rhodecode-enterprise-ce Commit - r5335:518d5c3d

chore(configs): optimize configs for docker env

super-admin -

r5335:518d5c3d default

parent child

configs/development.ini

0 +32 -91

              file_store.backend = local
              ; path to store the uploaded binaries
-             file_store.storage_path = %(here)s/data/file_store
+             file_store.storage_path = /var/opt/rhodecode_data/file_store
              ; Uncomment and set this path to control settings for archive download cache.
              ; Generated repo archives will be cached at this location
              ; RhodeCode and vcsserver
              ; Default is $cache_dir/archive_cache if not set
-             archive_cache.store_dir = %(here)s/data/archive_cache
+             archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
              ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
              archive_cache.cache_size_gb = 10
              ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
-             use_celery = false
+             use_celery = true
              ; path to store schedule database
              #celerybeat-schedule.path =
              ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
              ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
-             cache_dir = %(here)s/data
+             cache_dir = /var/opt/rhodecode_data
              ; *********************************************
              ; `sql_cache_short` cache for heavy SQL queries
              ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
              ; types are file, ext:redis, ext:database, ext:memcached
              ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
-             beaker.session.type = file
-             beaker.session.data_dir = %(here)s/data/sessions
+             #beaker.session.type = file
+             #beaker.session.data_dir = %(here)s/data/sessions
              ; Redis based sessions
-             #beaker.session.type = ext:redis
-             #beaker.session.url = redis://127.0.0.1:6379/2
+             beaker.session.type = ext:redis
+             beaker.session.url = redis://redis:6379/2
              ; DB based session, fast, and allows easy management over logged in users
              #beaker.session.type = ext:database
              beaker.session.key = rhodecode
              beaker.session.secret = develop-rc-uytcxaz
-             beaker.session.lock_dir = %(here)s/data/sessions/lock
+             beaker.session.lock_dir = /data_ramdisk/lock
              ; Secure encrypted cookie. Requires AES and AES python libraries
              ; you must disable beaker.session.secret to use this
              ; channelstream enables persistent connections and live notification
              ; in the system. It's also used by the chat system
-             channelstream.enabled = false
+             channelstream.enabled = true
              ; server address for channelstream server on the backend
-             channelstream.server = 127.0.0.1:9800
+             channelstream.server = channelstream:9800
              ; location of the channelstream server from outside world
              ; use ws:// for http or wss:// for https. This address needs to be handled
              ; by external HTTP server such as Nginx or Apache
              ; see Nginx/Apache configuration examples in our docs
              channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
-             channelstream.secret = secret
-             channelstream.history.location = %(here)s/channelstream_history
+             channelstream.secret = ENV_GENERATED
+             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
              ; Internal application path that Javascript uses to connect into.
              ; If you use proxy-prefix the prefix should be added before /_channelstream
              ; VCS CONFIG
              ; ##########
              vcs.server.enable = true
-             vcs.server = localhost:9900
+             vcs.server = vcsserver:10010
              ; Web server connectivity protocol, responsible for web based VCS operations
              ; Available protocols are:
              ; Wait this number of seconds before killing connection to the vcsserver
              vcs.connection_timeout = 3600
+             ; Cache flag to cache vcsserver remote calls locally
+             ; It uses cache_region `cache_repo`
+             vcs.methods.cache = true
+             ; ####################################################
+             ; Subversion proxy support (mod_dav_svn)
+             ; Maps RhodeCode repo groups into SVN paths for Apache
+             ; ####################################################
              ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
              ; Set a numeric version for your current SVN e.g 1.8, or 1.12
              ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
              ; host to connect to running SVN subsystem
              vcs.svn.proxy.host = http://svn:8090
-             ; Cache flag to cache vcsserver remote calls locally
-             ; It uses cache_region `cache_repo`
-             vcs.methods.cache = true
-             ; ####################################################
-             ; Subversion proxy support (mod_dav_svn)
-             ; Maps RhodeCode repo groups into SVN paths for Apache
-             ; ####################################################
              ; Enable or disable the config file generation.
-             svn.proxy.generate_config = false
+             svn.proxy.generate_config = true
              ; Generate config file with `SVNListParentPath` set to `On`.
              svn.proxy.list_parent_path = true
              ; Set location and file name of generated config file.
-             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
+             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
              ; alternative mod_dav config template. This needs to be a valid mako template
              ; Example template can be found in the source code:
              ; any change user ssh keys. Setting this to false also disables possibility
              ; of adding SSH keys by users from web interface. Super admins can still
              ; manage SSH Keys.
-             ssh.generate_authorized_keyfile = false
+             ssh.generate_authorized_keyfile = true
              ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
              # ssh.authorized_keys_ssh_opts =
              ; Path to the authorized_keys file where the generate entries are placed.
              ; It is possible to have multiple key files specified in `sshd_config` e.g.
              ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
-             ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
+             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
              ; Command to execute the SSH wrapper. The binary is available in the
              ; RhodeCode installation directory.
-             ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
-             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
+             ; e.g /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
+             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
              ; Allow shell when executing the ssh-wrapper command
              ssh.wrapper_cmd_allow_shell = false
              ; Paths to binary executable, by default they are the names, but we can
              ; override them if we want to use a custom one
-             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
-             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
-             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
+             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
+             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
+             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
              ; Enables SSH key generator web interface. Disabling this still allows users
              ; to add their own keys.
              ssh.enable_ui_key_generator = true
-             ; #################
-             ; APPENLIGHT CONFIG
-             ; #################
-             ; Appenlight is tailored to work with RhodeCode, see
-             ; http://appenlight.rhodecode.com for details how to obtain an account
-             ; Appenlight integration enabled
-             #appenlight = false
-             #appenlight.server_url = https://api.appenlight.com
-             #appenlight.api_key = YOUR_API_KEY
-             #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
-             ; used for JS client
-             #appenlight.api_public_key = YOUR_API_PUBLIC_KEY
-             ; TWEAK AMOUNT OF INFO SENT HERE
-             ; enables 404 error logging (default False)
-             #appenlight.report_404 = false
-             ; time in seconds after request is considered being slow (default 1)
-             #appenlight.slow_request_time = 1
-             ; record slow requests in application
-             ; (needs to be enabled for slow datastore recording and time tracking)
-             #appenlight.slow_requests = true
-             ; enable hooking to application loggers
-             #appenlight.logging = true
-             ; minimum log level for log capture
-             #ppenlight.logging.level = WARNING
-             ; send logs only from erroneous/slow requests
-             ; (saves API quota for intensive logging)
-             #appenlight.logging_on_error = false
-             ; list of additional keywords that should be grabbed from environ object
-             ; can be string with comma separated list of words in lowercase
-             ; (by default client will always send following info:
-             ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
-             ; start with HTTP* this list be extended with additional keywords here
-             #appenlight.environ_keys_whitelist =
-             ; list of keywords that should be blanked from request object
-             ; can be string with comma separated list of words in lowercase
-             ; (by default client will always blank keys that contain following words
-             ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
-             ; this list be extended with additional keywords set here
-             #appenlight.request_keys_blacklist =
-             ; list of namespaces that should be ignores when gathering log entries
-             ; can be string with comma separated list of namespaces
-             ; (by default the client ignores own entries: appenlight_client.client)
-             #appenlight.log_namespace_blacklist =
              ; Statsd client config, this is used to send metrics to statsd
              ; We recommend setting statsd_exported and scrape them using Prometheus
              #statsd.enabled = false

configs/production.ini

0 +33 -92

              app.base_url = http://rhodecode.local
              ; Host at which the Service API is running.
-             app.service_api.host= http://rhodecode.local:10020
+             app.service_api.host = http://rhodecode.local:10020
              ; Secret for Service API authentication.
              app.service_api.token =
              file_store.backend = local
              ; path to store the uploaded binaries
-             file_store.storage_path = %(here)s/data/file_store
+             file_store.storage_path = /var/opt/rhodecode_data/file_store
              ; Uncomment and set this path to control settings for archive download cache.
              ; Generated repo archives will be cached at this location
              ; RhodeCode and vcsserver
              ; Default is $cache_dir/archive_cache if not set
-             archive_cache.store_dir = %(here)s/data/archive_cache
+             archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
              ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
              archive_cache.cache_size_gb = 40
              ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
-             use_celery = false
+             use_celery = true
              ; path to store schedule database
              #celerybeat-schedule.path =
              ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
              ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
-             cache_dir = %(here)s/data
+             cache_dir = /var/opt/rhodecode_data
              ; *********************************************
              ; `sql_cache_short` cache for heavy SQL queries
              ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
              ; types are file, ext:redis, ext:database, ext:memcached
              ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
-             beaker.session.type = file
-             beaker.session.data_dir = %(here)s/data/sessions
+             #beaker.session.type = file
+             #beaker.session.data_dir = %(here)s/data/sessions
              ; Redis based sessions
-             #beaker.session.type = ext:redis
-             #beaker.session.url = redis://127.0.0.1:6379/2
+             beaker.session.type = ext:redis
+             beaker.session.url = redis://redis:6379/2
              ; DB based session, fast, and allows easy management over logged in users
              #beaker.session.type = ext:database
              beaker.session.key = rhodecode
              beaker.session.secret = production-rc-uytcxaz
-             beaker.session.lock_dir = %(here)s/data/sessions/lock
+             beaker.session.lock_dir = /data_ramdisk/lock
              ; Secure encrypted cookie. Requires AES and AES python libraries
              ; you must disable beaker.session.secret to use this
              ; channelstream enables persistent connections and live notification
              ; in the system. It's also used by the chat system
-             channelstream.enabled = false
+             channelstream.enabled = true
              ; server address for channelstream server on the backend
-             channelstream.server = 127.0.0.1:9800
+             channelstream.server = channelstream:9800
              ; location of the channelstream server from outside world
              ; use ws:// for http or wss:// for https. This address needs to be handled
              ; by external HTTP server such as Nginx or Apache
              ; see Nginx/Apache configuration examples in our docs
              channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
-             channelstream.secret = secret
-             channelstream.history.location = %(here)s/channelstream_history
+             channelstream.secret = ENV_GENERATED
+             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
              ; Internal application path that Javascript uses to connect into.
              ; If you use proxy-prefix the prefix should be added before /_channelstream
              ; VCS CONFIG
              ; ##########
              vcs.server.enable = true
-             vcs.server = localhost:9900
+             vcs.server = vcsserver:10010
              ; Web server connectivity protocol, responsible for web based VCS operations
              ; Available protocols are:
              ; Wait this number of seconds before killing connection to the vcsserver
              vcs.connection_timeout = 3600
+             ; Cache flag to cache vcsserver remote calls locally
+             ; It uses cache_region `cache_repo`
+             vcs.methods.cache = true
+             ; ####################################################
+             ; Subversion proxy support (mod_dav_svn)
+             ; Maps RhodeCode repo groups into SVN paths for Apache
+             ; ####################################################
              ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
              ; Set a numeric version for your current SVN e.g 1.8, or 1.12
              ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
              ; host to connect to running SVN subsystem
              vcs.svn.proxy.host = http://svn:8090
-             ; Cache flag to cache vcsserver remote calls locally
-             ; It uses cache_region `cache_repo`
-             vcs.methods.cache = true
-             ; ####################################################
-             ; Subversion proxy support (mod_dav_svn)
-             ; Maps RhodeCode repo groups into SVN paths for Apache
-             ; ####################################################
              ; Enable or disable the config file generation.
-             svn.proxy.generate_config = false
+             svn.proxy.generate_config = true
              ; Generate config file with `SVNListParentPath` set to `On`.
              svn.proxy.list_parent_path = true
              ; Set location and file name of generated config file.
-             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
+             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
              ; alternative mod_dav config template. This needs to be a valid mako template
              ; Example template can be found in the source code:
              ; any change user ssh keys. Setting this to false also disables possibility
              ; of adding SSH keys by users from web interface. Super admins can still
              ; manage SSH Keys.
-             ssh.generate_authorized_keyfile = false
+             ssh.generate_authorized_keyfile = true
              ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
              # ssh.authorized_keys_ssh_opts =
              ; Path to the authorized_keys file where the generate entries are placed.
              ; It is possible to have multiple key files specified in `sshd_config` e.g.
              ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
-             ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
+             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
              ; Command to execute the SSH wrapper. The binary is available in the
              ; RhodeCode installation directory.
-             ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
-             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
+             ; e.g /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
+             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
              ; Allow shell when executing the ssh-wrapper command
              ssh.wrapper_cmd_allow_shell = false
              ; Paths to binary executable, by default they are the names, but we can
              ; override them if we want to use a custom one
-             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
-             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
-             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
+             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
+             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
+             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
              ; Enables SSH key generator web interface. Disabling this still allows users
              ; to add their own keys.
              ssh.enable_ui_key_generator = true
-             ; #################
-             ; APPENLIGHT CONFIG
-             ; #################
-             ; Appenlight is tailored to work with RhodeCode, see
-             ; http://appenlight.rhodecode.com for details how to obtain an account
-             ; Appenlight integration enabled
-             #appenlight = false
-             #appenlight.server_url = https://api.appenlight.com
-             #appenlight.api_key = YOUR_API_KEY
-             #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
-             ; used for JS client
-             #appenlight.api_public_key = YOUR_API_PUBLIC_KEY
-             ; TWEAK AMOUNT OF INFO SENT HERE
-             ; enables 404 error logging (default False)
-             #appenlight.report_404 = false
-             ; time in seconds after request is considered being slow (default 1)
-             #appenlight.slow_request_time = 1
-             ; record slow requests in application
-             ; (needs to be enabled for slow datastore recording and time tracking)
-             #appenlight.slow_requests = true
-             ; enable hooking to application loggers
-             #appenlight.logging = true
-             ; minimum log level for log capture
-             #ppenlight.logging.level = WARNING
-             ; send logs only from erroneous/slow requests
-             ; (saves API quota for intensive logging)
-             #appenlight.logging_on_error = false
-             ; list of additional keywords that should be grabbed from environ object
-             ; can be string with comma separated list of words in lowercase
-             ; (by default client will always send following info:
-             ; 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
-             ; start with HTTP* this list be extended with additional keywords here
-             #appenlight.environ_keys_whitelist =
-             ; list of keywords that should be blanked from request object
-             ; can be string with comma separated list of words in lowercase
-             ; (by default client will always blank keys that contain following words
-             ; 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
-             ; this list be extended with additional keywords set here
-             #appenlight.request_keys_blacklist =
-             ; list of namespaces that should be ignores when gathering log entries
-             ; can be string with comma separated list of namespaces
-             ; (by default the client ignores own entries: appenlight_client.client)
-             #appenlight.log_namespace_blacklist =
              ; Statsd client config, this is used to send metrics to statsd
              ; We recommend setting statsd_exported and scrape them using Prometheus
              #statsd.enabled = false

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages