rhodecode-enterprise-ce Commit - r5335:518d5c3d

chore(configs): optimize configs for docker env

super-admin -

r5335:518d5c3d default

parent child

configs/development.ini

0 +32 -91

             file_store.backend = local
             ; path to store the uploaded binaries
-            file_store.storage_path = %(here)s/data/file_store
+            file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; RhodeCode and vcsserver
             ; Default is $cache_dir/archive_cache if not set
-            archive_cache.store_dir = %(here)s/data/archive_cache
+            archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.cache_size_gb = 10
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
-            use_celery = false
+            use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
-            cache_dir = %(here)s/data
+            cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
-            beaker.session.type = file
+            #beaker.session.type = file
-            beaker.session.data_dir = %(here)s/data/sessions
+            #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
-            #beaker.session.type = ext:redis
+            beaker.session.type = ext:redis
-            #beaker.session.url = redis://127.0.0.1:6379/2
+            beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
-            beaker.session.lock_dir = %(here)s/data/sessions/lock
+            beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
-            channelstream.enabled = false
+            channelstream.enabled = true
             ; server address for channelstream server on the backend
-            channelstream.server = 127.0.0.1:9800
+            channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
-            channelstream.secret = secret
+            channelstream.secret = ENV_GENERATED
-            channelstream.history.location = %(here)s/channelstream_history
+            channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
-            vcs.server = localhost:9900
+            vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
+            ; Cache flag to cache vcsserver remote calls locally
+            ; It uses cache_region `cache_repo`
+            vcs.methods.cache = true
+            ; ####################################################
+            ; Subversion proxy support (mod_dav_svn)
+            ; Maps RhodeCode repo groups into SVN paths for Apache
+            ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
-            ; Cache flag to cache vcsserver remote calls locally
-            ; It uses cache_region `cache_repo`
-            vcs.methods.cache = true
-            ; ####################################################
-            ; Subversion proxy support (mod_dav_svn)
-            ; Maps RhodeCode repo groups into SVN paths for Apache
-            ; ####################################################
             ; Enable or disable the config file generation.
-            svn.proxy.generate_config = false
+            svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
-            svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
+            svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
-            ssh.generate_authorized_keyfile = false
+            ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
-            ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
+            ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
-            ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
+            ; e.g /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
-            ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
+            ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
-            ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
+            ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
-            ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
+            ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
-            ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
+            ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
-            ; #################
-            ; APPENLIGHT CONFIG
-            ; #################
-            ; Appenlight is tailored to work with RhodeCode, see
-            ; http://appenlight.rhodecode.com for details how to obtain an account
-            ; Appenlight integration enabled
-            #appenlight = false
-            #appenlight.server_url = https://api.appenlight.com
-            #appenlight.api_key = YOUR_API_KEY
-            #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
-            ; used for JS client
-            #appenlight.api_public_key = YOUR_API_PUBLIC_KEY
-            ; TWEAK AMOUNT OF INFO SENT HERE
-            ; enables 404 error logging (default False)
-            #appenlight.report_404 = false
-            ; time in seconds after request is considered being slow (default 1)
-            #appenlight.slow_request_time = 1
-            ; record slow requests in application
-            ; (needs to be enabled for slow datastore recording and time tracking)
-            #appenlight.slow_requests = true
-            ; enable hooking to application loggers
-            #appenlight.logging = true
-            ; minimum log level for log capture
-            #ppenlight.logging.level = WARNING
-            ; send logs only from erroneous/slow requests
-            ; (saves API quota for intensive logging)
-            #appenlight.logging_on_error = false
-            ; list of additional keywords that should be grabbed from environ object
-            ; can be string with comma separated list of words in lowercase
-            ; (by default client will always send following info:
-            ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
-            ; start with HTTP* this list be extended with additional keywords here
-            #appenlight.environ_keys_whitelist =
-            ; list of keywords that should be blanked from request object
-            ; can be string with comma separated list of words in lowercase
-            ; (by default client will always blank keys that contain following words
-            ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
-            ; this list be extended with additional keywords set here
-            #appenlight.request_keys_blacklist =
-            ; list of namespaces that should be ignores when gathering log entries
-            ; can be string with comma separated list of namespaces
-            ; (by default the client ignores own entries: appenlight_client.client)
-            #appenlight.log_namespace_blacklist =
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false

configs/production.ini

0 +33 -92

             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
-            app.service_api.host= http://rhodecode.local:10020
+            app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             file_store.backend = local
             ; path to store the uploaded binaries
-            file_store.storage_path = %(here)s/data/file_store
+            file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; RhodeCode and vcsserver
             ; Default is $cache_dir/archive_cache if not set
-            archive_cache.store_dir = %(here)s/data/archive_cache
+            archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.cache_size_gb = 40
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
-            use_celery = false
+            use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
-            cache_dir = %(here)s/data
+            cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
-            beaker.session.type = file
+            #beaker.session.type = file
-            beaker.session.data_dir = %(here)s/data/sessions
+            #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
-            #beaker.session.type = ext:redis
+            beaker.session.type = ext:redis
-            #beaker.session.url = redis://127.0.0.1:6379/2
+            beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
-            beaker.session.lock_dir = %(here)s/data/sessions/lock
+            beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
-            channelstream.enabled = false
+            channelstream.enabled = true
             ; server address for channelstream server on the backend
-            channelstream.server = 127.0.0.1:9800
+            channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
-            channelstream.secret = secret
+            channelstream.secret = ENV_GENERATED
-            channelstream.history.location = %(here)s/channelstream_history
+            channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
-            vcs.server = localhost:9900
+            vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
+            ; Cache flag to cache vcsserver remote calls locally
+            ; It uses cache_region `cache_repo`
+            vcs.methods.cache = true
+            ; ####################################################
+            ; Subversion proxy support (mod_dav_svn)
+            ; Maps RhodeCode repo groups into SVN paths for Apache
+            ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
-            ; Cache flag to cache vcsserver remote calls locally
-            ; It uses cache_region `cache_repo`
-            vcs.methods.cache = true
-            ; ####################################################
-            ; Subversion proxy support (mod_dav_svn)
-            ; Maps RhodeCode repo groups into SVN paths for Apache
-            ; ####################################################
             ; Enable or disable the config file generation.
-            svn.proxy.generate_config = false
+            svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
-            svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
+            svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
-            ssh.generate_authorized_keyfile = false
+            ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
-            ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
+            ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
-            ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
+            ; e.g /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
-            ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
+            ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
-            ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
+            ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
-            ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
+            ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
-            ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
+            ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
-            ; #################
-            ; APPENLIGHT CONFIG
-            ; #################
-            ; Appenlight is tailored to work with RhodeCode, see
-            ; http://appenlight.rhodecode.com for details how to obtain an account
-            ; Appenlight integration enabled
-            #appenlight = false
-            #appenlight.server_url = https://api.appenlight.com
-            #appenlight.api_key = YOUR_API_KEY
-            #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
-            ; used for JS client
-            #appenlight.api_public_key = YOUR_API_PUBLIC_KEY
-            ; TWEAK AMOUNT OF INFO SENT HERE
-            ; enables 404 error logging (default False)
-            #appenlight.report_404 = false
-            ; time in seconds after request is considered being slow (default 1)
-            #appenlight.slow_request_time = 1
-            ; record slow requests in application
-            ; (needs to be enabled for slow datastore recording and time tracking)
-            #appenlight.slow_requests = true
-            ; enable hooking to application loggers
-            #appenlight.logging = true
-            ; minimum log level for log capture
-            #ppenlight.logging.level = WARNING
-            ; send logs only from erroneous/slow requests
-            ; (saves API quota for intensive logging)
-            #appenlight.logging_on_error = false
-            ; list of additional keywords that should be grabbed from environ object
-            ; can be string with comma separated list of words in lowercase
-            ; (by default client will always send following info:
-            ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
-            ; start with HTTP* this list be extended with additional keywords here
-            #appenlight.environ_keys_whitelist =
-            ; list of keywords that should be blanked from request object
-            ; can be string with comma separated list of words in lowercase
-            ; (by default client will always blank keys that contain following words
-            ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
-            ; this list be extended with additional keywords set here
-            #appenlight.request_keys_blacklist =
-            ; list of namespaces that should be ignores when gathering log entries
-            ; can be string with comma separated list of namespaces
-            ; (by default the client ignores own entries: appenlight_client.client)
-            #appenlight.log_namespace_blacklist =
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages