rhodecode-enterprise-ce Commit - r5145:3c1ad60a

tests: fixup the config stubs

super-admin -

r5145:3c1ad60a default

parent child

rhodecode/lib/base.py

0 +4 0

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             """
             The base Controller API
             Provides the BaseController class for subclassing. And usage in different
             controllers
             """
             import logging
             import socket
             import base64
             import markupsafe
             import ipaddress
             import paste.httpheaders
             from paste.auth.basic import AuthBasicAuthenticator
             from paste.httpexceptions import HTTPUnauthorized, HTTPForbidden, get_exception
             import rhodecode
             from rhodecode.authentication.base import VCS_TYPE
             from rhodecode.lib import auth, utils2
             from rhodecode.lib import helpers as h
             from rhodecode.lib.auth import AuthUser, CookieStoreWrapper
             from rhodecode.lib.exceptions import UserCreationError
             from rhodecode.lib.utils import (password_changed, get_enabled_hook_classes)
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.str_utils import ascii_bytes, safe_int, safe_str
             from rhodecode.lib.type_utils import aslist, str2bool
             from rhodecode.lib.hash_utils import sha1
             from rhodecode.model.db import Repository, User, ChangesetComment, UserBookmark
             from rhodecode.model.notification import NotificationModel
             from rhodecode.model.settings import VcsSettingsModel, SettingsModel
             log = logging.getLogger(__name__)
             def _filter_proxy(ip):
                 """
                 Passed in IP addresses in HEADERS can be in a special format of multiple
                 ips. Those comma separated IPs are passed from various proxies in the
                 chain of request processing. The left-most being the original client.
                 We only care about the first IP which came from the org. client.
                 :param ip: ip string from headers
                 """
                 if ',' in ip:
                     _ips = ip.split(',')
                     _first_ip = _ips[0].strip()
                     log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)
                     return _first_ip
                 return ip
             def _filter_port(ip):
                 """
                 Removes a port from ip, there are 4 main cases to handle here.
                 - ipv4 eg. 127.0.0.1
                 - ipv6 eg. ::1
                 - ipv4+port eg. 127.0.0.1:8080
                 - ipv6+port eg. [::1]:8080
                 :param ip:
                 """
                 def is_ipv6(ip_addr):
                     if hasattr(socket, 'inet_pton'):
                         try:
                             socket.inet_pton(socket.AF_INET6, ip_addr)
                         except socket.error:
                             return False
                     else:
                         # fallback to ipaddress
                         try:
                             ipaddress.IPv6Address(safe_str(ip_addr))
                         except Exception:
                             return False
                     return True
                 if ':' not in ip:  # must be ipv4 pure ip
                     return ip
                 if '[' in ip and ']' in ip:  # ipv6 with port
                     return ip.split(']')[0][1:].lower()
                 # must be ipv6 or ipv4 with port
                 if is_ipv6(ip):
                     return ip
                 else:
                     ip, _port = ip.split(':')[:2]  # means ipv4+port
                     return ip
             def get_ip_addr(environ):
                 proxy_key = 'HTTP_X_REAL_IP'
                 proxy_key2 = 'HTTP_X_FORWARDED_FOR'
                 def_key = 'REMOTE_ADDR'
                 def ip_filters(ip_):
                     return _filter_port(_filter_proxy(ip_))
                 ip = environ.get(proxy_key)
                 if ip:
                     return ip_filters(ip)
                 ip = environ.get(proxy_key2)
                 if ip:
                     return ip_filters(ip)
                 ip = environ.get(def_key, '0.0.0.0')
                 return ip_filters(ip)
             def get_server_ip_addr(environ, log_errors=True):
                 hostname = environ.get('SERVER_NAME')
                 try:
                     return socket.gethostbyname(hostname)
                 except Exception as e:
                     if log_errors:
                         # in some cases this lookup is not possible, and we don't want to
                         # make it an exception in logs
                         log.exception('Could not retrieve server ip address: %s', e)
                     return hostname
             def get_server_port(environ):
                 return environ.get('SERVER_PORT')
             def get_user_agent(environ):
                 return environ.get('HTTP_USER_AGENT')
             def vcs_operation_context(
                     environ, repo_name, username, action, scm, check_locking=True,
                     is_shadow_repo=False, check_branch_perms=False, detect_force_push=False):
                 """
                 Generate the context for a vcs operation, e.g. push or pull.
                 This context is passed over the layers so that hooks triggered by the
                 vcs operation know details like the user, the user's IP address etc.
                 :param check_locking: Allows to switch of the computation of the locking
                     data. This serves mainly the need of the simplevcs middleware to be
                     able to disable this for certain operations.
                 """
                 # Tri-state value: False: unlock, None: nothing, True: lock
                 make_lock = None
                 locked_by = [None, None, None]
                 is_anonymous = username == User.DEFAULT_USER
                 user = User.get_by_username(username)
                 if not is_anonymous and check_locking:
                     log.debug('Checking locking on repository "%s"', repo_name)
                     repo = Repository.get_by_repo_name(repo_name)
                     make_lock, __, locked_by = repo.get_locking_state(
                         action, user.user_id)
                 user_id = user.user_id
                 settings_model = VcsSettingsModel(repo=repo_name)
                 ui_settings = settings_model.get_ui_settings()
                 # NOTE(marcink): This should be also in sync with
                 # rhodecode/apps/ssh_support/lib/backends/base.py:update_environment scm_data
                 store = [x for x in ui_settings if x.key == '/']
                 repo_store = ''
                 if store:
                     repo_store = store[0].value
                 scm_data = {
                     'ip': get_ip_addr(environ),
                     'username': username,
                     'user_id': user_id,
                     'action': action,
                     'repository': repo_name,
                     'scm': scm,
                     'config': rhodecode.CONFIG['__file__'],
                     'repo_store': repo_store,
                     'make_lock': make_lock,
                     'locked_by': locked_by,
                     'server_url': utils2.get_server_url(environ),
                     'user_agent': get_user_agent(environ),
                     'hooks': get_enabled_hook_classes(ui_settings),
                     'is_shadow_repo': is_shadow_repo,
                     'detect_force_push': detect_force_push,
                     'check_branch_perms': check_branch_perms,
                 }
                 return scm_data
             class BasicAuth(AuthBasicAuthenticator):
                 def __init__(self, realm, authfunc, registry, auth_http_code=None,
                              initial_call_detection=False, acl_repo_name=None, rc_realm=''):
                     super().__init__(realm=realm, authfunc=authfunc)
                     self.realm = realm
                     self.rc_realm = rc_realm
                     self.initial_call = initial_call_detection
                     self.authfunc = authfunc
                     self.registry = registry
                     self.acl_repo_name = acl_repo_name
                     self._rc_auth_http_code = auth_http_code
                 def _get_response_from_code(self, http_code, fallback):
                     try:
                         return get_exception(safe_int(http_code))
                     except Exception:
                         log.exception('Failed to fetch response class for code %s, using fallback: %s', http_code, fallback)
                         return fallback
                 def get_rc_realm(self):
                     return safe_str(self.rc_realm)
                 def build_authentication(self):
                     header = [('WWW-Authenticate', f'Basic realm="{self.realm}"')]
                     # NOTE: the initial_Call detection seems to be not working/not needed witg latest Mercurial
                     # investigate if we still need it.
                     if self._rc_auth_http_code and not self.initial_call:
                         # return alternative HTTP code if alternative http return code
                         # is specified in RhodeCode config, but ONLY if it's not the
                         # FIRST call
                         custom_response_klass = self._get_response_from_code(self._rc_auth_http_code, fallback=HTTPUnauthorized)
                         log.debug('Using custom response class: %s', custom_response_klass)
                         return custom_response_klass(headers=header)
                     return HTTPUnauthorized(headers=header)
                 def authenticate(self, environ):
                     authorization = paste.httpheaders.AUTHORIZATION(environ)
                     if not authorization:
                         return self.build_authentication()
                     (auth_meth, auth_creds_b64) = authorization.split(' ', 1)
                     if 'basic' != auth_meth.lower():
                         return self.build_authentication()
                     credentials = safe_str(base64.b64decode(auth_creds_b64.strip()))
                     _parts = credentials.split(':', 1)
                     if len(_parts) == 2:
                         username, password = _parts
                         auth_data = self.authfunc(
                                 username, password, environ, VCS_TYPE,
                                 registry=self.registry, acl_repo_name=self.acl_repo_name)
                         if auth_data:
                             return {'username': username, 'auth_data': auth_data}
                         if username and password:
                             # we mark that we actually executed authentication once, at
                             # that point we can use the alternative auth code
                             self.initial_call = False
                     return self.build_authentication()
                 __call__ = authenticate
             def calculate_version_hash(config):
                 return sha1(
                     config.get(b'beaker.session.secret', b'') + ascii_bytes(rhodecode.__version__)
                 )[:8]
             def get_current_lang(request):
                 return getattr(request, '_LOCALE_', request.locale_name)
             def attach_context_attributes(context, request, user_id=None, is_api=None):
                 """
                 Attach variables into template context called `c`.
                 """
                 config = request.registry.settings
                 rc_config = SettingsModel().get_all_settings(cache=True, from_request=False)
                 context.rc_config = rc_config
                 context.rhodecode_version = rhodecode.__version__
                 context.rhodecode_edition = config.get('rhodecode.edition')
                 context.rhodecode_edition_id = config.get('rhodecode.edition_id')
                 # unique secret + version does not leak the version but keep consistency
                 context.rhodecode_version_hash = calculate_version_hash(config)
                 # Default language set for the incoming request
                 context.language = get_current_lang(request)
                 # Visual options
                 context.visual = AttributeDict({})
                 # DB stored Visual Items
                 context.visual.show_public_icon = str2bool(
                     rc_config.get('rhodecode_show_public_icon'))
                 context.visual.show_private_icon = str2bool(
                     rc_config.get('rhodecode_show_private_icon'))
                 context.visual.stylify_metatags = str2bool(
                     rc_config.get('rhodecode_stylify_metatags'))
                 context.visual.dashboard_items = safe_int(
                     rc_config.get('rhodecode_dashboard_items', 100))
                 context.visual.admin_grid_items = safe_int(
                     rc_config.get('rhodecode_admin_grid_items', 100))
                 context.visual.show_revision_number = str2bool(
                     rc_config.get('rhodecode_show_revision_number', True))
                 context.visual.show_sha_length = safe_int(
                     rc_config.get('rhodecode_show_sha_length', 100))
                 context.visual.repository_fields = str2bool(
                     rc_config.get('rhodecode_repository_fields'))
                 context.visual.show_version = str2bool(
                     rc_config.get('rhodecode_show_version'))
                 context.visual.use_gravatar = str2bool(
                     rc_config.get('rhodecode_use_gravatar'))
                 context.visual.gravatar_url = rc_config.get('rhodecode_gravatar_url')
                 context.visual.default_renderer = rc_config.get(
                     'rhodecode_markup_renderer', 'rst')
                 context.visual.comment_types = ChangesetComment.COMMENT_TYPES
                 context.visual.rhodecode_support_url = \
                     rc_config.get('rhodecode_support_url') or h.route_url('rhodecode_support')
                 context.visual.affected_files_cut_off = 60
                 context.pre_code = rc_config.get('rhodecode_pre_code')
                 context.post_code = rc_config.get('rhodecode_post_code')
                 context.rhodecode_name = rc_config.get('rhodecode_title')
                 context.default_encodings = aslist(config.get('default_encoding'), sep=',')
                 # if we have specified default_encoding in the request, it has more
                 # priority
                 if request.GET.get('default_encoding'):
                     context.default_encodings.insert(0, request.GET.get('default_encoding'))
                 context.clone_uri_tmpl = rc_config.get('rhodecode_clone_uri_tmpl')
                 context.clone_uri_id_tmpl = rc_config.get('rhodecode_clone_uri_id_tmpl')
                 context.clone_uri_ssh_tmpl = rc_config.get('rhodecode_clone_uri_ssh_tmpl')
                 # INI stored
                 context.labs_active = str2bool(
                     config.get('labs_settings_active', 'false'))
                 context.ssh_enabled = str2bool(
                     config.get('ssh.generate_authorized_keyfile', 'false'))
                 context.ssh_key_generator_enabled = str2bool(
                     config.get('ssh.enable_ui_key_generator', 'true'))
                 context.visual.allow_repo_location_change = str2bool(
                     config.get('allow_repo_location_change', True))
                 context.visual.allow_custom_hooks_settings = str2bool(
                     config.get('allow_custom_hooks_settings', True))
                 context.debug_style = str2bool(config.get('debug_style', False))
                 context.rhodecode_instanceid = config.get('instance_id')
                 context.visual.cut_off_limit_diff = safe_int(
                     config.get('cut_off_limit_diff'), default=0)
                 context.visual.cut_off_limit_file = safe_int(
                     config.get('cut_off_limit_file'), default=0)
                 context.license = AttributeDict({})
                 context.license.hide_license_info = str2bool(
                     config.get('license.hide_license_info', False))
                 # AppEnlight
                 context.appenlight_enabled = config.get('appenlight', False)
                 context.appenlight_api_public_key = config.get(
                     'appenlight.api_public_key', '')
                 context.appenlight_server_url = config.get('appenlight.server_url', '')
                 diffmode = {
                     "unified": "unified",
                     "sideside": "sideside"
                 }.get(request.GET.get('diffmode'))
                 if is_api is not None:
                     is_api = hasattr(request, 'rpc_user')
                 session_attrs = {
                     # defaults
                     "clone_url_format": "http",
                     "diffmode": "sideside",
                     "license_fingerprint": request.session.get('license_fingerprint')
                 }
                 if not is_api:
                     # don't access pyramid session for API calls
                     if diffmode and diffmode != request.session.get('rc_user_session_attr.diffmode'):
                         request.session['rc_user_session_attr.diffmode'] = diffmode
                     # session settings per user
                     for k, v in list(request.session.items()):
                         pref = 'rc_user_session_attr.'
                         if k and k.startswith(pref):
                             k = k[len(pref):]
                             session_attrs[k] = v
                 context.user_session_attrs = session_attrs
                 # JS template context
                 context.template_context = {
                     'repo_name': None,
                     'repo_type': None,
                     'repo_landing_commit': None,
                     'rhodecode_user': {
                         'username': None,
                         'email': None,
                         'notification_status': False
                     },
                     'session_attrs': session_attrs,
                     'visual': {
                         'default_renderer': None
                     },
                     'commit_data': {
                         'commit_id': None
                     },
                     'pull_request_data': {'pull_request_id': None},
                     'timeago': {
                         'refresh_time': 120 * 1000,
                         'cutoff_limit': 1000 * 60 * 60 * 24 * 7
                     },
                     'pyramid_dispatch': {
                     },
                     'extra': {'plugins': {}}
                 }
                 # END CONFIG VARS
                 if is_api:
                     csrf_token = None
                 else:
                     csrf_token = auth.get_csrf_token(session=request.session)
                 context.csrf_token = csrf_token
                 context.backends = list(rhodecode.BACKENDS.keys())
                 unread_count = 0
                 user_bookmark_list = []
                 if user_id:
                     unread_count = NotificationModel().get_unread_cnt_for_user(user_id)
                     user_bookmark_list = UserBookmark.get_bookmarks_for_user(user_id)
                 context.unread_notifications = unread_count
                 context.bookmark_items = user_bookmark_list
                 # web case
                 if hasattr(request, 'user'):
                     context.auth_user = request.user
                     context.rhodecode_user = request.user
                 # api case
                 if hasattr(request, 'rpc_user'):
                     context.auth_user = request.rpc_user
                     context.rhodecode_user = request.rpc_user
                 # attach the whole call context to the request
                 request.set_call_context(context)
             def get_auth_user(request):
                 environ = request.environ
                 session = request.session
                 ip_addr = get_ip_addr(environ)
                 # make sure that we update permissions each time we call controller
                 _auth_token = (
                         # ?auth_token=XXX
                         request.GET.get('auth_token', '')
                         # ?api_key=XXX !LEGACY
                         or request.GET.get('api_key', '')
                         # or headers....
                         or request.headers.get('X-Rc-Auth-Token', '')
                 )
                 if not _auth_token and request.matchdict:
                     url_auth_token = request.matchdict.get('_auth_token')
                     _auth_token = url_auth_token
                     if _auth_token:
                         log.debug('Using URL extracted auth token `...%s`', _auth_token[-4:])
                 if _auth_token:
                     # when using API_KEY we assume user exists, and
                     # doesn't need auth based on cookies.
                     auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr)
                     authenticated = False
                 else:
                     cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                     try:
                         auth_user = AuthUser(user_id=cookie_store.get('user_id', None),
                                              ip_addr=ip_addr)
                     except UserCreationError as e:
                         h.flash(e, 'error')
                         # container auth or other auth functions that create users
                         # on the fly can throw this exception signaling that there's
                         # issue with user creation, explanation should be provided
                         # in Exception itself. We then create a simple blank
                         # AuthUser
                         auth_user = AuthUser(ip_addr=ip_addr)
                     # in case someone changes a password for user it triggers session
                     # flush and forces a re-login
                     if password_changed(auth_user, session):
                         session.invalidate()
                         cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
                         auth_user = AuthUser(ip_addr=ip_addr)
                     authenticated = cookie_store.get('is_authenticated')
                 if not auth_user.is_authenticated and auth_user.is_user_object:
                     # user is not authenticated and not empty
                     auth_user.set_authenticated(authenticated)
                 return auth_user, _auth_token
             def h_filter(s):
                 """
                 Custom filter for Mako templates. Mako by standard uses `markupsafe.escape`
                 we wrap this with additional functionality that converts None to empty
                 strings
                 """
                 if s is None:
                     return markupsafe.Markup()
                 return markupsafe.escape(s)
             def add_events_routes(config):
                 """
                 Adds routing that can be used in events. Because some events are triggered
                 outside of pyramid context, we need to bootstrap request with some
                 routing registered
                 """
                 from rhodecode.apps._base import ADMIN_PREFIX
                 config.add_route(name='home', pattern='/')
                 config.add_route(name='main_page_repos_data', pattern='/_home_repos')
                 config.add_route(name='main_page_repo_groups_data', pattern='/_home_repo_groups')
                 config.add_route(name='login', pattern=ADMIN_PREFIX + '/login')
                 config.add_route(name='logout', pattern=ADMIN_PREFIX + '/logout')
                 config.add_route(name='repo_summary', pattern='/{repo_name}')
                 config.add_route(name='repo_summary_explicit', pattern='/{repo_name}/summary')
                 config.add_route(name='repo_group_home', pattern='/{repo_group_name}')
                 config.add_route(name='pullrequest_show',
                                  pattern='/{repo_name}/pull-request/{pull_request_id}')
                 config.add_route(name='pull_requests_global',
                                  pattern='/pull-request/{pull_request_id}')
                 config.add_route(name='repo_commit',
                                  pattern='/{repo_name}/changeset/{commit_id}')
                 config.add_route(name='repo_files',
                                  pattern='/{repo_name}/files/{commit_id}/{f_path}')
                 config.add_route(name='hovercard_user',
                                  pattern='/_hovercard/user/{user_id}')
                 config.add_route(name='hovercard_user_group',
                                  pattern='/_hovercard/user_group/{user_group_id}')
                 config.add_route(name='hovercard_pull_request',
                                  pattern='/_hovercard/pull_request/{pull_request_id}')
                 config.add_route(name='hovercard_repo_commit',
                                  pattern='/_hovercard/commit/{repo_name}/{commit_id}')
             def bootstrap_config(request, registry_name='RcTestRegistry'):
+                from rhodecode.config.middleware import sanitize_settings_and_apply_defaults
                 import pyramid.testing
                 registry = pyramid.testing.Registry(registry_name)
+                global_config = {'__file__': ''}
                 config = pyramid.testing.setUp(registry=registry, request=request)
+                sanitize_settings_and_apply_defaults(global_config, config.registry.settings)
                 # allow pyramid lookup in testing
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
                 config.include('rhodecode.lib.rc_cache.archive_cache')
                 add_events_routes(config)
                 return config
             def bootstrap_request(**kwargs):
                 """
                 Returns a thin version of Request Object that is used in non-web context like testing/celery
                 """
                 import pyramid.testing
                 from rhodecode.lib.request import ThinRequest as _ThinRequest
                 class ThinRequest(_ThinRequest):
                     application_url = kwargs.pop('application_url', 'http://example.com')
                     host = kwargs.pop('host', 'example.com:80')
                     domain = kwargs.pop('domain', 'example.com')
                 class ThinSession(pyramid.testing.DummySession):
                     def save(*arg, **kw):
                         pass
                 request = ThinRequest(**kwargs)
                 request.session = ThinSession()
                 return request

rhodecode/lib/hooks_daemon.py

0 0 -1

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import time
             import logging
             import tempfile
             import traceback
             import threading
             import socket
             import msgpack
             import gevent
             from http.server import BaseHTTPRequestHandler
             from socketserver import TCPServer
             import rhodecode
             from rhodecode.lib.exceptions import HTTPLockedRC, HTTPBranchProtected
             from rhodecode.model import meta
-            from rhodecode.lib.base import bootstrap_request, bootstrap_config
             from rhodecode.lib import hooks_base
             from rhodecode.lib.utils2 import AttributeDict
             from rhodecode.lib.ext_json import json
             from rhodecode.lib import rc_cache
             log = logging.getLogger(__name__)
             class HooksHttpHandler(BaseHTTPRequestHandler):
                 JSON_HOOKS_PROTO = 'json.v1'
                 MSGPACK_HOOKS_PROTO = 'msgpack.v1'
                 # starting with RhodeCode 5.0.0 MsgPack is the default, prior it used json
                 DEFAULT_HOOKS_PROTO = MSGPACK_HOOKS_PROTO
                 @classmethod
                 def serialize_data(cls, data, proto=DEFAULT_HOOKS_PROTO):
                     if proto == cls.MSGPACK_HOOKS_PROTO:
                         return msgpack.packb(data)
                     return json.dumps(data)
                 @classmethod
                 def deserialize_data(cls, data, proto=DEFAULT_HOOKS_PROTO):
                     if proto == cls.MSGPACK_HOOKS_PROTO:
                         return msgpack.unpackb(data)
                     return json.loads(data)
                 def do_POST(self):
                     hooks_proto, method, extras = self._read_request()
                     log.debug('Handling HooksHttpHandler %s with %s proto', method, hooks_proto)
                     txn_id = getattr(self.server, 'txn_id', None)
                     if txn_id:
                         log.debug('Computing TXN_ID based on `%s`:`%s`',
                                   extras['repository'], extras['txn_id'])
                         computed_txn_id = rc_cache.utils.compute_key_from_params(
                             extras['repository'], extras['txn_id'])
                         if txn_id != computed_txn_id:
                             raise Exception(
                                 'TXN ID fail: expected {} got {} instead'.format(
                                     txn_id, computed_txn_id))
                     request = getattr(self.server, 'request', None)
                     try:
                         hooks = Hooks(request=request, log_prefix='HOOKS: {} '.format(self.server.server_address))
                         result = self._call_hook_method(hooks, method, extras)
                     except Exception as e:
                         exc_tb = traceback.format_exc()
                         result = {
                             'exception': e.__class__.__name__,
                             'exception_traceback': exc_tb,
                             'exception_args': e.args
                         }
                     self._write_response(hooks_proto, result)
                 def _read_request(self):
                     length = int(self.headers['Content-Length'])
                     # respect sent headers, fallback to OLD proto for compatability
                     hooks_proto = self.headers.get('rc-hooks-protocol') or self.JSON_HOOKS_PROTO
                     if hooks_proto == self.MSGPACK_HOOKS_PROTO:
                         # support for new vcsserver msgpack based protocol hooks
                         body = self.rfile.read(length)
                         data = self.deserialize_data(body)
                     else:
                         body = self.rfile.read(length)
                         data = self.deserialize_data(body)
                     return hooks_proto, data['method'], data['extras']
                 def _write_response(self, hooks_proto, result):
                     self.send_response(200)
                     if hooks_proto == self.MSGPACK_HOOKS_PROTO:
                         self.send_header("Content-type", "application/msgpack")
                         self.end_headers()
                         data = self.serialize_data(result)
                         self.wfile.write(data)
                     else:
                         self.send_header("Content-type", "text/json")
                         self.end_headers()
                         data = self.serialize_data(result)
                         self.wfile.write(data)
                 def _call_hook_method(self, hooks, method, extras):
                     try:
                         result = getattr(hooks, method)(extras)
                     finally:
                         meta.Session.remove()
                     return result
                 def log_message(self, format, *args):
                     """
                     This is an overridden method of BaseHTTPRequestHandler which logs using
                     logging library instead of writing directly to stderr.
                     """
                     message = format % args
                     log.debug(
                         "HOOKS: client=%s - - [%s] %s", self.client_address,
                         self.log_date_time_string(), message)
             class DummyHooksCallbackDaemon(object):
                 hooks_uri = ''
                 def __init__(self):
                     self.hooks_module = Hooks.__module__
                 def __enter__(self):
                     log.debug('Running `%s` callback daemon', self.__class__.__name__)
                     return self
                 def __exit__(self, exc_type, exc_val, exc_tb):
                     log.debug('Exiting `%s` callback daemon', self.__class__.__name__)
             class ThreadedHookCallbackDaemon(object):
                 _callback_thread = None
                 _daemon = None
                 _done = False
                 use_gevent = False
                 def __init__(self, txn_id=None, host=None, port=None):
                     self._prepare(txn_id=txn_id, host=host, port=port)
                     if self.use_gevent:
                         self._run_func = self._run_gevent
                         self._stop_func = self._stop_gevent
                     else:
                         self._run_func = self._run
                         self._stop_func = self._stop
                 def __enter__(self):
                     log.debug('Running `%s` callback daemon', self.__class__.__name__)
                     self._run_func()
                     return self
                 def __exit__(self, exc_type, exc_val, exc_tb):
                     log.debug('Exiting `%s` callback daemon', self.__class__.__name__)
                     self._stop_func()
                 def _prepare(self, txn_id=None, host=None, port=None):
                     raise NotImplementedError()
                 def _run(self):
                     raise NotImplementedError()
                 def _stop(self):
                     raise NotImplementedError()
                 def _run_gevent(self):
                     raise NotImplementedError()
                 def _stop_gevent(self):
                     raise NotImplementedError()
             class HttpHooksCallbackDaemon(ThreadedHookCallbackDaemon):
                 """
                 Context manager which will run a callback daemon in a background thread.
                 """
                 hooks_uri = None
                 # From Python docs: Polling reduces our responsiveness to a shutdown
                 # request and wastes cpu at all other times.
                 POLL_INTERVAL = 0.01
                 use_gevent = False
                 @property
                 def _hook_prefix(self):
                     return 'HOOKS: {} '.format(self.hooks_uri)
                 def get_hostname(self):
                     return socket.gethostname() or '127.0.0.1'
                 def get_available_port(self, min_port=20000, max_port=65535):
                     from rhodecode.lib.utils2 import get_available_port as _get_port
                     return _get_port(min_port, max_port)
                 def _prepare(self, txn_id=None, host=None, port=None):
                     from pyramid.threadlocal import get_current_request
                     if not host or host == "*":
                         host = self.get_hostname()
                     if not port:
                         port = self.get_available_port()
                     server_address = (host, port)
                     self.hooks_uri = '{}:{}'.format(host, port)
                     self.txn_id = txn_id
                     self._done = False
                     log.debug(
                         "%s Preparing HTTP callback daemon registering hook object: %s",
                         self._hook_prefix, HooksHttpHandler)
                     self._daemon = TCPServer(server_address, HooksHttpHandler)
                     # inject transaction_id for later verification
                     self._daemon.txn_id = self.txn_id
                     # pass the WEB app request into daemon
                     self._daemon.request = get_current_request()
                 def _run(self):
                     log.debug("Running thread-based loop of callback daemon in background")
                     callback_thread = threading.Thread(
                         target=self._daemon.serve_forever,
                         kwargs={'poll_interval': self.POLL_INTERVAL})
                     callback_thread.daemon = True
                     callback_thread.start()
                     self._callback_thread = callback_thread
                 def _run_gevent(self):
                     log.debug("Running gevent-based loop of callback daemon in background")
                     # create a new greenlet for the daemon's serve_forever method
                     callback_greenlet = gevent.spawn(
                         self._daemon.serve_forever,
                         poll_interval=self.POLL_INTERVAL)
                     # store reference to greenlet
                     self._callback_greenlet = callback_greenlet
                     # switch to this greenlet
                     gevent.sleep(0.01)
                 def _stop(self):
                     log.debug("Waiting for background thread to finish.")
                     self._daemon.shutdown()
                     self._callback_thread.join()
                     self._daemon = None
                     self._callback_thread = None
                     if self.txn_id:
                         txn_id_file = get_txn_id_data_path(self.txn_id)
                         log.debug('Cleaning up TXN ID %s', txn_id_file)
                         if os.path.isfile(txn_id_file):
                             os.remove(txn_id_file)
                     log.debug("Background thread done.")
                 def _stop_gevent(self):
                     log.debug("Waiting for background greenlet to finish.")
                     # if greenlet exists and is running
                     if self._callback_greenlet and not self._callback_greenlet.dead:
                         # shutdown daemon if it exists
                         if self._daemon:
                             self._daemon.shutdown()
                         # kill the greenlet
                         self._callback_greenlet.kill()
                     self._daemon = None
                     self._callback_greenlet = None
                     if self.txn_id:
                         txn_id_file = get_txn_id_data_path(self.txn_id)
                         log.debug('Cleaning up TXN ID %s', txn_id_file)
                         if os.path.isfile(txn_id_file):
                             os.remove(txn_id_file)
                     log.debug("Background greenlet done.")
             def get_txn_id_data_path(txn_id):
                 import rhodecode
                 root = rhodecode.CONFIG.get('cache_dir') or tempfile.gettempdir()
                 final_dir = os.path.join(root, 'svn_txn_id')
                 if not os.path.isdir(final_dir):
                     os.makedirs(final_dir)
                 return os.path.join(final_dir, 'rc_txn_id_{}'.format(txn_id))
             def store_txn_id_data(txn_id, data_dict):
                 if not txn_id:
                     log.warning('Cannot store txn_id because it is empty')
                     return
                 path = get_txn_id_data_path(txn_id)
                 try:
                     with open(path, 'wb') as f:
                         f.write(json.dumps(data_dict))
                 except Exception:
                     log.exception('Failed to write txn_id metadata')
             def get_txn_id_from_store(txn_id):
                 """
                 Reads txn_id from store and if present returns the data for callback manager
                 """
                 path = get_txn_id_data_path(txn_id)
                 try:
                     with open(path, 'rb') as f:
                         return json.loads(f.read())
                 except Exception:
                     return {}
             def prepare_callback_daemon(extras, protocol, host, use_direct_calls, txn_id=None):
                 txn_details = get_txn_id_from_store(txn_id)
                 port = txn_details.get('port', 0)
                 if use_direct_calls:
                     callback_daemon = DummyHooksCallbackDaemon()
                     extras['hooks_module'] = callback_daemon.hooks_module
                 else:
                     if protocol == 'http':
                         callback_daemon = HttpHooksCallbackDaemon(
                             txn_id=txn_id, host=host, port=port)
                     else:
                         log.error('Unsupported callback daemon protocol "%s"', protocol)
                         raise Exception('Unsupported callback daemon protocol.')
                 extras['hooks_uri'] = callback_daemon.hooks_uri
                 extras['hooks_protocol'] = protocol
                 extras['time'] = time.time()
                 # register txn_id
                 extras['txn_id'] = txn_id
                 log.debug('Prepared a callback daemon: %s at url `%s`',
                           callback_daemon.__class__.__name__, callback_daemon.hooks_uri)
                 return callback_daemon, extras
             class Hooks(object):
                 """
                 Exposes the hooks for remote call backs
                 """
                 def __init__(self, request=None, log_prefix=''):
                     self.log_prefix = log_prefix
                     self.request = request
                 def repo_size(self, extras):
                     log.debug("%sCalled repo_size of %s object", self.log_prefix, self)
                     return self._call_hook(hooks_base.repo_size, extras)
                 def pre_pull(self, extras):
                     log.debug("%sCalled pre_pull of %s object", self.log_prefix, self)
                     return self._call_hook(hooks_base.pre_pull, extras)
                 def post_pull(self, extras):
                     log.debug("%sCalled post_pull of %s object", self.log_prefix, self)
                     return self._call_hook(hooks_base.post_pull, extras)
                 def pre_push(self, extras):
                     log.debug("%sCalled pre_push of %s object", self.log_prefix, self)
                     return self._call_hook(hooks_base.pre_push, extras)
                 def post_push(self, extras):
                     log.debug("%sCalled post_push of %s object", self.log_prefix, self)
                     return self._call_hook(hooks_base.post_push, extras)
                 def _call_hook(self, hook, extras):
                     extras = AttributeDict(extras)
                     server_url = extras['server_url']
                     extras.request = self.request
                     try:
                         result = hook(extras)
                         if result is None:
                             raise Exception(
                                 'Failed to obtain hook result from func: {}'.format(hook))
                     except HTTPBranchProtected as handled_error:
                         # Those special cases doesn't need error reporting. It's a case of
                         # locked repo or protected branch
                         result = AttributeDict({
                             'status': handled_error.code,
                             'output': handled_error.explanation
                         })
                     except (HTTPLockedRC, Exception) as error:
                         # locked needs different handling since we need to also
                         # handle PULL operations
                         exc_tb = ''
                         if not isinstance(error, HTTPLockedRC):
                             exc_tb = traceback.format_exc()
                             log.exception('%sException when handling hook %s', self.log_prefix, hook)
                         error_args = error.args
                         return {
                             'status': 128,
                             'output': '',
                             'exception': type(error).__name__,
                             'exception_traceback': exc_tb,
                             'exception_args': error_args,
                         }
                     finally:
                         meta.Session.remove()
                     log.debug('%sGot hook call response %s', self.log_prefix, result)
                     return {
                         'status': result.status,
                         'output': result.output,
                     }
                 def __enter__(self):
                     return self
                 def __exit__(self, exc_type, exc_val, exc_tb):
                     pass

rhodecode/lib/system_info.py

0 +2 -1

             # Copyright (C) 2017-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import time
             import platform
             import collections
             import psutil
             from functools import wraps
             import pkg_resources
             import logging
             import resource
             import configparser
+            from rc_license.models import LicenseModel
             from rhodecode.lib.str_utils import safe_str
             log = logging.getLogger(__name__)
             _NA = 'NOT AVAILABLE'
             _NA_FLOAT = 0.0
             STATE_OK = 'ok'
             STATE_ERR = 'error'
             STATE_WARN = 'warning'
             STATE_OK_DEFAULT = {'message': '', 'type': STATE_OK}
             registered_helpers = {}
             def register_sysinfo(func):
                 """
                 @register_helper
                 def db_check():
                     pass
                 db_check == registered_helpers['db_check']
                 """
                 global registered_helpers
                 registered_helpers[func.__name__] = func
                 @wraps(func)
                 def _wrapper(*args, **kwargs):
                     return func(*args, **kwargs)
                 return _wrapper
             # HELPERS
             def percentage(part: (int, float), whole: (int, float)):
                 whole = float(whole)
                 if whole > 0:
                     return round(100 * float(part) / whole, 1)
                 return 0.0
             def get_storage_size(storage_path):
                 sizes = []
                 for file_ in os.listdir(storage_path):
                     storage_file = os.path.join(storage_path, file_)
                     if os.path.isfile(storage_file):
                         try:
                             sizes.append(os.path.getsize(storage_file))
                         except OSError:
                             log.exception('Failed to get size of storage file %s', storage_file)
                             pass
                 return sum(sizes)
             def get_resource(resource_type):
                 try:
                     return resource.getrlimit(resource_type)
                 except Exception:
                     return 'NOT_SUPPORTED'
             def get_cert_path(ini_path):
                 default = '/etc/ssl/certs/ca-certificates.crt'
                 control_ca_bundle = os.path.join(
                     os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(ini_path)))),
                     '.rccontrol-profile/etc/ca-bundle.crt')
                 if os.path.isfile(control_ca_bundle):
                     default = control_ca_bundle
                 return default
             class SysInfoRes(object):
                 def __init__(self, value, state=None, human_value=None):
                     self.value = value
                     self.state = state or STATE_OK_DEFAULT
                     self.human_value = human_value or value
                 def __json__(self):
                     return {
                         'value': self.value,
                         'state': self.state,
                         'human_value': self.human_value,
                     }
                 def get_value(self):
                     return self.__json__()
                 def __str__(self):
                     return f'<SysInfoRes({self.__json__()})>'
             class SysInfo(object):
                 def __init__(self, func_name, **kwargs):
                     self.function_name = func_name
                     self.value = _NA
                     self.state = None
                     self.kwargs = kwargs or {}
                 def __call__(self):
                     computed = self.compute(**self.kwargs)
                     if not isinstance(computed, SysInfoRes):
                         raise ValueError(
                             'computed value for {} is not instance of '
                             '{}, got {} instead'.format(
                                 self.function_name, SysInfoRes, type(computed)))
                     return computed.__json__()
                 def __str__(self):
                     return f'<SysInfo({self.function_name})>'
                 def compute(self, **kwargs):
                     return self.function_name(**kwargs)
             # SysInfo functions
             @register_sysinfo
             def python_info():
                 value = dict(version=f'{platform.python_version()}:{platform.python_implementation()}',
                              executable=sys.executable)
                 return SysInfoRes(value=value)
             @register_sysinfo
             def py_modules():
                 mods = dict([(p.project_name, {'version': p.version, 'location': p.location})
                              for p in pkg_resources.working_set])
                 value = sorted(mods.items(), key=lambda k: k[0].lower())
                 return SysInfoRes(value=value)
             @register_sysinfo
             def platform_type():
                 from rhodecode.lib.utils import generate_platform_uuid
                 value = dict(
                     name=safe_str(platform.platform()),
                     uuid=generate_platform_uuid()
                 )
                 return SysInfoRes(value=value)
             @register_sysinfo
             def locale_info():
                 import locale
                 def safe_get_locale(locale_name):
                     try:
                         locale.getlocale(locale_name)
                     except TypeError:
                         return f'FAILED_LOCALE_GET:{locale_name}'
                 value = dict(
                     locale_default=locale.getlocale(),
                     locale_lc_all=safe_get_locale(locale.LC_ALL),
                     locale_lc_ctype=safe_get_locale(locale.LC_CTYPE),
                     lang_env=os.environ.get('LANG'),
                     lc_all_env=os.environ.get('LC_ALL'),
                     local_archive_env=os.environ.get('LOCALE_ARCHIVE'),
                 )
                 human_value = \
                     f"LANG: {value['lang_env']}, \
                       locale LC_ALL: {value['locale_lc_all']},  \
                       locale LC_CTYPE: {value['locale_lc_ctype']},  \
                       Default locales: {value['locale_default']}"
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def ulimit_info():
                 data = collections.OrderedDict([
                     ('cpu time (seconds)', get_resource(resource.RLIMIT_CPU)),
                     ('file size', get_resource(resource.RLIMIT_FSIZE)),
                     ('stack size', get_resource(resource.RLIMIT_STACK)),
                     ('core file size', get_resource(resource.RLIMIT_CORE)),
                     ('address space size', get_resource(resource.RLIMIT_AS)),
                     ('locked in mem size', get_resource(resource.RLIMIT_MEMLOCK)),
                     ('heap size', get_resource(resource.RLIMIT_DATA)),
                     ('rss size', get_resource(resource.RLIMIT_RSS)),
                     ('number of processes', get_resource(resource.RLIMIT_NPROC)),
                     ('open files', get_resource(resource.RLIMIT_NOFILE)),
                 ])
                 text = ', '.join(f'{k}:{v}' for k, v in data.items())
                 value = {
                     'limits': data,
                     'text': text,
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def uptime():
                 from rhodecode.lib.helpers import age, time_to_datetime
                 from rhodecode.translation import TranslationString
                 value = dict(boot_time=0, uptime=0, text='')
                 state = STATE_OK_DEFAULT
                 boot_time = psutil.boot_time()
                 value['boot_time'] = boot_time
                 value['uptime'] = time.time() - boot_time
                 date_or_age = age(time_to_datetime(boot_time))
                 if isinstance(date_or_age, TranslationString):
                     date_or_age = date_or_age.interpolate()
                 human_value = value.copy()
                 human_value['boot_time'] = time_to_datetime(boot_time)
                 human_value['uptime'] = age(time_to_datetime(boot_time), show_suffix=False)
                 human_value['text'] = f'Server started {date_or_age}'
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def memory():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 value = dict(available=0, used=0, used_real=0, cached=0, percent=0,
                              percent_used=0, free=0, inactive=0, active=0, shared=0,
                              total=0, buffers=0, text='')
                 state = STATE_OK_DEFAULT
                 value.update(dict(psutil.virtual_memory()._asdict()))
                 value['used_real'] = value['total'] - value['available']
                 value['percent_used'] = psutil._common.usage_percent(
                     value['used_real'], value['total'], 1)
                 human_value = value.copy()
                 human_value['text'] = '{}/{}, {}% used'.format(
                     format_byte_size_binary(value['used_real']),
                     format_byte_size_binary(value['total']),
                     value['percent_used'])
                 keys = list(value.keys())[::]
                 keys.pop(keys.index('percent'))
                 keys.pop(keys.index('percent_used'))
                 keys.pop(keys.index('text'))
                 for k in keys:
                     human_value[k] = format_byte_size_binary(value[k])
                 if state['type'] == STATE_OK and value['percent_used'] > 90:
                     msg = 'Critical: your available RAM memory is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent_used'] > 70:
                     msg = 'Warning: your available RAM memory is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def machine_load():
                 value = {'1_min': _NA_FLOAT, '5_min': _NA_FLOAT, '15_min': _NA_FLOAT, 'text': ''}
                 state = STATE_OK_DEFAULT
                 # load averages
                 if hasattr(psutil.os, 'getloadavg'):
                     value.update(dict(
                         list(zip(['1_min', '5_min', '15_min'], psutil.os.getloadavg()))
                     ))
                 human_value = value.copy()
                 human_value['text'] = '1min: {}, 5min: {}, 15min: {}'.format(
                     value['1_min'], value['5_min'], value['15_min'])
                 if state['type'] == STATE_OK and value['15_min'] > 5.0:
                     msg = 'Warning: your machine load is very high.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def cpu():
                 value = {'cpu': 0, 'cpu_count': 0, 'cpu_usage': []}
                 state = STATE_OK_DEFAULT
                 value['cpu'] = psutil.cpu_percent(0.5)
                 value['cpu_usage'] = psutil.cpu_percent(0.5, percpu=True)
                 value['cpu_count'] = psutil.cpu_count()
                 human_value = value.copy()
                 human_value['text'] = '{} cores at {} %'.format(
                     value['cpu_count'], value['cpu'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 from rhodecode.model.settings import VcsSettingsModel
                 path = VcsSettingsModel().get_repos_location()
                 value = dict(percent=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch disk info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk space is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk space is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_inodes():
                 from rhodecode.model.settings import VcsSettingsModel
                 path = VcsSettingsModel().get_repos_location()
                 value = dict(percent=0.0, free=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     i_stat = os.statvfs(path)
                     value['free'] = i_stat.f_ffree
                     value['used'] = i_stat.f_files-i_stat.f_favail
                     value['total'] = i_stat.f_files
                     value['percent'] = percentage(value['used'], value['total'])
                 except Exception as e:
                     log.exception('Failed to fetch disk inodes info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = "{}/{}, {}% used".format(
                     value['used'], value['total'], value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk free inodes are very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk free inodes are running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_archives():
                 import rhodecode
                 from rhodecode.lib.utils import safe_str
                 from rhodecode.lib.helpers import format_byte_size_binary
                 msg = 'Archive cache storage is controlled by ' \
                       'archive_cache.store_dir=/path/to/cache option in the .ini file'
                 path = safe_str(rhodecode.CONFIG.get('archive_cache.store_dir', msg))
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     items_count = 0
                     used = 0
                     for root, dirs, files in os.walk(path):
                         if root == path:
                             items_count = len(dirs)
                         for f in files:
                             try:
                                 used += os.path.getsize(os.path.join(root, f))
                             except OSError:
                                 pass
                     value.update({
                         'percent': 100,
                         'used': used,
                         'total': used,
                         'items': items_count
                     })
                 except Exception as e:
                     log.exception('failed to fetch archive cache storage')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_gist():
                 from rhodecode.model.gist import GIST_STORE_LOC
                 from rhodecode.model.settings import VcsSettingsModel
                 from rhodecode.lib.utils import safe_str
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = safe_str(os.path.join(
                     VcsSettingsModel().get_repos_location(), GIST_STORE_LOC))
                 # gist storage
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     items_count = 0
                     used = 0
                     for root, dirs, files in os.walk(path):
                         if root == path:
                             items_count = len(dirs)
                         for f in files:
                             try:
                                 used += os.path.getsize(os.path.join(root, f))
                             except OSError:
                                 pass
                     value.update({
                         'percent': 100,
                         'used': used,
                         'total': used,
                         'items': items_count
                     })
                 except Exception as e:
                     log.exception('failed to fetch gist storage items')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_temp():
                 import tempfile
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = tempfile.gettempdir()
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 if not psutil:
                     return SysInfoRes(value=value, state=state)
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch temp dir info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def search_info():
                 import rhodecode
                 from rhodecode.lib.index import searcher_from_config
                 backend = rhodecode.CONFIG.get('search.module', '')
                 location = rhodecode.CONFIG.get('search.location', '')
                 try:
                     searcher = searcher_from_config(rhodecode.CONFIG)
                     searcher = searcher.__class__.__name__
                 except Exception:
                     searcher = None
                 value = dict(
                     backend=backend, searcher=searcher, location=location, text='')
                 state = STATE_OK_DEFAULT
                 human_value = value.copy()
                 human_value['text'] = "backend:`{}`".format(human_value['backend'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def git_info():
                 from rhodecode.lib.vcs.backends import git
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = git.discover_git_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def hg_info():
                 from rhodecode.lib.vcs.backends import hg
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = hg.discover_hg_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def svn_info():
                 from rhodecode.lib.vcs.backends import svn
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = svn.discover_svn_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_backends():
                 import rhodecode
                 value = rhodecode.CONFIG.get('vcs.backends')
                 human_value = 'Enabled backends in order: {}'.format(','.join(value))
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def vcs_server():
                 import rhodecode
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 server_url = rhodecode.CONFIG.get('vcs.server')
                 enabled = rhodecode.CONFIG.get('vcs.server.enable')
                 protocol = rhodecode.CONFIG.get('vcs.server.protocol') or 'http'
                 state = STATE_OK_DEFAULT
                 version = None
                 workers = 0
                 try:
                     data = get_vcsserver_service_data()
                     if data and 'version' in data:
                         version = data['version']
                     if data and 'config' in data:
                         conf = data['config']
                         workers = conf.get('workers', 'NOT AVAILABLE')
                     connection = 'connected'
                 except Exception as e:
                     connection = 'failed'
                     state = {'message': str(e), 'type': STATE_ERR}
                 value = dict(
                     url=server_url,
                     enabled=enabled,
                     protocol=protocol,
                     connection=connection,
                     version=version,
                     text='',
                 )
                 human_value = value.copy()
                 human_value['text'] = \
                     '{url}@ver:{ver} via {mode} mode[workers:{workers}], connection:{conn}'.format(
                         url=server_url, ver=version, workers=workers, mode=protocol,
                         conn=connection)
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_server_config():
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 state = STATE_OK_DEFAULT
                 value = {}
                 try:
                     data = get_vcsserver_service_data()
                     value = data['app_config']
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = 'VCS Server config'
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def rhodecode_app_info():
                 import rhodecode
                 edition = rhodecode.CONFIG.get('rhodecode.edition')
                 value = dict(
                     rhodecode_version=rhodecode.__version__,
                     rhodecode_lib_path=os.path.abspath(rhodecode.__file__),
                     text=''
                 )
                 human_value = value.copy()
                 human_value['text'] = 'RhodeCode {edition}, version {ver}'.format(
                     edition=edition, ver=value['rhodecode_version']
                 )
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def rhodecode_config():
                 import rhodecode
                 path = rhodecode.CONFIG.get('__file__')
                 rhodecode_ini_safe = rhodecode.CONFIG.copy()
                 cert_path = get_cert_path(path)
                 try:
                     config = configparser.ConfigParser()
                     config.read(path)
                     parsed_ini = config
                     if parsed_ini.has_section('server:main'):
                         parsed_ini = dict(parsed_ini.items('server:main'))
                 except Exception:
                     log.exception('Failed to read .ini file for display')
                     parsed_ini = {}
                 rhodecode_ini_safe['server:main'] = parsed_ini
                 blacklist = [
-                    'rhodecode_license_key',
+                    f'rhodecode_{LicenseModel.LICENSE_DB_KEY}',
                     'routes.map',
                     'sqlalchemy.db1.url',
                     'channelstream.secret',
                     'beaker.session.secret',
                     'rhodecode.encrypted_values.secret',
                     'rhodecode_auth_github_consumer_key',
                     'rhodecode_auth_github_consumer_secret',
                     'rhodecode_auth_google_consumer_key',
                     'rhodecode_auth_google_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_key',
                     'rhodecode_auth_twitter_consumer_secret',
                     'rhodecode_auth_twitter_consumer_key',
                     'rhodecode_auth_twitter_secret',
                     'rhodecode_auth_github_secret',
                     'rhodecode_auth_google_secret',
                     'rhodecode_auth_bitbucket_secret',
                     'appenlight.api_key',
                     ('app_conf', 'sqlalchemy.db1.url')
                 ]
                 for k in blacklist:
                     if isinstance(k, tuple):
                         section, key = k
                         if section in rhodecode_ini_safe:
                             rhodecode_ini_safe[section] = '**OBFUSCATED**'
                     else:
                         rhodecode_ini_safe.pop(k, None)
                 # TODO: maybe put some CONFIG checks here ?
                 return SysInfoRes(value={'config': rhodecode_ini_safe,
                                          'path': path, 'cert_path': cert_path})
             @register_sysinfo
             def database_info():
                 import rhodecode
                 from sqlalchemy.engine import url as engine_url
                 from rhodecode.model import meta
                 from rhodecode.model.meta import Session
                 from rhodecode.model.db import DbMigrateVersion
                 state = STATE_OK_DEFAULT
                 db_migrate = DbMigrateVersion.query().filter(
                     DbMigrateVersion.repository_id == 'rhodecode_db_migrations').one()
                 db_url_obj = engine_url.make_url(rhodecode.CONFIG['sqlalchemy.db1.url'])
                 try:
                     engine = meta.get_engine()
                     db_server_info = engine.dialect._get_server_version_info(
                         Session.connection(bind=engine))
                     db_version = '.'.join(map(str, db_server_info))
                 except Exception:
                     log.exception('failed to fetch db version')
                     db_version = 'UNKNOWN'
                 db_info = dict(
                     migrate_version=db_migrate.version,
                     type=db_url_obj.get_backend_name(),
                     version=db_version,
                     url=repr(db_url_obj)
                 )
                 current_version = db_migrate.version
                 expected_version = rhodecode.__dbversion__
                 if state['type'] == STATE_OK and current_version != expected_version:
                     msg = 'Critical: database schema mismatch, ' \
                           'expected version {}, got {}. ' \
                           'Please run migrations on your database.'.format(
                         expected_version, current_version)
                     state = {'message': msg, 'type': STATE_ERR}
                 human_value = db_info.copy()
                 human_value['url'] = "{} @ migration version: {}".format(
                     db_info['url'], db_info['migrate_version'])
                 human_value['version'] = "{} {}".format(db_info['type'], db_info['version'])
                 return SysInfoRes(value=db_info, state=state, human_value=human_value)
             @register_sysinfo
             def server_info(environ):
                 import rhodecode
                 from rhodecode.lib.base import get_server_ip_addr, get_server_port
                 value = {
                     'server_ip': '{}:{}'.format(
                         get_server_ip_addr(environ, log_errors=False),
                         get_server_port(environ)
                     ),
                     'server_id': rhodecode.CONFIG.get('instance_id'),
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def usage_info():
                 from rhodecode.model.db import User, Repository
                 value = {
                     'users': User.query().count(),
                     'users_active': User.query().filter(User.active == True).count(),
                     'repositories': Repository.query().count(),
                     'repository_types': {
                         'hg': Repository.query().filter(
                             Repository.repo_type == 'hg').count(),
                         'git': Repository.query().filter(
                             Repository.repo_type == 'git').count(),
                         'svn': Repository.query().filter(
                             Repository.repo_type == 'svn').count(),
                     },
                 }
                 return SysInfoRes(value=value)
             def get_system_info(environ):
                 environ = environ or {}
                 return {
                     'rhodecode_app': SysInfo(rhodecode_app_info)(),
                     'rhodecode_config': SysInfo(rhodecode_config)(),
                     'rhodecode_usage': SysInfo(usage_info)(),
                     'python': SysInfo(python_info)(),
                     'py_modules': SysInfo(py_modules)(),
                     'platform': SysInfo(platform_type)(),
                     'locale': SysInfo(locale_info)(),
                     'server': SysInfo(server_info, environ=environ)(),
                     'database': SysInfo(database_info)(),
                     'ulimit': SysInfo(ulimit_info)(),
                     'storage': SysInfo(storage)(),
                     'storage_inodes': SysInfo(storage_inodes)(),
                     'storage_archive': SysInfo(storage_archives)(),
                     'storage_gist': SysInfo(storage_gist)(),
                     'storage_temp': SysInfo(storage_temp)(),
                     'search': SysInfo(search_info)(),
                     'uptime': SysInfo(uptime)(),
                     'load': SysInfo(machine_load)(),
                     'cpu': SysInfo(cpu)(),
                     'memory': SysInfo(memory)(),
                     'vcs_backends': SysInfo(vcs_backends)(),
                     'vcs_server': SysInfo(vcs_server)(),
                     'vcs_server_config': SysInfo(vcs_server_config)(),
                     'git': SysInfo(git_info)(),
                     'hg': SysInfo(hg_info)(),
                     'svn': SysInfo(svn_info)(),
                 }
             def load_system_info(key):
                 """
                 get_sys_info('vcs_server')
                 get_sys_info('database')
                 """
                 return SysInfo(registered_helpers[key])()

rhodecode/tests/rhodecode.ini

0 +9 -80

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
-            ; COMMON HOST/IP CONFIG
+            ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
-            host = 0.0.0.0
+            ; Host port for gunicorn are controlled by gunicorn_conf.py
-            port = 5000
+            host = 127.0.0.1
+            port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
-            ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
+            ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
-            ; Sets the number of process workers. More workers means more concurrent connections
-            ; RhodeCode can handle at the same time. Each additional worker also it increases
-            ; memory usage as each has it's own set of caches.
-            ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
-            ; than 8-10 unless for really big deployments .e.g 700-1000 users.
-            ; `instance_id = *` must be set in the [app:main] section below (which is the default)
-            ; when using more than 1 worker.
-            #workers = 2
-            ; Gunicorn access log level
-            #loglevel = info
-            ; Process name visible in process list
-            #proc_name = rhodecode
-            ; Type of worker class, one of `sync`, `gevent`
-            ; Recommended type is `gevent`
-            #worker_class = gevent
-            ; The maximum number of simultaneous clients per worker. Valid only for gevent
-            #worker_connections = 10
-            ; The maximum number of pending connections worker will queue to handle
-            #backlog = 64
-            ; Max number of requests that worker will handle before being gracefully restarted.
-            ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
-            #max_requests = 1000
-            #max_requests_jitter = 30
-            ; Amount of time a worker can spend with handling a request before it
-            ; gets killed and restarted. By default set to 21600 (6hrs)
-            ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
-            #timeout = 21600
-            ; The maximum size of HTTP request line in bytes.
-            ; 0 for unlimited
-            #limit_request_line = 0
-            ; Limit the number of HTTP headers fields in a request.
-            ; By default this value is 100 and can't be larger than 32768.
-            #limit_request_fields = 32768
-            ; Limit the allowed size of an HTTP request header field.
-            ; Value is a positive number or 0.
-            ; Setting it to 0 will allow unlimited header field sizes.
-            #limit_request_field_size = 0
-            ; Timeout for graceful workers restart.
-            ; After receiving a restart signal, workers have this much time to finish
-            ; serving requests. Workers still alive after the timeout (starting from the
-            ; receipt of the restart signal) are force killed.
-            ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
-            #graceful_timeout = 3600
-            # The number of seconds to wait for requests on a Keep-Alive connection.
-            # Generally set in the 1-5 seconds range.
-            #keepalive = 2
-            ; Maximum memory usage that each worker can use before it will receive a
-            ; graceful restart signal 0 = memory monitoring is disabled
-            ; Examples: 268435456 (256MB), 536870912 (512MB)
-            ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
-            #memory_max_usage = 0
-            ; How often in seconds to check for memory usage for each gunicorn worker
-            #memory_usage_check_interval = 60
-            ; Threshold value for which we don't recycle worker if GarbageCollection
-            ; frees up enough resources. Before each restart we try to run GC on worker
-            ; in case we get enough free memory after that, restart will not happen.
-            #memory_usage_recovery_threshold = 0.8
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             is_test = True
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = true
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 1024000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 256000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = false
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; allows to change the repository location in settings page
             allow_repo_location_change = true
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token = abra-cada-bra1-rce3
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries
             file_store.storage_path = %(here)s/data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             ; Default is $cache_dir/archive_cache if not set
             archive_cache.store_dir = /tmp/rc-test-data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.cache_size_gb = 10
             ; By default cache uses sharding technique, this specifies how many shards are there
             archive_cache.cache_shards = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://localhost:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = %(here)s/rc-test-data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 0
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_general.arguments.filename = %(here)s/cache-backend/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 0
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_perms.arguments.filename = %(here)s/cache-backend/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_repo.arguments.filename = %(here)s/cache-backend/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
             ; Fastest ones are Redis and ext:database
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/rc-tests/data/sessions
             ; Redis based sessions
             #beaker.session.type = ext:redis
             #beaker.session.url = redis://127.0.0.1:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = test-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/data/sessions/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ## auto save the session to not to use .save()
             beaker.session.auto = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = false
             ; server address for channelstream server on the backend
             channelstream.server = 127.0.0.1:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = secret
             channelstream.history.location = %(here)s/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
+            ; the general calculus with gevent is:
+            ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
+            ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
-            #vcs.server = localhost:9901
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = false
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = %(here)s/rc/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
-            ; We recommend setting statsd_exported and scrape them using Promethues
+            ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             logging.autoconfigure = false
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper, dogpile
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_routes]
             level = DEBUG
             handlers =
             qualname = routes.middleware
             ## "level = DEBUG" logs the route matched and routing variables.
             propagate = 1
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_dogpile]
             level = INFO
             handlers = console
             qualname = dogpile
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages