##// END OF EJS Templates
configs: added info about @TOKEN syntaxt for whitelist views.
marcink -
r2004:7eb08ad3 default
parent child Browse files
Show More
@@ -1,699 +1,703 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 use = egg:waitress#main
55 55 ## number of worker threads
56 56 threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 #use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 #workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommened to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 #proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 #worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 #max_requests = 1000
88 88 #max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 #timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 # During development the we want to have the debug toolbar enabled
112 112 pyramid.includes =
113 113 pyramid_debugtoolbar
114 114 rhodecode.utils.debugtoolbar
115 115 rhodecode.lib.middleware.request_wrapper
116 116
117 117 pyramid.reload_templates = true
118 118
119 119 debugtoolbar.hosts = 0.0.0.0/0
120 120 debugtoolbar.exclude_prefixes =
121 121 /css
122 122 /fonts
123 123 /images
124 124 /js
125 125
126 126 ## RHODECODE PLUGINS ##
127 127 rhodecode.includes =
128 128 rhodecode.api
129 129
130 130
131 131 # api prefix url
132 132 rhodecode.api.url = /_admin/api
133 133
134 134
135 135 ## END RHODECODE PLUGINS ##
136 136
137 137 ## encryption key used to encrypt social plugin tokens,
138 138 ## remote_urls with credentials etc, if not set it defaults to
139 139 ## `beaker.session.secret`
140 140 #rhodecode.encrypted_values.secret =
141 141
142 142 ## decryption strict mode (enabled by default). It controls if decryption raises
143 143 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
144 144 #rhodecode.encrypted_values.strict = false
145 145
146 146 ## return gzipped responses from Rhodecode (static files/application)
147 147 gzip_responses = false
148 148
149 149 ## autogenerate javascript routes file on startup
150 150 generate_js_files = false
151 151
152 152 ## Optional Languages
153 153 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
154 154 lang = en
155 155
156 156 ## perform a full repository scan on each server start, this should be
157 157 ## set to false after first startup, to allow faster server restarts.
158 158 startup.import_repos = false
159 159
160 160 ## Uncomment and set this path to use archive download cache.
161 161 ## Once enabled, generated archives will be cached at this location
162 162 ## and served from the cache during subsequent requests for the same archive of
163 163 ## the repository.
164 164 #archive_cache_dir = /tmp/tarballcache
165 165
166 166 ## change this to unique ID for security
167 167 app_instance_uuid = rc-production
168 168
169 169 ## cut off limit for large diffs (size in bytes)
170 170 cut_off_limit_diff = 1024000
171 171 cut_off_limit_file = 256000
172 172
173 173 ## use cache version of scm repo everywhere
174 174 vcs_full_cache = true
175 175
176 176 ## force https in RhodeCode, fixes https redirects, assumes it's always https
177 177 ## Normally this is controlled by proper http flags sent from http server
178 178 force_https = false
179 179
180 180 ## use Strict-Transport-Security headers
181 181 use_htsts = false
182 182
183 183 ## number of commits stats will parse on each iteration
184 184 commit_parse_limit = 25
185 185
186 186 ## git rev filter option, --all is the default filter, if you need to
187 187 ## hide all refs in changelog switch this to --branches --tags
188 188 git_rev_filter = --branches --tags
189 189
190 190 # Set to true if your repos are exposed using the dumb protocol
191 191 git_update_server_info = false
192 192
193 193 ## RSS/ATOM feed options
194 194 rss_cut_off_limit = 256000
195 195 rss_items_per_page = 10
196 196 rss_include_diff = false
197 197
198 198 ## gist URL alias, used to create nicer urls for gist. This should be an
199 199 ## url that does rewrites to _admin/gists/{gistid}.
200 200 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
201 201 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
202 202 gist_alias_url =
203 203
204 204 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
205 205 ## used for access.
206 206 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
207 207 ## came from the the logged in user who own this authentication token.
208 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
209 ## authentication token. Such view would be only accessible when used together
210 ## with this authentication token
208 211 ##
209 212 ## list of all views can be found under `_admin/permissions/auth_token_access`
210 213 ## The list should be "," separated and on a single line.
211 214 ##
212 215 ## Most common views to enable:
213 216 # RepoCommitsView:repo_commit_download
214 217 # RepoCommitsView:repo_commit_patch
215 218 # RepoCommitsView:repo_commit_raw
219 # RepoCommitsView:repo_commit_raw@TOKEN
216 220 # RepoFilesView:repo_files_diff
217 221 # RepoFilesView:repo_archivefile
218 222 # RepoFilesView:repo_file_raw
219 223 # GistView:*
220 224 api_access_controllers_whitelist =
221 225
222 226 ## default encoding used to convert from and to unicode
223 227 ## can be also a comma separated list of encoding in case of mixed encodings
224 228 default_encoding = UTF-8
225 229
226 230 ## instance-id prefix
227 231 ## a prefix key for this instance used for cache invalidation when running
228 232 ## multiple instances of rhodecode, make sure it's globally unique for
229 233 ## all running rhodecode instances. Leave empty if you don't use it
230 234 instance_id =
231 235
232 236 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
233 237 ## of an authentication plugin also if it is disabled by it's settings.
234 238 ## This could be useful if you are unable to log in to the system due to broken
235 239 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
236 240 ## module to log in again and fix the settings.
237 241 ##
238 242 ## Available builtin plugin IDs (hash is part of the ID):
239 243 ## egg:rhodecode-enterprise-ce#rhodecode
240 244 ## egg:rhodecode-enterprise-ce#pam
241 245 ## egg:rhodecode-enterprise-ce#ldap
242 246 ## egg:rhodecode-enterprise-ce#jasig_cas
243 247 ## egg:rhodecode-enterprise-ce#headers
244 248 ## egg:rhodecode-enterprise-ce#crowd
245 249 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
246 250
247 251 ## alternative return HTTP header for failed authentication. Default HTTP
248 252 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
249 253 ## handling that causing a series of failed authentication calls.
250 254 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
251 255 ## This will be served instead of default 401 on bad authnetication
252 256 auth_ret_code =
253 257
254 258 ## use special detection method when serving auth_ret_code, instead of serving
255 259 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
256 260 ## and then serve auth_ret_code to clients
257 261 auth_ret_code_detection = false
258 262
259 263 ## locking return code. When repository is locked return this HTTP code. 2XX
260 264 ## codes don't break the transactions while 4XX codes do
261 265 lock_ret_code = 423
262 266
263 267 ## allows to change the repository location in settings page
264 268 allow_repo_location_change = true
265 269
266 270 ## allows to setup custom hooks in settings page
267 271 allow_custom_hooks_settings = true
268 272
269 273 ## generated license token, goto license page in RhodeCode settings to obtain
270 274 ## new token
271 275 license_token =
272 276
273 277 ## supervisor connection uri, for managing supervisor and logs.
274 278 supervisor.uri =
275 279 ## supervisord group name/id we only want this RC instance to handle
276 280 supervisor.group_id = dev
277 281
278 282 ## Display extended labs settings
279 283 labs_settings_active = true
280 284
281 285 ####################################
282 286 ### CELERY CONFIG ####
283 287 ####################################
284 288 use_celery = false
285 289 broker.host = localhost
286 290 broker.vhost = rabbitmqhost
287 291 broker.port = 5672
288 292 broker.user = rabbitmq
289 293 broker.password = qweqwe
290 294
291 295 celery.imports = rhodecode.lib.celerylib.tasks
292 296
293 297 celery.result.backend = amqp
294 298 celery.result.dburi = amqp://
295 299 celery.result.serialier = json
296 300
297 301 #celery.send.task.error.emails = true
298 302 #celery.amqp.task.result.expires = 18000
299 303
300 304 celeryd.concurrency = 2
301 305 #celeryd.log.file = celeryd.log
302 306 celeryd.log.level = debug
303 307 celeryd.max.tasks.per.child = 1
304 308
305 309 ## tasks will never be sent to the queue, but executed locally instead.
306 310 celery.always.eager = false
307 311
308 312 ####################################
309 313 ### BEAKER CACHE ####
310 314 ####################################
311 315 # default cache dir for templates. Putting this into a ramdisk
312 316 ## can boost performance, eg. %(here)s/data_ramdisk
313 317 cache_dir = %(here)s/data
314 318
315 319 ## locking and default file storage for Beaker. Putting this into a ramdisk
316 320 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
317 321 beaker.cache.data_dir = %(here)s/data/cache/beaker_data
318 322 beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
319 323
320 324 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
321 325
322 326 beaker.cache.super_short_term.type = memory
323 327 beaker.cache.super_short_term.expire = 10
324 328 beaker.cache.super_short_term.key_length = 256
325 329
326 330 beaker.cache.short_term.type = memory
327 331 beaker.cache.short_term.expire = 60
328 332 beaker.cache.short_term.key_length = 256
329 333
330 334 beaker.cache.long_term.type = memory
331 335 beaker.cache.long_term.expire = 36000
332 336 beaker.cache.long_term.key_length = 256
333 337
334 338 beaker.cache.sql_cache_short.type = memory
335 339 beaker.cache.sql_cache_short.expire = 10
336 340 beaker.cache.sql_cache_short.key_length = 256
337 341
338 342 ## default is memory cache, configure only if required
339 343 ## using multi-node or multi-worker setup
340 344 #beaker.cache.auth_plugins.type = ext:database
341 345 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
342 346 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
343 347 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
344 348 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
345 349 #beaker.cache.auth_plugins.sa.pool_size = 10
346 350 #beaker.cache.auth_plugins.sa.max_overflow = 0
347 351
348 352 beaker.cache.repo_cache_long.type = memorylru_base
349 353 beaker.cache.repo_cache_long.max_items = 4096
350 354 beaker.cache.repo_cache_long.expire = 2592000
351 355
352 356 ## default is memorylru_base cache, configure only if required
353 357 ## using multi-node or multi-worker setup
354 358 #beaker.cache.repo_cache_long.type = ext:memcached
355 359 #beaker.cache.repo_cache_long.url = localhost:11211
356 360 #beaker.cache.repo_cache_long.expire = 1209600
357 361 #beaker.cache.repo_cache_long.key_length = 256
358 362
359 363 ####################################
360 364 ### BEAKER SESSION ####
361 365 ####################################
362 366
363 367 ## .session.type is type of storage options for the session, current allowed
364 368 ## types are file, ext:memcached, ext:database, and memory (default).
365 369 beaker.session.type = file
366 370 beaker.session.data_dir = %(here)s/data/sessions/data
367 371
368 372 ## db based session, fast, and allows easy management over logged in users
369 373 #beaker.session.type = ext:database
370 374 #beaker.session.table_name = db_session
371 375 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
372 376 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
373 377 #beaker.session.sa.pool_recycle = 3600
374 378 #beaker.session.sa.echo = false
375 379
376 380 beaker.session.key = rhodecode
377 381 beaker.session.secret = develop-rc-uytcxaz
378 382 beaker.session.lock_dir = %(here)s/data/sessions/lock
379 383
380 384 ## Secure encrypted cookie. Requires AES and AES python libraries
381 385 ## you must disable beaker.session.secret to use this
382 386 #beaker.session.encrypt_key = key_for_encryption
383 387 #beaker.session.validate_key = validation_key
384 388
385 389 ## sets session as invalid(also logging out user) if it haven not been
386 390 ## accessed for given amount of time in seconds
387 391 beaker.session.timeout = 2592000
388 392 beaker.session.httponly = true
389 393 ## Path to use for the cookie. Set to prefix if you use prefix middleware
390 394 #beaker.session.cookie_path = /custom_prefix
391 395
392 396 ## uncomment for https secure cookie
393 397 beaker.session.secure = false
394 398
395 399 ## auto save the session to not to use .save()
396 400 beaker.session.auto = false
397 401
398 402 ## default cookie expiration time in seconds, set to `true` to set expire
399 403 ## at browser close
400 404 #beaker.session.cookie_expires = 3600
401 405
402 406 ###################################
403 407 ## SEARCH INDEXING CONFIGURATION ##
404 408 ###################################
405 409 ## Full text search indexer is available in rhodecode-tools under
406 410 ## `rhodecode-tools index` command
407 411
408 412 ## WHOOSH Backend, doesn't require additional services to run
409 413 ## it works good with few dozen repos
410 414 search.module = rhodecode.lib.index.whoosh
411 415 search.location = %(here)s/data/index
412 416
413 417 ########################################
414 418 ### CHANNELSTREAM CONFIG ####
415 419 ########################################
416 420 ## channelstream enables persistent connections and live notification
417 421 ## in the system. It's also used by the chat system
418 422 channelstream.enabled = false
419 423
420 424 ## server address for channelstream server on the backend
421 425 channelstream.server = 127.0.0.1:9800
422 426
423 427 ## location of the channelstream server from outside world
424 428 ## use ws:// for http or wss:// for https. This address needs to be handled
425 429 ## by external HTTP server such as Nginx or Apache
426 430 ## see nginx/apache configuration examples in our docs
427 431 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
428 432 channelstream.secret = secret
429 433 channelstream.history.location = %(here)s/channelstream_history
430 434
431 435 ## Internal application path that Javascript uses to connect into.
432 436 ## If you use proxy-prefix the prefix should be added before /_channelstream
433 437 channelstream.proxy_path = /_channelstream
434 438
435 439
436 440 ###################################
437 441 ## APPENLIGHT CONFIG ##
438 442 ###################################
439 443
440 444 ## Appenlight is tailored to work with RhodeCode, see
441 445 ## http://appenlight.com for details how to obtain an account
442 446
443 447 ## appenlight integration enabled
444 448 appenlight = false
445 449
446 450 appenlight.server_url = https://api.appenlight.com
447 451 appenlight.api_key = YOUR_API_KEY
448 452 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
449 453
450 454 # used for JS client
451 455 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
452 456
453 457 ## TWEAK AMOUNT OF INFO SENT HERE
454 458
455 459 ## enables 404 error logging (default False)
456 460 appenlight.report_404 = false
457 461
458 462 ## time in seconds after request is considered being slow (default 1)
459 463 appenlight.slow_request_time = 1
460 464
461 465 ## record slow requests in application
462 466 ## (needs to be enabled for slow datastore recording and time tracking)
463 467 appenlight.slow_requests = true
464 468
465 469 ## enable hooking to application loggers
466 470 appenlight.logging = true
467 471
468 472 ## minimum log level for log capture
469 473 appenlight.logging.level = WARNING
470 474
471 475 ## send logs only from erroneous/slow requests
472 476 ## (saves API quota for intensive logging)
473 477 appenlight.logging_on_error = false
474 478
475 479 ## list of additonal keywords that should be grabbed from environ object
476 480 ## can be string with comma separated list of words in lowercase
477 481 ## (by default client will always send following info:
478 482 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
479 483 ## start with HTTP* this list be extended with additional keywords here
480 484 appenlight.environ_keys_whitelist =
481 485
482 486 ## list of keywords that should be blanked from request object
483 487 ## can be string with comma separated list of words in lowercase
484 488 ## (by default client will always blank keys that contain following words
485 489 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
486 490 ## this list be extended with additional keywords set here
487 491 appenlight.request_keys_blacklist =
488 492
489 493 ## list of namespaces that should be ignores when gathering log entries
490 494 ## can be string with comma separated list of namespaces
491 495 ## (by default the client ignores own entries: appenlight_client.client)
492 496 appenlight.log_namespace_blacklist =
493 497
494 498
495 499 ################################################################################
496 500 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
497 501 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
498 502 ## execute malicious code after an exception is raised. ##
499 503 ################################################################################
500 504 #set debug = false
501 505
502 506
503 507 ##############
504 508 ## STYLING ##
505 509 ##############
506 510 debug_style = true
507 511
508 512 ###########################################
509 513 ### MAIN RHODECODE DATABASE CONFIG ###
510 514 ###########################################
511 515 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
512 516 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
513 517 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
514 518 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
515 519
516 520 # see sqlalchemy docs for other advanced settings
517 521
518 522 ## print the sql statements to output
519 523 sqlalchemy.db1.echo = false
520 524 ## recycle the connections after this amount of seconds
521 525 sqlalchemy.db1.pool_recycle = 3600
522 526 sqlalchemy.db1.convert_unicode = true
523 527
524 528 ## the number of connections to keep open inside the connection pool.
525 529 ## 0 indicates no limit
526 530 #sqlalchemy.db1.pool_size = 5
527 531
528 532 ## the number of connections to allow in connection pool "overflow", that is
529 533 ## connections that can be opened above and beyond the pool_size setting,
530 534 ## which defaults to five.
531 535 #sqlalchemy.db1.max_overflow = 10
532 536
533 537
534 538 ##################
535 539 ### VCS CONFIG ###
536 540 ##################
537 541 vcs.server.enable = true
538 542 vcs.server = localhost:9900
539 543
540 544 ## Web server connectivity protocol, responsible for web based VCS operatations
541 545 ## Available protocols are:
542 546 ## `http` - use http-rpc backend (default)
543 547 vcs.server.protocol = http
544 548
545 549 ## Push/Pull operations protocol, available options are:
546 550 ## `http` - use http-rpc backend (default)
547 551 ##
548 552 vcs.scm_app_implementation = http
549 553
550 554 ## Push/Pull operations hooks protocol, available options are:
551 555 ## `http` - use http-rpc backend (default)
552 556 vcs.hooks.protocol = http
553 557
554 558 vcs.server.log_level = debug
555 559 ## Start VCSServer with this instance as a subprocess, usefull for development
556 560 vcs.start_server = true
557 561
558 562 ## List of enabled VCS backends, available options are:
559 563 ## `hg` - mercurial
560 564 ## `git` - git
561 565 ## `svn` - subversion
562 566 vcs.backends = hg, git, svn
563 567
564 568 vcs.connection_timeout = 3600
565 569 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
566 570 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible
567 571 #vcs.svn.compatible_version = pre-1.8-compatible
568 572
569 573
570 574 ############################################################
571 575 ### Subversion proxy support (mod_dav_svn) ###
572 576 ### Maps RhodeCode repo groups into SVN paths for Apache ###
573 577 ############################################################
574 578 ## Enable or disable the config file generation.
575 579 svn.proxy.generate_config = false
576 580 ## Generate config file with `SVNListParentPath` set to `On`.
577 581 svn.proxy.list_parent_path = true
578 582 ## Set location and file name of generated config file.
579 583 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
580 584 ## Used as a prefix to the `Location` block in the generated config file.
581 585 ## In most cases it should be set to `/`.
582 586 svn.proxy.location_root = /
583 587 ## Command to reload the mod dav svn configuration on change.
584 588 ## Example: `/etc/init.d/apache2 reload`
585 589 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
586 590 ## If the timeout expires before the reload command finishes, the command will
587 591 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
588 592 #svn.proxy.reload_timeout = 10
589 593
590 594 ############################################################
591 595 ### SSH Support Settings ###
592 596 ############################################################
593 597
594 598 ## Defines if the authorized_keys file should be written on any change of
595 599 ## user ssh keys
596 600 ssh.generate_authorized_keyfile = false
597 601
598 602 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
599 603 # ssh.authorized_keys_ssh_opts =
600 604
601 605 ## File to generate the authorized keys together with options
602 606 ssh.authorized_keys_file_path = /home/USER/.ssh/authorized_keys
603 607
604 608 ## Command to execute as an SSH wrapper, available from
605 609 ## https://code.rhodecode.com/rhodecode-ssh
606 610 ssh.wrapper_cmd = /home/USER/rhodecode-ssh/sshwrapper.py
607 611
608 612 ## Allow shell when executing the command
609 613 ssh.wrapper_cmd_allow_shell = false
610 614
611 615 ## Dummy marker to add new entries after.
612 616 ## Add any custom entries below. Please don't remove.
613 617 custom.conf = 1
614 618
615 619
616 620 ################################
617 621 ### LOGGING CONFIGURATION ####
618 622 ################################
619 623 [loggers]
620 624 keys = root, routes, rhodecode, sqlalchemy, beaker, templates
621 625
622 626 [handlers]
623 627 keys = console, console_sql
624 628
625 629 [formatters]
626 630 keys = generic, color_formatter, color_formatter_sql
627 631
628 632 #############
629 633 ## LOGGERS ##
630 634 #############
631 635 [logger_root]
632 636 level = NOTSET
633 637 handlers = console
634 638
635 639 [logger_routes]
636 640 level = DEBUG
637 641 handlers =
638 642 qualname = routes.middleware
639 643 ## "level = DEBUG" logs the route matched and routing variables.
640 644 propagate = 1
641 645
642 646 [logger_beaker]
643 647 level = DEBUG
644 648 handlers =
645 649 qualname = beaker.container
646 650 propagate = 1
647 651
648 652 [logger_templates]
649 653 level = INFO
650 654 handlers =
651 655 qualname = pylons.templating
652 656 propagate = 1
653 657
654 658 [logger_rhodecode]
655 659 level = DEBUG
656 660 handlers =
657 661 qualname = rhodecode
658 662 propagate = 1
659 663
660 664 [logger_sqlalchemy]
661 665 level = INFO
662 666 handlers = console_sql
663 667 qualname = sqlalchemy.engine
664 668 propagate = 0
665 669
666 670 ##############
667 671 ## HANDLERS ##
668 672 ##############
669 673
670 674 [handler_console]
671 675 class = StreamHandler
672 676 args = (sys.stderr, )
673 677 level = DEBUG
674 678 formatter = color_formatter
675 679
676 680 [handler_console_sql]
677 681 class = StreamHandler
678 682 args = (sys.stderr, )
679 683 level = DEBUG
680 684 formatter = color_formatter_sql
681 685
682 686 ################
683 687 ## FORMATTERS ##
684 688 ################
685 689
686 690 [formatter_generic]
687 691 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
688 692 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
689 693 datefmt = %Y-%m-%d %H:%M:%S
690 694
691 695 [formatter_color_formatter]
692 696 class = rhodecode.lib.logging_formatter.ColorFormatter
693 697 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
694 698 datefmt = %Y-%m-%d %H:%M:%S
695 699
696 700 [formatter_color_formatter_sql]
697 701 class = rhodecode.lib.logging_formatter.ColorFormatterSql
698 702 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
699 703 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,668 +1,672 b''
1 1
2 2
3 3 ################################################################################
4 4 ## RHODECODE COMMUNITY EDITION CONFIGURATION ##
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10
11 11 ################################################################################
12 12 ## EMAIL CONFIGURATION ##
13 13 ## Uncomment and replace with the email address which should receive ##
14 14 ## any error reports after an application crash ##
15 15 ## Additionally these settings will be used by the RhodeCode mailing system ##
16 16 ################################################################################
17 17
18 18 ## prefix all emails subjects with given prefix, helps filtering out emails
19 19 #email_prefix = [RhodeCode]
20 20
21 21 ## email FROM address all mails will be sent
22 22 #app_email_from = rhodecode-noreply@localhost
23 23
24 24 ## Uncomment and replace with the address which should receive any error report
25 25 ## note: using appenlight for error handling doesn't need this to be uncommented
26 26 #email_to = admin@localhost
27 27
28 28 ## in case of Application errors, sent an error email form
29 29 #error_email_from = rhodecode_error@localhost
30 30
31 31 ## additional error message to be send in case of server crash
32 32 #error_message =
33 33
34 34
35 35 #smtp_server = mail.server.com
36 36 #smtp_username =
37 37 #smtp_password =
38 38 #smtp_port =
39 39 #smtp_use_tls = false
40 40 #smtp_use_ssl = true
41 41 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
42 42 #smtp_auth =
43 43
44 44 [server:main]
45 45 ## COMMON ##
46 46 host = 127.0.0.1
47 47 port = 5000
48 48
49 49 ##################################
50 50 ## WAITRESS WSGI SERVER ##
51 51 ## Recommended for Development ##
52 52 ##################################
53 53
54 54 #use = egg:waitress#main
55 55 ## number of worker threads
56 56 #threads = 5
57 57 ## MAX BODY SIZE 100GB
58 58 #max_request_body_size = 107374182400
59 59 ## Use poll instead of select, fixes file descriptors limits problems.
60 60 ## May not work on old windows systems.
61 61 #asyncore_use_poll = true
62 62
63 63
64 64 ##########################
65 65 ## GUNICORN WSGI SERVER ##
66 66 ##########################
67 67 ## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini
68 68
69 69 use = egg:gunicorn#main
70 70 ## Sets the number of process workers. You must set `instance_id = *`
71 71 ## when this option is set to more than one worker, recommended
72 72 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
73 73 ## The `instance_id = *` must be set in the [app:main] section below
74 74 workers = 2
75 75 ## number of threads for each of the worker, must be set to 1 for gevent
76 76 ## generally recommened to be at 1
77 77 #threads = 1
78 78 ## process name
79 79 proc_name = rhodecode
80 80 ## type of worker class, one of sync, gevent
81 81 ## recommended for bigger setup is using of of other than sync one
82 82 worker_class = sync
83 83 ## The maximum number of simultaneous clients. Valid only for Gevent
84 84 #worker_connections = 10
85 85 ## max number of requests that worker will handle before being gracefully
86 86 ## restarted, could prevent memory leaks
87 87 max_requests = 1000
88 88 max_requests_jitter = 30
89 89 ## amount of time a worker can spend with handling a request before it
90 90 ## gets killed and restarted. Set to 6hrs
91 91 timeout = 21600
92 92
93 93
94 94 ## prefix middleware for RhodeCode.
95 95 ## recommended when using proxy setup.
96 96 ## allows to set RhodeCode under a prefix in server.
97 97 ## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
98 98 ## And set your prefix like: `prefix = /custom_prefix`
99 99 ## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
100 100 ## to make your cookies only work on prefix url
101 101 [filter:proxy-prefix]
102 102 use = egg:PasteDeploy#prefix
103 103 prefix = /
104 104
105 105 [app:main]
106 106 use = egg:rhodecode-enterprise-ce
107 107
108 108 ## enable proxy prefix middleware, defined above
109 109 #filter-with = proxy-prefix
110 110
111 111 ## encryption key used to encrypt social plugin tokens,
112 112 ## remote_urls with credentials etc, if not set it defaults to
113 113 ## `beaker.session.secret`
114 114 #rhodecode.encrypted_values.secret =
115 115
116 116 ## decryption strict mode (enabled by default). It controls if decryption raises
117 117 ## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
118 118 #rhodecode.encrypted_values.strict = false
119 119
120 120 ## return gzipped responses from Rhodecode (static files/application)
121 121 gzip_responses = false
122 122
123 123 ## autogenerate javascript routes file on startup
124 124 generate_js_files = false
125 125
126 126 ## Optional Languages
127 127 ## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
128 128 lang = en
129 129
130 130 ## perform a full repository scan on each server start, this should be
131 131 ## set to false after first startup, to allow faster server restarts.
132 132 startup.import_repos = false
133 133
134 134 ## Uncomment and set this path to use archive download cache.
135 135 ## Once enabled, generated archives will be cached at this location
136 136 ## and served from the cache during subsequent requests for the same archive of
137 137 ## the repository.
138 138 #archive_cache_dir = /tmp/tarballcache
139 139
140 140 ## change this to unique ID for security
141 141 app_instance_uuid = rc-production
142 142
143 143 ## cut off limit for large diffs (size in bytes)
144 144 cut_off_limit_diff = 1024000
145 145 cut_off_limit_file = 256000
146 146
147 147 ## use cache version of scm repo everywhere
148 148 vcs_full_cache = true
149 149
150 150 ## force https in RhodeCode, fixes https redirects, assumes it's always https
151 151 ## Normally this is controlled by proper http flags sent from http server
152 152 force_https = false
153 153
154 154 ## use Strict-Transport-Security headers
155 155 use_htsts = false
156 156
157 157 ## number of commits stats will parse on each iteration
158 158 commit_parse_limit = 25
159 159
160 160 ## git rev filter option, --all is the default filter, if you need to
161 161 ## hide all refs in changelog switch this to --branches --tags
162 162 git_rev_filter = --branches --tags
163 163
164 164 # Set to true if your repos are exposed using the dumb protocol
165 165 git_update_server_info = false
166 166
167 167 ## RSS/ATOM feed options
168 168 rss_cut_off_limit = 256000
169 169 rss_items_per_page = 10
170 170 rss_include_diff = false
171 171
172 172 ## gist URL alias, used to create nicer urls for gist. This should be an
173 173 ## url that does rewrites to _admin/gists/{gistid}.
174 174 ## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
175 175 ## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
176 176 gist_alias_url =
177 177
178 178 ## List of views (using glob pattern syntax) that AUTH TOKENS could be
179 179 ## used for access.
180 180 ## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
181 181 ## came from the the logged in user who own this authentication token.
182 ## Additionally @TOKEN syntaxt can be used to bound the view to specific
183 ## authentication token. Such view would be only accessible when used together
184 ## with this authentication token
182 185 ##
183 186 ## list of all views can be found under `_admin/permissions/auth_token_access`
184 187 ## The list should be "," separated and on a single line.
185 188 ##
186 189 ## Most common views to enable:
187 190 # RepoCommitsView:repo_commit_download
188 191 # RepoCommitsView:repo_commit_patch
189 192 # RepoCommitsView:repo_commit_raw
193 # RepoCommitsView:repo_commit_raw@TOKEN
190 194 # RepoFilesView:repo_files_diff
191 195 # RepoFilesView:repo_archivefile
192 196 # RepoFilesView:repo_file_raw
193 197 # GistView:*
194 198 api_access_controllers_whitelist =
195 199
196 200 ## default encoding used to convert from and to unicode
197 201 ## can be also a comma separated list of encoding in case of mixed encodings
198 202 default_encoding = UTF-8
199 203
200 204 ## instance-id prefix
201 205 ## a prefix key for this instance used for cache invalidation when running
202 206 ## multiple instances of rhodecode, make sure it's globally unique for
203 207 ## all running rhodecode instances. Leave empty if you don't use it
204 208 instance_id =
205 209
206 210 ## Fallback authentication plugin. Set this to a plugin ID to force the usage
207 211 ## of an authentication plugin also if it is disabled by it's settings.
208 212 ## This could be useful if you are unable to log in to the system due to broken
209 213 ## authentication settings. Then you can enable e.g. the internal rhodecode auth
210 214 ## module to log in again and fix the settings.
211 215 ##
212 216 ## Available builtin plugin IDs (hash is part of the ID):
213 217 ## egg:rhodecode-enterprise-ce#rhodecode
214 218 ## egg:rhodecode-enterprise-ce#pam
215 219 ## egg:rhodecode-enterprise-ce#ldap
216 220 ## egg:rhodecode-enterprise-ce#jasig_cas
217 221 ## egg:rhodecode-enterprise-ce#headers
218 222 ## egg:rhodecode-enterprise-ce#crowd
219 223 #rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode
220 224
221 225 ## alternative return HTTP header for failed authentication. Default HTTP
222 226 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
223 227 ## handling that causing a series of failed authentication calls.
224 228 ## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
225 229 ## This will be served instead of default 401 on bad authnetication
226 230 auth_ret_code =
227 231
228 232 ## use special detection method when serving auth_ret_code, instead of serving
229 233 ## ret_code directly, use 401 initially (Which triggers credentials prompt)
230 234 ## and then serve auth_ret_code to clients
231 235 auth_ret_code_detection = false
232 236
233 237 ## locking return code. When repository is locked return this HTTP code. 2XX
234 238 ## codes don't break the transactions while 4XX codes do
235 239 lock_ret_code = 423
236 240
237 241 ## allows to change the repository location in settings page
238 242 allow_repo_location_change = true
239 243
240 244 ## allows to setup custom hooks in settings page
241 245 allow_custom_hooks_settings = true
242 246
243 247 ## generated license token, goto license page in RhodeCode settings to obtain
244 248 ## new token
245 249 license_token =
246 250
247 251 ## supervisor connection uri, for managing supervisor and logs.
248 252 supervisor.uri =
249 253 ## supervisord group name/id we only want this RC instance to handle
250 254 supervisor.group_id = prod
251 255
252 256 ## Display extended labs settings
253 257 labs_settings_active = true
254 258
255 259 ####################################
256 260 ### CELERY CONFIG ####
257 261 ####################################
258 262 use_celery = false
259 263 broker.host = localhost
260 264 broker.vhost = rabbitmqhost
261 265 broker.port = 5672
262 266 broker.user = rabbitmq
263 267 broker.password = qweqwe
264 268
265 269 celery.imports = rhodecode.lib.celerylib.tasks
266 270
267 271 celery.result.backend = amqp
268 272 celery.result.dburi = amqp://
269 273 celery.result.serialier = json
270 274
271 275 #celery.send.task.error.emails = true
272 276 #celery.amqp.task.result.expires = 18000
273 277
274 278 celeryd.concurrency = 2
275 279 #celeryd.log.file = celeryd.log
276 280 celeryd.log.level = debug
277 281 celeryd.max.tasks.per.child = 1
278 282
279 283 ## tasks will never be sent to the queue, but executed locally instead.
280 284 celery.always.eager = false
281 285
282 286 ####################################
283 287 ### BEAKER CACHE ####
284 288 ####################################
285 289 # default cache dir for templates. Putting this into a ramdisk
286 290 ## can boost performance, eg. %(here)s/data_ramdisk
287 291 cache_dir = %(here)s/data
288 292
289 293 ## locking and default file storage for Beaker. Putting this into a ramdisk
290 294 ## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
291 295 beaker.cache.data_dir = %(here)s/data/cache/beaker_data
292 296 beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock
293 297
294 298 beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long
295 299
296 300 beaker.cache.super_short_term.type = memory
297 301 beaker.cache.super_short_term.expire = 10
298 302 beaker.cache.super_short_term.key_length = 256
299 303
300 304 beaker.cache.short_term.type = memory
301 305 beaker.cache.short_term.expire = 60
302 306 beaker.cache.short_term.key_length = 256
303 307
304 308 beaker.cache.long_term.type = memory
305 309 beaker.cache.long_term.expire = 36000
306 310 beaker.cache.long_term.key_length = 256
307 311
308 312 beaker.cache.sql_cache_short.type = memory
309 313 beaker.cache.sql_cache_short.expire = 10
310 314 beaker.cache.sql_cache_short.key_length = 256
311 315
312 316 ## default is memory cache, configure only if required
313 317 ## using multi-node or multi-worker setup
314 318 #beaker.cache.auth_plugins.type = ext:database
315 319 #beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
316 320 #beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
317 321 #beaker.cache.auth_plugins.url = mysql://root:secret@127.0.0.1/rhodecode
318 322 #beaker.cache.auth_plugins.sa.pool_recycle = 3600
319 323 #beaker.cache.auth_plugins.sa.pool_size = 10
320 324 #beaker.cache.auth_plugins.sa.max_overflow = 0
321 325
322 326 beaker.cache.repo_cache_long.type = memorylru_base
323 327 beaker.cache.repo_cache_long.max_items = 4096
324 328 beaker.cache.repo_cache_long.expire = 2592000
325 329
326 330 ## default is memorylru_base cache, configure only if required
327 331 ## using multi-node or multi-worker setup
328 332 #beaker.cache.repo_cache_long.type = ext:memcached
329 333 #beaker.cache.repo_cache_long.url = localhost:11211
330 334 #beaker.cache.repo_cache_long.expire = 1209600
331 335 #beaker.cache.repo_cache_long.key_length = 256
332 336
333 337 ####################################
334 338 ### BEAKER SESSION ####
335 339 ####################################
336 340
337 341 ## .session.type is type of storage options for the session, current allowed
338 342 ## types are file, ext:memcached, ext:database, and memory (default).
339 343 beaker.session.type = file
340 344 beaker.session.data_dir = %(here)s/data/sessions/data
341 345
342 346 ## db based session, fast, and allows easy management over logged in users
343 347 #beaker.session.type = ext:database
344 348 #beaker.session.table_name = db_session
345 349 #beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
346 350 #beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode
347 351 #beaker.session.sa.pool_recycle = 3600
348 352 #beaker.session.sa.echo = false
349 353
350 354 beaker.session.key = rhodecode
351 355 beaker.session.secret = production-rc-uytcxaz
352 356 beaker.session.lock_dir = %(here)s/data/sessions/lock
353 357
354 358 ## Secure encrypted cookie. Requires AES and AES python libraries
355 359 ## you must disable beaker.session.secret to use this
356 360 #beaker.session.encrypt_key = key_for_encryption
357 361 #beaker.session.validate_key = validation_key
358 362
359 363 ## sets session as invalid(also logging out user) if it haven not been
360 364 ## accessed for given amount of time in seconds
361 365 beaker.session.timeout = 2592000
362 366 beaker.session.httponly = true
363 367 ## Path to use for the cookie. Set to prefix if you use prefix middleware
364 368 #beaker.session.cookie_path = /custom_prefix
365 369
366 370 ## uncomment for https secure cookie
367 371 beaker.session.secure = false
368 372
369 373 ## auto save the session to not to use .save()
370 374 beaker.session.auto = false
371 375
372 376 ## default cookie expiration time in seconds, set to `true` to set expire
373 377 ## at browser close
374 378 #beaker.session.cookie_expires = 3600
375 379
376 380 ###################################
377 381 ## SEARCH INDEXING CONFIGURATION ##
378 382 ###################################
379 383 ## Full text search indexer is available in rhodecode-tools under
380 384 ## `rhodecode-tools index` command
381 385
382 386 ## WHOOSH Backend, doesn't require additional services to run
383 387 ## it works good with few dozen repos
384 388 search.module = rhodecode.lib.index.whoosh
385 389 search.location = %(here)s/data/index
386 390
387 391 ########################################
388 392 ### CHANNELSTREAM CONFIG ####
389 393 ########################################
390 394 ## channelstream enables persistent connections and live notification
391 395 ## in the system. It's also used by the chat system
392 396 channelstream.enabled = false
393 397
394 398 ## server address for channelstream server on the backend
395 399 channelstream.server = 127.0.0.1:9800
396 400
397 401 ## location of the channelstream server from outside world
398 402 ## use ws:// for http or wss:// for https. This address needs to be handled
399 403 ## by external HTTP server such as Nginx or Apache
400 404 ## see nginx/apache configuration examples in our docs
401 405 channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
402 406 channelstream.secret = secret
403 407 channelstream.history.location = %(here)s/channelstream_history
404 408
405 409 ## Internal application path that Javascript uses to connect into.
406 410 ## If you use proxy-prefix the prefix should be added before /_channelstream
407 411 channelstream.proxy_path = /_channelstream
408 412
409 413
410 414 ###################################
411 415 ## APPENLIGHT CONFIG ##
412 416 ###################################
413 417
414 418 ## Appenlight is tailored to work with RhodeCode, see
415 419 ## http://appenlight.com for details how to obtain an account
416 420
417 421 ## appenlight integration enabled
418 422 appenlight = false
419 423
420 424 appenlight.server_url = https://api.appenlight.com
421 425 appenlight.api_key = YOUR_API_KEY
422 426 #appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5
423 427
424 428 # used for JS client
425 429 appenlight.api_public_key = YOUR_API_PUBLIC_KEY
426 430
427 431 ## TWEAK AMOUNT OF INFO SENT HERE
428 432
429 433 ## enables 404 error logging (default False)
430 434 appenlight.report_404 = false
431 435
432 436 ## time in seconds after request is considered being slow (default 1)
433 437 appenlight.slow_request_time = 1
434 438
435 439 ## record slow requests in application
436 440 ## (needs to be enabled for slow datastore recording and time tracking)
437 441 appenlight.slow_requests = true
438 442
439 443 ## enable hooking to application loggers
440 444 appenlight.logging = true
441 445
442 446 ## minimum log level for log capture
443 447 appenlight.logging.level = WARNING
444 448
445 449 ## send logs only from erroneous/slow requests
446 450 ## (saves API quota for intensive logging)
447 451 appenlight.logging_on_error = false
448 452
449 453 ## list of additonal keywords that should be grabbed from environ object
450 454 ## can be string with comma separated list of words in lowercase
451 455 ## (by default client will always send following info:
452 456 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
453 457 ## start with HTTP* this list be extended with additional keywords here
454 458 appenlight.environ_keys_whitelist =
455 459
456 460 ## list of keywords that should be blanked from request object
457 461 ## can be string with comma separated list of words in lowercase
458 462 ## (by default client will always blank keys that contain following words
459 463 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
460 464 ## this list be extended with additional keywords set here
461 465 appenlight.request_keys_blacklist =
462 466
463 467 ## list of namespaces that should be ignores when gathering log entries
464 468 ## can be string with comma separated list of namespaces
465 469 ## (by default the client ignores own entries: appenlight_client.client)
466 470 appenlight.log_namespace_blacklist =
467 471
468 472
469 473 ################################################################################
470 474 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
471 475 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
472 476 ## execute malicious code after an exception is raised. ##
473 477 ################################################################################
474 478 set debug = false
475 479
476 480
477 481 ###########################################
478 482 ### MAIN RHODECODE DATABASE CONFIG ###
479 483 ###########################################
480 484 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
481 485 #sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
482 486 #sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
483 487 sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
484 488
485 489 # see sqlalchemy docs for other advanced settings
486 490
487 491 ## print the sql statements to output
488 492 sqlalchemy.db1.echo = false
489 493 ## recycle the connections after this amount of seconds
490 494 sqlalchemy.db1.pool_recycle = 3600
491 495 sqlalchemy.db1.convert_unicode = true
492 496
493 497 ## the number of connections to keep open inside the connection pool.
494 498 ## 0 indicates no limit
495 499 #sqlalchemy.db1.pool_size = 5
496 500
497 501 ## the number of connections to allow in connection pool "overflow", that is
498 502 ## connections that can be opened above and beyond the pool_size setting,
499 503 ## which defaults to five.
500 504 #sqlalchemy.db1.max_overflow = 10
501 505
502 506
503 507 ##################
504 508 ### VCS CONFIG ###
505 509 ##################
506 510 vcs.server.enable = true
507 511 vcs.server = localhost:9900
508 512
509 513 ## Web server connectivity protocol, responsible for web based VCS operatations
510 514 ## Available protocols are:
511 515 ## `http` - use http-rpc backend (default)
512 516 vcs.server.protocol = http
513 517
514 518 ## Push/Pull operations protocol, available options are:
515 519 ## `http` - use http-rpc backend (default)
516 520 ##
517 521 vcs.scm_app_implementation = http
518 522
519 523 ## Push/Pull operations hooks protocol, available options are:
520 524 ## `http` - use http-rpc backend (default)
521 525 vcs.hooks.protocol = http
522 526
523 527 vcs.server.log_level = info
524 528 ## Start VCSServer with this instance as a subprocess, usefull for development
525 529 vcs.start_server = false
526 530
527 531 ## List of enabled VCS backends, available options are:
528 532 ## `hg` - mercurial
529 533 ## `git` - git
530 534 ## `svn` - subversion
531 535 vcs.backends = hg, git, svn
532 536
533 537 vcs.connection_timeout = 3600
534 538 ## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
535 539 ## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible
536 540 #vcs.svn.compatible_version = pre-1.8-compatible
537 541
538 542
539 543 ############################################################
540 544 ### Subversion proxy support (mod_dav_svn) ###
541 545 ### Maps RhodeCode repo groups into SVN paths for Apache ###
542 546 ############################################################
543 547 ## Enable or disable the config file generation.
544 548 svn.proxy.generate_config = false
545 549 ## Generate config file with `SVNListParentPath` set to `On`.
546 550 svn.proxy.list_parent_path = true
547 551 ## Set location and file name of generated config file.
548 552 svn.proxy.config_file_path = %(here)s/mod_dav_svn.conf
549 553 ## Used as a prefix to the `Location` block in the generated config file.
550 554 ## In most cases it should be set to `/`.
551 555 svn.proxy.location_root = /
552 556 ## Command to reload the mod dav svn configuration on change.
553 557 ## Example: `/etc/init.d/apache2 reload`
554 558 #svn.proxy.reload_cmd = /etc/init.d/apache2 reload
555 559 ## If the timeout expires before the reload command finishes, the command will
556 560 ## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
557 561 #svn.proxy.reload_timeout = 10
558 562
559 563 ############################################################
560 564 ### SSH Support Settings ###
561 565 ############################################################
562 566
563 567 ## Defines if the authorized_keys file should be written on any change of
564 568 ## user ssh keys
565 569 ssh.generate_authorized_keyfile = false
566 570
567 571 ## Options for ssh, default is `no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding`
568 572 # ssh.authorized_keys_ssh_opts =
569 573
570 574 ## File to generate the authorized keys together with options
571 575 ssh.authorized_keys_file_path = /home/USER/.ssh/authorized_keys
572 576
573 577 ## Command to execute as an SSH wrapper, available from
574 578 ## https://code.rhodecode.com/rhodecode-ssh
575 579 ssh.wrapper_cmd = /home/USER/rhodecode-ssh/sshwrapper.py
576 580
577 581 ## Allow shell when executing the command
578 582 ssh.wrapper_cmd_allow_shell = false
579 583
580 584 ## Dummy marker to add new entries after.
581 585 ## Add any custom entries below. Please don't remove.
582 586 custom.conf = 1
583 587
584 588
585 589 ################################
586 590 ### LOGGING CONFIGURATION ####
587 591 ################################
588 592 [loggers]
589 593 keys = root, routes, rhodecode, sqlalchemy, beaker, templates
590 594
591 595 [handlers]
592 596 keys = console, console_sql
593 597
594 598 [formatters]
595 599 keys = generic, color_formatter, color_formatter_sql
596 600
597 601 #############
598 602 ## LOGGERS ##
599 603 #############
600 604 [logger_root]
601 605 level = NOTSET
602 606 handlers = console
603 607
604 608 [logger_routes]
605 609 level = DEBUG
606 610 handlers =
607 611 qualname = routes.middleware
608 612 ## "level = DEBUG" logs the route matched and routing variables.
609 613 propagate = 1
610 614
611 615 [logger_beaker]
612 616 level = DEBUG
613 617 handlers =
614 618 qualname = beaker.container
615 619 propagate = 1
616 620
617 621 [logger_templates]
618 622 level = INFO
619 623 handlers =
620 624 qualname = pylons.templating
621 625 propagate = 1
622 626
623 627 [logger_rhodecode]
624 628 level = DEBUG
625 629 handlers =
626 630 qualname = rhodecode
627 631 propagate = 1
628 632
629 633 [logger_sqlalchemy]
630 634 level = INFO
631 635 handlers = console_sql
632 636 qualname = sqlalchemy.engine
633 637 propagate = 0
634 638
635 639 ##############
636 640 ## HANDLERS ##
637 641 ##############
638 642
639 643 [handler_console]
640 644 class = StreamHandler
641 645 args = (sys.stderr, )
642 646 level = INFO
643 647 formatter = generic
644 648
645 649 [handler_console_sql]
646 650 class = StreamHandler
647 651 args = (sys.stderr, )
648 652 level = WARN
649 653 formatter = generic
650 654
651 655 ################
652 656 ## FORMATTERS ##
653 657 ################
654 658
655 659 [formatter_generic]
656 660 class = rhodecode.lib.logging_formatter.ExceptionAwareFormatter
657 661 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
658 662 datefmt = %Y-%m-%d %H:%M:%S
659 663
660 664 [formatter_color_formatter]
661 665 class = rhodecode.lib.logging_formatter.ColorFormatter
662 666 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
663 667 datefmt = %Y-%m-%d %H:%M:%S
664 668
665 669 [formatter_color_formatter_sql]
666 670 class = rhodecode.lib.logging_formatter.ColorFormatterSql
667 671 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
668 672 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now