##// END OF EJS Templates
config: updated docstrings in .ini files
marcink -
r2997:7055da7c default
parent child Browse files
Show More
@@ -1,733 +1,732 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 ################################################################################
6 6
7 7 [DEFAULT]
8 8 debug = true
9 9
10 10 ################################################################################
11 11 ## EMAIL CONFIGURATION ##
12 12 ## Uncomment and replace with the email address which should receive ##
13 13 ## any error reports after an application crash ##
14 14 ## Additionally these settings will be used by the RhodeCode mailing system ##
15 15 ################################################################################
16 16
17 17 ## prefix all emails subjects with given prefix, helps filtering out emails
18 18 #email_prefix = [RhodeCode]
19 19
20 20 ## email FROM address all mails will be sent
21 21 #app_email_from = rhodecode-noreply@localhost
22 22
23 23 ## Uncomment and replace with the address which should receive any error report
24 24 ## note: using appenlight for error handling doesn't need this to be uncommented
25 25 #email_to = admin@localhost
26 26
27 27 ## in case of Application errors, sent an error email form
28 28 #error_email_from = rhodecode_error@localhost
29 29
30 30 ## additional error message to be send in case of server crash
31 31 #error_message =
32 32
33 33
34 34 #smtp_server = mail.server.com
35 35 #smtp_username =
36 36 #smtp_password =
37 37 #smtp_port =
38 38 #smtp_use_tls = false
39 39 #smtp_use_ssl = true
40 40 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
41 41 #smtp_auth =
42 42
43 43 [server:main]
44 44 ## COMMON ##
45 45 host = 127.0.0.1
46 46 port = 5000
47 47
48 ##################################
49 ## WAITRESS WSGI SERVER ##
50 ## Recommended for Development ##
51 ##################################
48 ###########################################################
49 ## WAITRESS WSGI SERVER - Recommended for Development ####
50 ###########################################################
52 51
53 52 use = egg:waitress#main
54 53 ## number of worker threads
55 54 threads = 5
56 55 ## MAX BODY SIZE 100GB
57 56 max_request_body_size = 107374182400
58 57 ## Use poll instead of select, fixes file descriptors limits problems.
59 58 ## May not work on old windows systems.
60 59 asyncore_use_poll = true
61 60
62 61
63 62 ##########################
64 63 ## GUNICORN WSGI SERVER ##
65 64 ##########################
66 65 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
67 66
68 67 #use = egg:gunicorn#main
69 ## Sets the number of process workers. You must set `instance_id = *`
70 ## when this option is set to more than one worker, recommended
71 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
72 ## The `instance_id = *` must be set in the [app:main] section below
68 ## Sets the number of process workers. More workers means more concurent connections
69 ## RhodeCode can handle at the same time. Each additional worker also it increases
70 ## memory usage as each has it's own set of caches.
71 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
72 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
73 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
74 ## when using more than 1 worker.
73 75 #workers = 2
74 ## number of threads for each of the worker, must be set to 1 for gevent
75 ## generally recommended to be at 1
76 #threads = 1
77 ## process name
76 ## process name visible in process list
78 77 #proc_name = rhodecode
79 78 ## type of worker class, one of sync, gevent
80 79 ## recommended for bigger setup is using of of other than sync one
81 80 #worker_class = gevent
82 81 ## The maximum number of simultaneous clients. Valid only for Gevent
83 82 #worker_connections = 10
84 83 ## max number of requests that worker will handle before being gracefully
85 84 ## restarted, could prevent memory leaks
86 85 #max_requests = 1000
87 86 #max_requests_jitter = 30
88 87 ## amount of time a worker can spend with handling a request before it
89 88 ## gets killed and restarted. Set to 6hrs
90 89 #timeout = 21600
91 90
92 91
93 92 ## prefix middleware for RhodeCode.
94 93 ## recommended when using proxy setup.
95 94 ## allows to set RhodeCode under a prefix in server.
96 95 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
97 96 ## And set your prefix like: `prefix = /custom_prefix`
98 97 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
99 98 ## to make your cookies only work on prefix url
100 99 [filter:proxy-prefix]
101 100 use = egg:PasteDeploy#prefix
102 101 prefix = /
103 102
104 103 [app:main]
105 104 ## The %(here)s variable will be replaced with the absolute path of parent directory
106 105 ## of this file
107 106 ## In addition ENVIRONMENT variables usage is possible, e.g
108 107 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
109 108
110 109 use = egg:rhodecode-enterprise-ce
111 110
112 111 ## enable proxy prefix middleware, defined above
113 112 #filter-with = proxy-prefix
114 113
115 114 # During development the we want to have the debug toolbar enabled
116 115 pyramid.includes =
117 116 pyramid_debugtoolbar
118 117 rhodecode.lib.middleware.request_wrapper
119 118
120 119 pyramid.reload_templates = true
121 120
122 121 debugtoolbar.hosts = 0.0.0.0/0
123 122 debugtoolbar.exclude_prefixes =
124 123 /css
125 124 /fonts
126 125 /images
127 126 /js
128 127
129 128 ## RHODECODE PLUGINS ##
130 129 rhodecode.includes =
131 130 rhodecode.api
132 131
133 132
134 133 # api prefix url
135 134 rhodecode.api.url = /_admin/api
136 135
137 136
138 137 ## END RHODECODE PLUGINS ##
139 138
140 139 ## encryption key used to encrypt social plugin tokens,
141 140 ## remote_urls with credentials etc, if not set it defaults to
142 141 ## `beaker.session.secret`
143 142 #rhodecode.encrypted_values.secret =
144 143
145 144 ## decryption strict mode (enabled by default). It controls if decryption raises
146 145 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
147 146 #rhodecode.encrypted_values.strict = false
148 147
149 148 ## return gzipped responses from Rhodecode (static files/application)
150 149 gzip_responses = false
151 150
152 151 ## autogenerate javascript routes file on startup
153 152 generate_js_files = false
154 153
155 ## Optional Languages
156 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
154 ## System global default language.
155 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
157 156 lang = en
158 157
159 ## perform a full repository scan on each server start, this should be
160 ## set to false after first startup, to allow faster server restarts.
158 ## Perform a full repository scan and import on each server start.
159 ## Settings this to true could lead to very long startup time.
161 160 startup.import_repos = false
162 161
163 162 ## Uncomment and set this path to use archive download cache.
164 163 ## Once enabled, generated archives will be cached at this location
165 164 ## and served from the cache during subsequent requests for the same archive of
166 165 ## the repository.
167 166 #archive_cache_dir = /tmp/tarballcache
168 167
169 168 ## URL at which the application is running. This is used for bootstraping
170 169 ## requests in context when no web request is available. Used in ishell, or
171 170 ## SSH calls. Set this for events to receive proper url for SSH calls.
172 171 app.base_url = http://rhodecode.local
173 172
174 ## change this to unique ID for security
173 ## Unique application ID. Should be a random unique string for security.
175 174 app_instance_uuid = rc-production
176 175
177 ## cut off limit for large diffs (size in bytes). If overall diff size on
176 ## Cut off limit for large diffs (size in bytes). If overall diff size on
178 177 ## commit, or pull request exceeds this limit this diff will be displayed
179 178 ## partially. E.g 512000 == 512Kb
180 179 cut_off_limit_diff = 512000
181 180
182 ## cut off limit for large files inside diffs (size in bytes). Each individual
181 ## Cut off limit for large files inside diffs (size in bytes). Each individual
183 182 ## file inside diff which exceeds this limit will be displayed partially.
184 183 ## E.g 128000 == 128Kb
185 184 cut_off_limit_file = 128000
186 185
187 ## use cache version of scm repo everywhere
186 ## use cached version of vcs repositories everywhere. Recommended to be `true`
188 187 vcs_full_cache = true
189 188
190 ## force https in RhodeCode, fixes https redirects, assumes it's always https
189 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
191 190 ## Normally this is controlled by proper http flags sent from http server
192 191 force_https = false
193 192
194 193 ## use Strict-Transport-Security headers
195 194 use_htsts = false
196 195
197 196 ## git rev filter option, --all is the default filter, if you need to
198 197 ## hide all refs in changelog switch this to --branches --tags
199 198 git_rev_filter = --branches --tags
200 199
201 200 # Set to true if your repos are exposed using the dumb protocol
202 201 git_update_server_info = false
203 202
204 203 ## RSS/ATOM feed options
205 204 rss_cut_off_limit = 256000
206 205 rss_items_per_page = 10
207 206 rss_include_diff = false
208 207
209 208 ## gist URL alias, used to create nicer urls for gist. This should be an
210 209 ## url that does rewrites to _admin/gists/{gistid}.
211 210 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
212 211 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
213 212 gist_alias_url =
214 213
215 214 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
216 215 ## used for access.
217 216 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
218 217 ## came from the the logged in user who own this authentication token.
219 218 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
220 219 ## authentication token. Such view would be only accessible when used together
221 220 ## with this authentication token
222 221 ##
223 222 ## list of all views can be found under `/_admin/permissions/auth_token_access`
224 223 ## The list should be "," separated and on a single line.
225 224 ##
226 225 ## Most common views to enable:
227 226 # RepoCommitsView:repo_commit_download
228 227 # RepoCommitsView:repo_commit_patch
229 228 # RepoCommitsView:repo_commit_raw
230 229 # RepoCommitsView:repo_commit_raw@TOKEN
231 230 # RepoFilesView:repo_files_diff
232 231 # RepoFilesView:repo_archivefile
233 232 # RepoFilesView:repo_file_raw
234 233 # GistView:*
235 234 api_access_controllers_whitelist =
236 235
237 ## default encoding used to convert from and to unicode
236 ## Default encoding used to convert from and to unicode
238 237 ## can be also a comma separated list of encoding in case of mixed encodings
239 238 default_encoding = UTF-8
240 239
241 240 ## instance-id prefix
242 241 ## a prefix key for this instance used for cache invalidation when running
243 242 ## multiple instances of rhodecode, make sure it's globally unique for
244 243 ## all running rhodecode instances. Leave empty if you don't use it
245 244 instance_id =
246 245
247 246 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
248 247 ## of an authentication plugin also if it is disabled by it's settings.
249 248 ## This could be useful if you are unable to log in to the system due to broken
250 249 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
251 250 ## module to log in again and fix the settings.
252 251 ##
253 252 ## Available builtin plugin IDs (hash is part of the ID):
254 253 ## egg:rhodecode-enterprise-ce#rhodecode
255 254 ## egg:rhodecode-enterprise-ce#pam
256 255 ## egg:rhodecode-enterprise-ce#ldap
257 256 ## egg:rhodecode-enterprise-ce#jasig_cas
258 257 ## egg:rhodecode-enterprise-ce#headers
259 258 ## egg:rhodecode-enterprise-ce#crowd
260 259 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
261 260
262 261 ## alternative return HTTP header for failed authentication. Default HTTP
263 262 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
264 263 ## handling that causing a series of failed authentication calls.
265 264 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
266 265 ## This will be served instead of default 401 on bad authnetication
267 266 auth_ret_code =
268 267
269 268 ## use special detection method when serving auth_ret_code, instead of serving
270 269 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
271 270 ## and then serve auth_ret_code to clients
272 271 auth_ret_code_detection = false
273 272
274 273 ## locking return code. When repository is locked return this HTTP code. 2XX
275 274 ## codes don't break the transactions while 4XX codes do
276 275 lock_ret_code = 423
277 276
278 277 ## allows to change the repository location in settings page
279 278 allow_repo_location_change = true
280 279
281 280 ## allows to setup custom hooks in settings page
282 281 allow_custom_hooks_settings = true
283 282
284 ## generated license token, goto license page in RhodeCode settings to obtain
285 ## new token
283 ## Generated license token required for EE edition license.
284 ## New generated token value can be found in Admin > settings > license page.
286 285 license_token =
287 286
288 287 ## supervisor connection uri, for managing supervisor and logs.
289 288 supervisor.uri =
290 289 ## supervisord group name/id we only want this RC instance to handle
291 290 supervisor.group_id = dev
292 291
293 292 ## Display extended labs settings
294 293 labs_settings_active = true
295 294
296 295 ####################################
297 296 ### CELERY CONFIG ####
298 297 ####################################
299 298 ## run: /path/to/celery worker \
300 299 ## -E --beat --app rhodecode.lib.celerylib.loader \
301 300 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
302 301 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
303 302
304 303 use_celery = false
305 304
306 305 ## connection url to the message broker (default rabbitmq)
307 306 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
308 307
309 308 ## maximum tasks to execute before worker restart
310 309 celery.max_tasks_per_child = 100
311 310
312 311 ## tasks will never be sent to the queue, but executed locally instead.
313 312 celery.task_always_eager = false
314 313
315 314 #####################################
316 315 ### DOGPILE CACHE ####
317 316 #####################################
318 317 ## Default cache dir for caches. Putting this into a ramdisk
319 318 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
320 319 ## large amount of space
321 320 cache_dir = %(here)s/data
322 321
323 322 ## `cache_perms` cache settings for permission tree, auth TTL.
324 323 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
325 324 rc_cache.cache_perms.expiration_time = 300
326 325
327 326 ## alternative `cache_perms` redis backend with distributed lock
328 327 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
329 328 #rc_cache.cache_perms.expiration_time = 300
330 329 ## redis_expiration_time needs to be greater then expiration_time
331 330 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
332 331 #rc_cache.cache_perms.arguments.socket_timeout = 30
333 332 #rc_cache.cache_perms.arguments.host = localhost
334 333 #rc_cache.cache_perms.arguments.port = 6379
335 334 #rc_cache.cache_perms.arguments.db = 0
336 335 #rc_cache.cache_perms.arguments.distributed_lock = true
337 336
338 337 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
339 338 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
340 339 rc_cache.cache_repo.expiration_time = 2592000
341 340
342 341 ## alternative `cache_repo` redis backend with distributed lock
343 342 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
344 343 #rc_cache.cache_repo.expiration_time = 2592000
345 344 ## redis_expiration_time needs to be greater then expiration_time
346 345 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
347 346 #rc_cache.cache_repo.arguments.socket_timeout = 30
348 347 #rc_cache.cache_repo.arguments.host = localhost
349 348 #rc_cache.cache_repo.arguments.port = 6379
350 349 #rc_cache.cache_repo.arguments.db = 1
351 350 #rc_cache.cache_repo.arguments.distributed_lock = true
352 351
353 352 ## cache settings for SQL queries, this needs to use memory type backend
354 353 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
355 354 rc_cache.sql_cache_short.expiration_time = 30
356 355
357 356 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
358 357 ## type backend as the objects kept are not pickle serializable
359 358 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
360 359 ## by default we use 96H, this is using invalidation on push anyway
361 360 rc_cache.cache_repo_longterm.expiration_time = 345600
362 361 ## max items in LRU cache, reduce this number to save memory, and expire last used
363 362 ## cached objects
364 363 rc_cache.cache_repo_longterm.max_size = 10000
365 364
366 365
367 366 ####################################
368 367 ### BEAKER SESSION ####
369 368 ####################################
370 369
371 370 ## .session.type is type of storage options for the session, current allowed
372 371 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
373 372 beaker.session.type = file
374 373 beaker.session.data_dir = %(here)s/data/sessions
375 374
376 375 ## db based session, fast, and allows easy management over logged in users
377 376 #beaker.session.type = ext:database
378 377 #beaker.session.table_name = db_session
379 378 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
380 379 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
381 380 #beaker.session.sa.pool_recycle = 3600
382 381 #beaker.session.sa.echo = false
383 382
384 383 beaker.session.key = rhodecode
385 384 beaker.session.secret = develop-rc-uytcxaz
386 385 beaker.session.lock_dir = %(here)s/data/sessions/lock
387 386
388 387 ## Secure encrypted cookie. Requires AES and AES python libraries
389 388 ## you must disable beaker.session.secret to use this
390 389 #beaker.session.encrypt_key = key_for_encryption
391 390 #beaker.session.validate_key = validation_key
392 391
393 392 ## sets session as invalid(also logging out user) if it haven not been
394 393 ## accessed for given amount of time in seconds
395 394 beaker.session.timeout = 2592000
396 395 beaker.session.httponly = true
397 396 ## Path to use for the cookie. Set to prefix if you use prefix middleware
398 397 #beaker.session.cookie_path = /custom_prefix
399 398
400 399 ## uncomment for https secure cookie
401 400 beaker.session.secure = false
402 401
403 402 ## auto save the session to not to use .save()
404 403 beaker.session.auto = false
405 404
406 405 ## default cookie expiration time in seconds, set to `true` to set expire
407 406 ## at browser close
408 407 #beaker.session.cookie_expires = 3600
409 408
410 409 ###################################
411 410 ## SEARCH INDEXING CONFIGURATION ##
412 411 ###################################
413 412 ## Full text search indexer is available in rhodecode-tools under
414 413 ## `rhodecode-tools index` command
415 414
416 415 ## WHOOSH Backend, doesn't require additional services to run
417 416 ## it works good with few dozen repos
418 417 search.module = rhodecode.lib.index.whoosh
419 418 search.location = %(here)s/data/index
420 419
421 420 ########################################
422 421 ### CHANNELSTREAM CONFIG ####
423 422 ########################################
424 423 ## channelstream enables persistent connections and live notification
425 424 ## in the system. It's also used by the chat system
426 425 channelstream.enabled = false
427 426
428 427 ## server address for channelstream server on the backend
429 428 channelstream.server = 127.0.0.1:9800
430 429
431 430 ## location of the channelstream server from outside world
432 431 ## use ws:// for http or wss:// for https. This address needs to be handled
433 432 ## by external HTTP server such as Nginx or Apache
434 433 ## see nginx/apache configuration examples in our docs
435 434 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
436 435 channelstream.secret = secret
437 436 channelstream.history.location = %(here)s/channelstream_history
438 437
439 438 ## Internal application path that Javascript uses to connect into.
440 439 ## If you use proxy-prefix the prefix should be added before /_channelstream
441 440 channelstream.proxy_path = /_channelstream
442 441
443 442
444 443 ###################################
445 444 ## APPENLIGHT CONFIG ##
446 445 ###################################
447 446
448 447 ## Appenlight is tailored to work with RhodeCode, see
449 448 ## http://appenlight.com for details how to obtain an account
450 449
451 450 ## appenlight integration enabled
452 451 appenlight = false
453 452
454 453 appenlight.server_url = https://api.appenlight.com
455 454 appenlight.api_key = YOUR_API_KEY
456 455 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
457 456
458 457 # used for JS client
459 458 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
460 459
461 460 ## TWEAK AMOUNT OF INFO SENT HERE
462 461
463 462 ## enables 404 error logging (default False)
464 463 appenlight.report_404 = false
465 464
466 465 ## time in seconds after request is considered being slow (default 1)
467 466 appenlight.slow_request_time = 1
468 467
469 468 ## record slow requests in application
470 469 ## (needs to be enabled for slow datastore recording and time tracking)
471 470 appenlight.slow_requests = true
472 471
473 472 ## enable hooking to application loggers
474 473 appenlight.logging = true
475 474
476 475 ## minimum log level for log capture
477 476 appenlight.logging.level = WARNING
478 477
479 478 ## send logs only from erroneous/slow requests
480 479 ## (saves API quota for intensive logging)
481 480 appenlight.logging_on_error = false
482 481
483 482 ## list of additonal keywords that should be grabbed from environ object
484 483 ## can be string with comma separated list of words in lowercase
485 484 ## (by default client will always send following info:
486 485 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
487 486 ## start with HTTP* this list be extended with additional keywords here
488 487 appenlight.environ_keys_whitelist =
489 488
490 489 ## list of keywords that should be blanked from request object
491 490 ## can be string with comma separated list of words in lowercase
492 491 ## (by default client will always blank keys that contain following words
493 492 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
494 493 ## this list be extended with additional keywords set here
495 494 appenlight.request_keys_blacklist =
496 495
497 496 ## list of namespaces that should be ignores when gathering log entries
498 497 ## can be string with comma separated list of namespaces
499 498 ## (by default the client ignores own entries: appenlight_client.client)
500 499 appenlight.log_namespace_blacklist =
501 500
502 501
503 502 ################################################################################
504 503 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
505 504 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
506 505 ## execute malicious code after an exception is raised. ##
507 506 ################################################################################
508 507 #set debug = false
509 508
510 509 # enable debug style page
511 510 debug_style = true
512 511
513 512 ###########################################
514 513 ### MAIN RHODECODE DATABASE CONFIG ###
515 514 ###########################################
516 515 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
517 516 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
518 517 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
519 518 # pymysql is an alternative driver for MySQL, use in case of problems with default one
520 519 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
521 520
522 521 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
523 522
524 523 # see sqlalchemy docs for other advanced settings
525 524
526 525 ## print the sql statements to output
527 526 sqlalchemy.db1.echo = false
528 527 ## recycle the connections after this amount of seconds
529 528 sqlalchemy.db1.pool_recycle = 3600
530 529 sqlalchemy.db1.convert_unicode = true
531 530
532 531 ## the number of connections to keep open inside the connection pool.
533 532 ## 0 indicates no limit
534 533 #sqlalchemy.db1.pool_size = 5
535 534
536 535 ## the number of connections to allow in connection pool "overflow", that is
537 536 ## connections that can be opened above and beyond the pool_size setting,
538 537 ## which defaults to five.
539 538 #sqlalchemy.db1.max_overflow = 10
540 539
541 540 ## Connection check ping, used to detect broken database connections
542 541 ## could be enabled to better handle cases if MySQL has gone away errors
543 542 #sqlalchemy.db1.ping_connection = true
544 543
545 544 ##################
546 545 ### VCS CONFIG ###
547 546 ##################
548 547 vcs.server.enable = true
549 548 vcs.server = localhost:9900
550 549
551 550 ## Web server connectivity protocol, responsible for web based VCS operatations
552 551 ## Available protocols are:
553 552 ## `http` - use http-rpc backend (default)
554 553 vcs.server.protocol = http
555 554
556 555 ## Push/Pull operations protocol, available options are:
557 556 ## `http` - use http-rpc backend (default)
558 557 vcs.scm_app_implementation = http
559 558
560 559 ## Push/Pull operations hooks protocol, available options are:
561 560 ## `http` - use http-rpc backend (default)
562 561 vcs.hooks.protocol = http
563 562
564 563 ## Host on which this instance is listening for hooks. If vcsserver is in other location
565 564 ## this should be adjusted.
566 565 vcs.hooks.host = 127.0.0.1
567 566
568 567 vcs.server.log_level = debug
569 568 ## Start VCSServer with this instance as a subprocess, useful for development
570 569 vcs.start_server = false
571 570
572 571 ## List of enabled VCS backends, available options are:
573 572 ## `hg` - mercurial
574 573 ## `git` - git
575 574 ## `svn` - subversion
576 575 vcs.backends = hg, git, svn
577 576
578 577 vcs.connection_timeout = 3600
579 578 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
580 579 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
581 580 #vcs.svn.compatible_version = pre-1.8-compatible
582 581
583 582
584 583 ############################################################
585 584 ### Subversion proxy support (mod_dav_svn) ###
586 585 ### Maps RhodeCode repo groups into SVN paths for Apache ###
587 586 ############################################################
588 587 ## Enable or disable the config file generation.
589 588 svn.proxy.generate_config = false
590 589 ## Generate config file with `SVNListParentPath` set to `On`.
591 590 svn.proxy.list_parent_path = true
592 591 ## Set location and file name of generated config file.
593 592 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
594 593 ## alternative mod_dav config template. This needs to be a mako template
595 594 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
596 595 ## Used as a prefix to the `Location` block in the generated config file.
597 596 ## In most cases it should be set to `/`.
598 597 svn.proxy.location_root = /
599 598 ## Command to reload the mod dav svn configuration on change.
600 599 ## Example: `/etc/init.d/apache2 reload`
601 600 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
602 601 ## If the timeout expires before the reload command finishes, the command will
603 602 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
604 603 #svn.proxy.reload_timeout = 10
605 604
606 605 ############################################################
607 606 ### SSH Support Settings ###
608 607 ############################################################
609 608
610 609 ## Defines if a custom authorized_keys file should be created and written on
611 610 ## any change user ssh keys. Setting this to false also disables posibility
612 611 ## of adding SSH keys by users from web interface. Super admins can still
613 612 ## manage SSH Keys.
614 613 ssh.generate_authorized_keyfile = false
615 614
616 615 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
617 616 # ssh.authorized_keys_ssh_opts =
618 617
619 618 ## Path to the authrozied_keys file where the generate entries are placed.
620 619 ## It is possible to have multiple key files specified in `sshd_config` e.g.
621 620 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
622 621 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
623 622
624 623 ## Command to execute the SSH wrapper. The binary is available in the
625 624 ## rhodecode installation directory.
626 625 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
627 626 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
628 627
629 628 ## Allow shell when executing the ssh-wrapper command
630 629 ssh.wrapper_cmd_allow_shell = false
631 630
632 631 ## Enables logging, and detailed output send back to the client during SSH
633 632 ## operations. Usefull for debugging, shouldn't be used in production.
634 633 ssh.enable_debug_logging = true
635 634
636 635 ## Paths to binary executable, by default they are the names, but we can
637 636 ## override them if we want to use a custom one
638 637 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
639 638 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
640 639 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
641 640
642 641
643 642 ## Dummy marker to add new entries after.
644 643 ## Add any custom entries below. Please don't remove.
645 644 custom.conf = 1
646 645
647 646
648 647 ################################
649 648 ### LOGGING CONFIGURATION ####
650 649 ################################
651 650 [loggers]
652 651 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
653 652
654 653 [handlers]
655 654 keys = console, console_sql
656 655
657 656 [formatters]
658 657 keys = generic, color_formatter, color_formatter_sql
659 658
660 659 #############
661 660 ## LOGGERS ##
662 661 #############
663 662 [logger_root]
664 663 level = NOTSET
665 664 handlers = console
666 665
667 666 [logger_sqlalchemy]
668 667 level = INFO
669 668 handlers = console_sql
670 669 qualname = sqlalchemy.engine
671 670 propagate = 0
672 671
673 672 [logger_beaker]
674 673 level = DEBUG
675 674 handlers =
676 675 qualname = beaker.container
677 676 propagate = 1
678 677
679 678 [logger_rhodecode]
680 679 level = DEBUG
681 680 handlers =
682 681 qualname = rhodecode
683 682 propagate = 1
684 683
685 684 [logger_ssh_wrapper]
686 685 level = DEBUG
687 686 handlers =
688 687 qualname = ssh_wrapper
689 688 propagate = 1
690 689
691 690 [logger_celery]
692 691 level = DEBUG
693 692 handlers =
694 693 qualname = celery
695 694
696 695
697 696 ##############
698 697 ## HANDLERS ##
699 698 ##############
700 699
701 700 [handler_console]
702 701 class = StreamHandler
703 702 args = (sys.stderr, )
704 703 level = DEBUG
705 704 formatter = color_formatter
706 705
707 706 [handler_console_sql]
708 707 # "level = DEBUG" logs SQL queries and results.
709 708 # "level = INFO" logs SQL queries.
710 709 # "level = WARN" logs neither. (Recommended for production systems.)
711 710 class = StreamHandler
712 711 args = (sys.stderr, )
713 712 level = WARN
714 713 formatter = color_formatter_sql
715 714
716 715 ################
717 716 ## FORMATTERS ##
718 717 ################
719 718
720 719 [formatter_generic]
721 720 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
722 721 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
723 722 datefmt = %Y-%m-%d %H:%M:%S
724 723
725 724 [formatter_color_formatter]
726 725 class = rhodecode.lib.logging_formatter.ColorFormatter
727 726 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
728 727 datefmt = %Y-%m-%d %H:%M:%S
729 728
730 729 [formatter_color_formatter_sql]
731 730 class = rhodecode.lib.logging_formatter.ColorFormatterSql
732 731 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
733 732 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,705 +1,704 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 ################################################################################
6 6
7 7 [DEFAULT]
8 8 debug = true
9 9
10 10 ################################################################################
11 11 ## EMAIL CONFIGURATION ##
12 12 ## Uncomment and replace with the email address which should receive ##
13 13 ## any error reports after an application crash ##
14 14 ## Additionally these settings will be used by the RhodeCode mailing system ##
15 15 ################################################################################
16 16
17 17 ## prefix all emails subjects with given prefix, helps filtering out emails
18 18 #email_prefix = [RhodeCode]
19 19
20 20 ## email FROM address all mails will be sent
21 21 #app_email_from = rhodecode-noreply@localhost
22 22
23 23 ## Uncomment and replace with the address which should receive any error report
24 24 ## note: using appenlight for error handling doesn't need this to be uncommented
25 25 #email_to = admin@localhost
26 26
27 27 ## in case of Application errors, sent an error email form
28 28 #error_email_from = rhodecode_error@localhost
29 29
30 30 ## additional error message to be send in case of server crash
31 31 #error_message =
32 32
33 33
34 34 #smtp_server = mail.server.com
35 35 #smtp_username =
36 36 #smtp_password =
37 37 #smtp_port =
38 38 #smtp_use_tls = false
39 39 #smtp_use_ssl = true
40 40 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
41 41 #smtp_auth =
42 42
43 43 [server:main]
44 44 ## COMMON ##
45 45 host = 127.0.0.1
46 46 port = 5000
47 47
48 ##################################
49 ## WAITRESS WSGI SERVER ##
50 ## Recommended for Development ##
51 ##################################
48 ###########################################################
49 ## WAITRESS WSGI SERVER - Recommended for Development ####
50 ###########################################################
52 51
53 52 #use = egg:waitress#main
54 53 ## number of worker threads
55 54 #threads = 5
56 55 ## MAX BODY SIZE 100GB
57 56 #max_request_body_size = 107374182400
58 57 ## Use poll instead of select, fixes file descriptors limits problems.
59 58 ## May not work on old windows systems.
60 59 #asyncore_use_poll = true
61 60
62 61
63 62 ##########################
64 63 ## GUNICORN WSGI SERVER ##
65 64 ##########################
66 65 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
67 66
68 67 use = egg:gunicorn#main
69 ## Sets the number of process workers. You must set `instance_id = *`
70 ## when this option is set to more than one worker, recommended
71 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
72 ## The `instance_id = *` must be set in the [app:main] section below
68 ## Sets the number of process workers. More workers means more concurent connections
69 ## RhodeCode can handle at the same time. Each additional worker also it increases
70 ## memory usage as each has it's own set of caches.
71 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
72 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
73 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
74 ## when using more than 1 worker.
73 75 workers = 2
74 ## number of threads for each of the worker, must be set to 1 for gevent
75 ## generally recommended to be at 1
76 #threads = 1
77 ## process name
76 ## process name visible in process list
78 77 proc_name = rhodecode
79 78 ## type of worker class, one of sync, gevent
80 79 ## recommended for bigger setup is using of of other than sync one
81 80 worker_class = gevent
82 81 ## The maximum number of simultaneous clients. Valid only for Gevent
83 82 worker_connections = 10
84 83 ## max number of requests that worker will handle before being gracefully
85 84 ## restarted, could prevent memory leaks
86 85 max_requests = 1000
87 86 max_requests_jitter = 30
88 87 ## amount of time a worker can spend with handling a request before it
89 88 ## gets killed and restarted. Set to 6hrs
90 89 timeout = 21600
91 90
92 91
93 92 ## prefix middleware for RhodeCode.
94 93 ## recommended when using proxy setup.
95 94 ## allows to set RhodeCode under a prefix in server.
96 95 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
97 96 ## And set your prefix like: `prefix = /custom_prefix`
98 97 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
99 98 ## to make your cookies only work on prefix url
100 99 [filter:proxy-prefix]
101 100 use = egg:PasteDeploy#prefix
102 101 prefix = /
103 102
104 103 [app:main]
105 104 ## The %(here)s variable will be replaced with the absolute path of parent directory
106 105 ## of this file
107 106 ## In addition ENVIRONMENT variables usage is possible, e.g
108 107 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
109 108
110 109 use = egg:rhodecode-enterprise-ce
111 110
112 111 ## enable proxy prefix middleware, defined above
113 112 #filter-with = proxy-prefix
114 113
115 114 ## encryption key used to encrypt social plugin tokens,
116 115 ## remote_urls with credentials etc, if not set it defaults to
117 116 ## `beaker.session.secret`
118 117 #rhodecode.encrypted_values.secret =
119 118
120 119 ## decryption strict mode (enabled by default). It controls if decryption raises
121 120 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
122 121 #rhodecode.encrypted_values.strict = false
123 122
124 123 ## return gzipped responses from Rhodecode (static files/application)
125 124 gzip_responses = false
126 125
127 126 ## autogenerate javascript routes file on startup
128 127 generate_js_files = false
129 128
130 ## Optional Languages
131 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
129 ## System global default language.
130 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
132 131 lang = en
133 132
134 ## perform a full repository scan on each server start, this should be
135 ## set to false after first startup, to allow faster server restarts.
133 ## Perform a full repository scan and import on each server start.
134 ## Settings this to true could lead to very long startup time.
136 135 startup.import_repos = false
137 136
138 137 ## Uncomment and set this path to use archive download cache.
139 138 ## Once enabled, generated archives will be cached at this location
140 139 ## and served from the cache during subsequent requests for the same archive of
141 140 ## the repository.
142 141 #archive_cache_dir = /tmp/tarballcache
143 142
144 143 ## URL at which the application is running. This is used for bootstraping
145 144 ## requests in context when no web request is available. Used in ishell, or
146 145 ## SSH calls. Set this for events to receive proper url for SSH calls.
147 146 app.base_url = http://rhodecode.local
148 147
149 ## change this to unique ID for security
148 ## Unique application ID. Should be a random unique string for security.
150 149 app_instance_uuid = rc-production
151 150
152 ## cut off limit for large diffs (size in bytes). If overall diff size on
151 ## Cut off limit for large diffs (size in bytes). If overall diff size on
153 152 ## commit, or pull request exceeds this limit this diff will be displayed
154 153 ## partially. E.g 512000 == 512Kb
155 154 cut_off_limit_diff = 512000
156 155
157 ## cut off limit for large files inside diffs (size in bytes). Each individual
156 ## Cut off limit for large files inside diffs (size in bytes). Each individual
158 157 ## file inside diff which exceeds this limit will be displayed partially.
159 158 ## E.g 128000 == 128Kb
160 159 cut_off_limit_file = 128000
161 160
162 ## use cache version of scm repo everywhere
161 ## use cached version of vcs repositories everywhere. Recommended to be `true`
163 162 vcs_full_cache = true
164 163
165 ## force https in RhodeCode, fixes https redirects, assumes it's always https
164 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
166 165 ## Normally this is controlled by proper http flags sent from http server
167 166 force_https = false
168 167
169 168 ## use Strict-Transport-Security headers
170 169 use_htsts = false
171 170
172 171 ## git rev filter option, --all is the default filter, if you need to
173 172 ## hide all refs in changelog switch this to --branches --tags
174 173 git_rev_filter = --branches --tags
175 174
176 175 # Set to true if your repos are exposed using the dumb protocol
177 176 git_update_server_info = false
178 177
179 178 ## RSS/ATOM feed options
180 179 rss_cut_off_limit = 256000
181 180 rss_items_per_page = 10
182 181 rss_include_diff = false
183 182
184 183 ## gist URL alias, used to create nicer urls for gist. This should be an
185 184 ## url that does rewrites to _admin/gists/{gistid}.
186 185 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
187 186 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
188 187 gist_alias_url =
189 188
190 189 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
191 190 ## used for access.
192 191 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
193 192 ## came from the the logged in user who own this authentication token.
194 193 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
195 194 ## authentication token. Such view would be only accessible when used together
196 195 ## with this authentication token
197 196 ##
198 197 ## list of all views can be found under `/_admin/permissions/auth_token_access`
199 198 ## The list should be "," separated and on a single line.
200 199 ##
201 200 ## Most common views to enable:
202 201 # RepoCommitsView:repo_commit_download
203 202 # RepoCommitsView:repo_commit_patch
204 203 # RepoCommitsView:repo_commit_raw
205 204 # RepoCommitsView:repo_commit_raw@TOKEN
206 205 # RepoFilesView:repo_files_diff
207 206 # RepoFilesView:repo_archivefile
208 207 # RepoFilesView:repo_file_raw
209 208 # GistView:*
210 209 api_access_controllers_whitelist =
211 210
212 ## default encoding used to convert from and to unicode
211 ## Default encoding used to convert from and to unicode
213 212 ## can be also a comma separated list of encoding in case of mixed encodings
214 213 default_encoding = UTF-8
215 214
216 215 ## instance-id prefix
217 216 ## a prefix key for this instance used for cache invalidation when running
218 217 ## multiple instances of rhodecode, make sure it's globally unique for
219 218 ## all running rhodecode instances. Leave empty if you don't use it
220 219 instance_id =
221 220
222 221 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
223 222 ## of an authentication plugin also if it is disabled by it's settings.
224 223 ## This could be useful if you are unable to log in to the system due to broken
225 224 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
226 225 ## module to log in again and fix the settings.
227 226 ##
228 227 ## Available builtin plugin IDs (hash is part of the ID):
229 228 ## egg:rhodecode-enterprise-ce#rhodecode
230 229 ## egg:rhodecode-enterprise-ce#pam
231 230 ## egg:rhodecode-enterprise-ce#ldap
232 231 ## egg:rhodecode-enterprise-ce#jasig_cas
233 232 ## egg:rhodecode-enterprise-ce#headers
234 233 ## egg:rhodecode-enterprise-ce#crowd
235 234 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
236 235
237 236 ## alternative return HTTP header for failed authentication. Default HTTP
238 237 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
239 238 ## handling that causing a series of failed authentication calls.
240 239 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
241 240 ## This will be served instead of default 401 on bad authnetication
242 241 auth_ret_code =
243 242
244 243 ## use special detection method when serving auth_ret_code, instead of serving
245 244 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
246 245 ## and then serve auth_ret_code to clients
247 246 auth_ret_code_detection = false
248 247
249 248 ## locking return code. When repository is locked return this HTTP code. 2XX
250 249 ## codes don't break the transactions while 4XX codes do
251 250 lock_ret_code = 423
252 251
253 252 ## allows to change the repository location in settings page
254 253 allow_repo_location_change = true
255 254
256 255 ## allows to setup custom hooks in settings page
257 256 allow_custom_hooks_settings = true
258 257
259 ## generated license token, goto license page in RhodeCode settings to obtain
260 ## new token
258 ## Generated license token required for EE edition license.
259 ## New generated token value can be found in Admin > settings > license page.
261 260 license_token =
262 261
263 262 ## supervisor connection uri, for managing supervisor and logs.
264 263 supervisor.uri =
265 264 ## supervisord group name/id we only want this RC instance to handle
266 265 supervisor.group_id = prod
267 266
268 267 ## Display extended labs settings
269 268 labs_settings_active = true
270 269
271 270 ####################################
272 271 ### CELERY CONFIG ####
273 272 ####################################
274 273 ## run: /path/to/celery worker \
275 274 ## -E --beat --app rhodecode.lib.celerylib.loader \
276 275 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
277 276 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
278 277
279 278 use_celery = false
280 279
281 280 ## connection url to the message broker (default rabbitmq)
282 281 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
283 282
284 283 ## maximum tasks to execute before worker restart
285 284 celery.max_tasks_per_child = 100
286 285
287 286 ## tasks will never be sent to the queue, but executed locally instead.
288 287 celery.task_always_eager = false
289 288
290 289 #####################################
291 290 ### DOGPILE CACHE ####
292 291 #####################################
293 292 ## Default cache dir for caches. Putting this into a ramdisk
294 293 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
295 294 ## large amount of space
296 295 cache_dir = %(here)s/data
297 296
298 297 ## `cache_perms` cache settings for permission tree, auth TTL.
299 298 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
300 299 rc_cache.cache_perms.expiration_time = 300
301 300
302 301 ## alternative `cache_perms` redis backend with distributed lock
303 302 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
304 303 #rc_cache.cache_perms.expiration_time = 300
305 304 ## redis_expiration_time needs to be greater then expiration_time
306 305 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
307 306 #rc_cache.cache_perms.arguments.socket_timeout = 30
308 307 #rc_cache.cache_perms.arguments.host = localhost
309 308 #rc_cache.cache_perms.arguments.port = 6379
310 309 #rc_cache.cache_perms.arguments.db = 0
311 310 #rc_cache.cache_perms.arguments.distributed_lock = true
312 311
313 312 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
314 313 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
315 314 rc_cache.cache_repo.expiration_time = 2592000
316 315
317 316 ## alternative `cache_repo` redis backend with distributed lock
318 317 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
319 318 #rc_cache.cache_repo.expiration_time = 2592000
320 319 ## redis_expiration_time needs to be greater then expiration_time
321 320 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
322 321 #rc_cache.cache_repo.arguments.socket_timeout = 30
323 322 #rc_cache.cache_repo.arguments.host = localhost
324 323 #rc_cache.cache_repo.arguments.port = 6379
325 324 #rc_cache.cache_repo.arguments.db = 1
326 325 #rc_cache.cache_repo.arguments.distributed_lock = true
327 326
328 327 ## cache settings for SQL queries, this needs to use memory type backend
329 328 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
330 329 rc_cache.sql_cache_short.expiration_time = 30
331 330
332 331 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
333 332 ## type backend as the objects kept are not pickle serializable
334 333 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
335 334 ## by default we use 96H, this is using invalidation on push anyway
336 335 rc_cache.cache_repo_longterm.expiration_time = 345600
337 336 ## max items in LRU cache, reduce this number to save memory, and expire last used
338 337 ## cached objects
339 338 rc_cache.cache_repo_longterm.max_size = 10000
340 339
341 340
342 341 ####################################
343 342 ### BEAKER SESSION ####
344 343 ####################################
345 344
346 345 ## .session.type is type of storage options for the session, current allowed
347 346 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
348 347 beaker.session.type = file
349 348 beaker.session.data_dir = %(here)s/data/sessions
350 349
351 350 ## db based session, fast, and allows easy management over logged in users
352 351 #beaker.session.type = ext:database
353 352 #beaker.session.table_name = db_session
354 353 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
355 354 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
356 355 #beaker.session.sa.pool_recycle = 3600
357 356 #beaker.session.sa.echo = false
358 357
359 358 beaker.session.key = rhodecode
360 359 beaker.session.secret = production-rc-uytcxaz
361 360 beaker.session.lock_dir = %(here)s/data/sessions/lock
362 361
363 362 ## Secure encrypted cookie. Requires AES and AES python libraries
364 363 ## you must disable beaker.session.secret to use this
365 364 #beaker.session.encrypt_key = key_for_encryption
366 365 #beaker.session.validate_key = validation_key
367 366
368 367 ## sets session as invalid(also logging out user) if it haven not been
369 368 ## accessed for given amount of time in seconds
370 369 beaker.session.timeout = 2592000
371 370 beaker.session.httponly = true
372 371 ## Path to use for the cookie. Set to prefix if you use prefix middleware
373 372 #beaker.session.cookie_path = /custom_prefix
374 373
375 374 ## uncomment for https secure cookie
376 375 beaker.session.secure = false
377 376
378 377 ## auto save the session to not to use .save()
379 378 beaker.session.auto = false
380 379
381 380 ## default cookie expiration time in seconds, set to `true` to set expire
382 381 ## at browser close
383 382 #beaker.session.cookie_expires = 3600
384 383
385 384 ###################################
386 385 ## SEARCH INDEXING CONFIGURATION ##
387 386 ###################################
388 387 ## Full text search indexer is available in rhodecode-tools under
389 388 ## `rhodecode-tools index` command
390 389
391 390 ## WHOOSH Backend, doesn't require additional services to run
392 391 ## it works good with few dozen repos
393 392 search.module = rhodecode.lib.index.whoosh
394 393 search.location = %(here)s/data/index
395 394
396 395 ########################################
397 396 ### CHANNELSTREAM CONFIG ####
398 397 ########################################
399 398 ## channelstream enables persistent connections and live notification
400 399 ## in the system. It's also used by the chat system
401 400 channelstream.enabled = false
402 401
403 402 ## server address for channelstream server on the backend
404 403 channelstream.server = 127.0.0.1:9800
405 404
406 405 ## location of the channelstream server from outside world
407 406 ## use ws:// for http or wss:// for https. This address needs to be handled
408 407 ## by external HTTP server such as Nginx or Apache
409 408 ## see nginx/apache configuration examples in our docs
410 409 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
411 410 channelstream.secret = secret
412 411 channelstream.history.location = %(here)s/channelstream_history
413 412
414 413 ## Internal application path that Javascript uses to connect into.
415 414 ## If you use proxy-prefix the prefix should be added before /_channelstream
416 415 channelstream.proxy_path = /_channelstream
417 416
418 417
419 418 ###################################
420 419 ## APPENLIGHT CONFIG ##
421 420 ###################################
422 421
423 422 ## Appenlight is tailored to work with RhodeCode, see
424 423 ## http://appenlight.com for details how to obtain an account
425 424
426 425 ## appenlight integration enabled
427 426 appenlight = false
428 427
429 428 appenlight.server_url = https://api.appenlight.com
430 429 appenlight.api_key = YOUR_API_KEY
431 430 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
432 431
433 432 # used for JS client
434 433 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
435 434
436 435 ## TWEAK AMOUNT OF INFO SENT HERE
437 436
438 437 ## enables 404 error logging (default False)
439 438 appenlight.report_404 = false
440 439
441 440 ## time in seconds after request is considered being slow (default 1)
442 441 appenlight.slow_request_time = 1
443 442
444 443 ## record slow requests in application
445 444 ## (needs to be enabled for slow datastore recording and time tracking)
446 445 appenlight.slow_requests = true
447 446
448 447 ## enable hooking to application loggers
449 448 appenlight.logging = true
450 449
451 450 ## minimum log level for log capture
452 451 appenlight.logging.level = WARNING
453 452
454 453 ## send logs only from erroneous/slow requests
455 454 ## (saves API quota for intensive logging)
456 455 appenlight.logging_on_error = false
457 456
458 457 ## list of additonal keywords that should be grabbed from environ object
459 458 ## can be string with comma separated list of words in lowercase
460 459 ## (by default client will always send following info:
461 460 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
462 461 ## start with HTTP* this list be extended with additional keywords here
463 462 appenlight.environ_keys_whitelist =
464 463
465 464 ## list of keywords that should be blanked from request object
466 465 ## can be string with comma separated list of words in lowercase
467 466 ## (by default client will always blank keys that contain following words
468 467 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
469 468 ## this list be extended with additional keywords set here
470 469 appenlight.request_keys_blacklist =
471 470
472 471 ## list of namespaces that should be ignores when gathering log entries
473 472 ## can be string with comma separated list of namespaces
474 473 ## (by default the client ignores own entries: appenlight_client.client)
475 474 appenlight.log_namespace_blacklist =
476 475
477 476
478 477 ################################################################################
479 478 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
480 479 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
481 480 ## execute malicious code after an exception is raised. ##
482 481 ################################################################################
483 482 set debug = false
484 483
485 484
486 485 ###########################################
487 486 ### MAIN RHODECODE DATABASE CONFIG ###
488 487 ###########################################
489 488 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
490 489 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
491 490 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
492 491 # pymysql is an alternative driver for MySQL, use in case of problems with default one
493 492 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
494 493
495 494 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
496 495
497 496 # see sqlalchemy docs for other advanced settings
498 497
499 498 ## print the sql statements to output
500 499 sqlalchemy.db1.echo = false
501 500 ## recycle the connections after this amount of seconds
502 501 sqlalchemy.db1.pool_recycle = 3600
503 502 sqlalchemy.db1.convert_unicode = true
504 503
505 504 ## the number of connections to keep open inside the connection pool.
506 505 ## 0 indicates no limit
507 506 #sqlalchemy.db1.pool_size = 5
508 507
509 508 ## the number of connections to allow in connection pool "overflow", that is
510 509 ## connections that can be opened above and beyond the pool_size setting,
511 510 ## which defaults to five.
512 511 #sqlalchemy.db1.max_overflow = 10
513 512
514 513 ## Connection check ping, used to detect broken database connections
515 514 ## could be enabled to better handle cases if MySQL has gone away errors
516 515 #sqlalchemy.db1.ping_connection = true
517 516
518 517 ##################
519 518 ### VCS CONFIG ###
520 519 ##################
521 520 vcs.server.enable = true
522 521 vcs.server = localhost:9900
523 522
524 523 ## Web server connectivity protocol, responsible for web based VCS operatations
525 524 ## Available protocols are:
526 525 ## `http` - use http-rpc backend (default)
527 526 vcs.server.protocol = http
528 527
529 528 ## Push/Pull operations protocol, available options are:
530 529 ## `http` - use http-rpc backend (default)
531 530 vcs.scm_app_implementation = http
532 531
533 532 ## Push/Pull operations hooks protocol, available options are:
534 533 ## `http` - use http-rpc backend (default)
535 534 vcs.hooks.protocol = http
536 535 ## Host on which this instance is listening for hooks. If vcsserver is in other location
537 536 ## this should be adjusted.
538 537 vcs.hooks.host = 127.0.0.1
539 538
540 539 vcs.server.log_level = info
541 540 ## Start VCSServer with this instance as a subprocess, useful for development
542 541 vcs.start_server = false
543 542
544 543 ## List of enabled VCS backends, available options are:
545 544 ## `hg` - mercurial
546 545 ## `git` - git
547 546 ## `svn` - subversion
548 547 vcs.backends = hg, git, svn
549 548
550 549 vcs.connection_timeout = 3600
551 550 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
552 551 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
553 552 #vcs.svn.compatible_version = pre-1.8-compatible
554 553
555 554
556 555 ############################################################
557 556 ### Subversion proxy support (mod_dav_svn) ###
558 557 ### Maps RhodeCode repo groups into SVN paths for Apache ###
559 558 ############################################################
560 559 ## Enable or disable the config file generation.
561 560 svn.proxy.generate_config = false
562 561 ## Generate config file with `SVNListParentPath` set to `On`.
563 562 svn.proxy.list_parent_path = true
564 563 ## Set location and file name of generated config file.
565 564 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
566 565 ## alternative mod_dav config template. This needs to be a mako template
567 566 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
568 567 ## Used as a prefix to the `Location` block in the generated config file.
569 568 ## In most cases it should be set to `/`.
570 569 svn.proxy.location_root = /
571 570 ## Command to reload the mod dav svn configuration on change.
572 571 ## Example: `/etc/init.d/apache2 reload`
573 572 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
574 573 ## If the timeout expires before the reload command finishes, the command will
575 574 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
576 575 #svn.proxy.reload_timeout = 10
577 576
578 577 ############################################################
579 578 ### SSH Support Settings ###
580 579 ############################################################
581 580
582 581 ## Defines if a custom authorized_keys file should be created and written on
583 582 ## any change user ssh keys. Setting this to false also disables posibility
584 583 ## of adding SSH keys by users from web interface. Super admins can still
585 584 ## manage SSH Keys.
586 585 ssh.generate_authorized_keyfile = false
587 586
588 587 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
589 588 # ssh.authorized_keys_ssh_opts =
590 589
591 590 ## Path to the authrozied_keys file where the generate entries are placed.
592 591 ## It is possible to have multiple key files specified in `sshd_config` e.g.
593 592 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
594 593 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
595 594
596 595 ## Command to execute the SSH wrapper. The binary is available in the
597 596 ## rhodecode installation directory.
598 597 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
599 598 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
600 599
601 600 ## Allow shell when executing the ssh-wrapper command
602 601 ssh.wrapper_cmd_allow_shell = false
603 602
604 603 ## Enables logging, and detailed output send back to the client during SSH
605 604 ## operations. Usefull for debugging, shouldn't be used in production.
606 605 ssh.enable_debug_logging = false
607 606
608 607 ## Paths to binary executable, by default they are the names, but we can
609 608 ## override them if we want to use a custom one
610 609 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
611 610 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
612 611 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
613 612
614 613
615 614 ## Dummy marker to add new entries after.
616 615 ## Add any custom entries below. Please don't remove.
617 616 custom.conf = 1
618 617
619 618
620 619 ################################
621 620 ### LOGGING CONFIGURATION ####
622 621 ################################
623 622 [loggers]
624 623 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
625 624
626 625 [handlers]
627 626 keys = console, console_sql
628 627
629 628 [formatters]
630 629 keys = generic, color_formatter, color_formatter_sql
631 630
632 631 #############
633 632 ## LOGGERS ##
634 633 #############
635 634 [logger_root]
636 635 level = NOTSET
637 636 handlers = console
638 637
639 638 [logger_sqlalchemy]
640 639 level = INFO
641 640 handlers = console_sql
642 641 qualname = sqlalchemy.engine
643 642 propagate = 0
644 643
645 644 [logger_beaker]
646 645 level = DEBUG
647 646 handlers =
648 647 qualname = beaker.container
649 648 propagate = 1
650 649
651 650 [logger_rhodecode]
652 651 level = DEBUG
653 652 handlers =
654 653 qualname = rhodecode
655 654 propagate = 1
656 655
657 656 [logger_ssh_wrapper]
658 657 level = DEBUG
659 658 handlers =
660 659 qualname = ssh_wrapper
661 660 propagate = 1
662 661
663 662 [logger_celery]
664 663 level = DEBUG
665 664 handlers =
666 665 qualname = celery
667 666
668 667
669 668 ##############
670 669 ## HANDLERS ##
671 670 ##############
672 671
673 672 [handler_console]
674 673 class = StreamHandler
675 674 args = (sys.stderr, )
676 675 level = INFO
677 676 formatter = generic
678 677
679 678 [handler_console_sql]
680 679 # "level = DEBUG" logs SQL queries and results.
681 680 # "level = INFO" logs SQL queries.
682 681 # "level = WARN" logs neither. (Recommended for production systems.)
683 682 class = StreamHandler
684 683 args = (sys.stderr, )
685 684 level = WARN
686 685 formatter = generic
687 686
688 687 ################
689 688 ## FORMATTERS ##
690 689 ################
691 690
692 691 [formatter_generic]
693 692 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
694 693 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
695 694 datefmt = %Y-%m-%d %H:%M:%S
696 695
697 696 [formatter_color_formatter]
698 697 class = rhodecode.lib.logging_formatter.ColorFormatter
699 698 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
700 699 datefmt = %Y-%m-%d %H:%M:%S
701 700
702 701 [formatter_color_formatter_sql]
703 702 class = rhodecode.lib.logging_formatter.ColorFormatterSql
704 703 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
705 704 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now