##// END OF EJS Templates
docs: added SAML documentation....
marcink -
r3290:ac4e4e5a default
parent child Browse files
Show More
@@ -0,0 +1,105 b''
1 .. _config-saml-duosecurity-ref:
2
3
4 SAML 2.0 with Duo Security
5 --------------------------
6
7 **This plugin is available only in EE Edition.**
8
9 |RCE| supports SAML 2.0 Authentication with Duo Security provider. This allows
10 users to log-in to RhodeCode via SSO mechanism of external identity provider
11 such as Duo. The login can be triggered either by the external IDP, or internally
12 by clicking specific authentication button on the log-in page.
13
14
15 Configuration steps
16 ^^^^^^^^^^^^^^^^^^^
17
18 To configure Duo Security SAML authentication, use the following steps:
19
20 1. From the |RCE| interface, select
21 :menuselection:`Admin --> Authentication`
22 2. Activate the `Duo Security` plugin and select :guilabel:`Save`
23 3. Go to newly available menu option called `Duo Security` on the left side.
24 4. Check the `enabled` check box in the plugin configuration section,
25 and fill in the required SAML information and :guilabel:`Save`, for more details,
26 see :ref:`config-saml-duosecurity`
27
28
29 .. _config-saml-duosecurity:
30
31
32 Example SAML Duo Security configuration
33 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
34
35 Example configuration for SAML 2.0 with Duo Security provider::
36
37 *option*: `enabled` => `True`
38 # Enable or disable this authentication plugin.
39
40 *option*: `cache_ttl` => `0`
41 # Amount of seconds to cache the authentication and permissions check response call for this plugin.
42 # Useful for expensive calls like LDAP to improve the performance of the system (0 means disabled).
43
44 *option*: `debug` => `True`
45 # Enable or disable debug mode that shows SAML errors in the RhodeCode logs.
46
47 *option*: `entity_id` => `http://rc-app.com/dag/saml2/idp/metadata.php`
48 # Identity Provider entity/metadata URI.
49 # E.g. https://duo-gateway.com/dag/saml2/idp/metadata.php
50
51 *option*: `sso_service_url` => `http://rc-app.com/dag/saml2/idp/SSOService.php?spentityid=http://rc.local.pl/_admin/auth/duosecurity/saml-metadata`
52 # SSO (SingleSignOn) endpoint URL of the IdP. This can be used to initialize login
53 # E.g. https://duo-gateway.com/dag/saml2/idp/SSOService.php?spentityid=<metadata_entity_id>
54
55 *option*: `slo_service_url` => `http://rc-app.com/dag/saml2/idp/SingleLogoutService.php?ReturnTo=http://rc-app.com/dag/module.php/duosecurity/logout.php`
56 # SLO (SingleLogout) endpoint URL of the IdP.
57 # E.g. https://duo-gateway.com/dag/saml2/idp/SingleLogoutService.php?ReturnTo=http://duo-gateway.com/_admin/saml/sign-out-endpoint
58
59 *option*: `x509cert` => `<CERTIFICATE_STRING>`
60 # Identity provider public x509 certificate. It will be converted to single-line format without headers
61
62 *option*: `name_id_format` => `sha-1`
63 # The format that specifies how the NameID is sent to the service provider.
64
65 *option*: `signature_algo` => `sha-256`
66 # Type of Algorithm to use for verification of SAML signature on Identity provider side
67
68 *option*: `digest_algo` => `sha-256`
69 # Type of Algorithm to use for verification of SAML digest on Identity provider side
70
71 *option*: `cert_dir` => `/etc/saml/`
72 # Optional directory to store service provider certificate and private keys.
73 # Expected certs for the SP should be stored in this folder as:
74 # * sp.key Private Key
75 # * sp.crt Public cert
76 # * sp_new.crt Future Public cert
77 #
78 # Also you can use other cert to sign the metadata of the SP using the:
79 # * metadata.key
80 # * metadata.crt
81
82 *option*: `user_id_attribute` => `PersonImmutableID`
83 # User ID Attribute name. This defines which attribute in SAML response will be used to link accounts via unique id.
84 # Ensure this is returned from DuoSecurity for example via duo_username
85
86 *option*: `username_attribute` => `User.username`
87 # Username Attribute name. This defines which attribute in SAML response will map to an username.
88
89 *option*: `email_attribute` => `User.email`
90 # Email Attribute name. This defines which attribute in SAML response will map to an email address.
91
92
93 Below is example setup from DUO Administration page that can be used with above config.
94
95 .. image:: ../images/saml-duosecurity-service-provider-example.png
96 :alt: DUO Security SAML setup example
97 :scale: 50 %
98
99
100 Below is an example attribute mapping set for IDP provider required by the above config.
101
102
103 .. image:: ../images/saml-duosecurity-attributes-example.png
104 :alt: DUO Security SAML setup example
105 :scale: 50 % No newline at end of file
@@ -0,0 +1,18 b''
1 .. _config-saml-generic-ref:
2
3
4 SAML 2.0 Authentication
5 -----------------------
6
7
8 **This plugin is available only in EE Edition.**
9
10 RhodeCode Supports standard SAML 2.0 SSO for the web-application part.
11
12 Please check for reference two example providers:
13
14 .. toctree::
15
16 auth-saml-duosecurity
17 auth-saml-onelogin
18
@@ -0,0 +1,106 b''
1 .. _config-saml-onelogin-ref:
2
3
4 SAML 2.0 with One Login
5 -----------------------
6
7 **This plugin is available only in EE Edition.**
8
9 |RCE| supports SAML 2.0 Authentication with OneLogin provider. This allows
10 users to log-in to RhodeCode via SSO mechanism of external identity provider
11 such as OneLogin. The login can be triggered either by the external IDP, or internally
12 by clicking specific authentication button on the log-in page.
13
14
15 Configuration steps
16 ^^^^^^^^^^^^^^^^^^^
17
18 To configure OneLogin SAML authentication, use the following steps:
19
20 1. From the |RCE| interface, select
21 :menuselection:`Admin --> Authentication`
22 2. Activate the `OneLogin` plugin and select :guilabel:`Save`
23 3. Go to newly available menu option called `OneLogin` on the left side.
24 4. Check the `enabled` check box in the plugin configuration section,
25 and fill in the required SAML information and :guilabel:`Save`, for more details,
26 see :ref:`config-saml-onelogin`
27
28
29 .. _config-saml-onelogin:
30
31
32 Example SAML OneLogin configuration
33 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
34
35 Example configuration for SAML 2.0 with OneLogin provider::
36
37 *option*: `enabled` => `True`
38 # Enable or disable this authentication plugin.
39
40 *option*: `cache_ttl` => `0`
41 # Amount of seconds to cache the authentication and permissions check response call for this plugin.
42 # Useful for expensive calls like LDAP to improve the performance of the system (0 means disabled).
43
44 *option*: `debug` => `True`
45 # Enable or disable debug mode that shows SAML errors in the RhodeCode logs.
46
47 *option*: `entity_id` => `https://app.onelogin.com/saml/metadata/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`
48 # Identity Provider entity/metadata URI.
49 # E.g. https://app.onelogin.com/saml/metadata/<onelogin_connector_id>
50
51 *option*: `sso_service_url` => `https://customer-domain.onelogin.com/trust/saml2/http-post/sso/xxxxxx`
52 # SSO (SingleSignOn) endpoint URL of the IdP. This can be used to initialize login
53 # E.g. https://app.onelogin.com/trust/saml2/http-post/sso/<onelogin_connector_id>
54
55 *option*: `slo_service_url` => `https://customer-domain.onelogin.com/trust/saml2/http-redirect/slo/xxxxxx`
56 # SLO (SingleLogout) endpoint URL of the IdP.
57 # E.g. https://app.onelogin.com/trust/saml2/http-redirect/slo/<onelogin_connector_id>
58
59 *option*: `x509cert` => `<CERTIFICATE_STRING>`
60 # Identity provider public x509 certificate. It will be converted to single-line format without headers
61
62 *option*: `name_id_format` => `sha-1`
63 # The format that specifies how the NameID is sent to the service provider.
64
65 *option*: `signature_algo` => `sha-256`
66 # Type of Algorithm to use for verification of SAML signature on Identity provider side
67
68 *option*: `digest_algo` => `sha-256`
69 # Type of Algorithm to use for verification of SAML digest on Identity provider side
70
71 *option*: `cert_dir` => `/etc/saml/`
72 # Optional directory to store service provider certificate and private keys.
73 # Expected certs for the SP should be stored in this folder as:
74 # * sp.key Private Key
75 # * sp.crt Public cert
76 # * sp_new.crt Future Public cert
77 #
78 # Also you can use other cert to sign the metadata of the SP using the:
79 # * metadata.key
80 # * metadata.crt
81
82 *option*: `user_id_attribute` => `PersonImmutableID`
83 # User ID Attribute name. This defines which attribute in SAML response will be used to link accounts via unique id.
84 # Ensure this is returned from OneLogin for example via Internal ID
85
86 *option*: `username_attribute` => `User.username`
87 # Username Attribute name. This defines which attribute in SAML response will map to an username.
88
89 *option*: `email_attribute` => `User.email`
90 # Email Attribute name. This defines which attribute in SAML response will map to an email address.
91
92
93
94 Below is example setup that can be used with OneLogin SAML authentication that can be used with above config..
95
96 .. image:: ../images/saml-onelogin-config-example.png
97 :alt: OneLogin SAML setup example
98 :scale: 50 %
99
100
101 Below is an example attribute mapping set for IDP provider required by the above config.
102
103
104 .. image:: ../images/saml-onelogin-attributes-example.png
105 :alt: OneLogin SAML setup example
106 :scale: 50 % No newline at end of file
1 NO CONTENT: new file 100644, binary diff hidden
NO CONTENT: new file 100644, binary diff hidden
1 NO CONTENT: new file 100644, binary diff hidden
NO CONTENT: new file 100644, binary diff hidden
1 NO CONTENT: new file 100644, binary diff hidden
NO CONTENT: new file 100644, binary diff hidden
1 NO CONTENT: new file 100644, binary diff hidden
NO CONTENT: new file 100644, binary diff hidden
@@ -1,22 +1,22 b''
1 .. _permissions-info-anon-ref:
1 .. _permissions-info-anon-ref:
2
2
3 Anonymous Users
3 Anonymous Users
4 ---------------
4 ---------------
5
5
6 By default, |RCM| provides |repo| access for registered users only. It can be
6 By default, |RCE| provides |repo| access for registered users only. It can be
7 configured to be **world-open** in terms of read and write permissions. This
7 configured to be **world-open** in terms of read and write permissions. This
8 configuration is called "Anonymous Access" and allows |RCM| to be used as a
8 configuration is called "Anonymous Access" and allows |RCE| to be used as a
9 public hub where unregistered users have access to your |repos|.
9 public hub where unregistered users have access to your |repos|.
10
10
11 Anonymous access is useful for open source projects, universities,
11 Anonymous access is useful for open source projects, universities,
12 or if running inside a restricted internal corporate network to serve
12 or if running inside a restricted internal corporate network to serve
13 documents to all employees. Anonymous users get the default user permission
13 documents to all employees. Anonymous users get the default user permission
14 settings that are applied across the whole |RCM| system.
14 settings that are applied across the whole |RCE| system.
15
15
16 To enable anonymous access to your |repos|, use the following steps:
16 To enable anonymous access to your |repos|, use the following steps:
17
17
18 1. From the |RCM| interface, select :menuselection:`Admin --> Permissions`.
18 1. From the |RCE| interface, select :menuselection:`Admin --> Permissions`.
19 2. On the Application tab, check the :guilabel:`Allow anonymous access` box.
19 2. On the Application tab, check the :guilabel:`Allow anonymous access` box.
20 3. Select :guilabel:`Save`.
20 3. Select :guilabel:`Save`.
21 4. To set the anonymous user access permissions, which are based on the
21 4. To set the anonymous user access permissions, which are based on the
22 default user settings, see :ref:`permissions-default-ref`.
22 default user settings, see :ref:`permissions-default-ref`.
@@ -1,241 +1,241 b''
1 .. _admin-tricks:
1 .. _admin-tricks:
2
2
3 One-time Admin Tasks
3 One-time Admin Tasks
4 --------------------
4 --------------------
5
5
6 * :ref:`web-analytics`
6 * :ref:`web-analytics`
7 * :ref:`admin-tricks-license`
7 * :ref:`admin-tricks-license`
8 * :ref:`announcements`
8 * :ref:`announcements`
9 * :ref:`md-rst`
9 * :ref:`md-rst`
10 * :ref:`repo-stats`
10 * :ref:`repo-stats`
11 * :ref:`server-side-merge`
11 * :ref:`server-side-merge`
12 * :ref:`remap-rescan`
12 * :ref:`remap-rescan`
13 * :ref:`custom-hooks`
13 * :ref:`custom-hooks`
14 * :ref:`clear-repo-cache`
14 * :ref:`clear-repo-cache`
15 * :ref:`set-repo-pub`
15 * :ref:`set-repo-pub`
16 * :ref:`ping`
16 * :ref:`ping`
17
17
18 .. _web-analytics:
18 .. _web-analytics:
19
19
20 Adding Web Analytics
20 Adding Web Analytics
21 ^^^^^^^^^^^^^^^^^^^^
21 ^^^^^^^^^^^^^^^^^^^^
22
22
23 If you wish to add a Google Analytics, or any other kind of tracker to your
23 If you wish to add a Google Analytics, or any other kind of tracker to your
24 |RCE| instance you can add the necessary codes to the header or footer
24 |RCE| instance you can add the necessary codes to the header or footer
25 section of each instance using the following steps:
25 section of each instance using the following steps:
26
26
27 1. From the |RCE| interface, select
27 1. From the |RCE| interface, select
28 :menuselection:`Admin --> Settings --> Global`
28 :menuselection:`Admin --> Settings --> Global`
29 2. To add a tracking code to you instance, enter it in the header or footer
29 2. To add a tracking code to you instance, enter it in the header or footer
30 section and select **Save**
30 section and select **Save**
31
31
32 Use the example templates in the drop-down menu to set up your configuration.
32 Use the example templates in the drop-down menu to set up your configuration.
33
33
34 .. _admin-tricks-license:
34 .. _admin-tricks-license:
35
35
36 Licence Key Management
36 Licence Key Management
37 ^^^^^^^^^^^^^^^^^^^^^^
37 ^^^^^^^^^^^^^^^^^^^^^^
38
38
39 To manage your license key, go to
39 To manage your license key, go to
40 :menuselection:`Admin --> Settings --> License`.
40 :menuselection:`Admin --> Settings --> License`.
41 On this page you can see the license key details. If you need a new license,
41 On this page you can see the license key details. If you need a new license,
42 or have questions about your current one, contact support@rhodecode.com
42 or have questions about your current one, contact support@rhodecode.com
43
43
44 .. _announcements:
44 .. _announcements:
45
45
46 Server-wide Announcements
46 Server-wide Announcements
47 ^^^^^^^^^^^^^^^^^^^^^^^^^
47 ^^^^^^^^^^^^^^^^^^^^^^^^^
48
48
49 If you need to make a server-wide announcement to all users,
49 If you need to make a server-wide announcement to all users,
50 you can add a message to be displayed using the following steps:
50 you can add a message to be displayed using the following steps:
51
51
52 1. From the |RCE| interface, select
52 1. From the |RCE| interface, select
53 :menuselection:`Admin --> Settings --> Global`
53 :menuselection:`Admin --> Settings --> Global`
54 2. To add a message that will be displayed to all users,
54 2. To add a message that will be displayed to all users,
55 select :guilabel:`Server Announcement` from the drop-down menu and
55 select :guilabel:`Server Announcement` from the drop-down menu and
56 change the ``var message = "TYPE YOUR MESSAGE HERE";`` example line.
56 change the ``var message = "TYPE YOUR MESSAGE HERE";`` example line.
57 3. Select :guilabel:`Save`, and you will see the message once your page
57 3. Select :guilabel:`Save`, and you will see the message once your page
58 refreshes.
58 refreshes.
59
59
60 .. image:: ../images/server-wide-announcement.png
60 .. image:: ../images/server-wide-announcement.png
61 :alt: Server Wide Announcement
61 :alt: Server Wide Announcement
62
62
63 .. _md-rst:
63 .. _md-rst:
64
64
65
65
66 Suppress license warnings or errors
66 Suppress license warnings or errors
67 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
67 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
68
68
69 In case you're running on maximum allowed users, RhodeCode will display a
69 In case you're running on maximum allowed users, RhodeCode will display a
70 warning message on pages that you're close to the license limits.
70 warning message on pages that you're close to the license limits.
71 It's often not desired to show that all the time. Here's how you can suppress
71 It's often not desired to show that all the time. Here's how you can suppress
72 the license messages.
72 the license messages.
73
73
74 1. From the |RCE| interface, select
74 1. From the |RCE| interface, select
75 :menuselection:`Admin --> Settings --> Global`
75 :menuselection:`Admin --> Settings --> Global`
76 2. Select :guilabel:`Flash message filtering` from the drop-down menu.
76 2. Select :guilabel:`Flash message filtering` from the drop-down menu.
77 3. Select :guilabel:`Save`, and you will no longer see the license message
77 3. Select :guilabel:`Save`, and you will no longer see the license message
78 once your page refreshes.
78 once your page refreshes.
79
79
80 .. _admin-tricks-suppress-license-messages:
80 .. _admin-tricks-suppress-license-messages:
81
81
82
82
83 Markdown or RST Rendering
83 Markdown or RST Rendering
84 ^^^^^^^^^^^^^^^^^^^^^^^^^
84 ^^^^^^^^^^^^^^^^^^^^^^^^^
85
85
86 |RCE| can use `Markdown`_ or `reStructured Text`_ in commit message,
86 |RCE| can use `Markdown`_ or `reStructured Text`_ in commit message,
87 code review messages, and inline comments. To set the default to either,
87 code review messages, and inline comments. To set the default to either,
88 select your preference from the drop-down menu on the
88 select your preference from the drop-down menu on the
89 :menuselection:`Admin --> Settings --> Visual` page and select
89 :menuselection:`Admin --> Settings --> Visual` page and select
90 :guilabel:`Save settings`.
90 :guilabel:`Save settings`.
91
91
92 .. _repo-stats:
92 .. _repo-stats:
93
93
94 Enabling Repository Statistics
94 Enabling Repository Statistics
95 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
95 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
96
96
97 To enable |repo| statistics, use the following steps:
97 To enable |repo| statistics, use the following steps:
98
98
99 1. From the |RCE| interface, open
99 1. From the |RCE| interface, open
100 :menuselection:`Admin --> Repositories` and select
100 :menuselection:`Admin --> Repositories` and select
101 :guilabel:`Edit` beside the |repo| for which you wish to enable statistics.
101 :guilabel:`Edit` beside the |repo| for which you wish to enable statistics.
102 2. Check the :guilabel:`Enable statistics` box, and select :guilabel:`Save`
102 2. Check the :guilabel:`Enable statistics` box, and select :guilabel:`Save`
103
103
104 .. _server-side-merge:
104 .. _server-side-merge:
105
105
106 Enabling Server-side Merging
106 Enabling Server-side Merging
107 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
107 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
108
108
109 To enable server-side merging, use the following steps:
109 To enable server-side merging, use the following steps:
110
110
111 1. From the |RCE| interface, open :menuselection:`Admin --> Settings --> VCS`
111 1. From the |RCE| interface, open :menuselection:`Admin --> Settings --> VCS`
112 2. Check the :guilabel:`Server-side merge` box, and select
112 2. Check the :guilabel:`Server-side merge` box, and select
113 :guilabel:`Save Settings`
113 :guilabel:`Save Settings`
114
114
115 If you encounter slow performance with server-side merging enabled, check the
115 If you encounter slow performance with server-side merging enabled, check the
116 speed at which your server is performing actions. When server-side merging is
116 speed at which your server is performing actions. When server-side merging is
117 enabled, the following actions occurs on the server.
117 enabled, the following actions occurs on the server.
118
118
119 * A |pr| is created in the database.
119 * A |pr| is created in the database.
120 * A shadow |repo| is created as a working environment for the |pr|.
120 * A shadow |repo| is created as a working environment for the |pr|.
121 * On display, |RCE| checks if the |pr| can be merged.
121 * On display, |RCE| checks if the |pr| can be merged.
122
122
123 To check how fast the shadow |repo| creation is occurring on your server, use
123 To check how fast the shadow |repo| creation is occurring on your server, use
124 the following steps:
124 the following steps:
125
125
126 1. Log into your server and create a directory in your |repos| folder.
126 1. Log into your server and create a directory in your |repos| folder.
127 2. Clone a |repo| that is showing slow performance and time the action.
127 2. Clone a |repo| that is showing slow performance and time the action.
128
128
129 .. code-block:: bash
129 .. code-block:: bash
130
130
131 # One option is to use the time command
131 # One option is to use the time command
132 $ time hg clone SOURCE_REPO TARGET
132 $ time hg clone SOURCE_REPO TARGET
133
133
134 .. _remap-rescan:
134 .. _remap-rescan:
135
135
136 Remap and Rescan Repositories
136 Remap and Rescan Repositories
137 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
137 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
138
138
139 You may want to Remap and rescan the |repos| that |RCE| is managing to ensure
139 You may want to Remap and rescan the |repos| that |RCE| is managing to ensure
140 the system is always up-to-date. This is useful after importing, deleting,
140 the system is always up-to-date. This is useful after importing, deleting,
141 or carrying out general cleaning up operations. To do this use the
141 or carrying out general cleaning up operations. To do this use the
142 following steps:
142 following steps:
143
143
144 1. From the |RCE|, open
144 1. From the |RCE|, open
145 :menuselection:`Admin --> Settings --> Remap and rescan`
145 :menuselection:`Admin --> Settings --> Remap and rescan`
146 2. Click :guilabel:`Rescan Repositories`
146 2. Click :guilabel:`Rescan Repositories`
147
147
148 Check the additional options if needed:
148 Check the additional options if needed:
149
149
150 * :guilabel:`Destroy old data`: Useful for purging deleted repository
150 * :guilabel:`Destroy old data`: Useful for purging deleted repository
151 information from the database.
151 information from the database.
152 * :guilabel:`Invalidate cache for all repositories`: Use this to completely
152 * :guilabel:`Invalidate cache for all repositories`: Use this to completely
153 remap all |repos|. Useful when importing or migrating |repos| to ensure all
153 remap all |repos|. Useful when importing or migrating |repos| to ensure all
154 new information is picked up.
154 new information is picked up.
155
155
156 .. _custom-hooks:
156 .. _custom-hooks:
157
157
158 Adding Custom Hooks
158 Adding Custom Hooks
159 ^^^^^^^^^^^^^^^^^^^
159 ^^^^^^^^^^^^^^^^^^^
160
160
161 To add custom hooks to your instance, use the following steps:
161 To add custom hooks to your instance, use the following steps:
162
162
163 1. Open :menuselection:`Admin --> Settings --> Hooks`
163 1. Open :menuselection:`Admin --> Settings --> Hooks`
164 2. Add your custom hook details, you can use a file path to specify custom
164 2. Add your custom hook details, you can use a file path to specify custom
165 hook scripts, for example:
165 hook scripts, for example:
166 ``pretxnchangegroup.example`` with value ``python:/path/to/custom_hook.py:my_func_name``
166 ``pretxnchangegroup.example`` with value ``python:/path/to/custom_hook.py:my_func_name``
167 3. Select :guilabel:`Save`
167 3. Select :guilabel:`Save`
168
168
169 Also, see the |RC| Extensions section of the :ref:`rc-tools` guide. |RC|
169 Also, see the RhodeCode Extensions section of the :ref:`rc-tools` guide. RhodeCode
170 Extensions can be used to add additional hooks to your instance and comes
170 Extensions can be used to add additional hooks to your instance and comes
171 with a number of pre-built plugins if you chose to install them.
171 with a number of pre-built plugins if you chose to install them.
172
172
173 .. _clear-repo-cache:
173 .. _clear-repo-cache:
174
174
175 Clearing |repo| cache
175 Clearing |repo| cache
176 ^^^^^^^^^^^^^^^^^^^^^
176 ^^^^^^^^^^^^^^^^^^^^^
177
177
178 If you need to clear the cache for a particular |repo|, use the following steps:
178 If you need to clear the cache for a particular |repo|, use the following steps:
179
179
180 1. Open :menuselection:`Admin --> Repositories` and select :guilabel:`Edit`
180 1. Open :menuselection:`Admin --> Repositories` and select :guilabel:`Edit`
181 beside the |repo| whose cache you wish to clear.
181 beside the |repo| whose cache you wish to clear.
182 2. On the |repo| settings page, go to the :guilabel:`Caches` tab and select
182 2. On the |repo| settings page, go to the :guilabel:`Caches` tab and select
183 :guilabel:`Invalidate repository cache`.
183 :guilabel:`Invalidate repository cache`.
184
184
185 .. _set-lang:
185 .. _set-lang:
186
186
187 Changing Default Language
187 Changing Default Language
188 ^^^^^^^^^^^^^^^^^^^^^^^^^
188 ^^^^^^^^^^^^^^^^^^^^^^^^^
189
189
190 To change the default language of a |RCE| instance, change the language code
190 To change the default language of a |RCE| instance, change the language code
191 in the :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. To
191 in the :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. To
192 do this, use the following steps.
192 do this, use the following steps.
193
193
194 1. Open the :file:`rhodecode.ini` file and set the required language code.
194 1. Open the :file:`rhodecode.ini` file and set the required language code.
195
195
196 .. code-block:: ini
196 .. code-block:: ini
197
197
198 ## Optional Languages
198 ## Optional Languages
199 ## en(default), de, fr, it, ja, pl, pt, ru, zh
199 ## en(default), de, fr, it, ja, pl, pt, ru, zh
200 lang = de
200 lang = de
201
201
202 2. Restart the |RCE| instance and check that the language has been updated.
202 2. Restart the |RCE| instance and check that the language has been updated.
203
203
204 .. code-block:: bash
204 .. code-block:: bash
205
205
206 $ rccontrol restart enterprise-2
206 $ rccontrol restart enterprise-2
207 Instance "enterprise-2" successfully stopped.
207 Instance "enterprise-2" successfully stopped.
208 Instance "enterprise-2" successfully started.
208 Instance "enterprise-2" successfully started.
209
209
210 .. image:: ../images/language.png
210 .. image:: ../images/language.png
211
211
212 .. _set-repo-pub:
212 .. _set-repo-pub:
213
213
214 Setting Repositories to Publish
214 Setting Repositories to Publish
215 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
215 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
216
216
217 To automatically promote your local |repos| to public after pushing to |RCE|,
217 To automatically promote your local |repos| to public after pushing to |RCE|,
218 enable the :guilabel:`Set repositories as publishing` option on the
218 enable the :guilabel:`Set repositories as publishing` option on the
219 :menuselection:`Admin --> Settings --> VCS` page.
219 :menuselection:`Admin --> Settings --> VCS` page.
220
220
221 .. note::
221 .. note::
222
222
223 This option is enabled by default on most |RCE| versions, but if upgrading
223 This option is enabled by default on most |RCE| versions, but if upgrading
224 from a 1.7.x version it could be disabled on upgrade due to inheriting
224 from a 1.7.x version it could be disabled on upgrade due to inheriting
225 older default settings.
225 older default settings.
226
226
227 .. _ping:
227 .. _ping:
228
228
229 Pinging the |RCE| Server
229 Pinging the |RCE| Server
230 ^^^^^^^^^^^^^^^^^^^^^^^^
230 ^^^^^^^^^^^^^^^^^^^^^^^^
231
231
232 You can check the IP Address of your |RCE| instance using the
232 You can check the IP Address of your |RCE| instance using the
233 following URL: ``{instance-URL}/_admin/ping``.
233 following URL: ``{instance-URL}/_admin/ping``.
234
234
235 .. code-block:: bash
235 .. code-block:: bash
236
236
237 $ curl https://your.rhodecode.url/_admin/ping
237 $ curl https://your.rhodecode.url/_admin/ping
238 pong[rce-7880] => 203.0.113.23
238 pong[rce-7880] => 203.0.113.23
239
239
240 .. _Markdown: http://daringfireball.net/projects/markdown/
240 .. _Markdown: http://daringfireball.net/projects/markdown/
241 .. _reStructured Text: http://docutils.sourceforge.net/docs/index.html
241 .. _reStructured Text: http://docutils.sourceforge.net/docs/index.html
@@ -1,55 +1,55 b''
1 .. _apache-wsgi-ref:
1 .. _apache-wsgi-ref:
2
2
3 Apache WSGI Configuration
3 Apache WSGI Configuration
4 ^^^^^^^^^^^^^^^^^^^^^^^^^
4 ^^^^^^^^^^^^^^^^^^^^^^^^^
5
5
6 |RCM| can also be set up with Apache under ``mod_wsgi``. To configure this
6 |RCE| can also be set up with Apache under ``mod_wsgi``. To configure this
7 use the following steps.
7 use the following steps.
8
8
9 1. Install ``mod_wsgi`` using the following command:
9 1. Install ``mod_wsgi`` using the following command:
10 ``aptitude install libapache2-mod-wsgi``.
10 ``aptitude install libapache2-mod-wsgi``.
11 2. Enable ``mod_wsgi`` using the following command: ``a2enmod wsgi``
11 2. Enable ``mod_wsgi`` using the following command: ``a2enmod wsgi``
12 3. Create a ``wsgi`` dispatch script, using the following examples.
12 3. Create a ``wsgi`` dispatch script, using the following examples.
13
13
14 .. code-block:: bash
14 .. code-block:: bash
15
15
16 WSGIDaemonProcess pylons \
16 WSGIDaemonProcess pylons \
17 threads=4 \
17 threads=4 \
18 # check the python virtual env location
18 # check the python virtual env location
19 python-path=/home/web/rhodecode/pyenv/lib/python2.6/site-packages
19 python-path=/home/web/rhodecode/pyenv/lib/python2.6/site-packages
20 # Check the install location
20 # Check the install location
21 WSGIScriptAlias / /home/web/rhodecode/dispatch.wsgi
21 WSGIScriptAlias / /home/web/rhodecode/dispatch.wsgi
22 WSGIPassAuthorization On
22 WSGIPassAuthorization On
23 # user=www-data group=www-data # Enable if running Apache as root
23 # user=www-data group=www-data # Enable if running Apache as root
24
24
25 .. note::
25 .. note::
26
26
27 Do not set ``processes=num`` in this configuration file. Running |RCE| in
27 Do not set ``processes=num`` in this configuration file. Running |RCE| in
28 multiprocess mode with Apache is not supported.
28 multiprocess mode with Apache is not supported.
29
29
30 The following is an example ``wsgi`` dispatch script.
30 The following is an example ``wsgi`` dispatch script.
31
31
32 .. code-block:: python
32 .. code-block:: python
33
33
34 import os
34 import os
35 os.environ["HGENCODING"] = "UTF-8"
35 os.environ["HGENCODING"] = "UTF-8"
36 os.environ['PYTHON_EGG_CACHE'] = '/home/web/rhodecode/.egg-cache'
36 os.environ['PYTHON_EGG_CACHE'] = '/home/web/rhodecode/.egg-cache'
37
37
38 # Set the current dir
38 # Set the current dir
39 os.chdir('/home/web/rhodecode/')
39 os.chdir('/home/web/rhodecode/')
40
40
41 import site
41 import site
42 site.addsitedir("/home/web/rhodecode/pyenv/lib/python2.6/site-packages")
42 site.addsitedir("/home/web/rhodecode/pyenv/lib/python2.6/site-packages")
43
43
44 from paste.deploy import loadapp
44 from paste.deploy import loadapp
45 from paste.script.util.logging_config import fileConfig
45 from paste.script.util.logging_config import fileConfig
46
46
47 fileConfig('/home/web/rhodecode/production.ini')
47 fileConfig('/home/web/rhodecode/production.ini')
48 application = loadapp('config:/home/web/rhodecode/production.ini')
48 application = loadapp('config:/home/web/rhodecode/production.ini')
49
49
50 .. note::
50 .. note::
51
51
52 When using `mod_wsgi` the same version of |hg| must be running in your
52 When using `mod_wsgi` the same version of |hg| must be running in your
53 system's |PY| environment and on |RCM|. To check the |RCM| version,
53 system's |PY| environment and on |RCE|. To check the |RCE| version,
54 on the interface go to
54 on the interface go to
55 :menuselection:`Admin --> Settings --> System Info`
55 :menuselection:`Admin --> Settings --> System Info`
@@ -1,74 +1,74 b''
1 .. _config-files:
1 .. _config-files:
2
2
3 Configuration Files Overview
3 Configuration Files Overview
4 ============================
4 ============================
5
5
6 |RCE| and |RCC| have a number of different configuration files. The following
6 |RCE| and |RCC| have a number of different configuration files. The following
7 is a brief explanation of each, and links to their associated configuration
7 is a brief explanation of each, and links to their associated configuration
8 sections.
8 sections.
9
9
10 .. rst-class:: dl-horizontal
10 .. rst-class:: dl-horizontal
11
11
12 \- **rhodecode.ini**
12 \- **rhodecode.ini**
13 Default location:
13 Default location:
14 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
14 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
15
15
16 This is the main |RCE| configuration file and controls much of its
16 This is the main |RCE| configuration file and controls much of its
17 default behaviour. It is also used to configure certain customer
17 default behaviour. It is also used to configure certain customer
18 settings. Here are some of the most common reasons to make changes to
18 settings. Here are some of the most common reasons to make changes to
19 this file.
19 this file.
20
20
21 * :ref:`config-database`
21 * :ref:`config-database`
22 * :ref:`set-up-mail`
22 * :ref:`set-up-mail`
23 * :ref:`increase-gunicorn`
23 * :ref:`increase-gunicorn`
24 * :ref:`x-frame`
24 * :ref:`x-frame`
25
25
26 \- **mapping.ini**
26 \- **mapping.ini**
27 Default location:
27 Default location:
28 :file:`/home/{user}/.rccontrol/{instance-id}/mapping.ini`
28 :file:`/home/{user}/.rccontrol/{instance-id}/mapping.ini`
29
29
30 This file is used to control the |RCE| indexer. It comes configured
30 This file is used to control the |RCE| indexer. It comes configured
31 to index your instance. To change the default configuration, see
31 to index your instance. To change the default configuration, see
32 :ref:`advanced-indexing`.
32 :ref:`advanced-indexing`.
33
33
34 \- **vcsserver.ini**
34 \- **vcsserver.ini**
35 Default location:
35 Default location:
36 :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini`
36 :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini`
37
37
38 The VCS Server handles the connection between your |repos| and |RCE|.
38 The VCS Server handles the connection between your |repos| and |RCE|.
39 See the :ref:`vcs-server` section for configuration options and more
39 See the :ref:`vcs-server` section for configuration options and more
40 detailed information.
40 detailed information.
41
41
42 \- **supervisord.ini**
42 \- **supervisord.ini**
43 Default location:
43 Default location:
44 :file:`/home/{user}/.rccontrol/supervisor/supervisord.ini`
44 :file:`/home/{user}/.rccontrol/supervisor/supervisord.ini`
45
45
46 |RCC| uses Supervisor to monitor and manage installed instances of
46 |RCC| uses Supervisor to monitor and manage installed instances of
47 |RCE| and the VCS Server. |RCC| will manage this file completely,
47 |RCE| and the VCS Server. |RCC| will manage this file completely,
48 unless you install |RCE| in self-managed mode. For more information,
48 unless you install |RCE| in self-managed mode. For more information,
49 see the :ref:`Supervisor Setup<control:supervisor-setup>` section.
49 see the :ref:`Supervisor Setup<control:supervisor-setup>` section.
50
50
51 \- **.rccontrol.ini**
51 \- **.rccontrol.ini**
52 Default location: :file:`/home/{user}/.rccontrol.ini`
52 Default location: :file:`/home/{user}/.rccontrol.ini`
53
53
54 This file contains the instances that |RCC| starts at boot, which is all
54 This file contains the instances that |RCC| starts at boot, which is all
55 by default, but for more information, see
55 by default, but for more information, see
56 the :ref:`Manually Start At Boot <control:set-start-boot>` section.
56 the :ref:`Manually Start At Boot <control:set-start-boot>` section.
57
57
58 \- **.rhoderc**
58 \- **.rhoderc**
59 Default location: :file:`/home/{user}/.rhoderc`
59 Default location: :file:`/home/{user}/.rhoderc`
60
60
61 This file is used by the |RCE| API when accessing an instance from a
61 This file is used by the |RCE| API when accessing an instance from a
62 remote machine. The API checks this file for connection and
62 remote machine. The API checks this file for connection and
63 authentication details. For more details, see the :ref:`config-rhoderc`
63 authentication details. For more details, see the :ref:`config-rhoderc`
64 section.
64 section.
65
65
66 \- **MANIFEST**
66 \- **MANIFEST**
67 Default location: :file:`/home/{user}/.rccontrol/cache/MANIFEST`
67 Default location: :file:`/home/{user}/.rccontrol/cache/MANIFEST`
68
68
69 |RCC| uses this file to source the latest available builds from the
69 |RCC| uses this file to source the latest available builds from the
70 secure |RC| download channels. The only reason to mess with this file
70 secure RhodeCode download channels. The only reason to mess with this file
71 is if you need to do an offline installation,
71 is if you need to do an offline installation,
72 see the :ref:`Offline Installation<control:offline-installer-ref>`
72 see the :ref:`Offline Installation<control:offline-installer-ref>`
73 instructions, otherwise |RCC| will completely manage this file.
73 instructions, otherwise |RCC| will completely manage this file.
74
74
@@ -1,50 +1,50 b''
1 .. _glossary:
1 .. _glossary:
2
2
3 Glossary
3 Glossary
4 ========
4 ========
5
5
6 .. glossary::
6 .. glossary::
7
7
8 DVCS
8 DVCS
9 Distributed Version Control System, usually referring to |git| or |hg|.
9 Distributed Version Control System, usually referring to |git| or |hg|.
10
10
11 Extension
11 Extension
12 An extension extends the capabilities of, or the data available to,
12 An extension extends the capabilities of, or the data available to,
13 an existing software application.
13 an existing software application.
14
14
15 Full-text Search
15 Full-text Search
16 Indexing all files and |repos| managed by |RCE| and
16 Indexing all files and |repos| managed by |RCE| and
17 making this data searchable from the interface.
17 making this data searchable from the interface.
18
18
19 Gist
19 Gist
20 A note that can only be edited by the author and shared using its
20 A note that can only be edited by the author and shared using its
21 link within others. The sharing permissions can be set during
21 link within others. The sharing permissions can be set during
22 its creation.
22 its creation.
23
23
24 Gunicorn
24 Gunicorn
25 A Python WSGI HTTP Server used by |RCE|.
25 A Python WSGI HTTP Server used by |RCE|.
26
26
27 Hook
27 Hook
28 A hook intercepts function calls, messages, or events passed between
28 A hook intercepts function calls, messages, or events passed between
29 software components and can be used to trigger plugins, or their
29 software components and can be used to trigger plugins, or their
30 extensions.
30 extensions.
31
31
32 Horizontal scaling
32 Horizontal scaling
33 Adding more machines or workers into your pool of resources.
33 Adding more machines or workers into your pool of resources.
34
34
35 Instance
35 Instance
36 A single installed version of one of the |RC| products. It could
36 A single installed version of one of the RhodeCode products. It could
37 refer to |RCE| or the VCS server depending on the context.
37 refer to |RCE| or the VCS server depending on the context.
38
38
39 Plugin
39 Plugin
40 A Plugin is software that adds a specific feature to an existing
40 A Plugin is software that adds a specific feature to an existing
41 software application.
41 software application.
42
42
43 tmpfs
43 tmpfs
44 Temporary file storage kept in volatile memory instead of persistent
44 Temporary file storage kept in volatile memory instead of persistent
45 storage.
45 storage.
46
46
47 VCS Server
47 VCS Server
48 The VCS Server handles the abstraction layer between the
48 The VCS Server handles the abstraction layer between the
49 supported version control systems and RhodeCode Enterprise.
49 supported version control systems and RhodeCode Enterprise.
50
50
@@ -1,276 +1,276 b''
1 .. _indexing-ref:
1 .. _indexing-ref:
2
2
3 Full-text Search
3 Full-text Search
4 ----------------
4 ----------------
5
5
6 By default |RC| is configured to use `Whoosh`_ to index |repos| and
6 By default RhodeCode is configured to use `Whoosh`_ to index |repos| and
7 provide full-text search.
7 provide full-text search.
8
8
9 |RCE| also provides support for `Elasticsearch`_ as a backend for scalable
9 |RCE| also provides support for `Elasticsearch`_ as a backend for scalable
10 search. See :ref:`enable-elasticsearch` for details.
10 search. See :ref:`enable-elasticsearch` for details.
11
11
12 Indexing
12 Indexing
13 ^^^^^^^^
13 ^^^^^^^^
14
14
15 To run the indexer you need to use an |authtoken| with admin rights to all
15 To run the indexer you need to use an |authtoken| with admin rights to all
16 |repos|.
16 |repos|.
17
17
18 To index new content added, you have the option to set the indexer up in a
18 To index new content added, you have the option to set the indexer up in a
19 number of ways, for example:
19 number of ways, for example:
20
20
21 * Call the indexer via a cron job. We recommend running this nightly,
21 * Call the indexer via a cron job. We recommend running this nightly,
22 unless you need everything indexed immediately.
22 unless you need everything indexed immediately.
23 * Set the indexer to infinitely loop and reindex as soon as it has run its
23 * Set the indexer to infinitely loop and reindex as soon as it has run its
24 cycle.
24 cycle.
25 * Hook the indexer up with your CI server to reindex after each push.
25 * Hook the indexer up with your CI server to reindex after each push.
26
26
27 The indexer works by indexing new commits added since the last run. If you
27 The indexer works by indexing new commits added since the last run. If you
28 wish to build a brand new index from scratch each time,
28 wish to build a brand new index from scratch each time,
29 use the ``force`` option in the configuration file.
29 use the ``force`` option in the configuration file.
30
30
31 .. important::
31 .. important::
32
32
33 You need to have |RCT| installed, see :ref:`install-tools`. Since |RCE|
33 You need to have |RCT| installed, see :ref:`install-tools`. Since |RCE|
34 3.5.0 they are installed by default.
34 3.5.0 they are installed by default.
35
35
36 To set up indexing, use the following steps:
36 To set up indexing, use the following steps:
37
37
38 1. :ref:`config-rhoderc`, if running tools remotely.
38 1. :ref:`config-rhoderc`, if running tools remotely.
39 2. :ref:`run-index`
39 2. :ref:`run-index`
40 3. :ref:`set-index`
40 3. :ref:`set-index`
41 4. :ref:`advanced-indexing`
41 4. :ref:`advanced-indexing`
42
42
43 .. _config-rhoderc:
43 .. _config-rhoderc:
44
44
45 Configure the ``.rhoderc`` File
45 Configure the ``.rhoderc`` File
46 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
46 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
47
47
48 |RCT| uses the :file:`/home/{user}/.rhoderc` file for connection details
48 |RCT| uses the :file:`/home/{user}/.rhoderc` file for connection details
49 to |RCM| instances. If this file is not automatically created,
49 to |RCE| instances. If this file is not automatically created,
50 you can configure it using the following example. You need to configure the
50 you can configure it using the following example. You need to configure the
51 details for each instance you want to index.
51 details for each instance you want to index.
52
52
53 .. code-block:: bash
53 .. code-block:: bash
54
54
55 # Check the instance details
55 # Check the instance details
56 # of the instance you want to index
56 # of the instance you want to index
57 $ rccontrol status
57 $ rccontrol status
58
58
59 - NAME: enterprise-1
59 - NAME: enterprise-1
60 - STATUS: RUNNING
60 - STATUS: RUNNING
61 - TYPE: Momentum
61 - TYPE: Momentum
62 - VERSION: 1.5.0
62 - VERSION: 1.5.0
63 - URL: http://127.0.0.1:10000
63 - URL: http://127.0.0.1:10000
64
64
65 To get your API Token, on the |RCM| interface go to
65 To get your API Token, on the |RCE| interface go to
66 :menuselection:`username --> My Account --> Auth tokens`
66 :menuselection:`username --> My Account --> Auth tokens`
67
67
68 .. code-block:: ini
68 .. code-block:: ini
69
69
70 # Configure .rhoderc with matching details
70 # Configure .rhoderc with matching details
71 # This allows the indexer to connect to the instance
71 # This allows the indexer to connect to the instance
72 [instance:enterprise-1]
72 [instance:enterprise-1]
73 api_host = http://127.0.0.1:10000
73 api_host = http://127.0.0.1:10000
74 api_key = <auth token goes here>
74 api_key = <auth token goes here>
75 repo_dir = /home/<username>/repos
75 repo_dir = /home/<username>/repos
76
76
77 .. _run-index:
77 .. _run-index:
78
78
79 Run the Indexer
79 Run the Indexer
80 ^^^^^^^^^^^^^^^
80 ^^^^^^^^^^^^^^^
81
81
82 Run the indexer using the following command, and specify the instance you
82 Run the indexer using the following command, and specify the instance you
83 want to index:
83 want to index:
84
84
85 .. code-block:: bash
85 .. code-block:: bash
86
86
87 # From inside a virtualevv
87 # From inside a virtualevv
88 (venv)$ rhodecode-index --instance-name=enterprise-1
88 (venv)$ rhodecode-index --instance-name=enterprise-1
89
89
90 # Using default installation
90 # Using default installation
91 $ /home/user/.rccontrol/enterprise-1/profile/bin/rhodecode-index \
91 $ /home/user/.rccontrol/enterprise-1/profile/bin/rhodecode-index \
92 --instance-name=enterprise-1
92 --instance-name=enterprise-1
93
93
94 # Using a custom mapping file
94 # Using a custom mapping file
95 $ /home/user/.rccontrol/enterprise-1/profile/bin/rhodecode-index \
95 $ /home/user/.rccontrol/enterprise-1/profile/bin/rhodecode-index \
96 --instance-name=enterprise-1 \
96 --instance-name=enterprise-1 \
97 --mapping=/home/user/.rccontrol/enterprise-1/mapping.ini
97 --mapping=/home/user/.rccontrol/enterprise-1/mapping.ini
98
98
99 .. note::
99 .. note::
100
100
101 In case of often indexing the index may become fragmented. Most often a result of that
101 In case of often indexing the index may become fragmented. Most often a result of that
102 is error about `too many open files`. To fix this indexer needs to be executed with
102 is error about `too many open files`. To fix this indexer needs to be executed with
103 --optimize flag. E.g `rhodecode-index --instance-name=enterprise-1 --optimize`
103 --optimize flag. E.g `rhodecode-index --instance-name=enterprise-1 --optimize`
104 This should be executed regularly, once a week is recommended.
104 This should be executed regularly, once a week is recommended.
105
105
106
106
107 .. _set-index:
107 .. _set-index:
108
108
109 Schedule the Indexer
109 Schedule the Indexer
110 ^^^^^^^^^^^^^^^^^^^^
110 ^^^^^^^^^^^^^^^^^^^^
111
111
112 To schedule the indexer, configure the crontab file to run the indexer inside
112 To schedule the indexer, configure the crontab file to run the indexer inside
113 your |RCT| virtualenv using the following steps.
113 your |RCT| virtualenv using the following steps.
114
114
115 1. Open the crontab file, using ``crontab -e``.
115 1. Open the crontab file, using ``crontab -e``.
116 2. Add the indexer to the crontab, and schedule it to run as regularly as you
116 2. Add the indexer to the crontab, and schedule it to run as regularly as you
117 wish.
117 wish.
118 3. Save the file.
118 3. Save the file.
119
119
120 .. code-block:: bash
120 .. code-block:: bash
121
121
122 $ crontab -e
122 $ crontab -e
123
123
124 # The virtualenv can be called using its full path, so for example you can
124 # The virtualenv can be called using its full path, so for example you can
125 # put this example into the crontab
125 # put this example into the crontab
126
126
127 # Run the indexer daily at 4am using the default mapping settings
127 # Run the indexer daily at 4am using the default mapping settings
128 * 4 * * * /home/ubuntu/.virtualenv/rhodecode-venv/bin/rhodecode-index \
128 * 4 * * * /home/ubuntu/.virtualenv/rhodecode-venv/bin/rhodecode-index \
129 --instance-name=enterprise-1
129 --instance-name=enterprise-1
130
130
131 # Run the indexer every Sunday at 3am using default mapping
131 # Run the indexer every Sunday at 3am using default mapping
132 * 3 * * 0 /home/ubuntu/.virtualenv/rhodecode-venv/bin/rhodecode-index \
132 * 3 * * 0 /home/ubuntu/.virtualenv/rhodecode-venv/bin/rhodecode-index \
133 --instance-name=enterprise-1
133 --instance-name=enterprise-1
134
134
135 # Run the indexer every 15 minutes
135 # Run the indexer every 15 minutes
136 # using a specially configured mapping file
136 # using a specially configured mapping file
137 */15 * * * * ~/.rccontrol/enterprise-4/profile/bin/rhodecode-index \
137 */15 * * * * ~/.rccontrol/enterprise-4/profile/bin/rhodecode-index \
138 --instance-name=enterprise-4 \
138 --instance-name=enterprise-4 \
139 --mapping=/home/user/.rccontrol/enterprise-4/mapping.ini
139 --mapping=/home/user/.rccontrol/enterprise-4/mapping.ini
140
140
141 .. _advanced-indexing:
141 .. _advanced-indexing:
142
142
143 Advanced Indexing
143 Advanced Indexing
144 ^^^^^^^^^^^^^^^^^
144 ^^^^^^^^^^^^^^^^^
145
145
146 |RCT| indexes based on the :file:`mapping.ini` file. To configure your index,
146 |RCT| indexes based on the :file:`mapping.ini` file. To configure your index,
147 you can specify different options in this file. The default location is:
147 you can specify different options in this file. The default location is:
148
148
149 * :file:`/home/{user}/.rccontrol/{instance-id}/mapping.ini`, using default
149 * :file:`/home/{user}/.rccontrol/{instance-id}/mapping.ini`, using default
150 |RCT|.
150 |RCT|.
151 * :file:`~/venv/lib/python2.7/site-packages/rhodecode_tools/templates/mapping.ini`,
151 * :file:`~/venv/lib/python2.7/site-packages/rhodecode_tools/templates/mapping.ini`,
152 when using ``virtualenv``.
152 when using ``virtualenv``.
153
153
154 .. note::
154 .. note::
155
155
156 If you need to create the :file:`mapping.ini` file, use the |RCT|
156 If you need to create the :file:`mapping.ini` file, use the |RCT|
157 ``rhodecode-index --create-mapping path/to/file`` API call. For details,
157 ``rhodecode-index --create-mapping path/to/file`` API call. For details,
158 see the :ref:`tools-cli` section.
158 see the :ref:`tools-cli` section.
159
159
160 The indexer runs in a random order to prevent a failing |repo| from stopping
160 The indexer runs in a random order to prevent a failing |repo| from stopping
161 a build. To configure different indexing scenarios, set the following options
161 a build. To configure different indexing scenarios, set the following options
162 inside the :file:`mapping.ini` and specify the altered file using the
162 inside the :file:`mapping.ini` and specify the altered file using the
163 ``--mapping`` option.
163 ``--mapping`` option.
164
164
165 * ``index_files`` : Index the specified file types.
165 * ``index_files`` : Index the specified file types.
166 * ``skip_files`` : Do not index the specified file types.
166 * ``skip_files`` : Do not index the specified file types.
167 * ``index_files_content`` : Index the content of the specified file types.
167 * ``index_files_content`` : Index the content of the specified file types.
168 * ``skip_files_content`` : Do not index the content of the specified files.
168 * ``skip_files_content`` : Do not index the content of the specified files.
169 * ``force`` : Create a fresh index on each run.
169 * ``force`` : Create a fresh index on each run.
170 * ``max_filesize`` : Files larger than the set size will not be indexed.
170 * ``max_filesize`` : Files larger than the set size will not be indexed.
171 * ``commit_parse_limit`` : Set the batch size when indexing commit messages.
171 * ``commit_parse_limit`` : Set the batch size when indexing commit messages.
172 Set to a lower number to lessen memory load.
172 Set to a lower number to lessen memory load.
173 * ``repo_limit`` : Set the maximum number or |repos| indexed per run.
173 * ``repo_limit`` : Set the maximum number or |repos| indexed per run.
174 * ``[INCLUDE]`` : Set |repos| you want indexed. This takes precedent over
174 * ``[INCLUDE]`` : Set |repos| you want indexed. This takes precedent over
175 ``[EXCLUDE]``.
175 ``[EXCLUDE]``.
176 * ``[EXCLUDE]`` : Set |repos| you do not want indexed. Exclude can be used to
176 * ``[EXCLUDE]`` : Set |repos| you do not want indexed. Exclude can be used to
177 not index branches, forks, or log |repos|.
177 not index branches, forks, or log |repos|.
178
178
179 At the end of the file you can specify conditions for specific |repos| that
179 At the end of the file you can specify conditions for specific |repos| that
180 will override the default values. To configure your indexer,
180 will override the default values. To configure your indexer,
181 use the following example :file:`mapping.ini` file.
181 use the following example :file:`mapping.ini` file.
182
182
183 .. code-block:: ini
183 .. code-block:: ini
184
184
185 [__DEFAULT__]
185 [__DEFAULT__]
186 # default patterns for indexing files and content of files.
186 # default patterns for indexing files and content of files.
187 # Binary files are skipped by default.
187 # Binary files are skipped by default.
188
188
189 # Index python and markdown files
189 # Index python and markdown files
190 index_files = *.py, *.md
190 index_files = *.py, *.md
191
191
192 # Do not index these file types
192 # Do not index these file types
193 skip_files = *.svg, *.log, *.dump, *.txt
193 skip_files = *.svg, *.log, *.dump, *.txt
194
194
195 # Index both file types and their content
195 # Index both file types and their content
196 index_files_content = *.cpp, *.ini, *.py
196 index_files_content = *.cpp, *.ini, *.py
197
197
198 # Index file names, but not file content
198 # Index file names, but not file content
199 skip_files_content = *.svg,
199 skip_files_content = *.svg,
200
200
201 # Force rebuilding an index from scratch. Each repository will be rebuild
201 # Force rebuilding an index from scratch. Each repository will be rebuild
202 # from scratch with a global flag. Use local flag to rebuild single repos
202 # from scratch with a global flag. Use local flag to rebuild single repos
203 force = false
203 force = false
204
204
205 # Do not index files larger than 385KB
205 # Do not index files larger than 385KB
206 max_filesize = 385KB
206 max_filesize = 385KB
207
207
208 # Limit commit indexing to 500 per batch
208 # Limit commit indexing to 500 per batch
209 commit_parse_limit = 500
209 commit_parse_limit = 500
210
210
211 # Limit each index run to 25 repos
211 # Limit each index run to 25 repos
212 repo_limit = 25
212 repo_limit = 25
213
213
214 # __INCLUDE__ is more important that __EXCLUDE__.
214 # __INCLUDE__ is more important that __EXCLUDE__.
215
215
216 [__INCLUDE__]
216 [__INCLUDE__]
217 # Include all repos with these names
217 # Include all repos with these names
218
218
219 docs/* = 1
219 docs/* = 1
220 lib/* = 1
220 lib/* = 1
221
221
222 [__EXCLUDE__]
222 [__EXCLUDE__]
223 # Do not include the following repo in index
223 # Do not include the following repo in index
224
224
225 dev-docs/* = 1
225 dev-docs/* = 1
226 legacy-repos/* = 1
226 legacy-repos/* = 1
227 *-dev/* = 1
227 *-dev/* = 1
228
228
229 # Each repo that needs special indexing is a separate section below.
229 # Each repo that needs special indexing is a separate section below.
230 # In each section set the options to override the global configuration
230 # In each section set the options to override the global configuration
231 # parameters above.
231 # parameters above.
232 # If special settings are not configured, the global configuration values
232 # If special settings are not configured, the global configuration values
233 # above are inherited. If no special repositories are
233 # above are inherited. If no special repositories are
234 # defined here RhodeCode will use the API to ask for all repositories
234 # defined here RhodeCode will use the API to ask for all repositories
235
235
236 # For this repo use different settings
236 # For this repo use different settings
237 [special-repo]
237 [special-repo]
238 commit_parse_limit = 20,
238 commit_parse_limit = 20,
239 skip_files = *.idea, *.xml,
239 skip_files = *.idea, *.xml,
240
240
241 # For another repo use different settings
241 # For another repo use different settings
242 [another-special-repo]
242 [another-special-repo]
243 index_files = *,
243 index_files = *,
244 max_filesize = 800MB
244 max_filesize = 800MB
245 commit_parse_limit = 20000
245 commit_parse_limit = 20000
246
246
247 .. _enable-elasticsearch:
247 .. _enable-elasticsearch:
248
248
249 Enabling Elasticsearch
249 Enabling Elasticsearch
250 ^^^^^^^^^^^^^^^^^^^^^^
250 ^^^^^^^^^^^^^^^^^^^^^^
251
251
252 1. Open the :file:`rhodecode.ini` file for the instance you wish to edit. The
252 1. Open the :file:`rhodecode.ini` file for the instance you wish to edit. The
253 default location is
253 default location is
254 :file:`home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
254 :file:`home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
255 2. Find the search configuration section:
255 2. Find the search configuration section:
256
256
257 .. code-block:: ini
257 .. code-block:: ini
258
258
259 ###################################
259 ###################################
260 ## SEARCH INDEXING CONFIGURATION ##
260 ## SEARCH INDEXING CONFIGURATION ##
261 ###################################
261 ###################################
262
262
263 search.module = rhodecode.lib.index.whoosh
263 search.module = rhodecode.lib.index.whoosh
264 search.location = %(here)s/data/index
264 search.location = %(here)s/data/index
265
265
266 and change it to:
266 and change it to:
267
267
268 .. code-block:: ini
268 .. code-block:: ini
269
269
270 search.module = rc_elasticsearch
270 search.module = rc_elasticsearch
271 search.location = http://localhost:9200/
271 search.location = http://localhost:9200/
272
272
273 where ``search.location`` points to the elasticsearch server.
273 where ``search.location`` points to the elasticsearch server.
274
274
275 .. _Whoosh: https://pypi.python.org/pypi/Whoosh/
275 .. _Whoosh: https://pypi.python.org/pypi/Whoosh/
276 .. _Elasticsearch: https://www.elastic.co/ No newline at end of file
276 .. _Elasticsearch: https://www.elastic.co/
@@ -1,12 +1,12 b''
1 .. _public-access:
1 .. _public-access:
2
2
3 Public Access
3 Public Access
4 -------------
4 -------------
5
5
6 By default |RCM| allows users to read all **public** |repos|. User
6 By default |RCE| allows users to read all **public** |repos|. User
7 permissions and |repo| access can be configured explicitly,
7 permissions and |repo| access can be configured explicitly,
8 and those permissions will override any default settings. The default
8 and those permissions will override any default settings. The default
9 settings can be found under the following section:
9 settings can be found under the following section:
10
10
11 * :menuselection:`Admin --> Permissions --> Object`
11 * :menuselection:`Admin --> Permissions --> Object`
12 * :menuselection:`Admin --> Permissions --> Global`
12 * :menuselection:`Admin --> Permissions --> Global`
@@ -1,69 +1,69 b''
1 .. _permissions-default-ref:
1 .. _permissions-default-ref:
2
2
3 Setting Default Permissions
3 Setting Default Permissions
4 ---------------------------
4 ---------------------------
5
5
6 Default permissions allow you to configure |RCM| so that when a new |repo|, user group,
6 Default permissions allow you to configure |RCE| so that when a new |repo|, user group,
7 or user is created their permissions are already defined. To set default permissions you need administrator
7 or user is created their permissions are already defined. To set default permissions you need administrator
8 privileges. See the following sections for setting up your permissions system:
8 privileges. See the following sections for setting up your permissions system:
9
9
10 * :ref:`user-default-ref`
10 * :ref:`user-default-ref`
11 * :ref:`user-group-default-ref`
11 * :ref:`user-group-default-ref`
12 * :ref:`repo-default-ref`
12 * :ref:`repo-default-ref`
13 * :ref:`repo-group-default-ref`
13 * :ref:`repo-group-default-ref`
14
14
15 .. _user-default-ref:
15 .. _user-default-ref:
16
16
17 Setting User defaults
17 Setting User defaults
18 ^^^^^^^^^^^^^^^^^^^^^
18 ^^^^^^^^^^^^^^^^^^^^^
19
19
20 To set default user permissions, use the following steps.
20 To set default user permissions, use the following steps.
21
21
22 1. From the |RCM| interface, select :menuselection:`Admin --> Permissions`
22 1. From the |RCE| interface, select :menuselection:`Admin --> Permissions`
23 2. Select the :guilabel:`Global` tab from the left-hand menu. The permissions
23 2. Select the :guilabel:`Global` tab from the left-hand menu. The permissions
24 set on this screen apply to users and user-groups across the whole instance.
24 set on this screen apply to users and user-groups across the whole instance.
25 3. Save your changes
25 3. Save your changes
26
26
27 .. _user-group-default-ref:
27 .. _user-group-default-ref:
28
28
29 Setting User Group defaults
29 Setting User Group defaults
30 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
30 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
31
31
32 To set default user group permissions, use the following steps.
32 To set default user group permissions, use the following steps.
33
33
34 1. From the |RCM| interface, select :menuselection:`Admin --> User groups`
34 1. From the |RCE| interface, select :menuselection:`Admin --> User groups`
35 2. Select :guilabel:`Permissions`, and configure the default user
35 2. Select :guilabel:`Permissions`, and configure the default user
36 permissions. All users will get these permissions unless
36 permissions. All users will get these permissions unless
37 individually set.
37 individually set.
38 3. Select :guilabel:`Global permissions`, and if you wish to configure
38 3. Select :guilabel:`Global permissions`, and if you wish to configure
39 non-standard behaviour, uncheck the
39 non-standard behaviour, uncheck the
40 :guilabel:`inherit from default settings` box and configure the desired
40 :guilabel:`inherit from default settings` box and configure the desired
41 permissions
41 permissions
42 4. Save your changes
42 4. Save your changes
43
43
44 .. _repo-default-ref:
44 .. _repo-default-ref:
45
45
46 Setting Repository defaults
46 Setting Repository defaults
47 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
47 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
48
48
49 To set default |repo| permissions, use the following steps.
49 To set default |repo| permissions, use the following steps.
50
50
51 1. From the |RCM| interface, select :menuselection:`Admin --> Permissions`
51 1. From the |RCE| interface, select :menuselection:`Admin --> Permissions`
52 2. Select the :guilabel:`Object` tab from the left-hand menu and set the
52 2. Select the :guilabel:`Object` tab from the left-hand menu and set the
53 |perm| permissions
53 |perm| permissions
54 3. Save your changes
54 3. Save your changes
55
55
56 .. _repo-group-default-ref:
56 .. _repo-group-default-ref:
57
57
58 Setting Repository Group defaults
58 Setting Repository Group defaults
59 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
59 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
60
60
61 To set default Repository Group permissions, use the following steps.
61 To set default Repository Group permissions, use the following steps.
62
62
63 1. From the |RCM| interface, select :menuselection:`Admin --> Repository Groups`
63 1. From the |RCE| interface, select :menuselection:`Admin --> Repository Groups`
64 2. Select :guilabel:`Edit` beside the |repo| group you wish to configure
64 2. Select :guilabel:`Edit` beside the |repo| group you wish to configure
65 3. On the left-hand pane select :guilabel:`Permissions`
65 3. On the left-hand pane select :guilabel:`Permissions`
66 4. Set the default permissions for all |repos| created in this group
66 4. Set the default permissions for all |repos| created in this group
67 5. Save your changes
67 5. Save your changes
68
68
69 .. |perm| replace:: :guilabel:`None, Read, Write, or Admin`
69 .. |perm| replace:: :guilabel:`None, Read, Write, or Admin`
@@ -1,26 +1,26 b''
1 .. _permissions-info-add-group-ref:
1 .. _permissions-info-add-group-ref:
2
2
3 Repository Administration
3 Repository Administration
4 =========================
4 =========================
5
5
6 Repository permissions in |RCM| can be managed in a number of different ways.
6 Repository permissions in |RCE| can be managed in a number of different ways.
7 This overview should give you an insight into how you could adopt particular
7 This overview should give you an insight into how you could adopt particular
8 settings for your needs:
8 settings for your needs:
9
9
10 * Global |repo| permissions: This allows you to set the default permissions
10 * Global |repo| permissions: This allows you to set the default permissions
11 for each new |repo| created within |RCM|, see :ref:`repo-default-ref`. All
11 for each new |repo| created within |RCE|, see :ref:`repo-default-ref`. All
12 |repos| created will inherit these permissions unless explicitly configured.
12 |repos| created will inherit these permissions unless explicitly configured.
13 * Individual |repo| permissions: To set individual |repo| permissions,
13 * Individual |repo| permissions: To set individual |repo| permissions,
14 see :ref:`set-repo-perms`.
14 see :ref:`set-repo-perms`.
15 * Repository Group permissions: This allows you to define the permissions for
15 * Repository Group permissions: This allows you to define the permissions for
16 a group, and all |repos| created within that group will inherit the same
16 a group, and all |repos| created within that group will inherit the same
17 permissions.
17 permissions.
18
18
19 .. toctree::
19 .. toctree::
20
20
21 repo-perm-steps
21 repo-perm-steps
22 repo-extra-fields
22 repo-extra-fields
23 repo-hooks
23 repo-hooks
24 repo-issue-tracker
24 repo-issue-tracker
25 repo-vcs
25 repo-vcs
26
26
@@ -1,171 +1,171 b''
1 .. _system-overview-ref:
1 .. _system-overview-ref:
2
2
3 System Overview
3 System Overview
4 ===============
4 ===============
5
5
6 Latest Version
6 Latest Version
7 --------------
7 --------------
8
8
9 * |release| on Unix and Windows systems.
9 * |release| on Unix and Windows systems.
10
10
11 System Architecture
11 System Architecture
12 -------------------
12 -------------------
13
13
14 The following diagram shows a typical production architecture.
14 The following diagram shows a typical production architecture.
15
15
16 .. image:: ../images/architecture-diagram.png
16 .. image:: ../images/architecture-diagram.png
17 :align: center
17 :align: center
18
18
19 Supported Operating Systems
19 Supported Operating Systems
20 ---------------------------
20 ---------------------------
21
21
22 Linux
22 Linux
23 ^^^^^
23 ^^^^^
24
24
25 * Ubuntu 14.04
25 * Ubuntu 14.04
26 * CentOS 6.2 and 7
26 * CentOS 6.2 and 7
27 * Debian 7.8
27 * Debian 7.8
28 * RedHat Fedora
28 * RedHat Fedora
29 * Arch Linux
29 * Arch Linux
30 * SUSE Linux
30 * SUSE Linux
31
31
32 Windows
32 Windows
33 ^^^^^^^
33 ^^^^^^^
34
34
35 * Windows Vista Ultimate 64bit
35 * Windows Vista Ultimate 64bit
36 * Windows 7 Ultimate 64bit
36 * Windows 7 Ultimate 64bit
37 * Windows 8 Professional 64bit
37 * Windows 8 Professional 64bit
38 * Windows 8.1 Enterprise 64bit
38 * Windows 8.1 Enterprise 64bit
39 * Windows Server 2008 64bit
39 * Windows Server 2008 64bit
40 * Windows Server 2008-R2 64bit
40 * Windows Server 2008-R2 64bit
41 * Windows Server 2012 64bit
41 * Windows Server 2012 64bit
42
42
43 Supported Databases
43 Supported Databases
44 -------------------
44 -------------------
45
45
46 * SQLite
46 * SQLite
47 * MySQL
47 * MySQL
48 * MariaDB
48 * MariaDB
49 * PostgreSQL
49 * PostgreSQL
50
50
51 Supported Browsers
51 Supported Browsers
52 ------------------
52 ------------------
53
53
54 * Chrome
54 * Chrome
55 * Safari
55 * Safari
56 * Firefox
56 * Firefox
57 * Internet Explorer 10 & 11
57 * Internet Explorer 10 & 11
58
58
59 System Requirements
59 System Requirements
60 -------------------
60 -------------------
61
61
62 |RCM| performs best on machines with ultra-fast hard disks. Generally disk
62 |RCE| performs best on machines with ultra-fast hard disks. Generally disk
63 performance is more important than CPU performance. In a corporate production
63 performance is more important than CPU performance. In a corporate production
64 environment handling 1000s of users and |repos| you should deploy on a 12+
64 environment handling 1000s of users and |repos| you should deploy on a 12+
65 core 64GB RAM server. In short, the more RAM the better.
65 core 64GB RAM server. In short, the more RAM the better.
66
66
67
67
68 For example:
68 For example:
69
69
70 - for team of 1 - 5 active users you can run on 1GB RAM machine with 1CPU
70 - for team of 1 - 5 active users you can run on 1GB RAM machine with 1CPU
71 - above 250 active users, |RCM| needs at least 8GB of memory.
71 - above 250 active users, |RCE| needs at least 8GB of memory.
72 Number of CPUs is less important, but recommended to have at least 2-3 CPUs
72 Number of CPUs is less important, but recommended to have at least 2-3 CPUs
73
73
74
74
75 .. _config-rce-files:
75 .. _config-rce-files:
76
76
77 Configuration Files
77 Configuration Files
78 -------------------
78 -------------------
79
79
80 * :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
80 * :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
81 * :file:`/home/{user}/.rccontrol/{instance-id}/mapping.ini`
81 * :file:`/home/{user}/.rccontrol/{instance-id}/mapping.ini`
82 * :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini`
82 * :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini`
83 * :file:`/home/{user}/.rccontrol/supervisor/supervisord.ini`
83 * :file:`/home/{user}/.rccontrol/supervisor/supervisord.ini`
84 * :file:`/home/{user}/.rccontrol.ini`
84 * :file:`/home/{user}/.rccontrol.ini`
85 * :file:`/home/{user}/.rhoderc`
85 * :file:`/home/{user}/.rhoderc`
86 * :file:`/home/{user}/.rccontrol/cache/MANIFEST`
86 * :file:`/home/{user}/.rccontrol/cache/MANIFEST`
87
87
88 For more information, see the :ref:`config-files` section.
88 For more information, see the :ref:`config-files` section.
89
89
90 Log Files
90 Log Files
91 ---------
91 ---------
92
92
93 * :file:`/home/{user}/.rccontrol/{instance-id}/enterprise.log`
93 * :file:`/home/{user}/.rccontrol/{instance-id}/enterprise.log`
94 * :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.log`
94 * :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.log`
95 * :file:`/home/{user}/.rccontrol/supervisor/supervisord.log`
95 * :file:`/home/{user}/.rccontrol/supervisor/supervisord.log`
96 * :file:`/tmp/rccontrol.log`
96 * :file:`/tmp/rccontrol.log`
97 * :file:`/tmp/rhodecode_tools.log`
97 * :file:`/tmp/rhodecode_tools.log`
98
98
99 Storage Files
99 Storage Files
100 -------------
100 -------------
101
101
102 * :file:`/home/{user}/.rccontrol/{instance-id}/data/index/{index-file.toc}`
102 * :file:`/home/{user}/.rccontrol/{instance-id}/data/index/{index-file.toc}`
103 * :file:`/home/{user}/repos/.rc_gist_store`
103 * :file:`/home/{user}/repos/.rc_gist_store`
104 * :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.db`
104 * :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.db`
105 * :file:`/opt/rhodecode/store/{unique-hash}`
105 * :file:`/opt/rhodecode/store/{unique-hash}`
106
106
107 Default Repositories Location
107 Default Repositories Location
108 -----------------------------
108 -----------------------------
109
109
110 * :file:`/home/{user}/repos`
110 * :file:`/home/{user}/repos`
111
111
112 Connection Methods
112 Connection Methods
113 ------------------
113 ------------------
114
114
115 * HTTPS
115 * HTTPS
116 * SSH
116 * SSH
117 * |RCM| API
117 * |RCE| API
118
118
119 Internationalization Support
119 Internationalization Support
120 ----------------------------
120 ----------------------------
121
121
122 Currently available in the following languages, see `Transifex`_ for the
122 Currently available in the following languages, see `Transifex`_ for the
123 latest details. If you want a new language added, please contact us. To
123 latest details. If you want a new language added, please contact us. To
124 configure your language settings, see the :ref:`set-lang` section.
124 configure your language settings, see the :ref:`set-lang` section.
125
125
126 .. hlist::
126 .. hlist::
127
127
128 * Belorussian
128 * Belorussian
129 * Chinese
129 * Chinese
130 * French
130 * French
131 * German
131 * German
132 * Italian
132 * Italian
133 * Japanese
133 * Japanese
134 * Portuguese
134 * Portuguese
135 * Polish
135 * Polish
136 * Russian
136 * Russian
137 * Spanish
137 * Spanish
138
138
139 Licencing Information
139 Licencing Information
140 ---------------------
140 ---------------------
141
141
142 * See licencing information `here`_
142 * See licencing information `here`_
143
143
144 Peer-to-peer Failover Support
144 Peer-to-peer Failover Support
145 -----------------------------
145 -----------------------------
146
146
147 * Yes
147 * Yes
148
148
149 Additional Binaries
149 Additional Binaries
150 -------------------
150 -------------------
151
151
152 * Yes, see :ref:`rhodecode-nix-ref` for full details.
152 * Yes, see :ref:`rhodecode-nix-ref` for full details.
153
153
154 Remote Connectivity
154 Remote Connectivity
155 -------------------
155 -------------------
156
156
157 * Available
157 * Available
158
158
159 Executable Files
159 Executable Files
160 ----------------
160 ----------------
161
161
162 Windows: :file:`RhodeCode-installer-{version}.exe`
162 Windows: :file:`RhodeCode-installer-{version}.exe`
163
163
164 Deprecated Support
164 Deprecated Support
165 ------------------
165 ------------------
166
166
167 - Internet Explorer 8 support deprecated since version 3.7.0.
167 - Internet Explorer 8 support deprecated since version 3.7.0.
168 - Internet Explorer 9 support deprecated since version 3.8.0.
168 - Internet Explorer 9 support deprecated since version 3.8.0.
169
169
170 .. _here: https://rhodecode.com/licenses/
170 .. _here: https://rhodecode.com/licenses/
171 .. _Transifex: https://www.transifex.com/projects/p/RhodeCode/
171 .. _Transifex: https://www.transifex.com/projects/p/RhodeCode/
@@ -1,23 +1,23 b''
1 .. _user-admin-set:
1 .. _user-admin-set:
2
2
3 User Administration
3 User Administration
4 ===================
4 ===================
5
5
6 |RCM| enables you to define permissions for the following entities within the
6 |RCE| enables you to define permissions for the following entities within the
7 system; **users**, **user groups**, **repositories**, **repository groups**.
7 system; **users**, **user groups**, **repositories**, **repository groups**.
8
8
9 Within each one of these entities you can set default settings,
9 Within each one of these entities you can set default settings,
10 and then all users or |repos| inherit those default permission settings
10 and then all users or |repos| inherit those default permission settings
11 unless individually defined. Each of these entities can have the following
11 unless individually defined. Each of these entities can have the following
12 permissions applied to it; |perm|.
12 permissions applied to it; |perm|.
13
13
14 .. toctree::
14 .. toctree::
15
15
16 public-access
16 public-access
17 default-user-perms
17 default-user-perms
18 adding-anonymous-user
18 adding-anonymous-user
19 adding-new-user
19 adding-new-user
20 setting-default-permissions
20 setting-default-permissions
21 setting-usergroup-permissions
21 setting-usergroup-permissions
22
22
23 .. |perm| replace:: **None**, **Read**, **Write**, or **Admin** No newline at end of file
23 .. |perm| replace:: **None**, **Read**, **Write**, or **Admin**
@@ -1,324 +1,324 b''
1 .. _vcs-server:
1 .. _vcs-server:
2
2
3 VCS Server Management
3 VCS Server Management
4 ---------------------
4 ---------------------
5
5
6 The VCS Server handles |RCM| backend functionality. You need to configure
6 The VCS Server handles |RCE| backend functionality. You need to configure
7 a VCS Server to run with a |RCM| instance. If you do not, you will be missing
7 a VCS Server to run with a |RCE| instance. If you do not, you will be missing
8 the connection between |RCM| and its |repos|. This will cause error messages
8 the connection between |RCE| and its |repos|. This will cause error messages
9 on the web interface. You can run your setup in the following configurations,
9 on the web interface. You can run your setup in the following configurations,
10 currently the best performance is one of following:
10 currently the best performance is one of following:
11
11
12 * One VCS Server per |RCM| instance.
12 * One VCS Server per |RCE| instance.
13 * One VCS Server handling multiple instances.
13 * One VCS Server handling multiple instances.
14
14
15 .. important::
15 .. important::
16
16
17 If your server locale settings are not correctly configured,
17 If your server locale settings are not correctly configured,
18 |RCE| and the VCS Server can run into issues. See this `Ask Ubuntu`_ post
18 |RCE| and the VCS Server can run into issues. See this `Ask Ubuntu`_ post
19 which explains the problem and gives a solution.
19 which explains the problem and gives a solution.
20
20
21 For more information, see the following sections:
21 For more information, see the following sections:
22
22
23 * :ref:`install-vcs`
23 * :ref:`install-vcs`
24 * :ref:`config-vcs`
24 * :ref:`config-vcs`
25 * :ref:`vcs-server-options`
25 * :ref:`vcs-server-options`
26 * :ref:`vcs-server-versions`
26 * :ref:`vcs-server-versions`
27 * :ref:`vcs-server-maintain`
27 * :ref:`vcs-server-maintain`
28 * :ref:`vcs-server-config-file`
28 * :ref:`vcs-server-config-file`
29 * :ref:`svn-http`
29 * :ref:`svn-http`
30
30
31 .. _install-vcs:
31 .. _install-vcs:
32
32
33 VCS Server Installation
33 VCS Server Installation
34 ^^^^^^^^^^^^^^^^^^^^^^^
34 ^^^^^^^^^^^^^^^^^^^^^^^
35
35
36 To install a VCS Server, see
36 To install a VCS Server, see
37 :ref:`Installing a VCS server <control:install-vcsserver>`.
37 :ref:`Installing a VCS server <control:install-vcsserver>`.
38
38
39 .. _config-vcs:
39 .. _config-vcs:
40
40
41 Hooking |RCE| to its VCS Server
41 Hooking |RCE| to its VCS Server
42 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
42 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
43
43
44 To configure a |RCE| instance to use a VCS server, see
44 To configure a |RCE| instance to use a VCS server, see
45 :ref:`Configuring the VCS Server connection <control:manually-vcsserver-ini>`.
45 :ref:`Configuring the VCS Server connection <control:manually-vcsserver-ini>`.
46
46
47 .. _vcs-server-options:
47 .. _vcs-server-options:
48
48
49 |RCE| VCS Server Options
49 |RCE| VCS Server Options
50 ^^^^^^^^^^^^^^^^^^^^^^^^
50 ^^^^^^^^^^^^^^^^^^^^^^^^
51
51
52 The following list shows the available options on the |RCM| side of the
52 The following list shows the available options on the |RCE| side of the
53 connection to the VCS Server. The settings are configured per
53 connection to the VCS Server. The settings are configured per
54 instance in the
54 instance in the
55 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file.
55 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file.
56
56
57 .. rst-class:: dl-horizontal
57 .. rst-class:: dl-horizontal
58
58
59 \vcs.backends <available-vcs-systems>
59 \vcs.backends <available-vcs-systems>
60 Set a comma-separated list of the |repo| options available from the
60 Set a comma-separated list of the |repo| options available from the
61 web interface. The default is ``hg, git, svn``,
61 web interface. The default is ``hg, git, svn``,
62 which is all |repo| types available. The order of backends is also the
62 which is all |repo| types available. The order of backends is also the
63 order backend will try to detect requests type.
63 order backend will try to detect requests type.
64
64
65 \vcs.connection_timeout <seconds>
65 \vcs.connection_timeout <seconds>
66 Set the length of time in seconds that the VCS Server waits for
66 Set the length of time in seconds that the VCS Server waits for
67 requests to process. After the timeout expires,
67 requests to process. After the timeout expires,
68 the request is closed. The default is ``3600``. Set to a higher
68 the request is closed. The default is ``3600``. Set to a higher
69 number if you experience network latency, or timeout issues with very
69 number if you experience network latency, or timeout issues with very
70 large push/pull requests.
70 large push/pull requests.
71
71
72 \vcs.server.enable <boolean>
72 \vcs.server.enable <boolean>
73 Enable or disable the VCS Server. The available options are ``true`` or
73 Enable or disable the VCS Server. The available options are ``true`` or
74 ``false``. The default is ``true``.
74 ``false``. The default is ``true``.
75
75
76 \vcs.server <host:port>
76 \vcs.server <host:port>
77 Set the host, either hostname or IP Address, and port of the VCS server
77 Set the host, either hostname or IP Address, and port of the VCS server
78 you wish to run with your |RCM| instance.
78 you wish to run with your |RCE| instance.
79
79
80 .. code-block:: ini
80 .. code-block:: ini
81
81
82 ##################
82 ##################
83 ### VCS CONFIG ###
83 ### VCS CONFIG ###
84 ##################
84 ##################
85 # set this line to match your VCS Server
85 # set this line to match your VCS Server
86 vcs.server = 127.0.0.1:10004
86 vcs.server = 127.0.0.1:10004
87 # Set to False to disable the VCS Server
87 # Set to False to disable the VCS Server
88 vcs.server.enable = True
88 vcs.server.enable = True
89 vcs.backends = hg, git, svn
89 vcs.backends = hg, git, svn
90 vcs.connection_timeout = 3600
90 vcs.connection_timeout = 3600
91
91
92
92
93 .. _vcs-server-versions:
93 .. _vcs-server-versions:
94
94
95 VCS Server Versions
95 VCS Server Versions
96 ^^^^^^^^^^^^^^^^^^^
96 ^^^^^^^^^^^^^^^^^^^
97
97
98 An updated version of the VCS Server is released with each |RCE| version. Use
98 An updated version of the VCS Server is released with each |RCE| version. Use
99 the VCS Server number that matches with the |RCE| version to pair the
99 the VCS Server number that matches with the |RCE| version to pair the
100 appropriate ones together. For |RCE| versions pre 3.3.0,
100 appropriate ones together. For |RCE| versions pre 3.3.0,
101 VCS Server 1.X.Y works with |RCE| 3.X.Y, for example:
101 VCS Server 1.X.Y works with |RCE| 3.X.Y, for example:
102
102
103 * VCS Server 1.0.0 works with |RCE| 3.0.0
103 * VCS Server 1.0.0 works with |RCE| 3.0.0
104 * VCS Server 1.2.2 works with |RCE| 3.2.2
104 * VCS Server 1.2.2 works with |RCE| 3.2.2
105
105
106 For |RCE| versions post 3.3.0, the VCS Server and |RCE| version numbers
106 For |RCE| versions post 3.3.0, the VCS Server and |RCE| version numbers
107 match, for example:
107 match, for example:
108
108
109 * VCS Server |release| works with |RCE| |release|
109 * VCS Server |release| works with |RCE| |release|
110
110
111 .. _vcs-server-maintain:
111 .. _vcs-server-maintain:
112
112
113 VCS Server Memory Optimization
113 VCS Server Memory Optimization
114 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
114 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
115
115
116 To optimize the VCS server to manage the cache and memory usage efficiently, you need to
116 To optimize the VCS server to manage the cache and memory usage efficiently, you need to
117 configure the following options in the
117 configure the following options in the
118 :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini` file. Once
118 :file:`/home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini` file. Once
119 configured, restart the VCS Server. By default we use an optimal settings, but in certain
119 configured, restart the VCS Server. By default we use an optimal settings, but in certain
120 conditions tunning expiration_time and max_size can affect memory usage and performance
120 conditions tunning expiration_time and max_size can affect memory usage and performance
121
121
122 .. code-block:: ini
122 .. code-block:: ini
123
123
124 ## cache region for storing repo_objects cache
124 ## cache region for storing repo_objects cache
125 rc_cache.repo_object.backend = dogpile.cache.rc.memory_lru
125 rc_cache.repo_object.backend = dogpile.cache.rc.memory_lru
126
126
127 ## cache auto-expires after N seconds, setting this to 0 disabled cache
127 ## cache auto-expires after N seconds, setting this to 0 disabled cache
128 rc_cache.repo_object.expiration_time = 300
128 rc_cache.repo_object.expiration_time = 300
129
129
130 ## max size of LRU, old values will be discarded if the size of cache reaches max_size
130 ## max size of LRU, old values will be discarded if the size of cache reaches max_size
131 ## Sets the maximum number of items stored in the cache, before the cache
131 ## Sets the maximum number of items stored in the cache, before the cache
132 ## starts to be cleared.
132 ## starts to be cleared.
133
133
134 ## As a general rule of thumb, running this value at 120 resulted in a
134 ## As a general rule of thumb, running this value at 120 resulted in a
135 ## 5GB cache. Running it at 240 resulted in a 9GB cache. Your results
135 ## 5GB cache. Running it at 240 resulted in a 9GB cache. Your results
136 ## will differ based on usage patterns and |repo| sizes.
136 ## will differ based on usage patterns and |repo| sizes.
137
137
138 ## Tweaking this value to run at a fairly constant memory load on your
138 ## Tweaking this value to run at a fairly constant memory load on your
139 ## server will help performance.
139 ## server will help performance.
140
140
141 rc_cache.repo_object.max_size = 120
141 rc_cache.repo_object.max_size = 120
142
142
143
143
144 To clear the cache completely, you can restart the VCS Server.
144 To clear the cache completely, you can restart the VCS Server.
145
145
146 .. important::
146 .. important::
147
147
148 While the VCS Server handles a restart gracefully on the web interface,
148 While the VCS Server handles a restart gracefully on the web interface,
149 it will drop connections during push/pull requests. So it is recommended
149 it will drop connections during push/pull requests. So it is recommended
150 you only perform this when there is very little traffic on the instance.
150 you only perform this when there is very little traffic on the instance.
151
151
152 Use the following example to restart your VCS Server,
152 Use the following example to restart your VCS Server,
153 for full details see the :ref:`RhodeCode Control CLI <control:rcc-cli>`.
153 for full details see the :ref:`RhodeCode Control CLI <control:rcc-cli>`.
154
154
155 .. code-block:: bash
155 .. code-block:: bash
156
156
157 $ rccontrol status
157 $ rccontrol status
158
158
159 .. code-block:: vim
159 .. code-block:: vim
160
160
161 - NAME: vcsserver-1
161 - NAME: vcsserver-1
162 - STATUS: RUNNING
162 - STATUS: RUNNING
163 logs:/home/ubuntu/.rccontrol/vcsserver-1/vcsserver.log
163 logs:/home/ubuntu/.rccontrol/vcsserver-1/vcsserver.log
164 - VERSION: 4.7.2 VCSServer
164 - VERSION: 4.7.2 VCSServer
165 - URL: http://127.0.0.1:10008
165 - URL: http://127.0.0.1:10008
166 - CONFIG: /home/ubuntu/.rccontrol/vcsserver-1/vcsserver.ini
166 - CONFIG: /home/ubuntu/.rccontrol/vcsserver-1/vcsserver.ini
167
167
168 $ rccontrol restart vcsserver-1
168 $ rccontrol restart vcsserver-1
169 Instance "vcsserver-1" successfully stopped.
169 Instance "vcsserver-1" successfully stopped.
170 Instance "vcsserver-1" successfully started.
170 Instance "vcsserver-1" successfully started.
171
171
172 .. _vcs-server-config-file:
172 .. _vcs-server-config-file:
173
173
174 VCS Server Configuration
174 VCS Server Configuration
175 ^^^^^^^^^^^^^^^^^^^^^^^^
175 ^^^^^^^^^^^^^^^^^^^^^^^^
176
176
177 You can configure settings for multiple VCS Servers on your
177 You can configure settings for multiple VCS Servers on your
178 system using their individual configuration files. Use the following
178 system using their individual configuration files. Use the following
179 properties inside the configuration file to set up your system. The default
179 properties inside the configuration file to set up your system. The default
180 location is :file:`home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini`.
180 location is :file:`home/{user}/.rccontrol/{vcsserver-id}/vcsserver.ini`.
181 For a more detailed explanation of the logger levers, see :ref:`debug-mode`.
181 For a more detailed explanation of the logger levers, see :ref:`debug-mode`.
182
182
183 .. rst-class:: dl-horizontal
183 .. rst-class:: dl-horizontal
184
184
185 \host <ip-address>
185 \host <ip-address>
186 Set the host on which the VCS Server will run. VCSServer is not
186 Set the host on which the VCS Server will run. VCSServer is not
187 protected by any authentication, so we *highly* recommend running it
187 protected by any authentication, so we *highly* recommend running it
188 under localhost ip that is `127.0.0.1`
188 under localhost ip that is `127.0.0.1`
189
189
190 \port <int>
190 \port <int>
191 Set the port number on which the VCS Server will be available.
191 Set the port number on which the VCS Server will be available.
192
192
193 \locale <locale_utf>
193 \locale <locale_utf>
194 Set the locale the VCS Server expects.
194 Set the locale the VCS Server expects.
195
195
196 \workers <int>
196 \workers <int>
197 Set the number of process workers.Recommended
197 Set the number of process workers.Recommended
198 value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
198 value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
199
199
200 \max_requests <int>
200 \max_requests <int>
201 The maximum number of requests a worker will process before restarting.
201 The maximum number of requests a worker will process before restarting.
202 Any value greater than zero will limit the number of requests a work
202 Any value greater than zero will limit the number of requests a work
203 will process before automatically restarting. This is a simple method
203 will process before automatically restarting. This is a simple method
204 to help limit the damage of memory leaks.
204 to help limit the damage of memory leaks.
205
205
206 \max_requests_jitter <int>
206 \max_requests_jitter <int>
207 The maximum jitter to add to the max_requests setting.
207 The maximum jitter to add to the max_requests setting.
208 The jitter causes the restart per worker to be randomized by
208 The jitter causes the restart per worker to be randomized by
209 randint(0, max_requests_jitter). This is intended to stagger worker
209 randint(0, max_requests_jitter). This is intended to stagger worker
210 restarts to avoid all workers restarting at the same time.
210 restarts to avoid all workers restarting at the same time.
211
211
212
212
213 .. note::
213 .. note::
214
214
215 After making changes, you need to restart your VCS Server to pick them up.
215 After making changes, you need to restart your VCS Server to pick them up.
216
216
217 .. code-block:: ini
217 .. code-block:: ini
218
218
219 ################################################################################
219 ################################################################################
220 # RhodeCode VCSServer with HTTP Backend - configuration #
220 # RhodeCode VCSServer with HTTP Backend - configuration #
221 # #
221 # #
222 ################################################################################
222 ################################################################################
223
223
224
224
225 [server:main]
225 [server:main]
226 ## COMMON ##
226 ## COMMON ##
227 host = 127.0.0.1
227 host = 127.0.0.1
228 port = 10002
228 port = 10002
229
229
230 ##########################
230 ##########################
231 ## GUNICORN WSGI SERVER ##
231 ## GUNICORN WSGI SERVER ##
232 ##########################
232 ##########################
233 ## run with gunicorn --log-config vcsserver.ini --paste vcsserver.ini
233 ## run with gunicorn --log-config vcsserver.ini --paste vcsserver.ini
234 use = egg:gunicorn#main
234 use = egg:gunicorn#main
235 ## Sets the number of process workers. Recommended
235 ## Sets the number of process workers. Recommended
236 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
236 ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
237 workers = 3
237 workers = 3
238 ## process name
238 ## process name
239 proc_name = rhodecode_vcsserver
239 proc_name = rhodecode_vcsserver
240 ## type of worker class, one of sync, gevent
240 ## type of worker class, one of sync, gevent
241 ## recommended for bigger setup is using of of other than sync one
241 ## recommended for bigger setup is using of of other than sync one
242 worker_class = sync
242 worker_class = sync
243 ## The maximum number of simultaneous clients. Valid only for Gevent
243 ## The maximum number of simultaneous clients. Valid only for Gevent
244 #worker_connections = 10
244 #worker_connections = 10
245 ## max number of requests that worker will handle before being gracefully
245 ## max number of requests that worker will handle before being gracefully
246 ## restarted, could prevent memory leaks
246 ## restarted, could prevent memory leaks
247 max_requests = 1000
247 max_requests = 1000
248 max_requests_jitter = 30
248 max_requests_jitter = 30
249 ## amount of time a worker can spend with handling a request before it
249 ## amount of time a worker can spend with handling a request before it
250 ## gets killed and restarted. Set to 6hrs
250 ## gets killed and restarted. Set to 6hrs
251 timeout = 21600
251 timeout = 21600
252
252
253 [app:main]
253 [app:main]
254 use = egg:rhodecode-vcsserver
254 use = egg:rhodecode-vcsserver
255
255
256 pyramid.default_locale_name = en
256 pyramid.default_locale_name = en
257 pyramid.includes =
257 pyramid.includes =
258
258
259 ## default locale used by VCS systems
259 ## default locale used by VCS systems
260 locale = en_US.UTF-8
260 locale = en_US.UTF-8
261
261
262 # cache regions, please don't change
262 # cache regions, please don't change
263 beaker.cache.regions = repo_object
263 beaker.cache.regions = repo_object
264 beaker.cache.repo_object.type = memorylru
264 beaker.cache.repo_object.type = memorylru
265 beaker.cache.repo_object.max_items = 100
265 beaker.cache.repo_object.max_items = 100
266 # cache auto-expires after N seconds
266 # cache auto-expires after N seconds
267 beaker.cache.repo_object.expire = 300
267 beaker.cache.repo_object.expire = 300
268 beaker.cache.repo_object.enabled = true
268 beaker.cache.repo_object.enabled = true
269
269
270
270
271 ################################
271 ################################
272 ### LOGGING CONFIGURATION ####
272 ### LOGGING CONFIGURATION ####
273 ################################
273 ################################
274 [loggers]
274 [loggers]
275 keys = root, vcsserver, beaker
275 keys = root, vcsserver, beaker
276
276
277 [handlers]
277 [handlers]
278 keys = console
278 keys = console
279
279
280 [formatters]
280 [formatters]
281 keys = generic
281 keys = generic
282
282
283 #############
283 #############
284 ## LOGGERS ##
284 ## LOGGERS ##
285 #############
285 #############
286 [logger_root]
286 [logger_root]
287 level = NOTSET
287 level = NOTSET
288 handlers = console
288 handlers = console
289
289
290 [logger_vcsserver]
290 [logger_vcsserver]
291 level = DEBUG
291 level = DEBUG
292 handlers =
292 handlers =
293 qualname = vcsserver
293 qualname = vcsserver
294 propagate = 1
294 propagate = 1
295
295
296 [logger_beaker]
296 [logger_beaker]
297 level = DEBUG
297 level = DEBUG
298 handlers =
298 handlers =
299 qualname = beaker
299 qualname = beaker
300 propagate = 1
300 propagate = 1
301
301
302
302
303 ##############
303 ##############
304 ## HANDLERS ##
304 ## HANDLERS ##
305 ##############
305 ##############
306
306
307 [handler_console]
307 [handler_console]
308 class = StreamHandler
308 class = StreamHandler
309 args = (sys.stderr,)
309 args = (sys.stderr,)
310 level = DEBUG
310 level = DEBUG
311 formatter = generic
311 formatter = generic
312
312
313 ################
313 ################
314 ## FORMATTERS ##
314 ## FORMATTERS ##
315 ################
315 ################
316
316
317 [formatter_generic]
317 [formatter_generic]
318 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
318 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
319 datefmt = %Y-%m-%d %H:%M:%S
319 datefmt = %Y-%m-%d %H:%M:%S
320
320
321
321
322 .. _Subversion Red Book: http://svnbook.red-bean.com/en/1.7/svn-book.html#svn.ref.svn
322 .. _Subversion Red Book: http://svnbook.red-bean.com/en/1.7/svn-book.html#svn.ref.svn
323
323
324 .. _Ask Ubuntu: http://askubuntu.com/questions/162391/how-do-i-fix-my-locale-issue
324 .. _Ask Ubuntu: http://askubuntu.com/questions/162391/how-do-i-fix-my-locale-issue
@@ -1,208 +1,208 b''
1 .. _api:
1 .. _api:
2
2
3 API Documentation
3 API Documentation
4 =================
4 =================
5
5
6 The |RCE| API uses a single scheme for calling all API methods. The API is
6 The |RCE| API uses a single scheme for calling all API methods. The API is
7 implemented with JSON protocol in both directions. To send API requests to
7 implemented with JSON protocol in both directions. To send API requests to
8 your instance of |RCE|, use the following URL format
8 your instance of |RCE|, use the following URL format
9 ``<your_server>/_admin``
9 ``<your_server>/_admin``
10
10
11 .. note::
11 .. note::
12
12
13 To use the API, you should configure the :file:`~/.rhoderc` file with
13 To use the API, you should configure the :file:`~/.rhoderc` file with
14 access details per instance. For more information, see
14 access details per instance. For more information, see
15 :ref:`config-rhoderc`.
15 :ref:`config-rhoderc`.
16
16
17
17
18 API ACCESS FOR WEB VIEWS
18 API ACCESS FOR WEB VIEWS
19 ------------------------
19 ------------------------
20
20
21 API access can also be turned on for each web view in |RCE| that is
21 API access can also be turned on for each web view in |RCE| that is
22 decorated with a `@LoginRequired` decorator. To enable API access, change
22 decorated with a `@LoginRequired` decorator. To enable API access, change
23 the standard login decorator to `@LoginRequired(api_access=True)`.
23 the standard login decorator to `@LoginRequired(api_access=True)`.
24
24
25 From |RCM| version 1.7.0 you can configure a white list
25 From |RCE| version 1.7.0 you can configure a white list
26 of views that have API access enabled by default. To enable these,
26 of views that have API access enabled by default. To enable these,
27 edit the |RCM| configuration ``.ini`` file. The default location is:
27 edit the |RCE| configuration ``.ini`` file. The default location is:
28
28
29 * |RCM| Pre-2.2.7 :file:`root/rhodecode/data/production.ini`
29 * |RCE| Pre-2.2.7 :file:`root/rhodecode/data/production.ini`
30 * |RCM| 3.0 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
30 * |RCE| 3.0 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
31
31
32 To configure the white list, edit this section of the file. In this
32 To configure the white list, edit this section of the file. In this
33 configuration example, API access is granted to the patch/diff raw file and
33 configuration example, API access is granted to the patch/diff raw file and
34 archive.
34 archive.
35
35
36 .. code-block:: ini
36 .. code-block:: ini
37
37
38 ## List of controllers (using glob syntax) that AUTH TOKENS could be used for access.
38 ## List of controllers (using glob syntax) that AUTH TOKENS could be used for access.
39 ## Adding ?auth_token = <token> to the url authenticates this request as if it
39 ## Adding ?auth_token = <token> to the url authenticates this request as if it
40 ## came from the the logged in user who own this authentication token.
40 ## came from the the logged in user who own this authentication token.
41 ##
41 ##
42 ## Syntax is <ControllerClass>:<function_pattern>.
42 ## Syntax is <ControllerClass>:<function_pattern>.
43 ## The list should be "," separated and on a single line.
43 ## The list should be "," separated and on a single line.
44 ##
44 ##
45 api_access_controllers_whitelist = RepoCommitsView:repo_commit_raw,RepoCommitsView:repo_commit_patch,RepoCommitsView:repo_commit_download
45 api_access_controllers_whitelist = RepoCommitsView:repo_commit_raw,RepoCommitsView:repo_commit_patch,RepoCommitsView:repo_commit_download
46
46
47 After this change, a |RCE| view can be accessed without login by adding a
47 After this change, a |RCE| view can be accessed without login by adding a
48 GET parameter ``?auth_token=<auth_token>`` to a url. For example to
48 GET parameter ``?auth_token=<auth_token>`` to a url. For example to
49 access the raw diff.
49 access the raw diff.
50
50
51 .. code-block:: html
51 .. code-block:: html
52
52
53 http://<server>/<repo>/changeset-diff/<sha>?auth_token=<auth_token>
53 http://<server>/<repo>/changeset-diff/<sha>?auth_token=<auth_token>
54
54
55 By default this is only enabled on RSS/ATOM feed views. Exposing raw diffs is a
55 By default this is only enabled on RSS/ATOM feed views. Exposing raw diffs is a
56 good way to integrate with 3rd party services like code review, or build farms
56 good way to integrate with 3rd party services like code review, or build farms
57 that could download archives.
57 that could download archives.
58
58
59 API ACCESS
59 API ACCESS
60 ----------
60 ----------
61
61
62 All clients are required to send JSON-RPC spec JSON data.
62 All clients are required to send JSON-RPC spec JSON data.
63
63
64 .. code-block:: bash
64 .. code-block:: bash
65
65
66 {
66 {
67 "id:"<id>",
67 "id:"<id>",
68 "auth_token":"<auth_token>",
68 "auth_token":"<auth_token>",
69 "method":"<method_name>",
69 "method":"<method_name>",
70 "args":{"<arg_key>":"<arg_val>"}
70 "args":{"<arg_key>":"<arg_val>"}
71 }
71 }
72
72
73 Example call for auto pulling from remote repositories using curl:
73 Example call for auto pulling from remote repositories using curl:
74
74
75 .. code-block:: bash
75 .. code-block:: bash
76
76
77 curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"id":1,
77 curl https://server.com/_admin/api -X POST -H 'content-type:text/plain' --data-binary '{"id":1,
78 "auth_token":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull", "args":{"repoid":"CPython"}}'
78 "auth_token":"xe7cdb2v278e4evbdf5vs04v832v0efvcbcve4a3","method":"pull", "args":{"repoid":"CPython"}}'
79
79
80 Provide those parameters:
80 Provide those parameters:
81 - **id** A value of any type, which is used to match the response with the
81 - **id** A value of any type, which is used to match the response with the
82 request that it is replying to.
82 request that it is replying to.
83 - **auth_token** for access and permission validation.
83 - **auth_token** for access and permission validation.
84 - **method** is name of method to call
84 - **method** is name of method to call
85 - **args** is an ``key:value`` list of arguments to pass to method
85 - **args** is an ``key:value`` list of arguments to pass to method
86
86
87 .. note::
87 .. note::
88
88
89 To get your |authtoken|, from the |RCE| interface,
89 To get your |authtoken|, from the |RCE| interface,
90 go to:
90 go to:
91 :menuselection:`username --> My account --> Auth tokens`
91 :menuselection:`username --> My account --> Auth tokens`
92
92
93 For security reasons you should always create a dedicated |authtoken| for
93 For security reasons you should always create a dedicated |authtoken| for
94 API use only.
94 API use only.
95
95
96
96
97 The |RCE| API will always return a JSON-RPC response:
97 The |RCE| API will always return a JSON-RPC response:
98
98
99 .. code-block:: bash
99 .. code-block:: bash
100
100
101 {
101 {
102 "id": <id>, # matching id sent by request
102 "id": <id>, # matching id sent by request
103 "result": "<result>"|null, # JSON formatted result, null if any errors
103 "result": "<result>"|null, # JSON formatted result, null if any errors
104 "error": "null"|<error_message> # JSON formatted error (if any)
104 "error": "null"|<error_message> # JSON formatted error (if any)
105 }
105 }
106
106
107 All responses from API will be with `HTTP/1.0 200 OK` status code.
107 All responses from API will be with `HTTP/1.0 200 OK` status code.
108 If there is an error when calling the API, the *error* key will contain a
108 If there is an error when calling the API, the *error* key will contain a
109 failure description and the *result* will be `null`.
109 failure description and the *result* will be `null`.
110
110
111 API CLIENT
111 API CLIENT
112 ----------
112 ----------
113
113
114 To install the |RCE| API, see :ref:`install-tools`. To configure the API per
114 To install the |RCE| API, see :ref:`install-tools`. To configure the API per
115 instance, see the :ref:`rc-tools` section as you need to configure a
115 instance, see the :ref:`rc-tools` section as you need to configure a
116 :file:`~/.rhoderc` file with your |authtokens|.
116 :file:`~/.rhoderc` file with your |authtokens|.
117
117
118 Once you have set up your instance API access, use the following examples to
118 Once you have set up your instance API access, use the following examples to
119 get started.
119 get started.
120
120
121 .. code-block:: bash
121 .. code-block:: bash
122
122
123 # Getting the 'rhodecode' repository
123 # Getting the 'rhodecode' repository
124 # from a RhodeCode Enterprise instance
124 # from a RhodeCode Enterprise instance
125 rhodecode-api --instance-name=enterprise-1 get_repo repoid:rhodecode
125 rhodecode-api --instance-name=enterprise-1 get_repo repoid:rhodecode
126
126
127 Calling method get_repo => http://127.0.0.1:5000
127 Calling method get_repo => http://127.0.0.1:5000
128 Server response
128 Server response
129 {
129 {
130 <json data>
130 <json data>
131 }
131 }
132
132
133 # Creating a new mercurial repository called 'brand-new'
133 # Creating a new mercurial repository called 'brand-new'
134 # with a description 'Repo-description'
134 # with a description 'Repo-description'
135 rhodecode-api --instance-name=enterprise-1 create_repo repo_name:brand-new repo_type:hg description:Repo-description
135 rhodecode-api --instance-name=enterprise-1 create_repo repo_name:brand-new repo_type:hg description:Repo-description
136 {
136 {
137 "error": null,
137 "error": null,
138 "id": 1110,
138 "id": 1110,
139 "result": {
139 "result": {
140 "msg": "Created new repository `brand-new`",
140 "msg": "Created new repository `brand-new`",
141 "success": true,
141 "success": true,
142 "task": null
142 "task": null
143 }
143 }
144 }
144 }
145
145
146 A broken example, what not to do.
146 A broken example, what not to do.
147
147
148 .. code-block:: bash
148 .. code-block:: bash
149
149
150 # A call missing the required arguments
150 # A call missing the required arguments
151 # and not specifying the instance
151 # and not specifying the instance
152 rhodecode-api get_repo
152 rhodecode-api get_repo
153
153
154 Calling method get_repo => http://127.0.0.1:5000
154 Calling method get_repo => http://127.0.0.1:5000
155 Server response
155 Server response
156 "Missing non optional `repoid` arg in JSON DATA"
156 "Missing non optional `repoid` arg in JSON DATA"
157
157
158 You can specify pure JSON using the ``--format`` parameter.
158 You can specify pure JSON using the ``--format`` parameter.
159
159
160 .. code-block:: bash
160 .. code-block:: bash
161
161
162 rhodecode-api --format=json get_repo repoid:rhodecode
162 rhodecode-api --format=json get_repo repoid:rhodecode
163
163
164 In such case only output that this function shows is pure JSON, we can use that
164 In such case only output that this function shows is pure JSON, we can use that
165 and pipe output to some json formatter.
165 and pipe output to some json formatter.
166
166
167 If output is in pure JSON format, you can pipe output to a JSON formatter.
167 If output is in pure JSON format, you can pipe output to a JSON formatter.
168
168
169 .. code-block:: bash
169 .. code-block:: bash
170
170
171 rhodecode-api --instance-name=enterprise-1 --format=json get_repo repoid:rhodecode | python -m json.tool
171 rhodecode-api --instance-name=enterprise-1 --format=json get_repo repoid:rhodecode | python -m json.tool
172
172
173 API METHODS
173 API METHODS
174 -----------
174 -----------
175
175
176 Each method by default required following arguments.
176 Each method by default required following arguments.
177
177
178 .. code-block:: bash
178 .. code-block:: bash
179
179
180 id : "<id_for_response>"
180 id : "<id_for_response>"
181 auth_token : "<auth_token>"
181 auth_token : "<auth_token>"
182 method : "<method name>"
182 method : "<method name>"
183 args : {}
183 args : {}
184
184
185 Use each **param** from docs and put it in args, Optional parameters
185 Use each **param** from docs and put it in args, Optional parameters
186 are not required in args.
186 are not required in args.
187
187
188 .. code-block:: bash
188 .. code-block:: bash
189
189
190 args: {"repoid": "rhodecode"}
190 args: {"repoid": "rhodecode"}
191
191
192 .. Note: From this point on things are generated by the script in
192 .. Note: From this point on things are generated by the script in
193 `scripts/fabfile.py`. To change things below, update the docstrings in the
193 `scripts/fabfile.py`. To change things below, update the docstrings in the
194 ApiController.
194 ApiController.
195
195
196 .. --- API DEFS MARKER ---
196 .. --- API DEFS MARKER ---
197 .. toctree::
197 .. toctree::
198
198
199 methods/views
199 methods/views
200 methods/license-methods
200 methods/license-methods
201 methods/deprecated-methods
201 methods/deprecated-methods
202 methods/gist-methods
202 methods/gist-methods
203 methods/pull-request-methods
203 methods/pull-request-methods
204 methods/repo-methods
204 methods/repo-methods
205 methods/repo-group-methods
205 methods/repo-group-methods
206 methods/server-methods
206 methods/server-methods
207 methods/user-methods
207 methods/user-methods
208 methods/user-group-methods
208 methods/user-group-methods
@@ -1,15 +1,15 b''
1 .. _config-crowd-ref:
1 .. _config-crowd-ref:
2
2
3 Crowd
3 Crowd
4 -----
4 -----
5
5
6 To enable Crowd authentication, use the following steps:
6 To enable Crowd authentication, use the following steps:
7
7
8 1. From the |RCM| interface, go to :menuselection:`Admin --> Authentication`
8 1. From the |RCE| interface, go to :menuselection:`Admin --> Authentication`
9 2. Enable the ``rhodecode.lib.auth_modules.auth_crowd`` library and select
9 2. Activate the ``rhodecode.lib.auth_modules.auth_crowd`` library and select
10 :guilabel:`Save`
10 :guilabel:`Save`
11 3. On the Crowd plugin settings section, do the following:
11 3. On the Crowd plugin settings section, do the following:
12
12
13 * Check the :guilabel:`Enable` checkbox
13 * Check the :guilabel:`Enable` checkbox
14 * Enter your Crowd server settings
14 * Enter your Crowd server settings
15 * Select :guilabel:`Save`
15 * Select :guilabel:`Save`
@@ -1,112 +1,160 b''
1 .. _config-ldap-groups-ref:
1 .. _config-ldap-groups-ref:
2
2
3 LDAP/AD With User Groups Sync
3 LDAP/AD With User Groups Sync
4 -----------------------------
4 -----------------------------
5
5
6 |RCM| supports LDAP (Lightweight Directory Access Protocol) or
6 **This plugin is available only in EE Edition.**
7
8 |RCE| supports LDAP (Lightweight Directory Access Protocol) or
7 AD (active Directory) authentication.
9 AD (active Directory) authentication.
8 All LDAP versions are supported, with the following |RCM| plugins managing each:
10 All LDAP versions are currently supported.
9
10 * For LDAP/AD with user group sync use ``LDAP + User Groups (egg:rhodecode-enterprise-ee#ldap_group)``
11
11
12 RhodeCode reads all data defined from plugin and creates corresponding
12 RhodeCode reads all data defined from plugin and creates corresponding
13 accounts on local database after receiving data from LDAP. This is done on
13 accounts on local database after receiving data from LDAP. This is done on
14 every user log-in including operations like pushing/pulling/checkout.
14 every user log-in including operations like pushing/pulling/checkout.
15 In addition group membership is read from LDAP and following operations are done:
15 In addition group membership is read from LDAP and following operations are done:
16
16
17 - automatic addition of user to |RCM| user group
17 - automatic addition of user to |RCE| user group
18 - automatic removal of user from any other |RCM| user groups not specified in LDAP.
18 - automatic removal of user from any other |RCE| user groups not specified in LDAP.
19 The removal is done *only* on groups that are marked to be synced from ldap.
19 The removal is done *only* on groups that are marked to be synced from ldap.
20 This setting can be changed in advanced settings on user groups
20 This setting can be changed in advanced settings on user groups
21 - automatic creation of user groups if they aren't yet existing in |RCM|
21 - automatic creation of user groups if they aren't yet existing in |RCE|
22 - marking user as super-admins if he is a member of any admin group defined in plugin settings
22 - marking user as super-admins if he is a member of any admin group defined in plugin settings
23
23
24 This plugin is available only in EE Edition.
25
24
26 .. important::
25 .. important::
27
26
28 The email used with your |RCE| super-admin account needs to match the email
27 The email used with your |RCE| super-admin account needs to match the email
29 address attached to your admin profile in LDAP. This is because
28 address attached to your admin profile in LDAP. This is because
30 within |RCE| the user email needs to be unique, and multiple users
29 within |RCE| the user email needs to be unique, and multiple users
31 cannot share an email account.
30 cannot share an email account.
32
31
33 Likewise, if as an admin you also have a user account, the email address
32 Likewise, if as an admin you also have a user account, the email address
34 attached to the user account needs to be different.
33 attached to the user account needs to be different.
35
34
36
35
37 LDAP Configuration Steps
36 LDAP Configuration Steps
38 ^^^^^^^^^^^^^^^^^^^^^^^^
37 ^^^^^^^^^^^^^^^^^^^^^^^^
39
38
40 To configure |LDAP|, use the following steps:
39 To configure |LDAP|, use the following steps:
41
40
42 1. From the |RCM| interface, select
41 1. From the |RCE| interface, select
43 :menuselection:`Admin --> Authentication`
42 :menuselection:`Admin --> Authentication`
44 2. Enable the ldap+ groups plugin and select :guilabel:`Save`
43 2. Activate the `LDAP + User Groups` plugin and select :guilabel:`Save`
45 3. Select the :guilabel:`Enabled` check box in the plugin configuration section
44 3. Go to newly available menu option called `LDAP + User Groups` on the left side.
46 4. Add the required LDAP information and :guilabel:`Save`, for more details,
45 4. Check the `enabled` check box in the plugin configuration section,
46 and fill in the required LDAP information and :guilabel:`Save`, for more details,
47 see :ref:`config-ldap-groups-examples`
47 see :ref:`config-ldap-groups-examples`
48
48
49 For a more detailed description of LDAP objects, see :ref:`ldap-gloss-ref`:
49 For a more detailed description of LDAP objects, see :ref:`ldap-gloss-ref`:
50
50
51 .. _config-ldap-groups-examples:
51 .. _config-ldap-groups-examples:
52
52
53 Example LDAP configuration
53 Example LDAP configuration
54 ^^^^^^^^^^^^^^^^^^^^^^^^^^
54 ^^^^^^^^^^^^^^^^^^^^^^^^^^
55 .. code-block:: bash
55
56 Below is example setup that can be used with Active Directory and LDAP server with groups sync::
57
58 *option*: `enabled` => `True`
59 # Enable or disable this authentication plugin.
60
61 *option*: `cache_ttl` => `360`
62 # Amount of seconds to cache the authentication and permissions check response call for this plugin.
63 # Useful for expensive calls like LDAP to improve the performance of the system (0 means disabled).
64
65 *option*: `host` => `192.168.245.143,192.168.1.240`
66 # Host[s] of the LDAP Server
67 # (e.g., 192.168.2.154, or ldap-server.domain.com.
68 # Multiple servers can be specified using commas
69
70 *option*: `port` => `389`
71 # Custom port that the LDAP server is listening on. Default value is: 389, use 689 for LDAPS(SSL)
72
73 *option*: `timeout` => `300`
74 # Timeout for LDAP connection
75
76 *option*: `dn_user` => `Administrator@rhodecode.com`
77 # Optional user DN/account to connect to LDAP if authentication is required.
78 # e.g., cn=admin,dc=mydomain,dc=com, or uid=root,cn=users,dc=mydomain,dc=com, or admin@mydomain.com
79
80 *option*: `dn_pass` => `SomeSecret`
81 # Password to authenticate for given user DN.
82
83 *option*: `tls_kind` => `PLAIN`
84 # TLS Type
85
86 *option*: `tls_reqcert` => `NEVER`
87 # Require Cert over TLS?. Self-signed and custom certificates can be used when
88 # `RhodeCode Certificate` found in admin > settings > system info page is extended.
89
90 *option*: `tls_cert_file` => ``
91 # This specifies the PEM-format file path containing certificates for use in TLS connection.
92 # If not specified `TLS Cert dir` will be used
93
94 *option*: `tls_cert_dir` => `/etc/openldap/cacerts`
95 # This specifies the path of a directory that contains individual CA certificates in separate files.
96
97 *option*: `base_dn` => `dc=rhodecode,dc=com`
98 # Base DN to search. Dynamic bind is supported. Add `$login` marker in it to be replaced with current user credentials
99 # (e.g., dc=mydomain,dc=com, or ou=Users,dc=mydomain,dc=com)
100
101 *option*: `user_search_base` => `ou=RC-Users`
102 # User search base will extend the Base DN
103 # (e.g., ou=Users will result in ou=Users,dc=mydomain,dc=com root DN)
56
104
57 # Auth Cache TTL, Defines the caching for authentication to offload LDAP server.
105 *option*: `user_search_filter` => ``
58 # This means that cache result will be saved for 3600 before contacting LDAP server to verify the user access
106 # Filter to narrow results
59 3600
107 # (e.g., (&(objectCategory=Person)(objectClass=user)), or
60 # Host, comma seperated format is optionally possible to specify more than 1 server
108 # (memberof=cn=rc-login,ou=groups,ou=company,dc=mydomain,dc=com)))
61 https://ldap1.server.com/ldap-admin/,https://ldap2.server.com/ldap-admin/
109
62 # Default LDAP Port, use 689 for LDAPS
110 *option*: `search_scope` => `SUBTREE`
63 389
111 # How deep to search LDAP. If unsure set to SUBTREE
64 # Account, used for SimpleBind if LDAP server requires an authentication
112
65 e.g admin@server.com
113 *option*: `attr_login` => `sAMAccountName`
66 # Password used for simple bind
114 # LDAP Attribute to map to user name (e.g., uid, or sAMAccountName)
67 ldap-user-password
115
68 # LDAP connection security
116 *option*: `attr_email` => `mail`
69 LDAPS
117 # LDAP Attribute to map to email address (e.g., mail).
70 # Certificate checks level
118 # Emails are a crucial part of RhodeCode.
71 DEMAND
119 # If possible add a valid email attribute to ldap users.
72 # Base DN
120
73 cn=Rufus Magillacuddy,ou=users,dc=rhodecode,dc=com
121 *option*: `attr_firstname` => `givenName`
74 # User Search Base
122 # LDAP Attribute to map to first name (e.g., givenName)
75 ou=groups,ou=users
123
76 # LDAP search filter to narrow the results
124 *option*: `attr_lastname` => `sn`
77 (objectClass=person)
125 # LDAP Attribute to map to last name (e.g., sn)
78 # LDAP search scope
126
79 SUBTREE
127 *option*: `group_extraction_type` => `rfc2307bis`
80 # Login attribute
128 # With rfc2307, group members are listed by name in the memberUid attribute
81 sAMAccountName
129 # With rfc2307bis (Microsoft AD compatible) group members are listed by DN and stored in the member attribute
82 # First Name Attribute to read
83 givenName
84 # Last Name Attribute to read
85 sn
86 # Email Attribute to read email address from
87 mail
88 # group extraction method
89 rfc2307bis
90 # Group search base
91 ou=RC-Groups
92 # Group Name Attribute, field to read the group name from
93 sAMAAccountName
94 # User Member of Attribute, field in which groups are stored
95 memberOf
96 # LDAP Group Search Filter, allows narrowing the results
97
130
98 # Admin Groups. Comma separated list of groups. If user is member of
131 *option*: `group_search_base` => `ou=RC-Groups`
99 # any of those he will be marked as super-admin in RhodeCode
132 # Group search base will extend the Base DN (e.g. ou=Groups will result in ou=Groups,dc=mydomain,dc=com)
100 admins, management
101
133
134 *option*: `group_name_attr` => `sAMAccountName`
135 # LDAP Attribute to map to group name (e.g., cn, or sAMAccountName)
136
137 *option*: `user_member_of` => `memberOf`
138 # Users Attribute used to fetch the group membership.
139 # Use if users have stored group membership inside their attributes
140 # (e.g., memberOf, or userMemberOf)
102
141
103 Below is example setup that can be used with Active Directory and ldap groups.
142 *option*: `group_search_filter` => ``
143 # Filter to narrow results (e.g., (&(objectCategory=Group)(objectClass=group)), etc)
144
145 *option*: `group_member_of` => `memberOf`
146 # LDAP Attribute used to resolve the parent group (e.g., memberOf)
104
147
105 .. image:: ../images/ldap-groups-example.png
148 *option*: `admin_groups` => `Admins,Management`
106 :alt: LDAP/AD setup example
149 # A comma separated list of group names that identify users as RhodeCode Administrators (e.g., admins)
107 :scale: 50 %
150
151 *option*: `admin_groups_sync` => `full`
152 # Way to sync Admin groups.
153 # Full means admin flag is set to on or off according to membership in administrator group defined above.
154 # On-only means the flag is only set to on, and not turned off once user is no longer a member
155
108
156
109 .. toctree::
157 .. toctree::
110
158
111 ldap-active-directory
159 ldap-active-directory
112 ldap-authentication No newline at end of file
160 ldap-authentication
@@ -1,89 +1,117 b''
1 .. _config-ldap-ref:
1 .. _config-ldap-ref:
2
2
3 LDAP/AD
3 LDAP/AD
4 -------
4 -------
5
5
6 |RCM| supports LDAP (Lightweight Directory Access Protocol) or
6 |RCE| supports LDAP (Lightweight Directory Access Protocol) or
7 AD (active Directory) authentication.
7 AD (active Directory) authentication.
8 All LDAP versions are supported, with the following |RCM| plugins managing each:
8 All LDAP versions are currently supported.
9
10 * For LDAP or Active Directory use ``LDAP (egg:rhodecode-enterprise-ce#ldap)``
11
9
12 RhodeCode reads all data defined from plugin and creates corresponding
10 RhodeCode reads all data defined from plugin and creates corresponding
13 accounts on local database after receiving data from LDAP. This is done on
11 accounts on local database after receiving data from LDAP. This is done on
14 every user log-in including operations like pushing/pulling/checkout.
12 every user log-in including operations like pushing/pulling/checkout.
15
13
16
14
17 .. important::
15 .. important::
18
16
19 The email used with your |RCE| super-admin account needs to match the email
17 The email used with your |RCE| super-admin account needs to match the email
20 address attached to your admin profile in LDAP. This is because
18 address attached to your admin profile in LDAP. This is because
21 within |RCE| the user email needs to be unique, and multiple users
19 within |RCE| the user email needs to be unique, and multiple users
22 cannot share an email account.
20 cannot share an email account.
23
21
24 Likewise, if as an admin you also have a user account, the email address
22 Likewise, if as an admin you also have a user account, the email address
25 attached to the user account needs to be different.
23 attached to the user account needs to be different.
26
24
27
25
28 LDAP Configuration Steps
26 LDAP Configuration Steps
29 ^^^^^^^^^^^^^^^^^^^^^^^^
27 ^^^^^^^^^^^^^^^^^^^^^^^^
30
28
31 To configure |LDAP|, use the following steps:
29 To configure |LDAP|, use the following steps:
32
30
33 1. From the |RCM| interface, select
31 1. From the |RCE| interface, select
34 :menuselection:`Admin --> Authentication`
32 :menuselection:`Admin --> Authentication`
35 2. Enable the ldap plugin and select :guilabel:`Save`
33 2. Activate the `LDAP` plugin and select :guilabel:`Save`
36 3. Select the :guilabel:`Enabled` check box in the plugin configuration section
34 3. Go to newly available menu option called `LDAP` on the left side.
37 4. Add the required LDAP information and :guilabel:`Save`, for more details,
35 4. Check the `enabled` check box in the plugin configuration section,
36 and fill in the required LDAP information and :guilabel:`Save`, for more details,
38 see :ref:`config-ldap-examples`
37 see :ref:`config-ldap-examples`
39
38
40 For a more detailed description of LDAP objects, see :ref:`ldap-gloss-ref`:
39 For a more detailed description of LDAP objects, see :ref:`ldap-gloss-ref`:
41
40
42 .. _config-ldap-examples:
41 .. _config-ldap-examples:
43
42
44 Example LDAP configuration
43 Example LDAP configuration
45 ^^^^^^^^^^^^^^^^^^^^^^^^^^
44 ^^^^^^^^^^^^^^^^^^^^^^^^^^
46 .. code-block:: bash
45
46 Below is example setup that can be used with Active Directory/LDAP server::
47
48 *option*: `enabled` => `True`
49 # Enable or disable this authentication plugin.
50
51 *option*: `cache_ttl` => `360`
52 # Amount of seconds to cache the authentication and permissions check response call for this plugin.
53 # Useful for expensive calls like LDAP to improve the performance of the system (0 means disabled).
54
55 *option*: `host` => `192.168.245.143,192.168.1.240`
56 # Host[s] of the LDAP Server
57 # (e.g., 192.168.2.154, or ldap-server.domain.com.
58 # Multiple servers can be specified using commas
59
60 *option*: `port` => `389`
61 # Custom port that the LDAP server is listening on. Default value is: 389, use 689 for LDAPS(SSL)
62
63 *option*: `timeout` => `300`
64 # Timeout for LDAP connection
65
66 *option*: `dn_user` => `Administrator@rhodecode.com`
67 # Optional user DN/account to connect to LDAP if authentication is required.
68 # e.g., cn=admin,dc=mydomain,dc=com, or uid=root,cn=users,dc=mydomain,dc=com, or admin@mydomain.com
69
70 *option*: `dn_pass` => `SomeSecret`
71 # Password to authenticate for given user DN.
72
73 *option*: `tls_kind` => `PLAIN`
74 # TLS Type
47
75
48 # Auth Cache TTL, Defines the caching for authentication to offload LDAP server.
76 *option*: `tls_reqcert` => `NEVER`
49 # This means that cache result will be saved for 3600 before contacting LDAP server to verify the user access
77 # Require Cert over TLS?. Self-signed and custom certificates can be used when
50 3600
78 # `RhodeCode Certificate` found in admin > settings > system info page is extended.
51 # Host, comma seperated format is optionally possible to specify more than 1 server
79
52 https://ldap1.server.com/ldap-admin/,https://ldap2.server.com/ldap-admin/
80 *option*: `tls_cert_file` => ``
53 # Default LDAP Port, use 689 for LDAPS
81 # This specifies the PEM-format file path containing certificates for use in TLS connection.
54 389
82 # If not specified `TLS Cert dir` will be used
55 # Account, used for SimpleBind if LDAP server requires an authentication
83
56 e.g admin@server.com
84 *option*: `tls_cert_dir` => `/etc/openldap/cacerts`
57 # Password used for simple bind
85 # This specifies the path of a directory that contains individual CA certificates in separate files.
58 ldap-user-password
86
59 # LDAP connection security
87 *option*: `base_dn` => `cn=Rufus Magillacuddy,ou=users,dc=rhodecode,dc=com`
60 LDAPS
88 # Base DN to search. Dynamic bind is supported. Add `$login` marker in it to be replaced with current user credentials
61 # Certificate checks level
89 # (e.g., dc=mydomain,dc=com, or ou=Users,dc=mydomain,dc=com)
62 DEMAND
63 # Base DN
64 cn=Rufus Magillacuddy,ou=users,dc=rhodecode,dc=com
65 # LDAP search filter to narrow the results
66 (objectClass=person)
67 # LDAP search scope
68 SUBTREE
69 # Login attribute
70 sAMAccountName
71 # First Name Attribute to read
72 givenName
73 # Last Name Attribute to read
74 sn
75 # Email Attribute to read email address from
76 mail
77
90
91 *option*: `filter` => `(objectClass=person)`
92 # Filter to narrow results
93 # (e.g., (&(objectCategory=Person)(objectClass=user)), or
94 # (memberof=cn=rc-login,ou=groups,ou=company,dc=mydomain,dc=com)))
78
95
79 Below is example setup that can be used with Active Directory/LDAP server.
96 *option*: `search_scope` => `SUBTREE`
97 # How deep to search LDAP. If unsure set to SUBTREE
98
99 *option*: `attr_login` => `sAMAccountName`
100 # LDAP Attribute to map to user name (e.g., uid, or sAMAccountName)
80
101
81 .. image:: ../images/ldap-example.png
102 *option*: `attr_email` => `mail`
82 :alt: LDAP/AD setup example
103 # LDAP Attribute to map to email address (e.g., mail).
83 :scale: 50 %
104 # Emails are a crucial part of RhodeCode.
105 # If possible add a valid email attribute to ldap users.
106
107 *option*: `attr_firstname` => `givenName`
108 # LDAP Attribute to map to first name (e.g., givenName)
109
110 *option*: `attr_lastname` => `sn`
111 # LDAP Attribute to map to last name (e.g., sn)
84
112
85
113
86 .. toctree::
114 .. toctree::
87
115
88 ldap-active-directory
116 ldap-active-directory
89 ldap-authentication
117 ldap-authentication
@@ -1,14 +1,14 b''
1 .. _config-pam-ref:
1 .. _config-pam-ref:
2
2
3 PAM
3 PAM
4 ---
4 ---
5
5
6 To enable PAM authentication, use the following steps:
6 To enable PAM authentication, use the following steps:
7
7
8 1. From the |RCM| interface, go to :menuselection:`Admin --> Authentication`
8 1. From the |RCE| interface, go to :menuselection:`Admin --> Authentication`
9 2. Enable the ``rhodecode.lib.auth_modules.auth_pam`` library and select save
9 2. Activate the ``rhodecode.lib.auth_modules.auth_pam`` library and select save
10 3. On the PAM plugin settings section, do the following:
10 3. On the PAM plugin settings section, do the following:
11
11
12 * Check the :guilabel:`Enable` checkbox
12 * Check the :guilabel:`Enable` checkbox
13 * Enter your PAM server settings
13 * Enter your PAM server settings
14 * Select :guilabel:`Save`
14 * Select :guilabel:`Save`
@@ -1,76 +1,80 b''
1 .. _config-token-ref:
1 .. _config-token-ref:
2
2
3 Authentication Tokens
3 Authentication Tokens
4 ---------------------
4 ---------------------
5
5
6 |RCE| has 4 different kinds of authentication tokens.
6 |RCE| has 4 different kinds of authentication tokens. `API token`, `Feed tokens` work
7 without a need to enable any additional authentication. `VCS tokens` require dedicated
8 authentication plugin to be activated. `Web Interface tokens` are controlled by the
9 white_list configuration.
7
10
8 * *API tokens*: API tokens can only be used to execute |RCE| API operations.
11 * *API tokens*: API tokens can only be used to execute |RCE| API operations.
9 You can store your API token and assign it to each instance in
12 You can store your API token and assign it to each instance in
10 the :file:`/home/{user}/.rhoderc` file. See the
13 the :file:`/home/{user}/.rhoderc` file. See the
11 example in :ref:`indexing-ref` section for more details.
14 example in :ref:`indexing-ref` section for more details.
12
15
13 * *Feed tokens*: The feed token can only be used to access the RSS feed.
16 * *Feed tokens*: The feed token can only be used to access the RSS feed.
14 Usually those are safe to store inside your RSS feed reader.
17 Usually those are safe to store inside your RSS feed reader.
15
16 * *VCS tokens*: You can use these to authenticate with |git|, |hg| and |svn|
17 operations instead of a password. They are designed to be used with
18 CI Servers or other third party tools that require |repo| access.
19 They are also a good replacement for SSH based access.
20 To use these tokens you need be enabled special authentication method on
21 |RCE|, as they are disabled by default.
22 See :ref:`enable-vcs-tokens`.
23
18
24 * *Web Interface tokens*: These token allows users to access the web
19 * *Web Interface tokens*: These token allows users to access the web
25 interface of |RCE| without logging in.
20 interface of |RCE| without logging in.
26
21
27 You can add these tokens to an |RCE| server url, to expose the page content
22 You can add these tokens to an |RCE| server url, to expose the page content
28 based on the given token.
23 based on the given token.
29
24
30 This is useful to integrate 3rd party systems, good example is to expose
25 This is useful to integrate 3rd party systems, good example is to expose
31 raw diffs to another code-review system without having to worry about
26 raw diffs to another code-review system without having to worry about
32 authentication.
27 authentication.
33
28
34 These tokens only work if a certain view is whitelisted
29 These tokens only work if a certain view is whitelisted
35 under `api_access_controllers_whitelist` inside
30 under `api_access_controllers_whitelist` inside
36 the :file:`rhodecode.ini` file.
31 the :file:`rhodecode.ini` file.
37
32
38 .. code-block:: bash
33 .. code-block:: bash
39
34
40 # To download a repo without logging into Web UI
35 # To download a repo without logging into Web UI
41 https://rhodecode.com/repo/archive/tip.zip?auth_token=<web-api-token>
36 https://rhodecode.com/repo/archive/tip.zip?auth_token=<web-api-token>
42
37
43 # To show commit diff without logging into Web UI
38 # To show commit diff without logging into Web UI
44 https://rhodecode.com/repo/changeset-diff/<sha>?auth_token=<web-api-token>
39 https://rhodecode.com/repo/raw-diff/<sha>?auth_token=<web-api-token>
40
41 * *VCS tokens*: You can use these to authenticate with |git|, |hg| and |svn|
42 operations instead of a password. They are designed to be used with
43 CI Servers or other third party tools that require |repo| access.
44 They are also a good replacement for SSH based access.
45 To use these tokens you need be enabled special authentication method on
46 |RCE|, as they are disabled by default.
47 See :ref:`enable-vcs-tokens`.
48
45
49
46 .. _enable-vcs-tokens:
50 .. _enable-vcs-tokens:
47
51
48 Enabling VCS Tokens
52 Enabling VCS Tokens
49 ^^^^^^^^^^^^^^^^^^^
53 ^^^^^^^^^^^^^^^^^^^
50
54
51 To enable VCS Tokens, use the following steps:
55 To enable VCS Tokens, use the following steps:
52
56
53 1. Go to :menuselection:`Admin --> Authentication`.
57 1. Go to :menuselection:`Admin --> Authentication`.
54 2. Enable the ``rhodecode.lib.auth_modules.auth_token`` plugin.
58 2. Activate the ``rhodecode.lib.auth_modules.auth_token`` plugin.
55 3. Click :guilabel:`Save`.
59 3. Click :guilabel:`Save`.
56
60
57 Authentication Token Tips
61 Authentication Token Tips
58 ^^^^^^^^^^^^^^^^^^^^^^^^^
62 ^^^^^^^^^^^^^^^^^^^^^^^^^
59
63
60 * Use Authentication Tokens instead of your password with external services.
64 * Use Authentication Tokens instead of your password with external services.
61 * Create multiple Authentication Tokens on your account to enable
65 * Create multiple Authentication Tokens on your account to enable
62 access to your |repos| with a different |authtoken| per method used.
66 access to your |repos| with a different |authtoken| per method used.
63 * Set an expiry limit on certain tokens if you think it would be a good idea.
67 * Set an expiry limit on certain tokens if you think it would be a good idea.
64
68
65 Creating Tokens
69 Creating Tokens
66 ^^^^^^^^^^^^^^^
70 ^^^^^^^^^^^^^^^
67
71
68 To create authentication tokens for an user, use the following steps:
72 To create authentication tokens for an user, use the following steps:
69
73
70 1. From the |RCM| interface go to
74 1. From the |RCE| interface go to
71 :menuselection:`Username --> My Account --> Auth tokens`.
75 :menuselection:`Username --> My Account --> Auth tokens`.
72
76
73 2. Label and Add the tokens you wish to use with |RCE|.
77 2. Label and Add the tokens you wish to use with |RCE|.
74
78
75 .. image:: ../images/tokens.png
79 .. image:: ../images/tokens.png
76
80
@@ -1,32 +1,34 b''
1 .. _authentication-ref:
1 .. _authentication-ref:
2
2
3 Authentication Options
3 Authentication Options
4 ======================
4 ======================
5
5
6 |RCE| provides a built in authentication against its own database. This is
6 |RCE| provides a built in authentication against its own database. This is
7 implemented using ``rhodecode.lib.auth_rhodecode`` plugin. This plugin is
7 implemented using ``RhodeCode Internal`` plugin. This plugin is enabled by default.
8 enabled by default.
9 Additionally, |RCE| provides a Pluggable Authentication System. This gives the
8 Additionally, |RCE| provides a Pluggable Authentication System. This gives the
10 administrator greater control over how users authenticate with the system.
9 administrator greater control over how users authenticate with the system.
11
10
12 .. important::
11 .. important::
13
12
14 You can disable the built in |RCM| authentication plugin
13 You can disable the built in |RCE| authentication plugin
15 ``rhodecode.lib.auth_rhodecode`` and force all authentication to go
14 ``RhodeCode Internal`` and force all authentication to go
16 through your authentication plugin of choice e.g LDAP only.
15 through your authentication plugin of choice e.g LDAP only.
17 However, if you do this, and your external authentication tools fails,
16 However, if you do this, and your external authentication tools fails,
18 you will be unable to access |RCM|.
17 accessing |RCE| will be blocked unless a fallback plugin is
18 enabled via :file: rhodecode.ini
19
19
20 |RCM| comes with the following user authentication management plugins:
20
21 |RCE| comes with the following user authentication management plugins:
21
22
22
23
23 .. toctree::
24 .. toctree::
24
25
26 auth-token
25 auth-ldap
27 auth-ldap
26 auth-ldap-groups
28 auth-ldap-groups
29 auth-saml-generic
30 auth-saml-onelogin
31 auth-saml-duosecurity
27 auth-crowd
32 auth-crowd
28 auth-pam
33 auth-pam
29 auth-token
30 ssh-connection
34 ssh-connection
31
32
@@ -1,29 +1,75 b''
1 .. _ldap-act-dir-ref:
1 .. _ldap-act-dir-ref:
2
2
3 Active Directory
3 Active Directory
4 ----------------
4 ----------------
5
5
6 |RCM| can use Microsoft Active Directory for user authentication. This is
6 |RCE| can use Microsoft Active Directory for user authentication. This is
7 done through an LDAP or LDAPS connection to Active Directory. Use the
7 done through an LDAP or LDAPS connection to Active Directory. Use the
8 following example LDAP configuration setting to set your Active Directory
8 following example LDAP configuration setting to set your Active Directory
9 authentication.
9 authentication::
10
11 .. code-block:: ini
12
13 # Set the Base DN
14 Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local
15 # Set the Active Directory SAM-Account-Name
16 Login Attribute = sAMAccountName
17 # Set the Active Directory user name
18 First Name Attribute = usernameame
19 # Set the Active Directory user surname
20 Last Name Attribute = user_surname
21 # Set the Active Directory user email
22 E-mail Attribute = userEmail
23
10
24
11
25 Below is example setup that can be used with Active Directory and ldap groups.
12 *option*: `enabled` => `True`
13 # Enable or disable this authentication plugin.
14
15 *option*: `cache_ttl` => `360`
16 # Amount of seconds to cache the authentication and permissions check response call for this plugin.
17 # Useful for expensive calls like LDAP to improve the performance of the system (0 means disabled).
18
19 *option*: `host` => `192.168.245.143,192.168.1.240`
20 # Host[s] of the LDAP Server
21 # (e.g., 192.168.2.154, or ldap-server.domain.com.
22 # Multiple servers can be specified using commas
23
24 *option*: `port` => `389`
25 # Custom port that the LDAP server is listening on. Default value is: 389, use 689 for LDAPS(SSL)
26
27 *option*: `timeout` => `300`
28 # Timeout for LDAP connection
29
30 *option*: `dn_user` => `Administrator@rhodecode.com`
31 # Optional user DN/account to connect to LDAP if authentication is required.
32 # e.g., cn=admin,dc=mydomain,dc=com, or uid=root,cn=users,dc=mydomain,dc=com, or admin@mydomain.com
33
34 *option*: `dn_pass` => `SomeSecret`
35 # Password to authenticate for given user DN.
36
37 *option*: `tls_kind` => `PLAIN`
38 # TLS Type
39
40 *option*: `tls_reqcert` => `NEVER`
41 # Require Cert over TLS?. Self-signed and custom certificates can be used when
42 # `RhodeCode Certificate` found in admin > settings > system info page is extended.
26
43
27 .. image:: ../images/ldap-groups-example.png
44 *option*: `tls_cert_file` => ``
28 :alt: LDAP/AD setup example
45 # This specifies the PEM-format file path containing certificates for use in TLS connection.
29 :scale: 50 % No newline at end of file
46 # If not specified `TLS Cert dir` will be used
47
48 *option*: `tls_cert_dir` => `/etc/openldap/cacerts`
49 # This specifies the path of a directory that contains individual CA certificates in separate files.
50
51 *option*: `base_dn` => `OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local`
52 # Base DN to search. Dynamic bind is supported. Add `$login` marker in it to be replaced with current user credentials
53 # (e.g., dc=mydomain,dc=com, or ou=Users,dc=mydomain,dc=com)
54
55 *option*: `filter` => `(objectClass=person)`
56 # Filter to narrow results
57 # (e.g., (&(objectCategory=Person)(objectClass=user)), or
58 # (memberof=cn=rc-login,ou=groups,ou=company,dc=mydomain,dc=com)))
59
60 *option*: `search_scope` => `SUBTREE`
61 # How deep to search LDAP. If unsure set to SUBTREE
62
63 *option*: `attr_login` => `sAMAccountName`
64 # LDAP Attribute to map to user name (e.g., uid, or sAMAccountName)
65
66 *option*: `attr_email` => `userEmail`
67 # LDAP Attribute to map to email address (e.g., mail).
68 # Emails are a crucial part of RhodeCode.
69 # If possible add a valid email attribute to ldap users.
70
71 *option*: `attr_firstname` => `user_firstname`
72 # LDAP Attribute to map to first name (e.g., givenName)
73
74 *option*: `attr_lastname` => `user_surname`
75 # LDAP Attribute to map to last name (e.g., sn)
@@ -1,113 +1,107 b''
1 .. _ldap-gloss-ref:
1 .. _ldap-gloss-ref:
2
2
3 |LDAP| Glossary
3 |LDAP| Glossary
4 ---------------
4 ---------------
5
5
6 This topic aims to give you a concise overview of the different settings and
6 This topic aims to give you a concise overview of the different settings and
7 requirements that enabling |LDAP| on |RCE| requires.
7 requirements that enabling |LDAP| on |RCE| requires.
8
8
9 Required settings
9 Required settings
10 ^^^^^^^^^^^^^^^^^
10 ^^^^^^^^^^^^^^^^^
11
11
12 The following LDAP attributes are required when enabling |LDAP| on |RCE|.
12 The following LDAP attributes are required when enabling |LDAP| on |RCE|.
13
13
14 * **Hostname** or **IP Address**: Use a comma separated list for failover
14 * **Hostname** or **IP Address**: Use a comma separated list for failover
15 support.
15 support.
16 * **First Name**
16 * **First Name**
17 * **Surname**
17 * **Surname**
18 * **Email**
18 * **Email**
19 * **Port**: Port `389` for unencrypted LDAP or port `636` for SSL-encrypted
19 * **Port**: Port `389` for unencrypted LDAP or port `636` for SSL-encrypted
20 LDAP (LDAPS).
20 LDAP (LDAPS).
21 * **Base DN (Distinguished Name)**: The Distinguished Name (DN)
21 * **Base DN (Distinguished Name)**: The Distinguished Name (DN)
22 is how searches for users will be performed, and these searches can be
22 is how searches for users will be performed, and these searches can be
23 controlled by using an LDAP Filter or LDAP Search Scope. A DN is a sequence of
23 controlled by using an LDAP Filter or LDAP Search Scope. A DN is a sequence of
24 relative distinguished names (RDN) connected by commas. For example,
24 relative distinguished names (RDN) connected by commas. For example,
25
25
26 .. code-block:: vim
26 .. code-block:: vim
27
27
28 DN: cn='Monty Python',ou='people',dc='example',dc='com'
28 DN: cn='Monty Python',ou='people',dc='example',dc='com'
29
29
30 * **Connection security level**: The following are the valid types:
30 * **Connection security level**: The following are the valid types:
31
31
32 * *No encryption*: This connection type uses a plain non-encrypted connection.
32 * *No encryption*: This connection type uses a plain non-encrypted connection.
33 * *LDAPS connection*: This connection type uses end-to-end SSL. To enable
33 * *LDAPS connection*: This connection type uses end-to-end SSL. To enable
34 an LDAPS connection you must set the following requirements:
34 an LDAPS connection you must set the following requirements:
35
35
36 * You must specify port `636`
36 * You must specify port `636`
37 * Certificate checks are required.
37 * Certificate checks are required.
38 * To enable ``START_TLS`` on LDAP connection, set the path to the SSL
38 * To enable ``START_TLS`` on LDAP connection, set the path to the SSL
39 certificate in the default LDAP configuration file. The default
39 certificate in the default LDAP configuration file. The default
40 `ldap.conf` file is located in `/etc/openldap/ldap.conf`.
40 `ldap.conf` file is located in `/etc/openldap/ldap.conf`.
41
41
42 .. code-block:: vim
42 .. code-block:: vim
43
43
44 TLS_CACERT /etc/ssl/certs/ca.crt
44 TLS_CACERT /etc/ssl/certs/ca.crt
45
45
46 * The LDAP username or account used to connect to |RCE|. This will be added
46 * The LDAP username or account used to connect to |RCE|. This will be added
47 to the LDAP filter for locating the user object.
47 to the LDAP filter for locating the user object.
48 * For example, if an LDAP filter is specified as `LDAPFILTER`,
48 * For example, if an LDAP filter is specified as `LDAPFILTER`,
49 the login attribute is specified as `uid`, and the user connects as
49 the login/username attribute is specified as `uid`, and the user connects as
50 `jsmith`, then the LDAP Filter will be like the following example.
50 `jsmith`, then the LDAP Filter will be like the following example.
51
51
52 .. code-block:: vim
52 .. code-block:: vim
53
53
54 (&(LDAPFILTER)(uid=jsmith))
54 (&(LDAPFILTER)(uid=jsmith))
55
55
56 * The LDAP search scope must be set. This limits how far LDAP will search for
56 * The LDAP search scope must be set. This limits how far LDAP will search for
57 a matching object.
57 a matching object.
58
58
59 * ``BASE`` Only allows searching of the Base DN.
59 * ``BASE`` Only allows searching of the Base DN.
60 * ``ONELEVEL`` Searches all entries under the Base DN,
60 * ``ONELEVEL`` Searches all entries under the Base DN,
61 but not the Base DN itself.
61 but not the Base DN itself.
62 * ``SUBTREE`` Searches all entries below the Base DN, but not Base DN itself.
62 * ``SUBTREE`` Searches all entries below the Base DN, but not Base DN itself.
63
63
64 .. note::
64 .. note::
65
65
66 When using ``SUBTREE`` LDAP filtering it is useful to limit object location.
66 When using ``SUBTREE`` LDAP filtering it is useful to limit object location.
67
67
68 Optional settings
68 Optional settings
69 ^^^^^^^^^^^^^^^^^
69 ^^^^^^^^^^^^^^^^^
70
70
71 The following are optional when enabling LDAP on |RCM|
71 The following are optional when enabling LDAP on |RCE|
72
72
73 * An LDAP account is only required if the LDAP server does not allow
73 * An LDAP account is only required if the LDAP server does not allow
74 anonymous browsing of records.
74 anonymous browsing of records.
75 * An LDAP password is only required if the LDAP server does not allow
75 * An LDAP password is only required if the LDAP server does not allow
76 anonymous browsing of records
76 anonymous browsing of records
77 * Using an LDAP filter is optional. An LDAP filter defined by `RFC 2254`_. This
77 * Using an LDAP filter is optional. An LDAP filter defined by `RFC 2254`_. This
78 is more useful that the LDAP Search Scope if set to `SUBTREE`. The filter
78 is more useful that the LDAP Search Scope if set to `SUBTREE`. The filter
79 is useful for limiting which LDAP objects are identified as representing
79 is useful for limiting which LDAP objects are identified as representing
80 Users for authentication. The filter is augmented by Login Attribute
80 Users for authentication. The filter is augmented by Login Attribute
81 below. This can commonly be left blank.
81 below. This can commonly be left blank.
82 * Certificate Checks are only required if you need to use LDAPS.
82 * Certificate Checks are only required if you need to use LDAPS.
83 You can use the following levels of LDAP service with RhodeCode Enterprise:
83 You can use the following levels of LDAP service with RhodeCode Enterprise:
84
84
85 * **NEVER** : A serve certificate will never be requested or checked.
85 * **NEVER** : A serve certificate will never be requested or checked.
86 * **ALLOW** : A server certificate is requested. Failure to provide a
86 * **ALLOW** : A server certificate is requested. Failure to provide a
87 certificate or providing a bad certificate will not terminate the session.
87 certificate or providing a bad certificate will not terminate the session.
88 * **TRY** : A server certificate is requested. Failure to provide a
88 * **TRY** : A server certificate is requested. Failure to provide a
89 certificate does not halt the session; providing a bad certificate
89 certificate does not halt the session; providing a bad certificate
90 halts the session.
90 halts the session.
91 * **DEMAND** : A server certificate is requested and must be provided
91 * **DEMAND** : A server certificate is requested and must be provided
92 and authenticated for the session to proceed.
92 and authenticated for the session to proceed.
93 * **HARD** : The same as DEMAND.
93 * **HARD** : The same as DEMAND.
94
94
95 .. note::
95 .. note::
96
96
97 Only **DEMAND** or **HARD** offer full SSL security while the other
97 Only **DEMAND** or **HARD** offer full SSL security while the other
98 options are vulnerable to man-in-the-middle attacks.
98 options are vulnerable to man-in-the-middle attacks.
99
99
100 |RCE| uses ``OPENLDAP`` libraries. This allows **DEMAND** or
100 |RCE| uses ``OPENLDAP`` libraries. This allows **DEMAND** or
101 **HARD** LDAPS connections to use self-signed certificates or
101 **HARD** LDAPS connections to use self-signed certificates or
102 certificates that do not have traceable certificates of authority.
102 certificates that do not have traceable certificates of authority.
103 To enable this functionality install the SSL certificates in the
103 To enable this functionality install the SSL certificates in the
104 following directory: `/etc/openldap/cacerts`
104 following directory: `/etc/openldap/cacerts`
105
105
106
106
107 Below is example setup that can be used with Active Directory and ldap groups.
108
109 .. image:: ../images/ldap-groups-example.png
110 :alt: LDAP/AD setup example
111 :scale: 50 %
112
113 .. _RFC 2254: http://www.rfc-base.org/rfc-2254.html No newline at end of file
107 .. _RFC 2254: http://www.rfc-base.org/rfc-2254.html
@@ -1,27 +1,27 b''
1 .. _code-review-ref:
1 .. _code-review-ref:
2
2
3 Code Review
3 Code Review
4 ===========
4 ===========
5
5
6 |RCM| provides two ways in which you can review code. You can review |prs| or
6 |RCE| provides two ways in which you can review code. You can review |prs| or
7 commits. To better understand |prs|, see the :ref:`pull-requests-ref`
7 commits. To better understand |prs|, see the :ref:`pull-requests-ref`
8 and :ref:`collaborate-ref` sections. For more information about why
8 and :ref:`collaborate-ref` sections. For more information about why
9 code review matters, see these posts on the topic:
9 code review matters, see these posts on the topic:
10
10
11 * `Code Review - Fix Bugs Early and Often`_
11 * `Code Review - Fix Bugs Early and Often`_
12 * `Code Review - How to Convince a Skeptic`_
12 * `Code Review - How to Convince a Skeptic`_
13 * `Code Review - Learn How NASA Codes`_
13 * `Code Review - Learn How NASA Codes`_
14
14
15 You can also use the |RCE| API set up continuous integration servers to leave
15 You can also use the |RCE| API set up continuous integration servers to leave
16 comments from a test suite. See the :ref:`api` and
16 comments from a test suite. See the :ref:`api` and
17 :ref:`extensions-hooks-ref` sections for examples on how to set this up.
17 :ref:`extensions-hooks-ref` sections for examples on how to set this up.
18
18
19 .. toctree::
19 .. toctree::
20
20
21 review-diffs
21 review-diffs
22 approve-changes
22 approve-changes
23 reviewing-best-practices
23 reviewing-best-practices
24
24
25 .. _Code Review - Fix Bugs Early and Often: https://rhodecode.com/blog/code-review-fix-bugs-early-often/
25 .. _Code Review - Fix Bugs Early and Often: https://rhodecode.com/blog/code-review-fix-bugs-early-often/
26 .. _Code Review - How to Convince a Skeptic: https://rhodecode.com/blog/code-review-convince-skeptic/
26 .. _Code Review - How to Convince a Skeptic: https://rhodecode.com/blog/code-review-convince-skeptic/
27 .. _Code Review - Learn How NASA Codes: https://rhodecode.com/blog/code-review-learn-nasa-codes/
27 .. _Code Review - Learn How NASA Codes: https://rhodecode.com/blog/code-review-learn-nasa-codes/
@@ -1,42 +1,42 b''
1 .. _code-diff-side-ref:
1 .. _code-diff-side-ref:
2
2
3 Reviewing Diffs
3 Reviewing Diffs
4 ---------------
4 ---------------
5
5
6 Diffs are representations of changes made between different changesets of
6 Diffs are representations of changes made between different changesets of
7 a file. |RCE| provides 4 different types of diffs for each commit or
7 a file. |RCE| provides 4 different types of diffs for each commit or
8 changeset, and depending on your preference you can use whichever for code
8 changeset, and depending on your preference you can use whichever for code
9 review purposes.
9 review purposes.
10
10
11 * Plain diff
11 * Plain diff
12 * Full diff
12 * Full diff
13 * Side-by-side diff
13 * Side-by-side diff
14 * Raw diff
14 * Raw diff
15
15
16 Reviewing Changes
16 Reviewing Changes
17 -----------------
17 -----------------
18
18
19 |RCM| displays all code changes made with each commit. Removed content is
19 |RCE| displays all code changes made with each commit. Removed content is
20 marked in red and new content in green.
20 marked in red and new content in green.
21
21
22 .. image:: ../images/plain-diff.png
22 .. image:: ../images/plain-diff.png
23 :alt: Plain Diff
23 :alt: Plain Diff
24
24
25 Side-By-Side Diffs
25 Side-By-Side Diffs
26 ------------------
26 ------------------
27
27
28 To review code with a side-by-side diff, use the following steps:
28 To review code with a side-by-side diff, use the following steps:
29
29
30 1. Open the repository in which you wish to review a file
30 1. Open the repository in which you wish to review a file
31 2. Select the revision you wish to review
31 2. Select the revision you wish to review
32 3. Select the side-by-side diff icon beside the file name
32 3. Select the side-by-side diff icon beside the file name
33
33
34 .. image:: ../images/side-by-side-diff.png
34 .. image:: ../images/side-by-side-diff.png
35 :alt: Side by side diff
35 :alt: Side by side diff
36
36
37
37
38 Notifying Users
38 Notifying Users
39 ---------------
39 ---------------
40
40
41 To notify other users of you comments, or requests for feedback,
41 To notify other users of you comments, or requests for feedback,
42 see :ref:`review-notifications-ref`
42 see :ref:`review-notifications-ref`
@@ -1,19 +1,19 b''
1 Approve |prs|
1 Approve |prs|
2 -------------
2 -------------
3
3
4 To approve a |pr|, use the following steps:
4 To approve a |pr|, use the following steps:
5
5
6 1. Select :menuselection:`username --> Notifications --> Pull Requests`
6 1. Select :menuselection:`username --> Notifications --> Pull Requests`
7 and open the |pr| you with to approve
7 and open the |pr| you with to approve
8 2. Leave your review comments inline, or in the commit message.
8 2. Leave your review comments inline, or in the commit message.
9 3. Leave a commit message that outlines the review.
9 3. Leave a commit message that outlines the review.
10 4. Set the review status to :guilabel:`Approved`
10 4. Set the review status to :guilabel:`Approved`
11 5. Select :guilabel:`Comment`
11 5. Select :guilabel:`Comment`
12
12
13 If you approve the |pr|, you will be able to merge automatically if |RCM|
13 If you approve the |pr|, you will be able to merge automatically if |RCE|
14 detects that it can do so safely. You will see this message:
14 detects that it can do so safely. You will see this message:
15
15
16 :guilabel:`This pull request can be automatically merged.`
16 :guilabel:`This pull request can be automatically merged.`
17
17
18 Otherwise you will need to merge the |pr| locally and push your changes, see
18 Otherwise you will need to merge the |pr| locally and push your changes, see
19 :ref:`manual-merge-requests-ref`.
19 :ref:`manual-merge-requests-ref`.
@@ -1,24 +1,24 b''
1 .. _collaborate-ref:
1 .. _collaborate-ref:
2
2
3 Collaboration
3 Collaboration
4 =============
4 =============
5
5
6 .. note::
6 .. note::
7
7
8 Forking and branching does not work with |svn| |repos|.
8 Forking and branching does not work with |svn| |repos|.
9
9
10 Collaboration in |RCM| is accomplished through a combination of the following
10 Collaboration in |RCE| is accomplished through a combination of the following
11 functions:
11 functions:
12
12
13 .. only:: latex
13 .. only:: latex
14
14
15 * :ref:`review-notifications-ref`
15 * :ref:`review-notifications-ref`
16 * :ref:`forks-branches-ref`
16 * :ref:`forks-branches-ref`
17 * :ref:`pull-requests-ref`
17 * :ref:`pull-requests-ref`
18
18
19 .. toctree::
19 .. toctree::
20
20
21 workflow
21 workflow
22 forks-branches
22 forks-branches
23 repo-locking
23 repo-locking
24
24
@@ -1,101 +1,101 b''
1 .. _forks-branches-ref:
1 .. _forks-branches-ref:
2
2
3 Forking and Branching
3 Forking and Branching
4 ---------------------
4 ---------------------
5
5
6 Forking clones the original |repo| and creates an independent |repo|.
6 Forking clones the original |repo| and creates an independent |repo|.
7 Branching allows you to develop independently
7 Branching allows you to develop independently
8 of the main branch based on the changeset branched, but remains linked to the
8 of the main branch based on the changeset branched, but remains linked to the
9 main |repo|.
9 main |repo|.
10
10
11 Both provide excellent collaboration functionality,
11 Both provide excellent collaboration functionality,
12 and do not differ greatly, but you can find many online discussions
12 and do not differ greatly, but you can find many online discussions
13 where people fight about the differences.
13 where people fight about the differences.
14
14
15 Fork a |repo|
15 Fork a |repo|
16 ^^^^^^^^^^^^^
16 ^^^^^^^^^^^^^
17
17
18 To fork a |repo|, use the following steps:
18 To fork a |repo|, use the following steps:
19
19
20 1. Select :menuselection:`Admin --> repositories`
20 1. Select :menuselection:`Admin --> repositories`
21 2. Select the |repo| you wish to fork.
21 2. Select the |repo| you wish to fork.
22 3. Select :menuselection:`Options --> Fork`
22 3. Select :menuselection:`Options --> Fork`
23 4. On the :guilabel:`Create fork` page, set the following properties:
23 4. On the :guilabel:`Create fork` page, set the following properties:
24
24
25 * The fork name
25 * The fork name
26 * The fork description
26 * The fork description
27 * If the fork is private or public
27 * If the fork is private or public
28 * The copy permissions
28 * The copy permissions
29
29
30 Branch a |git| |repo|
30 Branch a |git| |repo|
31 ^^^^^^^^^^^^^^^^^^^^^
31 ^^^^^^^^^^^^^^^^^^^^^
32
32
33 Currently branching is only supported from the command line but is picked up
33 Currently branching is only supported from the command line but is picked up
34 on the web interface. To branch a |git| |repo| use the following example:
34 on the web interface. To branch a |git| |repo| use the following example:
35
35
36 .. code-block:: bash
36 .. code-block:: bash
37
37
38 # branch and checkout
38 # branch and checkout
39 git branch new-branch
39 git branch new-branch
40 git checkout new-branch
40 git checkout new-branch
41
41
42 # same function shorthand
42 # same function shorthand
43 git checkout -b new-branch
43 git checkout -b new-branch
44
44
45 # Example usage
45 # Example usage
46 $ git checkout -b example-branch
46 $ git checkout -b example-branch
47 Switched to a new branch 'example-branch'
47 Switched to a new branch 'example-branch'
48
48
49 $ git status
49 $ git status
50 On branch example-branch
50 On branch example-branch
51 Initial commit
51 Initial commit
52 nothing to commit (create/copy files and use "git add" to track)
52 nothing to commit (create/copy files and use "git add" to track)
53 $ vi example-script.sh
53 $ vi example-script.sh
54 $ git add example-script.sh
54 $ git add example-script.sh
55 $ git commit -a -m "ghost script: initial file"
55 $ git commit -a -m "ghost script: initial file"
56 $ git push
56 $ git push
57
57
58 Once it is pushed to the |RCM| server, you can switch to the newly created
58 Once it is pushed to the |RCE| server, you can switch to the newly created
59 branch using the following steps:
59 branch using the following steps:
60
60
61 1. Select :menuselection:`Admin --> Repositories`.
61 1. Select :menuselection:`Admin --> Repositories`.
62 2. Select the |repo| you branched.
62 2. Select the |repo| you branched.
63 3. Select :menuselection:`Switch To --> Branches` and choose the new branch.
63 3. Select :menuselection:`Switch To --> Branches` and choose the new branch.
64
64
65 For more information, your can read more here on the Git website,
65 For more information, your can read more here on the Git website,
66 `Git Branching`_.
66 `Git Branching`_.
67
67
68 Branch a |hg| |repo|
68 Branch a |hg| |repo|
69 ^^^^^^^^^^^^^^^^^^^^
69 ^^^^^^^^^^^^^^^^^^^^
70
70
71 .. note::
71 .. note::
72
72
73 To use branches in |hg| like |git|, use the `hg bookmark` option instead.
73 To use branches in |hg| like |git|, use the `hg bookmark` option instead.
74 Also see the :ref:`bvb` section for more information.
74 Also see the :ref:`bvb` section for more information.
75
75
76 To branch a |hg| |repo|, use the following example and push your changes to
76 To branch a |hg| |repo|, use the following example and push your changes to
77 the main |repo|. Once pushed, you can view the new branch in |RCE| by
77 the main |repo|. Once pushed, you can view the new branch in |RCE| by
78 selecting :menuselection:`Switch To --> Branches` from the |repo| page.
78 selecting :menuselection:`Switch To --> Branches` from the |repo| page.
79
79
80 .. code-block:: bash
80 .. code-block:: bash
81
81
82 $ hg branch example-456
82 $ hg branch example-456
83 $ hg ci -m "branch: ticket #456"
83 $ hg ci -m "branch: ticket #456"
84 $ hg push --new-branch
84 $ hg push --new-branch
85
85
86 Bookmark a |hg| |repo|
86 Bookmark a |hg| |repo|
87 ^^^^^^^^^^^^^^^^^^^^^^
87 ^^^^^^^^^^^^^^^^^^^^^^
88
88
89 Bookmarks are used in |hg| in much the same way as branches are in |git|. See
89 Bookmarks are used in |hg| in much the same way as branches are in |git|. See
90 the `Mercurial Bookmarks`_ documentation for more information.
90 the `Mercurial Bookmarks`_ documentation for more information.
91
91
92 .. code-block:: bash
92 .. code-block:: bash
93
93
94 $ hg bookmark example-456
94 $ hg bookmark example-456
95 $ hg ci -m "branch: ticket #456"
95 $ hg ci -m "branch: ticket #456"
96 $ hg push -B example-456
96 $ hg push -B example-456
97
97
98 .. image:: ../images/branch-example.png
98 .. image:: ../images/branch-example.png
99
99
100 .. _Git Branching: http://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging
100 .. _Git Branching: http://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging
101 .. _Mercurial Bookmarks: https://mercurial.selenic.com/wiki/Bookmarks
101 .. _Mercurial Bookmarks: https://mercurial.selenic.com/wiki/Bookmarks
@@ -1,39 +1,39 b''
1 .. _user-notify-ref:
1 .. _user-notify-ref:
2
2
3 Using Notifications
3 Using Notifications
4 -------------------
4 -------------------
5
5
6 To notify users of items that require their attention you can use the mention
6 To notify users of items that require their attention you can use the mention
7 function. The mention function allows you to use ``@username`` within |RCM|.
7 function. The mention function allows you to use ``@username`` within |RCE|.
8 The notification function can be used within the following
8 The notification function can be used within the following
9 items to highlight their need for attention:
9 items to highlight their need for attention:
10
10
11 * Commit messages
11 * Commit messages
12 * Pull requests
12 * Pull requests
13 * Inline comments
13 * Inline comments
14 * Code review
14 * Code review
15
15
16 .. note::
16 .. note::
17
17
18 Mentioned users will receive an email and a notification.
18 Mentioned users will receive an email and a notification.
19
19
20 Pull Request Notifications
20 Pull Request Notifications
21 --------------------------
21 --------------------------
22
22
23 To notify a user of a pull request, use the following steps.
23 To notify a user of a pull request, use the following steps.
24
24
25 1. Open the repository fork
25 1. Open the repository fork
26 2. Select :guilabel:`Open new pull request`
26 2. Select :guilabel:`Open new pull request`
27 3. Add the :guilabel:`@username` in the :guilabel:`Pull request viewers`
27 3. Add the :guilabel:`@username` in the :guilabel:`Pull request viewers`
28 input field.
28 input field.
29 4. Select :guilabel:`Submit Pull Request`
29 4. Select :guilabel:`Submit Pull Request`
30
30
31 Commit Message Notifications
31 Commit Message Notifications
32 ----------------------------
32 ----------------------------
33
33
34 To notify a user in a commit message, use the following steps.
34 To notify a user in a commit message, use the following steps.
35
35
36 1. Open a repository with commits in it.
36 1. Open a repository with commits in it.
37 2. Click on the commit message or revision number.
37 2. Click on the commit message or revision number.
38 3. Add an :guilabel:`@username` in an inline comment or in your approval
38 3. Add an :guilabel:`@username` in an inline comment or in your approval
39 comment and commit.
39 comment and commit.
@@ -1,35 +1,35 b''
1 .. _merge-requests-ref:
1 .. _merge-requests-ref:
2
2
3 Merge a |pr|
3 Merge a |pr|
4 ------------
4 ------------
5
5
6 |RCM| can detect if it can automatically merge the changes in a |pr|. If it
6 |RCE| can detect if it can automatically merge the changes in a |pr|. If it
7 can, you will see the following message:
7 can, you will see the following message:
8 :guilabel:`This pull request can be automatically merged.` To merge,
8 :guilabel:`This pull request can be automatically merged.` To merge,
9 click the big blue button! To enable this feature, see :ref:`server-side-merge`.
9 click the big blue button! To enable this feature, see :ref:`server-side-merge`.
10
10
11 .. image:: ../images/merge-pr-button.png
11 .. image:: ../images/merge-pr-button.png
12
12
13 If you cannot automatically merge a |pr|, you will see one of the following
13 If you cannot automatically merge a |pr|, you will see one of the following
14 messages:
14 messages:
15
15
16 * :guilabel:`This pull request cannot be merged because of conflicts`
16 * :guilabel:`This pull request cannot be merged because of conflicts`
17 * :guilabel:`Reviewer approval is pending`
17 * :guilabel:`Reviewer approval is pending`
18
18
19 .. _manual-merge-requests-ref:
19 .. _manual-merge-requests-ref:
20
20
21 Manual Merge a |PR|
21 Manual Merge a |PR|
22 ^^^^^^^^^^^^^^^^^^^
22 ^^^^^^^^^^^^^^^^^^^
23
23
24 If |RCM| cannot safely merge the changes in a |pr|,
24 If |RCE| cannot safely merge the changes in a |pr|,
25 usually due to conflicts, you need to manually merge the changes on the
25 usually due to conflicts, you need to manually merge the changes on the
26 command line. You can see more information for each |repo| type at the
26 command line. You can see more information for each |repo| type at the
27 following links:
27 following links:
28
28
29 * `Git Manual Merging`_
29 * `Git Manual Merging`_
30 * `Mercurial Manual Merging`_
30 * `Mercurial Manual Merging`_
31 * `Subversion Manual Merging`_
31 * `Subversion Manual Merging`_
32
32
33 .. _Git Manual Merging: http://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging
33 .. _Git Manual Merging: http://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging
34 .. _Mercurial Manual Merging: http://hgbook.red-bean.com/read/a-tour-of-mercurial-merging-work.html
34 .. _Mercurial Manual Merging: http://hgbook.red-bean.com/read/a-tour-of-mercurial-merging-work.html
35 .. _Subversion Manual Merging: http://svnbook.red-bean.com/en/1.7/svn.branchmerge.basicmerging.html
35 .. _Subversion Manual Merging: http://svnbook.red-bean.com/en/1.7/svn.branchmerge.basicmerging.html
@@ -1,22 +1,22 b''
1 Notifications Overview
1 Notifications Overview
2 ----------------------
2 ----------------------
3
3
4 |RCM| has an integrated notification system which alerts users to requests
4 |RCE| has an integrated notification system which alerts users to requests
5 that they have received. Notifications can occur for the following reasons:
5 that they have received. Notifications can occur for the following reasons:
6
6
7 * Pull request reviews
7 * Pull request reviews
8 * Commit message mentions
8 * Commit message mentions
9
9
10 When someone opens a |pr| on one of your |repos|, or adds you as a |pr|
10 When someone opens a |pr| on one of your |repos|, or adds you as a |pr|
11 reviewer, you will receive a notification in |RCE| and an email,
11 reviewer, you will receive a notification in |RCE| and an email,
12 if not configured see :ref:`set-up-mail`. Also, during the review process you
12 if not configured see :ref:`set-up-mail`. Also, during the review process you
13 receive notifications on the following actions:
13 receive notifications on the following actions:
14
14
15 * New comments
15 * New comments
16 * Status changes
16 * Status changes
17 * Inline code review comments
17 * Inline code review comments
18
18
19 Each notifications provides a link to take you directly to the issue.
19 Each notifications provides a link to take you directly to the issue.
20
20
21 .. image:: ../images/notifications.png
21 .. image:: ../images/notifications.png
22 :alt: Notifying Colleagues
22 :alt: Notifying Colleagues
@@ -1,47 +1,47 b''
1 Pull request management
1 Pull request management
2 -----------------------
2 -----------------------
3
3
4 .. only:: html
4 .. only:: html
5
5
6 There are two ways of tracking |prs| within |RCM|.
6 There are two ways of tracking |prs| within |RCE|.
7
7
8 1. :ref:`prs-your-review`
8 1. :ref:`prs-your-review`
9 2. :ref:`prs-per-repo`
9 2. :ref:`prs-per-repo`
10
10
11 .. _prs-your-review:
11 .. _prs-your-review:
12
12
13 Pull requests for your review
13 Pull requests for your review
14 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
14 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
15
15
16 To view pull requests for your review, use the following steps:
16 To view pull requests for your review, use the following steps:
17
17
18 1. From the |RCM| interface, Select
18 1. From the |RCE| interface, Select
19 :menuselection:`username --> Notifications`
19 :menuselection:`username --> Notifications`
20 2. Select :guilabel:`Pull Requests`
20 2. Select :guilabel:`Pull Requests`
21
21
22 .. image:: ../images/prs-for-my-review.png
22 .. image:: ../images/prs-for-my-review.png
23 :alt: pull requests for my review
23 :alt: pull requests for my review
24
24
25 .. _prs-per-repo:
25 .. _prs-per-repo:
26
26
27 Pull requests per |repo|
27 Pull requests per |repo|
28 ^^^^^^^^^^^^^^^^^^^^^^^^
28 ^^^^^^^^^^^^^^^^^^^^^^^^
29
29
30 To view pull requests going to and from a |repo|, use the following steps:
30 To view pull requests going to and from a |repo|, use the following steps:
31
31
32 1. Select the |repo| you wish to view
32 1. Select the |repo| you wish to view
33 2. Select :guilabel:`Pull Requests` from the top menu
33 2. Select :guilabel:`Pull Requests` from the top menu
34 3. On the left-hand pane you will see the following options for |pr|
34 3. On the left-hand pane you will see the following options for |pr|
35 management on that |repo|:
35 management on that |repo|:
36
36
37 * :guilabel:`Opened`: Pull requests opened on this |repo|.
37 * :guilabel:`Opened`: Pull requests opened on this |repo|.
38 * :guilabel:`Opened by me`: Pull requests you opened on this |repo|.
38 * :guilabel:`Opened by me`: Pull requests you opened on this |repo|.
39 * :guilabel:`Awaiting my review`: Pull requests awaiting your review.
39 * :guilabel:`Awaiting my review`: Pull requests awaiting your review.
40 * :guilabel:`Closed`: Closed |prs| on this |repo|.
40 * :guilabel:`Closed`: Closed |prs| on this |repo|.
41 * :guilabel:`Awaiting review`: Pull requests still awaiting review on
41 * :guilabel:`Awaiting review`: Pull requests still awaiting review on
42 this |repo|.
42 this |repo|.
43 * :guilabel:`From this repo`: Pull requests opened on another |repo| with
43 * :guilabel:`From this repo`: Pull requests opened on another |repo| with
44 the changes coming from this |repo|.
44 the changes coming from this |repo|.
45
45
46 .. image:: ../images/pr-screen.png
46 .. image:: ../images/pr-screen.png
47 :alt: pull request dashboard
47 :alt: pull request dashboard
@@ -1,27 +1,27 b''
1 .. _review-requests-ref:
1 .. _review-requests-ref:
2
2
3 Review a |pr|
3 Review a |pr|
4 -------------
4 -------------
5
5
6 To review a pull request, use the following steps:
6 To review a pull request, use the following steps:
7
7
8 1. Open the review request from
8 1. Open the review request from
9 :menuselection:`Admin --> Repositories --> repo name --> Pull Requests --> Awaiting my review`
9 :menuselection:`Admin --> Repositories --> repo name --> Pull Requests --> Awaiting my review`
10 2. Leave your review comments inline, or in the commit message.
10 2. Leave your review comments inline, or in the commit message.
11 3. Set the review status from one of the following options:
11 3. Set the review status from one of the following options:
12
12
13 * :guilabel:`Not Reviewed`
13 * :guilabel:`Not Reviewed`
14 * :guilabel:`Approved`
14 * :guilabel:`Approved`
15 * :guilabel:`Approved & Closed`
15 * :guilabel:`Approved & Closed`
16 * :guilabel:`Rejected`
16 * :guilabel:`Rejected`
17 * :guilabel:`Rejected & Closed`
17 * :guilabel:`Rejected & Closed`
18 * :guilabel:`Under Review`
18 * :guilabel:`Under Review`
19
19
20 4. Select Comment
20 4. Select Comment
21
21
22 When the |pr| is approved by all reviewers you will be able to merge
22 When the |pr| is approved by all reviewers you will be able to merge
23 automatically if |RCM| detects that it can do so safely. You will see this
23 automatically if |RCE| detects that it can do so safely. You will see this
24 message: `This pull request can be automatically merged.`
24 message: `This pull request can be automatically merged.`
25
25
26 If rejected, you can fix the issues raised during review and then update the
26 If rejected, you can fix the issues raised during review and then update the
27 |pr|.
27 |pr|.
@@ -1,9 +1,9 b''
1 Supported Workflows
1 Supported Workflows
2 -------------------
2 -------------------
3
3
4 |RCM| can be used to develop using a variety of different workflows.
4 |RCE| can be used to develop using a variety of different workflows.
5
5
6 * Centralized, using |svn|, |git|, or |hg| |repos|
6 * Centralized, using |svn|, |git|, or |hg| |repos|
7 * Feature-Branch, using |git| or |hg| |repos|
7 * Feature-Branch, using |git| or |hg| |repos|
8 * Fork-Pull, using |git| or |hg| |repos|
8 * Fork-Pull, using |git| or |hg| |repos|
9 * Gitflow, using |git| |repos|
9 * Gitflow, using |git| |repos|
@@ -1,36 +1,32 b''
1 # Try and keep this list alphabetical
1 # Try and keep this list alphabetical
2 # ui is for user interface elements and messages
2 # ui is for user interface elements and messages
3 # button - that's obvious
3 # button - that's obvious
4
4
5 rst_epilog = '''
5 rst_epilog = '''
6 .. |AE| replace:: Appenlight
6 .. |AE| replace:: Appenlight
7 .. |authtoken| replace:: Authentication Token
7 .. |authtoken| replace:: Authentication Token
8 .. |authtokens| replace:: **Auth Tokens**
8 .. |authtokens| replace:: **Auth Tokens**
9 .. |RCCEshort| replace:: Community
9 .. |RCCEshort| replace:: Community
10 .. |RCEEshort| replace:: Enterprise
10 .. |RCEEshort| replace:: Enterprise
11 .. |git| replace:: Git
11 .. |git| replace:: Git
12 .. |hg| replace:: Mercurial
12 .. |hg| replace:: Mercurial
13 .. |svn| replace:: Subversion
13 .. |svn| replace:: Subversion
14 .. |LDAP| replace:: LDAP / Active Directory
14 .. |LDAP| replace:: LDAP / Active Directory
15 .. |os| replace:: operating system
15 .. |os| replace:: operating system
16 .. |OS| replace:: Operating System
16 .. |OS| replace:: Operating System
17 .. |PY| replace:: Python
17 .. |PY| replace:: Python
18 .. |pr| replace:: pull request
18 .. |pr| replace:: pull request
19 .. |prs| replace:: pull requests
19 .. |prs| replace:: pull requests
20 .. |psf| replace:: Python Software Foundation
20 .. |psf| replace:: Python Software Foundation
21 .. |repo| replace:: repository
21 .. |repo| replace:: repository
22 .. |repos| replace:: repositories
22 .. |repos| replace:: repositories
23 .. |RCI| replace:: RhodeCode Control
24 .. |RCC| replace:: RhodeCode Control
23 .. |RCC| replace:: RhodeCode Control
25 .. |RCV| replace:: RhodeCode Enterprise
26 .. |RCM| replace:: RhodeCode Enterprise
27 .. |RCE| replace:: RhodeCode Enterprise
24 .. |RCE| replace:: RhodeCode Enterprise
28 .. |RCCE| replace:: RhodeCode Community
25 .. |RCCE| replace:: RhodeCode Community
29 .. |RCEE| replace:: RhodeCode Enterprise
26 .. |RCEE| replace:: RhodeCode Enterprise
30 .. |RCX| replace:: RhodeCode Extensions
27 .. |RCX| replace:: RhodeCode Extensions
31 .. |RCT| replace:: RhodeCode Tools
28 .. |RCT| replace:: RhodeCode Tools
32 .. |RCEBOLD| replace:: **RhodeCode Enterprise**
29 .. |RCEBOLD| replace:: **RhodeCode Enterprise**
33 .. |RCEITALICS| replace:: `RhodeCode Enterprise`
30 .. |RCEITALICS| replace:: `RhodeCode Enterprise`
34 .. |RC| replace:: RhodeCode
35 .. |RNS| replace:: Release Notes
31 .. |RNS| replace:: Release Notes
36 '''
32 '''
@@ -1,36 +1,36 b''
1 .. _extensions-hooks-ref:
1 .. _extensions-hooks-ref:
2
2
3 Extensions & Hooks
3 Extensions & Hooks
4 ==================
4 ==================
5
5
6 The extensions & hooks section references three concepts regularly,
6 The extensions & hooks section references three concepts regularly,
7 so to clarify what is meant each time, read the following definitions:
7 so to clarify what is meant each time, read the following definitions:
8
8
9 * **Plugin**: A Plugin is software that adds a specific feature to
9 * **Plugin**: A Plugin is software that adds a specific feature to
10 an existing software application.
10 an existing software application.
11 * **Extension**: An extension extends the capabilities of,
11 * **Extension**: An extension extends the capabilities of,
12 or the data available to, an existing software application.
12 or the data available to, an existing software application.
13 * **Hook**: A hook intercepts function calls, messages, or events passed
13 * **Hook**: A hook intercepts function calls, messages, or events passed
14 between software components and can be used to trigger plugins, or their
14 between software components and can be used to trigger plugins, or their
15 extensions.
15 extensions.
16
16
17
17
18 Hooks
18 Hooks
19 -----
19 -----
20
20
21 Within |RCM| there are two types of supported hooks.
21 Within |RCE| there are two types of supported hooks.
22
22
23 * **Internal built-in hooks**: The internal |hg|, |git| or |svn| hooks are
23 * **Internal built-in hooks**: The internal |hg|, |git| or |svn| hooks are
24 triggered by different VCS operations, like push, pull,
24 triggered by different VCS operations, like push, pull,
25 or clone and are non-configurable, but you can add your own VCS hooks,
25 or clone and are non-configurable, but you can add your own VCS hooks,
26 see :ref:`custom-hooks`.
26 see :ref:`custom-hooks`.
27 * **Custom rcextensions hooks**: User defined hooks centre around the lifecycle of
27 * **Custom rcextensions hooks**: User defined hooks centre around the lifecycle of
28 certain actions such are |repo| creation, user creation etc. The actions
28 certain actions such are |repo| creation, user creation etc. The actions
29 these hooks trigger can be rejected based on the API permissions of the
29 these hooks trigger can be rejected based on the API permissions of the
30 user calling them.
30 user calling them.
31
31
32 On instructions how to use the custom `rcextensions`
32 On instructions how to use the custom `rcextensions`
33 see :ref:`integrations-rcextensions` section.
33 see :ref:`integrations-rcextensions` section.
34
34
35
35
36
36
@@ -1,87 +1,87 b''
1 |RCM|
1 |RCE|
2 =====
2 =====
3
3
4 |RCM| is a high-performance source code management and collaboration system.
4 |RCE| is a high-performance source code management and collaboration system.
5 It enables you to develop projects securely behind the firewall while
5 It enables you to develop projects securely behind the firewall while
6 providing collaboration tools that work with |git|, |hg|,
6 providing collaboration tools that work with |git|, |hg|,
7 and |svn| |repos|. The user interface allows you to create, edit,
7 and |svn| |repos|. The user interface allows you to create, edit,
8 and commit files and |repos| while managing their security permissions.
8 and commit files and |repos| while managing their security permissions.
9
9
10 |RCM| provides the following features:
10 |RCE| provides the following features:
11
11
12 * Source code management.
12 * Source code management.
13 * Extended permissions management.
13 * Extended permissions management.
14 * Integrated code collaboration tools.
14 * Integrated code collaboration tools.
15 * Integrated code review and notifications.
15 * Integrated code review and notifications.
16 * Scalability provided by multi-node setup.
16 * Scalability provided by multi-node setup.
17 * Fully programmable automation API.
17 * Fully programmable automation API.
18 * Web-based hook management.
18 * Web-based hook management.
19 * Native |svn| support.
19 * Native |svn| support.
20 * Migration from existing databases.
20 * Migration from existing databases.
21 * |RCM| SDK.
21 * |RCE| SDK.
22 * Built-in analytics
22 * Built-in analytics
23 * Built in integrations including: Slack, Webhooks (used for Jenkins/TeamCity and other CIs), Jira, Redmine, Hipchat
23 * Built in integrations including: Slack, Webhooks (used for Jenkins/TeamCity and other CIs), Jira, Redmine, Hipchat
24 * Pluggable authentication system.
24 * Pluggable authentication system.
25 * Support for AD, |LDAP|, Crowd, CAS, PAM.
25 * Support for AD, |LDAP|, Crowd, CAS, PAM.
26 * Support for external authentication via Oauth Google, Github, Bitbucket, Twitter.
26 * Support for external authentication via Oauth Google, Github, Bitbucket, Twitter.
27 * Debug modes of operation.
27 * Debug modes of operation.
28 * Private and public gists.
28 * Private and public gists.
29 * Gists with limited lifetimes and within instance only sharing.
29 * Gists with limited lifetimes and within instance only sharing.
30 * Fully integrated code search function.
30 * Fully integrated code search function.
31 * Always on SSL connectivity.
31 * Always on SSL connectivity.
32
32
33 .. only:: html
33 .. only:: html
34
34
35 Table of Contents
35 Table of Contents
36 -----------------
36 -----------------
37
37
38 .. toctree::
38 .. toctree::
39 :maxdepth: 1
39 :maxdepth: 1
40 :caption: Admin Documentation
40 :caption: Admin Documentation
41
41
42 install/quick-start
42 install/quick-start
43 install/install-database
43 install/install-database
44 install/install-steps
44 install/install-steps
45 admin/system-overview
45 admin/system-overview
46 nix/default-env
46 nix/default-env
47 admin/system-admin
47 admin/system-admin
48 admin/user-admin
48 admin/user-admin
49 admin/setting-repo-perms
49 admin/setting-repo-perms
50 admin/security-tips
50 admin/security-tips
51 auth/auth
51 auth/auth
52 issue-trackers/issue-trackers
52 issue-trackers/issue-trackers
53 admin/lab-settings
53 admin/lab-settings
54
54
55 .. toctree::
55 .. toctree::
56 :maxdepth: 1
56 :maxdepth: 1
57 :caption: Feature Documentation
57 :caption: Feature Documentation
58
58
59 collaboration/collaboration
59 collaboration/collaboration
60 collaboration/review-notifications
60 collaboration/review-notifications
61 collaboration/pull-requests
61 collaboration/pull-requests
62 code-review/code-review
62 code-review/code-review
63 integrations/integrations
63 integrations/integrations
64
64
65 .. toctree::
65 .. toctree::
66 :maxdepth: 1
66 :maxdepth: 1
67 :caption: Developer Documentation
67 :caption: Developer Documentation
68
68
69 api/api
69 api/api
70 tools/rhodecode-tools
70 tools/rhodecode-tools
71 extensions/extensions-hooks
71 extensions/extensions-hooks
72 contributing/contributing
72 contributing/contributing
73
73
74 .. toctree::
74 .. toctree::
75 :maxdepth: 1
75 :maxdepth: 1
76 :caption: User Documentation
76 :caption: User Documentation
77
77
78 usage/basic-usage
78 usage/basic-usage
79 tutorials/tutorials
79 tutorials/tutorials
80
80
81 .. toctree::
81 .. toctree::
82 :maxdepth: 1
82 :maxdepth: 1
83 :caption: About
83 :caption: About
84
84
85 known-issues/known-issues
85 known-issues/known-issues
86 release-notes/release-notes
86 release-notes/release-notes
87 admin/glossary
87 admin/glossary
@@ -1,68 +1,66 b''
1 .. _rhodecode-database-ref:
1 .. _rhodecode-database-ref:
2
2
3 Supported Databases
3 Supported Databases
4 ===================
4 ===================
5
5
6 .. important::
6 .. important::
7
7
8 We do not recommend using SQLite in a production environment. It is
8 We do not recommend using SQLite in a production environment of more than 5 people.
9 supported by |RCE| for evaluation purposes.
9 It is not suited for higher usage and mayb cause problems.
10
11
12 |RCE| supports the following databases. The recommended encoding is UTF-8.
13
14 .. only:: latex
15
16 * :ref:`install-sqlite-database`
17 * :ref:`install-mysql-database`
18 * :ref:`install-postgresql-database`
19
20 .. toctree::
21
22 using-mysql
23 using-postgresql
24 using-sqllite
25
10
26
11 Database Overview
27 Database Overview
12 -----------------
28 -----------------
13
29
14 Prior to installing |RCE| you should install and set up your database.
30 Prior to installing |RCE| you should install and set up your database.
15 This means carrying out the following tasks:
31 This means carrying out the following tasks:
16
32
17 1. Install the database software of your choice.
33 1. Install the database software of your choice.
18 2. Using the relevant instructions, create a user on that database to use
34 2. Using the relevant instructions, create a user on that database to use
19 with |RCE|.
35 with |RCE|.
20 3. Create a database, granting that user read/write access.
36 3. Create a database, granting that user read/write access.
21 4. During |RCE| installation you will be prompted for these user credentials,
37 4. During |RCE| installation you will be prompted for these user credentials,
22 enter them where appropriate. These credentials will be what |RCE| uses
38 enter them where appropriate. These credentials will be what |RCE| uses
23 to read/write from the database tables.
39 to read/write from the database tables.
24
40
25 Version Differences
41 Version Differences
26 -------------------
42 -------------------
27
43
28 |RCE| releases 2(Major).x(Minor).x(Bug Fix) and 3.x.x use different database
44 |RCE| releases 2(Major).x(Minor).x(Bug Fix) and 3.x.x use different database
29 schemas. Therefore, if you wish to run multiple instances using one database,
45 schemas. Therefore, if you wish to run multiple instances using one database,
30 you can only do so using the same Minor Release numbered versions.
46 you can only do so using the same Minor Release numbered versions.
31 Though Bug Fix updates rarely have a database change, it is recommended to use
47 Though Bug Fix updates rarely have a database change, it is recommended to use
32 identical |RCE| version numbers for multi-instance setups.
48 identical |RCE| version numbers for multi-instance setups.
33
49
34 You can use the same database server to run multiple databases for differing
50 You can use the same database server to run multiple databases for differing
35 version numbers, but you will need separate databases for each |RCE| version on
51 version numbers, but you will need separate databases for each |RCE| version on
36 that server. You can specify the database during installation, use the
52 that server. You can specify the database during installation, use the
37 following example to configure the correct one.
53 following example to configure the correct one.
38
54
39 .. code-block:: bash
55 .. code-block:: bash
40
56
41 Database type - [s]qlite, [m]ysql, [p]ostresql:
57 Database type - [s]qlite, [m]ysql, [p]ostresql:
42 PostgreSQL selected
58 PostgreSQL selected
43 Database host [127.0.0.1]:
59 Database host [127.0.0.1]:
44 Database port [5432]:
60 Database port [5432]:
45 Database username: rhodecode
61 Database username: rhodecode
46 Database password: somepassword
62 Database password: somepassword
47 # Specify the database you with to use on that server
63 # Specify the database you with to use on that server
48 # for the RCE instance you are installing
64 # for the RCE instance you are installing
49 Database name: example-db-name-for-2xx # The 2xx version database
65 Database name: example-db-name-for-2xx # The 2xx version database
50 Database name: example-db-name-for-3xx # The 3xx version database
66 Database name: example-db-name-for-3xx # The 3xx version database
51
52 Supported Databases
53 -------------------
54
55 |RCM| supports the following databases. The recommended encoding is Unicode
56 UTF-8.
57
58 .. only:: latex
59
60 * :ref:`install-sqlite-database`
61 * :ref:`install-mysql-database`
62 * :ref:`install-postgresql-database`
63
64 .. toctree::
65
66 using-mysql
67 using-postgresql
68 using-sqllite
@@ -1,14 +1,14 b''
1 .. _rhodecode-post-instal-ref:
1 .. _rhodecode-post-instal-ref:
2
2
3 Post Installation Tasks
3 Post Installation Tasks
4 =======================
4 =======================
5
5
6 The following tasks are the most common post installation requirements. Use
6 The following tasks are the most common post installation requirements. Use
7 the information in these sections to configure your instance of |RCM|.
7 the information in these sections to configure your instance of |RCE|.
8
8
9 .. toctree::
9 .. toctree::
10
10
11 setup-email
11 setup-email
12 database-string
12 database-string
13 configure-celery
13 configure-celery
14 migrate-repos
14 migrate-repos
@@ -1,23 +1,23 b''
1 .. _mig-repos:
1 .. _mig-repos:
2
2
3 Migrating |repos|
3 Migrating |repos|
4 -----------------
4 -----------------
5
5
6 If you have installed |RCM| and have |repos| that you wish to migrate into
6 If you have installed |RCE| and have |repos| that you wish to migrate into
7 the system, use the following instructions.
7 the system, use the following instructions.
8
8
9 1. On the |RCM| interface, check your |repo| storage location under
9 1. On the |RCE| interface, check your |repo| storage location under
10 :menuselection:`Admin --> Settings --> System Info`. For example,
10 :menuselection:`Admin --> Settings --> System Info`. For example,
11 Storage location: /home/{username}/repos.
11 Storage location: /home/{username}/repos.
12
12
13 2. Copy the |repos| that you want |RCM| to manage to this location.
13 2. Copy the |repos| that you want |RCE| to manage to this location.
14 3. Remap and rescan the |repos|, see :ref:`remap-rescan`
14 3. Remap and rescan the |repos|, see :ref:`remap-rescan`
15
15
16 .. important::
16 .. important::
17
17
18 Directories create |repo| groups inside |RCM|.
18 Directories create |repo| groups inside |RCE|.
19
19
20 Importing adds |RCM| git hooks to your |repos|.
20 Importing adds |RCE| git hooks to your |repos|.
21
21
22 You should verify if custom ``.hg`` or ``.hgrc`` files inside
22 You should verify if custom ``.hg`` or ``.hgrc`` files inside
23 repositories should be adjusted since |RCM| reads the content of them.
23 repositories should be adjusted since |RCE| reads the content of them.
@@ -1,110 +1,113 b''
1 .. _quick-start:
1 .. _quick-start:
2
2
3 Quick Start Installation Guide
3 Quick Start Installation Guide
4 ==============================
4 ==============================
5
5
6 .. important::
6 .. important::
7
7
8 These are quick start instructions. To optimize your |RCE|,
8 These are quick start instructions. To optimize your |RCE|,
9 |RCC|, and |RCT| usage, read the more detailed instructions in our guides.
9 |RCC|, and |RCT| usage, read the more detailed instructions in our guides.
10 For detailed installation instructions, see
10 For detailed installation instructions, see
11 :ref:`RhodeCode Control Documentation <control:rcc>`
11 :ref:`RhodeCode Control Documentation <control:rcc>`
12
12
13 .. tip::
13 .. tip::
14
14
15 If using a non-SQLite database, install and configure the database, create
15 If using a non-SQLite database, install and configure the database, create
16 a new user, and grant permissions. You will be prompted for this user's
16 a new user, and grant permissions. You will be prompted for this user's
17 credentials during |RCE| installation. See the relevant database
17 credentials during |RCE| installation. See the relevant database
18 documentation for more details.
18 documentation for more details.
19
19
20 To get |RCE| up and running, run through the below steps:
20 To get |RCE| up and running, run through the below steps:
21
21
22 1. Download the latest |RCC| installer from `rhodecode.com/download`_.
22 1. Download the latest |RCC| installer from `rhodecode.com/download`_.
23 If you don't have an account, sign up at `rhodecode.com/register`_.
23 If you don't have an account, sign up at `rhodecode.com/register`_.
24
24
25 2. Run the |RCC| installer and accept the End User Licence using the
25 2. Run the |RCC| installer and accept the End User Licence using the
26 following example:
26 following example:
27
27
28 .. code-block:: bash
28 .. code-block:: bash
29
29
30 $ chmod 755 RhodeCode-installer-linux-*
30 $ chmod +x RhodeCode-installer-linux-*
31 $ ./RhodeCode-installer-linux-*
31 $ ./RhodeCode-installer-linux-*
32
32
33 Do you accept the RhodeCode Control license?
34 Press [Y] to accept license and [V] to view license text: y
35
33 3. Install a VCS Server, and configure it to start at boot.
36 3. Install a VCS Server, and configure it to start at boot.
34
37
35 .. code-block:: bash
38 .. code-block:: bash
36
39
37 $ rccontrol install VCSServer
40 $ rccontrol install VCSServer
38
41
39 Agree to the licence agreement? [y/N]: y
42 Agree to the licence agreement? [y/N]: y
40 IP to start the server on [127.0.0.1]:
43 IP to start the server on [127.0.0.1]:
41 Port for the server to start [10005]:
44 Port for the server to start [10005]:
42 Creating new instance: vcsserver-1
45 Creating new instance: vcsserver-1
43 Installing RhodeCode VCSServer
46 Installing RhodeCode VCSServer
44 Configuring RhodeCode VCS Server ...
47 Configuring RhodeCode VCS Server ...
45 Supervisord state is: RUNNING
48 Supervisord state is: RUNNING
46 Added process group vcsserver-1
49 Added process group vcsserver-1
47
50
48
51
49 4. Install |RCEE| or |RCCE|. If using MySQL or PostgreSQL, during
52 4. Install |RCEE| or |RCCE|. If using MySQL or PostgreSQL, during
50 installation you'll be asked for your database credentials, so have them at hand.
53 installation you'll be asked for your database credentials, so have them at hand.
51 Mysql or Postgres needs to be running and a new database needs to be created.
54 Mysql or Postgres needs to be running and a new database needs to be created.
52 You don't need any credentials or to create a database for SQLite.
55 You don't need any credentials or to create a database for SQLite.
53
56
54 .. code-block:: bash
57 .. code-block:: bash
55 :emphasize-lines: 11-16
58 :emphasize-lines: 11-16
56
59
57 $ rccontrol install Community
60 $ rccontrol install Community
58
61
59 or
62 or
60
63
61 $ rccontrol install Enterprise
64 $ rccontrol install Enterprise
62
65
63 Username [admin]: username
66 Username [admin]: username
64 Password (min 6 chars):
67 Password (min 6 chars):
65 Repeat for confirmation:
68 Repeat for confirmation:
66 Email: your@mail.com
69 Email: your@mail.com
67 Respositories location [/home/brian/repos]:
70 Respositories location [/home/brian/repos]:
68 IP to start the Enterprise server on [127.0.0.1]:
71 IP to start the Enterprise server on [127.0.0.1]:
69 Port for the Enterprise server to use [10004]:
72 Port for the Enterprise server to use [10004]:
70 Database type - [s]qlite, [m]ysql, [p]ostresql:
73 Database type - [s]qlite, [m]ysql, [p]ostresql:
71 PostgreSQL selected
74 PostgreSQL selected
72 Database host [127.0.0.1]:
75 Database host [127.0.0.1]:
73 Database port [5432]:
76 Database port [5432]:
74 Database username: db-user-name
77 Database username: db-user-name
75 Database password: somepassword
78 Database password: somepassword
76 Database name: example-db-name
79 Database name: example-db-name
77
80
78 5. Check the status of your installation. You |RCEE|/|RCCE| instance runs
81 5. Check the status of your installation. You |RCEE|/|RCCE| instance runs
79 on the URL displayed in the status message.
82 on the URL displayed in the status message.
80
83
81 .. code-block:: bash
84 .. code-block:: bash
82
85
83 $ rccontrol status
86 $ rccontrol status
84
87
85 - NAME: enterprise-1
88 - NAME: enterprise-1
86 - STATUS: RUNNING
89 - STATUS: RUNNING
87 - TYPE: Enterprise
90 - TYPE: Enterprise
88 - VERSION: 4.1.0
91 - VERSION: 4.1.0
89 - URL: http://127.0.0.1:10003
92 - URL: http://127.0.0.1:10003
90
93
91 - NAME: vcsserver-1
94 - NAME: vcsserver-1
92 - STATUS: RUNNING
95 - STATUS: RUNNING
93 - TYPE: VCSServer
96 - TYPE: VCSServer
94 - VERSION: 4.1.0
97 - VERSION: 4.1.0
95 - URL: http://127.0.0.1:10001
98 - URL: http://127.0.0.1:10001
96
99
97 .. note::
100 .. note::
98
101
99 Recommended post quick start install instructions:
102 Recommended post quick start install instructions:
100
103
101 * Read the documentation
104 * Read the documentation
102 * Carry out the :ref:`rhodecode-post-instal-ref`
105 * Carry out the :ref:`rhodecode-post-instal-ref`
103 * Set up :ref:`indexing-ref`
106 * Set up :ref:`indexing-ref`
104 * Familiarise yourself with the :ref:`rhodecode-admin-ref` section.
107 * Familiarise yourself with the :ref:`rhodecode-admin-ref` section.
105
108
106 .. _rhodecode.com/download/: https://rhodecode.com/download/
109 .. _rhodecode.com/download/: https://rhodecode.com/download/
107 .. _rhodecode.com: https://rhodecode.com/
110 .. _rhodecode.com: https://rhodecode.com/
108 .. _rhodecode.com/register: https://rhodecode.com/register/
111 .. _rhodecode.com/register: https://rhodecode.com/register/
109 .. _rhodecode.com/download: https://rhodecode.com/download/
112 .. _rhodecode.com/download: https://rhodecode.com/download/
110
113
@@ -1,30 +1,30 b''
1 .. _set-up-mail:
1 .. _set-up-mail:
2
2
3 Set up Email
3 Set up Email
4 ------------
4 ------------
5
5
6 To setup email with your |RCM| instance, open the default
6 To setup email with your |RCE| instance, open the default
7 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
7 :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini`
8 file and uncomment and configure the email section. If it is not there,
8 file and uncomment and configure the email section. If it is not there,
9 use the below example to insert it.
9 use the below example to insert it.
10
10
11 Once configured you can check the settings for your |RCM| instance on the
11 Once configured you can check the settings for your |RCE| instance on the
12 :menuselection:`Admin --> Settings --> Email` page.
12 :menuselection:`Admin --> Settings --> Email` page.
13
13
14 .. code-block:: ini
14 .. code-block:: ini
15
15
16 ################################################################################
16 ################################################################################
17 ## Uncomment and replace with the email address which should receive ##
17 ## Uncomment and replace with the email address which should receive ##
18 ## any error reports after an application crash ##
18 ## any error reports after an application crash ##
19 ## Additionally these settings will be used by the RhodeCode mailing system ##
19 ## Additionally these settings will be used by the RhodeCode mailing system ##
20 ################################################################################
20 ################################################################################
21 #email_to = admin@localhost
21 #email_to = admin@localhost
22 #app_email_from = rhodecode-noreply@localhost
22 #app_email_from = rhodecode-noreply@localhost
23 #email_prefix = [RhodeCode]
23 #email_prefix = [RhodeCode]
24
24
25 #smtp_server = mail.server.com
25 #smtp_server = mail.server.com
26 #smtp_username =
26 #smtp_username =
27 #smtp_password =
27 #smtp_password =
28 #smtp_port =
28 #smtp_port =
29 #smtp_use_tls = false
29 #smtp_use_tls = false
30 #smtp_use_ssl = true
30 #smtp_use_ssl = true
@@ -1,26 +1,26 b''
1 .. _install-mysql-database:
1 .. _install-mysql-database:
2
2
3 MySQL or MariaDB
3 MySQL or MariaDB
4 ----------------
4 ----------------
5
5
6 To use a MySQL or MariaDB database you should install and configure the
6 To use a MySQL or MariaDB database you should install and configure the
7 database before installing |RCM|. This is because during |RCM| installation
7 database before installing |RCE|. This is because during |RCE| installation
8 you will setup a connection to your MySQL or MariaDB database. To work with
8 you will setup a connection to your MySQL or MariaDB database. To work with
9 either, use the following steps:
9 either, use the following steps:
10
10
11 1. Depending on your |os|, install a MySQL or MariaDB database following the
11 1. Depending on your |os|, install a MySQL or MariaDB database following the
12 appropriate instructions from the `MySQL website`_ or `MariaDB website`_.
12 appropriate instructions from the `MySQL website`_ or `MariaDB website`_.
13 2. Configure the database with a username and password which you will use
13 2. Configure the database with a username and password which you will use
14 with |RCM|.
14 with |RCE|.
15 3. Install |RCM|, and during installation select MySQL as your database.
15 3. Install |RCE|, and during installation select MySQL as your database.
16 4. Enter the following information during the database setup:
16 4. Enter the following information during the database setup:
17
17
18 * Your network IP Address
18 * Your network IP Address
19 * The port number for MySQL or MariaDB access.
19 * The port number for MySQL or MariaDB access.
20 The default port for both is ``3306``
20 The default port for both is ``3306``
21 * Your database username
21 * Your database username
22 * Your database password
22 * Your database password
23 * A new database name
23 * A new database name
24
24
25 .. _MySQL website: http://www.mysql.com/
25 .. _MySQL website: http://www.mysql.com/
26 .. _MariaDB website: https://mariadb.com/
26 .. _MariaDB website: https://mariadb.com/
@@ -1,24 +1,24 b''
1 .. _install-postgresql-database:
1 .. _install-postgresql-database:
2
2
3 PostgreSQL
3 PostgreSQL
4 ----------
4 ----------
5
5
6 To use a PostgreSQL database, you should install and configure the database
6 To use a PostgreSQL database, you should install and configure the database
7 before installing |RCV|. This is because during |RCV| installation you will
7 before installing |RCE|. This is because during |RCE| installation you will
8 setup the connection to your PostgreSQL database. To work with PostgreSQL,
8 setup the connection to your PostgreSQL database. To work with PostgreSQL,
9 use the following steps:
9 use the following steps:
10
10
11 1. Depending on your |os|, install a PostgreSQL database following the
11 1. Depending on your |os|, install a PostgreSQL database following the
12 appropriate instructions from the `PostgreSQL website`_.
12 appropriate instructions from the `PostgreSQL website`_.
13 2. Configure the database with a username and password, which you will use
13 2. Configure the database with a username and password, which you will use
14 with |RCV|.
14 with |RCE|.
15 3. Install |RCV|, and during installation select PostgreSQL as your database.
15 3. Install |RCE|, and during installation select PostgreSQL as your database.
16 4. Enter the following information during the database setup:
16 4. Enter the following information during the database setup:
17
17
18 * Your network IP Address
18 * Your network IP Address
19 * The port number for PostgreSQL access; the default port is ``5434``
19 * The port number for PostgreSQL access; the default port is ``5434``
20 * Your database username
20 * Your database username
21 * Your database password
21 * Your database password
22 * A new database name
22 * A new database name
23
23
24 .. _PostgreSQL website: http://www.postgresql.org/
24 .. _PostgreSQL website: http://www.postgresql.org/
@@ -1,32 +1,32 b''
1 .. _install-sqlite-database:
1 .. _install-sqlite-database:
2
2
3 SQLite
3 SQLite
4 ------
4 ------
5
5
6 .. important::
6 .. important::
7
7
8 We do not recommend using SQLite in a large development environment
8 We do not recommend using SQLite in a large development environment
9 as it has an internal locking mechanism which can become a performance
9 as it has an internal locking mechanism which can become a performance
10 bottleneck when there are more than 5 concurrent users.
10 bottleneck when there are more than 5 concurrent users.
11
11
12 |RCM| installs SQLite as the default database if you do not specify another
12 |RCE| installs SQLite as the default database if you do not specify another
13 during installation. SQLite is suitable for small teams,
13 during installation. SQLite is suitable for small teams,
14 projects with a low load, and evaluation purposes since it is built into
14 projects with a low load, and evaluation purposes since it is built into
15 |RCM| and does not require any additional database server.
15 |RCE| and does not require any additional database server.
16
16
17 Using MySQL or PostgreSQL in an large setup gives you much greater
17 Using MySQL or PostgreSQL in an large setup gives you much greater
18 performance, and while migration tools exist to move from one database type
18 performance, and while migration tools exist to move from one database type
19 to another, it is better to get it right first time and to immediately use
19 to another, it is better to get it right first time and to immediately use
20 MySQL or PostgreSQL when you deploy |RCM| in a production environment.
20 MySQL or PostgreSQL when you deploy |RCE| in a production environment.
21
21
22 Migrating From SQLite to PostgreSQL
22 Migrating From SQLite to PostgreSQL
23 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
23 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
24
24
25 If you started working with SQLite and now need to migrate your database
25 If you started working with SQLite and now need to migrate your database
26 to PostgreSQL, you can contact support@rhodecode.com for some help. We have a
26 to PostgreSQL, you can contact support@rhodecode.com for some help. We have a
27 set of scripts that enable SQLite to PostgreSQL migration. These scripts have
27 set of scripts that enable SQLite to PostgreSQL migration. These scripts have
28 been tested, and work with PostgreSQL 9.1+.
28 been tested, and work with PostgreSQL 9.1+.
29
29
30 .. note::
30 .. note::
31
31
32 There are no SQLite to MySQL or MariaDB scripts available.
32 There are no SQLite to MySQL or MariaDB scripts available.
@@ -1,60 +1,60 b''
1 .. _integrations:
1 .. _integrations:
2
2
3 Integrations
3 Integrations
4 ------------
4 ------------
5
5
6 |RCE| supports integrations with external services for various events,
6 |RCE| supports integrations with external services for various events,
7 such as commit pushes and pull requests. Multiple integrations of the same type
7 such as commit pushes and pull requests. Multiple integrations of the same type
8 can be added at the same time; this is useful for posting different events to
8 can be added at the same time; this is useful for posting different events to
9 different Slack channels, for example.
9 different Slack channels, for example.
10
10
11 Supported integrations
11 Supported integrations
12 ^^^^^^^^^^^^^^^^^^^^^^
12 ^^^^^^^^^^^^^^^^^^^^^^
13
13
14 ================================ ============ ========================================
14 ================================ ================== ========================================
15 Type/Name |RC| Edition Description
15 Type/Name RhodeCode Edition Description
16 ================================ ============ ========================================
16 ================================ ================== ========================================
17 :ref:`integrations-webhook` |RCCEshort| Trigger events as `json` to a custom url
17 :ref:`integrations-webhook` |RCCEshort| Trigger events as `json` to a custom url
18 :ref:`integrations-slack` |RCCEshort| Integrate with https://slack.com/
18 :ref:`integrations-slack` |RCCEshort| Integrate with https://slack.com/
19 :ref:`integrations-hipchat` |RCCEshort| Integrate with https://www.hipchat.com/
19 :ref:`integrations-hipchat` |RCCEshort| Integrate with https://www.hipchat.com/
20 :ref:`integrations-email` |RCCEshort| Send repo push commits by email
20 :ref:`integrations-email` |RCCEshort| Send repo push commits by email
21 :ref:`integrations-ci` |RCCEshort| Trigger Builds for Common CI Systems
21 :ref:`integrations-ci` |RCCEshort| Trigger Builds for Common CI Systems
22 :ref:`integrations-rcextensions` |RCCEshort| Advanced low-level integration framework
22 :ref:`integrations-rcextensions` |RCCEshort| Advanced low-level integration framework
23
23
24 :ref:`integrations-jenkins` |RCEEshort| Trigger Builds for Jenkins CI System
24 :ref:`integrations-jenkins` |RCEEshort| Trigger Builds for Jenkins CI System
25 :ref:`integrations-redmine` |RCEEshort| Close/Resolve/Reference Redmine issues
25 :ref:`integrations-redmine` |RCEEshort| Close/Resolve/Reference Redmine issues
26 :ref:`integrations-jira` |RCEEshort| Close/Resolve/Reference JIRA issues
26 :ref:`integrations-jira` |RCEEshort| Close/Resolve/Reference JIRA issues
27 ================================ ============ ========================================
27 ================================ ================== ========================================
28
28
29 .. _creating-integrations:
29 .. _creating-integrations:
30
30
31 Creating an Integration
31 Creating an Integration
32 ^^^^^^^^^^^^^^^^^^^^^^^
32 ^^^^^^^^^^^^^^^^^^^^^^^
33
33
34 Integrations can be added globally via the admin UI:
34 Integrations can be added globally via the admin UI:
35
35
36 :menuselection:`Admin --> Integrations`
36 :menuselection:`Admin --> Integrations`
37
37
38 or per repository in each repository's settings:
38 or per repository in each repository's settings:
39
39
40 :menuselection:`Admin --> Repositories --> Edit --> Integrations`
40 :menuselection:`Admin --> Repositories --> Edit --> Integrations`
41
41
42 To create an integration, select the type from the list in the *Create New
42 To create an integration, select the type from the list in the *Create New
43 Integration* section.
43 Integration* section.
44
44
45 The *Current Integrations* section shows existing integrations that have been
45 The *Current Integrations* section shows existing integrations that have been
46 created along with their type (eg. Slack) and enabled status.
46 created along with their type (eg. Slack) and enabled status.
47
47
48 See pages specific to each type of integration for more instructions:
48 See pages specific to each type of integration for more instructions:
49
49
50 .. toctree::
50 .. toctree::
51
51
52 slack
52 slack
53 hipchat
53 hipchat
54 redmine
54 redmine
55 jira
55 jira
56 webhook
56 webhook
57 email
57 email
58 ci
58 ci
59 jenkins
59 jenkins
60 integrations-rcextensions
60 integrations-rcextensions
@@ -1,81 +1,81 b''
1 .. _rhodecode-issue-trackers-ref:
1 .. _rhodecode-issue-trackers-ref:
2
2
3 Issue Tracker Integration
3 Issue Tracker Integration
4 =========================
4 =========================
5
5
6 You can set an issue tracker connection in two ways with |RCE|.
6 You can set an issue tracker connection in two ways with |RCE|.
7
7
8 * At the instance level, you can set a default issue tracker.
8 * At the instance level, you can set a default issue tracker.
9 * At the |repo| level, you can configure an integration with a different issue
9 * At the |repo| level, you can configure an integration with a different issue
10 tracker.
10 tracker.
11
11
12 To integrate |RCM| with an issue tracker, you need to define a regular
12 To integrate |RCE| with an issue tracker, you need to define a regular
13 expression that will fetch the issue ID stored in commit messages, and replace
13 expression that will fetch the issue ID stored in commit messages, and replace
14 it with a URL. This enables |RCE| to generate a link matching each issue to the
14 it with a URL. This enables |RCE| to generate a link matching each issue to the
15 target |repo|.
15 target |repo|.
16
16
17 Default Issue Tracker Configuration
17 Default Issue Tracker Configuration
18 -----------------------------------
18 -----------------------------------
19
19
20 To integrate your issue tracker, use the following steps:
20 To integrate your issue tracker, use the following steps:
21
21
22 1. Open :menuselection:`Admin --> Settings --> Issue Tracker`.
22 1. Open :menuselection:`Admin --> Settings --> Issue Tracker`.
23 2. In the new entry field, enter the following information:
23 2. In the new entry field, enter the following information:
24
24
25 * :guilabel:`Description`: A name for this set of rules.
25 * :guilabel:`Description`: A name for this set of rules.
26 * :guilabel:`Pattern`: The regular expression that will match issues
26 * :guilabel:`Pattern`: The regular expression that will match issues
27 tagged in commit messages, or more see :ref:`issue-tr-eg-ref`.
27 tagged in commit messages, or more see :ref:`issue-tr-eg-ref`.
28 * :guilabel:`URL`: The URL to your issue tracker.
28 * :guilabel:`URL`: The URL to your issue tracker.
29 * :guilabel:`Prefix`: The prefix with which you want to mark issues.
29 * :guilabel:`Prefix`: The prefix with which you want to mark issues.
30
30
31 3. Select **Add** so save the rule to your issue tracker configuration.
31 3. Select **Add** so save the rule to your issue tracker configuration.
32
32
33 Repository Issue Tracker Configuration
33 Repository Issue Tracker Configuration
34 --------------------------------------
34 --------------------------------------
35
35
36 You can configure specific |repos| to use a different issue tracker than the
36 You can configure specific |repos| to use a different issue tracker than the
37 default one. See the instructions in :ref:`repo-it`
37 default one. See the instructions in :ref:`repo-it`
38
38
39 .. _issue-tr-eg-ref:
39 .. _issue-tr-eg-ref:
40
40
41 Jira Integration
41 Jira Integration
42 ----------------
42 ----------------
43
43
44 * Regex = ``(?:^#|\s#)(\w+-\d+)``
44 * Regex = ``(?:^#|\s#)(\w+-\d+)``
45 * URL = ``https://myissueserver.com/browse/${id}``
45 * URL = ``https://myissueserver.com/browse/${id}``
46 * Issue Prefix = ``#``
46 * Issue Prefix = ``#``
47
47
48 Confluence (Wiki)
48 Confluence (Wiki)
49 -----------------
49 -----------------
50
50
51 * Regex = ``(?:conf-)([A-Z0-9]+)``
51 * Regex = ``(?:conf-)([A-Z0-9]+)``
52 * URL = ``https://example.atlassian.net/display/wiki/${id}/${repo_name}``
52 * URL = ``https://example.atlassian.net/display/wiki/${id}/${repo_name}``
53 * issue prefix = ``CONF-``
53 * issue prefix = ``CONF-``
54
54
55 Redmine Integration
55 Redmine Integration
56 -------------------
56 -------------------
57
57
58 * Regex = ``(issue-+\d+)``
58 * Regex = ``(issue-+\d+)``
59 * URL = ``https://myissueserver.com/redmine/issue/${id}``
59 * URL = ``https://myissueserver.com/redmine/issue/${id}``
60 * Issue Prefix = ``issue-``
60 * Issue Prefix = ``issue-``
61
61
62 Redmine (wiki)
62 Redmine (wiki)
63 --------------
63 --------------
64
64
65 * Regex = ``(?:wiki-)([a-zA-Z0-9]+)``
65 * Regex = ``(?:wiki-)([a-zA-Z0-9]+)``
66 * URL = ``https://example.com/redmine/projects/wiki/${repo_name}``
66 * URL = ``https://example.com/redmine/projects/wiki/${repo_name}``
67 * Issue prefix = ``Issue-``
67 * Issue prefix = ``Issue-``
68
68
69 Pivotal Tracker
69 Pivotal Tracker
70 ---------------
70 ---------------
71
71
72 * Regex = ``(?:pivot-)(?<project_id>\d+)-(?<story>\d+)``
72 * Regex = ``(?:pivot-)(?<project_id>\d+)-(?<story>\d+)``
73 * URL = ``https://www.pivotaltracker.com/s/projects/${project_id}/stories/${story}``
73 * URL = ``https://www.pivotaltracker.com/s/projects/${project_id}/stories/${story}``
74 * Issue prefix = ``Piv-``
74 * Issue prefix = ``Piv-``
75
75
76 Trello
76 Trello
77 ------
77 ------
78
78
79 * Regex = ``(?:trello-)(?<card_id>[a-zA-Z0-9]+)``
79 * Regex = ``(?:trello-)(?<card_id>[a-zA-Z0-9]+)``
80 * URL = ``https://trello.com/example.com/${card_id}``
80 * URL = ``https://trello.com/example.com/${card_id}``
81 * Issue prefix = ``Trello-``
81 * Issue prefix = ``Trello-``
@@ -1,15 +1,15 b''
1 .. _err-msg-ref:
1 .. _err-msg-ref:
2
2
3 Error Message Guide
3 Error Message Guide
4 ===================
4 ===================
5
5
6 Error Message
6 Error Message
7 Error creating repository repo-name
7 Error creating repository repo-name
8
8
9 Cause
9 Cause
10 As of |RCM| 3.0, a VCS Server is required to run backend operations.
10 As of |RCE| 3.0, a VCS Server is required to run backend operations.
11
11
12 Solution
12 Solution
13 Install a VCS Server. See the `Install a VCS Server`_ section of |RCC|
13 Install a VCS Server. See the `Install a VCS Server`_ section of |RCC|
14
14
15 .. _Install a VCS Server: https://docs.rhodecode.com/RhodeCode-Control/tasks/upgrade-from-cli.html#install-a-vcs-server No newline at end of file
15 .. _Install a VCS Server: https://docs.rhodecode.com/RhodeCode-Control/tasks/upgrade-from-cli.html#install-a-vcs-server
@@ -1,31 +1,31 b''
1 .. _rhodecode-nix-ref:
1 .. _rhodecode-nix-ref:
2
2
3 Nix Packaging
3 Nix Packaging
4 =============
4 =============
5
5
6 |RCM| is installed using |Nix Package Manager|. The Nix environment provides
6 |RCE| is installed using |Nix Package Manager|. The Nix environment provides
7 the following features for maintenance and deployment:
7 the following features for maintenance and deployment:
8
8
9 * Atomic upgrades and rollbacks
9 * Atomic upgrades and rollbacks
10 * Complete dependency management
10 * Complete dependency management
11 * Garbage collection
11 * Garbage collection
12 * Binary patching
12 * Binary patching
13 * Secure channel updates
13 * Secure channel updates
14 * Nix works on Windows, Linux, and OSX
14 * Nix works on Windows, Linux, and OSX
15
15
16 The complete list of dependencies can be found in
16 The complete list of dependencies can be found in
17 :file:`/opt/rhodecode/store/{unique-hash}`.
17 :file:`/opt/rhodecode/store/{unique-hash}`.
18
18
19 .. note::
19 .. note::
20
20
21 No |RCE| data is stored in this location.
21 No |RCE| data is stored in this location.
22
22
23 .. warning::
23 .. warning::
24
24
25 Never alter any of the packages in the store. Always use the
25 Never alter any of the packages in the store. Always use the
26 :ref:`RhodeCode Control CLI <control:rcc-cli>` update functions to keep
26 :ref:`RhodeCode Control CLI <control:rcc-cli>` update functions to keep
27 the packages and instances updated.
27 the packages and instances updated.
28
28
29 .. |Nix Package Manager| raw:: html
29 .. |Nix Package Manager| raw:: html
30
30
31 <a href="http://nixos.org/nix/" target="_blank">Nix</a>
31 <a href="http://nixos.org/nix/" target="_blank">Nix</a>
@@ -1,166 +1,166 b''
1 |RCE| 3.0.0 |RNS|
1 |RCE| 3.0.0 |RNS|
2 -----------------
2 -----------------
3
3
4 As |RCM| 3.0 is a big release, the release notes have been split into the following sections:
4 As |RCE| 3.0 is a big release, the release notes have been split into the following sections:
5
5
6 * :ref:`general-rn-ref`
6 * :ref:`general-rn-ref`
7 * :ref:`security-rn-ref`
7 * :ref:`security-rn-ref`
8 * :ref:`api-rn-ref`
8 * :ref:`api-rn-ref`
9 * :ref:`performance-rn-ref`
9 * :ref:`performance-rn-ref`
10 * :ref:`prs-rn-ref`
10 * :ref:`prs-rn-ref`
11 * :ref:`gists-rn-ref`
11 * :ref:`gists-rn-ref`
12 * :ref:`search-rn-ref`
12 * :ref:`search-rn-ref`
13 * :ref:`fixes-rn-ref`
13 * :ref:`fixes-rn-ref`
14
14
15 .. _general-rn-ref:
15 .. _general-rn-ref:
16
16
17 General
17 General
18 ^^^^^^^
18 ^^^^^^^
19 * Released 2015-01-27
19 * Released 2015-01-27
20 * Basic |svn| support added
20 * Basic |svn| support added
21 * GPLv3 components removed
21 * GPLv3 components removed
22 * Server/Client architecture for VCS systems created
22 * Server/Client architecture for VCS systems created
23 * Python 2.5 and 2.6 support deprecated
23 * Python 2.5 and 2.6 support deprecated
24 * Server info pages now show gist/archive cache storage, and also CPU/Memory/Load information.
24 * Server info pages now show gist/archive cache storage, and also CPU/Memory/Load information.
25 * Added new bulk commit (changeset) status comment form into compare view which enables bulk code-reviews without
25 * Added new bulk commit (changeset) status comment form into compare view which enables bulk code-reviews without
26 opening a pull-request.
26 opening a pull-request.
27 * License checks and limits now only apply to active users.
27 * License checks and limits now only apply to active users.
28 * Removed CLI command for |repo| scans as it can be done via an API call.
28 * Removed CLI command for |repo| scans as it can be done via an API call.
29 * VCS backends can be globally enabled/disabled from the :file:`rhodecode.ini` file.
29 * VCS backends can be globally enabled/disabled from the :file:`rhodecode.ini` file.
30 * Added a UI option to set default rendering to rst or markdown.
30 * Added a UI option to set default rendering to rst or markdown.
31 * Added syntax highlighting to 2 way compare diff.
31 * Added syntax highlighting to 2 way compare diff.
32 * Markup rendering can now render checkboxes for easy checklists generation.
32 * Markup rendering can now render checkboxes for easy checklists generation.
33 * Gravatars are now retina ready.
33 * Gravatars are now retina ready.
34 * Admins can define custom CSS or JavaScript in the header or footer via new pre/post code options.
34 * Admins can define custom CSS or JavaScript in the header or footer via new pre/post code options.
35 * Replaced ``graph.js`` with ``commits-graph.js`` html5 implementation.
35 * Replaced ``graph.js`` with ``commits-graph.js`` html5 implementation.
36 * Added editable owner field for repository groups, and user group.
36 * Added editable owner field for repository groups, and user group.
37 * Added an option to detach/delete user repositories when deleting users from the system.
37 * Added an option to detach/delete user repositories when deleting users from the system.
38 * Added a Supervisor control page that shows status of processes.
38 * Added a Supervisor control page that shows status of processes.
39 * User admin grid can now filter by username OR email.
39 * User admin grid can now filter by username OR email.
40 * Added personal |repo| group link for easier fork creation.
40 * Added personal |repo| group link for easier fork creation.
41 * Added support for using subdirectories when creating and uploading new files.
41 * Added support for using subdirectories when creating and uploading new files.
42 * Added option to rename a file from the web interface.
42 * Added option to rename a file from the web interface.
43 * Added arrow key navigation to file filter and fixed the back button behaviour.
43 * Added arrow key navigation to file filter and fixed the back button behaviour.
44 * Added fuzzy matching to file filter.
44 * Added fuzzy matching to file filter.
45 * Added functionality to create folder structures along with files when adding content via the web interface.
45 * Added functionality to create folder structures along with files when adding content via the web interface.
46 * Separated default permissions UI into `global`, `user`, or `object` permissions management.
46 * Separated default permissions UI into `global`, `user`, or `object` permissions management.
47 * Added an inheritance flag to object permissions which allows for explicit permissions which disregard global
47 * Added an inheritance flag to object permissions which allows for explicit permissions which disregard global
48 permissions.
48 permissions.
49 * Added post create repository group hook.
49 * Added post create repository group hook.
50 * Added trigger push hooks on online file editor.
50 * Added trigger push hooks on online file editor.
51 * Added default title for pull request.
51 * Added default title for pull request.
52 * More detailed logs during Authentication.
52 * More detailed logs during Authentication.
53 * More explicit logging when permission checks occur.
53 * More explicit logging when permission checks occur.
54 * Switched the implementation of |git| ``fetch clone pull checkout`` commands to pure |py| without any subprocess
54 * Switched the implementation of |git| ``fetch clone pull checkout`` commands to pure |py| without any subprocess
55 calls.
55 calls.
56 * Introduced the ``rcserver`` command for custom development.
56 * Introduced the ``rcserver`` command for custom development.
57 * Added the ability to force no cache archived via the ``GET no_cache`` flag
57 * Added the ability to force no cache archived via the ``GET no_cache`` flag
58
58
59 .. _security-rn-ref:
59 .. _security-rn-ref:
60
60
61 Security
61 Security
62 ^^^^^^^^
62 ^^^^^^^^
63
63
64 * CSRF (Cross-Site Request Forgery) tokens now in all pages that use forms.
64 * CSRF (Cross-Site Request Forgery) tokens now in all pages that use forms.
65 * The ``clone_url`` field is now AES encrypted inside the database.
65 * The ``clone_url`` field is now AES encrypted inside the database.
66 * ACLs (Access Control Lists) are checked on the gist edit page for logged in users.
66 * ACLs (Access Control Lists) are checked on the gist edit page for logged in users.
67 * New repository groups and repositories are created with 0755 permissions and not not 0777.
67 * New repository groups and repositories are created with 0755 permissions and not not 0777.
68 * Explicit RSS tokens are used for the RSS journal, when leaked, limits access to RSS only.
68 * Explicit RSS tokens are used for the RSS journal, when leaked, limits access to RSS only.
69 * Fixed XSS issues when rendering raw SVG files.
69 * Fixed XSS issues when rendering raw SVG files.
70 * Added force password reset option for users.
70 * Added force password reset option for users.
71 * IP list now accepts comma-separated values, and also ranges using `-` to specify multiple addresses.
71 * IP list now accepts comma-separated values, and also ranges using `-` to specify multiple addresses.
72 * Added ``auth tokens``, these authentication tokens can be used as an alternative to passwords.
72 * Added ``auth tokens``, these authentication tokens can be used as an alternative to passwords.
73 * Added roles (``http, api, rss, all, vcs``) into authentication tokens (previously called ``apikeys``).
73 * Added roles (``http, api, rss, all, vcs``) into authentication tokens (previously called ``apikeys``).
74 * LDAP Group Support added.
74 * LDAP Group Support added.
75 * Added JASIG CAS auth plugin support.
75 * Added JASIG CAS auth plugin support.
76 * Added a plugin parameter that defines if a plugin can create new users on the fly.
76 * Added a plugin parameter that defines if a plugin can create new users on the fly.
77
77
78 .. _api-rn-ref:
78 .. _api-rn-ref:
79
79
80 API
80 API
81 ^^^
81 ^^^
82 * Added permissions delegation when creating |repos| or |repo| groups.
82 * Added permissions delegation when creating |repos| or |repo| groups.
83 * Added ``strip`` support for |hg| and |git| |repos|.
83 * Added ``strip`` support for |hg| and |git| |repos|.
84 * Added comments API for commits.
84 * Added comments API for commits.
85 * Added add/remove methods for extra fields in repositories.
85 * Added add/remove methods for extra fields in repositories.
86 * ``get_*`` calls now use ``permission()`` and ``permission_user_group()`` methods for unified permissions structure.
86 * ``get_*`` calls now use ``permission()`` and ``permission_user_group()`` methods for unified permissions structure.
87 * ``get_repo_nodes`` information sending has changed and is no longer a boolean flag, it's now ``basic`` or ``full``.
87 * ``get_repo_nodes`` information sending has changed and is no longer a boolean flag, it's now ``basic`` or ``full``.
88 * Due to configurable backends ``repo_type`` is now mandatory parameter for the ``create_repo`` call.
88 * Due to configurable backends ``repo_type`` is now mandatory parameter for the ``create_repo`` call.
89
89
90 .. _performance-rn-ref:
90 .. _performance-rn-ref:
91
91
92 Performance
92 Performance
93 ^^^^^^^^^^^
93 ^^^^^^^^^^^
94
94
95 * Significant performance improvements across all application functions.
95 * Significant performance improvements across all application functions.
96 * HTTP Authentication performance enhancements.
96 * HTTP Authentication performance enhancements.
97 * Added a ``scope`` variable to the permissions fetching function which improves building permission trees in large
97 * Added a ``scope`` variable to the permissions fetching function which improves building permission trees in large
98 amounts by a factor of 10.
98 amounts by a factor of 10.
99 * Implemented caching logic for all authentication plugins. The ``AUTH_CACHE_TTL = <int>`` property now allow you to
99 * Implemented caching logic for all authentication plugins. The ``AUTH_CACHE_TTL = <int>`` property now allow you to
100 set the cache in seconds.
100 set the cache in seconds.
101
101
102 .. _prs-rn-ref:
102 .. _prs-rn-ref:
103
103
104 Pull Requests
104 Pull Requests
105 ^^^^^^^^^^^^^
105 ^^^^^^^^^^^^^
106
106
107 * Pull requests can be now updated and merged from the web interface
107 * Pull requests can be now updated and merged from the web interface
108 * Fixed creating a Mercurial |pr| from a bookmark.
108 * Fixed creating a Mercurial |pr| from a bookmark.
109 * Forbid closing pull requests when calculated status is different that the approved or rejected version.
109 * Forbid closing pull requests when calculated status is different that the approved or rejected version.
110 * Properly display calculated pull request review status on listing page.
110 * Properly display calculated pull request review status on listing page.
111 * Disable delete comment button if |pr| is closed.
111 * Disable delete comment button if |pr| is closed.
112
112
113 .. _gists-rn-ref:
113 .. _gists-rn-ref:
114
114
115 Gists
115 Gists
116 ^^^^^
116 ^^^^^
117 * New UI based on grids with filtering.
117 * New UI based on grids with filtering.
118 * Super-admins can see all gists.
118 * Super-admins can see all gists.
119 * Gists can now be created with a custom names.
119 * Gists can now be created with a custom names.
120
120
121 .. _search-rn-ref:
121 .. _search-rn-ref:
122
122
123 Search
123 Search
124 ^^^^^^
124 ^^^^^^
125
125
126 * New API based indexer.
126 * New API based indexer.
127 * Added the ability to create size limits for indexed files.
127 * Added the ability to create size limits for indexed files.
128 * Added a new mapping configuration file which gives a very high level of flexibility when creating full text search.
128 * Added a new mapping configuration file which gives a very high level of flexibility when creating full text search.
129
129
130 .. _fixes-rn-ref:
130 .. _fixes-rn-ref:
131
131
132 Fixes
132 Fixes
133 ^^^^^
133 ^^^^^
134
134
135 * General: fixed issues with dependent objects, such as ``users`` in ``user groups``. Cleaning up these dependent
135 * General: fixed issues with dependent objects, such as ``users`` in ``user groups``. Cleaning up these dependent
136 objects is now done in a safe way.
136 objects is now done in a safe way.
137 * General: deleting a ``user group`` from **settings > advanced** will use force removal and cleanup from all
137 * General: deleting a ``user group`` from **settings > advanced** will use force removal and cleanup from all
138 associations.
138 associations.
139 * General: fixed issue with filter proxy middleware it's now more error prone.
139 * General: fixed issue with filter proxy middleware it's now more error prone.
140 * General: fixed issues with unable to create fork inside a group.
140 * General: fixed issues with unable to create fork inside a group.
141 * General: fixed bad logic in ``ext_json`` lib, that checked bool on microseconds, in case it was 0 bool it returned False.
141 * General: fixed bad logic in ``ext_json`` lib, that checked bool on microseconds, in case it was 0 bool it returned False.
142 * General: authors in annotation mode shows authors of current source, not from all history (that is in normal mode)
142 * General: authors in annotation mode shows authors of current source, not from all history (that is in normal mode)
143 * Permissions: fix issue when inherit flag for user group stopped working after initial permissions set.
143 * Permissions: fix issue when inherit flag for user group stopped working after initial permissions set.
144 * |git|: fixed shallow clones.
144 * |git|: fixed shallow clones.
145 * |git|: added ``\n`` into the service line of |git| protocol. It is in the specifications and some python clients
145 * |git|: added ``\n`` into the service line of |git| protocol. It is in the specifications and some python clients
146 require this.
146 require this.
147 * |hg|: fix thread safety for mercurial ``in-memory`` commits.
147 * |hg|: fix thread safety for mercurial ``in-memory`` commits.
148 * Windows: fixed issue with shebang and env headers.
148 * Windows: fixed issue with shebang and env headers.
149 * MySQL: fixed database fields with 256 char length with added indexes. Mysql had problems with them.
149 * MySQL: fixed database fields with 256 char length with added indexes. Mysql had problems with them.
150 * Database: fixed bad usage of matching using ``ILIKE``. Previously it could happen that if you had
150 * Database: fixed bad usage of matching using ``ILIKE``. Previously it could happen that if you had
151 ``marcin_1@rhodecode.com`` and ``marcin_2@rhodecode.com`` emails, using ``marcin_@rhodecode.com`` would match both.
151 ``marcin_1@rhodecode.com`` and ``marcin_2@rhodecode.com`` emails, using ``marcin_@rhodecode.com`` would match both.
152 * VCS: fixed issues with double new lines on the commit patches.
152 * VCS: fixed issues with double new lines on the commit patches.
153 * VCS: repository locking now requires write permission to repository. If we allowed locking with read,
153 * VCS: repository locking now requires write permission to repository. If we allowed locking with read,
154 people can lock repository without an option to unlock it.
154 people can lock repository without an option to unlock it.
155 * Models: removed the ``isdigit`` call that can create issues when names are actually numbers on fetching objects.
155 * Models: removed the ``isdigit`` call that can create issues when names are actually numbers on fetching objects.
156 * Files: Fix bug with show authors in annotate view.
156 * Files: Fix bug with show authors in annotate view.
157 * Hooks: truncate excessive commit lists on ``post_push`` hook.
157 * Hooks: truncate excessive commit lists on ``post_push`` hook.
158 * Hooks: in |git|, support added to set the default branch if it is not ``master``.
158 * Hooks: in |git|, support added to set the default branch if it is not ``master``.
159 * Notifications: now can be marked as read when you are not admin.
159 * Notifications: now can be marked as read when you are not admin.
160 * Notifications: marking all notifications as read will hide the counter.
160 * Notifications: marking all notifications as read will hide the counter.
161 * Frontend: fixed branch-tag switcher multiple ajax calls.
161 * Frontend: fixed branch-tag switcher multiple ajax calls.
162 * Repository group: |repo| group owners can now change group settings even if they don't have access to top-level
162 * Repository group: |repo| group owners can now change group settings even if they don't have access to top-level
163 permissions.
163 permissions.
164 * Repositories: if you set ``Fork of`` in advanced repository settings it will now only show valid repositories
164 * Repositories: if you set ``Fork of`` in advanced repository settings it will now only show valid repositories
165 with the same type.
165 with the same type.
166
166
@@ -1,85 +1,85 b''
1 .. _install-tools:
1 .. _install-tools:
2
2
3 |RCT| Installation
3 |RCT| Installation
4 ------------------
4 ------------------
5
5
6 As of |RCE| 3.4.1 |RCT| is installed automatically on the server with |RCE|. You
6 As of |RCE| 3.4.1 |RCT| is installed automatically on the server with |RCE|. You
7 do not need to install |RCT| on the server, but you will need to install them
7 do not need to install |RCT| on the server, but you will need to install them
8 on machines that need remote access. The tools are linked to the instance
8 on machines that need remote access. The tools are linked to the instance
9 folder, for example :file:`~/.rccontrol/{instance-id}/profile/bin`
9 folder, for example :file:`~/.rccontrol/{instance-id}/profile/bin`
10
10
11 You can list the available tools using the following example, and the valid
11 You can list the available tools using the following example, and the valid
12 tools options are those which correspond with those in the :ref:`rc-tools`
12 tools options are those which correspond with those in the :ref:`rc-tools`
13 section.
13 section.
14
14
15 .. code-block:: bash
15 .. code-block:: bash
16
16
17 $ ls ~/.rccontrol/enterprise-4/profile/bin/
17 $ ls ~/.rccontrol/enterprise-4/profile/bin/
18
18
19 gen_js_i18n rhodecode-cleanup-gists rhodecode-tools svnrdump
19 gen_js_i18n rhodecode-cleanup-gists rhodecode-tools svnrdump
20 gen_js_routes rhodecode-cleanup-repos supervisorctl svnserve
20 gen_js_routes rhodecode-cleanup-repos supervisorctl svnserve
21 git rhodecode-config supervisord svnsync
21 git rhodecode-config supervisord svnsync
22 gunicorn rhodecode-extensions svn svnversion
22 gunicorn rhodecode-extensions svn svnversion
23 hg rhodecode-gist svnadmin vcsserver
23 hg rhodecode-gist svnadmin vcsserver
24 paster rhodecode-index svndumpfilter
24 paster rhodecode-index svndumpfilter
25 rc-server rhodecode-list-instances svnlook
25 rc-server rhodecode-list-instances svnlook
26 rhodecode-api rhodecode-setup-config svnmucc
26 rhodecode-api rhodecode-setup-config svnmucc
27
27
28 You can then use the tools as described in the :ref:`rc-tools` section using the
28 You can then use the tools as described in the :ref:`rc-tools` section using the
29 following example:
29 following example:
30
30
31 .. code-block:: bash
31 .. code-block:: bash
32
32
33 # Running the indexer
33 # Running the indexer
34 $ ~/.rccontrol/enterprise-1/profile/bin/rhodecode-index \
34 $ ~/.rccontrol/enterprise-1/profile/bin/rhodecode-index \
35 --instance-name=enterprise-1
35 --instance-name=enterprise-1
36
36
37 # Cleaning up gists
37 # Cleaning up gists
38 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-cleanup-gists \
38 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-cleanup-gists \
39 --instance-name=enterprise-4
39 --instance-name=enterprise-4
40
40
41 Scanning for gists in /home/brian/repos/.rc_gist_store...
41 Scanning for gists in /home/brian/repos/.rc_gist_store...
42 preparing to remove [1] found gists
42 preparing to remove [1] found gists
43
43
44 Installing |RCT|
44 Installing |RCT|
45 ^^^^^^^^^^^^^^^^
45 ^^^^^^^^^^^^^^^^
46
46
47 |RCT| enable you to automate many of the most common |RCM| functions through
47 |RCT| enable you to automate many of the most common |RCE| functions through
48 the API. Installing them on a local machine lets you carry out maintenance on
48 the API. Installing them on a local machine lets you carry out maintenance on
49 the server remotely. Once installed you can use them to index your |repos|
49 the server remotely. Once installed you can use them to index your |repos|
50 to setup full-text search, strip commits, or install |RC| Extensions for
50 to setup full-text search, strip commits, or install RhodeCode Extensions for
51 additional functionality.
51 additional functionality.
52
52
53 For more detailed instructions about using |RCT| for indexing and full-text
53 For more detailed instructions about using |RCT| for indexing and full-text
54 search, see :ref:`indexing-ref`
54 search, see :ref:`indexing-ref`
55
55
56 To install |RCT|, use the following steps:
56 To install |RCT|, use the following steps:
57
57
58 1. Set up a ``virtualenv`` on your local machine, see virtualenv_ instructions
58 1. Set up a ``virtualenv`` on your local machine, see virtualenv_ instructions
59 here.
59 here.
60 2. Install |RCT| using pip. Full url with token is available at https://rhodecode.com/u/#rhodecode-tools
60 2. Install |RCT| using pip. Full url with token is available at https://rhodecode.com/u/#rhodecode-tools
61 ``pip install -I https://dls.rhodecode.com/dls/<token>/rhodecode-tools/latest``
61 ``pip install -I https://dls.rhodecode.com/dls/<token>/rhodecode-tools/latest``
62
62
63
63
64 Once |RCT| is installed using these steps there are a few extra
64 Once |RCT| is installed using these steps there are a few extra
65 configuration changes you can make. These are explained in more detail in the
65 configuration changes you can make. These are explained in more detail in the
66 :ref:`indexing-ref` section, and the :ref:`rc-tools` section.
66 :ref:`indexing-ref` section, and the :ref:`rc-tools` section.
67
67
68 .. code-block:: bash
68 .. code-block:: bash
69
69
70 # Create a virtualenv
70 # Create a virtualenv
71 brian@ubuntu:~$ virtualenv venv
71 brian@ubuntu:~$ virtualenv venv
72 New python executable in venv/bin/python
72 New python executable in venv/bin/python
73 Installing setuptools, pip...done.
73 Installing setuptools, pip...done.
74
74
75 # Activate the virtualenv
75 # Activate the virtualenv
76 brian@ubuntu:~$ . venv/bin/activate
76 brian@ubuntu:~$ . venv/bin/activate
77
77
78 # Install RhodeCode Tools inside the virtualenv, full url with token is available at https://rhodecode.com/u/#rhodecode-tools
78 # Install RhodeCode Tools inside the virtualenv, full url with token is available at https://rhodecode.com/u/#rhodecode-tools
79 $ pip install -I https://dls.rhodecode.com/dls/<token>/rhodecode-tools/latest
79 $ pip install -I https://dls.rhodecode.com/dls/<token>/rhodecode-tools/latest
80
80
81 # Check the installation
81 # Check the installation
82 $ rhodecode-tools --help
82 $ rhodecode-tools --help
83
83
84 .. _virtualenv: https://virtualenv.pypa.io/en/latest/index.html
84 .. _virtualenv: https://virtualenv.pypa.io/en/latest/index.html
85
85
@@ -1,14 +1,14 b''
1 .. _rc-tools:
1 .. _rc-tools:
2
2
3 |RCT|
3 |RCT|
4 =====
4 =====
5
5
6 |RCT| enable you to automate many of the most common |RCM| functions through
6 |RCT| enable you to automate many of the most common |RCE| functions through
7 the API.
7 the API.
8
8
9 .. toctree::
9 .. toctree::
10 :maxdepth: 1
10 :maxdepth: 1
11
11
12 tools-overview
12 tools-overview
13 install-tools
13 install-tools
14 tools-cli
14 tools-cli
@@ -1,578 +1,578 b''
1 .. _tools-cli:
1 .. _tools-cli:
2
2
3 |RCT| CLI
3 |RCT| CLI
4 ---------
4 ---------
5
5
6 The commands available with |RCT| can be split into three categories:
6 The commands available with |RCT| can be split into three categories:
7
7
8 - Remotely executable commands that can be run from your local machine once you
8 - Remotely executable commands that can be run from your local machine once you
9 have your connection details to |RCE| configured.
9 have your connection details to |RCE| configured.
10 - Locally executable commands the can be run on the server to carry out
10 - Locally executable commands the can be run on the server to carry out
11 general maintenance.
11 general maintenance.
12 - Local configuration commands used to help set up your |RCT| configuration.
12 - Local configuration commands used to help set up your |RCT| configuration.
13
13
14
14
15 rhodecode-tools
15 rhodecode-tools
16 ---------------
16 ---------------
17
17
18 Use |RCT| to setup automation, run the indexer, and install extensions for
18 Use |RCT| to setup automation, run the indexer, and install extensions for
19 your |RCM| instances. Options:
19 your |RCE| instances. Options:
20
20
21 .. rst-class:: dl-horizontal
21 .. rst-class:: dl-horizontal
22
22
23 \ - -apihost <api_host>
23 \ - -apihost <api_host>
24 Set the API host value.
24 Set the API host value.
25
25
26 \ - -apikey <apikey_value>
26 \ - -apikey <apikey_value>
27 Set the API key value.
27 Set the API key value.
28
28
29 \-c, - -config <config_file>
29 \-c, - -config <config_file>
30 Create a configuration file. The default file is created
30 Create a configuration file. The default file is created
31 in ``~/.rhoderc``
31 in ``~/.rhoderc``
32
32
33 \ - -save-config
33 \ - -save-config
34 Save the configuration file.
34 Save the configuration file.
35
35
36 \ - -show-config
36 \ - -show-config
37 Show the current configuration values.
37 Show the current configuration values.
38
38
39 \ - -format {json,pretty}
39 \ - -format {json,pretty}
40 Set the formatted representation.
40 Set the formatted representation.
41
41
42 Example usage:
42 Example usage:
43
43
44 .. code-block:: bash
44 .. code-block:: bash
45
45
46 $ rhodecode-tools --apikey=key --apihost=http://rhodecode.server \
46 $ rhodecode-tools --apikey=key --apihost=http://rhodecode.server \
47 --save-config
47 --save-config
48
48
49 rhodecode-api
49 rhodecode-api
50 -------------
50 -------------
51
51
52 The |RC| API lets you connect to |RCE| and carry out management tasks from a
52 The RhodeCode API lets you connect to |RCE| and carry out management tasks from a
53 remote machine, for more information about the API, see the :ref:`api`. To
53 remote machine, for more information about the API, see the :ref:`api`. To
54 pass arguments on the command-line use the ``method:option`` syntax.
54 pass arguments on the command-line use the ``method:option`` syntax.
55
55
56 Example usage:
56 Example usage:
57
57
58 .. code-block:: bash
58 .. code-block:: bash
59
59
60 # Run the get_repos API call and sample output
60 # Run the get_repos API call and sample output
61 $ rhodecode-api --instance-name=enterprise-1 create_repo \
61 $ rhodecode-api --instance-name=enterprise-1 create_repo \
62 repo_name:brand-new repo_type:hg description:repo-desc
62 repo_name:brand-new repo_type:hg description:repo-desc
63
63
64 {
64 {
65 "error": null,
65 "error": null,
66 "id": 1110,
66 "id": 1110,
67 "result": {
67 "result": {
68 "msg": "Created new repository `brand-new`",
68 "msg": "Created new repository `brand-new`",
69 "success": true,
69 "success": true,
70 "task": null
70 "task": null
71 }
71 }
72 }
72 }
73
73
74 Options:
74 Options:
75
75
76 .. rst-class:: dl-horizontal
76 .. rst-class:: dl-horizontal
77
77
78 \ - -api-cache-only
78 \ - -api-cache-only
79 Requires a cache to be present when running this call
79 Requires a cache to be present when running this call
80
80
81 \ - -api-cache-rebuild
81 \ - -api-cache-rebuild
82 Replaces existing cached values with new ones from server
82 Replaces existing cached values with new ones from server
83
83
84 \ - -api-cache <PATH>
84 \ - -api-cache <PATH>
85 Use a special cache dir to read responses from instead of the server
85 Use a special cache dir to read responses from instead of the server
86
86
87 \ - -api-cert-verify
87 \ - -api-cert-verify
88 Verify the endpoint ssl certificate
88 Verify the endpoint ssl certificate
89
89
90 \ - -api-cert <PATH>
90 \ - -api-cert <PATH>
91 Path to alternate CA bundle.
91 Path to alternate CA bundle.
92
92
93 \ - -apihost <api_host>
93 \ - -apihost <api_host>
94 Set the API host value.
94 Set the API host value.
95
95
96 \ - -apikey <apikey_value>
96 \ - -apikey <apikey_value>
97 Set the API key value.
97 Set the API key value.
98
98
99 \ - -instance-name <instance-id>
99 \ - -instance-name <instance-id>
100 Set the instance name
100 Set the instance name
101
101
102 \-I, - -install-dir <DIR>
102 \-I, - -install-dir <DIR>
103 Location of application instances
103 Location of application instances
104
104
105 \-c, - -config <.rhoderc-file>
105 \-c, - -config <.rhoderc-file>
106 Location of the :file:`.rhoderc`
106 Location of the :file:`.rhoderc`
107
107
108 \-F, - -format {json,pretty}
108 \-F, - -format {json,pretty}
109 Set the formatted representation.
109 Set the formatted representation.
110
110
111 \-h, - -help
111 \-h, - -help
112 Show help messages.
112 Show help messages.
113
113
114 \-v, - -verbose
114 \-v, - -verbose
115 Enable verbose messaging
115 Enable verbose messaging
116
116
117 rhodecode-cleanup-gists
117 rhodecode-cleanup-gists
118 -----------------------
118 -----------------------
119
119
120 Use this to delete gists within |RCM|. Options:
120 Use this to delete gists within |RCE|. Options:
121
121
122 .. rst-class:: dl-horizontal
122 .. rst-class:: dl-horizontal
123
123
124 \-c, - -config <config_file>
124 \-c, - -config <config_file>
125 Set the file path to the configuration file. The default file is
125 Set the file path to the configuration file. The default file is
126 :file:`/home/{user}/.rhoderc`
126 :file:`/home/{user}/.rhoderc`
127
127
128 \ - -corrupted
128 \ - -corrupted
129 Remove gists with corrupted metadata.
129 Remove gists with corrupted metadata.
130
130
131 \ - -dont-ask
131 \ - -dont-ask
132 Remove gists without asking for confirmation.
132 Remove gists without asking for confirmation.
133
133
134 \-h, - -help
134 \-h, - -help
135 Show help messages. current configuration values.
135 Show help messages. current configuration values.
136
136
137 \ - -instance-name <instance-id>
137 \ - -instance-name <instance-id>
138 Set the instance name.
138 Set the instance name.
139
139
140 \-R, - -repo-dir
140 \-R, - -repo-dir
141 Set the repository file path.
141 Set the repository file path.
142
142
143 \ - -version
143 \ - -version
144 Display your |RCT| version.
144 Display your |RCT| version.
145
145
146 Example usage:
146 Example usage:
147
147
148 .. code-block:: bash
148 .. code-block:: bash
149
149
150 # Clean up gists related to an instance
150 # Clean up gists related to an instance
151 $ rhodecode-cleanup-gists --instance-name=enterprise-1
151 $ rhodecode-cleanup-gists --instance-name=enterprise-1
152 Scanning for gists in /home/brian/repos/.rc_gist_store...
152 Scanning for gists in /home/brian/repos/.rc_gist_store...
153 preparing to remove [3] found gists
153 preparing to remove [3] found gists
154
154
155 # Clean up corrupted gists in an instance
155 # Clean up corrupted gists in an instance
156 $ rhodecode-cleanup-gists --instance-name=enterprise-1 --corrupted
156 $ rhodecode-cleanup-gists --instance-name=enterprise-1 --corrupted
157 Scanning for gists in /home/brian/repos/.rc_gist_store...
157 Scanning for gists in /home/brian/repos/.rc_gist_store...
158 preparing to remove [2] found gists
158 preparing to remove [2] found gists
159 the following gists will be archived:
159 the following gists will be archived:
160 * EXPIRED: BAD METADATA | /home/brian/repos/.rc_gist_store/5
160 * EXPIRED: BAD METADATA | /home/brian/repos/.rc_gist_store/5
161 * EXPIRED: BAD METADATA | /home/brian/repos/.rc_gist_store/8FtC
161 * EXPIRED: BAD METADATA | /home/brian/repos/.rc_gist_store/8FtC
162 are you sure you want to archive them? [y/N]: y
162 are you sure you want to archive them? [y/N]: y
163 removing gist /home/brian/repos/.rc_gist_store/5
163 removing gist /home/brian/repos/.rc_gist_store/5
164 removing gist /home/brian/repos/.rc_gist_store/8FtCKdcbRKmEvRzTVsEt
164 removing gist /home/brian/repos/.rc_gist_store/8FtCKdcbRKmEvRzTVsEt
165
165
166 rhodecode-cleanup-repos
166 rhodecode-cleanup-repos
167 -----------------------
167 -----------------------
168
168
169 Use this to manage |repos| and |repo| groups within |RCM|. Options:
169 Use this to manage |repos| and |repo| groups within |RCE|. Options:
170
170
171 .. rst-class:: dl-horizontal
171 .. rst-class:: dl-horizontal
172
172
173 \-c, - -config <config_file>
173 \-c, - -config <config_file>
174 Set the file path to the configuration file. The default file is
174 Set the file path to the configuration file. The default file is
175 :file:`/home/{user}/.rhoderc`.
175 :file:`/home/{user}/.rhoderc`.
176
176
177 \-h, - -help
177 \-h, - -help
178 Show help messages. current configuration values.
178 Show help messages. current configuration values.
179
179
180 \ - -interactive
180 \ - -interactive
181 Enable an interactive prompt for each repository when deleting.
181 Enable an interactive prompt for each repository when deleting.
182
182
183 \ - -include-groups
183 \ - -include-groups
184 Remove repository groups.
184 Remove repository groups.
185
185
186 \ - -instance-name <instance-id>
186 \ - -instance-name <instance-id>
187 Set the instance name.
187 Set the instance name.
188
188
189 \ - -list-only
189 \ - -list-only
190 Display repositories selected for deletion.
190 Display repositories selected for deletion.
191
191
192 \ - -older-than <str>
192 \ - -older-than <str>
193 Delete repositories older that a specified time.
193 Delete repositories older that a specified time.
194 You can use the following suffixes; d for days, h for hours,
194 You can use the following suffixes; d for days, h for hours,
195 m for minutes, s for seconds.
195 m for minutes, s for seconds.
196
196
197 \-R, - -repo-dir
197 \-R, - -repo-dir
198 Set the repository file path
198 Set the repository file path
199
199
200 Example usage:
200 Example usage:
201
201
202 .. code-block:: bash
202 .. code-block:: bash
203
203
204 # Cleaning up repos using tools installed with RCE 350 and above
204 # Cleaning up repos using tools installed with RCE 350 and above
205 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-cleanup-repos \
205 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-cleanup-repos \
206 --instance-name=enterprise-4 --older-than=1d
206 --instance-name=enterprise-4 --older-than=1d
207 Scanning for repositories in /home/brian/repos...
207 Scanning for repositories in /home/brian/repos...
208 preparing to remove [2] found repositories older than 1 day, 0:00:00 (1d)
208 preparing to remove [2] found repositories older than 1 day, 0:00:00 (1d)
209
209
210 the following repositories will be deleted completely:
210 the following repositories will be deleted completely:
211 * REMOVED: 2015-08-05 00:23:18 | /home/brian/repos/rm__20150805_002318_831
211 * REMOVED: 2015-08-05 00:23:18 | /home/brian/repos/rm__20150805_002318_831
212 * REMOVED: 2015-08-04 01:22:10 | /home/brian/repos/rm__20150804_012210_336
212 * REMOVED: 2015-08-04 01:22:10 | /home/brian/repos/rm__20150804_012210_336
213 are you sure you want to remove them? [y/N]:
213 are you sure you want to remove them? [y/N]:
214
214
215 # Clean up repos older than 1 year
215 # Clean up repos older than 1 year
216 # If using virtualenv and pre RCE 350 tools installation
216 # If using virtualenv and pre RCE 350 tools installation
217 (venv)$ rhodecode-cleanup-repos --instance-name=enterprise-1 \
217 (venv)$ rhodecode-cleanup-repos --instance-name=enterprise-1 \
218 --older-than=365d
218 --older-than=365d
219
219
220 Scanning for repositories in /home/brian/repos...
220 Scanning for repositories in /home/brian/repos...
221 preparing to remove [343] found repositories older than 365 days
221 preparing to remove [343] found repositories older than 365 days
222
222
223 # clean up repos older than 3 days
223 # clean up repos older than 3 days
224 # If using virtualenv and pre RCE 350 tools installation
224 # If using virtualenv and pre RCE 350 tools installation
225 (venv)$ rhodecode-cleanup-repos --instance-name=enterprise-1 \
225 (venv)$ rhodecode-cleanup-repos --instance-name=enterprise-1 \
226 --older-than=3d
226 --older-than=3d
227 Scanning for repositories in /home/brian/repos...
227 Scanning for repositories in /home/brian/repos...
228 preparing to remove [3] found repositories older than 3 days
228 preparing to remove [3] found repositories older than 3 days
229
229
230 .. _tools-config:
230 .. _tools-config:
231
231
232 rhodecode-config
232 rhodecode-config
233 ----------------
233 ----------------
234
234
235 Use this to create or update a |RCE| configuration file on the local machine.
235 Use this to create or update a |RCE| configuration file on the local machine.
236
236
237 .. rst-class:: dl-horizontal
237 .. rst-class:: dl-horizontal
238
238
239 \- -filename </path/to/config_file>
239 \- -filename </path/to/config_file>
240 Set the file path to the |RCE| configuration file.
240 Set the file path to the |RCE| configuration file.
241
241
242 \- -show-defaults
242 \- -show-defaults
243 Display the defaults set in the |RCE| configuration file.
243 Display the defaults set in the |RCE| configuration file.
244
244
245 \- -update
245 \- -update
246 Update the configuration with the new settings passed on the command
246 Update the configuration with the new settings passed on the command
247 line.
247 line.
248
248
249 .. code-block:: bash
249 .. code-block:: bash
250
250
251 # Create a new config file
251 # Create a new config file
252 $ rhodecode-config --filename=dev.ini
252 $ rhodecode-config --filename=dev.ini
253 Wrote new config file in /Users/user/dev.ini
253 Wrote new config file in /Users/user/dev.ini
254
254
255 # Update config value for given section:
255 # Update config value for given section:
256 $ rhodecode-config --update --filename=prod.ini [handler_console]level=INFO
256 $ rhodecode-config --update --filename=prod.ini [handler_console]level=INFO
257
257
258 $ rhodecode-config --filename=dev.ini --show-defaults
258 $ rhodecode-config --filename=dev.ini --show-defaults
259 lang=en
259 lang=en
260 cpu_number=4
260 cpu_number=4
261 uuid=<function <lambda> at 0x10d86ac08>
261 uuid=<function <lambda> at 0x10d86ac08>
262 license_token=ff1e-aa9c-bb66-11e5
262 license_token=ff1e-aa9c-bb66-11e5
263 host=127.0.0.1
263 host=127.0.0.1
264 here=/Users/brian
264 here=/Users/brian
265 error_aggregation_service=None
265 error_aggregation_service=None
266 database_url=sqlite:///%(here)s/rhodecode.db?timeout=30
266 database_url=sqlite:///%(here)s/rhodecode.db?timeout=30
267 git_path=git
267 git_path=git
268 http_server=waitress
268 http_server=waitress
269 port=5000
269 port=5000
270
270
271 .. _tools-rhodecode-extensions:
271 .. _tools-rhodecode-extensions:
272
272
273 rhodecode-extensions
273 rhodecode-extensions
274 --------------------
274 --------------------
275
275
276 The `rcextensions` since version 4.14 are now shipped together with |RCE| please check
276 The `rcextensions` since version 4.14 are now shipped together with |RCE| please check
277 the using :ref:`integrations-rcextensions` section.
277 the using :ref:`integrations-rcextensions` section.
278
278
279
279
280 rhodecode-gist
280 rhodecode-gist
281 --------------
281 --------------
282
282
283 Use this to create, list, show, or delete gists within |RCM|. Options:
283 Use this to create, list, show, or delete gists within |RCE|. Options:
284
284
285 .. rst-class:: dl-horizontal
285 .. rst-class:: dl-horizontal
286
286
287 \ - -api-cache-only
287 \ - -api-cache-only
288 Requires a cache to be present when running this call
288 Requires a cache to be present when running this call
289
289
290 \ - -api-cache-rebuild
290 \ - -api-cache-rebuild
291 Replaces existing cached values with new ones from server
291 Replaces existing cached values with new ones from server
292
292
293 \ - -api-cache PATH
293 \ - -api-cache PATH
294 Use a special cache dir to read responses from instead of the server
294 Use a special cache dir to read responses from instead of the server
295
295
296 \ - -api-cert-verify
296 \ - -api-cert-verify
297 Verify the endpoint ssl certificate
297 Verify the endpoint ssl certificate
298
298
299 \ - -api-cert PATH
299 \ - -api-cert PATH
300 Path to alternate CA bundle.
300 Path to alternate CA bundle.
301
301
302 \ - -apihost <api_host>
302 \ - -apihost <api_host>
303 Set the API host value.
303 Set the API host value.
304
304
305 \ - -apikey <apikey_value>
305 \ - -apikey <apikey_value>
306 Set the API key value.
306 Set the API key value.
307
307
308 \-c, - -config <config_file>
308 \-c, - -config <config_file>
309 Create a configuration file.
309 Create a configuration file.
310 The default file is created in :file:`~/.rhoderc`
310 The default file is created in :file:`~/.rhoderc`
311
311
312 \ - -create <gistname>
312 \ - -create <gistname>
313 create the gist
313 create the gist
314
314
315 \-d, - -description <str>
315 \-d, - -description <str>
316 Set gist description
316 Set gist description
317
317
318 \ - -delete <gistid>
318 \ - -delete <gistid>
319 Delete the gist
319 Delete the gist
320
320
321 \-f, - -file
321 \-f, - -file
322 Specify the filename The file extension will enable syntax highlighting.
322 Specify the filename The file extension will enable syntax highlighting.
323
323
324 \-F, - -format {json,pretty}
324 \-F, - -format {json,pretty}
325 Set the formatted representation.
325 Set the formatted representation.
326
326
327 \ - -help
327 \ - -help
328 Show help messages.
328 Show help messages.
329
329
330 \-I, - -install-dir <DIR>
330 \-I, - -install-dir <DIR>
331 Location of application instances
331 Location of application instances
332
332
333 \ - -instance-name <instance-id>
333 \ - -instance-name <instance-id>
334 Set the instance name.
334 Set the instance name.
335
335
336 \ - -list
336 \ - -list
337 Display instance gists.
337 Display instance gists.
338
338
339 \-l, --lifetime <minutes>
339 \-l, --lifetime <minutes>
340 Set the gist lifetime. The default value is (-1) forever
340 Set the gist lifetime. The default value is (-1) forever
341
341
342 \ - -show <gistname>
342 \ - -show <gistname>
343 Show the content of the gist
343 Show the content of the gist
344
344
345 \-o, - -open
345 \-o, - -open
346 After creating Gist open it in browser
346 After creating Gist open it in browser
347
347
348 \-p, - -private
348 \-p, - -private
349 Create a private gist
349 Create a private gist
350
350
351 \ - -version
351 \ - -version
352 Display your |RCT| version.
352 Display your |RCT| version.
353
353
354 Example usage:
354 Example usage:
355
355
356 .. code-block:: bash
356 .. code-block:: bash
357
357
358 # List the gists in an instance
358 # List the gists in an instance
359 (venv)brian@ubuntu:~$ rhodecode-gist --instance-name=enterprise-1 list
359 (venv)brian@ubuntu:~$ rhodecode-gist --instance-name=enterprise-1 list
360 {
360 {
361 "error": null,
361 "error": null,
362 "id": 7102,
362 "id": 7102,
363 "result": [
363 "result": [
364 {
364 {
365 "access_id": "2",
365 "access_id": "2",
366 "content": null,
366 "content": null,
367 "created_on": "2015-01-19T12:52:26.494",
367 "created_on": "2015-01-19T12:52:26.494",
368 "description": "A public gust",
368 "description": "A public gust",
369 "expires": -1.0,
369 "expires": -1.0,
370 "gist_id": 2,
370 "gist_id": 2,
371 "type": "public",
371 "type": "public",
372 "url": "http://127.0.0.1:10003/_admin/gists/2"
372 "url": "http://127.0.0.1:10003/_admin/gists/2"
373 },
373 },
374 {
374 {
375 "access_id": "7gs6BsSEC4pKUEPLz5AB",
375 "access_id": "7gs6BsSEC4pKUEPLz5AB",
376 "content": null,
376 "content": null,
377 "created_on": "2015-01-19T11:27:40.812",
377 "created_on": "2015-01-19T11:27:40.812",
378 "description": "Gist testing API",
378 "description": "Gist testing API",
379 "expires": -1.0,
379 "expires": -1.0,
380 "gist_id": 1,
380 "gist_id": 1,
381 "type": "private",
381 "type": "private",
382 "url": "http://127.0.0.1:10003/_admin/gists/7gs6BsSEC4pKUEPLz5AB"
382 "url": "http://127.0.0.1:10003/_admin/gists/7gs6BsSEC4pKUEPLz5AB"
383 }
383 }
384 ]
384 ]
385 }
385 }
386
386
387 # delete a particular gist
387 # delete a particular gist
388 # You use the access_id to specify the gist to delete
388 # You use the access_id to specify the gist to delete
389 (venv)brian@ubuntu:~$ rhodecode-gist delete 2 --instance-name=enterprise-1
389 (venv)brian@ubuntu:~$ rhodecode-gist delete 2 --instance-name=enterprise-1
390 {
390 {
391 "error": null,
391 "error": null,
392 "id": 6284,
392 "id": 6284,
393 "result": {
393 "result": {
394 "gist": null,
394 "gist": null,
395 "msg": "deleted gist ID:2"
395 "msg": "deleted gist ID:2"
396 }
396 }
397 }
397 }
398
398
399 # cat a file and pipe to new gist
399 # cat a file and pipe to new gist
400 # This is if you are using virtualenv
400 # This is if you are using virtualenv
401 (venv)$ cat ~/.rhoderc | rhodecode-gist --instance-name=enterprise-1 \
401 (venv)$ cat ~/.rhoderc | rhodecode-gist --instance-name=enterprise-1 \
402 -d '.rhoderc copy' create
402 -d '.rhoderc copy' create
403
403
404 {
404 {
405 "error": null,
405 "error": null,
406 "id": 5374,
406 "id": 5374,
407 "result": {
407 "result": {
408 "gist": {
408 "gist": {
409 "access_id": "7",
409 "access_id": "7",
410 "content": null,
410 "content": null,
411 "created_on": "2015-01-26T11:31:58.774",
411 "created_on": "2015-01-26T11:31:58.774",
412 "description": ".rhoderc copy",
412 "description": ".rhoderc copy",
413 "expires": -1.0,
413 "expires": -1.0,
414 "gist_id": 7,
414 "gist_id": 7,
415 "type": "public",
415 "type": "public",
416 "url": "http://127.0.0.1:10003/_admin/gists/7"
416 "url": "http://127.0.0.1:10003/_admin/gists/7"
417 },
417 },
418 "msg": "created new gist"
418 "msg": "created new gist"
419 }
419 }
420 }
420 }
421
421
422 # Cat a file and pipe to gist
422 # Cat a file and pipe to gist
423 # in RCE 3.5.0 tools and above
423 # in RCE 3.5.0 tools and above
424 $ cat ~/.rhoderc | ~/.rccontrol/{instance-id}/profile/bin/rhodecode-gist \
424 $ cat ~/.rhoderc | ~/.rccontrol/{instance-id}/profile/bin/rhodecode-gist \
425 --instance-name=enterprise-4 -d '.rhoderc copy' create
425 --instance-name=enterprise-4 -d '.rhoderc copy' create
426 {
426 {
427 "error": null,
427 "error": null,
428 "id": 9253,
428 "id": 9253,
429 "result": {
429 "result": {
430 "gist": {
430 "gist": {
431 "access_id": "4",
431 "access_id": "4",
432 "acl_level": "acl_public",
432 "acl_level": "acl_public",
433 "content": null,
433 "content": null,
434 "created_on": "2015-08-20T05:54:11.250",
434 "created_on": "2015-08-20T05:54:11.250",
435 "description": ".rhoderc copy",
435 "description": ".rhoderc copy",
436 "expires": -1.0,
436 "expires": -1.0,
437 "gist_id": 4,
437 "gist_id": 4,
438 "modified_at": "2015-08-20T05:54:11.250",
438 "modified_at": "2015-08-20T05:54:11.250",
439 "type": "public",
439 "type": "public",
440 "url": "http://127.0.0.1:10000/_admin/gists/4"
440 "url": "http://127.0.0.1:10000/_admin/gists/4"
441 },
441 },
442 "msg": "created new gist"
442 "msg": "created new gist"
443 }
443 }
444 }
444 }
445
445
446
446
447 rhodecode-index
447 rhodecode-index
448 ---------------
448 ---------------
449
449
450 More detailed information regarding setting up the indexer is available in
450 More detailed information regarding setting up the indexer is available in
451 the :ref:`indexing-ref` section. Options:
451 the :ref:`indexing-ref` section. Options:
452
452
453 .. rst-class:: dl-horizontal
453 .. rst-class:: dl-horizontal
454
454
455 \ - -api-cache-only
455 \ - -api-cache-only
456 Requires a cache to be present when running this call
456 Requires a cache to be present when running this call
457
457
458 \ - -api-cache-rebuild
458 \ - -api-cache-rebuild
459 Replaces existing cached values with new ones from server
459 Replaces existing cached values with new ones from server
460
460
461 \ - -api-cache PATH
461 \ - -api-cache PATH
462 Use a special cache dir to read responses from instead of the server
462 Use a special cache dir to read responses from instead of the server
463
463
464 \ - -api-cert-verify
464 \ - -api-cert-verify
465 Verify the endpoint ssl certificate
465 Verify the endpoint ssl certificate
466
466
467 \ - -api-cert PATH
467 \ - -api-cert PATH
468 Path to alternate CA bundle.
468 Path to alternate CA bundle.
469
469
470 \ - -apihost <api_host>
470 \ - -apihost <api_host>
471 Set the API host value.
471 Set the API host value.
472
472
473 \ - -apikey <apikey_value>
473 \ - -apikey <apikey_value>
474 Set the API key value.
474 Set the API key value.
475
475
476 \-c, --config <config_file>
476 \-c, --config <config_file>
477 Create a configuration file.
477 Create a configuration file.
478 The default file is created in :file:`~/.rhoderc`
478 The default file is created in :file:`~/.rhoderc`
479
479
480 \ - -create-mapping <PATH>
480 \ - -create-mapping <PATH>
481 Creates an example mapping configuration for indexer.
481 Creates an example mapping configuration for indexer.
482
482
483 \-F, - -format {json,pretty}
483 \-F, - -format {json,pretty}
484 Set the formatted representation.
484 Set the formatted representation.
485
485
486 \-h, - -help
486 \-h, - -help
487 Show help messages.
487 Show help messages.
488
488
489 \ - -instance-name <instance-id>
489 \ - -instance-name <instance-id>
490 Set the instance name
490 Set the instance name
491
491
492 \-I, - -install-dir <DIR>
492 \-I, - -install-dir <DIR>
493 Location of application instances
493 Location of application instances
494
494
495 \-m, - -mapping <file_name>
495 \-m, - -mapping <file_name>
496 Parse the output to the .ini mapping file.
496 Parse the output to the .ini mapping file.
497
497
498 \ - -optimize
498 \ - -optimize
499 Optimize index for performance by amalgamating multiple index files
499 Optimize index for performance by amalgamating multiple index files
500 into one. Greatly increases incremental indexing speed.
500 into one. Greatly increases incremental indexing speed.
501
501
502 \-R, - -repo-dir <DIRECTORY>
502 \-R, - -repo-dir <DIRECTORY>
503 Location of repositories
503 Location of repositories
504
504
505 \ - -source <PATH>
505 \ - -source <PATH>
506 Use a special source JSON file to feed the indexer
506 Use a special source JSON file to feed the indexer
507
507
508 \ - -version
508 \ - -version
509 Display your |RCT| version.
509 Display your |RCT| version.
510
510
511 Example usage:
511 Example usage:
512
512
513 .. code-block:: bash
513 .. code-block:: bash
514
514
515 # Run the indexer
515 # Run the indexer
516 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-index \
516 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-index \
517 --instance-name=enterprise-4
517 --instance-name=enterprise-4
518
518
519 # Run indexer based on mapping.ini file
519 # Run indexer based on mapping.ini file
520 # This is using pre-350 virtualenv
520 # This is using pre-350 virtualenv
521 (venv)$ rhodecode-index --instance-name=enterprise-1
521 (venv)$ rhodecode-index --instance-name=enterprise-1
522
522
523 # Index from the command line without creating
523 # Index from the command line without creating
524 # the .rhoderc file
524 # the .rhoderc file
525 $ rhodecode-index --apikey=key --apihost=http://rhodecode.server \
525 $ rhodecode-index --apikey=key --apihost=http://rhodecode.server \
526 --instance-name=enterprise-2 --save-config
526 --instance-name=enterprise-2 --save-config
527
527
528 # Create the indexing mapping file
528 # Create the indexing mapping file
529 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-index \
529 $ ~/.rccontrol/enterprise-4/profile/bin/rhodecode-index \
530 --create-mapping mapping.ini --instance-name=enterprise-4
530 --create-mapping mapping.ini --instance-name=enterprise-4
531
531
532 .. _tools-rhodecode-list-instance:
532 .. _tools-rhodecode-list-instance:
533
533
534 rhodecode-list-instances
534 rhodecode-list-instances
535 ------------------------
535 ------------------------
536
536
537 Use this command to list the instance details configured in the
537 Use this command to list the instance details configured in the
538 :file:`~/.rhoderc` file.
538 :file:`~/.rhoderc` file.
539
539
540 .. code-block:: bash
540 .. code-block:: bash
541
541
542 $ .rccontrol/enterprise-1/profile/bin/rhodecode-list-instances
542 $ .rccontrol/enterprise-1/profile/bin/rhodecode-list-instances
543 [instance:production] - Config only
543 [instance:production] - Config only
544 API-HOST: https://some.url.com
544 API-HOST: https://some.url.com
545 API-KEY: some.auth.token
545 API-KEY: some.auth.token
546
546
547 [instance:development] - Config only
547 [instance:development] - Config only
548 API-HOST: http://some.ip.address
548 API-HOST: http://some.ip.address
549 API-KEY: some.auth.token
549 API-KEY: some.auth.token
550
550
551
551
552 .. _tools-setup-config:
552 .. _tools-setup-config:
553
553
554 rhodecode-setup-config
554 rhodecode-setup-config
555 ----------------------
555 ----------------------
556
556
557 Use this command to create the ``~.rhoderc`` file required by |RCT| to access
557 Use this command to create the ``~.rhoderc`` file required by |RCT| to access
558 remote instances.
558 remote instances.
559
559
560 .. rst-class:: dl-horizontal
560 .. rst-class:: dl-horizontal
561
561
562 \- -instance-name <name>
562 \- -instance-name <name>
563 Specify the instance name in the :file:`~/.rhoderc`
563 Specify the instance name in the :file:`~/.rhoderc`
564
564
565 \api_host <hostname>
565 \api_host <hostname>
566 Create a configuration file. The default file is created
566 Create a configuration file. The default file is created
567 in ``~/.rhoderc``
567 in ``~/.rhoderc``
568
568
569 \api_key <auth-token>
569 \api_key <auth-token>
570 Create a configuration file. The default file is created
570 Create a configuration file. The default file is created
571 in ``~/.rhoderc``
571 in ``~/.rhoderc``
572
572
573
573
574 .. code-block:: bash
574 .. code-block:: bash
575
575
576 (venv)$ rhodecode-setup-config --instance-name=tea api_host=URL api_key=xyz
576 (venv)$ rhodecode-setup-config --instance-name=tea api_host=URL api_key=xyz
577 Config not found under /Users/username/.rhoderc, creating a new one
577 Config not found under /Users/username/.rhoderc, creating a new one
578 Wrote new configuration into /Users/username/.rhoderc
578 Wrote new configuration into /Users/username/.rhoderc
@@ -1,66 +1,66 b''
1 .. _tools-overview:
1 .. _tools-overview:
2
2
3 |RCT| Overview
3 |RCT| Overview
4 --------------
4 --------------
5
5
6 To install |RCT| correctly, see the installation steps covered in
6 To install |RCT| correctly, see the installation steps covered in
7 :ref:`install-tools`, and :ref:`config-rhoderc`.
7 :ref:`install-tools`, and :ref:`config-rhoderc`.
8
8
9 Once |RCT| is installed, and the :file:`/home/{user}/.rhoderc` file is
9 Once |RCT| is installed, and the :file:`/home/{user}/.rhoderc` file is
10 configured you can then use |RCT| on each |RCM| instance to carry out admin
10 configured you can then use |RCT| on each |RCE| instance to carry out admin
11 tasks. Use the following example to configure that file,
11 tasks. Use the following example to configure that file,
12 and once configured see the :ref:`tools-cli` for more details.
12 and once configured see the :ref:`tools-cli` for more details.
13
13
14 .. note::
14 .. note::
15
15
16 |RCT| require |PY| 2.7 to run.
16 |RCT| require |PY| 2.7 to run.
17
17
18 .. code-block:: bash
18 .. code-block:: bash
19
19
20 # Get the status of each instance you wish to use with Tools
20 # Get the status of each instance you wish to use with Tools
21 (venv)brian@ubuntu:~$ rccontrol status
21 (venv)brian@ubuntu:~$ rccontrol status
22
22
23 - NAME: momentum-1
23 - NAME: momentum-1
24 - STATUS: RUNNING
24 - STATUS: RUNNING
25 - TYPE: Momentum
25 - TYPE: Momentum
26 - VERSION: 3.0.0-nightly-momentum
26 - VERSION: 3.0.0-nightly-momentum
27 - URL: http://127.0.0.1:10003
27 - URL: http://127.0.0.1:10003
28
28
29 - NAME: momentum-3
29 - NAME: momentum-3
30 - STATUS: RUNNING
30 - STATUS: RUNNING
31 - TYPE: Momentum
31 - TYPE: Momentum
32 - VERSION: 3.0.0-nightly-momentum
32 - VERSION: 3.0.0-nightly-momentum
33 - URL: http://127.0.0.1:10007
33 - URL: http://127.0.0.1:10007
34
34
35 Example :file:`/home/{user}/.rhoderc` file.
35 Example :file:`/home/{user}/.rhoderc` file.
36
36
37 .. code-block:: ini
37 .. code-block:: ini
38
38
39 # Configure the .rhoderc file for each instance
39 # Configure the .rhoderc file for each instance
40 # API keys found in your instance
40 # API keys found in your instance
41 [instance:enterprise-1]
41 [instance:enterprise-1]
42 api_host = http://127.0.0.1:10003/
42 api_host = http://127.0.0.1:10003/
43 api_key = 91fdbdc257289c46633ef5aab274412911de1ba9
43 api_key = 91fdbdc257289c46633ef5aab274412911de1ba9
44 repo_dir = /home/brian/repos
44 repo_dir = /home/brian/repos
45
45
46 [instance:enterprise-3]
46 [instance:enterprise-3]
47 api_host = http://127.0.0.1:10007/
47 api_host = http://127.0.0.1:10007/
48 api_key = 5a925f65438d29f8d6ced8ab8e8c3d305998d1d9
48 api_key = 5a925f65438d29f8d6ced8ab8e8c3d305998d1d9
49 repo_dir = /home/brian/testing-repos/
49 repo_dir = /home/brian/testing-repos/
50
50
51
51
52 Example usage of |RCT| after |RCE| 3.5.0. From this version onwards |RCT| is
52 Example usage of |RCT| after |RCE| 3.5.0. From this version onwards |RCT| is
53 packaged with |RCE| by default.
53 packaged with |RCE| by default.
54
54
55 .. code-block:: bash
55 .. code-block:: bash
56
56
57 $ .rccontrol/enterprise-4/profile/bin/rhodecode-api --instance-name=enterprise-4 get_ip [11:56:57 on 05/10/2018]
57 $ .rccontrol/enterprise-4/profile/bin/rhodecode-api --instance-name=enterprise-4 get_ip [11:56:57 on 05/10/2018]
58
58
59 {
59 {
60 "error": null,
60 "error": null,
61 "id": 1000,
61 "id": 1000,
62 "result": {
62 "result": {
63 "server_ip_addr": "1.2.3.4",
63 "server_ip_addr": "1.2.3.4",
64 "user_ips": []
64 "user_ips": []
65 }
65 }
66 }
66 }
@@ -1,220 +1,220 b''
1 .. _hosted-solution:
1 .. _hosted-solution:
2
2
3 Deploy |RCE| From a Hosted Server
3 Deploy |RCE| From a Hosted Server
4 =================================
4 =================================
5
5
6 If you wish to deploy your own |RCE| instance from something like a
6 If you wish to deploy your own |RCE| instance from something like a
7 `Digital Ocean`_ droplet, or a `hetzner`_ server use the following
7 `Digital Ocean`_ droplet, or a `hetzner`_ server use the following
8 instructions to get it setup.
8 instructions to get it setup.
9
9
10 I'm using an Ubuntu 14.04 image for the purposes of this
10 I'm using an Ubuntu 14.04 image for the purposes of this
11 tutorial, but all other Unix environments will be pretty similar. You can
11 tutorial, but all other Unix environments will be pretty similar. You can
12 check out the full lists of supported platforms and versions in the
12 check out the full lists of supported platforms and versions in the
13 :ref:`system-overview-ref` section.
13 :ref:`system-overview-ref` section.
14
14
15
15
16 Create a Digital Ocean Droplet
16 Create a Digital Ocean Droplet
17 ------------------------------
17 ------------------------------
18
18
19 1. Sign into Digital Ocean.
19 1. Sign into Digital Ocean.
20 2. Create a Droplet choosing Ubuntu 14.04 as your |os|.
20 2. Create a Droplet choosing Ubuntu 14.04 as your |os|.
21 3. (Optional) Add SSH keys if you have them set up.
21 3. (Optional) Add SSH keys if you have them set up.
22
22
23 Configure Your Server
23 Configure Your Server
24 ---------------------
24 ---------------------
25
25
26 Once you have your server created, you need to sign into it and set it up to
26 Once you have your server created, you need to sign into it and set it up to
27 host |RCE|.
27 host |RCE|.
28
28
29 1. Open a terminal and sign into your server. Digital Ocean will mail you the
29 1. Open a terminal and sign into your server. Digital Ocean will mail you the
30 IP address. You'll need to change your password on the first login if you
30 IP address. You'll need to change your password on the first login if you
31 don not have SSH keys set up.
31 don not have SSH keys set up.
32
32
33 .. code-block:: bash
33 .. code-block:: bash
34
34
35 $ ssh root@203.0.113.113
35 $ ssh root@203.0.113.113
36
36
37 2. It is not advised to install |RCE| as the ``root`` user. So create a user
37 2. It is not advised to install |RCE| as the ``root`` user. So create a user
38 with sudo permissions and then carry out the rest of the steps from that user
38 with sudo permissions and then carry out the rest of the steps from that user
39 account.
39 account.
40
40
41 .. code-block:: bash
41 .. code-block:: bash
42
42
43 # Create a user with sudo permissions
43 # Create a user with sudo permissions
44 root@rhodecode:~# sudo useradd -m -s /bin/bash -d /home/brian -U brian
44 root@rhodecode:~# sudo useradd -m -s /bin/bash -d /home/brian -U brian
45 root@rhodecode:~# sudo usermod -a -G sudo brian
45 root@rhodecode:~# sudo usermod -a -G sudo brian
46
46
47 # Set the password for that user
47 # Set the password for that user
48 root@rhodecode:~# passwd brian
48 root@rhodecode:~# passwd brian
49 Enter new UNIX password:
49 Enter new UNIX password:
50 Retype new UNIX password:
50 Retype new UNIX password:
51 passwd: password updated successfully
51 passwd: password updated successfully
52
52
53 # Switch to that user for the rest of the steps
53 # Switch to that user for the rest of the steps
54 root@rhodecode:~# su brian
54 root@rhodecode:~# su brian
55
55
56 # You should see your home dir change to what was set during installation
56 # You should see your home dir change to what was set during installation
57 brian@rhodecode:~$ cd ~
57 brian@rhodecode:~$ cd ~
58 brian@rhodecode:~$ pwd
58 brian@rhodecode:~$ pwd
59 /home/brian
59 /home/brian
60
60
61 Once you have this set up, you are ready to install |RCC|.
61 Once you have this set up, you are ready to install |RCC|.
62
62
63 Install |RCC|
63 Install |RCC|
64 -------------
64 -------------
65
65
66 |RCC| will install and manage the package dependencies for your |RCE| instance.
66 |RCC| will install and manage the package dependencies for your |RCE| instance.
67
67
68 1. Download the |RCC| installer from https://rhodecode.com/download/
68 1. Download the |RCC| installer from https://rhodecode.com/download/
69 2. Once downloaded to your computer, transfer the package to your server
69 2. Once downloaded to your computer, transfer the package to your server
70
70
71 .. note::
71 .. note::
72
72
73 These steps happen on your computer, not on the server.
73 These steps happen on your computer, not on the server.
74
74
75 .. code-block:: bash
75 .. code-block:: bash
76
76
77 # Change to where the file is downloaded
77 # Change to where the file is downloaded
78 $ cd Downloads/
78 $ cd Downloads/
79
79
80 # SFTP to your server
80 # SFTP to your server
81 $ sftp brian@203.0.113.113
81 $ sftp brian@203.0.113.113
82
82
83 # Use mput to transfer the file
83 # Use mput to transfer the file
84 sftp> mput RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3
84 sftp> mput RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3
85 Uploading RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3 to /home/brian/RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3
85 Uploading RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3 to /home/brian/RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3
86 RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d 100% 289MB 4.1MB/s 01:11
86 RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d 100% 289MB 4.1MB/s 01:11
87 sftp> exit
87 sftp> exit
88
88
89 The |RCC| installer is now on your server, and you can read the full
89 The |RCC| installer is now on your server, and you can read the full
90 instructions here
90 instructions here
91 :ref:`Install RhodeCode Control <control:rcc-linux-ref>` ,
91 :ref:`Install RhodeCode Control <control:rcc-linux-ref>` ,
92 but below is the example shortcut.
92 but below is the example shortcut.
93
93
94 .. code-block:: bash
94 .. code-block:: bash
95
95
96 # Check that the script is uploaded to your home directory
96 # Check that the script is uploaded to your home directory
97 $ ls -1
97 $ ls -1
98 RhodeCode-installer-linux-391_b1a804c4d69b_d6c087d520e3
98 RhodeCode-installer-linux-buildYYYYXXXX_ZZZZ
99
99
100 # Change the script permissions
100 # Change the script permissions
101 $ chmod 755 RhodeCode-installer-linux*
101 $ chmod +x RhodeCode-installer-linux*
102
102
103 # Run the installer and accept the prompts
103 # Run the installer and accept the prompts
104 $ ./RhodeCode-installer-linux-*
104 $ ./RhodeCode-installer-linux-*
105
105
106 .. important::
106 .. important::
107
107
108 Once finished, exit the terminal and sign in again. This is to refresh you
108 Once finished, exit the terminal and sign in again. This is to refresh you
109 session to pick up the new commands.
109 session to pick up the new commands.
110
110
111 Install |RCE|
111 Install |RCE|
112 -------------
112 -------------
113
113
114 Now that |RCC| is installed, you can install |RCE|. For the full
114 Now that |RCC| is installed, you can install |RCE|. For the full
115 instructions, see
115 instructions, see
116 :ref:`Install RhodeCode Enterprise <control:rce-cli-install-ref>`,
116 :ref:`Install RhodeCode Enterprise <control:rce-cli-install-ref>`,
117 but the below is an example shortcut.
117 but the below is an example shortcut.
118
118
119 .. code-block:: bash
119 .. code-block:: bash
120
120
121 # Install a VCS Server and follow the prompts
121 # Install a VCS Server and follow the prompts
122 $ rccontrol install VCSServer --start-at-boot
122 $ rccontrol install VCSServer --start-at-boot
123
123
124 Extracting VCSServer ...
124 Extracting VCSServer ...
125 Configuring RhodeCode VCS Server ...
125 Configuring RhodeCode VCS Server ...
126 Supervisord state is: RUNNING
126 Supervisord state is: RUNNING
127 Added process group vcsserver-1
127 Added process group vcsserver-1
128
128
129 # Install a RhodeCode Enterprise instance and follow the prompts
129 # Install a RhodeCode Enterprise instance and follow the prompts
130 $ rccontrol install Enterprise --start-at-boot
130 $ rccontrol install Enterprise --start-at-boot
131
131
132 Configuration of RhodeCode Enterprise passed.
132 Configuration of RhodeCode Enterprise passed.
133 Supervisord state is: RUNNING
133 Supervisord state is: RUNNING
134 Added process group enterprise-1
134 Added process group enterprise-1
135
135
136 |RCE| is now installed on your server, and is running on the port displayed
136 |RCE| is now installed on your server, and is running on the port displayed
137 by the ``rccontrol status`` command.
137 by the ``rccontrol status`` command.
138
138
139 .. code-block:: bash
139 .. code-block:: bash
140
140
141 brian@rhodecode:~$ rccontrol status
141 brian@rhodecode:~$ rccontrol status
142
142
143 - NAME: enterprise-1
143 - NAME: enterprise-1
144 - STATUS: RUNNING
144 - STATUS: RUNNING
145 - TYPE: Enterprise
145 - TYPE: Enterprise
146 - VERSION: 3.1.1
146 - VERSION: 3.1.1
147 - URL: http://127.0.0.1:10002
147 - URL: http://127.0.0.1:10002
148
148
149 - NAME: vcsserver-1
149 - NAME: vcsserver-1
150 - STATUS: RUNNING
150 - STATUS: RUNNING
151 - TYPE: VCSServer
151 - TYPE: VCSServer
152 - VERSION: 1.1.1
152 - VERSION: 1.1.1
153 - URL: http://127.0.0.1:10001
153 - URL: http://127.0.0.1:10001
154
154
155 Serve |RCE| using Nginx
155 Serve |RCE| using Nginx
156 -----------------------
156 -----------------------
157
157
158 Now that |RCE| is running, you need to use Nginx or Apache to serve it to
158 Now that |RCE| is running, you need to use Nginx or Apache to serve it to
159 users. For detailed instructions about setting up your webserver, see the
159 users. For detailed instructions about setting up your webserver, see the
160 :ref:`rhodecode-admin-ref` section. But the below shortcut should help serve
160 :ref:`rhodecode-admin-ref` section. But the below shortcut should help serve
161 it.
161 it.
162
162
163 1. Install Nginx on your server.
163 1. Install Nginx on your server.
164
164
165 .. code-block:: bash
165 .. code-block:: bash
166
166
167 # Install nginx
167 # Install nginx
168 $ sudo apt-get install nginx
168 $ sudo apt-get install nginx
169
169
170 2. Create a virtual hosts file for RhodeCode Enterprise. Create
170 2. Create a virtual hosts file for RhodeCode Enterprise. Create
171 the file in this location :file:`/etc/nginx/sites-available`. In this demo
171 the file in this location :file:`/etc/nginx/sites-available`. In this demo
172 I have called it ``vcs.conf``
172 I have called it ``vcs.conf``
173
173
174 .. code-block:: bash
174 .. code-block:: bash
175
175
176 # Create the file
176 # Create the file
177 $ sudo vi /etc/nginx/sites-available/vcs.conf
177 $ sudo vi /etc/nginx/sites-available/vcs.conf
178
178
179 Use the following example to create yours.
179 Use the following example to create yours.
180
180
181 .. code-block:: nginx
181 .. code-block:: nginx
182
182
183 server {
183 server {
184 listen 80;
184 listen 80;
185 # Change to your IP, or a domain name if you've set that up
185 # Change to your IP, or a domain name if you've set that up
186 server_name 203.0.113.113 ;
186 server_name 203.0.113.113 ;
187
187
188 location / {
188 location / {
189 # Set this line to match the RhodeCode Enterprise Instance URL
189 # Set this line to match the RhodeCode Enterprise Instance URL
190 proxy_pass http://127.0.0.1:10002/;
190 proxy_pass http://127.0.0.1:10002/;
191 proxy_set_header Host $Host;
191 proxy_set_header Host $Host;
192 proxy_buffering off;
192 proxy_buffering off;
193 # Setting this to a high number allows large repo pushes
193 # Setting this to a high number allows large repo pushes
194 client_max_body_size 4G;
194 client_max_body_size 4G;
195 }
195 }
196 }
196 }
197
197
198 3. Symlink the virtual hosts file to the ``sites-enabled`` folder,
198 3. Symlink the virtual hosts file to the ``sites-enabled`` folder,
199 and then restart Nginx.
199 and then restart Nginx.
200
200
201 .. code-block:: bash
201 .. code-block:: bash
202
202
203 # Symlink the virtual hosts file
203 # Symlink the virtual hosts file
204 $ ln -s /etc/nginx/sites-available/vcs.conf /etc/nginx/sites-enabled/vcs.conf
204 $ ln -s /etc/nginx/sites-available/vcs.conf /etc/nginx/sites-enabled/vcs.conf
205
205
206 # You can also delete the Nginx default symlink
206 # You can also delete the Nginx default symlink
207 $ rm /etc/nginx/sites-enabled/default
207 $ rm /etc/nginx/sites-enabled/default
208
208
209 # Restart Nginx
209 # Restart Nginx
210 $ sudo /etc/init.d/nginx restart
210 $ sudo /etc/init.d/nginx restart
211 * Restarting nginx nginx [ OK ]
211 * Restarting nginx nginx [ OK ]
212
212
213 Once restarted, you should see a clean |RCE| instance running on the IP
213 Once restarted, you should see a clean |RCE| instance running on the IP
214 address, or the domain you have set up.
214 address, or the domain you have set up.
215
215
216 .. image:: ../images/clean-rce.png
216 .. image:: ../images/clean-rce.png
217 :alt: A fresh RhodeCode Enterprise Instance
217 :alt: A fresh RhodeCode Enterprise Instance
218
218
219 .. _Digital Ocean: https://www.digitalocean.com/
219 .. _Digital Ocean: https://www.digitalocean.com/
220 .. _hetzner: https://www.hetzner.de/en/
220 .. _hetzner: https://www.hetzner.de/en/
@@ -1,93 +1,93 b''
1 .. _git-lfs-files:
1 .. _git-lfs-files:
2
2
3 |git| LFS Extension
3 |git| LFS Extension
4 ===================
4 ===================
5
5
6
6
7 Git Large File Storage (or LFS) is a new, open-source extension to Git that
7 Git Large File Storage (or LFS) is a new, open-source extension to Git that
8 aims to improve handling of large files. It does this by replacing large files
8 aims to improve handling of large files. It does this by replacing large files
9 in your repository—such as graphics and videos—with simple text pointers.
9 in your repository—such as graphics and videos—with simple text pointers.
10 |RC| Server includes an embedded LFS object store server, allowing storage of
10 RhodeCode Server includes an embedded LFS object store server, allowing storage of
11 large files without the need for an external object store.
11 large files without the need for an external object store.
12 Git LFS is disabled by default, globally, and for each individual repository.
12 Git LFS is disabled by default, globally, and for each individual repository.
13
13
14 .. note::
14 .. note::
15
15
16 |RC| implements V2 API of Git LFS. Please make sure your git client is
16 RhodeCode implements V2 API of Git LFS. Please make sure your git client is
17 using the latest version (2.0.X recommended) to leverage full feature set
17 using the latest version (2.0.X recommended) to leverage full feature set
18 of the V2 API.
18 of the V2 API.
19
19
20
20
21
21
22 Enabling Git LFS
22 Enabling Git LFS
23 ++++++++++++++++
23 ++++++++++++++++
24
24
25 Git LFS is disabled by default within |RC| Server.
25 Git LFS is disabled by default within RhodeCode Server.
26
26
27 To enable Git LFS Globally:
27 To enable Git LFS Globally:
28
28
29 - Go to :menuselection:`Admin --> Settings --> VCS`
29 - Go to :menuselection:`Admin --> Settings --> VCS`
30
30
31 - Scroll down into `Git settings`
31 - Scroll down into `Git settings`
32
32
33 - Tick `Enable lfs extension`
33 - Tick `Enable lfs extension`
34
34
35 - Save your settings.
35 - Save your settings.
36
36
37 Those settings apply globally to each repository that inherits from the defaults
37 Those settings apply globally to each repository that inherits from the defaults
38 You can leave `lfs extension` disabled globally, and only enable it per
38 You can leave `lfs extension` disabled globally, and only enable it per
39 repository that would use the lfs.
39 repository that would use the lfs.
40
40
41
41
42 .. note::
42 .. note::
43
43
44 You might want to adjust the global storage location at that point, however
44 You might want to adjust the global storage location at that point, however
45 we recommend leaving the default one created.
45 we recommend leaving the default one created.
46
46
47
47
48 Installing and using the Git LFS command line client
48 Installing and using the Git LFS command line client
49 ++++++++++++++++++++++++++++++++++++++++++++++++++++
49 ++++++++++++++++++++++++++++++++++++++++++++++++++++
50
50
51 Git LFS aims to integrate with the standard Git workflow as seamlessly
51 Git LFS aims to integrate with the standard Git workflow as seamlessly
52 as possible. To push your first Git LFS files to an existing repository
52 as possible. To push your first Git LFS files to an existing repository
53 Download and install the git-lfs command line client
53 Download and install the git-lfs command line client
54 Install the Git LFS filters::
54 Install the Git LFS filters::
55
55
56 git lfs install
56 git lfs install
57
57
58 This adds the following lines to the .gitconfig file located in your home directory::
58 This adds the following lines to the .gitconfig file located in your home directory::
59
59
60 [filter "lfs"]
60 [filter "lfs"]
61 clean = git-lfs clean %f
61 clean = git-lfs clean %f
62 smudge = git-lfs smudge %f
62 smudge = git-lfs smudge %f
63 required = true
63 required = true
64
64
65 The above change applies globally, so it is not necessary to run this for
65 The above change applies globally, so it is not necessary to run this for
66 each repository you work with. Choose the file types you would like LFS to
66 each repository you work with. Choose the file types you would like LFS to
67 handle by executing the git lfs track command. The git lfs track command
67 handle by executing the git lfs track command. The git lfs track command
68 creates or updates the .gitattributes file in your repository.
68 creates or updates the .gitattributes file in your repository.
69 Change to your cloned repository, then execute git add to ensure updates
69 Change to your cloned repository, then execute git add to ensure updates
70 to the .gitattributes are later committed::
70 to the .gitattributes are later committed::
71
71
72 git lfs track "*.jpg"
72 git lfs track "*.jpg"
73 git add .gitattributes
73 git add .gitattributes
74
74
75 Add, commit, and push your changes as you normally would::
75 Add, commit, and push your changes as you normally would::
76
76
77 git add image.jpg
77 git add image.jpg
78 git commit -m "Added an image"
78 git commit -m "Added an image"
79 git push
79 git push
80
80
81 When pushed, the Git tree updates to include a pointer to the file actual
81 When pushed, the Git tree updates to include a pointer to the file actual
82 file content. This pointer will include the SHA256 hash of the object and its
82 file content. This pointer will include the SHA256 hash of the object and its
83 size in bytes. For example::
83 size in bytes. For example::
84
84
85 oid sha256:4fa32d6f9b1461c4a53618a47324ee43e36ce7ceaea2ad440cc811a7e6881be1
85 oid sha256:4fa32d6f9b1461c4a53618a47324ee43e36ce7ceaea2ad440cc811a7e6881be1
86 size 2580390
86 size 2580390
87
87
88
88
89 The object itself will be uploaded to a separate location via the Git LFS Batch API.
89 The object itself will be uploaded to a separate location via the Git LFS Batch API.
90 The transfer is validated and authorized by |RC| server itself.
90 The transfer is validated and authorized by RhodeCode server itself.
91
91
92 If give repository has Git LFS disabled, a proper message will be sent back to
92 If give repository has Git LFS disabled, a proper message will be sent back to
93 the client and upload of LFS objects will be forbidden.
93 the client and upload of LFS objects will be forbidden.
@@ -1,69 +1,69 b''
1 .. _hg-big-files:
1 .. _hg-big-files:
2
2
3 |hg| Large Files Extension
3 |hg| Large Files Extension
4 ==========================
4 ==========================
5
5
6 Large files, such as image or zip files can cause a lot of bandwidth overhead
6 Large files, such as image or zip files can cause a lot of bandwidth overhead
7 during clone, push, and pull operations. To remove this inefficiency, |hg|
7 during clone, push, and pull operations. To remove this inefficiency, |hg|
8 has a large files extension which tracks their revisions by checksums. This
8 has a large files extension which tracks their revisions by checksums. This
9 means that the large files are only downloaded when they are needed as part
9 means that the large files are only downloaded when they are needed as part
10 of the current revision. This saves both disk space and bandwidth.
10 of the current revision. This saves both disk space and bandwidth.
11
11
12
12
13 Enabling HG Largefiles
13 Enabling HG Largefiles
14 ++++++++++++++++++++++
14 ++++++++++++++++++++++
15
15
16 Mercurial Largefiles extension is disabled by default within |RC| Server.
16 Mercurial Largefiles extension is disabled by default within RhodeCode Server.
17
17
18 To enable Mercurial Largefiles Globally:
18 To enable Mercurial Largefiles Globally:
19
19
20 - Go to :menuselection:`Admin --> Settings --> VCS`
20 - Go to :menuselection:`Admin --> Settings --> VCS`
21
21
22 - Scroll down into `Mercurial settings`
22 - Scroll down into `Mercurial settings`
23
23
24 - Tick `Enable largefiles extension`
24 - Tick `Enable largefiles extension`
25
25
26 - Save your settings.
26 - Save your settings.
27
27
28 Those settings apply globally to each repository that inherits from the defaults
28 Those settings apply globally to each repository that inherits from the defaults
29 You can leave `largefiles extension` disabled globally, and only enable it per
29 You can leave `largefiles extension` disabled globally, and only enable it per
30 repository that would use the largefiles.
30 repository that would use the largefiles.
31
31
32
32
33 .. note::
33 .. note::
34
34
35 You might want to adjust the global storage location at that point, however
35 You might want to adjust the global storage location at that point, however
36 we recommend leaving the default one created.
36 we recommend leaving the default one created.
37
37
38
38
39 Installing and using the |hg| Largefiles
39 Installing and using the |hg| Largefiles
40 ++++++++++++++++++++++++++++++++++++++++
40 ++++++++++++++++++++++++++++++++++++++++
41
41
42 To find out more, see the |hg| `Large Files Extensions Documentation`_.
42 To find out more, see the |hg| `Large Files Extensions Documentation`_.
43
43
44 To configure the large files extension, you need to set up your
44 To configure the large files extension, you need to set up your
45 :file:`~/.hgrc` file.
45 :file:`~/.hgrc` file.
46
46
47 1. Open your :file:`~/.hgrc` file.
47 1. Open your :file:`~/.hgrc` file.
48 2. Add ``largefiles =`` to the ``[extensions]`` section.
48 2. Add ``largefiles =`` to the ``[extensions]`` section.
49 3. Configure the ``[largefiles]`` section with the patterns and file size you
49 3. Configure the ``[largefiles]`` section with the patterns and file size you
50 wish |hg| to handle as large. The ``minsize`` option is specified in
50 wish |hg| to handle as large. The ``minsize`` option is specified in
51 megabytes.
51 megabytes.
52 4. Save your changes.
52 4. Save your changes.
53
53
54 .. code-block:: ini
54 .. code-block:: ini
55
55
56 [extensions]
56 [extensions]
57 hgext.churn =
57 hgext.churn =
58 largefiles =
58 largefiles =
59 rebase =
59 rebase =
60 record =
60 record =
61 histedit =
61 histedit =
62
62
63 [largefiles]
63 [largefiles]
64 patterns = re:.*\.(png|bmp|jpg|zip|tar|tar.gz|rar)$
64 patterns = re:.*\.(png|bmp|jpg|zip|tar|tar.gz|rar)$
65 minsize = 10
65 minsize = 10
66
66
67 For a complete :file:`~/.hgrc` file example, see :ref:`config-hgrc`.
67 For a complete :file:`~/.hgrc` file example, see :ref:`config-hgrc`.
68
68
69 .. _Large Files Extensions Documentation: http://mercurial.selenic.com/wiki/LargefilesExtension
69 .. _Large Files Extensions Documentation: http://mercurial.selenic.com/wiki/LargefilesExtension
@@ -1,121 +1,121 b''
1 Moving From Windows to Linux
1 Moving From Windows to Linux
2 ============================
2 ============================
3
3
4 If you are moving from a Windows server to a Linux server, especially from
4 If you are moving from a Windows server to a Linux server, especially from
5 running an older version of |RCE| pre 2.x, use the following information to
5 running an older version of |RCE| pre 2.x, use the following information to
6 successfully migrate your instances and database.
6 successfully migrate your instances and database.
7
7
8 Overview
8 Overview
9 --------
9 --------
10
10
11 * Install |RCC| on your Linux server, use the
11 * Install |RCC| on your Linux server, use the
12 :ref:`RhodeCode Control Docs <control:rcc>` to guide you through this.
12 :ref:`RhodeCode Control Docs <control:rcc>` to guide you through this.
13 * Copy your |repos| directory to the Linux server.
13 * Copy your |repos| directory to the Linux server.
14 * Copy your original :file:`rhodecode.ini` file to the Linux server, named
14 * Copy your original :file:`rhodecode.ini` file to the Linux server, named
15 :file:`production.ini` in older versions, and make a minor edit to
15 :file:`production.ini` in older versions, and make a minor edit to
16 point to the copied database.
16 point to the copied database.
17 * Copy your original instance database and update Windows paths to Linux
17 * Copy your original instance database and update Windows paths to Linux
18 paths pointing to your |repos| directory.
18 paths pointing to your |repos| directory.
19 * Use |RCC| to import and upgrade your |RCE| instance, using the copied and
19 * Use |RCC| to import and upgrade your |RCE| instance, using the copied and
20 edited file and database.
20 edited file and database.
21
21
22 Pre-requisites
22 Pre-requisites
23 --------------
23 --------------
24
24
25 * For MySQL, do not use `localhost` in the database connection string of the
25 * For MySQL, do not use `localhost` in the database connection string of the
26 :file:`rhodecode.ini` file.
26 :file:`rhodecode.ini` file.
27 * InnoDB must be the database tables engine.
27 * InnoDB must be the database tables engine.
28 * Contact |RC| for a new licence Key/Token pair. If you don't, a trial licence
28 * Contact RhodeCode for a new licence Key/Token pair. If you don't, a trial licence
29 will be applied so you are not locked out of the upgraded instance.
29 will be applied so you are not locked out of the upgraded instance.
30
30
31 You can find the specific instructions to carry out these pre-requisite steps
31 You can find the specific instructions to carry out these pre-requisite steps
32 in the :ref:`RhodeCode Control upgrade <control:rce-upgrade-2x>` docs.
32 in the :ref:`RhodeCode Control upgrade <control:rce-upgrade-2x>` docs.
33
33
34 Configuration File Update
34 Configuration File Update
35 -------------------------
35 -------------------------
36
36
37 Configure the copied :file:`rhodecode.ini` file to connect to your copied
37 Configure the copied :file:`rhodecode.ini` file to connect to your copied
38 database. Use the following steps:
38 database. Use the following steps:
39
39
40 1. Open the copied :file:`rhodecode.ini` file.
40 1. Open the copied :file:`rhodecode.ini` file.
41 2. When you open the file, find the database configuration section,
41 2. When you open the file, find the database configuration section,
42 and use the below example to change the connection details:
42 and use the below example to change the connection details:
43
43
44 .. code-block:: ini
44 .. code-block:: ini
45
45
46 #########################################################
46 #########################################################
47 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
47 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
48 #########################################################
48 #########################################################
49
49
50 # Point to copied DB
50 # Point to copied DB
51 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode.db.copy
51 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode.db.copy
52 sqlalchemy.db1.url = mysql://root:qweqwe@127.0.0.1/rhodecode.db.copy
52 sqlalchemy.db1.url = mysql://root:qweqwe@127.0.0.1/rhodecode.db.copy
53
53
54 Database Update
54 Database Update
55 ---------------
55 ---------------
56
56
57 Update the Windows paths in the ``rhodecode.rhodecode_ui`` database tables.
57 Update the Windows paths in the ``rhodecode.rhodecode_ui`` database tables.
58 To do this log into the database and reset the file paths to
58 To do this log into the database and reset the file paths to
59 Unix format. One login option is to use iShell, see usage examples in the
59 Unix format. One login option is to use iShell, see usage examples in the
60 :ref:`rhodecode-reset-ref` section.
60 :ref:`rhodecode-reset-ref` section.
61
61
62 .. code-block:: python
62 .. code-block:: python
63
63
64 In [28]: from rhodecode.model.settings import SettingsModel
64 In [28]: from rhodecode.model.settings import SettingsModel
65 In [29]: paths = SettingsModel().get_ui_by_section('paths')
65 In [29]: paths = SettingsModel().get_ui_by_section('paths')
66 In [30]: paths[0].value = '/home/user/repos'
66 In [30]: paths[0].value = '/home/user/repos'
67 In [32]: Session().add(paths[0])
67 In [32]: Session().add(paths[0])
68 In [33]: Session().commit()
68 In [33]: Session().commit()
69
69
70 Import and Upgrade
70 Import and Upgrade
71 ------------------
71 ------------------
72
72
73 Once you have made your changes, use |RCC| to import and upgrade your |RCE|
73 Once you have made your changes, use |RCC| to import and upgrade your |RCE|
74 instance to the latest version.
74 instance to the latest version.
75
75
76 .. code-block:: bash
76 .. code-block:: bash
77
77
78 # Import original instance as explained above
78 # Import original instance as explained above
79 $ rccontrol import Enterprise path/to/rhodecode.ini
79 $ rccontrol import Enterprise path/to/rhodecode.ini
80
80
81 # Install a VCS Server as explained above
81 # Install a VCS Server as explained above
82 $ rccontrol install VCSServer
82 $ rccontrol install VCSServer
83
83
84 # Check the status of them
84 # Check the status of them
85 $ rccontrol status
85 $ rccontrol status
86
86
87 - NAME: enterprise-1
87 - NAME: enterprise-1
88 - STATUS: RUNNING
88 - STATUS: RUNNING
89 - TYPE: Enterprise
89 - TYPE: Enterprise
90 - VERSION: 1.5.0
90 - VERSION: 1.5.0
91 - URL: http://127.0.0.1:10000
91 - URL: http://127.0.0.1:10000
92
92
93 - NAME: vcsserver-1
93 - NAME: vcsserver-1
94 - STATUS: RUNNING
94 - STATUS: RUNNING
95 - TYPE: VCSServer
95 - TYPE: VCSServer
96 - VERSION: 3.5.0
96 - VERSION: 3.5.0
97 - URL: http://127.0.0.1:10001
97 - URL: http://127.0.0.1:10001
98
98
99 # Upgrade from version 1.5.0 to 3.5.0
99 # Upgrade from version 1.5.0 to 3.5.0
100 $ rccontrol upgrade enterprise-1 --version 3.5.0
100 $ rccontrol upgrade enterprise-1 --version 3.5.0
101
101
102 Checking for available update for enterprise-1 @ 1.5.0
102 Checking for available update for enterprise-1 @ 1.5.0
103 Stopped enterprise-1
103 Stopped enterprise-1
104 Initiating upgrade to version 3.5.0
104 Initiating upgrade to version 3.5.0
105 ...
105 ...
106 ****************************************
106 ****************************************
107 *** UPGRADE TO VERSION 45 SUCCESSFUL ***
107 *** UPGRADE TO VERSION 45 SUCCESSFUL ***
108 ****************************************
108 ****************************************
109
109
110 Note that RCE 3.x requires a new license please contact support@rhodecode.com
110 Note that RCE 3.x requires a new license please contact support@rhodecode.com
111
111
112 Upgrade of RhodeCode Enterprise successful.
112 Upgrade of RhodeCode Enterprise successful.
113 Auto starting enterprise-1
113 Auto starting enterprise-1
114
114
115 Post Migration Tasks
115 Post Migration Tasks
116 --------------------
116 --------------------
117
117
118 * From the |RCE| :menuselection:`Admin --> Settings --> VCS` page, check that
118 * From the |RCE| :menuselection:`Admin --> Settings --> VCS` page, check that
119 the :guilabel:`Repositories Location` is correctly pointing to your |repos|.
119 the :guilabel:`Repositories Location` is correctly pointing to your |repos|.
120 * Remap and rescan |repos| so that the new instance picks them up, see
120 * Remap and rescan |repos| so that the new instance picks them up, see
121 :ref:`remap-rescan`.
121 :ref:`remap-rescan`.
@@ -1,28 +1,28 b''
1 .. _basic-vcs-cmds:
1 .. _basic-vcs-cmds:
2
2
3 Getting Started with VCS
3 Getting Started with VCS
4 ------------------------
4 ------------------------
5
5
6 When using |RCM|, you will be working with |git|, |svn| or |hg| |repos| from the
6 When using |RCE|, you will be working with |git|, |svn| or |hg| |repos| from the
7 command line or using a GUI client such as Tortoise, Tower or SourceTree.
7 command line or using a GUI client such as Tortoise, Tower or SourceTree.
8
8
9 |RCM| uses a standard |git|, |svn| and |hg| protocols. So all tools that
9 |RCE| uses a standard |git|, |svn| and |hg| protocols. So all tools that
10 can interact with there protocols are supported, including Eclipse or PyCharm
10 can interact with there protocols are supported, including Eclipse or PyCharm
11 plugins.
11 plugins.
12
12
13
13
14 If you have never used either before, the following information should
14 If you have never used either before, the following information should
15 help you set up your local machine so that you can sync changes with the
15 help you set up your local machine so that you can sync changes with the
16 |RCM| server.
16 |RCE| server.
17
17
18 All of the following instructions assume you have a |RCM| account,
18 All of the following instructions assume you have a |RCE| account,
19 and you can access your |repos| from the web interface.
19 and you can access your |repos| from the web interface.
20
20
21 .. note::
21 .. note::
22
22
23 |svn| |repo| management is currently only available from the web interface.
23 |svn| |repo| management is currently only available from the web interface.
24
24
25 .. toctree::
25 .. toctree::
26
26
27 get-start-hg
27 get-start-hg
28 get-start-git
28 get-start-git
@@ -1,17 +1,17 b''
1 File Editing
1 File Editing
2 ^^^^^^^^^^^^
2 ^^^^^^^^^^^^
3
3
4 To edit files using the online editor, use the following steps.
4 To edit files using the online editor, use the following steps.
5
5
6 1. From the |RCM| interface, select :menuselection:`Admin --> Repositories`
6 1. From the |RCE| interface, select :menuselection:`Admin --> Repositories`
7 2. Select the |repo| in which you want to edit a file.
7 2. Select the |repo| in which you want to edit a file.
8 3. Select the :guilabel:`file` view of the |repo|, and double-click on the file.
8 3. Select the :guilabel:`file` view of the |repo|, and double-click on the file.
9 4. To open the editor, select the :guilabel:`edit on branch:default` button.
9 4. To open the editor, select the :guilabel:`edit on branch:default` button.
10
10
11 * If the filename has an extension |RCM| recognises,
11 * If the filename has an extension |RCE| recognises,
12 the syntax highlighting will appear automatically.
12 the syntax highlighting will appear automatically.
13 * If the filename does not have an extension |RCM| recognises,
13 * If the filename does not have an extension |RCE| recognises,
14 you can set the language syntax highlighter by
14 you can set the language syntax highlighter by
15 choosing from the file type drop down menu.
15 choosing from the file type drop down menu.
16 5. To save your changes, select :guilabel:`Commit changes`
16 5. To save your changes, select :guilabel:`Commit changes`
17
17
@@ -1,33 +1,33 b''
1 .. _gist-edit:
1 .. _gist-edit:
2
2
3 Gist Editing
3 Gist Editing
4 ^^^^^^^^^^^^
4 ^^^^^^^^^^^^
5
5
6 Gists are standalone files that only the creator can edit. To work with
6 Gists are standalone files that only the creator can edit. To work with
7 gists, click on the :guilabel:`Gists` tab on the |RCM| header. The gist
7 gists, click on the :guilabel:`Gists` tab on the |RCE| header. The gist
8 editor also has syntax highlighting.
8 editor also has syntax highlighting.
9
9
10 You can set the following properties for each gist:
10 You can set the following properties for each gist:
11
11
12 * :guilabel:`Public`: Public gists are as the name suggests,
12 * :guilabel:`Public`: Public gists are as the name suggests,
13 and will show up in searches.
13 and will show up in searches.
14 * :guilabel:`Gist Lifetime`: You can set a gist to expire after a set
14 * :guilabel:`Gist Lifetime`: You can set a gist to expire after a set
15 period by using the :guilabel:`Gist Lifetime` dropdown menu.
15 period by using the :guilabel:`Gist Lifetime` dropdown menu.
16 This means that when the gist expires it will be deleted from the |RCM|
16 This means that when the gist expires it will be deleted from the |RCE|
17 gist database.
17 gist database.
18 * :guilabel:`Private`: This means that the gist will not show up in searches.
18 * :guilabel:`Private`: This means that the gist will not show up in searches.
19 * :guilabel:`Gist access level`: If you create a private gist you can have
19 * :guilabel:`Gist access level`: If you create a private gist you can have
20 two levels of privacy with the gist link.
20 two levels of privacy with the gist link.
21
21
22 * :guilabel:`Requires registered account`: This option requires users to
22 * :guilabel:`Requires registered account`: This option requires users to
23 have a registered account on the |RCE| instance, otherwise they will not
23 have a registered account on the |RCE| instance, otherwise they will not
24 have access to the gist.
24 have access to the gist.
25 * :guilabel:`Can be accessed by anonymous users`: This option hides the
25 * :guilabel:`Can be accessed by anonymous users`: This option hides the
26 link so that it does not show up in searches, but you can still share it
26 link so that it does not show up in searches, but you can still share it
27 with people outside of your organisation.
27 with people outside of your organisation.
28
28
29 For more advanced use of gists, see the gist API options in the :ref:`api`
29 For more advanced use of gists, see the gist API options in the :ref:`api`
30
30
31 .. image:: ../images/gists-acl.png
31 .. image:: ../images/gists-acl.png
32 :alt: Gist Management
32 :alt: Gist Management
33 :scale: 50 %
33 :scale: 50 %
@@ -1,11 +1,11 b''
1 Online Editing
1 Online Editing
2 --------------
2 --------------
3
3
4 |RCM| has an integrated online editor, allowing you to edit files in the
4 |RCE| has an integrated online editor, allowing you to edit files in the
5 browser. The online editor has syntax highlighting and the ability to fork,
5 browser. The online editor has syntax highlighting and the ability to fork,
6 merge, and commit changes to files.
6 merge, and commit changes to files.
7
7
8 .. toctree::
8 .. toctree::
9
9
10 file-editing
10 file-editing
11 gist-editing No newline at end of file
11 gist-editing
@@ -1,535 +1,535 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2010-2018 RhodeCode GmbH
3 # Copyright (C) 2010-2018 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 """
21 """
22 RhodeCode authentication plugin for LDAP
22 RhodeCode authentication plugin for LDAP
23 """
23 """
24
24
25 import logging
25 import logging
26 import traceback
26 import traceback
27
27
28 import colander
28 import colander
29 from rhodecode.translation import _
29 from rhodecode.translation import _
30 from rhodecode.authentication.base import (
30 from rhodecode.authentication.base import (
31 RhodeCodeExternalAuthPlugin, AuthLdapBase, hybrid_property)
31 RhodeCodeExternalAuthPlugin, AuthLdapBase, hybrid_property)
32 from rhodecode.authentication.schema import AuthnPluginSettingsSchemaBase
32 from rhodecode.authentication.schema import AuthnPluginSettingsSchemaBase
33 from rhodecode.authentication.routes import AuthnPluginResourceBase
33 from rhodecode.authentication.routes import AuthnPluginResourceBase
34 from rhodecode.lib.colander_utils import strip_whitespace
34 from rhodecode.lib.colander_utils import strip_whitespace
35 from rhodecode.lib.exceptions import (
35 from rhodecode.lib.exceptions import (
36 LdapConnectionError, LdapUsernameError, LdapPasswordError, LdapImportError
36 LdapConnectionError, LdapUsernameError, LdapPasswordError, LdapImportError
37 )
37 )
38 from rhodecode.lib.utils2 import safe_unicode, safe_str
38 from rhodecode.lib.utils2 import safe_unicode, safe_str
39 from rhodecode.model.db import User
39 from rhodecode.model.db import User
40 from rhodecode.model.validators import Missing
40 from rhodecode.model.validators import Missing
41
41
42 log = logging.getLogger(__name__)
42 log = logging.getLogger(__name__)
43
43
44 try:
44 try:
45 import ldap
45 import ldap
46 except ImportError:
46 except ImportError:
47 # means that python-ldap is not installed, we use Missing object to mark
47 # means that python-ldap is not installed, we use Missing object to mark
48 # ldap lib is Missing
48 # ldap lib is Missing
49 ldap = Missing
49 ldap = Missing
50
50
51
51
52 class LdapError(Exception):
52 class LdapError(Exception):
53 pass
53 pass
54
54
55
55
56 def plugin_factory(plugin_id, *args, **kwargs):
56 def plugin_factory(plugin_id, *args, **kwargs):
57 """
57 """
58 Factory function that is called during plugin discovery.
58 Factory function that is called during plugin discovery.
59 It returns the plugin instance.
59 It returns the plugin instance.
60 """
60 """
61 plugin = RhodeCodeAuthPlugin(plugin_id)
61 plugin = RhodeCodeAuthPlugin(plugin_id)
62 return plugin
62 return plugin
63
63
64
64
65 class LdapAuthnResource(AuthnPluginResourceBase):
65 class LdapAuthnResource(AuthnPluginResourceBase):
66 pass
66 pass
67
67
68
68
69 class AuthLdap(AuthLdapBase):
69 class AuthLdap(AuthLdapBase):
70 default_tls_cert_dir = '/etc/openldap/cacerts'
70 default_tls_cert_dir = '/etc/openldap/cacerts'
71
71
72 def __init__(self, server, base_dn, port=389, bind_dn='', bind_pass='',
72 def __init__(self, server, base_dn, port=389, bind_dn='', bind_pass='',
73 tls_kind='PLAIN', tls_reqcert='DEMAND', tls_cert_file=None,
73 tls_kind='PLAIN', tls_reqcert='DEMAND', tls_cert_file=None,
74 tls_cert_dir=None, ldap_version=3,
74 tls_cert_dir=None, ldap_version=3,
75 search_scope='SUBTREE', attr_login='uid',
75 search_scope='SUBTREE', attr_login='uid',
76 ldap_filter='', timeout=None):
76 ldap_filter='', timeout=None):
77 if ldap == Missing:
77 if ldap == Missing:
78 raise LdapImportError("Missing or incompatible ldap library")
78 raise LdapImportError("Missing or incompatible ldap library")
79
79
80 self.debug = False
80 self.debug = False
81 self.timeout = timeout or 60 * 5
81 self.timeout = timeout or 60 * 5
82 self.ldap_version = ldap_version
82 self.ldap_version = ldap_version
83 self.ldap_server_type = 'ldap'
83 self.ldap_server_type = 'ldap'
84
84
85 self.TLS_KIND = tls_kind
85 self.TLS_KIND = tls_kind
86
86
87 if self.TLS_KIND == 'LDAPS':
87 if self.TLS_KIND == 'LDAPS':
88 port = port or 689
88 port = port or 689
89 self.ldap_server_type += 's'
89 self.ldap_server_type += 's'
90
90
91 OPT_X_TLS_DEMAND = 2
91 OPT_X_TLS_DEMAND = 2
92 self.TLS_REQCERT = getattr(ldap, 'OPT_X_TLS_%s' % tls_reqcert, OPT_X_TLS_DEMAND)
92 self.TLS_REQCERT = getattr(ldap, 'OPT_X_TLS_%s' % tls_reqcert, OPT_X_TLS_DEMAND)
93 self.TLS_CERT_FILE = tls_cert_file or ''
93 self.TLS_CERT_FILE = tls_cert_file or ''
94 self.TLS_CERT_DIR = tls_cert_dir or self.default_tls_cert_dir
94 self.TLS_CERT_DIR = tls_cert_dir or self.default_tls_cert_dir
95
95
96 # split server into list
96 # split server into list
97 self.SERVER_ADDRESSES = self._get_server_list(server)
97 self.SERVER_ADDRESSES = self._get_server_list(server)
98 self.LDAP_SERVER_PORT = port
98 self.LDAP_SERVER_PORT = port
99
99
100 # USE FOR READ ONLY BIND TO LDAP SERVER
100 # USE FOR READ ONLY BIND TO LDAP SERVER
101 self.attr_login = attr_login
101 self.attr_login = attr_login
102
102
103 self.LDAP_BIND_DN = safe_str(bind_dn)
103 self.LDAP_BIND_DN = safe_str(bind_dn)
104 self.LDAP_BIND_PASS = safe_str(bind_pass)
104 self.LDAP_BIND_PASS = safe_str(bind_pass)
105
105
106 self.SEARCH_SCOPE = getattr(ldap, 'SCOPE_%s' % search_scope)
106 self.SEARCH_SCOPE = getattr(ldap, 'SCOPE_%s' % search_scope)
107 self.BASE_DN = safe_str(base_dn)
107 self.BASE_DN = safe_str(base_dn)
108 self.LDAP_FILTER = safe_str(ldap_filter)
108 self.LDAP_FILTER = safe_str(ldap_filter)
109
109
110 def _get_ldap_conn(self):
110 def _get_ldap_conn(self):
111
111
112 if self.debug:
112 if self.debug:
113 ldap.set_option(ldap.OPT_DEBUG_LEVEL, 255)
113 ldap.set_option(ldap.OPT_DEBUG_LEVEL, 255)
114
114
115 if self.TLS_CERT_FILE and hasattr(ldap, 'OPT_X_TLS_CACERTFILE'):
115 if self.TLS_CERT_FILE and hasattr(ldap, 'OPT_X_TLS_CACERTFILE'):
116 ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.TLS_CERT_FILE)
116 ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, self.TLS_CERT_FILE)
117
117
118 elif hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
118 elif hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
119 ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, self.TLS_CERT_DIR)
119 ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, self.TLS_CERT_DIR)
120
120
121 if self.TLS_KIND != 'PLAIN':
121 if self.TLS_KIND != 'PLAIN':
122 ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, self.TLS_REQCERT)
122 ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, self.TLS_REQCERT)
123
123
124 ldap.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
124 ldap.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
125 ldap.set_option(ldap.OPT_RESTART, ldap.OPT_ON)
125 ldap.set_option(ldap.OPT_RESTART, ldap.OPT_ON)
126
126
127 # init connection now
127 # init connection now
128 ldap_servers = self._build_servers(
128 ldap_servers = self._build_servers(
129 self.ldap_server_type, self.SERVER_ADDRESSES, self.LDAP_SERVER_PORT)
129 self.ldap_server_type, self.SERVER_ADDRESSES, self.LDAP_SERVER_PORT)
130 log.debug('initializing LDAP connection to:%s', ldap_servers)
130 log.debug('initializing LDAP connection to:%s', ldap_servers)
131 ldap_conn = ldap.initialize(ldap_servers)
131 ldap_conn = ldap.initialize(ldap_servers)
132 ldap_conn.set_option(ldap.OPT_NETWORK_TIMEOUT, self.timeout)
132 ldap_conn.set_option(ldap.OPT_NETWORK_TIMEOUT, self.timeout)
133 ldap_conn.set_option(ldap.OPT_TIMEOUT, self.timeout)
133 ldap_conn.set_option(ldap.OPT_TIMEOUT, self.timeout)
134 ldap_conn.timeout = self.timeout
134 ldap_conn.timeout = self.timeout
135
135
136 if self.ldap_version == 2:
136 if self.ldap_version == 2:
137 ldap_conn.protocol = ldap.VERSION2
137 ldap_conn.protocol = ldap.VERSION2
138 else:
138 else:
139 ldap_conn.protocol = ldap.VERSION3
139 ldap_conn.protocol = ldap.VERSION3
140
140
141 if self.TLS_KIND == 'START_TLS':
141 if self.TLS_KIND == 'START_TLS':
142 ldap_conn.start_tls_s()
142 ldap_conn.start_tls_s()
143
143
144 if self.LDAP_BIND_DN and self.LDAP_BIND_PASS:
144 if self.LDAP_BIND_DN and self.LDAP_BIND_PASS:
145 log.debug('Trying simple_bind with password and given login DN: %r',
145 log.debug('Trying simple_bind with password and given login DN: %r',
146 self.LDAP_BIND_DN)
146 self.LDAP_BIND_DN)
147 ldap_conn.simple_bind_s(self.LDAP_BIND_DN, self.LDAP_BIND_PASS)
147 ldap_conn.simple_bind_s(self.LDAP_BIND_DN, self.LDAP_BIND_PASS)
148
148
149 return ldap_conn
149 return ldap_conn
150
150
151 def fetch_attrs_from_simple_bind(self, server, dn, username, password):
151 def fetch_attrs_from_simple_bind(self, server, dn, username, password):
152 try:
152 try:
153 log.debug('Trying simple bind with %r', dn)
153 log.debug('Trying simple bind with %r', dn)
154 server.simple_bind_s(dn, safe_str(password))
154 server.simple_bind_s(dn, safe_str(password))
155 user = server.search_ext_s(
155 user = server.search_ext_s(
156 dn, ldap.SCOPE_BASE, '(objectClass=*)', )[0]
156 dn, ldap.SCOPE_BASE, '(objectClass=*)', )[0]
157 _, attrs = user
157 _, attrs = user
158 return attrs
158 return attrs
159
159
160 except ldap.INVALID_CREDENTIALS:
160 except ldap.INVALID_CREDENTIALS:
161 log.debug(
161 log.debug(
162 "LDAP rejected password for user '%s': %s, org_exc:",
162 "LDAP rejected password for user '%s': %s, org_exc:",
163 username, dn, exc_info=True)
163 username, dn, exc_info=True)
164
164
165 def authenticate_ldap(self, username, password):
165 def authenticate_ldap(self, username, password):
166 """
166 """
167 Authenticate a user via LDAP and return his/her LDAP properties.
167 Authenticate a user via LDAP and return his/her LDAP properties.
168
168
169 Raises AuthenticationError if the credentials are rejected, or
169 Raises AuthenticationError if the credentials are rejected, or
170 EnvironmentError if the LDAP server can't be reached.
170 EnvironmentError if the LDAP server can't be reached.
171
171
172 :param username: username
172 :param username: username
173 :param password: password
173 :param password: password
174 """
174 """
175
175
176 uid = self.get_uid(username, self.SERVER_ADDRESSES)
176 uid = self.get_uid(username, self.SERVER_ADDRESSES)
177 user_attrs = {}
177 user_attrs = {}
178 dn = ''
178 dn = ''
179
179
180 self.validate_password(username, password)
180 self.validate_password(username, password)
181 self.validate_username(username)
181 self.validate_username(username)
182
182
183 ldap_conn = None
183 ldap_conn = None
184 try:
184 try:
185 ldap_conn = self._get_ldap_conn()
185 ldap_conn = self._get_ldap_conn()
186 filter_ = '(&%s(%s=%s))' % (
186 filter_ = '(&%s(%s=%s))' % (
187 self.LDAP_FILTER, self.attr_login, username)
187 self.LDAP_FILTER, self.attr_login, username)
188 log.debug("Authenticating %r filter %s", self.BASE_DN, filter_)
188 log.debug("Authenticating %r filter %s", self.BASE_DN, filter_)
189
189
190 lobjects = ldap_conn.search_ext_s(
190 lobjects = ldap_conn.search_ext_s(
191 self.BASE_DN, self.SEARCH_SCOPE, filter_)
191 self.BASE_DN, self.SEARCH_SCOPE, filter_)
192
192
193 if not lobjects:
193 if not lobjects:
194 log.debug("No matching LDAP objects for authentication "
194 log.debug("No matching LDAP objects for authentication "
195 "of UID:'%s' username:(%s)", uid, username)
195 "of UID:'%s' username:(%s)", uid, username)
196 raise ldap.NO_SUCH_OBJECT()
196 raise ldap.NO_SUCH_OBJECT()
197
197
198 log.debug('Found matching ldap object, trying to authenticate')
198 log.debug('Found matching ldap object, trying to authenticate')
199 for (dn, _attrs) in lobjects:
199 for (dn, _attrs) in lobjects:
200 if dn is None:
200 if dn is None:
201 continue
201 continue
202
202
203 user_attrs = self.fetch_attrs_from_simple_bind(
203 user_attrs = self.fetch_attrs_from_simple_bind(
204 ldap_conn, dn, username, password)
204 ldap_conn, dn, username, password)
205 if user_attrs:
205 if user_attrs:
206 break
206 break
207 else:
207 else:
208 raise LdapPasswordError(
208 raise LdapPasswordError(
209 'Failed to authenticate user `{}`'
209 'Failed to authenticate user `{}`'
210 'with given password'.format(username))
210 'with given password'.format(username))
211
211
212 except ldap.NO_SUCH_OBJECT:
212 except ldap.NO_SUCH_OBJECT:
213 log.debug("LDAP says no such user '%s' (%s), org_exc:",
213 log.debug("LDAP says no such user '%s' (%s), org_exc:",
214 uid, username, exc_info=True)
214 uid, username, exc_info=True)
215 raise LdapUsernameError('Unable to find user')
215 raise LdapUsernameError('Unable to find user')
216 except ldap.SERVER_DOWN:
216 except ldap.SERVER_DOWN:
217 org_exc = traceback.format_exc()
217 org_exc = traceback.format_exc()
218 raise LdapConnectionError(
218 raise LdapConnectionError(
219 "LDAP can't access authentication "
219 "LDAP can't access authentication "
220 "server, org_exc:%s" % org_exc)
220 "server, org_exc:%s" % org_exc)
221 finally:
221 finally:
222 if ldap_conn:
222 if ldap_conn:
223 log.debug('ldap: connection release')
223 log.debug('ldap: connection release')
224 try:
224 try:
225 ldap_conn.unbind_s()
225 ldap_conn.unbind_s()
226 except Exception:
226 except Exception:
227 # for any reason this can raise exception we must catch it
227 # for any reason this can raise exception we must catch it
228 # to not crush the server
228 # to not crush the server
229 pass
229 pass
230
230
231 return dn, user_attrs
231 return dn, user_attrs
232
232
233
233
234 class LdapSettingsSchema(AuthnPluginSettingsSchemaBase):
234 class LdapSettingsSchema(AuthnPluginSettingsSchemaBase):
235 tls_kind_choices = ['PLAIN', 'LDAPS', 'START_TLS']
235 tls_kind_choices = ['PLAIN', 'LDAPS', 'START_TLS']
236 tls_reqcert_choices = ['NEVER', 'ALLOW', 'TRY', 'DEMAND', 'HARD']
236 tls_reqcert_choices = ['NEVER', 'ALLOW', 'TRY', 'DEMAND', 'HARD']
237 search_scope_choices = ['BASE', 'ONELEVEL', 'SUBTREE']
237 search_scope_choices = ['BASE', 'ONELEVEL', 'SUBTREE']
238
238
239 host = colander.SchemaNode(
239 host = colander.SchemaNode(
240 colander.String(),
240 colander.String(),
241 default='',
241 default='',
242 description=_('Host[s] of the LDAP Server \n'
242 description=_('Host[s] of the LDAP Server \n'
243 '(e.g., 192.168.2.154, or ldap-server.domain.com.\n '
243 '(e.g., 192.168.2.154, or ldap-server.domain.com.\n '
244 'Multiple servers can be specified using commas'),
244 'Multiple servers can be specified using commas'),
245 preparer=strip_whitespace,
245 preparer=strip_whitespace,
246 title=_('LDAP Host'),
246 title=_('LDAP Host'),
247 widget='string')
247 widget='string')
248 port = colander.SchemaNode(
248 port = colander.SchemaNode(
249 colander.Int(),
249 colander.Int(),
250 default=389,
250 default=389,
251 description=_('Custom port that the LDAP server is listening on. '
251 description=_('Custom port that the LDAP server is listening on. '
252 'Default value is: 389'),
252 'Default value is: 389, use 689 for LDAPS(SSL)'),
253 preparer=strip_whitespace,
253 preparer=strip_whitespace,
254 title=_('Port'),
254 title=_('Port'),
255 validator=colander.Range(min=0, max=65536),
255 validator=colander.Range(min=0, max=65536),
256 widget='int')
256 widget='int')
257
257
258 timeout = colander.SchemaNode(
258 timeout = colander.SchemaNode(
259 colander.Int(),
259 colander.Int(),
260 default=60 * 5,
260 default=60 * 5,
261 description=_('Timeout for LDAP connection'),
261 description=_('Timeout for LDAP connection'),
262 preparer=strip_whitespace,
262 preparer=strip_whitespace,
263 title=_('Connection timeout'),
263 title=_('Connection timeout'),
264 validator=colander.Range(min=1),
264 validator=colander.Range(min=1),
265 widget='int')
265 widget='int')
266
266
267 dn_user = colander.SchemaNode(
267 dn_user = colander.SchemaNode(
268 colander.String(),
268 colander.String(),
269 default='',
269 default='',
270 description=_('Optional user DN/account to connect to LDAP if authentication is required. \n'
270 description=_('Optional user DN/account to connect to LDAP if authentication is required. \n'
271 'e.g., cn=admin,dc=mydomain,dc=com, or '
271 'e.g., cn=admin,dc=mydomain,dc=com, or '
272 'uid=root,cn=users,dc=mydomain,dc=com, or admin@mydomain.com'),
272 'uid=root,cn=users,dc=mydomain,dc=com, or admin@mydomain.com'),
273 missing='',
273 missing='',
274 preparer=strip_whitespace,
274 preparer=strip_whitespace,
275 title=_('Account'),
275 title=_('Account'),
276 widget='string')
276 widget='string')
277 dn_pass = colander.SchemaNode(
277 dn_pass = colander.SchemaNode(
278 colander.String(),
278 colander.String(),
279 default='',
279 default='',
280 description=_('Password to authenticate for given user DN.'),
280 description=_('Password to authenticate for given user DN.'),
281 missing='',
281 missing='',
282 preparer=strip_whitespace,
282 preparer=strip_whitespace,
283 title=_('Password'),
283 title=_('Password'),
284 widget='password')
284 widget='password')
285 tls_kind = colander.SchemaNode(
285 tls_kind = colander.SchemaNode(
286 colander.String(),
286 colander.String(),
287 default=tls_kind_choices[0],
287 default=tls_kind_choices[0],
288 description=_('TLS Type'),
288 description=_('TLS Type'),
289 title=_('Connection Security'),
289 title=_('Connection Security'),
290 validator=colander.OneOf(tls_kind_choices),
290 validator=colander.OneOf(tls_kind_choices),
291 widget='select')
291 widget='select')
292 tls_reqcert = colander.SchemaNode(
292 tls_reqcert = colander.SchemaNode(
293 colander.String(),
293 colander.String(),
294 default=tls_reqcert_choices[0],
294 default=tls_reqcert_choices[0],
295 description=_('Require Cert over TLS?. Self-signed and custom '
295 description=_('Require Cert over TLS?. Self-signed and custom '
296 'certificates can be used when\n `RhodeCode Certificate` '
296 'certificates can be used when\n `RhodeCode Certificate` '
297 'found in admin > settings > system info page is extended.'),
297 'found in admin > settings > system info page is extended.'),
298 title=_('Certificate Checks'),
298 title=_('Certificate Checks'),
299 validator=colander.OneOf(tls_reqcert_choices),
299 validator=colander.OneOf(tls_reqcert_choices),
300 widget='select')
300 widget='select')
301 tls_cert_file = colander.SchemaNode(
301 tls_cert_file = colander.SchemaNode(
302 colander.String(),
302 colander.String(),
303 default='',
303 default='',
304 description=_('This specifies the PEM-format file path containing '
304 description=_('This specifies the PEM-format file path containing '
305 'certificates for use in TLS connection.\n'
305 'certificates for use in TLS connection.\n'
306 'If not specified `TLS Cert dir` will be used'),
306 'If not specified `TLS Cert dir` will be used'),
307 title=_('TLS Cert file'),
307 title=_('TLS Cert file'),
308 missing='',
308 missing='',
309 widget='string')
309 widget='string')
310 tls_cert_dir = colander.SchemaNode(
310 tls_cert_dir = colander.SchemaNode(
311 colander.String(),
311 colander.String(),
312 default=AuthLdap.default_tls_cert_dir,
312 default=AuthLdap.default_tls_cert_dir,
313 description=_('This specifies the path of a directory that contains individual '
313 description=_('This specifies the path of a directory that contains individual '
314 'CA certificates in separate files.'),
314 'CA certificates in separate files.'),
315 title=_('TLS Cert dir'),
315 title=_('TLS Cert dir'),
316 widget='string')
316 widget='string')
317 base_dn = colander.SchemaNode(
317 base_dn = colander.SchemaNode(
318 colander.String(),
318 colander.String(),
319 default='',
319 default='',
320 description=_('Base DN to search. Dynamic bind is supported. Add `$login` marker '
320 description=_('Base DN to search. Dynamic bind is supported. Add `$login` marker '
321 'in it to be replaced with current user credentials \n'
321 'in it to be replaced with current user credentials \n'
322 '(e.g., dc=mydomain,dc=com, or ou=Users,dc=mydomain,dc=com)'),
322 '(e.g., dc=mydomain,dc=com, or ou=Users,dc=mydomain,dc=com)'),
323 missing='',
323 missing='',
324 preparer=strip_whitespace,
324 preparer=strip_whitespace,
325 title=_('Base DN'),
325 title=_('Base DN'),
326 widget='string')
326 widget='string')
327 filter = colander.SchemaNode(
327 filter = colander.SchemaNode(
328 colander.String(),
328 colander.String(),
329 default='',
329 default='',
330 description=_('Filter to narrow results \n'
330 description=_('Filter to narrow results \n'
331 '(e.g., (&(objectCategory=Person)(objectClass=user)), or \n'
331 '(e.g., (&(objectCategory=Person)(objectClass=user)), or \n'
332 '(memberof=cn=rc-login,ou=groups,ou=company,dc=mydomain,dc=com)))'),
332 '(memberof=cn=rc-login,ou=groups,ou=company,dc=mydomain,dc=com)))'),
333 missing='',
333 missing='',
334 preparer=strip_whitespace,
334 preparer=strip_whitespace,
335 title=_('LDAP Search Filter'),
335 title=_('LDAP Search Filter'),
336 widget='string')
336 widget='string')
337
337
338 search_scope = colander.SchemaNode(
338 search_scope = colander.SchemaNode(
339 colander.String(),
339 colander.String(),
340 default=search_scope_choices[2],
340 default=search_scope_choices[2],
341 description=_('How deep to search LDAP. If unsure set to SUBTREE'),
341 description=_('How deep to search LDAP. If unsure set to SUBTREE'),
342 title=_('LDAP Search Scope'),
342 title=_('LDAP Search Scope'),
343 validator=colander.OneOf(search_scope_choices),
343 validator=colander.OneOf(search_scope_choices),
344 widget='select')
344 widget='select')
345 attr_login = colander.SchemaNode(
345 attr_login = colander.SchemaNode(
346 colander.String(),
346 colander.String(),
347 default='uid',
347 default='uid',
348 description=_('LDAP Attribute to map to user name (e.g., uid, or sAMAccountName)'),
348 description=_('LDAP Attribute to map to user name (e.g., uid, or sAMAccountName)'),
349 preparer=strip_whitespace,
349 preparer=strip_whitespace,
350 title=_('Login Attribute'),
350 title=_('Login Attribute'),
351 missing_msg=_('The LDAP Login attribute of the CN must be specified'),
351 missing_msg=_('The LDAP Login attribute of the CN must be specified'),
352 widget='string')
352 widget='string')
353 attr_email = colander.SchemaNode(
353 attr_email = colander.SchemaNode(
354 colander.String(),
354 colander.String(),
355 default='',
355 default='',
356 description=_('LDAP Attribute to map to email address (e.g., mail).\n'
356 description=_('LDAP Attribute to map to email address (e.g., mail).\n'
357 'Emails are a crucial part of RhodeCode. \n'
357 'Emails are a crucial part of RhodeCode. \n'
358 'If possible add a valid email attribute to ldap users.'),
358 'If possible add a valid email attribute to ldap users.'),
359 missing='',
359 missing='',
360 preparer=strip_whitespace,
360 preparer=strip_whitespace,
361 title=_('Email Attribute'),
361 title=_('Email Attribute'),
362 widget='string')
362 widget='string')
363 attr_firstname = colander.SchemaNode(
363 attr_firstname = colander.SchemaNode(
364 colander.String(),
364 colander.String(),
365 default='',
365 default='',
366 description=_('LDAP Attribute to map to first name (e.g., givenName)'),
366 description=_('LDAP Attribute to map to first name (e.g., givenName)'),
367 missing='',
367 missing='',
368 preparer=strip_whitespace,
368 preparer=strip_whitespace,
369 title=_('First Name Attribute'),
369 title=_('First Name Attribute'),
370 widget='string')
370 widget='string')
371 attr_lastname = colander.SchemaNode(
371 attr_lastname = colander.SchemaNode(
372 colander.String(),
372 colander.String(),
373 default='',
373 default='',
374 description=_('LDAP Attribute to map to last name (e.g., sn)'),
374 description=_('LDAP Attribute to map to last name (e.g., sn)'),
375 missing='',
375 missing='',
376 preparer=strip_whitespace,
376 preparer=strip_whitespace,
377 title=_('Last Name Attribute'),
377 title=_('Last Name Attribute'),
378 widget='string')
378 widget='string')
379
379
380
380
381 class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin):
381 class RhodeCodeAuthPlugin(RhodeCodeExternalAuthPlugin):
382 uid = 'ldap'
382 uid = 'ldap'
383 # used to define dynamic binding in the
383 # used to define dynamic binding in the
384 DYNAMIC_BIND_VAR = '$login'
384 DYNAMIC_BIND_VAR = '$login'
385 _settings_unsafe_keys = ['dn_pass']
385 _settings_unsafe_keys = ['dn_pass']
386
386
387 def includeme(self, config):
387 def includeme(self, config):
388 config.add_authn_plugin(self)
388 config.add_authn_plugin(self)
389 config.add_authn_resource(self.get_id(), LdapAuthnResource(self))
389 config.add_authn_resource(self.get_id(), LdapAuthnResource(self))
390 config.add_view(
390 config.add_view(
391 'rhodecode.authentication.views.AuthnPluginViewBase',
391 'rhodecode.authentication.views.AuthnPluginViewBase',
392 attr='settings_get',
392 attr='settings_get',
393 renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
393 renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
394 request_method='GET',
394 request_method='GET',
395 route_name='auth_home',
395 route_name='auth_home',
396 context=LdapAuthnResource)
396 context=LdapAuthnResource)
397 config.add_view(
397 config.add_view(
398 'rhodecode.authentication.views.AuthnPluginViewBase',
398 'rhodecode.authentication.views.AuthnPluginViewBase',
399 attr='settings_post',
399 attr='settings_post',
400 renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
400 renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
401 request_method='POST',
401 request_method='POST',
402 route_name='auth_home',
402 route_name='auth_home',
403 context=LdapAuthnResource)
403 context=LdapAuthnResource)
404
404
405 def get_settings_schema(self):
405 def get_settings_schema(self):
406 return LdapSettingsSchema()
406 return LdapSettingsSchema()
407
407
408 def get_display_name(self):
408 def get_display_name(self):
409 return _('LDAP')
409 return _('LDAP')
410
410
411 @classmethod
411 @classmethod
412 def docs(cls):
412 def docs(cls):
413 return "https://docs.rhodecode.com/RhodeCode-Enterprise/auth/auth-ldap.html"
413 return "https://docs.rhodecode.com/RhodeCode-Enterprise/auth/auth-ldap.html"
414
414
415 @hybrid_property
415 @hybrid_property
416 def name(self):
416 def name(self):
417 return u"ldap"
417 return u"ldap"
418
418
419 def use_fake_password(self):
419 def use_fake_password(self):
420 return True
420 return True
421
421
422 def user_activation_state(self):
422 def user_activation_state(self):
423 def_user_perms = User.get_default_user().AuthUser().permissions['global']
423 def_user_perms = User.get_default_user().AuthUser().permissions['global']
424 return 'hg.extern_activate.auto' in def_user_perms
424 return 'hg.extern_activate.auto' in def_user_perms
425
425
426 def try_dynamic_binding(self, username, password, current_args):
426 def try_dynamic_binding(self, username, password, current_args):
427 """
427 """
428 Detects marker inside our original bind, and uses dynamic auth if
428 Detects marker inside our original bind, and uses dynamic auth if
429 present
429 present
430 """
430 """
431
431
432 org_bind = current_args['bind_dn']
432 org_bind = current_args['bind_dn']
433 passwd = current_args['bind_pass']
433 passwd = current_args['bind_pass']
434
434
435 def has_bind_marker(username):
435 def has_bind_marker(username):
436 if self.DYNAMIC_BIND_VAR in username:
436 if self.DYNAMIC_BIND_VAR in username:
437 return True
437 return True
438
438
439 # we only passed in user with "special" variable
439 # we only passed in user with "special" variable
440 if org_bind and has_bind_marker(org_bind) and not passwd:
440 if org_bind and has_bind_marker(org_bind) and not passwd:
441 log.debug('Using dynamic user/password binding for ldap '
441 log.debug('Using dynamic user/password binding for ldap '
442 'authentication. Replacing `%s` with username',
442 'authentication. Replacing `%s` with username',
443 self.DYNAMIC_BIND_VAR)
443 self.DYNAMIC_BIND_VAR)
444 current_args['bind_dn'] = org_bind.replace(
444 current_args['bind_dn'] = org_bind.replace(
445 self.DYNAMIC_BIND_VAR, username)
445 self.DYNAMIC_BIND_VAR, username)
446 current_args['bind_pass'] = password
446 current_args['bind_pass'] = password
447
447
448 return current_args
448 return current_args
449
449
450 def auth(self, userobj, username, password, settings, **kwargs):
450 def auth(self, userobj, username, password, settings, **kwargs):
451 """
451 """
452 Given a user object (which may be null), username, a plaintext password,
452 Given a user object (which may be null), username, a plaintext password,
453 and a settings object (containing all the keys needed as listed in
453 and a settings object (containing all the keys needed as listed in
454 settings()), authenticate this user's login attempt.
454 settings()), authenticate this user's login attempt.
455
455
456 Return None on failure. On success, return a dictionary of the form:
456 Return None on failure. On success, return a dictionary of the form:
457
457
458 see: RhodeCodeAuthPluginBase.auth_func_attrs
458 see: RhodeCodeAuthPluginBase.auth_func_attrs
459 This is later validated for correctness
459 This is later validated for correctness
460 """
460 """
461
461
462 if not username or not password:
462 if not username or not password:
463 log.debug('Empty username or password skipping...')
463 log.debug('Empty username or password skipping...')
464 return None
464 return None
465
465
466 ldap_args = {
466 ldap_args = {
467 'server': settings.get('host', ''),
467 'server': settings.get('host', ''),
468 'base_dn': settings.get('base_dn', ''),
468 'base_dn': settings.get('base_dn', ''),
469 'port': settings.get('port'),
469 'port': settings.get('port'),
470 'bind_dn': settings.get('dn_user'),
470 'bind_dn': settings.get('dn_user'),
471 'bind_pass': settings.get('dn_pass'),
471 'bind_pass': settings.get('dn_pass'),
472 'tls_kind': settings.get('tls_kind'),
472 'tls_kind': settings.get('tls_kind'),
473 'tls_reqcert': settings.get('tls_reqcert'),
473 'tls_reqcert': settings.get('tls_reqcert'),
474 'tls_cert_file': settings.get('tls_cert_file'),
474 'tls_cert_file': settings.get('tls_cert_file'),
475 'tls_cert_dir': settings.get('tls_cert_dir'),
475 'tls_cert_dir': settings.get('tls_cert_dir'),
476 'search_scope': settings.get('search_scope'),
476 'search_scope': settings.get('search_scope'),
477 'attr_login': settings.get('attr_login'),
477 'attr_login': settings.get('attr_login'),
478 'ldap_version': 3,
478 'ldap_version': 3,
479 'ldap_filter': settings.get('filter'),
479 'ldap_filter': settings.get('filter'),
480 'timeout': settings.get('timeout')
480 'timeout': settings.get('timeout')
481 }
481 }
482
482
483 ldap_attrs = self.try_dynamic_binding(username, password, ldap_args)
483 ldap_attrs = self.try_dynamic_binding(username, password, ldap_args)
484
484
485 log.debug('Checking for ldap authentication.')
485 log.debug('Checking for ldap authentication.')
486
486
487 try:
487 try:
488 aldap = AuthLdap(**ldap_args)
488 aldap = AuthLdap(**ldap_args)
489 (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password)
489 (user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password)
490 log.debug('Got ldap DN response %s', user_dn)
490 log.debug('Got ldap DN response %s', user_dn)
491
491
492 def get_ldap_attr(k):
492 def get_ldap_attr(k):
493 return ldap_attrs.get(settings.get(k), [''])[0]
493 return ldap_attrs.get(settings.get(k), [''])[0]
494
494
495 # old attrs fetched from RhodeCode database
495 # old attrs fetched from RhodeCode database
496 admin = getattr(userobj, 'admin', False)
496 admin = getattr(userobj, 'admin', False)
497 active = getattr(userobj, 'active', True)
497 active = getattr(userobj, 'active', True)
498 email = getattr(userobj, 'email', '')
498 email = getattr(userobj, 'email', '')
499 username = getattr(userobj, 'username', username)
499 username = getattr(userobj, 'username', username)
500 firstname = getattr(userobj, 'firstname', '')
500 firstname = getattr(userobj, 'firstname', '')
501 lastname = getattr(userobj, 'lastname', '')
501 lastname = getattr(userobj, 'lastname', '')
502 extern_type = getattr(userobj, 'extern_type', '')
502 extern_type = getattr(userobj, 'extern_type', '')
503
503
504 groups = []
504 groups = []
505
505
506 user_attrs = {
506 user_attrs = {
507 'username': username,
507 'username': username,
508 'firstname': safe_unicode(get_ldap_attr('attr_firstname') or firstname),
508 'firstname': safe_unicode(get_ldap_attr('attr_firstname') or firstname),
509 'lastname': safe_unicode(get_ldap_attr('attr_lastname') or lastname),
509 'lastname': safe_unicode(get_ldap_attr('attr_lastname') or lastname),
510 'groups': groups,
510 'groups': groups,
511 'user_group_sync': False,
511 'user_group_sync': False,
512 'email': get_ldap_attr('attr_email') or email,
512 'email': get_ldap_attr('attr_email') or email,
513 'admin': admin,
513 'admin': admin,
514 'active': active,
514 'active': active,
515 'active_from_extern': None,
515 'active_from_extern': None,
516 'extern_name': user_dn,
516 'extern_name': user_dn,
517 'extern_type': extern_type,
517 'extern_type': extern_type,
518 }
518 }
519
519
520 log.debug('ldap user: %s', user_attrs)
520 log.debug('ldap user: %s', user_attrs)
521 log.info('user `%s` authenticated correctly', user_attrs['username'])
521 log.info('user `%s` authenticated correctly', user_attrs['username'])
522
522
523 return user_attrs
523 return user_attrs
524
524
525 except (LdapUsernameError, LdapPasswordError, LdapImportError):
525 except (LdapUsernameError, LdapPasswordError, LdapImportError):
526 log.exception("LDAP related exception")
526 log.exception("LDAP related exception")
527 return None
527 return None
528 except (Exception,):
528 except (Exception,):
529 log.exception("Other exception")
529 log.exception("Other exception")
530 return None
530 return None
531
531
532
532
533 def includeme(config):
533 def includeme(config):
534 plugin_id = 'egg:rhodecode-enterprise-ce#{}'.format(RhodeCodeAuthPlugin.uid)
534 plugin_id = 'egg:rhodecode-enterprise-ce#{}'.format(RhodeCodeAuthPlugin.uid)
535 plugin_factory(plugin_id).includeme(config)
535 plugin_factory(plugin_id).includeme(config)
@@ -1,545 +1,545 b''
1 //
1 //
2 // Typography
2 // Typography
3 // modified from Bootstrap
3 // modified from Bootstrap
4 // --------------------------------------------------
4 // --------------------------------------------------
5
5
6 // Base
6 // Base
7 body {
7 body {
8 font-size: @basefontsize;
8 font-size: @basefontsize;
9 font-family: @text-light;
9 font-family: @text-light;
10 letter-spacing: .02em;
10 letter-spacing: .02em;
11 color: @grey2;
11 color: @grey2;
12 }
12 }
13
13
14 #content, label{
14 #content, label{
15 font-size: @basefontsize;
15 font-size: @basefontsize;
16 }
16 }
17
17
18 label {
18 label {
19 color: @grey2;
19 color: @grey2;
20 }
20 }
21
21
22 ::selection { background: @rchighlightblue; }
22 ::selection { background: @rchighlightblue; }
23
23
24 // Headings
24 // Headings
25 // -------------------------
25 // -------------------------
26
26
27 h1, h2, h3, h4, h5, h6,
27 h1, h2, h3, h4, h5, h6,
28 .h1, .h2, .h3, .h4, .h5, .h6 {
28 .h1, .h2, .h3, .h4, .h5, .h6 {
29 margin: 0 0 @textmargin 0;
29 margin: 0 0 @textmargin 0;
30 padding: 0;
30 padding: 0;
31 line-height: 1.8em;
31 line-height: 1.8em;
32 color: @text-color;
32 color: @text-color;
33 a {
33 a {
34 color: @rcblue;
34 color: @rcblue;
35 }
35 }
36 }
36 }
37
37
38 h1, .h1 { font-size: 1.54em; font-weight: @text-bold-weight; font-family: @text-bold; }
38 h1, .h1 { font-size: 1.54em; font-weight: @text-bold-weight; font-family: @text-bold; }
39 h2, .h2 { font-size: 1.23em; font-weight: @text-semibold-weight; font-family: @text-semibold; }
39 h2, .h2 { font-size: 1.23em; font-weight: @text-semibold-weight; font-family: @text-semibold; }
40 h3, .h3 { font-size: 1.23em; font-family: @text-regular; }
40 h3, .h3 { font-size: 1.23em; font-family: @text-regular; }
41 h4, .h4 { font-size: 1em; font-weight: @text-bold-weight; font-family: @text-bold; }
41 h4, .h4 { font-size: 1em; font-weight: @text-bold-weight; font-family: @text-bold; }
42 h5, .h5 { font-size: 1em; font-weight: @text-bold-weight; font-family: @text-bold; }
42 h5, .h5 { font-size: 1em; font-weight: @text-bold-weight; font-family: @text-bold; }
43 h6, .h6 { font-size: 1em; font-weight: @text-bold-weight; font-family: @text-bold; }
43 h6, .h6 { font-size: 1em; font-weight: @text-bold-weight; font-family: @text-bold; }
44
44
45 // Breadcrumbs
45 // Breadcrumbs
46 .breadcrumbs {
46 .breadcrumbs {
47 font-size: @repo-title-fontsize;
47 font-size: @repo-title-fontsize;
48 margin: 0;
48 margin: 0;
49 }
49 }
50
50
51 .breadcrumbs_light {
51 .breadcrumbs_light {
52 float:left;
52 float:left;
53 font-size: 1.3em;
53 font-size: 1.3em;
54 line-height: 38px;
54 line-height: 38px;
55 }
55 }
56
56
57 // Body text
57 // Body text
58 // -------------------------
58 // -------------------------
59
59
60 p {
60 p {
61 margin: 0 0 @textmargin 0;
61 margin: 0 0 @textmargin 0;
62 padding: 0;
62 padding: 0;
63 line-height: 2em;
63 line-height: 2em;
64 }
64 }
65
65
66 .lead {
66 .lead {
67 margin-bottom: @textmargin;
67 margin-bottom: @textmargin;
68 font-weight: 300;
68 font-weight: 300;
69 line-height: 1.4;
69 line-height: 1.4;
70
70
71 @media (min-width: @screen-sm-min) {
71 @media (min-width: @screen-sm-min) {
72 font-size: (@basefontsize * 1.5);
72 font-size: (@basefontsize * 1.5);
73 }
73 }
74 }
74 }
75
75
76 a,
76 a,
77 .link {
77 .link {
78 color: @rcblue;
78 color: @rcblue;
79 text-decoration: none;
79 text-decoration: none;
80 outline: none;
80 outline: none;
81 cursor: pointer;
81 cursor: pointer;
82
82
83 &:focus {
83 &:focus {
84 outline: none;
84 outline: none;
85 }
85 }
86
86
87 &:hover {
87 &:hover {
88 color: @rcdarkblue;
88 color: @rcdarkblue;
89 }
89 }
90 }
90 }
91
91
92 img {
92 img {
93 border: none;
93 border: none;
94 outline: none;
94 outline: none;
95 }
95 }
96
96
97 strong {
97 strong {
98 font-weight: @text-bold-weight;
98 font-weight: @text-bold-weight;
99 font-family: @text-bold;
99 font-family: @text-bold;
100 }
100 }
101
101
102 em {
102 em {
103 font-family: @text-italic;
103 font-family: @text-italic;
104 font-style: italic;
104 font-style: italic;
105 }
105 }
106
106
107 strong em,
107 strong em,
108 em strong {
108 em strong {
109 font-style: italic;
109 font-style: italic;
110 font-weight: @text-bold-italic-weight;
110 font-weight: @text-bold-italic-weight;
111 font-family: @text-bold-italic;
111 font-family: @text-bold-italic;
112 }
112 }
113
113
114 //TODO: lisa: b and i are depreciated, but we are still using them in places.
114 //TODO: lisa: b and i are depreciated, but we are still using them in places.
115 // Should probably make some decision whether to keep or lose these.
115 // Should probably make some decision whether to keep or lose these.
116 b {
116 b {
117
117
118 }
118 }
119
119
120 i {
120 i {
121 font-style: normal;
121 font-style: normal;
122 }
122 }
123
123
124 label {
124 label {
125 color: @text-color;
125 color: @text-color;
126
126
127 input[type="checkbox"] {
127 input[type="checkbox"] {
128 margin-right: 1em;
128 margin-right: 1em;
129 }
129 }
130 input[type="radio"] {
130 input[type="radio"] {
131 margin-right: 1em;
131 margin-right: 1em;
132 }
132 }
133 }
133 }
134
134
135 code,
135 code,
136 .code {
136 .code {
137 font-size: .95em;
137 font-size: .95em;
138 font-family: @text-code;
138 font-family: @text-code;
139 color: @grey3;
139 color: @grey3;
140
140
141 a {
141 a {
142 color: lighten(@rcblue,10%)
142 color: lighten(@rcblue,10%)
143 }
143 }
144 }
144 }
145
145
146 pre {
146 pre {
147 margin: 0;
147 margin: 0;
148 padding: 0;
148 padding: 0;
149 border: 0;
149 border: 0;
150 outline: 0;
150 outline: 0;
151 font-size: @basefontsize*.95;
151 font-size: @basefontsize*.95;
152 line-height: 1.4em;
152 line-height: 1.4em;
153 font-family: @text-code;
153 font-family: @text-code;
154 color: @grey3;
154 color: @grey3;
155 }
155 }
156
156
157 // Emphasis & misc
157 // Emphasis & misc
158 // -------------------------
158 // -------------------------
159
159
160 small,
160 small,
161 .small {
161 .small {
162 font-size: 75%;
162 font-size: 75%;
163 font-weight: normal;
163 font-weight: normal;
164 line-height: 1em;
164 line-height: 1em;
165 }
165 }
166
166
167 mark,
167 mark,
168 .mark {
168 .mark {
169 background-color: @rclightblue;
169 background-color: @rclightblue;
170 padding: .2em;
170 padding: .2em;
171 }
171 }
172
172
173 // Alignment
173 // Alignment
174 .text-left { text-align: left; }
174 .text-left { text-align: left; }
175 .text-right { text-align: right; }
175 .text-right { text-align: right; }
176 .text-center { text-align: center; }
176 .text-center { text-align: center; }
177 .text-justify { text-align: justify; }
177 .text-justify { text-align: justify; }
178 .text-nowrap { white-space: nowrap; }
178 .text-nowrap { white-space: nowrap; }
179
179
180 // Transformation
180 // Transformation
181 .text-lowercase { text-transform: lowercase; }
181 .text-lowercase { text-transform: lowercase; }
182 .text-uppercase { text-transform: uppercase; }
182 .text-uppercase { text-transform: uppercase; }
183 .text-capitalize { text-transform: capitalize; }
183 .text-capitalize { text-transform: capitalize; }
184
184
185 // Contextual colors
185 // Contextual colors
186 .text-muted {
186 .text-muted {
187 color: @grey4;
187 color: @grey4;
188 }
188 }
189 .text-primary {
189 .text-primary {
190 color: @rcblue;
190 color: @rcblue;
191 }
191 }
192 .text-success {
192 .text-success {
193 color: @alert1;
193 color: @alert1;
194 }
194 }
195 .text-info {
195 .text-info {
196 color: @alert4;
196 color: @alert4;
197 }
197 }
198 .text-warning {
198 .text-warning {
199 color: @alert3;
199 color: @alert3;
200 }
200 }
201 .text-danger {
201 .text-danger {
202 color: @alert2;
202 color: @alert2;
203 }
203 }
204
204
205 // Contextual backgrounds
205 // Contextual backgrounds
206 .bg-primary {
206 .bg-primary {
207 background-color: white;
207 background-color: white;
208 }
208 }
209 .bg-success {
209 .bg-success {
210 background-color: @alert1;
210 background-color: @alert1;
211 }
211 }
212 .bg-info {
212 .bg-info {
213 background-color: @alert4;
213 background-color: @alert4;
214 }
214 }
215 .bg-warning {
215 .bg-warning {
216 background-color: @alert3;
216 background-color: @alert3;
217 }
217 }
218 .bg-danger {
218 .bg-danger {
219 background-color: @alert2;
219 background-color: @alert2;
220 }
220 }
221
221
222
222
223 // Page header
223 // Page header
224 // -------------------------
224 // -------------------------
225
225
226 .page-header {
226 .page-header {
227 margin: @pagepadding 0 @textmargin;
227 margin: @pagepadding 0 @textmargin;
228 border-bottom: @border-thickness solid @grey5;
228 border-bottom: @border-thickness solid @grey5;
229 }
229 }
230
230
231 .title {
231 .title {
232 clear: both;
232 clear: both;
233 float: left;
233 float: left;
234 width: 100%;
234 width: 100%;
235 margin: @pagepadding/2 0 @pagepadding;
235 margin: @pagepadding/2 0 @pagepadding;
236
236
237 .breadcrumbs {
237 .breadcrumbs {
238 float: left;
238 float: left;
239 clear: both;
239 clear: both;
240 width: 700px;
240 width: 700px;
241 margin: 0;
241 margin: 0;
242
242
243 .q_filter_box {
243 .q_filter_box {
244 margin-right: @padding;
244 margin-right: @padding;
245 }
245 }
246 }
246 }
247
247
248 h1 a {
248 h1 a {
249 color: @rcblue;
249 color: @rcblue;
250 }
250 }
251
251
252 input{
252 input{
253 margin-right: @padding;
253 margin-right: @padding;
254 }
254 }
255
255
256 h5, .h5 {
256 h5, .h5 {
257 color: @grey1;
257 color: @grey1;
258 margin-bottom: @space;
258 margin-bottom: @space;
259
259
260 span {
260 span {
261 display: inline-block;
261 display: inline-block;
262 }
262 }
263 }
263 }
264
264
265 p {
265 p {
266 margin-bottom: 0;
266 margin-bottom: 0;
267 }
267 }
268
268
269 .links {
269 .links {
270 float: right;
270 float: right;
271 display: inline;
271 display: inline;
272 margin: 0;
272 margin: 0;
273 padding-left: 0;
273 padding-left: 0;
274 list-style: none;
274 list-style: none;
275 text-align: right;
275 text-align: right;
276
276
277 li {
277 li {
278 float: right;
278 float: right;
279 list-style-type: none;
279 list-style-type: none;
280 }
280 }
281
281
282 a {
282 a {
283 display: inline-block;
283 display: inline-block;
284 margin-left: @textmargin/2;
284 margin-left: @textmargin/2;
285 }
285 }
286 }
286 }
287
287
288 .title-content {
288 .title-content {
289 float: left;
289 float: left;
290 margin: 0;
290 margin: 0;
291 padding: 0;
291 padding: 0;
292
292
293 & + .breadcrumbs {
293 & + .breadcrumbs {
294 margin-top: @padding;
294 margin-top: @padding;
295 }
295 }
296
296
297 & + .links {
297 & + .links {
298 margin-top: -@button-padding;
298 margin-top: -@button-padding;
299
299
300 & + .breadcrumbs {
300 & + .breadcrumbs {
301 margin-top: @padding;
301 margin-top: @padding;
302 }
302 }
303 }
303 }
304 }
304 }
305
305
306 .title-main {
306 .title-main {
307 font-size: @repo-title-fontsize;
307 font-size: @repo-title-fontsize;
308 }
308 }
309
309
310 .title-description {
310 .title-description {
311 margin-top: .5em;
311 margin-top: .5em;
312 }
312 }
313
313
314 .q_filter_box {
314 .q_filter_box {
315 width: 200px;
315 width: 200px;
316 }
316 }
317
317
318 }
318 }
319
319
320 #readme .title {
320 #readme .title {
321 text-transform: none;
321 text-transform: none;
322 }
322 }
323
323
324 // Lists
324 // Lists
325 // -------------------------
325 // -------------------------
326
326
327 // Unordered and Ordered lists
327 // Unordered and Ordered lists
328 ul,
328 ul,
329 ol {
329 ol {
330 margin-top: 0;
330 margin-top: 0;
331 margin-bottom: @textmargin;
331 margin-bottom: @textmargin;
332 ul,
332 ul,
333 ol {
333 ol {
334 margin-bottom: 0;
334 margin-bottom: 0;
335 }
335 }
336 }
336 }
337
337
338 li {
338 li {
339 line-height: 2em;
339 line-height: 2em;
340 }
340 }
341
341
342 ul li {
342 ul li {
343 position: relative;
343 position: relative;
344 list-style-type: disc;
344 list-style-type: disc;
345
345
346 p:first-child {
346 p:first-child {
347 display:inline;
347 display:inline;
348 }
348 }
349 }
349 }
350
350
351 // List options
351 // List options
352
352
353 // Unstyled keeps list items block level, just removes default browser padding and list-style
353 // Unstyled keeps list items block level, just removes default browser padding and list-style
354 .list-unstyled {
354 .list-unstyled {
355 padding-left: 0;
355 padding-left: 0;
356 list-style: none;
356 list-style: none;
357 li:before { content: none; }
357 li:before { content: none; }
358 }
358 }
359
359
360 // Inline turns list items into inline-block
360 // Inline turns list items into inline-block
361 .list-inline {
361 .list-inline {
362 .list-unstyled();
362 .list-unstyled();
363 margin-left: -5px;
363 margin-left: -5px;
364
364
365 > li {
365 > li {
366 display: inline-block;
366 display: inline-block;
367 padding-left: 5px;
367 padding-left: 5px;
368 padding-right: 5px;
368 padding-right: 5px;
369 }
369 }
370 }
370 }
371
371
372 // Description Lists
372 // Description Lists
373
373
374 dl {
374 dl {
375 margin-top: 0; // Remove browser default
375 margin-top: 0; // Remove browser default
376 margin-bottom: @textmargin;
376 margin-bottom: @textmargin;
377 }
377 }
378
378
379 dt,
379 dt,
380 dd {
380 dd {
381 line-height: 1.4em;
381 line-height: 1.4em;
382 }
382 }
383
383
384 dt {
384 dt {
385 margin: @textmargin 0 0 0;
385 margin: @textmargin 0 0 0;
386 font-weight: @text-bold-weight;
386 font-weight: @text-bold-weight;
387 font-family: @text-bold;
387 font-family: @text-bold;
388 }
388 }
389
389
390 dd {
390 dd {
391 margin-left: 0; // Undo browser default
391 margin-left: 0; // Undo browser default
392 }
392 }
393
393
394 // Horizontal description lists
394 // Horizontal description lists
395 // Defaults to being stacked without any of the below styles applied, until the
395 // Defaults to being stacked without any of the below styles applied, until the
396 // grid breakpoint is reached (default of ~768px).
396 // grid breakpoint is reached (default of ~768px).
397 // These are used in forms as well; see style guide.
397 // These are used in forms as well; see style guide.
398 // TODO: lisa: These should really not be used in forms.
398 // TODO: lisa: These should really not be used in forms.
399
399
400 .dl-horizontal {
400 .dl-horizontal {
401
401
402 overflow: hidden;
402 overflow: hidden;
403 margin-bottom: @space;
403 margin-bottom: @space;
404
404
405 dt, dd {
405 dt, dd {
406 float: left;
406 float: left;
407 margin: 5px 0 5px 0;
407 margin: 5px 0 5px 0;
408 }
408 }
409
409
410 dt {
410 dt {
411 clear: left;
411 clear: left;
412 width: @label-width - @form-vertical-margin;
412 width: @label-width - @form-vertical-margin;
413 }
413 }
414
414
415 dd {
415 dd {
416 &:extend(.clearfix all); // Clear the floated `dt` if an empty `dd` is present
416 &:extend(.clearfix all); // Clear the floated `dt` if an empty `dd` is present
417 margin-left: @form-vertical-margin;
417 margin-left: @form-vertical-margin;
418 max-width: @form-max-width - (@label-width - @form-vertical-margin) - @form-vertical-margin;
418 max-width: @form-max-width - (@label-width - @form-vertical-margin) - @form-vertical-margin;
419 }
419 }
420
420
421 pre {
421 pre {
422 margin: 0;
422 margin: 0;
423 }
423 }
424
424
425 &.settings {
425 &.settings {
426 dt {
426 dt {
427 text-align: left;
427 text-align: left;
428 }
428 }
429 }
429 }
430
430
431 @media (min-width: 768px) {
431 @media (min-width: 768px) {
432 dt {
432 dt {
433 float: left;
433 float: left;
434 width: 185px;
434 width: 185px;
435 clear: left;
435 clear: left;
436 text-align: right;
436 text-align: right;
437 }
437 }
438 dd {
438 dd {
439 margin-left: 20px;
439 margin-left: 20px;
440 }
440 }
441 }
441 }
442 }
442 }
443
443
444
444
445 // Misc
445 // Misc
446 // -------------------------
446 // -------------------------
447
447
448 // Abbreviations and acronyms
448 // Abbreviations and acronyms
449 abbr[title],
449 abbr[title],
450 abbr[data-original-title] {
450 abbr[data-original-title] {
451 cursor: help;
451 cursor: help;
452 border-bottom: @border-thickness dotted @grey4;
452 border-bottom: @border-thickness dotted @grey4;
453 }
453 }
454 .initialism {
454 .initialism {
455 font-size: 90%;
455 font-size: 90%;
456 text-transform: uppercase;
456 text-transform: uppercase;
457 }
457 }
458
458
459 // Blockquotes
459 // Blockquotes
460 blockquote {
460 blockquote {
461 padding: 1em 2em;
461 padding: 1em 2em;
462 margin: 0 0 2em;
462 margin: 0 0 2em;
463 font-size: @basefontsize;
463 font-size: @basefontsize;
464 border-left: 2px solid @grey6;
464 border-left: 2px solid @grey6;
465
465
466 p,
466 p,
467 ul,
467 ul,
468 ol {
468 ol {
469 &:last-child {
469 &:last-child {
470 margin-bottom: 0;
470 margin-bottom: 0;
471 }
471 }
472 }
472 }
473
473
474 footer,
474 footer,
475 small,
475 small,
476 .small {
476 .small {
477 display: block;
477 display: block;
478 font-size: 80%;
478 font-size: 80%;
479
479
480 &:before {
480 &:before {
481 content: '\2014 \00A0'; // em dash, nbsp
481 content: '\2014 \00A0'; // em dash, nbsp
482 }
482 }
483 }
483 }
484 }
484 }
485
485
486 // Opposite alignment of blockquote
486 // Opposite alignment of blockquote
487 //
487 //
488 .blockquote-reverse,
488 .blockquote-reverse,
489 blockquote.pull-right {
489 blockquote.pull-right {
490 padding-right: 15px;
490 padding-right: 15px;
491 padding-left: 0;
491 padding-left: 0;
492 border-right: 5px solid @grey6;
492 border-right: 5px solid @grey6;
493 border-left: 0;
493 border-left: 0;
494 text-align: right;
494 text-align: right;
495
495
496 // Account for citation
496 // Account for citation
497 footer,
497 footer,
498 small,
498 small,
499 .small {
499 .small {
500 &:before { content: ''; }
500 &:before { content: ''; }
501 &:after {
501 &:after {
502 content: '\00A0 \2014'; // nbsp, em dash
502 content: '\00A0 \2014'; // nbsp, em dash
503 }
503 }
504 }
504 }
505 }
505 }
506
506
507 // Addresses
507 // Addresses
508 address {
508 address {
509 margin-bottom: 2em;
509 margin-bottom: 2em;
510 font-style: normal;
510 font-style: normal;
511 line-height: 1.8em;
511 line-height: 1.8em;
512 }
512 }
513
513
514 .error-message {
514 .error-message {
515 display: block;
515 display: block;
516 margin: @padding/3 0;
516 margin: @padding/3 0;
517 color: @alert2;
517 color: @alert2;
518 }
518 }
519
519
520 .issue-tracker-link {
520 .issue-tracker-link {
521 color: @rcblue;
521 color: @rcblue;
522 }
522 }
523
523
524 .info_text{
524 .info_text{
525 font-size: @basefontsize;
525 font-size: @basefontsize;
526 color: @grey4;
526 color: @grey4;
527 font-family: @text-regular;
527 font-family: @text-regular;
528 }
528 }
529
529
530 // help block text
530 // help block text
531 .help-block {
531 .help-block {
532 display: block;
532 display: block;
533 margin: 0 0 @padding;
533 margin: 0 0 @padding;
534 color: @grey4;
534 color: @grey4;
535 font-family: @text-light;
535 font-family: @text-light;
536 &.pre-formatting {
536 &.pre-formatting {
537 white-space: pre;
537 white-space: pre-wrap;
538 }
538 }
539 }
539 }
540
540
541 .error-message {
541 .error-message {
542 display: block;
542 display: block;
543 margin: @padding/3 0;
543 margin: @padding/3 0;
544 color: @alert2;
544 color: @alert2;
545 }
545 }
@@ -1,121 +1,132 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2 <%inherit file="/base/base.mako"/>
2 <%inherit file="/base/base.mako"/>
3
3
4 <%def name="title()">
4 <%def name="title()">
5 ${_('Authentication Settings')}
5 ${_('Authentication Settings')}
6 %if c.rhodecode_name:
6 %if c.rhodecode_name:
7 &middot; ${h.branding(c.rhodecode_name)}}
7 &middot; ${h.branding(c.rhodecode_name)}}
8 %endif
8 %endif
9 </%def>
9 </%def>
10
10
11 <%def name="breadcrumbs_links()">
11 <%def name="breadcrumbs_links()">
12 ${h.link_to(_('Admin'),h.route_path('admin_home'))}
12 ${h.link_to(_('Admin'),h.route_path('admin_home'))}
13 &raquo;
13 &raquo;
14 ${h.link_to(_('Authentication Plugins'),request.resource_path(resource.__parent__, route_name='auth_home'))}
14 ${h.link_to(_('Authentication Plugins'),request.resource_path(resource.__parent__, route_name='auth_home'))}
15 &raquo;
15 &raquo;
16 ${resource.display_name}
16 ${resource.display_name}
17 </%def>
17 </%def>
18
18
19 <%def name="menu_bar_nav()">
19 <%def name="menu_bar_nav()">
20 ${self.menu_items(active='admin')}
20 ${self.menu_items(active='admin')}
21 </%def>
21 </%def>
22
22
23 <%def name="main()">
23 <%def name="main()">
24 <div class="box">
24 <div class="box">
25 <div class="title">
25 <div class="title">
26 ${self.breadcrumbs()}
26 ${self.breadcrumbs()}
27 </div>
27 </div>
28 <div class='sidebar-col-wrapper'>
28 <div class='sidebar-col-wrapper'>
29
29
30 ## TODO: This is repeated in the auth root template and should be merged
30 ## TODO: This is repeated in the auth root template and should be merged
31 ## into a single solution.
31 ## into a single solution.
32 <div class="sidebar">
32 <div class="sidebar">
33 <ul class="nav nav-pills nav-stacked">
33 <ul class="nav nav-pills nav-stacked">
34 % for item in resource.get_root().get_nav_list():
34 % for item in resource.get_root().get_nav_list():
35 <li ${'class=active' if item == resource else ''}>
35 <li ${'class=active' if item == resource else ''}>
36 <a href="${request.resource_path(item, route_name='auth_home')}">${item.display_name}</a>
36 <a href="${request.resource_path(item, route_name='auth_home')}">${item.display_name}</a>
37 </li>
37 </li>
38 % endfor
38 % endfor
39 </ul>
39 </ul>
40 </div>
40 </div>
41
41
42 <div class="main-content-full-width">
42 <div class="main-content-full-width">
43 <div class="panel panel-default">
43 <div class="panel panel-default">
44 <div class="panel-heading">
44 <div class="panel-heading">
45 <h3 class="panel-title">${_('Plugin')}: ${resource.display_name}</h3>
45 <h3 class="panel-title">${_('Plugin')}: ${resource.display_name}</h3>
46 </div>
46 </div>
47 <div class="panel-body">
47 <div class="panel-body">
48 <div class="plugin_form">
48 <div class="plugin_form">
49 <div class="fields">
49 <div class="fields">
50 ${h.secure_form(request.resource_path(resource, route_name='auth_home'), request=request)}
50 ${h.secure_form(request.resource_path(resource, route_name='auth_home'), request=request)}
51 <div class="form">
51 <div class="form">
52
52
53 %for node in plugin.get_settings_schema():
53 %for node in plugin.get_settings_schema():
54 <%
54 <%
55 label_to_type = {'label-checkbox': 'bool', 'label-textarea': 'textarea'}
55 label_to_type = {'label-checkbox': 'bool', 'label-textarea': 'textarea'}
56 %>
56 %>
57
57
58 <div class="field">
58 <div class="field">
59 <div class="label ${label_to_type.get(node.widget)}"><label for="${node.name}">${node.title}</label></div>
59 <div class="label ${label_to_type.get(node.widget)}"><label for="${node.name}">${node.title}</label></div>
60 <div class="input">
60 <div class="input">
61 %if node.widget in ["string", "int", "unicode"]:
61 %if node.widget in ["string", "int", "unicode"]:
62 ${h.text(node.name, defaults.get(node.name), class_="large")}
62 ${h.text(node.name, defaults.get(node.name), class_="large")}
63 %elif node.widget == "password":
63 %elif node.widget == "password":
64 ${h.password(node.name, defaults.get(node.name), class_="large")}
64 ${h.password(node.name, defaults.get(node.name), class_="large")}
65 %elif node.widget == "bool":
65 %elif node.widget == "bool":
66 <div class="checkbox">${h.checkbox(node.name, True, checked=defaults.get(node.name))}</div>
66 <div class="checkbox">${h.checkbox(node.name, True, checked=defaults.get(node.name))}</div>
67 %elif node.widget == "select":
67 %elif node.widget == "select":
68 ${h.select(node.name, defaults.get(node.name), node.validator.choices, class_="select2AuthSetting")}
68 ${h.select(node.name, defaults.get(node.name), node.validator.choices, class_="select2AuthSetting")}
69 %elif node.widget == "textarea":
69 %elif node.widget == "textarea":
70 <div class="textarea" style="margin-left: 0px">${h.textarea(node.name, defaults.get(node.name), rows=10)}</div>
70 <div class="textarea" style="margin-left: 0px">${h.textarea(node.name, defaults.get(node.name), rows=10)}</div>
71 %elif node.widget == "readonly":
71 %elif node.widget == "readonly":
72 ${node.default}
72 ${node.default}
73 %else:
73 %else:
74 This field is of type ${node.typ}, which cannot be displayed. Must be one of [string|int|bool|select].
74 This field is of type ${node.typ}, which cannot be displayed. Must be one of [string|int|bool|select].
75 %endif
75 %endif
76
76
77 %if node.name in errors:
77 %if node.name in errors:
78 <span class="error-message">${errors.get(node.name)}</span>
78 <span class="error-message">${errors.get(node.name)}</span>
79 <br />
79 <br />
80 %endif
80 %endif
81 <p class="help-block pre-formatting">${node.description}</p>
81 <p class="help-block pre-formatting">${node.description}</p>
82 </div>
82 </div>
83 </div>
83 </div>
84 %endfor
84 %endfor
85
85
86 ## Allow derived templates to add something below the form
86 ## Allow derived templates to add something below the form
87 ## input fields
87 ## input fields
88 %if hasattr(next, 'below_form_fields'):
88 %if hasattr(next, 'below_form_fields'):
89 ${next.below_form_fields()}
89 ${next.below_form_fields()}
90 %endif
90 %endif
91
91
92 <div class="buttons">
92 <div class="buttons">
93 ${h.submit('save',_('Save'),class_="btn")}
93 ${h.submit('save',_('Save'),class_="btn")}
94 </div>
94 </div>
95
95
96 </div>
96 </div>
97 ${h.end_form()}
97 ${h.end_form()}
98 </div>
98 </div>
99 </div>
99 </div>
100
101 % if request.GET.get('schema'):
102 ## this is for development and creation of example configurations for documentation
103 <pre>
104 % for node in plugin.get_settings_schema():
105 *option*: `${node.name}` => `${defaults.get(node.name)}`${'\n # '.join(['']+node.description.splitlines())}
106
107 % endfor
108 </pre>
109
110 % endif
111
100 </div>
112 </div>
101 </div>
113 </div>
102 </div>
114 </div>
103
115
104 </div>
116 </div>
105 </div>
117 </div>
106
118
107 ## TODO: Ugly hack to get ldap select elements to work.
119
108 ## Find a solution to integrate this nicely.
109 <script>
120 <script>
110 $(document).ready(function() {
121 $(document).ready(function() {
111 var select2Options = {
122 var select2Options = {
112 containerCssClass: 'drop-menu',
123 containerCssClass: 'drop-menu',
113 dropdownCssClass: 'drop-menu-dropdown',
124 dropdownCssClass: 'drop-menu-dropdown',
114 dropdownAutoWidth: true,
125 dropdownAutoWidth: true,
115 minimumResultsForSearch: -1
126 minimumResultsForSearch: -1
116 };
127 };
117 $('.select2AuthSetting').select2(select2Options);
128 $('.select2AuthSetting').select2(select2Options);
118
129
119 });
130 });
120 </script>
131 </script>
121 </%def>
132 </%def>
1 NO CONTENT: file was removed, binary diff hidden
NO CONTENT: file was removed, binary diff hidden
1 NO CONTENT: file was removed, binary diff hidden
NO CONTENT: file was removed, binary diff hidden
General Comments 0
You need to be logged in to leave comments. Login now