##// END OF EJS Templates
config: updated .ini files with cache settings
marcink -
r2957:1c1640bb default
parent child Browse files
Show More
@@ -1,722 +1,732 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 use = egg:waitress#main
55 55 ## number of worker threads
56 56 threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 #use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 #workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommended to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 #proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 #worker_class = gevent
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 #max_requests = 1000
88 88 #max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 #timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 # During development the we want to have the debug toolbar enabled
112 112 pyramid.includes =
113 113 pyramid_debugtoolbar
114 114 rhodecode.lib.middleware.request_wrapper
115 115
116 116 pyramid.reload_templates = true
117 117
118 118 debugtoolbar.hosts = 0.0.0.0/0
119 119 debugtoolbar.exclude_prefixes =
120 120 /css
121 121 /fonts
122 122 /images
123 123 /js
124 124
125 125 ## RHODECODE PLUGINS ##
126 126 rhodecode.includes =
127 127 rhodecode.api
128 128
129 129
130 130 # api prefix url
131 131 rhodecode.api.url = /_admin/api
132 132
133 133
134 134 ## END RHODECODE PLUGINS ##
135 135
136 136 ## encryption key used to encrypt social plugin tokens,
137 137 ## remote_urls with credentials etc, if not set it defaults to
138 138 ## `beaker.session.secret`
139 139 #rhodecode.encrypted_values.secret =
140 140
141 141 ## decryption strict mode (enabled by default). It controls if decryption raises
142 142 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
143 143 #rhodecode.encrypted_values.strict = false
144 144
145 145 ## return gzipped responses from Rhodecode (static files/application)
146 146 gzip_responses = false
147 147
148 148 ## autogenerate javascript routes file on startup
149 149 generate_js_files = false
150 150
151 151 ## Optional Languages
152 152 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
153 153 lang = en
154 154
155 155 ## perform a full repository scan on each server start, this should be
156 156 ## set to false after first startup, to allow faster server restarts.
157 157 startup.import_repos = false
158 158
159 159 ## Uncomment and set this path to use archive download cache.
160 160 ## Once enabled, generated archives will be cached at this location
161 161 ## and served from the cache during subsequent requests for the same archive of
162 162 ## the repository.
163 163 #archive_cache_dir = /tmp/tarballcache
164 164
165 165 ## URL at which the application is running. This is used for bootstraping
166 166 ## requests in context when no web request is available. Used in ishell, or
167 167 ## SSH calls. Set this for events to receive proper url for SSH calls.
168 168 app.base_url = http://rhodecode.local
169 169
170 170 ## change this to unique ID for security
171 171 app_instance_uuid = rc-production
172 172
173 173 ## cut off limit for large diffs (size in bytes). If overall diff size on
174 174 ## commit, or pull request exceeds this limit this diff will be displayed
175 175 ## partially. E.g 512000 == 512Kb
176 176 cut_off_limit_diff = 512000
177 177
178 178 ## cut off limit for large files inside diffs (size in bytes). Each individual
179 179 ## file inside diff which exceeds this limit will be displayed partially.
180 180 ## E.g 128000 == 128Kb
181 181 cut_off_limit_file = 128000
182 182
183 183 ## use cache version of scm repo everywhere
184 184 vcs_full_cache = true
185 185
186 186 ## force https in RhodeCode, fixes https redirects, assumes it's always https
187 187 ## Normally this is controlled by proper http flags sent from http server
188 188 force_https = false
189 189
190 190 ## use Strict-Transport-Security headers
191 191 use_htsts = false
192 192
193 193 ## git rev filter option, --all is the default filter, if you need to
194 194 ## hide all refs in changelog switch this to --branches --tags
195 195 git_rev_filter = --branches --tags
196 196
197 197 # Set to true if your repos are exposed using the dumb protocol
198 198 git_update_server_info = false
199 199
200 200 ## RSS/ATOM feed options
201 201 rss_cut_off_limit = 256000
202 202 rss_items_per_page = 10
203 203 rss_include_diff = false
204 204
205 205 ## gist URL alias, used to create nicer urls for gist. This should be an
206 206 ## url that does rewrites to _admin/gists/{gistid}.
207 207 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
208 208 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
209 209 gist_alias_url =
210 210
211 211 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
212 212 ## used for access.
213 213 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
214 214 ## came from the the logged in user who own this authentication token.
215 215 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
216 216 ## authentication token. Such view would be only accessible when used together
217 217 ## with this authentication token
218 218 ##
219 219 ## list of all views can be found under `/_admin/permissions/auth_token_access`
220 220 ## The list should be "," separated and on a single line.
221 221 ##
222 222 ## Most common views to enable:
223 223 # RepoCommitsView:repo_commit_download
224 224 # RepoCommitsView:repo_commit_patch
225 225 # RepoCommitsView:repo_commit_raw
226 226 # RepoCommitsView:repo_commit_raw@TOKEN
227 227 # RepoFilesView:repo_files_diff
228 228 # RepoFilesView:repo_archivefile
229 229 # RepoFilesView:repo_file_raw
230 230 # GistView:*
231 231 api_access_controllers_whitelist =
232 232
233 233 ## default encoding used to convert from and to unicode
234 234 ## can be also a comma separated list of encoding in case of mixed encodings
235 235 default_encoding = UTF-8
236 236
237 237 ## instance-id prefix
238 238 ## a prefix key for this instance used for cache invalidation when running
239 239 ## multiple instances of rhodecode, make sure it's globally unique for
240 240 ## all running rhodecode instances. Leave empty if you don't use it
241 241 instance_id =
242 242
243 243 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
244 244 ## of an authentication plugin also if it is disabled by it's settings.
245 245 ## This could be useful if you are unable to log in to the system due to broken
246 246 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
247 247 ## module to log in again and fix the settings.
248 248 ##
249 249 ## Available builtin plugin IDs (hash is part of the ID):
250 250 ## egg:rhodecode-enterprise-ce#rhodecode
251 251 ## egg:rhodecode-enterprise-ce#pam
252 252 ## egg:rhodecode-enterprise-ce#ldap
253 253 ## egg:rhodecode-enterprise-ce#jasig_cas
254 254 ## egg:rhodecode-enterprise-ce#headers
255 255 ## egg:rhodecode-enterprise-ce#crowd
256 256 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
257 257
258 258 ## alternative return HTTP header for failed authentication. Default HTTP
259 259 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
260 260 ## handling that causing a series of failed authentication calls.
261 261 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
262 262 ## This will be served instead of default 401 on bad authnetication
263 263 auth_ret_code =
264 264
265 265 ## use special detection method when serving auth_ret_code, instead of serving
266 266 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
267 267 ## and then serve auth_ret_code to clients
268 268 auth_ret_code_detection = false
269 269
270 270 ## locking return code. When repository is locked return this HTTP code. 2XX
271 271 ## codes don't break the transactions while 4XX codes do
272 272 lock_ret_code = 423
273 273
274 274 ## allows to change the repository location in settings page
275 275 allow_repo_location_change = true
276 276
277 277 ## allows to setup custom hooks in settings page
278 278 allow_custom_hooks_settings = true
279 279
280 280 ## generated license token, goto license page in RhodeCode settings to obtain
281 281 ## new token
282 282 license_token =
283 283
284 284 ## supervisor connection uri, for managing supervisor and logs.
285 285 supervisor.uri =
286 286 ## supervisord group name/id we only want this RC instance to handle
287 287 supervisor.group_id = dev
288 288
289 289 ## Display extended labs settings
290 290 labs_settings_active = true
291 291
292 292 ####################################
293 293 ### CELERY CONFIG ####
294 294 ####################################
295 295 ## run: /path/to/celery worker \
296 296 ## -E --beat --app rhodecode.lib.celerylib.loader \
297 297 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
298 298 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
299 299
300 300 use_celery = false
301 301
302 302 ## connection url to the message broker (default rabbitmq)
303 303 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
304 304
305 305 ## maximum tasks to execute before worker restart
306 306 celery.max_tasks_per_child = 100
307 307
308 308 ## tasks will never be sent to the queue, but executed locally instead.
309 309 celery.task_always_eager = false
310 310
311 311 #####################################
312 312 ### DOGPILE CACHE ####
313 313 #####################################
314 314 ## Default cache dir for caches. Putting this into a ramdisk
315 ## can boost performance, eg. /tmpfs/data_ramdisk, however this might require lots
316 ## of space
315 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
316 ## large ammount of space
317 317 cache_dir = /tmp/rcdev/data
318 318
319 ## cache settings for permission tree, auth TTL.
319 ## `cache_perms` cache settings for permission tree, auth TTL.
320 320 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
321 321 rc_cache.cache_perms.expiration_time = 300
322 rc_cache.cache_perms.arguments.filename = /tmp/rc_cache_1
323 322
324 ## redis backend with distributed locks
323 ## alternative `cache_perms` redis backend with distributed lock
325 324 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
326 325 #rc_cache.cache_perms.expiration_time = 300
326 ## redis_expiration_time needs to be greater then expiration_time
327 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
328 #rc_cache.cache_perms.arguments.socket_timeout = 30
327 329 #rc_cache.cache_perms.arguments.host = localhost
328 330 #rc_cache.cache_perms.arguments.port = 6379
329 331 #rc_cache.cache_perms.arguments.db = 0
330 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
331 332 #rc_cache.cache_perms.arguments.distributed_lock = true
332 333
333
334 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
334 335 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
335 336 rc_cache.cache_repo.expiration_time = 2592000
336 rc_cache.cache_repo.arguments.filename = /tmp/rc_cache_2
337 337
338 ## redis backend with distributed locks
338 ## alternative `cache_repo` redis backend with distributed lock
339 339 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
340 340 #rc_cache.cache_repo.expiration_time = 2592000
341 ## this needs to be greater then expiration_time
341 ## redis_expiration_time needs to be greater then expiration_time
342 342 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
343 #rc_cache.cache_repo.arguments.socket_timeout = 30
343 344 #rc_cache.cache_repo.arguments.host = localhost
344 345 #rc_cache.cache_repo.arguments.port = 6379
345 346 #rc_cache.cache_repo.arguments.db = 1
346 347 #rc_cache.cache_repo.arguments.distributed_lock = true
347 348
348 ## cache settings for SQL queries
349 ## cache settings for SQL queries, this needs to use memory type backend
349 350 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
350 351 rc_cache.sql_cache_short.expiration_time = 30
351 352
353 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
354 ## type backend as the objects kept are not pickle serializable
355 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
356 # by default we use 96H, this is using invalidation on push anyway
357 rc_cache.cache_repo_longterm.expiration_time = 345600
358 # max items in LRU cache, reduce this number to save memory, and expire last used
359 # cached objects
360 rc_cache.cache_repo_longterm.max_size = 10000
361
352 362
353 363 ####################################
354 364 ### BEAKER SESSION ####
355 365 ####################################
356 366
357 367 ## .session.type is type of storage options for the session, current allowed
358 368 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
359 369 beaker.session.type = file
360 370 beaker.session.data_dir = %(here)s/data/sessions
361 371
362 372 ## db based session, fast, and allows easy management over logged in users
363 373 #beaker.session.type = ext:database
364 374 #beaker.session.table_name = db_session
365 375 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
366 376 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
367 377 #beaker.session.sa.pool_recycle = 3600
368 378 #beaker.session.sa.echo = false
369 379
370 380 beaker.session.key = rhodecode
371 381 beaker.session.secret = develop-rc-uytcxaz
372 382 beaker.session.lock_dir = %(here)s/data/sessions/lock
373 383
374 384 ## Secure encrypted cookie. Requires AES and AES python libraries
375 385 ## you must disable beaker.session.secret to use this
376 386 #beaker.session.encrypt_key = key_for_encryption
377 387 #beaker.session.validate_key = validation_key
378 388
379 389 ## sets session as invalid(also logging out user) if it haven not been
380 390 ## accessed for given amount of time in seconds
381 391 beaker.session.timeout = 2592000
382 392 beaker.session.httponly = true
383 393 ## Path to use for the cookie. Set to prefix if you use prefix middleware
384 394 #beaker.session.cookie_path = /custom_prefix
385 395
386 396 ## uncomment for https secure cookie
387 397 beaker.session.secure = false
388 398
389 399 ## auto save the session to not to use .save()
390 400 beaker.session.auto = false
391 401
392 402 ## default cookie expiration time in seconds, set to `true` to set expire
393 403 ## at browser close
394 404 #beaker.session.cookie_expires = 3600
395 405
396 406 ###################################
397 407 ## SEARCH INDEXING CONFIGURATION ##
398 408 ###################################
399 409 ## Full text search indexer is available in rhodecode-tools under
400 410 ## `rhodecode-tools index` command
401 411
402 412 ## WHOOSH Backend, doesn't require additional services to run
403 413 ## it works good with few dozen repos
404 414 search.module = rhodecode.lib.index.whoosh
405 415 search.location = %(here)s/data/index
406 416
407 417 ########################################
408 418 ### CHANNELSTREAM CONFIG ####
409 419 ########################################
410 420 ## channelstream enables persistent connections and live notification
411 421 ## in the system. It's also used by the chat system
412 422 channelstream.enabled = false
413 423
414 424 ## server address for channelstream server on the backend
415 425 channelstream.server = 127.0.0.1:9800
416 426
417 427 ## location of the channelstream server from outside world
418 428 ## use ws:// for http or wss:// for https. This address needs to be handled
419 429 ## by external HTTP server such as Nginx or Apache
420 430 ## see nginx/apache configuration examples in our docs
421 431 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
422 432 channelstream.secret = secret
423 433 channelstream.history.location = %(here)s/channelstream_history
424 434
425 435 ## Internal application path that Javascript uses to connect into.
426 436 ## If you use proxy-prefix the prefix should be added before /_channelstream
427 437 channelstream.proxy_path = /_channelstream
428 438
429 439
430 440 ###################################
431 441 ## APPENLIGHT CONFIG ##
432 442 ###################################
433 443
434 444 ## Appenlight is tailored to work with RhodeCode, see
435 445 ## http://appenlight.com for details how to obtain an account
436 446
437 447 ## appenlight integration enabled
438 448 appenlight = false
439 449
440 450 appenlight.server_url = https://api.appenlight.com
441 451 appenlight.api_key = YOUR_API_KEY
442 452 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
443 453
444 454 # used for JS client
445 455 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
446 456
447 457 ## TWEAK AMOUNT OF INFO SENT HERE
448 458
449 459 ## enables 404 error logging (default False)
450 460 appenlight.report_404 = false
451 461
452 462 ## time in seconds after request is considered being slow (default 1)
453 463 appenlight.slow_request_time = 1
454 464
455 465 ## record slow requests in application
456 466 ## (needs to be enabled for slow datastore recording and time tracking)
457 467 appenlight.slow_requests = true
458 468
459 469 ## enable hooking to application loggers
460 470 appenlight.logging = true
461 471
462 472 ## minimum log level for log capture
463 473 appenlight.logging.level = WARNING
464 474
465 475 ## send logs only from erroneous/slow requests
466 476 ## (saves API quota for intensive logging)
467 477 appenlight.logging_on_error = false
468 478
469 479 ## list of additonal keywords that should be grabbed from environ object
470 480 ## can be string with comma separated list of words in lowercase
471 481 ## (by default client will always send following info:
472 482 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
473 483 ## start with HTTP* this list be extended with additional keywords here
474 484 appenlight.environ_keys_whitelist =
475 485
476 486 ## list of keywords that should be blanked from request object
477 487 ## can be string with comma separated list of words in lowercase
478 488 ## (by default client will always blank keys that contain following words
479 489 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
480 490 ## this list be extended with additional keywords set here
481 491 appenlight.request_keys_blacklist =
482 492
483 493 ## list of namespaces that should be ignores when gathering log entries
484 494 ## can be string with comma separated list of namespaces
485 495 ## (by default the client ignores own entries: appenlight_client.client)
486 496 appenlight.log_namespace_blacklist =
487 497
488 498
489 499 ################################################################################
490 500 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
491 501 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
492 502 ## execute malicious code after an exception is raised. ##
493 503 ################################################################################
494 504 #set debug = false
495 505
496 506
497 507 ##############
498 508 ## STYLING ##
499 509 ##############
500 510 debug_style = true
501 511
502 512 ###########################################
503 513 ### MAIN RHODECODE DATABASE CONFIG ###
504 514 ###########################################
505 515 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
506 516 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
507 517 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
518 # pymysql is an alternative driver for MySQL, use in case of problems with default one
508 519 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
509 520
510 521 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
511 522
512 523 # see sqlalchemy docs for other advanced settings
513 524
514 525 ## print the sql statements to output
515 526 sqlalchemy.db1.echo = false
516 527 ## recycle the connections after this amount of seconds
517 528 sqlalchemy.db1.pool_recycle = 3600
518 529 sqlalchemy.db1.convert_unicode = true
519 530
520 531 ## the number of connections to keep open inside the connection pool.
521 532 ## 0 indicates no limit
522 533 #sqlalchemy.db1.pool_size = 5
523 534
524 535 ## the number of connections to allow in connection pool "overflow", that is
525 536 ## connections that can be opened above and beyond the pool_size setting,
526 537 ## which defaults to five.
527 538 #sqlalchemy.db1.max_overflow = 10
528 539
529 540 ## Connection check ping, used to detect broken database connections
530 541 ## could be enabled to better handle cases if MySQL has gone away errors
531 542 #sqlalchemy.db1.ping_connection = true
532 543
533 544 ##################
534 545 ### VCS CONFIG ###
535 546 ##################
536 547 vcs.server.enable = true
537 548 vcs.server = localhost:9900
538 549
539 550 ## Web server connectivity protocol, responsible for web based VCS operatations
540 551 ## Available protocols are:
541 552 ## `http` - use http-rpc backend (default)
542 553 vcs.server.protocol = http
543 554
544 555 ## Push/Pull operations protocol, available options are:
545 556 ## `http` - use http-rpc backend (default)
546 ##
547 557 vcs.scm_app_implementation = http
548 558
549 559 ## Push/Pull operations hooks protocol, available options are:
550 560 ## `http` - use http-rpc backend (default)
551 561 vcs.hooks.protocol = http
552 562
553 563 ## Host on which this instance is listening for hooks. If vcsserver is in other location
554 564 ## this should be adjusted.
555 565 vcs.hooks.host = 127.0.0.1
556 566
557 567 vcs.server.log_level = debug
558 568 ## Start VCSServer with this instance as a subprocess, usefull for development
559 569 vcs.start_server = false
560 570
561 571 ## List of enabled VCS backends, available options are:
562 572 ## `hg` - mercurial
563 573 ## `git` - git
564 574 ## `svn` - subversion
565 575 vcs.backends = hg, git, svn
566 576
567 577 vcs.connection_timeout = 3600
568 578 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
569 579 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
570 580 #vcs.svn.compatible_version = pre-1.8-compatible
571 581
572 582
573 583 ############################################################
574 584 ### Subversion proxy support (mod_dav_svn) ###
575 585 ### Maps RhodeCode repo groups into SVN paths for Apache ###
576 586 ############################################################
577 587 ## Enable or disable the config file generation.
578 588 svn.proxy.generate_config = false
579 589 ## Generate config file with `SVNListParentPath` set to `On`.
580 590 svn.proxy.list_parent_path = true
581 591 ## Set location and file name of generated config file.
582 592 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
583 593 ## alternative mod_dav config template. This needs to be a mako template
584 594 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
585 595 ## Used as a prefix to the `Location` block in the generated config file.
586 596 ## In most cases it should be set to `/`.
587 597 svn.proxy.location_root = /
588 598 ## Command to reload the mod dav svn configuration on change.
589 599 ## Example: `/etc/init.d/apache2 reload`
590 600 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
591 601 ## If the timeout expires before the reload command finishes, the command will
592 602 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
593 603 #svn.proxy.reload_timeout = 10
594 604
595 605 ############################################################
596 606 ### SSH Support Settings ###
597 607 ############################################################
598 608
599 609 ## Defines if a custom authorized_keys file should be created and written on
600 610 ## any change user ssh keys. Setting this to false also disables posibility
601 611 ## of adding SSH keys by users from web interface. Super admins can still
602 612 ## manage SSH Keys.
603 613 ssh.generate_authorized_keyfile = false
604 614
605 615 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
606 616 # ssh.authorized_keys_ssh_opts =
607 617
608 618 ## Path to the authrozied_keys file where the generate entries are placed.
609 619 ## It is possible to have multiple key files specified in `sshd_config` e.g.
610 620 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
611 621 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
612 622
613 623 ## Command to execute the SSH wrapper. The binary is available in the
614 624 ## rhodecode installation directory.
615 625 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
616 626 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
617 627
618 628 ## Allow shell when executing the ssh-wrapper command
619 629 ssh.wrapper_cmd_allow_shell = false
620 630
621 631 ## Enables logging, and detailed output send back to the client during SSH
622 632 ## operations. Usefull for debugging, shouldn't be used in production.
623 633 ssh.enable_debug_logging = true
624 634
625 635 ## Paths to binary executable, by default they are the names, but we can
626 636 ## override them if we want to use a custom one
627 637 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
628 638 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
629 639 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
630 640
631 641
632 642 ## Dummy marker to add new entries after.
633 643 ## Add any custom entries below. Please don't remove.
634 644 custom.conf = 1
635 645
636 646
637 647 ################################
638 648 ### LOGGING CONFIGURATION ####
639 649 ################################
640 650 [loggers]
641 651 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
642 652
643 653 [handlers]
644 654 keys = console, console_sql
645 655
646 656 [formatters]
647 657 keys = generic, color_formatter, color_formatter_sql
648 658
649 659 #############
650 660 ## LOGGERS ##
651 661 #############
652 662 [logger_root]
653 663 level = NOTSET
654 664 handlers = console
655 665
656 666 [logger_sqlalchemy]
657 667 level = INFO
658 668 handlers = console_sql
659 669 qualname = sqlalchemy.engine
660 670 propagate = 0
661 671
662 672 [logger_beaker]
663 673 level = DEBUG
664 674 handlers =
665 675 qualname = beaker.container
666 676 propagate = 1
667 677
668 678 [logger_rhodecode]
669 679 level = DEBUG
670 680 handlers =
671 681 qualname = rhodecode
672 682 propagate = 1
673 683
674 684 [logger_ssh_wrapper]
675 685 level = DEBUG
676 686 handlers =
677 687 qualname = ssh_wrapper
678 688 propagate = 1
679 689
680 690 [logger_celery]
681 691 level = DEBUG
682 692 handlers =
683 693 qualname = celery
684 694
685 695
686 696 ##############
687 697 ## HANDLERS ##
688 698 ##############
689 699
690 700 [handler_console]
691 701 class = StreamHandler
692 702 args = (sys.stderr, )
693 703 level = DEBUG
694 704 formatter = color_formatter
695 705
696 706 [handler_console_sql]
697 707 # "level = DEBUG" logs SQL queries and results.
698 708 # "level = INFO" logs SQL queries.
699 709 # "level = WARN" logs neither. (Recommended for production systems.)
700 710 class = StreamHandler
701 711 args = (sys.stderr, )
702 712 level = WARN
703 713 formatter = color_formatter_sql
704 714
705 715 ################
706 716 ## FORMATTERS ##
707 717 ################
708 718
709 719 [formatter_generic]
710 720 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
711 721 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
712 722 datefmt = %Y-%m-%d %H:%M:%S
713 723
714 724 [formatter_color_formatter]
715 725 class = rhodecode.lib.logging_formatter.ColorFormatter
716 726 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
717 727 datefmt = %Y-%m-%d %H:%M:%S
718 728
719 729 [formatter_color_formatter_sql]
720 730 class = rhodecode.lib.logging_formatter.ColorFormatterSql
721 731 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
722 732 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,691 +1,702 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 #use = egg:waitress#main
55 55 ## number of worker threads
56 56 #threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 #max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 #asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommended to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 worker_class = gevent
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 #worker_connections = 10
84 worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 max_requests = 1000
88 88 max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 ## encryption key used to encrypt social plugin tokens,
112 112 ## remote_urls with credentials etc, if not set it defaults to
113 113 ## `beaker.session.secret`
114 114 #rhodecode.encrypted_values.secret =
115 115
116 116 ## decryption strict mode (enabled by default). It controls if decryption raises
117 117 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
118 118 #rhodecode.encrypted_values.strict = false
119 119
120 120 ## return gzipped responses from Rhodecode (static files/application)
121 121 gzip_responses = false
122 122
123 123 ## autogenerate javascript routes file on startup
124 124 generate_js_files = false
125 125
126 126 ## Optional Languages
127 127 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
128 128 lang = en
129 129
130 130 ## perform a full repository scan on each server start, this should be
131 131 ## set to false after first startup, to allow faster server restarts.
132 132 startup.import_repos = false
133 133
134 134 ## Uncomment and set this path to use archive download cache.
135 135 ## Once enabled, generated archives will be cached at this location
136 136 ## and served from the cache during subsequent requests for the same archive of
137 137 ## the repository.
138 138 #archive_cache_dir = /tmp/tarballcache
139 139
140 140 ## URL at which the application is running. This is used for bootstraping
141 141 ## requests in context when no web request is available. Used in ishell, or
142 142 ## SSH calls. Set this for events to receive proper url for SSH calls.
143 143 app.base_url = http://rhodecode.local
144 144
145 145 ## change this to unique ID for security
146 146 app_instance_uuid = rc-production
147 147
148 148 ## cut off limit for large diffs (size in bytes). If overall diff size on
149 149 ## commit, or pull request exceeds this limit this diff will be displayed
150 150 ## partially. E.g 512000 == 512Kb
151 151 cut_off_limit_diff = 512000
152 152
153 153 ## cut off limit for large files inside diffs (size in bytes). Each individual
154 154 ## file inside diff which exceeds this limit will be displayed partially.
155 155 ## E.g 128000 == 128Kb
156 156 cut_off_limit_file = 128000
157 157
158 158 ## use cache version of scm repo everywhere
159 159 vcs_full_cache = true
160 160
161 161 ## force https in RhodeCode, fixes https redirects, assumes it's always https
162 162 ## Normally this is controlled by proper http flags sent from http server
163 163 force_https = false
164 164
165 165 ## use Strict-Transport-Security headers
166 166 use_htsts = false
167 167
168 168 ## git rev filter option, --all is the default filter, if you need to
169 169 ## hide all refs in changelog switch this to --branches --tags
170 170 git_rev_filter = --branches --tags
171 171
172 172 # Set to true if your repos are exposed using the dumb protocol
173 173 git_update_server_info = false
174 174
175 175 ## RSS/ATOM feed options
176 176 rss_cut_off_limit = 256000
177 177 rss_items_per_page = 10
178 178 rss_include_diff = false
179 179
180 180 ## gist URL alias, used to create nicer urls for gist. This should be an
181 181 ## url that does rewrites to _admin/gists/{gistid}.
182 182 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
183 183 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
184 184 gist_alias_url =
185 185
186 186 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
187 187 ## used for access.
188 188 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
189 189 ## came from the the logged in user who own this authentication token.
190 190 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
191 191 ## authentication token. Such view would be only accessible when used together
192 192 ## with this authentication token
193 193 ##
194 194 ## list of all views can be found under `/_admin/permissions/auth_token_access`
195 195 ## The list should be "," separated and on a single line.
196 196 ##
197 197 ## Most common views to enable:
198 198 # RepoCommitsView:repo_commit_download
199 199 # RepoCommitsView:repo_commit_patch
200 200 # RepoCommitsView:repo_commit_raw
201 201 # RepoCommitsView:repo_commit_raw@TOKEN
202 202 # RepoFilesView:repo_files_diff
203 203 # RepoFilesView:repo_archivefile
204 204 # RepoFilesView:repo_file_raw
205 205 # GistView:*
206 206 api_access_controllers_whitelist =
207 207
208 208 ## default encoding used to convert from and to unicode
209 209 ## can be also a comma separated list of encoding in case of mixed encodings
210 210 default_encoding = UTF-8
211 211
212 212 ## instance-id prefix
213 213 ## a prefix key for this instance used for cache invalidation when running
214 214 ## multiple instances of rhodecode, make sure it's globally unique for
215 215 ## all running rhodecode instances. Leave empty if you don't use it
216 216 instance_id =
217 217
218 218 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
219 219 ## of an authentication plugin also if it is disabled by it's settings.
220 220 ## This could be useful if you are unable to log in to the system due to broken
221 221 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
222 222 ## module to log in again and fix the settings.
223 223 ##
224 224 ## Available builtin plugin IDs (hash is part of the ID):
225 225 ## egg:rhodecode-enterprise-ce#rhodecode
226 226 ## egg:rhodecode-enterprise-ce#pam
227 227 ## egg:rhodecode-enterprise-ce#ldap
228 228 ## egg:rhodecode-enterprise-ce#jasig_cas
229 229 ## egg:rhodecode-enterprise-ce#headers
230 230 ## egg:rhodecode-enterprise-ce#crowd
231 231 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
232 232
233 233 ## alternative return HTTP header for failed authentication. Default HTTP
234 234 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
235 235 ## handling that causing a series of failed authentication calls.
236 236 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
237 237 ## This will be served instead of default 401 on bad authnetication
238 238 auth_ret_code =
239 239
240 240 ## use special detection method when serving auth_ret_code, instead of serving
241 241 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
242 242 ## and then serve auth_ret_code to clients
243 243 auth_ret_code_detection = false
244 244
245 245 ## locking return code. When repository is locked return this HTTP code. 2XX
246 246 ## codes don't break the transactions while 4XX codes do
247 247 lock_ret_code = 423
248 248
249 249 ## allows to change the repository location in settings page
250 250 allow_repo_location_change = true
251 251
252 252 ## allows to setup custom hooks in settings page
253 253 allow_custom_hooks_settings = true
254 254
255 255 ## generated license token, goto license page in RhodeCode settings to obtain
256 256 ## new token
257 257 license_token =
258 258
259 259 ## supervisor connection uri, for managing supervisor and logs.
260 260 supervisor.uri =
261 261 ## supervisord group name/id we only want this RC instance to handle
262 262 supervisor.group_id = prod
263 263
264 264 ## Display extended labs settings
265 265 labs_settings_active = true
266 266
267 267 ####################################
268 268 ### CELERY CONFIG ####
269 269 ####################################
270 270 ## run: /path/to/celery worker \
271 271 ## -E --beat --app rhodecode.lib.celerylib.loader \
272 272 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
273 273 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
274 274
275 275 use_celery = false
276 276
277 277 ## connection url to the message broker (default rabbitmq)
278 278 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
279 279
280 280 ## maximum tasks to execute before worker restart
281 281 celery.max_tasks_per_child = 100
282 282
283 283 ## tasks will never be sent to the queue, but executed locally instead.
284 284 celery.task_always_eager = false
285 285
286 286 #####################################
287 287 ### DOGPILE CACHE ####
288 288 #####################################
289 289 ## Default cache dir for caches. Putting this into a ramdisk
290 ## can boost performance, eg. /tmpfs/data_ramdisk, however this might require lots
291 ## of space
292 cache_dir = /tmp/rcdev/data
290 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
291 ## large ammount of space
292 cache_dir = /%(here)s/rcdev/data
293 293
294 ## cache settings for permission tree, auth TTL.
294 ## `cache_perms` cache settings for permission tree, auth TTL.
295 295 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
296 296 rc_cache.cache_perms.expiration_time = 300
297 rc_cache.cache_perms.arguments.filename = /tmp/rc_cache_1
298 297
299 ## redis backend with distributed locks
298 ## alternative `cache_perms` redis backend with distributed lock
300 299 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
301 300 #rc_cache.cache_perms.expiration_time = 300
301 ## redis_expiration_time needs to be greater then expiration_time
302 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
303 #rc_cache.cache_perms.arguments.socket_timeout = 30
302 304 #rc_cache.cache_perms.arguments.host = localhost
303 305 #rc_cache.cache_perms.arguments.port = 6379
304 306 #rc_cache.cache_perms.arguments.db = 0
305 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
306 307 #rc_cache.cache_perms.arguments.distributed_lock = true
307 308
308
309 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
309 310 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
310 311 rc_cache.cache_repo.expiration_time = 2592000
311 rc_cache.cache_repo.arguments.filename = /tmp/rc_cache_2
312 312
313 ## redis backend with distributed locks
313 ## alternative `cache_repo` redis backend with distributed lock
314 314 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
315 315 #rc_cache.cache_repo.expiration_time = 2592000
316 ## this needs to be greater then expiration_time
316 ## redis_expiration_time needs to be greater then expiration_time
317 317 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
318 #rc_cache.cache_repo.arguments.socket_timeout = 30
318 319 #rc_cache.cache_repo.arguments.host = localhost
319 320 #rc_cache.cache_repo.arguments.port = 6379
320 321 #rc_cache.cache_repo.arguments.db = 1
321 322 #rc_cache.cache_repo.arguments.distributed_lock = true
322 323
323 ## cache settings for SQL queries
324 ## cache settings for SQL queries, this needs to use memory type backend
324 325 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
325 326 rc_cache.sql_cache_short.expiration_time = 30
326 327
328 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
329 ## type backend as the objects kept are not pickle serializable
330 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
331 # by default we use 96H, this is using invalidation on push anyway
332 rc_cache.cache_repo_longterm.expiration_time = 345600
333 # max items in LRU cache, reduce this number to save memory, and expire last used
334 # cached objects
335 rc_cache.cache_repo_longterm.max_size = 10000
336
327 337
328 338 ####################################
329 339 ### BEAKER SESSION ####
330 340 ####################################
331 341
332 342 ## .session.type is type of storage options for the session, current allowed
333 343 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
334 344 beaker.session.type = file
335 345 beaker.session.data_dir = %(here)s/data/sessions
336 346
337 347 ## db based session, fast, and allows easy management over logged in users
338 348 #beaker.session.type = ext:database
339 349 #beaker.session.table_name = db_session
340 350 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
341 351 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
342 352 #beaker.session.sa.pool_recycle = 3600
343 353 #beaker.session.sa.echo = false
344 354
345 355 beaker.session.key = rhodecode
346 356 beaker.session.secret = production-rc-uytcxaz
347 357 beaker.session.lock_dir = %(here)s/data/sessions/lock
348 358
349 359 ## Secure encrypted cookie. Requires AES and AES python libraries
350 360 ## you must disable beaker.session.secret to use this
351 361 #beaker.session.encrypt_key = key_for_encryption
352 362 #beaker.session.validate_key = validation_key
353 363
354 364 ## sets session as invalid(also logging out user) if it haven not been
355 365 ## accessed for given amount of time in seconds
356 366 beaker.session.timeout = 2592000
357 367 beaker.session.httponly = true
358 368 ## Path to use for the cookie. Set to prefix if you use prefix middleware
359 369 #beaker.session.cookie_path = /custom_prefix
360 370
361 371 ## uncomment for https secure cookie
362 372 beaker.session.secure = false
363 373
364 374 ## auto save the session to not to use .save()
365 375 beaker.session.auto = false
366 376
367 377 ## default cookie expiration time in seconds, set to `true` to set expire
368 378 ## at browser close
369 379 #beaker.session.cookie_expires = 3600
370 380
371 381 ###################################
372 382 ## SEARCH INDEXING CONFIGURATION ##
373 383 ###################################
374 384 ## Full text search indexer is available in rhodecode-tools under
375 385 ## `rhodecode-tools index` command
376 386
377 387 ## WHOOSH Backend, doesn't require additional services to run
378 388 ## it works good with few dozen repos
379 389 search.module = rhodecode.lib.index.whoosh
380 390 search.location = %(here)s/data/index
381 391
382 392 ########################################
383 393 ### CHANNELSTREAM CONFIG ####
384 394 ########################################
385 395 ## channelstream enables persistent connections and live notification
386 396 ## in the system. It's also used by the chat system
387 397 channelstream.enabled = false
388 398
389 399 ## server address for channelstream server on the backend
390 400 channelstream.server = 127.0.0.1:9800
391 401
392 402 ## location of the channelstream server from outside world
393 403 ## use ws:// for http or wss:// for https. This address needs to be handled
394 404 ## by external HTTP server such as Nginx or Apache
395 405 ## see nginx/apache configuration examples in our docs
396 406 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
397 407 channelstream.secret = secret
398 408 channelstream.history.location = %(here)s/channelstream_history
399 409
400 410 ## Internal application path that Javascript uses to connect into.
401 411 ## If you use proxy-prefix the prefix should be added before /_channelstream
402 412 channelstream.proxy_path = /_channelstream
403 413
404 414
405 415 ###################################
406 416 ## APPENLIGHT CONFIG ##
407 417 ###################################
408 418
409 419 ## Appenlight is tailored to work with RhodeCode, see
410 420 ## http://appenlight.com for details how to obtain an account
411 421
412 422 ## appenlight integration enabled
413 423 appenlight = false
414 424
415 425 appenlight.server_url = https://api.appenlight.com
416 426 appenlight.api_key = YOUR_API_KEY
417 427 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
418 428
419 429 # used for JS client
420 430 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
421 431
422 432 ## TWEAK AMOUNT OF INFO SENT HERE
423 433
424 434 ## enables 404 error logging (default False)
425 435 appenlight.report_404 = false
426 436
427 437 ## time in seconds after request is considered being slow (default 1)
428 438 appenlight.slow_request_time = 1
429 439
430 440 ## record slow requests in application
431 441 ## (needs to be enabled for slow datastore recording and time tracking)
432 442 appenlight.slow_requests = true
433 443
434 444 ## enable hooking to application loggers
435 445 appenlight.logging = true
436 446
437 447 ## minimum log level for log capture
438 448 appenlight.logging.level = WARNING
439 449
440 450 ## send logs only from erroneous/slow requests
441 451 ## (saves API quota for intensive logging)
442 452 appenlight.logging_on_error = false
443 453
444 454 ## list of additonal keywords that should be grabbed from environ object
445 455 ## can be string with comma separated list of words in lowercase
446 456 ## (by default client will always send following info:
447 457 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
448 458 ## start with HTTP* this list be extended with additional keywords here
449 459 appenlight.environ_keys_whitelist =
450 460
451 461 ## list of keywords that should be blanked from request object
452 462 ## can be string with comma separated list of words in lowercase
453 463 ## (by default client will always blank keys that contain following words
454 464 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
455 465 ## this list be extended with additional keywords set here
456 466 appenlight.request_keys_blacklist =
457 467
458 468 ## list of namespaces that should be ignores when gathering log entries
459 469 ## can be string with comma separated list of namespaces
460 470 ## (by default the client ignores own entries: appenlight_client.client)
461 471 appenlight.log_namespace_blacklist =
462 472
463 473
464 474 ################################################################################
465 475 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
466 476 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
467 477 ## execute malicious code after an exception is raised. ##
468 478 ################################################################################
469 479 set debug = false
470 480
471 481
472 482 ###########################################
473 483 ### MAIN RHODECODE DATABASE CONFIG ###
474 484 ###########################################
475 485 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
476 486 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
477 487 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
488 # pymysql is an alternative driver for MySQL, use in case of problems with default one
478 489 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
479 490
480 491 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
481 492
482 493 # see sqlalchemy docs for other advanced settings
483 494
484 495 ## print the sql statements to output
485 496 sqlalchemy.db1.echo = false
486 497 ## recycle the connections after this amount of seconds
487 498 sqlalchemy.db1.pool_recycle = 3600
488 499 sqlalchemy.db1.convert_unicode = true
489 500
490 501 ## the number of connections to keep open inside the connection pool.
491 502 ## 0 indicates no limit
492 503 #sqlalchemy.db1.pool_size = 5
493 504
494 505 ## the number of connections to allow in connection pool "overflow", that is
495 506 ## connections that can be opened above and beyond the pool_size setting,
496 507 ## which defaults to five.
497 508 #sqlalchemy.db1.max_overflow = 10
498 509
499 510 ## Connection check ping, used to detect broken database connections
500 511 ## could be enabled to better handle cases if MySQL has gone away errors
501 512 #sqlalchemy.db1.ping_connection = true
502 513
503 514 ##################
504 515 ### VCS CONFIG ###
505 516 ##################
506 517 vcs.server.enable = true
507 518 vcs.server = localhost:9900
508 519
509 520 ## Web server connectivity protocol, responsible for web based VCS operatations
510 521 ## Available protocols are:
511 522 ## `http` - use http-rpc backend (default)
512 523 vcs.server.protocol = http
513 524
514 525 ## Push/Pull operations protocol, available options are:
515 526 ## `http` - use http-rpc backend (default)
516 527 ##
517 528 vcs.scm_app_implementation = http
518 529
519 530 ## Push/Pull operations hooks protocol, available options are:
520 531 ## `http` - use http-rpc backend (default)
521 532 vcs.hooks.protocol = http
522 533 ## Host on which this instance is listening for hooks. If vcsserver is in other location
523 534 ## this should be adjusted.
524 535 vcs.hooks.host = 127.0.0.1
525 536
526 537 vcs.server.log_level = info
527 538 ## Start VCSServer with this instance as a subprocess, usefull for development
528 539 vcs.start_server = false
529 540
530 541 ## List of enabled VCS backends, available options are:
531 542 ## `hg` - mercurial
532 543 ## `git` - git
533 544 ## `svn` - subversion
534 545 vcs.backends = hg, git, svn
535 546
536 547 vcs.connection_timeout = 3600
537 548 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
538 549 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
539 550 #vcs.svn.compatible_version = pre-1.8-compatible
540 551
541 552
542 553 ############################################################
543 554 ### Subversion proxy support (mod_dav_svn) ###
544 555 ### Maps RhodeCode repo groups into SVN paths for Apache ###
545 556 ############################################################
546 557 ## Enable or disable the config file generation.
547 558 svn.proxy.generate_config = false
548 559 ## Generate config file with `SVNListParentPath` set to `On`.
549 560 svn.proxy.list_parent_path = true
550 561 ## Set location and file name of generated config file.
551 562 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
552 563 ## alternative mod_dav config template. This needs to be a mako template
553 564 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
554 565 ## Used as a prefix to the `Location` block in the generated config file.
555 566 ## In most cases it should be set to `/`.
556 567 svn.proxy.location_root = /
557 568 ## Command to reload the mod dav svn configuration on change.
558 569 ## Example: `/etc/init.d/apache2 reload`
559 570 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
560 571 ## If the timeout expires before the reload command finishes, the command will
561 572 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
562 573 #svn.proxy.reload_timeout = 10
563 574
564 575 ############################################################
565 576 ### SSH Support Settings ###
566 577 ############################################################
567 578
568 579 ## Defines if a custom authorized_keys file should be created and written on
569 580 ## any change user ssh keys. Setting this to false also disables posibility
570 581 ## of adding SSH keys by users from web interface. Super admins can still
571 582 ## manage SSH Keys.
572 583 ssh.generate_authorized_keyfile = false
573 584
574 585 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
575 586 # ssh.authorized_keys_ssh_opts =
576 587
577 588 ## Path to the authrozied_keys file where the generate entries are placed.
578 589 ## It is possible to have multiple key files specified in `sshd_config` e.g.
579 590 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
580 591 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
581 592
582 593 ## Command to execute the SSH wrapper. The binary is available in the
583 594 ## rhodecode installation directory.
584 595 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
585 596 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
586 597
587 598 ## Allow shell when executing the ssh-wrapper command
588 599 ssh.wrapper_cmd_allow_shell = false
589 600
590 601 ## Enables logging, and detailed output send back to the client during SSH
591 602 ## operations. Usefull for debugging, shouldn't be used in production.
592 603 ssh.enable_debug_logging = false
593 604
594 605 ## Paths to binary executable, by default they are the names, but we can
595 606 ## override them if we want to use a custom one
596 607 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
597 608 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
598 609 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
599 610
600 611
601 612 ## Dummy marker to add new entries after.
602 613 ## Add any custom entries below. Please don't remove.
603 614 custom.conf = 1
604 615
605 616
606 617 ################################
607 618 ### LOGGING CONFIGURATION ####
608 619 ################################
609 620 [loggers]
610 621 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
611 622
612 623 [handlers]
613 624 keys = console, console_sql
614 625
615 626 [formatters]
616 627 keys = generic, color_formatter, color_formatter_sql
617 628
618 629 #############
619 630 ## LOGGERS ##
620 631 #############
621 632 [logger_root]
622 633 level = NOTSET
623 634 handlers = console
624 635
625 636 [logger_sqlalchemy]
626 637 level = INFO
627 638 handlers = console_sql
628 639 qualname = sqlalchemy.engine
629 640 propagate = 0
630 641
631 642 [logger_beaker]
632 643 level = DEBUG
633 644 handlers =
634 645 qualname = beaker.container
635 646 propagate = 1
636 647
637 648 [logger_rhodecode]
638 649 level = DEBUG
639 650 handlers =
640 651 qualname = rhodecode
641 652 propagate = 1
642 653
643 654 [logger_ssh_wrapper]
644 655 level = DEBUG
645 656 handlers =
646 657 qualname = ssh_wrapper
647 658 propagate = 1
648 659
649 660 [logger_celery]
650 661 level = DEBUG
651 662 handlers =
652 663 qualname = celery
653 664
654 665
655 666 ##############
656 667 ## HANDLERS ##
657 668 ##############
658 669
659 670 [handler_console]
660 671 class = StreamHandler
661 672 args = (sys.stderr, )
662 673 level = INFO
663 674 formatter = generic
664 675
665 676 [handler_console_sql]
666 677 # "level = DEBUG" logs SQL queries and results.
667 678 # "level = INFO" logs SQL queries.
668 679 # "level = WARN" logs neither. (Recommended for production systems.)
669 680 class = StreamHandler
670 681 args = (sys.stderr, )
671 682 level = WARN
672 683 formatter = generic
673 684
674 685 ################
675 686 ## FORMATTERS ##
676 687 ################
677 688
678 689 [formatter_generic]
679 690 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
680 691 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
681 692 datefmt = %Y-%m-%d %H:%M:%S
682 693
683 694 [formatter_color_formatter]
684 695 class = rhodecode.lib.logging_formatter.ColorFormatter
685 696 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
686 697 datefmt = %Y-%m-%d %H:%M:%S
687 698
688 699 [formatter_color_formatter_sql]
689 700 class = rhodecode.lib.logging_formatter.ColorFormatterSql
690 701 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
691 702 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now