##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

docs: drop odd verbose note on writeable root path...
Mads Kiilerich -
r8325:4742b8c8 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,662 +1,657 b''
1 1 .. _setup:
2 2
3 3 =====
4 4 Setup
5 5 =====
6 6
7 7
8 8 Setting up Kallithea
9 9 --------------------
10 10
11 11 Some further details to the steps mentioned in the overview.
12 12
13 13 Create low level configuration file
14 14 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
15 15
16 16 First, you will need to create a Kallithea configuration file. Run the
17 17 following command to do so::
18 18
19 19 kallithea-cli config-create my.ini
20 20
21 21 This will create the file ``my.ini`` in the current directory. This
22 22 configuration file contains the various settings for Kallithea, e.g.
23 23 proxy port, email settings, usage of static files, cache, Celery
24 24 settings, and logging. Extra settings can be specified like::
25 25
26 26 kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter
27 27
28 28 Populate the database
29 29 ^^^^^^^^^^^^^^^^^^^^^
30 30
31 31 Next, you need to create the databases used by Kallithea. It is recommended to
32 32 use PostgreSQL or SQLite (default). If you choose a database other than the
33 33 default, ensure you properly adjust the database URL in your ``my.ini``
34 34 configuration file to use this other database. Kallithea currently supports
35 35 PostgreSQL, SQLite and MariaDB/MySQL databases. Create the database by running
36 36 the following command::
37 37
38 38 kallithea-cli db-create -c my.ini
39 39
40 This will prompt you for a "root" path. This "root" path is the location where
41 Kallithea will store all of its repositories on the current machine. After
42 entering this "root" path ``db-create`` will also prompt you for a username
43 and password for the initial admin account which ``db-create`` sets
44 up for you.
40 This will first prompt you for a "root" path. This "root" path is the location
41 where Kallithea will store all of its repositories on the current machine. This
42 location must be writable for the running Kallithea application. Next,
43 ``db-create`` will prompt you for a username and password for the initial admin
44 account it sets up for you.
45 45
46 46 The ``db-create`` values can also be given on the command line.
47 47 Example::
48 48
49 49 kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
50 50
51 51 The ``db-create`` command will create all needed tables and an
52 52 admin account. When choosing a root path you can either use a new
53 53 empty location, or a location which already contains existing
54 54 repositories. If you choose a location which contains existing
55 55 repositories Kallithea will add all of the repositories at the chosen
56 56 location to its database. (Note: make sure you specify the correct
57 57 path to the root).
58 58
59 .. note:: the given path for Mercurial_ repositories **must** be write
60 accessible for the application. It's very important since
61 the Kallithea web interface will work without write access,
62 but when trying to do a push it will fail with permission
63 denied errors unless it has write access.
64 59
65 60 Prepare front-end files
66 61 ^^^^^^^^^^^^^^^^^^^^^^^
67 62
68 63 Finally, the front-end files must be prepared. This requires ``npm`` version 6
69 64 or later, which needs ``node.js`` (version 12 or later). Prepare the front-end
70 65 by running::
71 66
72 67 kallithea-cli front-end-build
73 68
74 69 Running
75 70 ^^^^^^^
76 71
77 72 You are now ready to use Kallithea. To run it simply execute::
78 73
79 74 gearbox serve -c my.ini
80 75
81 76 - This command runs the Kallithea server. The web app should be available at
82 77 http://127.0.0.1:5000. The IP address and port is configurable via the
83 78 configuration file created in the previous step.
84 79 - Log in to Kallithea using the admin account created when running ``db-create``.
85 80 - The default permissions on each repository is read, and the owner is admin.
86 81 Remember to update these if needed.
87 82 - In the admin panel you can toggle LDAP, anonymous, and permissions
88 83 settings, as well as edit more advanced options on users and
89 84 repositories.
90 85
91 86
92 87 Internationalization (i18n support)
93 88 -----------------------------------
94 89
95 90 The Kallithea web interface is automatically displayed in the user's preferred
96 91 language, as indicated by the browser. Thus, different users may see the
97 92 application in different languages. If the requested language is not available
98 93 (because the translation file for that language does not yet exist or is
99 94 incomplete), English is used.
100 95
101 96 If you want to disable automatic language detection and instead configure a
102 97 fixed language regardless of user preference, set ``i18n.enabled = false`` and
103 98 specify another language by setting ``i18n.lang`` in the Kallithea
104 99 configuration file.
105 100
106 101
107 102 Using Kallithea with SSH
108 103 ------------------------
109 104
110 105 Kallithea supports repository access via SSH key based authentication.
111 106 This means:
112 107
113 108 - repository URLs like ``ssh://kallithea@example.com/name/of/repository``
114 109
115 110 - all network traffic for both read and write happens over the SSH protocol on
116 111 port 22, without using HTTP/HTTPS nor the Kallithea WSGI application
117 112
118 113 - encryption and authentication protocols are managed by the system's ``sshd``
119 114 process, with all users using the same Kallithea system user (e.g.
120 115 ``kallithea``) when connecting to the SSH server, but with users' public keys
121 116 in the Kallithea system user's `.ssh/authorized_keys` file granting each user
122 117 sandboxed access to the repositories.
123 118
124 119 - users and admins can manage SSH public keys in the web UI
125 120
126 121 - in their SSH client configuration, users can configure how the client should
127 122 control access to their SSH key - without passphrase, with passphrase, and
128 123 optionally with passphrase caching in the local shell session (``ssh-agent``).
129 124 This is standard SSH functionality, not something Kallithea provides or
130 125 interferes with.
131 126
132 127 - network communication between client and server happens in a bidirectional
133 128 stateful stream, and will in some cases be faster than HTTP/HTTPS with several
134 129 stateless round-trips.
135 130
136 131 .. note:: At this moment, repository access via SSH has been tested on Unix
137 132 only. Windows users that care about SSH are invited to test it and report
138 133 problems, ideally contributing patches that solve these problems.
139 134
140 135 Users and admins can upload SSH public keys (e.g. ``.ssh/id_rsa.pub``) through
141 136 the web interface. The server's ``.ssh/authorized_keys`` file is automatically
142 137 maintained with an entry for each SSH key. Each entry will tell ``sshd`` to run
143 138 ``kallithea-cli`` with the ``ssh-serve`` sub-command and the right Kallithea user ID
144 139 when encountering the corresponding SSH key.
145 140
146 141 To enable SSH repository access, Kallithea must be configured with the path to
147 142 the ``.ssh/authorized_keys`` file for the Kallithea user, and the path to the
148 143 ``kallithea-cli`` command. Put something like this in the ``.ini`` file::
149 144
150 145 ssh_enabled = true
151 146 ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
152 147 kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
153 148
154 149 The SSH service must be running, and the Kallithea user account must be active
155 150 (not necessarily with password access, but public key access must be enabled),
156 151 all file permissions must be set as sshd wants it, and ``authorized_keys`` must
157 152 be writeable by the Kallithea user.
158 153
159 154 .. note:: The ``authorized_keys`` file will be rewritten from scratch on
160 155 each update. If it already exists with other data, Kallithea will not
161 156 overwrite the existing ``authorized_keys``, and the server process will
162 157 instead throw an exception. The system administrator thus cannot ssh
163 158 directly to the Kallithea user but must use su/sudo from another account.
164 159
165 160 If ``/home/kallithea/.ssh/`` (the directory of the path specified in the
166 161 ``ssh_authorized_keys`` setting of the ``.ini`` file) does not exist as a
167 162 directory, Kallithea will attempt to create it. If that path exists but is
168 163 *not* a directory, or is not readable-writable-executable by the server
169 164 process, the server process will raise an exception each time it attempts to
170 165 write the ``authorized_keys`` file.
171 166
172 167 .. note:: It is possible to configure the SSH server to look for authorized
173 168 keys in multiple files, for example reserving ``ssh/authorized_keys`` to be
174 169 used for normal SSH and with Kallithea using
175 170 ``.ssh/authorized_keys_kallithea``. In ``/etc/ssh/sshd_config`` set
176 171 ``AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys_kallithea``
177 172 and restart sshd, and in ``my.ini`` set ``ssh_authorized_keys =
178 173 /home/kallithea/.ssh/authorized_keys_kallithea``. Note that this new
179 174 location will apply to all system users, and that multiple entries for the
180 175 same SSH key will shadow each other.
181 176
182 177 .. warning:: The handling of SSH access is steered directly by the command
183 178 specified in the ``authorized_keys`` file. There is no interaction with the
184 179 web UI. Once SSH access is correctly configured and enabled, it will work
185 180 regardless of whether the Kallithea web process is actually running. Hence,
186 181 if you want to perform repository or server maintenance and want to fully
187 182 disable all access to the repositories, disable SSH access by setting
188 183 ``ssh_enabled = false`` in the correct ``.ini`` file (i.e. the ``.ini`` file
189 184 specified in the ``authorized_keys`` file.)
190 185
191 186 The ``authorized_keys`` file can be updated manually with ``kallithea-cli
192 187 ssh-update-authorized-keys -c my.ini``. This command is not needed in normal
193 188 operation but is for example useful after changing SSH-related settings in the
194 189 ``.ini`` file or renaming that file. (The path to the ``.ini`` file is used in
195 190 the generated ``authorized_keys`` file).
196 191
197 192
198 193 Setting up Whoosh full text search
199 194 ----------------------------------
200 195
201 196 Kallithea provides full text search of repositories using `Whoosh`__.
202 197
203 198 .. __: https://whoosh.readthedocs.io/en/latest/
204 199
205 200 For an incremental index build, run::
206 201
207 202 kallithea-cli index-create -c my.ini
208 203
209 204 For a full index rebuild, run::
210 205
211 206 kallithea-cli index-create -c my.ini --full
212 207
213 208 The ``--repo-location`` option allows the location of the repositories to be overridden;
214 209 usually, the location is retrieved from the Kallithea database.
215 210
216 211 The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
217 212
218 213 kallithea-cli index-create -c my.ini --index-only=vcs,kallithea
219 214
220 215 To keep your index up-to-date it is necessary to do periodic index builds;
221 216 for this, it is recommended to use a crontab entry. Example::
222 217
223 218 0 3 * * * /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini
224 219
225 220 When using incremental mode (the default), Whoosh will check the last
226 221 modification date of each file and add it to be reindexed if a newer file is
227 222 available. The indexing daemon checks for any removed files and removes them
228 223 from index.
229 224
230 225 If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
231 226 or in the admin panel you can check the "build from scratch" checkbox.
232 227
233 228
234 229 Integration with issue trackers
235 230 -------------------------------
236 231
237 232 Kallithea provides a simple integration with issue trackers. It's possible
238 233 to define a regular expression that will match an issue ID in commit messages,
239 234 and have that replaced with a URL to the issue.
240 235
241 236 This is achieved with following three variables in the ini file::
242 237
243 238 issue_pat = #(\d+)
244 239 issue_server_link = https://issues.example.com/{repo}/issue/\1
245 240 issue_sub =
246 241
247 242 ``issue_pat`` is the regular expression describing which strings in
248 243 commit messages will be treated as issue references. The expression can/should
249 244 have one or more parenthesized groups that can later be referred to in
250 245 ``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups
251 246 can be used instead of simple parenthesized groups.
252 247
253 248 If the pattern should only match if it is preceded by whitespace, add the
254 249 following string before the actual pattern: ``(?:^|(?<=\s))``.
255 250 If the pattern should only match if it is followed by whitespace, add the
256 251 following string after the actual pattern: ``(?:$|(?=\s))``.
257 252 These expressions use lookbehind and lookahead assertions of the Python regular
258 253 expression module to avoid the whitespace to be part of the actual pattern,
259 254 otherwise the link text will also contain that whitespace.
260 255
261 256 Matched issue references are replaced with the link specified in
262 257 ``issue_server_link``, in which any backreferences are resolved. Backreferences
263 258 can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.
264 259 The special token ``{repo}`` is replaced with the full repository path
265 260 (including repository groups), while token ``{repo_name}`` is replaced with the
266 261 repository name (without repository groups).
267 262
268 263 The link text is determined by ``issue_sub``, which can be a string containing
269 264 backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is
270 265 empty, then the text matched by ``issue_pat`` is used verbatim.
271 266
272 267 The example settings shown above match issues in the format ``#<number>``.
273 268 This will cause the text ``#300`` to be transformed into a link:
274 269
275 270 .. code-block:: html
276 271
277 272 <a href="https://issues.example.com/example_repo/issue/300">#300</a>
278 273
279 274 The following example transforms a text starting with either of 'pullrequest',
280 275 'pull request' or 'PR', followed by an optional space, then a pound character
281 276 (#) and one or more digits, into a link with the text 'PR #' followed by the
282 277 digits::
283 278
284 279 issue_pat = (pullrequest|pull request|PR) ?#(\d+)
285 280 issue_server_link = https://issues.example.com/\2
286 281 issue_sub = PR #\2
287 282
288 283 The following example demonstrates how to require whitespace before the issue
289 284 reference in order for it to be recognized, such that the text ``issue#123`` will
290 285 not cause a match, but ``issue #123`` will::
291 286
292 287 issue_pat = (?:^|(?<=\s))#(\d+)
293 288 issue_server_link = https://issues.example.com/\1
294 289 issue_sub =
295 290
296 291 If needed, more than one pattern can be specified by appending a unique suffix to
297 292 the variables. For example, also demonstrating the use of named groups::
298 293
299 294 issue_pat_wiki = wiki-(?P<pagename>\S+)
300 295 issue_server_link_wiki = https://wiki.example.com/\g<pagename>
301 296 issue_sub_wiki = WIKI-\g<pagename>
302 297
303 298 With these settings, wiki pages can be referenced as wiki-some-id, and every
304 299 such reference will be transformed into:
305 300
306 301 .. code-block:: html
307 302
308 303 <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
309 304
310 305 Refer to the `Python regular expression documentation`_ for more details about
311 306 the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.
312 307
313 308
314 309 Hook management
315 310 ---------------
316 311
317 312 Hooks can be managed in similar way to that used in ``.hgrc`` files.
318 313 To manage hooks, choose *Admin > Settings > Hooks*.
319 314
320 315 The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
321 316
322 317 To add another custom hook simply fill in the first textbox with
323 318 ``<name>.<hook_type>`` and the second with the hook path. Example hooks
324 319 can be found in ``kallithea.lib.hooks``.
325 320
326 321
327 322 Changing default encoding
328 323 -------------------------
329 324
330 325 By default, Kallithea uses UTF-8 encoding.
331 326 This is configurable as ``default_encoding`` in the .ini file.
332 327 This affects many parts in Kallithea including user names, filenames, and
333 328 encoding of commit messages. In addition Kallithea can detect if the ``chardet``
334 329 library is installed. If ``chardet`` is detected Kallithea will fallback to it
335 330 when there are encode/decode errors.
336 331
337 332 The Mercurial encoding is configurable as ``hgencoding``. It is similar to
338 333 setting the ``HGENCODING`` environment variable, but will override it.
339 334
340 335
341 336 Celery configuration
342 337 --------------------
343 338
344 339 Kallithea can use the distributed task queue system Celery_ to run tasks like
345 340 cloning repositories or sending emails.
346 341
347 342 Kallithea will in most setups work perfectly fine out of the box (without
348 343 Celery), executing all tasks in the web server process. Some tasks can however
349 344 take some time to run and it can be better to run such tasks asynchronously in
350 345 a separate process so the web server can focus on serving web requests.
351 346
352 347 For installation and configuration of Celery, see the `Celery documentation`_.
353 348 Note that Celery requires a message broker service like RabbitMQ_ (recommended)
354 349 or Redis_.
355 350
356 351 The use of Celery is configured in the Kallithea ini configuration file.
357 352 To enable it, simply set::
358 353
359 354 use_celery = true
360 355
361 356 and add or change the ``celery.*`` configuration variables.
362 357
363 358 Configuration settings are prefixed with 'celery.', so for example setting
364 359 `broker_url` in Celery means setting `celery.broker_url` in the configuration
365 360 file.
366 361
367 362 To start the Celery process, run::
368 363
369 364 kallithea-cli celery-run -c my.ini
370 365
371 366 Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``
372 367 for more info.
373 368
374 369 .. note::
375 370 Make sure you run this command from the same virtualenv, and with the same
376 371 user that Kallithea runs.
377 372
378 373
379 374 HTTPS support
380 375 -------------
381 376
382 377 Kallithea will by default generate URLs based on the WSGI environment.
383 378
384 379 Alternatively, you can use some special configuration settings to control
385 380 directly which scheme/protocol Kallithea will use when generating URLs:
386 381
387 382 - With ``https_fixup = true``, the scheme will be taken from the
388 383 ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
389 384 (default ``http``).
390 385 - With ``force_https = true`` the default will be ``https``.
391 386 - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
392 387
393 388 .. _nginx_virtual_host:
394 389
395 390
396 391 Nginx virtual host example
397 392 --------------------------
398 393
399 394 Sample config for Nginx using proxy:
400 395
401 396 .. code-block:: nginx
402 397
403 398 upstream kallithea {
404 399 server 127.0.0.1:5000;
405 400 # add more instances for load balancing
406 401 #server 127.0.0.1:5001;
407 402 #server 127.0.0.1:5002;
408 403 }
409 404
410 405 ## gist alias
411 406 server {
412 407 listen 443;
413 408 server_name gist.example.com;
414 409 access_log /var/log/nginx/gist.access.log;
415 410 error_log /var/log/nginx/gist.error.log;
416 411
417 412 ssl on;
418 413 ssl_certificate gist.your.kallithea.server.crt;
419 414 ssl_certificate_key gist.your.kallithea.server.key;
420 415
421 416 ssl_session_timeout 5m;
422 417
423 418 ssl_protocols SSLv3 TLSv1;
424 419 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
425 420 ssl_prefer_server_ciphers on;
426 421
427 422 rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
428 423 rewrite (.*) https://kallithea.example.com/_admin/gists;
429 424 }
430 425
431 426 server {
432 427 listen 443;
433 428 server_name kallithea.example.com
434 429 access_log /var/log/nginx/kallithea.access.log;
435 430 error_log /var/log/nginx/kallithea.error.log;
436 431
437 432 ssl on;
438 433 ssl_certificate your.kallithea.server.crt;
439 434 ssl_certificate_key your.kallithea.server.key;
440 435
441 436 ssl_session_timeout 5m;
442 437
443 438 ssl_protocols SSLv3 TLSv1;
444 439 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
445 440 ssl_prefer_server_ciphers on;
446 441
447 442 ## uncomment root directive if you want to serve static files by nginx
448 443 ## requires static_files = false in .ini file
449 444 #root /srv/kallithea/kallithea/kallithea/public;
450 445 include /etc/nginx/proxy.conf;
451 446 location / {
452 447 try_files $uri @kallithea;
453 448 }
454 449
455 450 location @kallithea {
456 451 proxy_pass http://127.0.0.1:5000;
457 452 }
458 453
459 454 }
460 455
461 456 Here's the proxy.conf. It's tuned so it will not timeout on long
462 457 pushes or large pushes::
463 458
464 459 proxy_redirect off;
465 460 proxy_set_header Host $host;
466 461 ## needed for container auth
467 462 #proxy_set_header REMOTE_USER $remote_user;
468 463 #proxy_set_header X-Forwarded-User $remote_user;
469 464 proxy_set_header X-Url-Scheme $scheme;
470 465 proxy_set_header X-Host $http_host;
471 466 proxy_set_header X-Real-IP $remote_addr;
472 467 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
473 468 proxy_set_header Proxy-host $proxy_host;
474 469 proxy_buffering off;
475 470 proxy_connect_timeout 7200;
476 471 proxy_send_timeout 7200;
477 472 proxy_read_timeout 7200;
478 473 proxy_buffers 8 32k;
479 474 client_max_body_size 1024m;
480 475 client_body_buffer_size 128k;
481 476 large_client_header_buffers 8 64k;
482 477
483 478 .. _apache_virtual_host_reverse_proxy:
484 479
485 480
486 481 Apache virtual host reverse proxy example
487 482 -----------------------------------------
488 483
489 484 Here is a sample configuration file for Apache using proxy:
490 485
491 486 .. code-block:: apache
492 487
493 488 <VirtualHost *:80>
494 489 ServerName kallithea.example.com
495 490
496 491 <Proxy *>
497 492 # For Apache 2.4 and later:
498 493 Require all granted
499 494
500 495 # For Apache 2.2 and earlier, instead use:
501 496 # Order allow,deny
502 497 # Allow from all
503 498 </Proxy>
504 499
505 500 #important !
506 501 #Directive to properly generate url (clone url) for Kallithea
507 502 ProxyPreserveHost On
508 503
509 504 #kallithea instance
510 505 ProxyPass / http://127.0.0.1:5000/
511 506 ProxyPassReverse / http://127.0.0.1:5000/
512 507
513 508 #to enable https use line below
514 509 #SetEnvIf X-Url-Scheme https HTTPS=1
515 510 </VirtualHost>
516 511
517 512 Additional tutorial
518 513 http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
519 514
520 515 .. _apache_subdirectory:
521 516
522 517
523 518 Apache as subdirectory
524 519 ----------------------
525 520
526 521 Apache subdirectory part:
527 522
528 523 .. code-block:: apache
529 524
530 525 <Location /PREFIX >
531 526 ProxyPass http://127.0.0.1:5000/PREFIX
532 527 ProxyPassReverse http://127.0.0.1:5000/PREFIX
533 528 SetEnvIf X-Url-Scheme https HTTPS=1
534 529 </Location>
535 530
536 531 Besides the regular apache setup you will need to add the following line
537 532 into ``[app:main]`` section of your .ini file::
538 533
539 534 filter-with = proxy-prefix
540 535
541 536 Add the following at the end of the .ini file::
542 537
543 538 [filter:proxy-prefix]
544 539 use = egg:PasteDeploy#prefix
545 540 prefix = /PREFIX
546 541
547 542 then change ``PREFIX`` into your chosen prefix
548 543
549 544 .. _apache_mod_wsgi:
550 545
551 546
552 547 Apache with mod_wsgi
553 548 --------------------
554 549
555 550 Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
556 551 that, you'll need to:
557 552
558 553 - Install mod_wsgi. If using a Debian-based distro, you can install
559 554 the package libapache2-mod-wsgi::
560 555
561 556 aptitude install libapache2-mod-wsgi
562 557
563 558 - Enable mod_wsgi::
564 559
565 560 a2enmod wsgi
566 561
567 562 - Add global Apache configuration to tell mod_wsgi that Python only will be
568 563 used in the WSGI processes and shouldn't be initialized in the Apache
569 564 processes::
570 565
571 566 WSGIRestrictEmbedded On
572 567
573 568 - Create a WSGI dispatch script, like the one below. Make sure you
574 569 check that the paths correctly point to where you installed Kallithea
575 570 and its Python Virtual Environment.
576 571
577 572 .. code-block:: python
578 573
579 574 import os
580 575 os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
581 576
582 577 # sometimes it's needed to set the current dir
583 578 os.chdir('/srv/kallithea/')
584 579
585 580 import site
586 581 site.addsitedir("/srv/kallithea/venv/lib/python3.7/site-packages")
587 582
588 583 ini = '/srv/kallithea/my.ini'
589 584 from logging.config import fileConfig
590 585 fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
591 586 from paste.deploy import loadapp
592 587 application = loadapp('config:' + ini)
593 588
594 589 Or using proper virtualenv activation:
595 590
596 591 .. code-block:: python
597 592
598 593 activate_this = '/srv/kallithea/venv/bin/activate_this.py'
599 594 execfile(activate_this, dict(__file__=activate_this))
600 595
601 596 import os
602 597 os.environ['HOME'] = '/srv/kallithea'
603 598
604 599 ini = '/srv/kallithea/kallithea.ini'
605 600 from logging.config import fileConfig
606 601 fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
607 602 from paste.deploy import loadapp
608 603 application = loadapp('config:' + ini)
609 604
610 605 - Add the necessary ``WSGI*`` directives to the Apache Virtual Host configuration
611 606 file, like in the example below. Notice that the WSGI dispatch script created
612 607 above is referred to with the ``WSGIScriptAlias`` directive.
613 608 The default locale settings Apache provides for web services are often not
614 609 adequate, with `C` as the default language and `ASCII` as the encoding.
615 610 Instead, use the ``lang`` parameter of ``WSGIDaemonProcess`` to specify a
616 611 suitable locale. See also the :ref:`overview` section and the
617 612 `WSGIDaemonProcess documentation`_.
618 613
619 614 Apache will by default run as a special Apache user, on Linux systems
620 615 usually ``www-data`` or ``apache``. If you need to have the repositories
621 616 directory owned by a different user, use the user and group options to
622 617 WSGIDaemonProcess to set the name of the user and group.
623 618
624 619 Once again, check that all paths are correctly specified.
625 620
626 621 .. code-block:: apache
627 622
628 623 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
629 624 python-home=/srv/kallithea/venv lang=C.UTF-8
630 625 WSGIProcessGroup kallithea
631 626 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
632 627 WSGIPassAuthorization On
633 628
634 629 Or if using a dispatcher WSGI script with proper virtualenv activation:
635 630
636 631 .. code-block:: apache
637 632
638 633 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 lang=en_US.utf8
639 634 WSGIProcessGroup kallithea
640 635 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
641 636 WSGIPassAuthorization On
642 637
643 638
644 639 Other configuration files
645 640 -------------------------
646 641
647 642 A number of `example init.d scripts`__ can be found in
648 643 the ``init.d`` directory of the Kallithea source.
649 644
650 645 .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
651 646
652 647
653 648 .. _python: http://www.python.org/
654 649 .. _Python regular expression documentation: https://docs.python.org/2/library/re.html
655 650 .. _Mercurial: https://www.mercurial-scm.org/
656 651 .. _Celery: http://celeryproject.org/
657 652 .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
658 653 .. _RabbitMQ: http://www.rabbitmq.com/
659 654 .. _Redis: http://redis.io/
660 655 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
661 656 .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories
662 657 .. _WSGIDaemonProcess documentation: https://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIDaemonProcess.html
General Comments 0
You need to be logged in to leave comments. Login now