rhodecode-enterprise-ce Commit - r5420:9cce0276

feat(disk-cache): rewrite diskcache backend to be k8s and NFS safe....

super-admin -

r5420:9cce0276 default

parent child

rhodecode/lib/rc_cache/archive_cache/__init__.py

0 created 644 +29 0

@@ -0,0 +1,29 b''
	1	# Copyright (C) 2015-2024 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
	18
	19	from .fanout_cache import get_archival_cache_store
	20	from .fanout_cache import get_archival_config
	21
	22	from .utils import archive_iterator
	23	from .utils import ArchiveCacheLock
	24
	25
	26	def includeme(config):
	27	# init our cache at start
	28	settings = config.get_settings()
	29	get_archival_cache_store(settings)

rhodecode/lib/rc_cache/archive_cache/lock.py

0 created 644 +60 0

@@ -0,0 +1,60 b''
	1	# Copyright (C) 2015-2024 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
	18
	19	import redis
	20	from rhodecode.lib._vendor import redis_lock
	21
	22	from .utils import ArchiveCacheLock
	23
	24
	25	class GenerationLock:
	26	"""
	27	Locking mechanism that detects if a lock is acquired
	28
	29	with GenerationLock(lock_key):
	30	compute_archive()
	31	"""
	32	lock_timeout = 7200
	33
	34	def __init__(self, lock_key, url):
	35	self.lock_key = lock_key
	36	self._create_client(url)
	37	self.lock = self.get_lock()
	38
	39	def _create_client(self, url):
	40	connection_pool = redis.ConnectionPool.from_url(url)
	41	self.writer_client = redis.StrictRedis(
	42	connection_pool=connection_pool
	43	)
	44	self.reader_client = self.writer_client
	45
	46	def get_lock(self):
	47	return redis_lock.Lock(
	48	redis_client=self.writer_client,
	49	name=self.lock_key,
	50	expire=self.lock_timeout,
	51	strict=True
	52	)
	53
	54	def __enter__(self):
	55	acquired = self.lock.acquire(blocking=False)
	56	if not acquired:
	57	raise ArchiveCacheLock('Failed to create a lock')
	58
	59	def __exit__(self, exc_type, exc_val, exc_tb):
	60	self.lock.release()

rhodecode/lib/rc_cache/archive_cache/utils.py

0 created 644 +30 0

@@ -0,0 +1,30 b''
	1	# Copyright (C) 2015-2024 RhodeCode GmbH
	2	#
	3	# This program is free software: you can redistribute it and/or modify
	4	# it under the terms of the GNU Affero General Public License, version 3
	5	# (only), as published by the Free Software Foundation.
	6	#
	7	# This program is distributed in the hope that it will be useful,
	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	# GNU General Public License for more details.
	11	#
	12	# You should have received a copy of the GNU Affero General Public License
	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	14	#
	15	# This program is dual-licensed. If you wish to learn more about the
	16	# RhodeCode Enterprise Edition, including its added features, Support services,
	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
	18
	19
	20	class ArchiveCacheLock(Exception):
	21	pass
	22
	23
	24	def archive_iterator(_reader, block_size: int = 4096 * 512):
	25	# 4096 * 64 = 64KB
	26	while 1:
	27	data = _reader.read(block_size)
	28	if not data:
	29	break
	30	yield data

configs/development.ini

0 +13 -3

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; #############
             ; DEBUG OPTIONS
             ; #############
             pyramid.reload_templates = true
             # During development the we want to have the debug toolbar enabled
             pyramid.includes =
                 pyramid_debugtoolbar
             debugtoolbar.hosts = 0.0.0.0/0
             debugtoolbar.exclude_prefixes =
                 /css
                 /fonts
                 /images
                 /js
             ## RHODECODE PLUGINS ##
             rhodecode.includes =
                 rhodecode.api
             # api prefix url
             rhodecode.api.url = /_admin/api
             ; enable debug style page
             debug_style = true
             ; #################
             ; END DEBUG OPTIONS
             ; #################
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
+            ; Redis url to acquire/check generation of archives locks
+            archive_cache.locking.url = redis://redis:6379/1
+            ; Storage backend, only 'filesystem' is available now
+            archive_cache.backend.type = filesystem
             ; Default is $cache_dir/archive_cache if not set
-            archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
+            archive_cache.filesystem.store_dir = /var/opt/rhodecode_data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
-            archive_cache.cache_size_gb = 10
+            archive_cache.filesystem.cache_size_gb = 1
+            ; Eviction policy used to clear out after cache_size_gb limit is reached
+            archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
-            archive_cache.cache_shards = 4
+            archive_cache.filesystem.cache_shards = 8
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = true
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = color_formatter_sql
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

configs/production.ini

0 +13 -3

             ; #########################################
             ; RHODECODE COMMUNITY EDITION CONFIGURATION
             ; #########################################
             [DEFAULT]
             ; Debug flag sets all loggers to debug, and enables request tracking
             debug = false
             ; ########################################################################
             ; EMAIL CONFIGURATION
             ; These settings will be used by the RhodeCode mailing system
             ; ########################################################################
             ; prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ; email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ; COMMON HOST/IP CONFIG, This applies mostly to develop setup,
             ; Host port for gunicorn are controlled by gunicorn_conf.py
             host = 127.0.0.1
             port = 10020
             ; ###########################
             ; GUNICORN APPLICATION SERVER
             ; ###########################
             ; run with gunicorn --paste rhodecode.ini --config gunicorn_conf.py
             ; Module to use, this setting shouldn't be changed
             use = egg:gunicorn#main
             ; Prefix middleware for RhodeCode.
             ; recommended when using proxy setup.
             ; allows to set RhodeCode under a prefix in server.
             ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ; And set your prefix like: `prefix = /custom_prefix`
             ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ; to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ; The %(here)s variable will be replaced with the absolute path of parent directory
             ; of this file
             ; Each option in the app:main can be override by an environmental variable
             ;
             ;To override an option:
             ;
             ;RC_<KeyName>
             ;Everything should be uppercase, . and - should be replaced by _.
             ;For example, if you have these configuration settings:
             ;rc_cache.repo_object.backend = foo
             ;can be overridden by
             ;export RC_CACHE_REPO_OBJECT_BACKEND=foo
             use = egg:rhodecode-enterprise-ce
             ; enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ; encryption key used to encrypt social plugin tokens,
             ; remote_urls with credentials etc, if not set it defaults to
             ; `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ; decryption strict mode (enabled by default). It controls if decryption raises
             ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ; fernet is safer, and we strongly recommend switching to it.
             ; Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ; Return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ; Auto-generate javascript routes file on startup
             generate_js_files = false
             ; System global default language.
             ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ; Perform a full repository scan and import on each server start.
             ; Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ; URL at which the application is running. This is used for Bootstrapping
             ; requests in context when no web request is available. Used in ishell, or
             ; SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ; Host at which the Service API is running.
             app.service_api.host = http://rhodecode.local:10020
             ; Secret for Service API authentication.
             app.service_api.token =
             ; Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ; Cut off limit for large diffs (size in bytes). If overall diff size on
             ; commit, or pull request exceeds this limit this diff will be displayed
             ; partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ; Cut off limit for large files inside diffs (size in bytes). Each individual
             ; file inside diff which exceeds this limit will be displayed partially.
             ;  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ; Use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
             force_https = false
             ; use Strict-Transport-Security headers
             use_htsts = false
             ; Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ; RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ; gist URL alias, used to create nicer urls for gist. This should be an
             ; url that does rewrites to _admin/gists/{gistid}.
             ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ; List of views (using glob pattern syntax) that AUTH TOKENS could be
             ; used for access.
             ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ; came from the the logged in user who own this authentication token.
             ; Additionally @TOKEN syntax can be used to bound the view to specific
             ; authentication token. Such view would be only accessible when used together
             ; with this authentication token
             ; list of all views can be found under `/_admin/permissions/auth_token_access`
             ; The list should be "," separated and on a single line.
             ; Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ; Default encoding used to convert from and to unicode
             ; can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ; instance-id prefix
             ; a prefix key for this instance used for cache invalidation when running
             ; multiple instances of RhodeCode, make sure it's globally unique for
             ; all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ; Fallback authentication plugin. Set this to a plugin ID to force the usage
             ; of an authentication plugin also if it is disabled by it's settings.
             ; This could be useful if you are unable to log in to the system due to broken
             ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ; module to log in again and fix the settings.
             ; Available builtin plugin IDs (hash is part of the ID):
             ; egg:rhodecode-enterprise-ce#rhodecode
             ; egg:rhodecode-enterprise-ce#pam
             ; egg:rhodecode-enterprise-ce#ldap
             ; egg:rhodecode-enterprise-ce#jasig_cas
             ; egg:rhodecode-enterprise-ce#headers
             ; egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
             ; Flag to control loading of legacy plugins in py:/path format
             auth_plugin.import_legacy_plugins = true
             ; alternative return HTTP header for failed authentication. Default HTTP
             ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ; handling that causing a series of failed authentication calls.
             ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ; This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ; use special detection method when serving auth_ret_code, instead of serving
             ; ret_code directly, use 401 initially (Which triggers credentials prompt)
             ; and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ; locking return code. When repository is locked return this HTTP code. 2XX
             ; codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ; Filesystem location were repositories should be stored
             repo_store.path = /var/opt/rhodecode_repo_store
             ; allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ; Generated license token required for EE edition license.
             ; New generated token value can be found in Admin > settings > license page.
             license_token =
             ; This flag hides sensitive information on the license page such as token, and license data
             license.hide_license_info = false
             ; supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ; supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = prod
             ; Display extended labs settings
             labs_settings_active = true
             ; Custom exception store path, defaults to TMPDIR
             ; This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ; Send email with exception details when it happens
             #exception_tracker.send_email = false
             ; Comma separated list of recipients for exception emails,
             ; e.g admin@rhodecode.com,devops@rhodecode.com
             ; Can be left empty, then emails will be sent to ALL super-admins
             #exception_tracker.send_email_recipients =
             ; optional prefix to Add to email Subject
             #exception_tracker.email_prefix = [RHODECODE ERROR]
             ; File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ; Storage backend, available options are: local
             file_store.backend = local
             ; path to store the uploaded binaries and artifacts
             file_store.storage_path = /var/opt/rhodecode_data/file_store
             ; Uncomment and set this path to control settings for archive download cache.
             ; Generated repo archives will be cached at this location
             ; and served from the cache during subsequent requests for the same archive of
             ; the repository. This path is important to be shared across filesystems and with
             ; RhodeCode and vcsserver
+            ; Redis url to acquire/check generation of archives locks
+            archive_cache.locking.url = redis://redis:6379/1
+            ; Storage backend, only 'filesystem' is available now
+            archive_cache.backend.type = filesystem
             ; Default is $cache_dir/archive_cache if not set
-            archive_cache.store_dir = /var/opt/rhodecode_data/tarballcache
+            archive_cache.filesystem.store_dir = /var/opt/rhodecode_data/archive_cache
             ; The limit in GB sets how much data we cache before recycling last used, defaults to 10 gb
-            archive_cache.cache_size_gb = 40
+            archive_cache.filesystem.cache_size_gb = 40
+            ; Eviction policy used to clear out after cache_size_gb limit is reached
+            archive_cache.filesystem.eviction_policy = least-recently-stored
             ; By default cache uses sharding technique, this specifies how many shards are there
-            archive_cache.cache_shards = 4
+            archive_cache.filesystem.cache_shards = 8
             ; #############
             ; CELERY CONFIG
             ; #############
             ; manually run celery: /path/to/celery worker --task-events --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = true
             ; path to store schedule database
             #celerybeat-schedule.path =
             ; connection url to the message broker (default redis)
             celery.broker_url = redis://redis:6379/8
             ; results backend to get results for (default redis)
             celery.result_backend = redis://redis:6379/8
             ; rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ; maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 20
             ; tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             ; #############
             ; DOGPILE CACHE
             ; #############
             ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
             ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
             cache_dir = /var/opt/rhodecode_data
             ; *********************************************
             ; `sql_cache_short` cache for heavy SQL queries
             ; Only supported backend is `memory_lru`
             ; *********************************************
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ; *****************************************************
             ; `cache_repo_longterm` cache for repo object instances
             ; Only supported backend is `memory_lru`
             ; *****************************************************
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ; by default we use 30 Days, cache is still invalidated on push
             rc_cache.cache_repo_longterm.expiration_time = 2592000
             ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
             rc_cache.cache_repo_longterm.max_size = 10000
             ; *********************************************
             ; `cache_general` cache for general purpose use
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *********************************************
             rc_cache.cache_general.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_general.expiration_time = 43200
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_general.arguments.filename = /tmp/cache_general_db
             ; alternative `cache_general` redis backend with distributed lock
             #rc_cache.cache_general.backend = dogpile.cache.rc.redis
             #rc_cache.cache_general.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_general.arguments.redis_expiration_time = 7200
             #rc_cache.cache_general.arguments.host = localhost
             #rc_cache.cache_general.arguments.port = 6379
             #rc_cache.cache_general.arguments.db = 0
             #rc_cache.cache_general.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_general.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_general.arguments.lock_auto_renewal = true
             ; *************************************************
             ; `cache_perms` cache for permission tree, auth TTL
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; *************************************************
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 3600
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms_db
             ; alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_perms.arguments.lock_auto_renewal = true
             ; ***************************************************
             ; `cache_repo` cache for file tree, Readme, RSS FEEDS
             ; for simplicity use rc.file_namespace backend,
             ; for performance and scale use rc.redis
             ; ***************************************************
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
             #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo_db
             ; alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ; redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ; auto-renew lock to prevent stale locks, slower but safer. Use only if problems happen
             #rc_cache.cache_repo.arguments.lock_auto_renewal = true
             ; ##############
             ; BEAKER SESSION
             ; ##############
             ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
             ; types are file, ext:redis, ext:database, ext:memcached
             ; Fastest ones are ext:redis and ext:database, DO NOT use memory type for session
             #beaker.session.type = file
             #beaker.session.data_dir = %(here)s/data/sessions
             ; Redis based sessions
             beaker.session.type = ext:redis
             beaker.session.url = redis://redis:6379/2
             ; DB based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
             beaker.session.lock_dir = /data_ramdisk/lock
             ; Secure encrypted cookie. Requires AES and AES python libraries
             ; you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ; Sets session as invalid (also logging out user) if it haven not been
             ; accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ; Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ; Set https secure cookie
             beaker.session.secure = false
             ; default cookie expiration time in seconds, set to `true` to set expire
             ; at browser close
             #beaker.session.cookie_expires = 3600
             ; #############################
             ; SEARCH INDEXING CONFIGURATION
             ; #############################
             ; Full text search indexer is available in rhodecode-tools under
             ; `rhodecode-tools index` command
             ; WHOOSH Backend, doesn't require additional services to run
             ; it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ; ####################
             ; CHANNELSTREAM CONFIG
             ; ####################
             ; channelstream enables persistent connections and live notification
             ; in the system. It's also used by the chat system
             channelstream.enabled = true
             ; server address for channelstream server on the backend
             channelstream.server = channelstream:9800
             ; location of the channelstream server from outside world
             ; use ws:// for http or wss:// for https. This address needs to be handled
             ; by external HTTP server such as Nginx or Apache
             ; see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = ENV_GENERATED
             channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
             ; Internal application path that Javascript uses to connect into.
             ; If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ; ##############################
             ; MAIN RHODECODE DATABASE CONFIG
             ; ##############################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             ; pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             ; see sqlalchemy docs for other advanced settings
             ; print the sql statements to output
             sqlalchemy.db1.echo = false
             ; recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ; the number of connections to keep open inside the connection pool.
             ; 0 indicates no limit
             ; the general calculus with gevent is:
             ; if your system allows 500 concurrent greenlets (max_connections) that all do database access,
             ; then increase pool size + max overflow so that they add up to 500.
             #sqlalchemy.db1.pool_size = 5
             ; The number of connections to allow in connection pool "overflow", that is
             ; connections that can be opened above and beyond the pool_size setting,
             ; which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ; Connection check ping, used to detect broken database connections
             ; could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ; ##########
             ; VCS CONFIG
             ; ##########
             vcs.server.enable = true
             vcs.server = vcsserver:10010
             ; Web server connectivity protocol, responsible for web based VCS operations
             ; Available protocols are:
             ; `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ; Push/Pull operations protocol, available options are:
             ; `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ; Push/Pull operations hooks protocol, available options are:
             ; `http` - use http-rpc backend (default)
             ; `celery` - use celery based hooks
             vcs.hooks.protocol = http
             ; Host on which this instance is listening for hooks. vcsserver will call this host to pull/push hooks so it should be
             ; accessible via network.
             ; Use vcs.hooks.host = "*" to bind to current hostname (for Docker)
             vcs.hooks.host = *
             ; Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ; List of enabled VCS backends, available options are:
             ; `hg`  - mercurial
             ; `git` - git
             ; `svn` - subversion
             vcs.backends = hg, git, svn
             ; Wait this number of seconds before killing connection to the vcsserver
             vcs.connection_timeout = 3600
             ; Cache flag to cache vcsserver remote calls locally
             ; It uses cache_region `cache_repo`
             vcs.methods.cache = true
             ; ####################################################
             ; Subversion proxy support (mod_dav_svn)
             ; Maps RhodeCode repo groups into SVN paths for Apache
             ; ####################################################
             ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ; Set a numeric version for your current SVN e.g 1.8, or 1.12
             ; Legacy available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = 1.8
             ; Enable SVN proxy of requests over HTTP
             vcs.svn.proxy.enabled = true
             ; host to connect to running SVN subsystem
             vcs.svn.proxy.host = http://svn:8090
             ; Enable or disable the config file generation.
             svn.proxy.generate_config = true
             ; Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ; Set location and file name of generated config file.
             svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
             ; alternative mod_dav config template. This needs to be a valid mako template
             ; Example template can be found in the source code:
             ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ; Used as a prefix to the `Location` block in the generated config file.
             ; In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ; Command to reload the mod dav svn configuration on change.
             ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ; Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ; If the timeout expires before the reload command finishes, the command will
             ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ; ####################
             ; SSH Support Settings
             ; ####################
             ; Defines if a custom authorized_keys file should be created and written on
             ; any change user ssh keys. Setting this to false also disables possibility
             ; of adding SSH keys by users from web interface. Super admins can still
             ; manage SSH Keys.
             ssh.generate_authorized_keyfile = true
             ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ; Path to the authorized_keys file where the generate entries are placed.
             ; It is possible to have multiple key files specified in `sshd_config` e.g.
             ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
             ; Command to execute the SSH wrapper. The binary is available in the
             ; RhodeCode installation directory.
             ; legacy: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; new rewrite: /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper-v2
             ssh.wrapper_cmd = /usr/local/bin/rhodecode_bin/bin/rc-ssh-wrapper
             ; Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ; Enables logging, and detailed output send back to the client during SSH
             ; operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ; Paths to binary executable, by default they are the names, but we can
             ; override them if we want to use a custom one
             ssh.executable.hg = /usr/local/bin/rhodecode_bin/vcs_bin/hg
             ssh.executable.git = /usr/local/bin/rhodecode_bin/vcs_bin/git
             ssh.executable.svn = /usr/local/bin/rhodecode_bin/vcs_bin/svnserve
             ; Enables SSH key generator web interface. Disabling this still allows users
             ; to add their own keys.
             ssh.enable_ui_key_generator = true
             ; Statsd client config, this is used to send metrics to statsd
             ; We recommend setting statsd_exported and scrape them using Prometheus
             #statsd.enabled = false
             #statsd.statsd_host = 0.0.0.0
             #statsd.statsd_port = 8125
             #statsd.statsd_prefix =
             #statsd.statsd_ipv6 = false
             ; configure logging automatically at server startup set to false
             ; to use the below custom logging config.
             ; RC_LOGGING_FORMATTER
             ; RC_LOGGING_LEVEL
             ; env variables can control the settings for logging in case of autoconfigure
             #logging.autoconfigure = true
             ; specify your own custom logging config file to configure logging
             #logging.logging_conf_file = /path/to/custom_logging.ini
             ; Dummy marker to add new entries after.
             ; Add any custom entries below. Please don't remove this marker.
             custom.conf = 1
             ; #####################
             ; LOGGING CONFIGURATION
             ; #####################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, json, color_formatter, color_formatter_sql
             ; #######
             ; LOGGERS
             ; #######
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ; ########
             ; HANDLERS
             ; ########
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = INFO
             ; To enable JSON formatted logs replace 'generic/color_formatter' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             [handler_console_sql]
             ; "level = DEBUG" logs SQL queries and results.
             ; "level = INFO" logs SQL queries.
             ; "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             ; To enable JSON formatted logs replace 'generic/color_formatter_sql' with 'json'
             ; This allows sending properly formatted logs to grafana loki or elasticsearch
             formatter = generic
             ; ##########
             ; FORMATTERS
             ; ##########
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_json]
             format = %(timestamp)s %(levelname)s %(name)s %(message)s %(req_id)s
             class = rhodecode.lib._vendor.jsonlogger.JsonFormatter

requirements.txt

0 0 -1

             # deps, generated via pipdeptree --exclude setuptools,wheel,pipdeptree,pip -f | tr '[:upper:]' '[:lower:]'
             alembic==1.13.1
               mako==1.2.4
                 markupsafe==2.1.2
               sqlalchemy==1.4.52
                 greenlet==3.0.3
               typing_extensions==4.9.0
             async-timeout==4.0.3
             babel==2.12.1
             beaker==1.12.1
             celery==5.3.6
               billiard==4.2.0
               click==8.1.3
               click-didyoumean==0.3.0
                 click==8.1.3
               click-plugins==1.1.1
                 click==8.1.3
               click-repl==0.2.0
                 click==8.1.3
                 prompt-toolkit==3.0.38
                   wcwidth==0.2.6
                 six==1.16.0
               kombu==5.3.5
                 amqp==5.2.0
                   vine==5.1.0
                 vine==5.1.0
               python-dateutil==2.8.2
                 six==1.16.0
               tzdata==2024.1
               vine==5.1.0
             channelstream==0.7.1
               gevent==24.2.1
                 greenlet==3.0.3
                 zope.event==5.0.0
                 zope.interface==6.3.0
               itsdangerous==1.1.0
               marshmallow==2.18.0
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
                 zope.interface==6.3.0
               pyramid-apispec==0.3.3
                 apispec==1.3.3
               pyramid-jinja2==2.10
                 jinja2==3.1.2
                   markupsafe==2.1.2
                 markupsafe==2.1.2
                 pyramid==2.0.2
                   hupper==1.12
                   plaster==1.1.2
                   plaster-pastedeploy==1.0.1
                     pastedeploy==3.1.0
                     plaster==1.1.2
                   translationstring==1.4
                   venusian==3.0.0
                   webob==1.8.7
                   zope.deprecation==5.0.0
                   zope.interface==6.3.0
                 zope.deprecation==5.0.0
               python-dateutil==2.8.2
                 six==1.16.0
               requests==2.28.2
                 certifi==2022.12.7
                 charset-normalizer==3.1.0
                 idna==3.4
                 urllib3==1.26.14
               ws4py==0.5.1
             deform==2.0.15
               chameleon==3.10.2
               colander==2.0
                 iso8601==1.1.0
                 translationstring==1.4
               iso8601==1.1.0
               peppercorn==0.6
               translationstring==1.4
               zope.deprecation==5.0.0
-            diskcache==5.6.3
             docutils==0.19
             dogpile.cache==1.3.3
               decorator==5.1.1
               stevedore==5.1.0
                 pbr==5.11.1
             formencode==2.1.0
               six==1.16.0
             gunicorn==21.2.0
               packaging==24.0
             gevent==24.2.1
               greenlet==3.0.3
               zope.event==5.0.0
               zope.interface==6.3.0
             ipython==8.14.0
               backcall==0.2.0
               decorator==5.1.1
               jedi==0.19.0
                 parso==0.8.3
               matplotlib-inline==0.1.6
                 traitlets==5.9.0
               pexpect==4.8.0
                 ptyprocess==0.7.0
               pickleshare==0.7.5
               prompt-toolkit==3.0.38
                 wcwidth==0.2.6
               pygments==2.15.1
               stack-data==0.6.2
                 asttokens==2.2.1
                   six==1.16.0
                 executing==1.2.0
                 pure-eval==0.2.2
               traitlets==5.9.0
             markdown==3.4.3
             msgpack==1.0.8
             mysqlclient==2.1.1
             nbconvert==7.7.3
               beautifulsoup4==4.12.3
                 soupsieve==2.5
               bleach==6.1.0
                 six==1.16.0
                 webencodings==0.5.1
               defusedxml==0.7.1
               jinja2==3.1.2
                 markupsafe==2.1.2
               jupyter_core==5.3.1
                 platformdirs==3.10.0
                 traitlets==5.9.0
               jupyterlab-pygments==0.2.2
               markupsafe==2.1.2
               mistune==2.0.5
               nbclient==0.8.0
                 jupyter_client==8.3.0
                   jupyter_core==5.3.1
                     platformdirs==3.10.0
                     traitlets==5.9.0
                   python-dateutil==2.8.2
                     six==1.16.0
                   pyzmq==25.0.0
                   tornado==6.2
                   traitlets==5.9.0
                 jupyter_core==5.3.1
                   platformdirs==3.10.0
                   traitlets==5.9.0
                 nbformat==5.9.2
                   fastjsonschema==2.18.0
                   jsonschema==4.18.6
                     attrs==22.2.0
                     pyrsistent==0.19.3
                   jupyter_core==5.3.1
                     platformdirs==3.10.0
                     traitlets==5.9.0
                   traitlets==5.9.0
                 traitlets==5.9.0
               nbformat==5.9.2
                 fastjsonschema==2.18.0
                 jsonschema==4.18.6
                   attrs==22.2.0
                   pyrsistent==0.19.3
                 jupyter_core==5.3.1
                   platformdirs==3.10.0
                   traitlets==5.9.0
                 traitlets==5.9.0
               pandocfilters==1.5.0
               pygments==2.15.1
               tinycss2==1.2.1
                 webencodings==0.5.1
               traitlets==5.9.0
             orjson==3.10.3
             paste==3.10.1
             premailer==3.10.0
               cachetools==5.3.3
               cssselect==1.2.0
               cssutils==2.6.0
               lxml==4.9.3
               requests==2.28.2
                 certifi==2022.12.7
                 charset-normalizer==3.1.0
                 idna==3.4
                 urllib3==1.26.14
             psutil==5.9.8
             psycopg2==2.9.9
             py-bcrypt==0.4
             pycmarkgfm==1.2.0
               cffi==1.16.0
                 pycparser==2.21
             pycryptodome==3.17
             pycurl==7.45.3
             pymysql==1.0.3
             pyotp==2.8.0
             pyparsing==3.1.1
             pyramid-debugtoolbar==4.12.1
               pygments==2.15.1
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
                 zope.interface==6.3.0
               pyramid-mako==1.1.0
                 mako==1.2.4
                   markupsafe==2.1.2
                 pyramid==2.0.2
                   hupper==1.12
                   plaster==1.1.2
                   plaster-pastedeploy==1.0.1
                     pastedeploy==3.1.0
                     plaster==1.1.2
                   translationstring==1.4
                   venusian==3.0.0
                   webob==1.8.7
                   zope.deprecation==5.0.0
                   zope.interface==6.3.0
             pyramid-mailer==0.15.1
               pyramid==2.0.2
                 hupper==1.12
                 plaster==1.1.2
                 plaster-pastedeploy==1.0.1
                   pastedeploy==3.1.0
                   plaster==1.1.2
                 translationstring==1.4
                 venusian==3.0.0
                 webob==1.8.7
                 zope.deprecation==5.0.0
                 zope.interface==6.3.0
               repoze.sendmail==4.4.1
                 transaction==3.1.0
                   zope.interface==6.3.0
                 zope.interface==6.3.0
               transaction==3.1.0
                 zope.interface==6.3.0
             python-ldap==3.4.3
               pyasn1==0.4.8
               pyasn1-modules==0.2.8
                 pyasn1==0.4.8
             python-memcached==1.59
               six==1.16.0
             python-pam==2.0.2
             python3-saml==1.15.0
               isodate==0.6.1
                 six==1.16.0
               lxml==4.9.3
               xmlsec==1.3.13
                 lxml==4.9.3
             pyyaml==6.0.1
             redis==5.0.4
               async-timeout==4.0.3
             regex==2022.10.31
             routes==2.5.1
               repoze.lru==0.7
               six==1.16.0
             simplejson==3.19.2
             sshpubkeys==3.3.1
               cryptography==40.0.2
                 cffi==1.16.0
                   pycparser==2.21
               ecdsa==0.18.0
                 six==1.16.0
             sqlalchemy==1.4.52
               greenlet==3.0.3
               typing_extensions==4.9.0
             supervisor==4.2.5
             tzlocal==4.3
               pytz-deprecation-shim==0.1.0.post0
                 tzdata==2024.1
             tempita==0.5.2
             unidecode==1.3.6
             urlobject==2.4.3
             waitress==3.0.0
             webhelpers2==2.1
               markupsafe==2.1.2
               six==1.16.0
             whoosh==2.7.4
             zope.cachedescriptors==5.0.0
             qrcode==7.4.2
             ## uncomment to add the debug libraries
             #-r requirements_debug.txt

rhodecode/apps/repository/views/repo_files.py

0 +38 -31

             # Copyright (C) 2011-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import itertools
             import logging
             import os
             import collections
             import urllib.request
             import urllib.parse
             import urllib.error
             import pathlib
+            import time
+            import random
             from pyramid.httpexceptions import HTTPNotFound, HTTPBadRequest, HTTPFound
             from pyramid.renderers import render
             from pyramid.response import Response
             import rhodecode
             from rhodecode.apps._base import RepoAppView
             from rhodecode.lib import diffs, helpers as h, rc_cache
             from rhodecode.lib import audit_logger
             from rhodecode.lib.hash_utils import sha1_safe
-            from rhodecode.lib.rc_cache.archive_cache import get_archival_cache_store, get_archival_config, ReentrantLock
+            from rhodecode.lib.rc_cache.archive_cache import (
+                get_archival_cache_store, get_archival_config, ArchiveCacheLock, archive_iterator)
             from rhodecode.lib.str_utils import safe_bytes, convert_special_chars
             from rhodecode.lib.view_utils import parse_path_ref
             from rhodecode.lib.exceptions import NonRelativePathError
             from rhodecode.lib.codeblocks import (
                 filenode_as_lines_tokens, filenode_as_annotated_lines_tokens)
             from rhodecode.lib.utils2 import convert_line_endings, detect_mode
             from rhodecode.lib.type_utils import str2bool
             from rhodecode.lib.str_utils import safe_str, safe_int
             from rhodecode.lib.auth import (
                 LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
             from rhodecode.lib.vcs import path as vcspath
             from rhodecode.lib.vcs.backends.base import EmptyCommit
             from rhodecode.lib.vcs.conf import settings
             from rhodecode.lib.vcs.nodes import FileNode
             from rhodecode.lib.vcs.exceptions import (
                 RepositoryError, CommitDoesNotExistError, EmptyRepositoryError,
                 ImproperArchiveTypeError, VCSError, NodeAlreadyExistsError,
                 NodeDoesNotExistError, CommitError, NodeError)
             from rhodecode.model.scm import ScmModel
             from rhodecode.model.db import Repository
             log = logging.getLogger(__name__)
             def get_archive_name(db_repo_id, db_repo_name, commit_sha, ext, subrepos=False, path_sha='', with_hash=True):
                 # original backward compat name of archive
                 clean_name = safe_str(convert_special_chars(db_repo_name).replace('/', '_'))
                 # e.g vcsserver-id-abcd-sub-1-abcfdef-archive-all.zip
                 # vcsserver-id-abcd-sub-0-abcfdef-COMMIT_SHA-PATH_SHA.zip
                 id_sha = sha1_safe(str(db_repo_id))[:4]
                 sub_repo = 'sub-1' if subrepos else 'sub-0'
                 commit = commit_sha if with_hash else 'archive'
                 path_marker = (path_sha if with_hash else '') or 'all'
                 archive_name = f'{clean_name}-id-{id_sha}-{sub_repo}-{commit}-{path_marker}{ext}'
                 return archive_name
             def get_path_sha(at_path):
                 return safe_str(sha1_safe(at_path)[:8])
             def _get_archive_spec(fname):
                 log.debug('Detecting archive spec for: `%s`', fname)
                 fileformat = None
                 ext = None
                 content_type = None
                 for a_type, content_type, extension in settings.ARCHIVE_SPECS:
                     if fname.endswith(extension):
                         fileformat = a_type
                         log.debug('archive is of type: %s', fileformat)
                         ext = extension
                         break
                 if not fileformat:
                     raise ValueError()
                 # left over part of whole fname is the commit
                 commit_id = fname[:-len(ext)]
                 return commit_id, ext, fileformat, content_type
             class RepoFilesView(RepoAppView):
                 @staticmethod
                 def adjust_file_path_for_svn(f_path, repo):
                     """
                     Computes the relative path of `f_path`.
                     This is mainly based on prefix matching of the recognized tags and
                     branches in the underlying repository.
                     """
                     tags_and_branches = itertools.chain(
                         repo.branches.keys(),
                         repo.tags.keys())
                     tags_and_branches = sorted(tags_and_branches, key=len, reverse=True)
                     for name in tags_and_branches:
                         if f_path.startswith(f'{name}/'):
                             f_path = vcspath.relpath(f_path, name)
                             break
                     return f_path
                 def load_default_context(self):
                     c = self._get_local_tmpl_context(include_app_defaults=True)
                     c.rhodecode_repo = self.rhodecode_vcs_repo
                     c.enable_downloads = self.db_repo.enable_downloads
                     return c
                 def _ensure_not_locked(self, commit_id='tip'):
                     _ = self.request.translate
                     repo = self.db_repo
                     if repo.enable_locking and repo.locked[0]:
                         h.flash(_('This repository has been locked by %s on %s')
                                 % (h.person_by_id(repo.locked[0]),
                                 h.format_date(h.time_to_datetime(repo.locked[1]))),
                                 'warning')
                         files_url = h.route_path(
                             'repo_files:default_path',
                             repo_name=self.db_repo_name, commit_id=commit_id)
                         raise HTTPFound(files_url)
                 def forbid_non_head(self, is_head, f_path, commit_id='tip', json_mode=False):
                     _ = self.request.translate
                     if not is_head:
                         message = _('Cannot modify file. '
                                     'Given commit `{}` is not head of a branch.').format(commit_id)
                         h.flash(message, category='warning')
                         if json_mode:
                             return message
                         files_url = h.route_path(
                             'repo_files', repo_name=self.db_repo_name, commit_id=commit_id,
                             f_path=f_path)
                         raise HTTPFound(files_url)
                 def check_branch_permission(self, branch_name, commit_id='tip', json_mode=False):
                     _ = self.request.translate
                     rule, branch_perm = self._rhodecode_user.get_rule_and_branch_permission(
                         self.db_repo_name, branch_name)
                     if branch_perm and branch_perm not in ['branch.push', 'branch.push_force']:
                         message = _('Branch `{}` changes forbidden by rule {}.').format(
                             h.escape(branch_name), h.escape(rule))
                         h.flash(message, 'warning')
                         if json_mode:
                             return message
                         files_url = h.route_path(
                             'repo_files:default_path', repo_name=self.db_repo_name, commit_id=commit_id)
                         raise HTTPFound(files_url)
                 def _get_commit_and_path(self):
                     default_commit_id = self.db_repo.landing_ref_name
                     default_f_path = '/'
                     commit_id = self.request.matchdict.get(
                         'commit_id', default_commit_id)
                     f_path = self._get_f_path(self.request.matchdict, default_f_path)
                     return commit_id, f_path
                 def _get_default_encoding(self, c):
                     enc_list = getattr(c, 'default_encodings', [])
                     return enc_list[0] if enc_list else 'UTF-8'
                 def _get_commit_or_redirect(self, commit_id, redirect_after=True):
                     """
                     This is a safe way to get commit. If an error occurs it redirects to
                     tip with proper message
                     :param commit_id: id of commit to fetch
                     :param redirect_after: toggle redirection
                     """
                     _ = self.request.translate
                     try:
                         return self.rhodecode_vcs_repo.get_commit(commit_id)
                     except EmptyRepositoryError:
                         if not redirect_after:
                             return None
                         add_new = upload_new = ""
                         if h.HasRepoPermissionAny(
                                 'repository.write', 'repository.admin')(self.db_repo_name):
                             _url = h.route_path(
                                 'repo_files_add_file',
                                 repo_name=self.db_repo_name, commit_id=0, f_path='')
                             add_new = h.link_to(
                                 _('add a new file'), _url, class_="alert-link")
                             _url_upld = h.route_path(
                                 'repo_files_upload_file',
                                 repo_name=self.db_repo_name, commit_id=0, f_path='')
                             upload_new = h.link_to(
                                 _('upload a new file'), _url_upld, class_="alert-link")
                         h.flash(h.literal(
                             _('There are no files yet. Click here to %s or %s.') % (add_new, upload_new)), category='warning')
                         raise HTTPFound(
                             h.route_path('repo_summary', repo_name=self.db_repo_name))
                     except (CommitDoesNotExistError, LookupError) as e:
                         msg = _('No such commit exists for this repository. Commit: {}').format(commit_id)
                         h.flash(msg, category='error')
                         raise HTTPNotFound()
                     except RepositoryError as e:
                         h.flash(h.escape(safe_str(e)), category='error')
                         raise HTTPNotFound()
                 def _get_filenode_or_redirect(self, commit_obj, path, pre_load=None):
                     """
                     Returns file_node, if error occurs or given path is directory,
                     it'll redirect to top level path
                     """
                     _ = self.request.translate
                     try:
                         file_node = commit_obj.get_node(path, pre_load=pre_load)
                         if file_node.is_dir():
                             raise RepositoryError('The given path is a directory')
                     except CommitDoesNotExistError:
                         log.exception('No such commit exists for this repository')
                         h.flash(_('No such commit exists for this repository'), category='error')
                         raise HTTPNotFound()
                     except RepositoryError as e:
                         log.warning('Repository error while fetching filenode `%s`. Err:%s', path, e)
                         h.flash(h.escape(safe_str(e)), category='error')
                         raise HTTPNotFound()
                     return file_node
                 def _is_valid_head(self, commit_id, repo, landing_ref):
                     branch_name = sha_commit_id = ''
                     is_head = False
                     log.debug('Checking if commit_id `%s` is a head for %s.', commit_id, repo)
                     for _branch_name, branch_commit_id in repo.branches.items():
                         # simple case we pass in branch name, it's a HEAD
                         if commit_id == _branch_name:
                             is_head = True
                             branch_name = _branch_name
                             sha_commit_id = branch_commit_id
                             break
                         # case when we pass in full sha commit_id, which is a head
                         elif commit_id == branch_commit_id:
                             is_head = True
                             branch_name = _branch_name
                             sha_commit_id = branch_commit_id
                             break
                     if h.is_svn(repo) and not repo.is_empty():
                         # Note: Subversion only has one head.
                         if commit_id == repo.get_commit(commit_idx=-1).raw_id:
                             is_head = True
                             return branch_name, sha_commit_id, is_head
                     # checked branches, means we only need to try to get the branch/commit_sha
                     if repo.is_empty():
                         is_head = True
                         branch_name = landing_ref
                         sha_commit_id = EmptyCommit().raw_id
                     else:
                         commit = repo.get_commit(commit_id=commit_id)
                         if commit:
                             branch_name = commit.branch
                             sha_commit_id = commit.raw_id
                     return branch_name, sha_commit_id, is_head
                 def _get_tree_at_commit(self, c, commit_id, f_path, full_load=False, at_rev=None):
                     repo_id = self.db_repo.repo_id
                     force_recache = self.get_recache_flag()
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = not force_recache and cache_seconds > 0
                     log.debug(
                         'Computing FILE TREE for repo_id %s commit_id `%s` and path `%s`'
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, f_path, cache_on, cache_seconds or 0))
                     cache_namespace_uid = f'repo.{rc_cache.FILE_TREE_CACHE_VER}.{repo_id}'
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid, condition=cache_on)
                     def compute_file_tree(_name_hash, _repo_id, _commit_id, _f_path, _full_load, _at_rev):
                         log.debug('Generating cached file tree at for repo_id: %s, %s, %s',
                                   _repo_id, _commit_id, _f_path)
                         c.full_load = _full_load
                         return render(
                             'rhodecode:templates/files/files_browser_tree.mako',
                             self._get_template_context(c), self.request, _at_rev)
                     return compute_file_tree(
                         self.db_repo.repo_name_hash, self.db_repo.repo_id, commit_id, f_path, full_load, at_rev)
                 def create_pure_path(self, *parts):
                     # Split paths and sanitize them, removing any ../ etc
                     sanitized_path = [
                         x for x in pathlib.PurePath(*parts).parts
                         if x not in ['.', '..']]
                     pure_path = pathlib.PurePath(*sanitized_path)
                     return pure_path
                 def _is_lf_enabled(self, target_repo):
                     lf_enabled = False
                     lf_key_for_vcs_map = {
                         'hg': 'extensions_largefiles',
                         'git': 'vcs_git_lfs_enabled'
                     }
                     lf_key_for_vcs = lf_key_for_vcs_map.get(target_repo.repo_type)
                     if lf_key_for_vcs:
                         lf_enabled = self._get_repo_setting(target_repo, lf_key_for_vcs)
                     return lf_enabled
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_archivefile(self):
                     # archive cache config
                     from rhodecode import CONFIG
                     _ = self.request.translate
                     self.load_default_context()
                     default_at_path = '/'
                     fname = self.request.matchdict['fname']
                     subrepos = self.request.GET.get('subrepos') == 'true'
                     with_hash = str2bool(self.request.GET.get('with_hash', '1'))
                     at_path = self.request.GET.get('at_path') or default_at_path
                     if not self.db_repo.enable_downloads:
                         return Response(_('Downloads disabled'))
                     try:
                         commit_id, ext, fileformat, content_type = \
                             _get_archive_spec(fname)
                     except ValueError:
                         return Response(_('Unknown archive type for: `{}`').format(
                             h.escape(fname)))
                     try:
                         commit = self.rhodecode_vcs_repo.get_commit(commit_id)
                     except CommitDoesNotExistError:
                         return Response(_('Unknown commit_id {}').format(
                             h.escape(commit_id)))
                     except EmptyRepositoryError:
                         return Response(_('Empty repository'))
                     # we used a ref, or a shorter version, lets redirect client ot use explicit hash
                     if commit_id != commit.raw_id:
                         fname=f'{commit.raw_id}{ext}'
                         raise HTTPFound(self.request.current_route_path(fname=fname))
                     try:
                         at_path = commit.get_node(at_path).path or default_at_path
                     except Exception:
                         return Response(_('No node at path {} for this repository').format(h.escape(at_path)))
                     path_sha = get_path_sha(at_path)
                     # used for cache etc, consistent unique archive name
                     archive_name_key = get_archive_name(
                         self.db_repo.repo_id, self.db_repo_name, commit_sha=commit.short_id, ext=ext, subrepos=subrepos,
                         path_sha=path_sha, with_hash=True)
                     if not with_hash:
                         path_sha = ''
                     # what end client gets served
                     response_archive_name = get_archive_name(
                         self.db_repo.repo_id, self.db_repo_name, commit_sha=commit.short_id, ext=ext, subrepos=subrepos,
                         path_sha=path_sha, with_hash=with_hash)
                     # remove extension from our archive directory name
                     archive_dir_name = response_archive_name[:-len(ext)]
                     archive_cache_disable = self.request.GET.get('no_cache')
                     d_cache = get_archival_cache_store(config=CONFIG)
                     # NOTE: we get the config to pass to a call to lazy-init the SAME type of cache on vcsserver
                     d_cache_conf = get_archival_config(config=CONFIG)
+                    # This is also a cache key, and lock key
                     reentrant_lock_key = archive_name_key + '.lock'
-                    with ReentrantLock(d_cache, reentrant_lock_key):
-                        # This is also a cache key
+                    use_cached_archive = False
-                        use_cached_archive = False
+                    if not archive_cache_disable and archive_name_key in d_cache:
-                        if not archive_cache_disable and archive_name_key in d_cache:
+                        reader, metadata = d_cache.fetch(archive_name_key)
-                            reader, tag = d_cache.get(archive_name_key, read=True, tag=True, retry=True)
-                            use_cached_archive = True
-                            log.debug('Found cached archive as key=%s tag=%s, serving archive from cache reader=%s',
-                                      archive_name_key, tag, reader.name)
-                        else:
-                            reader = None
-                            log.debug('Archive with key=%s is not yet cached, creating one now...', archive_name_key)
-                        # generate new archive, as previous was not found in the cache
+                        use_cached_archive = True
-                        if not reader:
+                        log.debug('Found cached archive as key=%s tag=%s, serving archive from cache reader=%s',
+                                  archive_name_key, metadata, reader.name)
-                            try:
+                    else:
-                                commit.archive_repo(archive_name_key, archive_dir_name=archive_dir_name,
+                        reader = None
-                                                    kind=fileformat, subrepos=subrepos,
+                        log.debug('Archive with key=%s is not yet cached, creating one now...', archive_name_key)
-                                                    archive_at_path=at_path, cache_config=d_cache_conf)
-                            except ImproperArchiveTypeError:
-                                return _('Unknown archive type')
-                        reader, tag = d_cache.get(archive_name_key, read=True, tag=True, retry=True)
                     if not reader:
-                        raise ValueError('archive cache reader is empty, failed to fetch file from distributed archive cache')
+                        # generate new archive, as previous was not found in the cache
+                        try:
+                            with d_cache.get_lock(reentrant_lock_key):
+                                try:
+                                    commit.archive_repo(archive_name_key, archive_dir_name=archive_dir_name,
+                                                        kind=fileformat, subrepos=subrepos,
+                                                        archive_at_path=at_path, cache_config=d_cache_conf)
+                                except ImproperArchiveTypeError:
+                                    return _('Unknown archive type')
+                        except ArchiveCacheLock:
+                            retry_after = round(random.uniform(0.3, 3.0), 1)
+                            time.sleep(retry_after)
-                    def archive_iterator(_reader, block_size: int = 4096*512):
+                            location = self.request.url
-                        # 4096 * 64 = 64KB
+                            response = Response(
-                        while 1:
+                                f"archive {archive_name_key} generation in progress, Retry-After={retry_after}, Location={location}"
-                            data = _reader.read(block_size)
-                            if not data:
+                            response.headers["Retry-After"] = str(retry_after)
-                                break
+                            response.status_code = 307 # temporary redirect
-                            yield data
+                            response.location = location
+                            return response
+                        reader, metadata = d_cache.fetch(archive_name_key)
                     response = Response(app_iter=archive_iterator(reader))
                     response.content_disposition = f'attachment; filename={response_archive_name}'
                     response.content_type = str(content_type)
                     try:
                         return response
                     finally:
                         # store download action
                         audit_logger.store_web(
                             'repo.archive.download', action_data={
                                 'user_agent': self.request.user_agent,
                                 'archive_name': archive_name_key,
                                 'archive_spec': fname,
                                 'archive_cached': use_cached_archive},
                             user=self._rhodecode_user,
                             repo=self.db_repo,
                             commit=True
                         )
                 def _get_file_node(self, commit_id, f_path):
                     if commit_id not in ['', None, 'None', '0' * 12, '0' * 40]:
                         commit = self.rhodecode_vcs_repo.get_commit(commit_id=commit_id)
                         try:
                             node = commit.get_node(f_path)
                             if node.is_dir():
                                 raise NodeError(f'{node} path is a {type(node)} not a file')
                         except NodeDoesNotExistError:
                             commit = EmptyCommit(
                                 commit_id=commit_id,
                                 idx=commit.idx,
                                 repo=commit.repository,
                                 alias=commit.repository.alias,
                                 message=commit.message,
                                 author=commit.author,
                                 date=commit.date)
                             node = FileNode(safe_bytes(f_path), b'', commit=commit)
                     else:
                         commit = EmptyCommit(
                             repo=self.rhodecode_vcs_repo,
                             alias=self.rhodecode_vcs_repo.alias)
                         node = FileNode(safe_bytes(f_path), b'', commit=commit)
                     return node
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files_diff(self):
                     c = self.load_default_context()
                     f_path = self._get_f_path(self.request.matchdict)
                     diff1 = self.request.GET.get('diff1', '')
                     diff2 = self.request.GET.get('diff2', '')
                     path1, diff1 = parse_path_ref(diff1, default_path=f_path)
                     ignore_whitespace = str2bool(self.request.GET.get('ignorews'))
                     line_context = self.request.GET.get('context', 3)
                     if not any((diff1, diff2)):
                         h.flash(
                             'Need query parameter "diff1" or "diff2" to generate a diff.',
                             category='error')
                         raise HTTPBadRequest()
                     c.action = self.request.GET.get('diff')
                     if c.action not in ['download', 'raw']:
                         compare_url = h.route_path(
                             'repo_compare',
                             repo_name=self.db_repo_name,
                             source_ref_type='rev',
                             source_ref=diff1,
                             target_repo=self.db_repo_name,
                             target_ref_type='rev',
                             target_ref=diff2,
                             _query=dict(f_path=f_path))
                         # redirect to new view if we render diff
                         raise HTTPFound(compare_url)
                     try:
                         node1 = self._get_file_node(diff1, path1)
                         node2 = self._get_file_node(diff2, f_path)
                     except (RepositoryError, NodeError):
                         log.exception("Exception while trying to get node from repository")
                         raise HTTPFound(
                             h.route_path('repo_files', repo_name=self.db_repo_name,
                                          commit_id='tip', f_path=f_path))
                     if all(isinstance(node.commit, EmptyCommit)
                            for node in (node1, node2)):
                         raise HTTPNotFound()
                     c.commit_1 = node1.commit
                     c.commit_2 = node2.commit
                     if c.action == 'download':
                         _diff = diffs.get_gitdiff(node1, node2,
                                                   ignore_whitespace=ignore_whitespace,
                                                   context=line_context)
                         # NOTE: this was using diff_format='gitdiff'
                         diff = diffs.DiffProcessor(_diff, diff_format='newdiff')
                         response = Response(self.path_filter.get_raw_patch(diff))
                         response.content_type = 'text/plain'
                         response.content_disposition = (
                             f'attachment; filename={f_path}_{diff1}_vs_{diff2}.diff'
                         )
                         charset = self._get_default_encoding(c)
                         if charset:
                             response.charset = charset
                         return response
                     elif c.action == 'raw':
                         _diff = diffs.get_gitdiff(node1, node2,
                                                   ignore_whitespace=ignore_whitespace,
                                                   context=line_context)
                         # NOTE: this was using diff_format='gitdiff'
                         diff = diffs.DiffProcessor(_diff, diff_format='newdiff')
                         response = Response(self.path_filter.get_raw_patch(diff))
                         response.content_type = 'text/plain'
                         charset = self._get_default_encoding(c)
                         if charset:
                             response.charset = charset
                         return response
                     # in case we ever end up here
                     raise HTTPNotFound()
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files_diff_2way_redirect(self):
                     """
                     Kept only to make OLD links work
                     """
                     f_path = self._get_f_path_unchecked(self.request.matchdict)
                     diff1 = self.request.GET.get('diff1', '')
                     diff2 = self.request.GET.get('diff2', '')
                     if not any((diff1, diff2)):
                         h.flash(
                             'Need query parameter "diff1" or "diff2" to generate a diff.',
                             category='error')
                         raise HTTPBadRequest()
                     compare_url = h.route_path(
                         'repo_compare',
                         repo_name=self.db_repo_name,
                         source_ref_type='rev',
                         source_ref=diff1,
                         target_ref_type='rev',
                         target_ref=diff2,
                         _query=dict(f_path=f_path, diffmode='sideside',
                                     target_repo=self.db_repo_name,))
                     raise HTTPFound(compare_url)
                 @LoginRequired()
                 def repo_files_default_commit_redirect(self):
                     """
                     Special page that redirects to the landing page of files based on the default
                     commit for repository
                     """
                     c = self.load_default_context()
                     ref_name = c.rhodecode_db_repo.landing_ref_name
                     landing_url = h.repo_files_by_ref_url(
                         c.rhodecode_db_repo.repo_name,
                         c.rhodecode_db_repo.repo_type,
                         f_path='',
                         ref_name=ref_name,
                         commit_id='tip',
                         query=dict(at=ref_name)
                     )
                     raise HTTPFound(landing_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files(self):
                     c = self.load_default_context()
                     view_name = getattr(self.request.matched_route, 'name', None)
                     c.annotate = view_name == 'repo_files:annotated'
                     # default is false, but .rst/.md files later are auto rendered, we can
                     # overwrite auto rendering by setting this GET flag
                     c.renderer = view_name == 'repo_files:rendered' or not self.request.GET.get('no-render', False)
                     commit_id, f_path = self._get_commit_and_path()
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.branch = self.request.GET.get('branch', None)
                     c.f_path = f_path
                     at_rev = self.request.GET.get('at')
                     # files or dirs
                     try:
                         c.file = c.commit.get_node(f_path, pre_load=['is_binary', 'size', 'data'])
                         c.file_author = True
                         c.file_tree = ''
                         # prev link
                         try:
                             prev_commit = c.commit.prev(c.branch)
                             c.prev_commit = prev_commit
                             c.url_prev = h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id=prev_commit.raw_id, f_path=f_path)
                             if c.branch:
                                 c.url_prev += '?branch=%s' % c.branch
                         except (CommitDoesNotExistError, VCSError):
                             c.url_prev = '#'
                             c.prev_commit = EmptyCommit()
                         # next link
                         try:
                             next_commit = c.commit.next(c.branch)
                             c.next_commit = next_commit
                             c.url_next = h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id=next_commit.raw_id, f_path=f_path)
                             if c.branch:
                                 c.url_next += '?branch=%s' % c.branch
                         except (CommitDoesNotExistError, VCSError):
                             c.url_next = '#'
                             c.next_commit = EmptyCommit()
                         # load file content
                         if c.file.is_file():
                             c.lf_node = {}
                             has_lf_enabled = self._is_lf_enabled(self.db_repo)
                             if has_lf_enabled:
                                 c.lf_node = c.file.get_largefile_node()
                             c.file_source_page = 'true'
                             c.file_last_commit = c.file.last_commit
                             c.file_size_too_big = c.file.size > c.visual.cut_off_limit_file
                             if not (c.file_size_too_big or c.file.is_binary):
                                 if c.annotate:  # annotation has precedence over renderer
                                     c.annotated_lines = filenode_as_annotated_lines_tokens(
                                         c.file
                                     )
                                 else:
                                     c.renderer = (
                                         c.renderer and h.renderer_from_filename(c.file.path)
                                     )
                                     if not c.renderer:
                                         c.lines = filenode_as_lines_tokens(c.file)
                             _branch_name, _sha_commit_id, is_head = \
                                 self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                     landing_ref=self.db_repo.landing_ref_name)
                             c.on_branch_head = is_head
                             branch = c.commit.branch if (
                                 c.commit.branch and '/' not in c.commit.branch) else None
                             c.branch_or_raw_id = branch or c.commit.raw_id
                             c.branch_name = c.commit.branch or h.short_id(c.commit.raw_id)
                             author = c.file_last_commit.author
                             c.authors = [[
                                 h.email(author),
                                 h.person(author, 'username_or_name_or_email'),
                             ]]
                         else:  # load tree content at path
                             c.file_source_page = 'false'
                             c.authors = []
                             # this loads a simple tree without metadata to speed things up
                             # later via ajax we call repo_nodetree_full and fetch whole
                             c.file_tree = self._get_tree_at_commit(c, c.commit.raw_id, f_path, at_rev=at_rev)
                             c.readme_data, c.readme_file = \
                                 self._get_readme_data(self.db_repo, c.visual.default_renderer,
                                                       c.commit.raw_id, f_path)
                     except RepositoryError as e:
                         h.flash(h.escape(safe_str(e)), category='error')
                         raise HTTPNotFound()
                     if self.request.environ.get('HTTP_X_PJAX'):
                         html = render('rhodecode:templates/files/files_pjax.mako',
                                       self._get_template_context(c), self.request)
                     else:
                         html = render('rhodecode:templates/files/files.mako',
                                       self._get_template_context(c), self.request)
                     return Response(html)
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_files_annotated_previous(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     prev_commit_id = commit.raw_id
                     line_anchor = self.request.GET.get('line_anchor')
                     is_file = False
                     try:
                         _file = commit.get_node(f_path)
                         is_file = _file.is_file()
                     except (NodeDoesNotExistError, CommitDoesNotExistError, VCSError):
                         pass
                     if is_file:
                         history = commit.get_path_history(f_path)
                         prev_commit_id = history[1].raw_id \
                             if len(history) > 1 else prev_commit_id
                     prev_url = h.route_path(
                         'repo_files:annotated', repo_name=self.db_repo_name,
                         commit_id=prev_commit_id, f_path=f_path,
                         _anchor=f'L{line_anchor}')
                     raise HTTPFound(prev_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_nodetree_full(self):
                     """
                     Returns rendered html of file tree that contains commit date,
                     author, commit_id for the specified combination of
                     repo, commit_id and file path
                     """
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     try:
                         dir_node = commit.get_node(f_path)
                     except RepositoryError as e:
                         return Response(f'error: {h.escape(safe_str(e))}')
                     if dir_node.is_file():
                         return Response('')
                     c.file = dir_node
                     c.commit = commit
                     at_rev = self.request.GET.get('at')
                     html = self._get_tree_at_commit(
                         c, commit.raw_id, dir_node.path, full_load=True, at_rev=at_rev)
                     return Response(html)
                 def _get_attachement_headers(self, f_path):
                     f_name = safe_str(f_path.split(Repository.NAME_SEP)[-1])
                     safe_path = f_name.replace('"', '\\"')
                     encoded_path = urllib.parse.quote(f_name)
                     headers = "attachment; " \
                               "filename=\"{}\"; " \
                               "filename*=UTF-8\'\'{}".format(safe_path, encoded_path)
                     return safe_bytes(headers).decode('latin-1', errors='replace')
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_raw(self):
                     """
                     Action for show as raw, some mimetypes are "rendered",
                     those include images, icons.
                     """
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     raw_mimetype_mapping = {
                         # map original mimetype to a mimetype used for "show as raw"
                         # you can also provide a content-disposition to override the
                         # default "attachment" disposition.
                         # orig_type: (new_type, new_dispo)
                         # show images inline:
                         # Do not re-add SVG: it is unsafe and permits XSS attacks. One can
                         # for example render an SVG with javascript inside or even render
                         # HTML.
                         'image/x-icon': ('image/x-icon', 'inline'),
                         'image/png': ('image/png', 'inline'),
                         'image/gif': ('image/gif', 'inline'),
                         'image/jpeg': ('image/jpeg', 'inline'),
                         'application/pdf': ('application/pdf', 'inline'),
                     }
                     mimetype = file_node.mimetype
                     try:
                         mimetype, disposition = raw_mimetype_mapping[mimetype]
                     except KeyError:
                         # we don't know anything special about this, handle it safely
                         if file_node.is_binary:
                             # do same as download raw for binary files
                             mimetype, disposition = 'application/octet-stream', 'attachment'
                         else:
                             # do not just use the original mimetype, but force text/plain,
                             # otherwise it would serve text/html and that might be unsafe.
                             # Note: underlying vcs library fakes text/plain mimetype if the
                             # mimetype can not be determined and it thinks it is not
                             # binary.This might lead to erroneous text display in some
                             # cases, but helps in other cases, like with text files
                             # without extension.
                             mimetype, disposition = 'text/plain', 'inline'
                     if disposition == 'attachment':
                         disposition = self._get_attachement_headers(f_path)
                     stream_content = file_node.stream_bytes()
                     response = Response(app_iter=stream_content)
                     response.content_disposition = disposition
                     response.content_type = mimetype
                     charset = self._get_default_encoding(c)
                     if charset:
                         response.charset = charset
                     return response
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_download(self):
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if self.request.GET.get('lf'):
                         # only if lf get flag is passed, we download this file
                         # as LFS/Largefile
                         lf_node = file_node.get_largefile_node()
                         if lf_node:
                             # overwrite our pointer with the REAL large-file
                             file_node = lf_node
                     disposition = self._get_attachement_headers(f_path)
                     stream_content = file_node.stream_bytes()
                     response = Response(app_iter=stream_content)
                     response.content_disposition = disposition
                     response.content_type = file_node.mimetype
                     charset = self._get_default_encoding(c)
                     if charset:
                         response.charset = charset
                     return response
                 def _get_nodelist_at_commit(self, repo_name, repo_id, commit_id, f_path):
                     cache_seconds = safe_int(
                         rhodecode.CONFIG.get('rc_cache.cache_repo.expiration_time'))
                     cache_on = cache_seconds > 0
                     log.debug(
                         'Computing FILE SEARCH for repo_id %s commit_id `%s` and path `%s`'
                         'with caching: %s[TTL: %ss]' % (
                             repo_id, commit_id, f_path, cache_on, cache_seconds or 0))
                     cache_namespace_uid = f'repo.{repo_id}'
                     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
                     @region.conditional_cache_on_arguments(namespace=cache_namespace_uid, condition=cache_on)
                     def compute_file_search(_name_hash, _repo_id, _commit_id, _f_path):
                         log.debug('Generating cached nodelist for repo_id:%s, %s, %s',
                                   _repo_id, commit_id, f_path)
                         try:
                             _d, _f = ScmModel().get_quick_filter_nodes(repo_name, _commit_id, _f_path)
                         except (RepositoryError, CommitDoesNotExistError, Exception) as e:
                             log.exception(safe_str(e))
                             h.flash(h.escape(safe_str(e)), category='error')
                             raise HTTPFound(h.route_path(
                                 'repo_files', repo_name=self.db_repo_name,
                                 commit_id='tip', f_path='/'))
                         return _d + _f
                     result = compute_file_search(self.db_repo.repo_name_hash, self.db_repo.repo_id,
                                                  commit_id, f_path)
                     return filter(lambda n: self.path_filter.path_access_allowed(n['name']), result)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_nodelist(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     metadata = self._get_nodelist_at_commit(
                         self.db_repo_name, self.db_repo.repo_id, commit.raw_id, f_path)
                     return {'nodes': [x for x in metadata]}
                 def _create_references(self, branches_or_tags, symbolic_reference, f_path, ref_type):
                     items = []
                     for name, commit_id in branches_or_tags.items():
                         sym_ref = symbolic_reference(commit_id, name, f_path, ref_type)
                         items.append((sym_ref, name, ref_type))
                     return items
                 def _symbolic_reference(self, commit_id, name, f_path, ref_type):
                     return commit_id
                 def _symbolic_reference_svn(self, commit_id, name, f_path, ref_type):
                     return commit_id
                     # NOTE(dan): old code we used in "diff" mode compare
                     new_f_path = vcspath.join(name, f_path)
                     return f'{new_f_path}@{commit_id}'
                 def _get_node_history(self, commit_obj, f_path, commits=None):
                     """
                     get commit history for given node
                     :param commit_obj: commit to calculate history
                     :param f_path: path for node to calculate history for
                     :param commits: if passed don't calculate history and take
                         commits defined in this list
                     """
                     _ = self.request.translate
                     # calculate history based on tip
                     tip = self.rhodecode_vcs_repo.get_commit()
                     if commits is None:
                         pre_load = ["author", "branch"]
                         try:
                             commits = tip.get_path_history(f_path, pre_load=pre_load)
                         except (NodeDoesNotExistError, CommitError):
                             # this node is not present at tip!
                             commits = commit_obj.get_path_history(f_path, pre_load=pre_load)
                     history = []
                     commits_group = ([], _("Changesets"))
                     for commit in commits:
                         branch = ' (%s)' % commit.branch if commit.branch else ''
                         n_desc = f'r{commit.idx}:{commit.short_id}{branch}'
                         commits_group[0].append((commit.raw_id, n_desc, 'sha'))
                     history.append(commits_group)
                     symbolic_reference = self._symbolic_reference
                     if self.rhodecode_vcs_repo.alias == 'svn':
                         adjusted_f_path = RepoFilesView.adjust_file_path_for_svn(
                             f_path, self.rhodecode_vcs_repo)
                         if adjusted_f_path != f_path:
                             log.debug(
                                 'Recognized svn tag or branch in file "%s", using svn '
                                 'specific symbolic references', f_path)
                             f_path = adjusted_f_path
                             symbolic_reference = self._symbolic_reference_svn
                     branches = self._create_references(
                         self.rhodecode_vcs_repo.branches, symbolic_reference, f_path, 'branch')
                     branches_group = (branches, _("Branches"))
                     tags = self._create_references(
                         self.rhodecode_vcs_repo.tags, symbolic_reference, f_path, 'tag')
                     tags_group = (tags, _("Tags"))
                     history.append(branches_group)
                     history.append(tags_group)
                     return history, commits
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_history(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if file_node.is_file():
                         file_history, _hist = self._get_node_history(commit, f_path)
                         res = []
                         for section_items, section in file_history:
                             items = []
                             for obj_id, obj_text, obj_type in section_items:
                                 at_rev = ''
                                 if obj_type in ['branch', 'bookmark', 'tag']:
                                     at_rev = obj_text
                                 entry = {
                                     'id': obj_id,
                                     'text': obj_text,
                                     'type': obj_type,
                                     'at_rev': at_rev
                                 }
                                 items.append(entry)
                             res.append({
                                 'text': section,
                                 'children': items
                             })
                         data = {
                             'more': False,
                             'results': res
                         }
                         return data
                     log.warning('Cannot fetch history for directory')
                     raise HTTPBadRequest()
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator(
                     'repository.read', 'repository.write', 'repository.admin')
                 def repo_file_authors(self):
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     commit = self._get_commit_or_redirect(commit_id)
                     file_node = self._get_filenode_or_redirect(commit, f_path)
                     if not file_node.is_file():
                         raise HTTPBadRequest()
                     c.file_last_commit = file_node.last_commit
                     if self.request.GET.get('annotate') == '1':
                         # use _hist from annotation if annotation mode is on
                         commit_ids = {x[1] for x in file_node.annotate}
                         _hist = (
                             self.rhodecode_vcs_repo.get_commit(commit_id)
                             for commit_id in commit_ids)
                     else:
                         _f_history, _hist = self._get_node_history(commit, f_path)
                     c.file_author = False
                     unique = collections.OrderedDict()
                     for commit in _hist:
                         author = commit.author
                         if author not in unique:
                             unique[commit.author] = [
                                 h.email(author),
                                 h.person(author, 'username_or_name_or_email'),
 # counter
                             ]
                         else:
                             # increase counter
                             unique[commit.author][2] += 1
                     c.authors = [val for val in unique.values()]
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_check_head(self):
                     self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     new_path = self.request.POST.get('path')
                     operation = self.request.POST.get('operation')
                     path_exist = ''
                     if new_path and operation in ['create', 'upload']:
                         new_f_path = os.path.join(f_path.lstrip('/'), new_path)
                         try:
                             commit_obj = self.rhodecode_vcs_repo.get_commit(commit_id)
                             # NOTE(dan): construct whole path without leading /
                             file_node = commit_obj.get_node(new_f_path)
                             if file_node is not None:
                                 path_exist = new_f_path
                         except EmptyRepositoryError:
                             pass
                         except Exception:
                             pass
                     return {
                         'branch': _branch_name,
                         'sha': _sha_commit_id,
                         'is_head': is_head,
                         'path_exists': path_exist
                     }
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_remove_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path)
                     self.check_branch_permission(_branch_name)
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     c.default_message = _(
                         'Deleted file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_delete_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path)
                     self.check_branch_permission(_branch_name)
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     c.default_message = _(
                         'Deleted file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     node_path = f_path
                     author = self._rhodecode_db_user.full_contact
                     message = self.request.POST.get('message') or c.default_message
                     try:
                         nodes = {
                             safe_bytes(node_path): {
                                 'content': b''
                             }
                         }
                         ScmModel().delete_nodes(
                             user=self._rhodecode_db_user.user_id, repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(
                             _('Successfully deleted file `{}`').format(
                                 h.escape(f_path)), category='success')
                     except Exception:
                         log.exception('Error during commit operation')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(
                         h.route_path('repo_commit', repo_name=self.db_repo_name,
                                      commit_id='tip'))
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_edit_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     if c.file.is_binary:
                         files_url = h.route_path(
                             'repo_files',
                             repo_name=self.db_repo_name,
                             commit_id=c.commit.raw_id, f_path=f_path)
                         raise HTTPFound(files_url)
                     c.default_message = _('Edited file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_update_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id)
                     c.file = self._get_filenode_or_redirect(c.commit, f_path)
                     if c.file.is_binary:
                         raise HTTPFound(h.route_path('repo_files', repo_name=self.db_repo_name,
                                                      commit_id=c.commit.raw_id, f_path=f_path))
                     _branch_name, _sha_commit_id, is_head = \
                         self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                             landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.default_message = _('Edited file {} via RhodeCode Enterprise').format(f_path)
                     c.f_path = f_path
                     old_content = c.file.str_content
                     sl = old_content.splitlines(1)
                     first_line = sl[0] if sl else ''
                     r_post = self.request.POST
                     # line endings:  0 - Unix, 1 - Mac, 2 - DOS
                     line_ending_mode = detect_mode(first_line, 0)
                     content = convert_line_endings(r_post.get('content', ''), line_ending_mode)
                     message = r_post.get('message') or c.default_message
                     org_node_path = c.file.str_path
                     filename = r_post['filename']
                     root_path = c.file.dir_path
                     pure_path = self.create_pure_path(root_path, filename)
                     node_path = pure_path.as_posix()
                     default_redirect_url = h.route_path('repo_commit', repo_name=self.db_repo_name,
                                                         commit_id=commit_id)
                     if content == old_content and node_path == org_node_path:
                         h.flash(_('No changes detected on {}').format(h.escape(org_node_path)),
                                 category='warning')
                         raise HTTPFound(default_redirect_url)
                     try:
                         mapping = {
                             c.file.bytes_path: {
                                 'org_filename': org_node_path,
                                 'filename': safe_bytes(node_path),
                                 'content': safe_bytes(content),
                                 'lexer': '',
                                 'op': 'mod',
                                 'mode': c.file.mode
                             }
                         }
                         commit = ScmModel().update_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=mapping,
                             parent_commit=c.commit,
                         )
                         h.flash(_('Successfully committed changes to file `{}`').format(
                                 h.escape(f_path)), category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except Exception:
                         log.exception('Error occurred during commit')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(default_redirect_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 def repo_files_add_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     # Check if we need to use this page to upload binary
                     upload_binary = str2bool(self.request.params.get('upload_binary', False))
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.default_message = (_('Added file via RhodeCode Enterprise')) \
                         if not upload_binary else (_('Edited file {} via RhodeCode Enterprise').format(f_path))
                     c.f_path = f_path.lstrip('/')  # ensure not relative path
                     c.replace_binary = upload_binary
                     return self._get_template_context(c)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_create_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     # calculate redirect URL
                     if self.rhodecode_vcs_repo.is_empty():
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     self.forbid_non_head(is_head, f_path, commit_id=commit_id)
                     self.check_branch_permission(_branch_name, commit_id=commit_id)
                     c.default_message = (_('Added file via RhodeCode Enterprise'))
                     c.f_path = f_path
                     r_post = self.request.POST
                     message = r_post.get('message') or c.default_message
                     filename = r_post.get('filename')
                     unix_mode = 0
                     if not filename:
                         # If there's no commit, redirect to repo summary
                         if type(c.commit) is EmptyCommit:
                             redirect_url = h.route_path(
                                 'repo_summary', repo_name=self.db_repo_name)
                         else:
                             redirect_url = default_redirect_url
                         h.flash(_('No filename specified'), category='warning')
                         raise HTTPFound(redirect_url)
                     root_path = f_path
                     pure_path = self.create_pure_path(root_path, filename)
                     node_path = pure_path.as_posix().lstrip('/')
                     author = self._rhodecode_db_user.full_contact
                     content = convert_line_endings(r_post.get('content', ''), unix_mode)
                     nodes = {
                         safe_bytes(node_path): {
                             'content': safe_bytes(content)
                         }
                     }
                     try:
                         commit = ScmModel().create_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(_('Successfully committed new file `{}`').format(
                                 h.escape(node_path)), category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except NonRelativePathError:
                         log.exception('Non Relative path found')
                         h.flash(_('The location specified must be a relative path and must not '
                                   'contain .. in the path'), category='warning')
                         raise HTTPFound(default_redirect_url)
                     except (NodeError, NodeAlreadyExistsError) as e:
                         h.flash(h.escape(safe_str(e)), category='error')
                     except Exception:
                         log.exception('Error occurred during commit')
                         h.flash(_('Error occurred during commit'), category='error')
                     raise HTTPFound(default_redirect_url)
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_upload_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     # calculate redirect URL
                     if self.rhodecode_vcs_repo.is_empty():
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     error = self.forbid_non_head(is_head, f_path, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     error = self.check_branch_permission(_branch_name, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     c.default_message = (_('Added file via RhodeCode Enterprise'))
                     c.f_path = f_path
                     r_post = self.request.POST
                     message = c.default_message
                     user_message = r_post.getall('message')
                     if isinstance(user_message, list) and user_message:
                         # we take the first from duplicated results if it's not empty
                         message = user_message[0] if user_message[0] else message
                     nodes = {}
                     for file_obj in r_post.getall('files_upload') or []:
                         content = file_obj.file
                         filename = file_obj.filename
                         root_path = f_path
                         pure_path = self.create_pure_path(root_path, filename)
                         node_path = pure_path.as_posix().lstrip('/')
                         nodes[safe_bytes(node_path)] = {
                             'content': content
                         }
                     if not nodes:
                         error = 'missing files'
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     author = self._rhodecode_db_user.full_contact
                     try:
                         commit = ScmModel().create_nodes(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             nodes=nodes,
                             parent_commit=c.commit,
                             author=author,
                         )
                         if len(nodes) == 1:
                             flash_message = _('Successfully committed {} new files').format(len(nodes))
                         else:
                             flash_message = _('Successfully committed 1 new file')
                         h.flash(flash_message, category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except NonRelativePathError:
                         log.exception('Non Relative path found')
                         error = _('The location specified must be a relative path and must not '
                                   'contain .. in the path')
                         h.flash(error, category='warning')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     except (NodeError, NodeAlreadyExistsError) as e:
                         error = h.escape(e)
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     except Exception:
                         log.exception('Error occurred during commit')
                         error = _('Error occurred during commit')
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     return {
                         'error': None,
                         'redirect_url': default_redirect_url
                     }
                 @LoginRequired()
                 @HasRepoPermissionAnyDecorator('repository.write', 'repository.admin')
                 @CSRFRequired()
                 def repo_files_replace_file(self):
                     _ = self.request.translate
                     c = self.load_default_context()
                     commit_id, f_path = self._get_commit_and_path()
                     self._ensure_not_locked()
                     c.commit = self._get_commit_or_redirect(commit_id, redirect_after=False)
                     if c.commit is None:
                         c.commit = EmptyCommit(alias=self.rhodecode_vcs_repo.alias)
                     if self.rhodecode_vcs_repo.is_empty():
                         default_redirect_url = h.route_path(
                             'repo_summary', repo_name=self.db_repo_name)
                     else:
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id='tip')
                     if self.rhodecode_vcs_repo.is_empty():
                         # for empty repository we cannot check for current branch, we rely on
                         # c.commit.branch instead
                         _branch_name, _sha_commit_id, is_head = c.commit.branch, '', True
                     else:
                         _branch_name, _sha_commit_id, is_head = \
                             self._is_valid_head(commit_id, self.rhodecode_vcs_repo,
                                                 landing_ref=self.db_repo.landing_ref_name)
                     error = self.forbid_non_head(is_head, f_path, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     error = self.check_branch_permission(_branch_name, json_mode=True)
                     if error:
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     c.default_message = (_('Edited file {} via RhodeCode Enterprise').format(f_path))
                     c.f_path = f_path
                     r_post = self.request.POST
                     message = c.default_message
                     user_message = r_post.getall('message')
                     if isinstance(user_message, list) and user_message:
                         # we take the first from duplicated results if it's not empty
                         message = user_message[0] if user_message[0] else message
                     data_for_replacement = r_post.getall('files_upload') or []
                     if (objects_count := len(data_for_replacement)) > 1:
                         return {
                             'error': 'too many files for replacement',
                             'redirect_url': default_redirect_url
                         }
                     elif not objects_count:
                         return {
                             'error': 'missing files',
                             'redirect_url': default_redirect_url
                         }
                     content = data_for_replacement[0].file
                     retrieved_filename = data_for_replacement[0].filename
                     if retrieved_filename.split('.')[-1] != f_path.split('.')[-1]:
                         return {
                             'error': 'file extension of uploaded file doesn\'t match an original file\'s extension',
                             'redirect_url': default_redirect_url
                         }
                     author = self._rhodecode_db_user.full_contact
                     try:
                         commit = ScmModel().update_binary_node(
                             user=self._rhodecode_db_user.user_id,
                             repo=self.db_repo,
                             message=message,
                             node={
                                 'content': content,
                                 'file_path': f_path.encode(),
                             },
                             parent_commit=c.commit,
                             author=author,
                         )
                         h.flash(_('Successfully committed 1 new file'), category='success')
                         default_redirect_url = h.route_path(
                             'repo_commit', repo_name=self.db_repo_name, commit_id=commit.raw_id)
                     except (NodeError, NodeAlreadyExistsError) as e:
                         error = h.escape(e)
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     except Exception:
                         log.exception('Error occurred during commit')
                         error = _('Error occurred during commit')
                         h.flash(error, category='error')
                         return {
                             'error': error,
                             'redirect_url': default_redirect_url
                         }
                     return {
                         'error': None,
                         'redirect_url': default_redirect_url
                     }

rhodecode/config/config_maker.py

0 +7 -3

             # Copyright (C) 2010-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import tempfile
             import logging
             from pyramid.settings import asbool
             from rhodecode.config.settings_maker import SettingsMaker
             from rhodecode.config import utils as config_utils
             log = logging.getLogger(__name__)
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well-prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 jn = os.path.join
                 global_settings_maker = SettingsMaker(global_config)
                 global_settings_maker.make_setting('debug', default=False, parser='bool')
                 debug_enabled = asbool(global_config.get('debug'))
                 settings_maker = SettingsMaker(settings)
                 settings_maker.make_setting(
                     'logging.autoconfigure',
                     default=False,
                     parser='bool')
                 logging_conf = jn(os.path.dirname(global_config.get('__file__')), 'logging.ini')
                 settings_maker.enable_logging(logging_conf, level='INFO' if debug_enabled else 'DEBUG')
                 # Default includes, possible to change as a user
                 pyramid_includes = settings_maker.make_setting('pyramid.includes', [], parser='list:newline')
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 settings_maker.make_setting('rhodecode.edition', 'Community Edition')
                 settings_maker.make_setting('rhodecode.edition_id', 'CE')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 settings_maker.make_setting('__file__', global_config.get('__file__'))
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings_maker.make_setting('rhodecode.api.url', '/_admin/api')
                 # Sanitize generic settings.
                 settings_maker.make_setting('default_encoding', 'UTF-8', parser='list')
                 settings_maker.make_setting('gzip_responses', False, parser='bool')
                 settings_maker.make_setting('startup.import_repos', 'false', parser='bool')
                 # statsd
                 settings_maker.make_setting('statsd.enabled', False, parser='bool')
                 settings_maker.make_setting('statsd.statsd_host', 'statsd-exporter', parser='string')
                 settings_maker.make_setting('statsd.statsd_port', 9125, parser='int')
                 settings_maker.make_setting('statsd.statsd_prefix', '')
                 settings_maker.make_setting('statsd.statsd_ipv6', False, parser='bool')
                 settings_maker.make_setting('vcs.svn.compatible_version', '')
                 settings_maker.make_setting('vcs.svn.proxy.enabled', True, parser='bool')
                 settings_maker.make_setting('vcs.svn.proxy.host', 'http://svn:8090', parser='string')
                 settings_maker.make_setting('vcs.hooks.protocol', 'http')
                 settings_maker.make_setting('vcs.hooks.host', '*')
                 settings_maker.make_setting('vcs.scm_app_implementation', 'http')
                 settings_maker.make_setting('vcs.server', '')
                 settings_maker.make_setting('vcs.server.protocol', 'http')
                 settings_maker.make_setting('vcs.server.enable', 'true', parser='bool')
                 settings_maker.make_setting('vcs.hooks.direct_calls', 'false', parser='bool')
                 settings_maker.make_setting('vcs.start_server', 'false', parser='bool')
                 settings_maker.make_setting('vcs.backends', 'hg, git, svn', parser='list')
                 settings_maker.make_setting('vcs.connection_timeout', 3600, parser='int')
                 settings_maker.make_setting('vcs.methods.cache', True, parser='bool')
                 # repo_store path
                 settings_maker.make_setting('repo_store.path', '/var/opt/rhodecode_repo_store')
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
                 settings_maker.make_setting('appenlight', False, parser='bool')
                 temp_store = tempfile.gettempdir()
                 tmp_cache_dir = jn(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = settings_maker.make_setting(
                     'cache_dir',
                     default=tmp_cache_dir, default_when_empty=True,
                     parser='dir:ensured')
                 # exception store cache
                 settings_maker.make_setting(
                     'exception_tracker.store_path',
                     default=jn(default_cache_dir, 'exc_store'), default_when_empty=True,
                     parser='dir:ensured'
                 )
                 settings_maker.make_setting(
                     'celerybeat-schedule.path',
                     default=jn(default_cache_dir, 'celerybeat_schedule', 'celerybeat-schedule.db'), default_when_empty=True,
                     parser='file:ensured'
                 )
                 settings_maker.make_setting('exception_tracker.send_email', False, parser='bool')
                 settings_maker.make_setting('exception_tracker.email_prefix', '[RHODECODE ERROR]', default_when_empty=True)
                 # sessions, ensure file since no-value is memory
                 settings_maker.make_setting('beaker.session.type', 'file')
                 settings_maker.make_setting('beaker.session.data_dir',  jn(default_cache_dir, 'session_data'))
                 # cache_general
                 settings_maker.make_setting('rc_cache.cache_general.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_general.expiration_time', 60 * 60 * 12, parser='int')
                 settings_maker.make_setting('rc_cache.cache_general.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_general.db'))
                 # cache_perms
                 settings_maker.make_setting('rc_cache.cache_perms.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_perms.expiration_time', 60 * 60, parser='int')
                 settings_maker.make_setting('rc_cache.cache_perms.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_perms_db'))
                 # cache_repo
                 settings_maker.make_setting('rc_cache.cache_repo.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_repo.expiration_time', 60 * 60 * 24 * 30, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_repo_db'))
                 # cache_license
                 settings_maker.make_setting('rc_cache.cache_license.backend', 'dogpile.cache.rc.file_namespace')
                 settings_maker.make_setting('rc_cache.cache_license.expiration_time', 60 * 5, parser='int')
                 settings_maker.make_setting('rc_cache.cache_license.arguments.filename', jn(default_cache_dir, 'rhodecode_cache_license_db'))
                 # cache_repo_longterm memory, 96H
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.expiration_time', 345600, parser='int')
                 settings_maker.make_setting('rc_cache.cache_repo_longterm.max_size', 10000, parser='int')
                 # sql_cache_short
                 settings_maker.make_setting('rc_cache.sql_cache_short.backend', 'dogpile.cache.rc.memory_lru')
                 settings_maker.make_setting('rc_cache.sql_cache_short.expiration_time', 30, parser='int')
                 settings_maker.make_setting('rc_cache.sql_cache_short.max_size', 10000, parser='int')
                 # archive_cache
-                settings_maker.make_setting('archive_cache.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
+                settings_maker.make_setting('archive_cache.locking.url', 'redis://redis:6379/1')
-                settings_maker.make_setting('archive_cache.cache_size_gb', 10, parser='float')
+                settings_maker.make_setting('archive_cache.backend.type', 'filesystem')
-                settings_maker.make_setting('archive_cache.cache_shards', 10, parser='int')
+                settings_maker.make_setting('archive_cache.filesystem.store_dir', jn(default_cache_dir, 'archive_cache'), default_when_empty=True,)
+                settings_maker.make_setting('archive_cache.filesystem.cache_size_gb', 10, parser='float')
+                settings_maker.make_setting('archive_cache.filesystem.cache_shards', 8, parser='int')
+                settings_maker.make_setting('archive_cache.filesystem.eviction_policy', 'least-recently-stored')
                 settings_maker.env_expand()
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings

rhodecode/lib/rc_cache/archive_cache/fanout_cache.py ~~rhodecode/lib/rc_cache/archive_cache.py~~

0 renamed +205 -29

@@ -1,88 +1,264 b''
1	# Copyright (C) 2015-2023 RhodeCode GmbH	1	# Copyright (C) 2015-2024 RhodeCode GmbH
2	#	2	#
3	# This program is free software: you can redistribute it and/or modify	3	# This program is free software: you can redistribute it and/or modify
4	# it under the terms of the GNU Affero General Public License, version 3	4	# it under the terms of the GNU Affero General Public License, version 3
5	# (only), as published by the Free Software Foundation.	5	# (only), as published by the Free Software Foundation.
6	#	6	#
7	# This program is distributed in the hope that it will be useful,	7	# This program is distributed in the hope that it will be useful,
8	# but WITHOUT ANY WARRANTY; without even the implied warranty of	8	# but WITHOUT ANY WARRANTY; without even the implied warranty of
9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	9	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	# GNU General Public License for more details.	10	# GNU General Public License for more details.
11	#	11	#
12	# You should have received a copy of the GNU Affero General Public License	12	# You should have received a copy of the GNU Affero General Public License
13	# along with this program. If not, see <http://www.gnu.org/licenses/>.	13	# along with this program. If not, see <http://www.gnu.org/licenses/>.
14	#	14	#
15	# This program is dual-licensed. If you wish to learn more about the	15	# This program is dual-licensed. If you wish to learn more about the
16	# RhodeCode Enterprise Edition, including its added features, Support services,	16	# RhodeCode Enterprise Edition, including its added features, Support services,
17	# and proprietary license terms, please see https://rhodecode.com/licenses/	17	# and proprietary license terms, please see https://rhodecode.com/licenses/
18		18
19	import logging	19	import codecs
		20	import contextlib
		21	import functools
20	import os	22	import os
21	import diskcache	23	import logging
22	from diskcache import RLock	24	import time
		25	import typing
		26	import zlib
		27
		28	from rhodecode.lib.ext_json import json
		29	from .lock import GenerationLock
23		30
24	log = logging.getLogger(__name__)	31	log = logging.getLogger(__name__)
25		32
26	cache_meta = None	33	cache_meta = None
27		34
		35	UNKNOWN = -241
		36	NO_VAL = -917
28		37
29	class ReentrantLock(RLock):	38	MODE_BINARY = 'BINARY'
30	def __enter__(self):	39
31	reentrant_lock_key = self._key	40
		41	class FileSystemCache:
		42
		43	def __init__(self, index, directory, **settings):
		44	self._index = index
		45	self._directory = directory
		46
		47	def _write_file(self, full_path, iterator, mode, encoding=None):
		48	full_dir, _ = os.path.split(full_path)
		49
		50	for count in range(1, 11):
		51	with contextlib.suppress(OSError):
		52	os.makedirs(full_dir)
		53
		54	try:
		55	# Another cache may have deleted the directory before
		56	# the file could be opened.
		57	writer = open(full_path, mode, encoding=encoding)
		58	except OSError:
		59	if count == 10:
		60	# Give up after 10 tries to open the file.
		61	raise
		62	continue
		63
		64	with writer:
		65	size = 0
		66	for chunk in iterator:
		67	size += len(chunk)
		68	writer.write(chunk)
		69	return size
		70
		71	def _get_keyfile(self, key):
		72	return os.path.join(self._directory, f'{key}.key')
		73
		74	def store(self, key, value_reader, metadata):
		75	filename, full_path = self.random_filename()
		76	key_file = self._get_keyfile(key)
		77
		78	# STORE METADATA
		79	_metadata = {
		80	"version": "v1",
		81	"timestamp": time.time(),
		82	"filename": filename,
		83	"full_path": full_path,
		84	"key_file": key_file,
		85	}
		86	if metadata:
		87	_metadata.update(metadata)
		88
		89	reader = functools.partial(value_reader.read, 2**22)
		90
		91	iterator = iter(reader, b'')
		92	size = self._write_file(full_path, iterator, 'xb')
		93
		94	# after archive is finished, we create a key to save the presence of the binary file
		95	with open(key_file, 'wb') as f:
		96	f.write(json.dumps(_metadata))
		97
		98	return key, size, MODE_BINARY, filename, _metadata
		99
		100	def fetch(self, key) -> tuple[typing.BinaryIO, dict]:
		101	if key not in self:
		102	raise KeyError(key)
		103
		104	key_file = self._get_keyfile(key)
		105	with open(key_file, 'rb') as f:
		106	metadata = json.loads(f.read())
		107
		108	filename = metadata['filename']
		109
		110	return open(os.path.join(self._directory, filename), 'rb'), metadata
		111
		112	def random_filename(self):
		113	"""Return filename and full-path tuple for file storage.
		114
		115	Filename will be a randomly generated 28 character hexadecimal string
		116	with ".archive_cache" suffixed. Two levels of sub-directories will be used to
		117	reduce the size of directories. On older filesystems, lookups in
		118	directories with many files may be slow.
		119	"""
32		120
33	log.debug('Acquire ReentrantLock(key=%s) for archive cache generation...', reentrant_lock_key)	121	hex_name = codecs.encode(os.urandom(16), 'hex').decode('utf-8')
34	#self.acquire()	122	sub_dir = os.path.join(hex_name[:2], hex_name[2:4])
35	log.debug('Lock for key=%s acquired', reentrant_lock_key)	123	name = hex_name[4:] + '.archive_cache'
		124	filename = os.path.join(sub_dir, name)
		125	full_path = os.path.join(self._directory, filename)
		126	return filename, full_path
		127
		128	def hash(self, key):
		129	"""Compute portable hash for `key`.
		130
		131	:param key: key to hash
		132	:return: hash value
		133
		134	"""
		135	mask = 0xFFFFFFFF
		136	return zlib.adler32(key.encode('utf-8')) & mask # noqa
		137
		138	def __contains__(self, key):
		139	"""Return `True` if `key` matching item is found in cache.
		140
		141	:param key: key matching item
		142	:return: True if key matching item
		143
		144	"""
		145	key_file = self._get_keyfile(key)
		146	return os.path.exists(key_file)
		147
		148
		149	class FanoutCache:
		150	"""Cache that shards keys and values."""
		151
		152	def __init__(
		153	self, directory=None, **settings
		154	):
		155	"""Initialize cache instance.
		156
		157	:param str directory: cache directory
		158	:param settings: settings dict
		159
		160	"""
		161	if directory is None:
		162	raise ValueError('directory cannot be None')
		163
		164	directory = str(directory)
		165	directory = os.path.expanduser(directory)
		166	directory = os.path.expandvars(directory)
		167	self._directory = directory
36		168
37	def __exit__(self, *exc_info):	169	self._count = settings.pop('cache_shards')
38	#self.release()	170	self._locking_url = settings.pop('locking_url')
39	pass	171
		172	self._shards = tuple(
		173	FileSystemCache(
		174	index=num,
		175	directory=os.path.join(directory, 'shard_%03d' % num),
		176	**settings,
		177	)
		178	for num in range(self._count)
		179	)
		180	self._hash = self._shards[0].hash
		181
		182	def get_lock(self, lock_key):
		183	return GenerationLock(lock_key, self._locking_url)
		184
		185	def _get_shard(self, key) -> FileSystemCache:
		186	index = self._hash(key) % self._count
		187	shard = self._shards[index]
		188	return shard
		189
		190	def store(self, key, value_reader, metadata=None):
		191	shard = self._get_shard(key)
		192	return shard.store(key, value_reader, metadata)
		193
		194	def fetch(self, key):
		195	"""Return file handle corresponding to `key` from cache.
		196	"""
		197	shard = self._get_shard(key)
		198	return shard.fetch(key)
		199
		200	def has_key(self, key):
		201	"""Return `True` if `key` matching item is found in cache.
		202
		203	:param key: key for item
		204	:return: True if key is found
		205
		206	"""
		207	shard = self._get_shard(key)
		208	return key in shard
		209
		210	def __contains__(self, item):
		211	return self.has_key(item)
		212
		213	def evict(self):
		214	"""Remove old items based on the conditions"""
		215	# TODO: Implement this...
		216	return
40		217
41		218
42	def get_archival_config(config):	219	def get_archival_config(config):
43		220
44	final_config = {	221	final_config = {
45	'archive_cache.eviction_policy': 'least-frequently-used'	222
46	}	223	}
47		224
48	for k, v in config.items():	225	for k, v in config.items():
49	if k.startswith('archive_cache'):	226	if k.startswith('archive_cache'):
50	final_config[k] = v	227	final_config[k] = v
51		228
52	return final_config	229	return final_config
53		230
54		231
55	def get_archival_cache_store(config):	232	def get_archival_cache_store(config):
56		233
57	global cache_meta	234	global cache_meta
58	if cache_meta is not None:	235	if cache_meta is not None:
59	return cache_meta	236	return cache_meta
60		237
61	config = get_archival_config(config)	238	config = get_archival_config(config)
		239	backend = config['archive_cache.backend.type']
		240	if backend != 'filesystem':
		241	raise ValueError('archive_cache.backend.type only supports "filesystem"')
62		242
63	archive_cache_~~dir~~ = config['archive_cache.~~store_dir~~']	243	archive_cache_locking_url = config['archive_cache.locking.url']
64	archive_cache_~~size_gb~~ = config['archive_cache.~~cache_size_gb~~']	244	archive_cache_dir = config['archive_cache.filesystem.store_dir']
65	archive_cache_s~~hards~~ = config['archive_cache.cache_s~~hards~~']	245	archive_cache_size_gb = config['archive_cache.filesystem.cache_size_gb']
66	archive_cache_~~eviction_policy~~ = config['archive_cache.~~eviction_policy~~']	246	archive_cache_shards = config['archive_cache.filesystem.cache_shards']
		247	archive_cache_eviction_policy = config['archive_cache.filesystem.eviction_policy']
67		248
68	log.debug('Initializing archival cache instance under %s', archive_cache_dir)	249	log.debug('Initializing archival cache instance under %s', archive_cache_dir)
69		250
70	# check if it's ok to write, and re-create the archive cache	251	# check if it's ok to write, and re-create the archive cache
71	if not os.path.isdir(archive_cache_dir):	252	if not os.path.isdir(archive_cache_dir):
72	os.makedirs(archive_cache_dir, exist_ok=True)	253	os.makedirs(archive_cache_dir, exist_ok=True)
73		254
74	d_cache = ~~diskcache~~.FanoutCache(	255	d_cache = FanoutCache(
75	archive_cache_dir, ~~shards~~=~~archive_cache_shards~~,	256	archive_cache_dir,
76	cull_limit=0, # manual eviction required	257	locking_url=archive_cache_locking_url,
77	size_limit=archive_cache_size_gb * 1024 * 1024 * 1024,	258	cache_shards=archive_cache_shards,
78	eviction_policy=archive_cache_eviction_policy,	259	cache_size_limit=archive_cache_size_gb * 1024 * 1024 * 1024,
79	timeout=30	260	cache_eviction_policy=archive_cache_eviction_policy
80	)	261	)
81	cache_meta = d_cache	262	cache_meta = d_cache
82	return cache_meta	263	return cache_meta
83		264
84
85	def includeme(config):
86	# init our cache at start
87	settings = config.get_settings()
88	get_archival_cache_store(settings)

rhodecode/lib/system_info.py

0 +10 -3

             # Copyright (C) 2017-2023 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import time
             import platform
             import collections
             import psutil
             from functools import wraps
             import pkg_resources
             import logging
             import resource
             import configparser
             from rc_license.models import LicenseModel
             from rhodecode.lib.str_utils import safe_str
             log = logging.getLogger(__name__)
             _NA = 'NOT AVAILABLE'
             _NA_FLOAT = 0.0
             STATE_OK = 'ok'
             STATE_ERR = 'error'
             STATE_WARN = 'warning'
             STATE_OK_DEFAULT = {'message': '', 'type': STATE_OK}
             registered_helpers = {}
             def register_sysinfo(func):
                 """
                 @register_helper
                 def db_check():
                     pass
                 db_check == registered_helpers['db_check']
                 """
                 global registered_helpers
                 registered_helpers[func.__name__] = func
                 @wraps(func)
                 def _wrapper(*args, **kwargs):
                     return func(*args, **kwargs)
                 return _wrapper
             # HELPERS
             def percentage(part: (int, float), whole: (int, float)):
                 whole = float(whole)
                 if whole > 0:
                     return round(100 * float(part) / whole, 1)
                 return 0.0
             def get_storage_size(storage_path):
                 sizes = []
                 for file_ in os.listdir(storage_path):
                     storage_file = os.path.join(storage_path, file_)
                     if os.path.isfile(storage_file):
                         try:
                             sizes.append(os.path.getsize(storage_file))
                         except OSError:
                             log.exception('Failed to get size of storage file %s', storage_file)
                             pass
                 return sum(sizes)
             def get_resource(resource_type):
                 try:
                     return resource.getrlimit(resource_type)
                 except Exception:
                     return 'NOT_SUPPORTED'
             def get_cert_path(ini_path):
                 default = '/etc/ssl/certs/ca-certificates.crt'
                 control_ca_bundle = os.path.join(
                     os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(ini_path)))),
                     '.rccontrol-profile/etc/ca-bundle.crt')
                 if os.path.isfile(control_ca_bundle):
                     default = control_ca_bundle
                 return default
             class SysInfoRes(object):
                 def __init__(self, value, state=None, human_value=None):
                     self.value = value
                     self.state = state or STATE_OK_DEFAULT
                     self.human_value = human_value or value
                 def __json__(self):
                     return {
                         'value': self.value,
                         'state': self.state,
                         'human_value': self.human_value,
                     }
                 def get_value(self):
                     return self.__json__()
                 def __str__(self):
                     return f'<SysInfoRes({self.__json__()})>'
             class SysInfo(object):
                 def __init__(self, func_name, **kwargs):
                     self.function_name = func_name
                     self.value = _NA
                     self.state = None
                     self.kwargs = kwargs or {}
                 def __call__(self):
                     computed = self.compute(**self.kwargs)
                     if not isinstance(computed, SysInfoRes):
                         raise ValueError(
                             'computed value for {} is not instance of '
                             '{}, got {} instead'.format(
                                 self.function_name, SysInfoRes, type(computed)))
                     return computed.__json__()
                 def __str__(self):
                     return f'<SysInfo({self.function_name})>'
                 def compute(self, **kwargs):
                     return self.function_name(**kwargs)
             # SysInfo functions
             @register_sysinfo
             def python_info():
                 value = dict(version=f'{platform.python_version()}:{platform.python_implementation()}',
                              executable=sys.executable)
                 return SysInfoRes(value=value)
             @register_sysinfo
             def py_modules():
                 mods = dict([(p.project_name, {'version': p.version, 'location': p.location})
                              for p in pkg_resources.working_set])
                 value = sorted(mods.items(), key=lambda k: k[0].lower())
                 return SysInfoRes(value=value)
             @register_sysinfo
             def platform_type():
                 from rhodecode.lib.utils import generate_platform_uuid
                 value = dict(
                     name=safe_str(platform.platform()),
                     uuid=generate_platform_uuid()
                 )
                 return SysInfoRes(value=value)
             @register_sysinfo
             def locale_info():
                 import locale
                 def safe_get_locale(locale_name):
                     try:
                         locale.getlocale(locale_name)
                     except TypeError:
                         return f'FAILED_LOCALE_GET:{locale_name}'
                 value = dict(
                     locale_default=locale.getlocale(),
                     locale_lc_all=safe_get_locale(locale.LC_ALL),
                     locale_lc_ctype=safe_get_locale(locale.LC_CTYPE),
                     lang_env=os.environ.get('LANG'),
                     lc_all_env=os.environ.get('LC_ALL'),
                     local_archive_env=os.environ.get('LOCALE_ARCHIVE'),
                 )
                 human_value = \
                     f"LANG: {value['lang_env']}, \
                       locale LC_ALL: {value['locale_lc_all']},  \
                       locale LC_CTYPE: {value['locale_lc_ctype']},  \
                       Default locales: {value['locale_default']}"
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def ulimit_info():
                 data = collections.OrderedDict([
                     ('cpu time (seconds)', get_resource(resource.RLIMIT_CPU)),
                     ('file size', get_resource(resource.RLIMIT_FSIZE)),
                     ('stack size', get_resource(resource.RLIMIT_STACK)),
                     ('core file size', get_resource(resource.RLIMIT_CORE)),
                     ('address space size', get_resource(resource.RLIMIT_AS)),
                     ('locked in mem size', get_resource(resource.RLIMIT_MEMLOCK)),
                     ('heap size', get_resource(resource.RLIMIT_DATA)),
                     ('rss size', get_resource(resource.RLIMIT_RSS)),
                     ('number of processes', get_resource(resource.RLIMIT_NPROC)),
                     ('open files', get_resource(resource.RLIMIT_NOFILE)),
                 ])
                 text = ', '.join(f'{k}:{v}' for k, v in data.items())
                 value = {
                     'limits': data,
                     'text': text,
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def uptime():
                 from rhodecode.lib.helpers import age, time_to_datetime
                 from rhodecode.translation import TranslationString
                 value = dict(boot_time=0, uptime=0, text='')
                 state = STATE_OK_DEFAULT
                 boot_time = psutil.boot_time()
                 value['boot_time'] = boot_time
                 value['uptime'] = time.time() - boot_time
                 date_or_age = age(time_to_datetime(boot_time))
                 if isinstance(date_or_age, TranslationString):
                     date_or_age = date_or_age.interpolate()
                 human_value = value.copy()
                 human_value['boot_time'] = time_to_datetime(boot_time)
                 human_value['uptime'] = age(time_to_datetime(boot_time), show_suffix=False)
                 human_value['text'] = f'Server started {date_or_age}'
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def memory():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 value = dict(available=0, used=0, used_real=0, cached=0, percent=0,
                              percent_used=0, free=0, inactive=0, active=0, shared=0,
                              total=0, buffers=0, text='')
                 state = STATE_OK_DEFAULT
                 value.update(dict(psutil.virtual_memory()._asdict()))
                 value['used_real'] = value['total'] - value['available']
                 value['percent_used'] = psutil._common.usage_percent(value['used_real'], value['total'], 1)
                 human_value = value.copy()
                 human_value['text'] = '{}/{}, {}% used'.format(
                     format_byte_size_binary(value['used_real']),
                     format_byte_size_binary(value['total']),
                     value['percent_used'])
                 keys = list(value.keys())[::]
                 keys.pop(keys.index('percent'))
                 keys.pop(keys.index('percent_used'))
                 keys.pop(keys.index('text'))
                 for k in keys:
                     human_value[k] = format_byte_size_binary(value[k])
                 if state['type'] == STATE_OK and value['percent_used'] > 90:
                     msg = 'Critical: your available RAM memory is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent_used'] > 70:
                     msg = 'Warning: your available RAM memory is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def machine_load():
                 value = {'1_min': _NA_FLOAT, '5_min': _NA_FLOAT, '15_min': _NA_FLOAT, 'text': ''}
                 state = STATE_OK_DEFAULT
                 # load averages
                 if hasattr(psutil.os, 'getloadavg'):
                     value.update(dict(
                         list(zip(['1_min', '5_min', '15_min'], psutil.os.getloadavg()))
                     ))
                 human_value = value.copy()
                 human_value['text'] = '1min: {}, 5min: {}, 15min: {}'.format(
                     value['1_min'], value['5_min'], value['15_min'])
                 if state['type'] == STATE_OK and value['15_min'] > 5.0:
                     msg = 'Warning: your machine load is very high.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def cpu():
                 value = {'cpu': 0, 'cpu_count': 0, 'cpu_usage': []}
                 state = STATE_OK_DEFAULT
                 value['cpu'] = psutil.cpu_percent(0.5)
                 value['cpu_usage'] = psutil.cpu_percent(0.5, percpu=True)
                 value['cpu_count'] = psutil.cpu_count()
                 human_value = value.copy()
                 human_value['text'] = '{} cores at {} %'.format(value['cpu_count'], value['cpu'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage():
                 from rhodecode.lib.helpers import format_byte_size_binary
                 from rhodecode.lib.utils import get_rhodecode_repo_store_path
                 path = get_rhodecode_repo_store_path()
                 value = dict(percent=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch disk info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk space is very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk space is running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_inodes():
                 from rhodecode.lib.utils import get_rhodecode_repo_store_path
                 path = get_rhodecode_repo_store_path()
                 value = dict(percent=0.0, free=0, used=0, total=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     i_stat = os.statvfs(path)
                     value['free'] = i_stat.f_ffree
                     value['used'] = i_stat.f_files-i_stat.f_favail
                     value['total'] = i_stat.f_files
                     value['percent'] = percentage(value['used'], value['total'])
                 except Exception as e:
                     log.exception('Failed to fetch disk inodes info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = "{}/{}, {}% used".format(
                     value['used'], value['total'], value['percent'])
                 if state['type'] == STATE_OK and value['percent'] > 90:
                     msg = 'Critical: your disk free inodes are very low.'
                     state = {'message': msg, 'type': STATE_ERR}
                 elif state['type'] == STATE_OK and value['percent'] > 70:
                     msg = 'Warning: your disk free inodes are running low.'
                     state = {'message': msg, 'type': STATE_WARN}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_archives():
                 import rhodecode
                 from rhodecode.lib.utils import safe_str
                 from rhodecode.lib.helpers import format_byte_size_binary
-                msg = 'Archive cache storage is controlled by ' \
+                storage_type = rhodecode.ConfigGet().get_str('archive_cache.backend.type')
-                      'archive_cache.store_dir=/path/to/cache option in the .ini file'
+                storage_key = 'archive_cache.filesystem.store_dir'
-                path = safe_str(rhodecode.CONFIG.get('archive_cache.store_dir', msg))
+                default_msg = 'Archive cache storage is controlled by '\
+                              f'{storage_key}=/path/to/cache option in the .ini file'
+                path = rhodecode.ConfigGet().get_str(storage_key, missing=default_msg)
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
+                    if storage_type != 'filesystem':
+                        # raise Exc to stop reporting on different type
+                        raise ValueError('Storage type must be "filesystem"')
                     items_count = 0
                     used = 0
                     for root, dirs, files in os.walk(path):
                         if root == path:
                             items_count = len(dirs)
                         for f in files:
                             try:
                                 used += os.path.getsize(os.path.join(root, f))
                             except OSError:
                                 pass
                     value.update({
                         'percent': 100,
                         'used': used,
                         'total': used,
                         'items': items_count
                     })
                 except Exception as e:
                     log.exception('failed to fetch archive cache storage')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_gist():
                 from rhodecode.model.gist import GIST_STORE_LOC
                 from rhodecode.lib.utils import safe_str, get_rhodecode_repo_store_path
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = safe_str(os.path.join(
                     get_rhodecode_repo_store_path(), GIST_STORE_LOC))
                 # gist storage
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 try:
                     items_count = 0
                     used = 0
                     for root, dirs, files in os.walk(path):
                         if root == path:
                             items_count = len(dirs)
                         for f in files:
                             try:
                                 used += os.path.getsize(os.path.join(root, f))
                             except OSError:
                                 pass
                     value.update({
                         'percent': 100,
                         'used': used,
                         'total': used,
                         'items': items_count
                     })
                 except Exception as e:
                     log.exception('failed to fetch gist storage items')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{} ({} items)".format(
                     human_value['used'], value['items'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def storage_temp():
                 import tempfile
                 from rhodecode.lib.helpers import format_byte_size_binary
                 path = tempfile.gettempdir()
                 value = dict(percent=0, used=0, total=0, items=0, path=path, text='')
                 state = STATE_OK_DEFAULT
                 if not psutil:
                     return SysInfoRes(value=value, state=state)
                 try:
                     value.update(dict(psutil.disk_usage(path)._asdict()))
                 except Exception as e:
                     log.exception('Failed to fetch temp dir info')
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['used'] = format_byte_size_binary(value['used'])
                 human_value['total'] = format_byte_size_binary(value['total'])
                 human_value['text'] = "{}/{}, {}% used".format(
                     format_byte_size_binary(value['used']),
                     format_byte_size_binary(value['total']),
                     value['percent'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def search_info():
                 import rhodecode
                 from rhodecode.lib.index import searcher_from_config
                 backend = rhodecode.CONFIG.get('search.module', '')
                 location = rhodecode.CONFIG.get('search.location', '')
                 try:
                     searcher = searcher_from_config(rhodecode.CONFIG)
                     searcher = searcher.__class__.__name__
                 except Exception:
                     searcher = None
                 value = dict(
                     backend=backend, searcher=searcher, location=location, text='')
                 state = STATE_OK_DEFAULT
                 human_value = value.copy()
                 human_value['text'] = "backend:`{}`".format(human_value['backend'])
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def git_info():
                 from rhodecode.lib.vcs.backends import git
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = git.discover_git_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def hg_info():
                 from rhodecode.lib.vcs.backends import hg
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = hg.discover_hg_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def svn_info():
                 from rhodecode.lib.vcs.backends import svn
                 state = STATE_OK_DEFAULT
                 value = human_value = ''
                 try:
                     value = svn.discover_svn_version(raise_on_exc=True)
                     human_value = f'version reported from VCSServer: {value}'
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_backends():
                 import rhodecode
                 value = rhodecode.CONFIG.get('vcs.backends')
                 human_value = 'Enabled backends in order: {}'.format(','.join(value))
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def vcs_server():
                 import rhodecode
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 server_url = rhodecode.CONFIG.get('vcs.server')
                 enabled = rhodecode.CONFIG.get('vcs.server.enable')
                 protocol = rhodecode.CONFIG.get('vcs.server.protocol') or 'http'
                 state = STATE_OK_DEFAULT
                 version = None
                 workers = 0
                 try:
                     data = get_vcsserver_service_data()
                     if data and 'version' in data:
                         version = data['version']
                     if data and 'config' in data:
                         conf = data['config']
                         workers = conf.get('workers', 'NOT AVAILABLE')
                     connection = 'connected'
                 except Exception as e:
                     connection = 'failed'
                     state = {'message': str(e), 'type': STATE_ERR}
                 value = dict(
                     url=server_url,
                     enabled=enabled,
                     protocol=protocol,
                     connection=connection,
                     version=version,
                     text='',
                 )
                 human_value = value.copy()
                 human_value['text'] = \
                     '{url}@ver:{ver} via {mode} mode[workers:{workers}], connection:{conn}'.format(
                         url=server_url, ver=version, workers=workers, mode=protocol,
                         conn=connection)
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def vcs_server_config():
                 from rhodecode.lib.vcs.backends import get_vcsserver_service_data
                 state = STATE_OK_DEFAULT
                 value = {}
                 try:
                     data = get_vcsserver_service_data()
                     value = data['app_config']
                 except Exception as e:
                     state = {'message': str(e), 'type': STATE_ERR}
                 human_value = value.copy()
                 human_value['text'] = 'VCS Server config'
                 return SysInfoRes(value=value, state=state, human_value=human_value)
             @register_sysinfo
             def rhodecode_app_info():
                 import rhodecode
                 edition = rhodecode.CONFIG.get('rhodecode.edition')
                 value = dict(
                     rhodecode_version=rhodecode.__version__,
                     rhodecode_lib_path=os.path.abspath(rhodecode.__file__),
                     text=''
                 )
                 human_value = value.copy()
                 human_value['text'] = 'RhodeCode {edition}, version {ver}'.format(
                     edition=edition, ver=value['rhodecode_version']
                 )
                 return SysInfoRes(value=value, human_value=human_value)
             @register_sysinfo
             def rhodecode_config():
                 import rhodecode
                 path = rhodecode.CONFIG.get('__file__')
                 rhodecode_ini_safe = rhodecode.CONFIG.copy()
                 cert_path = get_cert_path(path)
                 try:
                     config = configparser.ConfigParser()
                     config.read(path)
                     parsed_ini = config
                     if parsed_ini.has_section('server:main'):
                         parsed_ini = dict(parsed_ini.items('server:main'))
                 except Exception:
                     log.exception('Failed to read .ini file for display')
                     parsed_ini = {}
                 rhodecode_ini_safe['server:main'] = parsed_ini
                 blacklist = [
                     f'rhodecode_{LicenseModel.LICENSE_DB_KEY}',
                     'routes.map',
                     'sqlalchemy.db1.url',
                     'channelstream.secret',
                     'beaker.session.secret',
                     'rhodecode.encrypted_values.secret',
                     'rhodecode_auth_github_consumer_key',
                     'rhodecode_auth_github_consumer_secret',
                     'rhodecode_auth_google_consumer_key',
                     'rhodecode_auth_google_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_secret',
                     'rhodecode_auth_bitbucket_consumer_key',
                     'rhodecode_auth_twitter_consumer_secret',
                     'rhodecode_auth_twitter_consumer_key',
                     'rhodecode_auth_twitter_secret',
                     'rhodecode_auth_github_secret',
                     'rhodecode_auth_google_secret',
                     'rhodecode_auth_bitbucket_secret',
                     'appenlight.api_key',
                     ('app_conf', 'sqlalchemy.db1.url')
                 ]
                 for k in blacklist:
                     if isinstance(k, tuple):
                         section, key = k
                         if section in rhodecode_ini_safe:
                             rhodecode_ini_safe[section] = '**OBFUSCATED**'
                     else:
                         rhodecode_ini_safe.pop(k, None)
                 # TODO: maybe put some CONFIG checks here ?
                 return SysInfoRes(value={'config': rhodecode_ini_safe,
                                          'path': path, 'cert_path': cert_path})
             @register_sysinfo
             def database_info():
                 import rhodecode
                 from sqlalchemy.engine import url as engine_url
                 from rhodecode.model import meta
                 from rhodecode.model.meta import Session
                 from rhodecode.model.db import DbMigrateVersion
                 state = STATE_OK_DEFAULT
                 db_migrate = DbMigrateVersion.query().filter(
                     DbMigrateVersion.repository_id == 'rhodecode_db_migrations').one()
                 db_url_obj = engine_url.make_url(rhodecode.CONFIG['sqlalchemy.db1.url'])
                 try:
                     engine = meta.get_engine()
                     db_server_info = engine.dialect._get_server_version_info(
                         Session.connection(bind=engine))
                     db_version = '.'.join(map(str, db_server_info))
                 except Exception:
                     log.exception('failed to fetch db version')
                     db_version = 'UNKNOWN'
                 db_info = dict(
                     migrate_version=db_migrate.version,
                     type=db_url_obj.get_backend_name(),
                     version=db_version,
                     url=repr(db_url_obj)
                 )
                 current_version = db_migrate.version
                 expected_version = rhodecode.__dbversion__
                 if state['type'] == STATE_OK and current_version != expected_version:
                     msg = 'Critical: database schema mismatch, ' \
                           'expected version {}, got {}. ' \
                           'Please run migrations on your database.'.format(
                         expected_version, current_version)
                     state = {'message': msg, 'type': STATE_ERR}
                 human_value = db_info.copy()
                 human_value['url'] = "{} @ migration version: {}".format(
                     db_info['url'], db_info['migrate_version'])
                 human_value['version'] = "{} {}".format(db_info['type'], db_info['version'])
                 return SysInfoRes(value=db_info, state=state, human_value=human_value)
             @register_sysinfo
             def server_info(environ):
                 import rhodecode
                 from rhodecode.lib.base import get_server_ip_addr, get_server_port
                 value = {
                     'server_ip': '{}:{}'.format(
                         get_server_ip_addr(environ, log_errors=False),
                         get_server_port(environ)
                     ),
                     'server_id': rhodecode.CONFIG.get('instance_id'),
                 }
                 return SysInfoRes(value=value)
             @register_sysinfo
             def usage_info():
                 from rhodecode.model.db import User, Repository, true
                 value = {
                     'users': User.query().count(),
                     'users_active': User.query().filter(User.active == true()).count(),
                     'repositories': Repository.query().count(),
                     'repository_types': {
                         'hg': Repository.query().filter(
                             Repository.repo_type == 'hg').count(),
                         'git': Repository.query().filter(
                             Repository.repo_type == 'git').count(),
                         'svn': Repository.query().filter(
                             Repository.repo_type == 'svn').count(),
                     },
                 }
                 return SysInfoRes(value=value)
             def get_system_info(environ):
                 environ = environ or {}
                 return {
                     'rhodecode_app': SysInfo(rhodecode_app_info)(),
                     'rhodecode_config': SysInfo(rhodecode_config)(),
                     'rhodecode_usage': SysInfo(usage_info)(),
                     'python': SysInfo(python_info)(),
                     'py_modules': SysInfo(py_modules)(),
                     'platform': SysInfo(platform_type)(),
                     'locale': SysInfo(locale_info)(),
                     'server': SysInfo(server_info, environ=environ)(),
                     'database': SysInfo(database_info)(),
                     'ulimit': SysInfo(ulimit_info)(),
                     'storage': SysInfo(storage)(),
                     'storage_inodes': SysInfo(storage_inodes)(),
                     'storage_archive': SysInfo(storage_archives)(),
                     'storage_gist': SysInfo(storage_gist)(),
                     'storage_temp': SysInfo(storage_temp)(),
                     'search': SysInfo(search_info)(),
                     'uptime': SysInfo(uptime)(),
                     'load': SysInfo(machine_load)(),
                     'cpu': SysInfo(cpu)(),
                     'memory': SysInfo(memory)(),
                     'vcs_backends': SysInfo(vcs_backends)(),
                     'vcs_server': SysInfo(vcs_server)(),
                     'vcs_server_config': SysInfo(vcs_server_config)(),
                     'git': SysInfo(git_info)(),
                     'hg': SysInfo(hg_info)(),
                     'svn': SysInfo(svn_info)(),
                 }
             def load_system_info(key):
                 """
                 get_sys_info('vcs_server')
                 get_sys_info('database')
                 """
                 return SysInfo(registered_helpers[key])()

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages