rhodecode-enterprise-ce Commit - r5434:6da054fb

1

2

; #########################################

2

; #########################################

3

; RHODECODE COMMUNITY EDITION CONFIGURATION

3

; RHODECODE COMMUNITY EDITION CONFIGURATION

4

; #########################################

4

; #########################################

5

6

[DEFAULT]

6

[DEFAULT]

7

; Debug flag sets all loggers to debug, and enables request tracking

7

; Debug flag sets all loggers to debug, and enables request tracking

8

debug = true

8

debug = true

9

10

; ########################################################################

10

; ########################################################################

11

; EMAIL CONFIGURATION

11

; EMAIL CONFIGURATION

12

; These settings will be used by the RhodeCode mailing system

12

; These settings will be used by the RhodeCode mailing system

13

; ########################################################################

13

; ########################################################################

14

15

; prefix all emails subjects with given prefix, helps filtering out emails

15

; prefix all emails subjects with given prefix, helps filtering out emails

16

#email_prefix = [RhodeCode]

16

#email_prefix = [RhodeCode]

17

18

; email FROM address all mails will be sent

18

; email FROM address all mails will be sent

19

#app_email_from = rhodecode-noreply@localhost

19

#app_email_from = rhodecode-noreply@localhost

20

21

#smtp_server = mail.server.com

21

#smtp_server = mail.server.com

22

#smtp_username =

22

#smtp_username =

23

#smtp_password =

23

#smtp_password =

24

#smtp_port =

24

#smtp_port =

25

#smtp_use_tls = false

25

#smtp_use_tls = false

26

#smtp_use_ssl = true

26

#smtp_use_ssl = true

27

28

[server:main]

28

[server:main]

29

; COMMON HOST/IP CONFIG, This applies mostly to develop setup,

29

; COMMON HOST/IP CONFIG, This applies mostly to develop setup,

30

; Host port for gunicorn are controlled by gunicorn_conf.py

30

; Host port for gunicorn are controlled by gunicorn_conf.py

31

host = 127.0.0.1

31

host = 127.0.0.1

32

port = 10020

32

port = 10020

33

34

35

; ###########################

35

; ###########################

36

; GUNICORN APPLICATION SERVER

36

; GUNICORN APPLICATION SERVER

37

; ###########################

37

; ###########################

38

39

; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py

39

; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py

40

41

; Module to use, this setting shouldn't be changed

41

; Module to use, this setting shouldn't be changed

42

use = egg:gunicorn#main

42

use = egg:gunicorn#main

43

44

; Prefix middleware for RhodeCode.

44

; Prefix middleware for RhodeCode.

45

; recommended when using proxy setup.

45

; recommended when using proxy setup.

46

; allows to set RhodeCode under a prefix in server.

46

; allows to set RhodeCode under a prefix in server.

47

; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.

47

; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.

48

; And set your prefix like: `prefix = /custom_prefix`

48

; And set your prefix like: `prefix = /custom_prefix`

49

; be sure to also set beaker.session.cookie_path = /custom_prefix if you need

49

; be sure to also set beaker.session.cookie_path = /custom_prefix if you need

50

; to make your cookies only work on prefix url

50

; to make your cookies only work on prefix url

51

[filter:proxy-prefix]

51

[filter:proxy-prefix]

52

use = egg:PasteDeploy#prefix

52

use = egg:PasteDeploy#prefix

53

prefix = /

53

prefix = /

54

55

[app:main]

55

[app:main]

56

; The %(here)s variable will be replaced with the absolute path of parent directory

56

; The %(here)s variable will be replaced with the absolute path of parent directory

57

; of this file

57

; of this file

58

; Each option in the app:main can be override by an environmental variable

58

; Each option in the app:main can be override by an environmental variable

59

;

59

;

60

;To override an option:

60

;To override an option:

61

;

61

;

62

;RC_<KeyName>

62

;RC_<KeyName>

63

;Everything should be uppercase, . and - should be replaced by _.

63

;Everything should be uppercase, . and - should be replaced by _.

64

;For example, if you have these configuration settings:

64

;For example, if you have these configuration settings:

65

;rc_cache.repo_object.backend = foo

65

;rc_cache.repo_object.backend = foo

66

;can be overridden by

66

;can be overridden by

67

;export RC_CACHE_REPO_OBJECT_BACKEND=foo

67

;export RC_CACHE_REPO_OBJECT_BACKEND=foo

68

69

use = egg:rhodecode-enterprise-ce

69

use = egg:rhodecode-enterprise-ce

70

71

; enable proxy prefix middleware, defined above

71

; enable proxy prefix middleware, defined above

72

#filter-with = proxy-prefix

72

#filter-with = proxy-prefix

73

74

; encryption key used to encrypt social plugin tokens,

74

; encryption key used to encrypt social plugin tokens,

75

; remote_urls with credentials etc, if not set it defaults to

75

; remote_urls with credentials etc, if not set it defaults to

76

; `beaker.session.secret`

76

; `beaker.session.secret`

77

#rhodecode.encrypted_values.secret =

77

#rhodecode.encrypted_values.secret =

78

79

; decryption strict mode (enabled by default). It controls if decryption raises

79

; decryption strict mode (enabled by default). It controls if decryption raises

80

; `SignatureVerificationError` in case of wrong key, or damaged encryption data.

80

; `SignatureVerificationError` in case of wrong key, or damaged encryption data.

81

#rhodecode.encrypted_values.strict = false

81

#rhodecode.encrypted_values.strict = false

82

83

; Pick algorithm for encryption. Either fernet (more secure) or aes (default)

83

; Pick algorithm for encryption. Either fernet (more secure) or aes (default)

84

; fernet is safer, and we strongly recommend switching to it.

84

; fernet is safer, and we strongly recommend switching to it.

85

; Due to backward compatibility aes is used as default.

85

; Due to backward compatibility aes is used as default.

86

#rhodecode.encrypted_values.algorithm = fernet

86

#rhodecode.encrypted_values.algorithm = fernet

87

88

; Return gzipped responses from RhodeCode (static files/application)

88

; Return gzipped responses from RhodeCode (static files/application)

89

gzip_responses = false

89

gzip_responses = false

90

91

; Auto-generate javascript routes file on startup

91

; Auto-generate javascript routes file on startup

92

generate_js_files = false

92

generate_js_files = false

93

94

; System global default language.

94

; System global default language.

95

; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh

95

; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh

96

lang = en

96

lang = en

97

98

; Perform a full repository scan and import on each server start.

98

; Perform a full repository scan and import on each server start.

99

; Settings this to true could lead to very long startup time.

99

; Settings this to true could lead to very long startup time.

100

startup.import_repos = true

100

startup.import_repos = true

101

102

; URL at which the application is running. This is used for Bootstrapping

102

; URL at which the application is running. This is used for Bootstrapping

103

; requests in context when no web request is available. Used in ishell, or

103

; requests in context when no web request is available. Used in ishell, or

104

; SSH calls. Set this for events to receive proper url for SSH calls.

104

; SSH calls. Set this for events to receive proper url for SSH calls.

105

app.base_url = http://rhodecode.local

105

app.base_url = http://rhodecode.local

106

107

; Host at which the Service API is running.

107

; Host at which the Service API is running.

108

app.service_api.host = http://rhodecode.local:10020

108

app.service_api.host = http://rhodecode.local:10020

109

110

; Secret for Service API authentication.

110

; Secret for Service API authentication.

111

app.service_api.token =

111

app.service_api.token =

112

113

; Unique application ID. Should be a random unique string for security.

113

; Unique application ID. Should be a random unique string for security.

114

app_instance_uuid = rc-production

114

app_instance_uuid = rc-production

115

116

; Cut off limit for large diffs (size in bytes). If overall diff size on

116

; Cut off limit for large diffs (size in bytes). If overall diff size on

117

; commit, or pull request exceeds this limit this diff will be displayed

117

; commit, or pull request exceeds this limit this diff will be displayed

118

; partially. E.g 512000 == 512Kb

118

; partially. E.g 512000 == 512Kb

119

cut_off_limit_diff = 1024000

119

cut_off_limit_diff = 1024000

120

121

; Cut off limit for large files inside diffs (size in bytes). Each individual

121

; Cut off limit for large files inside diffs (size in bytes). Each individual

122

; file inside diff which exceeds this limit will be displayed partially.

122

; file inside diff which exceeds this limit will be displayed partially.

123

; E.g 128000 == 128Kb

123

; E.g 128000 == 128Kb

124

cut_off_limit_file = 256000

124

cut_off_limit_file = 256000

125

126

; Use cached version of vcs repositories everywhere. Recommended to be `true`

126

; Use cached version of vcs repositories everywhere. Recommended to be `true`

127

vcs_full_cache = false

127

vcs_full_cache = false

128

129

; Force https in RhodeCode, fixes https redirects, assumes it's always https.

129

; Force https in RhodeCode, fixes https redirects, assumes it's always https.

130

; Normally this is controlled by proper flags sent from http server such as Nginx or Apache

130

; Normally this is controlled by proper flags sent from http server such as Nginx or Apache

131

force_https = false

131

force_https = false

132

133

; use Strict-Transport-Security headers

133

; use Strict-Transport-Security headers

134

use_htsts = false

134

use_htsts = false

135

136

; Set to true if your repos are exposed using the dumb protocol

136

; Set to true if your repos are exposed using the dumb protocol

137

git_update_server_info = false

137

git_update_server_info = false

138

139

; RSS/ATOM feed options

139

; RSS/ATOM feed options

140

rss_cut_off_limit = 256000

140

rss_cut_off_limit = 256000

141

rss_items_per_page = 10

141

rss_items_per_page = 10

142

rss_include_diff = false

142

rss_include_diff = false

143

144

; gist URL alias, used to create nicer urls for gist. This should be an

144

; gist URL alias, used to create nicer urls for gist. This should be an

145

; url that does rewrites to _admin/gists/{gistid}.

145

; url that does rewrites to _admin/gists/{gistid}.

146

; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal

146

; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal

147

; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}

147

; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}

148

gist_alias_url =

148

gist_alias_url =

149

150

; List of views (using glob pattern syntax) that AUTH TOKENS could be

150

; List of views (using glob pattern syntax) that AUTH TOKENS could be

151

; used for access.

151

; used for access.

152

; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it

152

; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it

153

; came from the the logged in user who own this authentication token.

153

; came from the the logged in user who own this authentication token.

154

; Additionally @TOKEN syntax can be used to bound the view to specific

154

; Additionally @TOKEN syntax can be used to bound the view to specific

155

; authentication token. Such view would be only accessible when used together

155

; authentication token. Such view would be only accessible when used together

156

; with this authentication token

156

; with this authentication token

157

; list of all views can be found under `/_admin/permissions/auth_token_access`

157

; list of all views can be found under `/_admin/permissions/auth_token_access`

158

; The list should be "," separated and on a single line.

158

; The list should be "," separated and on a single line.

159

; Most common views to enable:

159

; Most common views to enable:

160

161

# RepoCommitsView:repo_commit_download

161

# RepoCommitsView:repo_commit_download

162

# RepoCommitsView:repo_commit_patch

162

# RepoCommitsView:repo_commit_patch

163

# RepoCommitsView:repo_commit_raw

163

# RepoCommitsView:repo_commit_raw

164

# RepoCommitsView:repo_commit_raw@TOKEN

164

# RepoCommitsView:repo_commit_raw@TOKEN

165

# RepoFilesView:repo_files_diff

165

# RepoFilesView:repo_files_diff

166

# RepoFilesView:repo_archivefile

166

# RepoFilesView:repo_archivefile

167

# RepoFilesView:repo_file_raw

167

# RepoFilesView:repo_file_raw

168

# GistView:*

168

# GistView:*

169

api_access_controllers_whitelist =

169

api_access_controllers_whitelist =

170

171

; Default encoding used to convert from and to unicode

171

; Default encoding used to convert from and to unicode

172

; can be also a comma separated list of encoding in case of mixed encodings

172

; can be also a comma separated list of encoding in case of mixed encodings

173

default_encoding = UTF-8

173

default_encoding = UTF-8

174

175

; instance-id prefix

175

; instance-id prefix

176

; a prefix key for this instance used for cache invalidation when running

176

; a prefix key for this instance used for cache invalidation when running

177

; multiple instances of RhodeCode, make sure it's globally unique for

177

; multiple instances of RhodeCode, make sure it's globally unique for

178

; all running RhodeCode instances. Leave empty if you don't use it

178

; all running RhodeCode instances. Leave empty if you don't use it

179

instance_id =

179

instance_id =

180

181

; Fallback authentication plugin. Set this to a plugin ID to force the usage

181

; Fallback authentication plugin. Set this to a plugin ID to force the usage

182

; of an authentication plugin also if it is disabled by it's settings.

182

; of an authentication plugin also if it is disabled by it's settings.

183

; This could be useful if you are unable to log in to the system due to broken

183

; This could be useful if you are unable to log in to the system due to broken

184

; authentication settings. Then you can enable e.g. the internal RhodeCode auth

184

; authentication settings. Then you can enable e.g. the internal RhodeCode auth

185

; module to log in again and fix the settings.

185

; module to log in again and fix the settings.

186

; Available builtin plugin IDs (hash is part of the ID):

186

; Available builtin plugin IDs (hash is part of the ID):

187

; egg:rhodecode-enterprise-ce#rhodecode

187

; egg:rhodecode-enterprise-ce#rhodecode

188

; egg:rhodecode-enterprise-ce#pam

188

; egg:rhodecode-enterprise-ce#pam

189

; egg:rhodecode-enterprise-ce#ldap

189

; egg:rhodecode-enterprise-ce#ldap

190

; egg:rhodecode-enterprise-ce#jasig_cas

190

; egg:rhodecode-enterprise-ce#jasig_cas

191

; egg:rhodecode-enterprise-ce#headers

191

; egg:rhodecode-enterprise-ce#headers

192

; egg:rhodecode-enterprise-ce#crowd

192

; egg:rhodecode-enterprise-ce#crowd

193

194

#rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode

194

#rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode

195

196

; Flag to control loading of legacy plugins in py:/path format

196

; Flag to control loading of legacy plugins in py:/path format

197

auth_plugin.import_legacy_plugins = true

197

auth_plugin.import_legacy_plugins = true

198

199

; alternative return HTTP header for failed authentication. Default HTTP

199

; alternative return HTTP header for failed authentication. Default HTTP

200

; response is 401 HTTPUnauthorized. Currently HG clients have troubles with

200

; response is 401 HTTPUnauthorized. Currently HG clients have troubles with

201

; handling that causing a series of failed authentication calls.

201

; handling that causing a series of failed authentication calls.

202

; Set this variable to 403 to return HTTPForbidden, or any other HTTP code

202

; Set this variable to 403 to return HTTPForbidden, or any other HTTP code

203

; This will be served instead of default 401 on bad authentication

203

; This will be served instead of default 401 on bad authentication

204

auth_ret_code =

204

auth_ret_code =

205

206

; use special detection method when serving auth_ret_code, instead of serving

206

; use special detection method when serving auth_ret_code, instead of serving

207

; ret_code directly, use 401 initially (Which triggers credentials prompt)

207

; ret_code directly, use 401 initially (Which triggers credentials prompt)

208

; and then serve auth_ret_code to clients

208

; and then serve auth_ret_code to clients

209

auth_ret_code_detection = false

209

auth_ret_code_detection = false

210

211

; locking return code. When repository is locked return this HTTP code. 2XX

211

; locking return code. When repository is locked return this HTTP code. 2XX

212

; codes don't break the transactions while 4XX codes do

212

; codes don't break the transactions while 4XX codes do

213

lock_ret_code = 423

213

lock_ret_code = 423

214

215

; Filesystem location were repositories should be stored

215

; Filesystem location were repositories should be stored

216

repo_store.path = /var/opt/rhodecode_repo_store

216

repo_store.path = /var/opt/rhodecode_repo_store

217

218

; allows to setup custom hooks in settings page

218

; allows to setup custom hooks in settings page

219

allow_custom_hooks_settings = true

219

allow_custom_hooks_settings = true

220

221

; Generated license token required for EE edition license.

221

; Generated license token required for EE edition license.

222

; New generated token value can be found in Admin > settings > license page.

222

; New generated token value can be found in Admin > settings > license page.

223

license_token = abra-cada-bra1-rce3

223

license_token = abra-cada-bra1-rce3

224

225

; This flag hides sensitive information on the license page such as token, and license data

225

; This flag hides sensitive information on the license page such as token, and license data

226

license.hide_license_info = false

226

license.hide_license_info = false

227

228

; supervisor connection uri, for managing supervisor and logs.

228

; supervisor connection uri, for managing supervisor and logs.

229

supervisor.uri =

229

supervisor.uri =

230

231

; supervisord group name/id we only want this RC instance to handle

231

; supervisord group name/id we only want this RC instance to handle

232

supervisor.group_id = dev

232

supervisor.group_id = dev

233

234

; Display extended labs settings

234

; Display extended labs settings

235

labs_settings_active = true

235

labs_settings_active = true

236

237

; Custom exception store path, defaults to TMPDIR

237

; Custom exception store path, defaults to TMPDIR

238

; This is used to store exception from RhodeCode in shared directory

238

; This is used to store exception from RhodeCode in shared directory

239

#exception_tracker.store_path =

239

#exception_tracker.store_path =

240

241

; Send email with exception details when it happens

241

; Send email with exception details when it happens

242

#exception_tracker.send_email = false

242

#exception_tracker.send_email = false

243

244

; Comma separated list of recipients for exception emails,

244

; Comma separated list of recipients for exception emails,

245

; e.g admin@rhodecode.com,devops@rhodecode.com

245

; e.g admin@rhodecode.com,devops@rhodecode.com

246

; Can be left empty, then emails will be sent to ALL super-admins

246

; Can be left empty, then emails will be sent to ALL super-admins

247

#exception_tracker.send_email_recipients =

247

#exception_tracker.send_email_recipients =

248

249

; optional prefix to Add to email Subject

249

; optional prefix to Add to email Subject

250

#exception_tracker.email_prefix = [RHODECODE ERROR]

250

#exception_tracker.email_prefix = [RHODECODE ERROR]

251

252

; File store configuration. This is used to store and serve uploaded files

252

; File store configuration. This is used to store and serve uploaded files

253

file_store.enabled = true

253

file_store.enabled = true

254

255

; Storage backend, available options are: local

255

; Storage backend, available options are: local

256

file_store.backend = local

256

file_store.backend = local

257

258

; path to store the uploaded binaries and artifacts

258

; path to store the uploaded binaries and artifacts

259

file_store.storage_path = /var/opt/rhodecode_data/file_store

259

file_store.storage_path = /var/opt/rhodecode_data/file_store

260

261

262

; Redis url to acquire/check generation of archives locks

262

; Redis url to acquire/check generation of archives locks

263

archive_cache.locking.url = redis://redis:6379/1

263

archive_cache.locking.url = redis://redis:6379/1

264

265

; Storage backend, only 'filesystem' and 'objectstore' are available now

265

; Storage backend, only 'filesystem' and 'objectstore' are available now

266

archive_cache.backend.type = filesystem

266

archive_cache.backend.type = filesystem

267

268

; url for s3 compatible storage that allows to upload artifacts

268

; url for s3 compatible storage that allows to upload artifacts

269

; e.g http://minio:9000

269

; e.g http://minio:9000

270

archive_cache.objectstore.url = http://s3-minio:9000

270

archive_cache.objectstore.url = http://s3-minio:9000

271

272

; key for s3 auth

272

; key for s3 auth

273

archive_cache.objectstore.key = key

273

archive_cache.objectstore.key = key

274

275

; secret for s3 auth

275

; secret for s3 auth

276

archive_cache.objectstore.secret = secret

276

archive_cache.objectstore.secret = secret

277

278

; number of sharded buckets to create to distribute archives across

278

; number of sharded buckets to create to distribute archives across

279

; default is 8 shards

279

; default is 8 shards

280

archive_cache.objectstore.bucket_shards = 8

280

archive_cache.objectstore.bucket_shards = 8

281

282

; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time

282

; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time

283

archive_cache.objectstore.retry = false

283

archive_cache.objectstore.retry = false

284

285

; number of seconds to wait for next try using retry

285

; number of seconds to wait for next try using retry

286

archive_cache.objectstore.retry_backoff = 1

286

archive_cache.objectstore.retry_backoff = 1

287

288

; how many tries do do a retry fetch from this backend

288

; how many tries do do a retry fetch from this backend

289

archive_cache.objectstore.retry_attempts = 10

289

archive_cache.objectstore.retry_attempts = 10

290

291

; Default is $cache_dir/archive_cache if not set

291

; Default is $cache_dir/archive_cache if not set

292

; Generated repo archives will be cached at this location

292

; Generated repo archives will be cached at this location

293

; and served from the cache during subsequent requests for the same archive of

293

; and served from the cache during subsequent requests for the same archive of

294

; the repository. This path is important to be shared across filesystems and with

294

; the repository. This path is important to be shared across filesystems and with

295

; RhodeCode and vcsserver

295

; RhodeCode and vcsserver

296

archive_cache.filesystem.store_dir = %(here)s/rc-tests/archive_cache

296

archive_cache.filesystem.store_dir = %(here)s/rc-tests/archive_cache

297

298

; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb

298

; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb

299

archive_cache.filesystem.cache_size_gb = 2

299

archive_cache.filesystem.cache_size_gb = 2

300

301

; Eviction policy used to clear out after cache_size_gb limit is reached

301

; Eviction policy used to clear out after cache_size_gb limit is reached

302

archive_cache.filesystem.eviction_policy = least-recently-stored

302

archive_cache.filesystem.eviction_policy = least-recently-stored

303

304

; By default cache uses sharding technique, this specifies how many shards are there

304

; By default cache uses sharding technique, this specifies how many shards are there

305

; default is 8 shards

305

; default is 8 shards

306

archive_cache.filesystem.cache_shards = 8

306

archive_cache.filesystem.cache_shards = 8

307

308

; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time

308

; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time

309

archive_cache.filesystem.retry = false

309

archive_cache.filesystem.retry = false

310

311

; number of seconds to wait for next try using retry

311

; number of seconds to wait for next try using retry

312

archive_cache.filesystem.retry_backoff = 1

312

archive_cache.filesystem.retry_backoff = 1

313

314

; how many tries do do a retry fetch from this backend

314

; how many tries do do a retry fetch from this backend

315

archive_cache.filesystem.retry_attempts = 10

315

archive_cache.filesystem.retry_attempts = 10

316

317

318

; #############

318

; #############

319

; CELERY CONFIG

319

; CELERY CONFIG

320

; #############

320

; #############

321

322

; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini

322

; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini

323

324

use_celery = false

324

use_celery = false

325

326

; path to store schedule database

326

; path to store schedule database

327

#celerybeat-schedule.path =

327

#celerybeat-schedule.path =

328

329

; connection url to the message broker (default redis)

329

; connection url to the message broker (default redis)

330

celery.broker_url = redis://redis:6379/8

330

celery.broker_url = redis://redis:6379/8

331

332

; results backend to get results for (default redis)

332

; results backend to get results for (default redis)

333

celery.result_backend = redis://redis:6379/8

333

celery.result_backend = redis://redis:6379/8

334

335

; rabbitmq example

335

; rabbitmq example

336

#celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost

336

#celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost

337

338

; maximum tasks to execute before worker restart

338

; maximum tasks to execute before worker restart

339

celery.max_tasks_per_child = 20

339

celery.max_tasks_per_child = 20

340

341

; tasks will never be sent to the queue, but executed locally instead.

341

; tasks will never be sent to the queue, but executed locally instead.

342

celery.task_always_eager = true

342

celery.task_always_eager = true

343

celery.task_store_eager_result = true

343

celery.task_store_eager_result = true

344

345

; #############

345

; #############

346

; DOGPILE CACHE

346

; DOGPILE CACHE

347

; #############

347

; #############

348

349

; Default cache dir for caches. Putting this into a ramdisk can boost performance.

349

; Default cache dir for caches. Putting this into a ramdisk can boost performance.

350

; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space

350

; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space

351

cache_dir = /var/opt/rhodecode_data

351

cache_dir = %(here)s/rc-test-data

352

353

; *********************************************

353

; *********************************************

354

; `sql_cache_short` cache for heavy SQL queries

354

; `sql_cache_short` cache for heavy SQL queries

355

; Only supported backend is `memory_lru`

355

; Only supported backend is `memory_lru`

356

; *********************************************

356

; *********************************************

357

rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru

357

rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru

358

rc_cache.sql_cache_short.expiration_time = 0

358

rc_cache.sql_cache_short.expiration_time = 0

359

360

361

; *****************************************************

361

; *****************************************************

362

; `cache_repo_longterm` cache for repo object instances

362

; `cache_repo_longterm` cache for repo object instances

363

; Only supported backend is `memory_lru`

363

; Only supported backend is `memory_lru`

364

; *****************************************************

364

; *****************************************************

365

rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru

365

rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru

366

; by default we use 30 Days, cache is still invalidated on push

366

; by default we use 30 Days, cache is still invalidated on push

367

rc_cache.cache_repo_longterm.expiration_time = 2592000

367

rc_cache.cache_repo_longterm.expiration_time = 2592000

368

; max items in LRU cache, set to smaller number to save memory, and expire last used caches

368

; max items in LRU cache, set to smaller number to save memory, and expire last used caches

369

rc_cache.cache_repo_longterm.max_size = 10000

369

rc_cache.cache_repo_longterm.max_size = 10000

370

371

372

; *********************************************

372

; *********************************************

373

; `cache_general` cache for general purpose use

373

; `cache_general` cache for general purpose use

374

; for simplicity use rc.file_namespace backend,

374

; for simplicity use rc.file_namespace backend,

375

; for performance and scale use rc.redis

375

; for performance and scale use rc.redis

376

; *********************************************

376

; *********************************************

377

rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace

377

rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace

378

rc_cache.cache_general.expiration_time = 43200

378

rc_cache.cache_general.expiration_time = 43200

379

; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set

379

; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set

380

rc_cache.cache_general.arguments.filename = %(here)s/rc-tests/cache-backend/cache_general_db

380

rc_cache.cache_general.arguments.filename = %(here)s/rc-tests/cache-backend/cache_general_db

381

382

; alternative `cache_general` redis backend with distributed lock

382

; alternative `cache_general` redis backend with distributed lock

383

#rc_cache.cache_general.backend = dogpile.cache.rc.redis

383

#rc_cache.cache_general.backend = dogpile.cache.rc.redis

384

#rc_cache.cache_general.expiration_time = 300

384

#rc_cache.cache_general.expiration_time = 300

385

386

; redis_expiration_time needs to be greater then expiration_time

386

; redis_expiration_time needs to be greater then expiration_time

387

#rc_cache.cache_general.arguments.redis_expiration_time = 7200

387

#rc_cache.cache_general.arguments.redis_expiration_time = 7200

388

389

#rc_cache.cache_general.arguments.host = localhost

389

#rc_cache.cache_general.arguments.host = localhost

390

#rc_cache.cache_general.arguments.port = 6379

390

#rc_cache.cache_general.arguments.port = 6379

391

#rc_cache.cache_general.arguments.db = 0

391

#rc_cache.cache_general.arguments.db = 0

392

#rc_cache.cache_general.arguments.socket_timeout = 30

392

#rc_cache.cache_general.arguments.socket_timeout = 30

393

; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends

393

; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends

394

#rc_cache.cache_general.arguments.distributed_lock = true

394

#rc_cache.cache_general.arguments.distributed_lock = true

395

396

; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen

396

; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen

397

#rc_cache.cache_general.arguments.lock_auto_renewal = true

397

#rc_cache.cache_general.arguments.lock_auto_renewal = true

398

399

; *************************************************

399

; *************************************************

400

; `cache_perms` cache for permission tree, auth TTL

400

; `cache_perms` cache for permission tree, auth TTL

401

; for simplicity use rc.file_namespace backend,

401

; for simplicity use rc.file_namespace backend,

402

; for performance and scale use rc.redis

402

; for performance and scale use rc.redis

403

; *************************************************

403

; *************************************************

404

rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace

404

rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace

405

rc_cache.cache_perms.expiration_time = 0

405

rc_cache.cache_perms.expiration_time = 0

406

; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set

406

; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set

407

rc_cache.cache_perms.arguments.filename = %(here)s/rc-tests/cache-backend/cache_perms_db

407

rc_cache.cache_perms.arguments.filename = %(here)s/rc-tests/cache-backend/cache_perms_db

408

409

; alternative `cache_perms` redis backend with distributed lock

409

; alternative `cache_perms` redis backend with distributed lock

410

#rc_cache.cache_perms.backend = dogpile.cache.rc.redis

410

#rc_cache.cache_perms.backend = dogpile.cache.rc.redis

411

#rc_cache.cache_perms.expiration_time = 300

411

#rc_cache.cache_perms.expiration_time = 300

412

413

; redis_expiration_time needs to be greater then expiration_time

413

; redis_expiration_time needs to be greater then expiration_time

414

#rc_cache.cache_perms.arguments.redis_expiration_time = 7200

414

#rc_cache.cache_perms.arguments.redis_expiration_time = 7200

415

416

#rc_cache.cache_perms.arguments.host = localhost

416

#rc_cache.cache_perms.arguments.host = localhost

417

#rc_cache.cache_perms.arguments.port = 6379

417

#rc_cache.cache_perms.arguments.port = 6379

418

#rc_cache.cache_perms.arguments.db = 0

418

#rc_cache.cache_perms.arguments.db = 0

419

#rc_cache.cache_perms.arguments.socket_timeout = 30

419

#rc_cache.cache_perms.arguments.socket_timeout = 30

420

; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends

420

; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends

421

#rc_cache.cache_perms.arguments.distributed_lock = true

421

#rc_cache.cache_perms.arguments.distributed_lock = true

422

423

; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen

423

; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen

424

#rc_cache.cache_perms.arguments.lock_auto_renewal = true

424

#rc_cache.cache_perms.arguments.lock_auto_renewal = true

425

426

; ***************************************************

426

; ***************************************************

427

; `cache_repo` cache for file tree, Readme, RSS FEEDS

427

; `cache_repo` cache for file tree, Readme, RSS FEEDS

428

; for simplicity use rc.file_namespace backend,

428

; for simplicity use rc.file_namespace backend,

429

; for performance and scale use rc.redis

429

; for performance and scale use rc.redis

430

; ***************************************************

430

; ***************************************************

431

rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace

431

rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace

432

rc_cache.cache_repo.expiration_time = 2592000

432

rc_cache.cache_repo.expiration_time = 2592000

433

; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set

433

; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set

434

rc_cache.cache_repo.arguments.filename = %(here)s/rc-tests/cache-backend/cache_repo_db

434

rc_cache.cache_repo.arguments.filename = %(here)s/rc-tests/cache-backend/cache_repo_db

435

436

; alternative `cache_repo` redis backend with distributed lock

436

; alternative `cache_repo` redis backend with distributed lock

437

#rc_cache.cache_repo.backend = dogpile.cache.rc.redis

437

#rc_cache.cache_repo.backend = dogpile.cache.rc.redis

438

#rc_cache.cache_repo.expiration_time = 2592000

438

#rc_cache.cache_repo.expiration_time = 2592000

439

440

; redis_expiration_time needs to be greater then expiration_time

440

; redis_expiration_time needs to be greater then expiration_time

441

#rc_cache.cache_repo.arguments.redis_expiration_time = 2678400

441

#rc_cache.cache_repo.arguments.redis_expiration_time = 2678400

442

443

#rc_cache.cache_repo.arguments.host = localhost

443

#rc_cache.cache_repo.arguments.host = localhost

444

#rc_cache.cache_repo.arguments.port = 6379

444

#rc_cache.cache_repo.arguments.port = 6379

445

#rc_cache.cache_repo.arguments.db = 1

445

#rc_cache.cache_repo.arguments.db = 1

446

#rc_cache.cache_repo.arguments.socket_timeout = 30

446

#rc_cache.cache_repo.arguments.socket_timeout = 30

447

; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends

447

; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends

448

#rc_cache.cache_repo.arguments.distributed_lock = true

448

#rc_cache.cache_repo.arguments.distributed_lock = true

449

450

; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen

450

; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen

451

#rc_cache.cache_repo.arguments.lock_auto_renewal = true

451

#rc_cache.cache_repo.arguments.lock_auto_renewal = true

452

453

; ##############

453

; ##############

454

; BEAKER SESSION

454

; BEAKER SESSION

455

; ##############

455

; ##############

456

457

; beaker.session.type is type of storage options for the logged users sessions. Current allowed

457

; beaker.session.type is type of storage options for the logged users sessions. Current allowed

458

; types are file, ext:redis, ext:database, ext:memcached

458

; types are file, ext:redis, ext:database, ext:memcached

459

; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session

459

; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session

460

beaker.session.type = file

460

beaker.session.type = file

461

beaker.session.data_dir = %(here)s/rc-tests/data/sessions

461

beaker.session.data_dir = %(here)s/rc-tests/data/sessions

462

463

; Redis based sessions

463

; Redis based sessions

464

#beaker.session.type = ext:redis

464

#beaker.session.type = ext:redis

465

#beaker.session.url = redis://redis:6379/2

465

#beaker.session.url = redis://redis:6379/2

466

467

; DB based session, fast, and allows easy management over logged in users

467

; DB based session, fast, and allows easy management over logged in users

468

#beaker.session.type = ext:database

468

#beaker.session.type = ext:database

469

#beaker.session.table_name = db_session

469

#beaker.session.table_name = db_session

470

#beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode

470

#beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode

471

#beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode

471

#beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode

472

#beaker.session.sa.pool_recycle = 3600

472

#beaker.session.sa.pool_recycle = 3600

473

#beaker.session.sa.echo = false

473

#beaker.session.sa.echo = false

474

475

beaker.session.key = rhodecode

475

beaker.session.key = rhodecode

476

beaker.session.secret = test-rc-uytcxaz

476

beaker.session.secret = test-rc-uytcxaz

477

beaker.session.lock_dir = %(here)s/rc-tests/data/sessions/lock

477

beaker.session.lock_dir = %(here)s/rc-tests/data/sessions/lock

478

479

; Secure encrypted cookie. Requires AES and AES python libraries

479

; Secure encrypted cookie. Requires AES and AES python libraries

480

; you must disable beaker.session.secret to use this

480

; you must disable beaker.session.secret to use this

481

#beaker.session.encrypt_key = key_for_encryption

481

#beaker.session.encrypt_key = key_for_encryption

482

#beaker.session.validate_key = validation_key

482

#beaker.session.validate_key = validation_key

483

484

; Sets session as invalid (also logging out user) if it haven not been

484

; Sets session as invalid (also logging out user) if it haven not been

485

; accessed for given amount of time in seconds

485

; accessed for given amount of time in seconds

486

beaker.session.timeout = 2592000

486

beaker.session.timeout = 2592000

487

beaker.session.httponly = true

487

beaker.session.httponly = true

488

489

; Path to use for the cookie. Set to prefix if you use prefix middleware

489

; Path to use for the cookie. Set to prefix if you use prefix middleware

490

#beaker.session.cookie_path = /custom_prefix

490

#beaker.session.cookie_path = /custom_prefix

491

492

; Set https secure cookie

492

; Set https secure cookie

493

beaker.session.secure = false

493

beaker.session.secure = false

494

495

; default cookie expiration time in seconds, set to `true` to set expire

495

; default cookie expiration time in seconds, set to `true` to set expire

496

; at browser close

496

; at browser close

497

#beaker.session.cookie_expires = 3600

497

#beaker.session.cookie_expires = 3600

498

499

; #############################

499

; #############################

500

; SEARCH INDEXING CONFIGURATION

500

; SEARCH INDEXING CONFIGURATION

501

; #############################

501

; #############################

502

503

; Full text search indexer is available in rhodecode-tools under

503

; Full text search indexer is available in rhodecode-tools under

504

; `rhodecode-tools index` command

504

; `rhodecode-tools index` command

505

506

; WHOOSH Backend, doesn't require additional services to run

506

; WHOOSH Backend, doesn't require additional services to run

507

; it works good with few dozen repos

507

; it works good with few dozen repos

508

search.module = rhodecode.lib.index.whoosh

508

search.module = rhodecode.lib.index.whoosh

509

search.location = %(here)s/rc-tests/data/index

509

search.location = %(here)s/rc-tests/data/index

510

511

; ####################

511

; ####################

512

; CHANNELSTREAM CONFIG

512

; CHANNELSTREAM CONFIG

513

; ####################

513

; ####################

514

515

; channelstream enables persistent connections and live notification

515

; channelstream enables persistent connections and live notification

516

; in the system. It's also used by the chat system

516

; in the system. It's also used by the chat system

517

518

channelstream.enabled = false

518

channelstream.enabled = false

519

520

; server address for channelstream server on the backend

520

; server address for channelstream server on the backend

521

channelstream.server = channelstream:9800

521

channelstream.server = channelstream:9800

522

523

; location of the channelstream server from outside world

523

; location of the channelstream server from outside world

524

; use ws:// for http or wss:// for https. This address needs to be handled

524

; use ws:// for http or wss:// for https. This address needs to be handled

525

; by external HTTP server such as Nginx or Apache

525

; by external HTTP server such as Nginx or Apache

526

; see Nginx/Apache configuration examples in our docs

526

; see Nginx/Apache configuration examples in our docs

527

channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream

527

channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream

528

channelstream.secret = ENV_GENERATED

528

channelstream.secret = ENV_GENERATED

529

channelstream.history.location = %(here)s/rc-tests/channelstream_history

529

channelstream.history.location = %(here)s/rc-tests/channelstream_history

530

531

; Internal application path that Javascript uses to connect into.

531

; Internal application path that Javascript uses to connect into.

532

; If you use proxy-prefix the prefix should be added before /_channelstream

532

; If you use proxy-prefix the prefix should be added before /_channelstream

533

channelstream.proxy_path = /_channelstream

533

channelstream.proxy_path = /_channelstream

534

535

536

; ##############################

536

; ##############################

537

; MAIN RHODECODE DATABASE CONFIG

537

; MAIN RHODECODE DATABASE CONFIG

538

; ##############################

538

; ##############################

539

540

#sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30

540

#sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30

541

#sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode

541

#sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode

542

#sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8

542

#sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8

543

; pymysql is an alternative driver for MySQL, use in case of problems with default one

543

; pymysql is an alternative driver for MySQL, use in case of problems with default one

544

#sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode

544

#sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode

545

546

sqlalchemy.db1.url = sqlite:///%(here)s/rc-tests/rhodecode_test.db?timeout=30

546

sqlalchemy.db1.url = sqlite:///%(here)s/rc-tests/rhodecode_test.db?timeout=30

547

548

; see sqlalchemy docs for other advanced settings

548

; see sqlalchemy docs for other advanced settings

549

; print the sql statements to output

549

; print the sql statements to output

550

sqlalchemy.db1.echo = false

550

sqlalchemy.db1.echo = false

551

552

; recycle the connections after this amount of seconds

552

; recycle the connections after this amount of seconds

553

sqlalchemy.db1.pool_recycle = 3600

553

sqlalchemy.db1.pool_recycle = 3600

554

555

; the number of connections to keep open inside the connection pool.

555

; the number of connections to keep open inside the connection pool.

556

; 0 indicates no limit

556

; 0 indicates no limit

557

; the general calculus with gevent is:

557

; the general calculus with gevent is:

558

; if your system allows 500 concurrent greenlets (max_connections) that all do database access,

558

; if your system allows 500 concurrent greenlets (max_connections) that all do database access,

559

; then increase pool size + max overflow so that they add up to 500.

559

; then increase pool size + max overflow so that they add up to 500.

560

#sqlalchemy.db1.pool_size = 5

560

#sqlalchemy.db1.pool_size = 5

561

562

; The number of connections to allow in connection pool "overflow", that is

562

; The number of connections to allow in connection pool "overflow", that is

563

; connections that can be opened above and beyond the pool_size setting,

563

; connections that can be opened above and beyond the pool_size setting,

564

; which defaults to five.

564

; which defaults to five.

565

#sqlalchemy.db1.max_overflow = 10

565

#sqlalchemy.db1.max_overflow = 10

566

567

; Connection check ping, used to detect broken database connections

567

; Connection check ping, used to detect broken database connections

568

; could be enabled to better handle cases if MySQL has gone away errors

568

; could be enabled to better handle cases if MySQL has gone away errors

569

#sqlalchemy.db1.ping_connection = true

569

#sqlalchemy.db1.ping_connection = true

570

571

; ##########

571

; ##########

572

; VCS CONFIG

572

; VCS CONFIG

573

; ##########

573

; ##########

574

vcs.server.enable = true

574

vcs.server.enable = true

575

vcs.server = vcsserver:10010

575

vcs.server = vcsserver:10010

576

577

; Web server connectivity protocol, responsible for web based VCS operations

577

; Web server connectivity protocol, responsible for web based VCS operations

578

; Available protocols are:

578

; Available protocols are:

579

; `http` - use http-rpc backend (default)

579

; `http` - use http-rpc backend (default)

580

vcs.server.protocol = http

580

vcs.server.protocol = http

581

582

; Push/Pull operations protocol, available options are:

582

; Push/Pull operations protocol, available options are:

583

; `http` - use http-rpc backend (default)

583

; `http` - use http-rpc backend (default)

584

vcs.scm_app_implementation = http

584

vcs.scm_app_implementation = http

585

586

; Push/Pull operations hooks protocol, available options are:

586

; Push/Pull operations hooks protocol, available options are:

587

; `http` - use http-rpc backend (default)

587

; `http` - use http-rpc backend (default)

588

; `celery` - use celery based hooks

588

; `celery` - use celery based hooks

589

vcs.hooks.protocol = http

589

vcs.hooks.protocol = http

590

591

; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be

591

; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be

592

; accessible via network.

592

; accessible via network.

593

; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)

593

; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)

594

vcs.hooks.host = *

594

vcs.hooks.host = *

595

596

; Start VCSServer with this instance as a subprocess, useful for development

596

; Start VCSServer with this instance as a subprocess, useful for development

597

vcs.start_server = false

597

vcs.start_server = false

598

599

; List of enabled VCS backends, available options are:

599

; List of enabled VCS backends, available options are:

600

; `hg` - mercurial

600

; `hg` - mercurial

601

; `git` - git

601

; `git` - git

602

; `svn` - subversion

602

; `svn` - subversion

603

vcs.backends = hg, git, svn

603

vcs.backends = hg, git, svn

604

605

; Wait this number of seconds before killing connection to the vcsserver

605

; Wait this number of seconds before killing connection to the vcsserver

606

vcs.connection_timeout = 3600

606

vcs.connection_timeout = 3600

607

608

; Cache flag to cache vcsserver remote calls locally

608

; Cache flag to cache vcsserver remote calls locally

609

; It uses cache_region `cache_repo`

609

; It uses cache_region `cache_repo`

610

vcs.methods.cache = false

610

vcs.methods.cache = false

611

612

; ####################################################

612

; ####################################################

613

; Subversion proxy support (mod_dav_svn)

613

; Subversion proxy support (mod_dav_svn)

614

; Maps RhodeCode repo groups into SVN paths for Apache

614

; Maps RhodeCode repo groups into SVN paths for Apache

615

; ####################################################

615

; ####################################################

616

617

; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.

617

; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.

618

; Set a numeric version for your current SVN e.g 1.8, or 1.12

618

; Set a numeric version for your current SVN e.g 1.8, or 1.12

619

; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible

619

; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible

620

#vcs.svn.compatible_version = 1.8

620

#vcs.svn.compatible_version = 1.8

621

622

; Enable SVN proxy of requests over HTTP

622

; Enable SVN proxy of requests over HTTP

623

vcs.svn.proxy.enabled = true

623

vcs.svn.proxy.enabled = true

624

625

; host to connect to running SVN subsystem

625

; host to connect to running SVN subsystem

626

vcs.svn.proxy.host = http://svn:8090

626

vcs.svn.proxy.host = http://svn:8090

627

628

; Enable or disable the config file generation.

628

; Enable or disable the config file generation.

629

svn.proxy.generate_config = false

629

svn.proxy.generate_config = false

630

631

; Generate config file with `SVNListParentPath` set to `On`.

631

; Generate config file with `SVNListParentPath` set to `On`.

632

svn.proxy.list_parent_path = true

632

svn.proxy.list_parent_path = true

633

634

; Set location and file name of generated config file.

634

; Set location and file name of generated config file.

635

svn.proxy.config_file_path = %(here)s/rc-tests/mod_dav_svn.conf

635

svn.proxy.config_file_path = %(here)s/rc-tests/mod_dav_svn.conf

636

637

; alternative mod_dav config template. This needs to be a valid mako template

637

; alternative mod_dav config template. This needs to be a valid mako template

638

; Example template can be found in the source code:

638

; Example template can be found in the source code:

639

; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako

639

; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako

640

#svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako

640

#svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako

641

642

; Used as a prefix to the `Location` block in the generated config file.

642

; Used as a prefix to the `Location` block in the generated config file.

643

; In most cases it should be set to `/`.

643

; In most cases it should be set to `/`.

644

svn.proxy.location_root = /

644

svn.proxy.location_root = /

645

646

; Command to reload the mod dav svn configuration on change.

646

; Command to reload the mod dav svn configuration on change.

647

; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh

647

; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh

648

; Make sure user who runs RhodeCode process is allowed to reload Apache

648

; Make sure user who runs RhodeCode process is allowed to reload Apache

649

#svn.proxy.reload_cmd = /etc/init.d/apache2 reload

649

#svn.proxy.reload_cmd = /etc/init.d/apache2 reload

650

651

; If the timeout expires before the reload command finishes, the command will

651

; If the timeout expires before the reload command finishes, the command will

652

; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.

652

; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.

653

#svn.proxy.reload_timeout = 10

653

#svn.proxy.reload_timeout = 10

654

655

; ####################

655

; ####################

656

; SSH Support Settings

656

; SSH Support Settings

657

; ####################

657

; ####################

658

659

; Defines if a custom authorized_keys file should be created and written on

659

; Defines if a custom authorized_keys file should be created and written on

660

; any change user ssh keys. Setting this to false also disables possibility

660

; any change user ssh keys. Setting this to false also disables possibility

661

; of adding SSH keys by users from web interface. Super admins can still

661

; of adding SSH keys by users from web interface. Super admins can still

662

; manage SSH Keys.

662

; manage SSH Keys.

663

ssh.generate_authorized_keyfile = true

663

ssh.generate_authorized_keyfile = true

664

665

; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`

665

; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`

666

# ssh.authorized_keys_ssh_opts =

666

# ssh.authorized_keys_ssh_opts =

667

668

; Path to the authorized_keys file where the generate entries are placed.

668

; Path to the authorized_keys file where the generate entries are placed.

669

; It is possible to have multiple key files specified in `sshd_config` e.g.

669

; It is possible to have multiple key files specified in `sshd_config` e.g.

670

; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode

670

; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode

671

ssh.authorized_keys_file_path = %(here)s/rc-tests/authorized_keys_rhodecode

671

ssh.authorized_keys_file_path = %(here)s/rc-tests/authorized_keys_rhodecode

672

673

; Command to execute the SSH wrapper. The binary is available in the

673

; Command to execute the SSH wrapper. The binary is available in the

674

; RhodeCode installation directory.

674

; RhodeCode installation directory.

675

; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper

675

; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper

676

; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2

676

; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2

677

ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper

677

ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper

678

679

; Allow shell when executing the ssh-wrapper command

679

; Allow shell when executing the ssh-wrapper command

680

ssh.wrapper_cmd_allow_shell = false

680

ssh.wrapper_cmd_allow_shell = false

681

682

; Enables logging, and detailed output send back to the client during SSH

682

; Enables logging, and detailed output send back to the client during SSH

683

; operations. Useful for debugging, shouldn't be used in production.

683

; operations. Useful for debugging, shouldn't be used in production.

684

ssh.enable_debug_logging = ~~fals~~e

684

ssh.enable_debug_logging = true

685

686

; Paths to binary executable, by default they are the names, but we can

686

; Paths to binary executable, by default they are the names, but we can

687

; override them if we want to use a custom one

687

; override them if we want to use a custom one

688

ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg

688

ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg

689

ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git

689

ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git

690

ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve

690

ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve

691

692

; Enables SSH key generator web interface. Disabling this still allows users

692

; Enables SSH key generator web interface. Disabling this still allows users

693

; to add their own keys.

693

; to add their own keys.

694

ssh.enable_ui_key_generator = true

694

ssh.enable_ui_key_generator = true

695

696

; Statsd client config, this is used to send metrics to statsd

696

; Statsd client config, this is used to send metrics to statsd

697

; We recommend setting statsd_exported and scrape them using Prometheus

697

; We recommend setting statsd_exported and scrape them using Prometheus

698

#statsd.enabled = false

698

#statsd.enabled = false

699

#statsd.statsd_host = 0.0.0.0

699

#statsd.statsd_host = 0.0.0.0

700

#statsd.statsd_port = 8125

700

#statsd.statsd_port = 8125

701

#statsd.statsd_prefix =

701

#statsd.statsd_prefix =

702

#statsd.statsd_ipv6 = false

702

#statsd.statsd_ipv6 = false

703

704

; configure logging automatically at server startup set to false

704

; configure logging automatically at server startup set to false

705

; to use the below custom logging config.

705

; to use the below custom logging config.

706

; RC_LOGGING_FORMATTER

706

; RC_LOGGING_FORMATTER

707

; RC_LOGGING_LEVEL

707

; RC_LOGGING_LEVEL

708

; env variables can control the settings for logging in case of autoconfigure

708

; env variables can control the settings for logging in case of autoconfigure

709

710

logging.autoconfigure = false

710

logging.autoconfigure = false

711

712

; specify your own custom logging config file to configure logging

712

; specify your own custom logging config file to configure logging

713

#logging.logging_conf_file = /path/to/custom_logging.ini

713

#logging.logging_conf_file = /path/to/custom_logging.ini

714

715

; Dummy marker to add new entries after.

715

; Dummy marker to add new entries after.

716

; Add any custom entries below. Please don't remove this marker.

716

; Add any custom entries below. Please don't remove this marker.

717

custom.conf = 1

717

custom.conf = 1

718

719

720

; #####################

720

; #####################

721

; LOGGING CONFIGURATION

721

; LOGGING CONFIGURATION

722

; #####################

722

; #####################

723

724

[loggers]

724

[loggers]

725

keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper, dogpile

725

keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper, dogpile

726

727

[handlers]

727

[handlers]

728

keys = console, console_sql

728

keys = console, console_sql

729

730

[formatters]

730

[formatters]

731

keys = generic, json, color_formatter, color_formatter_sql

731

keys = generic, json, color_formatter, color_formatter_sql

732

733

; #######

733

; #######

734

; LOGGERS

734

; LOGGERS

735

; #######

735

; #######

736

[logger_root]

736

[logger_root]

737

level = NOTSET

737

level = NOTSET

738

handlers = console

738

handlers = console

739

740

[logger_routes]

740

[logger_routes]

741

level = DEBUG

741

level = DEBUG

742

handlers =

742

handlers =

743

qualname = routes.middleware

743

qualname = routes.middleware

744

## "level = DEBUG" logs the route matched and routing variables.

744

## "level = DEBUG" logs the route matched and routing variables.

745

propagate = 1

745

propagate = 1

746

747

[logger_sqlalchemy]

747

[logger_sqlalchemy]

748

level = INFO

748

level = INFO

749

handlers = console_sql

749

handlers = console_sql

750

qualname = sqlalchemy.engine

750

qualname = sqlalchemy.engine

751

propagate = 0

751

propagate = 0

752

753

[logger_beaker]

753

[logger_beaker]

754

level = DEBUG

754

level = DEBUG

755

handlers =

755

handlers =

756

qualname = beaker.container

756

qualname = beaker.container

757

propagate = 1

757

propagate = 1

758

759

[logger_dogpile]

759

[logger_dogpile]

760

level = INFO

760

level = INFO

761

handlers = console

761

handlers = console

762

qualname = dogpile

762

qualname = dogpile

763

propagate = 1

763

propagate = 1

764

765

[logger_rhodecode]

765

[logger_rhodecode]

766

level = DEBUG

766

level = DEBUG

767

handlers =

767

handlers =

768

qualname = rhodecode

768

qualname = rhodecode

769

propagate = 1

769

propagate = 1

770

771

[logger_ssh_wrapper]

771

[logger_ssh_wrapper]

772

level = DEBUG

772

level = DEBUG

773

handlers =

773

handlers =

774

qualname = ssh_wrapper

774

qualname = ssh_wrapper

775

propagate = 1

775

propagate = 1

776

777

[logger_celery]

777

[logger_celery]

778

level = DEBUG

778

level = DEBUG

779

handlers =

779

handlers =

780

qualname = celery

780

qualname = celery

781

782

783

; ########

783

; ########

784

; HANDLERS

784

; HANDLERS

785

; ########

785

; ########

786

787

[handler_console]

787

[handler_console]

788

class = StreamHandler

788

class = StreamHandler

789

args = (sys.stderr, )

789

args = (sys.stderr, )

790

level = DEBUG

790

level = DEBUG

791

; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'

791

; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'

792

; This allows sending properly formatted logs to grafana loki or elasticsearch

792

; This allows sending properly formatted logs to grafana loki or elasticsearch

793

formatter = generic

793

formatter = generic

794

795

[handler_console_sql]

795

[handler_console_sql]

796

; "level = DEBUG" logs SQL queries and results.

796

; "level = DEBUG" logs SQL queries and results.

797

; "level = INFO" logs SQL queries.

797

; "level = INFO" logs SQL queries.

798

; "level = WARN" logs neither. (Recommended for production systems.)

798

; "level = WARN" logs neither. (Recommended for production systems.)

799

class = StreamHandler

799

class = StreamHandler

800

args = (sys.stderr, )

800

args = (sys.stderr, )

801

level = WARN

801

level = WARN

802

; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'

802

; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'

803

; This allows sending properly formatted logs to grafana loki or elasticsearch

803

; This allows sending properly formatted logs to grafana loki or elasticsearch

804

formatter = generic

804

formatter = generic

805

806

; ##########

806

; ##########

807

; FORMATTERS

807

; FORMATTERS

808

; ##########

808

; ##########

809

810

[formatter_generic]

810

[formatter_generic]

811

class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter

811

class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter

812

format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s

812

format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s

813

datefmt = %Y-%m-%d %H:%M:%S

813

datefmt = %Y-%m-%d %H:%M:%S

814

815

[formatter_color_formatter]

815

[formatter_color_formatter]

816

class = rhodecode.lib.logging_formatter.ColorFormatter

816

class = rhodecode.lib.logging_formatter.ColorFormatter

817

format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s

817

format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s

818

datefmt = %Y-%m-%d %H:%M:%S

818

datefmt = %Y-%m-%d %H:%M:%S

819

820

[formatter_color_formatter_sql]

820

[formatter_color_formatter_sql]

821

class = rhodecode.lib.logging_formatter.ColorFormatterSql

821

class = rhodecode.lib.logging_formatter.ColorFormatterSql

822

format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s

822

format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s

823

datefmt = %Y-%m-%d %H:%M:%S

823

datefmt = %Y-%m-%d %H:%M:%S

824

825

[formatter_json]

825

[formatter_json]

826

format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s

826

format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s

827

class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

827

class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # Copyright (C) 2015-2024 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import functools
             import logging
             import typing
             import time
             import zlib
             from ...ext_json import json
             from ..utils import StatsDB, NOT_GIVEN, ShardFileReader, EVICTION_POLICY, format_size
             from ..lock import GenerationLock
             log = logging.getLogger(__name__)
             class BaseShard:
                 storage_type: str = ''
                 fs = None
                 @classmethod
                 def hash(cls, key):
                     """Compute portable hash for `key`.
                     :param key: key to hash
                     :return: hash value
                     """
                     mask = 0xFFFFFFFF
                     return zlib.adler32(key.encode('utf-8')) & mask  # noqa
                 def _write_file(self, full_path, read_iterator, mode):
                     raise NotImplementedError
                 def _get_keyfile(self, key):
                     raise NotImplementedError
                 def random_filename(self):
                     raise NotImplementedError
                 def _store(self, key, value_reader, metadata, mode):
                     (filename,  # hash-name
                      full_path  # full-path/hash-name
                      ) = self.random_filename()
                     key_file, key_file_path = self._get_keyfile(key)
                     # STORE METADATA
                     _metadata = {
                         "version": "v1",
                         "key_file": key_file,  # this is the .key.json file storing meta
                         "key_file_path": key_file_path,  # full path to key_file
                         "archive_key": key,  # original name we stored archive under, e.g my-archive.zip
                         "archive_filename": filename,  # the actual filename we stored that file under
                         "archive_full_path": full_path,
                         "store_time": time.time(),
                         "access_count": 0,
                         "access_time": 0,
                         "size": 0
                     }
                     if metadata:
                         _metadata.update(metadata)
                     read_iterator = iter(functools.partial(value_reader.read, 2**22), b'')
                     size, sha256 = self._write_file(full_path, read_iterator, mode)
                     _metadata['size'] = size
                     _metadata['sha256'] = sha256
                     # after archive is finished, we create a key to save the presence of the binary file
                     with self.fs.open(key_file_path, 'wb') as f:
                         f.write(json.dumps(_metadata))
                     return key, filename, size, _metadata
                 def _fetch(self,  key, retry, retry_attempts, retry_backoff):
                     if retry is NOT_GIVEN:
                         retry = False
                     if retry_attempts is NOT_GIVEN:
                         retry_attempts = 0
                     if retry and retry_attempts > 0:
                         for attempt in range(1, retry_attempts + 1):
                             if key in self:
                                 break
                             # we didn't find the key, wait retry_backoff N seconds, and re-check
                             time.sleep(retry_backoff)
                     if key not in self:
                         log.exception(f'requested key={key} not found in {self} retry={retry}, attempts={retry_attempts}')
                         raise KeyError(key)
                     key_file, key_file_path = self._get_keyfile(key)
                     with self.fs.open(key_file_path, 'rb') as f:
                         metadata = json.loads(f.read())
                     archive_path = metadata['archive_full_path']
                     try:
                         return ShardFileReader(self.fs.open(archive_path, 'rb')), metadata
                     finally:
                         # update usage stats, count and accessed
                         metadata["access_count"] = metadata.get("access_count", 0) + 1
                         metadata["access_time"] = time.time()
                         log.debug('Updated %s with access snapshot, access_count=%s access_time=%s',
                                   key_file, metadata['access_count'], metadata['access_time'])
                         with self.fs.open(key_file_path, 'wb') as f:
                             f.write(json.dumps(metadata))
                 def _remove(self, key):
                     if key not in self:
                         log.exception(f'requested key={key} not found in {self}')
                         raise KeyError(key)
                     key_file, key_file_path = self._get_keyfile(key)
                     with self.fs.open(key_file_path, 'rb') as f:
                         metadata = json.loads(f.read())
                     archive_path = metadata['archive_full_path']
                     self.fs.rm(archive_path)
                     self.fs.rm(key_file_path)
                     return 1
                 @property
                 def storage_medium(self):
                     return getattr(self, self.storage_type)
                 @property
                 def key_suffix(self):
                     return 'key.json'
                 def __contains__(self, key):
                     """Return `True` if `key` matching item is found in cache.
                     :param key: key matching item
                     :return: True if key matching item
                     """
                     key_file, key_file_path = self._get_keyfile(key)
                     return self.fs.exists(key_file_path)
             class BaseCache:
                 _locking_url: str = ''
                 _storage_path: str = ''
                 _config = {}
                 retry = False
                 retry_attempts = 0
                 retry_backoff = 1
                 _shards = tuple()
                 def __contains__(self, key):
                     """Return `True` if `key` matching item is found in cache.
                     :param key: key matching item
                     :return: True if key matching item
                     """
                     return self.has_key(key)
                 def __repr__(self):
                     return f'<{self.__class__.__name__}(storage={self._storage_path})>'
                 @classmethod
                 def gb_to_bytes(cls, gb):
                     return gb * (1024 ** 3)
                 @property
                 def storage_path(self):
                     return self._storage_path
                 @classmethod
                 def get_stats_db(cls):
                     return StatsDB()
                 def get_conf(self, key, pop=False):
                     if key not in self._config:
                         raise ValueError(f"No configuration key '{key}', please make sure it exists in archive_cache config")
                     val = self._config[key]
                     if pop:
                         del self._config[key]
                     return val
                 def _get_shard(self, key):
                     raise NotImplementedError
                 def _get_size(self, shard, archive_path):
                     raise NotImplementedError
                 def store(self, key, value_reader, metadata=None):
                     shard = self._get_shard(key)
                     return shard.store(key, value_reader, metadata)
                 def fetch(self, key, retry=NOT_GIVEN, retry_attempts=NOT_GIVEN) -> tuple[typing.BinaryIO, dict]:
                     """
                     Return file handle corresponding to `key` from specific shard cache.
                     """
                     if retry is NOT_GIVEN:
                         retry = self.retry
                     if retry_attempts is NOT_GIVEN:
                         retry_attempts = self.retry_attempts
                     retry_backoff = self.retry_backoff
                     shard = self._get_shard(key)
                     return shard.fetch(key, retry=retry, retry_attempts=retry_attempts, retry_backoff=retry_backoff)
                 def remove(self, key):
                     shard = self._get_shard(key)
                     return shard.remove(key)
                 def has_key(self, archive_key):
                     """Return `True` if `key` matching item is found in cache.
                     :param archive_key: key for item, this is a unique archive name we want to store data under. e.g my-archive-svn.zip
                     :return: True if key is found
                     """
                     shard = self._get_shard(archive_key)
                     return archive_key in shard
                 def iter_keys(self):
                     for shard in self._shards:
                         if shard.fs.exists(shard.storage_medium):
                             for path, _dirs, _files in shard.fs.walk(shard.storage_medium):
                                 for key_file_path in _files:
                                     if key_file_path.endswith(shard.key_suffix):
                                         yield shard, key_file_path
                 def get_lock(self, lock_key):
                     return GenerationLock(lock_key, self._locking_url)
-                def evict(self, policy=None, size_limit=None) -> int:
+                def evict(self, policy=None, size_limit=None) -> dict:
                     """
                     Remove old items based on the conditions
                     explanation of this algo:
                     iterate over each shard, then for each shard iterate over the .key files
                     read the key files metadata stored. This gives us a full list of keys, cached_archived, their size and
                     access data, time creation, and access counts.
-                    Store that into a memory DB so we can run different sorting strategies easily.
+                    Store that into a memory DB in order we can run different sorting strategies easily.
                     Summing the size is a sum sql query.
                     Then we run a sorting strategy based on eviction policy.
                     We iterate over sorted keys, and remove each checking if we hit the overall limit.
                     """
+                    removal_info = {
+                        "removed_items": 0,
+                        "removed_size": 0
+                    }
                     policy = policy or self._eviction_policy
                     size_limit = size_limit or self._cache_size_limit
                     select_policy = EVICTION_POLICY[policy]['evict']
                     log.debug('Running eviction policy \'%s\', and checking for size limit: %s',
                               policy, format_size(size_limit))
                     if select_policy is None:
-                        return 0
+                        return removal_info
                     db = self.get_stats_db()
                     data = []
                     cnt = 1
                     for shard, key_file in self.iter_keys():
                         with shard.fs.open(os.path.join(shard.storage_medium, key_file), 'rb') as f:
                             metadata = json.loads(f.read())
                         key_file_path = os.path.join(shard.storage_medium, key_file)
                         archive_key = metadata['archive_key']
                         archive_path = metadata['archive_full_path']
                         size = metadata.get('size')
                         if not size:
                             # in case we don't have size re-calc it...
                             size = self._get_size(shard, archive_path)
                         data.append([
                             cnt,
                             key_file,
                             key_file_path,
                             archive_key,
                             archive_path,
                             metadata.get('store_time', 0),
                             metadata.get('access_time', 0),
                             metadata.get('access_count', 0),
                             size,
                         ])
                         cnt += 1
                     # Insert bulk data using executemany
                     db.bulk_insert(data)
                     total_size = db.get_total_size()
                     log.debug('Analyzed %s keys, occupying: %s, running eviction to match %s',
                               len(data), format_size(total_size), format_size(size_limit))
                     removed_items = 0
                     removed_size = 0
                     for key_file, archive_key, size in db.get_sorted_keys(select_policy):
                         # simulate removal impact BEFORE removal
                         total_size -= size
                         if total_size <= size_limit:
                             # we obtained what we wanted...
                             break
                         self.remove(archive_key)
                         removed_items += 1
                         removed_size += size
+                    removal_info['removed_items'] = removed_items
+                    removal_info['removed_size'] = removed_size
                     log.debug('Removed %s cache archives, and reduced size by: %s',
                               removed_items, format_size(removed_size))
-                    return removed_items
+                    return removal_info
                 def get_statistics(self):
                     total_files = 0
                     total_size = 0
                     meta = {}
                     for shard, key_file in self.iter_keys():
                         json_key = f"{shard.storage_medium}/{key_file}"
                         with shard.fs.open(json_key, 'rb') as f:
                             total_files += 1
                             metadata = json.loads(f.read())
                             total_size += metadata['size']
                     return total_files, total_size, meta

             # Copyright (C) 2016-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import time
             import pytest
             import rhodecode
             import os
             import shutil
             from tempfile import mkdtemp
             from rhodecode.lib import archive_cache
             def file_reader(temp_store):
                 with open(temp_store, 'w') as f:
                     for cnt in range(10000):
                         f.write(str(cnt))
                 return open(temp_store, 'rb')
             @pytest.fixture()
             def d_cache_instance(ini_settings):
                 config = ini_settings
                 d_cache = archive_cache.get_archival_cache_store(config=config, always_init=True)
                 return d_cache
             @pytest.mark.usefixtures('app')
             class TestArchiveCaches(object):
                 def test_archivecache_empty_stats(self, d_cache_instance):
                     d_cache = d_cache_instance
                     shutil.rmtree(d_cache._directory)
                     stats = d_cache.get_statistics()
                     assert (0, 0, {}) == stats
                 def test_archivecache_store_keys(self, d_cache_instance, tmp_path):
                     d_cache = d_cache_instance
                     shutil.rmtree(d_cache._directory)
                     for n in range(100):
                         archive_name = f'my-archive-abc-{n}.zip'
                         temp_archive_path = os.path.join(tmp_path, archive_name)
                         d_cache.store(archive_name, file_reader(temp_archive_path ), {'foo': 'bar'})
                         reader, meta = d_cache.fetch(archive_name)
                         content = reader.read()
                         assert content == open(temp_archive_path, 'rb').read()
                     stats = d_cache.get_statistics()
                     assert (100, 3889000, {}) == stats
                 def test_archivecache_remove_keys(self, d_cache_instance, tmp_path):
                     d_cache = d_cache_instance
                     shutil.rmtree(d_cache._directory)
                     n = 1
                     archive_name = f'my-archive-abc-{n}.zip'
                     temp_archive_path = os.path.join(tmp_path, archive_name)
                     d_cache.store(archive_name, file_reader(temp_archive_path ), {'foo': 'bar'})
                     stats = d_cache.get_statistics()
                     assert (1, 38890, {}) == stats
                     assert 1 == d_cache.remove(archive_name)
                     stats = d_cache.get_statistics()
                     assert (0, 0, {}) == stats
                 def test_archivecache_evict_keys(self, d_cache_instance, tmp_path):
                     d_cache = d_cache_instance
                     shutil.rmtree(d_cache._directory)
                     tries = 500
                     for n in range(tries):
                         archive_name = f'my-archive-abc-{n}.zip'
                         temp_archive_path = os.path.join(tmp_path, archive_name)
                         d_cache.store(archive_name, file_reader(temp_archive_path ), {'foo': 'bar'})
                     stats = d_cache.get_statistics()
                     assert (tries, 19445000, {}) == stats
                     evict_to = 0.005  # around (5mb)
                     evicted_items = d_cache.evict(size_limit=d_cache.gb_to_bytes(evict_to))
                     evicted = 361
-                    assert evicted == evicted_items
+                    assert {'removed_items': evicted, 'removed_size': 14039290} == evicted_items
                     stats = d_cache.get_statistics()
                     assert (tries - evicted, 5405710, {}) == stats

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = true
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 1024000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 256000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = false
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token = abra-cada-bra1-rce3
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Redis url to acquire/check generation of archives locks
             archive_cache.locking.url = redis://redis:6379/1
             ; Storage backend, only 'filesystem' and 'objectstore' are available now
             archive_cache.backend.type = filesystem
             ; url for s3 compatible storage that allows to upload artifacts
             ; e.g http://minio:9000
             archive_cache.objectstore.url = http://s3-minio:9000
             ; key for s3 auth
             archive_cache.objectstore.key = key
             ; secret for s3 auth
             archive_cache.objectstore.secret = secret
             ; number of sharded buckets to create to distribute archives across
             ; default is 8 shards
             archive_cache.objectstore.bucket_shards = 8
             ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
             archive_cache.objectstore.retry = false
             ; number of seconds to wait for next try using retry
             archive_cache.objectstore.retry_backoff = 1
             ; how many tries do do a retry fetch from this backend
             archive_cache.objectstore.retry_attempts = 10
             ; Default is $cache_dir/archive_cache if not set
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
             archive_cache.filesystem.store_dir = %(here)s/rc-tests/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
             archive_cache.filesystem.cache_size_gb = 2
             ; Eviction policy used to clear out after cache_size_gb limit is reached
             archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
             ; default is 8 shards
             archive_cache.filesystem.cache_shards = 8
             ; if true, this cache will try to retry with retry_attempts=N times waiting retry_backoff time
             archive_cache.filesystem.retry = false
             ; number of seconds to wait for next try using retry
             archive_cache.filesystem.retry_backoff = 1
             ; how many tries do do a retry fetch from this backend
             archive_cache.filesystem.retry_attempts = 10
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = true
             celery.task_store_eager_result = true
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
-            cache_dir = /var/opt/rhodecode_data
+            cache_dir = %(here)s/rc-test-data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 0
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_general.arguments.filename = %(here)s/rc-tests/cache-backend/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 0
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_perms.arguments.filename = %(here)s/rc-tests/cache-backend/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             rc_cache.cache_repo.arguments.filename = %(here)s/rc-tests/cache-backend/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/rc-tests/data/sessions
             ; Redis based sessions
             #beaker.session.type = ext:redis
             #beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = test-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/rc-tests/data/sessions/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/rc-tests/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = false
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = %(here)s/rc-tests/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rc-tests/rhodecode_test.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = false
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/rc-tests/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = %(here)s/rc-tests/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
-            ssh.enable_debug_logging = false
+            ssh.enable_debug_logging = true
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             logging.autoconfigure = false
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper, dogpile
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_routes]
             level = DEBUG
             handlers =
             qualname = routes.middleware
             ## "level = DEBUG" logs the route matched and routing variables.
             propagate = 1
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_dogpile]
             level = INFO
             handlers = console
             qualname = dogpile
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter