upstream/kallithea Commit - r8355:61bd04b9

docs: clean up readthedocs URLs...

Mads Kiilerich -

r8355:61bd04b9 default

parent child

docs/overview.rst

0 +3 -3

              .. _overview:
              =====================
              Installation overview
              =====================
              Some overview and some details that can help understanding the options when
              installing Kallithea.
 . **Prepare environment and external dependencies.**
                  Kallithea needs:
                  * A filesystem where the Mercurial and Git repositories can be stored.
                  * A database where meta data can be stored.
                  * A Python environment where the Kallithea application and its dependencies
                    can be installed.
                  * A web server that can host the Kallithea web application using the WSGI
                    API.
 . **Install Kallithea software.**
                  This makes the ``kallithea-cli`` command line tool available.
 . **Create low level configuration file.**
                  Use ``kallithea-cli config-create`` to create a ``.ini`` file with database
                  connection info, mail server information, configuration for the specified
                  web server, etc.
 . **Populate the database.**
                  Use ``kallithea-cli db-create`` with the ``.ini`` file to create the
                  database schema and insert the most basic information: the location of the
                  repository store and an initial local admin user.
 . **Prepare front-end files**
                  Some front-end files must be fetched or created using ``npm`` tooling so
                  they can be served to the client as static files.
 . **Configure the web server.**
                  The web server must invoke the WSGI entrypoint for the Kallithea software
                  using the ``.ini`` file (and thus the database). This makes the web
                  application available so the local admin user can log in and tweak the
                  configuration further.
 . **Configure users.**
                  The initial admin user can create additional local users, or configure how
                  users can be created and authenticated from other user directories.
              See the subsequent sections, the separate OS-specific instructions, and
              :ref:`setup` for details on these steps.
              Python environment
              ------------------
              **Kallithea** is written entirely in Python_ and requires Python version
 .6 or higher.
              Given a Python installation, there are different ways of providing the
              environment for running Python applications. Each of them pretty much
              corresponds to a ``site-packages`` directory somewhere where packages can be
              installed.
              Kallithea itself can be run from source or be installed, but even when running
              from source, there are some dependencies that must be installed in the Python
              environment used for running Kallithea.
              - Packages *could* be installed in Python's ``site-packages`` directory ... but
                that would require running pip_ as root and it would be hard to uninstall or
                upgrade and is probably not a good idea unless using a package manager.
              - Packages could also be installed in ``~/.local`` ... but that is probably
                only a good idea if using a dedicated user per application or instance.
              - Finally, it can be installed in a virtualenv. That is a very lightweight
                "container" where each Kallithea instance can get its own dedicated and
                self-contained virtual environment.
              We recommend using virtualenv for installing Kallithea.
              Locale environment
              ------------------
              In order to ensure a correct functioning of Kallithea with respect to non-ASCII
              characters in user names, file paths, commit messages, etc., it is very
              important that Kallithea is run with a correct `locale` configuration.
              On Unix, environment variables like ``LANG`` or ``LC_ALL`` can specify a language (like
              ``en_US``) and encoding (like ``UTF-8``) to use for code points outside the ASCII
              range. The flexibility of supporting multiple encodings of Unicode has the flip
              side of having to specify which encoding to use - especially for Mercurial.
              It depends on the OS distribution and system configuration which locales are
              available. For example, some Docker containers based on Debian default to only
              supporting the ``C`` language, while other Linux environments have ``en_US`` but not
              ``C``. The ``locale -a`` command will show which values are available on the
              current system. Regardless of the actual language, you should normally choose a
              locale that has the ``UTF-8`` encoding (note that spellings ``utf8``, ``utf-8``,
              ``UTF8``, ``UTF-8`` are all referring to the same thing)
              For technical reasons, the locale configuration **must** be provided in the
              environment in which Kallithea runs - it cannot be specified in the ``.ini`` file.
              How to practically do this depends on the web server that is used and the way it
              is started. For example, gearbox is often started by a normal user, either
              manually or via a script. In this case, the required locale environment
              variables can be provided directly in that user's environment or in the script.
              However, web servers like Apache are often started at boot via an init script or
              service file. Modifying the environment for this case would thus require
              root/administrator privileges. Moreover, that environment would dictate the
              settings for all web services running under that web server, Kallithea being
              just one of them. Specifically in the case of Apache with ``mod_wsgi``, the
              locale can be set for a specific service in its ``WSGIDaemonProcess`` directive,
              using the ``lang`` parameter.
              Installation methods
              --------------------
              Kallithea must be installed on a server. Kallithea is installed in a Python
              environment so it can use packages that are installed there and make itself
              available for other packages.
              Two different cases will pretty much cover the options for how it can be
              installed.
              - The Kallithea source repository can be cloned and used -- it is kept stable and
                can be used in production. The Kallithea maintainers use the development
                branch in production. The advantage of installation from source and regularly
                updating it is that you take advantage of the most recent improvements. Using
                it directly from a DVCS also means that it is easy to track local customizations.
                Running ``pip install -e .`` in the source will use pip to install the
                necessary dependencies in the Python environment and create a
                ``.../site-packages/Kallithea.egg-link`` file there that points at the Kallithea
                source.
              - Kallithea can also be installed from ready-made packages using a package manager.
                The official released versions are available on PyPI_ and can be downloaded and
                installed with all dependencies using ``pip install kallithea``.
                With this method, Kallithea is installed in the Python environment as any
                other package, usually as a ``.../site-packages/Kallithea-X-py3.8.egg/``
                directory with Python files and everything else that is needed.
                (``pip install kallithea`` from a source tree will do pretty much the same
                but build the Kallithea package itself locally instead of downloading it.)
              .. note::
                 Kallithea includes front-end code that needs to be processed to prepare
                 static files that can be served at run time and used on the client side. The
                 tool npm_ is used to download external dependencies and orchestrate the
                 processing. The ``npm`` binary must thus be available at install time but is
                 not used at run time.
              Web server
              ----------
              Kallithea is (primarily) a WSGI_ application that must be run from a web
              server that serves WSGI applications over HTTP.
              Kallithea itself is not serving HTTP (or HTTPS); that is the web server's
              responsibility. Kallithea does however need to know its own user facing URL
              (protocol, address, port and path) for each HTTP request. Kallithea will
              usually use its own HTML/cookie based authentication but can also be configured
              to use web server authentication.
              There are several web server options:
              - Kallithea uses the Gearbox_ tool as command line interface. Gearbox provides
                ``gearbox serve`` as a convenient way to launch a Python WSGI / web server
                from the command line. That is perfect for development and evaluation.
                Actual use in production might have different requirements and need extra
                work to make it manageable as a scalable system service.
                Gearbox comes with its own built-in web server for development but Kallithea
                defaults to using Waitress_. Gunicorn_ and Gevent_ are also options. These
                web servers have different limited feature sets.
                The web server used by ``gearbox serve`` is configured in the ``.ini`` file.
                Create it with ``config-create`` using for example ``http_server=waitress``
                to get a configuration starting point for your choice of web server.
                (Gearbox will do like ``paste`` and use the WSGI application entry point
                ``kallithea.config.application:make_app`` as specified in ``setup.py``.)
              - `Apache httpd`_ can serve WSGI applications directly using mod_wsgi_ and a
                simple Python file with the necessary configuration. This is a good option if
                Apache is an option.
              - uWSGI_ is also a full web server with built-in WSGI module. Use
                ``config-create`` with ``http_server=uwsgi`` to get a ``.ini`` file with
                uWSGI configuration.
              - IIS_ can also server WSGI applications directly using isapi-wsgi_.
              - A `reverse HTTP proxy <https://en.wikipedia.org/wiki/Reverse_proxy>`_
                can be put in front of another web server which has WSGI support.
                Such a layered setup can be complex but might in some cases be the right
                option, for example to standardize on one internet-facing web server, to add
                encryption or special authentication or for other security reasons, to
                provide caching of static files, or to provide load balancing or fail-over.
                Nginx_, Varnish_ and HAProxy_ are often used for this purpose, often in front
                of a ``gearbox serve`` that somehow is wrapped as a service.
              The best option depends on what you are familiar with and the requirements for
              performance and stability. Also, keep in mind that Kallithea mainly is serving
              dynamically generated pages from a relatively slow Python process. Kallithea is
              also often used inside organizations with a limited amount of users and thus no
              continuous hammering from the internet.
              .. note::
                 Kallithea, the libraries it uses, and Python itself do in several places use
                 simple caching in memory. Caches and memory are not always released in a way
                 that is suitable for long-running processes. They might appear to be leaking
                 memory. The worker processes should thus regularly be restarted - for
                 example after 1000 requests and/or one hour. This can usually be done by the
                 web server or the tool used for running it as a system service.
              .. _Python: http://www.python.org/
              .. _Gunicorn: http://gunicorn.org/
              .. _Gevent: http://www.gevent.org/
-             .. _Waitress: http://waitress.readthedocs.org/en/latest/
-             .. _Gearbox: http://turbogears.readthedocs.io/en/latest/turbogears/gearbox.html
+             .. _Waitress: https://docs.pylonsproject.org/projects/waitress/
+             .. _Gearbox: https://turbogears.readthedocs.io/en/latest/turbogears/gearbox.html
              .. _PyPI: https://pypi.python.org/pypi
              .. _Apache httpd: http://httpd.apache.org/
              .. _mod_wsgi: https://code.google.com/p/modwsgi/
              .. _isapi-wsgi: https://github.com/hexdump42/isapi-wsgi
-             .. _uWSGI: https://uwsgi-docs.readthedocs.org/en/latest/
+             .. _uWSGI: https://uwsgi-docs.readthedocs.io/
              .. _nginx: http://nginx.org/en/
              .. _iis: http://en.wikipedia.org/wiki/Internet_Information_Services
              .. _pip: http://en.wikipedia.org/wiki/Pip_%28package_manager%29
              .. _WSGI: http://en.wikipedia.org/wiki/Web_Server_Gateway_Interface
              .. _HAProxy: http://www.haproxy.org/
              .. _Varnish: https://www.varnish-cache.org/
              .. _npm: https://www.npmjs.com/

docs/setup.rst

0 +1 -1

              .. _setup:
              =====
              Setup
              =====
              Setting up Kallithea
              --------------------
              Some further details to the steps mentioned in the overview.
              Create low level configuration file
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
              First, you will need to create a Kallithea configuration file. The
              configuration file is a ``.ini`` file that contains various low level settings
              for Kallithea, e.g. configuration of how to use database, web server, email,
              and logging.
              Run the following command to create the file ``my.ini`` in the current
              directory::
                  kallithea-cli config-create my.ini http_server=waitress
              To get a good starting point for your configuration, specify the http server
              you intend to use. It can be ``waitress``, ``gearbox``, ``gevent``,
              ``gunicorn``, or ``uwsgi``. (Apache ``mod_wsgi`` will not use this
              configuration file, and it is fine to keep the default http_server configuration
              unused. ``mod_wsgi`` is configured using ``httpd.conf`` directives and a WSGI
              wrapper script.)
              Extra custom settings can be specified like::
                  kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter
              Populate the database
              ^^^^^^^^^^^^^^^^^^^^^
              Next, you need to create the databases used by Kallithea. Kallithea currently
              supports PostgreSQL, SQLite and MariaDB/MySQL databases. It is recommended to
              start out using SQLite (the default) and move to PostgreSQL if it becomes a
              bottleneck or to get a "proper" database. MariaDB/MySQL is also supported.
              For PostgreSQL, run ``pip install psycopg2`` to get the database driver. Make
              sure the PostgreSQL server is initialized and running. Make sure you have a
              database user with password authentication with permissions to create databases
              - for example by running::
                  sudo -u postgres createuser 'kallithea' --pwprompt --createdb
              For MariaDB/MySQL, run ``pip install mysqlclient`` to get the ``MySQLdb``
              database driver. Make sure the database server is initialized and running. Make
              sure you have a database user with password authentication with permissions to
              create the database - for example by running::
                  echo 'CREATE USER "kallithea"@"localhost" IDENTIFIED BY "password"' | sudo -u mysql mysql
                  echo 'GRANT ALL PRIVILEGES ON `kallithea`.* TO "kallithea"@"localhost"' | sudo -u mysql mysql
              Check and adjust ``sqlalchemy.url`` in your ``my.ini`` configuration file to use
              this database.
              Create the database, tables, and initial content by running the following
              command::
                  kallithea-cli db-create -c my.ini
              This will first prompt you for a "root" path. This "root" path is the location
              where Kallithea will store all of its repositories on the current machine. This
              location must be writable for the running Kallithea application. Next,
              ``db-create`` will prompt you for a username and password for the initial admin
              account it sets up for you.
              The ``db-create`` values can also be given on the command line.
              Example::
                  kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
              The ``db-create`` command will create all needed tables and an
              admin account. When choosing a root path you can either use a new
              empty location, or a location which already contains existing
              repositories. If you choose a location which contains existing
              repositories Kallithea will add all of the repositories at the chosen
              location to its database.  (Note: make sure you specify the correct
              path to the root).
              .. note:: It is also possible to use an existing database. For example,
                        when using PostgreSQL without granting general createdb privileges to
                        the PostgreSQL kallithea user, set ``sqlalchemy.url =
                        postgresql://kallithea:password@localhost/kallithea`` and create the
                        database like::
                            sudo -u postgres createdb 'kallithea' --owner 'kallithea'
                            kallithea-cli db-create -c my.ini --reuse
              Prepare front-end files
              ^^^^^^^^^^^^^^^^^^^^^^^
              Finally, the front-end files must be prepared. This requires ``npm`` version 6
              or later, which needs ``node.js`` (version 12 or later). Prepare the front-end
              by running::
                  kallithea-cli front-end-build
              Running
              ^^^^^^^
              You are now ready to use Kallithea. To run it using a gearbox web server,
              simply execute::
                  gearbox serve -c my.ini
              - This command runs the Kallithea server. The web app should be available at
                http://127.0.0.1:5000. The IP address and port is configurable via the
                configuration file created in the previous step.
              - Log in to Kallithea using the admin account created when running ``db-create``.
              - The default permissions on each repository is read, and the owner is admin.
                Remember to update these if needed.
              - In the admin panel you can toggle LDAP, anonymous, and permissions
                settings, as well as edit more advanced options on users and
                repositories.
              Internationalization (i18n support)
              -----------------------------------
              The Kallithea web interface is automatically displayed in the user's preferred
              language, as indicated by the browser. Thus, different users may see the
              application in different languages. If the requested language is not available
              (because the translation file for that language does not yet exist or is
              incomplete), English is used.
              If you want to disable automatic language detection and instead configure a
              fixed language regardless of user preference, set ``i18n.enabled = false`` and
              specify another language by setting ``i18n.lang`` in the Kallithea
              configuration file.
              Using Kallithea with SSH
              ------------------------
              Kallithea supports repository access via SSH key based authentication.
              This means:
              - repository URLs like ``ssh://kallithea@example.com/name/of/repository``
              - all network traffic for both read and write happens over the SSH protocol on
                port 22, without using HTTP/HTTPS nor the Kallithea WSGI application
              - encryption and authentication protocols are managed by the system's ``sshd``
                process, with all users using the same Kallithea system user (e.g.
                ``kallithea``) when connecting to the SSH server, but with users' public keys
                in the Kallithea system user's `.ssh/authorized_keys` file granting each user
                sandboxed access to the repositories.
              - users and admins can manage SSH public keys in the web UI
              - in their SSH client configuration, users can configure how the client should
                control access to their SSH key - without passphrase, with passphrase, and
                optionally with passphrase caching in the local shell session (``ssh-agent``).
                This is standard SSH functionality, not something Kallithea provides or
                interferes with.
              - network communication between client and server happens in a bidirectional
                stateful stream, and will in some cases be faster than HTTP/HTTPS with several
                stateless round-trips.
              .. note:: At this moment, repository access via SSH has been tested on Unix
                  only. Windows users that care about SSH are invited to test it and report
                  problems, ideally contributing patches that solve these problems.
              Users and admins can upload SSH public keys (e.g. ``.ssh/id_rsa.pub``) through
              the web interface. The server's ``.ssh/authorized_keys`` file is automatically
              maintained with an entry for each SSH key. Each entry will tell ``sshd`` to run
              ``kallithea-cli`` with the ``ssh-serve`` sub-command and the right Kallithea user ID
              when encountering the corresponding SSH key.
              To enable SSH repository access, Kallithea must be configured with the path to
              the ``.ssh/authorized_keys`` file for the Kallithea user, and the path to the
              ``kallithea-cli`` command. Put something like this in the ``.ini`` file::
                  ssh_enabled = true
                  ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
                  kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
              The SSH service must be running, and the Kallithea user account must be active
              (not necessarily with password access, but public key access must be enabled),
              all file permissions must be set as sshd wants it, and ``authorized_keys`` must
              be writeable by the Kallithea user.
              .. note:: The ``authorized_keys`` file will be rewritten from scratch on
                  each update. If it already exists with other data, Kallithea will not
                  overwrite the existing ``authorized_keys``, and the server process will
                  instead throw an exception. The system administrator thus cannot ssh
                  directly to the Kallithea user but must use su/sudo from another account.
                  If ``/home/kallithea/.ssh/`` (the directory of the path specified in the
                  ``ssh_authorized_keys`` setting of the ``.ini`` file) does not exist as a
                  directory, Kallithea will attempt to create it. If that path exists but is
                  *not* a directory, or is not readable-writable-executable by the server
                  process, the server process will raise an exception each time it attempts to
                  write the ``authorized_keys`` file.
              .. note:: It is possible to configure the SSH server to look for authorized
                 keys in multiple files, for example reserving ``ssh/authorized_keys`` to be
                 used for normal SSH and with Kallithea using
                 ``.ssh/authorized_keys_kallithea``. In ``/etc/ssh/sshd_config`` set
                 ``AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys_kallithea``
                 and restart sshd, and in ``my.ini`` set ``ssh_authorized_keys =
                 /home/kallithea/.ssh/authorized_keys_kallithea``. Note that this new
                 location will apply to all system users, and that multiple entries for the
                 same SSH key will shadow each other.
              .. warning:: The handling of SSH access is steered directly by the command
                  specified in the ``authorized_keys`` file. There is no interaction with the
                  web UI.  Once SSH access is correctly configured and enabled, it will work
                  regardless of whether the Kallithea web process is actually running. Hence,
                  if you want to perform repository or server maintenance and want to fully
                  disable all access to the repositories, disable SSH access by setting
                  ``ssh_enabled = false`` in the correct ``.ini`` file (i.e. the ``.ini`` file
                  specified in the ``authorized_keys`` file.)
              The ``authorized_keys`` file can be updated manually with ``kallithea-cli
              ssh-update-authorized-keys -c my.ini``. This command is not needed in normal
              operation but is for example useful after changing SSH-related settings in the
              ``.ini`` file or renaming that file. (The path to the ``.ini`` file is used in
              the generated ``authorized_keys`` file).
              Setting up Whoosh full text search
              ----------------------------------
              Kallithea provides full text search of repositories using `Whoosh`__.
-             .. __: https://whoosh.readthedocs.io/en/latest/
+             .. __: https://whoosh.readthedocs.io/
              For an incremental index build, run::
                  kallithea-cli index-create -c my.ini
              For a full index rebuild, run::
                  kallithea-cli index-create -c my.ini --full
              The ``--repo-location`` option allows the location of the repositories to be overridden;
              usually, the location is retrieved from the Kallithea database.
              The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
                  kallithea-cli index-create -c my.ini --index-only=vcs,kallithea
              To keep your index up-to-date it is necessary to do periodic index builds;
              for this, it is recommended to use a crontab entry. Example::
 3  *  *  *  /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini
              When using incremental mode (the default), Whoosh will check the last
              modification date of each file and add it to be reindexed if a newer file is
              available. The indexing daemon checks for any removed files and removes them
              from index.
              If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
              or in the admin panel you can check the "build from scratch" checkbox.
              Integration with issue trackers
              -------------------------------
              Kallithea provides a simple integration with issue trackers. It's possible
              to define a regular expression that will match an issue ID in commit messages,
              and have that replaced with a URL to the issue.
              This is achieved with following three variables in the ini file::
                  issue_pat = #(\d+)
                  issue_server_link = https://issues.example.com/{repo}/issue/\1
                  issue_sub =
              ``issue_pat`` is the regular expression describing which strings in
              commit messages will be treated as issue references. The expression can/should
              have one or more parenthesized groups that can later be referred to in
              ``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups
              can be used instead of simple parenthesized groups.
              If the pattern should only match if it is preceded by whitespace, add the
              following string before the actual pattern: ``(?:^|(?<=\s))``.
              If the pattern should only match if it is followed by whitespace, add the
              following string after the actual pattern: ``(?:$|(?=\s))``.
              These expressions use lookbehind and lookahead assertions of the Python regular
              expression module to avoid the whitespace to be part of the actual pattern,
              otherwise the link text will also contain that whitespace.
              Matched issue references are replaced with the link specified in
              ``issue_server_link``, in which any backreferences are resolved. Backreferences
              can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.
              The special token ``{repo}`` is replaced with the full repository path
              (including repository groups), while token ``{repo_name}`` is replaced with the
              repository name (without repository groups).
              The link text is determined by ``issue_sub``, which can be a string containing
              backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is
              empty, then the text matched by ``issue_pat`` is used verbatim.
              The example settings shown above match issues in the format ``#<number>``.
              This will cause the text ``#300`` to be transformed into a link:
              .. code-block:: html
                <a href="https://issues.example.com/example_repo/issue/300">#300</a>
              The following example transforms a text starting with either of 'pullrequest',
              'pull request' or 'PR', followed by an optional space, then a pound character
              (#) and one or more digits, into a link with the text 'PR #' followed by the
              digits::
                  issue_pat = (pullrequest|pull request|PR) ?#(\d+)
                  issue_server_link = https://issues.example.com/\2
                  issue_sub = PR #\2
              The following example demonstrates how to require whitespace before the issue
              reference in order for it to be recognized, such that the text ``issue#123`` will
              not cause a match, but ``issue #123`` will::
                  issue_pat = (?:^|(?<=\s))#(\d+)
                  issue_server_link = https://issues.example.com/\1
                  issue_sub =
              If needed, more than one pattern can be specified by appending a unique suffix to
              the variables. For example, also demonstrating the use of named groups::
                  issue_pat_wiki = wiki-(?P<pagename>\S+)
                  issue_server_link_wiki = https://wiki.example.com/\g<pagename>
                  issue_sub_wiki = WIKI-\g<pagename>
              With these settings, wiki pages can be referenced as wiki-some-id, and every
              such reference will be transformed into:
              .. code-block:: html
                <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
              Refer to the `Python regular expression documentation`_ for more details about
              the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.
              Hook management
              ---------------
              Hooks can be managed in similar way to that used in ``.hgrc`` files.
              To manage hooks, choose *Admin > Settings > Hooks*.
              The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
              To add another custom hook simply fill in the first textbox with
              ``<name>.<hook_type>`` and the second with the hook path. Example hooks
              can be found in ``kallithea.lib.hooks``.
              Changing default encoding
              -------------------------
              By default, Kallithea uses UTF-8 encoding.
              This is configurable as ``default_encoding`` in the .ini file.
              This affects many parts in Kallithea including user names, filenames, and
              encoding of commit messages. In addition Kallithea can detect if the ``chardet``
              library is installed. If ``chardet`` is detected Kallithea will fallback to it
              when there are encode/decode errors.
              The Mercurial encoding is configurable as ``hgencoding``. It is similar to
              setting the ``HGENCODING`` environment variable, but will override it.
              Celery configuration
              --------------------
              Kallithea can use the distributed task queue system Celery_ to run tasks like
              cloning repositories or sending emails.
              Kallithea will in most setups work perfectly fine out of the box (without
              Celery), executing all tasks in the web server process. Some tasks can however
              take some time to run and it can be better to run such tasks asynchronously in
              a separate process so the web server can focus on serving web requests.
              For installation and configuration of Celery, see the `Celery documentation`_.
              Note that Celery requires a message broker service like RabbitMQ_ (recommended)
              or Redis_.
              The use of Celery is configured in the Kallithea ini configuration file.
              To enable it, simply set::
                use_celery = true
              and add or change the ``celery.*`` configuration variables.
              Configuration settings are prefixed with 'celery.', so for example setting
              `broker_url` in Celery means setting `celery.broker_url` in the configuration
              file.
              To start the Celery process, run::
                kallithea-cli celery-run -c my.ini
              Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``
              for more info.
              .. note::
                 Make sure you run this command from the same virtualenv, and with the same
                 user that Kallithea runs.
              HTTPS support
              -------------
              Kallithea will by default generate URLs based on the WSGI environment.
              Alternatively, you can use some special configuration settings to control
              directly which scheme/protocol Kallithea will use when generating URLs:
              - With ``https_fixup = true``, the scheme will be taken from the
                ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
                (default ``http``).
              - With ``force_https = true`` the default will be ``https``.
              - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
              .. _nginx_virtual_host:
              Nginx virtual host example
              --------------------------
              Sample config for Nginx using proxy:
              .. code-block:: nginx
                  upstream kallithea {
                      server 127.0.0.1:5000;
                      # add more instances for load balancing
                      #server 127.0.0.1:5001;
                      #server 127.0.0.1:5002;
                  }
                  ## gist alias
                  server {
                     listen          443;
                     server_name     gist.example.com;
                     access_log      /var/log/nginx/gist.access.log;
                     error_log       /var/log/nginx/gist.error.log;
                     ssl on;
                     ssl_certificate     gist.your.kallithea.server.crt;
                     ssl_certificate_key gist.your.kallithea.server.key;
                     ssl_session_timeout 5m;
                     ssl_protocols SSLv3 TLSv1;
                     ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
                     ssl_prefer_server_ciphers on;
                     rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
                     rewrite (.*)    https://kallithea.example.com/_admin/gists;
                  }
                  server {
                     listen          443;
                     server_name     kallithea.example.com
                     access_log      /var/log/nginx/kallithea.access.log;
                     error_log       /var/log/nginx/kallithea.error.log;
                     ssl on;
                     ssl_certificate     your.kallithea.server.crt;
                     ssl_certificate_key your.kallithea.server.key;
                     ssl_session_timeout 5m;
                     ssl_protocols SSLv3 TLSv1;
                     ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
                     ssl_prefer_server_ciphers on;
                     ## uncomment root directive if you want to serve static files by nginx
                     ## requires static_files = false in .ini file
                     #root /srv/kallithea/kallithea/kallithea/public;
                     include         /etc/nginx/proxy.conf;
                     location / {
                          try_files $uri @kallithea;
                     }
                     location @kallithea {
                          proxy_pass      http://127.0.0.1:5000;
                     }
                  }
              Here's the proxy.conf. It's tuned so it will not timeout on long
              pushes or large pushes::
                  proxy_redirect              off;
                  proxy_set_header            Host $host;
                  ## needed for container auth
                  #proxy_set_header            REMOTE_USER $remote_user;
                  #proxy_set_header            X-Forwarded-User $remote_user;
                  proxy_set_header            X-Url-Scheme $scheme;
                  proxy_set_header            X-Host $http_host;
                  proxy_set_header            X-Real-IP $remote_addr;
                  proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header            Proxy-host $proxy_host;
                  proxy_buffering             off;
                  proxy_connect_timeout       7200;
                  proxy_send_timeout          7200;
                  proxy_read_timeout          7200;
                  proxy_buffers               8 32k;
                  client_max_body_size        1024m;
                  client_body_buffer_size     128k;
                  large_client_header_buffers 8 64k;
              .. _apache_virtual_host_reverse_proxy:
              Apache virtual host reverse proxy example
              -----------------------------------------
              Here is a sample configuration file for Apache using proxy:
              .. code-block:: apache
                  <VirtualHost *:80>
                          ServerName kallithea.example.com
                          <Proxy *>
                            # For Apache 2.4 and later:
                            Require all granted
                            # For Apache 2.2 and earlier, instead use:
                            # Order allow,deny
                            # Allow from all
                          </Proxy>
                          #important !
                          #Directive to properly generate url (clone url) for Kallithea
                          ProxyPreserveHost On
                          #kallithea instance
                          ProxyPass / http://127.0.0.1:5000/
                          ProxyPassReverse / http://127.0.0.1:5000/
                          #to enable https use line below
                          #SetEnvIf X-Url-Scheme https HTTPS=1
                  </VirtualHost>
              Additional tutorial
              http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
              .. _apache_subdirectory:
              Apache as subdirectory
              ----------------------
              Apache subdirectory part:
              .. code-block:: apache
                  <Location /PREFIX >
                    ProxyPass http://127.0.0.1:5000/PREFIX
                    ProxyPassReverse http://127.0.0.1:5000/PREFIX
                    SetEnvIf X-Url-Scheme https HTTPS=1
                  </Location>
              Besides the regular apache setup you will need to add the following line
              into ``[app:main]`` section of your .ini file::
                  filter-with = proxy-prefix
              Add the following at the end of the .ini file::
                  [filter:proxy-prefix]
                  use = egg:PasteDeploy#prefix
                  prefix = /PREFIX
              then change ``PREFIX`` into your chosen prefix
              .. _apache_mod_wsgi:
              Apache with mod_wsgi
              --------------------
              Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
              that, you'll need to:
              - Install mod_wsgi. If using a Debian-based distro, you can install
                the package libapache2-mod-wsgi::
                  aptitude install libapache2-mod-wsgi
              - Enable mod_wsgi::
                  a2enmod wsgi
              - Add global Apache configuration to tell mod_wsgi that Python only will be
                used in the WSGI processes and shouldn't be initialized in the Apache
                processes::
                  WSGIRestrictEmbedded On
              - Create a WSGI dispatch script, like the one below. Make sure you
                check that the paths correctly point to where you installed Kallithea
                and its Python Virtual Environment.
                .. code-block:: python
                    import os
                    os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
                    # sometimes it's needed to set the current dir
                    os.chdir('/srv/kallithea/')
                    import site
                    site.addsitedir("/srv/kallithea/venv/lib/python3.7/site-packages")
                    ini = '/srv/kallithea/my.ini'
                    from logging.config import fileConfig
                    fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
                    from paste.deploy import loadapp
                    application = loadapp('config:' + ini)
                Or using proper virtualenv activation:
                .. code-block:: python
                    activate_this = '/srv/kallithea/venv/bin/activate_this.py'
                    execfile(activate_this, dict(__file__=activate_this))
                    import os
                    os.environ['HOME'] = '/srv/kallithea'
                    ini = '/srv/kallithea/kallithea.ini'
                    from logging.config import fileConfig
                    fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
                    from paste.deploy import loadapp
                    application = loadapp('config:' + ini)
              - Add the necessary ``WSGI*`` directives to the Apache Virtual Host configuration
                file, like in the example below. Notice that the WSGI dispatch script created
                above is referred to with the ``WSGIScriptAlias`` directive.
                The default locale settings Apache provides for web services are often not
                adequate, with `C` as the default language and `ASCII` as the encoding.
                Instead, use the ``lang`` parameter of ``WSGIDaemonProcess`` to specify a
                suitable locale. See also the :ref:`overview` section and the
                `WSGIDaemonProcess documentation`_.
                Apache will by default run as a special Apache user, on Linux systems
                usually ``www-data`` or ``apache``. If you need to have the repositories
                directory owned by a different user, use the user and group options to
                WSGIDaemonProcess to set the name of the user and group.
                Once again, check that all paths are correctly specified.
                .. code-block:: apache
                    WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
                        python-home=/srv/kallithea/venv lang=C.UTF-8
                    WSGIProcessGroup kallithea
                    WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
                    WSGIPassAuthorization On
                Or if using a dispatcher WSGI script with proper virtualenv activation:
                .. code-block:: apache
                    WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 lang=en_US.utf8
                    WSGIProcessGroup kallithea
                    WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
                    WSGIPassAuthorization On
              Other configuration files
              -------------------------
              A number of `example init.d scripts`__ can be found in
              the ``init.d`` directory of the Kallithea source.
              .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
              .. _python: http://www.python.org/
              .. _Python regular expression documentation: https://docs.python.org/2/library/re.html
              .. _Mercurial: https://www.mercurial-scm.org/
              .. _Celery: http://celeryproject.org/
              .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
              .. _RabbitMQ: http://www.rabbitmq.com/
              .. _Redis: http://redis.io/
              .. _mercurial-server: http://www.lshift.net/mercurial-server.html
              .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories
              .. _WSGIDaemonProcess documentation: https://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIDaemonProcess.html

docs/usage/email.rst

0 +2 -2

              .. _email:
              ==============
              Email settings
              ==============
              The Kallithea configuration file has several email related settings. When
              these contain correct values, Kallithea will send email in the situations
              described below. If the email configuration is not correct so that emails
              cannot be sent, all mails will show up in the log output.
              Before any email can be sent, an SMTP server has to be configured using the
              configuration file setting ``smtp_server``. If required for that server, specify
              a username (``smtp_username``) and password (``smtp_password``), a non-standard
              port (``smtp_port``), whether to use "SSL" when connecting (``smtp_use_ssl``)
              or use STARTTLS (``smtp_use_tls``), and/or specify special ESMTP "auth" features
              (``smtp_auth``).
              For example, for sending through gmail, use::
                  smtp_server = smtp.gmail.com
                  smtp_username = username
                  smtp_password = password
                  smtp_port = 465
                  smtp_use_ssl = true
              Application emails
              ------------------
              Kallithea sends an email to `users` on several occasions:
              - when comments are given on one of their changesets
              - when comments are given on changesets they are reviewer on or on which they
                commented regardless
              - when they are invited as reviewer in pull requests
              - when they request a password reset
              Kallithea sends an email to all `administrators` upon new account registration.
              Administrators are users with the ``Admin`` flag set on the *Admin > Users*
              page.
              When Kallithea wants to send an email but due to an error cannot correctly
              determine the intended recipients, the administrators and the addresses
              specified in ``email_to`` in the configuration file are used as fallback.
              Recipients will see these emails originating from the sender specified in the
              ``app_email_from`` setting in the configuration file. This setting can either
              contain only an email address, like `kallithea-noreply@example.com`, or both
              a name and an address in the following format: `Kallithea
              <kallithea-noreply@example.com>`. However, if the email is sent due to an
              action of a particular user, for example when a comment is given or a pull
              request created, the name of that user will be combined with the email address
              specified in ``app_email_from`` to form the sender (and any name part in that
              configuration setting disregarded).
              The subject of these emails can optionally be prefixed with the value of
              ``email_prefix`` in the configuration file.
              A Kallithea-specific header indicating the email type will be added to each
              email. This header can be used for email filtering. The header is of the form:
                  X-Kallithea-Notification-Type: <type>
              where ``<type>`` is one of:
              - ``pull_request``: you are invited as reviewer in a pull request
              - ``pull_request_comment``: a comment was given on a pull request
              - ``cs_comment``: a comment was given on a changeset
              - ``registration``: a new user was registered
              - ``message``: another type of email
              Error emails
              ------------
              When an exception occurs in Kallithea -- and unless interactive debugging is
              enabled using ``set debug = true`` in the ``[app:main]`` section of the
              configuration file -- an email with exception details is sent by backlash_
              to the addresses specified in ``email_to`` in the configuration file.
              Recipients will see these emails originating from the sender specified in the
              ``error_email_from`` setting in the configuration file. This setting can either
              contain only an email address, like `kallithea-noreply@example.com`, or both
              a name and an address in the following format: `Kallithea Errors
              <kallithea-noreply@example.com>`.
              References
              ----------
-             - `Error Middleware (Pylons documentation) <http://pylons-webframework.readthedocs.org/en/latest/debugging.html#error-middleware>`_
-             - `ErrorHandler (Pylons modules documentation) <http://pylons-webframework.readthedocs.org/en/latest/modules/middleware.html#pylons.middleware.ErrorHandler>`_
+             - `Error Middleware (Pylons documentation) <https://pylons-webframework.readthedocs.io/en/latest/debugging.html#error-middleware>`_
+             - `ErrorHandler (Pylons modules documentation) <https://pylons-webframework.readthedocs.io/en/latest/modules/middleware.html#pylons.middleware.ErrorHandler>`_
              .. _backlash: https://github.com/TurboGears/backlash

scripts/make-release

0 +1 -1

              #!/bin/bash
              set -e
              set -x
              cleanup()
              {
                echo "Removing venv $venv"
                rm  -rf "$venv"
              }
              echo "Checking that you are NOT inside a virtualenv"
              [ -z "$VIRTUAL_ENV" ]
              venv=$(mktemp -d --tmpdir kallithea-release-XXXXX)
              trap cleanup EXIT
              echo "Setting up a fresh virtualenv in $venv"
              python3 -m venv "$venv"
              . "$venv/bin/activate"
              echo "Install/verify tools needed for building and uploading stuff"
              pip install --upgrade -e . -r dev_requirements.txt twine python-ldap python-pam
              echo "Cleanup and update copyrights ... and clean checkout"
              scripts/run-all-cleanup
              scripts/update-copyrights.py
              hg up -cr .
              echo "Make release build from clean checkout in build/"
              rm -rf build dist
              hg archive build
              cd build
              echo "Check that each entry in MANIFEST.in match something"
              sed -e 's/[^ ]*[ ]*\([^ ]*\).*/\1/g' MANIFEST.in | xargs ls -lad
              echo "Build dist"
              python3 setup.py compile_catalog
              python3 setup.py sdist
              echo "Verify VERSION from kallithea/__init__.py"
              namerel=$(cd dist && echo Kallithea-*.tar.gz)
              namerel=${namerel%.tar.gz}
              version=${namerel#Kallithea-}
              ls -l $(pwd)/dist/$namerel.tar.gz
              echo "Releasing Kallithea $version in directory $namerel"
              echo "Verify dist file content"
              diff -u <((hg mani | grep -v '^\.hg\|^kallithea/i18n/en/LC_MESSAGES/kallithea.mo$') | LANG=C sort) <(tar tf dist/Kallithea-$version.tar.gz | sed "s|^$namerel/||" | grep . | grep -v '^kallithea/i18n/.*/LC_MESSAGES/kallithea.mo$\|^Kallithea.egg-info/\|^PKG-INFO$\|/$' | LANG=C sort)
              echo "Verify docs build"
              python3 setup.py build_sphinx # the results are not actually used, but we want to make sure it builds
              echo "Shortlog for inclusion in the release announcement"
              scripts/shortlog.py "only('.', branch('stable') & tagged() & public() & not '.')"
              cat - << EOT
              Now, make sure
              * all tests are passing
              * release note is ready
              * announcement is ready
              * source has been pushed to https://kallithea-scm.org/repos/kallithea
              EOT
              echo "Verify current revision is tagged for $version"
              hg log -r "'$version'&." | grep .
              echo -n "Enter \"pypi\" to upload Kallithea $version to pypi: "
              read answer
              [ "$answer" = "pypi" ]
              echo "Rebuild readthedocs for docs.kallithea-scm.org"
              xdg-open https://readthedocs.org/projects/kallithea/
              curl -X POST http://readthedocs.org/build/kallithea
              xdg-open https://readthedocs.org/projects/kallithea/builds
-             xdg-open http://docs.kallithea-scm.org/en/latest/ # or whatever the branch is
+             xdg-open https://docs.kallithea-scm.org/en/latest/ # or whatever the branch is
              twine upload dist/*
              xdg-open https://pypi.python.org/pypi/Kallithea

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages