rhodecode-enterprise-ce Commit - r4108:eaa05819

app-setup: allow skip of legacy plugin discovery.

marcink -

r4108:eaa05819 default

parent child

configs/development.ini

0 +3 0

             ################################################################################
             ##                RHODECODE COMMUNITY  EDITION CONFIGURATION                  ##
             ################################################################################
             [DEFAULT]
             ## Debug flag sets all loggers to debug, and enables request tracking
             debug = true
             ################################################################################
             ##                            EMAIL CONFIGURATION                             ##
             ## Uncomment and replace with the email address which should receive          ##
             ## any error reports after an application crash                               ##
             ## Additionally these settings will be used by the RhodeCode mailing system   ##
             ################################################################################
             ## prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ## email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ## COMMON ##
             host = 127.0.0.1
             port = 5000
             ###########################################################
             ## WAITRESS WSGI SERVER - Recommended for Development  ####
             ###########################################################
             use = egg:waitress#main
             ## number of worker threads
             threads = 5
             ## MAX BODY SIZE 100GB
             max_request_body_size = 107374182400
             ## Use poll instead of select, fixes file descriptors limits problems.
             ## May not work on old windows systems.
             asyncore_use_poll = true
             ##########################
             ## GUNICORN WSGI SERVER ##
             ##########################
             ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
             #use = egg:gunicorn#main
             ## Sets the number of process workers. More workers means more concurrent connections
             ## RhodeCode can handle at the same time. Each additional worker also it increases
             ## memory usage as each has it's own set of caches.
             ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
             ## than 8-10 unless for really big deployments .e.g 700-1000 users.
             ## `instance_id = *` must be set in the [app:main] section below (which is the default)
             ## when using more than 1 worker.
             #workers = 2
             ## Gunicorn access log level
             #loglevel = info
             ## process name visible in process list
             #proc_name = rhodecode
             ## type of worker class, one of sync, gevent
             ## recommended for bigger setup is using of of other than sync one
             #worker_class = gevent
             ## The maximum number of simultaneous clients. Valid only for Gevent
             #worker_connections = 10
             ## max number of requests that worker will handle before being gracefully
             ## restarted, could prevent memory leaks
             #max_requests = 1000
             #max_requests_jitter = 30
             ## amount of time a worker can spend with handling a request before it
             ## gets killed and restarted. Set to 6hrs
             #timeout = 21600
             ## The maximum size of HTTP request line in bytes.
             ## 0 for unlimited
             #limit_request_line = 0
             ## Limit the number of HTTP headers fields in a request.
             ## By default this value is 100 and can't be larger than 32768.
             #limit_request_fields = 32768
             ## Limit the allowed size of an HTTP request header field.
             ## Value is a positive number or 0.
             ## Setting it to 0 will allow unlimited header field sizes.
             #limit_request_field_size = 0
             ## Timeout for graceful workers restart.
             ## After receiving a restart signal, workers have this much time to finish
             ## serving requests. Workers still alive after the timeout (starting from the
             ## receipt of the restart signal) are force killed.
             #graceful_timeout = 3600
             # The number of seconds to wait for requests on a Keep-Alive connection.
             # Generally set in the 1-5 seconds range.
             #keepalive = 2
             ## Maximum memory usage that each worker can use before it will receive a
             ## graceful restart signal, e.g 10MB = 10485760 (10 * 1024 * 1024)
             # 0 = memory monitoring is disabled
             #memory_max_usage = 0
             ## How often in seconds to check for memory usage for each gunicorn worker
             #memory_usage_check_interval = 60
             ## Threshold value for which we don't recycle worker if GarbageCollection
             ## frees up enough resources. Before each restart we try to run GC on worker
             ## in case we get enough free memory after that, restart will not happen.
             #memory_usage_recovery_threshold = 0.8
             ## prefix middleware for RhodeCode.
             ## recommended when using proxy setup.
             ## allows to set RhodeCode under a prefix in server.
             ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ## And set your prefix like: `prefix = /custom_prefix`
             ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ## to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ## The %(here)s variable will be replaced with the absolute path of parent directory
             ## of this file
             ## In addition ENVIRONMENT variables usage is possible, e.g
             ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
             use = egg:rhodecode-enterprise-ce
             ## enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             # During development the we want to have the debug toolbar enabled
             pyramid.includes =
                 pyramid_debugtoolbar
                 rhodecode.lib.middleware.request_wrapper
             pyramid.reload_templates = true
             debugtoolbar.hosts = 0.0.0.0/0
             debugtoolbar.exclude_prefixes =
                 /css
                 /fonts
                 /images
                 /js
             ## RHODECODE PLUGINS ##
             rhodecode.includes =
                 rhodecode.api
             # api prefix url
             rhodecode.api.url = /_admin/api
             ## END RHODECODE PLUGINS ##
             ## encryption key used to encrypt social plugin tokens,
             ## remote_urls with credentials etc, if not set it defaults to
             ## `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ## decryption strict mode (enabled by default). It controls if decryption raises
             ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ## fernet is safer, and we strongly recommend switching to it.
             ## Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ## return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ## auto-generate javascript routes file on startup
             generate_js_files = false
             ## System global default language.
             ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ## Perform a full repository scan and import on each server start.
             ## Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ## Uncomment and set this path to use archive download cache.
             ## Once enabled, generated archives will be cached at this location
             ## and served from the cache during subsequent requests for the same archive of
             ## the repository.
             #archive_cache_dir = /tmp/tarballcache
             ## URL at which the application is running. This is used for Bootstrapping
             ## requests in context when no web request is available. Used in ishell, or
             ## SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ## Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ## Cut off limit for large diffs (size in bytes). If overall diff size on
             ## commit, or pull request exceeds this limit this diff will be displayed
             ## partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ## Cut off limit for large files inside diffs (size in bytes). Each individual
             ## file inside diff which exceeds this limit will be displayed partially.
             ##  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ## use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ## Normally this is controlled by proper http flags sent from http server
             force_https = false
             ## use Strict-Transport-Security headers
             use_htsts = false
             # Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ## RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ## gist URL alias, used to create nicer urls for gist. This should be an
             ## url that does rewrites to _admin/gists/{gistid}.
             ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ## List of views (using glob pattern syntax) that AUTH TOKENS could be
             ## used for access.
             ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ## came from the the logged in user who own this authentication token.
             ## Additionally @TOKEN syntax can be used to bound the view to specific
             ## authentication token. Such view would be only accessible when used together
             ## with this authentication token
             ##
             ## list of all views can be found under `/_admin/permissions/auth_token_access`
             ## The list should be "," separated and on a single line.
             ##
             ## Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ## Default encoding used to convert from and to unicode
             ## can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ## instance-id prefix
             ## a prefix key for this instance used for cache invalidation when running
             ## multiple instances of RhodeCode, make sure it's globally unique for
             ## all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ## Fallback authentication plugin. Set this to a plugin ID to force the usage
             ## of an authentication plugin also if it is disabled by it's settings.
             ## This could be useful if you are unable to log in to the system due to broken
             ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ## module to log in again and fix the settings.
             ##
             ## Available builtin plugin IDs (hash is part of the ID):
             ## egg:rhodecode-enterprise-ce#rhodecode
             ## egg:rhodecode-enterprise-ce#pam
             ## egg:rhodecode-enterprise-ce#ldap
             ## egg:rhodecode-enterprise-ce#jasig_cas
             ## egg:rhodecode-enterprise-ce#headers
             ## egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
+            ## Flag to control loading of legacy plugins in py:/path format
+            auth_plugin.import_legacy_plugins = true
             ## alternative return HTTP header for failed authentication. Default HTTP
             ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ## handling that causing a series of failed authentication calls.
             ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ## This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ## use special detection method when serving auth_ret_code, instead of serving
             ## ret_code directly, use 401 initially (Which triggers credentials prompt)
             ## and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ## locking return code. When repository is locked return this HTTP code. 2XX
             ## codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ## allows to change the repository location in settings page
             allow_repo_location_change = true
             ## allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ## Generated license token required for EE edition license.
             ## New generated token value can be found in Admin > settings > license page.
             license_token =
             ## This flag would hide sensitive information on the license page
             license.hide_license_info = false
             ## supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ## supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = dev
             ## Display extended labs settings
             labs_settings_active = true
             ## Custom exception store path, defaults to TMPDIR
             ## This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ## File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ## Storage backend, available options are: local
             file_store.backend = local
             ## path to store the uploaded binaries
             file_store.storage_path = %(here)s/data/file_store
             ####################################
             ###        CELERY CONFIG        ####
             ####################################
             ## run: /path/to/celery worker \
             ##     -E --beat --app rhodecode.lib.celerylib.loader \
             ##     --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
             ##     --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ## connection url to the message broker (default redis)
             celery.broker_url = redis://localhost:6379/8
             ## rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ## maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 100
             ## tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             #####################################
             ###         DOGPILE CACHE        ####
             #####################################
             ## Default cache dir for caches.  Putting this into a ramdisk
             ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
             ## large amount of space
             cache_dir = %(here)s/data
             ## `cache_perms` cache settings for permission tree, auth TTL.
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 300
             ## alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ## redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ## alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ## redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ## cache settings for SQL queries, this needs to use memory type backend
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
             ## type backend as the objects kept are not pickle serializable
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ## by default we use 96H, this is using invalidation on push anyway
             rc_cache.cache_repo_longterm.expiration_time = 345600
             ## max items in LRU cache, reduce this number to save memory, and expire last used
             ## cached objects
             rc_cache.cache_repo_longterm.max_size = 10000
             ####################################
             ###       BEAKER SESSION        ####
             ####################################
             ## .session.type is type of storage options for the session, current allowed
             ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/data/sessions
             ## redis sessions
             #beaker.session.type = ext:redis
             #beaker.session.url = redis://127.0.0.1:6379/2
             ## db based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = develop-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/data/sessions/lock
             ## Secure encrypted cookie. Requires AES and AES python libraries
             ## you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ## sets session as invalid(also logging out user) if it haven not been
             ## accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ## Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ## uncomment for https secure cookie
             beaker.session.secure = false
             ## auto save the session to not to use .save()
             beaker.session.auto = false
             ## default cookie expiration time in seconds, set to `true` to set expire
             ## at browser close
             #beaker.session.cookie_expires = 3600
             ###################################
             ## SEARCH INDEXING CONFIGURATION ##
             ###################################
             ## Full text search indexer is available in rhodecode-tools under
             ## `rhodecode-tools index` command
             ## WHOOSH Backend, doesn't require additional services to run
             ## it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ########################################
             ###    CHANNELSTREAM CONFIG         ####
             ########################################
             ## channelstream enables persistent connections and live notification
             ## in the system. It's also used by the chat system
             channelstream.enabled = false
             ## server address for channelstream server on the backend
             channelstream.server = 127.0.0.1:9800
             ## location of the channelstream server from outside world
             ## use ws:// for http or wss:// for https. This address needs to be handled
             ## by external HTTP server such as Nginx or Apache
             ## see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = secret
             channelstream.history.location = %(here)s/channelstream_history
             ## Internal application path that Javascript uses to connect into.
             ## If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ###################################
             ##       APPENLIGHT CONFIG       ##
             ###################################
             ## Appenlight is tailored to work with RhodeCode, see
             ## http://appenlight.com for details how to obtain an account
             ## Appenlight integration enabled
             appenlight = false
             appenlight.server_url = https://api.appenlight.com
             appenlight.api_key = YOUR_API_KEY
             #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
             ## used for JS client
             appenlight.api_public_key = YOUR_API_PUBLIC_KEY
             ## TWEAK AMOUNT OF INFO SENT HERE
             ## enables 404 error logging (default False)
             appenlight.report_404 = false
             ## time in seconds after request is considered being slow (default 1)
             appenlight.slow_request_time = 1
             ## record slow requests in application
             ## (needs to be enabled for slow datastore recording and time tracking)
             appenlight.slow_requests = true
             ## enable hooking to application loggers
             appenlight.logging = true
             ## minimum log level for log capture
             appenlight.logging.level = WARNING
             ## send logs only from erroneous/slow requests
             ## (saves API quota for intensive logging)
             appenlight.logging_on_error = false
             ## list of additional keywords that should be grabbed from environ object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always send following info:
             ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
             ## start with HTTP* this list be extended with additional keywords here
             appenlight.environ_keys_whitelist =
             ## list of keywords that should be blanked from request object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always blank keys that contain following words
             ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
             ## this list be extended with additional keywords set here
             appenlight.request_keys_blacklist =
             ## list of namespaces that should be ignores when gathering log entries
             ## can be string with comma separated list of namespaces
             ## (by default the client ignores own entries: appenlight_client.client)
             appenlight.log_namespace_blacklist =
             # enable debug style page
             debug_style = true
             ###########################################
             ###   MAIN RHODECODE DATABASE CONFIG    ###
             ###########################################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             # pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             # see sqlalchemy docs for other advanced settings
             ## print the sql statements to output
             sqlalchemy.db1.echo = false
             ## recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ## the number of connections to keep open inside the connection pool.
             ## 0 indicates no limit
             #sqlalchemy.db1.pool_size = 5
             ## the number of connections to allow in connection pool "overflow", that is
             ## connections that can be opened above and beyond the pool_size setting,
             ## which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ## Connection check ping, used to detect broken database connections
             ## could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ##################
             ### VCS CONFIG ###
             ##################
             vcs.server.enable = true
             vcs.server = localhost:9900
             ## Web server connectivity protocol, responsible for web based VCS operations
             ## Available protocols are:
             ## `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ## Push/Pull operations protocol, available options are:
             ## `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ## Push/Pull operations hooks protocol, available options are:
             ## `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ## Host on which this instance is listening for hooks. If vcsserver is in other location
             ## this should be adjusted.
             vcs.hooks.host = 127.0.0.1
             vcs.server.log_level = debug
             ## Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ## List of enabled VCS backends, available options are:
             ## `hg`  - mercurial
             ## `git` - git
             ## `svn` - subversion
             vcs.backends = hg, git, svn
             vcs.connection_timeout = 3600
             ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = pre-1.8-compatible
             ############################################################
             ### Subversion proxy support (mod_dav_svn)               ###
             ### Maps RhodeCode repo groups into SVN paths for Apache ###
             ############################################################
             ## Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ## Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ## Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
             ## alternative mod_dav config template. This needs to be a mako template
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ## Used as a prefix to the `Location` block in the generated config file.
             ## In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ## Command to reload the mod dav svn configuration on change.
             ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ## Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ## If the timeout expires before the reload command finishes, the command will
             ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ############################################################
             ### SSH Support Settings                                 ###
             ############################################################
             ## Defines if a custom authorized_keys file should be created and written on
             ## any change user ssh keys. Setting this to false also disables possibility
             ## of adding SSH keys by users from web interface. Super admins can still
             ## manage SSH Keys.
             ssh.generate_authorized_keyfile = false
             ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ## Path to the authorized_keys file where the generate entries are placed.
             ## It is possible to have multiple key files specified in `sshd_config` e.g.
             ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
             ## Command to execute the SSH wrapper. The binary is available in the
             ## RhodeCode installation directory.
             ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
             ## Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ## Enables logging, and detailed output send back to the client during SSH
             ## operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = true
             ## Paths to binary executable, by default they are the names, but we can
             ## override them if we want to use a custom one
             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
             ## Enables SSH key generator web interface. Disabling this still allows users
             ## to add their own keys.
             ssh.enable_ui_key_generator = true
             ## Dummy marker to add new entries after.
             ## Add any custom entries below. Please don't remove.
             custom.conf = 1
             ################################
             ### LOGGING CONFIGURATION   ####
             ################################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, color_formatter, color_formatter_sql
             #############
             ## LOGGERS ##
             #############
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ##############
             ## HANDLERS ##
             ##############
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = DEBUG
             formatter = color_formatter
             [handler_console_sql]
             # "level = DEBUG" logs SQL queries and results.
             # "level = INFO" logs SQL queries.
             # "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             formatter = color_formatter_sql
             ################
             ## FORMATTERS ##
             ################
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S

configs/production.ini

0 +3 0

             ################################################################################
             ##                RHODECODE COMMUNITY  EDITION CONFIGURATION                  ##
             ################################################################################
             [DEFAULT]
             ## Debug flag sets all loggers to debug, and enables request tracking
             debug = false
             ################################################################################
             ##                            EMAIL CONFIGURATION                             ##
             ## Uncomment and replace with the email address which should receive          ##
             ## any error reports after an application crash                               ##
             ## Additionally these settings will be used by the RhodeCode mailing system   ##
             ################################################################################
             ## prefix all emails subjects with given prefix, helps filtering out emails
             #email_prefix = [RhodeCode]
             ## email FROM address all mails will be sent
             #app_email_from = rhodecode-noreply@localhost
             #smtp_server = mail.server.com
             #smtp_username =
             #smtp_password =
             #smtp_port =
             #smtp_use_tls = false
             #smtp_use_ssl = true
             [server:main]
             ## COMMON ##
             host = 127.0.0.1
             port = 5000
             ###########################################################
             ## WAITRESS WSGI SERVER - Recommended for Development  ####
             ###########################################################
             #use = egg:waitress#main
             ## number of worker threads
             #threads = 5
             ## MAX BODY SIZE 100GB
             #max_request_body_size = 107374182400
             ## Use poll instead of select, fixes file descriptors limits problems.
             ## May not work on old windows systems.
             #asyncore_use_poll = true
             ##########################
             ## GUNICORN WSGI SERVER ##
             ##########################
             ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
             use = egg:gunicorn#main
             ## Sets the number of process workers. More workers means more concurrent connections
             ## RhodeCode can handle at the same time. Each additional worker also it increases
             ## memory usage as each has it's own set of caches.
             ## Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
             ## than 8-10 unless for really big deployments .e.g 700-1000 users.
             ## `instance_id = *` must be set in the [app:main] section below (which is the default)
             ## when using more than 1 worker.
             workers = 2
             ## Gunicorn access log level
             loglevel = info
             ## process name visible in process list
             proc_name = rhodecode
             ## type of worker class, one of sync, gevent
             ## recommended for bigger setup is using of of other than sync one
             worker_class = gevent
             ## The maximum number of simultaneous clients. Valid only for Gevent
             worker_connections = 10
             ## max number of requests that worker will handle before being gracefully
             ## restarted, could prevent memory leaks
             max_requests = 1000
             max_requests_jitter = 30
             ## amount of time a worker can spend with handling a request before it
             ## gets killed and restarted. Set to 6hrs
             timeout = 21600
             ## The maximum size of HTTP request line in bytes.
             ## 0 for unlimited
             limit_request_line = 0
             ## Limit the number of HTTP headers fields in a request.
             ## By default this value is 100 and can't be larger than 32768.
             limit_request_fields = 32768
             ## Limit the allowed size of an HTTP request header field.
             ## Value is a positive number or 0.
             ## Setting it to 0 will allow unlimited header field sizes.
             limit_request_field_size = 0
             ## Timeout for graceful workers restart.
             ## After receiving a restart signal, workers have this much time to finish
             ## serving requests. Workers still alive after the timeout (starting from the
             ## receipt of the restart signal) are force killed.
             graceful_timeout = 3600
             # The number of seconds to wait for requests on a Keep-Alive connection.
             # Generally set in the 1-5 seconds range.
             keepalive = 2
             ## Maximum memory usage that each worker can use before it will receive a
             ## graceful restart signal, e.g 10MB = 10485760 (10 * 1024 * 1024)
             # 0 = memory monitoring is disabled
             memory_max_usage = 0
             ## How often in seconds to check for memory usage for each gunicorn worker
             memory_usage_check_interval = 60
             ## Threshold value for which we don't recycle worker if GarbageCollection
             ## frees up enough resources. Before each restart we try to run GC on worker
             ## in case we get enough free memory after that, restart will not happen.
             memory_usage_recovery_threshold = 0.8
             ## prefix middleware for RhodeCode.
             ## recommended when using proxy setup.
             ## allows to set RhodeCode under a prefix in server.
             ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
             ## And set your prefix like: `prefix = /custom_prefix`
             ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
             ## to make your cookies only work on prefix url
             [filter:proxy-prefix]
             use = egg:PasteDeploy#prefix
             prefix = /
             [app:main]
             ## The %(here)s variable will be replaced with the absolute path of parent directory
             ## of this file
             ## In addition ENVIRONMENT variables usage is possible, e.g
             ## sqlalchemy.db1.url = {ENV_RC_DB_URL}
             use = egg:rhodecode-enterprise-ce
             ## enable proxy prefix middleware, defined above
             #filter-with = proxy-prefix
             ## encryption key used to encrypt social plugin tokens,
             ## remote_urls with credentials etc, if not set it defaults to
             ## `beaker.session.secret`
             #rhodecode.encrypted_values.secret =
             ## decryption strict mode (enabled by default). It controls if decryption raises
             ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
             #rhodecode.encrypted_values.strict = false
             ## Pick algorithm for encryption. Either fernet (more secure) or aes (default)
             ## fernet is safer, and we strongly recommend switching to it.
             ## Due to backward compatibility aes is used as default.
             #rhodecode.encrypted_values.algorithm = fernet
             ## return gzipped responses from RhodeCode (static files/application)
             gzip_responses = false
             ## auto-generate javascript routes file on startup
             generate_js_files = false
             ## System global default language.
             ## All available languages: en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
             lang = en
             ## Perform a full repository scan and import on each server start.
             ## Settings this to true could lead to very long startup time.
             startup.import_repos = false
             ## Uncomment and set this path to use archive download cache.
             ## Once enabled, generated archives will be cached at this location
             ## and served from the cache during subsequent requests for the same archive of
             ## the repository.
             #archive_cache_dir = /tmp/tarballcache
             ## URL at which the application is running. This is used for Bootstrapping
             ## requests in context when no web request is available. Used in ishell, or
             ## SSH calls. Set this for events to receive proper url for SSH calls.
             app.base_url = http://rhodecode.local
             ## Unique application ID. Should be a random unique string for security.
             app_instance_uuid = rc-production
             ## Cut off limit for large diffs (size in bytes). If overall diff size on
             ## commit, or pull request exceeds this limit this diff will be displayed
             ## partially. E.g 512000 == 512Kb
             cut_off_limit_diff = 512000
             ## Cut off limit for large files inside diffs (size in bytes). Each individual
             ## file inside diff which exceeds this limit will be displayed partially.
             ##  E.g 128000 == 128Kb
             cut_off_limit_file = 128000
             ## use cached version of vcs repositories everywhere. Recommended to be `true`
             vcs_full_cache = true
             ## Force https in RhodeCode, fixes https redirects, assumes it's always https.
             ## Normally this is controlled by proper http flags sent from http server
             force_https = false
             ## use Strict-Transport-Security headers
             use_htsts = false
             # Set to true if your repos are exposed using the dumb protocol
             git_update_server_info = false
             ## RSS/ATOM feed options
             rss_cut_off_limit = 256000
             rss_items_per_page = 10
             rss_include_diff = false
             ## gist URL alias, used to create nicer urls for gist. This should be an
             ## url that does rewrites to _admin/gists/{gistid}.
             ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
             ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
             gist_alias_url =
             ## List of views (using glob pattern syntax) that AUTH TOKENS could be
             ## used for access.
             ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
             ## came from the the logged in user who own this authentication token.
             ## Additionally @TOKEN syntax can be used to bound the view to specific
             ## authentication token. Such view would be only accessible when used together
             ## with this authentication token
             ##
             ## list of all views can be found under `/_admin/permissions/auth_token_access`
             ## The list should be "," separated and on a single line.
             ##
             ## Most common views to enable:
             #    RepoCommitsView:repo_commit_download
             #    RepoCommitsView:repo_commit_patch
             #    RepoCommitsView:repo_commit_raw
             #    RepoCommitsView:repo_commit_raw@TOKEN
             #    RepoFilesView:repo_files_diff
             #    RepoFilesView:repo_archivefile
             #    RepoFilesView:repo_file_raw
             #    GistView:*
             api_access_controllers_whitelist =
             ## Default encoding used to convert from and to unicode
             ## can be also a comma separated list of encoding in case of mixed encodings
             default_encoding = UTF-8
             ## instance-id prefix
             ## a prefix key for this instance used for cache invalidation when running
             ## multiple instances of RhodeCode, make sure it's globally unique for
             ## all running RhodeCode instances. Leave empty if you don't use it
             instance_id =
             ## Fallback authentication plugin. Set this to a plugin ID to force the usage
             ## of an authentication plugin also if it is disabled by it's settings.
             ## This could be useful if you are unable to log in to the system due to broken
             ## authentication settings. Then you can enable e.g. the internal RhodeCode auth
             ## module to log in again and fix the settings.
             ##
             ## Available builtin plugin IDs (hash is part of the ID):
             ## egg:rhodecode-enterprise-ce#rhodecode
             ## egg:rhodecode-enterprise-ce#pam
             ## egg:rhodecode-enterprise-ce#ldap
             ## egg:rhodecode-enterprise-ce#jasig_cas
             ## egg:rhodecode-enterprise-ce#headers
             ## egg:rhodecode-enterprise-ce#crowd
             #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
+            ## Flag to control loading of legacy plugins in py:/path format
+            auth_plugin.import_legacy_plugins = true
             ## alternative return HTTP header for failed authentication. Default HTTP
             ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
             ## handling that causing a series of failed authentication calls.
             ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
             ## This will be served instead of default 401 on bad authentication
             auth_ret_code =
             ## use special detection method when serving auth_ret_code, instead of serving
             ## ret_code directly, use 401 initially (Which triggers credentials prompt)
             ## and then serve auth_ret_code to clients
             auth_ret_code_detection = false
             ## locking return code. When repository is locked return this HTTP code. 2XX
             ## codes don't break the transactions while 4XX codes do
             lock_ret_code = 423
             ## allows to change the repository location in settings page
             allow_repo_location_change = true
             ## allows to setup custom hooks in settings page
             allow_custom_hooks_settings = true
             ## Generated license token required for EE edition license.
             ## New generated token value can be found in Admin > settings > license page.
             license_token =
             ## This flag would hide sensitive information on the license page
             license.hide_license_info = false
             ## supervisor connection uri, for managing supervisor and logs.
             supervisor.uri =
             ## supervisord group name/id we only want this RC instance to handle
             supervisor.group_id = prod
             ## Display extended labs settings
             labs_settings_active = true
             ## Custom exception store path, defaults to TMPDIR
             ## This is used to store exception from RhodeCode in shared directory
             #exception_tracker.store_path =
             ## File store configuration. This is used to store and serve uploaded files
             file_store.enabled = true
             ## Storage backend, available options are: local
             file_store.backend = local
             ## path to store the uploaded binaries
             file_store.storage_path = %(here)s/data/file_store
             ####################################
             ###        CELERY CONFIG        ####
             ####################################
             ## run: /path/to/celery worker \
             ##     -E --beat --app rhodecode.lib.celerylib.loader \
             ##     --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
             ##     --loglevel DEBUG --ini /path/to/rhodecode.ini
             use_celery = false
             ## connection url to the message broker (default redis)
             celery.broker_url = redis://localhost:6379/8
             ## rabbitmq example
             #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
             ## maximum tasks to execute before worker restart
             celery.max_tasks_per_child = 100
             ## tasks will never be sent to the queue, but executed locally instead.
             celery.task_always_eager = false
             #####################################
             ###         DOGPILE CACHE        ####
             #####################################
             ## Default cache dir for caches.  Putting this into a ramdisk
             ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
             ## large amount of space
             cache_dir = %(here)s/data
             ## `cache_perms` cache settings for permission tree, auth TTL.
             rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_perms.expiration_time = 300
             ## alternative `cache_perms` redis backend with distributed lock
             #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
             #rc_cache.cache_perms.expiration_time = 300
             ## redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
             #rc_cache.cache_perms.arguments.socket_timeout = 30
             #rc_cache.cache_perms.arguments.host = localhost
             #rc_cache.cache_perms.arguments.port = 6379
             #rc_cache.cache_perms.arguments.db = 0
             ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_perms.arguments.distributed_lock = true
             ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
             rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
             rc_cache.cache_repo.expiration_time = 2592000
             ## alternative `cache_repo` redis backend with distributed lock
             #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
             #rc_cache.cache_repo.expiration_time = 2592000
             ## redis_expiration_time needs to be greater then expiration_time
             #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
             #rc_cache.cache_repo.arguments.socket_timeout = 30
             #rc_cache.cache_repo.arguments.host = localhost
             #rc_cache.cache_repo.arguments.port = 6379
             #rc_cache.cache_repo.arguments.db = 1
             ## more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
             #rc_cache.cache_repo.arguments.distributed_lock = true
             ## cache settings for SQL queries, this needs to use memory type backend
             rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
             rc_cache.sql_cache_short.expiration_time = 30
             ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
             ## type backend as the objects kept are not pickle serializable
             rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
             ## by default we use 96H, this is using invalidation on push anyway
             rc_cache.cache_repo_longterm.expiration_time = 345600
             ## max items in LRU cache, reduce this number to save memory, and expire last used
             ## cached objects
             rc_cache.cache_repo_longterm.max_size = 10000
             ####################################
             ###       BEAKER SESSION        ####
             ####################################
             ## .session.type is type of storage options for the session, current allowed
             ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
             beaker.session.type = file
             beaker.session.data_dir = %(here)s/data/sessions
             ## redis sessions
             #beaker.session.type = ext:redis
             #beaker.session.url = redis://127.0.0.1:6379/2
             ## db based session, fast, and allows easy management over logged in users
             #beaker.session.type = ext:database
             #beaker.session.table_name = db_session
             #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
             #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
             #beaker.session.sa.pool_recycle = 3600
             #beaker.session.sa.echo = false
             beaker.session.key = rhodecode
             beaker.session.secret = production-rc-uytcxaz
             beaker.session.lock_dir = %(here)s/data/sessions/lock
             ## Secure encrypted cookie. Requires AES and AES python libraries
             ## you must disable beaker.session.secret to use this
             #beaker.session.encrypt_key = key_for_encryption
             #beaker.session.validate_key = validation_key
             ## sets session as invalid(also logging out user) if it haven not been
             ## accessed for given amount of time in seconds
             beaker.session.timeout = 2592000
             beaker.session.httponly = true
             ## Path to use for the cookie. Set to prefix if you use prefix middleware
             #beaker.session.cookie_path = /custom_prefix
             ## uncomment for https secure cookie
             beaker.session.secure = false
             ## auto save the session to not to use .save()
             beaker.session.auto = false
             ## default cookie expiration time in seconds, set to `true` to set expire
             ## at browser close
             #beaker.session.cookie_expires = 3600
             ###################################
             ## SEARCH INDEXING CONFIGURATION ##
             ###################################
             ## Full text search indexer is available in rhodecode-tools under
             ## `rhodecode-tools index` command
             ## WHOOSH Backend, doesn't require additional services to run
             ## it works good with few dozen repos
             search.module = rhodecode.lib.index.whoosh
             search.location = %(here)s/data/index
             ########################################
             ###    CHANNELSTREAM CONFIG         ####
             ########################################
             ## channelstream enables persistent connections and live notification
             ## in the system. It's also used by the chat system
             channelstream.enabled = false
             ## server address for channelstream server on the backend
             channelstream.server = 127.0.0.1:9800
             ## location of the channelstream server from outside world
             ## use ws:// for http or wss:// for https. This address needs to be handled
             ## by external HTTP server such as Nginx or Apache
             ## see Nginx/Apache configuration examples in our docs
             channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
             channelstream.secret = secret
             channelstream.history.location = %(here)s/channelstream_history
             ## Internal application path that Javascript uses to connect into.
             ## If you use proxy-prefix the prefix should be added before /_channelstream
             channelstream.proxy_path = /_channelstream
             ## Live chat for commits/pull requests. Requires CHANNELSTREAM to be enabled
             ## and configured. (EE edition only)
             chat.enabled = true
             ###################################
             ##       APPENLIGHT CONFIG       ##
             ###################################
             ## Appenlight is tailored to work with RhodeCode, see
             ## http://appenlight.com for details how to obtain an account
             ## Appenlight integration enabled
             appenlight = false
             appenlight.server_url = https://api.appenlight.com
             appenlight.api_key = YOUR_API_KEY
             #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
             ## used for JS client
             appenlight.api_public_key = YOUR_API_PUBLIC_KEY
             ## TWEAK AMOUNT OF INFO SENT HERE
             ## enables 404 error logging (default False)
             appenlight.report_404 = false
             ## time in seconds after request is considered being slow (default 1)
             appenlight.slow_request_time = 1
             ## record slow requests in application
             ## (needs to be enabled for slow datastore recording and time tracking)
             appenlight.slow_requests = true
             ## enable hooking to application loggers
             appenlight.logging = true
             ## minimum log level for log capture
             appenlight.logging.level = WARNING
             ## send logs only from erroneous/slow requests
             ## (saves API quota for intensive logging)
             appenlight.logging_on_error = false
             ## list of additional keywords that should be grabbed from environ object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always send following info:
             ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
             ## start with HTTP* this list be extended with additional keywords here
             appenlight.environ_keys_whitelist =
             ## list of keywords that should be blanked from request object
             ## can be string with comma separated list of words in lowercase
             ## (by default client will always blank keys that contain following words
             ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
             ## this list be extended with additional keywords set here
             appenlight.request_keys_blacklist =
             ## list of namespaces that should be ignores when gathering log entries
             ## can be string with comma separated list of namespaces
             ## (by default the client ignores own entries: appenlight_client.client)
             appenlight.log_namespace_blacklist =
             ###########################################
             ###   MAIN RHODECODE DATABASE CONFIG    ###
             ###########################################
             #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
             #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
             # pymysql is an alternative driver for MySQL, use in case of problems with default one
             #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
             sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
             # see sqlalchemy docs for other advanced settings
             ## print the sql statements to output
             sqlalchemy.db1.echo = false
             ## recycle the connections after this amount of seconds
             sqlalchemy.db1.pool_recycle = 3600
             ## the number of connections to keep open inside the connection pool.
             ## 0 indicates no limit
             #sqlalchemy.db1.pool_size = 5
             ## the number of connections to allow in connection pool "overflow", that is
             ## connections that can be opened above and beyond the pool_size setting,
             ## which defaults to five.
             #sqlalchemy.db1.max_overflow = 10
             ## Connection check ping, used to detect broken database connections
             ## could be enabled to better handle cases if MySQL has gone away errors
             #sqlalchemy.db1.ping_connection = true
             ##################
             ### VCS CONFIG ###
             ##################
             vcs.server.enable = true
             vcs.server = localhost:9900
             ## Web server connectivity protocol, responsible for web based VCS operations
             ## Available protocols are:
             ## `http` - use http-rpc backend (default)
             vcs.server.protocol = http
             ## Push/Pull operations protocol, available options are:
             ## `http` - use http-rpc backend (default)
             vcs.scm_app_implementation = http
             ## Push/Pull operations hooks protocol, available options are:
             ## `http` - use http-rpc backend (default)
             vcs.hooks.protocol = http
             ## Host on which this instance is listening for hooks. If vcsserver is in other location
             ## this should be adjusted.
             vcs.hooks.host = 127.0.0.1
             vcs.server.log_level = info
             ## Start VCSServer with this instance as a subprocess, useful for development
             vcs.start_server = false
             ## List of enabled VCS backends, available options are:
             ## `hg`  - mercurial
             ## `git` - git
             ## `svn` - subversion
             vcs.backends = hg, git, svn
             vcs.connection_timeout = 3600
             ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
             ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
             #vcs.svn.compatible_version = pre-1.8-compatible
             ############################################################
             ### Subversion proxy support (mod_dav_svn)               ###
             ### Maps RhodeCode repo groups into SVN paths for Apache ###
             ############################################################
             ## Enable or disable the config file generation.
             svn.proxy.generate_config = false
             ## Generate config file with `SVNListParentPath` set to `On`.
             svn.proxy.list_parent_path = true
             ## Set location and file name of generated config file.
             svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
             ## alternative mod_dav config template. This needs to be a mako template
             #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
             ## Used as a prefix to the `Location` block in the generated config file.
             ## In most cases it should be set to `/`.
             svn.proxy.location_root = /
             ## Command to reload the mod dav svn configuration on change.
             ## Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
             ## Make sure user who runs RhodeCode process is allowed to reload Apache
             #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
             ## If the timeout expires before the reload command finishes, the command will
             ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
             #svn.proxy.reload_timeout = 10
             ############################################################
             ### SSH Support Settings                                 ###
             ############################################################
             ## Defines if a custom authorized_keys file should be created and written on
             ## any change user ssh keys. Setting this to false also disables possibility
             ## of adding SSH keys by users from web interface. Super admins can still
             ## manage SSH Keys.
             ssh.generate_authorized_keyfile = false
             ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
             # ssh.authorized_keys_ssh_opts =
             ## Path to the authorized_keys file where the generate entries are placed.
             ## It is possible to have multiple key files specified in `sshd_config` e.g.
             ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
             ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
             ## Command to execute the SSH wrapper. The binary is available in the
             ## RhodeCode installation directory.
             ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
             ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
             ## Allow shell when executing the ssh-wrapper command
             ssh.wrapper_cmd_allow_shell = false
             ## Enables logging, and detailed output send back to the client during SSH
             ## operations. Useful for debugging, shouldn't be used in production.
             ssh.enable_debug_logging = false
             ## Paths to binary executable, by default they are the names, but we can
             ## override them if we want to use a custom one
             ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
             ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
             ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
             ## Enables SSH key generator web interface. Disabling this still allows users
             ## to add their own keys.
             ssh.enable_ui_key_generator = true
             ## Dummy marker to add new entries after.
             ## Add any custom entries below. Please don't remove.
             custom.conf = 1
             ################################
             ### LOGGING CONFIGURATION   ####
             ################################
             [loggers]
             keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
             [handlers]
             keys = console, console_sql
             [formatters]
             keys = generic, color_formatter, color_formatter_sql
             #############
             ## LOGGERS ##
             #############
             [logger_root]
             level = NOTSET
             handlers = console
             [logger_sqlalchemy]
             level = INFO
             handlers = console_sql
             qualname = sqlalchemy.engine
             propagate = 0
             [logger_beaker]
             level = DEBUG
             handlers =
             qualname = beaker.container
             propagate = 1
             [logger_rhodecode]
             level = DEBUG
             handlers =
             qualname = rhodecode
             propagate = 1
             [logger_ssh_wrapper]
             level = DEBUG
             handlers =
             qualname = ssh_wrapper
             propagate = 1
             [logger_celery]
             level = DEBUG
             handlers =
             qualname = celery
             ##############
             ## HANDLERS ##
             ##############
             [handler_console]
             class = StreamHandler
             args = (sys.stderr, )
             level = INFO
             formatter = generic
             [handler_console_sql]
             # "level = DEBUG" logs SQL queries and results.
             # "level = INFO" logs SQL queries.
             # "level = WARN" logs neither.  (Recommended for production systems.)
             class = StreamHandler
             args = (sys.stderr, )
             level = WARN
             formatter = generic
             ################
             ## FORMATTERS ##
             ################
             [formatter_generic]
             class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter]
             class = rhodecode.lib.logging_formatter.ColorFormatter
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S
             [formatter_color_formatter_sql]
             class = rhodecode.lib.logging_formatter.ColorFormatterSql
             format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
             datefmt = %Y-%m-%d %H:%M:%S

rhodecode/config/middleware.py

0 +3 -2

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2019 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import os
             import sys
             import logging
             import collections
             import tempfile
             import time
             from paste.gzipper import make_gzip_middleware
             import pyramid.events
             from pyramid.wsgi import wsgiapp
             from pyramid.authorization import ACLAuthorizationPolicy
             from pyramid.config import Configurator
             from pyramid.settings import asbool, aslist
             from pyramid.httpexceptions import (
                 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
             from pyramid.renderers import render_to_response
             from rhodecode.model import meta
             from rhodecode.config import patches
             from rhodecode.config import utils as config_utils
             from rhodecode.config.environment import load_pyramid_environment
             import rhodecode.events
             from rhodecode.lib.middleware.vcs import VCSMiddleware
             from rhodecode.lib.request import Request
             from rhodecode.lib.vcs import VCSCommunicationError
             from rhodecode.lib.exceptions import VCSServerUnavailable
             from rhodecode.lib.middleware.appenlight import wrap_in_appenlight_if_enabled
             from rhodecode.lib.middleware.https_fixup import HttpsFixup
             from rhodecode.lib.celerylib.loader import configure_celery
             from rhodecode.lib.plugins.utils import register_rhodecode_plugin
             from rhodecode.lib.utils2 import aslist as rhodecode_aslist, AttributeDict
             from rhodecode.lib.exc_tracking import store_exception
             from rhodecode.subscribers import (
                 scan_repositories_if_enabled, write_js_routes_if_enabled,
                 write_metadata_if_needed, inject_app_settings)
             log = logging.getLogger(__name__)
             def is_http_error(response):
                 # error which should have traceback
                 return response.status_code > 499
             def should_load_all():
                 """
                 Returns if all application components should be loaded. In some cases it's
                 desired to skip apps loading for faster shell script execution
                 """
                 ssh_cmd = os.environ.get('RC_CMD_SSH_WRAPPER')
                 if ssh_cmd:
                     return False
                 return True
             def make_pyramid_app(global_config, **settings):
                 """
                 Constructs the WSGI application based on Pyramid.
                 Specials:
                 * The application can also be integrated like a plugin via the call to
                   `includeme`. This is accompanied with the other utility functions which
                   are called. Changing this should be done with great care to not break
                   cases when these fragments are assembled from another place.
                 """
                 # Allows to use format style "{ENV_NAME}" placeholders in the configuration. It
                 # will be replaced by the value of the environment variable "NAME" in this case.
                 start_time = time.time()
                 debug = asbool(global_config.get('debug'))
                 if debug:
                     enable_debug()
                 environ = {'ENV_{}'.format(key): value for key, value in os.environ.items()}
                 global_config = _substitute_values(global_config, environ)
                 settings = _substitute_values(settings, environ)
                 sanitize_settings_and_apply_defaults(global_config, settings)
                 config = Configurator(settings=settings)
                 # Apply compatibility patches
                 patches.inspect_getargspec()
                 load_pyramid_environment(global_config, settings)
                 # Static file view comes first
                 includeme_first(config)
                 includeme(config)
                 pyramid_app = config.make_wsgi_app()
                 pyramid_app = wrap_app_in_wsgi_middlewares(pyramid_app, config)
                 pyramid_app.config = config
                 config.configure_celery(global_config['__file__'])
                 # creating the app uses a connection - return it after we are done
                 meta.Session.remove()
                 total_time = time.time() - start_time
                 log.info('Pyramid app `%s` created and configured in %.2fs',
                          pyramid_app.func_name, total_time)
                 return pyramid_app
             def not_found_view(request):
                 """
                 This creates the view which should be registered as not-found-view to
                 pyramid.
                 """
                 if not getattr(request, 'vcs_call', None):
                     # handle like regular case with our error_handler
                     return error_handler(HTTPNotFound(), request)
                 # handle not found view as a vcs call
                 settings = request.registry.settings
                 ae_client = getattr(request, 'ae_client', None)
                 vcs_app = VCSMiddleware(
                     HTTPNotFound(), request.registry, settings,
                     appenlight_client=ae_client)
                 return wsgiapp(vcs_app)(None, request)
             def error_handler(exception, request):
                 import rhodecode
                 from rhodecode.lib import helpers
                 rhodecode_title = rhodecode.CONFIG.get('rhodecode_title') or 'RhodeCode'
                 base_response = HTTPInternalServerError()
                 # prefer original exception for the response since it may have headers set
                 if isinstance(exception, HTTPException):
                     base_response = exception
                 elif isinstance(exception, VCSCommunicationError):
                     base_response = VCSServerUnavailable()
                 if is_http_error(base_response):
                     log.exception(
                         'error occurred handling this request for path: %s', request.path)
                 error_explanation = base_response.explanation or str(base_response)
                 if base_response.status_code == 404:
                     error_explanation += " Optionally you don't have permission to access this page."
                 c = AttributeDict()
                 c.error_message = base_response.status
                 c.error_explanation = error_explanation
                 c.visual = AttributeDict()
                 c.visual.rhodecode_support_url = (
                     request.registry.settings.get('rhodecode_support_url') or
                     request.route_url('rhodecode_support')
                 )
                 c.redirect_time = 0
                 c.rhodecode_name = rhodecode_title
                 if not c.rhodecode_name:
                     c.rhodecode_name = 'Rhodecode'
                 c.causes = []
                 if is_http_error(base_response):
                     c.causes.append('Server is overloaded.')
                     c.causes.append('Server database connection is lost.')
                     c.causes.append('Server expected unhandled error.')
                 if hasattr(base_response, 'causes'):
                     c.causes = base_response.causes
                 c.messages = helpers.flash.pop_messages(request=request)
                 exc_info = sys.exc_info()
                 c.exception_id = id(exc_info)
                 c.show_exception_id = isinstance(base_response, VCSServerUnavailable) \
                                       or base_response.status_code > 499
                 c.exception_id_url = request.route_url(
                     'admin_settings_exception_tracker_show', exception_id=c.exception_id)
                 if c.show_exception_id:
                     store_exception(c.exception_id, exc_info)
                 response = render_to_response(
                     '/errors/error_document.mako', {'c': c, 'h': helpers}, request=request,
                     response=base_response)
                 return response
             def includeme_first(config):
                 # redirect automatic browser favicon.ico requests to correct place
                 def favicon_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/images/favicon.ico'))
                 config.add_view(favicon_redirect, route_name='favicon')
                 config.add_route('favicon', '/favicon.ico')
                 def robots_redirect(context, request):
                     return HTTPFound(
                         request.static_path('rhodecode:public/robots.txt'))
                 config.add_view(robots_redirect, route_name='robots')
                 config.add_route('robots', '/robots.txt')
                 config.add_static_view(
                     '_static/deform', 'deform:static')
                 config.add_static_view(
                     '_static/rhodecode', path='rhodecode:public', cache_max_age=3600 * 24)
             def includeme(config):
                 log.debug('Initializing main includeme from %s', os.path.basename(__file__))
                 settings = config.registry.settings
                 config.set_request_factory(Request)
                 # plugin information
                 config.registry.rhodecode_plugins = collections.OrderedDict()
                 config.add_directive(
                     'register_rhodecode_plugin', register_rhodecode_plugin)
                 config.add_directive('configure_celery', configure_celery)
                 if asbool(settings.get('appenlight', 'false')):
                     config.include('appenlight_client.ext.pyramid_tween')
                 load_all = should_load_all()
                 # Includes which are required. The application would fail without them.
                 config.include('pyramid_mako')
                 config.include('rhodecode.lib.rc_beaker')
                 config.include('rhodecode.lib.rc_cache')
                 config.include('rhodecode.apps._base.navigation')
                 config.include('rhodecode.apps._base.subscribers')
                 config.include('rhodecode.tweens')
                 config.include('rhodecode.authentication')
                 if load_all:
                     config.include('rhodecode.integrations')
                 if load_all:
-                    from rhodecode.authentication import discover_legacy_plugins
                     # load CE authentication plugins
                     config.include('rhodecode.authentication.plugins.auth_crowd')
                     config.include('rhodecode.authentication.plugins.auth_headers')
                     config.include('rhodecode.authentication.plugins.auth_jasig_cas')
                     config.include('rhodecode.authentication.plugins.auth_ldap')
                     config.include('rhodecode.authentication.plugins.auth_pam')
                     config.include('rhodecode.authentication.plugins.auth_rhodecode')
                     config.include('rhodecode.authentication.plugins.auth_token')
                     # Auto discover authentication plugins and include their configuration.
-                    discover_legacy_plugins(config)
+                    if asbool(settings.get('auth_plugin.import_legacy_plugins', 'true')):
+                        from rhodecode.authentication import discover_legacy_plugins
+                        discover_legacy_plugins(config)
                 # apps
                 if load_all:
                     config.include('rhodecode.apps._base')
                     config.include('rhodecode.apps.hovercards')
                     config.include('rhodecode.apps.ops')
                     config.include('rhodecode.apps.admin')
                     config.include('rhodecode.apps.channelstream')
                     config.include('rhodecode.apps.file_store')
                     config.include('rhodecode.apps.login')
                     config.include('rhodecode.apps.home')
                     config.include('rhodecode.apps.journal')
                     config.include('rhodecode.apps.repository')
                     config.include('rhodecode.apps.repo_group')
                     config.include('rhodecode.apps.user_group')
                     config.include('rhodecode.apps.search')
                     config.include('rhodecode.apps.user_profile')
                     config.include('rhodecode.apps.user_group_profile')
                     config.include('rhodecode.apps.my_account')
                     config.include('rhodecode.apps.svn_support')
                     config.include('rhodecode.apps.ssh_support')
                     config.include('rhodecode.apps.gist')
                     config.include('rhodecode.apps.debug_style')
                     config.include('rhodecode.api')
                 config.add_route('rhodecode_support', 'https://rhodecode.com/help/', static=True)
                 config.add_translation_dirs('rhodecode:i18n/')
                 settings['default_locale_name'] = settings.get('lang', 'en')
                 # Add subscribers.
                 if load_all:
                     config.add_subscriber(inject_app_settings,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(scan_repositories_if_enabled,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_metadata_if_needed,
                                           pyramid.events.ApplicationCreated)
                     config.add_subscriber(write_js_routes_if_enabled,
                                           pyramid.events.ApplicationCreated)
                 # request custom methods
                 config.add_request_method(
                     'rhodecode.lib.partial_renderer.get_partial_renderer',
                     'get_partial_renderer')
                 config.add_request_method(
                     'rhodecode.lib.request_counter.get_request_counter',
                     'request_count')
                 # Set the authorization policy.
                 authz_policy = ACLAuthorizationPolicy()
                 config.set_authorization_policy(authz_policy)
                 # Set the default renderer for HTML templates to mako.
                 config.add_mako_renderer('.html')
                 config.add_renderer(
                     name='json_ext',
                     factory='rhodecode.lib.ext_json_renderer.pyramid_ext_json')
                 # include RhodeCode plugins
                 includes = aslist(settings.get('rhodecode.includes', []))
                 for inc in includes:
                     config.include(inc)
                 # custom not found view, if our pyramid app doesn't know how to handle
                 # the request pass it to potential VCS handling ap
                 config.add_notfound_view(not_found_view)
                 if not settings.get('debugtoolbar.enabled', False):
                     # disabled debugtoolbar handle all exceptions via the error_handlers
                     config.add_view(error_handler, context=Exception)
                 # all errors including 403/404/50X
                 config.add_view(error_handler, context=HTTPError)
             def wrap_app_in_wsgi_middlewares(pyramid_app, config):
                 """
                 Apply outer WSGI middlewares around the application.
                 """
                 registry = config.registry
                 settings = registry.settings
                 # enable https redirects based on HTTP_X_URL_SCHEME set by proxy
                 pyramid_app = HttpsFixup(pyramid_app, settings)
                 pyramid_app, _ae_client = wrap_in_appenlight_if_enabled(
                     pyramid_app, settings)
                 registry.ae_client = _ae_client
                 if settings['gzip_responses']:
                     pyramid_app = make_gzip_middleware(
                         pyramid_app, settings, compress_level=1)
                 # this should be the outer most middleware in the wsgi stack since
                 # middleware like Routes make database calls
                 def pyramid_app_with_cleanup(environ, start_response):
                     try:
                         return pyramid_app(environ, start_response)
                     finally:
                         # Dispose current database session and rollback uncommitted
                         # transactions.
                         meta.Session.remove()
                         # In a single threaded mode server, on non sqlite db we should have
                         # '0 Current Checked out connections' at the end of a request,
                         # if not, then something, somewhere is leaving a connection open
                         pool = meta.Base.metadata.bind.engine.pool
                         log.debug('sa pool status: %s', pool.status())
                         log.debug('Request processing finalized')
                 return pyramid_app_with_cleanup
             def sanitize_settings_and_apply_defaults(global_config, settings):
                 """
                 Applies settings defaults and does all type conversion.
                 We would move all settings parsing and preparation into this place, so that
                 we have only one place left which deals with this part. The remaining parts
                 of the application would start to rely fully on well prepared settings.
                 This piece would later be split up per topic to avoid a big fat monster
                 function.
                 """
                 settings.setdefault('rhodecode.edition', 'Community Edition')
                 if 'mako.default_filters' not in settings:
                     # set custom default filters if we don't have it defined
                     settings['mako.imports'] = 'from rhodecode.lib.base import h_filter'
                     settings['mako.default_filters'] = 'h_filter'
                 if 'mako.directories' not in settings:
                     mako_directories = settings.setdefault('mako.directories', [
                         # Base templates of the original application
                         'rhodecode:templates',
                     ])
                     log.debug(
                         "Using the following Mako template directories: %s",
                         mako_directories)
                 # NOTE(marcink): fix redis requirement for schema of connection since 3.X
                 if 'beaker.session.type' in settings and settings['beaker.session.type'] == 'ext:redis':
                     raw_url = settings['beaker.session.url']
                     if not raw_url.startswith(('redis://', 'rediss://', 'unix://')):
                         settings['beaker.session.url'] = 'redis://' + raw_url
                 # Default includes, possible to change as a user
                 pyramid_includes = settings.setdefault('pyramid.includes', [
                     'rhodecode.lib.middleware.request_wrapper',
                 ])
                 log.debug(
                     "Using the following pyramid.includes: %s",
                     pyramid_includes)
                 # TODO: johbo: Re-think this, usually the call to config.include
                 # should allow to pass in a prefix.
                 settings.setdefault('rhodecode.api.url', '/_admin/api')
                 settings.setdefault('__file__', global_config.get('__file__'))
                 # Sanitize generic settings.
                 _list_setting(settings, 'default_encoding', 'UTF-8')
                 _bool_setting(settings, 'is_test', 'false')
                 _bool_setting(settings, 'gzip_responses', 'false')
                 # Call split out functions that sanitize settings for each topic.
                 _sanitize_appenlight_settings(settings)
                 _sanitize_vcs_settings(settings)
                 _sanitize_cache_settings(settings)
                 # configure instance id
                 config_utils.set_instance_id(settings)
                 return settings
             def enable_debug():
                 """
                 Helper to enable debug on running instance
                 :return:
                 """
                 import tempfile
                 import textwrap
                 import logging.config
                 ini_template = textwrap.dedent("""
                 #####################################
                 ### DEBUG LOGGING CONFIGURATION  ####
                 #####################################
                 [loggers]
                 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
                 [handlers]
                 keys = console, console_sql
                 [formatters]
                 keys = generic, color_formatter, color_formatter_sql
                 #############
                 ## LOGGERS ##
                 #############
                 [logger_root]
                 level = NOTSET
                 handlers = console
                 [logger_sqlalchemy]
                 level = INFO
                 handlers = console_sql
                 qualname = sqlalchemy.engine
                 propagate = 0
                 [logger_beaker]
                 level = DEBUG
                 handlers =
                 qualname = beaker.container
                 propagate = 1
                 [logger_rhodecode]
                 level = DEBUG
                 handlers =
                 qualname = rhodecode
                 propagate = 1
                 [logger_ssh_wrapper]
                 level = DEBUG
                 handlers =
                 qualname = ssh_wrapper
                 propagate = 1
                 [logger_celery]
                 level = DEBUG
                 handlers =
                 qualname = celery
                 ##############
                 ## HANDLERS ##
                 ##############
                 [handler_console]
                 class = StreamHandler
                 args = (sys.stderr, )
                 level = DEBUG
                 formatter = color_formatter
                 [handler_console_sql]
                 # "level = DEBUG" logs SQL queries and results.
                 # "level = INFO" logs SQL queries.
                 # "level = WARN" logs neither.  (Recommended for production systems.)
                 class = StreamHandler
                 args = (sys.stderr, )
                 level = WARN
                 formatter = color_formatter_sql
                 ################
                 ## FORMATTERS ##
                 ################
                 [formatter_generic]
                 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
                 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s | %(req_id)s
                 datefmt = %Y-%m-%d %H:%M:%S
                 [formatter_color_formatter]
                 class = rhodecode.lib.logging_formatter.ColorRequestTrackingFormatter
                 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s | %(req_id)s
                 datefmt = %Y-%m-%d %H:%M:%S
                 [formatter_color_formatter_sql]
                 class = rhodecode.lib.logging_formatter.ColorFormatterSql
                 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
                 datefmt = %Y-%m-%d %H:%M:%S
                 """)
                 with tempfile.NamedTemporaryFile(prefix='rc_debug_logging_', suffix='.ini',
                                                  delete=False) as f:
                     log.info('Saved Temporary DEBUG config at %s', f.name)
                     f.write(ini_template)
                 logging.config.fileConfig(f.name)
                 log.debug('DEBUG MODE ON')
                 os.remove(f.name)
             def _sanitize_appenlight_settings(settings):
                 _bool_setting(settings, 'appenlight', 'false')
             def _sanitize_vcs_settings(settings):
                 """
                 Applies settings defaults and does type conversion for all VCS related
                 settings.
                 """
                 _string_setting(settings, 'vcs.svn.compatible_version', '')
                 _string_setting(settings, 'vcs.hooks.protocol', 'http')
                 _string_setting(settings, 'vcs.hooks.host', '127.0.0.1')
                 _string_setting(settings, 'vcs.scm_app_implementation', 'http')
                 _string_setting(settings, 'vcs.server', '')
                 _string_setting(settings, 'vcs.server.log_level', 'debug')
                 _string_setting(settings, 'vcs.server.protocol', 'http')
                 _bool_setting(settings, 'startup.import_repos', 'false')
                 _bool_setting(settings, 'vcs.hooks.direct_calls', 'false')
                 _bool_setting(settings, 'vcs.server.enable', 'true')
                 _bool_setting(settings, 'vcs.start_server', 'false')
                 _list_setting(settings, 'vcs.backends', 'hg, git, svn')
                 _int_setting(settings, 'vcs.connection_timeout', 3600)
                 # Support legacy values of vcs.scm_app_implementation. Legacy
                 # configurations may use 'rhodecode.lib.middleware.utils.scm_app_http', or
                 # disabled since 4.13 'vcsserver.scm_app' which is now mapped to 'http'.
                 scm_app_impl = settings['vcs.scm_app_implementation']
                 if scm_app_impl in ['rhodecode.lib.middleware.utils.scm_app_http', 'vcsserver.scm_app']:
                     settings['vcs.scm_app_implementation'] = 'http'
             def _sanitize_cache_settings(settings):
                 temp_store = tempfile.gettempdir()
                 default_cache_dir = os.path.join(temp_store, 'rc_cache')
                 # save default, cache dir, and use it for all backends later.
                 default_cache_dir = _string_setting(
                     settings,
                     'cache_dir',
                     default_cache_dir, lower=False, default_when_empty=True)
                 # ensure we have our dir created
                 if not os.path.isdir(default_cache_dir):
                     os.makedirs(default_cache_dir, mode=0o755)
                 # exception store cache
                 _string_setting(
                     settings,
                     'exception_tracker.store_path',
                     temp_store, lower=False, default_when_empty=True)
                 # cache_perms
                 _string_setting(
                     settings,
                     'rc_cache.cache_perms.backend',
                     'dogpile.cache.rc.file_namespace', lower=False)
                 _int_setting(
                     settings,
                     'rc_cache.cache_perms.expiration_time',
 )
                 _string_setting(
                     settings,
                     'rc_cache.cache_perms.arguments.filename',
                     os.path.join(default_cache_dir, 'rc_cache_1'), lower=False)
                 # cache_repo
                 _string_setting(
                     settings,
                     'rc_cache.cache_repo.backend',
                     'dogpile.cache.rc.file_namespace', lower=False)
                 _int_setting(
                     settings,
                     'rc_cache.cache_repo.expiration_time',
 )
                 _string_setting(
                     settings,
                     'rc_cache.cache_repo.arguments.filename',
                     os.path.join(default_cache_dir, 'rc_cache_2'), lower=False)
                 # cache_license
                 _string_setting(
                     settings,
                     'rc_cache.cache_license.backend',
                     'dogpile.cache.rc.file_namespace', lower=False)
                 _int_setting(
                     settings,
                     'rc_cache.cache_license.expiration_time',
 *60)
                 _string_setting(
                     settings,
                     'rc_cache.cache_license.arguments.filename',
                     os.path.join(default_cache_dir, 'rc_cache_3'), lower=False)
                 # cache_repo_longterm memory, 96H
                 _string_setting(
                     settings,
                     'rc_cache.cache_repo_longterm.backend',
                     'dogpile.cache.rc.memory_lru', lower=False)
                 _int_setting(
                     settings,
                     'rc_cache.cache_repo_longterm.expiration_time',
 )
                 _int_setting(
                     settings,
                     'rc_cache.cache_repo_longterm.max_size',
 )
                 # sql_cache_short
                 _string_setting(
                     settings,
                     'rc_cache.sql_cache_short.backend',
                     'dogpile.cache.rc.memory_lru', lower=False)
                 _int_setting(
                     settings,
                     'rc_cache.sql_cache_short.expiration_time',
 )
                 _int_setting(
                     settings,
                     'rc_cache.sql_cache_short.max_size',
 )
             def _int_setting(settings, name, default):
                 settings[name] = int(settings.get(name, default))
                 return settings[name]
             def _bool_setting(settings, name, default):
                 input_val = settings.get(name, default)
                 if isinstance(input_val, unicode):
                     input_val = input_val.encode('utf8')
                 settings[name] = asbool(input_val)
                 return settings[name]
             def _list_setting(settings, name, default):
                 raw_value = settings.get(name, default)
                 old_separator = ','
                 if old_separator in raw_value:
                     # If we get a comma separated list, pass it to our own function.
                     settings[name] = rhodecode_aslist(raw_value, sep=old_separator)
                 else:
                     # Otherwise we assume it uses pyramids space/newline separation.
                     settings[name] = aslist(raw_value)
                 return settings[name]
             def _string_setting(settings, name, default, lower=True, default_when_empty=False):
                 value = settings.get(name, default)
                 if default_when_empty and not value:
                     # use default value when value is empty
                     value = default
                 if lower:
                     value = value.lower()
                 settings[name] = value
                 return settings[name]
             def _substitute_values(mapping, substitutions):
                 result = {}
                 try:
                     for key, value in mapping.items():
                         # initialize without substitution first
                         result[key] = value
                         # Note: Cannot use regular replacements, since they would clash
                         # with the implementation of ConfigParser. Using "format" instead.
                         try:
                             result[key] = value.format(**substitutions)
                         except KeyError as e:
                             env_var = '{}'.format(e.args[0])
                             msg = 'Failed to substitute: `{key}={{{var}}}` with environment entry. ' \
                                   'Make sure your environment has {var} set, or remove this ' \
                                   'variable from config file'.format(key=key, var=env_var)
                             if env_var.startswith('ENV_'):
                                 raise ValueError(msg)
                             else:
                                 log.warning(msg)
                 except ValueError as e:
                     log.warning('Failed to substitute ENV variable: %s', e)
                     result = mapping
                 return result

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages