##// END OF EJS Templates
u » ewong » rhodecode-enterprise-ce-fork
RSS

Fork of rhodecode-enterprise-ce

configs: update ini files with some minor changes.
marcink -
r2965:ee167d7c default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,732 +1,732 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 use = egg:waitress#main
55 55 ## number of worker threads
56 56 threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 #use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 #workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommended to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 #proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 #worker_class = gevent
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 #max_requests = 1000
88 88 #max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 #timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 # During development the we want to have the debug toolbar enabled
112 112 pyramid.includes =
113 113 pyramid_debugtoolbar
114 114 rhodecode.lib.middleware.request_wrapper
115 115
116 116 pyramid.reload_templates = true
117 117
118 118 debugtoolbar.hosts = 0.0.0.0/0
119 119 debugtoolbar.exclude_prefixes =
120 120 /css
121 121 /fonts
122 122 /images
123 123 /js
124 124
125 125 ## RHODECODE PLUGINS ##
126 126 rhodecode.includes =
127 127 rhodecode.api
128 128
129 129
130 130 # api prefix url
131 131 rhodecode.api.url = /_admin/api
132 132
133 133
134 134 ## END RHODECODE PLUGINS ##
135 135
136 136 ## encryption key used to encrypt social plugin tokens,
137 137 ## remote_urls with credentials etc, if not set it defaults to
138 138 ## `beaker.session.secret`
139 139 #rhodecode.encrypted_values.secret =
140 140
141 141 ## decryption strict mode (enabled by default). It controls if decryption raises
142 142 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
143 143 #rhodecode.encrypted_values.strict = false
144 144
145 145 ## return gzipped responses from Rhodecode (static files/application)
146 146 gzip_responses = false
147 147
148 148 ## autogenerate javascript routes file on startup
149 149 generate_js_files = false
150 150
151 151 ## Optional Languages
152 152 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
153 153 lang = en
154 154
155 155 ## perform a full repository scan on each server start, this should be
156 156 ## set to false after first startup, to allow faster server restarts.
157 157 startup.import_repos = false
158 158
159 159 ## Uncomment and set this path to use archive download cache.
160 160 ## Once enabled, generated archives will be cached at this location
161 161 ## and served from the cache during subsequent requests for the same archive of
162 162 ## the repository.
163 163 #archive_cache_dir = /tmp/tarballcache
164 164
165 165 ## URL at which the application is running. This is used for bootstraping
166 166 ## requests in context when no web request is available. Used in ishell, or
167 167 ## SSH calls. Set this for events to receive proper url for SSH calls.
168 168 app.base_url = http://rhodecode.local
169 169
170 170 ## change this to unique ID for security
171 171 app_instance_uuid = rc-production
172 172
173 173 ## cut off limit for large diffs (size in bytes). If overall diff size on
174 174 ## commit, or pull request exceeds this limit this diff will be displayed
175 175 ## partially. E.g 512000 == 512Kb
176 176 cut_off_limit_diff = 512000
177 177
178 178 ## cut off limit for large files inside diffs (size in bytes). Each individual
179 179 ## file inside diff which exceeds this limit will be displayed partially.
180 180 ## E.g 128000 == 128Kb
181 181 cut_off_limit_file = 128000
182 182
183 183 ## use cache version of scm repo everywhere
184 184 vcs_full_cache = true
185 185
186 186 ## force https in RhodeCode, fixes https redirects, assumes it's always https
187 187 ## Normally this is controlled by proper http flags sent from http server
188 188 force_https = false
189 189
190 190 ## use Strict-Transport-Security headers
191 191 use_htsts = false
192 192
193 193 ## git rev filter option, --all is the default filter, if you need to
194 194 ## hide all refs in changelog switch this to --branches --tags
195 195 git_rev_filter = --branches --tags
196 196
197 197 # Set to true if your repos are exposed using the dumb protocol
198 198 git_update_server_info = false
199 199
200 200 ## RSS/ATOM feed options
201 201 rss_cut_off_limit = 256000
202 202 rss_items_per_page = 10
203 203 rss_include_diff = false
204 204
205 205 ## gist URL alias, used to create nicer urls for gist. This should be an
206 206 ## url that does rewrites to _admin/gists/{gistid}.
207 207 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
208 208 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
209 209 gist_alias_url =
210 210
211 211 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
212 212 ## used for access.
213 213 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
214 214 ## came from the the logged in user who own this authentication token.
215 215 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
216 216 ## authentication token. Such view would be only accessible when used together
217 217 ## with this authentication token
218 218 ##
219 219 ## list of all views can be found under `/_admin/permissions/auth_token_access`
220 220 ## The list should be "," separated and on a single line.
221 221 ##
222 222 ## Most common views to enable:
223 223 # RepoCommitsView:repo_commit_download
224 224 # RepoCommitsView:repo_commit_patch
225 225 # RepoCommitsView:repo_commit_raw
226 226 # RepoCommitsView:repo_commit_raw@TOKEN
227 227 # RepoFilesView:repo_files_diff
228 228 # RepoFilesView:repo_archivefile
229 229 # RepoFilesView:repo_file_raw
230 230 # GistView:*
231 231 api_access_controllers_whitelist =
232 232
233 233 ## default encoding used to convert from and to unicode
234 234 ## can be also a comma separated list of encoding in case of mixed encodings
235 235 default_encoding = UTF-8
236 236
237 237 ## instance-id prefix
238 238 ## a prefix key for this instance used for cache invalidation when running
239 239 ## multiple instances of rhodecode, make sure it's globally unique for
240 240 ## all running rhodecode instances. Leave empty if you don't use it
241 241 instance_id =
242 242
243 243 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
244 244 ## of an authentication plugin also if it is disabled by it's settings.
245 245 ## This could be useful if you are unable to log in to the system due to broken
246 246 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
247 247 ## module to log in again and fix the settings.
248 248 ##
249 249 ## Available builtin plugin IDs (hash is part of the ID):
250 250 ## egg:rhodecode-enterprise-ce#rhodecode
251 251 ## egg:rhodecode-enterprise-ce#pam
252 252 ## egg:rhodecode-enterprise-ce#ldap
253 253 ## egg:rhodecode-enterprise-ce#jasig_cas
254 254 ## egg:rhodecode-enterprise-ce#headers
255 255 ## egg:rhodecode-enterprise-ce#crowd
256 256 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
257 257
258 258 ## alternative return HTTP header for failed authentication. Default HTTP
259 259 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
260 260 ## handling that causing a series of failed authentication calls.
261 261 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
262 262 ## This will be served instead of default 401 on bad authnetication
263 263 auth_ret_code =
264 264
265 265 ## use special detection method when serving auth_ret_code, instead of serving
266 266 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
267 267 ## and then serve auth_ret_code to clients
268 268 auth_ret_code_detection = false
269 269
270 270 ## locking return code. When repository is locked return this HTTP code. 2XX
271 271 ## codes don't break the transactions while 4XX codes do
272 272 lock_ret_code = 423
273 273
274 274 ## allows to change the repository location in settings page
275 275 allow_repo_location_change = true
276 276
277 277 ## allows to setup custom hooks in settings page
278 278 allow_custom_hooks_settings = true
279 279
280 280 ## generated license token, goto license page in RhodeCode settings to obtain
281 281 ## new token
282 282 license_token =
283 283
284 284 ## supervisor connection uri, for managing supervisor and logs.
285 285 supervisor.uri =
286 286 ## supervisord group name/id we only want this RC instance to handle
287 287 supervisor.group_id = dev
288 288
289 289 ## Display extended labs settings
290 290 labs_settings_active = true
291 291
292 292 ####################################
293 293 ### CELERY CONFIG ####
294 294 ####################################
295 295 ## run: /path/to/celery worker \
296 296 ## -E --beat --app rhodecode.lib.celerylib.loader \
297 297 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
298 298 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
299 299
300 300 use_celery = false
301 301
302 302 ## connection url to the message broker (default rabbitmq)
303 303 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
304 304
305 305 ## maximum tasks to execute before worker restart
306 306 celery.max_tasks_per_child = 100
307 307
308 308 ## tasks will never be sent to the queue, but executed locally instead.
309 309 celery.task_always_eager = false
310 310
311 311 #####################################
312 312 ### DOGPILE CACHE ####
313 313 #####################################
314 314 ## Default cache dir for caches. Putting this into a ramdisk
315 315 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
316 316 ## large ammount of space
317 cache_dir = /tmp/rcdev/data
317 cache_dir = %(here)s/data
318 318
319 319 ## `cache_perms` cache settings for permission tree, auth TTL.
320 320 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
321 321 rc_cache.cache_perms.expiration_time = 300
322 322
323 323 ## alternative `cache_perms` redis backend with distributed lock
324 324 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
325 325 #rc_cache.cache_perms.expiration_time = 300
326 326 ## redis_expiration_time needs to be greater then expiration_time
327 327 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
328 328 #rc_cache.cache_perms.arguments.socket_timeout = 30
329 329 #rc_cache.cache_perms.arguments.host = localhost
330 330 #rc_cache.cache_perms.arguments.port = 6379
331 331 #rc_cache.cache_perms.arguments.db = 0
332 332 #rc_cache.cache_perms.arguments.distributed_lock = true
333 333
334 334 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
335 335 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
336 336 rc_cache.cache_repo.expiration_time = 2592000
337 337
338 338 ## alternative `cache_repo` redis backend with distributed lock
339 339 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
340 340 #rc_cache.cache_repo.expiration_time = 2592000
341 341 ## redis_expiration_time needs to be greater then expiration_time
342 342 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
343 343 #rc_cache.cache_repo.arguments.socket_timeout = 30
344 344 #rc_cache.cache_repo.arguments.host = localhost
345 345 #rc_cache.cache_repo.arguments.port = 6379
346 346 #rc_cache.cache_repo.arguments.db = 1
347 347 #rc_cache.cache_repo.arguments.distributed_lock = true
348 348
349 349 ## cache settings for SQL queries, this needs to use memory type backend
350 350 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
351 351 rc_cache.sql_cache_short.expiration_time = 30
352 352
353 353 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
354 354 ## type backend as the objects kept are not pickle serializable
355 355 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
356 356 # by default we use 96H, this is using invalidation on push anyway
357 357 rc_cache.cache_repo_longterm.expiration_time = 345600
358 # max items in LRU cache, reduce this number to save memory, and expire last used
359 # cached objects
358 ## max items in LRU cache, reduce this number to save memory, and expire last used
359 ## cached objects
360 360 rc_cache.cache_repo_longterm.max_size = 10000
361 361
362 362
363 363 ####################################
364 364 ### BEAKER SESSION ####
365 365 ####################################
366 366
367 367 ## .session.type is type of storage options for the session, current allowed
368 368 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
369 369 beaker.session.type = file
370 370 beaker.session.data_dir = %(here)s/data/sessions
371 371
372 372 ## db based session, fast, and allows easy management over logged in users
373 373 #beaker.session.type = ext:database
374 374 #beaker.session.table_name = db_session
375 375 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
376 376 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
377 377 #beaker.session.sa.pool_recycle = 3600
378 378 #beaker.session.sa.echo = false
379 379
380 380 beaker.session.key = rhodecode
381 381 beaker.session.secret = develop-rc-uytcxaz
382 382 beaker.session.lock_dir = %(here)s/data/sessions/lock
383 383
384 384 ## Secure encrypted cookie. Requires AES and AES python libraries
385 385 ## you must disable beaker.session.secret to use this
386 386 #beaker.session.encrypt_key = key_for_encryption
387 387 #beaker.session.validate_key = validation_key
388 388
389 389 ## sets session as invalid(also logging out user) if it haven not been
390 390 ## accessed for given amount of time in seconds
391 391 beaker.session.timeout = 2592000
392 392 beaker.session.httponly = true
393 393 ## Path to use for the cookie. Set to prefix if you use prefix middleware
394 394 #beaker.session.cookie_path = /custom_prefix
395 395
396 396 ## uncomment for https secure cookie
397 397 beaker.session.secure = false
398 398
399 399 ## auto save the session to not to use .save()
400 400 beaker.session.auto = false
401 401
402 402 ## default cookie expiration time in seconds, set to `true` to set expire
403 403 ## at browser close
404 404 #beaker.session.cookie_expires = 3600
405 405
406 406 ###################################
407 407 ## SEARCH INDEXING CONFIGURATION ##
408 408 ###################################
409 409 ## Full text search indexer is available in rhodecode-tools under
410 410 ## `rhodecode-tools index` command
411 411
412 412 ## WHOOSH Backend, doesn't require additional services to run
413 413 ## it works good with few dozen repos
414 414 search.module = rhodecode.lib.index.whoosh
415 415 search.location = %(here)s/data/index
416 416
417 417 ########################################
418 418 ### CHANNELSTREAM CONFIG ####
419 419 ########################################
420 420 ## channelstream enables persistent connections and live notification
421 421 ## in the system. It's also used by the chat system
422 422 channelstream.enabled = false
423 423
424 424 ## server address for channelstream server on the backend
425 425 channelstream.server = 127.0.0.1:9800
426 426
427 427 ## location of the channelstream server from outside world
428 428 ## use ws:// for http or wss:// for https. This address needs to be handled
429 429 ## by external HTTP server such as Nginx or Apache
430 430 ## see nginx/apache configuration examples in our docs
431 431 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
432 432 channelstream.secret = secret
433 433 channelstream.history.location = %(here)s/channelstream_history
434 434
435 435 ## Internal application path that Javascript uses to connect into.
436 436 ## If you use proxy-prefix the prefix should be added before /_channelstream
437 437 channelstream.proxy_path = /_channelstream
438 438
439 439
440 440 ###################################
441 441 ## APPENLIGHT CONFIG ##
442 442 ###################################
443 443
444 444 ## Appenlight is tailored to work with RhodeCode, see
445 445 ## http://appenlight.com for details how to obtain an account
446 446
447 447 ## appenlight integration enabled
448 448 appenlight = false
449 449
450 450 appenlight.server_url = https://api.appenlight.com
451 451 appenlight.api_key = YOUR_API_KEY
452 452 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
453 453
454 454 # used for JS client
455 455 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
456 456
457 457 ## TWEAK AMOUNT OF INFO SENT HERE
458 458
459 459 ## enables 404 error logging (default False)
460 460 appenlight.report_404 = false
461 461
462 462 ## time in seconds after request is considered being slow (default 1)
463 463 appenlight.slow_request_time = 1
464 464
465 465 ## record slow requests in application
466 466 ## (needs to be enabled for slow datastore recording and time tracking)
467 467 appenlight.slow_requests = true
468 468
469 469 ## enable hooking to application loggers
470 470 appenlight.logging = true
471 471
472 472 ## minimum log level for log capture
473 473 appenlight.logging.level = WARNING
474 474
475 475 ## send logs only from erroneous/slow requests
476 476 ## (saves API quota for intensive logging)
477 477 appenlight.logging_on_error = false
478 478
479 479 ## list of additonal keywords that should be grabbed from environ object
480 480 ## can be string with comma separated list of words in lowercase
481 481 ## (by default client will always send following info:
482 482 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
483 483 ## start with HTTP* this list be extended with additional keywords here
484 484 appenlight.environ_keys_whitelist =
485 485
486 486 ## list of keywords that should be blanked from request object
487 487 ## can be string with comma separated list of words in lowercase
488 488 ## (by default client will always blank keys that contain following words
489 489 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
490 490 ## this list be extended with additional keywords set here
491 491 appenlight.request_keys_blacklist =
492 492
493 493 ## list of namespaces that should be ignores when gathering log entries
494 494 ## can be string with comma separated list of namespaces
495 495 ## (by default the client ignores own entries: appenlight_client.client)
496 496 appenlight.log_namespace_blacklist =
497 497
498 498
499 499 ################################################################################
500 500 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
501 501 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
502 502 ## execute malicious code after an exception is raised. ##
503 503 ################################################################################
504 504 #set debug = false
505 505
506 506
507 507 ##############
508 508 ## STYLING ##
509 509 ##############
510 510 debug_style = true
511 511
512 512 ###########################################
513 513 ### MAIN RHODECODE DATABASE CONFIG ###
514 514 ###########################################
515 515 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
516 516 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
517 517 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
518 518 # pymysql is an alternative driver for MySQL, use in case of problems with default one
519 519 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
520 520
521 521 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
522 522
523 523 # see sqlalchemy docs for other advanced settings
524 524
525 525 ## print the sql statements to output
526 526 sqlalchemy.db1.echo = false
527 527 ## recycle the connections after this amount of seconds
528 528 sqlalchemy.db1.pool_recycle = 3600
529 529 sqlalchemy.db1.convert_unicode = true
530 530
531 531 ## the number of connections to keep open inside the connection pool.
532 532 ## 0 indicates no limit
533 533 #sqlalchemy.db1.pool_size = 5
534 534
535 535 ## the number of connections to allow in connection pool "overflow", that is
536 536 ## connections that can be opened above and beyond the pool_size setting,
537 537 ## which defaults to five.
538 538 #sqlalchemy.db1.max_overflow = 10
539 539
540 540 ## Connection check ping, used to detect broken database connections
541 541 ## could be enabled to better handle cases if MySQL has gone away errors
542 542 #sqlalchemy.db1.ping_connection = true
543 543
544 544 ##################
545 545 ### VCS CONFIG ###
546 546 ##################
547 547 vcs.server.enable = true
548 548 vcs.server = localhost:9900
549 549
550 550 ## Web server connectivity protocol, responsible for web based VCS operatations
551 551 ## Available protocols are:
552 552 ## `http` - use http-rpc backend (default)
553 553 vcs.server.protocol = http
554 554
555 555 ## Push/Pull operations protocol, available options are:
556 556 ## `http` - use http-rpc backend (default)
557 557 vcs.scm_app_implementation = http
558 558
559 559 ## Push/Pull operations hooks protocol, available options are:
560 560 ## `http` - use http-rpc backend (default)
561 561 vcs.hooks.protocol = http
562 562
563 563 ## Host on which this instance is listening for hooks. If vcsserver is in other location
564 564 ## this should be adjusted.
565 565 vcs.hooks.host = 127.0.0.1
566 566
567 567 vcs.server.log_level = debug
568 568 ## Start VCSServer with this instance as a subprocess, usefull for development
569 569 vcs.start_server = false
570 570
571 571 ## List of enabled VCS backends, available options are:
572 572 ## `hg` - mercurial
573 573 ## `git` - git
574 574 ## `svn` - subversion
575 575 vcs.backends = hg, git, svn
576 576
577 577 vcs.connection_timeout = 3600
578 578 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
579 579 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
580 580 #vcs.svn.compatible_version = pre-1.8-compatible
581 581
582 582
583 583 ############################################################
584 584 ### Subversion proxy support (mod_dav_svn) ###
585 585 ### Maps RhodeCode repo groups into SVN paths for Apache ###
586 586 ############################################################
587 587 ## Enable or disable the config file generation.
588 588 svn.proxy.generate_config = false
589 589 ## Generate config file with `SVNListParentPath` set to `On`.
590 590 svn.proxy.list_parent_path = true
591 591 ## Set location and file name of generated config file.
592 592 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
593 593 ## alternative mod_dav config template. This needs to be a mako template
594 594 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
595 595 ## Used as a prefix to the `Location` block in the generated config file.
596 596 ## In most cases it should be set to `/`.
597 597 svn.proxy.location_root = /
598 598 ## Command to reload the mod dav svn configuration on change.
599 599 ## Example: `/etc/init.d/apache2 reload`
600 600 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
601 601 ## If the timeout expires before the reload command finishes, the command will
602 602 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
603 603 #svn.proxy.reload_timeout = 10
604 604
605 605 ############################################################
606 606 ### SSH Support Settings ###
607 607 ############################################################
608 608
609 609 ## Defines if a custom authorized_keys file should be created and written on
610 610 ## any change user ssh keys. Setting this to false also disables posibility
611 611 ## of adding SSH keys by users from web interface. Super admins can still
612 612 ## manage SSH Keys.
613 613 ssh.generate_authorized_keyfile = false
614 614
615 615 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
616 616 # ssh.authorized_keys_ssh_opts =
617 617
618 618 ## Path to the authrozied_keys file where the generate entries are placed.
619 619 ## It is possible to have multiple key files specified in `sshd_config` e.g.
620 620 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
621 621 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
622 622
623 623 ## Command to execute the SSH wrapper. The binary is available in the
624 624 ## rhodecode installation directory.
625 625 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
626 626 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
627 627
628 628 ## Allow shell when executing the ssh-wrapper command
629 629 ssh.wrapper_cmd_allow_shell = false
630 630
631 631 ## Enables logging, and detailed output send back to the client during SSH
632 632 ## operations. Usefull for debugging, shouldn't be used in production.
633 633 ssh.enable_debug_logging = true
634 634
635 635 ## Paths to binary executable, by default they are the names, but we can
636 636 ## override them if we want to use a custom one
637 637 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
638 638 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
639 639 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
640 640
641 641
642 642 ## Dummy marker to add new entries after.
643 643 ## Add any custom entries below. Please don't remove.
644 644 custom.conf = 1
645 645
646 646
647 647 ################################
648 648 ### LOGGING CONFIGURATION ####
649 649 ################################
650 650 [loggers]
651 651 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
652 652
653 653 [handlers]
654 654 keys = console, console_sql
655 655
656 656 [formatters]
657 657 keys = generic, color_formatter, color_formatter_sql
658 658
659 659 #############
660 660 ## LOGGERS ##
661 661 #############
662 662 [logger_root]
663 663 level = NOTSET
664 664 handlers = console
665 665
666 666 [logger_sqlalchemy]
667 667 level = INFO
668 668 handlers = console_sql
669 669 qualname = sqlalchemy.engine
670 670 propagate = 0
671 671
672 672 [logger_beaker]
673 673 level = DEBUG
674 674 handlers =
675 675 qualname = beaker.container
676 676 propagate = 1
677 677
678 678 [logger_rhodecode]
679 679 level = DEBUG
680 680 handlers =
681 681 qualname = rhodecode
682 682 propagate = 1
683 683
684 684 [logger_ssh_wrapper]
685 685 level = DEBUG
686 686 handlers =
687 687 qualname = ssh_wrapper
688 688 propagate = 1
689 689
690 690 [logger_celery]
691 691 level = DEBUG
692 692 handlers =
693 693 qualname = celery
694 694
695 695
696 696 ##############
697 697 ## HANDLERS ##
698 698 ##############
699 699
700 700 [handler_console]
701 701 class = StreamHandler
702 702 args = (sys.stderr, )
703 703 level = DEBUG
704 704 formatter = color_formatter
705 705
706 706 [handler_console_sql]
707 707 # "level = DEBUG" logs SQL queries and results.
708 708 # "level = INFO" logs SQL queries.
709 709 # "level = WARN" logs neither. (Recommended for production systems.)
710 710 class = StreamHandler
711 711 args = (sys.stderr, )
712 712 level = WARN
713 713 formatter = color_formatter_sql
714 714
715 715 ################
716 716 ## FORMATTERS ##
717 717 ################
718 718
719 719 [formatter_generic]
720 720 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
721 721 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
722 722 datefmt = %Y-%m-%d %H:%M:%S
723 723
724 724 [formatter_color_formatter]
725 725 class = rhodecode.lib.logging_formatter.ColorFormatter
726 726 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
727 727 datefmt = %Y-%m-%d %H:%M:%S
728 728
729 729 [formatter_color_formatter_sql]
730 730 class = rhodecode.lib.logging_formatter.ColorFormatterSql
731 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
731 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
732 732 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,702 +1,701 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 #use = egg:waitress#main
55 55 ## number of worker threads
56 56 #threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 #max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 #asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommended to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 worker_class = gevent
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 max_requests = 1000
88 88 max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 ## encryption key used to encrypt social plugin tokens,
112 112 ## remote_urls with credentials etc, if not set it defaults to
113 113 ## `beaker.session.secret`
114 114 #rhodecode.encrypted_values.secret =
115 115
116 116 ## decryption strict mode (enabled by default). It controls if decryption raises
117 117 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
118 118 #rhodecode.encrypted_values.strict = false
119 119
120 120 ## return gzipped responses from Rhodecode (static files/application)
121 121 gzip_responses = false
122 122
123 123 ## autogenerate javascript routes file on startup
124 124 generate_js_files = false
125 125
126 126 ## Optional Languages
127 127 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
128 128 lang = en
129 129
130 130 ## perform a full repository scan on each server start, this should be
131 131 ## set to false after first startup, to allow faster server restarts.
132 132 startup.import_repos = false
133 133
134 134 ## Uncomment and set this path to use archive download cache.
135 135 ## Once enabled, generated archives will be cached at this location
136 136 ## and served from the cache during subsequent requests for the same archive of
137 137 ## the repository.
138 138 #archive_cache_dir = /tmp/tarballcache
139 139
140 140 ## URL at which the application is running. This is used for bootstraping
141 141 ## requests in context when no web request is available. Used in ishell, or
142 142 ## SSH calls. Set this for events to receive proper url for SSH calls.
143 143 app.base_url = http://rhodecode.local
144 144
145 145 ## change this to unique ID for security
146 146 app_instance_uuid = rc-production
147 147
148 148 ## cut off limit for large diffs (size in bytes). If overall diff size on
149 149 ## commit, or pull request exceeds this limit this diff will be displayed
150 150 ## partially. E.g 512000 == 512Kb
151 151 cut_off_limit_diff = 512000
152 152
153 153 ## cut off limit for large files inside diffs (size in bytes). Each individual
154 154 ## file inside diff which exceeds this limit will be displayed partially.
155 155 ## E.g 128000 == 128Kb
156 156 cut_off_limit_file = 128000
157 157
158 158 ## use cache version of scm repo everywhere
159 159 vcs_full_cache = true
160 160
161 161 ## force https in RhodeCode, fixes https redirects, assumes it's always https
162 162 ## Normally this is controlled by proper http flags sent from http server
163 163 force_https = false
164 164
165 165 ## use Strict-Transport-Security headers
166 166 use_htsts = false
167 167
168 168 ## git rev filter option, --all is the default filter, if you need to
169 169 ## hide all refs in changelog switch this to --branches --tags
170 170 git_rev_filter = --branches --tags
171 171
172 172 # Set to true if your repos are exposed using the dumb protocol
173 173 git_update_server_info = false
174 174
175 175 ## RSS/ATOM feed options
176 176 rss_cut_off_limit = 256000
177 177 rss_items_per_page = 10
178 178 rss_include_diff = false
179 179
180 180 ## gist URL alias, used to create nicer urls for gist. This should be an
181 181 ## url that does rewrites to _admin/gists/{gistid}.
182 182 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
183 183 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
184 184 gist_alias_url =
185 185
186 186 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
187 187 ## used for access.
188 188 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
189 189 ## came from the the logged in user who own this authentication token.
190 190 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
191 191 ## authentication token. Such view would be only accessible when used together
192 192 ## with this authentication token
193 193 ##
194 194 ## list of all views can be found under `/_admin/permissions/auth_token_access`
195 195 ## The list should be "," separated and on a single line.
196 196 ##
197 197 ## Most common views to enable:
198 198 # RepoCommitsView:repo_commit_download
199 199 # RepoCommitsView:repo_commit_patch
200 200 # RepoCommitsView:repo_commit_raw
201 201 # RepoCommitsView:repo_commit_raw@TOKEN
202 202 # RepoFilesView:repo_files_diff
203 203 # RepoFilesView:repo_archivefile
204 204 # RepoFilesView:repo_file_raw
205 205 # GistView:*
206 206 api_access_controllers_whitelist =
207 207
208 208 ## default encoding used to convert from and to unicode
209 209 ## can be also a comma separated list of encoding in case of mixed encodings
210 210 default_encoding = UTF-8
211 211
212 212 ## instance-id prefix
213 213 ## a prefix key for this instance used for cache invalidation when running
214 214 ## multiple instances of rhodecode, make sure it's globally unique for
215 215 ## all running rhodecode instances. Leave empty if you don't use it
216 216 instance_id =
217 217
218 218 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
219 219 ## of an authentication plugin also if it is disabled by it's settings.
220 220 ## This could be useful if you are unable to log in to the system due to broken
221 221 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
222 222 ## module to log in again and fix the settings.
223 223 ##
224 224 ## Available builtin plugin IDs (hash is part of the ID):
225 225 ## egg:rhodecode-enterprise-ce#rhodecode
226 226 ## egg:rhodecode-enterprise-ce#pam
227 227 ## egg:rhodecode-enterprise-ce#ldap
228 228 ## egg:rhodecode-enterprise-ce#jasig_cas
229 229 ## egg:rhodecode-enterprise-ce#headers
230 230 ## egg:rhodecode-enterprise-ce#crowd
231 231 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
232 232
233 233 ## alternative return HTTP header for failed authentication. Default HTTP
234 234 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
235 235 ## handling that causing a series of failed authentication calls.
236 236 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
237 237 ## This will be served instead of default 401 on bad authnetication
238 238 auth_ret_code =
239 239
240 240 ## use special detection method when serving auth_ret_code, instead of serving
241 241 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
242 242 ## and then serve auth_ret_code to clients
243 243 auth_ret_code_detection = false
244 244
245 245 ## locking return code. When repository is locked return this HTTP code. 2XX
246 246 ## codes don't break the transactions while 4XX codes do
247 247 lock_ret_code = 423
248 248
249 249 ## allows to change the repository location in settings page
250 250 allow_repo_location_change = true
251 251
252 252 ## allows to setup custom hooks in settings page
253 253 allow_custom_hooks_settings = true
254 254
255 255 ## generated license token, goto license page in RhodeCode settings to obtain
256 256 ## new token
257 257 license_token =
258 258
259 259 ## supervisor connection uri, for managing supervisor and logs.
260 260 supervisor.uri =
261 261 ## supervisord group name/id we only want this RC instance to handle
262 262 supervisor.group_id = prod
263 263
264 264 ## Display extended labs settings
265 265 labs_settings_active = true
266 266
267 267 ####################################
268 268 ### CELERY CONFIG ####
269 269 ####################################
270 270 ## run: /path/to/celery worker \
271 271 ## -E --beat --app rhodecode.lib.celerylib.loader \
272 272 ## --scheduler rhodecode.lib.celerylib.scheduler.RcScheduler \
273 273 ## --loglevel DEBUG --ini /path/to/rhodecode.ini
274 274
275 275 use_celery = false
276 276
277 277 ## connection url to the message broker (default rabbitmq)
278 278 celery.broker_url = amqp://rabbitmq:qweqwe@localhost:5672/rabbitmqhost
279 279
280 280 ## maximum tasks to execute before worker restart
281 281 celery.max_tasks_per_child = 100
282 282
283 283 ## tasks will never be sent to the queue, but executed locally instead.
284 284 celery.task_always_eager = false
285 285
286 286 #####################################
287 287 ### DOGPILE CACHE ####
288 288 #####################################
289 289 ## Default cache dir for caches. Putting this into a ramdisk
290 290 ## can boost performance, eg. /tmpfs/data_ramdisk, however this directory might require
291 ## large ammount of space
292 cache_dir = /%(here)s/rcdev/data
291 ## large amount of space
292 cache_dir = %(here)s/data
293 293
294 294 ## `cache_perms` cache settings for permission tree, auth TTL.
295 295 rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace
296 296 rc_cache.cache_perms.expiration_time = 300
297 297
298 298 ## alternative `cache_perms` redis backend with distributed lock
299 299 #rc_cache.cache_perms.backend = dogpile.cache.rc.redis
300 300 #rc_cache.cache_perms.expiration_time = 300
301 301 ## redis_expiration_time needs to be greater then expiration_time
302 302 #rc_cache.cache_perms.arguments.redis_expiration_time = 7200
303 303 #rc_cache.cache_perms.arguments.socket_timeout = 30
304 304 #rc_cache.cache_perms.arguments.host = localhost
305 305 #rc_cache.cache_perms.arguments.port = 6379
306 306 #rc_cache.cache_perms.arguments.db = 0
307 307 #rc_cache.cache_perms.arguments.distributed_lock = true
308 308
309 309 ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS
310 310 rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace
311 311 rc_cache.cache_repo.expiration_time = 2592000
312 312
313 313 ## alternative `cache_repo` redis backend with distributed lock
314 314 #rc_cache.cache_repo.backend = dogpile.cache.rc.redis
315 315 #rc_cache.cache_repo.expiration_time = 2592000
316 316 ## redis_expiration_time needs to be greater then expiration_time
317 317 #rc_cache.cache_repo.arguments.redis_expiration_time = 2678400
318 318 #rc_cache.cache_repo.arguments.socket_timeout = 30
319 319 #rc_cache.cache_repo.arguments.host = localhost
320 320 #rc_cache.cache_repo.arguments.port = 6379
321 321 #rc_cache.cache_repo.arguments.db = 1
322 322 #rc_cache.cache_repo.arguments.distributed_lock = true
323 323
324 324 ## cache settings for SQL queries, this needs to use memory type backend
325 325 rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru
326 326 rc_cache.sql_cache_short.expiration_time = 30
327 327
328 328 ## `cache_repo_longterm` cache for repo object instances, this needs to use memory
329 329 ## type backend as the objects kept are not pickle serializable
330 330 rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru
331 # by default we use 96H, this is using invalidation on push anyway
331 ## by default we use 96H, this is using invalidation on push anyway
332 332 rc_cache.cache_repo_longterm.expiration_time = 345600
333 # max items in LRU cache, reduce this number to save memory, and expire last used
334 # cached objects
333 ## max items in LRU cache, reduce this number to save memory, and expire last used
334 ## cached objects
335 335 rc_cache.cache_repo_longterm.max_size = 10000
336 336
337 337
338 338 ####################################
339 339 ### BEAKER SESSION ####
340 340 ####################################
341 341
342 342 ## .session.type is type of storage options for the session, current allowed
343 343 ## types are file, ext:memcached, ext:redis, ext:database, and memory (default).
344 344 beaker.session.type = file
345 345 beaker.session.data_dir = %(here)s/data/sessions
346 346
347 347 ## db based session, fast, and allows easy management over logged in users
348 348 #beaker.session.type = ext:database
349 349 #beaker.session.table_name = db_session
350 350 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
351 351 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
352 352 #beaker.session.sa.pool_recycle = 3600
353 353 #beaker.session.sa.echo = false
354 354
355 355 beaker.session.key = rhodecode
356 356 beaker.session.secret = production-rc-uytcxaz
357 357 beaker.session.lock_dir = %(here)s/data/sessions/lock
358 358
359 359 ## Secure encrypted cookie. Requires AES and AES python libraries
360 360 ## you must disable beaker.session.secret to use this
361 361 #beaker.session.encrypt_key = key_for_encryption
362 362 #beaker.session.validate_key = validation_key
363 363
364 364 ## sets session as invalid(also logging out user) if it haven not been
365 365 ## accessed for given amount of time in seconds
366 366 beaker.session.timeout = 2592000
367 367 beaker.session.httponly = true
368 368 ## Path to use for the cookie. Set to prefix if you use prefix middleware
369 369 #beaker.session.cookie_path = /custom_prefix
370 370
371 371 ## uncomment for https secure cookie
372 372 beaker.session.secure = false
373 373
374 374 ## auto save the session to not to use .save()
375 375 beaker.session.auto = false
376 376
377 377 ## default cookie expiration time in seconds, set to `true` to set expire
378 378 ## at browser close
379 379 #beaker.session.cookie_expires = 3600
380 380
381 381 ###################################
382 382 ## SEARCH INDEXING CONFIGURATION ##
383 383 ###################################
384 384 ## Full text search indexer is available in rhodecode-tools under
385 385 ## `rhodecode-tools index` command
386 386
387 387 ## WHOOSH Backend, doesn't require additional services to run
388 388 ## it works good with few dozen repos
389 389 search.module = rhodecode.lib.index.whoosh
390 390 search.location = %(here)s/data/index
391 391
392 392 ########################################
393 393 ### CHANNELSTREAM CONFIG ####
394 394 ########################################
395 395 ## channelstream enables persistent connections and live notification
396 396 ## in the system. It's also used by the chat system
397 397 channelstream.enabled = false
398 398
399 399 ## server address for channelstream server on the backend
400 400 channelstream.server = 127.0.0.1:9800
401 401
402 402 ## location of the channelstream server from outside world
403 403 ## use ws:// for http or wss:// for https. This address needs to be handled
404 404 ## by external HTTP server such as Nginx or Apache
405 405 ## see nginx/apache configuration examples in our docs
406 406 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
407 407 channelstream.secret = secret
408 408 channelstream.history.location = %(here)s/channelstream_history
409 409
410 410 ## Internal application path that Javascript uses to connect into.
411 411 ## If you use proxy-prefix the prefix should be added before /_channelstream
412 412 channelstream.proxy_path = /_channelstream
413 413
414 414
415 415 ###################################
416 416 ## APPENLIGHT CONFIG ##
417 417 ###################################
418 418
419 419 ## Appenlight is tailored to work with RhodeCode, see
420 420 ## http://appenlight.com for details how to obtain an account
421 421
422 422 ## appenlight integration enabled
423 423 appenlight = false
424 424
425 425 appenlight.server_url = https://api.appenlight.com
426 426 appenlight.api_key = YOUR_API_KEY
427 427 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
428 428
429 429 # used for JS client
430 430 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
431 431
432 432 ## TWEAK AMOUNT OF INFO SENT HERE
433 433
434 434 ## enables 404 error logging (default False)
435 435 appenlight.report_404 = false
436 436
437 437 ## time in seconds after request is considered being slow (default 1)
438 438 appenlight.slow_request_time = 1
439 439
440 440 ## record slow requests in application
441 441 ## (needs to be enabled for slow datastore recording and time tracking)
442 442 appenlight.slow_requests = true
443 443
444 444 ## enable hooking to application loggers
445 445 appenlight.logging = true
446 446
447 447 ## minimum log level for log capture
448 448 appenlight.logging.level = WARNING
449 449
450 450 ## send logs only from erroneous/slow requests
451 451 ## (saves API quota for intensive logging)
452 452 appenlight.logging_on_error = false
453 453
454 454 ## list of additonal keywords that should be grabbed from environ object
455 455 ## can be string with comma separated list of words in lowercase
456 456 ## (by default client will always send following info:
457 457 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
458 458 ## start with HTTP* this list be extended with additional keywords here
459 459 appenlight.environ_keys_whitelist =
460 460
461 461 ## list of keywords that should be blanked from request object
462 462 ## can be string with comma separated list of words in lowercase
463 463 ## (by default client will always blank keys that contain following words
464 464 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
465 465 ## this list be extended with additional keywords set here
466 466 appenlight.request_keys_blacklist =
467 467
468 468 ## list of namespaces that should be ignores when gathering log entries
469 469 ## can be string with comma separated list of namespaces
470 470 ## (by default the client ignores own entries: appenlight_client.client)
471 471 appenlight.log_namespace_blacklist =
472 472
473 473
474 474 ################################################################################
475 475 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
476 476 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
477 477 ## execute malicious code after an exception is raised. ##
478 478 ################################################################################
479 479 set debug = false
480 480
481 481
482 482 ###########################################
483 483 ### MAIN RHODECODE DATABASE CONFIG ###
484 484 ###########################################
485 485 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
486 486 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
487 487 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
488 488 # pymysql is an alternative driver for MySQL, use in case of problems with default one
489 489 #sqlalchemy.db1.url = mysql+pymysql://root:qweqwe@localhost/rhodecode
490 490
491 491 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
492 492
493 493 # see sqlalchemy docs for other advanced settings
494 494
495 495 ## print the sql statements to output
496 496 sqlalchemy.db1.echo = false
497 497 ## recycle the connections after this amount of seconds
498 498 sqlalchemy.db1.pool_recycle = 3600
499 499 sqlalchemy.db1.convert_unicode = true
500 500
501 501 ## the number of connections to keep open inside the connection pool.
502 502 ## 0 indicates no limit
503 503 #sqlalchemy.db1.pool_size = 5
504 504
505 505 ## the number of connections to allow in connection pool "overflow", that is
506 506 ## connections that can be opened above and beyond the pool_size setting,
507 507 ## which defaults to five.
508 508 #sqlalchemy.db1.max_overflow = 10
509 509
510 510 ## Connection check ping, used to detect broken database connections
511 511 ## could be enabled to better handle cases if MySQL has gone away errors
512 512 #sqlalchemy.db1.ping_connection = true
513 513
514 514 ##################
515 515 ### VCS CONFIG ###
516 516 ##################
517 517 vcs.server.enable = true
518 518 vcs.server = localhost:9900
519 519
520 520 ## Web server connectivity protocol, responsible for web based VCS operatations
521 521 ## Available protocols are:
522 522 ## `http` - use http-rpc backend (default)
523 523 vcs.server.protocol = http
524 524
525 525 ## Push/Pull operations protocol, available options are:
526 526 ## `http` - use http-rpc backend (default)
527 ##
528 527 vcs.scm_app_implementation = http
529 528
530 529 ## Push/Pull operations hooks protocol, available options are:
531 530 ## `http` - use http-rpc backend (default)
532 531 vcs.hooks.protocol = http
533 532 ## Host on which this instance is listening for hooks. If vcsserver is in other location
534 533 ## this should be adjusted.
535 534 vcs.hooks.host = 127.0.0.1
536 535
537 536 vcs.server.log_level = info
538 ## Start VCSServer with this instance as a subprocess, usefull for development
537 ## Start VCSServer with this instance as a subprocess, useful for development
539 538 vcs.start_server = false
540 539
541 540 ## List of enabled VCS backends, available options are:
542 541 ## `hg` - mercurial
543 542 ## `git` - git
544 543 ## `svn` - subversion
545 544 vcs.backends = hg, git, svn
546 545
547 546 vcs.connection_timeout = 3600
548 547 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
549 548 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible, pre-1.9-compatible
550 549 #vcs.svn.compatible_version = pre-1.8-compatible
551 550
552 551
553 552 ############################################################
554 553 ### Subversion proxy support (mod_dav_svn) ###
555 554 ### Maps RhodeCode repo groups into SVN paths for Apache ###
556 555 ############################################################
557 556 ## Enable or disable the config file generation.
558 557 svn.proxy.generate_config = false
559 558 ## Generate config file with `SVNListParentPath` set to `On`.
560 559 svn.proxy.list_parent_path = true
561 560 ## Set location and file name of generated config file.
562 561 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
563 562 ## alternative mod_dav config template. This needs to be a mako template
564 563 #svn.proxy.config_template = ~/.rccontrol/enterprise-1/custom_svn_conf.mako
565 564 ## Used as a prefix to the `Location` block in the generated config file.
566 565 ## In most cases it should be set to `/`.
567 566 svn.proxy.location_root = /
568 567 ## Command to reload the mod dav svn configuration on change.
569 568 ## Example: `/etc/init.d/apache2 reload`
570 569 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
571 570 ## If the timeout expires before the reload command finishes, the command will
572 571 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
573 572 #svn.proxy.reload_timeout = 10
574 573
575 574 ############################################################
576 575 ### SSH Support Settings ###
577 576 ############################################################
578 577
579 578 ## Defines if a custom authorized_keys file should be created and written on
580 579 ## any change user ssh keys. Setting this to false also disables posibility
581 580 ## of adding SSH keys by users from web interface. Super admins can still
582 581 ## manage SSH Keys.
583 582 ssh.generate_authorized_keyfile = false
584 583
585 584 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
586 585 # ssh.authorized_keys_ssh_opts =
587 586
588 587 ## Path to the authrozied_keys file where the generate entries are placed.
589 588 ## It is possible to have multiple key files specified in `sshd_config` e.g.
590 589 ## AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys_rhodecode
591 590 ssh.authorized_keys_file_path = ~/.ssh/authorized_keys_rhodecode
592 591
593 592 ## Command to execute the SSH wrapper. The binary is available in the
594 593 ## rhodecode installation directory.
595 594 ## e.g ~/.rccontrol/community-1/profile/bin/rc-ssh-wrapper
596 595 ssh.wrapper_cmd = ~/.rccontrol/community-1/rc-ssh-wrapper
597 596
598 597 ## Allow shell when executing the ssh-wrapper command
599 598 ssh.wrapper_cmd_allow_shell = false
600 599
601 600 ## Enables logging, and detailed output send back to the client during SSH
602 601 ## operations. Usefull for debugging, shouldn't be used in production.
603 602 ssh.enable_debug_logging = false
604 603
605 604 ## Paths to binary executable, by default they are the names, but we can
606 605 ## override them if we want to use a custom one
607 606 ssh.executable.hg = ~/.rccontrol/vcsserver-1/profile/bin/hg
608 607 ssh.executable.git = ~/.rccontrol/vcsserver-1/profile/bin/git
609 608 ssh.executable.svn = ~/.rccontrol/vcsserver-1/profile/bin/svnserve
610 609
611 610
612 611 ## Dummy marker to add new entries after.
613 612 ## Add any custom entries below. Please don't remove.
614 613 custom.conf = 1
615 614
616 615
617 616 ################################
618 617 ### LOGGING CONFIGURATION ####
619 618 ################################
620 619 [loggers]
621 620 keys = root, sqlalchemy, beaker, celery, rhodecode, ssh_wrapper
622 621
623 622 [handlers]
624 623 keys = console, console_sql
625 624
626 625 [formatters]
627 626 keys = generic, color_formatter, color_formatter_sql
628 627
629 628 #############
630 629 ## LOGGERS ##
631 630 #############
632 631 [logger_root]
633 632 level = NOTSET
634 633 handlers = console
635 634
636 635 [logger_sqlalchemy]
637 636 level = INFO
638 637 handlers = console_sql
639 638 qualname = sqlalchemy.engine
640 639 propagate = 0
641 640
642 641 [logger_beaker]
643 642 level = DEBUG
644 643 handlers =
645 644 qualname = beaker.container
646 645 propagate = 1
647 646
648 647 [logger_rhodecode]
649 648 level = DEBUG
650 649 handlers =
651 650 qualname = rhodecode
652 651 propagate = 1
653 652
654 653 [logger_ssh_wrapper]
655 654 level = DEBUG
656 655 handlers =
657 656 qualname = ssh_wrapper
658 657 propagate = 1
659 658
660 659 [logger_celery]
661 660 level = DEBUG
662 661 handlers =
663 662 qualname = celery
664 663
665 664
666 665 ##############
667 666 ## HANDLERS ##
668 667 ##############
669 668
670 669 [handler_console]
671 670 class = StreamHandler
672 671 args = (sys.stderr, )
673 672 level = INFO
674 673 formatter = generic
675 674
676 675 [handler_console_sql]
677 676 # "level = DEBUG" logs SQL queries and results.
678 677 # "level = INFO" logs SQL queries.
679 678 # "level = WARN" logs neither. (Recommended for production systems.)
680 679 class = StreamHandler
681 680 args = (sys.stderr, )
682 681 level = WARN
683 682 formatter = generic
684 683
685 684 ################
686 685 ## FORMATTERS ##
687 686 ################
688 687
689 688 [formatter_generic]
690 689 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
691 690 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
692 691 datefmt = %Y-%m-%d %H:%M:%S
693 692
694 693 [formatter_color_formatter]
695 694 class = rhodecode.lib.logging_formatter.ColorFormatter
696 695 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
697 696 datefmt = %Y-%m-%d %H:%M:%S
698 697
699 698 [formatter_color_formatter_sql]
700 699 class = rhodecode.lib.logging_formatter.ColorFormatterSql
701 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
700 format = %(asctime)s.%(msecs)03d [%(process)d] %(levelname)-5.5s [%(name)s] %(message)s
702 701 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now