##// END OF EJS Templates
sync changelog
sync changelog

File last commit:

r3492:0065f7fe beta
r3510:224cc366 beta
Show More
setup.rst
735 lines | 24.9 KiB | text/x-rst | RstLexer
updated docs, added sphinx build
r568 .. _setup:
docs
r2095 =====
updated docs, added sphinx build
r568 Setup
=====
merge docs in beta with those corrected by Jason Harris
r1092 Setting up RhodeCode
fixes #206
r1448 --------------------
more docs update
r572
whitespace cleanup
r3224 First, you will need to create a RhodeCode configuration file. Run the
small docs updates
r1309 following command to do this::
whitespace cleanup
r3224
docs update
r1123 paster make-config RhodeCode production.ini
more docs update
r572
merge docs in beta with those corrected by Jason Harris
r1092 - This will create the file `production.ini` in the current directory. This
whitespace cleanup
r3224 configuration file contains the various settings for RhodeCode, e.g proxy
port, email settings, usage of static files, cache, celery settings and
small docs updates
r1309 logging.
docs update
r845
merge docs in beta with those corrected by Jason Harris
r1092 Next, you need to create the databases used by RhodeCode. I recommend that you
added initial rc-extension module...
r2105 use postgresql or sqlite (default). If you choose a database other than the
merge docs in beta with those corrected by Jason Harris
r1092 default ensure you properly adjust the db url in your production.ini
added initial rc-extension module...
r2105 configuration file to use this other database. RhodeCode currently supports
postgresql, sqlite and mysql databases. Create the database by running
merge docs in beta with those corrected by Jason Harris
r1092 the following command::
more docs update
r572
new setup-rhodecode command with optional defaults
r2284 paster setup-rhodecode production.ini
more docs update
r572
merge docs in beta with those corrected by Jason Harris
r1092 This will prompt you for a "root" path. This "root" path is the location where
RhodeCode will store all of its repositories on the current machine. After
whitespace cleanup
r3224 entering this "root" path ``setup-rhodecode`` will also prompt you for a username
and password for the initial admin account which ``setup-rhodecode`` sets
new setup-rhodecode command with optional defaults
r2284 up for you.
docs update
r845
added detailed step-by-step installation instruction for windows
r2358 setup process can be fully automated, example for lazy::
paster setup-rhodecode production.ini --user=marcink --password=secret --email=marcin@rhodecode.org --repos=/home/marcink/my_repos
whitespace cleanup
r3224
added detailed step-by-step installation instruction for windows
r2358
whitespace cleanup
r3224 - The ``setup-rhodecode`` command will create all of the needed tables and an
admin account. When choosing a root path you can either use a new empty
new setup-rhodecode command with optional defaults
r2284 location, or a location which already contains existing repositories. If you
whitespace cleanup
r3224 choose a location which contains existing repositories RhodeCode will simply
add all of the repositories at the chosen location to it's database.
new setup-rhodecode command with optional defaults
r2284 (Note: make sure you specify the correct path to the root).
merge docs in beta with those corrected by Jason Harris
r1092 - Note: the given path for mercurial_ repositories **must** be write accessible
whitespace cleanup
r3224 for the application. It's very important since the RhodeCode web interface
will work without write access, but when trying to do a push it will
small docs updates
r1309 eventually fail with permission denied errors unless it has write access.
more docs update
r572
merge docs in beta with those corrected by Jason Harris
r1092 You are now ready to use RhodeCode, to run it simply execute::
whitespace cleanup
r3224
docs update
r1123 paster serve production.ini
whitespace cleanup
r3224
- This command runs the RhodeCode server. The web app should be available at the
127.0.0.1:5000. This ip and port is configurable via the production.ini
docs update
r845 file created in previous step
whitespace cleanup
r3224 - Use the admin account you created above when running ``setup-rhodecode``
new setup-rhodecode command with optional defaults
r2284 to login to the web app.
whitespace cleanup
r3224 - The default permissions on each repository is read, and the owner is admin.
merge docs in beta with those corrected by Jason Harris
r1092 Remember to update these if needed.
- In the admin panel you can toggle ldap, anonymous, permissions settings. As
well as edit more advanced options on users and repositories
added initial rc-extension module...
r2105 Optionally users can create `rcextensions` package that extends RhodeCode
functionality. To do this simply execute::
paster make-rcext production.ini
merge docs in beta with those corrected by Jason Harris
r1092
added initial rc-extension module...
r2105 This will create `rcextensions` package in the same place that your `ini` file
whitespace cleanup
r3224 lives. With `rcextensions` it's possible to add additional mapping for whoosh,
docs update
r2906 stats and add additional code into the push/pull/create/delete repo hooks.
For example for sending signals to build-bots such as jenkins.
whitespace cleanup
r3224 Please see the `__init__.py` file inside `rcextensions` package
added initial rc-extension module...
r2105 for more details.
merge docs in beta with those corrected by Jason Harris
r1092
docs: changelog + setup update
r912 Using RhodeCode with SSH
------------------------
small docs updates
r1309 RhodeCode currently only hosts repositories using http and https. (The addition
of ssh hosting is a planned future feature.) However you can easily use ssh in
merge docs in beta with those corrected by Jason Harris
r1092 parallel with RhodeCode. (Repository access via ssh is a standard "out of
the box" feature of mercurial_ and you can use this to access any of the
repositories that RhodeCode is hosting. See PublishingRepositories_)
whitespace cleanup
r3224 RhodeCode repository structures are kept in directories with the same name
merge docs in beta with those corrected by Jason Harris
r1092 as the project. When using repository groups, each group is a subdirectory.
This allows you to easily use ssh for accessing repositories.
docs: changelog + setup update
r912
whitespace cleanup
r3224 In order to use ssh you need to make sure that your web-server and the users
small docs updates
r1309 login accounts have the correct permissions set on the appropriate directories.
(Note that these permissions are independent of any permissions you have set up
using the RhodeCode web interface.)
docs: changelog + setup update
r912
merge docs in beta with those corrected by Jason Harris
r1092 If your main directory (the same as set in RhodeCode settings) is for example
set to **/home/hg** and the repository you are using is named `rhodecode`, then
to clone via ssh you should run::
docs: changelog + setup update
r912
merge docs in beta with those corrected by Jason Harris
r1092 hg clone ssh://user@server.com/home/hg/rhodecode
Using other external tools such as mercurial-server_ or using ssh key based
authentication is fully supported.
docs: changelog + setup update
r912
merge docs in beta with those corrected by Jason Harris
r1092 Note: In an advanced setup, in order for your ssh access to use the same
permissions as set up via the RhodeCode web interface, you can create an
authentication hook to connect to the rhodecode db and runs check functions for
permissions against that.
whitespace cleanup
r3224
Implemented whoosh index building as paster command....
r683 Setting up Whoosh full text search
----------------------------------
merge docs in beta with those corrected by Jason Harris
r1092 Starting from version 1.1 the whoosh index can be build by using the paster
command ``make-index``. To use ``make-index`` you must specify the configuration
whitespace cleanup
r3224 file that stores the location of the index. You may specify the location of the
repositories (`--repo-location`). If not specified, this value is retrieved
from the RhodeCode database. This was required prior to 1.2. Starting from
version 1.2 it is also possible to specify a comma separated list of
repositories (`--index-only`) to build index only on chooses repositories
Jared Bunting
Adding documentation for indexer's self-resolving repos location.
r1408 skipping any other found in repos location
fixes #90 + docs update
r894
merge docs in beta with those corrected by Jason Harris
r1092 You may optionally pass the option `-f` to enable a full index rebuild. Without
the `-f` option, indexing will run always in "incremental" mode.
Implemented whoosh index building as paster command....
r683
merge docs in beta with those corrected by Jason Harris
r1092 For an incremental index build use::
docs update, added ldap section, added troubleshooting section...
r707
Mads Kiilerich
coding style: fix trailing and leading spaces and tabs
r3267 paster make-index production.ini
Implemented whoosh index building as paster command....
r683
merge docs in beta with those corrected by Jason Harris
r1092 For a full index rebuild use::
docs update, added ldap section, added troubleshooting section...
r707
Mads Kiilerich
coding style: fix trailing and leading spaces and tabs
r3267 paster make-index production.ini -f
more docs update
r572
fixes #90 + docs update
r894
building index just for chosen repositories is possible with such command::
whitespace cleanup
r3224
Jared Bunting
Adding documentation for indexer's self-resolving repos location.
r1408 paster make-index production.ini --index-only=vcs,rhodecode
more docs update
r572
fixes #90 + docs update
r894
merge docs in beta with those corrected by Jason Harris
r1092 In order to do periodical index builds and keep your index always up to date.
whitespace cleanup
r3224 It's recommended to do a crontab entry for incremental indexing.
merge docs in beta with those corrected by Jason Harris
r1092 An example entry might look like this::
whitespace cleanup
r3224
/path/to/python/bin/paster make-index /path/to/rhodecode/production.ini
merge docs in beta with those corrected by Jason Harris
r1092 When using incremental mode (the default) whoosh will check the last
modification date of each file and add it to be reindexed if a newer file is
available. The indexing daemon checks for any removed files and removes them
from index.
Implemented whoosh index building as paster command....
r683
merge docs in beta with those corrected by Jason Harris
r1092 If you want to rebuild index from scratch, you can use the `-f` flag as above,
or in the admin panel you can check `build from scratch` flag.
more docs update
r572
docs update, added ldap section, added troubleshooting section...
r707
Setting up LDAP support
-----------------------
RhodeCode starting from version 1.1 supports ldap authentication. In order
whitespace cleanup
r3224 to use LDAP, you have to install the python-ldap_ package. This package is
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 available via pypi, so you can install it by running
docs update, added ldap section, added troubleshooting section...
r707
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 using easy_install::
docs update, added ldap section, added troubleshooting section...
r707
docs update
r1123 easy_install python-ldap
whitespace cleanup
r3224
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 using pip::
docs update, added ldap section, added troubleshooting section...
r707
docs update
r1123 pip install python-ldap
docs update, added ldap section, added troubleshooting section...
r707
docs update
r770 .. note::
whitespace cleanup
r3224 python-ldap requires some certain libs on your system, so before installing
merge docs in beta with those corrected by Jason Harris
r1092 it check that you have at least `openldap`, and `sasl` libraries.
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 LDAP settings are located in admin->ldap section,
merge docs in beta with those corrected by Jason Harris
r1092 Here's a typical ldap setup::
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992
Connection settings
Enable LDAP = checked
Host = host.example.org
Port = 389
Account = <account>
Password = <password>
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 Connection Security = LDAPS connection
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 Certificate Checks = DEMAND
Search settings
Base DN = CN=users,DC=host,DC=example,DC=org
LDAP Filter = (&(objectClass=user)(!(objectClass=computer)))
LDAP Search Scope = SUBTREE
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 Attribute mappings
Login Attribute = uid
First Name Attribute = firstName
Last Name Attribute = lastName
E-mail Attribute = mail
.. _enable_ldap:
Enable LDAP : required
Whether to use LDAP for authenticating users.
.. _ldap_host:
Host : required
Updated docs about LDAP failover server list option
r2916 LDAP server hostname or IP address. Can be also a comma separated
list of servers to support LDAP fail-over.
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992
.. _Port:
Port : required
389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP.
.. _ldap_account:
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 Account : optional
Only required if the LDAP server does not allow anonymous browsing of
records. This should be a special account for record browsing. This
will require `LDAP Password`_ below.
.. _LDAP Password:
Password : optional
Only required if the LDAP server does not allow anonymous browsing of
records.
.. _Enable LDAPS:
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 Connection Security : required
Defines the connection to LDAP server
No encryption
Plain non encrypted connection
whitespace cleanup
r3224
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 LDAPS connection
whitespace cleanup
r3224 Enable ldaps connection. It will likely require `Port`_ to be set to
a different value (standard LDAPS port is 636). When LDAPS is enabled
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 then `Certificate Checks`_ is required.
whitespace cleanup
r3224
added some fixes to LDAP form re-submition, new simples ldap-settings getter....
r1292 START_TLS on LDAP connection
START TLS connection
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992
.. _Certificate Checks:
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 Certificate Checks : optional
How SSL certificates verification is handled - this is only useful when
whitespace cleanup
r3224 `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security
small docs updates
r1309 while the other options are susceptible to man-in-the-middle attacks. SSL
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 certificates can be installed to /etc/openldap/cacerts so that the
DEMAND or HARD options can be used with self-signed certificates or
certificates that do not have traceable certificates of authority.
NEVER
A serve certificate will never be requested or checked.
ALLOW
A server certificate is requested. Failure to provide a
certificate or providing a bad certificate will not terminate the
session.
TRY
A server certificate is requested. Failure to provide a
certificate does not halt the session; providing a bad certificate
halts the session.
DEMAND
A server certificate is requested and must be provided and
authenticated for the session to proceed.
fixes #77 and adds extendable base Dn with custom uid specification
r775
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 HARD
The same as DEMAND.
.. _Base DN:
Base DN : required
The Distinguished Name (DN) where searches for users will be performed.
Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_.
.. _LDAP Filter:
LDAP Filter : optional
A LDAP filter defined by RFC 2254. This is more useful when `LDAP
Search Scope`_ is set to SUBTREE. The filter is useful for limiting
which LDAP objects are identified as representing Users for
authentication. The filter is augmented by `Login Attribute`_ below.
This can commonly be left blank.
.. _LDAP Search Scope:
LDAP Search Scope : required
This limits how far LDAP will search for a matching object.
BASE
Only allows searching of `Base DN`_ and is usually not what you
want.
ONELEVEL
Searches all entries under `Base DN`_, but not Base DN itself.
SUBTREE
Searches all entries below `Base DN`_, but not Base DN itself.
When using SUBTREE `LDAP Filter`_ is useful to limit object
location.
.. _Login Attribute:
docs update, added ldap section, added troubleshooting section...
r707
whitespace cleanup
r3224 Login Attribute : required
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 The LDAP record attribute that will be matched as the USERNAME or
ACCOUNT used to connect to RhodeCode. This will be added to `LDAP
Filter`_ for locating the User object. If `LDAP Filter`_ is specified as
"LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has
connected as "jsmith" then the `LDAP Filter`_ will be augmented as below
::
(&(LDAPFILTER)(uid=jsmith))
.. _ldap_attr_firstname:
First Name Attribute : required
The LDAP record attribute which represents the user's first name.
.. _ldap_attr_lastname:
Last Name Attribute : required
The LDAP record attribute which represents the user's last name.
.. _ldap_attr_email:
Email Attribute : required
The LDAP record attribute which represents the user's email address.
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 If all data are entered correctly, and python-ldap_ is properly installed
users should be granted access to RhodeCode with ldap accounts. At this
time user information is copied from LDAP into the RhodeCode user database.
This means that updates of an LDAP user object may not be reflected as a
user update in RhodeCode.
If You have problems with LDAP access and believe You entered correct
information check out the RhodeCode logs, any error messages sent from LDAP
will be saved there.
Active Directory
''''''''''''''''
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 RhodeCode can use Microsoft Active Directory for user authentication. This
is done through an LDAP or LDAPS connection to Active Directory. The
following LDAP configuration settings are typical for using Active
Directory ::
docs update, added ldap section, added troubleshooting section...
r707
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local
Login Attribute = sAMAccountName
First Name Attribute = givenName
Last Name Attribute = sn
E-mail Attribute = mail
All other LDAP settings will likely be site-specific and should be
appropriately configured.
fixed cache problem,...
r777
doc update - hooks
r1467
Liad Shani
Added documentation for container-based and proxy pass-through authentication
r1657 Authentication by container or reverse-proxy
--------------------------------------------
Starting with version 1.3, RhodeCode supports delegating the authentication
of users to its WSGI container, or to a reverse-proxy server through which all
clients access the application.
When these authentication methods are enabled in RhodeCode, it uses the
username that the container/proxy (Apache/Nginx/etc) authenticated and doesn't
perform the authentication itself. The authorization, however, is still done by
RhodeCode according to its settings.
When a user logs in for the first time using these authentication methods,
a matching user account is created in RhodeCode with default permissions. An
administrator can then modify it using RhodeCode's admin interface.
It's also possible for an administrator to create accounts and configure their
permissions before the user logs in for the first time.
Container-based authentication
''''''''''''''''''''''''''''''
In a container-based authentication setup, RhodeCode reads the user name from
the ``REMOTE_USER`` server variable provided by the WSGI container.
After setting up your container (see `Apache's WSGI config`_), you'd need
to configure it to require authentication on the location configured for
RhodeCode.
In order for RhodeCode to start using the provided username, you should set the
following in the [app:main] section of your .ini file::
container_auth_enabled = true
Proxy pass-through authentication
'''''''''''''''''''''''''''''''''
In a proxy pass-through authentication setup, RhodeCode reads the user name
from the ``X-Forwarded-User`` request header, which should be configured to be
sent by the reverse-proxy server.
After setting up your proxy solution (see `Apache virtual host reverse proxy example`_,
`Apache as subdirectory`_ or `Nginx virtual host example`_), you'd need to
configure the authentication and add the username in a request header named
``X-Forwarded-User``.
For example, the following config section for Apache sets a subdirectory in a
reverse-proxy setup with basic auth::
<Location /<someprefix> >
ProxyPass http://127.0.0.1:5000/<someprefix>
ProxyPassReverse http://127.0.0.1:5000/<someprefix>
SetEnvIf X-Url-Scheme https HTTPS=1
AuthType Basic
AuthName "RhodeCode authentication"
AuthUserFile /home/web/rhodecode/.htpasswd
require valid-user
RequestHeader unset X-Forwarded-User
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule .* - [E=RU:%1]
RequestHeader set X-Forwarded-User %{RU}e
whitespace cleanup
r3224 </Location>
Liad Shani
Added documentation for container-based and proxy pass-through authentication
r1657
In order for RhodeCode to start using the forwarded username, you should set
the following in the [app:main] section of your .ini file::
proxypass_auth_enabled = true
.. note::
If you enable proxy pass-through authentication, make sure your server is
only accessible through the proxy. Otherwise, any client would be able to
forge the authentication header and could effectively become authenticated
using any account of their liking.
docs update
r1838 Integration with Issue trackers
-------------------------------
Liad Shani
Added documentation for container-based and proxy pass-through authentication
r1657
docs update
r1838 RhodeCode provides a simple integration with issue trackers. It's possible
to define a regular expression that will fetch issue id stored in commit
messages and replace that with an url to this issue. To enable this simply
uncomment following variables in the ini file::
url_pat = (?:^#|\s#)(\w+)
docs update
r1870 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
docs update
r1838 issue_prefix = #
docs update
r1870 `url_pat` is the regular expression that will fetch issues from commit messages.
Default regex will match issues in format of #<number> eg. #300.
whitespace cleanup
r3224
Matched issues will be replace with the link specified as `issue_server_link`
docs update
r1870 {id} will be replaced with issue id, and {repo} with repository name.
whitespace cleanup
r3224 Since the # is striped `issue_prefix` is added as a prefix to url.
`issue_prefix` can be something different than # if you pass
docs update
r1870 ISSUE- as issue prefix this will generate an url in format::
whitespace cleanup
r3224
<a href="https://myissueserver.com/example_repo/issue/300">ISSUE-300</a>
Liad Shani
Added documentation for container-based and proxy pass-through authentication
r1657
doc update - hooks
r1467 Hook management
---------------
Hooks can be managed in similar way to this used in .hgrc files.
To access hooks setting click `advanced setup` on Hooks section of Mercurial
whitespace cleanup
r3224 Settings in Admin.
doc update - hooks
r1467
There are 4 built in hooks that cannot be changed (only enable/disable by
checkboxes on previos section).
whitespace cleanup
r3224 To add another custom hook simply fill in first section with
doc update - hooks
r1467 <name>.<hook_type> and the second one with hook path. Example hooks
whitespace cleanup
r3224 can be found at *rhodecode.lib.hooks*.
doc update - hooks
r1467
updated setup docs about encoding
r2017 Changing default encoding
-------------------------
By default RhodeCode uses utf8 encoding, starting from 1.3 series this
can be changed, simply edit default_encoding in .ini file to desired one.
Mads Kiilerich
fix spelling of committer
r3492 This affects many parts in rhodecode including committers names, filenames,
updated setup docs about encoding
r2017 encoding of commit messages. In addition RhodeCode can detect if `chardet`
library is installed. If `chardet` is detected RhodeCode will fallback to it
when there are encode/decode errors.
fixed cache problem,...
r777 Setting Up Celery
-----------------
merge docs in beta with those corrected by Jason Harris
r1092 Since version 1.1 celery is configured by the rhodecode ini configuration files.
whitespace cleanup
r3224 Simply set use_celery=true in the ini file then add / change the configuration
fixed cache problem,...
r777 variables inside the ini file.
merge docs in beta with those corrected by Jason Harris
r1092 Remember that the ini files use the format with '.' not with '_' like celery.
So for example setting `BROKER_HOST` in celery means setting `broker.host` in
fixed cache problem,...
r777 the config file.
merge docs in beta with those corrected by Jason Harris
r1092 In order to start using celery run::
fixed changelog, and setup docs. Yeeee a 1000 commit :)
r938
fixed cache problem,...
r777 paster celeryd <configfile.ini>
docs update for celeryd
r871 .. note::
whitespace cleanup
r3224 Make sure you run this command from the same virtualenv, and with the same
small docs updates
r1309 user that rhodecode runs.
whitespace cleanup
r3224
docs and readme update
r1062 HTTPS support
-------------
merge docs in beta with those corrected by Jason Harris
r1092 There are two ways to enable https:
- Set HTTP_X_URL_SCHEME in your http server headers, than rhodecode will
recognize this headers and make proper https redirections
whitespace cleanup
r3224 - Alternatively, change the `force_https = true` flag in the ini configuration
fixes #206
r1448 to force using https, no headers are needed than to enable https
docs update for celeryd
r871
more docs update
r572 Nginx virtual host example
--------------------------
docs update, added ldap section, added troubleshooting section...
r707 Sample config for nginx using proxy::
more docs update
r572
fixes #305 User guide suggests sub-optimal nginx configuration
r1745 upstream rc {
server 127.0.0.1:5000;
# add more instances for load balancing
#server 127.0.0.1:5001;
#server 127.0.0.1:5002;
}
whitespace cleanup
r3224
merge docs in beta with those corrected by Jason Harris
r1092 server {
switch to SSL configuration example on nginx
r3243 listen 443;
server_name rhodecode.myserver.com;
merge docs in beta with those corrected by Jason Harris
r1092 access_log /var/log/nginx/rhodecode.access.log;
error_log /var/log/nginx/rhodecode.error.log;
fixes #305 User guide suggests sub-optimal nginx configuration
r1745
switch to SSL configuration example on nginx
r3243 ssl on;
ssl_certificate rhodecode.myserver.com.crt;
ssl_certificate_key rhodecode.myserver.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
ssl_prefer_server_ciphers on;
add example when having chunking module for nginx enabled....
r2682 # uncomment if you have nginx with chunking module compiled
# fixes the issues of having to put postBuffer data for large git
whitespace cleanup
r3224 # pushes
add example when having chunking module for nginx enabled....
r2682 #chunkin on;
#error_page 411 = @my_411_error;
#location @my_411_error {
# chunkin_resume;
#}
whitespace cleanup
r3224
Added example of root directive for serving static files via nginx
r2748 # uncomment if you want to serve static files by nginx
#root /path/to/installation/rhodecode/public;
whitespace cleanup
r3224
merge docs in beta with those corrected by Jason Harris
r1092 location / {
fixes #305 User guide suggests sub-optimal nginx configuration
r1745 try_files $uri @rhode;
merge docs in beta with those corrected by Jason Harris
r1092 }
whitespace cleanup
r3224
fixes #305 User guide suggests sub-optimal nginx configuration
r1745 location @rhode {
proxy_pass http://rc;
include /etc/nginx/proxy.conf;
}
whitespace cleanup
r3224 }
merge docs in beta with those corrected by Jason Harris
r1092 Here's the proxy.conf. It's tuned so it will not timeout on long
pushes or large pushes::
whitespace cleanup
r3224
more docs update
r572 proxy_redirect off;
proxy_set_header Host $host;
fixes #305 User guide suggests sub-optimal nginx configuration
r1745 proxy_set_header X-Url-Scheme $scheme;
more docs update
r572 proxy_set_header X-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Proxy-host $proxy_host;
client_max_body_size 400m;
client_body_buffer_size 128k;
proxy_buffering off;
Updated nginx proxy example to work better with large pushes
r1420 proxy_connect_timeout 7200;
proxy_send_timeout 7200;
proxy_read_timeout 7200;
proxy_buffers 8 32k;
whitespace cleanup
r3224
merge docs in beta with those corrected by Jason Harris
r1092 Also, when using root path with nginx you might set the static files to false
in the production.ini file::
more docs update
r572
merge docs in beta with those corrected by Jason Harris
r1092 [app:main]
use = egg:rhodecode
full_stack = true
static_files = false
lang=en
cache_dir = %(here)s/data
more docs update
r572
merge docs in beta with those corrected by Jason Harris
r1092 In order to not have the statics served by the application. This improves speed.
more docs update
r572
Updated docs, added apache proxy example config
r881
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 Apache virtual host reverse proxy example
-----------------------------------------
Updated docs, added apache proxy example config
r881
merge docs in beta with those corrected by Jason Harris
r1092 Here is a sample configuration file for apache using proxy::
Updated docs, added apache proxy example config
r881
doc fix
r929 <VirtualHost *:80>
ServerName hg.myserver.com
ServerAlias hg.myserver.com
whitespace cleanup
r3224
doc fix
r929 <Proxy *>
Order allow,deny
Allow from all
</Proxy>
whitespace cleanup
r3224
doc fix
r929 #important !
#Directive to properly generate url (clone url) for pylons
ProxyPreserveHost On
whitespace cleanup
r3224
doc fix
r929 #rhodecode instance
ProxyPass / http://127.0.0.1:5000/
ProxyPassReverse / http://127.0.0.1:5000/
whitespace cleanup
r3224
doc fix
r929 #to enable https use line below
#SetEnvIf X-Url-Scheme https HTTPS=1
whitespace cleanup
r3224
</VirtualHost>
Updated docs, added apache proxy example config
r881
Additional tutorial
docs update
r744 http://wiki.pylonshq.com/display/pylonscookbook/Apache+as+a+reverse+proxy+for+Pylons
more docs update
r572
docs update, added ldap section, added troubleshooting section...
r707
docs and readme update
r1062 Apache as subdirectory
----------------------
Apache subdirectory part::
update docs for setup
r1226 <Location /<someprefix> >
ProxyPass http://127.0.0.1:5000/<someprefix>
ProxyPassReverse http://127.0.0.1:5000/<someprefix>
docs and readme update
r1062 SetEnvIf X-Url-Scheme https HTTPS=1
whitespace cleanup
r3224 </Location>
docs and readme update
r1062
fixes issue #206
r1392 Besides the regular apache setup you will need to add the following line
into [app:main] section of your .ini file::
docs and readme update
r1062
filter-with = proxy-prefix
Add the following at the end of the .ini file::
[filter:proxy-prefix]
use = egg:PasteDeploy#prefix
whitespace cleanup
r3224 prefix = /<someprefix>
docs and readme update
r1062
update docs for setup
r1226 then change <someprefix> into your choosen prefix
Added example wsgi config into docs
r1386 Apache's WSGI config
--------------------
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 Alternatively, RhodeCode can be set up with Apache under mod_wsgi. For
that, you'll need to:
- Install mod_wsgi. If using a Debian-based distro, you can install
the package libapache2-mod-wsgi::
Augusto Herrmann
Syntax correction on the recently changed documentation.
r1559
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 aptitude install libapache2-mod-wsgi
Augusto Herrmann
Syntax correction on the recently changed documentation.
r1559
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 - Enable mod_wsgi::
Augusto Herrmann
Syntax correction on the recently changed documentation.
r1559
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 a2enmod wsgi
Augusto Herrmann
Syntax correction on the recently changed documentation.
r1559
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 - Create a wsgi dispatch script, like the one below. Make sure you
check the paths correctly point to where you installed RhodeCode
and its Python Virtual Environment.
- Enable the WSGIScriptAlias directive for the wsgi dispatch script,
as in the following example. Once again, check the paths are
correctly specified.
Here is a sample excerpt from an Apache Virtual Host configuration file::
updated apache wsgi example ref #535
r2800 WSGIDaemonProcess pylons \
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 threads=4 \
python-path=/home/web/rhodecode/pyenv/lib/python2.6/site-packages
WSGIScriptAlias / /home/web/rhodecode/dispatch.wsgi
docs on apache WSGI update
r2076 WSGIPassAuthorization On
Added example wsgi config into docs
r1386
updated apache wsgi example ref #535
r2800 .. note::
whitespace cleanup
r3224 when running apache as root please add: `user=www-data group=www-data`
updated apache wsgi example ref #535
r2800 into above configuration
.. note::
docs updates
r3335 Running RhodeCode in multiprocess mode in apache is not supported,
make sure you don't specify `processes=num` directive in the config
updated apache wsgi example ref #535
r2800
Added example wsgi config into docs
r1386 Example wsgi dispatch script::
docs update, added ldap section, added troubleshooting section...
r707
Added example wsgi config into docs
r1386 import os
os.environ["HGENCODING"] = "UTF-8"
os.environ['PYTHON_EGG_CACHE'] = '/home/web/rhodecode/.egg-cache'
whitespace cleanup
r3224
Added example wsgi config into docs
r1386 # sometimes it's needed to set the curent dir
whitespace cleanup
r3224 os.chdir('/home/web/rhodecode/')
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558
import site
site.addsitedir("/home/web/rhodecode/pyenv/lib/python2.6/site-packages")
whitespace cleanup
r3224
Added example wsgi config into docs
r1386 from paste.deploy import loadapp
from paste.script.util.logging_config import fileConfig
fileConfig('/home/web/rhodecode/production.ini')
application = loadapp('config:/home/web/rhodecode/production.ini')
Augusto Herrmann
Improvements to mod_wsgi setup documentation.
r1558 Note: when using mod_wsgi you'll need to install the same version of
Mercurial that's inside RhodeCode's virtualenv also on the system's Python
environment.
docs update, added ldap section, added troubleshooting section...
r707
docs update
r591 Other configuration files
-------------------------
Added troubleshooting section to docs
r2601 Some example init.d scripts can be found in init.d directory::
docs update, added ldap section, added troubleshooting section...
r707
Added troubleshooting section to docs
r2601 https://secure.rhodecode.org/rhodecode/files/beta/init.d
docs update
r591
more docs update
r572 .. _virtualenv: http://pypi.python.org/pypi/virtualenv
.. _python: http://www.python.org/
.. _mercurial: http://mercurial.selenic.com/
.. _celery: http://celeryproject.org/
Thayne Harbaugh
Update documentation for LDAP settings (and add Active Directory information).
r992 .. _rabbitmq: http://www.rabbitmq.com/
.. _python-ldap: http://www.python-ldap.org/
merge docs in beta with those corrected by Jason Harris
r1092 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
.. _PublishingRepositories: http://mercurial.selenic.com/wiki/PublishingRepositories
.. _Issues tracker: https://bitbucket.org/marcinkuzminski/rhodecode/issues
whitespace cleanup
r3224 .. _google group rhodecode: http://groups.google.com/group/rhodecode