##// END OF EJS Templates
rhodecode-enterprise-docker
RSS
Readme: added notice about users should clone this repository....
marcink -
r2:2b922900 4.24.1
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,199 +1,203 b''
1 # RhodeCode Cluster
1 # RhodeCode Cluster
2
2
3 RhodeCode Cluster is a multi-node highly-scalable setup to run RhodeCode and
3 RhodeCode Cluster is a multi-node highly-scalable setup to run RhodeCode and
4 all its additional components in single environment using Docker.
4 all its additional components in single environment using Docker.
5
5
6 Using a docker-compose this setup creates following services for RhodeCode:
6 Using a docker-compose this setup creates following services for RhodeCode:
7
7
8 - Nginx HTTP Server for load balancing and reverse proxy
8 - Nginx HTTP Server for load balancing and reverse proxy
9 - RhodeCode HTTP
9 - RhodeCode HTTP
10 - VCSServer for GIT/SVN/HG support
10 - VCSServer for GIT/SVN/HG support
11 - SSH Server for cloning over SSH
11 - SSH Server for cloning over SSH
12 - SVN webserver for HTTP support over SVN
12 - SVN webserver for HTTP support over SVN
13 - Celery workers for asynchronous tasks
13 - Celery workers for asynchronous tasks
14 - Celery beat for automation tasks
14 - Celery beat for automation tasks
15 - Redis Database for caching
15 - Redis Database for caching
16 - Postgres database for persistent storage
16 - Postgres database for persistent storage
17 - Channelstream websocket server for live components
17 - Channelstream websocket server for live components
18
18
19
19
20 ## Pre requisites
20 ## Pre requisites
21
21
22 Visit docker site and install docker (min version 20.10) and docker compose:
22 Visit docker site and install docker (min version 20.10) and docker compose:
23
23
24 - https://docs.docker.com/engine/install/
24 - https://docs.docker.com/engine/install/
25 - https://docs.docker.com/compose/install/
25 - https://docs.docker.com/compose/install/
26
26
27
27
28 # Installation steps
28 # Installation steps
29
29 Follow these steps to build and run the RhodeCode Cluster via Docker-compose.
30 Follow these steps to build and run the RhodeCode Cluster via Docker-compose.
31 Get the repository:
32
33 git clone https://code.rhodecode.com/rhodecode-enterprise-docker && cd rhodecode-enterprise-docker
30
34
31 ## Download installer binaries
35 ## Download installer binaries
32
36
33 First start by fetching required installer binaries. This is required to create both
37 First start by fetching required installer binaries. This is required to create both
34 simple build and full compose setup.
38 simple build and full compose setup.
35 Please check the `.env` file to adjust the version if needed.
39 Please check the `.env` file to adjust the version if needed.
36
40
37 `cd .boostrap/; ./download-artifacts.sh; cd ../`
41 `cd .boostrap/; ./download-artifacts.sh; cd ../`
38
42
39 This will download required files and put them into the `.cache` directory.
43 This will download required files and put them into the `.cache` directory.
40 This directory should look similar to that after downloads have finish:
44 This directory should look similar to that after downloads have finish:
41
45
42 ```shell
46 ```shell
43 drwxr-xr-x 8 rcdev rcdev 256B Feb 8 13:35 .
47 drwxr-xr-x 8 rcdev rcdev 256B Feb 8 13:35 .
44 drwxr-xr-x 14 rcdev rcdev 448B Feb 8 10:40 ..
48 drwxr-xr-x 14 rcdev rcdev 448B Feb 8 10:40 ..
45 -rw-r--r-- 1 rcdev rcdev 0B Feb 8 20:44 .dirkeep
49 -rw-r--r-- 1 rcdev rcdev 0B Feb 8 20:44 .dirkeep
46 -rwxr-xr-x 1 rcdev rcdev 241M Feb 8 13:35 RhodeCode-installer-linux-build20210208_0800
50 -rwxr-xr-x 1 rcdev rcdev 241M Feb 8 13:35 RhodeCode-installer-linux-build20210208_0800
47 -rw-r--r-- 1 rcdev rcdev 156M Feb 8 13:35 RhodeCodeCommunity-4.24.1+x86_64-linux_build20210208_0800.tar.bz2
51 -rw-r--r-- 1 rcdev rcdev 156M Feb 8 13:35 RhodeCodeCommunity-4.24.1+x86_64-linux_build20210208_0800.tar.bz2
48 -rw-r--r-- 1 rcdev rcdev 171M Feb 8 13:35 RhodeCodeEnterprise-4.24.1+x86_64-linux_build20210208_0800.tar.bz2
52 -rw-r--r-- 1 rcdev rcdev 171M Feb 8 13:35 RhodeCodeEnterprise-4.24.1+x86_64-linux_build20210208_0800.tar.bz2
49 -rw-r--r-- 1 rcdev rcdev 145M Feb 8 13:35 RhodeCodeVCSServer-4.24.1+x86_64-linux_build20210208_0800.tar.bz2
53 -rw-r--r-- 1 rcdev rcdev 145M Feb 8 13:35 RhodeCodeVCSServer-4.24.1+x86_64-linux_build20210208_0800.tar.bz2
50 -rw-r--r-- 1 rcdev rcdev 109M Feb 8 13:35 locale-archive
54 -rw-r--r-- 1 rcdev rcdev 109M Feb 8 13:35 locale-archive
51 ```
55 ```
52
56
53 ## Set License for EE version
57 ## Set License for EE version
54
58
55 This setup would use a provided license from a file
59 This setup would use a provided license from a file
56 `config/compose/rhodecode_enterprise.license` If you have a full license, or a trial one
60 `config/compose/rhodecode_enterprise.license` If you have a full license, or a trial one
57 please save the license data inside this file, so it will be applied at creation.
61 please save the license data inside this file, so it will be applied at creation.
58 This file can also be empty and license can be applied via a WEB interface.
62 This file can also be empty and license can be applied via a WEB interface.
59
63
60
64
61 ## Run Docker compose build:
65 ## Run Docker compose build:
62
66
63 To create a full stack we need to run the database container, so it's ready to
67 To create a full stack we need to run the database container, so it's ready to
64 build the docker image.
68 build the docker image.
65
69
66 1) start with running the required database for the build stage in the background.
70 1) start with running the required database for the build stage in the background.
67
71
68 ```shell
72 ```shell
69 docker-compose up --detach database
73 docker-compose up --detach database
70 ```
74 ```
71
75
72 This will start our postgres database, and expose it to the network.
76 This will start our postgres database, and expose it to the network.
73 We can now run the full installation. Database needs to be running for the next build command.
77 We can now run the full installation. Database needs to be running for the next build command.
74
78
75 ```shell
79 ```shell
76 docker-compose build rhodecode
80 docker-compose build rhodecode
77 docker-compose build
81 docker-compose build
78 ```
82 ```
79
83
80 Once we build the rhodecode app, we can run the whole stack using `docker-compose up`
84 Once we build the rhodecode app, we can run the whole stack using `docker-compose up`
81
85
82 ```shell
86 ```shell
83 docker-compose up
87 docker-compose up
84 ```
88 ```
85
89
86 You can access Running RhodeCode under via Nginx under:
90 You can access Running RhodeCode under via Nginx under:
87 http://localhost:8888
91 http://localhost:8888
88
92
89
93
90 In case for bigger setups docker-compose can scale more rhodecode/vcsserver workers:
94 In case for bigger setups docker-compose can scale more rhodecode/vcsserver workers:
91
95
92 ```shell
96 ```shell
93 docker-compose up --scale vcsserver=3 rhodecode=3
97 docker-compose up --scale vcsserver=3 rhodecode=3
94 ```
98 ```
95
99
96 ## Data structure
100 ## Data structure
97
101
98 There are 4 volumes defined:
102 There are 4 volumes defined:
99
103
100 - `/var/log/rhodecode` # all logs from RhodeCode are saved in this volume
104 - `/var/log/rhodecode` # all logs from RhodeCode are saved in this volume
101 - `/etc/rhodecode/conf` # storing configuration files for rhodecode, vcsserver and supervisord, and some cache data
105 - `/etc/rhodecode/conf` # storing configuration files for rhodecode, vcsserver and supervisord, and some cache data
102 - `/var/opt/rhodecode_repo_store` # main repository storage where repositories would be stored
106 - `/var/opt/rhodecode_repo_store` # main repository storage where repositories would be stored
103 - `/var/opt/rhodecode_data` # data dir for rhodecode cache/lock files, or user sessions (for file backend)
107 - `/var/opt/rhodecode_data` # data dir for rhodecode cache/lock files, or user sessions (for file backend)
104
108
105
109
106
110
107
111
108 Upgrade:
112 Upgrade:
109
113
110 - pull the latest repo
114 - pull the latest repo
111 - check .env file for correct update version
115 - check .env file for correct update version
112 - re-build rhodecode
116 - re-build rhodecode
113 - docker-compose build rhodecode
117 - docker-compose build rhodecode
114 - docker-compose stop
118 - docker-compose stop
115 - docker-compose up
119 - docker-compose up
116
120
117
121
118
122
119
123
120
124
121
125
122
126
123
127
124
128
125
129
126
130
127
131
128
132
129
133
130
134
131 Logging is pushed to stdout from all services.
135 Logging is pushed to stdout from all services.
132
136
133 ## Simple build
137 ## Simple build
134
138
135 Build docker RhodeCode `Community` without any dependencies (redis, external db) using
139 Build docker RhodeCode `Community` without any dependencies (redis, external db) using
136 simple sqlite database and file based caches.
140 simple sqlite database and file based caches.
137 This is a fully running instance good for small use with 3-5 users.
141 This is a fully running instance good for small use with 3-5 users.
138
142
139 ```shell
143 ```shell
140 docker build -t rhodecode:4.23.2 -f rhodecode.dockerfile \
144 docker build -t rhodecode:4.23.2 -f rhodecode.dockerfile \
141 -e RHODECODE_TYPE=Community \
145 -e RHODECODE_TYPE=Community \
142 -e RHODECODE_VERSION=4.23.2 \
146 -e RHODECODE_VERSION=4.23.2 \
143 -e RHODECODE_DB=sqlite \
147 -e RHODECODE_DB=sqlite \
144 -e RHODECODE_USER_NAME=admin \
148 -e RHODECODE_USER_NAME=admin \
145 -e RHODECODE_USER_PASS=secret4 \
149 -e RHODECODE_USER_PASS=secret4 \
146 -e RHODECODE_USER_EMAIL=support@rhodecode.com \
150 -e RHODECODE_USER_EMAIL=support@rhodecode.com \
147 .
151 .
148 ```
152 ```
149
153
150 note: for debugging better to add `--progress plain` into the build command to obtain all the output from the build.
154 note: for debugging better to add `--progress plain` into the build command to obtain all the output from the build.
151 To Build against existing running Postgres or MySQL you can specify:
155 To Build against existing running Postgres or MySQL you can specify:
152
156
153 --build-arg RHODECODE_DB=postgresql://postgres:secret@database/rhodecode
157 --build-arg RHODECODE_DB=postgresql://postgres:secret@database/rhodecode
154 --build-arg RHODECODE_DB=mysql://root:secret@localhost/rhodecode?charset=utf8
158 --build-arg RHODECODE_DB=mysql://root:secret@localhost/rhodecode?charset=utf8
155
159
156
160
157 To copy over the data into volumes use such command:
161 To copy over the data into volumes use such command:
158 ```shell
162 ```shell
159 docker run -v logvolume:/data --name data_vol busybox true
163 docker run -v logvolume:/data --name data_vol busybox true
160 docker cp . data_vol:/data
164 docker cp . data_vol:/data
161 docker rm data_vol
165 docker rm data_vol
162 ```
166 ```
163
167
164 Run the container, mounting the required volumes. By default the application would be
168 Run the container, mounting the required volumes. By default the application would be
165 available at http://localhost:10020, and default login is (unless specified differently in the build command)
169 available at http://localhost:10020, and default login is (unless specified differently in the build command)
166
170
167 ```
171 ```
168 user: admin
172 user: admin
169 password: secret4
173 password: secret4
170 ```
174 ```
171
175
172 We've not built our image using specific version. It's time to run it:
176 We've not built our image using specific version. It's time to run it:
173
177
174 ```shell
178 ```shell
175 docker run \
179 docker run \
176 --name rhodecode-container \
180 --name rhodecode-container \
177 --publish 10020:10020 \
181 --publish 10020:10020 \
178 --restart unless-stopped \
182 --restart unless-stopped \
179 --volume $PWD/config:/etc/rhodecode/conf \
183 --volume $PWD/config:/etc/rhodecode/conf \
180 --volume $PWD/logs:/var/log/rhodecode \
184 --volume $PWD/logs:/var/log/rhodecode \
181 'rhodecode:4.23.2'
185 'rhodecode:4.23.2'
182 ```
186 ```
183
187
184 Enter container
188 Enter container
185
189
186 ```shell
190 ```shell
187 docker exec -it rhodecode-container /bin/bash
191 docker exec -it rhodecode-container /bin/bash
188 ```
192 ```
189
193
190 Enter interactive shell
194 Enter interactive shell
191
195
192 ```shell
196 ```shell
193 docker exec -it rhodecode-container /var/opt/rhodecode_bin/bin/rc-ishell /etc/rhodecode/conf/rhodecode.ini
197 docker exec -it rhodecode-container /var/opt/rhodecode_bin/bin/rc-ishell /etc/rhodecode/conf/rhodecode.ini
194 ```
198 ```
195
199
196 Run Database migrations
200 Run Database migrations
197 ```shell
201 ```shell
198 docker exec -it rhodecode-container /var/opt/rhodecode_bin/bin/rc-upgrade-db /etc/rhodecode/conf/rhodecode.ini --force-yes
202 docker exec -it rhodecode-container /var/opt/rhodecode_bin/bin/rc-upgrade-db /etc/rhodecode/conf/rhodecode.ini --force-yes
199 ``` No newline at end of file
203 ```
Show file before | Show file after | Hide comments
@@ -1,736 +1,746 b''
1
1
2 ; ##########################################
2 ; ##########################################
3 ; RHODECODE ENTERPRISE EDITION CONFIGURATION
3 ; RHODECODE ENTERPRISE EDITION CONFIGURATION
4 ; ##########################################
4 ; ##########################################
5
5
6 [DEFAULT]
6 [DEFAULT]
7 ; Debug flag sets all loggers to debug, and enables request tracking
7 ; Debug flag sets all loggers to debug, and enables request tracking
8 debug = false
8 debug = false
9
9
10 ; ########################################################################
10 ; ########################################################################
11 ; EMAIL CONFIGURATION
11 ; EMAIL CONFIGURATION
12 ; These settings will be used by the RhodeCode mailing system
12 ; These settings will be used by the RhodeCode mailing system
13 ; ########################################################################
13 ; ########################################################################
14
14
15 ; prefix all emails subjects with given prefix, helps filtering out emails
15 ; prefix all emails subjects with given prefix, helps filtering out emails
16 #email_prefix = [RhodeCode]
16 #email_prefix = [RhodeCode]
17
17
18 ; email FROM address all mails will be sent
18 ; email FROM address all mails will be sent
19 #app_email_from = rhodecode-noreply@localhost
19 #app_email_from = rhodecode-noreply@localhost
20
20
21 #smtp_server = mail.server.com
21 #smtp_server = mail.server.com
22 #smtp_username =
22 #smtp_username =
23 #smtp_password =
23 #smtp_password =
24 #smtp_port =
24 #smtp_port =
25 #smtp_use_tls = false
25 #smtp_use_tls = false
26 #smtp_use_ssl = true
26 #smtp_use_ssl = true
27
27
28
29 [server:main]
28 [server:main]
30 ; COMMON HOST/IP CONFIG
29 ; COMMON HOST/IP CONFIG
31 host = 0.0.0.0
30 host = 0.0.0.0
32 port = 10020
31 port = 10020
33
32
34
33
35 ; ###########################
34 ; ###########################
36 ; GUNICORN APPLICATION SERVER
35 ; GUNICORN APPLICATION SERVER
37 ; ###########################
36 ; ###########################
38
37
39 ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
38 ; run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
40
39
41 ; Module to use, this setting shouldn't be changed
40 ; Module to use, this setting shouldn't be changed
42 use = egg:gunicorn#main
41 use = egg:gunicorn#main
43
42
44 ; Sets the number of process workers. More workers means more concurrent connections
43 ; Sets the number of process workers. More workers means more concurrent connections
45 ; RhodeCode can handle at the same time. Each additional worker also it increases
44 ; RhodeCode can handle at the same time. Each additional worker also it increases
46 ; memory usage as each has it's own set of caches.
45 ; memory usage as each has it's own set of caches.
47 ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
46 ; Recommended value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers, but no more
48 ; than 8-10 unless for really big deployments .e.g 700-1000 users.
47 ; than 8-10 unless for really big deployments .e.g 700-1000 users.
49 ; `instance_id = *` must be set in the [app:main] section below (which is the default)
48 ; `instance_id = *` must be set in the [app:main] section below (which is the default)
50 ; when using more than 1 worker.
49 ; when using more than 1 worker.
51 workers = 2
50 workers = 2
52
51
53 ; Gunicorn access log level
52 ; Gunicorn access log level
54 loglevel = info
53 loglevel = info
55
54
56 ; Process name visible in process list
55 ; Process name visible in process list
57 proc_name = gunicorn-web-1
56 proc_name = gunicorn-web-1
58
57
59 ; Type of worker class, one of `sync`, `gevent`
58 ; Type of worker class, one of `sync`, `gevent`
60 ; Recommended type is `gevent`
59 ; Recommended type is `gevent`
61 worker_class = gevent
60 worker_class = gevent
62
61
63 ; The maximum number of simultaneous clients per worker. Valid only for gevent
62 ; The maximum number of simultaneous clients per worker. Valid only for gevent
64 worker_connections = 10
63 worker_connections = 10
65
64
66 ; Max number of requests that worker will handle before being gracefully restarted.
65 ; Max number of requests that worker will handle before being gracefully restarted.
67 ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
66 ; Prevents memory leaks, jitter adds variability so not all workers are restarted at once.
68 max_requests = 2000
67 max_requests = 2000
69 max_requests_jitter = 100
68 max_requests_jitter = 100
70
69
71 ; Amount of time a worker can spend with handling a request before it
70 ; Amount of time a worker can spend with handling a request before it
72 ; gets killed and restarted. By default set to 21600 (6hrs)
71 ; gets killed and restarted. By default set to 21600 (6hrs)
73 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
72 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
74 timeout = 21600
73 timeout = 21600
75
74
76 ; The maximum size of HTTP request line in bytes.
75 ; The maximum size of HTTP request line in bytes.
77 ; 0 for unlimited
76 ; 0 for unlimited
78 limit_request_line = 0
77 limit_request_line = 0
79
78
80 ; Limit the number of HTTP headers fields in a request.
79 ; Limit the number of HTTP headers fields in a request.
81 ; By default this value is 100 and can't be larger than 32768.
80 ; By default this value is 100 and can't be larger than 32768.
82 limit_request_fields = 32768
81 limit_request_fields = 32768
83
82
84 ; Limit the allowed size of an HTTP request header field.
83 ; Limit the allowed size of an HTTP request header field.
85 ; Value is a positive number or 0.
84 ; Value is a positive number or 0.
86 ; Setting it to 0 will allow unlimited header field sizes.
85 ; Setting it to 0 will allow unlimited header field sizes.
87 limit_request_field_size = 0
86 limit_request_field_size = 0
88
87
89 ; Timeout for graceful workers restart.
88 ; Timeout for graceful workers restart.
90 ; After receiving a restart signal, workers have this much time to finish
89 ; After receiving a restart signal, workers have this much time to finish
91 ; serving requests. Workers still alive after the timeout (starting from the
90 ; serving requests. Workers still alive after the timeout (starting from the
92 ; receipt of the restart signal) are force killed.
91 ; receipt of the restart signal) are force killed.
93 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
92 ; Examples: 1800 (30min), 3600 (1hr), 7200 (2hr), 43200 (12h)
94 graceful_timeout = 3600
93 graceful_timeout = 3600
95
94
96 # The number of seconds to wait for requests on a Keep-Alive connection.
95 # The number of seconds to wait for requests on a Keep-Alive connection.
97 # Generally set in the 1-5 seconds range.
96 # Generally set in the 1-5 seconds range.
98 keepalive = 2
97 keepalive = 2
99
98
100 ; Maximum memory usage that each worker can use before it will receive a
99 ; Maximum memory usage that each worker can use before it will receive a
101 ; graceful restart signal 0 = memory monitoring is disabled
100 ; graceful restart signal 0 = memory monitoring is disabled
102 ; Examples: 268435456 (256MB), 536870912 (512MB)
101 ; Examples: 268435456 (256MB), 536870912 (512MB)
103 ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
102 ; 1073741824 (1GB), 2147483648 (2GB), 4294967296 (4GB)
104 memory_max_usage = 2147483648
103 memory_max_usage = 2147483648
105
104
106 ; How often in seconds to check for memory usage for each gunicorn worker
105 ; How often in seconds to check for memory usage for each gunicorn worker
107 memory_usage_check_interval = 60
106 memory_usage_check_interval = 60
108
107
109 ; Threshold value for which we don't recycle worker if GarbageCollection
108 ; Threshold value for which we don't recycle worker if GarbageCollection
110 ; frees up enough resources. Before each restart we try to run GC on worker
109 ; frees up enough resources. Before each restart we try to run GC on worker
111 ; in case we get enough free memory after that, restart will not happen.
110 ; in case we get enough free memory after that, restart will not happen.
112 memory_usage_recovery_threshold = 0.8
111 memory_usage_recovery_threshold = 0.8
113
112
114
113
115 ; Prefix middleware for RhodeCode.
114 ; Prefix middleware for RhodeCode.
116 ; recommended when using proxy setup.
115 ; recommended when using proxy setup.
117 ; allows to set RhodeCode under a prefix in server.
116 ; allows to set RhodeCode under a prefix in server.
118 ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
117 ; eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
119 ; And set your prefix like: `prefix = /custom_prefix`
118 ; And set your prefix like: `prefix = /custom_prefix`
120 ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
119 ; be sure to also set beaker.session.cookie_path = /custom_prefix if you need
121 ; to make your cookies only work on prefix url
120 ; to make your cookies only work on prefix url
122 [filter:proxy-prefix]
121 [filter:proxy-prefix]
123 use = egg:PasteDeploy#prefix
122 use = egg:PasteDeploy#prefix
124 prefix = /
123 prefix = /
125
124
126 [app:main]
125 [app:main]
127 ; The %(here)s variable will be replaced with the absolute path of parent directory
126 ; The %(here)s variable will be replaced with the absolute path of parent directory
128 ; of this file
127 ; of this file
129 ; In addition ENVIRONMENT variables usage is possible, e.g
128 ; In addition ENVIRONMENT variables usage is possible, e.g
130 ; sqlalchemy.db1.url = {ENV_RC_DB_URL}
129 ; sqlalchemy.db1.url = {ENV_RC_DB_URL}
131
130
132 use = egg:rhodecode-enterprise-ee
131 use = egg:rhodecode-enterprise-ee
133
132
134 ; enable proxy prefix middleware, defined above
133 ; enable proxy prefix middleware, defined above
135 #filter-with = proxy-prefix
134 #filter-with = proxy-prefix
136
135
137 ; encryption key used to encrypt social plugin tokens,
136 ; encryption key used to encrypt social plugin tokens,
138 ; remote_urls with credentials etc, if not set it defaults to
137 ; remote_urls with credentials etc, if not set it defaults to
139 ; `beaker.session.secret`
138 ; `beaker.session.secret`
140 #rhodecode.encrypted_values.secret =
139 #rhodecode.encrypted_values.secret =
141
140
142 ; decryption strict mode (enabled by default). It controls if decryption raises
141 ; decryption strict mode (enabled by default). It controls if decryption raises
143 ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
142 ; `SignatureVerificationError` in case of wrong key, or damaged encryption data.
144 #rhodecode.encrypted_values.strict = false
143 #rhodecode.encrypted_values.strict = false
145
144
146 ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
145 ; Pick algorithm for encryption. Either fernet (more secure) or aes (default)
147 ; fernet is safer, and we strongly recommend switching to it.
146 ; fernet is safer, and we strongly recommend switching to it.
148 ; Due to backward compatibility aes is used as default.
147 ; Due to backward compatibility aes is used as default.
149 #rhodecode.encrypted_values.algorithm = fernet
148 #rhodecode.encrypted_values.algorithm = fernet
150
149
151 ; Return gzipped responses from RhodeCode (static files/application)
150 ; Return gzipped responses from RhodeCode (static files/application)
152 gzip_responses = false
151 gzip_responses = false
153
152
154 ; Auto-generate javascript routes file on startup
153 ; Auto-generate javascript routes file on startup
155 generate_js_files = false
154 generate_js_files = false
156
155
157 ; System global default language.
156 ; System global default language.
158 ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
157 ; All available languages: en (default), be, de, es, fr, it, ja, pl, pt, ru, zh
159 lang = en
158 lang = en
160
159
161 ; Perform a full repository scan and import on each server start.
160 ; Perform a full repository scan and import on each server start.
162 ; Settings this to true could lead to very long startup time.
161 ; Settings this to true could lead to very long startup time.
163 startup.import_repos = false
162 startup.import_repos = false
164
163
165 ; Uncomment and set this path to use archive download cache.
164 ; Uncomment and set this path to use archive download cache.
166 ; Once enabled, generated archives will be cached at this location
165 ; Once enabled, generated archives will be cached at this location
167 ; and served from the cache during subsequent requests for the same archive of
166 ; and served from the cache during subsequent requests for the same archive of
168 ; the repository.
167 ; the repository.
169 archive_cache_dir = /etc/rhodecode/conf/data/tarballcache
168 archive_cache_dir = /etc/rhodecode/conf/data/tarballcache
170
169
171 ; URL at which the application is running. This is used for Bootstrapping
170 ; URL at which the application is running. This is used for Bootstrapping
172 ; requests in context when no web request is available. Used in ishell, or
171 ; requests in context when no web request is available. Used in ishell, or
173 ; SSH calls. Set this for events to receive proper url for SSH calls.
172 ; SSH calls. Set this for events to receive proper url for SSH calls.
174 app.base_url = {ENV_RC_BASE_URL}
173 app.base_url = {ENV_RC_BASE_URL}
175
174
176 ; Unique application ID. Should be a random unique string for security.
175 ; Unique application ID. Should be a random unique string for security.
177 app_instance_uuid = 4442f2dac4dc4fb982f781546735bb99
176 app_instance_uuid = 4442f2dac4dc4fb982f781546735bb99
178
177
179 ; Cut off limit for large diffs (size in bytes). If overall diff size on
178 ; Cut off limit for large diffs (size in bytes). If overall diff size on
180 ; commit, or pull request exceeds this limit this diff will be displayed
179 ; commit, or pull request exceeds this limit this diff will be displayed
181 ; partially. E.g 512000 == 512Kb
180 ; partially. E.g 512000 == 512Kb
182 cut_off_limit_diff = 512000
181 cut_off_limit_diff = 512000
183
182
184 ; Cut off limit for large files inside diffs (size in bytes). Each individual
183 ; Cut off limit for large files inside diffs (size in bytes). Each individual
185 ; file inside diff which exceeds this limit will be displayed partially.
184 ; file inside diff which exceeds this limit will be displayed partially.
186 ; E.g 128000 == 128Kb
185 ; E.g 128000 == 128Kb
187 cut_off_limit_file = 128000
186 cut_off_limit_file = 128000
188
187
189 ; Use cached version of vcs repositories everywhere. Recommended to be `true`
188 ; Use cached version of vcs repositories everywhere. Recommended to be `true`
190 vcs_full_cache = true
189 vcs_full_cache = true
191
190
192 ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
191 ; Force https in RhodeCode, fixes https redirects, assumes it's always https.
193 ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
192 ; Normally this is controlled by proper flags sent from http server such as Nginx or Apache
194 force_https = false
193 force_https = false
195
194
196 ; use Strict-Transport-Security headers
195 ; use Strict-Transport-Security headers
197 use_htsts = false
196 use_htsts = false
198
197
199 ; Set to true if your repos are exposed using the dumb protocol
198 ; Set to true if your repos are exposed using the dumb protocol
200 git_update_server_info = false
199 git_update_server_info = false
201
200
202 ; RSS/ATOM feed options
201 ; RSS/ATOM feed options
203 rss_cut_off_limit = 256000
202 rss_cut_off_limit = 256000
204 rss_items_per_page = 10
203 rss_items_per_page = 10
205 rss_include_diff = false
204 rss_include_diff = false
206
205
207 ; gist URL alias, used to create nicer urls for gist. This should be an
206 ; gist URL alias, used to create nicer urls for gist. This should be an
208 ; url that does rewrites to _admin/gists/{gistid}.
207 ; url that does rewrites to _admin/gists/{gistid}.
209 ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
208 ; example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
210 ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
209 ; RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
211 gist_alias_url =
210 gist_alias_url =
212
211
213 ; List of views (using glob pattern syntax) that AUTH TOKENS could be
212 ; List of views (using glob pattern syntax) that AUTH TOKENS could be
214 ; used for access.
213 ; used for access.
215 ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
214 ; Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
216 ; came from the the logged in user who own this authentication token.
215 ; came from the the logged in user who own this authentication token.
217 ; Additionally @TOKEN syntax can be used to bound the view to specific
216 ; Additionally @TOKEN syntax can be used to bound the view to specific
218 ; authentication token. Such view would be only accessible when used together
217 ; authentication token. Such view would be only accessible when used together
219 ; with this authentication token
218 ; with this authentication token
220 ; list of all views can be found under `/_admin/permissions/auth_token_access`
219 ; list of all views can be found under `/_admin/permissions/auth_token_access`
221 ; The list should be "," separated and on a single line.
220 ; The list should be "," separated and on a single line.
222 ; Most common views to enable:
221 ; Most common views to enable:
223
222
224 # RepoCommitsView:repo_commit_download
223 # RepoCommitsView:repo_commit_download
225 # RepoCommitsView:repo_commit_patch
224 # RepoCommitsView:repo_commit_patch
226 # RepoCommitsView:repo_commit_raw
225 # RepoCommitsView:repo_commit_raw
227 # RepoCommitsView:repo_commit_raw@TOKEN
226 # RepoCommitsView:repo_commit_raw@TOKEN
228 # RepoFilesView:repo_files_diff
227 # RepoFilesView:repo_files_diff
229 # RepoFilesView:repo_archivefile
228 # RepoFilesView:repo_archivefile
230 # RepoFilesView:repo_file_raw
229 # RepoFilesView:repo_file_raw
231 # GistView:*
230 # GistView:*
232 api_access_controllers_whitelist =
231 api_access_controllers_whitelist =
233
232
234 ; Default encoding used to convert from and to unicode
233 ; Default encoding used to convert from and to unicode
235 ; can be also a comma separated list of encoding in case of mixed encodings
234 ; can be also a comma separated list of encoding in case of mixed encodings
236 default_encoding = UTF-8
235 default_encoding = UTF-8
237
236
238 ; instance-id prefix
237 ; instance-id prefix
239 ; a prefix key for this instance used for cache invalidation when running
238 ; a prefix key for this instance used for cache invalidation when running
240 ; multiple instances of RhodeCode, make sure it's globally unique for
239 ; multiple instances of RhodeCode, make sure it's globally unique for
241 ; all running RhodeCode instances. Leave empty if you don't use it
240 ; all running RhodeCode instances. Leave empty if you don't use it
242 instance_id =
241 instance_id =
243
242
244 ; Fallback authentication plugin. Set this to a plugin ID to force the usage
243 ; Fallback authentication plugin. Set this to a plugin ID to force the usage
245 ; of an authentication plugin also if it is disabled by it's settings.
244 ; of an authentication plugin also if it is disabled by it's settings.
246 ; This could be useful if you are unable to log in to the system due to broken
245 ; This could be useful if you are unable to log in to the system due to broken
247 ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
246 ; authentication settings. Then you can enable e.g. the internal RhodeCode auth
248 ; module to log in again and fix the settings.
247 ; module to log in again and fix the settings.
249 ; Available builtin plugin IDs (hash is part of the ID):
248 ; Available builtin plugin IDs (hash is part of the ID):
250 ; egg:rhodecode-enterprise-ce#rhodecode
249 ; egg:rhodecode-enterprise-ce#rhodecode
251 ; egg:rhodecode-enterprise-ce#pam
250 ; egg:rhodecode-enterprise-ce#pam
252 ; egg:rhodecode-enterprise-ce#ldap
251 ; egg:rhodecode-enterprise-ce#ldap
253 ; egg:rhodecode-enterprise-ce#jasig_cas
252 ; egg:rhodecode-enterprise-ce#jasig_cas
254 ; egg:rhodecode-enterprise-ce#headers
253 ; egg:rhodecode-enterprise-ce#headers
255 ; egg:rhodecode-enterprise-ce#crowd
254 ; egg:rhodecode-enterprise-ce#crowd
256
255
257 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
256 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
258
257
259 ; Flag to control loading of legacy plugins in py:/path format
258 ; Flag to control loading of legacy plugins in py:/path format
260 auth_plugin.import_legacy_plugins = true
259 auth_plugin.import_legacy_plugins = true
261
260
262 ; alternative return HTTP header for failed authentication. Default HTTP
261 ; alternative return HTTP header for failed authentication. Default HTTP
263 ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
262 ; response is 401 HTTPUnauthorized. Currently HG clients have troubles with
264 ; handling that causing a series of failed authentication calls.
263 ; handling that causing a series of failed authentication calls.
265 ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
264 ; Set this variable to 403 to return HTTPForbidden, or any other HTTP code
266 ; This will be served instead of default 401 on bad authentication
265 ; This will be served instead of default 401 on bad authentication
267 auth_ret_code =
266 auth_ret_code =
268
267
269 ; use special detection method when serving auth_ret_code, instead of serving
268 ; use special detection method when serving auth_ret_code, instead of serving
270 ; ret_code directly, use 401 initially (Which triggers credentials prompt)
269 ; ret_code directly, use 401 initially (Which triggers credentials prompt)
271 ; and then serve auth_ret_code to clients
270 ; and then serve auth_ret_code to clients
272 auth_ret_code_detection = false
271 auth_ret_code_detection = false
273
272
274 ; locking return code. When repository is locked return this HTTP code. 2XX
273 ; locking return code. When repository is locked return this HTTP code. 2XX
275 ; codes don't break the transactions while 4XX codes do
274 ; codes don't break the transactions while 4XX codes do
276 lock_ret_code = 423
275 lock_ret_code = 423
277
276
278 ; allows to change the repository location in settings page
277 ; allows to change the repository location in settings page
279 allow_repo_location_change = true
278 allow_repo_location_change = true
280
279
281 ; allows to setup custom hooks in settings page
280 ; allows to setup custom hooks in settings page
282 allow_custom_hooks_settings = true
281 allow_custom_hooks_settings = true
283
282
284 ; Generated license token required for EE edition license.
283 ; Generated license token required for EE edition license.
285 ; New generated token value can be found in Admin > settings > license page.
284 ; New generated token value can be found in Admin > settings > license page.
286 license_token = abra-cada-bra1-rce3
285 license_token = abra-cada-bra1-rce3
287
286
288 ; This flag hides sensitive information on the license page such as token, and license data
287 ; This flag hides sensitive information on the license page such as token, and license data
289 license.hide_license_info = false
288 license.hide_license_info = false
290
289
291 ; supervisor connection uri, for managing supervisor and logs.
290 ; supervisor connection uri, for managing supervisor and logs.
292 supervisor.uri = 127.0.0.1:10001
291 supervisor.uri = 127.0.0.1:10001
293
292
294 ; supervisord group name/id we only want this RC instance to handle
293 ; supervisord group name/id we only want this RC instance to handle
295 supervisor.group_id = web-1
294 supervisor.group_id = web-1
296
295
297 ; Display extended labs settings
296 ; Display extended labs settings
298 labs_settings_active = true
297 labs_settings_active = true
299
298
300 ; Custom exception store path, defaults to TMPDIR
299 ; Custom exception store path, defaults to TMPDIR
301 ; This is used to store exception from RhodeCode in shared directory
300 ; This is used to store exception from RhodeCode in shared directory
302 #exception_tracker.store_path =
301 #exception_tracker.store_path =
303
302
303 ; Send email with exception details when it happens
304 #exception_tracker.send_email = false
305
306 ; Comma separated list of recipients for exception emails,
307 ; e.g admin@rhodecode.com,devops@rhodecode.com
308 ; Can be left empty, then emails will be sent to ALL super-admins
309 #exception_tracker.send_email_recipients =
310
311 ; optional prefix to Add to email Subject
312 #exception_tracker.email_prefix = [RHODECODE ERROR]
313
304 ; File store configuration. This is used to store and serve uploaded files
314 ; File store configuration. This is used to store and serve uploaded files
305 file_store.enabled = true
315 file_store.enabled = true
306
316
307 ; Storage backend, available options are: local
317 ; Storage backend, available options are: local
308 file_store.backend = local
318 file_store.backend = local
309
319
310 ; path to store the uploaded binaries
320 ; path to store the uploaded binaries
311 file_store.storage_path = /var/opt/rhodecode_data/file_store
321 file_store.storage_path = /var/opt/rhodecode_data/file_store
312
322
313
323
314 ; #############
324 ; #############
315 ; CELERY CONFIG
325 ; CELERY CONFIG
316 ; #############
326 ; #############
317
327
318 ; manually run celery: /path/to/celery worker -E --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
328 ; manually run celery: /path/to/celery worker -E --beat --app rhodecode.lib.celerylib.loader --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler --loglevel DEBUG --ini /path/to/rhodecode.ini
319
329
320 use_celery = true
330 use_celery = true
321
331
322 ; connection url to the message broker (default redis)
332 ; connection url to the message broker (default redis)
323 celery.broker_url = redis://redis:6379/8
333 celery.broker_url = redis://redis:6379/8
324
334
325 ; rabbitmq example
335 ; rabbitmq example
326 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
336 #celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
327
337
328 ; maximum tasks to execute before worker restart
338 ; maximum tasks to execute before worker restart
329 celery.max_tasks_per_child = 20
339 celery.max_tasks_per_child = 20
330
340
331 ; tasks will never be sent to the queue, but executed locally instead.
341 ; tasks will never be sent to the queue, but executed locally instead.
332 celery.task_always_eager = false
342 celery.task_always_eager = false
333
343
334 ; #############
344 ; #############
335 ; DOGPILE CACHE
345 ; DOGPILE CACHE
336 ; #############
346 ; #############
337
347
338 ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
348 ; Default cache dir for caches. Putting this into a ramdisk can boost performance.
339 ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
349 ; eg. /tmpfs/data_ramdisk, however this directory might require large amount of space
340 cache_dir = /var/opt/rhodecode_data
350 cache_dir = /var/opt/rhodecode_data
341
351
342 ; *********************************************
352 ; *********************************************
343 ; `sql_cache_short` cache for heavy SQL queries
353 ; `sql_cache_short` cache for heavy SQL queries
344 ; Only supported backend is `memory_lru`
354 ; Only supported backend is `memory_lru`
345 ; *********************************************
355 ; *********************************************
346 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
356 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
347 rc_cache.sql_cache_short.expiration_time = 30
357 rc_cache.sql_cache_short.expiration_time = 30
348
358
349
359
350 ; *****************************************************
360 ; *****************************************************
351 ; `cache_repo_longterm` cache for repo object instances
361 ; `cache_repo_longterm` cache for repo object instances
352 ; Only supported backend is `memory_lru`
362 ; Only supported backend is `memory_lru`
353 ; *****************************************************
363 ; *****************************************************
354 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
364 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
355 ; by default we use 30 Days, cache is still invalidated on push
365 ; by default we use 30 Days, cache is still invalidated on push
356 rc_cache.cache_repo_longterm.expiration_time = 2592000
366 rc_cache.cache_repo_longterm.expiration_time = 2592000
357 ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
367 ; max items in LRU cache, set to smaller number to save memory, and expire last used caches
358 rc_cache.cache_repo_longterm.max_size = 10000
368 rc_cache.cache_repo_longterm.max_size = 10000
359
369
360
370
361 ; *************************************************
371 ; *************************************************
362 ; `cache_perms` cache for permission tree, auth TTL
372 ; `cache_perms` cache for permission tree, auth TTL
363 ; *************************************************
373 ; *************************************************
364 #rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
374 #rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
365 #rc_cache.cache_perms.expiration_time = 300
375 #rc_cache.cache_perms.expiration_time = 300
366 ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
376 ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
367 #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms.db
377 #rc_cache.cache_perms.arguments.filename = /tmp/cache_perms.db
368
378
369 ; alternative `cache_perms` redis backend with distributed lock
379 ; alternative `cache_perms` redis backend with distributed lock
370 rc_cache.cache_perms.backend = dogpile.cache.rc.redis
380 rc_cache.cache_perms.backend = dogpile.cache.rc.redis
371 rc_cache.cache_perms.expiration_time = 300
381 rc_cache.cache_perms.expiration_time = 300
372
382
373 ; redis_expiration_time needs to be greater then expiration_time
383 ; redis_expiration_time needs to be greater then expiration_time
374 rc_cache.cache_perms.arguments.redis_expiration_time = 7200
384 rc_cache.cache_perms.arguments.redis_expiration_time = 7200
375
385
376 rc_cache.cache_perms.arguments.host = redis
386 rc_cache.cache_perms.arguments.host = redis
377 rc_cache.cache_perms.arguments.port = 6379
387 rc_cache.cache_perms.arguments.port = 6379
378 rc_cache.cache_perms.arguments.db = 0
388 rc_cache.cache_perms.arguments.db = 0
379 rc_cache.cache_perms.arguments.socket_timeout = 30
389 rc_cache.cache_perms.arguments.socket_timeout = 30
380 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
390 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
381 #rc_cache.cache_perms.arguments.distributed_lock = true
391 #rc_cache.cache_perms.arguments.distributed_lock = true
382
392
383
393
384 ; ***************************************************
394 ; ***************************************************
385 ; `cache_repo` cache for file tree, Readme, RSS FEEDS
395 ; `cache_repo` cache for file tree, Readme, RSS FEEDS
386 ; ***************************************************
396 ; ***************************************************
387 #rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
397 #rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
388 #rc_cache.cache_repo.expiration_time = 2592000
398 #rc_cache.cache_repo.expiration_time = 2592000
389 ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
399 ; file cache store path. Defaults to `cache_dir =` value or tempdir if both values are not set
390 #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo.db
400 #rc_cache.cache_repo.arguments.filename = /tmp/cache_repo.db
391
401
392 ; alternative `cache_repo` redis backend with distributed lock
402 ; alternative `cache_repo` redis backend with distributed lock
393 rc_cache.cache_repo.backend = dogpile.cache.rc.redis
403 rc_cache.cache_repo.backend = dogpile.cache.rc.redis
394 rc_cache.cache_repo.expiration_time = 2592000
404 rc_cache.cache_repo.expiration_time = 2592000
395
405
396 ; redis_expiration_time needs to be greater then expiration_time
406 ; redis_expiration_time needs to be greater then expiration_time
397 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
407 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
398
408
399 rc_cache.cache_repo.arguments.host = redis
409 rc_cache.cache_repo.arguments.host = redis
400 rc_cache.cache_repo.arguments.port = 6379
410 rc_cache.cache_repo.arguments.port = 6379
401 rc_cache.cache_repo.arguments.db = 1
411 rc_cache.cache_repo.arguments.db = 1
402 rc_cache.cache_repo.arguments.socket_timeout = 30
412 rc_cache.cache_repo.arguments.socket_timeout = 30
403 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
413 ; more Redis options: https://dogpilecache.sqlalchemy.org/en/latest/api.html#redis-backends
404 #rc_cache.cache_repo.arguments.distributed_lock = true
414 #rc_cache.cache_repo.arguments.distributed_lock = true
405
415
406
416
407 ; ##############
417 ; ##############
408 ; BEAKER SESSION
418 ; BEAKER SESSION
409 ; ##############
419 ; ##############
410
420
411 ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
421 ; beaker.session.type is type of storage options for the logged users sessions. Current allowed
412 ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
422 ; types are file, ext:redis, ext:database, ext:memcached, and memory (default if not specified).
413 ; Fastest ones are Redis and ext:database
423 ; Fastest ones are Redis and ext:database
414 #beaker.session.type = file
424 #beaker.session.type = file
415 #beaker.session.data_dir = /var/opt/rhodecode_data/sessions
425 #beaker.session.data_dir = /var/opt/rhodecode_data/sessions
416
426
417 ; Redis based sessions
427 ; Redis based sessions
418 beaker.session.type = ext:redis
428 beaker.session.type = ext:redis
419 beaker.session.url = redis://redis:6379/2
429 beaker.session.url = redis://redis:6379/2
420
430
421 ; DB based session, fast, and allows easy management over logged in users
431 ; DB based session, fast, and allows easy management over logged in users
422 #beaker.session.type = ext:database
432 #beaker.session.type = ext:database
423 #beaker.session.table_name = db_session
433 #beaker.session.table_name = db_session
424 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
434 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
425 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
435 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
426 #beaker.session.sa.pool_recycle = 3600
436 #beaker.session.sa.pool_recycle = 3600
427 #beaker.session.sa.echo = false
437 #beaker.session.sa.echo = false
428
438
429 beaker.session.key = http_app
439 beaker.session.key = http_app
430 beaker.session.secret = b39acb28b2304a27a6a0e911500bf7d1
440 beaker.session.secret = b39acb28b2304a27a6a0e911500bf7d1
431 beaker.session.lock_dir = /data_ramdisk/lock
441 beaker.session.lock_dir = /data_ramdisk/lock
432
442
433 ; Secure encrypted cookie. Requires AES and AES python libraries
443 ; Secure encrypted cookie. Requires AES and AES python libraries
434 ; you must disable beaker.session.secret to use this
444 ; you must disable beaker.session.secret to use this
435 #beaker.session.encrypt_key = key_for_encryption
445 #beaker.session.encrypt_key = key_for_encryption
436 #beaker.session.validate_key = validation_key
446 #beaker.session.validate_key = validation_key
437
447
438 ; Sets session as invalid (also logging out user) if it haven not been
448 ; Sets session as invalid (also logging out user) if it haven not been
439 ; accessed for given amount of time in seconds
449 ; accessed for given amount of time in seconds
440 beaker.session.timeout = 2592000
450 beaker.session.timeout = 2592000
441 beaker.session.httponly = true
451 beaker.session.httponly = true
442
452
443 ; Path to use for the cookie. Set to prefix if you use prefix middleware
453 ; Path to use for the cookie. Set to prefix if you use prefix middleware
444 #beaker.session.cookie_path = /custom_prefix
454 #beaker.session.cookie_path = /custom_prefix
445
455
446 ; Set https secure cookie
456 ; Set https secure cookie
447 beaker.session.secure = false
457 beaker.session.secure = false
448
458
449 ; default cookie expiration time in seconds, set to `true` to set expire
459 ; default cookie expiration time in seconds, set to `true` to set expire
450 ; at browser close
460 ; at browser close
451 #beaker.session.cookie_expires = 3600
461 #beaker.session.cookie_expires = 3600
452
462
453 ; #############################
463 ; #############################
454 ; SEARCH INDEXING CONFIGURATION
464 ; SEARCH INDEXING CONFIGURATION
455 ; #############################
465 ; #############################
456
466
457 ; Full text search indexer is available in rhodecode-tools under
467 ; Full text search indexer is available in rhodecode-tools under
458 ; `rhodecode-tools index` command
468 ; `rhodecode-tools index` command
459
469
460 ; WHOOSH Backend, doesn't require additional services to run
470 ; WHOOSH Backend, doesn't require additional services to run
461 ; it works good with few dozen repos
471 ; it works good with few dozen repos
462 #search.module = rhodecode.lib.index.whoosh
472 #search.module = rhodecode.lib.index.whoosh
463 #search.location = /var/opt/rhodecode_data/index
473 #search.location = /var/opt/rhodecode_data/index
464
474
465 ; ElasticSearch (EE edition only). Requires Elastic Search cluster
475 ; ElasticSearch (EE edition only). Requires Elastic Search cluster
466 ; to be installed, and running. Recommended for large amount of repositories
476 ; to be installed, and running. Recommended for large amount of repositories
467 search.module = rc_elasticsearch
477 search.module = rc_elasticsearch
468 search.location = http://elasticsearch:9200
478 search.location = http://elasticsearch:9200
469 ; specify Elastic Search version, 6 for latest or 2 for legacy
479 ; specify Elastic Search version, 6 for latest or 2 for legacy
470 search.es_version = 6
480 search.es_version = 6
471
481
472 ; ####################
482 ; ####################
473 ; CHANNELSTREAM CONFIG
483 ; CHANNELSTREAM CONFIG
474 ; ####################
484 ; ####################
475
485
476 ; channelstream enables persistent connections and live notification
486 ; channelstream enables persistent connections and live notification
477 ; in the system. It's also used by the chat system
487 ; in the system. It's also used by the chat system
478
488
479 channelstream.enabled = true
489 channelstream.enabled = true
480
490
481 ; server address for channelstream server on the backend
491 ; server address for channelstream server on the backend
482 channelstream.server = channelstream:9800
492 channelstream.server = channelstream:9800
483
493
484 ; location of the channelstream server from outside world
494 ; location of the channelstream server from outside world
485 ; use ws:// for http or wss:// for https. This address needs to be handled
495 ; use ws:// for http or wss:// for https. This address needs to be handled
486 ; by external HTTP server such as Nginx or Apache
496 ; by external HTTP server such as Nginx or Apache
487 ; see Nginx/Apache configuration examples in our docs
497 ; see Nginx/Apache configuration examples in our docs
488 channelstream.ws_url = ws:/localhost:8888/_channelstream
498 channelstream.ws_url = ws:/localhost:8888/_channelstream
489 channelstream.secret = b39acb28b2304a27a6a0e911500bf7d1
499 channelstream.secret = b39acb28b2304a27a6a0e911500bf7d1
490 channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
500 channelstream.history.location = /var/opt/rhodecode_data/channelstream_history
491
501
492 ; Internal application path that Javascript uses to connect into.
502 ; Internal application path that Javascript uses to connect into.
493 ; If you use proxy-prefix the prefix should be added before /_channelstream
503 ; If you use proxy-prefix the prefix should be added before /_channelstream
494 channelstream.proxy_path = /_channelstream
504 channelstream.proxy_path = /_channelstream
495
505
496 ; Live chat for commits/pull requests. Requires CHANNELSTREAM to be enabled
506 ; Live chat for commits/pull requests. Requires CHANNELSTREAM to be enabled
497 ; and configured. (EE edition only)
507 ; and configured. (EE edition only)
498 chat.enabled = false
508 chat.enabled = false
499
509
500
510
501 ; ##############################
511 ; ##############################
502 ; MAIN RHODECODE DATABASE CONFIG
512 ; MAIN RHODECODE DATABASE CONFIG
503 ; ##############################
513 ; ##############################
504
514
505 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
515 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
506 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
516 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
507 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
517 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode?charset=utf8
508 ; pymysql is an alternative driver for MySQL, use in case of problems with default one
518 ; pymysql is an alternative driver for MySQL, use in case of problems with default one
509 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
519 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
510
520
511 sqlalchemy.db1.url = postgresql://rhodecode:hUc1adS7oDd6Oj3in3@database/rhodecode
521 sqlalchemy.db1.url = postgresql://rhodecode:hUc1adS7oDd6Oj3in3@database/rhodecode
512
522
513 ; see sqlalchemy docs for other advanced settings
523 ; see sqlalchemy docs for other advanced settings
514 ; print the sql statements to output
524 ; print the sql statements to output
515 sqlalchemy.db1.echo = false
525 sqlalchemy.db1.echo = false
516
526
517 ; recycle the connections after this amount of seconds
527 ; recycle the connections after this amount of seconds
518 sqlalchemy.db1.pool_recycle = 3600
528 sqlalchemy.db1.pool_recycle = 3600
519 sqlalchemy.db1.convert_unicode = true
529 sqlalchemy.db1.convert_unicode = true
520
530
521 ; the number of connections to keep open inside the connection pool.
531 ; the number of connections to keep open inside the connection pool.
522 ; 0 indicates no limit
532 ; 0 indicates no limit
523 #sqlalchemy.db1.pool_size = 5
533 #sqlalchemy.db1.pool_size = 5
524
534
525 ; The number of connections to allow in connection pool "overflow", that is
535 ; The number of connections to allow in connection pool "overflow", that is
526 ; connections that can be opened above and beyond the pool_size setting,
536 ; connections that can be opened above and beyond the pool_size setting,
527 ; which defaults to five.
537 ; which defaults to five.
528 #sqlalchemy.db1.max_overflow = 10
538 #sqlalchemy.db1.max_overflow = 10
529
539
530 ; Connection check ping, used to detect broken database connections
540 ; Connection check ping, used to detect broken database connections
531 ; could be enabled to better handle cases if MySQL has gone away errors
541 ; could be enabled to better handle cases if MySQL has gone away errors
532 #sqlalchemy.db1.ping_connection = true
542 #sqlalchemy.db1.ping_connection = true
533
543
534 ; ##########
544 ; ##########
535 ; VCS CONFIG
545 ; VCS CONFIG
536 ; ##########
546 ; ##########
537 vcs.server.enable = true
547 vcs.server.enable = true
538 vcs.server = vcsserver:10010
548 vcs.server = vcsserver:10010
539
549
540 ; Web server connectivity protocol, responsible for web based VCS operations
550 ; Web server connectivity protocol, responsible for web based VCS operations
541 ; Available protocols are:
551 ; Available protocols are:
542 ; `http` - use http-rpc backend (default)
552 ; `http` - use http-rpc backend (default)
543 vcs.server.protocol = http
553 vcs.server.protocol = http
544
554
545 ; Push/Pull operations protocol, available options are:
555 ; Push/Pull operations protocol, available options are:
546 ; `http` - use http-rpc backend (default)
556 ; `http` - use http-rpc backend (default)
547 vcs.scm_app_implementation = http
557 vcs.scm_app_implementation = http
548
558
549 ; Push/Pull operations hooks protocol, available options are:
559 ; Push/Pull operations hooks protocol, available options are:
550 ; `http` - use http-rpc backend (default)
560 ; `http` - use http-rpc backend (default)
551 vcs.hooks.protocol = http
561 vcs.hooks.protocol = http
552
562
553 ; Host on which this instance is listening for hooks. If vcsserver is in other location
563 ; Host on which this instance is listening for hooks. If vcsserver is in other location
554 ; this should be adjusted.
564 ; this should be adjusted.
555 vcs.hooks.host = rhodecode
565 vcs.hooks.host = rhodecode
556
566
557 ; Start VCSServer with this instance as a subprocess, useful for development
567 ; Start VCSServer with this instance as a subprocess, useful for development
558 vcs.start_server = false
568 vcs.start_server = false
559
569
560 ; List of enabled VCS backends, available options are:
570 ; List of enabled VCS backends, available options are:
561 ; `hg` - mercurial
571 ; `hg` - mercurial
562 ; `git` - git
572 ; `git` - git
563 ; `svn` - subversion
573 ; `svn` - subversion
564 vcs.backends = hg, git, svn
574 vcs.backends = hg, git, svn
565
575
566 ; Wait this number of seconds before killing connection to the vcsserver
576 ; Wait this number of seconds before killing connection to the vcsserver
567 vcs.connection_timeout = 3600
577 vcs.connection_timeout = 3600
568
578
569 ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
579 ; Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
570 ; Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
580 ; Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
571 #vcs.svn.compatible_version = pre-1.8-compatible
581 #vcs.svn.compatible_version = pre-1.8-compatible
572
582
573
583
574 ; ####################################################
584 ; ####################################################
575 ; Subversion proxy support (mod_dav_svn)
585 ; Subversion proxy support (mod_dav_svn)
576 ; Maps RhodeCode repo groups into SVN paths for Apache
586 ; Maps RhodeCode repo groups into SVN paths for Apache
577 ; ####################################################
587 ; ####################################################
578
588
579 ; Enable or disable the config file generation.
589 ; Enable or disable the config file generation.
580 svn.proxy.generate_config = true
590 svn.proxy.generate_config = true
581
591
582 ; Generate config file with `SVNListParentPath` set to `On`.
592 ; Generate config file with `SVNListParentPath` set to `On`.
583 svn.proxy.list_parent_path = true
593 svn.proxy.list_parent_path = true
584
594
585 ; Set location and file name of generated config file.
595 ; Set location and file name of generated config file.
586 svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
596 svn.proxy.config_file_path = /etc/rhodecode/conf/svn/mod_dav_svn.conf
587
597
588 ; alternative mod_dav config template. This needs to be a valid mako template
598 ; alternative mod_dav config template. This needs to be a valid mako template
589 ; Example template can be found in the source code:
599 ; Example template can be found in the source code:
590 ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
600 ; rhodecode/apps/svn_support/templates/mod-dav-svn.conf.mako
591 #svn.proxy.config_template = ~/.rccontrol/community-1/custom_svn_conf.mako
601 #svn.proxy.config_template = ~/.rccontrol/community-1/custom_svn_conf.mako
592
602
593 ; Used as a prefix to the `Location` block in the generated config file.
603 ; Used as a prefix to the `Location` block in the generated config file.
594 ; In most cases it should be set to `/`.
604 ; In most cases it should be set to `/`.
595 svn.proxy.location_root = /
605 svn.proxy.location_root = /
596
606
597 ; Command to reload the mod dav svn configuration on change.
607 ; Command to reload the mod dav svn configuration on change.
598 ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
608 ; Example: `/etc/init.d/apache2 reload` or /home/USER/apache_reload.sh
599 ; Make sure user who runs RhodeCode process is allowed to reload Apache
609 ; Make sure user who runs RhodeCode process is allowed to reload Apache
600 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
610 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
601
611
602 ; If the timeout expires before the reload command finishes, the command will
612 ; If the timeout expires before the reload command finishes, the command will
603 ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
613 ; be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
604 #svn.proxy.reload_timeout = 10
614 #svn.proxy.reload_timeout = 10
605
615
606 ; ####################
616 ; ####################
607 ; SSH Support Settings
617 ; SSH Support Settings
608 ; ####################
618 ; ####################
609
619
610 ; Defines if a custom authorized_keys file should be created and written on
620 ; Defines if a custom authorized_keys file should be created and written on
611 ; any change user ssh keys. Setting this to false also disables possibility
621 ; any change user ssh keys. Setting this to false also disables possibility
612 ; of adding SSH keys by users from web interface. Super admins can still
622 ; of adding SSH keys by users from web interface. Super admins can still
613 ; manage SSH Keys.
623 ; manage SSH Keys.
614 ssh.generate_authorized_keyfile = true
624 ssh.generate_authorized_keyfile = true
615
625
616 ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
626 ; Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
617 # ssh.authorized_keys_ssh_opts =
627 # ssh.authorized_keys_ssh_opts =
618
628
619 ; Path to the authorized_keys file where the generate entries are placed.
629 ; Path to the authorized_keys file where the generate entries are placed.
620 ; It is possible to have multiple key files specified in `sshd_config` e.g.
630 ; It is possible to have multiple key files specified in `sshd_config` e.g.
621 ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
631 ; AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
622 ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
632 ssh.authorized_keys_file_path = /etc/rhodecode/conf/ssh/authorized_keys_rhodecode
623
633
624 ; Command to execute the SSH wrapper. The binary is available in the
634 ; Command to execute the SSH wrapper. The binary is available in the
625 ; RhodeCode installation directory.
635 ; RhodeCode installation directory.
626 ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
636 ; e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
627 ssh.wrapper_cmd = /var/opt/rhodecode_bin/bin/rc-ssh-wrapper
637 ssh.wrapper_cmd = /var/opt/rhodecode_bin/bin/rc-ssh-wrapper
628
638
629 ; Allow shell when executing the ssh-wrapper command
639 ; Allow shell when executing the ssh-wrapper command
630 ssh.wrapper_cmd_allow_shell = false
640 ssh.wrapper_cmd_allow_shell = false
631
641
632 ; Enables logging, and detailed output send back to the client during SSH
642 ; Enables logging, and detailed output send back to the client during SSH
633 ; operations. Useful for debugging, shouldn't be used in production.
643 ; operations. Useful for debugging, shouldn't be used in production.
634 ssh.enable_debug_logging = false
644 ssh.enable_debug_logging = false
635
645
636 ; Paths to binary executable, by default they are the names, but we can
646 ; Paths to binary executable, by default they are the names, but we can
637 ; override them if we want to use a custom one
647 ; override them if we want to use a custom one
638 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
648 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
639 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
649 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
640 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
650 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
641
651
642 ; Enables SSH key generator web interface. Disabling this still allows users
652 ; Enables SSH key generator web interface. Disabling this still allows users
643 ; to add their own keys.
653 ; to add their own keys.
644 ssh.enable_ui_key_generator = true
654 ssh.enable_ui_key_generator = true
645
655
646 ; Dummy marker to add new entries after.
656 ; Dummy marker to add new entries after.
647 ; Add any custom entries below. Please don't remove this marker.
657 ; Add any custom entries below. Please don't remove this marker.
648 custom.conf = 1
658 custom.conf = 1
649
659
650
660
651 ; #####################
661 ; #####################
652 ; LOGGING CONFIGURATION
662 ; LOGGING CONFIGURATION
653 ; #####################
663 ; #####################
654 [loggers]
664 [loggers]
655 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
665 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
656
666
657 [handlers]
667 [handlers]
658 keys = console, console_sql
668 keys = console, console_sql
659
669
660 [formatters]
670 [formatters]
661 keys = generic, color_formatter, color_formatter_sql
671 keys = generic, color_formatter, color_formatter_sql
662
672
663 ; #######
673 ; #######
664 ; LOGGERS
674 ; LOGGERS
665 ; #######
675 ; #######
666 [logger_root]
676 [logger_root]
667 level = NOTSET
677 level = NOTSET
668 handlers = console
678 handlers = console
669
679
670 [logger_sqlalchemy]
680 [logger_sqlalchemy]
671 level = INFO
681 level = INFO
672 handlers = console_sql
682 handlers = console_sql
673 qualname = sqlalchemy.engine
683 qualname = sqlalchemy.engine
674 propagate = 0
684 propagate = 0
675
685
676 [logger_beaker]
686 [logger_beaker]
677 level = DEBUG
687 level = DEBUG
678 handlers =
688 handlers =
679 qualname = beaker.container
689 qualname = beaker.container
680 propagate = 1
690 propagate = 1
681
691
682 [logger_rhodecode]
692 [logger_rhodecode]
683 level = DEBUG
693 level = DEBUG
684 handlers =
694 handlers =
685 qualname = rhodecode
695 qualname = rhodecode
686 propagate = 1
696 propagate = 1
687
697
688 [logger_ssh_wrapper]
698 [logger_ssh_wrapper]
689 level = DEBUG
699 level = DEBUG
690 handlers =
700 handlers =
691 qualname = ssh_wrapper
701 qualname = ssh_wrapper
692 propagate = 1
702 propagate = 1
693
703
694 [logger_celery]
704 [logger_celery]
695 level = DEBUG
705 level = DEBUG
696 handlers =
706 handlers =
697 qualname = celery
707 qualname = celery
698
708
699
709
700 ; ########
710 ; ########
701 ; HANDLERS
711 ; HANDLERS
702 ; ########
712 ; ########
703
713
704 [handler_console]
714 [handler_console]
705 class = StreamHandler
715 class = StreamHandler
706 args = (sys.stderr, )
716 args = (sys.stderr, )
707 level = INFO
717 level = INFO
708 formatter = generic
718 formatter = generic
709
719
710 [handler_console_sql]
720 [handler_console_sql]
711 ; "level = DEBUG" logs SQL queries and results.
721 ; "level = DEBUG" logs SQL queries and results.
712 ; "level = INFO" logs SQL queries.
722 ; "level = INFO" logs SQL queries.
713 ; "level = WARN" logs neither. (Recommended for production systems.)
723 ; "level = WARN" logs neither. (Recommended for production systems.)
714 class = StreamHandler
724 class = StreamHandler
715 args = (sys.stderr, )
725 args = (sys.stderr, )
716 level = WARN
726 level = WARN
717 formatter = generic
727 formatter = generic
718
728
719 ; ##########
729 ; ##########
720 ; FORMATTERS
730 ; FORMATTERS
721 ; ##########
731 ; ##########
722
732
723 [formatter_generic]
733 [formatter_generic]
724 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
734 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
725 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
735 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
726 datefmt = %Y-%m-%d %H:%M:%S
736 datefmt = %Y-%m-%d %H:%M:%S
727
737
728 [formatter_color_formatter]
738 [formatter_color_formatter]
729 class = rhodecode.lib.logging_formatter.ColorFormatter
739 class = rhodecode.lib.logging_formatter.ColorFormatter
730 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
740 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
731 datefmt = %Y-%m-%d %H:%M:%S
741 datefmt = %Y-%m-%d %H:%M:%S
732
742
733 [formatter_color_formatter_sql]
743 [formatter_color_formatter_sql]
734 class = rhodecode.lib.logging_formatter.ColorFormatterSql
744 class = rhodecode.lib.logging_formatter.ColorFormatterSql
735 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
745 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
736 datefmt = %Y-%m-%d %H:%M:%S
746 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now