##// END OF EJS Templates
configs: use new style of comments on .ini files....
marcink -
r4169:089413ab default
parent child Browse files
Show More
This diff has been collapsed as it changes many lines, (904 lines changed) Show them Hide them
@@ -1,24 +1,24 b''
1
1 ## -*- coding: utf-8 -*-
2
2
3 ################################################################################
3 ; #########################################
4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
4 ; RHODECODE COMMUNITY EDITION CONFIGURATION
5 ################################################################################
5 ; #########################################
6
6
7 [DEFAULT]
7 [DEFAULT]
8 ## Debug flag sets all loggers to debug, and enables request tracking
8 ; Debug flag sets all loggers to debug, and enables request tracking
9 debug = true
9 debug = true
10
10
11 ################################################################################
11 ; ########################################################################
12 ## EMAIL CONFIGURATION ##
12 ; EMAIL CONFIGURATION
13 ## Uncomment and replace with the email address which should receive ##
13 ; Uncomment and replace with the email address which should receive
14 ## any error reports after an application crash ##
14 ; any error reports after an application crash
15 ## Additionally these settings will be used by the RhodeCode mailing system ##
15 ; Additionally these settings will be used by the RhodeCode mailing system
16 ################################################################################
16 ; ########################################################################
17
17
18 ## prefix all emails subjects with given prefix, helps filtering out emails
18 ; prefix all emails subjects with given prefix, helps filtering out emails
19 #email_prefix = [RhodeCode]
19 #email_prefix = [RhodeCode]
20
20
21 ## email FROM address all mails will be sent
21 ; email FROM address all mails will be sent
22 #app_email_from = rhodecode-noreply@localhost
22 #app_email_from = rhodecode-noreply@localhost
23
23
24 #smtp_server = mail.server.com
24 #smtp_server = mail.server.com
@@ -29,125 +29,139 b' debug = true'
29 #smtp_use_ssl = true
29 #smtp_use_ssl = true
30
30
31 [server:main]
31 [server:main]
32 ## COMMON ##
32 ; COMMON HOST/IP CONFIG
33 host = 127.0.0.1
33 host = 127.0.0.1
34 port = 5000
34 port = 5000
35
35
36 ###########################################################
36 ; ##################################################
37 ## WAITRESS WSGI SERVER - Recommended for Development ####
37 ; WAITRESS WSGI SERVER - Recommended for Development
38 ###########################################################
38 ; ##################################################
39
39
40 ; use server type
40 use = egg:waitress#main
41 use = egg:waitress#main
41 ## number of worker threads
42
43 ; number of worker threads
42 threads = 5
44 threads = 5
43 ## MAX BODY SIZE 100GB
45
46 ; MAX BODY SIZE 100GB
44 max_request_body_size = 107374182400
47 max_request_body_size = 107374182400
45 ## Use poll instead of select, fixes file descriptors limits problems.
48
46 ## May not work on old windows systems.
49 ; Use poll instead of select, fixes file descriptors limits problems.
50 ; May not work on old windows systems.
47 asyncore_use_poll = true
51 asyncore_use_poll = true
48
52
49
53
50 ##########################
54 ; ###########################
51 ## GUNICORN WSGI SERVER ##
55 ; GUNICORN APPLICATION SERVER
52 ##########################
56 ; ###########################
53 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
54
57
58 ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
59
60 ; Module to use, this setting shouldn't be changed
55 #use = egg:gunicorn#main
61 #use = egg:gunicorn#main
56 ## Sets the number of process workers. More workers means more concurrent connections
62
57 ## RhodeCode can handle at the same time. Each additional worker also it increases
63 ; Sets the number of process workers. More workers means more concurrent connections
58 ## memory usage as each has it's own set of caches.
64 ; RhodeCode can handle at the same time. Each additional worker also it increases
59 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
65 ; memory usage as each has it's own set of caches.
60 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
66 ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
61 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
67 ; than 8-10 unless for really big deployments .e.g 700-1000 users.
62 ## when using more than 1 worker.
68 ; `instance_id = *` must be set in the [app:main] section below (which is the default)
69 ; when using more than 1 worker.
63 #workers = 2
70 #workers = 2
64
71
65 ## Gunicorn access log level
72 ; Gunicorn access log level
66 #loglevel = info
73 #loglevel = info
67
74
68 ## process name visible in process list
75 ; Process name visible in process list
69 #proc_name = rhodecode
76 #proc_name = rhodecode
70
77
71 ## type of worker class, one of sync, gevent
78 ; Type of worker class, one of `sync`, `gevent`
72 ## recommended for bigger setup is using of of other than sync one
79 ; Recommended type is `gevent`
73 #worker_class = gevent
80 #worker_class = gevent
74
81
75 ## The maximum number of simultaneous clients. Valid only for Gevent
82 ; The maximum number of simultaneous clients. Valid only for gevent
76 #worker_connections = 10
83 #worker_connections = 10
77
84
78 ## max number of requests that worker will handle before being gracefully
85 ; Max number of requests that worker will handle before being gracefully restarted.
79 ## restarted, could prevent memory leaks
86 ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
80 #max_requests = 1000
87 #max_requests = 1000
81 #max_requests_jitter = 30
88 #max_requests_jitter = 30
82
89
83 ## amount of time a worker can spend with handling a request before it
90 ; Amount of time a worker can spend with handling a request before it
84 ## gets killed and restarted. Set to 6hrs
91 ; gets killed and restarted. By default set to 21600 (6hrs)
92 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
85 #timeout = 21600
93 #timeout = 21600
86
94
87 ## The maximum size of HTTP request line in bytes.
95 ; The maximum size of HTTP request line in bytes.
88 ## 0 for unlimited
96 ; 0 for unlimited
89 #limit_request_line = 0
97 #limit_request_line = 0
90
98
91 ## Limit the number of HTTP headers fields in a request.
99 ; Limit the number of HTTP headers fields in a request.
92 ## By default this value is 100 and can't be larger than 32768.
100 ; By default this value is 100 and can't be larger than 32768.
93 #limit_request_fields = 32768
101 #limit_request_fields = 32768
94
102
95 ## Limit the allowed size of an HTTP request header field.
103 ; Limit the allowed size of an HTTP request header field.
96 ## Value is a positive number or 0.
104 ; Value is a positive number or 0.
97 ## Setting it to 0 will allow unlimited header field sizes.
105 ; Setting it to 0 will allow unlimited header field sizes.
98 #limit_request_field_size = 0
106 #limit_request_field_size = 0
99
107
100 ## Timeout for graceful workers restart.
108 ; Timeout for graceful workers restart.
101 ## After receiving a restart signal, workers have this much time to finish
109 ; After receiving a restart signal, workers have this much time to finish
102 ## serving requests. Workers still alive after the timeout (starting from the
110 ; serving requests. Workers still alive after the timeout (starting from the
103 ## receipt of the restart signal) are force killed.
111 ; receipt of the restart signal) are force killed.
112 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
104 #graceful_timeout = 3600
113 #graceful_timeout = 3600
105
114
106 # The number of seconds to wait for requests on a Keep-Alive connection.
115 # The number of seconds to wait for requests on a Keep-Alive connection.
107 # Generally set in the 1-5 seconds range.
116 # Generally set in the 1-5 seconds range.
108 #keepalive = 2
117 #keepalive = 2
109
118
110 ## Maximum memory usage that each worker can use before it will receive a
119 ; Maximum memory usage that each worker can use before it will receive a
111 ## graceful restart signal, e.g 10MB = 10485760 (10 * 1024 * 1024)
120 ; graceful restart signal 0 = memory monitoring is disabled
112 # 0 = memory monitoring is disabled
121 ; Examples: 268435456 (256MB), 536870912 (512MB)
122 ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
113 #memory_max_usage = 0
123 #memory_max_usage = 0
114
124
115 ## How often in seconds to check for memory usage for each gunicorn worker
125 ; How often in seconds to check for memory usage for each gunicorn worker
116 #memory_usage_check_interval = 60
126 #memory_usage_check_interval = 60
117
127
118 ## Threshold value for which we don't recycle worker if GarbageCollection
128 ; Threshold value for which we don't recycle worker if GarbageCollection
119 ## frees up enough resources. Before each restart we try to run GC on worker
129 ; frees up enough resources. Before each restart we try to run GC on worker
120 ## in case we get enough free memory after that, restart will not happen.
130 ; in case we get enough free memory after that, restart will not happen.
121 #memory_usage_recovery_threshold = 0.8
131 #memory_usage_recovery_threshold = 0.8
122
132
123 ## prefix middleware for RhodeCode.
133
124 ## recommended when using proxy setup.
134 ; Prefix middleware for RhodeCode.
125 ## allows to set RhodeCode under a prefix in server.
135 ; recommended when using proxy setup.
126 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
136 ; allows to set RhodeCode under a prefix in server.
127 ## And set your prefix like: `prefix = /custom_prefix`
137 ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
128 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
138 ; And set your prefix like: `prefix = /custom_prefix`
129 ## to make your cookies only work on prefix url
139 ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
140 ; to make your cookies only work on prefix url
130 [filter:proxy-prefix]
141 [filter:proxy-prefix]
131 use = egg:PasteDeploy#prefix
142 use = egg:PasteDeploy#prefix
132 prefix = /
143 prefix = /
133
144
134 [app:main]
145 [app:main]
135 ## The %(here)s variable will be replaced with the absolute path of parent directory
146 ; The %(here)s variable will be replaced with the absolute path of parent directory
136 ## of this file
147 ; of this file
137 ## In addition ENVIRONMENT variables usage is possible, e.g
148 ; In addition ENVIRONMENT variables usage is possible, e.g
138 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
149 ; sqlalchemy.db1.url = {ENV_RC_DB_URL}
139
150
140 use = egg:rhodecode-enterprise-ce
151 use = egg:rhodecode-enterprise-ce
141
152
142 ## enable proxy prefix middleware, defined above
153 ; enable proxy prefix middleware, defined above
143 #filter-with = proxy-prefix
154 #filter-with = proxy-prefix
144
155
156 ; #############
157 ; DEBUG OPTIONS
158 ; #############
159
160 pyramid.reload_templates = true
161
145 # During development the we want to have the debug toolbar enabled
162 # During development the we want to have the debug toolbar enabled
146 pyramid.includes =
163 pyramid.includes =
147 pyramid_debugtoolbar
164 pyramid_debugtoolbar
148 rhodecode.lib.middleware.request_wrapper
149
150 pyramid.reload_templates = true
151
165
152 debugtoolbar.hosts = 0.0.0.0/0
166 debugtoolbar.hosts = 0.0.0.0/0
153 debugtoolbar.exclude_prefixes =
167 debugtoolbar.exclude_prefixes =
@@ -164,97 +178,100 b' rhodecode.includes ='
164 # api prefix url
178 # api prefix url
165 rhodecode.api.url = /_admin/api
179 rhodecode.api.url = /_admin/api
166
180
167
181 ; enable debug style page
168 ## END RHODECODE PLUGINS ##
182 debug_style = true
169
183
170 ## encryption key used to encrypt social plugin tokens,
184 ; #################
171 ## remote_urls with credentials etc, if not set it defaults to
185 ; END DEBUG OPTIONS
172 ## `beaker.session.secret`
186 ; #################
187
188 ; encryption key used to encrypt social plugin tokens,
189 ; remote_urls with credentials etc, if not set it defaults to
190 ; `beaker.session.secret`
173 #rhodecode.encrypted_values.secret =
191 #rhodecode.encrypted_values.secret =
174
192
175 ## decryption strict mode (enabled by default). It controls if decryption raises
193 ; decryption strict mode (enabled by default). It controls if decryption raises
176 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
194 ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
177 #rhodecode.encrypted_values.strict = false
195 #rhodecode.encrypted_values.strict = false
178
196
179 ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
197 ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
180 ## fernet is safer, and we strongly recommend switching to it.
198 ; fernet is safer, and we strongly recommend switching to it.
181 ## Due to backward compatibility aes is used as default.
199 ; Due to backward compatibility aes is used as default.
182 #rhodecode.encrypted_values.algorithm = fernet
200 #rhodecode.encrypted_values.algorithm = fernet
183
201
184 ## return gzipped responses from RhodeCode (static files/application)
202 ; Return gzipped responses from RhodeCode (static files/application)
185 gzip_responses = false
203 gzip_responses = false
186
204
187 ## auto-generate javascript routes file on startup
205 ; Auto-generate javascript routes file on startup
188 generate_js_files = false
206 generate_js_files = false
189
207
190 ## System global default language.
208 ; System global default language.
191 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
209 ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
192 lang = en
210 lang = en
193
211
194 ## Perform a full repository scan and import on each server start.
212 ; Perform a full repository scan and import on each server start.
195 ## Settings this to true could lead to very long startup time.
213 ; Settings this to true could lead to very long startup time.
196 startup.import_repos = false
214 startup.import_repos = false
197
215
198 ## Uncomment and set this path to use archive download cache.
216 ; Uncomment and set this path to use archive download cache.
199 ## Once enabled, generated archives will be cached at this location
217 ; Once enabled, generated archives will be cached at this location
200 ## and served from the cache during subsequent requests for the same archive of
218 ; and served from the cache during subsequent requests for the same archive of
201 ## the repository.
219 ; the repository.
202 #archive_cache_dir = /tmp/tarballcache
220 #archive_cache_dir = /tmp/tarballcache
203
221
204 ## URL at which the application is running. This is used for Bootstrapping
222 ; URL at which the application is running. This is used for Bootstrapping
205 ## requests in context when no web request is available. Used in ishell, or
223 ; requests in context when no web request is available. Used in ishell, or
206 ## SSH calls. Set this for events to receive proper url for SSH calls.
224 ; SSH calls. Set this for events to receive proper url for SSH calls.
207 app.base_url = http://rhodecode.local
225 app.base_url = http://rhodecode.local
208
226
209 ## Unique application ID. Should be a random unique string for security.
227 ; Unique application ID. Should be a random unique string for security.
210 app_instance_uuid = rc-production
228 app_instance_uuid = rc-production
211
229
212 ## Cut off limit for large diffs (size in bytes). If overall diff size on
230 ; Cut off limit for large diffs (size in bytes). If overall diff size on
213 ## commit, or pull request exceeds this limit this diff will be displayed
231 ; commit, or pull request exceeds this limit this diff will be displayed
214 ## partially. E.g 512000 == 512Kb
232 ; partially. E.g 512000 == 512Kb
215 cut_off_limit_diff = 512000
233 cut_off_limit_diff = 512000
216
234
217 ## Cut off limit for large files inside diffs (size in bytes). Each individual
235 ; Cut off limit for large files inside diffs (size in bytes). Each individual
218 ## file inside diff which exceeds this limit will be displayed partially.
236 ; file inside diff which exceeds this limit will be displayed partially.
219 ## E.g 128000 == 128Kb
237 ; E.g 128000 == 128Kb
220 cut_off_limit_file = 128000
238 cut_off_limit_file = 128000
221
239
222 ## use cached version of vcs repositories everywhere. Recommended to be `true`
240 ; Use cached version of vcs repositories everywhere. Recommended to be `true`
223 vcs_full_cache = true
241 vcs_full_cache = true
224
242
225 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
243 ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
226 ## Normally this is controlled by proper http flags sent from http server
244 ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
227 force_https = false
245 force_https = false
228
246
229 ## use Strict-Transport-Security headers
247 ; use Strict-Transport-Security headers
230 use_htsts = false
248 use_htsts = false
231
249
232 # Set to true if your repos are exposed using the dumb protocol
250 ; Set to true if your repos are exposed using the dumb protocol
233 git_update_server_info = false
251 git_update_server_info = false
234
252
235 ## RSS/ATOM feed options
253 ; RSS/ATOM feed options
236 rss_cut_off_limit = 256000
254 rss_cut_off_limit = 256000
237 rss_items_per_page = 10
255 rss_items_per_page = 10
238 rss_include_diff = false
256 rss_include_diff = false
239
257
240 ## gist URL alias, used to create nicer urls for gist. This should be an
258 ; gist URL alias, used to create nicer urls for gist. This should be an
241 ## url that does rewrites to _admin/gists/{gistid}.
259 ; url that does rewrites to _admin/gists/{gistid}.
242 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
260 ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
243 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
261 ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
244 gist_alias_url =
262 gist_alias_url =
245
263
246 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
264 ; List of views (using glob pattern syntax) that AUTH TOKENS could be
247 ## used for access.
265 ; used for access.
248 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
266 ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
249 ## came from the the logged in user who own this authentication token.
267 ; came from the the logged in user who own this authentication token.
250 ## Additionally @TOKEN syntax can be used to bound the view to specific
268 ; Additionally @TOKEN syntax can be used to bound the view to specific
251 ## authentication token. Such view would be only accessible when used together
269 ; authentication token. Such view would be only accessible when used together
252 ## with this authentication token
270 ; with this authentication token
253 ##
271 ; list of all views can be found under `/_admin/permissions/auth_token_access`
254 ## list of all views can be found under `/_admin/permissions/auth_token_access`
272 ; The list should be "," separated and on a single line.
255 ## The list should be "," separated and on a single line.
273 ; Most common views to enable:
256 ##
274
257 ## Most common views to enable:
258 # RepoCommitsView:repo_commit_download
275 # RepoCommitsView:repo_commit_download
259 # RepoCommitsView:repo_commit_patch
276 # RepoCommitsView:repo_commit_patch
260 # RepoCommitsView:repo_commit_raw
277 # RepoCommitsView:repo_commit_raw
@@ -265,173 +282,193 b' gist_alias_url ='
265 # GistView:*
282 # GistView:*
266 api_access_controllers_whitelist =
283 api_access_controllers_whitelist =
267
284
268 ## Default encoding used to convert from and to unicode
285 ; Default encoding used to convert from and to unicode
269 ## can be also a comma separated list of encoding in case of mixed encodings
286 ; can be also a comma separated list of encoding in case of mixed encodings
270 default_encoding = UTF-8
287 default_encoding = UTF-8
271
288
272 ## instance-id prefix
289 ; instance-id prefix
273 ## a prefix key for this instance used for cache invalidation when running
290 ; a prefix key for this instance used for cache invalidation when running
274 ## multiple instances of RhodeCode, make sure it's globally unique for
291 ; multiple instances of RhodeCode, make sure it's globally unique for
275 ## all running RhodeCode instances. Leave empty if you don't use it
292 ; all running RhodeCode instances. Leave empty if you don't use it
276 instance_id =
293 instance_id =
277
294
278 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
295 ; Fallback authentication plugin. Set this to a plugin ID to force the usage
279 ## of an authentication plugin also if it is disabled by it's settings.
296 ; of an authentication plugin also if it is disabled by it's settings.
280 ## This could be useful if you are unable to log in to the system due to broken
297 ; This could be useful if you are unable to log in to the system due to broken
281 ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
298 ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
282 ## module to log in again and fix the settings.
299 ; module to log in again and fix the settings.
283 ##
300 ; Available builtin plugin IDs (hash is part of the ID):
284 ## Available builtin plugin IDs (hash is part of the ID):
301 ; egg:rhodecode-enterprise-ce#rhodecode
285 ## egg:rhodecode-enterprise-ce#rhodecode
302 ; egg:rhodecode-enterprise-ce#pam
286 ## egg:rhodecode-enterprise-ce#pam
303 ; egg:rhodecode-enterprise-ce#ldap
287 ## egg:rhodecode-enterprise-ce#ldap
304 ; egg:rhodecode-enterprise-ce#jasig_cas
288 ## egg:rhodecode-enterprise-ce#jasig_cas
305 ; egg:rhodecode-enterprise-ce#headers
289 ## egg:rhodecode-enterprise-ce#headers
306 ; egg:rhodecode-enterprise-ce#crowd
290 ## egg:rhodecode-enterprise-ce#crowd
307
291 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
308 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
292
309
293 ## Flag to control loading of legacy plugins in py:/path format
310 ; Flag to control loading of legacy plugins in py:/path format
294 auth_plugin.import_legacy_plugins = true
311 auth_plugin.import_legacy_plugins = true
295
312
296 ## alternative return HTTP header for failed authentication. Default HTTP
313 ; alternative return HTTP header for failed authentication. Default HTTP
297 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
314 ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
298 ## handling that causing a series of failed authentication calls.
315 ; handling that causing a series of failed authentication calls.
299 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
316 ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
300 ## This will be served instead of default 401 on bad authentication
317 ; This will be served instead of default 401 on bad authentication
301 auth_ret_code =
318 auth_ret_code =
302
319
303 ## use special detection method when serving auth_ret_code, instead of serving
320 ; use special detection method when serving auth_ret_code, instead of serving
304 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
321 ; ret_code directly, use 401 initially (Which triggers credentials prompt)
305 ## and then serve auth_ret_code to clients
322 ; and then serve auth_ret_code to clients
306 auth_ret_code_detection = false
323 auth_ret_code_detection = false
307
324
308 ## locking return code. When repository is locked return this HTTP code. 2XX
325 ; locking return code. When repository is locked return this HTTP code. 2XX
309 ## codes don't break the transactions while 4XX codes do
326 ; codes don't break the transactions while 4XX codes do
310 lock_ret_code = 423
327 lock_ret_code = 423
311
328
312 ## allows to change the repository location in settings page
329 ; allows to change the repository location in settings page
313 allow_repo_location_change = true
330 allow_repo_location_change = true
314
331
315 ## allows to setup custom hooks in settings page
332 ; allows to setup custom hooks in settings page
316 allow_custom_hooks_settings = true
333 allow_custom_hooks_settings = true
317
334
318 ## Generated license token required for EE edition license.
335 ; Generated license token required for EE edition license.
319 ## New generated token value can be found in Admin > settings > license page.
336 ; New generated token value can be found in Admin > settings > license page.
320 license_token =
337 license_token =
321
338
322 ## This flag would hide sensitive information on the license page
339 ; This flag hides sensitive information on the license page such as token, and license data
323 license.hide_license_info = false
340 license.hide_license_info = false
324
341
325 ## supervisor connection uri, for managing supervisor and logs.
342 ; supervisor connection uri, for managing supervisor and logs.
326 supervisor.uri =
343 supervisor.uri =
327 ## supervisord group name/id we only want this RC instance to handle
344
345 ; supervisord group name/id we only want this RC instance to handle
328 supervisor.group_id = dev
346 supervisor.group_id = dev
329
347
330 ## Display extended labs settings
348 ; Display extended labs settings
331 labs_settings_active = true
349 labs_settings_active = true
332
350
333 ## Custom exception store path, defaults to TMPDIR
351 ; Custom exception store path, defaults to TMPDIR
334 ## This is used to store exception from RhodeCode in shared directory
352 ; This is used to store exception from RhodeCode in shared directory
335 #exception_tracker.store_path =
353 #exception_tracker.store_path =
336
354
337 ## File store configuration. This is used to store and serve uploaded files
355 ; File store configuration. This is used to store and serve uploaded files
338 file_store.enabled = true
356 file_store.enabled = true
339 ## Storage backend, available options are: local
357
358 ; Storage backend, available options are: local
340 file_store.backend = local
359 file_store.backend = local
341 ## path to store the uploaded binaries
360
361 ; path to store the uploaded binaries
342 file_store.storage_path = %(here)s/data/file_store
362 file_store.storage_path = %(here)s/data/file_store
343
363
344
364
345 ####################################
365 ; #############
346 ### CELERY CONFIG ####
366 ; CELERY CONFIG
347 ####################################
367 ; #############
348 ## run: /path/to/celery worker \
368
349 ## -E --beat --app rhodecode.lib.celerylib.loader \
369 ; run: /path/to/celery worker \
350 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
370 ; -E --beat --app rhodecode.lib.celerylib.loader \
351 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
371 ; --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
372 ; --loglevel DEBUG --ini /path/to/rhodecode.ini
352
373
353 use_celery = false
374 use_celery = false
354
375
355 ## connection url to the message broker (default redis)
376 ; connection url to the message broker (default redis)
356 celery.broker_url = redis://localhost:6379/8
377 celery.broker_url = redis://localhost:6379/8
357
378
358 ## rabbitmq example
379 ; rabbitmq example
359 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
380 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
360
381
361 ## maximum tasks to execute before worker restart
382 ; maximum tasks to execute before worker restart
362 celery.max_tasks_per_child = 100
383 celery.max_tasks_per_child = 100
363
384
364 ## tasks will never be sent to the queue, but executed locally instead.
385 ; tasks will never be sent to the queue, but executed locally instead.
365 celery.task_always_eager = false
386 celery.task_always_eager = false
366
387
367 #####################################
388 ; #############
368 ### DOGPILE CACHE ####
389 ; DOGPILE CACHE
369 #####################################
390 ; #############
370 ## Default cache dir for caches. Putting this into a ramdisk
391
371 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
392 ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
372 ## large amount of space
393 ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
373 cache_dir = %(here)s/data
394 cache_dir = %(here)s/data
374
395
375 ## `cache_perms` cache settings for permission tree, auth TTL.
396 ; *********************************************
397 ; `sql_cache_short` cache for heavy SQL queries
398 ; Only supported backend is `memory_lru`
399 ; *********************************************
400 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
401 rc_cache.sql_cache_short.expiration_time = 30
402
403
404 ; *****************************************************
405 ; `cache_repo_longterm` cache for repo object instances
406 ; Only supported backend is `memory_lru`
407 ; *****************************************************
408 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
409 ; by default we use 30 Days, cache is still invalidated on push
410 rc_cache.cache_repo_longterm.expiration_time = 2592000
411 ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
412 rc_cache.cache_repo_longterm.max_size = 10000
413
414
415 ; *************************************************
416 ; `cache_perms` cache for permission tree, auth TTL
417 ; *************************************************
376 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
418 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
377 rc_cache.cache_perms.expiration_time = 300
419 rc_cache.cache_perms.expiration_time = 300
378
420
379 ## alternative `cache_perms` redis backend with distributed lock
421 ; alternative `cache_perms` redis backend with distributed lock
380 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
422 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
381 #rc_cache.cache_perms.expiration_time = 300
423 #rc_cache.cache_perms.expiration_time = 300
382 ## redis_expiration_time needs to be greater then expiration_time
424
425 ; redis_expiration_time needs to be greater then expiration_time
383 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
426 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
384 #rc_cache.cache_perms.arguments.socket_timeout = 30
427
385 #rc_cache.cache_perms.arguments.host = localhost
428 #rc_cache.cache_perms.arguments.host = localhost
386 #rc_cache.cache_perms.arguments.port = 6379
429 #rc_cache.cache_perms.arguments.port = 6379
387 #rc_cache.cache_perms.arguments.db = 0
430 #rc_cache.cache_perms.arguments.db = 0
388 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
431 #rc_cache.cache_perms.arguments.socket_timeout = 30
432 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
389 #rc_cache.cache_perms.arguments.distributed_lock = true
433 #rc_cache.cache_perms.arguments.distributed_lock = true
390
434
391 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
435
436 ; ***************************************************
437 ; `cache_repo` cache for file tree, Readme, RSS FEEDS
438 ; ***************************************************
392 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
439 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
393 rc_cache.cache_repo.expiration_time = 2592000
440 rc_cache.cache_repo.expiration_time = 2592000
394
441
395 ## alternative `cache_repo` redis backend with distributed lock
442 ; alternative `cache_repo` redis backend with distributed lock
396 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
443 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
397 #rc_cache.cache_repo.expiration_time = 2592000
444 #rc_cache.cache_repo.expiration_time = 2592000
398 ## redis_expiration_time needs to be greater then expiration_time
445
446 ; redis_expiration_time needs to be greater then expiration_time
399 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
447 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
400 #rc_cache.cache_repo.arguments.socket_timeout = 30
448
401 #rc_cache.cache_repo.arguments.host = localhost
449 #rc_cache.cache_repo.arguments.host = localhost
402 #rc_cache.cache_repo.arguments.port = 6379
450 #rc_cache.cache_repo.arguments.port = 6379
403 #rc_cache.cache_repo.arguments.db = 1
451 #rc_cache.cache_repo.arguments.db = 1
404 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
452 #rc_cache.cache_repo.arguments.socket_timeout = 30
453 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
405 #rc_cache.cache_repo.arguments.distributed_lock = true
454 #rc_cache.cache_repo.arguments.distributed_lock = true
406
455
407 ## cache settings for SQL queries, this needs to use memory type backend
408 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
409 rc_cache.sql_cache_short.expiration_time = 30
410
456
411 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
457 ; ##############
412 ## type backend as the objects kept are not pickle serializable
458 ; BEAKER SESSION
413 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
459 ; ##############
414 ## by default we use 96H, this is using invalidation on push anyway
415 rc_cache.cache_repo_longterm.expiration_time = 345600
416 ## max items in LRU cache, reduce this number to save memory, and expire last used
417 ## cached objects
418 rc_cache.cache_repo_longterm.max_size = 10000
419
460
420
461 ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
421 ####################################
462 ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
422 ### BEAKER SESSION ####
463 ; Fastest ones are Redis and ext:database
423 ####################################
424
425 ## .session.type is type of storage options for the session, current allowed
426 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
427 beaker.session.type = file
464 beaker.session.type = file
428 beaker.session.data_dir = %(here)s/data/sessions
465 beaker.session.data_dir = %(here)s/data/sessions
429
466
430 ## redis sessions
467 ; Redis based sessions
431 #beaker.session.type = ext:redis
468 #beaker.session.type = ext:redis
432 #beaker.session.url = redis://127.0.0.1:6379/2
469 #beaker.session.url = redis://127.0.0.1:6379/2
433
470
434 ## db based session, fast, and allows easy management over logged in users
471 ; DB based session, fast, and allows easy management over logged in users
435 #beaker.session.type = ext:database
472 #beaker.session.type = ext:database
436 #beaker.session.table_name = db_session
473 #beaker.session.table_name = db_session
437 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
474 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
@@ -443,266 +480,275 b' beaker.session.key = rhodecode'
443 beaker.session.secret = develop-rc-uytcxaz
480 beaker.session.secret = develop-rc-uytcxaz
444 beaker.session.lock_dir = %(here)s/data/sessions/lock
481 beaker.session.lock_dir = %(here)s/data/sessions/lock
445
482
446 ## Secure encrypted cookie. Requires AES and AES python libraries
483 ; Secure encrypted cookie. Requires AES and AES python libraries
447 ## you must disable beaker.session.secret to use this
484 ; you must disable beaker.session.secret to use this
448 #beaker.session.encrypt_key = key_for_encryption
485 #beaker.session.encrypt_key = key_for_encryption
449 #beaker.session.validate_key = validation_key
486 #beaker.session.validate_key = validation_key
450
487
451 ## sets session as invalid(also logging out user) if it haven not been
488 ; Sets session as invalid (also logging out user) if it haven not been
452 ## accessed for given amount of time in seconds
489 ; accessed for given amount of time in seconds
453 beaker.session.timeout = 2592000
490 beaker.session.timeout = 2592000
454 beaker.session.httponly = true
491 beaker.session.httponly = true
455 ## Path to use for the cookie. Set to prefix if you use prefix middleware
492
493 ; Path to use for the cookie. Set to prefix if you use prefix middleware
456 #beaker.session.cookie_path = /custom_prefix
494 #beaker.session.cookie_path = /custom_prefix
457
495
458 ## uncomment for https secure cookie
496 ; Set https secure cookie
459 beaker.session.secure = false
497 beaker.session.secure = false
460
498
461 ## auto save the session to not to use .save()
499 ; default cookie expiration time in seconds, set to `true` to set expire
462 beaker.session.auto = false
500 ; at browser close
463
464 ## default cookie expiration time in seconds, set to `true` to set expire
465 ## at browser close
466 #beaker.session.cookie_expires = 3600
501 #beaker.session.cookie_expires = 3600
467
502
468 ###################################
503 ; #############################
469 ## SEARCH INDEXING CONFIGURATION ##
504 ; SEARCH INDEXING CONFIGURATION
470 ###################################
505 ; #############################
471 ## Full text search indexer is available in rhodecode-tools under
472 ## `rhodecode-tools index` command
473
506
474 ## WHOOSH Backend, doesn't require additional services to run
507 ; Full text search indexer is available in rhodecode-tools under
475 ## it works good with few dozen repos
508 ; `rhodecode-tools index` command
509
510 ; WHOOSH Backend, doesn't require additional services to run
511 ; it works good with few dozen repos
476 search.module = rhodecode.lib.index.whoosh
512 search.module = rhodecode.lib.index.whoosh
477 search.location = %(here)s/data/index
513 search.location = %(here)s/data/index
478
514
479 ########################################
515 ; ####################
480 ### CHANNELSTREAM CONFIG ####
516 ; CHANNELSTREAM CONFIG
481 ########################################
517 ; ####################
482 ## channelstream enables persistent connections and live notification
518
483 ## in the system. It's also used by the chat system
519 ; channelstream enables persistent connections and live notification
520 ; in the system. It's also used by the chat system
484
521
485 channelstream.enabled = false
522 channelstream.enabled = false
486
523
487 ## server address for channelstream server on the backend
524 ; server address for channelstream server on the backend
488 channelstream.server = 127.0.0.1:9800
525 channelstream.server = 127.0.0.1:9800
489
526
490 ## location of the channelstream server from outside world
527 ; location of the channelstream server from outside world
491 ## use ws:// for http or wss:// for https. This address needs to be handled
528 ; use ws:// for http or wss:// for https. This address needs to be handled
492 ## by external HTTP server such as Nginx or Apache
529 ; by external HTTP server such as Nginx or Apache
493 ## see Nginx/Apache configuration examples in our docs
530 ; see Nginx/Apache configuration examples in our docs
494 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
531 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
495 channelstream.secret = secret
532 channelstream.secret = secret
496 channelstream.history.location = %(here)s/channelstream_history
533 channelstream.history.location = %(here)s/channelstream_history
497
534
498 ## Internal application path that Javascript uses to connect into.
535 ; Internal application path that Javascript uses to connect into.
499 ## If you use proxy-prefix the prefix should be added before /_channelstream
536 ; If you use proxy-prefix the prefix should be added before /_channelstream
500 channelstream.proxy_path = /_channelstream
537 channelstream.proxy_path = /_channelstream
501
538
502
539
503 ###################################
540 ; ##############################
504 ## APPENLIGHT CONFIG ##
541 ; MAIN RHODECODE DATABASE CONFIG
505 ###################################
542 ; ##############################
543
544 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
545 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
546 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
547 ; pymysql is an alternative driver for MySQL, use in case of problems with default one
548 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
549
550 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
551
552 ; see sqlalchemy docs for other advanced settings
553 ; print the sql statements to output
554 sqlalchemy.db1.echo = false
555
556 ; recycle the connections after this amount of seconds
557 sqlalchemy.db1.pool_recycle = 3600
558 sqlalchemy.db1.convert_unicode = true
559
560 ; the number of connections to keep open inside the connection pool.
561 ; 0 indicates no limit
562 #sqlalchemy.db1.pool_size = 5
563
564 ; The number of connections to allow in connection pool "overflow", that is
565 ; connections that can be opened above and beyond the pool_size setting,
566 ; which defaults to five.
567 #sqlalchemy.db1.max_overflow = 10
568
569 ; Connection check ping, used to detect broken database connections
570 ; could be enabled to better handle cases if MySQL has gone away errors
571 #sqlalchemy.db1.ping_connection = true
572
573 ; ##########
574 ; VCS CONFIG
575 ; ##########
576 vcs.server.enable = true
577 vcs.server = localhost:9900
578
579 ; Web server connectivity protocol, responsible for web based VCS operations
580 ; Available protocols are:
581 ; `http` - use http-rpc backend (default)
582 vcs.server.protocol = http
583
584 ; Push/Pull operations protocol, available options are:
585 ; `http` - use http-rpc backend (default)
586 vcs.scm_app_implementation = http
587
588 ; Push/Pull operations hooks protocol, available options are:
589 ; `http` - use http-rpc backend (default)
590 vcs.hooks.protocol = http
591
592 ; Host on which this instance is listening for hooks. If vcsserver is in other location
593 ; this should be adjusted.
594 vcs.hooks.host = 127.0.0.1
595
596 ; Start VCSServer with this instance as a subprocess, useful for development
597 vcs.start_server = false
598
599 ; List of enabled VCS backends, available options are:
600 ; `hg` - mercurial
601 ; `git` - git
602 ; `svn` - subversion
603 vcs.backends = hg, git, svn
604
605 ; Wait this number of seconds before killing connection to the vcsserver
606 vcs.connection_timeout = 3600
607
608 ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
609 ; Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
610 #vcs.svn.compatible_version = pre-1.8-compatible
611
506
612
507 ## Appenlight is tailored to work with RhodeCode, see
613 ; ####################################################
508 ## http://appenlight.com for details how to obtain an account
614 ; Subversion proxy support (mod_dav_svn)
615 ; Maps RhodeCode repo groups into SVN paths for Apache
616 ; ####################################################
617
618 ; Enable or disable the config file generation.
619 svn.proxy.generate_config = false
620
621 ; Generate config file with `SVNListParentPath` set to `On`.
622 svn.proxy.list_parent_path = true
623
624 ; Set location and file name of generated config file.
625 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
626
627 ; alternative mod_dav config template. This needs to be a valid mako template
628 ; Example template can be found in the source code:
629 ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
630 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
631
632 ; Used as a prefix to the `Location` block in the generated config file.
633 ; In most cases it should be set to `/`.
634 svn.proxy.location_root = /
635
636 ; Command to reload the mod dav svn configuration on change.
637 ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
638 ; Make sure user who runs RhodeCode process is allowed to reload Apache
639 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
640
641 ; If the timeout expires before the reload command finishes, the command will
642 ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
643 #svn.proxy.reload_timeout = 10
644
645 ; ####################
646 ; SSH Support Settings
647 ; ####################
509
648
510 ## Appenlight integration enabled
649 ; Defines if a custom authorized_keys file should be created and written on
650 ; any change user ssh keys. Setting this to false also disables possibility
651 ; of adding SSH keys by users from web interface. Super admins can still
652 ; manage SSH Keys.
653 ssh.generate_authorized_keyfile = false
654
655 ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
656 # ssh.authorized_keys_ssh_opts =
657
658 ; Path to the authorized_keys file where the generate entries are placed.
659 ; It is possible to have multiple key files specified in `sshd_config` e.g.
660 ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
661 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
662
663 ; Command to execute the SSH wrapper. The binary is available in the
664 ; RhodeCode installation directory.
665 ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
666 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
667
668 ; Allow shell when executing the ssh-wrapper command
669 ssh.wrapper_cmd_allow_shell = false
670
671 ; Enables logging, and detailed output send back to the client during SSH
672 ; operations. Useful for debugging, shouldn't be used in production.
673 ssh.enable_debug_logging = true
674
675 ; Paths to binary executable, by default they are the names, but we can
676 ; override them if we want to use a custom one
677 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
678 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
679 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
680
681 ; Enables SSH key generator web interface. Disabling this still allows users
682 ; to add their own keys.
683 ssh.enable_ui_key_generator = true
684
685
686 ; #################
687 ; APPENLIGHT CONFIG
688 ; #################
689
690 ; Appenlight is tailored to work with RhodeCode, see
691 ; http://appenlight.rhodecode.com for details how to obtain an account
692
693 ; Appenlight integration enabled
511 appenlight = false
694 appenlight = false
512
695
513 appenlight.server_url = https://api.appenlight.com
696 appenlight.server_url = https://api.appenlight.com
514 appenlight.api_key = YOUR_API_KEY
697 appenlight.api_key = YOUR_API_KEY
515 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
698 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
516
699
517 ## used for JS client
700 ; used for JS client
518 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
701 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
519
702
520 ## TWEAK AMOUNT OF INFO SENT HERE
703 ; TWEAK AMOUNT OF INFO SENT HERE
521
704
522 ## enables 404 error logging (default False)
705 ; enables 404 error logging (default False)
523 appenlight.report_404 = false
706 appenlight.report_404 = false
524
707
525 ## time in seconds after request is considered being slow (default 1)
708 ; time in seconds after request is considered being slow (default 1)
526 appenlight.slow_request_time = 1
709 appenlight.slow_request_time = 1
527
710
528 ## record slow requests in application
711 ; record slow requests in application
529 ## (needs to be enabled for slow datastore recording and time tracking)
712 ; (needs to be enabled for slow datastore recording and time tracking)
530 appenlight.slow_requests = true
713 appenlight.slow_requests = true
531
714
532 ## enable hooking to application loggers
715 ; enable hooking to application loggers
533 appenlight.logging = true
716 appenlight.logging = true
534
717
535 ## minimum log level for log capture
718 ; minimum log level for log capture
536 appenlight.logging.level = WARNING
719 appenlight.logging.level = WARNING
537
720
538 ## send logs only from erroneous/slow requests
721 ; send logs only from erroneous/slow requests
539 ## (saves API quota for intensive logging)
722 ; (saves API quota for intensive logging)
540 appenlight.logging_on_error = false
723 appenlight.logging_on_error = false
541
724
542 ## list of additional keywords that should be grabbed from environ object
725 ; list of additional keywords that should be grabbed from environ object
543 ## can be string with comma separated list of words in lowercase
726 ; can be string with comma separated list of words in lowercase
544 ## (by default client will always send following info:
727 ; (by default client will always send following info:
545 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
728 ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
546 ## start with HTTP* this list be extended with additional keywords here
729 ; start with HTTP* this list be extended with additional keywords here
547 appenlight.environ_keys_whitelist =
730 appenlight.environ_keys_whitelist =
548
731
549 ## list of keywords that should be blanked from request object
732 ; list of keywords that should be blanked from request object
550 ## can be string with comma separated list of words in lowercase
733 ; can be string with comma separated list of words in lowercase
551 ## (by default client will always blank keys that contain following words
734 ; (by default client will always blank keys that contain following words
552 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
735 ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
553 ## this list be extended with additional keywords set here
736 ; this list be extended with additional keywords set here
554 appenlight.request_keys_blacklist =
737 appenlight.request_keys_blacklist =
555
738
556 ## list of namespaces that should be ignores when gathering log entries
739 ; list of namespaces that should be ignores when gathering log entries
557 ## can be string with comma separated list of namespaces
740 ; can be string with comma separated list of namespaces
558 ## (by default the client ignores own entries: appenlight_client.client)
741 ; (by default the client ignores own entries: appenlight_client.client)
559 appenlight.log_namespace_blacklist =
742 appenlight.log_namespace_blacklist =
560
743
561 # enable debug style page
744 ; Dummy marker to add new entries after.
562 debug_style = true
745 ; Add any custom entries below. Please don't remove this marker.
563
564 ###########################################
565 ### MAIN RHODECODE DATABASE CONFIG ###
566 ###########################################
567 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
568 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
569 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
570 # pymysql is an alternative driver for MySQL, use in case of problems with default one
571 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
572
573 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
574
575 # see sqlalchemy docs for other advanced settings
576
577 ## print the sql statements to output
578 sqlalchemy.db1.echo = false
579 ## recycle the connections after this amount of seconds
580 sqlalchemy.db1.pool_recycle = 3600
581
582 ## the number of connections to keep open inside the connection pool.
583 ## 0 indicates no limit
584 #sqlalchemy.db1.pool_size = 5
585
586 ## the number of connections to allow in connection pool "overflow", that is
587 ## connections that can be opened above and beyond the pool_size setting,
588 ## which defaults to five.
589 #sqlalchemy.db1.max_overflow = 10
590
591 ## Connection check ping, used to detect broken database connections
592 ## could be enabled to better handle cases if MySQL has gone away errors
593 #sqlalchemy.db1.ping_connection = true
594
595 ##################
596 ### VCS CONFIG ###
597 ##################
598 vcs.server.enable = true
599 vcs.server = localhost:9900
600
601 ## Web server connectivity protocol, responsible for web based VCS operations
602 ## Available protocols are:
603 ## `http` - use http-rpc backend (default)
604 vcs.server.protocol = http
605
606 ## Push/Pull operations protocol, available options are:
607 ## `http` - use http-rpc backend (default)
608 vcs.scm_app_implementation = http
609
610 ## Push/Pull operations hooks protocol, available options are:
611 ## `http` - use http-rpc backend (default)
612 vcs.hooks.protocol = http
613
614 ## Host on which this instance is listening for hooks. If vcsserver is in other location
615 ## this should be adjusted.
616 vcs.hooks.host = 127.0.0.1
617
618 vcs.server.log_level = debug
619 ## Start VCSServer with this instance as a subprocess, useful for development
620 vcs.start_server = false
621
622 ## List of enabled VCS backends, available options are:
623 ## `hg` - mercurial
624 ## `git` - git
625 ## `svn` - subversion
626 vcs.backends = hg, git, svn
627
628 vcs.connection_timeout = 3600
629 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
630 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
631 #vcs.svn.compatible_version = pre-1.8-compatible
632
633
634 ############################################################
635 ### Subversion proxy support (mod_dav_svn) ###
636 ### Maps RhodeCode repo groups into SVN paths for Apache ###
637 ############################################################
638 ## Enable or disable the config file generation.
639 svn.proxy.generate_config = false
640 ## Generate config file with `SVNListParentPath` set to `On`.
641 svn.proxy.list_parent_path = true
642 ## Set location and file name of generated config file.
643 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
644 ## alternative mod_dav config template. This needs to be a mako template
645 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
646 ## Used as a prefix to the `Location` block in the generated config file.
647 ## In most cases it should be set to `/`.
648 svn.proxy.location_root = /
649 ## Command to reload the mod dav svn configuration on change.
650 ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
651 ## Make sure user who runs RhodeCode process is allowed to reload Apache
652 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
653 ## If the timeout expires before the reload command finishes, the command will
654 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
655 #svn.proxy.reload_timeout = 10
656
657 ############################################################
658 ### SSH Support Settings ###
659 ############################################################
660
661 ## Defines if a custom authorized_keys file should be created and written on
662 ## any change user ssh keys. Setting this to false also disables possibility
663 ## of adding SSH keys by users from web interface. Super admins can still
664 ## manage SSH Keys.
665 ssh.generate_authorized_keyfile = false
666
667 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
668 # ssh.authorized_keys_ssh_opts =
669
670 ## Path to the authorized_keys file where the generate entries are placed.
671 ## It is possible to have multiple key files specified in `sshd_config` e.g.
672 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
673 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
674
675 ## Command to execute the SSH wrapper. The binary is available in the
676 ## RhodeCode installation directory.
677 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
678 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
679
680 ## Allow shell when executing the ssh-wrapper command
681 ssh.wrapper_cmd_allow_shell = false
682
683 ## Enables logging, and detailed output send back to the client during SSH
684 ## operations. Useful for debugging, shouldn't be used in production.
685 ssh.enable_debug_logging = true
686
687 ## Paths to binary executable, by default they are the names, but we can
688 ## override them if we want to use a custom one
689 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
690 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
691 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
692
693 ## Enables SSH key generator web interface. Disabling this still allows users
694 ## to add their own keys.
695 ssh.enable_ui_key_generator = true
696
697
698 ## Dummy marker to add new entries after.
699 ## Add any custom entries below. Please don't remove.
700 custom.conf = 1
746 custom.conf = 1
701
747
702
748
703 ################################
749 ; #####################
704 ### LOGGING CONFIGURATION ####
750 ; LOGGING CONFIGURATION
705 ################################
751 ; #####################
706 [loggers]
752 [loggers]
707 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
753 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
708
754
@@ -712,9 +758,9 b' keys = console, console_sql'
712 [formatters]
758 [formatters]
713 keys = generic, color_formatter, color_formatter_sql
759 keys = generic, color_formatter, color_formatter_sql
714
760
715 #############
761 ; #######
716 ## LOGGERS ##
762 ; LOGGERS
717 #############
763 ; #######
718 [logger_root]
764 [logger_root]
719 level = NOTSET
765 level = NOTSET
720 handlers = console
766 handlers = console
@@ -749,9 +795,9 b' handlers ='
749 qualname = celery
795 qualname = celery
750
796
751
797
752 ##############
798 ; ########
753 ## HANDLERS ##
799 ; HANDLERS
754 ##############
800 ; ########
755
801
756 [handler_console]
802 [handler_console]
757 class = StreamHandler
803 class = StreamHandler
@@ -760,17 +806,17 b' level = DEBUG'
760 formatter = color_formatter
806 formatter = color_formatter
761
807
762 [handler_console_sql]
808 [handler_console_sql]
763 # "level = DEBUG" logs SQL queries and results.
809 ; "level = DEBUG" logs SQL queries and results.
764 # "level = INFO" logs SQL queries.
810 ; "level = INFO" logs SQL queries.
765 # "level = WARN" logs neither. (Recommended for production systems.)
811 ; "level = WARN" logs neither. (Recommended for production systems.)
766 class = StreamHandler
812 class = StreamHandler
767 args = (sys.stderr, )
813 args = (sys.stderr, )
768 level = WARN
814 level = WARN
769 formatter = color_formatter_sql
815 formatter = color_formatter_sql
770
816
771 ################
817 ; ##########
772 ## FORMATTERS ##
818 ; FORMATTERS
773 ################
819 ; ##########
774
820
775 [formatter_generic]
821 [formatter_generic]
776 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
822 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
This diff has been collapsed as it changes many lines, (875 lines changed) Show them Hide them
@@ -1,24 +1,22 b''
1
1 ## -*- coding: utf-8 -*-
2
2
3 ################################################################################
3 ; #########################################
4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
4 ; RHODECODE COMMUNITY EDITION CONFIGURATION
5 ################################################################################
5 ; #########################################
6
6
7 [DEFAULT]
7 [DEFAULT]
8 ## Debug flag sets all loggers to debug, and enables request tracking
8 ; Debug flag sets all loggers to debug, and enables request tracking
9 debug = false
9 debug = false
10
10
11 ################################################################################
11 ; ########################################################################
12 ## EMAIL CONFIGURATION ##
12 ; EMAIL CONFIGURATION
13 ## Uncomment and replace with the email address which should receive ##
13 ; These settings will be used by the RhodeCode mailing system
14 ## any error reports after an application crash ##
14 ; ########################################################################
15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 ################################################################################
17
15
18 ## prefix all emails subjects with given prefix, helps filtering out emails
16 ; prefix all emails subjects with given prefix, helps filtering out emails
19 #email_prefix = [RhodeCode]
17 #email_prefix = [RhodeCode]
20
18
21 ## email FROM address all mails will be sent
19 ; email FROM address all mails will be sent
22 #app_email_from = rhodecode-noreply@localhost
20 #app_email_from = rhodecode-noreply@localhost
23
21
24 #smtp_server = mail.server.com
22 #smtp_server = mail.server.com
@@ -29,207 +27,200 b' debug = false'
29 #smtp_use_ssl = true
27 #smtp_use_ssl = true
30
28
31 [server:main]
29 [server:main]
32 ## COMMON ##
30 ; COMMON HOST/IP CONFIG
33 host = 127.0.0.1
31 host = 127.0.0.1
34 port = 5000
32 port = 5000
35
33
36 ###########################################################
37 ## WAITRESS WSGI SERVER - Recommended for Development ####
38 ###########################################################
39
34
40 #use = egg:waitress#main
35 ; ###########################
41 ## number of worker threads
36 ; GUNICORN APPLICATION SERVER
42 #threads = 5
37 ; ###########################
43 ## MAX BODY SIZE 100GB
44 #max_request_body_size = 107374182400
45 ## Use poll instead of select, fixes file descriptors limits problems.
46 ## May not work on old windows systems.
47 #asyncore_use_poll = true
48
38
39 ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
49
40
50 ##########################
41 ; Module to use, this setting shouldn't be changed
51 ## GUNICORN WSGI SERVER ##
52 ##########################
53 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
54
55 use = egg:gunicorn#main
42 use = egg:gunicorn#main
56 ## Sets the number of process workers. More workers means more concurrent connections
43
57 ## RhodeCode can handle at the same time. Each additional worker also it increases
44 ; Sets the number of process workers. More workers means more concurrent connections
58 ## memory usage as each has it's own set of caches.
45 ; RhodeCode can handle at the same time. Each additional worker also it increases
59 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
46 ; memory usage as each has it's own set of caches.
60 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
47 ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
61 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
48 ; than 8-10 unless for really big deployments .e.g 700-1000 users.
62 ## when using more than 1 worker.
49 ; `instance_id = *` must be set in the [app:main] section below (which is the default)
50 ; when using more than 1 worker.
63 workers = 2
51 workers = 2
64
52
65 ## Gunicorn access log level
53 ; Gunicorn access log level
66 loglevel = info
54 loglevel = info
67
55
68 ## process name visible in process list
56 ; Process name visible in process list
69 proc_name = rhodecode
57 proc_name = rhodecode
70
58
71 ## type of worker class, one of sync, gevent
59 ; Type of worker class, one of `sync`, `gevent`
72 ## recommended for bigger setup is using of of other than sync one
60 ; Recommended type is `gevent`
73 worker_class = gevent
61 worker_class = gevent
74
62
75 ## The maximum number of simultaneous clients. Valid only for Gevent
63 ; The maximum number of simultaneous clients per worker. Valid only for gevent
76 worker_connections = 10
64 worker_connections = 10
77
65
78 ## max number of requests that worker will handle before being gracefully
66 ; Max number of requests that worker will handle before being gracefully restarted.
79 ## restarted, could prevent memory leaks
67 ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
80 max_requests = 1000
68 max_requests = 1000
81 max_requests_jitter = 30
69 max_requests_jitter = 30
82
70
83 ## amount of time a worker can spend with handling a request before it
71 ; Amount of time a worker can spend with handling a request before it
84 ## gets killed and restarted. Set to 6hrs
72 ; gets killed and restarted. By default set to 21600 (6hrs)
73 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
85 timeout = 21600
74 timeout = 21600
86
75
87 ## The maximum size of HTTP request line in bytes.
76 ; The maximum size of HTTP request line in bytes.
88 ## 0 for unlimited
77 ; 0 for unlimited
89 limit_request_line = 0
78 limit_request_line = 0
90
79
91 ## Limit the number of HTTP headers fields in a request.
80 ; Limit the number of HTTP headers fields in a request.
92 ## By default this value is 100 and can't be larger than 32768.
81 ; By default this value is 100 and can't be larger than 32768.
93 limit_request_fields = 32768
82 limit_request_fields = 32768
94
83
95 ## Limit the allowed size of an HTTP request header field.
84 ; Limit the allowed size of an HTTP request header field.
96 ## Value is a positive number or 0.
85 ; Value is a positive number or 0.
97 ## Setting it to 0 will allow unlimited header field sizes.
86 ; Setting it to 0 will allow unlimited header field sizes.
98 limit_request_field_size = 0
87 limit_request_field_size = 0
99
88
100 ## Timeout for graceful workers restart.
89 ; Timeout for graceful workers restart.
101 ## After receiving a restart signal, workers have this much time to finish
90 ; After receiving a restart signal, workers have this much time to finish
102 ## serving requests. Workers still alive after the timeout (starting from the
91 ; serving requests. Workers still alive after the timeout (starting from the
103 ## receipt of the restart signal) are force killed.
92 ; receipt of the restart signal) are force killed.
93 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
104 graceful_timeout = 3600
94 graceful_timeout = 3600
105
95
106 # The number of seconds to wait for requests on a Keep-Alive connection.
96 # The number of seconds to wait for requests on a Keep-Alive connection.
107 # Generally set in the 1-5 seconds range.
97 # Generally set in the 1-5 seconds range.
108 keepalive = 2
98 keepalive = 2
109
99
110 ## Maximum memory usage that each worker can use before it will receive a
100 ; Maximum memory usage that each worker can use before it will receive a
111 ## graceful restart signal, e.g 10MB = 10485760 (10 * 1024 * 1024)
101 ; graceful restart signal 0 = memory monitoring is disabled
112 # 0 = memory monitoring is disabled
102 ; Examples: 268435456 (256MB), 536870912 (512MB)
103 ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
113 memory_max_usage = 0
104 memory_max_usage = 0
114
105
115 ## How often in seconds to check for memory usage for each gunicorn worker
106 ; How often in seconds to check for memory usage for each gunicorn worker
116 memory_usage_check_interval = 60
107 memory_usage_check_interval = 60
117
108
118 ## Threshold value for which we don't recycle worker if GarbageCollection
109 ; Threshold value for which we don't recycle worker if GarbageCollection
119 ## frees up enough resources. Before each restart we try to run GC on worker
110 ; frees up enough resources. Before each restart we try to run GC on worker
120 ## in case we get enough free memory after that, restart will not happen.
111 ; in case we get enough free memory after that, restart will not happen.
121 memory_usage_recovery_threshold = 0.8
112 memory_usage_recovery_threshold = 0.8
122
113
123 ## prefix middleware for RhodeCode.
114
124 ## recommended when using proxy setup.
115 ; Prefix middleware for RhodeCode.
125 ## allows to set RhodeCode under a prefix in server.
116 ; recommended when using proxy setup.
126 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
117 ; allows to set RhodeCode under a prefix in server.
127 ## And set your prefix like: `prefix = /custom_prefix`
118 ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
128 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
119 ; And set your prefix like: `prefix = /custom_prefix`
129 ## to make your cookies only work on prefix url
120 ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
121 ; to make your cookies only work on prefix url
130 [filter:proxy-prefix]
122 [filter:proxy-prefix]
131 use = egg:PasteDeploy#prefix
123 use = egg:PasteDeploy#prefix
132 prefix = /
124 prefix = /
133
125
134 [app:main]
126 [app:main]
135 ## The %(here)s variable will be replaced with the absolute path of parent directory
127 ; The %(here)s variable will be replaced with the absolute path of parent directory
136 ## of this file
128 ; of this file
137 ## In addition ENVIRONMENT variables usage is possible, e.g
129 ; In addition ENVIRONMENT variables usage is possible, e.g
138 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
130 ; sqlalchemy.db1.url = {ENV_RC_DB_URL}
139
131
140 use = egg:rhodecode-enterprise-ce
132 use = egg:rhodecode-enterprise-ce
141
133
142 ## enable proxy prefix middleware, defined above
134 ; enable proxy prefix middleware, defined above
143 #filter-with = proxy-prefix
135 #filter-with = proxy-prefix
144
136
145 ## encryption key used to encrypt social plugin tokens,
137 ; encryption key used to encrypt social plugin tokens,
146 ## remote_urls with credentials etc, if not set it defaults to
138 ; remote_urls with credentials etc, if not set it defaults to
147 ## `beaker.session.secret`
139 ; `beaker.session.secret`
148 #rhodecode.encrypted_values.secret =
140 #rhodecode.encrypted_values.secret =
149
141
150 ## decryption strict mode (enabled by default). It controls if decryption raises
142 ; decryption strict mode (enabled by default). It controls if decryption raises
151 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
143 ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
152 #rhodecode.encrypted_values.strict = false
144 #rhodecode.encrypted_values.strict = false
153
145
154 ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
146 ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
155 ## fernet is safer, and we strongly recommend switching to it.
147 ; fernet is safer, and we strongly recommend switching to it.
156 ## Due to backward compatibility aes is used as default.
148 ; Due to backward compatibility aes is used as default.
157 #rhodecode.encrypted_values.algorithm = fernet
149 #rhodecode.encrypted_values.algorithm = fernet
158
150
159 ## return gzipped responses from RhodeCode (static files/application)
151 ; Return gzipped responses from RhodeCode (static files/application)
160 gzip_responses = false
152 gzip_responses = false
161
153
162 ## auto-generate javascript routes file on startup
154 ; Auto-generate javascript routes file on startup
163 generate_js_files = false
155 generate_js_files = false
164
156
165 ## System global default language.
157 ; System global default language.
166 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
158 ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
167 lang = en
159 lang = en
168
160
169 ## Perform a full repository scan and import on each server start.
161 ; Perform a full repository scan and import on each server start.
170 ## Settings this to true could lead to very long startup time.
162 ; Settings this to true could lead to very long startup time.
171 startup.import_repos = false
163 startup.import_repos = false
172
164
173 ## Uncomment and set this path to use archive download cache.
165 ; Uncomment and set this path to use archive download cache.
174 ## Once enabled, generated archives will be cached at this location
166 ; Once enabled, generated archives will be cached at this location
175 ## and served from the cache during subsequent requests for the same archive of
167 ; and served from the cache during subsequent requests for the same archive of
176 ## the repository.
168 ; the repository.
177 #archive_cache_dir = /tmp/tarballcache
169 #archive_cache_dir = /tmp/tarballcache
178
170
179 ## URL at which the application is running. This is used for Bootstrapping
171 ; URL at which the application is running. This is used for Bootstrapping
180 ## requests in context when no web request is available. Used in ishell, or
172 ; requests in context when no web request is available. Used in ishell, or
181 ## SSH calls. Set this for events to receive proper url for SSH calls.
173 ; SSH calls. Set this for events to receive proper url for SSH calls.
182 app.base_url = http://rhodecode.local
174 app.base_url = http://rhodecode.local
183
175
184 ## Unique application ID. Should be a random unique string for security.
176 ; Unique application ID. Should be a random unique string for security.
185 app_instance_uuid = rc-production
177 app_instance_uuid = rc-production
186
178
187 ## Cut off limit for large diffs (size in bytes). If overall diff size on
179 ; Cut off limit for large diffs (size in bytes). If overall diff size on
188 ## commit, or pull request exceeds this limit this diff will be displayed
180 ; commit, or pull request exceeds this limit this diff will be displayed
189 ## partially. E.g 512000 == 512Kb
181 ; partially. E.g 512000 == 512Kb
190 cut_off_limit_diff = 512000
182 cut_off_limit_diff = 512000
191
183
192 ## Cut off limit for large files inside diffs (size in bytes). Each individual
184 ; Cut off limit for large files inside diffs (size in bytes). Each individual
193 ## file inside diff which exceeds this limit will be displayed partially.
185 ; file inside diff which exceeds this limit will be displayed partially.
194 ## E.g 128000 == 128Kb
186 ; E.g 128000 == 128Kb
195 cut_off_limit_file = 128000
187 cut_off_limit_file = 128000
196
188
197 ## use cached version of vcs repositories everywhere. Recommended to be `true`
189 ; Use cached version of vcs repositories everywhere. Recommended to be `true`
198 vcs_full_cache = true
190 vcs_full_cache = true
199
191
200 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
192 ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
201 ## Normally this is controlled by proper http flags sent from http server
193 ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
202 force_https = false
194 force_https = false
203
195
204 ## use Strict-Transport-Security headers
196 ; use Strict-Transport-Security headers
205 use_htsts = false
197 use_htsts = false
206
198
207 # Set to true if your repos are exposed using the dumb protocol
199 ; Set to true if your repos are exposed using the dumb protocol
208 git_update_server_info = false
200 git_update_server_info = false
209
201
210 ## RSS/ATOM feed options
202 ; RSS/ATOM feed options
211 rss_cut_off_limit = 256000
203 rss_cut_off_limit = 256000
212 rss_items_per_page = 10
204 rss_items_per_page = 10
213 rss_include_diff = false
205 rss_include_diff = false
214
206
215 ## gist URL alias, used to create nicer urls for gist. This should be an
207 ; gist URL alias, used to create nicer urls for gist. This should be an
216 ## url that does rewrites to _admin/gists/{gistid}.
208 ; url that does rewrites to _admin/gists/{gistid}.
217 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
209 ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
218 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
210 ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
219 gist_alias_url =
211 gist_alias_url =
220
212
221 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
213 ; List of views (using glob pattern syntax) that AUTH TOKENS could be
222 ## used for access.
214 ; used for access.
223 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
215 ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
224 ## came from the the logged in user who own this authentication token.
216 ; came from the the logged in user who own this authentication token.
225 ## Additionally @TOKEN syntax can be used to bound the view to specific
217 ; Additionally @TOKEN syntax can be used to bound the view to specific
226 ## authentication token. Such view would be only accessible when used together
218 ; authentication token. Such view would be only accessible when used together
227 ## with this authentication token
219 ; with this authentication token
228 ##
220 ; list of all views can be found under `/_admin/permissions/auth_token_access`
229 ## list of all views can be found under `/_admin/permissions/auth_token_access`
221 ; The list should be "," separated and on a single line.
230 ## The list should be "," separated and on a single line.
222 ; Most common views to enable:
231 ##
223
232 ## Most common views to enable:
233 # RepoCommitsView:repo_commit_download
224 # RepoCommitsView:repo_commit_download
234 # RepoCommitsView:repo_commit_patch
225 # RepoCommitsView:repo_commit_patch
235 # RepoCommitsView:repo_commit_raw
226 # RepoCommitsView:repo_commit_raw
@@ -240,173 +231,190 b' gist_alias_url ='
240 # GistView:*
231 # GistView:*
241 api_access_controllers_whitelist =
232 api_access_controllers_whitelist =
242
233
243 ## Default encoding used to convert from and to unicode
234 ; Default encoding used to convert from and to unicode
244 ## can be also a comma separated list of encoding in case of mixed encodings
235 ; can be also a comma separated list of encoding in case of mixed encodings
245 default_encoding = UTF-8
236 default_encoding = UTF-8
246
237
247 ## instance-id prefix
238 ; instance-id prefix
248 ## a prefix key for this instance used for cache invalidation when running
239 ; a prefix key for this instance used for cache invalidation when running
249 ## multiple instances of RhodeCode, make sure it's globally unique for
240 ; multiple instances of RhodeCode, make sure it's globally unique for
250 ## all running RhodeCode instances. Leave empty if you don't use it
241 ; all running RhodeCode instances. Leave empty if you don't use it
251 instance_id =
242 instance_id =
252
243
253 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
244 ; Fallback authentication plugin. Set this to a plugin ID to force the usage
254 ## of an authentication plugin also if it is disabled by it's settings.
245 ; of an authentication plugin also if it is disabled by it's settings.
255 ## This could be useful if you are unable to log in to the system due to broken
246 ; This could be useful if you are unable to log in to the system due to broken
256 ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
247 ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
257 ## module to log in again and fix the settings.
248 ; module to log in again and fix the settings.
258 ##
249 ; Available builtin plugin IDs (hash is part of the ID):
259 ## Available builtin plugin IDs (hash is part of the ID):
250 ; egg:rhodecode-enterprise-ce#rhodecode
260 ## egg:rhodecode-enterprise-ce#rhodecode
251 ; egg:rhodecode-enterprise-ce#pam
261 ## egg:rhodecode-enterprise-ce#pam
252 ; egg:rhodecode-enterprise-ce#ldap
262 ## egg:rhodecode-enterprise-ce#ldap
253 ; egg:rhodecode-enterprise-ce#jasig_cas
263 ## egg:rhodecode-enterprise-ce#jasig_cas
254 ; egg:rhodecode-enterprise-ce#headers
264 ## egg:rhodecode-enterprise-ce#headers
255 ; egg:rhodecode-enterprise-ce#crowd
265 ## egg:rhodecode-enterprise-ce#crowd
256
266 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
257 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
267
258
268 ## Flag to control loading of legacy plugins in py:/path format
259 ; Flag to control loading of legacy plugins in py:/path format
269 auth_plugin.import_legacy_plugins = true
260 auth_plugin.import_legacy_plugins = true
270
261
271 ## alternative return HTTP header for failed authentication. Default HTTP
262 ; alternative return HTTP header for failed authentication. Default HTTP
272 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
263 ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
273 ## handling that causing a series of failed authentication calls.
264 ; handling that causing a series of failed authentication calls.
274 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
265 ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
275 ## This will be served instead of default 401 on bad authentication
266 ; This will be served instead of default 401 on bad authentication
276 auth_ret_code =
267 auth_ret_code =
277
268
278 ## use special detection method when serving auth_ret_code, instead of serving
269 ; use special detection method when serving auth_ret_code, instead of serving
279 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
270 ; ret_code directly, use 401 initially (Which triggers credentials prompt)
280 ## and then serve auth_ret_code to clients
271 ; and then serve auth_ret_code to clients
281 auth_ret_code_detection = false
272 auth_ret_code_detection = false
282
273
283 ## locking return code. When repository is locked return this HTTP code. 2XX
274 ; locking return code. When repository is locked return this HTTP code. 2XX
284 ## codes don't break the transactions while 4XX codes do
275 ; codes don't break the transactions while 4XX codes do
285 lock_ret_code = 423
276 lock_ret_code = 423
286
277
287 ## allows to change the repository location in settings page
278 ; allows to change the repository location in settings page
288 allow_repo_location_change = true
279 allow_repo_location_change = true
289
280
290 ## allows to setup custom hooks in settings page
281 ; allows to setup custom hooks in settings page
291 allow_custom_hooks_settings = true
282 allow_custom_hooks_settings = true
292
283
293 ## Generated license token required for EE edition license.
284 ; Generated license token required for EE edition license.
294 ## New generated token value can be found in Admin > settings > license page.
285 ; New generated token value can be found in Admin > settings > license page.
295 license_token =
286 license_token =
296
287
297 ## This flag would hide sensitive information on the license page
288 ; This flag hides sensitive information on the license page such as token, and license data
298 license.hide_license_info = false
289 license.hide_license_info = false
299
290
300 ## supervisor connection uri, for managing supervisor and logs.
291 ; supervisor connection uri, for managing supervisor and logs.
301 supervisor.uri =
292 supervisor.uri =
302 ## supervisord group name/id we only want this RC instance to handle
293
294 ; supervisord group name/id we only want this RC instance to handle
303 supervisor.group_id = prod
295 supervisor.group_id = prod
304
296
305 ## Display extended labs settings
297 ; Display extended labs settings
306 labs_settings_active = true
298 labs_settings_active = true
307
299
308 ## Custom exception store path, defaults to TMPDIR
300 ; Custom exception store path, defaults to TMPDIR
309 ## This is used to store exception from RhodeCode in shared directory
301 ; This is used to store exception from RhodeCode in shared directory
310 #exception_tracker.store_path =
302 #exception_tracker.store_path =
311
303
312 ## File store configuration. This is used to store and serve uploaded files
304 ; File store configuration. This is used to store and serve uploaded files
313 file_store.enabled = true
305 file_store.enabled = true
314 ## Storage backend, available options are: local
306
307 ; Storage backend, available options are: local
315 file_store.backend = local
308 file_store.backend = local
316 ## path to store the uploaded binaries
309
310 ; path to store the uploaded binaries
317 file_store.storage_path = %(here)s/data/file_store
311 file_store.storage_path = %(here)s/data/file_store
318
312
319
313
320 ####################################
314 ; #############
321 ### CELERY CONFIG ####
315 ; CELERY CONFIG
322 ####################################
316 ; #############
323 ## run: /path/to/celery worker \
317
324 ## -E --beat --app rhodecode.lib.celerylib.loader \
318 ; manually run celery: /path/to/celery worker -E --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
325 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
326 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
327
319
328 use_celery = false
320 use_celery = false
329
321
330 ## connection url to the message broker (default redis)
322 ; connection url to the message broker (default redis)
331 celery.broker_url = redis://localhost:6379/8
323 celery.broker_url = redis://localhost:6379/8
332
324
333 ## rabbitmq example
325 ; rabbitmq example
334 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
326 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
335
327
336 ## maximum tasks to execute before worker restart
328 ; maximum tasks to execute before worker restart
337 celery.max_tasks_per_child = 100
329 celery.max_tasks_per_child = 100
338
330
339 ## tasks will never be sent to the queue, but executed locally instead.
331 ; tasks will never be sent to the queue, but executed locally instead.
340 celery.task_always_eager = false
332 celery.task_always_eager = false
341
333
342 #####################################
334 ; #############
343 ### DOGPILE CACHE ####
335 ; DOGPILE CACHE
344 #####################################
336 ; #############
345 ## Default cache dir for caches. Putting this into a ramdisk
337
346 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
338 ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
347 ## large amount of space
339 ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
348 cache_dir = %(here)s/data
340 cache_dir = %(here)s/data
349
341
350 ## `cache_perms` cache settings for permission tree, auth TTL.
342 ; *********************************************
343 ; `sql_cache_short` cache for heavy SQL queries
344 ; Only supported backend is `memory_lru`
345 ; *********************************************
346 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
347 rc_cache.sql_cache_short.expiration_time = 30
348
349
350 ; *****************************************************
351 ; `cache_repo_longterm` cache for repo object instances
352 ; Only supported backend is `memory_lru`
353 ; *****************************************************
354 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
355 ; by default we use 30 Days, cache is still invalidated on push
356 rc_cache.cache_repo_longterm.expiration_time = 2592000
357 ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
358 rc_cache.cache_repo_longterm.max_size = 10000
359
360
361 ; *************************************************
362 ; `cache_perms` cache for permission tree, auth TTL
363 ; *************************************************
351 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
364 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
352 rc_cache.cache_perms.expiration_time = 300
365 rc_cache.cache_perms.expiration_time = 300
353
366
354 ## alternative `cache_perms` redis backend with distributed lock
367 ; alternative `cache_perms` redis backend with distributed lock
355 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
368 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
356 #rc_cache.cache_perms.expiration_time = 300
369 #rc_cache.cache_perms.expiration_time = 300
357 ## redis_expiration_time needs to be greater then expiration_time
370
371 ; redis_expiration_time needs to be greater then expiration_time
358 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
372 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
359 #rc_cache.cache_perms.arguments.socket_timeout = 30
373
360 #rc_cache.cache_perms.arguments.host = localhost
374 #rc_cache.cache_perms.arguments.host = localhost
361 #rc_cache.cache_perms.arguments.port = 6379
375 #rc_cache.cache_perms.arguments.port = 6379
362 #rc_cache.cache_perms.arguments.db = 0
376 #rc_cache.cache_perms.arguments.db = 0
363 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
377 #rc_cache.cache_perms.arguments.socket_timeout = 30
378 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
364 #rc_cache.cache_perms.arguments.distributed_lock = true
379 #rc_cache.cache_perms.arguments.distributed_lock = true
365
380
366 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
381
382 ; ***************************************************
383 ; `cache_repo` cache for file tree, Readme, RSS FEEDS
384 ; ***************************************************
367 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
385 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
368 rc_cache.cache_repo.expiration_time = 2592000
386 rc_cache.cache_repo.expiration_time = 2592000
369
387
370 ## alternative `cache_repo` redis backend with distributed lock
388 ; alternative `cache_repo` redis backend with distributed lock
371 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
389 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
372 #rc_cache.cache_repo.expiration_time = 2592000
390 #rc_cache.cache_repo.expiration_time = 2592000
373 ## redis_expiration_time needs to be greater then expiration_time
391
392 ; redis_expiration_time needs to be greater then expiration_time
374 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
393 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
375 #rc_cache.cache_repo.arguments.socket_timeout = 30
394
376 #rc_cache.cache_repo.arguments.host = localhost
395 #rc_cache.cache_repo.arguments.host = localhost
377 #rc_cache.cache_repo.arguments.port = 6379
396 #rc_cache.cache_repo.arguments.port = 6379
378 #rc_cache.cache_repo.arguments.db = 1
397 #rc_cache.cache_repo.arguments.db = 1
379 ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
398 #rc_cache.cache_repo.arguments.socket_timeout = 30
399 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
380 #rc_cache.cache_repo.arguments.distributed_lock = true
400 #rc_cache.cache_repo.arguments.distributed_lock = true
381
401
382 ## cache settings for SQL queries, this needs to use memory type backend
383 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
384 rc_cache.sql_cache_short.expiration_time = 30
385
402
386 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
403 ; ##############
387 ## type backend as the objects kept are not pickle serializable
404 ; BEAKER SESSION
388 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
405 ; ##############
389 ## by default we use 96H, this is using invalidation on push anyway
390 rc_cache.cache_repo_longterm.expiration_time = 345600
391 ## max items in LRU cache, reduce this number to save memory, and expire last used
392 ## cached objects
393 rc_cache.cache_repo_longterm.max_size = 10000
394
406
395
407 ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
396 ####################################
408 ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
397 ### BEAKER SESSION ####
409 ; Fastest ones are Redis and ext:database
398 ####################################
399
400 ## .session.type is type of storage options for the session, current allowed
401 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
402 beaker.session.type = file
410 beaker.session.type = file
403 beaker.session.data_dir = %(here)s/data/sessions
411 beaker.session.data_dir = %(here)s/data/sessions
404
412
405 ## redis sessions
413 ; Redis based sessions
406 #beaker.session.type = ext:redis
414 #beaker.session.type = ext:redis
407 #beaker.session.url = redis://127.0.0.1:6379/2
415 #beaker.session.url = redis://127.0.0.1:6379/2
408
416
409 ## db based session, fast, and allows easy management over logged in users
417 ; DB based session, fast, and allows easy management over logged in users
410 #beaker.session.type = ext:database
418 #beaker.session.type = ext:database
411 #beaker.session.table_name = db_session
419 #beaker.session.table_name = db_session
412 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
420 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
@@ -418,268 +426,275 b' beaker.session.key = rhodecode'
418 beaker.session.secret = production-rc-uytcxaz
426 beaker.session.secret = production-rc-uytcxaz
419 beaker.session.lock_dir = %(here)s/data/sessions/lock
427 beaker.session.lock_dir = %(here)s/data/sessions/lock
420
428
421 ## Secure encrypted cookie. Requires AES and AES python libraries
429 ; Secure encrypted cookie. Requires AES and AES python libraries
422 ## you must disable beaker.session.secret to use this
430 ; you must disable beaker.session.secret to use this
423 #beaker.session.encrypt_key = key_for_encryption
431 #beaker.session.encrypt_key = key_for_encryption
424 #beaker.session.validate_key = validation_key
432 #beaker.session.validate_key = validation_key
425
433
426 ## sets session as invalid(also logging out user) if it haven not been
434 ; Sets session as invalid (also logging out user) if it haven not been
427 ## accessed for given amount of time in seconds
435 ; accessed for given amount of time in seconds
428 beaker.session.timeout = 2592000
436 beaker.session.timeout = 2592000
429 beaker.session.httponly = true
437 beaker.session.httponly = true
430 ## Path to use for the cookie. Set to prefix if you use prefix middleware
438
439 ; Path to use for the cookie. Set to prefix if you use prefix middleware
431 #beaker.session.cookie_path = /custom_prefix
440 #beaker.session.cookie_path = /custom_prefix
432
441
433 ## uncomment for https secure cookie
442 ; Set https secure cookie
434 beaker.session.secure = false
443 beaker.session.secure = false
435
444
436 ## auto save the session to not to use .save()
445 ; default cookie expiration time in seconds, set to `true` to set expire
437 beaker.session.auto = false
446 ; at browser close
438
439 ## default cookie expiration time in seconds, set to `true` to set expire
440 ## at browser close
441 #beaker.session.cookie_expires = 3600
447 #beaker.session.cookie_expires = 3600
442
448
443 ###################################
449 ; #############################
444 ## SEARCH INDEXING CONFIGURATION ##
450 ; SEARCH INDEXING CONFIGURATION
445 ###################################
451 ; #############################
446 ## Full text search indexer is available in rhodecode-tools under
447 ## `rhodecode-tools index` command
448
452
449 ## WHOOSH Backend, doesn't require additional services to run
453 ; Full text search indexer is available in rhodecode-tools under
450 ## it works good with few dozen repos
454 ; `rhodecode-tools index` command
455
456 ; WHOOSH Backend, doesn't require additional services to run
457 ; it works good with few dozen repos
451 search.module = rhodecode.lib.index.whoosh
458 search.module = rhodecode.lib.index.whoosh
452 search.location = %(here)s/data/index
459 search.location = %(here)s/data/index
453
460
454 ########################################
461 ; ####################
455 ### CHANNELSTREAM CONFIG ####
462 ; CHANNELSTREAM CONFIG
456 ########################################
463 ; ####################
457 ## channelstream enables persistent connections and live notification
464
458 ## in the system. It's also used by the chat system
465 ; channelstream enables persistent connections and live notification
466 ; in the system. It's also used by the chat system
459
467
460 channelstream.enabled = false
468 channelstream.enabled = false
461
469
462 ## server address for channelstream server on the backend
470 ; server address for channelstream server on the backend
463 channelstream.server = 127.0.0.1:9800
471 channelstream.server = 127.0.0.1:9800
464
472
465 ## location of the channelstream server from outside world
473 ; location of the channelstream server from outside world
466 ## use ws:// for http or wss:// for https. This address needs to be handled
474 ; use ws:// for http or wss:// for https. This address needs to be handled
467 ## by external HTTP server such as Nginx or Apache
475 ; by external HTTP server such as Nginx or Apache
468 ## see Nginx/Apache configuration examples in our docs
476 ; see Nginx/Apache configuration examples in our docs
469 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
477 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
470 channelstream.secret = secret
478 channelstream.secret = secret
471 channelstream.history.location = %(here)s/channelstream_history
479 channelstream.history.location = %(here)s/channelstream_history
472
480
473 ## Internal application path that Javascript uses to connect into.
481 ; Internal application path that Javascript uses to connect into.
474 ## If you use proxy-prefix the prefix should be added before /_channelstream
482 ; If you use proxy-prefix the prefix should be added before /_channelstream
475 channelstream.proxy_path = /_channelstream
483 channelstream.proxy_path = /_channelstream
476
484
477 ## Live chat for commits/pull requests. Requires CHANNELSTREAM to be enabled
485
478 ## and configured. (EE edition only)
486 ; ##############################
479 chat.enabled = true
487 ; MAIN RHODECODE DATABASE CONFIG
488 ; ##############################
489
490 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
491 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
492 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
493 ; pymysql is an alternative driver for MySQL, use in case of problems with default one
494 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
495
496 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
497
498 ; see sqlalchemy docs for other advanced settings
499 ; print the sql statements to output
500 sqlalchemy.db1.echo = false
501
502 ; recycle the connections after this amount of seconds
503 sqlalchemy.db1.pool_recycle = 3600
504 sqlalchemy.db1.convert_unicode = true
505
506 ; the number of connections to keep open inside the connection pool.
507 ; 0 indicates no limit
508 #sqlalchemy.db1.pool_size = 5
509
510 ; The number of connections to allow in connection pool "overflow", that is
511 ; connections that can be opened above and beyond the pool_size setting,
512 ; which defaults to five.
513 #sqlalchemy.db1.max_overflow = 10
514
515 ; Connection check ping, used to detect broken database connections
516 ; could be enabled to better handle cases if MySQL has gone away errors
517 #sqlalchemy.db1.ping_connection = true
518
519 ; ##########
520 ; VCS CONFIG
521 ; ##########
522 vcs.server.enable = true
523 vcs.server = localhost:9900
524
525 ; Web server connectivity protocol, responsible for web based VCS operations
526 ; Available protocols are:
527 ; `http` - use http-rpc backend (default)
528 vcs.server.protocol = http
529
530 ; Push/Pull operations protocol, available options are:
531 ; `http` - use http-rpc backend (default)
532 vcs.scm_app_implementation = http
533
534 ; Push/Pull operations hooks protocol, available options are:
535 ; `http` - use http-rpc backend (default)
536 vcs.hooks.protocol = http
537
538 ; Host on which this instance is listening for hooks. If vcsserver is in other location
539 ; this should be adjusted.
540 vcs.hooks.host = 127.0.0.1
541
542 ; Start VCSServer with this instance as a subprocess, useful for development
543 vcs.start_server = false
544
545 ; List of enabled VCS backends, available options are:
546 ; `hg` - mercurial
547 ; `git` - git
548 ; `svn` - subversion
549 vcs.backends = hg, git, svn
550
551 ; Wait this number of seconds before killing connection to the vcsserver
552 vcs.connection_timeout = 3600
553
554 ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
555 ; Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
556 #vcs.svn.compatible_version = pre-1.8-compatible
480
557
481
558
482 ###################################
559 ; ####################################################
483 ## APPENLIGHT CONFIG ##
560 ; Subversion proxy support (mod_dav_svn)
484 ###################################
561 ; Maps RhodeCode repo groups into SVN paths for Apache
562 ; ####################################################
563
564 ; Enable or disable the config file generation.
565 svn.proxy.generate_config = false
566
567 ; Generate config file with `SVNListParentPath` set to `On`.
568 svn.proxy.list_parent_path = true
569
570 ; Set location and file name of generated config file.
571 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
572
573 ; alternative mod_dav config template. This needs to be a valid mako template
574 ; Example template can be found in the source code:
575 ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
576 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
577
578 ; Used as a prefix to the `Location` block in the generated config file.
579 ; In most cases it should be set to `/`.
580 svn.proxy.location_root = /
581
582 ; Command to reload the mod dav svn configuration on change.
583 ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
584 ; Make sure user who runs RhodeCode process is allowed to reload Apache
585 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
586
587 ; If the timeout expires before the reload command finishes, the command will
588 ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
589 #svn.proxy.reload_timeout = 10
590
591 ; ####################
592 ; SSH Support Settings
593 ; ####################
485
594
486 ## Appenlight is tailored to work with RhodeCode, see
595 ; Defines if a custom authorized_keys file should be created and written on
487 ## http://appenlight.com for details how to obtain an account
596 ; any change user ssh keys. Setting this to false also disables possibility
597 ; of adding SSH keys by users from web interface. Super admins can still
598 ; manage SSH Keys.
599 ssh.generate_authorized_keyfile = false
600
601 ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
602 # ssh.authorized_keys_ssh_opts =
603
604 ; Path to the authorized_keys file where the generate entries are placed.
605 ; It is possible to have multiple key files specified in `sshd_config` e.g.
606 ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
607 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
608
609 ; Command to execute the SSH wrapper. The binary is available in the
610 ; RhodeCode installation directory.
611 ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
612 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
613
614 ; Allow shell when executing the ssh-wrapper command
615 ssh.wrapper_cmd_allow_shell = false
488
616
489 ## Appenlight integration enabled
617 ; Enables logging, and detailed output send back to the client during SSH
618 ; operations. Useful for debugging, shouldn't be used in production.
619 ssh.enable_debug_logging = false
620
621 ; Paths to binary executable, by default they are the names, but we can
622 ; override them if we want to use a custom one
623 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
624 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
625 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
626
627 ; Enables SSH key generator web interface. Disabling this still allows users
628 ; to add their own keys.
629 ssh.enable_ui_key_generator = true
630
631
632 ; #################
633 ; APPENLIGHT CONFIG
634 ; #################
635
636 ; Appenlight is tailored to work with RhodeCode, see
637 ; http://appenlight.rhodecode.com for details how to obtain an account
638
639 ; Appenlight integration enabled
490 appenlight = false
640 appenlight = false
491
641
492 appenlight.server_url = https://api.appenlight.com
642 appenlight.server_url = https://api.appenlight.com
493 appenlight.api_key = YOUR_API_KEY
643 appenlight.api_key = YOUR_API_KEY
494 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
644 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
495
645
496 ## used for JS client
646 ; used for JS client
497 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
647 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
498
648
499 ## TWEAK AMOUNT OF INFO SENT HERE
649 ; TWEAK AMOUNT OF INFO SENT HERE
500
650
501 ## enables 404 error logging (default False)
651 ; enables 404 error logging (default False)
502 appenlight.report_404 = false
652 appenlight.report_404 = false
503
653
504 ## time in seconds after request is considered being slow (default 1)
654 ; time in seconds after request is considered being slow (default 1)
505 appenlight.slow_request_time = 1
655 appenlight.slow_request_time = 1
506
656
507 ## record slow requests in application
657 ; record slow requests in application
508 ## (needs to be enabled for slow datastore recording and time tracking)
658 ; (needs to be enabled for slow datastore recording and time tracking)
509 appenlight.slow_requests = true
659 appenlight.slow_requests = true
510
660
511 ## enable hooking to application loggers
661 ; enable hooking to application loggers
512 appenlight.logging = true
662 appenlight.logging = true
513
663
514 ## minimum log level for log capture
664 ; minimum log level for log capture
515 appenlight.logging.level = WARNING
665 appenlight.logging.level = WARNING
516
666
517 ## send logs only from erroneous/slow requests
667 ; send logs only from erroneous/slow requests
518 ## (saves API quota for intensive logging)
668 ; (saves API quota for intensive logging)
519 appenlight.logging_on_error = false
669 appenlight.logging_on_error = false
520
670
521 ## list of additional keywords that should be grabbed from environ object
671 ; list of additional keywords that should be grabbed from environ object
522 ## can be string with comma separated list of words in lowercase
672 ; can be string with comma separated list of words in lowercase
523 ## (by default client will always send following info:
673 ; (by default client will always send following info:
524 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
674 ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
525 ## start with HTTP* this list be extended with additional keywords here
675 ; start with HTTP* this list be extended with additional keywords here
526 appenlight.environ_keys_whitelist =
676 appenlight.environ_keys_whitelist =
527
677
528 ## list of keywords that should be blanked from request object
678 ; list of keywords that should be blanked from request object
529 ## can be string with comma separated list of words in lowercase
679 ; can be string with comma separated list of words in lowercase
530 ## (by default client will always blank keys that contain following words
680 ; (by default client will always blank keys that contain following words
531 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
681 ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
532 ## this list be extended with additional keywords set here
682 ; this list be extended with additional keywords set here
533 appenlight.request_keys_blacklist =
683 appenlight.request_keys_blacklist =
534
684
535 ## list of namespaces that should be ignores when gathering log entries
685 ; list of namespaces that should be ignores when gathering log entries
536 ## can be string with comma separated list of namespaces
686 ; can be string with comma separated list of namespaces
537 ## (by default the client ignores own entries: appenlight_client.client)
687 ; (by default the client ignores own entries: appenlight_client.client)
538 appenlight.log_namespace_blacklist =
688 appenlight.log_namespace_blacklist =
539
689
540
690 ; Dummy marker to add new entries after.
541 ###########################################
691 ; Add any custom entries below. Please don't remove this marker.
542 ### MAIN RHODECODE DATABASE CONFIG ###
543 ###########################################
544 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
545 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
546 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
547 # pymysql is an alternative driver for MySQL, use in case of problems with default one
548 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
549
550 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
551
552 # see sqlalchemy docs for other advanced settings
553
554 ## print the sql statements to output
555 sqlalchemy.db1.echo = false
556 ## recycle the connections after this amount of seconds
557 sqlalchemy.db1.pool_recycle = 3600
558
559 ## the number of connections to keep open inside the connection pool.
560 ## 0 indicates no limit
561 #sqlalchemy.db1.pool_size = 5
562
563 ## the number of connections to allow in connection pool "overflow", that is
564 ## connections that can be opened above and beyond the pool_size setting,
565 ## which defaults to five.
566 #sqlalchemy.db1.max_overflow = 10
567
568 ## Connection check ping, used to detect broken database connections
569 ## could be enabled to better handle cases if MySQL has gone away errors
570 #sqlalchemy.db1.ping_connection = true
571
572 ##################
573 ### VCS CONFIG ###
574 ##################
575 vcs.server.enable = true
576 vcs.server = localhost:9900
577
578 ## Web server connectivity protocol, responsible for web based VCS operations
579 ## Available protocols are:
580 ## `http` - use http-rpc backend (default)
581 vcs.server.protocol = http
582
583 ## Push/Pull operations protocol, available options are:
584 ## `http` - use http-rpc backend (default)
585 vcs.scm_app_implementation = http
586
587 ## Push/Pull operations hooks protocol, available options are:
588 ## `http` - use http-rpc backend (default)
589 vcs.hooks.protocol = http
590
591 ## Host on which this instance is listening for hooks. If vcsserver is in other location
592 ## this should be adjusted.
593 vcs.hooks.host = 127.0.0.1
594
595 vcs.server.log_level = info
596 ## Start VCSServer with this instance as a subprocess, useful for development
597 vcs.start_server = false
598
599 ## List of enabled VCS backends, available options are:
600 ## `hg` - mercurial
601 ## `git` - git
602 ## `svn` - subversion
603 vcs.backends = hg, git, svn
604
605 vcs.connection_timeout = 3600
606 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
607 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
608 #vcs.svn.compatible_version = pre-1.8-compatible
609
610
611 ############################################################
612 ### Subversion proxy support (mod_dav_svn) ###
613 ### Maps RhodeCode repo groups into SVN paths for Apache ###
614 ############################################################
615 ## Enable or disable the config file generation.
616 svn.proxy.generate_config = false
617 ## Generate config file with `SVNListParentPath` set to `On`.
618 svn.proxy.list_parent_path = true
619 ## Set location and file name of generated config file.
620 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
621 ## alternative mod_dav config template. This needs to be a mako template
622 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
623 ## Used as a prefix to the `Location` block in the generated config file.
624 ## In most cases it should be set to `/`.
625 svn.proxy.location_root = /
626 ## Command to reload the mod dav svn configuration on change.
627 ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
628 ## Make sure user who runs RhodeCode process is allowed to reload Apache
629 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
630 ## If the timeout expires before the reload command finishes, the command will
631 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
632 #svn.proxy.reload_timeout = 10
633
634 ############################################################
635 ### SSH Support Settings ###
636 ############################################################
637
638 ## Defines if a custom authorized_keys file should be created and written on
639 ## any change user ssh keys. Setting this to false also disables possibility
640 ## of adding SSH keys by users from web interface. Super admins can still
641 ## manage SSH Keys.
642 ssh.generate_authorized_keyfile = false
643
644 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
645 # ssh.authorized_keys_ssh_opts =
646
647 ## Path to the authorized_keys file where the generate entries are placed.
648 ## It is possible to have multiple key files specified in `sshd_config` e.g.
649 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
650 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
651
652 ## Command to execute the SSH wrapper. The binary is available in the
653 ## RhodeCode installation directory.
654 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
655 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
656
657 ## Allow shell when executing the ssh-wrapper command
658 ssh.wrapper_cmd_allow_shell = false
659
660 ## Enables logging, and detailed output send back to the client during SSH
661 ## operations. Useful for debugging, shouldn't be used in production.
662 ssh.enable_debug_logging = false
663
664 ## Paths to binary executable, by default they are the names, but we can
665 ## override them if we want to use a custom one
666 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
667 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
668 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
669
670 ## Enables SSH key generator web interface. Disabling this still allows users
671 ## to add their own keys.
672 ssh.enable_ui_key_generator = true
673
674
675 ## Dummy marker to add new entries after.
676 ## Add any custom entries below. Please don't remove.
677 custom.conf = 1
692 custom.conf = 1
678
693
679
694
680 ################################
695 ; #####################
681 ### LOGGING CONFIGURATION ####
696 ; LOGGING CONFIGURATION
682 ################################
697 ; #####################
683 [loggers]
698 [loggers]
684 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
699 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
685
700
@@ -689,9 +704,9 b' keys = console, console_sql'
689 [formatters]
704 [formatters]
690 keys = generic, color_formatter, color_formatter_sql
705 keys = generic, color_formatter, color_formatter_sql
691
706
692 #############
707 ; #######
693 ## LOGGERS ##
708 ; LOGGERS
694 #############
709 ; #######
695 [logger_root]
710 [logger_root]
696 level = NOTSET
711 level = NOTSET
697 handlers = console
712 handlers = console
@@ -726,9 +741,9 b' handlers ='
726 qualname = celery
741 qualname = celery
727
742
728
743
729 ##############
744 ; ########
730 ## HANDLERS ##
745 ; HANDLERS
731 ##############
746 ; ########
732
747
733 [handler_console]
748 [handler_console]
734 class = StreamHandler
749 class = StreamHandler
@@ -737,17 +752,17 b' level = INFO'
737 formatter = generic
752 formatter = generic
738
753
739 [handler_console_sql]
754 [handler_console_sql]
740 # "level = DEBUG" logs SQL queries and results.
755 ; "level = DEBUG" logs SQL queries and results.
741 # "level = INFO" logs SQL queries.
756 ; "level = INFO" logs SQL queries.
742 # "level = WARN" logs neither. (Recommended for production systems.)
757 ; "level = WARN" logs neither. (Recommended for production systems.)
743 class = StreamHandler
758 class = StreamHandler
744 args = (sys.stderr, )
759 args = (sys.stderr, )
745 level = WARN
760 level = WARN
746 formatter = generic
761 formatter = generic
747
762
748 ################
763 ; ##########
749 ## FORMATTERS ##
764 ; FORMATTERS
750 ################
765 ; ##########
751
766
752 [formatter_generic]
767 [formatter_generic]
753 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
768 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
General Comments 0
You need to be logged in to leave comments. Login now