##// END OF EJS Templates
config: update .ini file examples
marcink -
r2046:579d82e9 default
parent child Browse files
Show More
@@ -1,732 +1,733 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 use = egg:waitress#main
55 55 ## number of worker threads
56 56 threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 #use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 #workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommened to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 #proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 #worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 #max_requests = 1000
88 88 #max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 #timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 # During development the we want to have the debug toolbar enabled
112 112 pyramid.includes =
113 113 pyramid_debugtoolbar
114 114 rhodecode.utils.debugtoolbar
115 115 rhodecode.lib.middleware.request_wrapper
116 116
117 117 pyramid.reload_templates = true
118 118
119 119 debugtoolbar.hosts = 0.0.0.0/0
120 120 debugtoolbar.exclude_prefixes =
121 121 /css
122 122 /fonts
123 123 /images
124 124 /js
125 125
126 126 ## RHODECODE PLUGINS ##
127 127 rhodecode.includes =
128 128 rhodecode.api
129 129
130 130
131 131 # api prefix url
132 132 rhodecode.api.url = /_admin/api
133 133
134 134
135 135 ## END RHODECODE PLUGINS ##
136 136
137 137 ## encryption key used to encrypt social plugin tokens,
138 138 ## remote_urls with credentials etc, if not set it defaults to
139 139 ## `beaker.session.secret`
140 140 #rhodecode.encrypted_values.secret =
141 141
142 142 ## decryption strict mode (enabled by default). It controls if decryption raises
143 143 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
144 144 #rhodecode.encrypted_values.strict = false
145 145
146 146 ## return gzipped responses from Rhodecode (static files/application)
147 147 gzip_responses = false
148 148
149 149 ## autogenerate javascript routes file on startup
150 150 generate_js_files = false
151 151
152 152 ## Optional Languages
153 153 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
154 154 lang = en
155 155
156 156 ## perform a full repository scan on each server start, this should be
157 157 ## set to false after first startup, to allow faster server restarts.
158 158 startup.import_repos = false
159 159
160 160 ## Uncomment and set this path to use archive download cache.
161 161 ## Once enabled, generated archives will be cached at this location
162 162 ## and served from the cache during subsequent requests for the same archive of
163 163 ## the repository.
164 164 #archive_cache_dir = /tmp/tarballcache
165 165
166 166 ## change this to unique ID for security
167 167 app_instance_uuid = rc-production
168 168
169 169 ## cut off limit for large diffs (size in bytes)
170 170 cut_off_limit_diff = 1024000
171 171 cut_off_limit_file = 256000
172 172
173 173 ## use cache version of scm repo everywhere
174 174 vcs_full_cache = true
175 175
176 176 ## force https in RhodeCode, fixes https redirects, assumes it's always https
177 177 ## Normally this is controlled by proper http flags sent from http server
178 178 force_https = false
179 179
180 180 ## use Strict-Transport-Security headers
181 181 use_htsts = false
182 182
183 183 ## number of commits stats will parse on each iteration
184 184 commit_parse_limit = 25
185 185
186 186 ## git rev filter option, --all is the default filter, if you need to
187 187 ## hide all refs in changelog switch this to --branches --tags
188 188 git_rev_filter = --branches --tags
189 189
190 190 # Set to true if your repos are exposed using the dumb protocol
191 191 git_update_server_info = false
192 192
193 193 ## RSS/ATOM feed options
194 194 rss_cut_off_limit = 256000
195 195 rss_items_per_page = 10
196 196 rss_include_diff = false
197 197
198 198 ## gist URL alias, used to create nicer urls for gist. This should be an
199 199 ## url that does rewrites to _admin/gists/{gistid}.
200 200 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
201 201 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
202 202 gist_alias_url =
203 203
204 204 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
205 205 ## used for access.
206 206 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
207 207 ## came from the the logged in user who own this authentication token.
208 208 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
209 209 ## authentication token. Such view would be only accessible when used together
210 210 ## with this authentication token
211 211 ##
212 212 ## list of all views can be found under `/_admin/permissions/auth_token_access`
213 213 ## The list should be "," separated and on a single line.
214 214 ##
215 215 ## Most common views to enable:
216 216 # RepoCommitsView:repo_commit_download
217 217 # RepoCommitsView:repo_commit_patch
218 218 # RepoCommitsView:repo_commit_raw
219 219 # RepoCommitsView:repo_commit_raw@TOKEN
220 220 # RepoFilesView:repo_files_diff
221 221 # RepoFilesView:repo_archivefile
222 222 # RepoFilesView:repo_file_raw
223 223 # GistView:*
224 224 api_access_controllers_whitelist =
225 225
226 226 ## default encoding used to convert from and to unicode
227 227 ## can be also a comma separated list of encoding in case of mixed encodings
228 228 default_encoding = UTF-8
229 229
230 230 ## instance-id prefix
231 231 ## a prefix key for this instance used for cache invalidation when running
232 232 ## multiple instances of rhodecode, make sure it's globally unique for
233 233 ## all running rhodecode instances. Leave empty if you don't use it
234 234 instance_id =
235 235
236 236 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
237 237 ## of an authentication plugin also if it is disabled by it's settings.
238 238 ## This could be useful if you are unable to log in to the system due to broken
239 239 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
240 240 ## module to log in again and fix the settings.
241 241 ##
242 242 ## Available builtin plugin IDs (hash is part of the ID):
243 243 ## egg:rhodecode-enterprise-ce#rhodecode
244 244 ## egg:rhodecode-enterprise-ce#pam
245 245 ## egg:rhodecode-enterprise-ce#ldap
246 246 ## egg:rhodecode-enterprise-ce#jasig_cas
247 247 ## egg:rhodecode-enterprise-ce#headers
248 248 ## egg:rhodecode-enterprise-ce#crowd
249 249 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
250 250
251 251 ## alternative return HTTP header for failed authentication. Default HTTP
252 252 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
253 253 ## handling that causing a series of failed authentication calls.
254 254 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
255 255 ## This will be served instead of default 401 on bad authnetication
256 256 auth_ret_code =
257 257
258 258 ## use special detection method when serving auth_ret_code, instead of serving
259 259 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
260 260 ## and then serve auth_ret_code to clients
261 261 auth_ret_code_detection = false
262 262
263 263 ## locking return code. When repository is locked return this HTTP code. 2XX
264 264 ## codes don't break the transactions while 4XX codes do
265 265 lock_ret_code = 423
266 266
267 267 ## allows to change the repository location in settings page
268 268 allow_repo_location_change = true
269 269
270 270 ## allows to setup custom hooks in settings page
271 271 allow_custom_hooks_settings = true
272 272
273 273 ## generated license token, goto license page in RhodeCode settings to obtain
274 274 ## new token
275 275 license_token =
276 276
277 277 ## supervisor connection uri, for managing supervisor and logs.
278 278 supervisor.uri =
279 279 ## supervisord group name/id we only want this RC instance to handle
280 280 supervisor.group_id = dev
281 281
282 282 ## Display extended labs settings
283 283 labs_settings_active = true
284 284
285 285 ####################################
286 286 ### CELERY CONFIG ####
287 287 ####################################
288 288 use_celery = false
289 289 broker.host = localhost
290 290 broker.vhost = rabbitmqhost
291 291 broker.port = 5672
292 292 broker.user = rabbitmq
293 293 broker.password = qweqwe
294 294
295 295 celery.imports = rhodecode.lib.celerylib.tasks
296 296
297 297 celery.result.backend = amqp
298 298 celery.result.dburi = amqp://
299 299 celery.result.serialier = json
300 300
301 301 #celery.send.task.error.emails = true
302 302 #celery.amqp.task.result.expires = 18000
303 303
304 304 celeryd.concurrency = 2
305 305 #celeryd.log.file = celeryd.log
306 306 celeryd.log.level = debug
307 307 celeryd.max.tasks.per.child = 1
308 308
309 309 ## tasks will never be sent to the queue, but executed locally instead.
310 310 celery.always.eager = false
311 311
312 312 ####################################
313 313 ### BEAKER CACHE ####
314 314 ####################################
315 315 # default cache dir for templates. Putting this into a ramdisk
316 316 ## can boost performance, eg. %(here)s/data_ramdisk
317 317 cache_dir = %(here)s/data
318 318
319 319 ## locking and default file storage for Beaker. Putting this into a ramdisk
320 320 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
321 321 beaker.cache.data_dir = %(here)s/data/cache/beaker_data
322 322 beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
323 323
324 324 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
325 325
326 326 beaker.cache.super_short_term.type = memory
327 327 beaker.cache.super_short_term.expire = 10
328 328 beaker.cache.super_short_term.key_length = 256
329 329
330 330 beaker.cache.short_term.type = memory
331 331 beaker.cache.short_term.expire = 60
332 332 beaker.cache.short_term.key_length = 256
333 333
334 334 beaker.cache.long_term.type = memory
335 335 beaker.cache.long_term.expire = 36000
336 336 beaker.cache.long_term.key_length = 256
337 337
338 338 beaker.cache.sql_cache_short.type = memory
339 339 beaker.cache.sql_cache_short.expire = 10
340 340 beaker.cache.sql_cache_short.key_length = 256
341 341
342 342 ## default is memory cache, configure only if required
343 343 ## using multi-node or multi-worker setup
344 344 #beaker.cache.auth_plugins.type = ext:database
345 345 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
346 346 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
347 347 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
348 348 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
349 349 #beaker.cache.auth_plugins.sa.pool_size = 10
350 350 #beaker.cache.auth_plugins.sa.max_overflow = 0
351 351
352 352 beaker.cache.repo_cache_long.type = memorylru_base
353 353 beaker.cache.repo_cache_long.max_items = 4096
354 354 beaker.cache.repo_cache_long.expire = 2592000
355 355
356 356 ## default is memorylru_base cache, configure only if required
357 357 ## using multi-node or multi-worker setup
358 358 #beaker.cache.repo_cache_long.type = ext:memcached
359 359 #beaker.cache.repo_cache_long.url = localhost:11211
360 360 #beaker.cache.repo_cache_long.expire = 1209600
361 361 #beaker.cache.repo_cache_long.key_length = 256
362 362
363 363 ####################################
364 364 ### BEAKER SESSION ####
365 365 ####################################
366 366
367 367 ## .session.type is type of storage options for the session, current allowed
368 368 ## types are file, ext:memcached, ext:database, and memory (default).
369 369 beaker.session.type = file
370 370 beaker.session.data_dir = %(here)s/data/sessions/data
371 371
372 372 ## db based session, fast, and allows easy management over logged in users
373 373 #beaker.session.type = ext:database
374 374 #beaker.session.table_name = db_session
375 375 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
376 376 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
377 377 #beaker.session.sa.pool_recycle = 3600
378 378 #beaker.session.sa.echo = false
379 379
380 380 beaker.session.key = rhodecode
381 381 beaker.session.secret = develop-rc-uytcxaz
382 382 beaker.session.lock_dir = %(here)s/data/sessions/lock
383 383
384 384 ## Secure encrypted cookie. Requires AES and AES python libraries
385 385 ## you must disable beaker.session.secret to use this
386 386 #beaker.session.encrypt_key = key_for_encryption
387 387 #beaker.session.validate_key = validation_key
388 388
389 389 ## sets session as invalid(also logging out user) if it haven not been
390 390 ## accessed for given amount of time in seconds
391 391 beaker.session.timeout = 2592000
392 392 beaker.session.httponly = true
393 393 ## Path to use for the cookie. Set to prefix if you use prefix middleware
394 394 #beaker.session.cookie_path = /custom_prefix
395 395
396 396 ## uncomment for https secure cookie
397 397 beaker.session.secure = false
398 398
399 399 ## auto save the session to not to use .save()
400 400 beaker.session.auto = false
401 401
402 402 ## default cookie expiration time in seconds, set to `true` to set expire
403 403 ## at browser close
404 404 #beaker.session.cookie_expires = 3600
405 405
406 406 ###################################
407 407 ## SEARCH INDEXING CONFIGURATION ##
408 408 ###################################
409 409 ## Full text search indexer is available in rhodecode-tools under
410 410 ## `rhodecode-tools index` command
411 411
412 412 ## WHOOSH Backend, doesn't require additional services to run
413 413 ## it works good with few dozen repos
414 414 search.module = rhodecode.lib.index.whoosh
415 415 search.location = %(here)s/data/index
416 416
417 417 ########################################
418 418 ### CHANNELSTREAM CONFIG ####
419 419 ########################################
420 420 ## channelstream enables persistent connections and live notification
421 421 ## in the system. It's also used by the chat system
422 422 channelstream.enabled = false
423 423
424 424 ## server address for channelstream server on the backend
425 425 channelstream.server = 127.0.0.1:9800
426 426
427 427 ## location of the channelstream server from outside world
428 428 ## use ws:// for http or wss:// for https. This address needs to be handled
429 429 ## by external HTTP server such as Nginx or Apache
430 430 ## see nginx/apache configuration examples in our docs
431 431 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
432 432 channelstream.secret = secret
433 433 channelstream.history.location = %(here)s/channelstream_history
434 434
435 435 ## Internal application path that Javascript uses to connect into.
436 436 ## If you use proxy-prefix the prefix should be added before /_channelstream
437 437 channelstream.proxy_path = /_channelstream
438 438
439 439
440 440 ###################################
441 441 ## APPENLIGHT CONFIG ##
442 442 ###################################
443 443
444 444 ## Appenlight is tailored to work with RhodeCode, see
445 445 ## http://appenlight.com for details how to obtain an account
446 446
447 447 ## appenlight integration enabled
448 448 appenlight = false
449 449
450 450 appenlight.server_url = https://api.appenlight.com
451 451 appenlight.api_key = YOUR_API_KEY
452 452 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
453 453
454 454 # used for JS client
455 455 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
456 456
457 457 ## TWEAK AMOUNT OF INFO SENT HERE
458 458
459 459 ## enables 404 error logging (default False)
460 460 appenlight.report_404 = false
461 461
462 462 ## time in seconds after request is considered being slow (default 1)
463 463 appenlight.slow_request_time = 1
464 464
465 465 ## record slow requests in application
466 466 ## (needs to be enabled for slow datastore recording and time tracking)
467 467 appenlight.slow_requests = true
468 468
469 469 ## enable hooking to application loggers
470 470 appenlight.logging = true
471 471
472 472 ## minimum log level for log capture
473 473 appenlight.logging.level = WARNING
474 474
475 475 ## send logs only from erroneous/slow requests
476 476 ## (saves API quota for intensive logging)
477 477 appenlight.logging_on_error = false
478 478
479 479 ## list of additonal keywords that should be grabbed from environ object
480 480 ## can be string with comma separated list of words in lowercase
481 481 ## (by default client will always send following info:
482 482 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
483 483 ## start with HTTP* this list be extended with additional keywords here
484 484 appenlight.environ_keys_whitelist =
485 485
486 486 ## list of keywords that should be blanked from request object
487 487 ## can be string with comma separated list of words in lowercase
488 488 ## (by default client will always blank keys that contain following words
489 489 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
490 490 ## this list be extended with additional keywords set here
491 491 appenlight.request_keys_blacklist =
492 492
493 493 ## list of namespaces that should be ignores when gathering log entries
494 494 ## can be string with comma separated list of namespaces
495 495 ## (by default the client ignores own entries: appenlight_client.client)
496 496 appenlight.log_namespace_blacklist =
497 497
498 498
499 499 ################################################################################
500 500 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
501 501 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
502 502 ## execute malicious code after an exception is raised. ##
503 503 ################################################################################
504 504 #set debug = false
505 505
506 506
507 507 ##############
508 508 ## STYLING ##
509 509 ##############
510 510 debug_style = true
511 511
512 512 ###########################################
513 513 ### MAIN RHODECODE DATABASE CONFIG ###
514 514 ###########################################
515 515 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
516 516 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
517 517 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
518 518 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
519 519
520 520 # see sqlalchemy docs for other advanced settings
521 521
522 522 ## print the sql statements to output
523 523 sqlalchemy.db1.echo = false
524 524 ## recycle the connections after this amount of seconds
525 525 sqlalchemy.db1.pool_recycle = 3600
526 526 sqlalchemy.db1.convert_unicode = true
527 527
528 528 ## the number of connections to keep open inside the connection pool.
529 529 ## 0 indicates no limit
530 530 #sqlalchemy.db1.pool_size = 5
531 531
532 532 ## the number of connections to allow in connection pool "overflow", that is
533 533 ## connections that can be opened above and beyond the pool_size setting,
534 534 ## which defaults to five.
535 535 #sqlalchemy.db1.max_overflow = 10
536 536
537 537
538 538 ##################
539 539 ### VCS CONFIG ###
540 540 ##################
541 541 vcs.server.enable = true
542 542 vcs.server = localhost:9900
543 543
544 544 ## Web server connectivity protocol, responsible for web based VCS operatations
545 545 ## Available protocols are:
546 546 ## `http` - use http-rpc backend (default)
547 547 vcs.server.protocol = http
548 548
549 549 ## Push/Pull operations protocol, available options are:
550 550 ## `http` - use http-rpc backend (default)
551 551 ##
552 552 vcs.scm_app_implementation = http
553 553
554 554 ## Push/Pull operations hooks protocol, available options are:
555 555 ## `http` - use http-rpc backend (default)
556 556 vcs.hooks.protocol = http
557 557
558 558 vcs.server.log_level = debug
559 559 ## Start VCSServer with this instance as a subprocess, usefull for development
560 560 vcs.start_server = true
561 561
562 562 ## List of enabled VCS backends, available options are:
563 563 ## `hg` - mercurial
564 564 ## `git` - git
565 565 ## `svn` - subversion
566 566 vcs.backends = hg, git, svn
567 567
568 568 vcs.connection_timeout = 3600
569 569 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
570 570 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
571 571 #vcs.svn.compatible_version = pre-1.8-compatible
572 572
573 573
574 574 ############################################################
575 575 ### Subversion proxy support (mod_dav_svn) ###
576 576 ### Maps RhodeCode repo groups into SVN paths for Apache ###
577 577 ############################################################
578 578 ## Enable or disable the config file generation.
579 579 svn.proxy.generate_config = false
580 580 ## Generate config file with `SVNListParentPath` set to `On`.
581 581 svn.proxy.list_parent_path = true
582 582 ## Set location and file name of generated config file.
583 583 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
584 584 ## Used as a prefix to the `Location` block in the generated config file.
585 585 ## In most cases it should be set to `/`.
586 586 svn.proxy.location_root = /
587 587 ## Command to reload the mod dav svn configuration on change.
588 588 ## Example: `/etc/init.d/apache2 reload`
589 589 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
590 590 ## If the timeout expires before the reload command finishes, the command will
591 591 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
592 592 #svn.proxy.reload_timeout = 10
593 593
594 594 ############################################################
595 595 ### SSH Support Settings ###
596 596 ############################################################
597 597
598 598 ## Defines if the authorized_keys file should be written on any change of
599 ## user ssh keys
599 ## user ssh keys, setting this to false also disables posibility of adding
600 ## ssh keys for users from web interface.
600 601 ssh.generate_authorized_keyfile = false
601 602
602 603 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
603 604 # ssh.authorized_keys_ssh_opts =
604 605
605 606 ## File to generate the authorized keys together with options
606 607 ## It is possible to have multiple key files specified in `sshd_config` e.g.
607 608 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
608 609 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
609 610
610 611 ## Command to execute the SSH wrapper. The binary is available in the
611 612 ## rhodecode installation directory.
612 613 ## e.g ~/.rccontrol/community-1/profile/bin/rcssh-wrapper
613 614 ssh.wrapper_cmd = ~/.rccontrol/community-1/rcssh-wrapper
614 615
615 616 ## Allow shell when executing the ssh-wrapper command
616 617 ssh.wrapper_cmd_allow_shell = false
617 618
618 619 ## Enables logging, and detailed output send back to the client. Usefull for
619 620 ## debugging, shouldn't be used in production.
620 621 ssh.enable_debug_logging = false
621 622
622 623 ## API KEY for user who has access to fetch other user permission information
623 624 ## most likely an super-admin account with some IP restrictions.
624 625 ssh.api_key =
625 626
626 627 ## API Host, the server address of RhodeCode instance that the api_key will
627 628 ## access
628 629 ssh.api_host = http://localhost
629 630
630 631 ## Paths to binary executrables, by default they are the names, but we can
631 632 ## override them if we want to use a custom one
632 633 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
633 634 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
634 635 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
635 636
636 637
637 638 ## Dummy marker to add new entries after.
638 639 ## Add any custom entries below. Please don't remove.
639 640 custom.conf = 1
640 641
641 642
642 643 ################################
643 644 ### LOGGING CONFIGURATION ####
644 645 ################################
645 646 [loggers]
646 647 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, ssh_wrapper
647 648
648 649 [handlers]
649 650 keys = console, console_sql
650 651
651 652 [formatters]
652 653 keys = generic, color_formatter, color_formatter_sql
653 654
654 655 #############
655 656 ## LOGGERS ##
656 657 #############
657 658 [logger_root]
658 659 level = NOTSET
659 660 handlers = console
660 661
661 662 [logger_routes]
662 663 level = DEBUG
663 664 handlers =
664 665 qualname = routes.middleware
665 666 ## "level = DEBUG" logs the route matched and routing variables.
666 667 propagate = 1
667 668
668 669 [logger_beaker]
669 670 level = DEBUG
670 671 handlers =
671 672 qualname = beaker.container
672 673 propagate = 1
673 674
674 675 [logger_templates]
675 676 level = INFO
676 677 handlers =
677 678 qualname = pylons.templating
678 679 propagate = 1
679 680
680 681 [logger_rhodecode]
681 682 level = DEBUG
682 683 handlers =
683 684 qualname = rhodecode
684 685 propagate = 1
685 686
686 687 [logger_sqlalchemy]
687 688 level = INFO
688 689 handlers = console_sql
689 690 qualname = sqlalchemy.engine
690 691 propagate = 0
691 692
692 693 [logger_ssh_wrapper]
693 694 level = DEBUG
694 695 handlers =
695 696 qualname = ssh_wrapper
696 697 propagate = 1
697 698
698 699
699 700 ##############
700 701 ## HANDLERS ##
701 702 ##############
702 703
703 704 [handler_console]
704 705 class = StreamHandler
705 706 args = (sys.stderr, )
706 707 level = DEBUG
707 708 formatter = color_formatter
708 709
709 710 [handler_console_sql]
710 711 class = StreamHandler
711 712 args = (sys.stderr, )
712 713 level = DEBUG
713 714 formatter = color_formatter_sql
714 715
715 716 ################
716 717 ## FORMATTERS ##
717 718 ################
718 719
719 720 [formatter_generic]
720 721 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
721 722 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
722 723 datefmt = %Y-%m-%d %H:%M:%S
723 724
724 725 [formatter_color_formatter]
725 726 class = rhodecode.lib.logging_formatter.ColorFormatter
726 727 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
727 728 datefmt = %Y-%m-%d %H:%M:%S
728 729
729 730 [formatter_color_formatter_sql]
730 731 class = rhodecode.lib.logging_formatter.ColorFormatterSql
731 732 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
732 733 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,701 +1,702 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 #use = egg:waitress#main
55 55 ## number of worker threads
56 56 #threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 #max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 #asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommened to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 max_requests = 1000
88 88 max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 ## encryption key used to encrypt social plugin tokens,
112 112 ## remote_urls with credentials etc, if not set it defaults to
113 113 ## `beaker.session.secret`
114 114 #rhodecode.encrypted_values.secret =
115 115
116 116 ## decryption strict mode (enabled by default). It controls if decryption raises
117 117 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
118 118 #rhodecode.encrypted_values.strict = false
119 119
120 120 ## return gzipped responses from Rhodecode (static files/application)
121 121 gzip_responses = false
122 122
123 123 ## autogenerate javascript routes file on startup
124 124 generate_js_files = false
125 125
126 126 ## Optional Languages
127 127 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
128 128 lang = en
129 129
130 130 ## perform a full repository scan on each server start, this should be
131 131 ## set to false after first startup, to allow faster server restarts.
132 132 startup.import_repos = false
133 133
134 134 ## Uncomment and set this path to use archive download cache.
135 135 ## Once enabled, generated archives will be cached at this location
136 136 ## and served from the cache during subsequent requests for the same archive of
137 137 ## the repository.
138 138 #archive_cache_dir = /tmp/tarballcache
139 139
140 140 ## change this to unique ID for security
141 141 app_instance_uuid = rc-production
142 142
143 143 ## cut off limit for large diffs (size in bytes)
144 144 cut_off_limit_diff = 1024000
145 145 cut_off_limit_file = 256000
146 146
147 147 ## use cache version of scm repo everywhere
148 148 vcs_full_cache = true
149 149
150 150 ## force https in RhodeCode, fixes https redirects, assumes it's always https
151 151 ## Normally this is controlled by proper http flags sent from http server
152 152 force_https = false
153 153
154 154 ## use Strict-Transport-Security headers
155 155 use_htsts = false
156 156
157 157 ## number of commits stats will parse on each iteration
158 158 commit_parse_limit = 25
159 159
160 160 ## git rev filter option, --all is the default filter, if you need to
161 161 ## hide all refs in changelog switch this to --branches --tags
162 162 git_rev_filter = --branches --tags
163 163
164 164 # Set to true if your repos are exposed using the dumb protocol
165 165 git_update_server_info = false
166 166
167 167 ## RSS/ATOM feed options
168 168 rss_cut_off_limit = 256000
169 169 rss_items_per_page = 10
170 170 rss_include_diff = false
171 171
172 172 ## gist URL alias, used to create nicer urls for gist. This should be an
173 173 ## url that does rewrites to _admin/gists/{gistid}.
174 174 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
175 175 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
176 176 gist_alias_url =
177 177
178 178 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
179 179 ## used for access.
180 180 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
181 181 ## came from the the logged in user who own this authentication token.
182 182 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
183 183 ## authentication token. Such view would be only accessible when used together
184 184 ## with this authentication token
185 185 ##
186 186 ## list of all views can be found under `/_admin/permissions/auth_token_access`
187 187 ## The list should be "," separated and on a single line.
188 188 ##
189 189 ## Most common views to enable:
190 190 # RepoCommitsView:repo_commit_download
191 191 # RepoCommitsView:repo_commit_patch
192 192 # RepoCommitsView:repo_commit_raw
193 193 # RepoCommitsView:repo_commit_raw@TOKEN
194 194 # RepoFilesView:repo_files_diff
195 195 # RepoFilesView:repo_archivefile
196 196 # RepoFilesView:repo_file_raw
197 197 # GistView:*
198 198 api_access_controllers_whitelist =
199 199
200 200 ## default encoding used to convert from and to unicode
201 201 ## can be also a comma separated list of encoding in case of mixed encodings
202 202 default_encoding = UTF-8
203 203
204 204 ## instance-id prefix
205 205 ## a prefix key for this instance used for cache invalidation when running
206 206 ## multiple instances of rhodecode, make sure it's globally unique for
207 207 ## all running rhodecode instances. Leave empty if you don't use it
208 208 instance_id =
209 209
210 210 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
211 211 ## of an authentication plugin also if it is disabled by it's settings.
212 212 ## This could be useful if you are unable to log in to the system due to broken
213 213 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
214 214 ## module to log in again and fix the settings.
215 215 ##
216 216 ## Available builtin plugin IDs (hash is part of the ID):
217 217 ## egg:rhodecode-enterprise-ce#rhodecode
218 218 ## egg:rhodecode-enterprise-ce#pam
219 219 ## egg:rhodecode-enterprise-ce#ldap
220 220 ## egg:rhodecode-enterprise-ce#jasig_cas
221 221 ## egg:rhodecode-enterprise-ce#headers
222 222 ## egg:rhodecode-enterprise-ce#crowd
223 223 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
224 224
225 225 ## alternative return HTTP header for failed authentication. Default HTTP
226 226 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
227 227 ## handling that causing a series of failed authentication calls.
228 228 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
229 229 ## This will be served instead of default 401 on bad authnetication
230 230 auth_ret_code =
231 231
232 232 ## use special detection method when serving auth_ret_code, instead of serving
233 233 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
234 234 ## and then serve auth_ret_code to clients
235 235 auth_ret_code_detection = false
236 236
237 237 ## locking return code. When repository is locked return this HTTP code. 2XX
238 238 ## codes don't break the transactions while 4XX codes do
239 239 lock_ret_code = 423
240 240
241 241 ## allows to change the repository location in settings page
242 242 allow_repo_location_change = true
243 243
244 244 ## allows to setup custom hooks in settings page
245 245 allow_custom_hooks_settings = true
246 246
247 247 ## generated license token, goto license page in RhodeCode settings to obtain
248 248 ## new token
249 249 license_token =
250 250
251 251 ## supervisor connection uri, for managing supervisor and logs.
252 252 supervisor.uri =
253 253 ## supervisord group name/id we only want this RC instance to handle
254 254 supervisor.group_id = prod
255 255
256 256 ## Display extended labs settings
257 257 labs_settings_active = true
258 258
259 259 ####################################
260 260 ### CELERY CONFIG ####
261 261 ####################################
262 262 use_celery = false
263 263 broker.host = localhost
264 264 broker.vhost = rabbitmqhost
265 265 broker.port = 5672
266 266 broker.user = rabbitmq
267 267 broker.password = qweqwe
268 268
269 269 celery.imports = rhodecode.lib.celerylib.tasks
270 270
271 271 celery.result.backend = amqp
272 272 celery.result.dburi = amqp://
273 273 celery.result.serialier = json
274 274
275 275 #celery.send.task.error.emails = true
276 276 #celery.amqp.task.result.expires = 18000
277 277
278 278 celeryd.concurrency = 2
279 279 #celeryd.log.file = celeryd.log
280 280 celeryd.log.level = debug
281 281 celeryd.max.tasks.per.child = 1
282 282
283 283 ## tasks will never be sent to the queue, but executed locally instead.
284 284 celery.always.eager = false
285 285
286 286 ####################################
287 287 ### BEAKER CACHE ####
288 288 ####################################
289 289 # default cache dir for templates. Putting this into a ramdisk
290 290 ## can boost performance, eg. %(here)s/data_ramdisk
291 291 cache_dir = %(here)s/data
292 292
293 293 ## locking and default file storage for Beaker. Putting this into a ramdisk
294 294 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
295 295 beaker.cache.data_dir = %(here)s/data/cache/beaker_data
296 296 beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
297 297
298 298 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
299 299
300 300 beaker.cache.super_short_term.type = memory
301 301 beaker.cache.super_short_term.expire = 10
302 302 beaker.cache.super_short_term.key_length = 256
303 303
304 304 beaker.cache.short_term.type = memory
305 305 beaker.cache.short_term.expire = 60
306 306 beaker.cache.short_term.key_length = 256
307 307
308 308 beaker.cache.long_term.type = memory
309 309 beaker.cache.long_term.expire = 36000
310 310 beaker.cache.long_term.key_length = 256
311 311
312 312 beaker.cache.sql_cache_short.type = memory
313 313 beaker.cache.sql_cache_short.expire = 10
314 314 beaker.cache.sql_cache_short.key_length = 256
315 315
316 316 ## default is memory cache, configure only if required
317 317 ## using multi-node or multi-worker setup
318 318 #beaker.cache.auth_plugins.type = ext:database
319 319 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
320 320 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
321 321 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
322 322 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
323 323 #beaker.cache.auth_plugins.sa.pool_size = 10
324 324 #beaker.cache.auth_plugins.sa.max_overflow = 0
325 325
326 326 beaker.cache.repo_cache_long.type = memorylru_base
327 327 beaker.cache.repo_cache_long.max_items = 4096
328 328 beaker.cache.repo_cache_long.expire = 2592000
329 329
330 330 ## default is memorylru_base cache, configure only if required
331 331 ## using multi-node or multi-worker setup
332 332 #beaker.cache.repo_cache_long.type = ext:memcached
333 333 #beaker.cache.repo_cache_long.url = localhost:11211
334 334 #beaker.cache.repo_cache_long.expire = 1209600
335 335 #beaker.cache.repo_cache_long.key_length = 256
336 336
337 337 ####################################
338 338 ### BEAKER SESSION ####
339 339 ####################################
340 340
341 341 ## .session.type is type of storage options for the session, current allowed
342 342 ## types are file, ext:memcached, ext:database, and memory (default).
343 343 beaker.session.type = file
344 344 beaker.session.data_dir = %(here)s/data/sessions/data
345 345
346 346 ## db based session, fast, and allows easy management over logged in users
347 347 #beaker.session.type = ext:database
348 348 #beaker.session.table_name = db_session
349 349 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
350 350 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
351 351 #beaker.session.sa.pool_recycle = 3600
352 352 #beaker.session.sa.echo = false
353 353
354 354 beaker.session.key = rhodecode
355 355 beaker.session.secret = production-rc-uytcxaz
356 356 beaker.session.lock_dir = %(here)s/data/sessions/lock
357 357
358 358 ## Secure encrypted cookie. Requires AES and AES python libraries
359 359 ## you must disable beaker.session.secret to use this
360 360 #beaker.session.encrypt_key = key_for_encryption
361 361 #beaker.session.validate_key = validation_key
362 362
363 363 ## sets session as invalid(also logging out user) if it haven not been
364 364 ## accessed for given amount of time in seconds
365 365 beaker.session.timeout = 2592000
366 366 beaker.session.httponly = true
367 367 ## Path to use for the cookie. Set to prefix if you use prefix middleware
368 368 #beaker.session.cookie_path = /custom_prefix
369 369
370 370 ## uncomment for https secure cookie
371 371 beaker.session.secure = false
372 372
373 373 ## auto save the session to not to use .save()
374 374 beaker.session.auto = false
375 375
376 376 ## default cookie expiration time in seconds, set to `true` to set expire
377 377 ## at browser close
378 378 #beaker.session.cookie_expires = 3600
379 379
380 380 ###################################
381 381 ## SEARCH INDEXING CONFIGURATION ##
382 382 ###################################
383 383 ## Full text search indexer is available in rhodecode-tools under
384 384 ## `rhodecode-tools index` command
385 385
386 386 ## WHOOSH Backend, doesn't require additional services to run
387 387 ## it works good with few dozen repos
388 388 search.module = rhodecode.lib.index.whoosh
389 389 search.location = %(here)s/data/index
390 390
391 391 ########################################
392 392 ### CHANNELSTREAM CONFIG ####
393 393 ########################################
394 394 ## channelstream enables persistent connections and live notification
395 395 ## in the system. It's also used by the chat system
396 396 channelstream.enabled = false
397 397
398 398 ## server address for channelstream server on the backend
399 399 channelstream.server = 127.0.0.1:9800
400 400
401 401 ## location of the channelstream server from outside world
402 402 ## use ws:// for http or wss:// for https. This address needs to be handled
403 403 ## by external HTTP server such as Nginx or Apache
404 404 ## see nginx/apache configuration examples in our docs
405 405 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
406 406 channelstream.secret = secret
407 407 channelstream.history.location = %(here)s/channelstream_history
408 408
409 409 ## Internal application path that Javascript uses to connect into.
410 410 ## If you use proxy-prefix the prefix should be added before /_channelstream
411 411 channelstream.proxy_path = /_channelstream
412 412
413 413
414 414 ###################################
415 415 ## APPENLIGHT CONFIG ##
416 416 ###################################
417 417
418 418 ## Appenlight is tailored to work with RhodeCode, see
419 419 ## http://appenlight.com for details how to obtain an account
420 420
421 421 ## appenlight integration enabled
422 422 appenlight = false
423 423
424 424 appenlight.server_url = https://api.appenlight.com
425 425 appenlight.api_key = YOUR_API_KEY
426 426 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
427 427
428 428 # used for JS client
429 429 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
430 430
431 431 ## TWEAK AMOUNT OF INFO SENT HERE
432 432
433 433 ## enables 404 error logging (default False)
434 434 appenlight.report_404 = false
435 435
436 436 ## time in seconds after request is considered being slow (default 1)
437 437 appenlight.slow_request_time = 1
438 438
439 439 ## record slow requests in application
440 440 ## (needs to be enabled for slow datastore recording and time tracking)
441 441 appenlight.slow_requests = true
442 442
443 443 ## enable hooking to application loggers
444 444 appenlight.logging = true
445 445
446 446 ## minimum log level for log capture
447 447 appenlight.logging.level = WARNING
448 448
449 449 ## send logs only from erroneous/slow requests
450 450 ## (saves API quota for intensive logging)
451 451 appenlight.logging_on_error = false
452 452
453 453 ## list of additonal keywords that should be grabbed from environ object
454 454 ## can be string with comma separated list of words in lowercase
455 455 ## (by default client will always send following info:
456 456 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
457 457 ## start with HTTP* this list be extended with additional keywords here
458 458 appenlight.environ_keys_whitelist =
459 459
460 460 ## list of keywords that should be blanked from request object
461 461 ## can be string with comma separated list of words in lowercase
462 462 ## (by default client will always blank keys that contain following words
463 463 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
464 464 ## this list be extended with additional keywords set here
465 465 appenlight.request_keys_blacklist =
466 466
467 467 ## list of namespaces that should be ignores when gathering log entries
468 468 ## can be string with comma separated list of namespaces
469 469 ## (by default the client ignores own entries: appenlight_client.client)
470 470 appenlight.log_namespace_blacklist =
471 471
472 472
473 473 ################################################################################
474 474 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
475 475 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
476 476 ## execute malicious code after an exception is raised. ##
477 477 ################################################################################
478 478 set debug = false
479 479
480 480
481 481 ###########################################
482 482 ### MAIN RHODECODE DATABASE CONFIG ###
483 483 ###########################################
484 484 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
485 485 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
486 486 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
487 487 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
488 488
489 489 # see sqlalchemy docs for other advanced settings
490 490
491 491 ## print the sql statements to output
492 492 sqlalchemy.db1.echo = false
493 493 ## recycle the connections after this amount of seconds
494 494 sqlalchemy.db1.pool_recycle = 3600
495 495 sqlalchemy.db1.convert_unicode = true
496 496
497 497 ## the number of connections to keep open inside the connection pool.
498 498 ## 0 indicates no limit
499 499 #sqlalchemy.db1.pool_size = 5
500 500
501 501 ## the number of connections to allow in connection pool "overflow", that is
502 502 ## connections that can be opened above and beyond the pool_size setting,
503 503 ## which defaults to five.
504 504 #sqlalchemy.db1.max_overflow = 10
505 505
506 506
507 507 ##################
508 508 ### VCS CONFIG ###
509 509 ##################
510 510 vcs.server.enable = true
511 511 vcs.server = localhost:9900
512 512
513 513 ## Web server connectivity protocol, responsible for web based VCS operatations
514 514 ## Available protocols are:
515 515 ## `http` - use http-rpc backend (default)
516 516 vcs.server.protocol = http
517 517
518 518 ## Push/Pull operations protocol, available options are:
519 519 ## `http` - use http-rpc backend (default)
520 520 ##
521 521 vcs.scm_app_implementation = http
522 522
523 523 ## Push/Pull operations hooks protocol, available options are:
524 524 ## `http` - use http-rpc backend (default)
525 525 vcs.hooks.protocol = http
526 526
527 527 vcs.server.log_level = info
528 528 ## Start VCSServer with this instance as a subprocess, usefull for development
529 529 vcs.start_server = false
530 530
531 531 ## List of enabled VCS backends, available options are:
532 532 ## `hg` - mercurial
533 533 ## `git` - git
534 534 ## `svn` - subversion
535 535 vcs.backends = hg, git, svn
536 536
537 537 vcs.connection_timeout = 3600
538 538 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
539 539 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
540 540 #vcs.svn.compatible_version = pre-1.8-compatible
541 541
542 542
543 543 ############################################################
544 544 ### Subversion proxy support (mod_dav_svn) ###
545 545 ### Maps RhodeCode repo groups into SVN paths for Apache ###
546 546 ############################################################
547 547 ## Enable or disable the config file generation.
548 548 svn.proxy.generate_config = false
549 549 ## Generate config file with `SVNListParentPath` set to `On`.
550 550 svn.proxy.list_parent_path = true
551 551 ## Set location and file name of generated config file.
552 552 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
553 553 ## Used as a prefix to the `Location` block in the generated config file.
554 554 ## In most cases it should be set to `/`.
555 555 svn.proxy.location_root = /
556 556 ## Command to reload the mod dav svn configuration on change.
557 557 ## Example: `/etc/init.d/apache2 reload`
558 558 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
559 559 ## If the timeout expires before the reload command finishes, the command will
560 560 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
561 561 #svn.proxy.reload_timeout = 10
562 562
563 563 ############################################################
564 564 ### SSH Support Settings ###
565 565 ############################################################
566 566
567 567 ## Defines if the authorized_keys file should be written on any change of
568 ## user ssh keys
568 ## user ssh keys, setting this to false also disables posibility of adding
569 ## ssh keys for users from web interface.
569 570 ssh.generate_authorized_keyfile = false
570 571
571 572 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
572 573 # ssh.authorized_keys_ssh_opts =
573 574
574 575 ## File to generate the authorized keys together with options
575 576 ## It is possible to have multiple key files specified in `sshd_config` e.g.
576 577 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
577 578 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
578 579
579 580 ## Command to execute the SSH wrapper. The binary is available in the
580 581 ## rhodecode installation directory.
581 582 ## e.g ~/.rccontrol/community-1/profile/bin/rcssh-wrapper
582 583 ssh.wrapper_cmd = ~/.rccontrol/community-1/rcssh-wrapper
583 584
584 585 ## Allow shell when executing the ssh-wrapper command
585 586 ssh.wrapper_cmd_allow_shell = false
586 587
587 588 ## Enables logging, and detailed output send back to the client. Usefull for
588 589 ## debugging, shouldn't be used in production.
589 590 ssh.enable_debug_logging = false
590 591
591 592 ## API KEY for user who has access to fetch other user permission information
592 593 ## most likely an super-admin account with some IP restrictions.
593 594 ssh.api_key =
594 595
595 596 ## API Host, the server address of RhodeCode instance that the api_key will
596 597 ## access
597 598 ssh.api_host = http://localhost
598 599
599 600 ## Paths to binary executrables, by default they are the names, but we can
600 601 ## override them if we want to use a custom one
601 602 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
602 603 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
603 604 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
604 605
605 606
606 607 ## Dummy marker to add new entries after.
607 608 ## Add any custom entries below. Please don't remove.
608 609 custom.conf = 1
609 610
610 611
611 612 ################################
612 613 ### LOGGING CONFIGURATION ####
613 614 ################################
614 615 [loggers]
615 616 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, ssh_wrapper
616 617
617 618 [handlers]
618 619 keys = console, console_sql
619 620
620 621 [formatters]
621 622 keys = generic, color_formatter, color_formatter_sql
622 623
623 624 #############
624 625 ## LOGGERS ##
625 626 #############
626 627 [logger_root]
627 628 level = NOTSET
628 629 handlers = console
629 630
630 631 [logger_routes]
631 632 level = DEBUG
632 633 handlers =
633 634 qualname = routes.middleware
634 635 ## "level = DEBUG" logs the route matched and routing variables.
635 636 propagate = 1
636 637
637 638 [logger_beaker]
638 639 level = DEBUG
639 640 handlers =
640 641 qualname = beaker.container
641 642 propagate = 1
642 643
643 644 [logger_templates]
644 645 level = INFO
645 646 handlers =
646 647 qualname = pylons.templating
647 648 propagate = 1
648 649
649 650 [logger_rhodecode]
650 651 level = DEBUG
651 652 handlers =
652 653 qualname = rhodecode
653 654 propagate = 1
654 655
655 656 [logger_sqlalchemy]
656 657 level = INFO
657 658 handlers = console_sql
658 659 qualname = sqlalchemy.engine
659 660 propagate = 0
660 661
661 662 [logger_ssh_wrapper]
662 663 level = DEBUG
663 664 handlers =
664 665 qualname = ssh_wrapper
665 666 propagate = 1
666 667
667 668
668 669 ##############
669 670 ## HANDLERS ##
670 671 ##############
671 672
672 673 [handler_console]
673 674 class = StreamHandler
674 675 args = (sys.stderr, )
675 676 level = INFO
676 677 formatter = generic
677 678
678 679 [handler_console_sql]
679 680 class = StreamHandler
680 681 args = (sys.stderr, )
681 682 level = WARN
682 683 formatter = generic
683 684
684 685 ################
685 686 ## FORMATTERS ##
686 687 ################
687 688
688 689 [formatter_generic]
689 690 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
690 691 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
691 692 datefmt = %Y-%m-%d %H:%M:%S
692 693
693 694 [formatter_color_formatter]
694 695 class = rhodecode.lib.logging_formatter.ColorFormatter
695 696 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
696 697 datefmt = %Y-%m-%d %H:%M:%S
697 698
698 699 [formatter_color_formatter_sql]
699 700 class = rhodecode.lib.logging_formatter.ColorFormatterSql
700 701 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
701 702 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,776 +1,777 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 0.0.0.0
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 use = egg:waitress#main
55 55 ## number of worker threads
56 56 threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 #use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 #workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommened to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 #proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 #worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 #max_requests = 1000
88 88 #max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 #timeout = 21600
92 92
93 93 ## UWSGI ##
94 94 ## run with uwsgi --ini-paste-logged <inifile.ini>
95 95 #[uwsgi]
96 96 #socket = /tmp/uwsgi.sock
97 97 #master = true
98 98 #http = 127.0.0.1:5000
99 99
100 100 ## set as deamon and redirect all output to file
101 101 #daemonize = ./uwsgi_rhodecode.log
102 102
103 103 ## master process PID
104 104 #pidfile = ./uwsgi_rhodecode.pid
105 105
106 106 ## stats server with workers statistics, use uwsgitop
107 107 ## for monitoring, `uwsgitop 127.0.0.1:1717`
108 108 #stats = 127.0.0.1:1717
109 109 #memory-report = true
110 110
111 111 ## log 5XX errors
112 112 #log-5xx = true
113 113
114 114 ## Set the socket listen queue size.
115 115 #listen = 256
116 116
117 117 ## Gracefully Reload workers after the specified amount of managed requests
118 118 ## (avoid memory leaks).
119 119 #max-requests = 1000
120 120
121 121 ## enable large buffers
122 122 #buffer-size=65535
123 123
124 124 ## socket and http timeouts ##
125 125 #http-timeout=3600
126 126 #socket-timeout=3600
127 127
128 128 ## Log requests slower than the specified number of milliseconds.
129 129 #log-slow = 10
130 130
131 131 ## Exit if no app can be loaded.
132 132 #need-app = true
133 133
134 134 ## Set lazy mode (load apps in workers instead of master).
135 135 #lazy = true
136 136
137 137 ## scaling ##
138 138 ## set cheaper algorithm to use, if not set default will be used
139 139 #cheaper-algo = spare
140 140
141 141 ## minimum number of workers to keep at all times
142 142 #cheaper = 1
143 143
144 144 ## number of workers to spawn at startup
145 145 #cheaper-initial = 1
146 146
147 147 ## maximum number of workers that can be spawned
148 148 #workers = 4
149 149
150 150 ## how many workers should be spawned at a time
151 151 #cheaper-step = 1
152 152
153 153 ## prefix middleware for RhodeCode.
154 154 ## recommended when using proxy setup.
155 155 ## allows to set RhodeCode under a prefix in server.
156 156 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
157 157 ## And set your prefix like: `prefix = /custom_prefix`
158 158 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
159 159 ## to make your cookies only work on prefix url
160 160 [filter:proxy-prefix]
161 161 use = egg:PasteDeploy#prefix
162 162 prefix = /
163 163
164 164 [app:main]
165 165 is_test = True
166 166 use = egg:rhodecode-enterprise-ce
167 167
168 168 ## enable proxy prefix middleware, defined above
169 169 #filter-with = proxy-prefix
170 170
171 171
172 172 ## RHODECODE PLUGINS ##
173 173 rhodecode.includes = rhodecode.api
174 174
175 175 # api prefix url
176 176 rhodecode.api.url = /_admin/api
177 177
178 178
179 179 ## END RHODECODE PLUGINS ##
180 180
181 181 ## encryption key used to encrypt social plugin tokens,
182 182 ## remote_urls with credentials etc, if not set it defaults to
183 183 ## `beaker.session.secret`
184 184 #rhodecode.encrypted_values.secret =
185 185
186 186 ## decryption strict mode (enabled by default). It controls if decryption raises
187 187 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
188 188 #rhodecode.encrypted_values.strict = false
189 189
190 190 ## return gzipped responses from Rhodecode (static files/application)
191 191 gzip_responses = false
192 192
193 193 ## autogenerate javascript routes file on startup
194 194 generate_js_files = false
195 195
196 196 ## Optional Languages
197 197 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
198 198 lang = en
199 199
200 200 ## perform a full repository scan on each server start, this should be
201 201 ## set to false after first startup, to allow faster server restarts.
202 202 startup.import_repos = true
203 203
204 204 ## Uncomment and set this path to use archive download cache.
205 205 ## Once enabled, generated archives will be cached at this location
206 206 ## and served from the cache during subsequent requests for the same archive of
207 207 ## the repository.
208 208 #archive_cache_dir = /tmp/tarballcache
209 209
210 210 ## change this to unique ID for security
211 211 app_instance_uuid = rc-production
212 212
213 213 ## cut off limit for large diffs (size in bytes)
214 214 cut_off_limit_diff = 1024000
215 215 cut_off_limit_file = 256000
216 216
217 217 ## use cache version of scm repo everywhere
218 218 vcs_full_cache = false
219 219
220 220 ## force https in RhodeCode, fixes https redirects, assumes it's always https
221 221 ## Normally this is controlled by proper http flags sent from http server
222 222 force_https = false
223 223
224 224 ## use Strict-Transport-Security headers
225 225 use_htsts = false
226 226
227 227 ## number of commits stats will parse on each iteration
228 228 commit_parse_limit = 25
229 229
230 230 ## git rev filter option, --all is the default filter, if you need to
231 231 ## hide all refs in changelog switch this to --branches --tags
232 232 git_rev_filter = --all
233 233
234 234 # Set to true if your repos are exposed using the dumb protocol
235 235 git_update_server_info = false
236 236
237 237 ## RSS/ATOM feed options
238 238 rss_cut_off_limit = 256000
239 239 rss_items_per_page = 10
240 240 rss_include_diff = false
241 241
242 242 ## gist URL alias, used to create nicer urls for gist. This should be an
243 243 ## url that does rewrites to _admin/gists/{gistid}.
244 244 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
245 245 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
246 246 gist_alias_url =
247 247
248 248 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
249 249 ## used for access.
250 250 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
251 251 ## came from the the logged in user who own this authentication token.
252 252 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
253 253 ## authentication token. Such view would be only accessible when used together
254 254 ## with this authentication token
255 255 ##
256 256 ## list of all views can be found under `/_admin/permissions/auth_token_access`
257 257 ## The list should be "," separated and on a single line.
258 258 ##
259 259 ## Most common views to enable:
260 260 # RepoCommitsView:repo_commit_download
261 261 # RepoCommitsView:repo_commit_patch
262 262 # RepoCommitsView:repo_commit_raw
263 263 # RepoCommitsView:repo_commit_raw@TOKEN
264 264 # RepoFilesView:repo_files_diff
265 265 # RepoFilesView:repo_archivefile
266 266 # RepoFilesView:repo_file_raw
267 267 # GistView:*
268 268 api_access_controllers_whitelist =
269 269
270 270 ## default encoding used to convert from and to unicode
271 271 ## can be also a comma separated list of encoding in case of mixed encodings
272 272 default_encoding = UTF-8
273 273
274 274 ## instance-id prefix
275 275 ## a prefix key for this instance used for cache invalidation when running
276 276 ## multiple instances of rhodecode, make sure it's globally unique for
277 277 ## all running rhodecode instances. Leave empty if you don't use it
278 278 instance_id =
279 279
280 280 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
281 281 ## of an authentication plugin also if it is disabled by it's settings.
282 282 ## This could be useful if you are unable to log in to the system due to broken
283 283 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
284 284 ## module to log in again and fix the settings.
285 285 ##
286 286 ## Available builtin plugin IDs (hash is part of the ID):
287 287 ## egg:rhodecode-enterprise-ce#rhodecode
288 288 ## egg:rhodecode-enterprise-ce#pam
289 289 ## egg:rhodecode-enterprise-ce#ldap
290 290 ## egg:rhodecode-enterprise-ce#jasig_cas
291 291 ## egg:rhodecode-enterprise-ce#headers
292 292 ## egg:rhodecode-enterprise-ce#crowd
293 293 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
294 294
295 295 ## alternative return HTTP header for failed authentication. Default HTTP
296 296 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
297 297 ## handling that causing a series of failed authentication calls.
298 298 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
299 299 ## This will be served instead of default 401 on bad authnetication
300 300 auth_ret_code =
301 301
302 302 ## use special detection method when serving auth_ret_code, instead of serving
303 303 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
304 304 ## and then serve auth_ret_code to clients
305 305 auth_ret_code_detection = false
306 306
307 307 ## locking return code. When repository is locked return this HTTP code. 2XX
308 308 ## codes don't break the transactions while 4XX codes do
309 309 lock_ret_code = 423
310 310
311 311 ## allows to change the repository location in settings page
312 312 allow_repo_location_change = true
313 313
314 314 ## allows to setup custom hooks in settings page
315 315 allow_custom_hooks_settings = true
316 316
317 317 ## generated license token, goto license page in RhodeCode settings to obtain
318 318 ## new token
319 319 license_token = abra-cada-bra1-rce3
320 320
321 321 ## supervisor connection uri, for managing supervisor and logs.
322 322 supervisor.uri =
323 323 ## supervisord group name/id we only want this RC instance to handle
324 324 supervisor.group_id = dev
325 325
326 326 ## Display extended labs settings
327 327 labs_settings_active = true
328 328
329 329 ####################################
330 330 ### CELERY CONFIG ####
331 331 ####################################
332 332 use_celery = false
333 333 broker.host = localhost
334 334 broker.vhost = rabbitmqhost
335 335 broker.port = 5672
336 336 broker.user = rabbitmq
337 337 broker.password = qweqwe
338 338
339 339 celery.imports = rhodecode.lib.celerylib.tasks
340 340
341 341 celery.result.backend = amqp
342 342 celery.result.dburi = amqp://
343 343 celery.result.serialier = json
344 344
345 345 #celery.send.task.error.emails = true
346 346 #celery.amqp.task.result.expires = 18000
347 347
348 348 celeryd.concurrency = 2
349 349 #celeryd.log.file = celeryd.log
350 350 celeryd.log.level = debug
351 351 celeryd.max.tasks.per.child = 1
352 352
353 353 ## tasks will never be sent to the queue, but executed locally instead.
354 354 celery.always.eager = false
355 355
356 356 ####################################
357 357 ### BEAKER CACHE ####
358 358 ####################################
359 359 # default cache dir for templates. Putting this into a ramdisk
360 360 ## can boost performance, eg. %(here)s/data_ramdisk
361 361 cache_dir = %(here)s/data
362 362
363 363 ## locking and default file storage for Beaker. Putting this into a ramdisk
364 364 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
365 365 beaker.cache.data_dir = %(here)s/rc/data/cache/beaker_data
366 366 beaker.cache.lock_dir = %(here)s/rc/data/cache/beaker_lock
367 367
368 368 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
369 369
370 370 beaker.cache.super_short_term.type = memory
371 371 beaker.cache.super_short_term.expire = 1
372 372 beaker.cache.super_short_term.key_length = 256
373 373
374 374 beaker.cache.short_term.type = memory
375 375 beaker.cache.short_term.expire = 60
376 376 beaker.cache.short_term.key_length = 256
377 377
378 378 beaker.cache.long_term.type = memory
379 379 beaker.cache.long_term.expire = 36000
380 380 beaker.cache.long_term.key_length = 256
381 381
382 382 beaker.cache.sql_cache_short.type = memory
383 383 beaker.cache.sql_cache_short.expire = 1
384 384 beaker.cache.sql_cache_short.key_length = 256
385 385
386 386 ## default is memory cache, configure only if required
387 387 ## using multi-node or multi-worker setup
388 388 #beaker.cache.auth_plugins.type = ext:database
389 389 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
390 390 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
391 391 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
392 392 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
393 393 #beaker.cache.auth_plugins.sa.pool_size = 10
394 394 #beaker.cache.auth_plugins.sa.max_overflow = 0
395 395
396 396 beaker.cache.repo_cache_long.type = memorylru_base
397 397 beaker.cache.repo_cache_long.max_items = 4096
398 398 beaker.cache.repo_cache_long.expire = 2592000
399 399
400 400 ## default is memorylru_base cache, configure only if required
401 401 ## using multi-node or multi-worker setup
402 402 #beaker.cache.repo_cache_long.type = ext:memcached
403 403 #beaker.cache.repo_cache_long.url = localhost:11211
404 404 #beaker.cache.repo_cache_long.expire = 1209600
405 405 #beaker.cache.repo_cache_long.key_length = 256
406 406
407 407 ####################################
408 408 ### BEAKER SESSION ####
409 409 ####################################
410 410
411 411 ## .session.type is type of storage options for the session, current allowed
412 412 ## types are file, ext:memcached, ext:database, and memory (default).
413 413 beaker.session.type = file
414 414 beaker.session.data_dir = %(here)s/rc/data/sessions/data
415 415
416 416 ## db based session, fast, and allows easy management over logged in users
417 417 #beaker.session.type = ext:database
418 418 #beaker.session.table_name = db_session
419 419 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
420 420 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
421 421 #beaker.session.sa.pool_recycle = 3600
422 422 #beaker.session.sa.echo = false
423 423
424 424 beaker.session.key = rhodecode
425 425 beaker.session.secret = test-rc-uytcxaz
426 426 beaker.session.lock_dir = %(here)s/rc/data/sessions/lock
427 427
428 428 ## Secure encrypted cookie. Requires AES and AES python libraries
429 429 ## you must disable beaker.session.secret to use this
430 430 #beaker.session.encrypt_key = key_for_encryption
431 431 #beaker.session.validate_key = validation_key
432 432
433 433 ## sets session as invalid(also logging out user) if it haven not been
434 434 ## accessed for given amount of time in seconds
435 435 beaker.session.timeout = 2592000
436 436 beaker.session.httponly = true
437 437 ## Path to use for the cookie. Set to prefix if you use prefix middleware
438 438 #beaker.session.cookie_path = /custom_prefix
439 439
440 440 ## uncomment for https secure cookie
441 441 beaker.session.secure = false
442 442
443 443 ## auto save the session to not to use .save()
444 444 beaker.session.auto = false
445 445
446 446 ## default cookie expiration time in seconds, set to `true` to set expire
447 447 ## at browser close
448 448 #beaker.session.cookie_expires = 3600
449 449
450 450 ###################################
451 451 ## SEARCH INDEXING CONFIGURATION ##
452 452 ###################################
453 453 ## Full text search indexer is available in rhodecode-tools under
454 454 ## `rhodecode-tools index` command
455 455
456 456 ## WHOOSH Backend, doesn't require additional services to run
457 457 ## it works good with few dozen repos
458 458 search.module = rhodecode.lib.index.whoosh
459 459 search.location = %(here)s/data/index
460 460
461 461 ########################################
462 462 ### CHANNELSTREAM CONFIG ####
463 463 ########################################
464 464 ## channelstream enables persistent connections and live notification
465 465 ## in the system. It's also used by the chat system
466 466
467 467 channelstream.enabled = false
468 468
469 469 ## server address for channelstream server on the backend
470 470 channelstream.server = 127.0.0.1:9800
471 471 ## location of the channelstream server from outside world
472 472 ## use ws:// for http or wss:// for https. This address needs to be handled
473 473 ## by external HTTP server such as Nginx or Apache
474 474 ## see nginx/apache configuration examples in our docs
475 475 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
476 476 channelstream.secret = secret
477 477 channelstream.history.location = %(here)s/channelstream_history
478 478
479 479 ## Internal application path that Javascript uses to connect into.
480 480 ## If you use proxy-prefix the prefix should be added before /_channelstream
481 481 channelstream.proxy_path = /_channelstream
482 482
483 483
484 484 ###################################
485 485 ## APPENLIGHT CONFIG ##
486 486 ###################################
487 487
488 488 ## Appenlight is tailored to work with RhodeCode, see
489 489 ## http://appenlight.com for details how to obtain an account
490 490
491 491 ## appenlight integration enabled
492 492 appenlight = false
493 493
494 494 appenlight.server_url = https://api.appenlight.com
495 495 appenlight.api_key = YOUR_API_KEY
496 496 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
497 497
498 498 # used for JS client
499 499 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
500 500
501 501 ## TWEAK AMOUNT OF INFO SENT HERE
502 502
503 503 ## enables 404 error logging (default False)
504 504 appenlight.report_404 = false
505 505
506 506 ## time in seconds after request is considered being slow (default 1)
507 507 appenlight.slow_request_time = 1
508 508
509 509 ## record slow requests in application
510 510 ## (needs to be enabled for slow datastore recording and time tracking)
511 511 appenlight.slow_requests = true
512 512
513 513 ## enable hooking to application loggers
514 514 appenlight.logging = true
515 515
516 516 ## minimum log level for log capture
517 517 appenlight.logging.level = WARNING
518 518
519 519 ## send logs only from erroneous/slow requests
520 520 ## (saves API quota for intensive logging)
521 521 appenlight.logging_on_error = false
522 522
523 523 ## list of additonal keywords that should be grabbed from environ object
524 524 ## can be string with comma separated list of words in lowercase
525 525 ## (by default client will always send following info:
526 526 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
527 527 ## start with HTTP* this list be extended with additional keywords here
528 528 appenlight.environ_keys_whitelist =
529 529
530 530 ## list of keywords that should be blanked from request object
531 531 ## can be string with comma separated list of words in lowercase
532 532 ## (by default client will always blank keys that contain following words
533 533 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
534 534 ## this list be extended with additional keywords set here
535 535 appenlight.request_keys_blacklist =
536 536
537 537 ## list of namespaces that should be ignores when gathering log entries
538 538 ## can be string with comma separated list of namespaces
539 539 ## (by default the client ignores own entries: appenlight_client.client)
540 540 appenlight.log_namespace_blacklist =
541 541
542 542
543 543 ################################################################################
544 544 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
545 545 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
546 546 ## execute malicious code after an exception is raised. ##
547 547 ################################################################################
548 548 set debug = false
549 549
550 550
551 551 ##############
552 552 ## STYLING ##
553 553 ##############
554 554 debug_style = false
555 555
556 556 ###########################################
557 557 ### MAIN RHODECODE DATABASE CONFIG ###
558 558 ###########################################
559 559 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
560 560 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode_test
561 561 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode_test
562 562 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode_test.db?timeout=30
563 563
564 564 # see sqlalchemy docs for other advanced settings
565 565
566 566 ## print the sql statements to output
567 567 sqlalchemy.db1.echo = false
568 568 ## recycle the connections after this amount of seconds
569 569 sqlalchemy.db1.pool_recycle = 3600
570 570 sqlalchemy.db1.convert_unicode = true
571 571
572 572 ## the number of connections to keep open inside the connection pool.
573 573 ## 0 indicates no limit
574 574 #sqlalchemy.db1.pool_size = 5
575 575
576 576 ## the number of connections to allow in connection pool "overflow", that is
577 577 ## connections that can be opened above and beyond the pool_size setting,
578 578 ## which defaults to five.
579 579 #sqlalchemy.db1.max_overflow = 10
580 580
581 581
582 582 ##################
583 583 ### VCS CONFIG ###
584 584 ##################
585 585 vcs.server.enable = true
586 586 vcs.server = localhost:9901
587 587
588 588 ## Web server connectivity protocol, responsible for web based VCS operatations
589 589 ## Available protocols are:
590 590 ## `http` - use http-rpc backend (default)
591 591 vcs.server.protocol = http
592 592
593 593 ## Push/Pull operations protocol, available options are:
594 594 ## `http` - use http-rpc backend (default)
595 595 ## `vcsserver.scm_app` - internal app (EE only)
596 596 vcs.scm_app_implementation = http
597 597
598 598 ## Push/Pull operations hooks protocol, available options are:
599 599 ## `http` - use http-rpc backend (default)
600 600 vcs.hooks.protocol = http
601 601
602 602 vcs.server.log_level = debug
603 603 ## Start VCSServer with this instance as a subprocess, usefull for development
604 604 vcs.start_server = false
605 605
606 606 ## List of enabled VCS backends, available options are:
607 607 ## `hg` - mercurial
608 608 ## `git` - git
609 609 ## `svn` - subversion
610 610 vcs.backends = hg, git, svn
611 611
612 612 vcs.connection_timeout = 3600
613 613 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
614 614 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
615 615 #vcs.svn.compatible_version = pre-1.8-compatible
616 616
617 617
618 618 ############################################################
619 619 ### Subversion proxy support (mod_dav_svn) ###
620 620 ### Maps RhodeCode repo groups into SVN paths for Apache ###
621 621 ############################################################
622 622 ## Enable or disable the config file generation.
623 623 svn.proxy.generate_config = false
624 624 ## Generate config file with `SVNListParentPath` set to `On`.
625 625 svn.proxy.list_parent_path = true
626 626 ## Set location and file name of generated config file.
627 627 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
628 628 ## Used as a prefix to the `Location` block in the generated config file.
629 629 ## In most cases it should be set to `/`.
630 630 svn.proxy.location_root = /
631 631 ## Command to reload the mod dav svn configuration on change.
632 632 ## Example: `/etc/init.d/apache2 reload`
633 633 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
634 634 ## If the timeout expires before the reload command finishes, the command will
635 635 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
636 636 #svn.proxy.reload_timeout = 10
637 637
638 638 ############################################################
639 639 ### SSH Support Settings ###
640 640 ############################################################
641 641
642 642 ## Defines if the authorized_keys file should be written on any change of
643 ## user ssh keys
643 ## user ssh keys, setting this to false also disables posibility of adding
644 ## ssh keys for users from web interface.
644 645 ssh.generate_authorized_keyfile = false
645 646
646 647 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
647 648 # ssh.authorized_keys_ssh_opts =
648 649
649 650 ## File to generate the authorized keys together with options
650 651 ## It is possible to have multiple key files specified in `sshd_config` e.g.
651 652 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
652 653 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
653 654
654 655 ## Command to execute the SSH wrapper. The binary is available in the
655 656 ## rhodecode installation directory.
656 657 ## e.g ~/.rccontrol/community-1/profile/bin/rcssh-wrapper
657 658 ssh.wrapper_cmd = ~/.rccontrol/community-1/rcssh-wrapper
658 659
659 660 ## Allow shell when executing the ssh-wrapper command
660 661 ssh.wrapper_cmd_allow_shell = false
661 662
662 663 ## Enables logging, and detailed output send back to the client. Usefull for
663 664 ## debugging, shouldn't be used in production.
664 665 ssh.enable_debug_logging = false
665 666
666 667 ## API KEY for user who has access to fetch other user permission information
667 668 ## most likely an super-admin account with some IP restrictions.
668 669 ssh.api_key =
669 670
670 671 ## API Host, the server address of RhodeCode instance that the api_key will
671 672 ## access
672 673 ssh.api_host = http://localhost
673 674
674 675 ## Paths to binary executrables, by default they are the names, but we can
675 676 ## override them if we want to use a custom one
676 677 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
677 678 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
678 679 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
679 680
680 681
681 682 ## Dummy marker to add new entries after.
682 683 ## Add any custom entries below. Please don't remove.
683 684 custom.conf = 1
684 685
685 686
686 687 ################################
687 688 ### LOGGING CONFIGURATION ####
688 689 ################################
689 690 [loggers]
690 691 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, ssh_wrapper
691 692
692 693 [handlers]
693 694 keys = console, console_sql
694 695
695 696 [formatters]
696 697 keys = generic, color_formatter, color_formatter_sql
697 698
698 699 #############
699 700 ## LOGGERS ##
700 701 #############
701 702 [logger_root]
702 703 level = NOTSET
703 704 handlers = console
704 705
705 706 [logger_routes]
706 707 level = DEBUG
707 708 handlers =
708 709 qualname = routes.middleware
709 710 ## "level = DEBUG" logs the route matched and routing variables.
710 711 propagate = 1
711 712
712 713 [logger_beaker]
713 714 level = DEBUG
714 715 handlers =
715 716 qualname = beaker.container
716 717 propagate = 1
717 718
718 719 [logger_templates]
719 720 level = INFO
720 721 handlers =
721 722 qualname = pylons.templating
722 723 propagate = 1
723 724
724 725 [logger_rhodecode]
725 726 level = DEBUG
726 727 handlers =
727 728 qualname = rhodecode
728 729 propagate = 1
729 730
730 731 [logger_sqlalchemy]
731 732 level = ERROR
732 733 handlers = console_sql
733 734 qualname = sqlalchemy.engine
734 735 propagate = 0
735 736
736 737 [logger_ssh_wrapper]
737 738 level = DEBUG
738 739 handlers =
739 740 qualname = ssh_wrapper
740 741 propagate = 1
741 742
742 743
743 744 ##############
744 745 ## HANDLERS ##
745 746 ##############
746 747
747 748 [handler_console]
748 749 class = StreamHandler
749 750 args = (sys.stderr,)
750 751 level = DEBUG
751 752 formatter = generic
752 753
753 754 [handler_console_sql]
754 755 class = StreamHandler
755 756 args = (sys.stderr,)
756 757 level = WARN
757 758 formatter = generic
758 759
759 760 ################
760 761 ## FORMATTERS ##
761 762 ################
762 763
763 764 [formatter_generic]
764 765 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
765 766 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
766 767 datefmt = %Y-%m-%d %H:%M:%S
767 768
768 769 [formatter_color_formatter]
769 770 class = rhodecode.lib.logging_formatter.ColorFormatter
770 771 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
771 772 datefmt = %Y-%m-%d %H:%M:%S
772 773
773 774 [formatter_color_formatter_sql]
774 775 class = rhodecode.lib.logging_formatter.ColorFormatterSql
775 776 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
776 777 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now