##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
config: updated example configs
marcink -
r3068:abc4ebe8 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,724 +1,726 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 ################################################################################
6 6
7 7 [DEFAULT]
8 8 debug = true
9 9
10 10 ################################################################################
11 11 ## EMAIL CONFIGURATION ##
12 12 ## Uncomment and replace with the email address which should receive ##
13 13 ## any error reports after an application crash ##
14 14 ## Additionally these settings will be used by the RhodeCode mailing system ##
15 15 ################################################################################
16 16
17 17 ## prefix all emails subjects with given prefix, helps filtering out emails
18 18 #email_prefix = [RhodeCode]
19 19
20 20 ## email FROM address all mails will be sent
21 21 #app_email_from = rhodecode-noreply@localhost
22 22
23 23 #smtp_server = mail.server.com
24 24 #smtp_username =
25 25 #smtp_password =
26 26 #smtp_port =
27 27 #smtp_use_tls = false
28 28 #smtp_use_ssl = true
29 29 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
30 30 #smtp_auth =
31 31
32 32 [server:main]
33 33 ## COMMON ##
34 34 host = 127.0.0.1
35 35 port = 5000
36 36
37 37 ###########################################################
38 38 ## WAITRESS WSGI SERVER - Recommended for Development ####
39 39 ###########################################################
40 40
41 41 use = egg:waitress#main
42 42 ## number of worker threads
43 43 threads = 5
44 44 ## MAX BODY SIZE 100GB
45 45 max_request_body_size = 107374182400
46 46 ## Use poll instead of select, fixes file descriptors limits problems.
47 47 ## May not work on old windows systems.
48 48 asyncore_use_poll = true
49 49
50 50
51 51 ##########################
52 52 ## GUNICORN WSGI SERVER ##
53 53 ##########################
54 54 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
55 55
56 56 #use = egg:gunicorn#main
57 57 ## Sets the number of process workers. More workers means more concurent connections
58 58 ## RhodeCode can handle at the same time. Each additional worker also it increases
59 59 ## memory usage as each has it's own set of caches.
60 60 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
61 61 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
62 62 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
63 63 ## when using more than 1 worker.
64 64 #workers = 2
65 65 ## process name visible in process list
66 66 #proc_name = rhodecode
67 67 ## type of worker class, one of sync, gevent
68 68 ## recommended for bigger setup is using of of other than sync one
69 69 #worker_class = gevent
70 70 ## The maximum number of simultaneous clients. Valid only for Gevent
71 71 #worker_connections = 10
72 72 ## max number of requests that worker will handle before being gracefully
73 73 ## restarted, could prevent memory leaks
74 74 #max_requests = 1000
75 75 #max_requests_jitter = 30
76 76 ## amount of time a worker can spend with handling a request before it
77 77 ## gets killed and restarted. Set to 6hrs
78 78 #timeout = 21600
79 79
80 80
81 81 ## prefix middleware for RhodeCode.
82 82 ## recommended when using proxy setup.
83 83 ## allows to set RhodeCode under a prefix in server.
84 84 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
85 85 ## And set your prefix like: `prefix = /custom_prefix`
86 86 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
87 87 ## to make your cookies only work on prefix url
88 88 [filter:proxy-prefix]
89 89 use = egg:PasteDeploy#prefix
90 90 prefix = /
91 91
92 92 [app:main]
93 93 ## The %(here)s variable will be replaced with the absolute path of parent directory
94 94 ## of this file
95 95 ## In addition ENVIRONMENT variables usage is possible, e.g
96 96 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
97 97
98 98 use = egg:rhodecode-enterprise-ce
99 99
100 100 ## enable proxy prefix middleware, defined above
101 101 #filter-with = proxy-prefix
102 102
103 103 # During development the we want to have the debug toolbar enabled
104 104 pyramid.includes =
105 105 pyramid_debugtoolbar
106 106 rhodecode.lib.middleware.request_wrapper
107 107
108 108 pyramid.reload_templates = true
109 109
110 110 debugtoolbar.hosts = 0.0.0.0/0
111 111 debugtoolbar.exclude_prefixes =
112 112 /css
113 113 /fonts
114 114 /images
115 115 /js
116 116
117 117 ## RHODECODE PLUGINS ##
118 118 rhodecode.includes =
119 119 rhodecode.api
120 120
121 121
122 122 # api prefix url
123 123 rhodecode.api.url = /_admin/api
124 124
125 125
126 126 ## END RHODECODE PLUGINS ##
127 127
128 128 ## encryption key used to encrypt social plugin tokens,
129 129 ## remote_urls with credentials etc, if not set it defaults to
130 130 ## `beaker.session.secret`
131 131 #rhodecode.encrypted_values.secret =
132 132
133 133 ## decryption strict mode (enabled by default). It controls if decryption raises
134 134 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
135 135 #rhodecode.encrypted_values.strict = false
136 136
137 137 ## return gzipped responses from Rhodecode (static files/application)
138 138 gzip_responses = false
139 139
140 140 ## autogenerate javascript routes file on startup
141 141 generate_js_files = false
142 142
143 143 ## System global default language.
144 144 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
145 145 lang = en
146 146
147 147 ## Perform a full repository scan and import on each server start.
148 148 ## Settings this to true could lead to very long startup time.
149 149 startup.import_repos = false
150 150
151 151 ## Uncomment and set this path to use archive download cache.
152 152 ## Once enabled, generated archives will be cached at this location
153 153 ## and served from the cache during subsequent requests for the same archive of
154 154 ## the repository.
155 155 #archive_cache_dir = /tmp/tarballcache
156 156
157 157 ## URL at which the application is running. This is used for bootstraping
158 158 ## requests in context when no web request is available. Used in ishell, or
159 159 ## SSH calls. Set this for events to receive proper url for SSH calls.
160 160 app.base_url = http://rhodecode.local
161 161
162 162 ## Unique application ID. Should be a random unique string for security.
163 163 app_instance_uuid = rc-production
164 164
165 165 ## Cut off limit for large diffs (size in bytes). If overall diff size on
166 166 ## commit, or pull request exceeds this limit this diff will be displayed
167 167 ## partially. E.g 512000 == 512Kb
168 168 cut_off_limit_diff = 512000
169 169
170 170 ## Cut off limit for large files inside diffs (size in bytes). Each individual
171 171 ## file inside diff which exceeds this limit will be displayed partially.
172 172 ## E.g 128000 == 128Kb
173 173 cut_off_limit_file = 128000
174 174
175 175 ## use cached version of vcs repositories everywhere. Recommended to be `true`
176 176 vcs_full_cache = true
177 177
178 178 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
179 179 ## Normally this is controlled by proper http flags sent from http server
180 180 force_https = false
181 181
182 182 ## use Strict-Transport-Security headers
183 183 use_htsts = false
184 184
185 185 ## git rev filter option, --all is the default filter, if you need to
186 186 ## hide all refs in changelog switch this to --branches --tags
187 187 git_rev_filter = --branches --tags
188 188
189 189 # Set to true if your repos are exposed using the dumb protocol
190 190 git_update_server_info = false
191 191
192 192 ## RSS/ATOM feed options
193 193 rss_cut_off_limit = 256000
194 194 rss_items_per_page = 10
195 195 rss_include_diff = false
196 196
197 197 ## gist URL alias, used to create nicer urls for gist. This should be an
198 198 ## url that does rewrites to _admin/gists/{gistid}.
199 199 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
200 200 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
201 201 gist_alias_url =
202 202
203 203 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
204 204 ## used for access.
205 205 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
206 206 ## came from the the logged in user who own this authentication token.
207 207 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
208 208 ## authentication token. Such view would be only accessible when used together
209 209 ## with this authentication token
210 210 ##
211 211 ## list of all views can be found under `/_admin/permissions/auth_token_access`
212 212 ## The list should be "," separated and on a single line.
213 213 ##
214 214 ## Most common views to enable:
215 215 # RepoCommitsView:repo_commit_download
216 216 # RepoCommitsView:repo_commit_patch
217 217 # RepoCommitsView:repo_commit_raw
218 218 # RepoCommitsView:repo_commit_raw@TOKEN
219 219 # RepoFilesView:repo_files_diff
220 220 # RepoFilesView:repo_archivefile
221 221 # RepoFilesView:repo_file_raw
222 222 # GistView:*
223 223 api_access_controllers_whitelist =
224 224
225 225 ## Default encoding used to convert from and to unicode
226 226 ## can be also a comma separated list of encoding in case of mixed encodings
227 227 default_encoding = UTF-8
228 228
229 229 ## instance-id prefix
230 230 ## a prefix key for this instance used for cache invalidation when running
231 231 ## multiple instances of rhodecode, make sure it's globally unique for
232 232 ## all running rhodecode instances. Leave empty if you don't use it
233 233 instance_id =
234 234
235 235 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
236 236 ## of an authentication plugin also if it is disabled by it's settings.
237 237 ## This could be useful if you are unable to log in to the system due to broken
238 238 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
239 239 ## module to log in again and fix the settings.
240 240 ##
241 241 ## Available builtin plugin IDs (hash is part of the ID):
242 242 ## egg:rhodecode-enterprise-ce#rhodecode
243 243 ## egg:rhodecode-enterprise-ce#pam
244 244 ## egg:rhodecode-enterprise-ce#ldap
245 245 ## egg:rhodecode-enterprise-ce#jasig_cas
246 246 ## egg:rhodecode-enterprise-ce#headers
247 247 ## egg:rhodecode-enterprise-ce#crowd
248 248 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
249 249
250 250 ## alternative return HTTP header for failed authentication. Default HTTP
251 251 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
252 252 ## handling that causing a series of failed authentication calls.
253 253 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
254 254 ## This will be served instead of default 401 on bad authnetication
255 255 auth_ret_code =
256 256
257 257 ## use special detection method when serving auth_ret_code, instead of serving
258 258 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
259 259 ## and then serve auth_ret_code to clients
260 260 auth_ret_code_detection = false
261 261
262 262 ## locking return code. When repository is locked return this HTTP code. 2XX
263 263 ## codes don't break the transactions while 4XX codes do
264 264 lock_ret_code = 423
265 265
266 266 ## allows to change the repository location in settings page
267 267 allow_repo_location_change = true
268 268
269 269 ## allows to setup custom hooks in settings page
270 270 allow_custom_hooks_settings = true
271 271
272 272 ## Generated license token required for EE edition license.
273 273 ## New generated token value can be found in Admin > settings > license page.
274 274 license_token =
275 275
276 276 ## supervisor connection uri, for managing supervisor and logs.
277 277 supervisor.uri =
278 278 ## supervisord group name/id we only want this RC instance to handle
279 279 supervisor.group_id = dev
280 280
281 281 ## Display extended labs settings
282 282 labs_settings_active = true
283 283
284 ## custom exception store path, defaults to TMPDIR
285 exception_tracker.store_path =
284 ## Custom exception store path, defaults to TMPDIR
285 ## This is used to store exception from RhodeCode in shared directory
286 #exception_tracker.store_path =
287
286 288
287 289 ####################################
288 290 ### CELERY CONFIG ####
289 291 ####################################
290 292 ## run: /path/to/celery worker \
291 293 ## -E --beat --app rhodecode.lib.celerylib.loader \
292 294 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
293 295 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
294 296
295 297 use_celery = false
296 298
297 299 ## connection url to the message broker (default rabbitmq)
298 300 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
299 301
300 302 ## maximum tasks to execute before worker restart
301 303 celery.max_tasks_per_child = 100
302 304
303 305 ## tasks will never be sent to the queue, but executed locally instead.
304 306 celery.task_always_eager = false
305 307
306 308 #####################################
307 309 ### DOGPILE CACHE ####
308 310 #####################################
309 311 ## Default cache dir for caches. Putting this into a ramdisk
310 312 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
311 313 ## large amount of space
312 314 cache_dir = %(here)s/data
313 315
314 316 ## `cache_perms` cache settings for permission tree, auth TTL.
315 317 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
316 318 rc_cache.cache_perms.expiration_time = 300
317 319
318 320 ## alternative `cache_perms` redis backend with distributed lock
319 321 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
320 322 #rc_cache.cache_perms.expiration_time = 300
321 323 ## redis_expiration_time needs to be greater then expiration_time
322 324 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
323 325 #rc_cache.cache_perms.arguments.socket_timeout = 30
324 326 #rc_cache.cache_perms.arguments.host = localhost
325 327 #rc_cache.cache_perms.arguments.port = 6379
326 328 #rc_cache.cache_perms.arguments.db = 0
327 329 #rc_cache.cache_perms.arguments.distributed_lock = true
328 330
329 331 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
330 332 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
331 333 rc_cache.cache_repo.expiration_time = 2592000
332 334
333 335 ## alternative `cache_repo` redis backend with distributed lock
334 336 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
335 337 #rc_cache.cache_repo.expiration_time = 2592000
336 338 ## redis_expiration_time needs to be greater then expiration_time
337 339 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
338 340 #rc_cache.cache_repo.arguments.socket_timeout = 30
339 341 #rc_cache.cache_repo.arguments.host = localhost
340 342 #rc_cache.cache_repo.arguments.port = 6379
341 343 #rc_cache.cache_repo.arguments.db = 1
342 344 #rc_cache.cache_repo.arguments.distributed_lock = true
343 345
344 346 ## cache settings for SQL queries, this needs to use memory type backend
345 347 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
346 348 rc_cache.sql_cache_short.expiration_time = 30
347 349
348 350 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
349 351 ## type backend as the objects kept are not pickle serializable
350 352 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
351 353 ## by default we use 96H, this is using invalidation on push anyway
352 354 rc_cache.cache_repo_longterm.expiration_time = 345600
353 355 ## max items in LRU cache, reduce this number to save memory, and expire last used
354 356 ## cached objects
355 357 rc_cache.cache_repo_longterm.max_size = 10000
356 358
357 359
358 360 ####################################
359 361 ### BEAKER SESSION ####
360 362 ####################################
361 363
362 364 ## .session.type is type of storage options for the session, current allowed
363 365 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
364 366 beaker.session.type = file
365 367 beaker.session.data_dir = %(here)s/data/sessions
366 368
367 369 ## db based session, fast, and allows easy management over logged in users
368 370 #beaker.session.type = ext:database
369 371 #beaker.session.table_name = db_session
370 372 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
371 373 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
372 374 #beaker.session.sa.pool_recycle = 3600
373 375 #beaker.session.sa.echo = false
374 376
375 377 beaker.session.key = rhodecode
376 378 beaker.session.secret = develop-rc-uytcxaz
377 379 beaker.session.lock_dir = %(here)s/data/sessions/lock
378 380
379 381 ## Secure encrypted cookie. Requires AES and AES python libraries
380 382 ## you must disable beaker.session.secret to use this
381 383 #beaker.session.encrypt_key = key_for_encryption
382 384 #beaker.session.validate_key = validation_key
383 385
384 386 ## sets session as invalid(also logging out user) if it haven not been
385 387 ## accessed for given amount of time in seconds
386 388 beaker.session.timeout = 2592000
387 389 beaker.session.httponly = true
388 390 ## Path to use for the cookie. Set to prefix if you use prefix middleware
389 391 #beaker.session.cookie_path = /custom_prefix
390 392
391 393 ## uncomment for https secure cookie
392 394 beaker.session.secure = false
393 395
394 396 ## auto save the session to not to use .save()
395 397 beaker.session.auto = false
396 398
397 399 ## default cookie expiration time in seconds, set to `true` to set expire
398 400 ## at browser close
399 401 #beaker.session.cookie_expires = 3600
400 402
401 403 ###################################
402 404 ## SEARCH INDEXING CONFIGURATION ##
403 405 ###################################
404 406 ## Full text search indexer is available in rhodecode-tools under
405 407 ## `rhodecode-tools index` command
406 408
407 409 ## WHOOSH Backend, doesn't require additional services to run
408 410 ## it works good with few dozen repos
409 411 search.module = rhodecode.lib.index.whoosh
410 412 search.location = %(here)s/data/index
411 413
412 414 ########################################
413 415 ### CHANNELSTREAM CONFIG ####
414 416 ########################################
415 417 ## channelstream enables persistent connections and live notification
416 418 ## in the system. It's also used by the chat system
417 419 channelstream.enabled = false
418 420
419 421 ## server address for channelstream server on the backend
420 422 channelstream.server = 127.0.0.1:9800
421 423
422 424 ## location of the channelstream server from outside world
423 425 ## use ws:// for http or wss:// for https. This address needs to be handled
424 426 ## by external HTTP server such as Nginx or Apache
425 427 ## see nginx/apache configuration examples in our docs
426 428 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
427 429 channelstream.secret = secret
428 430 channelstream.history.location = %(here)s/channelstream_history
429 431
430 432 ## Internal application path that Javascript uses to connect into.
431 433 ## If you use proxy-prefix the prefix should be added before /_channelstream
432 434 channelstream.proxy_path = /_channelstream
433 435
434 436
435 437 ###################################
436 438 ## APPENLIGHT CONFIG ##
437 439 ###################################
438 440
439 441 ## Appenlight is tailored to work with RhodeCode, see
440 442 ## http://appenlight.com for details how to obtain an account
441 443
442 444 ## appenlight integration enabled
443 445 appenlight = false
444 446
445 447 appenlight.server_url = https://api.appenlight.com
446 448 appenlight.api_key = YOUR_API_KEY
447 449 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
448 450
449 451 # used for JS client
450 452 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
451 453
452 454 ## TWEAK AMOUNT OF INFO SENT HERE
453 455
454 456 ## enables 404 error logging (default False)
455 457 appenlight.report_404 = false
456 458
457 459 ## time in seconds after request is considered being slow (default 1)
458 460 appenlight.slow_request_time = 1
459 461
460 462 ## record slow requests in application
461 463 ## (needs to be enabled for slow datastore recording and time tracking)
462 464 appenlight.slow_requests = true
463 465
464 466 ## enable hooking to application loggers
465 467 appenlight.logging = true
466 468
467 469 ## minimum log level for log capture
468 470 appenlight.logging.level = WARNING
469 471
470 472 ## send logs only from erroneous/slow requests
471 473 ## (saves API quota for intensive logging)
472 474 appenlight.logging_on_error = false
473 475
474 476 ## list of additonal keywords that should be grabbed from environ object
475 477 ## can be string with comma separated list of words in lowercase
476 478 ## (by default client will always send following info:
477 479 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
478 480 ## start with HTTP* this list be extended with additional keywords here
479 481 appenlight.environ_keys_whitelist =
480 482
481 483 ## list of keywords that should be blanked from request object
482 484 ## can be string with comma separated list of words in lowercase
483 485 ## (by default client will always blank keys that contain following words
484 486 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
485 487 ## this list be extended with additional keywords set here
486 488 appenlight.request_keys_blacklist =
487 489
488 490 ## list of namespaces that should be ignores when gathering log entries
489 491 ## can be string with comma separated list of namespaces
490 492 ## (by default the client ignores own entries: appenlight_client.client)
491 493 appenlight.log_namespace_blacklist =
492 494
493 495
494 496 ################################################################################
495 497 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
496 498 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
497 499 ## execute malicious code after an exception is raised. ##
498 500 ################################################################################
499 501 #set debug = false
500 502
501 503 # enable debug style page
502 504 debug_style = true
503 505
504 506 ###########################################
505 507 ### MAIN RHODECODE DATABASE CONFIG ###
506 508 ###########################################
507 509 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
508 510 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
509 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
511 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
510 512 # pymysql is an alternative driver for MySQL, use in case of problems with default one
511 513 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
512 514
513 515 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
514 516
515 517 # see sqlalchemy docs for other advanced settings
516 518
517 519 ## print the sql statements to output
518 520 sqlalchemy.db1.echo = false
519 521 ## recycle the connections after this amount of seconds
520 522 sqlalchemy.db1.pool_recycle = 3600
521 523 sqlalchemy.db1.convert_unicode = true
522 524
523 525 ## the number of connections to keep open inside the connection pool.
524 526 ## 0 indicates no limit
525 527 #sqlalchemy.db1.pool_size = 5
526 528
527 529 ## the number of connections to allow in connection pool "overflow", that is
528 530 ## connections that can be opened above and beyond the pool_size setting,
529 531 ## which defaults to five.
530 532 #sqlalchemy.db1.max_overflow = 10
531 533
532 534 ## Connection check ping, used to detect broken database connections
533 535 ## could be enabled to better handle cases if MySQL has gone away errors
534 536 #sqlalchemy.db1.ping_connection = true
535 537
536 538 ##################
537 539 ### VCS CONFIG ###
538 540 ##################
539 541 vcs.server.enable = true
540 542 vcs.server = localhost:9900
541 543
542 544 ## Web server connectivity protocol, responsible for web based VCS operatations
543 545 ## Available protocols are:
544 546 ## `http` - use http-rpc backend (default)
545 547 vcs.server.protocol = http
546 548
547 549 ## Push/Pull operations protocol, available options are:
548 550 ## `http` - use http-rpc backend (default)
549 551 vcs.scm_app_implementation = http
550 552
551 553 ## Push/Pull operations hooks protocol, available options are:
552 554 ## `http` - use http-rpc backend (default)
553 555 vcs.hooks.protocol = http
554 556
555 557 ## Host on which this instance is listening for hooks. If vcsserver is in other location
556 558 ## this should be adjusted.
557 559 vcs.hooks.host = 127.0.0.1
558 560
559 561 vcs.server.log_level = debug
560 562 ## Start VCSServer with this instance as a subprocess, useful for development
561 563 vcs.start_server = false
562 564
563 565 ## List of enabled VCS backends, available options are:
564 566 ## `hg` - mercurial
565 567 ## `git` - git
566 568 ## `svn` - subversion
567 569 vcs.backends = hg, git, svn
568 570
569 571 vcs.connection_timeout = 3600
570 572 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
571 573 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
572 574 #vcs.svn.compatible_version = pre-1.8-compatible
573 575
574 576
575 577 ############################################################
576 578 ### Subversion proxy support (mod_dav_svn) ###
577 579 ### Maps RhodeCode repo groups into SVN paths for Apache ###
578 580 ############################################################
579 581 ## Enable or disable the config file generation.
580 582 svn.proxy.generate_config = false
581 583 ## Generate config file with `SVNListParentPath` set to `On`.
582 584 svn.proxy.list_parent_path = true
583 585 ## Set location and file name of generated config file.
584 586 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
585 587 ## alternative mod_dav config template. This needs to be a mako template
586 588 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
587 589 ## Used as a prefix to the `Location` block in the generated config file.
588 590 ## In most cases it should be set to `/`.
589 591 svn.proxy.location_root = /
590 592 ## Command to reload the mod dav svn configuration on change.
591 593 ## Example: `/etc/init.d/apache2 reload`
592 594 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
593 595 ## If the timeout expires before the reload command finishes, the command will
594 596 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
595 597 #svn.proxy.reload_timeout = 10
596 598
597 599 ############################################################
598 600 ### SSH Support Settings ###
599 601 ############################################################
600 602
601 603 ## Defines if a custom authorized_keys file should be created and written on
602 604 ## any change user ssh keys. Setting this to false also disables posibility
603 605 ## of adding SSH keys by users from web interface. Super admins can still
604 606 ## manage SSH Keys.
605 607 ssh.generate_authorized_keyfile = false
606 608
607 609 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
608 610 # ssh.authorized_keys_ssh_opts =
609 611
610 612 ## Path to the authrozied_keys file where the generate entries are placed.
611 613 ## It is possible to have multiple key files specified in `sshd_config` e.g.
612 614 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
613 615 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
614 616
615 617 ## Command to execute the SSH wrapper. The binary is available in the
616 618 ## rhodecode installation directory.
617 619 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
618 620 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
619 621
620 622 ## Allow shell when executing the ssh-wrapper command
621 623 ssh.wrapper_cmd_allow_shell = false
622 624
623 625 ## Enables logging, and detailed output send back to the client during SSH
624 626 ## operations. Usefull for debugging, shouldn't be used in production.
625 627 ssh.enable_debug_logging = true
626 628
627 629 ## Paths to binary executable, by default they are the names, but we can
628 630 ## override them if we want to use a custom one
629 631 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
630 632 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
631 633 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
632 634
633 635
634 636 ## Dummy marker to add new entries after.
635 637 ## Add any custom entries below. Please don't remove.
636 638 custom.conf = 1
637 639
638 640
639 641 ################################
640 642 ### LOGGING CONFIGURATION ####
641 643 ################################
642 644 [loggers]
643 645 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
644 646
645 647 [handlers]
646 648 keys = console, console_sql
647 649
648 650 [formatters]
649 651 keys = generic, color_formatter, color_formatter_sql
650 652
651 653 #############
652 654 ## LOGGERS ##
653 655 #############
654 656 [logger_root]
655 657 level = NOTSET
656 658 handlers = console
657 659
658 660 [logger_sqlalchemy]
659 661 level = INFO
660 662 handlers = console_sql
661 663 qualname = sqlalchemy.engine
662 664 propagate = 0
663 665
664 666 [logger_beaker]
665 667 level = DEBUG
666 668 handlers =
667 669 qualname = beaker.container
668 670 propagate = 1
669 671
670 672 [logger_rhodecode]
671 673 level = DEBUG
672 674 handlers =
673 675 qualname = rhodecode
674 676 propagate = 1
675 677
676 678 [logger_ssh_wrapper]
677 679 level = DEBUG
678 680 handlers =
679 681 qualname = ssh_wrapper
680 682 propagate = 1
681 683
682 684 [logger_celery]
683 685 level = DEBUG
684 686 handlers =
685 687 qualname = celery
686 688
687 689
688 690 ##############
689 691 ## HANDLERS ##
690 692 ##############
691 693
692 694 [handler_console]
693 695 class = StreamHandler
694 696 args = (sys.stderr, )
695 697 level = DEBUG
696 698 formatter = color_formatter
697 699
698 700 [handler_console_sql]
699 701 # "level = DEBUG" logs SQL queries and results.
700 702 # "level = INFO" logs SQL queries.
701 703 # "level = WARN" logs neither. (Recommended for production systems.)
702 704 class = StreamHandler
703 705 args = (sys.stderr, )
704 706 level = WARN
705 707 formatter = color_formatter_sql
706 708
707 709 ################
708 710 ## FORMATTERS ##
709 711 ################
710 712
711 713 [formatter_generic]
712 714 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
713 715 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
714 716 datefmt = %Y-%m-%d %H:%M:%S
715 717
716 718 [formatter_color_formatter]
717 719 class = rhodecode.lib.logging_formatter.ColorFormatter
718 720 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
719 721 datefmt = %Y-%m-%d %H:%M:%S
720 722
721 723 [formatter_color_formatter_sql]
722 724 class = rhodecode.lib.logging_formatter.ColorFormatterSql
723 725 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
724 726 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,697 +1,698 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 ################################################################################
6 6
7 7 [DEFAULT]
8 8 debug = true
9 9
10 10 ################################################################################
11 11 ## EMAIL CONFIGURATION ##
12 12 ## Uncomment and replace with the email address which should receive ##
13 13 ## any error reports after an application crash ##
14 14 ## Additionally these settings will be used by the RhodeCode mailing system ##
15 15 ################################################################################
16 16
17 17 ## prefix all emails subjects with given prefix, helps filtering out emails
18 18 #email_prefix = [RhodeCode]
19 19
20 20 ## email FROM address all mails will be sent
21 21 #app_email_from = rhodecode-noreply@localhost
22 22
23 23 #smtp_server = mail.server.com
24 24 #smtp_username =
25 25 #smtp_password =
26 26 #smtp_port =
27 27 #smtp_use_tls = false
28 28 #smtp_use_ssl = true
29 29 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
30 30 #smtp_auth =
31 31
32 32 [server:main]
33 33 ## COMMON ##
34 34 host = 127.0.0.1
35 35 port = 5000
36 36
37 37 ###########################################################
38 38 ## WAITRESS WSGI SERVER - Recommended for Development ####
39 39 ###########################################################
40 40
41 41 #use = egg:waitress#main
42 42 ## number of worker threads
43 43 #threads = 5
44 44 ## MAX BODY SIZE 100GB
45 45 #max_request_body_size = 107374182400
46 46 ## Use poll instead of select, fixes file descriptors limits problems.
47 47 ## May not work on old windows systems.
48 48 #asyncore_use_poll = true
49 49
50 50
51 51 ##########################
52 52 ## GUNICORN WSGI SERVER ##
53 53 ##########################
54 54 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
55 55
56 56 use = egg:gunicorn#main
57 57 ## Sets the number of process workers. More workers means more concurent connections
58 58 ## RhodeCode can handle at the same time. Each additional worker also it increases
59 59 ## memory usage as each has it's own set of caches.
60 60 ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
61 61 ## than 8-10 unless for really big deployments .e.g 700-1000 users.
62 62 ## `instance_id = *` must be set in the [app:main] section below (which is the default)
63 63 ## when using more than 1 worker.
64 64 workers = 2
65 65 ## process name visible in process list
66 66 proc_name = rhodecode
67 67 ## type of worker class, one of sync, gevent
68 68 ## recommended for bigger setup is using of of other than sync one
69 69 worker_class = gevent
70 70 ## The maximum number of simultaneous clients. Valid only for Gevent
71 71 worker_connections = 10
72 72 ## max number of requests that worker will handle before being gracefully
73 73 ## restarted, could prevent memory leaks
74 74 max_requests = 1000
75 75 max_requests_jitter = 30
76 76 ## amount of time a worker can spend with handling a request before it
77 77 ## gets killed and restarted. Set to 6hrs
78 78 timeout = 21600
79 79
80 80
81 81 ## prefix middleware for RhodeCode.
82 82 ## recommended when using proxy setup.
83 83 ## allows to set RhodeCode under a prefix in server.
84 84 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
85 85 ## And set your prefix like: `prefix = /custom_prefix`
86 86 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
87 87 ## to make your cookies only work on prefix url
88 88 [filter:proxy-prefix]
89 89 use = egg:PasteDeploy#prefix
90 90 prefix = /
91 91
92 92 [app:main]
93 93 ## The %(here)s variable will be replaced with the absolute path of parent directory
94 94 ## of this file
95 95 ## In addition ENVIRONMENT variables usage is possible, e.g
96 96 ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
97 97
98 98 use = egg:rhodecode-enterprise-ce
99 99
100 100 ## enable proxy prefix middleware, defined above
101 101 #filter-with = proxy-prefix
102 102
103 103 ## encryption key used to encrypt social plugin tokens,
104 104 ## remote_urls with credentials etc, if not set it defaults to
105 105 ## `beaker.session.secret`
106 106 #rhodecode.encrypted_values.secret =
107 107
108 108 ## decryption strict mode (enabled by default). It controls if decryption raises
109 109 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
110 110 #rhodecode.encrypted_values.strict = false
111 111
112 112 ## return gzipped responses from Rhodecode (static files/application)
113 113 gzip_responses = false
114 114
115 115 ## autogenerate javascript routes file on startup
116 116 generate_js_files = false
117 117
118 118 ## System global default language.
119 119 ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
120 120 lang = en
121 121
122 122 ## Perform a full repository scan and import on each server start.
123 123 ## Settings this to true could lead to very long startup time.
124 124 startup.import_repos = false
125 125
126 126 ## Uncomment and set this path to use archive download cache.
127 127 ## Once enabled, generated archives will be cached at this location
128 128 ## and served from the cache during subsequent requests for the same archive of
129 129 ## the repository.
130 130 #archive_cache_dir = /tmp/tarballcache
131 131
132 132 ## URL at which the application is running. This is used for bootstraping
133 133 ## requests in context when no web request is available. Used in ishell, or
134 134 ## SSH calls. Set this for events to receive proper url for SSH calls.
135 135 app.base_url = http://rhodecode.local
136 136
137 137 ## Unique application ID. Should be a random unique string for security.
138 138 app_instance_uuid = rc-production
139 139
140 140 ## Cut off limit for large diffs (size in bytes). If overall diff size on
141 141 ## commit, or pull request exceeds this limit this diff will be displayed
142 142 ## partially. E.g 512000 == 512Kb
143 143 cut_off_limit_diff = 512000
144 144
145 145 ## Cut off limit for large files inside diffs (size in bytes). Each individual
146 146 ## file inside diff which exceeds this limit will be displayed partially.
147 147 ## E.g 128000 == 128Kb
148 148 cut_off_limit_file = 128000
149 149
150 150 ## use cached version of vcs repositories everywhere. Recommended to be `true`
151 151 vcs_full_cache = true
152 152
153 153 ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
154 154 ## Normally this is controlled by proper http flags sent from http server
155 155 force_https = false
156 156
157 157 ## use Strict-Transport-Security headers
158 158 use_htsts = false
159 159
160 160 ## git rev filter option, --all is the default filter, if you need to
161 161 ## hide all refs in changelog switch this to --branches --tags
162 162 git_rev_filter = --branches --tags
163 163
164 164 # Set to true if your repos are exposed using the dumb protocol
165 165 git_update_server_info = false
166 166
167 167 ## RSS/ATOM feed options
168 168 rss_cut_off_limit = 256000
169 169 rss_items_per_page = 10
170 170 rss_include_diff = false
171 171
172 172 ## gist URL alias, used to create nicer urls for gist. This should be an
173 173 ## url that does rewrites to _admin/gists/{gistid}.
174 174 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
175 175 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
176 176 gist_alias_url =
177 177
178 178 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
179 179 ## used for access.
180 180 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
181 181 ## came from the the logged in user who own this authentication token.
182 182 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
183 183 ## authentication token. Such view would be only accessible when used together
184 184 ## with this authentication token
185 185 ##
186 186 ## list of all views can be found under `/_admin/permissions/auth_token_access`
187 187 ## The list should be "," separated and on a single line.
188 188 ##
189 189 ## Most common views to enable:
190 190 # RepoCommitsView:repo_commit_download
191 191 # RepoCommitsView:repo_commit_patch
192 192 # RepoCommitsView:repo_commit_raw
193 193 # RepoCommitsView:repo_commit_raw@TOKEN
194 194 # RepoFilesView:repo_files_diff
195 195 # RepoFilesView:repo_archivefile
196 196 # RepoFilesView:repo_file_raw
197 197 # GistView:*
198 198 api_access_controllers_whitelist =
199 199
200 200 ## Default encoding used to convert from and to unicode
201 201 ## can be also a comma separated list of encoding in case of mixed encodings
202 202 default_encoding = UTF-8
203 203
204 204 ## instance-id prefix
205 205 ## a prefix key for this instance used for cache invalidation when running
206 206 ## multiple instances of rhodecode, make sure it's globally unique for
207 207 ## all running rhodecode instances. Leave empty if you don't use it
208 208 instance_id =
209 209
210 210 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
211 211 ## of an authentication plugin also if it is disabled by it's settings.
212 212 ## This could be useful if you are unable to log in to the system due to broken
213 213 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
214 214 ## module to log in again and fix the settings.
215 215 ##
216 216 ## Available builtin plugin IDs (hash is part of the ID):
217 217 ## egg:rhodecode-enterprise-ce#rhodecode
218 218 ## egg:rhodecode-enterprise-ce#pam
219 219 ## egg:rhodecode-enterprise-ce#ldap
220 220 ## egg:rhodecode-enterprise-ce#jasig_cas
221 221 ## egg:rhodecode-enterprise-ce#headers
222 222 ## egg:rhodecode-enterprise-ce#crowd
223 223 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
224 224
225 225 ## alternative return HTTP header for failed authentication. Default HTTP
226 226 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
227 227 ## handling that causing a series of failed authentication calls.
228 228 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
229 229 ## This will be served instead of default 401 on bad authnetication
230 230 auth_ret_code =
231 231
232 232 ## use special detection method when serving auth_ret_code, instead of serving
233 233 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
234 234 ## and then serve auth_ret_code to clients
235 235 auth_ret_code_detection = false
236 236
237 237 ## locking return code. When repository is locked return this HTTP code. 2XX
238 238 ## codes don't break the transactions while 4XX codes do
239 239 lock_ret_code = 423
240 240
241 241 ## allows to change the repository location in settings page
242 242 allow_repo_location_change = true
243 243
244 244 ## allows to setup custom hooks in settings page
245 245 allow_custom_hooks_settings = true
246 246
247 247 ## Generated license token required for EE edition license.
248 248 ## New generated token value can be found in Admin > settings > license page.
249 249 license_token =
250 250
251 251 ## supervisor connection uri, for managing supervisor and logs.
252 252 supervisor.uri =
253 253 ## supervisord group name/id we only want this RC instance to handle
254 254 supervisor.group_id = prod
255 255
256 256 ## Display extended labs settings
257 257 labs_settings_active = true
258 258
259 ## custom exception store path, defaults to TMPDIR
260 exception_tracker.store_path =
259 ## Custom exception store path, defaults to TMPDIR
260 ## This is used to store exception from RhodeCode in shared directory
261 #exception_tracker.store_path =
261 262
262 263
263 264 ####################################
264 265 ### CELERY CONFIG ####
265 266 ####################################
266 267 ## run: /path/to/celery worker \
267 268 ## -E --beat --app rhodecode.lib.celerylib.loader \
268 269 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
269 270 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
270 271
271 272 use_celery = false
272 273
273 274 ## connection url to the message broker (default rabbitmq)
274 275 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
275 276
276 277 ## maximum tasks to execute before worker restart
277 278 celery.max_tasks_per_child = 100
278 279
279 280 ## tasks will never be sent to the queue, but executed locally instead.
280 281 celery.task_always_eager = false
281 282
282 283 #####################################
283 284 ### DOGPILE CACHE ####
284 285 #####################################
285 286 ## Default cache dir for caches. Putting this into a ramdisk
286 287 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
287 288 ## large amount of space
288 289 cache_dir = %(here)s/data
289 290
290 291 ## `cache_perms` cache settings for permission tree, auth TTL.
291 292 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
292 293 rc_cache.cache_perms.expiration_time = 300
293 294
294 295 ## alternative `cache_perms` redis backend with distributed lock
295 296 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
296 297 #rc_cache.cache_perms.expiration_time = 300
297 298 ## redis_expiration_time needs to be greater then expiration_time
298 299 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
299 300 #rc_cache.cache_perms.arguments.socket_timeout = 30
300 301 #rc_cache.cache_perms.arguments.host = localhost
301 302 #rc_cache.cache_perms.arguments.port = 6379
302 303 #rc_cache.cache_perms.arguments.db = 0
303 304 #rc_cache.cache_perms.arguments.distributed_lock = true
304 305
305 306 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
306 307 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
307 308 rc_cache.cache_repo.expiration_time = 2592000
308 309
309 310 ## alternative `cache_repo` redis backend with distributed lock
310 311 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
311 312 #rc_cache.cache_repo.expiration_time = 2592000
312 313 ## redis_expiration_time needs to be greater then expiration_time
313 314 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
314 315 #rc_cache.cache_repo.arguments.socket_timeout = 30
315 316 #rc_cache.cache_repo.arguments.host = localhost
316 317 #rc_cache.cache_repo.arguments.port = 6379
317 318 #rc_cache.cache_repo.arguments.db = 1
318 319 #rc_cache.cache_repo.arguments.distributed_lock = true
319 320
320 321 ## cache settings for SQL queries, this needs to use memory type backend
321 322 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
322 323 rc_cache.sql_cache_short.expiration_time = 30
323 324
324 325 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
325 326 ## type backend as the objects kept are not pickle serializable
326 327 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
327 328 ## by default we use 96H, this is using invalidation on push anyway
328 329 rc_cache.cache_repo_longterm.expiration_time = 345600
329 330 ## max items in LRU cache, reduce this number to save memory, and expire last used
330 331 ## cached objects
331 332 rc_cache.cache_repo_longterm.max_size = 10000
332 333
333 334
334 335 ####################################
335 336 ### BEAKER SESSION ####
336 337 ####################################
337 338
338 339 ## .session.type is type of storage options for the session, current allowed
339 340 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
340 341 beaker.session.type = file
341 342 beaker.session.data_dir = %(here)s/data/sessions
342 343
343 344 ## db based session, fast, and allows easy management over logged in users
344 345 #beaker.session.type = ext:database
345 346 #beaker.session.table_name = db_session
346 347 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
347 348 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
348 349 #beaker.session.sa.pool_recycle = 3600
349 350 #beaker.session.sa.echo = false
350 351
351 352 beaker.session.key = rhodecode
352 353 beaker.session.secret = production-rc-uytcxaz
353 354 beaker.session.lock_dir = %(here)s/data/sessions/lock
354 355
355 356 ## Secure encrypted cookie. Requires AES and AES python libraries
356 357 ## you must disable beaker.session.secret to use this
357 358 #beaker.session.encrypt_key = key_for_encryption
358 359 #beaker.session.validate_key = validation_key
359 360
360 361 ## sets session as invalid(also logging out user) if it haven not been
361 362 ## accessed for given amount of time in seconds
362 363 beaker.session.timeout = 2592000
363 364 beaker.session.httponly = true
364 365 ## Path to use for the cookie. Set to prefix if you use prefix middleware
365 366 #beaker.session.cookie_path = /custom_prefix
366 367
367 368 ## uncomment for https secure cookie
368 369 beaker.session.secure = false
369 370
370 371 ## auto save the session to not to use .save()
371 372 beaker.session.auto = false
372 373
373 374 ## default cookie expiration time in seconds, set to `true` to set expire
374 375 ## at browser close
375 376 #beaker.session.cookie_expires = 3600
376 377
377 378 ###################################
378 379 ## SEARCH INDEXING CONFIGURATION ##
379 380 ###################################
380 381 ## Full text search indexer is available in rhodecode-tools under
381 382 ## `rhodecode-tools index` command
382 383
383 384 ## WHOOSH Backend, doesn't require additional services to run
384 385 ## it works good with few dozen repos
385 386 search.module = rhodecode.lib.index.whoosh
386 387 search.location = %(here)s/data/index
387 388
388 389 ########################################
389 390 ### CHANNELSTREAM CONFIG ####
390 391 ########################################
391 392 ## channelstream enables persistent connections and live notification
392 393 ## in the system. It's also used by the chat system
393 394 channelstream.enabled = false
394 395
395 396 ## server address for channelstream server on the backend
396 397 channelstream.server = 127.0.0.1:9800
397 398
398 399 ## location of the channelstream server from outside world
399 400 ## use ws:// for http or wss:// for https. This address needs to be handled
400 401 ## by external HTTP server such as Nginx or Apache
401 402 ## see nginx/apache configuration examples in our docs
402 403 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
403 404 channelstream.secret = secret
404 405 channelstream.history.location = %(here)s/channelstream_history
405 406
406 407 ## Internal application path that Javascript uses to connect into.
407 408 ## If you use proxy-prefix the prefix should be added before /_channelstream
408 409 channelstream.proxy_path = /_channelstream
409 410
410 411
411 412 ###################################
412 413 ## APPENLIGHT CONFIG ##
413 414 ###################################
414 415
415 416 ## Appenlight is tailored to work with RhodeCode, see
416 417 ## http://appenlight.com for details how to obtain an account
417 418
418 419 ## appenlight integration enabled
419 420 appenlight = false
420 421
421 422 appenlight.server_url = https://api.appenlight.com
422 423 appenlight.api_key = YOUR_API_KEY
423 424 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
424 425
425 426 # used for JS client
426 427 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
427 428
428 429 ## TWEAK AMOUNT OF INFO SENT HERE
429 430
430 431 ## enables 404 error logging (default False)
431 432 appenlight.report_404 = false
432 433
433 434 ## time in seconds after request is considered being slow (default 1)
434 435 appenlight.slow_request_time = 1
435 436
436 437 ## record slow requests in application
437 438 ## (needs to be enabled for slow datastore recording and time tracking)
438 439 appenlight.slow_requests = true
439 440
440 441 ## enable hooking to application loggers
441 442 appenlight.logging = true
442 443
443 444 ## minimum log level for log capture
444 445 appenlight.logging.level = WARNING
445 446
446 447 ## send logs only from erroneous/slow requests
447 448 ## (saves API quota for intensive logging)
448 449 appenlight.logging_on_error = false
449 450
450 451 ## list of additonal keywords that should be grabbed from environ object
451 452 ## can be string with comma separated list of words in lowercase
452 453 ## (by default client will always send following info:
453 454 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
454 455 ## start with HTTP* this list be extended with additional keywords here
455 456 appenlight.environ_keys_whitelist =
456 457
457 458 ## list of keywords that should be blanked from request object
458 459 ## can be string with comma separated list of words in lowercase
459 460 ## (by default client will always blank keys that contain following words
460 461 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
461 462 ## this list be extended with additional keywords set here
462 463 appenlight.request_keys_blacklist =
463 464
464 465 ## list of namespaces that should be ignores when gathering log entries
465 466 ## can be string with comma separated list of namespaces
466 467 ## (by default the client ignores own entries: appenlight_client.client)
467 468 appenlight.log_namespace_blacklist =
468 469
469 470
470 471 ################################################################################
471 472 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
472 473 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
473 474 ## execute malicious code after an exception is raised. ##
474 475 ################################################################################
475 476 set debug = false
476 477
477 478
478 479 ###########################################
479 480 ### MAIN RHODECODE DATABASE CONFIG ###
480 481 ###########################################
481 482 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
482 483 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
483 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
484 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
484 485 # pymysql is an alternative driver for MySQL, use in case of problems with default one
485 486 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
486 487
487 488 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
488 489
489 490 # see sqlalchemy docs for other advanced settings
490 491
491 492 ## print the sql statements to output
492 493 sqlalchemy.db1.echo = false
493 494 ## recycle the connections after this amount of seconds
494 495 sqlalchemy.db1.pool_recycle = 3600
495 496 sqlalchemy.db1.convert_unicode = true
496 497
497 498 ## the number of connections to keep open inside the connection pool.
498 499 ## 0 indicates no limit
499 500 #sqlalchemy.db1.pool_size = 5
500 501
501 502 ## the number of connections to allow in connection pool "overflow", that is
502 503 ## connections that can be opened above and beyond the pool_size setting,
503 504 ## which defaults to five.
504 505 #sqlalchemy.db1.max_overflow = 10
505 506
506 507 ## Connection check ping, used to detect broken database connections
507 508 ## could be enabled to better handle cases if MySQL has gone away errors
508 509 #sqlalchemy.db1.ping_connection = true
509 510
510 511 ##################
511 512 ### VCS CONFIG ###
512 513 ##################
513 514 vcs.server.enable = true
514 515 vcs.server = localhost:9900
515 516
516 517 ## Web server connectivity protocol, responsible for web based VCS operatations
517 518 ## Available protocols are:
518 519 ## `http` - use http-rpc backend (default)
519 520 vcs.server.protocol = http
520 521
521 522 ## Push/Pull operations protocol, available options are:
522 523 ## `http` - use http-rpc backend (default)
523 524 vcs.scm_app_implementation = http
524 525
525 526 ## Push/Pull operations hooks protocol, available options are:
526 527 ## `http` - use http-rpc backend (default)
527 528 vcs.hooks.protocol = http
528 529 ## Host on which this instance is listening for hooks. If vcsserver is in other location
529 530 ## this should be adjusted.
530 531 vcs.hooks.host = 127.0.0.1
531 532
532 533 vcs.server.log_level = info
533 534 ## Start VCSServer with this instance as a subprocess, useful for development
534 535 vcs.start_server = false
535 536
536 537 ## List of enabled VCS backends, available options are:
537 538 ## `hg` - mercurial
538 539 ## `git` - git
539 540 ## `svn` - subversion
540 541 vcs.backends = hg, git, svn
541 542
542 543 vcs.connection_timeout = 3600
543 544 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
544 545 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
545 546 #vcs.svn.compatible_version = pre-1.8-compatible
546 547
547 548
548 549 ############################################################
549 550 ### Subversion proxy support (mod_dav_svn) ###
550 551 ### Maps RhodeCode repo groups into SVN paths for Apache ###
551 552 ############################################################
552 553 ## Enable or disable the config file generation.
553 554 svn.proxy.generate_config = false
554 555 ## Generate config file with `SVNListParentPath` set to `On`.
555 556 svn.proxy.list_parent_path = true
556 557 ## Set location and file name of generated config file.
557 558 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
558 559 ## alternative mod_dav config template. This needs to be a mako template
559 560 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
560 561 ## Used as a prefix to the `Location` block in the generated config file.
561 562 ## In most cases it should be set to `/`.
562 563 svn.proxy.location_root = /
563 564 ## Command to reload the mod dav svn configuration on change.
564 565 ## Example: `/etc/init.d/apache2 reload`
565 566 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
566 567 ## If the timeout expires before the reload command finishes, the command will
567 568 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
568 569 #svn.proxy.reload_timeout = 10
569 570
570 571 ############################################################
571 572 ### SSH Support Settings ###
572 573 ############################################################
573 574
574 575 ## Defines if a custom authorized_keys file should be created and written on
575 576 ## any change user ssh keys. Setting this to false also disables posibility
576 577 ## of adding SSH keys by users from web interface. Super admins can still
577 578 ## manage SSH Keys.
578 579 ssh.generate_authorized_keyfile = false
579 580
580 581 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
581 582 # ssh.authorized_keys_ssh_opts =
582 583
583 584 ## Path to the authrozied_keys file where the generate entries are placed.
584 585 ## It is possible to have multiple key files specified in `sshd_config` e.g.
585 586 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
586 587 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
587 588
588 589 ## Command to execute the SSH wrapper. The binary is available in the
589 590 ## rhodecode installation directory.
590 591 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
591 592 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
592 593
593 594 ## Allow shell when executing the ssh-wrapper command
594 595 ssh.wrapper_cmd_allow_shell = false
595 596
596 597 ## Enables logging, and detailed output send back to the client during SSH
597 598 ## operations. Usefull for debugging, shouldn't be used in production.
598 599 ssh.enable_debug_logging = false
599 600
600 601 ## Paths to binary executable, by default they are the names, but we can
601 602 ## override them if we want to use a custom one
602 603 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
603 604 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
604 605 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
605 606
606 607
607 608 ## Dummy marker to add new entries after.
608 609 ## Add any custom entries below. Please don't remove.
609 610 custom.conf = 1
610 611
611 612
612 613 ################################
613 614 ### LOGGING CONFIGURATION ####
614 615 ################################
615 616 [loggers]
616 617 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
617 618
618 619 [handlers]
619 620 keys = console, console_sql
620 621
621 622 [formatters]
622 623 keys = generic, color_formatter, color_formatter_sql
623 624
624 625 #############
625 626 ## LOGGERS ##
626 627 #############
627 628 [logger_root]
628 629 level = NOTSET
629 630 handlers = console
630 631
631 632 [logger_sqlalchemy]
632 633 level = INFO
633 634 handlers = console_sql
634 635 qualname = sqlalchemy.engine
635 636 propagate = 0
636 637
637 638 [logger_beaker]
638 639 level = DEBUG
639 640 handlers =
640 641 qualname = beaker.container
641 642 propagate = 1
642 643
643 644 [logger_rhodecode]
644 645 level = DEBUG
645 646 handlers =
646 647 qualname = rhodecode
647 648 propagate = 1
648 649
649 650 [logger_ssh_wrapper]
650 651 level = DEBUG
651 652 handlers =
652 653 qualname = ssh_wrapper
653 654 propagate = 1
654 655
655 656 [logger_celery]
656 657 level = DEBUG
657 658 handlers =
658 659 qualname = celery
659 660
660 661
661 662 ##############
662 663 ## HANDLERS ##
663 664 ##############
664 665
665 666 [handler_console]
666 667 class = StreamHandler
667 668 args = (sys.stderr, )
668 669 level = INFO
669 670 formatter = generic
670 671
671 672 [handler_console_sql]
672 673 # "level = DEBUG" logs SQL queries and results.
673 674 # "level = INFO" logs SQL queries.
674 675 # "level = WARN" logs neither. (Recommended for production systems.)
675 676 class = StreamHandler
676 677 args = (sys.stderr, )
677 678 level = WARN
678 679 formatter = generic
679 680
680 681 ################
681 682 ## FORMATTERS ##
682 683 ################
683 684
684 685 [formatter_generic]
685 686 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
686 687 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
687 688 datefmt = %Y-%m-%d %H:%M:%S
688 689
689 690 [formatter_color_formatter]
690 691 class = rhodecode.lib.logging_formatter.ColorFormatter
691 692 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
692 693 datefmt = %Y-%m-%d %H:%M:%S
693 694
694 695 [formatter_color_formatter_sql]
695 696 class = rhodecode.lib.logging_formatter.ColorFormatterSql
696 697 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
697 698 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now