##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
svn: allow specifying alternative template file for mod_dav config.
marcink -
r2161:e8d12db8 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,727 +1,729 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 use = egg:waitress#main
55 55 ## number of worker threads
56 56 threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 #use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 #workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommended to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 #proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 #worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 #max_requests = 1000
88 88 #max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 #timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 # During development the we want to have the debug toolbar enabled
112 112 pyramid.includes =
113 113 pyramid_debugtoolbar
114 114 rhodecode.utils.debugtoolbar
115 115 rhodecode.lib.middleware.request_wrapper
116 116
117 117 pyramid.reload_templates = true
118 118
119 119 debugtoolbar.hosts = 0.0.0.0/0
120 120 debugtoolbar.exclude_prefixes =
121 121 /css
122 122 /fonts
123 123 /images
124 124 /js
125 125
126 126 ## RHODECODE PLUGINS ##
127 127 rhodecode.includes =
128 128 rhodecode.api
129 129
130 130
131 131 # api prefix url
132 132 rhodecode.api.url = /_admin/api
133 133
134 134
135 135 ## END RHODECODE PLUGINS ##
136 136
137 137 ## encryption key used to encrypt social plugin tokens,
138 138 ## remote_urls with credentials etc, if not set it defaults to
139 139 ## `beaker.session.secret`
140 140 #rhodecode.encrypted_values.secret =
141 141
142 142 ## decryption strict mode (enabled by default). It controls if decryption raises
143 143 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
144 144 #rhodecode.encrypted_values.strict = false
145 145
146 146 ## return gzipped responses from Rhodecode (static files/application)
147 147 gzip_responses = false
148 148
149 149 ## autogenerate javascript routes file on startup
150 150 generate_js_files = false
151 151
152 152 ## Optional Languages
153 153 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
154 154 lang = en
155 155
156 156 ## perform a full repository scan on each server start, this should be
157 157 ## set to false after first startup, to allow faster server restarts.
158 158 startup.import_repos = false
159 159
160 160 ## Uncomment and set this path to use archive download cache.
161 161 ## Once enabled, generated archives will be cached at this location
162 162 ## and served from the cache during subsequent requests for the same archive of
163 163 ## the repository.
164 164 #archive_cache_dir = /tmp/tarballcache
165 165
166 166 ## change this to unique ID for security
167 167 app_instance_uuid = rc-production
168 168
169 169 ## cut off limit for large diffs (size in bytes). If overall diff size on
170 170 ## commit, or pull request exceeds this limit this diff will be displayed
171 171 ## partially. E.g 512000 == 512Kb
172 172 cut_off_limit_diff = 512000
173 173
174 174 ## cut off limit for large files inside diffs (size in bytes). Each individual
175 175 ## file inside diff which exceeds this limit will be displayed partially.
176 176 ## E.g 128000 == 128Kb
177 177 cut_off_limit_file = 128000
178 178
179 179 ## use cache version of scm repo everywhere
180 180 vcs_full_cache = true
181 181
182 182 ## force https in RhodeCode, fixes https redirects, assumes it's always https
183 183 ## Normally this is controlled by proper http flags sent from http server
184 184 force_https = false
185 185
186 186 ## use Strict-Transport-Security headers
187 187 use_htsts = false
188 188
189 189 ## number of commits stats will parse on each iteration
190 190 commit_parse_limit = 25
191 191
192 192 ## git rev filter option, --all is the default filter, if you need to
193 193 ## hide all refs in changelog switch this to --branches --tags
194 194 git_rev_filter = --branches --tags
195 195
196 196 # Set to true if your repos are exposed using the dumb protocol
197 197 git_update_server_info = false
198 198
199 199 ## RSS/ATOM feed options
200 200 rss_cut_off_limit = 256000
201 201 rss_items_per_page = 10
202 202 rss_include_diff = false
203 203
204 204 ## gist URL alias, used to create nicer urls for gist. This should be an
205 205 ## url that does rewrites to _admin/gists/{gistid}.
206 206 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
207 207 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
208 208 gist_alias_url =
209 209
210 210 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
211 211 ## used for access.
212 212 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
213 213 ## came from the the logged in user who own this authentication token.
214 214 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
215 215 ## authentication token. Such view would be only accessible when used together
216 216 ## with this authentication token
217 217 ##
218 218 ## list of all views can be found under `/_admin/permissions/auth_token_access`
219 219 ## The list should be "," separated and on a single line.
220 220 ##
221 221 ## Most common views to enable:
222 222 # RepoCommitsView:repo_commit_download
223 223 # RepoCommitsView:repo_commit_patch
224 224 # RepoCommitsView:repo_commit_raw
225 225 # RepoCommitsView:repo_commit_raw@TOKEN
226 226 # RepoFilesView:repo_files_diff
227 227 # RepoFilesView:repo_archivefile
228 228 # RepoFilesView:repo_file_raw
229 229 # GistView:*
230 230 api_access_controllers_whitelist =
231 231
232 232 ## default encoding used to convert from and to unicode
233 233 ## can be also a comma separated list of encoding in case of mixed encodings
234 234 default_encoding = UTF-8
235 235
236 236 ## instance-id prefix
237 237 ## a prefix key for this instance used for cache invalidation when running
238 238 ## multiple instances of rhodecode, make sure it's globally unique for
239 239 ## all running rhodecode instances. Leave empty if you don't use it
240 240 instance_id =
241 241
242 242 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
243 243 ## of an authentication plugin also if it is disabled by it's settings.
244 244 ## This could be useful if you are unable to log in to the system due to broken
245 245 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
246 246 ## module to log in again and fix the settings.
247 247 ##
248 248 ## Available builtin plugin IDs (hash is part of the ID):
249 249 ## egg:rhodecode-enterprise-ce#rhodecode
250 250 ## egg:rhodecode-enterprise-ce#pam
251 251 ## egg:rhodecode-enterprise-ce#ldap
252 252 ## egg:rhodecode-enterprise-ce#jasig_cas
253 253 ## egg:rhodecode-enterprise-ce#headers
254 254 ## egg:rhodecode-enterprise-ce#crowd
255 255 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
256 256
257 257 ## alternative return HTTP header for failed authentication. Default HTTP
258 258 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
259 259 ## handling that causing a series of failed authentication calls.
260 260 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
261 261 ## This will be served instead of default 401 on bad authnetication
262 262 auth_ret_code =
263 263
264 264 ## use special detection method when serving auth_ret_code, instead of serving
265 265 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
266 266 ## and then serve auth_ret_code to clients
267 267 auth_ret_code_detection = false
268 268
269 269 ## locking return code. When repository is locked return this HTTP code. 2XX
270 270 ## codes don't break the transactions while 4XX codes do
271 271 lock_ret_code = 423
272 272
273 273 ## allows to change the repository location in settings page
274 274 allow_repo_location_change = true
275 275
276 276 ## allows to setup custom hooks in settings page
277 277 allow_custom_hooks_settings = true
278 278
279 279 ## generated license token, goto license page in RhodeCode settings to obtain
280 280 ## new token
281 281 license_token =
282 282
283 283 ## supervisor connection uri, for managing supervisor and logs.
284 284 supervisor.uri =
285 285 ## supervisord group name/id we only want this RC instance to handle
286 286 supervisor.group_id = dev
287 287
288 288 ## Display extended labs settings
289 289 labs_settings_active = true
290 290
291 291 ####################################
292 292 ### CELERY CONFIG ####
293 293 ####################################
294 294 use_celery = false
295 295 broker.host = localhost
296 296 broker.vhost = rabbitmqhost
297 297 broker.port = 5672
298 298 broker.user = rabbitmq
299 299 broker.password = qweqwe
300 300
301 301 celery.imports = rhodecode.lib.celerylib.tasks
302 302
303 303 celery.result.backend = amqp
304 304 celery.result.dburi = amqp://
305 305 celery.result.serialier = json
306 306
307 307 #celery.send.task.error.emails = true
308 308 #celery.amqp.task.result.expires = 18000
309 309
310 310 celeryd.concurrency = 2
311 311 #celeryd.log.file = celeryd.log
312 312 celeryd.log.level = debug
313 313 celeryd.max.tasks.per.child = 1
314 314
315 315 ## tasks will never be sent to the queue, but executed locally instead.
316 316 celery.always.eager = false
317 317
318 318 ####################################
319 319 ### BEAKER CACHE ####
320 320 ####################################
321 321 # default cache dir for templates. Putting this into a ramdisk
322 322 ## can boost performance, eg. %(here)s/data_ramdisk
323 323 cache_dir = %(here)s/data
324 324
325 325 ## locking and default file storage for Beaker. Putting this into a ramdisk
326 326 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
327 327 beaker.cache.data_dir = %(here)s/data/cache/beaker_data
328 328 beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
329 329
330 330 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
331 331
332 332 beaker.cache.super_short_term.type = memory
333 333 beaker.cache.super_short_term.expire = 10
334 334 beaker.cache.super_short_term.key_length = 256
335 335
336 336 beaker.cache.short_term.type = memory
337 337 beaker.cache.short_term.expire = 60
338 338 beaker.cache.short_term.key_length = 256
339 339
340 340 beaker.cache.long_term.type = memory
341 341 beaker.cache.long_term.expire = 36000
342 342 beaker.cache.long_term.key_length = 256
343 343
344 344 beaker.cache.sql_cache_short.type = memory
345 345 beaker.cache.sql_cache_short.expire = 10
346 346 beaker.cache.sql_cache_short.key_length = 256
347 347
348 348 ## default is memory cache, configure only if required
349 349 ## using multi-node or multi-worker setup
350 350 #beaker.cache.auth_plugins.type = ext:database
351 351 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
352 352 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
353 353 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
354 354 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
355 355 #beaker.cache.auth_plugins.sa.pool_size = 10
356 356 #beaker.cache.auth_plugins.sa.max_overflow = 0
357 357
358 358 beaker.cache.repo_cache_long.type = memorylru_base
359 359 beaker.cache.repo_cache_long.max_items = 4096
360 360 beaker.cache.repo_cache_long.expire = 2592000
361 361
362 362 ## default is memorylru_base cache, configure only if required
363 363 ## using multi-node or multi-worker setup
364 364 #beaker.cache.repo_cache_long.type = ext:memcached
365 365 #beaker.cache.repo_cache_long.url = localhost:11211
366 366 #beaker.cache.repo_cache_long.expire = 1209600
367 367 #beaker.cache.repo_cache_long.key_length = 256
368 368
369 369 ####################################
370 370 ### BEAKER SESSION ####
371 371 ####################################
372 372
373 373 ## .session.type is type of storage options for the session, current allowed
374 374 ## types are file, ext:memcached, ext:database, and memory (default).
375 375 beaker.session.type = file
376 376 beaker.session.data_dir = %(here)s/data/sessions/data
377 377
378 378 ## db based session, fast, and allows easy management over logged in users
379 379 #beaker.session.type = ext:database
380 380 #beaker.session.table_name = db_session
381 381 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
382 382 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
383 383 #beaker.session.sa.pool_recycle = 3600
384 384 #beaker.session.sa.echo = false
385 385
386 386 beaker.session.key = rhodecode
387 387 beaker.session.secret = develop-rc-uytcxaz
388 388 beaker.session.lock_dir = %(here)s/data/sessions/lock
389 389
390 390 ## Secure encrypted cookie. Requires AES and AES python libraries
391 391 ## you must disable beaker.session.secret to use this
392 392 #beaker.session.encrypt_key = key_for_encryption
393 393 #beaker.session.validate_key = validation_key
394 394
395 395 ## sets session as invalid(also logging out user) if it haven not been
396 396 ## accessed for given amount of time in seconds
397 397 beaker.session.timeout = 2592000
398 398 beaker.session.httponly = true
399 399 ## Path to use for the cookie. Set to prefix if you use prefix middleware
400 400 #beaker.session.cookie_path = /custom_prefix
401 401
402 402 ## uncomment for https secure cookie
403 403 beaker.session.secure = false
404 404
405 405 ## auto save the session to not to use .save()
406 406 beaker.session.auto = false
407 407
408 408 ## default cookie expiration time in seconds, set to `true` to set expire
409 409 ## at browser close
410 410 #beaker.session.cookie_expires = 3600
411 411
412 412 ###################################
413 413 ## SEARCH INDEXING CONFIGURATION ##
414 414 ###################################
415 415 ## Full text search indexer is available in rhodecode-tools under
416 416 ## `rhodecode-tools index` command
417 417
418 418 ## WHOOSH Backend, doesn't require additional services to run
419 419 ## it works good with few dozen repos
420 420 search.module = rhodecode.lib.index.whoosh
421 421 search.location = %(here)s/data/index
422 422
423 423 ########################################
424 424 ### CHANNELSTREAM CONFIG ####
425 425 ########################################
426 426 ## channelstream enables persistent connections and live notification
427 427 ## in the system. It's also used by the chat system
428 428 channelstream.enabled = false
429 429
430 430 ## server address for channelstream server on the backend
431 431 channelstream.server = 127.0.0.1:9800
432 432
433 433 ## location of the channelstream server from outside world
434 434 ## use ws:// for http or wss:// for https. This address needs to be handled
435 435 ## by external HTTP server such as Nginx or Apache
436 436 ## see nginx/apache configuration examples in our docs
437 437 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
438 438 channelstream.secret = secret
439 439 channelstream.history.location = %(here)s/channelstream_history
440 440
441 441 ## Internal application path that Javascript uses to connect into.
442 442 ## If you use proxy-prefix the prefix should be added before /_channelstream
443 443 channelstream.proxy_path = /_channelstream
444 444
445 445
446 446 ###################################
447 447 ## APPENLIGHT CONFIG ##
448 448 ###################################
449 449
450 450 ## Appenlight is tailored to work with RhodeCode, see
451 451 ## http://appenlight.com for details how to obtain an account
452 452
453 453 ## appenlight integration enabled
454 454 appenlight = false
455 455
456 456 appenlight.server_url = https://api.appenlight.com
457 457 appenlight.api_key = YOUR_API_KEY
458 458 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
459 459
460 460 # used for JS client
461 461 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
462 462
463 463 ## TWEAK AMOUNT OF INFO SENT HERE
464 464
465 465 ## enables 404 error logging (default False)
466 466 appenlight.report_404 = false
467 467
468 468 ## time in seconds after request is considered being slow (default 1)
469 469 appenlight.slow_request_time = 1
470 470
471 471 ## record slow requests in application
472 472 ## (needs to be enabled for slow datastore recording and time tracking)
473 473 appenlight.slow_requests = true
474 474
475 475 ## enable hooking to application loggers
476 476 appenlight.logging = true
477 477
478 478 ## minimum log level for log capture
479 479 appenlight.logging.level = WARNING
480 480
481 481 ## send logs only from erroneous/slow requests
482 482 ## (saves API quota for intensive logging)
483 483 appenlight.logging_on_error = false
484 484
485 485 ## list of additonal keywords that should be grabbed from environ object
486 486 ## can be string with comma separated list of words in lowercase
487 487 ## (by default client will always send following info:
488 488 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
489 489 ## start with HTTP* this list be extended with additional keywords here
490 490 appenlight.environ_keys_whitelist =
491 491
492 492 ## list of keywords that should be blanked from request object
493 493 ## can be string with comma separated list of words in lowercase
494 494 ## (by default client will always blank keys that contain following words
495 495 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
496 496 ## this list be extended with additional keywords set here
497 497 appenlight.request_keys_blacklist =
498 498
499 499 ## list of namespaces that should be ignores when gathering log entries
500 500 ## can be string with comma separated list of namespaces
501 501 ## (by default the client ignores own entries: appenlight_client.client)
502 502 appenlight.log_namespace_blacklist =
503 503
504 504
505 505 ################################################################################
506 506 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
507 507 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
508 508 ## execute malicious code after an exception is raised. ##
509 509 ################################################################################
510 510 #set debug = false
511 511
512 512
513 513 ##############
514 514 ## STYLING ##
515 515 ##############
516 516 debug_style = true
517 517
518 518 ###########################################
519 519 ### MAIN RHODECODE DATABASE CONFIG ###
520 520 ###########################################
521 521 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
522 522 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
523 523 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
524 524 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
525 525
526 526 # see sqlalchemy docs for other advanced settings
527 527
528 528 ## print the sql statements to output
529 529 sqlalchemy.db1.echo = false
530 530 ## recycle the connections after this amount of seconds
531 531 sqlalchemy.db1.pool_recycle = 3600
532 532 sqlalchemy.db1.convert_unicode = true
533 533
534 534 ## the number of connections to keep open inside the connection pool.
535 535 ## 0 indicates no limit
536 536 #sqlalchemy.db1.pool_size = 5
537 537
538 538 ## the number of connections to allow in connection pool "overflow", that is
539 539 ## connections that can be opened above and beyond the pool_size setting,
540 540 ## which defaults to five.
541 541 #sqlalchemy.db1.max_overflow = 10
542 542
543 543
544 544 ##################
545 545 ### VCS CONFIG ###
546 546 ##################
547 547 vcs.server.enable = true
548 548 vcs.server = localhost:9900
549 549
550 550 ## Web server connectivity protocol, responsible for web based VCS operatations
551 551 ## Available protocols are:
552 552 ## `http` - use http-rpc backend (default)
553 553 vcs.server.protocol = http
554 554
555 555 ## Push/Pull operations protocol, available options are:
556 556 ## `http` - use http-rpc backend (default)
557 557 ##
558 558 vcs.scm_app_implementation = http
559 559
560 560 ## Push/Pull operations hooks protocol, available options are:
561 561 ## `http` - use http-rpc backend (default)
562 562 vcs.hooks.protocol = http
563 563
564 564 vcs.server.log_level = debug
565 565 ## Start VCSServer with this instance as a subprocess, usefull for development
566 566 vcs.start_server = true
567 567
568 568 ## List of enabled VCS backends, available options are:
569 569 ## `hg` - mercurial
570 570 ## `git` - git
571 571 ## `svn` - subversion
572 572 vcs.backends = hg, git, svn
573 573
574 574 vcs.connection_timeout = 3600
575 575 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
576 576 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
577 577 #vcs.svn.compatible_version = pre-1.8-compatible
578 578
579 579
580 580 ############################################################
581 581 ### Subversion proxy support (mod_dav_svn) ###
582 582 ### Maps RhodeCode repo groups into SVN paths for Apache ###
583 583 ############################################################
584 584 ## Enable or disable the config file generation.
585 585 svn.proxy.generate_config = false
586 586 ## Generate config file with `SVNListParentPath` set to `On`.
587 587 svn.proxy.list_parent_path = true
588 588 ## Set location and file name of generated config file.
589 589 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
590 ## alternative mod_dav config template. This needs to be a mako template
591 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
590 592 ## Used as a prefix to the `Location` block in the generated config file.
591 593 ## In most cases it should be set to `/`.
592 594 svn.proxy.location_root = /
593 595 ## Command to reload the mod dav svn configuration on change.
594 596 ## Example: `/etc/init.d/apache2 reload`
595 597 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
596 598 ## If the timeout expires before the reload command finishes, the command will
597 599 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
598 600 #svn.proxy.reload_timeout = 10
599 601
600 602 ############################################################
601 603 ### SSH Support Settings ###
602 604 ############################################################
603 605
604 606 ## Defines if a custom authorized_keys file should be created and written on
605 607 ## any change user ssh keys. Setting this to false also disables posibility
606 608 ## of adding SSH keys by users from web interface. Super admins can still
607 609 ## manage SSH Keys.
608 610 ssh.generate_authorized_keyfile = false
609 611
610 612 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
611 613 # ssh.authorized_keys_ssh_opts =
612 614
613 615 ## Path to the authrozied_keys file where the generate entries are placed.
614 616 ## It is possible to have multiple key files specified in `sshd_config` e.g.
615 617 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
616 618 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
617 619
618 620 ## Command to execute the SSH wrapper. The binary is available in the
619 621 ## rhodecode installation directory.
620 622 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
621 623 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
622 624
623 625 ## Allow shell when executing the ssh-wrapper command
624 626 ssh.wrapper_cmd_allow_shell = false
625 627
626 628 ## Enables logging, and detailed output send back to the client during SSH
627 629 ## operations. Usefull for debugging, shouldn't be used in production.
628 630 ssh.enable_debug_logging = true
629 631
630 632 ## API KEY for user who has access to fetch other user permission information
631 633 ## most likely an super-admin account with some IP restrictions.
632 634 ssh.api_key =
633 635
634 636 ## API Host, the server address of RhodeCode instance that the api_key will
635 637 ## access
636 638 ssh.api_host = http://localhost
637 639
638 640 ## Paths to binary executable, by default they are the names, but we can
639 641 ## override them if we want to use a custom one
640 642 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
641 643 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
642 644 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
643 645
644 646
645 647 ## Dummy marker to add new entries after.
646 648 ## Add any custom entries below. Please don't remove.
647 649 custom.conf = 1
648 650
649 651
650 652 ################################
651 653 ### LOGGING CONFIGURATION ####
652 654 ################################
653 655 [loggers]
654 656 keys = root, sqlalchemy, beaker, rhodecode, ssh_wrapper
655 657
656 658 [handlers]
657 659 keys = console, console_sql
658 660
659 661 [formatters]
660 662 keys = generic, color_formatter, color_formatter_sql
661 663
662 664 #############
663 665 ## LOGGERS ##
664 666 #############
665 667 [logger_root]
666 668 level = NOTSET
667 669 handlers = console
668 670
669 671 [logger_sqlalchemy]
670 672 level = INFO
671 673 handlers = console_sql
672 674 qualname = sqlalchemy.engine
673 675 propagate = 0
674 676
675 677 [logger_beaker]
676 678 level = DEBUG
677 679 handlers =
678 680 qualname = beaker.container
679 681 propagate = 1
680 682
681 683 [logger_rhodecode]
682 684 level = DEBUG
683 685 handlers =
684 686 qualname = rhodecode
685 687 propagate = 1
686 688
687 689 [logger_ssh_wrapper]
688 690 level = DEBUG
689 691 handlers =
690 692 qualname = ssh_wrapper
691 693 propagate = 1
692 694
693 695
694 696 ##############
695 697 ## HANDLERS ##
696 698 ##############
697 699
698 700 [handler_console]
699 701 class = StreamHandler
700 702 args = (sys.stderr, )
701 703 level = DEBUG
702 704 formatter = color_formatter
703 705
704 706 [handler_console_sql]
705 707 class = StreamHandler
706 708 args = (sys.stderr, )
707 709 level = DEBUG
708 710 formatter = color_formatter_sql
709 711
710 712 ################
711 713 ## FORMATTERS ##
712 714 ################
713 715
714 716 [formatter_generic]
715 717 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
716 718 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
717 719 datefmt = %Y-%m-%d %H:%M:%S
718 720
719 721 [formatter_color_formatter]
720 722 class = rhodecode.lib.logging_formatter.ColorFormatter
721 723 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
722 724 datefmt = %Y-%m-%d %H:%M:%S
723 725
724 726 [formatter_color_formatter_sql]
725 727 class = rhodecode.lib.logging_formatter.ColorFormatterSql
726 728 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
727 729 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,696 +1,698 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 #use = egg:waitress#main
55 55 ## number of worker threads
56 56 #threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 #max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 #asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommended to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 max_requests = 1000
88 88 max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 ## encryption key used to encrypt social plugin tokens,
112 112 ## remote_urls with credentials etc, if not set it defaults to
113 113 ## `beaker.session.secret`
114 114 #rhodecode.encrypted_values.secret =
115 115
116 116 ## decryption strict mode (enabled by default). It controls if decryption raises
117 117 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
118 118 #rhodecode.encrypted_values.strict = false
119 119
120 120 ## return gzipped responses from Rhodecode (static files/application)
121 121 gzip_responses = false
122 122
123 123 ## autogenerate javascript routes file on startup
124 124 generate_js_files = false
125 125
126 126 ## Optional Languages
127 127 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
128 128 lang = en
129 129
130 130 ## perform a full repository scan on each server start, this should be
131 131 ## set to false after first startup, to allow faster server restarts.
132 132 startup.import_repos = false
133 133
134 134 ## Uncomment and set this path to use archive download cache.
135 135 ## Once enabled, generated archives will be cached at this location
136 136 ## and served from the cache during subsequent requests for the same archive of
137 137 ## the repository.
138 138 #archive_cache_dir = /tmp/tarballcache
139 139
140 140 ## change this to unique ID for security
141 141 app_instance_uuid = rc-production
142 142
143 143 ## cut off limit for large diffs (size in bytes). If overall diff size on
144 144 ## commit, or pull request exceeds this limit this diff will be displayed
145 145 ## partially. E.g 512000 == 512Kb
146 146 cut_off_limit_diff = 512000
147 147
148 148 ## cut off limit for large files inside diffs (size in bytes). Each individual
149 149 ## file inside diff which exceeds this limit will be displayed partially.
150 150 ## E.g 128000 == 128Kb
151 151 cut_off_limit_file = 128000
152 152
153 153 ## use cache version of scm repo everywhere
154 154 vcs_full_cache = true
155 155
156 156 ## force https in RhodeCode, fixes https redirects, assumes it's always https
157 157 ## Normally this is controlled by proper http flags sent from http server
158 158 force_https = false
159 159
160 160 ## use Strict-Transport-Security headers
161 161 use_htsts = false
162 162
163 163 ## number of commits stats will parse on each iteration
164 164 commit_parse_limit = 25
165 165
166 166 ## git rev filter option, --all is the default filter, if you need to
167 167 ## hide all refs in changelog switch this to --branches --tags
168 168 git_rev_filter = --branches --tags
169 169
170 170 # Set to true if your repos are exposed using the dumb protocol
171 171 git_update_server_info = false
172 172
173 173 ## RSS/ATOM feed options
174 174 rss_cut_off_limit = 256000
175 175 rss_items_per_page = 10
176 176 rss_include_diff = false
177 177
178 178 ## gist URL alias, used to create nicer urls for gist. This should be an
179 179 ## url that does rewrites to _admin/gists/{gistid}.
180 180 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
181 181 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
182 182 gist_alias_url =
183 183
184 184 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
185 185 ## used for access.
186 186 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
187 187 ## came from the the logged in user who own this authentication token.
188 188 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
189 189 ## authentication token. Such view would be only accessible when used together
190 190 ## with this authentication token
191 191 ##
192 192 ## list of all views can be found under `/_admin/permissions/auth_token_access`
193 193 ## The list should be "," separated and on a single line.
194 194 ##
195 195 ## Most common views to enable:
196 196 # RepoCommitsView:repo_commit_download
197 197 # RepoCommitsView:repo_commit_patch
198 198 # RepoCommitsView:repo_commit_raw
199 199 # RepoCommitsView:repo_commit_raw@TOKEN
200 200 # RepoFilesView:repo_files_diff
201 201 # RepoFilesView:repo_archivefile
202 202 # RepoFilesView:repo_file_raw
203 203 # GistView:*
204 204 api_access_controllers_whitelist =
205 205
206 206 ## default encoding used to convert from and to unicode
207 207 ## can be also a comma separated list of encoding in case of mixed encodings
208 208 default_encoding = UTF-8
209 209
210 210 ## instance-id prefix
211 211 ## a prefix key for this instance used for cache invalidation when running
212 212 ## multiple instances of rhodecode, make sure it's globally unique for
213 213 ## all running rhodecode instances. Leave empty if you don't use it
214 214 instance_id =
215 215
216 216 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
217 217 ## of an authentication plugin also if it is disabled by it's settings.
218 218 ## This could be useful if you are unable to log in to the system due to broken
219 219 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
220 220 ## module to log in again and fix the settings.
221 221 ##
222 222 ## Available builtin plugin IDs (hash is part of the ID):
223 223 ## egg:rhodecode-enterprise-ce#rhodecode
224 224 ## egg:rhodecode-enterprise-ce#pam
225 225 ## egg:rhodecode-enterprise-ce#ldap
226 226 ## egg:rhodecode-enterprise-ce#jasig_cas
227 227 ## egg:rhodecode-enterprise-ce#headers
228 228 ## egg:rhodecode-enterprise-ce#crowd
229 229 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
230 230
231 231 ## alternative return HTTP header for failed authentication. Default HTTP
232 232 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
233 233 ## handling that causing a series of failed authentication calls.
234 234 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
235 235 ## This will be served instead of default 401 on bad authnetication
236 236 auth_ret_code =
237 237
238 238 ## use special detection method when serving auth_ret_code, instead of serving
239 239 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
240 240 ## and then serve auth_ret_code to clients
241 241 auth_ret_code_detection = false
242 242
243 243 ## locking return code. When repository is locked return this HTTP code. 2XX
244 244 ## codes don't break the transactions while 4XX codes do
245 245 lock_ret_code = 423
246 246
247 247 ## allows to change the repository location in settings page
248 248 allow_repo_location_change = true
249 249
250 250 ## allows to setup custom hooks in settings page
251 251 allow_custom_hooks_settings = true
252 252
253 253 ## generated license token, goto license page in RhodeCode settings to obtain
254 254 ## new token
255 255 license_token =
256 256
257 257 ## supervisor connection uri, for managing supervisor and logs.
258 258 supervisor.uri =
259 259 ## supervisord group name/id we only want this RC instance to handle
260 260 supervisor.group_id = prod
261 261
262 262 ## Display extended labs settings
263 263 labs_settings_active = true
264 264
265 265 ####################################
266 266 ### CELERY CONFIG ####
267 267 ####################################
268 268 use_celery = false
269 269 broker.host = localhost
270 270 broker.vhost = rabbitmqhost
271 271 broker.port = 5672
272 272 broker.user = rabbitmq
273 273 broker.password = qweqwe
274 274
275 275 celery.imports = rhodecode.lib.celerylib.tasks
276 276
277 277 celery.result.backend = amqp
278 278 celery.result.dburi = amqp://
279 279 celery.result.serialier = json
280 280
281 281 #celery.send.task.error.emails = true
282 282 #celery.amqp.task.result.expires = 18000
283 283
284 284 celeryd.concurrency = 2
285 285 #celeryd.log.file = celeryd.log
286 286 celeryd.log.level = debug
287 287 celeryd.max.tasks.per.child = 1
288 288
289 289 ## tasks will never be sent to the queue, but executed locally instead.
290 290 celery.always.eager = false
291 291
292 292 ####################################
293 293 ### BEAKER CACHE ####
294 294 ####################################
295 295 # default cache dir for templates. Putting this into a ramdisk
296 296 ## can boost performance, eg. %(here)s/data_ramdisk
297 297 cache_dir = %(here)s/data
298 298
299 299 ## locking and default file storage for Beaker. Putting this into a ramdisk
300 300 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
301 301 beaker.cache.data_dir = %(here)s/data/cache/beaker_data
302 302 beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
303 303
304 304 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
305 305
306 306 beaker.cache.super_short_term.type = memory
307 307 beaker.cache.super_short_term.expire = 10
308 308 beaker.cache.super_short_term.key_length = 256
309 309
310 310 beaker.cache.short_term.type = memory
311 311 beaker.cache.short_term.expire = 60
312 312 beaker.cache.short_term.key_length = 256
313 313
314 314 beaker.cache.long_term.type = memory
315 315 beaker.cache.long_term.expire = 36000
316 316 beaker.cache.long_term.key_length = 256
317 317
318 318 beaker.cache.sql_cache_short.type = memory
319 319 beaker.cache.sql_cache_short.expire = 10
320 320 beaker.cache.sql_cache_short.key_length = 256
321 321
322 322 ## default is memory cache, configure only if required
323 323 ## using multi-node or multi-worker setup
324 324 #beaker.cache.auth_plugins.type = ext:database
325 325 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
326 326 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
327 327 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
328 328 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
329 329 #beaker.cache.auth_plugins.sa.pool_size = 10
330 330 #beaker.cache.auth_plugins.sa.max_overflow = 0
331 331
332 332 beaker.cache.repo_cache_long.type = memorylru_base
333 333 beaker.cache.repo_cache_long.max_items = 4096
334 334 beaker.cache.repo_cache_long.expire = 2592000
335 335
336 336 ## default is memorylru_base cache, configure only if required
337 337 ## using multi-node or multi-worker setup
338 338 #beaker.cache.repo_cache_long.type = ext:memcached
339 339 #beaker.cache.repo_cache_long.url = localhost:11211
340 340 #beaker.cache.repo_cache_long.expire = 1209600
341 341 #beaker.cache.repo_cache_long.key_length = 256
342 342
343 343 ####################################
344 344 ### BEAKER SESSION ####
345 345 ####################################
346 346
347 347 ## .session.type is type of storage options for the session, current allowed
348 348 ## types are file, ext:memcached, ext:database, and memory (default).
349 349 beaker.session.type = file
350 350 beaker.session.data_dir = %(here)s/data/sessions/data
351 351
352 352 ## db based session, fast, and allows easy management over logged in users
353 353 #beaker.session.type = ext:database
354 354 #beaker.session.table_name = db_session
355 355 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
356 356 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
357 357 #beaker.session.sa.pool_recycle = 3600
358 358 #beaker.session.sa.echo = false
359 359
360 360 beaker.session.key = rhodecode
361 361 beaker.session.secret = production-rc-uytcxaz
362 362 beaker.session.lock_dir = %(here)s/data/sessions/lock
363 363
364 364 ## Secure encrypted cookie. Requires AES and AES python libraries
365 365 ## you must disable beaker.session.secret to use this
366 366 #beaker.session.encrypt_key = key_for_encryption
367 367 #beaker.session.validate_key = validation_key
368 368
369 369 ## sets session as invalid(also logging out user) if it haven not been
370 370 ## accessed for given amount of time in seconds
371 371 beaker.session.timeout = 2592000
372 372 beaker.session.httponly = true
373 373 ## Path to use for the cookie. Set to prefix if you use prefix middleware
374 374 #beaker.session.cookie_path = /custom_prefix
375 375
376 376 ## uncomment for https secure cookie
377 377 beaker.session.secure = false
378 378
379 379 ## auto save the session to not to use .save()
380 380 beaker.session.auto = false
381 381
382 382 ## default cookie expiration time in seconds, set to `true` to set expire
383 383 ## at browser close
384 384 #beaker.session.cookie_expires = 3600
385 385
386 386 ###################################
387 387 ## SEARCH INDEXING CONFIGURATION ##
388 388 ###################################
389 389 ## Full text search indexer is available in rhodecode-tools under
390 390 ## `rhodecode-tools index` command
391 391
392 392 ## WHOOSH Backend, doesn't require additional services to run
393 393 ## it works good with few dozen repos
394 394 search.module = rhodecode.lib.index.whoosh
395 395 search.location = %(here)s/data/index
396 396
397 397 ########################################
398 398 ### CHANNELSTREAM CONFIG ####
399 399 ########################################
400 400 ## channelstream enables persistent connections and live notification
401 401 ## in the system. It's also used by the chat system
402 402 channelstream.enabled = false
403 403
404 404 ## server address for channelstream server on the backend
405 405 channelstream.server = 127.0.0.1:9800
406 406
407 407 ## location of the channelstream server from outside world
408 408 ## use ws:// for http or wss:// for https. This address needs to be handled
409 409 ## by external HTTP server such as Nginx or Apache
410 410 ## see nginx/apache configuration examples in our docs
411 411 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
412 412 channelstream.secret = secret
413 413 channelstream.history.location = %(here)s/channelstream_history
414 414
415 415 ## Internal application path that Javascript uses to connect into.
416 416 ## If you use proxy-prefix the prefix should be added before /_channelstream
417 417 channelstream.proxy_path = /_channelstream
418 418
419 419
420 420 ###################################
421 421 ## APPENLIGHT CONFIG ##
422 422 ###################################
423 423
424 424 ## Appenlight is tailored to work with RhodeCode, see
425 425 ## http://appenlight.com for details how to obtain an account
426 426
427 427 ## appenlight integration enabled
428 428 appenlight = false
429 429
430 430 appenlight.server_url = https://api.appenlight.com
431 431 appenlight.api_key = YOUR_API_KEY
432 432 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
433 433
434 434 # used for JS client
435 435 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
436 436
437 437 ## TWEAK AMOUNT OF INFO SENT HERE
438 438
439 439 ## enables 404 error logging (default False)
440 440 appenlight.report_404 = false
441 441
442 442 ## time in seconds after request is considered being slow (default 1)
443 443 appenlight.slow_request_time = 1
444 444
445 445 ## record slow requests in application
446 446 ## (needs to be enabled for slow datastore recording and time tracking)
447 447 appenlight.slow_requests = true
448 448
449 449 ## enable hooking to application loggers
450 450 appenlight.logging = true
451 451
452 452 ## minimum log level for log capture
453 453 appenlight.logging.level = WARNING
454 454
455 455 ## send logs only from erroneous/slow requests
456 456 ## (saves API quota for intensive logging)
457 457 appenlight.logging_on_error = false
458 458
459 459 ## list of additonal keywords that should be grabbed from environ object
460 460 ## can be string with comma separated list of words in lowercase
461 461 ## (by default client will always send following info:
462 462 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
463 463 ## start with HTTP* this list be extended with additional keywords here
464 464 appenlight.environ_keys_whitelist =
465 465
466 466 ## list of keywords that should be blanked from request object
467 467 ## can be string with comma separated list of words in lowercase
468 468 ## (by default client will always blank keys that contain following words
469 469 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
470 470 ## this list be extended with additional keywords set here
471 471 appenlight.request_keys_blacklist =
472 472
473 473 ## list of namespaces that should be ignores when gathering log entries
474 474 ## can be string with comma separated list of namespaces
475 475 ## (by default the client ignores own entries: appenlight_client.client)
476 476 appenlight.log_namespace_blacklist =
477 477
478 478
479 479 ################################################################################
480 480 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
481 481 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
482 482 ## execute malicious code after an exception is raised. ##
483 483 ################################################################################
484 484 set debug = false
485 485
486 486
487 487 ###########################################
488 488 ### MAIN RHODECODE DATABASE CONFIG ###
489 489 ###########################################
490 490 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
491 491 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
492 492 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
493 493 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
494 494
495 495 # see sqlalchemy docs for other advanced settings
496 496
497 497 ## print the sql statements to output
498 498 sqlalchemy.db1.echo = false
499 499 ## recycle the connections after this amount of seconds
500 500 sqlalchemy.db1.pool_recycle = 3600
501 501 sqlalchemy.db1.convert_unicode = true
502 502
503 503 ## the number of connections to keep open inside the connection pool.
504 504 ## 0 indicates no limit
505 505 #sqlalchemy.db1.pool_size = 5
506 506
507 507 ## the number of connections to allow in connection pool "overflow", that is
508 508 ## connections that can be opened above and beyond the pool_size setting,
509 509 ## which defaults to five.
510 510 #sqlalchemy.db1.max_overflow = 10
511 511
512 512
513 513 ##################
514 514 ### VCS CONFIG ###
515 515 ##################
516 516 vcs.server.enable = true
517 517 vcs.server = localhost:9900
518 518
519 519 ## Web server connectivity protocol, responsible for web based VCS operatations
520 520 ## Available protocols are:
521 521 ## `http` - use http-rpc backend (default)
522 522 vcs.server.protocol = http
523 523
524 524 ## Push/Pull operations protocol, available options are:
525 525 ## `http` - use http-rpc backend (default)
526 526 ##
527 527 vcs.scm_app_implementation = http
528 528
529 529 ## Push/Pull operations hooks protocol, available options are:
530 530 ## `http` - use http-rpc backend (default)
531 531 vcs.hooks.protocol = http
532 532
533 533 vcs.server.log_level = info
534 534 ## Start VCSServer with this instance as a subprocess, usefull for development
535 535 vcs.start_server = false
536 536
537 537 ## List of enabled VCS backends, available options are:
538 538 ## `hg` - mercurial
539 539 ## `git` - git
540 540 ## `svn` - subversion
541 541 vcs.backends = hg, git, svn
542 542
543 543 vcs.connection_timeout = 3600
544 544 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
545 545 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
546 546 #vcs.svn.compatible_version = pre-1.8-compatible
547 547
548 548
549 549 ############################################################
550 550 ### Subversion proxy support (mod_dav_svn) ###
551 551 ### Maps RhodeCode repo groups into SVN paths for Apache ###
552 552 ############################################################
553 553 ## Enable or disable the config file generation.
554 554 svn.proxy.generate_config = false
555 555 ## Generate config file with `SVNListParentPath` set to `On`.
556 556 svn.proxy.list_parent_path = true
557 557 ## Set location and file name of generated config file.
558 558 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
559 ## alternative mod_dav config template. This needs to be a mako template
560 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
559 561 ## Used as a prefix to the `Location` block in the generated config file.
560 562 ## In most cases it should be set to `/`.
561 563 svn.proxy.location_root = /
562 564 ## Command to reload the mod dav svn configuration on change.
563 565 ## Example: `/etc/init.d/apache2 reload`
564 566 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
565 567 ## If the timeout expires before the reload command finishes, the command will
566 568 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
567 569 #svn.proxy.reload_timeout = 10
568 570
569 571 ############################################################
570 572 ### SSH Support Settings ###
571 573 ############################################################
572 574
573 575 ## Defines if a custom authorized_keys file should be created and written on
574 576 ## any change user ssh keys. Setting this to false also disables posibility
575 577 ## of adding SSH keys by users from web interface. Super admins can still
576 578 ## manage SSH Keys.
577 579 ssh.generate_authorized_keyfile = false
578 580
579 581 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
580 582 # ssh.authorized_keys_ssh_opts =
581 583
582 584 ## Path to the authrozied_keys file where the generate entries are placed.
583 585 ## It is possible to have multiple key files specified in `sshd_config` e.g.
584 586 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
585 587 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
586 588
587 589 ## Command to execute the SSH wrapper. The binary is available in the
588 590 ## rhodecode installation directory.
589 591 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
590 592 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
591 593
592 594 ## Allow shell when executing the ssh-wrapper command
593 595 ssh.wrapper_cmd_allow_shell = false
594 596
595 597 ## Enables logging, and detailed output send back to the client during SSH
596 598 ## operations. Usefull for debugging, shouldn't be used in production.
597 599 ssh.enable_debug_logging = false
598 600
599 601 ## API KEY for user who has access to fetch other user permission information
600 602 ## most likely an super-admin account with some IP restrictions.
601 603 ssh.api_key =
602 604
603 605 ## API Host, the server address of RhodeCode instance that the api_key will
604 606 ## access
605 607 ssh.api_host = http://localhost
606 608
607 609 ## Paths to binary executable, by default they are the names, but we can
608 610 ## override them if we want to use a custom one
609 611 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
610 612 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
611 613 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
612 614
613 615
614 616 ## Dummy marker to add new entries after.
615 617 ## Add any custom entries below. Please don't remove.
616 618 custom.conf = 1
617 619
618 620
619 621 ################################
620 622 ### LOGGING CONFIGURATION ####
621 623 ################################
622 624 [loggers]
623 625 keys = root, sqlalchemy, beaker, rhodecode, ssh_wrapper
624 626
625 627 [handlers]
626 628 keys = console, console_sql
627 629
628 630 [formatters]
629 631 keys = generic, color_formatter, color_formatter_sql
630 632
631 633 #############
632 634 ## LOGGERS ##
633 635 #############
634 636 [logger_root]
635 637 level = NOTSET
636 638 handlers = console
637 639
638 640 [logger_sqlalchemy]
639 641 level = INFO
640 642 handlers = console_sql
641 643 qualname = sqlalchemy.engine
642 644 propagate = 0
643 645
644 646 [logger_beaker]
645 647 level = DEBUG
646 648 handlers =
647 649 qualname = beaker.container
648 650 propagate = 1
649 651
650 652 [logger_rhodecode]
651 653 level = DEBUG
652 654 handlers =
653 655 qualname = rhodecode
654 656 propagate = 1
655 657
656 658 [logger_ssh_wrapper]
657 659 level = DEBUG
658 660 handlers =
659 661 qualname = ssh_wrapper
660 662 propagate = 1
661 663
662 664
663 665 ##############
664 666 ## HANDLERS ##
665 667 ##############
666 668
667 669 [handler_console]
668 670 class = StreamHandler
669 671 args = (sys.stderr, )
670 672 level = INFO
671 673 formatter = generic
672 674
673 675 [handler_console_sql]
674 676 class = StreamHandler
675 677 args = (sys.stderr, )
676 678 level = WARN
677 679 formatter = generic
678 680
679 681 ################
680 682 ## FORMATTERS ##
681 683 ################
682 684
683 685 [formatter_generic]
684 686 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
685 687 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
686 688 datefmt = %Y-%m-%d %H:%M:%S
687 689
688 690 [formatter_color_formatter]
689 691 class = rhodecode.lib.logging_formatter.ColorFormatter
690 692 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
691 693 datefmt = %Y-%m-%d %H:%M:%S
692 694
693 695 [formatter_color_formatter_sql]
694 696 class = rhodecode.lib.logging_formatter.ColorFormatterSql
695 697 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
696 698 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,89 +1,90 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import logging
22 22 import os
23 23 import shlex
24 24
25 25 # Do not use `from rhodecode import events` here, it will be overridden by the
26 26 # events module in this package due to pythons import mechanism.
27 27 from rhodecode.events import RepoGroupEvent
28 28 from rhodecode.subscribers import AsyncSubprocessSubscriber
29 29 from rhodecode.config.middleware import (
30 30 _bool_setting, _string_setting, _int_setting)
31 31
32 32 from .events import ModDavSvnConfigChange
33 33 from .subscribers import generate_config_subscriber
34 34 from . import config_keys
35 35
36 36
37 37 log = logging.getLogger(__name__)
38 38
39 39
40 40 def includeme(config):
41 41 settings = config.registry.settings
42 42 _sanitize_settings_and_apply_defaults(settings)
43 43
44 44 if settings[config_keys.generate_config]:
45 45 # Add subscriber to generate the Apache mod dav svn configuration on
46 46 # repository group events.
47 47 config.add_subscriber(generate_config_subscriber, RepoGroupEvent)
48 48
49 49 # If a reload command is set add a subscriber to execute it on
50 50 # configuration changes.
51 51 reload_cmd = shlex.split(settings[config_keys.reload_command])
52 52 if reload_cmd:
53 53 reload_timeout = settings[config_keys.reload_timeout] or None
54 54 reload_subscriber = AsyncSubprocessSubscriber(
55 55 cmd=reload_cmd, timeout=reload_timeout)
56 56 config.add_subscriber(reload_subscriber, ModDavSvnConfigChange)
57 57
58 58
59 59 def _sanitize_settings_and_apply_defaults(settings):
60 60 """
61 61 Set defaults, convert to python types and validate settings.
62 62 """
63 63 _bool_setting(settings, config_keys.generate_config, 'false')
64 64 _bool_setting(settings, config_keys.list_parent_path, 'true')
65 65 _int_setting(settings, config_keys.reload_timeout, 10)
66 66 _string_setting(settings, config_keys.config_file_path, '', lower=False)
67 67 _string_setting(settings, config_keys.location_root, '/', lower=False)
68 68 _string_setting(settings, config_keys.reload_command, '', lower=False)
69 _string_setting(settings, config_keys.template, '', lower=False)
69 70
70 71 # Convert negative timeout values to zero.
71 72 if settings[config_keys.reload_timeout] < 0:
72 73 settings[config_keys.reload_timeout] = 0
73 74
74 75 # Append path separator to location root.
75 76 settings[config_keys.location_root] = _append_path_sep(
76 77 settings[config_keys.location_root])
77 78
78 79 # Validate settings.
79 80 if settings[config_keys.generate_config]:
80 81 assert len(settings[config_keys.config_file_path]) > 0
81 82
82 83
83 84 def _append_path_sep(path):
84 85 """
85 86 Append the path separator if missing.
86 87 """
87 88 if isinstance(path, basestring) and not path.endswith(os.path.sep):
88 89 path += os.path.sep
89 90 return path
Show file before | Show file after | Hide comments
@@ -1,29 +1,30 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21
22 22 # Definition of setting keys used to configure this module. Defined here to
23 23 # avoid repetition of keys throughout the module.
24 24 config_file_path = 'svn.proxy.config_file_path'
25 25 generate_config = 'svn.proxy.generate_config'
26 26 list_parent_path = 'svn.proxy.list_parent_path'
27 27 location_root = 'svn.proxy.location_root'
28 28 reload_command = 'svn.proxy.reload_cmd'
29 29 reload_timeout = 'svn.proxy.reload_timeout'
30 template = 'svn.proxy.config_template'
Show file before | Show file after | Hide comments
@@ -1,88 +1,88 b''
1 1 # Auto generated configuration for use with the Apache mod_dav_svn module.
2 2 #
3 3 # WARNING: Make sure your Apache instance which runs the mod_dav_svn module is
4 4 # only accessible by RhodeCode. Otherwise everyone is able to browse
5 5 # the repositories or run subversion operations (checkout/commit/etc.).
6 6 #
7 7 # The mod_dav_svn module does not support subversion repositories which are
8 8 # organized in subfolders. To support the repository groups of RhodeCode it is
9 9 # required to provide a <Location> block for each group pointing to the
10 10 # repository group sub folder. To ease the configuration RhodeCode auto
11 11 # generates this file whenever a repository group is created/changed/deleted.
12 12 # Auto generation can be configured in the ini file. Settings are prefixed with
13 13 # ``svn.proxy``.
14 14 #
15 15 # To include this configuration into your apache config you can use the
16 16 # `Include` directive. See the following example snippet of a virtual host how
17 17 # to include this configuration file.
18 18 #
19 19 # <VirtualHost *:8090>
20 20 # ServerAdmin webmaster@localhost
21 21 # DocumentRoot /var/www/html
22 22 # ErrorLog ${'${APACHE_LOG_DIR}'}/error.log
23 23 # CustomLog ${'${APACHE_LOG_DIR}'}/access.log combined
24 24 # LogLevel info
25 25 # # allows custom host names, prevents 400 errors on checkout
26 26 # HttpProtocolOptions Unsafe
27 27 # Include /path/to/generated/mod_dav_svn.conf
28 28 # </VirtualHost>
29 29 #
30 30 # Depending on the apache configuration you may encounter the following error if
31 # you are using speecial characters in your repository or repository group
31 # you are using special characters in your repository or repository group
32 32 # names.
33 33 #
34 34 # ``Error converting entry in directory '/path/to/repo' to UTF-8``
35 35 #
36 36 # In this case you have to change the LANG environment variable in the apache
37 37 # configuration. This setting is typically located at ``/etc/apache2/envvars``.
38 38 # You have to change it to an UTF-8 value like ``export LANG="en_US.UTF-8"``.
39 39 # After changing this a stop and start of Apache is required (using restart
40 40 # doesn't work).
41 41
42 42 # fix https -> http downgrade with DAV. It requires an header downgrade for
43 43 # https -> http reverse proxy to work properly
44 44 % if use_https:
45 45 RequestHeader edit Destination ^https: http: early
46 46 % else:
47 47 #RequestHeader edit Destination ^https: http: early
48 48 % endif
49 49
50 50 <Location "${location_root|n}">
51 51 # The mod_dav_svn module takes the username from the apache request object.
52 52 # Without authorization this will be empty and no username is logged for the
53 53 # transactions. This will result in "(no author)" for each revision. The
54 54 # following directives implement a fake authentication that allows every
55 55 # username/password combination.
56 56 AuthType Basic
57 57 AuthName "${rhodecode_realm|n}"
58 58 AuthBasicProvider anon
59 59 Anonymous *
60 60 Anonymous_LogEmail off
61 61 Require valid-user
62 62
63 63 DAV svn
64 64 SVNParentPath "${parent_path_root|n}"
65 65 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
66 66
67 67 Allow from all
68 68 Order allow,deny
69 69 </Location>
70 70
71 71 % for location, parent_path in repo_group_paths:
72 72
73 73 <Location "${location|n}">
74 74 AuthType Basic
75 75 AuthName "${rhodecode_realm|n}"
76 76 AuthBasicProvider anon
77 77 Anonymous *
78 78 Anonymous_LogEmail off
79 79 Require valid-user
80 80
81 81 DAV svn
82 82 SVNParentPath "${parent_path|n}"
83 83 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
84 84
85 85 Allow from all
86 86 Order allow,deny
87 87 </Location>
88 88 % endfor
Show file before | Show file after | Hide comments
@@ -1,107 +1,126 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21
21 import re
22 import os
22 23 import mock
23 24 import pytest
24 import re
25 25
26 26 from pyramid import testing
27 27
28 28 from rhodecode.apps.svn_support import utils
29 29
30 30
31 31 class TestModDavSvnConfig(object):
32 32
33 33 @classmethod
34 34 def setup_class(cls):
35 35 # Make mako renderer available in tests.
36 36 config = testing.setUp()
37 37 config.include('pyramid_mako')
38 38
39 39 cls.location_root = u'/location/root/ç¡Àâ'
40 40 cls.parent_path_root = u'/parent/path/ç¡Àâ'
41 41 cls.realm = u'Dummy Realm (Àâüç¡)'
42 42
43 43 @classmethod
44 44 def get_repo_group_mocks(cls, count=1):
45 45 repo_groups = []
46 46 for num in range(0, count):
47 47 full_path = u'/path/to/RepâGrâúp-°¡ {}'.format(num)
48 48 repo_group_mock = mock.MagicMock()
49 49 repo_group_mock.full_path = full_path
50 50 repo_group_mock.full_path_splitted = full_path.split('/')
51 51 repo_groups.append(repo_group_mock)
52 52 return repo_groups
53 53
54 54 def assert_root_location_directive(self, config):
55 55 pattern = u'<Location "{location}">'.format(
56 56 location=self.location_root)
57 57 assert len(re.findall(pattern, config)) == 1
58 58
59 59 def assert_group_location_directive(self, config, group_path):
60 60 pattern = u'<Location "{location}{group_path}">'.format(
61 61 location=self.location_root, group_path=group_path)
62 62 assert len(re.findall(pattern, config)) == 1
63 63
64 64 def test_render_mod_dav_svn_config(self):
65 65 repo_groups = self.get_repo_group_mocks(count=10)
66 66 generated_config = utils._render_mod_dav_svn_config(
67 67 parent_path_root=self.parent_path_root,
68 68 list_parent_path=True,
69 69 location_root=self.location_root,
70 70 repo_groups=repo_groups,
71 71 realm=self.realm,
72 use_ssl=True
72 use_ssl=True,
73 template=''
73 74 )
74 75 # Assert that one location directive exists for each repository group.
75 76 for group in repo_groups:
76 77 self.assert_group_location_directive(
77 78 generated_config, group.full_path)
78 79
79 80 # Assert that the root location directive exists.
80 81 self.assert_root_location_directive(generated_config)
81 82
83 def test_render_mod_dav_svn_config_with_alternative_template(self, tmpdir):
84 repo_groups = self.get_repo_group_mocks(count=10)
85 test_file_path = os.path.join(str(tmpdir), 'example.mako')
86 with open(test_file_path, 'wb') as f:
87 f.write('TEST_EXAMPLE\n')
88
89 generated_config = utils._render_mod_dav_svn_config(
90 parent_path_root=self.parent_path_root,
91 list_parent_path=True,
92 location_root=self.location_root,
93 repo_groups=repo_groups,
94 realm=self.realm,
95 use_ssl=True,
96 template=test_file_path
97 )
98 assert 'TEST_EXAMPLE' in generated_config
99
82 100 @pytest.mark.parametrize('list_parent_path', [True, False])
83 101 @pytest.mark.parametrize('use_ssl', [True, False])
84 102 def test_list_parent_path(self, list_parent_path, use_ssl):
85 103 generated_config = utils._render_mod_dav_svn_config(
86 104 parent_path_root=self.parent_path_root,
87 105 list_parent_path=list_parent_path,
88 106 location_root=self.location_root,
89 107 repo_groups=self.get_repo_group_mocks(count=10),
90 108 realm=self.realm,
91 use_ssl=use_ssl
109 use_ssl=use_ssl,
110 template=''
92 111 )
93 112
94 113 # Assert that correct configuration directive is present.
95 114 if list_parent_path:
96 115 assert not re.search('SVNListParentPath\s+Off', generated_config)
97 116 assert re.search('SVNListParentPath\s+On', generated_config)
98 117 else:
99 118 assert re.search('SVNListParentPath\s+Off', generated_config)
100 119 assert not re.search('SVNListParentPath\s+On', generated_config)
101 120
102 121 if use_ssl:
103 122 assert 'RequestHeader edit Destination ^https: http: early' \
104 123 in generated_config
105 124 else:
106 125 assert '#RequestHeader edit Destination ^https: http: early' \
107 126 in generated_config
Show file before | Show file after | Hide comments
@@ -1,93 +1,93 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2016-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import codecs
22 22 import logging
23 23 import os
24 24 from pyramid.renderers import render
25 25
26 26 from rhodecode.events import trigger
27 27 from rhodecode.lib.utils import get_rhodecode_realm, get_rhodecode_base_path
28 28 from rhodecode.lib.utils2 import str2bool
29 29 from rhodecode.model.db import RepoGroup
30 30
31 31 from . import config_keys
32 32 from .events import ModDavSvnConfigChange
33 33
34 34
35 35 log = logging.getLogger(__name__)
36 36
37 37
38 38 def generate_mod_dav_svn_config(registry):
39 39 """
40 40 Generate the configuration file for use with subversion's mod_dav_svn
41 41 module. The configuration has to contain a <Location> block for each
42 42 available repository group because the mod_dav_svn module does not support
43 43 repositories organized in sub folders.
44 44 """
45 45 settings = registry.settings
46 46 use_ssl = str2bool(registry.settings['force_https'])
47 47
48 48 config = _render_mod_dav_svn_config(
49 49 use_ssl=use_ssl,
50 50 parent_path_root=get_rhodecode_base_path(),
51 51 list_parent_path=settings[config_keys.list_parent_path],
52 52 location_root=settings[config_keys.location_root],
53 53 repo_groups=RepoGroup.get_all_repo_groups(),
54 realm=get_rhodecode_realm())
54 realm=get_rhodecode_realm(), template=settings[config_keys.template])
55 55 _write_mod_dav_svn_config(config, settings[config_keys.config_file_path])
56 56
57 57 # Trigger an event on mod dav svn configuration change.
58 58 trigger(ModDavSvnConfigChange(), registry)
59 59
60 60
61 61 def _render_mod_dav_svn_config(
62 62 parent_path_root, list_parent_path, location_root, repo_groups, realm,
63 use_ssl):
63 use_ssl, template):
64 64 """
65 65 Render mod_dav_svn configuration to string.
66 66 """
67 67 repo_group_paths = []
68 68 for repo_group in repo_groups:
69 69 group_path = repo_group.full_path_splitted
70 70 location = os.path.join(location_root, *group_path)
71 71 parent_path = os.path.join(parent_path_root, *group_path)
72 72 repo_group_paths.append((location, parent_path))
73 73
74 74 context = {
75 75 'location_root': location_root,
76 76 'parent_path_root': parent_path_root,
77 77 'repo_group_paths': repo_group_paths,
78 78 'svn_list_parent_path': list_parent_path,
79 79 'rhodecode_realm': realm,
80 'use_https': use_ssl
80 'use_https': use_ssl,
81 81 }
82
82 template = template or \
83 'rhodecode:apps/svn_support/templates/mod-dav-svn.conf.mako'
83 84 # Render the configuration template to string.
84 template = 'rhodecode:apps/svn_support/templates/mod-dav-svn.conf.mako'
85 85 return render(template, context)
86 86
87 87
88 88 def _write_mod_dav_svn_config(config, filepath):
89 89 """
90 90 Write mod_dav_svn config to file.
91 91 """
92 92 with codecs.open(filepath, 'w', encoding='utf-8') as f:
93 93 f.write(config)
General Comments 0
You need to be logged in to leave comments. Login now