##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

small docs updates
marcink -
r1309:61a6a7bf beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,320 +1,321 b''
1 1 .. _changelog:
2 2
3 3 Changelog
4 4 =========
5 5
6 6 1.2.0 (**2011-XX-XX**)
7 7 ======================
8 8
9 9 :status: in-progress
10 10 :branch: beta
11 11
12 12 news
13 13 ----
14 14
15 15 - implemented #89 Can setup google analytics code from settings menu
16 16 - implemented #91 added nicer looking archive urls with more download options
17 17 like tags, branches
18 18 - implemented #44 into file browsing, and added follow branch option
19 19 - implemented #84 downloads can be enabled/disabled for each repository
20 20 - anonymous repository can be cloned without having to pass default:default
21 21 into clone url
22 22 - fixed #90 whoosh indexer can index chooses repositories passed in command
23 23 line
24 24 - extended journal with day aggregates and paging
25 25 - implemented #107 source code lines highlight ranges
26 26 - implemented #93 customizable changelog on combined revision ranges -
27 27 equivalent of githubs compare view
28 28 - implemented #108 extended and more powerful LDAP configuration
29 29 - implemented #56 users groups
30 30 - major code rewrites optimized codes for speed and memory usage
31 31 - raw and diff downloads are now in git format
32 32 - setup command checks for write access to given path
33 33 - fixed many issues with international characters and unicode. It uses utf8
34 34 decode with replace to provide less errors even with non utf8 encoded strings
35 35 - #125 added API KEY access to feeds
36 36 - #109 Repository can be created from external Mercurial link (aka. remote
37 37 repository, and manually updated (via pull) from admin panel
38 38 - beta git support - push/pull server + basic view for git repos
39 39 - added followers page and forks page
40 - server side file repository files edition with commits
40 41
41 42 fixes
42 43 -----
43 44
44 45 - fixed file browser bug, when switching into given form revision the url was
45 46 not changing
46 47 - fixed propagation to error controller on simplehg and simplegit middlewares
47 48 - fixed error when trying to make a download on empty repository
48 49 - fixed problem with '[' chars in commit messages in journal
49 50 - fixed #99 Unicode errors, on file node paths with non utf-8 characters
50 51 - journal fork fixes
51 52 - removed issue with space inside renamed repository after deletion
52 53 - fixed strange issue on formencode imports
53 54 - fixed #126 Deleting repository on Windows, rename used incompatible chars.
54 55 - #150 fixes for errors on repositories mapped in db but corrupted in
55 56 filesystem
56 57 - fixed problem with ascendant characters in realm #181
57 58 - fixed problem with sqlite file based database connection pool
58 59 - whoosh indexer and code stats share the same dynamic extensions map
59 60
60 61 1.1.8 (**2011-04-12**)
61 62 ======================
62 63
63 64 news
64 65 ----
65 66
66 67 - improved windows support
67 68
68 69 fixes
69 70 -----
70 71
71 72 - fixed #140 freeze of python dateutil library, since new version is python2.x
72 73 incompatible
73 74 - setup-app will check for write permission in given path
74 75 - cleaned up license info issue #149
75 76 - fixes for issues #137,#116 and problems with unicode and accented characters.
76 77 - fixes crashes on gravatar, when passed in email as unicode
77 78 - fixed tooltip flickering problems
78 79 - fixed came_from redirection on windows
79 80 - fixed logging modules, and sql formatters
80 81 - windows fixes for os.kill issue #133
81 82 - fixes path splitting for windows issues #148
82 83 - fixed issue #143 wrong import on migration to 1.1.X
83 84 - fixed problems with displaying binary files, thanks to Thomas Waldmann
84 85 - removed name from archive files since it's breaking ui for long repo names
85 86 - fixed issue with archive headers sent to browser, thanks to Thomas Waldmann
86 87 - fixed compatibility for 1024px displays, and larger dpi settings, thanks to
87 88 Thomas Waldmann
88 89 - fixed issue #166 summary pager was skipping 10 revisions on second page
89 90
90 91
91 92 1.1.7 (**2011-03-23**)
92 93 ======================
93 94
94 95 news
95 96 ----
96 97
97 98 fixes
98 99 -----
99 100
100 101 - fixed (again) #136 installation support for FreeBSD
101 102
102 103
103 104 1.1.6 (**2011-03-21**)
104 105 ======================
105 106
106 107 news
107 108 ----
108 109
109 110 fixes
110 111 -----
111 112
112 113 - fixed #136 installation support for FreeBSD
113 114 - RhodeCode will check for python version during installation
114 115
115 116 1.1.5 (**2011-03-17**)
116 117 ======================
117 118
118 119 news
119 120 ----
120 121
121 122 - basic windows support, by exchanging pybcrypt into sha256 for windows only
122 123 highly inspired by idea of mantis406
123 124
124 125 fixes
125 126 -----
126 127
127 128 - fixed sorting by author in main page
128 129 - fixed crashes with diffs on binary files
129 130 - fixed #131 problem with boolean values for LDAP
130 131 - fixed #122 mysql problems thanks to striker69
131 132 - fixed problem with errors on calling raw/raw_files/annotate functions
132 133 with unknown revisions
133 134 - fixed returned rawfiles attachment names with international character
134 135 - cleaned out docs, big thanks to Jason Harris
135 136
136 137 1.1.4 (**2011-02-19**)
137 138 ======================
138 139
139 140 news
140 141 ----
141 142
142 143 fixes
143 144 -----
144 145
145 146 - fixed formencode import problem on settings page, that caused server crash
146 147 when that page was accessed as first after server start
147 148 - journal fixes
148 149 - fixed option to access repository just by entering http://server/<repo_name>
149 150
150 151 1.1.3 (**2011-02-16**)
151 152 ======================
152 153
153 154 news
154 155 ----
155 156
156 157 - implemented #102 allowing the '.' character in username
157 158 - added option to access repository just by entering http://server/<repo_name>
158 159 - celery task ignores result for better performance
159 160
160 161 fixes
161 162 -----
162 163
163 164 - fixed ehlo command and non auth mail servers on smtp_lib. Thanks to
164 165 apollo13 and Johan Walles
165 166 - small fixes in journal
166 167 - fixed problems with getting setting for celery from .ini files
167 168 - registration, password reset and login boxes share the same title as main
168 169 application now
169 170 - fixed #113: to high permissions to fork repository
170 171 - fixed problem with '[' chars in commit messages in journal
171 172 - removed issue with space inside renamed repository after deletion
172 173 - db transaction fixes when filesystem repository creation failed
173 174 - fixed #106 relation issues on databases different than sqlite
174 175 - fixed static files paths links to use of url() method
175 176
176 177 1.1.2 (**2011-01-12**)
177 178 ======================
178 179
179 180 news
180 181 ----
181 182
182 183
183 184 fixes
184 185 -----
185 186
186 187 - fixes #98 protection against float division of percentage stats
187 188 - fixed graph bug
188 189 - forced webhelpers version since it was making troubles during installation
189 190
190 191 1.1.1 (**2011-01-06**)
191 192 ======================
192 193
193 194 news
194 195 ----
195 196
196 197 - added force https option into ini files for easier https usage (no need to
197 198 set server headers with this options)
198 199 - small css updates
199 200
200 201 fixes
201 202 -----
202 203
203 204 - fixed #96 redirect loop on files view on repositories without changesets
204 205 - fixed #97 unicode string passed into server header in special cases (mod_wsgi)
205 206 and server crashed with errors
206 207 - fixed large tooltips problems on main page
207 208 - fixed #92 whoosh indexer is more error proof
208 209
209 210 1.1.0 (**2010-12-18**)
210 211 ======================
211 212
212 213 news
213 214 ----
214 215
215 216 - rewrite of internals for vcs >=0.1.10
216 217 - uses mercurial 1.7 with dotencode disabled for maintaining compatibility
217 218 with older clients
218 219 - anonymous access, authentication via ldap
219 220 - performance upgrade for cached repos list - each repository has it's own
220 221 cache that's invalidated when needed.
221 222 - performance upgrades on repositories with large amount of commits (20K+)
222 223 - main page quick filter for filtering repositories
223 224 - user dashboards with ability to follow chosen repositories actions
224 225 - sends email to admin on new user registration
225 226 - added cache/statistics reset options into repository settings
226 227 - more detailed action logger (based on hooks) with pushed changesets lists
227 228 and options to disable those hooks from admin panel
228 229 - introduced new enhanced changelog for merges that shows more accurate results
229 230 - new improved and faster code stats (based on pygments lexers mapping tables,
230 231 showing up to 10 trending sources for each repository. Additionally stats
231 232 can be disabled in repository settings.
232 233 - gui optimizations, fixed application width to 1024px
233 234 - added cut off (for large files/changesets) limit into config files
234 235 - whoosh, celeryd, upgrade moved to paster command
235 236 - other than sqlite database backends can be used
236 237
237 238 fixes
238 239 -----
239 240
240 241 - fixes #61 forked repo was showing only after cache expired
241 242 - fixes #76 no confirmation on user deletes
242 243 - fixes #66 Name field misspelled
243 244 - fixes #72 block user removal when he owns repositories
244 245 - fixes #69 added password confirmation fields
245 246 - fixes #87 RhodeCode crashes occasionally on updating repository owner
246 247 - fixes #82 broken annotations on files with more than 1 blank line at the end
247 248 - a lot of fixes and tweaks for file browser
248 249 - fixed detached session issues
249 250 - fixed when user had no repos he would see all repos listed in my account
250 251 - fixed ui() instance bug when global hgrc settings was loaded for server
251 252 instance and all hgrc options were merged with our db ui() object
252 253 - numerous small bugfixes
253 254
254 255 (special thanks for TkSoh for detailed feedback)
255 256
256 257
257 258 1.0.2 (**2010-11-12**)
258 259 ======================
259 260
260 261 news
261 262 ----
262 263
263 264 - tested under python2.7
264 265 - bumped sqlalchemy and celery versions
265 266
266 267 fixes
267 268 -----
268 269
269 270 - fixed #59 missing graph.js
270 271 - fixed repo_size crash when repository had broken symlinks
271 272 - fixed python2.5 crashes.
272 273
273 274
274 275 1.0.1 (**2010-11-10**)
275 276 ======================
276 277
277 278 news
278 279 ----
279 280
280 281 - small css updated
281 282
282 283 fixes
283 284 -----
284 285
285 286 - fixed #53 python2.5 incompatible enumerate calls
286 287 - fixed #52 disable mercurial extension for web
287 288 - fixed #51 deleting repositories don't delete it's dependent objects
288 289
289 290
290 291 1.0.0 (**2010-11-02**)
291 292 ======================
292 293
293 294 - security bugfix simplehg wasn't checking for permissions on commands
294 295 other than pull or push.
295 296 - fixed doubled messages after push or pull in admin journal
296 297 - templating and css corrections, fixed repo switcher on chrome, updated titles
297 298 - admin menu accessible from options menu on repository view
298 299 - permissions cached queries
299 300
300 301 1.0.0rc4 (**2010-10-12**)
301 302 ==========================
302 303
303 304 - fixed python2.5 missing simplejson imports (thanks to Jens BΓ€ckman)
304 305 - removed cache_manager settings from sqlalchemy meta
305 306 - added sqlalchemy cache settings to ini files
306 307 - validated password length and added second try of failure on paster setup-app
307 308 - fixed setup database destroy prompt even when there was no db
308 309
309 310
310 311 1.0.0rc3 (**2010-10-11**)
311 312 =========================
312 313
313 314 - fixed i18n during installation.
314 315
315 316 1.0.0rc2 (**2010-10-11**)
316 317 =========================
317 318
318 319 - Disabled dirsize in file browser, it's causing nasty bug when dir renames
319 320 occure. After vcs is fixed it'll be put back again.
320 321 - templating/css rewrites, optimized css. No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,106 +1,121 b''
1 1 .. _installation:
2 2
3 3 Installation
4 4 ============
5 5
6 ``RhodeCode`` is written entirely in Python. In order to gain maximum performance
7 there are some third-party you must install. When RhodeCode is used
8 together with celery you have to install some kind of message broker,
9 recommended one is rabbitmq_ to make the async tasks work.
6 ``RhodeCode`` is written entirely in Python. Before posting any issues make
7 sure, your not missing any system libraries and using right version of
8 libraries required by RhodeCode.
10 9
11 Of course RhodeCode works in sync mode also and then you do not have to install
12 any third party applications. However, using Celery_ will give you a large
13 speed improvement when using many big repositories. If you plan to use
14 RhodeCode for say 7 to 10 small repositories, RhodeCode will perform perfectly
15 well without celery running.
16
17 If you make the decision to run RhodeCode with celery make sure you run
18 celeryd using paster and message broker together with the application.
19 10
20 11 Installing RhodeCode from Cheese Shop
21 12 -------------------------------------
22 13
23 14 Rhodecode requires python version 2.5 or higher.
24 15
25 16 The easiest way to install ``rhodecode`` is to run::
26 17
27 18 easy_install rhodecode
28 19
29 20 Or::
30 21
31 22 pip install rhodecode
32 23
33 24 If you prefer to install RhodeCode manually simply grab latest release from
34 25 http://pypi.python.org/pypi/rhodecode, decompress the archive and run::
35 26
36 27 python setup.py install
37 28
38 29
39 30 Step by step installation example
40 31 ---------------------------------
41 32
42 33
43 - Assuming you have installed virtualenv_ create a new virtual environment using virtualenv::
34 For installing RhodeCode i highly recommend using separate virtualenv_. This
35 way many required by RhodeCode libraries will remain sandboxed from your main
36 python and making things less problematic when doing system python updates.
37
38 - Assuming you have installed virtualenv_ create a new virtual environment
39 using virtualenv command::
44 40
45 41 virtualenv --no-site-packages /var/www/rhodecode-venv
46 42
47 43
48 44 .. note:: Using ``--no-site-packages`` when generating your
49 45 virtualenv is **very important**. This flag provides the necessary
50 46 isolation for running the set of packages required by
51 47 RhodeCode. If you do not specify ``--no-site-packages``,
52 48 it's possible that RhodeCode will not install properly into
53 49 the virtualenv, or, even if it does, may not run properly,
54 50 depending on the packages you've already got installed into your
55 51 Python's "main" site-packages dir.
56 52
57 53
58 54 - this will install new virtualenv_ into `/var/www/rhodecode-venv`.
59 55 - Activate the virtualenv_ by running::
60 56
61 57 source /var/www/rhodecode-venv/bin/activate
62 58
63 59 .. note:: If you're using UNIX, *do not* use ``sudo`` to run the
64 60 ``virtualenv`` script. It's perfectly acceptable (and desirable)
65 61 to create a virtualenv as a normal user.
66 62
67 - Make a folder for rhodecode somewhere on the filesystem for example::
63 - Make a folder for rhodecode data files, and configuration somewhere on the
64 filesystem. For example::
68 65
69 66 mkdir /var/www/rhodecode
70 67
71 68
72 - Run this command to install rhodecode::
69 - Go into the created directory run this command to install rhodecode::
73 70
74 71 easy_install rhodecode
75 72
76 - This will install rhodecode together with pylons and all other required python
77 libraries
73 or::
74
75 pip install rhodecode
76
77 - This will install rhodecode together with pylons and all other required
78 python libraries into activated virtualenv
78 79
79 80 Requirements for Celery (optional)
80 81 ----------------------------------
81 82
83 In order to gain maximum performance
84 there are some third-party you must install. When RhodeCode is used
85 together with celery you have to install some kind of message broker,
86 recommended one is rabbitmq_ to make the async tasks work.
87
88 Of course RhodeCode works in sync mode also and then you do not have to install
89 any third party applications. However, using Celery_ will give you a large
90 speed improvement when using many big repositories. If you plan to use
91 RhodeCode for say 7 to 10 repositories, RhodeCode will perform perfectly well
92 without celery running.
93
94 If you make the decision to run RhodeCode with celery make sure you run
95 celeryd using paster and message broker together with the application.
96
82 97 .. note::
83 98 Installing message broker and using celery is optional, RhodeCode will
84 99 work perfectly fine without them.
85 100
86 101
87 102 **Message Broker**
88 103
89 104 - preferred is `RabbitMq <http://www.rabbitmq.com/>`_
90 105 - A possible alternative is `Redis <http://code.google.com/p/redis/>`_
91 106
92 107 For installation instructions you can visit:
93 108 http://ask.github.com/celery/getting-started/index.html.
94 109 This is a very nice tutorial on how to start using celery_ with rabbitmq_
95 110
96 111
97 112 You can now proceed to :ref:`setup`
98 113 -----------------------------------
99 114
100 115
101 116
102 117 .. _virtualenv: http://pypi.python.org/pypi/virtualenv
103 118 .. _python: http://www.python.org/
104 119 .. _mercurial: http://mercurial.selenic.com/
105 120 .. _celery: http://celeryproject.org/
106 121 .. _rabbitmq: http://www.rabbitmq.com/ No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,540 +1,543 b''
1 1 .. _setup:
2 2
3 3 Setup
4 4 =====
5 5
6 6
7 7 Setting up RhodeCode
8 8 --------------------------
9 9
10 First, you will need to create a RhodeCode configuration file. Run the following
11 command to do this::
10 First, you will need to create a RhodeCode configuration file. Run the
11 following command to do this::
12 12
13 13 paster make-config RhodeCode production.ini
14 14
15 15 - This will create the file `production.ini` in the current directory. This
16 configuration file contains the various settings for RhodeCode, e.g proxy port,
17 email settings, usage of static files, cache, celery settings and logging.
16 configuration file contains the various settings for RhodeCode, e.g proxy
17 port, email settings, usage of static files, cache, celery settings and
18 logging.
18 19
19 20
20 21 Next, you need to create the databases used by RhodeCode. I recommend that you
21 22 use sqlite (default) or postgresql. If you choose a database other than the
22 23 default ensure you properly adjust the db url in your production.ini
23 24 configuration file to use this other database. Create the databases by running
24 25 the following command::
25 26
26 27 paster setup-app production.ini
27 28
28 29 This will prompt you for a "root" path. This "root" path is the location where
29 30 RhodeCode will store all of its repositories on the current machine. After
30 entering this "root" path ``setup-app`` will also prompt you for a username and password
31 for the initial admin account which ``setup-app`` sets up for you.
31 entering this "root" path ``setup-app`` will also prompt you for a username
32 and password for the initial admin account which ``setup-app`` sets up for you.
32 33
33 34 - The ``setup-app`` command will create all of the needed tables and an admin
34 account. When choosing a root path you can either use a new empty location, or a
35 location which already contains existing repositories. If you choose a location
36 which contains existing repositories RhodeCode will simply add all of the
37 repositories at the chosen location to it's database. (Note: make sure you
38 specify the correct path to the root).
35 account. When choosing a root path you can either use a new empty location,
36 or a location which already contains existing repositories. If you choose a
37 location which contains existing repositories RhodeCode will simply add all
38 of the repositories at the chosen location to it's database. (Note: make
39 sure you specify the correct path to the root).
39 40 - Note: the given path for mercurial_ repositories **must** be write accessible
40 for the application. It's very important since the RhodeCode web interface will
41 work without write access, but when trying to do a push it will eventually fail
42 with permission denied errors unless it has write access.
41 for the application. It's very important since the RhodeCode web interface
42 will work without write access, but when trying to do a push it will
43 eventually fail with permission denied errors unless it has write access.
43 44
44 45 You are now ready to use RhodeCode, to run it simply execute::
45 46
46 47 paster serve production.ini
47 48
48 49 - This command runs the RhodeCode server. The web app should be available at the
49 50 127.0.0.1:5000. This ip and port is configurable via the production.ini
50 51 file created in previous step
51 - Use the admin account you created above when running ``setup-app`` to login to the web app.
52 - Use the admin account you created above when running ``setup-app`` to login
53 to the web app.
52 54 - The default permissions on each repository is read, and the owner is admin.
53 55 Remember to update these if needed.
54 56 - In the admin panel you can toggle ldap, anonymous, permissions settings. As
55 57 well as edit more advanced options on users and repositories
56 58
57 59 Try copying your own mercurial repository into the "root" directory you are
58 60 using, then from within the RhodeCode web application choose Admin >
59 repositories. Then choose Add New Repository. Add the repository you copied into
60 the root. Test that you can browse your repository from within RhodeCode and then
61 try cloning your repository from RhodeCode with::
61 repositories. Then choose Add New Repository. Add the repository you copied
62 into the root. Test that you can browse your repository from within RhodeCode
63 and then try cloning your repository from RhodeCode with::
62 64
63 65 hg clone http://127.0.0.1:5000/<repository name>
64 66
65 67 where *repository name* is replaced by the name of your repository.
66 68
67 69 Using RhodeCode with SSH
68 70 ------------------------
69 71
70 RhodeCode currently only hosts repositories using http and https. (The addition of
71 ssh hosting is a planned future feature.) However you can easily use ssh in
72 RhodeCode currently only hosts repositories using http and https. (The addition
73 of ssh hosting is a planned future feature.) However you can easily use ssh in
72 74 parallel with RhodeCode. (Repository access via ssh is a standard "out of
73 75 the box" feature of mercurial_ and you can use this to access any of the
74 76 repositories that RhodeCode is hosting. See PublishingRepositories_)
75 77
76 78 RhodeCode repository structures are kept in directories with the same name
77 79 as the project. When using repository groups, each group is a subdirectory.
78 80 This allows you to easily use ssh for accessing repositories.
79 81
80 In order to use ssh you need to make sure that your web-server and the users login
81 accounts have the correct permissions set on the appropriate directories. (Note
82 that these permissions are independent of any permissions you have set up using
83 the RhodeCode web interface.)
82 In order to use ssh you need to make sure that your web-server and the users
83 login accounts have the correct permissions set on the appropriate directories.
84 (Note that these permissions are independent of any permissions you have set up
85 using the RhodeCode web interface.)
84 86
85 87 If your main directory (the same as set in RhodeCode settings) is for example
86 88 set to **/home/hg** and the repository you are using is named `rhodecode`, then
87 89 to clone via ssh you should run::
88 90
89 91 hg clone ssh://user@server.com/home/hg/rhodecode
90 92
91 93 Using other external tools such as mercurial-server_ or using ssh key based
92 94 authentication is fully supported.
93 95
94 96 Note: In an advanced setup, in order for your ssh access to use the same
95 97 permissions as set up via the RhodeCode web interface, you can create an
96 98 authentication hook to connect to the rhodecode db and runs check functions for
97 99 permissions against that.
98 100
99 101 Setting up Whoosh full text search
100 102 ----------------------------------
101 103
102 104 Starting from version 1.1 the whoosh index can be build by using the paster
103 105 command ``make-index``. To use ``make-index`` you must specify the configuration
104 106 file that stores the location of the index, and the location of the repositories
105 107 (`--repo-location`).Starting from version 1.2 it is
106 108 also possible to specify a comma separated list of repositories (`--index-only`)
107 109 to build index only on chooses repositories skipping any other found in repos
108 110 location
109 111
110 112 You may optionally pass the option `-f` to enable a full index rebuild. Without
111 113 the `-f` option, indexing will run always in "incremental" mode.
112 114
113 115 For an incremental index build use::
114 116
115 117 paster make-index production.ini --repo-location=<location for repos>
116 118
117 119 For a full index rebuild use::
118 120
119 121 paster make-index production.ini -f --repo-location=<location for repos>
120 122
121 123
122 124 building index just for chosen repositories is possible with such command::
123 125
124 126 paster make-index production.ini --repo-location=<location for repos> --index-only=vcs,rhodecode
125 127
126 128
127 129 In order to do periodical index builds and keep your index always up to date.
128 130 It's recommended to do a crontab entry for incremental indexing.
129 131 An example entry might look like this::
130 132
131 133 /path/to/python/bin/paster /path/to/rhodecode/production.ini --repo-location=<location for repos>
132 134
133 135 When using incremental mode (the default) whoosh will check the last
134 136 modification date of each file and add it to be reindexed if a newer file is
135 137 available. The indexing daemon checks for any removed files and removes them
136 138 from index.
137 139
138 140 If you want to rebuild index from scratch, you can use the `-f` flag as above,
139 141 or in the admin panel you can check `build from scratch` flag.
140 142
141 143
142 144 Setting up LDAP support
143 145 -----------------------
144 146
145 147 RhodeCode starting from version 1.1 supports ldap authentication. In order
146 148 to use LDAP, you have to install the python-ldap_ package. This package is
147 149 available via pypi, so you can install it by running
148 150
149 151 using easy_install::
150 152
151 153 easy_install python-ldap
152 154
153 155 using pip::
154 156
155 157 pip install python-ldap
156 158
157 159 .. note::
158 160 python-ldap requires some certain libs on your system, so before installing
159 161 it check that you have at least `openldap`, and `sasl` libraries.
160 162
161 163 LDAP settings are located in admin->ldap section,
162 164
163 165 Here's a typical ldap setup::
164 166
165 167 Connection settings
166 168 Enable LDAP = checked
167 169 Host = host.example.org
168 170 Port = 389
169 171 Account = <account>
170 172 Password = <password>
171 173 Connection Security = LDAPS connection
172 174 Certificate Checks = DEMAND
173 175
174 176 Search settings
175 177 Base DN = CN=users,DC=host,DC=example,DC=org
176 178 LDAP Filter = (&(objectClass=user)(!(objectClass=computer)))
177 179 LDAP Search Scope = SUBTREE
178 180
179 181 Attribute mappings
180 182 Login Attribute = uid
181 183 First Name Attribute = firstName
182 184 Last Name Attribute = lastName
183 185 E-mail Attribute = mail
184 186
185 187 .. _enable_ldap:
186 188
187 189 Enable LDAP : required
188 190 Whether to use LDAP for authenticating users.
189 191
190 192 .. _ldap_host:
191 193
192 194 Host : required
193 195 LDAP server hostname or IP address.
194 196
195 197 .. _Port:
196 198
197 199 Port : required
198 200 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP.
199 201
200 202 .. _ldap_account:
201 203
202 204 Account : optional
203 205 Only required if the LDAP server does not allow anonymous browsing of
204 206 records. This should be a special account for record browsing. This
205 207 will require `LDAP Password`_ below.
206 208
207 209 .. _LDAP Password:
208 210
209 211 Password : optional
210 212 Only required if the LDAP server does not allow anonymous browsing of
211 213 records.
212 214
213 215 .. _Enable LDAPS:
214 216
215 217 Connection Security : required
216 218 Defines the connection to LDAP server
217 219
218 220 No encryption
219 221 Plain non encrypted connection
220 222
221 223 LDAPS connection
222 224 Enable ldaps connection. It will likely require `Port`_ to be set to
223 225 a different value (standard LDAPS port is 636). When LDAPS is enabled
224 226 then `Certificate Checks`_ is required.
225 227
226 228 START_TLS on LDAP connection
227 229 START TLS connection
228 230
229 231 .. _Certificate Checks:
230 232
231 233 Certificate Checks : optional
232 234 How SSL certificates verification is handled - this is only useful when
233 `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security while
234 the other options are susceptible to man-in-the-middle attacks. SSL
235 `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security
236 while the other options are susceptible to man-in-the-middle attacks. SSL
235 237 certificates can be installed to /etc/openldap/cacerts so that the
236 238 DEMAND or HARD options can be used with self-signed certificates or
237 239 certificates that do not have traceable certificates of authority.
238 240
239 241 NEVER
240 242 A serve certificate will never be requested or checked.
241 243
242 244 ALLOW
243 245 A server certificate is requested. Failure to provide a
244 246 certificate or providing a bad certificate will not terminate the
245 247 session.
246 248
247 249 TRY
248 250 A server certificate is requested. Failure to provide a
249 251 certificate does not halt the session; providing a bad certificate
250 252 halts the session.
251 253
252 254 DEMAND
253 255 A server certificate is requested and must be provided and
254 256 authenticated for the session to proceed.
255 257
256 258 HARD
257 259 The same as DEMAND.
258 260
259 261 .. _Base DN:
260 262
261 263 Base DN : required
262 264 The Distinguished Name (DN) where searches for users will be performed.
263 265 Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_.
264 266
265 267 .. _LDAP Filter:
266 268
267 269 LDAP Filter : optional
268 270 A LDAP filter defined by RFC 2254. This is more useful when `LDAP
269 271 Search Scope`_ is set to SUBTREE. The filter is useful for limiting
270 272 which LDAP objects are identified as representing Users for
271 273 authentication. The filter is augmented by `Login Attribute`_ below.
272 274 This can commonly be left blank.
273 275
274 276 .. _LDAP Search Scope:
275 277
276 278 LDAP Search Scope : required
277 279 This limits how far LDAP will search for a matching object.
278 280
279 281 BASE
280 282 Only allows searching of `Base DN`_ and is usually not what you
281 283 want.
282 284
283 285 ONELEVEL
284 286 Searches all entries under `Base DN`_, but not Base DN itself.
285 287
286 288 SUBTREE
287 289 Searches all entries below `Base DN`_, but not Base DN itself.
288 290 When using SUBTREE `LDAP Filter`_ is useful to limit object
289 291 location.
290 292
291 293 .. _Login Attribute:
292 294
293 295 Login Attribute : required
294 296 The LDAP record attribute that will be matched as the USERNAME or
295 297 ACCOUNT used to connect to RhodeCode. This will be added to `LDAP
296 298 Filter`_ for locating the User object. If `LDAP Filter`_ is specified as
297 299 "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has
298 300 connected as "jsmith" then the `LDAP Filter`_ will be augmented as below
299 301 ::
300 302
301 303 (&(LDAPFILTER)(uid=jsmith))
302 304
303 305 .. _ldap_attr_firstname:
304 306
305 307 First Name Attribute : required
306 308 The LDAP record attribute which represents the user's first name.
307 309
308 310 .. _ldap_attr_lastname:
309 311
310 312 Last Name Attribute : required
311 313 The LDAP record attribute which represents the user's last name.
312 314
313 315 .. _ldap_attr_email:
314 316
315 317 Email Attribute : required
316 318 The LDAP record attribute which represents the user's email address.
317 319
318 320 If all data are entered correctly, and python-ldap_ is properly installed
319 321 users should be granted access to RhodeCode with ldap accounts. At this
320 322 time user information is copied from LDAP into the RhodeCode user database.
321 323 This means that updates of an LDAP user object may not be reflected as a
322 324 user update in RhodeCode.
323 325
324 326 If You have problems with LDAP access and believe You entered correct
325 327 information check out the RhodeCode logs, any error messages sent from LDAP
326 328 will be saved there.
327 329
328 330 Active Directory
329 331 ''''''''''''''''
330 332
331 333 RhodeCode can use Microsoft Active Directory for user authentication. This
332 334 is done through an LDAP or LDAPS connection to Active Directory. The
333 335 following LDAP configuration settings are typical for using Active
334 336 Directory ::
335 337
336 338 Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local
337 339 Login Attribute = sAMAccountName
338 340 First Name Attribute = givenName
339 341 Last Name Attribute = sn
340 342 E-mail Attribute = mail
341 343
342 344 All other LDAP settings will likely be site-specific and should be
343 345 appropriately configured.
344 346
345 347 Setting Up Celery
346 348 -----------------
347 349
348 350 Since version 1.1 celery is configured by the rhodecode ini configuration files.
349 351 Simply set use_celery=true in the ini file then add / change the configuration
350 352 variables inside the ini file.
351 353
352 354 Remember that the ini files use the format with '.' not with '_' like celery.
353 355 So for example setting `BROKER_HOST` in celery means setting `broker.host` in
354 356 the config file.
355 357
356 358 In order to start using celery run::
357 359
358 360 paster celeryd <configfile.ini>
359 361
360 362
361 363 .. note::
362 Make sure you run this command from the same virtualenv, and with the same user
363 that rhodecode runs.
364 Make sure you run this command from the same virtualenv, and with the same
365 user that rhodecode runs.
364 366
365 367 HTTPS support
366 368 -------------
367 369
368 370 There are two ways to enable https:
369 371
370 372 - Set HTTP_X_URL_SCHEME in your http server headers, than rhodecode will
371 373 recognize this headers and make proper https redirections
372 - Alternatively, set `force_https = true` in the ini configuration to force using
373 https, no headers are needed than to enable https
374 - Alternatively, set `force_https = true` in the ini configuration to force
375 using https, no headers are needed than to enable https
374 376
375 377
376 378 Nginx virtual host example
377 379 --------------------------
378 380
379 381 Sample config for nginx using proxy::
380 382
381 383 server {
382 384 listen 80;
383 385 server_name hg.myserver.com;
384 386 access_log /var/log/nginx/rhodecode.access.log;
385 387 error_log /var/log/nginx/rhodecode.error.log;
386 388 location / {
387 389 root /var/www/rhodecode/rhodecode/public/;
388 390 if (!-f $request_filename){
389 391 proxy_pass http://127.0.0.1:5000;
390 392 }
391 393 #this is important if you want to use https !!!
392 394 proxy_set_header X-Url-Scheme $scheme;
393 395 include /etc/nginx/proxy.conf;
394 396 }
395 397 }
396 398
397 399 Here's the proxy.conf. It's tuned so it will not timeout on long
398 400 pushes or large pushes::
399 401
400 402 proxy_redirect off;
401 403 proxy_set_header Host $host;
402 404 proxy_set_header X-Host $http_host;
403 405 proxy_set_header X-Real-IP $remote_addr;
404 406 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
405 407 proxy_set_header Proxy-host $proxy_host;
406 408 client_max_body_size 400m;
407 409 client_body_buffer_size 128k;
408 410 proxy_buffering off;
409 411 proxy_connect_timeout 3600;
410 412 proxy_send_timeout 3600;
411 413 proxy_read_timeout 3600;
412 414 proxy_buffer_size 16k;
413 415 proxy_buffers 4 16k;
414 416 proxy_busy_buffers_size 64k;
415 417 proxy_temp_file_write_size 64k;
416 418
417 419 Also, when using root path with nginx you might set the static files to false
418 420 in the production.ini file::
419 421
420 422 [app:main]
421 423 use = egg:rhodecode
422 424 full_stack = true
423 425 static_files = false
424 426 lang=en
425 427 cache_dir = %(here)s/data
426 428
427 429 In order to not have the statics served by the application. This improves speed.
428 430
429 431
430 432 Apache virtual host example
431 433 ---------------------------
432 434
433 435 Here is a sample configuration file for apache using proxy::
434 436
435 437 <VirtualHost *:80>
436 438 ServerName hg.myserver.com
437 439 ServerAlias hg.myserver.com
438 440
439 441 <Proxy *>
440 442 Order allow,deny
441 443 Allow from all
442 444 </Proxy>
443 445
444 446 #important !
445 447 #Directive to properly generate url (clone url) for pylons
446 448 ProxyPreserveHost On
447 449
448 450 #rhodecode instance
449 451 ProxyPass / http://127.0.0.1:5000/
450 452 ProxyPassReverse / http://127.0.0.1:5000/
451 453
452 454 #to enable https use line below
453 455 #SetEnvIf X-Url-Scheme https HTTPS=1
454 456
455 457 </VirtualHost>
456 458
457 459
458 460 Additional tutorial
459 461 http://wiki.pylonshq.com/display/pylonscookbook/Apache+as+a+reverse+proxy+for+Pylons
460 462
461 463
462 464 Apache as subdirectory
463 465 ----------------------
464 466
465 467 Apache subdirectory part::
466 468
467 469 <Location /<someprefix> >
468 470 ProxyPass http://127.0.0.1:5000/<someprefix>
469 471 ProxyPassReverse http://127.0.0.1:5000/<someprefix>
470 472 SetEnvIf X-Url-Scheme https HTTPS=1
471 473 </Location>
472 474
473 475 Besides the regular apache setup you will need to add the following to your .ini file::
474 476
475 477 filter-with = proxy-prefix
476 478
477 479 Add the following at the end of the .ini file::
478 480
479 481 [filter:proxy-prefix]
480 482 use = egg:PasteDeploy#prefix
481 483 prefix = /<someprefix>
482 484
483 485
484 486 then change <someprefix> into your choosen prefix
485 487
486 488 Apache's example FCGI config
487 489 ----------------------------
488 490
489 491 TODO !
490 492
491 493 Other configuration files
492 494 -------------------------
493 495
494 496 Some example init.d scripts can be found here, for debian and gentoo:
495 497
496 498 https://rhodecode.org/rhodecode/files/tip/init.d
497 499
498 500
499 501 Troubleshooting
500 502 ---------------
501 503
502 504 :Q: **Missing static files?**
503 505 :A: Make sure either to set the `static_files = true` in the .ini file or
504 506 double check the root path for your http setup. It should point to
505 507 for example:
506 508 /home/my-virtual-python/lib/python2.6/site-packages/rhodecode/public
507 509
508 510 |
509 511
510 512 :Q: **Can't install celery/rabbitmq**
511 513 :A: Don't worry RhodeCode works without them too. No extra setup is required.
512 514
513 515 |
514 516
515 517 :Q: **Long lasting push timeouts?**
516 518 :A: Make sure you set a longer timeouts in your proxy/fcgi settings, timeouts
517 519 are caused by https server and not RhodeCode.
518 520
519 521 |
520 522
521 523 :Q: **Large pushes timeouts?**
522 524 :A: Make sure you set a proper max_body_size for the http server.
523 525
524 526 |
525 527
526 528 :Q: **Apache doesn't pass basicAuth on pull/push?**
527 529 :A: Make sure you added `WSGIPassAuthorization true`.
528 530
529 For further questions search the `Issues tracker`_, or post a message in the `google group rhodecode`_
531 For further questions search the `Issues tracker`_, or post a message in the
532 `google group rhodecode`_
530 533
531 534 .. _virtualenv: http://pypi.python.org/pypi/virtualenv
532 535 .. _python: http://www.python.org/
533 536 .. _mercurial: http://mercurial.selenic.com/
534 537 .. _celery: http://celeryproject.org/
535 538 .. _rabbitmq: http://www.rabbitmq.com/
536 539 .. _python-ldap: http://www.python-ldap.org/
537 540 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
538 541 .. _PublishingRepositories: http://mercurial.selenic.com/wiki/PublishingRepositories
539 542 .. _Issues tracker: https://bitbucket.org/marcinkuzminski/rhodecode/issues
540 543 .. _google group rhodecode: http://groups.google.com/group/rhodecode No newline at end of file
General Comments 0
You need to be logged in to leave comments. Login now