ## in the system. It's also used by the chat system
515 ; ####################
516 ; CHANNELSTREAM CONFIG
517 ; ####################
518
519 ; channelstream enables persistent connections and live notification
520 ; in the system. It's also used by the chat system
484 521
485 522 channelstream.enabled = false
486 523
487 ## server address for channelstream server on the backend
524 ; server address for channelstream server on the backend
488 525 channelstream.server = 127.0.0.1:9800
489 526
490 ## location of the channelstream server from outside world
491 ## use ws:// for http or wss:// for https. This address needs to be handled
492 ## by external HTTP server such as Nginx or Apache
493 ## see Nginx/Apache configuration examples in our docs
527 ; location of the channelstream server from outside world
528 ; use ws:// for http or wss:// for https. This address needs to be handled
529 ; by external HTTP server such as Nginx or Apache
530 ; see Nginx/Apache configuration examples in our docs
494 531 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
495 532 channelstream.secret = secret
496 533 channelstream.history.location = %(here)s/channelstream_history
497 534
498 ## Internal application path that Javascript uses to connect into.
499 ## If you use proxy-prefix the prefix should be added before /_channelstream
535 ; Internal application path that Javascript uses to connect into.
536 ; If you use proxy-prefix the prefix should be added before /_channelstream
500 537 channelstream.proxy_path = /_channelstream
501 538
502 539
503 ###################################
504 ## APPENLIGHT CONFIG ##
505 ###################################
540 ; ##############################
541 ; MAIN RHODECODE DATABASE CONFIG
542 ; ##############################
543
544 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
545 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
546 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
547 ; pymysql is an alternative driver for MySQL, use in case of problems with default one
548 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
549
550 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
551
552 ; see sqlalchemy docs for other advanced settings
553 ; print the sql statements to output
554 sqlalchemy.db1.echo = false
555
556 ; recycle the connections after this amount of seconds
557 sqlalchemy.db1.pool_recycle = 3600
558 sqlalchemy.db1.convert_unicode = true
559
560 ; the number of connections to keep open inside the connection pool.
561 ; 0 indicates no limit
562 #sqlalchemy.db1.pool_size = 5
563
564 ; The number of connections to allow in connection pool "overflow", that is
565 ; connections that can be opened above and beyond the pool_size setting,
566 ; which defaults to five.
567 #sqlalchemy.db1.max_overflow = 10
568
569 ; Connection check ping, used to detect broken database connections
570 ; could be enabled to better handle cases if MySQL has gone away errors
571 #sqlalchemy.db1.ping_connection = true
572
573 ; ##########
574 ; VCS CONFIG
575 ; ##########
576 vcs.server.enable = true
577 vcs.server = localhost:9900
578
579 ; Web server connectivity protocol, responsible for web based VCS operations
580 ; Available protocols are:
581 ; `http` - use http-rpc backend (default)
582 vcs.server.protocol = http
583
584 ; Push/Pull operations protocol, available options are:
585 ; `http` - use http-rpc backend (default)
586 vcs.scm_app_implementation = http
587
588 ; Push/Pull operations hooks protocol, available options are:
589 ; `http` - use http-rpc backend (default)
590 vcs.hooks.protocol = http
591
592 ; Host on which this instance is listening for hooks. If vcsserver is in other location
593 ; this should be adjusted.
594 vcs.hooks.host = 127.0.0.1
595
596 ; Start VCSServer with this instance as a subprocess, useful for development
597 vcs.start_server = false
598
599 ; List of enabled VCS backends, available options are:
600 ; `hg` - mercurial
601 ; `git` - git
602 ; `svn` - subversion
603 vcs.backends = hg, git, svn
604
605 ; Wait this number of seconds before killing connection to the vcsserver
606 vcs.connection_timeout = 3600
607
608 ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
609 ; Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
610 #vcs.svn.compatible_version = pre-1.8-compatible
611
506 612
507 ## Appenlight is tailored to work with RhodeCode, see
508 ## http://appenlight.com for details how to obtain an account
613 ; ####################################################
614 ; Subversion proxy support (mod_dav_svn)
615 ; Maps RhodeCode repo groups into SVN paths for Apache
616 ; ####################################################
617
618 ; Enable or disable the config file generation.
619 svn.proxy.generate_config = false
620
621 ; Generate config file with `SVNListParentPath` set to `On`.
622 svn.proxy.list_parent_path = true
623
624 ; Set location and file name of generated config file.
625 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
626
627 ; alternative mod_dav config template. This needs to be a valid mako template
628 ; Example template can be found in the source code:
629 ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
630 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
631
632 ; Used as a prefix to the `Location` block in the generated config file.
633 ; In most cases it should be set to `/`.
634 svn.proxy.location_root = /
635
636 ; Command to reload the mod dav svn configuration on change.
637 ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
638 ; Make sure user who runs RhodeCode process is allowed to reload Apache
639 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
640
641 ; If the timeout expires before the reload command finishes, the command will
642 ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
643 #svn.proxy.reload_timeout = 10
644
645 ; ####################
646 ; SSH Support Settings
647 ; ####################
509 648
510 ## Appenlight integration enabled
649 ; Defines if a custom authorized_keys file should be created and written on
650 ; any change user ssh keys. Setting this to false also disables possibility
651 ; of adding SSH keys by users from web interface. Super admins can still
652 ; manage SSH Keys.
653 ssh.generate_authorized_keyfile = false
654
655 ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
656 # ssh.authorized_keys_ssh_opts =
657
658 ; Path to the authorized_keys file where the generate entries are placed.
659 ; It is possible to have multiple key files specified in `sshd_config` e.g.
660 ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
661 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
662
663 ; Command to execute the SSH wrapper. The binary is available in the
664 ; RhodeCode installation directory.
665 ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
666 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
667
668 ; Allow shell when executing the ssh-wrapper command
669 ssh.wrapper_cmd_allow_shell = false
670
671 ; Enables logging, and detailed output send back to the client during SSH
672 ; operations. Useful for debugging, shouldn't be used in production.
673 ssh.enable_debug_logging = true
674
675 ; Paths to binary executable, by default they are the names, but we can
676 ; override them if we want to use a custom one
677 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
678 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
679 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
680
681 ; Enables SSH key generator web interface. Disabling this still allows users
682 ; to add their own keys.
683 ssh.enable_ui_key_generator = true
684
685
686 ; #################
687 ; APPENLIGHT CONFIG
688 ; #################
689
690 ; Appenlight is tailored to work with RhodeCode, see
691 ; http://appenlight.rhodecode.com for details how to obtain an account
692
693 ; Appenlight integration enabled
511 694 appenlight = false
512 695
513 696 appenlight.server_url = https://api.appenlight.com
514 697 appenlight.api_key = YOUR_API_KEY
515 698 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
516 699
517 ## used for JS client
700 ; used for JS client
518 701 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
519 702
520 ## TWEAK AMOUNT OF INFO SENT HERE
703 ; TWEAK AMOUNT OF INFO SENT HERE
521 704
522 ## enables 404 error logging (default False)
705 ; enables 404 error logging (default False)
523 706 appenlight.report_404 = false
524 707
525 ## time in seconds after request is considered being slow (default 1)
708 ; time in seconds after request is considered being slow (default 1)
526 709 appenlight.slow_request_time = 1
527 710
528 ## record slow requests in application
529 ## (needs to be enabled for slow datastore recording and time tracking)
711 ; record slow requests in application
712 ; (needs to be enabled for slow datastore recording and time tracking)
530 713 appenlight.slow_requests = true
531 714
532 ## enable hooking to application loggers
715 ; enable hooking to application loggers
533 716 appenlight.logging = true
534 717
535 ## minimum log level for log capture
718 ; minimum log level for log capture
536 719 appenlight.logging.level = WARNING
537 720
538 ## send logs only from erroneous/slow requests
539 ## (saves API quota for intensive logging)
721 ; send logs only from erroneous/slow requests
722 ; (saves API quota for intensive logging)
540 723 appenlight.logging_on_error = false
541 724
542 ## list of additional keywords that should be grabbed from environ object
543 ## can be string with comma separated list of words in lowercase
544 ## (by default client will always send following info:
545 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
546 ## start with HTTP* this list be extended with additional keywords here
725 ; list of additional keywords that should be grabbed from environ object
726 ; can be string with comma separated list of words in lowercase
727 ; (by default client will always send following info:
728 ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
729 ; start with HTTP* this list be extended with additional keywords here
547 730 appenlight.environ_keys_whitelist =
548 731
549 ## list of keywords that should be blanked from request object
550 ## can be string with comma separated list of words in lowercase
551 ## (by default client will always blank keys that contain following words
552 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
553 ## this list be extended with additional keywords set here
732 ; list of keywords that should be blanked from request object
733 ; can be string with comma separated list of words in lowercase
734 ; (by default client will always blank keys that contain following words
735 ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
736 ; this list be extended with additional keywords set here
554 737 appenlight.request_keys_blacklist =
555 738
556 ## list of namespaces that should be ignores when gathering log entries
557 ## can be string with comma separated list of namespaces
558 ## (by default the client ignores own entries: appenlight_client.client)
739 ; list of namespaces that should be ignores when gathering log entries
740 ; can be string with comma separated list of namespaces
741 ; (by default the client ignores own entries: appenlight_client.client)
559 742 appenlight.log_namespace_blacklist =
560 743
561 # enable debug style page
562 debug_style = true
563
564 ###########################################
565 ### MAIN RHODECODE DATABASE CONFIG ###
566 ###########################################
567 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
568 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
569 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
570 # pymysql is an alternative driver for MySQL, use in case of problems with default one
571 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
572
573 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
574
575 # see sqlalchemy docs for other advanced settings
576
577 ## print the sql statements to output
578 sqlalchemy.db1.echo = false
579 ## recycle the connections after this amount of seconds
580 sqlalchemy.db1.pool_recycle = 3600
581
582 ## the number of connections to keep open inside the connection pool.
583 ## 0 indicates no limit
584 #sqlalchemy.db1.pool_size = 5
585
586 ## the number of connections to allow in connection pool "overflow", that is
587 ## connections that can be opened above and beyond the pool_size setting,
588 ## which defaults to five.
589 #sqlalchemy.db1.max_overflow = 10
590
591 ## Connection check ping, used to detect broken database connections
592 ## could be enabled to better handle cases if MySQL has gone away errors
593 #sqlalchemy.db1.ping_connection = true
594
595 ##################
596 ### VCS CONFIG ###
597 ##################
598 vcs.server.enable = true
599 vcs.server = localhost:9900
600
601 ## Web server connectivity protocol, responsible for web based VCS operations
602 ## Available protocols are:
603 ## `http` - use http-rpc backend (default)
604 vcs.server.protocol = http
605
606 ## Push/Pull operations protocol, available options are:
607 ## `http` - use http-rpc backend (default)
608 vcs.scm_app_implementation = http
609
610 ## Push/Pull operations hooks protocol, available options are:
611 ## `http` - use http-rpc backend (default)
612 vcs.hooks.protocol = http
613
614 ## Host on which this instance is listening for hooks. If vcsserver is in other location
615 ## this should be adjusted.
616 vcs.hooks.host = 127.0.0.1
617
618 vcs.server.log_level = debug
619 ## Start VCSServer with this instance as a subprocess, useful for development
620 vcs.start_server = false
621
622 ## List of enabled VCS backends, available options are:
623 ## `hg` - mercurial
624 ## `git` - git
625 ## `svn` - subversion
626 vcs.backends = hg, git, svn
627
628 vcs.connection_timeout = 3600
629 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
630 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
631 #vcs.svn.compatible_version = pre-1.8-compatible
632
633
634 ############################################################
635 ### Subversion proxy support (mod_dav_svn) ###
636 ### Maps RhodeCode repo groups into SVN paths for Apache ###
637 ############################################################
638 ## Enable or disable the config file generation.
639 svn.proxy.generate_config = false
640 ## Generate config file with `SVNListParentPath` set to `On`.
641 svn.proxy.list_parent_path = true
642 ## Set location and file name of generated config file.
643 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
644 ## alternative mod_dav config template. This needs to be a mako template
645 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
646 ## Used as a prefix to the `Location` block in the generated config file.
647 ## In most cases it should be set to `/`.
648 svn.proxy.location_root = /
649 ## Command to reload the mod dav svn configuration on change.
650 ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
651 ## Make sure user who runs RhodeCode process is allowed to reload Apache
652 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
653 ## If the timeout expires before the reload command finishes, the command will
654 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
655 #svn.proxy.reload_timeout = 10
656
657 ############################################################
658 ### SSH Support Settings ###
659 ############################################################
660
661 ## Defines if a custom authorized_keys file should be created and written on
662 ## any change user ssh keys. Setting this to false also disables possibility
663 ## of adding SSH keys by users from web interface. Super admins can still
664 ## manage SSH Keys.
665 ssh.generate_authorized_keyfile = false
666
667 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
668 # ssh.authorized_keys_ssh_opts =
669
670 ## Path to the authorized_keys file where the generate entries are placed.
671 ## It is possible to have multiple key files specified in `sshd_config` e.g.
672 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
673 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
674
675 ## Command to execute the SSH wrapper. The binary is available in the
676 ## RhodeCode installation directory.
677 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
678 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
679
680 ## Allow shell when executing the ssh-wrapper command
681 ssh.wrapper_cmd_allow_shell = false
682
683 ## Enables logging, and detailed output send back to the client during SSH
684 ## operations. Useful for debugging, shouldn't be used in production.
685 ssh.enable_debug_logging = true
686
687 ## Paths to binary executable, by default they are the names, but we can
688 ## override them if we want to use a custom one
689 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
690 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
691 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
692
693 ## Enables SSH key generator web interface. Disabling this still allows users
694 ## to add their own keys.
695 ssh.enable_ui_key_generator = true
696
697
698 ## Dummy marker to add new entries after.
699 ## Add any custom entries below. Please don't remove.
744 ; Dummy marker to add new entries after.
745 ; Add any custom entries below. Please don't remove this marker.
700 746 custom.conf = 1
701 747
702 748
703 ################################
704 ### LOGGING CONFIGURATION ####
705 ################################
749 ; #####################
750 ; LOGGING CONFIGURATION
751 ; #####################
706 752 [loggers]
707 753 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
708 754
709 755 [handlers]
710 756 keys = console, console_sql
711 757
712 758 [formatters]
713 759 keys = generic, color_formatter, color_formatter_sql
714 760
715 #############
716 ## LOGGERS ##
717 #############
761 ; #######
762 ; LOGGERS
763 ; #######
718 764 [logger_root]
719 765 level = NOTSET
720 766 handlers = console
721 767
722 768 [logger_sqlalchemy]
723 769 level = INFO
724 770 handlers = console_sql
725 771 qualname = sqlalchemy.engine
726 772 propagate = 0
727 773
728 774 [logger_beaker]
729 775 level = DEBUG
730 776 handlers =
731 777 qualname = beaker.container
732 778 propagate = 1
733 779
734 780 [logger_rhodecode]
735 781 level = DEBUG
736 782 handlers =
737 783 qualname = rhodecode
738 784 propagate = 1
739 785
740 786 [logger_ssh_wrapper]
741 787 level = DEBUG
742 788 handlers =
743 789 qualname = ssh_wrapper
744 790 propagate = 1
745 791
746 792 [logger_celery]
747 793 level = DEBUG
748 794 handlers =
749 795 qualname = celery
750 796
751 797
752 ##############
753 ## HANDLERS ##
754 ##############
798 ; ########
799 ; HANDLERS
800 ; ########
755 801
756 802 [handler_console]
757 803 class = StreamHandler
758 804 args = (sys.stderr, )
759 805 level = DEBUG
760 806 formatter = color_formatter
761 807
762 808 [handler_console_sql]
763 # "level = DEBUG" logs SQL queries and results.
764 # "level = INFO" logs SQL queries.
765 # "level = WARN" logs neither. (Recommended for production systems.)
809 ; "level = DEBUG" logs SQL queries and results.
810 ; "level = INFO" logs SQL queries.
811 ; "level = WARN" logs neither. (Recommended for production systems.)
766 812 class = StreamHandler
767 813 args = (sys.stderr, )
768 814 level = WARN
769 815 formatter = color_formatter_sql
770 816
771 ################
772 ## FORMATTERS ##
773 ################
817 ; ##########
818 ; FORMATTERS
819 ; ##########
774 820
775 821 [formatter_generic]
776 822 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
777 823 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
778 824 datefmt = %Y-%m-%d %H:%M:%S
779 825
780 826 [formatter_color_formatter]
781 827 class = rhodecode.lib.logging_formatter.ColorFormatter
782 828 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
783 829 datefmt = %Y-%m-%d %H:%M:%S
784 830
785 831 [formatter_color_formatter_sql]
786 832 class = rhodecode.lib.logging_formatter.ColorFormatterSql
787 833 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
788 834 datefmt = %Y-%m-%d %H:%M:%S
This diff has been collapsed as it changes many lines, (875 lines changed) Show them Hide them
@@ -1,765 +1,780 b''
1
1 ## -*- coding: utf-8 -*-
2 2
3 ################################################################################
4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 ################################################################################
3 ; #########################################
4 ; RHODECODE COMMUNITY EDITION CONFIGURATION
5 ; #########################################
6 6
7 7 [DEFAULT]
8 ## Debug flag sets all loggers to debug, and enables request tracking
8 ; Debug flag sets all loggers to debug, and enables request tracking
9 9 debug = false
10 10
11 ################################################################################
12 ## EMAIL CONFIGURATION ##
13 ## Uncomment and replace with the email address which should receive ##
14 ## any error reports after an application crash ##
15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 ################################################################################
11 ; ########################################################################
12 ; EMAIL CONFIGURATION
13 ; These settings will be used by the RhodeCode mailing system
14 ; ########################################################################
17 15
18 ## prefix all emails subjects with given prefix, helps filtering out emails
16 ; prefix all emails subjects with given prefix, helps filtering out emails
19 17 #email_prefix = [RhodeCode]
20 18
21 ## email FROM address all mails will be sent
19 ; email FROM address all mails will be sent
22 20 #app_email_from = rhodecode-noreply@localhost
23 21
24 22 #smtp_server = mail.server.com
25 23 #smtp_username =
26 24 #smtp_password =
27 25 #smtp_port =
28 26 #smtp_use_tls = false
29 27 #smtp_use_ssl = true
30 28
31 29 [server:main]
32 ## COMMON ##
30 ; COMMON HOST/IP CONFIG
33 31 host = 127.0.0.1
34 32 port = 5000
35 33
36 ###########################################################
37 ## WAITRESS WSGI SERVER - Recommended for Development ####
38 ###########################################################
39 34
40 #use = egg:waitress#main
41 ## number of worker threads
42 #threads = 5
43 ## MAX BODY SIZE 100GB
44 #max_request_body_size = 107374182400
45 ## Use poll instead of select, fixes file descriptors limits problems.
46 ## May not work on old windows systems.
47 #asyncore_use_poll = true
35 ; ###########################
36 ; GUNICORN APPLICATION SERVER
37 ; ###########################
48 38
39 ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
49 40
50 ##########################
51 ## GUNICORN WSGI SERVER ##
52 ##########################
53 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
54
41 ; Module to use, this setting shouldn't be changed
55 42 use = egg:gunicorn#main
56 ## Sets the number of process workers. More workers means more concurrent connections
57 ## RhodeCode can handle at the same time. Each additional worker also it increases
58 ## memory usage as each has it's own set of caches.
59 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
60 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
61 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
62 ## when using more than 1 worker.
43
44 ; Sets the number of process workers. More workers means more concurrent connections
45 ; RhodeCode can handle at the same time. Each additional worker also it increases
46 ; memory usage as each has it's own set of caches.
47 ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
48 ; than 8-10 unless for really big deployments .e.g 700-1000 users.
49 ; `instance_id = *` must be set in the [app:main] section below (which is the default)
50 ; when using more than 1 worker.
63 51 workers = 2
64 52
65 ## Gunicorn access log level
53 ; Gunicorn access log level
66 54 loglevel = info
67 55
68 ## process name visible in process list
56 ; Process name visible in process list
69 57 proc_name = rhodecode
70 58
71 ## type of worker class, one of sync, gevent
72 ## recommended for bigger setup is using of of other than sync one
59 ; Type of worker class, one of `sync`, `gevent`
60 ; Recommended type is `gevent`
73 61 worker_class = gevent
74 62
75 ## The maximum number of simultaneous clients. Valid only for Gevent
63 ; The maximum number of simultaneous clients per worker. Valid only for gevent
76 64 worker_connections = 10
77 65
78 ## max number of requests that worker will handle before being gracefully
79 ## restarted, could prevent memory leaks
66 ; Max number of requests that worker will handle before being gracefully restarted.
67 ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
80 68 max_requests = 1000
81 69 max_requests_jitter = 30
82 70
83 ## amount of time a worker can spend with handling a request before it
84 ## gets killed and restarted. Set to 6hrs
71 ; Amount of time a worker can spend with handling a request before it
72 ; gets killed and restarted. By default set to 21600 (6hrs)
73 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
85 74 timeout = 21600
86 75
87 ## The maximum size of HTTP request line in bytes.
88 ## 0 for unlimited
76 ; The maximum size of HTTP request line in bytes.
77 ; 0 for unlimited
89 78 limit_request_line = 0
90 79
91 ## Limit the number of HTTP headers fields in a request.
92 ## By default this value is 100 and can't be larger than 32768.
80 ; Limit the number of HTTP headers fields in a request.
81 ; By default this value is 100 and can't be larger than 32768.
93 82 limit_request_fields = 32768
94 83
95 ## Limit the allowed size of an HTTP request header field.
96 ## Value is a positive number or 0.
97 ## Setting it to 0 will allow unlimited header field sizes.
84 ; Limit the allowed size of an HTTP request header field.
85 ; Value is a positive number or 0.
86 ; Setting it to 0 will allow unlimited header field sizes.
98 87 limit_request_field_size = 0
99 88
100 ## Timeout for graceful workers restart.
101 ## After receiving a restart signal, workers have this much time to finish
102 ## serving requests. Workers still alive after the timeout (starting from the
103 ## receipt of the restart signal) are force killed.
89 ; Timeout for graceful workers restart.
90 ; After receiving a restart signal, workers have this much time to finish
91 ; serving requests. Workers still alive after the timeout (starting from the
92 ; receipt of the restart signal) are force killed.
93 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
104 94 graceful_timeout = 3600
105 95
106 96 # The number of seconds to wait for requests on a Keep-Alive connection.
107 97 # Generally set in the 1-5 seconds range.
108 98 keepalive = 2
109 99
110 ## Maximum memory usage that each worker can use before it will receive a
111 ## graceful restart signal, e.g 10MB = 10485760 (10 * 1024 * 1024)
112 # 0 = memory monitoring is disabled
100 ; Maximum memory usage that each worker can use before it will receive a
101 ; graceful restart signal 0 = memory monitoring is disabled
102 ; Examples: 268435456 (256MB), 536870912 (512MB)
103 ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
113 104 memory_max_usage = 0
114 105
115 ## How often in seconds to check for memory usage for each gunicorn worker
106 ; How often in seconds to check for memory usage for each gunicorn worker
116 107 memory_usage_check_interval = 60
117 108
118 ## Threshold value for which we don't recycle worker if GarbageCollection
119 ## frees up enough resources. Before each restart we try to run GC on worker
120 ## in case we get enough free memory after that, restart will not happen.
109 ; Threshold value for which we don't recycle worker if GarbageCollection
110 ; frees up enough resources. Before each restart we try to run GC on worker
111 ; in case we get enough free memory after that, restart will not happen.
121 112 memory_usage_recovery_threshold = 0.8
122 113
123 ## prefix middleware for RhodeCode.
124 ## recommended when using proxy setup.
125 ## allows to set RhodeCode under a prefix in server.
126 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
127 ## And set your prefix like: `prefix = /custom_prefix`
128 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
129 ## to make your cookies only work on prefix url
114
115 ; Prefix middleware for RhodeCode.
116 ; recommended when using proxy setup.
117 ; allows to set RhodeCode under a prefix in server.
118 ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
119 ; And set your prefix like: `prefix = /custom_prefix`
120 ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
121 ; to make your cookies only work on prefix url
130 122 [filter:proxy-prefix]
131 123 use = egg:PasteDeploy#prefix
132 124 prefix = /
133 125
134 126 [app:main]
135 ## The %(here)s variable will be replaced with the absolute path of parent directory
136 ## of this file
137 ## In addition ENVIRONMENT variables usage is possible, e.g
138 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
127 ; The %(here)s variable will be replaced with the absolute path of parent directory
128 ; of this file
129 ; In addition ENVIRONMENT variables usage is possible, e.g
130 ; sqlalchemy.db1.url = {ENV_RC_DB_URL}
139 131
140 132 use = egg:rhodecode-enterprise-ce
141 133
142 ## enable proxy prefix middleware, defined above
134 ; enable proxy prefix middleware, defined above
143 135 #filter-with = proxy-prefix
144 136
145 ## encryption key used to encrypt social plugin tokens,
146 ## remote_urls with credentials etc, if not set it defaults to
147 ## `beaker.session.secret`
137 ; encryption key used to encrypt social plugin tokens,
138 ; remote_urls with credentials etc, if not set it defaults to
139 ; `beaker.session.secret`
148 140 #rhodecode.encrypted_values.secret =
149 141
150 ## decryption strict mode (enabled by default). It controls if decryption raises
151 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
142 ; decryption strict mode (enabled by default). It controls if decryption raises
143 ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
152 144 #rhodecode.encrypted_values.strict = false
153 145
154 ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
155 ## fernet is safer, and we strongly recommend switching to it.
156 ## Due to backward compatibility aes is used as default.
146 ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
147 ; fernet is safer, and we strongly recommend switching to it.
148 ; Due to backward compatibility aes is used as default.
157 149 #rhodecode.encrypted_values.algorithm = fernet
158 150
159 ## return gzipped responses from RhodeCode (static files/application)
151 ; Return gzipped responses from RhodeCode (static files/application)
160 152 gzip_responses = false
161 153
162 ## auto-generate javascript routes file on startup
154 ; Auto-generate javascript routes file on startup
163 155 generate_js_files = false
164 156
165 ## System global default language.
166 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
157 ; System global default language.
158 ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
167 159 lang = en
168 160
169 ## Perform a full repository scan and import on each server start.
170 ## Settings this to true could lead to very long startup time.
161 ; Perform a full repository scan and import on each server start.
162 ; Settings this to true could lead to very long startup time.
171 163 startup.import_repos = false
172 164
173 ## Uncomment and set this path to use archive download cache.
174 ## Once enabled, generated archives will be cached at this location
175 ## and served from the cache during subsequent requests for the same archive of
176 ## the repository.
165 ; Uncomment and set this path to use archive download cache.
166 ; Once enabled, generated archives will be cached at this location
167 ; and served from the cache during subsequent requests for the same archive of
168 ; the repository.
177 169 #archive_cache_dir = /tmp/tarballcache
178 170
179 ## URL at which the application is running. This is used for Bootstrapping
180 ## requests in context when no web request is available. Used in ishell, or
181 ## SSH calls. Set this for events to receive proper url for SSH calls.
171 ; URL at which the application is running. This is used for Bootstrapping
172 ; requests in context when no web request is available. Used in ishell, or
173 ; SSH calls. Set this for events to receive proper url for SSH calls.
182 174 app.base_url = http://rhodecode.local
183 175
184 ## Unique application ID. Should be a random unique string for security.
176 ; Unique application ID. Should be a random unique string for security.
185 177 app_instance_uuid = rc-production
186 178
187 ## Cut off limit for large diffs (size in bytes). If overall diff size on
188 ## commit, or pull request exceeds this limit this diff will be displayed
189 ## partially. E.g 512000 == 512Kb
179 ; Cut off limit for large diffs (size in bytes). If overall diff size on
180 ; commit, or pull request exceeds this limit this diff will be displayed
181 ; partially. E.g 512000 == 512Kb
190 182 cut_off_limit_diff = 512000
191 183
192 ## Cut off limit for large files inside diffs (size in bytes). Each individual
193 ## file inside diff which exceeds this limit will be displayed partially.
194 ## E.g 128000 == 128Kb
184 ; Cut off limit for large files inside diffs (size in bytes). Each individual
185 ; file inside diff which exceeds this limit will be displayed partially.
186 ; E.g 128000 == 128Kb
195 187 cut_off_limit_file = 128000
196 188
197 ## use cached version of vcs repositories everywhere. Recommended to be `true`
189 ; Use cached version of vcs repositories everywhere. Recommended to be `true`
198 190 vcs_full_cache = true
199 191
200 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
201 ## Normally this is controlled by proper http flags sent from http server
192 ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
193 ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
202 194 force_https = false
203 195
204 ## use Strict-Transport-Security headers
196 ; use Strict-Transport-Security headers
205 197 use_htsts = false
206 198
207 # Set to true if your repos are exposed using the dumb protocol
199 ; Set to true if your repos are exposed using the dumb protocol
208 200 git_update_server_info = false
209 201
210 ## RSS/ATOM feed options
202 ; RSS/ATOM feed options
211 203 rss_cut_off_limit = 256000
212 204 rss_items_per_page = 10
213 205 rss_include_diff = false
214 206
215 ## gist URL alias, used to create nicer urls for gist. This should be an
216 ## url that does rewrites to _admin/gists/{gistid}.
217 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
218 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
207 ; gist URL alias, used to create nicer urls for gist. This should be an
208 ; url that does rewrites to _admin/gists/{gistid}.
209 ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
210 ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
219 211 gist_alias_url =
220 212
221 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
222 ## used for access.
223 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
224 ## came from the the logged in user who own this authentication token.
225 ## Additionally @TOKEN syntax can be used to bound the view to specific
226 ## authentication token. Such view would be only accessible when used together
227 ## with this authentication token
228 ##
229 ## list of all views can be found under `/_admin/permissions/auth_token_access`
230 ## The list should be "," separated and on a single line.
231 ##
232 ## Most common views to enable:
213 ; List of views (using glob pattern syntax) that AUTH TOKENS could be
214 ; used for access.
215 ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
216 ; came from the the logged in user who own this authentication token.
217 ; Additionally @TOKEN syntax can be used to bound the view to specific
218 ; authentication token. Such view would be only accessible when used together
219 ; with this authentication token
220 ; list of all views can be found under `/_admin/permissions/auth_token_access`
221 ; The list should be "," separated and on a single line.
222 ; Most common views to enable:
223
233 224 # RepoCommitsView:repo_commit_download
234 225 # RepoCommitsView:repo_commit_patch
235 226 # RepoCommitsView:repo_commit_raw
236 227 # RepoCommitsView:repo_commit_raw@TOKEN
237 228 # RepoFilesView:repo_files_diff
238 229 # RepoFilesView:repo_archivefile
239 230 # RepoFilesView:repo_file_raw
240 231 # GistView:*
241 232 api_access_controllers_whitelist =
242 233
243 ## Default encoding used to convert from and to unicode
244 ## can be also a comma separated list of encoding in case of mixed encodings
234 ; Default encoding used to convert from and to unicode
235 ; can be also a comma separated list of encoding in case of mixed encodings
245 236 default_encoding = UTF-8
246 237
247 ## instance-id prefix
248 ## a prefix key for this instance used for cache invalidation when running
249 ## multiple instances of RhodeCode, make sure it's globally unique for
250 ## all running RhodeCode instances. Leave empty if you don't use it
238 ; instance-id prefix
239 ; a prefix key for this instance used for cache invalidation when running
240 ; multiple instances of RhodeCode, make sure it's globally unique for
241 ; all running RhodeCode instances. Leave empty if you don't use it
251 242 instance_id =
252 243
253 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
254 ## of an authentication plugin also if it is disabled by it's settings.
255 ## This could be useful if you are unable to log in to the system due to broken
256 ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
257 ## module to log in again and fix the settings.
258 ##
259 ## Available builtin plugin IDs (hash is part of the ID):
260 ## egg:rhodecode-enterprise-ce#rhodecode
261 ## egg:rhodecode-enterprise-ce#pam
262 ## egg:rhodecode-enterprise-ce#ldap
263 ## egg:rhodecode-enterprise-ce#jasig_cas
264 ## egg:rhodecode-enterprise-ce#headers
265 ## egg:rhodecode-enterprise-ce#crowd
244 ; Fallback authentication plugin. Set this to a plugin ID to force the usage
245 ; of an authentication plugin also if it is disabled by it's settings.
246 ; This could be useful if you are unable to log in to the system due to broken
247 ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
248 ; module to log in again and fix the settings.
249 ; Available builtin plugin IDs (hash is part of the ID):
250 ; egg:rhodecode-enterprise-ce#rhodecode
251 ; egg:rhodecode-enterprise-ce#pam
252 ; egg:rhodecode-enterprise-ce#ldap
253 ; egg:rhodecode-enterprise-ce#jasig_cas
254 ; egg:rhodecode-enterprise-ce#headers
255 ; egg:rhodecode-enterprise-ce#crowd
256
266 257 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
267 258
268 ## Flag to control loading of legacy plugins in py:/path format
259 ; Flag to control loading of legacy plugins in py:/path format
269 260 auth_plugin.import_legacy_plugins = true
270 261
271 ## alternative return HTTP header for failed authentication. Default HTTP
272 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
273 ## handling that causing a series of failed authentication calls.
274 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
275 ## This will be served instead of default 401 on bad authentication
262 ; alternative return HTTP header for failed authentication. Default HTTP
263 ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
264 ; handling that causing a series of failed authentication calls.
265 ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
266 ; This will be served instead of default 401 on bad authentication
276 267 auth_ret_code =
277 268
278 ## use special detection method when serving auth_ret_code, instead of serving
279 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
280 ## and then serve auth_ret_code to clients
269 ; use special detection method when serving auth_ret_code, instead of serving
270 ; ret_code directly, use 401 initially (Which triggers credentials prompt)
271 ; and then serve auth_ret_code to clients
281 272 auth_ret_code_detection = false
282 273
283 ## locking return code. When repository is locked return this HTTP code. 2XX
284 ## codes don't break the transactions while 4XX codes do
274 ; locking return code. When repository is locked return this HTTP code. 2XX
275 ; codes don't break the transactions while 4XX codes do
285 276 lock_ret_code = 423
286 277
287 ## allows to change the repository location in settings page
278 ; allows to change the repository location in settings page
288 279 allow_repo_location_change = true
289 280
290 ## allows to setup custom hooks in settings page
281 ; allows to setup custom hooks in settings page
291 282 allow_custom_hooks_settings = true
292 283
293 ## Generated license token required for EE edition license.
294 ## New generated token value can be found in Admin > settings > license page.
284 ; Generated license token required for EE edition license.
285 ; New generated token value can be found in Admin > settings > license page.
295 286 license_token =
296 287
297 ## This flag would hide sensitive information on the license page
288 ; This flag hides sensitive information on the license page such as token, and license data
298 289 license.hide_license_info = false
299 290
300 ## supervisor connection uri, for managing supervisor and logs.
291 ; supervisor connection uri, for managing supervisor and logs.
301 292 supervisor.uri =
302 ## supervisord group name/id we only want this RC instance to handle
293
294 ; supervisord group name/id we only want this RC instance to handle
303 295 supervisor.group_id = prod
304 296
305 ## Display extended labs settings
297 ; Display extended labs settings
306 298 labs_settings_active = true
307 299
308 ## Custom exception store path, defaults to TMPDIR
309 ## This is used to store exception from RhodeCode in shared directory
300 ; Custom exception store path, defaults to TMPDIR
301 ; This is used to store exception from RhodeCode in shared directory
310 302 #exception_tracker.store_path =
311 303
312 ## File store configuration. This is used to store and serve uploaded files
304 ; File store configuration. This is used to store and serve uploaded files
313 305 file_store.enabled = true
314 ## Storage backend, available options are: local
306
307 ; Storage backend, available options are: local
315 308 file_store.backend = local
316 ## path to store the uploaded binaries
309
310 ; path to store the uploaded binaries
317 311 file_store.storage_path = %(here)s/data/file_store
318 312
319 313
320 ####################################
321 ### CELERY CONFIG ####
322 ####################################
323 ## run: /path/to/celery worker \
324 ## -E --beat --app rhodecode.lib.celerylib.loader \
325 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
326 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
314 ; #############
315 ; CELERY CONFIG
316 ; #############
317
318 ; manually run celery: /path/to/celery worker -E --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
327 319
328 320 use_celery = false
329 321
330 ## connection url to the message broker (default redis)
322 ; connection url to the message broker (default redis)
331 323 celery.broker_url = redis://localhost:6379/8
332 324
333 ## rabbitmq example
325 ; rabbitmq example
334 326 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
335 327
336 ## maximum tasks to execute before worker restart
328 ; maximum tasks to execute before worker restart
337 329 celery.max_tasks_per_child = 100
338 330
339 ## tasks will never be sent to the queue, but executed locally instead.
331 ; tasks will never be sent to the queue, but executed locally instead.
340 332 celery.task_always_eager = false
341 333
342 #####################################
343 ### DOGPILE CACHE ####
344 #####################################
345 ## Default cache dir for caches. Putting this into a ramdisk
346 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
347 ## large amount of space
334 ; #############
335 ; DOGPILE CACHE
336 ; #############
337
338 ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
339 ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
348 340 cache_dir = %(here)s/data
349 341
350 ## `cache_perms` cache settings for permission tree, auth TTL.
342 ; *********************************************
343 ; `sql_cache_short` cache for heavy SQL queries
344 ; Only supported backend is `memory_lru`
345 ; *********************************************
346 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
347 rc_cache.sql_cache_short.expiration_time = 30
348
349
350 ; *****************************************************
351 ; `cache_repo_longterm` cache for repo object instances
352 ; Only supported backend is `memory_lru`
353 ; *****************************************************
354 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
355 ; by default we use 30 Days, cache is still invalidated on push
356 rc_cache.cache_repo_longterm.expiration_time = 2592000
357 ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
358 rc_cache.cache_repo_longterm.max_size = 10000
359
360
361 ; *************************************************
362 ; `cache_perms` cache for permission tree, auth TTL
363 ; *************************************************
351 364 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
352 365 rc_cache.cache_perms.expiration_time = 300
353 366
354 ## alternative `cache_perms` redis backend with distributed lock
367 ; alternative `cache_perms` redis backend with distributed lock
355 368 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
356 369 #rc_cache.cache_perms.expiration_time = 300
357 ## redis_expiration_time needs to be greater then expiration_time
370
371 ; redis_expiration_time needs to be greater then expiration_time
358 372 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
359 #rc_cache.cache_perms.arguments.socket_timeout = 30
373
360 374 #rc_cache.cache_perms.arguments.host = localhost
361 375 #rc_cache.cache_perms.arguments.port = 6379
362 376 #rc_cache.cache_perms.arguments.db = 0
363 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
377 #rc_cache.cache_perms.arguments.socket_timeout = 30
378 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
364 379 #rc_cache.cache_perms.arguments.distributed_lock = true
365 380
366 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
381
382 ; ***************************************************
383 ; `cache_repo` cache for file tree, Readme, RSS FEEDS
384 ; ***************************************************
367 385 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
368 386 rc_cache.cache_repo.expiration_time = 2592000
369 387
370 ## alternative `cache_repo` redis backend with distributed lock
388 ; alternative `cache_repo` redis backend with distributed lock
371 389 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
372 390 #rc_cache.cache_repo.expiration_time = 2592000
373 ## redis_expiration_time needs to be greater then expiration_time
391
392 ; redis_expiration_time needs to be greater then expiration_time
374 393 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
375 #rc_cache.cache_repo.arguments.socket_timeout = 30
394
376 395 #rc_cache.cache_repo.arguments.host = localhost
377 396 #rc_cache.cache_repo.arguments.port = 6379
378 397 #rc_cache.cache_repo.arguments.db = 1
379 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
398 #rc_cache.cache_repo.arguments.socket_timeout = 30
399 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
380 400 #rc_cache.cache_repo.arguments.distributed_lock = true
381 401
382 ## cache settings for SQL queries, this needs to use memory type backend
383 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
384 rc_cache.sql_cache_short.expiration_time = 30
385 402
386 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
387 ## type backend as the objects kept are not pickle serializable
388 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
389 ## by default we use 96H, this is using invalidation on push anyway
390 rc_cache.cache_repo_longterm.expiration_time = 345600
391 ## max items in LRU cache, reduce this number to save memory, and expire last used
392 ## cached objects
393 rc_cache.cache_repo_longterm.max_size = 10000
403 ; ##############
404 ; BEAKER SESSION
405 ; ##############
394 406
395
396 ####################################
397 ### BEAKER SESSION ####
398 ####################################
399
400 ## .session.type is type of storage options for the session, current allowed
401 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
407 ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
408 ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
409 ; Fastest ones are Redis and ext:database
402 410 beaker.session.type = file
403 411 beaker.session.data_dir = %(here)s/data/sessions
404 412
405 ## redis sessions
413 ; Redis based sessions
406 414 #beaker.session.type = ext:redis
407 415 #beaker.session.url = redis://127.0.0.1:6379/2
408 416
409 ## db based session, fast, and allows easy management over logged in users
417 ; DB based session, fast, and allows easy management over logged in users
410 418 #beaker.session.type = ext:database
411 419 #beaker.session.table_name = db_session
412 420 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
413 421 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
414 422 #beaker.session.sa.pool_recycle = 3600
415 423 #beaker.session.sa.echo = false
416 424
417 425 beaker.session.key = rhodecode
418 426 beaker.session.secret = production-rc-uytcxaz
419 427 beaker.session.lock_dir = %(here)s/data/sessions/lock
420 428
421 ## Secure encrypted cookie. Requires AES and AES python libraries
422 ## you must disable beaker.session.secret to use this
429 ; Secure encrypted cookie. Requires AES and AES python libraries
430 ; you must disable beaker.session.secret to use this
423 431 #beaker.session.encrypt_key = key_for_encryption
424 432 #beaker.session.validate_key = validation_key
425 433
426 ## sets session as invalid(also logging out user) if it haven not been
427 ## accessed for given amount of time in seconds
434 ; Sets session as invalid (also logging out user) if it haven not been
435 ; accessed for given amount of time in seconds
428 436 beaker.session.timeout = 2592000
429 437 beaker.session.httponly = true
430 ## Path to use for the cookie. Set to prefix if you use prefix middleware
438
439 ; Path to use for the cookie. Set to prefix if you use prefix middleware
431 440 #beaker.session.cookie_path = /custom_prefix
432 441
433 ## uncomment for https secure cookie
442 ; Set https secure cookie
434 443 beaker.session.secure = false
435 444
436 ## auto save the session to not to use .save()
437 beaker.session.auto = false
438
439 ## default cookie expiration time in seconds, set to `true` to set expire
440 ## at browser close
445 ; default cookie expiration time in seconds, set to `true` to set expire
446 ; at browser close
441 447 #beaker.session.cookie_expires = 3600
442 448
443 ###################################
444 ## SEARCH INDEXING CONFIGURATION ##
445 ###################################
446 ## Full text search indexer is available in rhodecode-tools under
447 ## `rhodecode-tools index` command
449 ; #############################
450 ; SEARCH INDEXING CONFIGURATION
451 ; #############################
448 452
449 ## WHOOSH Backend, doesn't require additional services to run
450 ## it works good with few dozen repos
453 ; Full text search indexer is available in rhodecode-tools under
454 ; `rhodecode-tools index` command
455
456 ; WHOOSH Backend, doesn't require additional services to run
457 ; it works good with few dozen repos
451 458 search.module = rhodecode.lib.index.whoosh
452 459 search.location = %(here)s/data/index
453 460
454 ########################################
455 ### CHANNELSTREAM CONFIG ####
456 ########################################
457 ## channelstream enables persistent connections and live notification
458 ## in the system. It's also used by the chat system
461 ; ####################
462 ; CHANNELSTREAM CONFIG
463 ; ####################
464
465 ; channelstream enables persistent connections and live notification
466 ; in the system. It's also used by the chat system
459 467
460 468 channelstream.enabled = false
461 469
462 ## server address for channelstream server on the backend
470 ; server address for channelstream server on the backend
463 471 channelstream.server = 127.0.0.1:9800
464 472
465 ## location of the channelstream server from outside world
466 ## use ws:// for http or wss:// for https. This address needs to be handled
467 ## by external HTTP server such as Nginx or Apache
468 ## see Nginx/Apache configuration examples in our docs
473 ; location of the channelstream server from outside world
474 ; use ws:// for http or wss:// for https. This address needs to be handled
475 ; by external HTTP server such as Nginx or Apache
476 ; see Nginx/Apache configuration examples in our docs
469 477 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
470 478 channelstream.secret = secret
471 479 channelstream.history.location = %(here)s/channelstream_history
472 480
473 ## Internal application path that Javascript uses to connect into.
474 ## If you use proxy-prefix the prefix should be added before /_channelstream
481 ; Internal application path that Javascript uses to connect into.
482 ; If you use proxy-prefix the prefix should be added before /_channelstream
475 483 channelstream.proxy_path = /_channelstream
476 484
477 ## Live chat for commits/pull requests. Requires CHANNELSTREAM to be enabled
478 ## and configured. (EE edition only)
479 chat.enabled = true
485
486 ; ##############################
487 ; MAIN RHODECODE DATABASE CONFIG
488 ; ##############################
489
490 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
491 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
492 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
493 ; pymysql is an alternative driver for MySQL, use in case of problems with default one
494 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
495
496 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
497
498 ; see sqlalchemy docs for other advanced settings
499 ; print the sql statements to output
500 sqlalchemy.db1.echo = false
501
502 ; recycle the connections after this amount of seconds
503 sqlalchemy.db1.pool_recycle = 3600
504 sqlalchemy.db1.convert_unicode = true
505
506 ; the number of connections to keep open inside the connection pool.
507 ; 0 indicates no limit
508 #sqlalchemy.db1.pool_size = 5
509
510 ; The number of connections to allow in connection pool "overflow", that is
511 ; connections that can be opened above and beyond the pool_size setting,
512 ; which defaults to five.
513 #sqlalchemy.db1.max_overflow = 10
514
515 ; Connection check ping, used to detect broken database connections
516 ; could be enabled to better handle cases if MySQL has gone away errors
517 #sqlalchemy.db1.ping_connection = true
518
519 ; ##########
520 ; VCS CONFIG
521 ; ##########
522 vcs.server.enable = true
523 vcs.server = localhost:9900
524
525 ; Web server connectivity protocol, responsible for web based VCS operations
526 ; Available protocols are:
527 ; `http` - use http-rpc backend (default)
528 vcs.server.protocol = http
529
530 ; Push/Pull operations protocol, available options are:
531 ; `http` - use http-rpc backend (default)
532 vcs.scm_app_implementation = http
533
534 ; Push/Pull operations hooks protocol, available options are:
535 ; `http` - use http-rpc backend (default)
536 vcs.hooks.protocol = http
537
538 ; Host on which this instance is listening for hooks. If vcsserver is in other location
539 ; this should be adjusted.
540 vcs.hooks.host = 127.0.0.1
541
542 ; Start VCSServer with this instance as a subprocess, useful for development
543 vcs.start_server = false
544
545 ; List of enabled VCS backends, available options are:
546 ; `hg` - mercurial
547 ; `git` - git
548 ; `svn` - subversion
549 vcs.backends = hg, git, svn
550
551 ; Wait this number of seconds before killing connection to the vcsserver
552 vcs.connection_timeout = 3600
553
554 ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
555 ; Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
556 #vcs.svn.compatible_version = pre-1.8-compatible
480 557
481 558
482 ###################################
483 ## APPENLIGHT CONFIG ##
484 ###################################
559 ; ####################################################
560 ; Subversion proxy support (mod_dav_svn)
561 ; Maps RhodeCode repo groups into SVN paths for Apache
562 ; ####################################################
563
564 ; Enable or disable the config file generation.
565 svn.proxy.generate_config = false
566
567 ; Generate config file with `SVNListParentPath` set to `On`.
568 svn.proxy.list_parent_path = true
569
570 ; Set location and file name of generated config file.
571 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
572
573 ; alternative mod_dav config template. This needs to be a valid mako template
574 ; Example template can be found in the source code:
575 ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
576 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
577
578 ; Used as a prefix to the `Location` block in the generated config file.
579 ; In most cases it should be set to `/`.
580 svn.proxy.location_root = /
581
582 ; Command to reload the mod dav svn configuration on change.
583 ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
584 ; Make sure user who runs RhodeCode process is allowed to reload Apache
585 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
586
587 ; If the timeout expires before the reload command finishes, the command will
588 ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
589 #svn.proxy.reload_timeout = 10
590
591 ; ####################
592 ; SSH Support Settings
593 ; ####################
485 594
486 ## Appenlight is tailored to work with RhodeCode, see
487 ## http://appenlight.com for details how to obtain an account
595 ; Defines if a custom authorized_keys file should be created and written on
596 ; any change user ssh keys. Setting this to false also disables possibility
597 ; of adding SSH keys by users from web interface. Super admins can still
598 ; manage SSH Keys.
599 ssh.generate_authorized_keyfile = false
600
601 ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
602 # ssh.authorized_keys_ssh_opts =
603
604 ; Path to the authorized_keys file where the generate entries are placed.
605 ; It is possible to have multiple key files specified in `sshd_config` e.g.
606 ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
607 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
608
609 ; Command to execute the SSH wrapper. The binary is available in the
610 ; RhodeCode installation directory.
611 ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
612 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
613
614 ; Allow shell when executing the ssh-wrapper command
615 ssh.wrapper_cmd_allow_shell = false
488 616
489 ## Appenlight integration enabled
617 ; Enables logging, and detailed output send back to the client during SSH
618 ; operations. Useful for debugging, shouldn't be used in production.
619 ssh.enable_debug_logging = false
620
621 ; Paths to binary executable, by default they are the names, but we can
622 ; override them if we want to use a custom one
623 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
624 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
625 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
626
627 ; Enables SSH key generator web interface. Disabling this still allows users
628 ; to add their own keys.
629 ssh.enable_ui_key_generator = true
630
631
632 ; #################
633 ; APPENLIGHT CONFIG
634 ; #################
635
636 ; Appenlight is tailored to work with RhodeCode, see
637 ; http://appenlight.rhodecode.com for details how to obtain an account
638
639 ; Appenlight integration enabled
490 640 appenlight = false
491 641
492 642 appenlight.server_url = https://api.appenlight.com
493 643 appenlight.api_key = YOUR_API_KEY
494 644 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
495 645
496 ## used for JS client
646 ; used for JS client
497 647 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
498 648
499 ## TWEAK AMOUNT OF INFO SENT HERE
649 ; TWEAK AMOUNT OF INFO SENT HERE
500 650
501 ## enables 404 error logging (default False)
651 ; enables 404 error logging (default False)
502 652 appenlight.report_404 = false
503 653
504 ## time in seconds after request is considered being slow (default 1)
654 ; time in seconds after request is considered being slow (default 1)
505 655 appenlight.slow_request_time = 1
506 656
507 ## record slow requests in application
508 ## (needs to be enabled for slow datastore recording and time tracking)
657 ; record slow requests in application
658 ; (needs to be enabled for slow datastore recording and time tracking)
509 659 appenlight.slow_requests = true
510 660
511 ## enable hooking to application loggers
661 ; enable hooking to application loggers
512 662 appenlight.logging = true
513 663
514 ## minimum log level for log capture
664 ; minimum log level for log capture
515 665 appenlight.logging.level = WARNING
516 666
517 ## send logs only from erroneous/slow requests
518 ## (saves API quota for intensive logging)
667 ; send logs only from erroneous/slow requests
668 ; (saves API quota for intensive logging)
519 669 appenlight.logging_on_error = false
520 670
521 ## list of additional keywords that should be grabbed from environ object
522 ## can be string with comma separated list of words in lowercase
523 ## (by default client will always send following info:
524 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
525 ## start with HTTP* this list be extended with additional keywords here
671 ; list of additional keywords that should be grabbed from environ object
672 ; can be string with comma separated list of words in lowercase
673 ; (by default client will always send following info:
674 ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
675 ; start with HTTP* this list be extended with additional keywords here
526 676 appenlight.environ_keys_whitelist =
527 677
528 ## list of keywords that should be blanked from request object
529 ## can be string with comma separated list of words in lowercase
530 ## (by default client will always blank keys that contain following words
531 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
532 ## this list be extended with additional keywords set here
678 ; list of keywords that should be blanked from request object
679 ; can be string with comma separated list of words in lowercase
680 ; (by default client will always blank keys that contain following words
681 ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
682 ; this list be extended with additional keywords set here
533 683 appenlight.request_keys_blacklist =
534 684
535 ## list of namespaces that should be ignores when gathering log entries
536 ## can be string with comma separated list of namespaces
537 ## (by default the client ignores own entries: appenlight_client.client)
685 ; list of namespaces that should be ignores when gathering log entries
686 ; can be string with comma separated list of namespaces
687 ; (by default the client ignores own entries: appenlight_client.client)
538 688 appenlight.log_namespace_blacklist =
539 689
540
541 ###########################################
542 ### MAIN RHODECODE DATABASE CONFIG ###
543 ###########################################
544 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
545 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
546 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
547 # pymysql is an alternative driver for MySQL, use in case of problems with default one
548 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
549
550 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
551
552 # see sqlalchemy docs for other advanced settings
553
554 ## print the sql statements to output
555 sqlalchemy.db1.echo = false
556 ## recycle the connections after this amount of seconds
557 sqlalchemy.db1.pool_recycle = 3600
558
559 ## the number of connections to keep open inside the connection pool.
560 ## 0 indicates no limit
561 #sqlalchemy.db1.pool_size = 5
562
563 ## the number of connections to allow in connection pool "overflow", that is
564 ## connections that can be opened above and beyond the pool_size setting,
565 ## which defaults to five.
566 #sqlalchemy.db1.max_overflow = 10
567
568 ## Connection check ping, used to detect broken database connections
569 ## could be enabled to better handle cases if MySQL has gone away errors
570 #sqlalchemy.db1.ping_connection = true
571
572 ##################
573 ### VCS CONFIG ###
574 ##################
575 vcs.server.enable = true
576 vcs.server = localhost:9900
577
578 ## Web server connectivity protocol, responsible for web based VCS operations
579 ## Available protocols are:
580 ## `http` - use http-rpc backend (default)
581 vcs.server.protocol = http
582
583 ## Push/Pull operations protocol, available options are:
584 ## `http` - use http-rpc backend (default)
585 vcs.scm_app_implementation = http
586
587 ## Push/Pull operations hooks protocol, available options are:
588 ## `http` - use http-rpc backend (default)
589 vcs.hooks.protocol = http
590
591 ## Host on which this instance is listening for hooks. If vcsserver is in other location
592 ## this should be adjusted.
593 vcs.hooks.host = 127.0.0.1
594
595 vcs.server.log_level = info
596 ## Start VCSServer with this instance as a subprocess, useful for development
597 vcs.start_server = false
598
599 ## List of enabled VCS backends, available options are:
600 ## `hg` - mercurial
601 ## `git` - git
602 ## `svn` - subversion
603 vcs.backends = hg, git, svn
604
605 vcs.connection_timeout = 3600
606 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
607 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
608 #vcs.svn.compatible_version = pre-1.8-compatible
609
610
611 ############################################################
612 ### Subversion proxy support (mod_dav_svn) ###
613 ### Maps RhodeCode repo groups into SVN paths for Apache ###
614 ############################################################
615 ## Enable or disable the config file generation.
616 svn.proxy.generate_config = false
617 ## Generate config file with `SVNListParentPath` set to `On`.
618 svn.proxy.list_parent_path = true
619 ## Set location and file name of generated config file.
620 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
621 ## alternative mod_dav config template. This needs to be a mako template
622 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
623 ## Used as a prefix to the `Location` block in the generated config file.
624 ## In most cases it should be set to `/`.
625 svn.proxy.location_root = /
626 ## Command to reload the mod dav svn configuration on change.
627 ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
628 ## Make sure user who runs RhodeCode process is allowed to reload Apache
629 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
630 ## If the timeout expires before the reload command finishes, the command will
631 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
632 #svn.proxy.reload_timeout = 10
633
634 ############################################################
635 ### SSH Support Settings ###
636 ############################################################
637
638 ## Defines if a custom authorized_keys file should be created and written on
639 ## any change user ssh keys. Setting this to false also disables possibility
640 ## of adding SSH keys by users from web interface. Super admins can still
641 ## manage SSH Keys.
642 ssh.generate_authorized_keyfile = false
643
644 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
645 # ssh.authorized_keys_ssh_opts =
646
647 ## Path to the authorized_keys file where the generate entries are placed.
648 ## It is possible to have multiple key files specified in `sshd_config` e.g.
649 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
650 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
651
652 ## Command to execute the SSH wrapper. The binary is available in the
653 ## RhodeCode installation directory.
654 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
655 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
656
657 ## Allow shell when executing the ssh-wrapper command
658 ssh.wrapper_cmd_allow_shell = false
659
660 ## Enables logging, and detailed output send back to the client during SSH
661 ## operations. Useful for debugging, shouldn't be used in production.
662 ssh.enable_debug_logging = false
663
664 ## Paths to binary executable, by default they are the names, but we can
665 ## override them if we want to use a custom one
666 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
667 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
668 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
669
670 ## Enables SSH key generator web interface. Disabling this still allows users
671 ## to add their own keys.
672 ssh.enable_ui_key_generator = true
673
674
675 ## Dummy marker to add new entries after.
676 ## Add any custom entries below. Please don't remove.
690 ; Dummy marker to add new entries after.
691 ; Add any custom entries below. Please don't remove this marker.
677 692 custom.conf = 1
678 693
679 694
680 ################################
681 ### LOGGING CONFIGURATION ####
682 ################################
695 ; #####################
696 ; LOGGING CONFIGURATION
697 ; #####################
683 698 [loggers]
684 699 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
685 700
686 701 [handlers]
687 702 keys = console, console_sql
688 703
689 704 [formatters]
690 705 keys = generic, color_formatter, color_formatter_sql
691 706
692 #############
693 ## LOGGERS ##
694 #############
707 ; #######
708 ; LOGGERS
709 ; #######
695 710 [logger_root]
696 711 level = NOTSET
697 712 handlers = console
698 713
699 714 [logger_sqlalchemy]
700 715 level = INFO
701 716 handlers = console_sql
702 717 qualname = sqlalchemy.engine
703 718 propagate = 0
704 719
705 720 [logger_beaker]
706 721 level = DEBUG
707 722 handlers =
708 723 qualname = beaker.container
709 724 propagate = 1
710 725
711 726 [logger_rhodecode]
712 727 level = DEBUG
713 728 handlers =
714 729 qualname = rhodecode
715 730 propagate = 1
716 731
717 732 [logger_ssh_wrapper]
718 733 level = DEBUG
719 734 handlers =
720 735 qualname = ssh_wrapper
721 736 propagate = 1
722 737
723 738 [logger_celery]
724 739 level = DEBUG
725 740 handlers =
726 741 qualname = celery
727 742
728 743
729 ##############
730 ## HANDLERS ##
731 ##############
744 ; ########
745 ; HANDLERS
746 ; ########
732 747
733 748 [handler_console]
734 749 class = StreamHandler
735 750 args = (sys.stderr, )
736 751 level = INFO
737 752 formatter = generic
738 753
739 754 [handler_console_sql]
740 # "level = DEBUG" logs SQL queries and results.
741 # "level = INFO" logs SQL queries.
742 # "level = WARN" logs neither. (Recommended for production systems.)
755 ; "level = DEBUG" logs SQL queries and results.
756 ; "level = INFO" logs SQL queries.
757 ; "level = WARN" logs neither. (Recommended for production systems.)
743 758 class = StreamHandler
744 759 args = (sys.stderr, )
745 760 level = WARN
746 761 formatter = generic
747 762
748 ################
749 ## FORMATTERS ##
750 ################
763 ; ##########
764 ; FORMATTERS
765 ; ##########
751 766
752 767 [formatter_generic]
753 768 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
754 769 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
755 770 datefmt = %Y-%m-%d %H:%M:%S
756 771
757 772 [formatter_color_formatter]
758 773 class = rhodecode.lib.logging_formatter.ColorFormatter
759 774 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
760 775 datefmt = %Y-%m-%d %H:%M:%S
761 776
762 777 [formatter_color_formatter_sql]
763 778 class = rhodecode.lib.logging_formatter.ColorFormatterSql
764 779 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
765 780 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now