Show More
@@ -1,591 +1,591 b'' | |||||
1 | ################################################################################ |
|
1 | ################################################################################ | |
2 | ################################################################################ |
|
2 | ################################################################################ | |
3 | # Kallithea - Development config: # |
|
3 | # Kallithea - Development config: # | |
4 | # listening on *:5000 # |
|
4 | # listening on *:5000 # | |
5 | # sqlite and kallithea.db # |
|
5 | # sqlite and kallithea.db # | |
6 | # initial_repo_scan = true # |
|
6 | # initial_repo_scan = true # | |
7 | # set debug = true # |
|
7 | # set debug = true # | |
8 | # verbose and colorful logging # |
|
8 | # verbose and colorful logging # | |
9 | # # |
|
9 | # # | |
10 | # The %(here)s variable will be replaced with the parent directory of this file# |
|
10 | # The %(here)s variable will be replaced with the parent directory of this file# | |
11 | ################################################################################ |
|
11 | ################################################################################ | |
12 | ################################################################################ |
|
12 | ################################################################################ | |
13 |
|
13 | |||
14 | [DEFAULT] |
|
14 | [DEFAULT] | |
15 | debug = true |
|
15 | debug = true | |
16 | pdebug = false |
|
16 | pdebug = false | |
17 |
|
17 | |||
18 | ################################################################################ |
|
18 | ################################################################################ | |
19 | ## Email settings ## |
|
19 | ## Email settings ## | |
20 | ## ## |
|
20 | ## ## | |
21 | ## Refer to the documentation ("Email settings") for more details. ## |
|
21 | ## Refer to the documentation ("Email settings") for more details. ## | |
22 | ## ## |
|
22 | ## ## | |
23 | ## It is recommended to use a valid sender address that passes access ## |
|
23 | ## It is recommended to use a valid sender address that passes access ## | |
24 | ## validation and spam filtering in mail servers. ## |
|
24 | ## validation and spam filtering in mail servers. ## | |
25 | ################################################################################ |
|
25 | ################################################################################ | |
26 |
|
26 | |||
27 | ## 'From' header for application emails. You can optionally add a name. |
|
27 | ## 'From' header for application emails. You can optionally add a name. | |
28 | ## Default: |
|
28 | ## Default: | |
29 | #app_email_from = Kallithea |
|
29 | #app_email_from = Kallithea | |
30 | ## Examples: |
|
30 | ## Examples: | |
31 | #app_email_from = Kallithea <kallithea-noreply@example.com> |
|
31 | #app_email_from = Kallithea <kallithea-noreply@example.com> | |
32 | #app_email_from = kallithea-noreply@example.com |
|
32 | #app_email_from = kallithea-noreply@example.com | |
33 |
|
33 | |||
34 | ## Subject prefix for application emails. |
|
34 | ## Subject prefix for application emails. | |
35 | ## A space between this prefix and the real subject is automatically added. |
|
35 | ## A space between this prefix and the real subject is automatically added. | |
36 | ## Default: |
|
36 | ## Default: | |
37 | #email_prefix = |
|
37 | #email_prefix = | |
38 | ## Example: |
|
38 | ## Example: | |
39 | #email_prefix = [Kallithea] |
|
39 | #email_prefix = [Kallithea] | |
40 |
|
40 | |||
41 | ## Recipients for error emails and fallback recipients of application mails. |
|
41 | ## Recipients for error emails and fallback recipients of application mails. | |
42 | ## Multiple addresses can be specified, space-separated. |
|
42 | ## Multiple addresses can be specified, space-separated. | |
43 | ## Only addresses are allowed, do not add any name part. |
|
43 | ## Only addresses are allowed, do not add any name part. | |
44 | ## Default: |
|
44 | ## Default: | |
45 | #email_to = |
|
45 | #email_to = | |
46 | ## Examples: |
|
46 | ## Examples: | |
47 | #email_to = admin@example.com |
|
47 | #email_to = admin@example.com | |
48 | #email_to = admin@example.com another_admin@example.com |
|
48 | #email_to = admin@example.com another_admin@example.com | |
49 |
|
49 | |||
50 | ## 'From' header for error emails. You can optionally add a name. |
|
50 | ## 'From' header for error emails. You can optionally add a name. | |
51 | ## Default: |
|
51 | ## Default: | |
52 | #error_email_from = pylons@yourapp.com |
|
52 | #error_email_from = pylons@yourapp.com | |
53 | ## Examples: |
|
53 | ## Examples: | |
54 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> |
|
54 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> | |
55 | #error_email_from = paste_error@example.com |
|
55 | #error_email_from = paste_error@example.com | |
56 |
|
56 | |||
57 | ## SMTP server settings |
|
57 | ## SMTP server settings | |
58 | ## Only smtp_server is mandatory. All other settings take the specified default |
|
58 | ## Only smtp_server is mandatory. All other settings take the specified default | |
59 | ## values. |
|
59 | ## values. | |
60 | #smtp_server = smtp.example.com |
|
60 | #smtp_server = smtp.example.com | |
61 | #smtp_username = |
|
61 | #smtp_username = | |
62 | #smtp_password = |
|
62 | #smtp_password = | |
63 | #smtp_port = 25 |
|
63 | #smtp_port = 25 | |
64 | #smtp_use_tls = false |
|
64 | #smtp_use_tls = false | |
65 | #smtp_use_ssl = false |
|
65 | #smtp_use_ssl = false | |
66 | ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.). |
|
66 | ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.). | |
67 | ## If empty, use any of the authentication parameters supported by the server. |
|
67 | ## If empty, use any of the authentication parameters supported by the server. | |
68 | #smtp_auth = |
|
68 | #smtp_auth = | |
69 |
|
69 | |||
70 | [server:main] |
|
70 | [server:main] | |
71 | ## PASTE ## |
|
71 | ## PASTE ## | |
72 | #use = egg:Paste#http |
|
72 | #use = egg:Paste#http | |
73 | ## nr of worker threads to spawn |
|
73 | ## nr of worker threads to spawn | |
74 |
#threadpool_workers = |
|
74 | #threadpool_workers = 1 | |
75 | ## max request before thread respawn |
|
75 | ## max request before thread respawn | |
76 | #threadpool_max_requests = 10 |
|
76 | #threadpool_max_requests = 100 | |
77 | ## option to use threads of process |
|
77 | ## option to use threads of process | |
78 | #use_threadpool = true |
|
78 | #use_threadpool = true | |
79 |
|
79 | |||
80 | ## WAITRESS ## |
|
80 | ## WAITRESS ## | |
81 | use = egg:waitress#main |
|
81 | use = egg:waitress#main | |
82 | ## number of worker threads |
|
82 | ## number of worker threads | |
83 |
threads = |
|
83 | threads = 1 | |
84 | ## MAX BODY SIZE 100GB |
|
84 | ## MAX BODY SIZE 100GB | |
85 | max_request_body_size = 107374182400 |
|
85 | max_request_body_size = 107374182400 | |
86 | ## use poll instead of select, fixes fd limits, may not work on old |
|
86 | ## use poll instead of select, fixes fd limits, may not work on old | |
87 | ## windows systems. |
|
87 | ## windows systems. | |
88 | #asyncore_use_poll = True |
|
88 | #asyncore_use_poll = True | |
89 |
|
89 | |||
90 | ## GUNICORN ## |
|
90 | ## GUNICORN ## | |
91 | #use = egg:gunicorn#main |
|
91 | #use = egg:gunicorn#main | |
92 | ## number of process workers. You must set `instance_id = *` when this option |
|
92 | ## number of process workers. You must set `instance_id = *` when this option | |
93 | ## is set to more than one worker |
|
93 | ## is set to more than one worker | |
94 | #workers = 1 |
|
94 | #workers = 1 | |
95 | ## process name |
|
95 | ## process name | |
96 | #proc_name = kallithea |
|
96 | #proc_name = kallithea | |
97 | ## type of worker class, one of sync, eventlet, gevent, tornado |
|
97 | ## type of worker class, one of sync, eventlet, gevent, tornado | |
98 | ## recommended for bigger setup is using of of other than sync one |
|
98 | ## recommended for bigger setup is using of of other than sync one | |
99 | #worker_class = sync |
|
99 | #worker_class = sync | |
100 | #max_requests = 1000 |
|
100 | #max_requests = 1000 | |
101 | ## ammount of time a worker can handle request before it gets killed and |
|
101 | ## ammount of time a worker can handle request before it gets killed and | |
102 | ## restarted |
|
102 | ## restarted | |
103 | #timeout = 3600 |
|
103 | #timeout = 3600 | |
104 |
|
104 | |||
105 | ## UWSGI ## |
|
105 | ## UWSGI ## | |
106 | ## run with uwsgi --ini-paste-logged <inifile.ini> |
|
106 | ## run with uwsgi --ini-paste-logged <inifile.ini> | |
107 | #[uwsgi] |
|
107 | #[uwsgi] | |
108 | #socket = /tmp/uwsgi.sock |
|
108 | #socket = /tmp/uwsgi.sock | |
109 | #master = true |
|
109 | #master = true | |
110 | #http = 127.0.0.1:5000 |
|
110 | #http = 127.0.0.1:5000 | |
111 |
|
111 | |||
112 | ## set as deamon and redirect all output to file |
|
112 | ## set as deamon and redirect all output to file | |
113 | #daemonize = ./uwsgi_kallithea.log |
|
113 | #daemonize = ./uwsgi_kallithea.log | |
114 |
|
114 | |||
115 | ## master process PID |
|
115 | ## master process PID | |
116 | #pidfile = ./uwsgi_kallithea.pid |
|
116 | #pidfile = ./uwsgi_kallithea.pid | |
117 |
|
117 | |||
118 | ## stats server with workers statistics, use uwsgitop |
|
118 | ## stats server with workers statistics, use uwsgitop | |
119 | ## for monitoring, `uwsgitop 127.0.0.1:1717` |
|
119 | ## for monitoring, `uwsgitop 127.0.0.1:1717` | |
120 | #stats = 127.0.0.1:1717 |
|
120 | #stats = 127.0.0.1:1717 | |
121 | #memory-report = true |
|
121 | #memory-report = true | |
122 |
|
122 | |||
123 | ## log 5XX errors |
|
123 | ## log 5XX errors | |
124 | #log-5xx = true |
|
124 | #log-5xx = true | |
125 |
|
125 | |||
126 | ## Set the socket listen queue size. |
|
126 | ## Set the socket listen queue size. | |
127 | #listen = 256 |
|
127 | #listen = 256 | |
128 |
|
128 | |||
129 | ## Gracefully Reload workers after the specified amount of managed requests |
|
129 | ## Gracefully Reload workers after the specified amount of managed requests | |
130 | ## (avoid memory leaks). |
|
130 | ## (avoid memory leaks). | |
131 | #max-requests = 1000 |
|
131 | #max-requests = 1000 | |
132 |
|
132 | |||
133 | ## enable large buffers |
|
133 | ## enable large buffers | |
134 | #buffer-size = 65535 |
|
134 | #buffer-size = 65535 | |
135 |
|
135 | |||
136 | ## socket and http timeouts ## |
|
136 | ## socket and http timeouts ## | |
137 | #http-timeout = 3600 |
|
137 | #http-timeout = 3600 | |
138 | #socket-timeout = 3600 |
|
138 | #socket-timeout = 3600 | |
139 |
|
139 | |||
140 | ## Log requests slower than the specified number of milliseconds. |
|
140 | ## Log requests slower than the specified number of milliseconds. | |
141 | #log-slow = 10 |
|
141 | #log-slow = 10 | |
142 |
|
142 | |||
143 | ## Exit if no app can be loaded. |
|
143 | ## Exit if no app can be loaded. | |
144 | #need-app = true |
|
144 | #need-app = true | |
145 |
|
145 | |||
146 | ## Set lazy mode (load apps in workers instead of master). |
|
146 | ## Set lazy mode (load apps in workers instead of master). | |
147 | #lazy = true |
|
147 | #lazy = true | |
148 |
|
148 | |||
149 | ## scaling ## |
|
149 | ## scaling ## | |
150 | ## set cheaper algorithm to use, if not set default will be used |
|
150 | ## set cheaper algorithm to use, if not set default will be used | |
151 | #cheaper-algo = spare |
|
151 | #cheaper-algo = spare | |
152 |
|
152 | |||
153 | ## minimum number of workers to keep at all times |
|
153 | ## minimum number of workers to keep at all times | |
154 | #cheaper = 1 |
|
154 | #cheaper = 1 | |
155 |
|
155 | |||
156 | ## number of workers to spawn at startup |
|
156 | ## number of workers to spawn at startup | |
157 | #cheaper-initial = 1 |
|
157 | #cheaper-initial = 1 | |
158 |
|
158 | |||
159 | ## maximum number of workers that can be spawned |
|
159 | ## maximum number of workers that can be spawned | |
160 | #workers = 4 |
|
160 | #workers = 4 | |
161 |
|
161 | |||
162 | ## how many workers should be spawned at a time |
|
162 | ## how many workers should be spawned at a time | |
163 | #cheaper-step = 1 |
|
163 | #cheaper-step = 1 | |
164 |
|
164 | |||
165 | ## COMMON ## |
|
165 | ## COMMON ## | |
166 | host = 0.0.0.0 |
|
166 | host = 0.0.0.0 | |
167 | port = 5000 |
|
167 | port = 5000 | |
168 |
|
168 | |||
169 | ## middleware for hosting the WSGI application under a URL prefix |
|
169 | ## middleware for hosting the WSGI application under a URL prefix | |
170 | #[filter:proxy-prefix] |
|
170 | #[filter:proxy-prefix] | |
171 | #use = egg:PasteDeploy#prefix |
|
171 | #use = egg:PasteDeploy#prefix | |
172 | #prefix = /<your-prefix> |
|
172 | #prefix = /<your-prefix> | |
173 |
|
173 | |||
174 | [app:main] |
|
174 | [app:main] | |
175 | use = egg:kallithea |
|
175 | use = egg:kallithea | |
176 | ## enable proxy prefix middleware |
|
176 | ## enable proxy prefix middleware | |
177 | #filter-with = proxy-prefix |
|
177 | #filter-with = proxy-prefix | |
178 |
|
178 | |||
179 | full_stack = true |
|
179 | full_stack = true | |
180 | static_files = true |
|
180 | static_files = true | |
181 | ## Available Languages: |
|
181 | ## Available Languages: | |
182 | ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW |
|
182 | ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW | |
183 | lang = |
|
183 | lang = | |
184 | cache_dir = %(here)s/data |
|
184 | cache_dir = %(here)s/data | |
185 | index_dir = %(here)s/data/index |
|
185 | index_dir = %(here)s/data/index | |
186 |
|
186 | |||
187 | ## perform a full repository scan on each server start, this should be |
|
187 | ## perform a full repository scan on each server start, this should be | |
188 | ## set to false after first startup, to allow faster server restarts. |
|
188 | ## set to false after first startup, to allow faster server restarts. | |
189 | #initial_repo_scan = false |
|
189 | #initial_repo_scan = false | |
190 | initial_repo_scan = true |
|
190 | initial_repo_scan = true | |
191 |
|
191 | |||
192 | ## uncomment and set this path to use archive download cache |
|
192 | ## uncomment and set this path to use archive download cache | |
193 | archive_cache_dir = %(here)s/tarballcache |
|
193 | archive_cache_dir = %(here)s/tarballcache | |
194 |
|
194 | |||
195 | ## change this to unique ID for security |
|
195 | ## change this to unique ID for security | |
196 | app_instance_uuid = development-not-secret |
|
196 | app_instance_uuid = development-not-secret | |
197 |
|
197 | |||
198 | ## cut off limit for large diffs (size in bytes) |
|
198 | ## cut off limit for large diffs (size in bytes) | |
199 | cut_off_limit = 256000 |
|
199 | cut_off_limit = 256000 | |
200 |
|
200 | |||
201 | ## use cache version of scm repo everywhere |
|
201 | ## use cache version of scm repo everywhere | |
202 | vcs_full_cache = true |
|
202 | vcs_full_cache = true | |
203 |
|
203 | |||
204 | ## force https in Kallithea, fixes https redirects, assumes it's always https |
|
204 | ## force https in Kallithea, fixes https redirects, assumes it's always https | |
205 | force_https = false |
|
205 | force_https = false | |
206 |
|
206 | |||
207 | ## use Strict-Transport-Security headers |
|
207 | ## use Strict-Transport-Security headers | |
208 | use_htsts = false |
|
208 | use_htsts = false | |
209 |
|
209 | |||
210 | ## number of commits stats will parse on each iteration |
|
210 | ## number of commits stats will parse on each iteration | |
211 | commit_parse_limit = 25 |
|
211 | commit_parse_limit = 25 | |
212 |
|
212 | |||
213 | ## path to git executable |
|
213 | ## path to git executable | |
214 | git_path = git |
|
214 | git_path = git | |
215 |
|
215 | |||
216 | ## git rev filter option, --all is the default filter, if you need to |
|
216 | ## git rev filter option, --all is the default filter, if you need to | |
217 | ## hide all refs in changelog switch this to --branches --tags |
|
217 | ## hide all refs in changelog switch this to --branches --tags | |
218 | #git_rev_filter = --branches --tags |
|
218 | #git_rev_filter = --branches --tags | |
219 |
|
219 | |||
220 | ## RSS feed options |
|
220 | ## RSS feed options | |
221 | rss_cut_off_limit = 256000 |
|
221 | rss_cut_off_limit = 256000 | |
222 | rss_items_per_page = 10 |
|
222 | rss_items_per_page = 10 | |
223 | rss_include_diff = false |
|
223 | rss_include_diff = false | |
224 |
|
224 | |||
225 | ## options for showing and identifying changesets |
|
225 | ## options for showing and identifying changesets | |
226 | show_sha_length = 12 |
|
226 | show_sha_length = 12 | |
227 | show_revision_number = false |
|
227 | show_revision_number = false | |
228 |
|
228 | |||
229 | ## gist URL alias, used to create nicer urls for gist. This should be an |
|
229 | ## gist URL alias, used to create nicer urls for gist. This should be an | |
230 | ## url that does rewrites to _admin/gists/<gistid>. |
|
230 | ## url that does rewrites to _admin/gists/<gistid>. | |
231 | ## example: http://gist.example.com/{gistid}. Empty means use the internal |
|
231 | ## example: http://gist.example.com/{gistid}. Empty means use the internal | |
232 | ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid> |
|
232 | ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid> | |
233 | gist_alias_url = |
|
233 | gist_alias_url = | |
234 |
|
234 | |||
235 | ## white list of API enabled controllers. This allows to add list of |
|
235 | ## white list of API enabled controllers. This allows to add list of | |
236 | ## controllers to which access will be enabled by api_key. eg: to enable |
|
236 | ## controllers to which access will be enabled by api_key. eg: to enable | |
237 | ## api access to raw_files put `FilesController:raw`, to enable access to patches |
|
237 | ## api access to raw_files put `FilesController:raw`, to enable access to patches | |
238 | ## add `ChangesetController:changeset_patch`. This list should be "," separated |
|
238 | ## add `ChangesetController:changeset_patch`. This list should be "," separated | |
239 | ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names |
|
239 | ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names | |
240 | ## Recommended settings below are commented out: |
|
240 | ## Recommended settings below are commented out: | |
241 | api_access_controllers_whitelist = |
|
241 | api_access_controllers_whitelist = | |
242 | # ChangesetController:changeset_patch, |
|
242 | # ChangesetController:changeset_patch, | |
243 | # ChangesetController:changeset_raw, |
|
243 | # ChangesetController:changeset_raw, | |
244 | # FilesController:raw, |
|
244 | # FilesController:raw, | |
245 | # FilesController:archivefile |
|
245 | # FilesController:archivefile | |
246 |
|
246 | |||
247 | ## default encoding used to convert from and to unicode |
|
247 | ## default encoding used to convert from and to unicode | |
248 | ## can be also a comma seperated list of encoding in case of mixed encodings |
|
248 | ## can be also a comma seperated list of encoding in case of mixed encodings | |
249 | default_encoding = utf8 |
|
249 | default_encoding = utf8 | |
250 |
|
250 | |||
251 | ## issue tracker for Kallithea (leave blank to disable, absent for default) |
|
251 | ## issue tracker for Kallithea (leave blank to disable, absent for default) | |
252 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues |
|
252 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues | |
253 |
|
253 | |||
254 | ## issue tracking mapping for commits messages |
|
254 | ## issue tracking mapping for commits messages | |
255 | ## comment out issue_pat, issue_server, issue_prefix to enable |
|
255 | ## comment out issue_pat, issue_server, issue_prefix to enable | |
256 |
|
256 | |||
257 | ## pattern to get the issues from commit messages |
|
257 | ## pattern to get the issues from commit messages | |
258 | ## default one used here is #<numbers> with a regex passive group for `#` |
|
258 | ## default one used here is #<numbers> with a regex passive group for `#` | |
259 | ## {id} will be all groups matched from this pattern |
|
259 | ## {id} will be all groups matched from this pattern | |
260 |
|
260 | |||
261 | issue_pat = (?:\s*#)(\d+) |
|
261 | issue_pat = (?:\s*#)(\d+) | |
262 |
|
262 | |||
263 | ## server url to the issue, each {id} will be replaced with match |
|
263 | ## server url to the issue, each {id} will be replaced with match | |
264 | ## fetched from the regex and {repo} is replaced with full repository name |
|
264 | ## fetched from the regex and {repo} is replaced with full repository name | |
265 | ## including groups {repo_name} is replaced with just name of repo |
|
265 | ## including groups {repo_name} is replaced with just name of repo | |
266 |
|
266 | |||
267 | issue_server_link = https://issues.example.com/{repo}/issue/{id} |
|
267 | issue_server_link = https://issues.example.com/{repo}/issue/{id} | |
268 |
|
268 | |||
269 | ## prefix to add to link to indicate it's an url |
|
269 | ## prefix to add to link to indicate it's an url | |
270 | ## #314 will be replaced by <issue_prefix><id> |
|
270 | ## #314 will be replaced by <issue_prefix><id> | |
271 |
|
271 | |||
272 | issue_prefix = # |
|
272 | issue_prefix = # | |
273 |
|
273 | |||
274 | ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify |
|
274 | ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify | |
275 | ## multiple patterns, to other issues server, wiki or others |
|
275 | ## multiple patterns, to other issues server, wiki or others | |
276 | ## below an example how to create a wiki pattern |
|
276 | ## below an example how to create a wiki pattern | |
277 | # wiki-some-id -> https://wiki.example.com/some-id |
|
277 | # wiki-some-id -> https://wiki.example.com/some-id | |
278 |
|
278 | |||
279 | #issue_pat_wiki = (?:wiki-)(.+) |
|
279 | #issue_pat_wiki = (?:wiki-)(.+) | |
280 | #issue_server_link_wiki = https://wiki.example.com/{id} |
|
280 | #issue_server_link_wiki = https://wiki.example.com/{id} | |
281 | #issue_prefix_wiki = WIKI- |
|
281 | #issue_prefix_wiki = WIKI- | |
282 |
|
282 | |||
283 | ## instance-id prefix |
|
283 | ## instance-id prefix | |
284 | ## a prefix key for this instance used for cache invalidation when running |
|
284 | ## a prefix key for this instance used for cache invalidation when running | |
285 | ## multiple instances of kallithea, make sure it's globally unique for |
|
285 | ## multiple instances of kallithea, make sure it's globally unique for | |
286 | ## all running kallithea instances. Leave empty if you don't use it |
|
286 | ## all running kallithea instances. Leave empty if you don't use it | |
287 | instance_id = |
|
287 | instance_id = | |
288 |
|
288 | |||
289 | ## alternative return HTTP header for failed authentication. Default HTTP |
|
289 | ## alternative return HTTP header for failed authentication. Default HTTP | |
290 | ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with |
|
290 | ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with | |
291 | ## handling that. Set this variable to 403 to return HTTPForbidden |
|
291 | ## handling that. Set this variable to 403 to return HTTPForbidden | |
292 | auth_ret_code = |
|
292 | auth_ret_code = | |
293 |
|
293 | |||
294 | ## locking return code. When repository is locked return this HTTP code. 2XX |
|
294 | ## locking return code. When repository is locked return this HTTP code. 2XX | |
295 | ## codes don't break the transactions while 4XX codes do |
|
295 | ## codes don't break the transactions while 4XX codes do | |
296 | lock_ret_code = 423 |
|
296 | lock_ret_code = 423 | |
297 |
|
297 | |||
298 | ## allows to change the repository location in settings page |
|
298 | ## allows to change the repository location in settings page | |
299 | allow_repo_location_change = True |
|
299 | allow_repo_location_change = True | |
300 |
|
300 | |||
301 | ## allows to setup custom hooks in settings page |
|
301 | ## allows to setup custom hooks in settings page | |
302 | allow_custom_hooks_settings = True |
|
302 | allow_custom_hooks_settings = True | |
303 |
|
303 | |||
304 | #################################### |
|
304 | #################################### | |
305 | ### CELERY CONFIG #### |
|
305 | ### CELERY CONFIG #### | |
306 | #################################### |
|
306 | #################################### | |
307 |
|
307 | |||
308 | use_celery = false |
|
308 | use_celery = false | |
309 | broker.host = localhost |
|
309 | broker.host = localhost | |
310 | broker.vhost = rabbitmqhost |
|
310 | broker.vhost = rabbitmqhost | |
311 | broker.port = 5672 |
|
311 | broker.port = 5672 | |
312 | broker.user = rabbitmq |
|
312 | broker.user = rabbitmq | |
313 | broker.password = qweqwe |
|
313 | broker.password = qweqwe | |
314 |
|
314 | |||
315 | celery.imports = kallithea.lib.celerylib.tasks |
|
315 | celery.imports = kallithea.lib.celerylib.tasks | |
316 |
|
316 | |||
317 | celery.result.backend = amqp |
|
317 | celery.result.backend = amqp | |
318 | celery.result.dburi = amqp:// |
|
318 | celery.result.dburi = amqp:// | |
319 | celery.result.serialier = json |
|
319 | celery.result.serialier = json | |
320 |
|
320 | |||
321 | #celery.send.task.error.emails = true |
|
321 | #celery.send.task.error.emails = true | |
322 | #celery.amqp.task.result.expires = 18000 |
|
322 | #celery.amqp.task.result.expires = 18000 | |
323 |
|
323 | |||
324 | celeryd.concurrency = 2 |
|
324 | celeryd.concurrency = 2 | |
325 | #celeryd.log.file = celeryd.log |
|
325 | #celeryd.log.file = celeryd.log | |
326 | celeryd.log.level = DEBUG |
|
326 | celeryd.log.level = DEBUG | |
327 | celeryd.max.tasks.per.child = 1 |
|
327 | celeryd.max.tasks.per.child = 1 | |
328 |
|
328 | |||
329 | ## tasks will never be sent to the queue, but executed locally instead. |
|
329 | ## tasks will never be sent to the queue, but executed locally instead. | |
330 | celery.always.eager = false |
|
330 | celery.always.eager = false | |
331 |
|
331 | |||
332 | #################################### |
|
332 | #################################### | |
333 | ### BEAKER CACHE #### |
|
333 | ### BEAKER CACHE #### | |
334 | #################################### |
|
334 | #################################### | |
335 |
|
335 | |||
336 | beaker.cache.data_dir = %(here)s/data/cache/data |
|
336 | beaker.cache.data_dir = %(here)s/data/cache/data | |
337 | beaker.cache.lock_dir = %(here)s/data/cache/lock |
|
337 | beaker.cache.lock_dir = %(here)s/data/cache/lock | |
338 |
|
338 | |||
339 | beaker.cache.regions = short_term,long_term,sql_cache_short |
|
339 | beaker.cache.regions = short_term,long_term,sql_cache_short | |
340 |
|
340 | |||
341 | beaker.cache.short_term.type = memory |
|
341 | beaker.cache.short_term.type = memory | |
342 | beaker.cache.short_term.expire = 60 |
|
342 | beaker.cache.short_term.expire = 60 | |
343 | beaker.cache.short_term.key_length = 256 |
|
343 | beaker.cache.short_term.key_length = 256 | |
344 |
|
344 | |||
345 | beaker.cache.long_term.type = memory |
|
345 | beaker.cache.long_term.type = memory | |
346 | beaker.cache.long_term.expire = 36000 |
|
346 | beaker.cache.long_term.expire = 36000 | |
347 | beaker.cache.long_term.key_length = 256 |
|
347 | beaker.cache.long_term.key_length = 256 | |
348 |
|
348 | |||
349 | beaker.cache.sql_cache_short.type = memory |
|
349 | beaker.cache.sql_cache_short.type = memory | |
350 | beaker.cache.sql_cache_short.expire = 10 |
|
350 | beaker.cache.sql_cache_short.expire = 10 | |
351 | beaker.cache.sql_cache_short.key_length = 256 |
|
351 | beaker.cache.sql_cache_short.key_length = 256 | |
352 |
|
352 | |||
353 | #################################### |
|
353 | #################################### | |
354 | ### BEAKER SESSION #### |
|
354 | ### BEAKER SESSION #### | |
355 | #################################### |
|
355 | #################################### | |
356 |
|
356 | |||
357 | ## Name of session cookie. Should be unique for a given host and path, even when running |
|
357 | ## Name of session cookie. Should be unique for a given host and path, even when running | |
358 | ## on different ports. Otherwise, cookie sessions will be shared and messed up. |
|
358 | ## on different ports. Otherwise, cookie sessions will be shared and messed up. | |
359 | beaker.session.key = kallithea |
|
359 | beaker.session.key = kallithea | |
360 | ## Sessions should always only be accessible by the browser, not directly by JavaScript. |
|
360 | ## Sessions should always only be accessible by the browser, not directly by JavaScript. | |
361 | beaker.session.httponly = true |
|
361 | beaker.session.httponly = true | |
362 | ## Session lifetime. 2592000 seconds is 30 days. |
|
362 | ## Session lifetime. 2592000 seconds is 30 days. | |
363 | beaker.session.timeout = 2592000 |
|
363 | beaker.session.timeout = 2592000 | |
364 |
|
364 | |||
365 | ## Server secret used with HMAC to ensure integrity of cookies. |
|
365 | ## Server secret used with HMAC to ensure integrity of cookies. | |
366 | beaker.session.secret = development-not-secret |
|
366 | beaker.session.secret = development-not-secret | |
367 | ## Further, encrypt the data with AES. |
|
367 | ## Further, encrypt the data with AES. | |
368 | #beaker.session.encrypt_key = <key_for_encryption> |
|
368 | #beaker.session.encrypt_key = <key_for_encryption> | |
369 | #beaker.session.validate_key = <validation_key> |
|
369 | #beaker.session.validate_key = <validation_key> | |
370 |
|
370 | |||
371 | ## Type of storage used for the session, current types are |
|
371 | ## Type of storage used for the session, current types are | |
372 | ## dbm, file, memcached, database, and memory. |
|
372 | ## dbm, file, memcached, database, and memory. | |
373 |
|
373 | |||
374 | ## File system storage of session data. (default) |
|
374 | ## File system storage of session data. (default) | |
375 | #beaker.session.type = file |
|
375 | #beaker.session.type = file | |
376 |
|
376 | |||
377 | ## Cookie only, store all session data inside the cookie. Requires secure secrets. |
|
377 | ## Cookie only, store all session data inside the cookie. Requires secure secrets. | |
378 | #beaker.session.type = cookie |
|
378 | #beaker.session.type = cookie | |
379 |
|
379 | |||
380 | ## Database storage of session data. |
|
380 | ## Database storage of session data. | |
381 | #beaker.session.type = ext:database |
|
381 | #beaker.session.type = ext:database | |
382 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea |
|
382 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea | |
383 | #beaker.session.table_name = db_session |
|
383 | #beaker.session.table_name = db_session | |
384 |
|
384 | |||
385 | ############################ |
|
385 | ############################ | |
386 | ## ERROR HANDLING SYSTEMS ## |
|
386 | ## ERROR HANDLING SYSTEMS ## | |
387 | ############################ |
|
387 | ############################ | |
388 |
|
388 | |||
389 | #################### |
|
389 | #################### | |
390 | ### [appenlight] ### |
|
390 | ### [appenlight] ### | |
391 | #################### |
|
391 | #################### | |
392 |
|
392 | |||
393 | ## AppEnlight is tailored to work with Kallithea, see |
|
393 | ## AppEnlight is tailored to work with Kallithea, see | |
394 | ## http://appenlight.com for details how to obtain an account |
|
394 | ## http://appenlight.com for details how to obtain an account | |
395 | ## you must install python package `appenlight_client` to make it work |
|
395 | ## you must install python package `appenlight_client` to make it work | |
396 |
|
396 | |||
397 | ## appenlight enabled |
|
397 | ## appenlight enabled | |
398 | appenlight = false |
|
398 | appenlight = false | |
399 |
|
399 | |||
400 | appenlight.server_url = https://api.appenlight.com |
|
400 | appenlight.server_url = https://api.appenlight.com | |
401 | appenlight.api_key = YOUR_API_KEY |
|
401 | appenlight.api_key = YOUR_API_KEY | |
402 |
|
402 | |||
403 | ## TWEAK AMOUNT OF INFO SENT HERE |
|
403 | ## TWEAK AMOUNT OF INFO SENT HERE | |
404 |
|
404 | |||
405 | ## enables 404 error logging (default False) |
|
405 | ## enables 404 error logging (default False) | |
406 | appenlight.report_404 = false |
|
406 | appenlight.report_404 = false | |
407 |
|
407 | |||
408 | ## time in seconds after request is considered being slow (default 1) |
|
408 | ## time in seconds after request is considered being slow (default 1) | |
409 | appenlight.slow_request_time = 1 |
|
409 | appenlight.slow_request_time = 1 | |
410 |
|
410 | |||
411 | ## record slow requests in application |
|
411 | ## record slow requests in application | |
412 | ## (needs to be enabled for slow datastore recording and time tracking) |
|
412 | ## (needs to be enabled for slow datastore recording and time tracking) | |
413 | appenlight.slow_requests = true |
|
413 | appenlight.slow_requests = true | |
414 |
|
414 | |||
415 | ## enable hooking to application loggers |
|
415 | ## enable hooking to application loggers | |
416 | #appenlight.logging = true |
|
416 | #appenlight.logging = true | |
417 |
|
417 | |||
418 | ## minimum log level for log capture |
|
418 | ## minimum log level for log capture | |
419 | #appenlight.logging.level = WARNING |
|
419 | #appenlight.logging.level = WARNING | |
420 |
|
420 | |||
421 | ## send logs only from erroneous/slow requests |
|
421 | ## send logs only from erroneous/slow requests | |
422 | ## (saves API quota for intensive logging) |
|
422 | ## (saves API quota for intensive logging) | |
423 | appenlight.logging_on_error = false |
|
423 | appenlight.logging_on_error = false | |
424 |
|
424 | |||
425 | ## list of additonal keywords that should be grabbed from environ object |
|
425 | ## list of additonal keywords that should be grabbed from environ object | |
426 | ## can be string with comma separated list of words in lowercase |
|
426 | ## can be string with comma separated list of words in lowercase | |
427 | ## (by default client will always send following info: |
|
427 | ## (by default client will always send following info: | |
428 | ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that |
|
428 | ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that | |
429 | ## start with HTTP* this list be extended with additional keywords here |
|
429 | ## start with HTTP* this list be extended with additional keywords here | |
430 | appenlight.environ_keys_whitelist = |
|
430 | appenlight.environ_keys_whitelist = | |
431 |
|
431 | |||
432 | ## list of keywords that should be blanked from request object |
|
432 | ## list of keywords that should be blanked from request object | |
433 | ## can be string with comma separated list of words in lowercase |
|
433 | ## can be string with comma separated list of words in lowercase | |
434 | ## (by default client will always blank keys that contain following words |
|
434 | ## (by default client will always blank keys that contain following words | |
435 | ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' |
|
435 | ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' | |
436 | ## this list be extended with additional keywords set here |
|
436 | ## this list be extended with additional keywords set here | |
437 | appenlight.request_keys_blacklist = |
|
437 | appenlight.request_keys_blacklist = | |
438 |
|
438 | |||
439 | ## list of namespaces that should be ignores when gathering log entries |
|
439 | ## list of namespaces that should be ignores when gathering log entries | |
440 | ## can be string with comma separated list of namespaces |
|
440 | ## can be string with comma separated list of namespaces | |
441 | ## (by default the client ignores own entries: appenlight_client.client) |
|
441 | ## (by default the client ignores own entries: appenlight_client.client) | |
442 | appenlight.log_namespace_blacklist = |
|
442 | appenlight.log_namespace_blacklist = | |
443 |
|
443 | |||
444 | ################ |
|
444 | ################ | |
445 | ### [sentry] ### |
|
445 | ### [sentry] ### | |
446 | ################ |
|
446 | ################ | |
447 |
|
447 | |||
448 | ## sentry is a alternative open source error aggregator |
|
448 | ## sentry is a alternative open source error aggregator | |
449 | ## you must install python packages `sentry` and `raven` to enable |
|
449 | ## you must install python packages `sentry` and `raven` to enable | |
450 |
|
450 | |||
451 | sentry.dsn = YOUR_DNS |
|
451 | sentry.dsn = YOUR_DNS | |
452 | sentry.servers = |
|
452 | sentry.servers = | |
453 | sentry.name = |
|
453 | sentry.name = | |
454 | sentry.key = |
|
454 | sentry.key = | |
455 | sentry.public_key = |
|
455 | sentry.public_key = | |
456 | sentry.secret_key = |
|
456 | sentry.secret_key = | |
457 | sentry.project = |
|
457 | sentry.project = | |
458 | sentry.site = |
|
458 | sentry.site = | |
459 | sentry.include_paths = |
|
459 | sentry.include_paths = | |
460 | sentry.exclude_paths = |
|
460 | sentry.exclude_paths = | |
461 |
|
461 | |||
462 | ################################################################################ |
|
462 | ################################################################################ | |
463 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## |
|
463 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## | |
464 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## |
|
464 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## | |
465 | ## execute malicious code after an exception is raised. ## |
|
465 | ## execute malicious code after an exception is raised. ## | |
466 | ################################################################################ |
|
466 | ################################################################################ | |
467 | #set debug = false |
|
467 | #set debug = false | |
468 | set debug = true |
|
468 | set debug = true | |
469 |
|
469 | |||
470 | ################################## |
|
470 | ################################## | |
471 | ### LOGVIEW CONFIG ### |
|
471 | ### LOGVIEW CONFIG ### | |
472 | ################################## |
|
472 | ################################## | |
473 |
|
473 | |||
474 | logview.sqlalchemy = #faa |
|
474 | logview.sqlalchemy = #faa | |
475 | logview.pylons.templating = #bfb |
|
475 | logview.pylons.templating = #bfb | |
476 | logview.pylons.util = #eee |
|
476 | logview.pylons.util = #eee | |
477 |
|
477 | |||
478 | ######################################################### |
|
478 | ######################################################### | |
479 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### |
|
479 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### | |
480 | ######################################################### |
|
480 | ######################################################### | |
481 |
|
481 | |||
482 | # SQLITE [default] |
|
482 | # SQLITE [default] | |
483 | sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60 |
|
483 | sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60 | |
484 |
|
484 | |||
485 | # POSTGRESQL |
|
485 | # POSTGRESQL | |
486 | #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea |
|
486 | #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea | |
487 |
|
487 | |||
488 | # MySQL |
|
488 | # MySQL | |
489 | #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea |
|
489 | #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea | |
490 |
|
490 | |||
491 | # see sqlalchemy docs for others |
|
491 | # see sqlalchemy docs for others | |
492 |
|
492 | |||
493 | sqlalchemy.db1.echo = false |
|
493 | sqlalchemy.db1.echo = false | |
494 | sqlalchemy.db1.pool_recycle = 3600 |
|
494 | sqlalchemy.db1.pool_recycle = 3600 | |
495 | sqlalchemy.db1.convert_unicode = true |
|
495 | sqlalchemy.db1.convert_unicode = true | |
496 |
|
496 | |||
497 | ################################ |
|
497 | ################################ | |
498 | ### LOGGING CONFIGURATION #### |
|
498 | ### LOGGING CONFIGURATION #### | |
499 | ################################ |
|
499 | ################################ | |
500 |
|
500 | |||
501 | [loggers] |
|
501 | [loggers] | |
502 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer |
|
502 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer | |
503 |
|
503 | |||
504 | [handlers] |
|
504 | [handlers] | |
505 | keys = console, console_sql |
|
505 | keys = console, console_sql | |
506 |
|
506 | |||
507 | [formatters] |
|
507 | [formatters] | |
508 | keys = generic, color_formatter, color_formatter_sql |
|
508 | keys = generic, color_formatter, color_formatter_sql | |
509 |
|
509 | |||
510 | ############# |
|
510 | ############# | |
511 | ## LOGGERS ## |
|
511 | ## LOGGERS ## | |
512 | ############# |
|
512 | ############# | |
513 |
|
513 | |||
514 | [logger_root] |
|
514 | [logger_root] | |
515 | level = NOTSET |
|
515 | level = NOTSET | |
516 | handlers = console |
|
516 | handlers = console | |
517 |
|
517 | |||
518 | [logger_routes] |
|
518 | [logger_routes] | |
519 | level = DEBUG |
|
519 | level = DEBUG | |
520 | handlers = |
|
520 | handlers = | |
521 | qualname = routes.middleware |
|
521 | qualname = routes.middleware | |
522 | ## "level = DEBUG" logs the route matched and routing variables. |
|
522 | ## "level = DEBUG" logs the route matched and routing variables. | |
523 | propagate = 1 |
|
523 | propagate = 1 | |
524 |
|
524 | |||
525 | [logger_beaker] |
|
525 | [logger_beaker] | |
526 | level = DEBUG |
|
526 | level = DEBUG | |
527 | handlers = |
|
527 | handlers = | |
528 | qualname = beaker.container |
|
528 | qualname = beaker.container | |
529 | propagate = 1 |
|
529 | propagate = 1 | |
530 |
|
530 | |||
531 | [logger_templates] |
|
531 | [logger_templates] | |
532 | level = INFO |
|
532 | level = INFO | |
533 | handlers = |
|
533 | handlers = | |
534 | qualname = pylons.templating |
|
534 | qualname = pylons.templating | |
535 | propagate = 1 |
|
535 | propagate = 1 | |
536 |
|
536 | |||
537 | [logger_kallithea] |
|
537 | [logger_kallithea] | |
538 | level = DEBUG |
|
538 | level = DEBUG | |
539 | handlers = |
|
539 | handlers = | |
540 | qualname = kallithea |
|
540 | qualname = kallithea | |
541 | propagate = 1 |
|
541 | propagate = 1 | |
542 |
|
542 | |||
543 | [logger_sqlalchemy] |
|
543 | [logger_sqlalchemy] | |
544 | level = INFO |
|
544 | level = INFO | |
545 | handlers = console_sql |
|
545 | handlers = console_sql | |
546 | qualname = sqlalchemy.engine |
|
546 | qualname = sqlalchemy.engine | |
547 | propagate = 0 |
|
547 | propagate = 0 | |
548 |
|
548 | |||
549 | [logger_whoosh_indexer] |
|
549 | [logger_whoosh_indexer] | |
550 | level = DEBUG |
|
550 | level = DEBUG | |
551 | handlers = |
|
551 | handlers = | |
552 | qualname = whoosh_indexer |
|
552 | qualname = whoosh_indexer | |
553 | propagate = 1 |
|
553 | propagate = 1 | |
554 |
|
554 | |||
555 | ############## |
|
555 | ############## | |
556 | ## HANDLERS ## |
|
556 | ## HANDLERS ## | |
557 | ############## |
|
557 | ############## | |
558 |
|
558 | |||
559 | [handler_console] |
|
559 | [handler_console] | |
560 | class = StreamHandler |
|
560 | class = StreamHandler | |
561 | args = (sys.stderr,) |
|
561 | args = (sys.stderr,) | |
562 | #level = INFO |
|
562 | #level = INFO | |
563 | #formatter = generic |
|
563 | #formatter = generic | |
564 | level = DEBUG |
|
564 | level = DEBUG | |
565 | formatter = color_formatter |
|
565 | formatter = color_formatter | |
566 |
|
566 | |||
567 | [handler_console_sql] |
|
567 | [handler_console_sql] | |
568 | class = StreamHandler |
|
568 | class = StreamHandler | |
569 | args = (sys.stderr,) |
|
569 | args = (sys.stderr,) | |
570 | #level = WARN |
|
570 | #level = WARN | |
571 | #formatter = generic |
|
571 | #formatter = generic | |
572 | level = DEBUG |
|
572 | level = DEBUG | |
573 | formatter = color_formatter_sql |
|
573 | formatter = color_formatter_sql | |
574 |
|
574 | |||
575 | ################ |
|
575 | ################ | |
576 | ## FORMATTERS ## |
|
576 | ## FORMATTERS ## | |
577 | ################ |
|
577 | ################ | |
578 |
|
578 | |||
579 | [formatter_generic] |
|
579 | [formatter_generic] | |
580 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
580 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
581 | datefmt = %Y-%m-%d %H:%M:%S |
|
581 | datefmt = %Y-%m-%d %H:%M:%S | |
582 |
|
582 | |||
583 | [formatter_color_formatter] |
|
583 | [formatter_color_formatter] | |
584 | class = kallithea.lib.colored_formatter.ColorFormatter |
|
584 | class = kallithea.lib.colored_formatter.ColorFormatter | |
585 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
585 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
586 | datefmt = %Y-%m-%d %H:%M:%S |
|
586 | datefmt = %Y-%m-%d %H:%M:%S | |
587 |
|
587 | |||
588 | [formatter_color_formatter_sql] |
|
588 | [formatter_color_formatter_sql] | |
589 | class = kallithea.lib.colored_formatter.ColorFormatterSql |
|
589 | class = kallithea.lib.colored_formatter.ColorFormatterSql | |
590 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
590 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
591 | datefmt = %Y-%m-%d %H:%M:%S |
|
591 | datefmt = %Y-%m-%d %H:%M:%S |
@@ -1,819 +1,818 b'' | |||||
1 | .. _setup: |
|
1 | .. _setup: | |
2 |
|
2 | |||
3 | ===== |
|
3 | ===== | |
4 | Setup |
|
4 | Setup | |
5 | ===== |
|
5 | ===== | |
6 |
|
6 | |||
7 |
|
7 | |||
8 | Setting up Kallithea |
|
8 | Setting up Kallithea | |
9 | -------------------- |
|
9 | -------------------- | |
10 |
|
10 | |||
11 | First, you will need to create a Kallithea configuration file. Run the |
|
11 | First, you will need to create a Kallithea configuration file. Run the | |
12 | following command to do so:: |
|
12 | following command to do so:: | |
13 |
|
13 | |||
14 | paster make-config Kallithea my.ini |
|
14 | paster make-config Kallithea my.ini | |
15 |
|
15 | |||
16 | This will create the file ``my.ini`` in the current directory. This |
|
16 | This will create the file ``my.ini`` in the current directory. This | |
17 | configuration file contains the various settings for Kallithea, e.g. |
|
17 | configuration file contains the various settings for Kallithea, e.g. | |
18 | proxy port, email settings, usage of static files, cache, Celery |
|
18 | proxy port, email settings, usage of static files, cache, Celery | |
19 | settings, and logging. |
|
19 | settings, and logging. | |
20 |
|
20 | |||
21 | Next, you need to create the databases used by Kallithea. It is recommended to |
|
21 | Next, you need to create the databases used by Kallithea. It is recommended to | |
22 | use PostgreSQL or SQLite (default). If you choose a database other than the |
|
22 | use PostgreSQL or SQLite (default). If you choose a database other than the | |
23 | default, ensure you properly adjust the database URL in your ``my.ini`` |
|
23 | default, ensure you properly adjust the database URL in your ``my.ini`` | |
24 | configuration file to use this other database. Kallithea currently supports |
|
24 | configuration file to use this other database. Kallithea currently supports | |
25 | PostgreSQL, SQLite and MySQL databases. Create the database by running |
|
25 | PostgreSQL, SQLite and MySQL databases. Create the database by running | |
26 | the following command:: |
|
26 | the following command:: | |
27 |
|
27 | |||
28 | paster setup-db my.ini |
|
28 | paster setup-db my.ini | |
29 |
|
29 | |||
30 | This will prompt you for a "root" path. This "root" path is the location where |
|
30 | This will prompt you for a "root" path. This "root" path is the location where | |
31 | Kallithea will store all of its repositories on the current machine. After |
|
31 | Kallithea will store all of its repositories on the current machine. After | |
32 | entering this "root" path ``setup-db`` will also prompt you for a username |
|
32 | entering this "root" path ``setup-db`` will also prompt you for a username | |
33 | and password for the initial admin account which ``setup-db`` sets |
|
33 | and password for the initial admin account which ``setup-db`` sets | |
34 | up for you. |
|
34 | up for you. | |
35 |
|
35 | |||
36 | The ``setup-db`` values can also be given on the command line. |
|
36 | The ``setup-db`` values can also be given on the command line. | |
37 | Example:: |
|
37 | Example:: | |
38 |
|
38 | |||
39 | paster setup-db my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos |
|
39 | paster setup-db my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos | |
40 |
|
40 | |||
41 | The ``setup-db`` command will create all needed tables and an |
|
41 | The ``setup-db`` command will create all needed tables and an | |
42 | admin account. When choosing a root path you can either use a new |
|
42 | admin account. When choosing a root path you can either use a new | |
43 | empty location, or a location which already contains existing |
|
43 | empty location, or a location which already contains existing | |
44 | repositories. If you choose a location which contains existing |
|
44 | repositories. If you choose a location which contains existing | |
45 | repositories Kallithea will add all of the repositories at the chosen |
|
45 | repositories Kallithea will add all of the repositories at the chosen | |
46 | location to its database. (Note: make sure you specify the correct |
|
46 | location to its database. (Note: make sure you specify the correct | |
47 | path to the root). |
|
47 | path to the root). | |
48 |
|
48 | |||
49 | .. note:: the given path for Mercurial_ repositories **must** be write |
|
49 | .. note:: the given path for Mercurial_ repositories **must** be write | |
50 | accessible for the application. It's very important since |
|
50 | accessible for the application. It's very important since | |
51 | the Kallithea web interface will work without write access, |
|
51 | the Kallithea web interface will work without write access, | |
52 | but when trying to do a push it will fail with permission |
|
52 | but when trying to do a push it will fail with permission | |
53 | denied errors unless it has write access. |
|
53 | denied errors unless it has write access. | |
54 |
|
54 | |||
55 | You are now ready to use Kallithea. To run it simply execute:: |
|
55 | You are now ready to use Kallithea. To run it simply execute:: | |
56 |
|
56 | |||
57 | paster serve my.ini |
|
57 | paster serve my.ini | |
58 |
|
58 | |||
59 | - This command runs the Kallithea server. The web app should be available at |
|
59 | - This command runs the Kallithea server. The web app should be available at | |
60 | http://127.0.0.1:5000. The IP address and port is configurable via the |
|
60 | http://127.0.0.1:5000. The IP address and port is configurable via the | |
61 | configuration file created in the previous step. |
|
61 | configuration file created in the previous step. | |
62 | - Log in to Kallithea using the admin account created when running ``setup-db``. |
|
62 | - Log in to Kallithea using the admin account created when running ``setup-db``. | |
63 | - The default permissions on each repository is read, and the owner is admin. |
|
63 | - The default permissions on each repository is read, and the owner is admin. | |
64 | Remember to update these if needed. |
|
64 | Remember to update these if needed. | |
65 | - In the admin panel you can toggle LDAP, anonymous, and permissions |
|
65 | - In the admin panel you can toggle LDAP, anonymous, and permissions | |
66 | settings, as well as edit more advanced options on users and |
|
66 | settings, as well as edit more advanced options on users and | |
67 | repositories. |
|
67 | repositories. | |
68 |
|
68 | |||
69 |
|
69 | |||
70 | Extensions |
|
70 | Extensions | |
71 | ---------- |
|
71 | ---------- | |
72 |
|
72 | |||
73 | Optionally one can create an ``rcextensions`` package that extends Kallithea |
|
73 | Optionally one can create an ``rcextensions`` package that extends Kallithea | |
74 | functionality. |
|
74 | functionality. | |
75 | To generate a skeleton extensions package, run:: |
|
75 | To generate a skeleton extensions package, run:: | |
76 |
|
76 | |||
77 | paster make-rcext my.ini |
|
77 | paster make-rcext my.ini | |
78 |
|
78 | |||
79 | This will create an ``rcextensions`` package next to the specified ``ini`` file. |
|
79 | This will create an ``rcextensions`` package next to the specified ``ini`` file. | |
80 | With ``rcextensions`` it's possible to add additional mapping for whoosh, |
|
80 | With ``rcextensions`` it's possible to add additional mapping for whoosh, | |
81 | stats and add additional code into the push/pull/create/delete repo hooks, |
|
81 | stats and add additional code into the push/pull/create/delete repo hooks, | |
82 | for example for sending signals to build-bots such as Jenkins. |
|
82 | for example for sending signals to build-bots such as Jenkins. | |
83 |
|
83 | |||
84 | See the ``__init__.py`` file inside the generated ``rcextensions`` package |
|
84 | See the ``__init__.py`` file inside the generated ``rcextensions`` package | |
85 | for more details. |
|
85 | for more details. | |
86 |
|
86 | |||
87 |
|
87 | |||
88 | Using Kallithea with SSH |
|
88 | Using Kallithea with SSH | |
89 | ------------------------ |
|
89 | ------------------------ | |
90 |
|
90 | |||
91 | Kallithea currently only hosts repositories using http and https. (The addition |
|
91 | Kallithea currently only hosts repositories using http and https. (The addition | |
92 | of ssh hosting is a planned future feature.) However you can easily use ssh in |
|
92 | of ssh hosting is a planned future feature.) However you can easily use ssh in | |
93 | parallel with Kallithea. (Repository access via ssh is a standard "out of |
|
93 | parallel with Kallithea. (Repository access via ssh is a standard "out of | |
94 | the box" feature of Mercurial_ and you can use this to access any of the |
|
94 | the box" feature of Mercurial_ and you can use this to access any of the | |
95 | repositories that Kallithea is hosting. See PublishingRepositories_) |
|
95 | repositories that Kallithea is hosting. See PublishingRepositories_) | |
96 |
|
96 | |||
97 | Kallithea repository structures are kept in directories with the same name |
|
97 | Kallithea repository structures are kept in directories with the same name | |
98 | as the project. When using repository groups, each group is a subdirectory. |
|
98 | as the project. When using repository groups, each group is a subdirectory. | |
99 | This allows you to easily use ssh for accessing repositories. |
|
99 | This allows you to easily use ssh for accessing repositories. | |
100 |
|
100 | |||
101 | In order to use ssh you need to make sure that your web server and the users' |
|
101 | In order to use ssh you need to make sure that your web server and the users' | |
102 | login accounts have the correct permissions set on the appropriate directories. |
|
102 | login accounts have the correct permissions set on the appropriate directories. | |
103 |
|
103 | |||
104 | .. note:: These permissions are independent of any permissions you |
|
104 | .. note:: These permissions are independent of any permissions you | |
105 | have set up using the Kallithea web interface. |
|
105 | have set up using the Kallithea web interface. | |
106 |
|
106 | |||
107 | If your main directory (the same as set in Kallithea settings) is for |
|
107 | If your main directory (the same as set in Kallithea settings) is for | |
108 | example set to ``/srv/repos`` and the repository you are using is |
|
108 | example set to ``/srv/repos`` and the repository you are using is | |
109 | named ``kallithea``, then to clone via ssh you should run:: |
|
109 | named ``kallithea``, then to clone via ssh you should run:: | |
110 |
|
110 | |||
111 | hg clone ssh://user@kallithea.example.com/srv/repos/kallithea |
|
111 | hg clone ssh://user@kallithea.example.com/srv/repos/kallithea | |
112 |
|
112 | |||
113 | Using other external tools such as mercurial-server_ or using ssh key-based |
|
113 | Using other external tools such as mercurial-server_ or using ssh key-based | |
114 | authentication is fully supported. |
|
114 | authentication is fully supported. | |
115 |
|
115 | |||
116 | .. note:: In an advanced setup, in order for your ssh access to use |
|
116 | .. note:: In an advanced setup, in order for your ssh access to use | |
117 | the same permissions as set up via the Kallithea web |
|
117 | the same permissions as set up via the Kallithea web | |
118 | interface, you can create an authentication hook to connect |
|
118 | interface, you can create an authentication hook to connect | |
119 | to the Kallithea db and run check functions for permissions |
|
119 | to the Kallithea db and run check functions for permissions | |
120 | against that. |
|
120 | against that. | |
121 |
|
121 | |||
122 |
|
122 | |||
123 | Setting up Whoosh full text search |
|
123 | Setting up Whoosh full text search | |
124 | ---------------------------------- |
|
124 | ---------------------------------- | |
125 |
|
125 | |||
126 | Kallithea provides full text search of repositories using `Whoosh`__. |
|
126 | Kallithea provides full text search of repositories using `Whoosh`__. | |
127 |
|
127 | |||
128 | .. __: https://pythonhosted.org/Whoosh/ |
|
128 | .. __: https://pythonhosted.org/Whoosh/ | |
129 |
|
129 | |||
130 | For an incremental index build, run:: |
|
130 | For an incremental index build, run:: | |
131 |
|
131 | |||
132 | paster make-index my.ini |
|
132 | paster make-index my.ini | |
133 |
|
133 | |||
134 | For a full index rebuild, run:: |
|
134 | For a full index rebuild, run:: | |
135 |
|
135 | |||
136 | paster make-index my.ini -f |
|
136 | paster make-index my.ini -f | |
137 |
|
137 | |||
138 | The ``--repo-location`` option allows the location of the repositories to be overriden; |
|
138 | The ``--repo-location`` option allows the location of the repositories to be overriden; | |
139 | usually, the location is retrieved from the Kallithea database. |
|
139 | usually, the location is retrieved from the Kallithea database. | |
140 |
|
140 | |||
141 | The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list:: |
|
141 | The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list:: | |
142 |
|
142 | |||
143 | paster make-index my.ini --index-only=vcs,kallithea |
|
143 | paster make-index my.ini --index-only=vcs,kallithea | |
144 |
|
144 | |||
145 | To keep your index up-to-date it is necessary to do periodic index builds; |
|
145 | To keep your index up-to-date it is necessary to do periodic index builds; | |
146 | for this, it is recommended to use a crontab entry. Example:: |
|
146 | for this, it is recommended to use a crontab entry. Example:: | |
147 |
|
147 | |||
148 | 0 3 * * * /path/to/virtualenv/bin/paster make-index /path/to/kallithea/my.ini |
|
148 | 0 3 * * * /path/to/virtualenv/bin/paster make-index /path/to/kallithea/my.ini | |
149 |
|
149 | |||
150 | When using incremental mode (the default), Whoosh will check the last |
|
150 | When using incremental mode (the default), Whoosh will check the last | |
151 | modification date of each file and add it to be reindexed if a newer file is |
|
151 | modification date of each file and add it to be reindexed if a newer file is | |
152 | available. The indexing daemon checks for any removed files and removes them |
|
152 | available. The indexing daemon checks for any removed files and removes them | |
153 | from index. |
|
153 | from index. | |
154 |
|
154 | |||
155 | If you want to rebuild the index from scratch, you can use the ``-f`` flag as above, |
|
155 | If you want to rebuild the index from scratch, you can use the ``-f`` flag as above, | |
156 | or in the admin panel you can check the "build from scratch" checkbox. |
|
156 | or in the admin panel you can check the "build from scratch" checkbox. | |
157 |
|
157 | |||
158 | .. _ldap-setup: |
|
158 | .. _ldap-setup: | |
159 |
|
159 | |||
160 | Setting up LDAP support |
|
160 | Setting up LDAP support | |
161 | ----------------------- |
|
161 | ----------------------- | |
162 |
|
162 | |||
163 | Kallithea supports LDAP authentication. In order |
|
163 | Kallithea supports LDAP authentication. In order | |
164 | to use LDAP, you have to install the python-ldap_ package. This package is |
|
164 | to use LDAP, you have to install the python-ldap_ package. This package is | |
165 | available via PyPI, so you can install it by running:: |
|
165 | available via PyPI, so you can install it by running:: | |
166 |
|
166 | |||
167 | pip install python-ldap |
|
167 | pip install python-ldap | |
168 |
|
168 | |||
169 | .. note:: ``python-ldap`` requires some libraries to be installed on |
|
169 | .. note:: ``python-ldap`` requires some libraries to be installed on | |
170 | your system, so before installing it check that you have at |
|
170 | your system, so before installing it check that you have at | |
171 | least the ``openldap`` and ``sasl`` libraries. |
|
171 | least the ``openldap`` and ``sasl`` libraries. | |
172 |
|
172 | |||
173 | Choose *Admin > Authentication*, click the ``kallithea.lib.auth_modules.auth_ldap`` button |
|
173 | Choose *Admin > Authentication*, click the ``kallithea.lib.auth_modules.auth_ldap`` button | |
174 | and then *Save*, to enable the LDAP plugin and configure its settings. |
|
174 | and then *Save*, to enable the LDAP plugin and configure its settings. | |
175 |
|
175 | |||
176 | Here's a typical LDAP setup:: |
|
176 | Here's a typical LDAP setup:: | |
177 |
|
177 | |||
178 | Connection settings |
|
178 | Connection settings | |
179 | Enable LDAP = checked |
|
179 | Enable LDAP = checked | |
180 | Host = host.example.com |
|
180 | Host = host.example.com | |
181 | Port = 389 |
|
181 | Port = 389 | |
182 | Account = <account> |
|
182 | Account = <account> | |
183 | Password = <password> |
|
183 | Password = <password> | |
184 | Connection Security = LDAPS connection |
|
184 | Connection Security = LDAPS connection | |
185 | Certificate Checks = DEMAND |
|
185 | Certificate Checks = DEMAND | |
186 |
|
186 | |||
187 | Search settings |
|
187 | Search settings | |
188 | Base DN = CN=users,DC=host,DC=example,DC=org |
|
188 | Base DN = CN=users,DC=host,DC=example,DC=org | |
189 | LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) |
|
189 | LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) | |
190 | LDAP Search Scope = SUBTREE |
|
190 | LDAP Search Scope = SUBTREE | |
191 |
|
191 | |||
192 | Attribute mappings |
|
192 | Attribute mappings | |
193 | Login Attribute = uid |
|
193 | Login Attribute = uid | |
194 | First Name Attribute = firstName |
|
194 | First Name Attribute = firstName | |
195 | Last Name Attribute = lastName |
|
195 | Last Name Attribute = lastName | |
196 | Email Attribute = mail |
|
196 | Email Attribute = mail | |
197 |
|
197 | |||
198 | If your user groups are placed in an Organisation Unit (OU) structure, the Search Settings configuration differs:: |
|
198 | If your user groups are placed in an Organisation Unit (OU) structure, the Search Settings configuration differs:: | |
199 |
|
199 | |||
200 | Search settings |
|
200 | Search settings | |
201 | Base DN = DC=host,DC=example,DC=org |
|
201 | Base DN = DC=host,DC=example,DC=org | |
202 | LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user)) |
|
202 | LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user)) | |
203 | LDAP Search Scope = SUBTREE |
|
203 | LDAP Search Scope = SUBTREE | |
204 |
|
204 | |||
205 | .. _enable_ldap: |
|
205 | .. _enable_ldap: | |
206 |
|
206 | |||
207 | Enable LDAP : required |
|
207 | Enable LDAP : required | |
208 | Whether to use LDAP for authenticating users. |
|
208 | Whether to use LDAP for authenticating users. | |
209 |
|
209 | |||
210 | .. _ldap_host: |
|
210 | .. _ldap_host: | |
211 |
|
211 | |||
212 | Host : required |
|
212 | Host : required | |
213 | LDAP server hostname or IP address. Can be also a comma separated |
|
213 | LDAP server hostname or IP address. Can be also a comma separated | |
214 | list of servers to support LDAP fail-over. |
|
214 | list of servers to support LDAP fail-over. | |
215 |
|
215 | |||
216 | .. _Port: |
|
216 | .. _Port: | |
217 |
|
217 | |||
218 | Port : required |
|
218 | Port : required | |
219 | 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP. |
|
219 | 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP. | |
220 |
|
220 | |||
221 | .. _ldap_account: |
|
221 | .. _ldap_account: | |
222 |
|
222 | |||
223 | Account : optional |
|
223 | Account : optional | |
224 | Only required if the LDAP server does not allow anonymous browsing of |
|
224 | Only required if the LDAP server does not allow anonymous browsing of | |
225 | records. This should be a special account for record browsing. This |
|
225 | records. This should be a special account for record browsing. This | |
226 | will require `LDAP Password`_ below. |
|
226 | will require `LDAP Password`_ below. | |
227 |
|
227 | |||
228 | .. _LDAP Password: |
|
228 | .. _LDAP Password: | |
229 |
|
229 | |||
230 | Password : optional |
|
230 | Password : optional | |
231 | Only required if the LDAP server does not allow anonymous browsing of |
|
231 | Only required if the LDAP server does not allow anonymous browsing of | |
232 | records. |
|
232 | records. | |
233 |
|
233 | |||
234 | .. _Enable LDAPS: |
|
234 | .. _Enable LDAPS: | |
235 |
|
235 | |||
236 | Connection Security : required |
|
236 | Connection Security : required | |
237 | Defines the connection to LDAP server |
|
237 | Defines the connection to LDAP server | |
238 |
|
238 | |||
239 | No encryption |
|
239 | No encryption | |
240 | Plain non encrypted connection |
|
240 | Plain non encrypted connection | |
241 |
|
241 | |||
242 | LDAPS connection |
|
242 | LDAPS connection | |
243 | Enable LDAPS connections. It will likely require `Port`_ to be set to |
|
243 | Enable LDAPS connections. It will likely require `Port`_ to be set to | |
244 | a different value (standard LDAPS port is 636). When LDAPS is enabled |
|
244 | a different value (standard LDAPS port is 636). When LDAPS is enabled | |
245 | then `Certificate Checks`_ is required. |
|
245 | then `Certificate Checks`_ is required. | |
246 |
|
246 | |||
247 | START_TLS on LDAP connection |
|
247 | START_TLS on LDAP connection | |
248 | START TLS connection |
|
248 | START TLS connection | |
249 |
|
249 | |||
250 | .. _Certificate Checks: |
|
250 | .. _Certificate Checks: | |
251 |
|
251 | |||
252 | Certificate Checks : optional |
|
252 | Certificate Checks : optional | |
253 | How SSL certificates verification is handled -- this is only useful when |
|
253 | How SSL certificates verification is handled -- this is only useful when | |
254 | `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security |
|
254 | `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security | |
255 | while the other options are susceptible to man-in-the-middle attacks. SSL |
|
255 | while the other options are susceptible to man-in-the-middle attacks. SSL | |
256 | certificates can be installed to /etc/openldap/cacerts so that the |
|
256 | certificates can be installed to /etc/openldap/cacerts so that the | |
257 | DEMAND or HARD options can be used with self-signed certificates or |
|
257 | DEMAND or HARD options can be used with self-signed certificates or | |
258 | certificates that do not have traceable certificates of authority. |
|
258 | certificates that do not have traceable certificates of authority. | |
259 |
|
259 | |||
260 | NEVER |
|
260 | NEVER | |
261 | A serve certificate will never be requested or checked. |
|
261 | A serve certificate will never be requested or checked. | |
262 |
|
262 | |||
263 | ALLOW |
|
263 | ALLOW | |
264 | A server certificate is requested. Failure to provide a |
|
264 | A server certificate is requested. Failure to provide a | |
265 | certificate or providing a bad certificate will not terminate the |
|
265 | certificate or providing a bad certificate will not terminate the | |
266 | session. |
|
266 | session. | |
267 |
|
267 | |||
268 | TRY |
|
268 | TRY | |
269 | A server certificate is requested. Failure to provide a |
|
269 | A server certificate is requested. Failure to provide a | |
270 | certificate does not halt the session; providing a bad certificate |
|
270 | certificate does not halt the session; providing a bad certificate | |
271 | halts the session. |
|
271 | halts the session. | |
272 |
|
272 | |||
273 | DEMAND |
|
273 | DEMAND | |
274 | A server certificate is requested and must be provided and |
|
274 | A server certificate is requested and must be provided and | |
275 | authenticated for the session to proceed. |
|
275 | authenticated for the session to proceed. | |
276 |
|
276 | |||
277 | HARD |
|
277 | HARD | |
278 | The same as DEMAND. |
|
278 | The same as DEMAND. | |
279 |
|
279 | |||
280 | .. _Base DN: |
|
280 | .. _Base DN: | |
281 |
|
281 | |||
282 | Base DN : required |
|
282 | Base DN : required | |
283 | The Distinguished Name (DN) where searches for users will be performed. |
|
283 | The Distinguished Name (DN) where searches for users will be performed. | |
284 | Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_. |
|
284 | Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_. | |
285 |
|
285 | |||
286 | .. _LDAP Filter: |
|
286 | .. _LDAP Filter: | |
287 |
|
287 | |||
288 | LDAP Filter : optional |
|
288 | LDAP Filter : optional | |
289 | A LDAP filter defined by RFC 2254. This is more useful when `LDAP |
|
289 | A LDAP filter defined by RFC 2254. This is more useful when `LDAP | |
290 | Search Scope`_ is set to SUBTREE. The filter is useful for limiting |
|
290 | Search Scope`_ is set to SUBTREE. The filter is useful for limiting | |
291 | which LDAP objects are identified as representing Users for |
|
291 | which LDAP objects are identified as representing Users for | |
292 | authentication. The filter is augmented by `Login Attribute`_ below. |
|
292 | authentication. The filter is augmented by `Login Attribute`_ below. | |
293 | This can commonly be left blank. |
|
293 | This can commonly be left blank. | |
294 |
|
294 | |||
295 | .. _LDAP Search Scope: |
|
295 | .. _LDAP Search Scope: | |
296 |
|
296 | |||
297 | LDAP Search Scope : required |
|
297 | LDAP Search Scope : required | |
298 | This limits how far LDAP will search for a matching object. |
|
298 | This limits how far LDAP will search for a matching object. | |
299 |
|
299 | |||
300 | BASE |
|
300 | BASE | |
301 | Only allows searching of `Base DN`_ and is usually not what you |
|
301 | Only allows searching of `Base DN`_ and is usually not what you | |
302 | want. |
|
302 | want. | |
303 |
|
303 | |||
304 | ONELEVEL |
|
304 | ONELEVEL | |
305 | Searches all entries under `Base DN`_, but not Base DN itself. |
|
305 | Searches all entries under `Base DN`_, but not Base DN itself. | |
306 |
|
306 | |||
307 | SUBTREE |
|
307 | SUBTREE | |
308 | Searches all entries below `Base DN`_, but not Base DN itself. |
|
308 | Searches all entries below `Base DN`_, but not Base DN itself. | |
309 | When using SUBTREE `LDAP Filter`_ is useful to limit object |
|
309 | When using SUBTREE `LDAP Filter`_ is useful to limit object | |
310 | location. |
|
310 | location. | |
311 |
|
311 | |||
312 | .. _Login Attribute: |
|
312 | .. _Login Attribute: | |
313 |
|
313 | |||
314 | Login Attribute : required |
|
314 | Login Attribute : required | |
315 | The LDAP record attribute that will be matched as the USERNAME or |
|
315 | The LDAP record attribute that will be matched as the USERNAME or | |
316 | ACCOUNT used to connect to Kallithea. This will be added to `LDAP |
|
316 | ACCOUNT used to connect to Kallithea. This will be added to `LDAP | |
317 | Filter`_ for locating the User object. If `LDAP Filter`_ is specified as |
|
317 | Filter`_ for locating the User object. If `LDAP Filter`_ is specified as | |
318 | "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has |
|
318 | "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has | |
319 | connected as "jsmith" then the `LDAP Filter`_ will be augmented as below |
|
319 | connected as "jsmith" then the `LDAP Filter`_ will be augmented as below | |
320 | :: |
|
320 | :: | |
321 |
|
321 | |||
322 | (&(LDAPFILTER)(uid=jsmith)) |
|
322 | (&(LDAPFILTER)(uid=jsmith)) | |
323 |
|
323 | |||
324 | .. _ldap_attr_firstname: |
|
324 | .. _ldap_attr_firstname: | |
325 |
|
325 | |||
326 | First Name Attribute : required |
|
326 | First Name Attribute : required | |
327 | The LDAP record attribute which represents the user's first name. |
|
327 | The LDAP record attribute which represents the user's first name. | |
328 |
|
328 | |||
329 | .. _ldap_attr_lastname: |
|
329 | .. _ldap_attr_lastname: | |
330 |
|
330 | |||
331 | Last Name Attribute : required |
|
331 | Last Name Attribute : required | |
332 | The LDAP record attribute which represents the user's last name. |
|
332 | The LDAP record attribute which represents the user's last name. | |
333 |
|
333 | |||
334 | .. _ldap_attr_email: |
|
334 | .. _ldap_attr_email: | |
335 |
|
335 | |||
336 | Email Attribute : required |
|
336 | Email Attribute : required | |
337 | The LDAP record attribute which represents the user's email address. |
|
337 | The LDAP record attribute which represents the user's email address. | |
338 |
|
338 | |||
339 | If all data are entered correctly, and python-ldap_ is properly installed |
|
339 | If all data are entered correctly, and python-ldap_ is properly installed | |
340 | users should be granted access to Kallithea with LDAP accounts. At this |
|
340 | users should be granted access to Kallithea with LDAP accounts. At this | |
341 | time user information is copied from LDAP into the Kallithea user database. |
|
341 | time user information is copied from LDAP into the Kallithea user database. | |
342 | This means that updates of an LDAP user object may not be reflected as a |
|
342 | This means that updates of an LDAP user object may not be reflected as a | |
343 | user update in Kallithea. |
|
343 | user update in Kallithea. | |
344 |
|
344 | |||
345 | If You have problems with LDAP access and believe You entered correct |
|
345 | If You have problems with LDAP access and believe You entered correct | |
346 | information check out the Kallithea logs, any error messages sent from LDAP |
|
346 | information check out the Kallithea logs, any error messages sent from LDAP | |
347 | will be saved there. |
|
347 | will be saved there. | |
348 |
|
348 | |||
349 | Active Directory |
|
349 | Active Directory | |
350 | '''''''''''''''' |
|
350 | '''''''''''''''' | |
351 |
|
351 | |||
352 | Kallithea can use Microsoft Active Directory for user authentication. This |
|
352 | Kallithea can use Microsoft Active Directory for user authentication. This | |
353 | is done through an LDAP or LDAPS connection to Active Directory. The |
|
353 | is done through an LDAP or LDAPS connection to Active Directory. The | |
354 | following LDAP configuration settings are typical for using Active |
|
354 | following LDAP configuration settings are typical for using Active | |
355 | Directory :: |
|
355 | Directory :: | |
356 |
|
356 | |||
357 | Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local |
|
357 | Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local | |
358 | Login Attribute = sAMAccountName |
|
358 | Login Attribute = sAMAccountName | |
359 | First Name Attribute = givenName |
|
359 | First Name Attribute = givenName | |
360 | Last Name Attribute = sn |
|
360 | Last Name Attribute = sn | |
361 | Email Attribute = mail |
|
361 | Email Attribute = mail | |
362 |
|
362 | |||
363 | All other LDAP settings will likely be site-specific and should be |
|
363 | All other LDAP settings will likely be site-specific and should be | |
364 | appropriately configured. |
|
364 | appropriately configured. | |
365 |
|
365 | |||
366 |
|
366 | |||
367 | Authentication by container or reverse-proxy |
|
367 | Authentication by container or reverse-proxy | |
368 | -------------------------------------------- |
|
368 | -------------------------------------------- | |
369 |
|
369 | |||
370 | Kallithea supports delegating the authentication |
|
370 | Kallithea supports delegating the authentication | |
371 | of users to its WSGI container, or to a reverse-proxy server through which all |
|
371 | of users to its WSGI container, or to a reverse-proxy server through which all | |
372 | clients access the application. |
|
372 | clients access the application. | |
373 |
|
373 | |||
374 | When these authentication methods are enabled in Kallithea, it uses the |
|
374 | When these authentication methods are enabled in Kallithea, it uses the | |
375 | username that the container/proxy (Apache or Nginx, etc.) provides and doesn't |
|
375 | username that the container/proxy (Apache or Nginx, etc.) provides and doesn't | |
376 | perform the authentication itself. The authorization, however, is still done by |
|
376 | perform the authentication itself. The authorization, however, is still done by | |
377 | Kallithea according to its settings. |
|
377 | Kallithea according to its settings. | |
378 |
|
378 | |||
379 | When a user logs in for the first time using these authentication methods, |
|
379 | When a user logs in for the first time using these authentication methods, | |
380 | a matching user account is created in Kallithea with default permissions. An |
|
380 | a matching user account is created in Kallithea with default permissions. An | |
381 | administrator can then modify it using Kallithea's admin interface. |
|
381 | administrator can then modify it using Kallithea's admin interface. | |
382 |
|
382 | |||
383 | It's also possible for an administrator to create accounts and configure their |
|
383 | It's also possible for an administrator to create accounts and configure their | |
384 | permissions before the user logs in for the first time, using the :ref:`create-user` API. |
|
384 | permissions before the user logs in for the first time, using the :ref:`create-user` API. | |
385 |
|
385 | |||
386 | Container-based authentication |
|
386 | Container-based authentication | |
387 | '''''''''''''''''''''''''''''' |
|
387 | '''''''''''''''''''''''''''''' | |
388 |
|
388 | |||
389 | In a container-based authentication setup, Kallithea reads the user name from |
|
389 | In a container-based authentication setup, Kallithea reads the user name from | |
390 | the ``REMOTE_USER`` server variable provided by the WSGI container. |
|
390 | the ``REMOTE_USER`` server variable provided by the WSGI container. | |
391 |
|
391 | |||
392 | After setting up your container (see `Apache with mod_wsgi`_), you'll need |
|
392 | After setting up your container (see `Apache with mod_wsgi`_), you'll need | |
393 | to configure it to require authentication on the location configured for |
|
393 | to configure it to require authentication on the location configured for | |
394 | Kallithea. |
|
394 | Kallithea. | |
395 |
|
395 | |||
396 | Proxy pass-through authentication |
|
396 | Proxy pass-through authentication | |
397 | ''''''''''''''''''''''''''''''''' |
|
397 | ''''''''''''''''''''''''''''''''' | |
398 |
|
398 | |||
399 | In a proxy pass-through authentication setup, Kallithea reads the user name |
|
399 | In a proxy pass-through authentication setup, Kallithea reads the user name | |
400 | from the ``X-Forwarded-User`` request header, which should be configured to be |
|
400 | from the ``X-Forwarded-User`` request header, which should be configured to be | |
401 | sent by the reverse-proxy server. |
|
401 | sent by the reverse-proxy server. | |
402 |
|
402 | |||
403 | After setting up your proxy solution (see `Apache virtual host reverse proxy example`_, |
|
403 | After setting up your proxy solution (see `Apache virtual host reverse proxy example`_, | |
404 | `Apache as subdirectory`_ or `Nginx virtual host example`_), you'll need to |
|
404 | `Apache as subdirectory`_ or `Nginx virtual host example`_), you'll need to | |
405 | configure the authentication and add the username in a request header named |
|
405 | configure the authentication and add the username in a request header named | |
406 | ``X-Forwarded-User``. |
|
406 | ``X-Forwarded-User``. | |
407 |
|
407 | |||
408 | For example, the following config section for Apache sets a subdirectory in a |
|
408 | For example, the following config section for Apache sets a subdirectory in a | |
409 | reverse-proxy setup with basic auth: |
|
409 | reverse-proxy setup with basic auth: | |
410 |
|
410 | |||
411 | .. code-block:: apache |
|
411 | .. code-block:: apache | |
412 |
|
412 | |||
413 | <Location /someprefix> |
|
413 | <Location /someprefix> | |
414 | ProxyPass http://127.0.0.1:5000/someprefix |
|
414 | ProxyPass http://127.0.0.1:5000/someprefix | |
415 | ProxyPassReverse http://127.0.0.1:5000/someprefix |
|
415 | ProxyPassReverse http://127.0.0.1:5000/someprefix | |
416 | SetEnvIf X-Url-Scheme https HTTPS=1 |
|
416 | SetEnvIf X-Url-Scheme https HTTPS=1 | |
417 |
|
417 | |||
418 | AuthType Basic |
|
418 | AuthType Basic | |
419 | AuthName "Kallithea authentication" |
|
419 | AuthName "Kallithea authentication" | |
420 | AuthUserFile /srv/kallithea/.htpasswd |
|
420 | AuthUserFile /srv/kallithea/.htpasswd | |
421 | Require valid-user |
|
421 | Require valid-user | |
422 |
|
422 | |||
423 | RequestHeader unset X-Forwarded-User |
|
423 | RequestHeader unset X-Forwarded-User | |
424 |
|
424 | |||
425 | RewriteEngine On |
|
425 | RewriteEngine On | |
426 | RewriteCond %{LA-U:REMOTE_USER} (.+) |
|
426 | RewriteCond %{LA-U:REMOTE_USER} (.+) | |
427 | RewriteRule .* - [E=RU:%1] |
|
427 | RewriteRule .* - [E=RU:%1] | |
428 | RequestHeader set X-Forwarded-User %{RU}e |
|
428 | RequestHeader set X-Forwarded-User %{RU}e | |
429 | </Location> |
|
429 | </Location> | |
430 |
|
430 | |||
431 | .. note:: |
|
431 | .. note:: | |
432 | If you enable proxy pass-through authentication, make sure your server is |
|
432 | If you enable proxy pass-through authentication, make sure your server is | |
433 | only accessible through the proxy. Otherwise, any client would be able to |
|
433 | only accessible through the proxy. Otherwise, any client would be able to | |
434 | forge the authentication header and could effectively become authenticated |
|
434 | forge the authentication header and could effectively become authenticated | |
435 | using any account of their liking. |
|
435 | using any account of their liking. | |
436 |
|
436 | |||
437 |
|
437 | |||
438 | Integration with issue trackers |
|
438 | Integration with issue trackers | |
439 | ------------------------------- |
|
439 | ------------------------------- | |
440 |
|
440 | |||
441 | Kallithea provides a simple integration with issue trackers. It's possible |
|
441 | Kallithea provides a simple integration with issue trackers. It's possible | |
442 | to define a regular expression that will match an issue ID in commit messages, |
|
442 | to define a regular expression that will match an issue ID in commit messages, | |
443 | and have that replaced with a URL to the issue. To enable this simply |
|
443 | and have that replaced with a URL to the issue. To enable this simply | |
444 | uncomment the following variables in the ini file:: |
|
444 | uncomment the following variables in the ini file:: | |
445 |
|
445 | |||
446 | issue_pat = (?:^#|\s#)(\w+) |
|
446 | issue_pat = (?:^#|\s#)(\w+) | |
447 | issue_server_link = https://issues.example.com/{repo}/issue/{id} |
|
447 | issue_server_link = https://issues.example.com/{repo}/issue/{id} | |
448 | issue_prefix = # |
|
448 | issue_prefix = # | |
449 |
|
449 | |||
450 | ``issue_pat`` is the regular expression describing which strings in |
|
450 | ``issue_pat`` is the regular expression describing which strings in | |
451 | commit messages will be treated as issue references. A match group in |
|
451 | commit messages will be treated as issue references. A match group in | |
452 | parentheses should be used to specify the actual issue id. |
|
452 | parentheses should be used to specify the actual issue id. | |
453 |
|
453 | |||
454 | The default expression matches issues in the format ``#<number>``, e.g., ``#300``. |
|
454 | The default expression matches issues in the format ``#<number>``, e.g., ``#300``. | |
455 |
|
455 | |||
456 | Matched issue references are replaced with the link specified in |
|
456 | Matched issue references are replaced with the link specified in | |
457 | ``issue_server_link``. ``{id}`` is replaced with the issue ID, and |
|
457 | ``issue_server_link``. ``{id}`` is replaced with the issue ID, and | |
458 | ``{repo}`` with the repository name. Since the # is stripped away, |
|
458 | ``{repo}`` with the repository name. Since the # is stripped away, | |
459 | ``issue_prefix`` is prepended to the link text. ``issue_prefix`` doesn't |
|
459 | ``issue_prefix`` is prepended to the link text. ``issue_prefix`` doesn't | |
460 | necessarily need to be ``#``: if you set issue prefix to ``ISSUE-`` this will |
|
460 | necessarily need to be ``#``: if you set issue prefix to ``ISSUE-`` this will | |
461 | generate a URL in the format: |
|
461 | generate a URL in the format: | |
462 |
|
462 | |||
463 | .. code-block:: html |
|
463 | .. code-block:: html | |
464 |
|
464 | |||
465 | <a href="https://issues.example.com/example_repo/issue/300">ISSUE-300</a> |
|
465 | <a href="https://issues.example.com/example_repo/issue/300">ISSUE-300</a> | |
466 |
|
466 | |||
467 | If needed, more than one pattern can be specified by appending a unique suffix to |
|
467 | If needed, more than one pattern can be specified by appending a unique suffix to | |
468 | the variables. For example:: |
|
468 | the variables. For example:: | |
469 |
|
469 | |||
470 | issue_pat_wiki = (?:wiki-)(.+) |
|
470 | issue_pat_wiki = (?:wiki-)(.+) | |
471 | issue_server_link_wiki = https://wiki.example.com/{id} |
|
471 | issue_server_link_wiki = https://wiki.example.com/{id} | |
472 | issue_prefix_wiki = WIKI- |
|
472 | issue_prefix_wiki = WIKI- | |
473 |
|
473 | |||
474 | With these settings, wiki pages can be referenced as wiki-some-id, and every |
|
474 | With these settings, wiki pages can be referenced as wiki-some-id, and every | |
475 | such reference will be transformed into: |
|
475 | such reference will be transformed into: | |
476 |
|
476 | |||
477 | .. code-block:: html |
|
477 | .. code-block:: html | |
478 |
|
478 | |||
479 | <a href="https://wiki.example.com/some-id">WIKI-some-id</a> |
|
479 | <a href="https://wiki.example.com/some-id">WIKI-some-id</a> | |
480 |
|
480 | |||
481 |
|
481 | |||
482 | Hook management |
|
482 | Hook management | |
483 | --------------- |
|
483 | --------------- | |
484 |
|
484 | |||
485 | Hooks can be managed in similar way to that used in ``.hgrc`` files. |
|
485 | Hooks can be managed in similar way to that used in ``.hgrc`` files. | |
486 | To manage hooks, choose *Admin > Settings > Hooks*. |
|
486 | To manage hooks, choose *Admin > Settings > Hooks*. | |
487 |
|
487 | |||
488 | The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section. |
|
488 | The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section. | |
489 |
|
489 | |||
490 | To add another custom hook simply fill in the first textbox with |
|
490 | To add another custom hook simply fill in the first textbox with | |
491 | ``<name>.<hook_type>`` and the second with the hook path. Example hooks |
|
491 | ``<name>.<hook_type>`` and the second with the hook path. Example hooks | |
492 | can be found in ``kallithea.lib.hooks``. |
|
492 | can be found in ``kallithea.lib.hooks``. | |
493 |
|
493 | |||
494 |
|
494 | |||
495 | Changing default encoding |
|
495 | Changing default encoding | |
496 | ------------------------- |
|
496 | ------------------------- | |
497 |
|
497 | |||
498 | By default, Kallithea uses UTF-8 encoding. |
|
498 | By default, Kallithea uses UTF-8 encoding. | |
499 | This is configurable as ``default_encoding`` in the .ini file. |
|
499 | This is configurable as ``default_encoding`` in the .ini file. | |
500 | This affects many parts in Kallithea including user names, filenames, and |
|
500 | This affects many parts in Kallithea including user names, filenames, and | |
501 | encoding of commit messages. In addition Kallithea can detect if the ``chardet`` |
|
501 | encoding of commit messages. In addition Kallithea can detect if the ``chardet`` | |
502 | library is installed. If ``chardet`` is detected Kallithea will fallback to it |
|
502 | library is installed. If ``chardet`` is detected Kallithea will fallback to it | |
503 | when there are encode/decode errors. |
|
503 | when there are encode/decode errors. | |
504 |
|
504 | |||
505 |
|
505 | |||
506 | Celery configuration |
|
506 | Celery configuration | |
507 | -------------------- |
|
507 | -------------------- | |
508 |
|
508 | |||
509 | Kallithea can use the distributed task queue system Celery_ to run tasks like |
|
509 | Kallithea can use the distributed task queue system Celery_ to run tasks like | |
510 | cloning repositories or sending emails. |
|
510 | cloning repositories or sending emails. | |
511 |
|
511 | |||
512 | Kallithea will in most setups work perfectly fine out of the box (without |
|
512 | Kallithea will in most setups work perfectly fine out of the box (without | |
513 | Celery), executing all tasks in the web server process. Some tasks can however |
|
513 | Celery), executing all tasks in the web server process. Some tasks can however | |
514 | take some time to run and it can be better to run such tasks asynchronously in |
|
514 | take some time to run and it can be better to run such tasks asynchronously in | |
515 | a separate process so the web server can focus on serving web requests. |
|
515 | a separate process so the web server can focus on serving web requests. | |
516 |
|
516 | |||
517 | For installation and configuration of Celery, see the `Celery documentation`_. |
|
517 | For installation and configuration of Celery, see the `Celery documentation`_. | |
518 | Note that Celery requires a message broker service like RabbitMQ_ (recommended) |
|
518 | Note that Celery requires a message broker service like RabbitMQ_ (recommended) | |
519 | or Redis_. |
|
519 | or Redis_. | |
520 |
|
520 | |||
521 | The use of Celery is configured in the Kallithea ini configuration file. |
|
521 | The use of Celery is configured in the Kallithea ini configuration file. | |
522 | To enable it, simply set:: |
|
522 | To enable it, simply set:: | |
523 |
|
523 | |||
524 | use_celery = true |
|
524 | use_celery = true | |
525 |
|
525 | |||
526 | and add or change the ``celery.*`` and ``broker.*`` configuration variables. |
|
526 | and add or change the ``celery.*`` and ``broker.*`` configuration variables. | |
527 |
|
527 | |||
528 | Remember that the ini files use the format with '.' and not with '_' like |
|
528 | Remember that the ini files use the format with '.' and not with '_' like | |
529 | Celery. So for example setting `BROKER_HOST` in Celery means setting |
|
529 | Celery. So for example setting `BROKER_HOST` in Celery means setting | |
530 | `broker.host` in the configuration file. |
|
530 | `broker.host` in the configuration file. | |
531 |
|
531 | |||
532 | To start the Celery process, run:: |
|
532 | To start the Celery process, run:: | |
533 |
|
533 | |||
534 | paster celeryd <configfile.ini> |
|
534 | paster celeryd <configfile.ini> | |
535 |
|
535 | |||
536 | .. note:: |
|
536 | .. note:: | |
537 | Make sure you run this command from the same virtualenv, and with the same |
|
537 | Make sure you run this command from the same virtualenv, and with the same | |
538 | user that Kallithea runs. |
|
538 | user that Kallithea runs. | |
539 |
|
539 | |||
540 |
|
540 | |||
541 | HTTPS support |
|
541 | HTTPS support | |
542 | ------------- |
|
542 | ------------- | |
543 |
|
543 | |||
544 | Kallithea will by default generate URLs based on the WSGI environment. |
|
544 | Kallithea will by default generate URLs based on the WSGI environment. | |
545 |
|
545 | |||
546 | Alternatively, you can use some special configuration settings to control |
|
546 | Alternatively, you can use some special configuration settings to control | |
547 | directly which scheme/protocol Kallithea will use when generating URLs: |
|
547 | directly which scheme/protocol Kallithea will use when generating URLs: | |
548 |
|
548 | |||
549 | - With ``https_fixup = true``, the scheme will be taken from the |
|
549 | - With ``https_fixup = true``, the scheme will be taken from the | |
550 | ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header |
|
550 | ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header | |
551 | (default ``http``). |
|
551 | (default ``http``). | |
552 | - With ``force_https = true`` the default will be ``https``. |
|
552 | - With ``force_https = true`` the default will be ``https``. | |
553 | - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https. |
|
553 | - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https. | |
554 |
|
554 | |||
555 |
|
555 | |||
556 | Nginx virtual host example |
|
556 | Nginx virtual host example | |
557 | -------------------------- |
|
557 | -------------------------- | |
558 |
|
558 | |||
559 | Sample config for Nginx using proxy: |
|
559 | Sample config for Nginx using proxy: | |
560 |
|
560 | |||
561 | .. code-block:: nginx |
|
561 | .. code-block:: nginx | |
562 |
|
562 | |||
563 | upstream kallithea { |
|
563 | upstream kallithea { | |
564 | server 127.0.0.1:5000; |
|
564 | server 127.0.0.1:5000; | |
565 | # add more instances for load balancing |
|
565 | # add more instances for load balancing | |
566 | #server 127.0.0.1:5001; |
|
566 | #server 127.0.0.1:5001; | |
567 | #server 127.0.0.1:5002; |
|
567 | #server 127.0.0.1:5002; | |
568 | } |
|
568 | } | |
569 |
|
569 | |||
570 | ## gist alias |
|
570 | ## gist alias | |
571 | server { |
|
571 | server { | |
572 | listen 443; |
|
572 | listen 443; | |
573 | server_name gist.example.com; |
|
573 | server_name gist.example.com; | |
574 | access_log /var/log/nginx/gist.access.log; |
|
574 | access_log /var/log/nginx/gist.access.log; | |
575 | error_log /var/log/nginx/gist.error.log; |
|
575 | error_log /var/log/nginx/gist.error.log; | |
576 |
|
576 | |||
577 | ssl on; |
|
577 | ssl on; | |
578 | ssl_certificate gist.your.kallithea.server.crt; |
|
578 | ssl_certificate gist.your.kallithea.server.crt; | |
579 | ssl_certificate_key gist.your.kallithea.server.key; |
|
579 | ssl_certificate_key gist.your.kallithea.server.key; | |
580 |
|
580 | |||
581 | ssl_session_timeout 5m; |
|
581 | ssl_session_timeout 5m; | |
582 |
|
582 | |||
583 | ssl_protocols SSLv3 TLSv1; |
|
583 | ssl_protocols SSLv3 TLSv1; | |
584 | ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; |
|
584 | ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; | |
585 | ssl_prefer_server_ciphers on; |
|
585 | ssl_prefer_server_ciphers on; | |
586 |
|
586 | |||
587 | rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1; |
|
587 | rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1; | |
588 | rewrite (.*) https://kallithea.example.com/_admin/gists; |
|
588 | rewrite (.*) https://kallithea.example.com/_admin/gists; | |
589 | } |
|
589 | } | |
590 |
|
590 | |||
591 | server { |
|
591 | server { | |
592 | listen 443; |
|
592 | listen 443; | |
593 | server_name kallithea.example.com |
|
593 | server_name kallithea.example.com | |
594 | access_log /var/log/nginx/kallithea.access.log; |
|
594 | access_log /var/log/nginx/kallithea.access.log; | |
595 | error_log /var/log/nginx/kallithea.error.log; |
|
595 | error_log /var/log/nginx/kallithea.error.log; | |
596 |
|
596 | |||
597 | ssl on; |
|
597 | ssl on; | |
598 | ssl_certificate your.kallithea.server.crt; |
|
598 | ssl_certificate your.kallithea.server.crt; | |
599 | ssl_certificate_key your.kallithea.server.key; |
|
599 | ssl_certificate_key your.kallithea.server.key; | |
600 |
|
600 | |||
601 | ssl_session_timeout 5m; |
|
601 | ssl_session_timeout 5m; | |
602 |
|
602 | |||
603 | ssl_protocols SSLv3 TLSv1; |
|
603 | ssl_protocols SSLv3 TLSv1; | |
604 | ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; |
|
604 | ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; | |
605 | ssl_prefer_server_ciphers on; |
|
605 | ssl_prefer_server_ciphers on; | |
606 |
|
606 | |||
607 | ## uncomment root directive if you want to serve static files by nginx |
|
607 | ## uncomment root directive if you want to serve static files by nginx | |
608 | ## requires static_files = false in .ini file |
|
608 | ## requires static_files = false in .ini file | |
609 | #root /path/to/installation/kallithea/public; |
|
609 | #root /path/to/installation/kallithea/public; | |
610 | include /etc/nginx/proxy.conf; |
|
610 | include /etc/nginx/proxy.conf; | |
611 | location / { |
|
611 | location / { | |
612 | try_files $uri @kallithea; |
|
612 | try_files $uri @kallithea; | |
613 | } |
|
613 | } | |
614 |
|
614 | |||
615 | location @kallithea { |
|
615 | location @kallithea { | |
616 | proxy_pass http://127.0.0.1:5000; |
|
616 | proxy_pass http://127.0.0.1:5000; | |
617 | } |
|
617 | } | |
618 |
|
618 | |||
619 | } |
|
619 | } | |
620 |
|
620 | |||
621 | Here's the proxy.conf. It's tuned so it will not timeout on long |
|
621 | Here's the proxy.conf. It's tuned so it will not timeout on long | |
622 | pushes or large pushes:: |
|
622 | pushes or large pushes:: | |
623 |
|
623 | |||
624 | proxy_redirect off; |
|
624 | proxy_redirect off; | |
625 | proxy_set_header Host $host; |
|
625 | proxy_set_header Host $host; | |
626 | ## needed for container auth |
|
626 | ## needed for container auth | |
627 | #proxy_set_header REMOTE_USER $remote_user; |
|
627 | #proxy_set_header REMOTE_USER $remote_user; | |
628 | #proxy_set_header X-Forwarded-User $remote_user; |
|
628 | #proxy_set_header X-Forwarded-User $remote_user; | |
629 | proxy_set_header X-Url-Scheme $scheme; |
|
629 | proxy_set_header X-Url-Scheme $scheme; | |
630 | proxy_set_header X-Host $http_host; |
|
630 | proxy_set_header X-Host $http_host; | |
631 | proxy_set_header X-Real-IP $remote_addr; |
|
631 | proxy_set_header X-Real-IP $remote_addr; | |
632 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
632 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
633 | proxy_set_header Proxy-host $proxy_host; |
|
633 | proxy_set_header Proxy-host $proxy_host; | |
634 | proxy_buffering off; |
|
634 | proxy_buffering off; | |
635 | proxy_connect_timeout 7200; |
|
635 | proxy_connect_timeout 7200; | |
636 | proxy_send_timeout 7200; |
|
636 | proxy_send_timeout 7200; | |
637 | proxy_read_timeout 7200; |
|
637 | proxy_read_timeout 7200; | |
638 | proxy_buffers 8 32k; |
|
638 | proxy_buffers 8 32k; | |
639 | client_max_body_size 1024m; |
|
639 | client_max_body_size 1024m; | |
640 | client_body_buffer_size 128k; |
|
640 | client_body_buffer_size 128k; | |
641 | large_client_header_buffers 8 64k; |
|
641 | large_client_header_buffers 8 64k; | |
642 |
|
642 | |||
643 |
|
643 | |||
644 | Apache virtual host reverse proxy example |
|
644 | Apache virtual host reverse proxy example | |
645 | ----------------------------------------- |
|
645 | ----------------------------------------- | |
646 |
|
646 | |||
647 | Here is a sample configuration file for Apache using proxy: |
|
647 | Here is a sample configuration file for Apache using proxy: | |
648 |
|
648 | |||
649 | .. code-block:: apache |
|
649 | .. code-block:: apache | |
650 |
|
650 | |||
651 | <VirtualHost *:80> |
|
651 | <VirtualHost *:80> | |
652 | ServerName kallithea.example.com |
|
652 | ServerName kallithea.example.com | |
653 |
|
653 | |||
654 | <Proxy *> |
|
654 | <Proxy *> | |
655 | # For Apache 2.4 and later: |
|
655 | # For Apache 2.4 and later: | |
656 | Require all granted |
|
656 | Require all granted | |
657 |
|
657 | |||
658 | # For Apache 2.2 and earlier, instead use: |
|
658 | # For Apache 2.2 and earlier, instead use: | |
659 | # Order allow,deny |
|
659 | # Order allow,deny | |
660 | # Allow from all |
|
660 | # Allow from all | |
661 | </Proxy> |
|
661 | </Proxy> | |
662 |
|
662 | |||
663 | #important ! |
|
663 | #important ! | |
664 | #Directive to properly generate url (clone url) for pylons |
|
664 | #Directive to properly generate url (clone url) for pylons | |
665 | ProxyPreserveHost On |
|
665 | ProxyPreserveHost On | |
666 |
|
666 | |||
667 | #kallithea instance |
|
667 | #kallithea instance | |
668 | ProxyPass / http://127.0.0.1:5000/ |
|
668 | ProxyPass / http://127.0.0.1:5000/ | |
669 | ProxyPassReverse / http://127.0.0.1:5000/ |
|
669 | ProxyPassReverse / http://127.0.0.1:5000/ | |
670 |
|
670 | |||
671 | #to enable https use line below |
|
671 | #to enable https use line below | |
672 | #SetEnvIf X-Url-Scheme https HTTPS=1 |
|
672 | #SetEnvIf X-Url-Scheme https HTTPS=1 | |
673 | </VirtualHost> |
|
673 | </VirtualHost> | |
674 |
|
674 | |||
675 | Additional tutorial |
|
675 | Additional tutorial | |
676 | http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons |
|
676 | http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons | |
677 |
|
677 | |||
678 |
|
678 | |||
679 | Apache as subdirectory |
|
679 | Apache as subdirectory | |
680 | ---------------------- |
|
680 | ---------------------- | |
681 |
|
681 | |||
682 | Apache subdirectory part: |
|
682 | Apache subdirectory part: | |
683 |
|
683 | |||
684 | .. code-block:: apache |
|
684 | .. code-block:: apache | |
685 |
|
685 | |||
686 | <Location /<someprefix> > |
|
686 | <Location /<someprefix> > | |
687 | ProxyPass http://127.0.0.1:5000/<someprefix> |
|
687 | ProxyPass http://127.0.0.1:5000/<someprefix> | |
688 | ProxyPassReverse http://127.0.0.1:5000/<someprefix> |
|
688 | ProxyPassReverse http://127.0.0.1:5000/<someprefix> | |
689 | SetEnvIf X-Url-Scheme https HTTPS=1 |
|
689 | SetEnvIf X-Url-Scheme https HTTPS=1 | |
690 | </Location> |
|
690 | </Location> | |
691 |
|
691 | |||
692 | Besides the regular apache setup you will need to add the following line |
|
692 | Besides the regular apache setup you will need to add the following line | |
693 | into ``[app:main]`` section of your .ini file:: |
|
693 | into ``[app:main]`` section of your .ini file:: | |
694 |
|
694 | |||
695 | filter-with = proxy-prefix |
|
695 | filter-with = proxy-prefix | |
696 |
|
696 | |||
697 | Add the following at the end of the .ini file:: |
|
697 | Add the following at the end of the .ini file:: | |
698 |
|
698 | |||
699 | [filter:proxy-prefix] |
|
699 | [filter:proxy-prefix] | |
700 | use = egg:PasteDeploy#prefix |
|
700 | use = egg:PasteDeploy#prefix | |
701 | prefix = /<someprefix> |
|
701 | prefix = /<someprefix> | |
702 |
|
702 | |||
703 | then change ``<someprefix>`` into your chosen prefix |
|
703 | then change ``<someprefix>`` into your chosen prefix | |
704 |
|
704 | |||
705 |
|
705 | |||
706 | Apache with mod_wsgi |
|
706 | Apache with mod_wsgi | |
707 | -------------------- |
|
707 | -------------------- | |
708 |
|
708 | |||
709 | Alternatively, Kallithea can be set up with Apache under mod_wsgi. For |
|
709 | Alternatively, Kallithea can be set up with Apache under mod_wsgi. For | |
710 | that, you'll need to: |
|
710 | that, you'll need to: | |
711 |
|
711 | |||
712 | - Install mod_wsgi. If using a Debian-based distro, you can install |
|
712 | - Install mod_wsgi. If using a Debian-based distro, you can install | |
713 | the package libapache2-mod-wsgi:: |
|
713 | the package libapache2-mod-wsgi:: | |
714 |
|
714 | |||
715 | aptitude install libapache2-mod-wsgi |
|
715 | aptitude install libapache2-mod-wsgi | |
716 |
|
716 | |||
717 | - Enable mod_wsgi:: |
|
717 | - Enable mod_wsgi:: | |
718 |
|
718 | |||
719 | a2enmod wsgi |
|
719 | a2enmod wsgi | |
720 |
|
720 | |||
721 | - Add global Apache configuration to tell mod_wsgi that Python only will be |
|
721 | - Add global Apache configuration to tell mod_wsgi that Python only will be | |
722 | used in the WSGI processes and shouldn't be initialized in the Apache |
|
722 | used in the WSGI processes and shouldn't be initialized in the Apache | |
723 | processes:: |
|
723 | processes:: | |
724 |
|
724 | |||
725 | WSGIRestrictEmbedded On |
|
725 | WSGIRestrictEmbedded On | |
726 |
|
726 | |||
727 | - Create a wsgi dispatch script, like the one below. Make sure you |
|
727 | - Create a wsgi dispatch script, like the one below. Make sure you | |
728 | check that the paths correctly point to where you installed Kallithea |
|
728 | check that the paths correctly point to where you installed Kallithea | |
729 | and its Python Virtual Environment. |
|
729 | and its Python Virtual Environment. | |
730 | - Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script, |
|
730 | - Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script, | |
731 | as in the following example. Once again, check the paths are |
|
731 | as in the following example. Once again, check the paths are | |
732 | correctly specified. |
|
732 | correctly specified. | |
733 |
|
733 | |||
734 | Here is a sample excerpt from an Apache Virtual Host configuration file: |
|
734 | Here is a sample excerpt from an Apache Virtual Host configuration file: | |
735 |
|
735 | |||
736 | .. code-block:: apache |
|
736 | .. code-block:: apache | |
737 |
|
737 | |||
738 | WSGIDaemonProcess kallithea \ |
|
738 | WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \ | |
739 | threads=4 \ |
|
|||
740 | python-home=/srv/kallithea/venv |
|
739 | python-home=/srv/kallithea/venv | |
741 | WSGIProcessGroup kallithea |
|
740 | WSGIProcessGroup kallithea | |
742 | WSGIScriptAlias / /srv/kallithea/dispatch.wsgi |
|
741 | WSGIScriptAlias / /srv/kallithea/dispatch.wsgi | |
743 | WSGIPassAuthorization On |
|
742 | WSGIPassAuthorization On | |
744 |
|
743 | |||
745 | Or if using a dispatcher WSGI script with proper virtualenv activation: |
|
744 | Or if using a dispatcher WSGI script with proper virtualenv activation: | |
746 |
|
745 | |||
747 | .. code-block:: apache |
|
746 | .. code-block:: apache | |
748 |
|
747 | |||
749 |
WSGIDaemonProcess kallithea threads= |
|
748 | WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 | |
750 | WSGIProcessGroup kallithea |
|
749 | WSGIProcessGroup kallithea | |
751 | WSGIScriptAlias / /srv/kallithea/dispatch.wsgi |
|
750 | WSGIScriptAlias / /srv/kallithea/dispatch.wsgi | |
752 | WSGIPassAuthorization On |
|
751 | WSGIPassAuthorization On | |
753 |
|
752 | |||
754 | Apache will by default run as a special Apache user, on Linux systems |
|
753 | Apache will by default run as a special Apache user, on Linux systems | |
755 | usually ``www-data`` or ``apache``. If you need to have the repositories |
|
754 | usually ``www-data`` or ``apache``. If you need to have the repositories | |
756 | directory owned by a different user, use the user and group options to |
|
755 | directory owned by a different user, use the user and group options to | |
757 | WSGIDaemonProcess to set the name of the user and group. |
|
756 | WSGIDaemonProcess to set the name of the user and group. | |
758 |
|
757 | |||
759 | .. note:: |
|
758 | .. note:: | |
760 | If running Kallithea in multiprocess mode, |
|
759 | If running Kallithea in multiprocess mode, | |
761 | make sure you set ``instance_id = *`` in the configuration so each process |
|
760 | make sure you set ``instance_id = *`` in the configuration so each process | |
762 | gets it's own cache invalidation key. |
|
761 | gets it's own cache invalidation key. | |
763 |
|
762 | |||
764 | Example WSGI dispatch script: |
|
763 | Example WSGI dispatch script: | |
765 |
|
764 | |||
766 | .. code-block:: python |
|
765 | .. code-block:: python | |
767 |
|
766 | |||
768 | import os |
|
767 | import os | |
769 | os.environ["HGENCODING"] = "UTF-8" |
|
768 | os.environ["HGENCODING"] = "UTF-8" | |
770 | os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache' |
|
769 | os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache' | |
771 |
|
770 | |||
772 | # sometimes it's needed to set the curent dir |
|
771 | # sometimes it's needed to set the curent dir | |
773 | os.chdir('/srv/kallithea/') |
|
772 | os.chdir('/srv/kallithea/') | |
774 |
|
773 | |||
775 | import site |
|
774 | import site | |
776 | site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages") |
|
775 | site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages") | |
777 |
|
776 | |||
778 | ini = '/srv/kallithea/my.ini' |
|
777 | ini = '/srv/kallithea/my.ini' | |
779 | from paste.script.util.logging_config import fileConfig |
|
778 | from paste.script.util.logging_config import fileConfig | |
780 | fileConfig(ini) |
|
779 | fileConfig(ini) | |
781 | from paste.deploy import loadapp |
|
780 | from paste.deploy import loadapp | |
782 | application = loadapp('config:' + ini) |
|
781 | application = loadapp('config:' + ini) | |
783 |
|
782 | |||
784 | Or using proper virtualenv activation: |
|
783 | Or using proper virtualenv activation: | |
785 |
|
784 | |||
786 | .. code-block:: python |
|
785 | .. code-block:: python | |
787 |
|
786 | |||
788 | activate_this = '/srv/kallithea/venv/bin/activate_this.py' |
|
787 | activate_this = '/srv/kallithea/venv/bin/activate_this.py' | |
789 | execfile(activate_this, dict(__file__=activate_this)) |
|
788 | execfile(activate_this, dict(__file__=activate_this)) | |
790 |
|
789 | |||
791 | import os |
|
790 | import os | |
792 | os.environ['HOME'] = '/srv/kallithea' |
|
791 | os.environ['HOME'] = '/srv/kallithea' | |
793 |
|
792 | |||
794 | ini = '/srv/kallithea/kallithea.ini' |
|
793 | ini = '/srv/kallithea/kallithea.ini' | |
795 | from paste.script.util.logging_config import fileConfig |
|
794 | from paste.script.util.logging_config import fileConfig | |
796 | fileConfig(ini) |
|
795 | fileConfig(ini) | |
797 | from paste.deploy import loadapp |
|
796 | from paste.deploy import loadapp | |
798 | application = loadapp('config:' + ini) |
|
797 | application = loadapp('config:' + ini) | |
799 |
|
798 | |||
800 |
|
799 | |||
801 | Other configuration files |
|
800 | Other configuration files | |
802 | ------------------------- |
|
801 | ------------------------- | |
803 |
|
802 | |||
804 | A number of `example init.d scripts`__ can be found in |
|
803 | A number of `example init.d scripts`__ can be found in | |
805 | the ``init.d`` directory of the Kallithea source. |
|
804 | the ``init.d`` directory of the Kallithea source. | |
806 |
|
805 | |||
807 | .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ . |
|
806 | .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ . | |
808 |
|
807 | |||
809 |
|
808 | |||
810 | .. _virtualenv: http://pypi.python.org/pypi/virtualenv |
|
809 | .. _virtualenv: http://pypi.python.org/pypi/virtualenv | |
811 | .. _python: http://www.python.org/ |
|
810 | .. _python: http://www.python.org/ | |
812 | .. _Mercurial: https://www.mercurial-scm.org/ |
|
811 | .. _Mercurial: https://www.mercurial-scm.org/ | |
813 | .. _Celery: http://celeryproject.org/ |
|
812 | .. _Celery: http://celeryproject.org/ | |
814 | .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html |
|
813 | .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html | |
815 | .. _RabbitMQ: http://www.rabbitmq.com/ |
|
814 | .. _RabbitMQ: http://www.rabbitmq.com/ | |
816 | .. _Redis: http://redis.io/ |
|
815 | .. _Redis: http://redis.io/ | |
817 | .. _python-ldap: http://www.python-ldap.org/ |
|
816 | .. _python-ldap: http://www.python-ldap.org/ | |
818 | .. _mercurial-server: http://www.lshift.net/mercurial-server.html |
|
817 | .. _mercurial-server: http://www.lshift.net/mercurial-server.html | |
819 | .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories |
|
818 | .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories |
@@ -1,56 +1,74 b'' | |||||
1 | .. _performance: |
|
1 | .. _performance: | |
2 |
|
2 | |||
3 | ================================ |
|
3 | ================================ | |
4 | Optimizing Kallithea performance |
|
4 | Optimizing Kallithea performance | |
5 | ================================ |
|
5 | ================================ | |
6 |
|
6 | |||
7 | When serving a large amount of big repositories, Kallithea can start |
|
7 | When serving a large amount of big repositories, Kallithea can start | |
8 | performing slower than expected. Because of the demanding nature of handling large |
|
8 | performing slower than expected. Because of the demanding nature of handling large | |
9 | amounts of data from version control systems, here are some tips on how to get |
|
9 | amounts of data from version control systems, here are some tips on how to get | |
10 | the best performance. |
|
10 | the best performance. | |
11 |
|
11 | |||
12 | * Kallithea is often I/O bound, and hence a fast disk (SSD/SAN) is |
|
12 | * Kallithea is often I/O bound, and hence a fast disk (SSD/SAN) is | |
13 | usually more important than a fast CPU. |
|
13 | usually more important than a fast CPU. | |
14 |
|
14 | |||
15 | * Sluggish loading of the front page can easily be fixed by grouping repositories or by |
|
15 | * Sluggish loading of the front page can easily be fixed by grouping repositories or by | |
16 | increasing cache size (see below). This includes using the lightweight dashboard |
|
16 | increasing cache size (see below). This includes using the lightweight dashboard | |
17 | option and ``vcs_full_cache`` setting in .ini file. |
|
17 | option and ``vcs_full_cache`` setting in .ini file. | |
18 |
|
18 | |||
19 | Follow these few steps to improve performance of Kallithea system. |
|
19 | Follow these few steps to improve performance of Kallithea system. | |
20 |
|
20 | |||
21 | 1. Increase cache |
|
21 | 1. Increase cache | |
22 |
|
22 | |||
23 | Tweak beaker cache settings in the ini file. The actual effect of that |
|
23 | Tweak beaker cache settings in the ini file. The actual effect of that | |
24 | is questionable. |
|
24 | is questionable. | |
25 |
|
25 | |||
26 | 2. Switch from SQLite to PostgreSQL or MySQL |
|
26 | 2. Switch from SQLite to PostgreSQL or MySQL | |
27 |
|
27 | |||
28 | SQLite is a good option when having a small load on the system. But due to |
|
28 | SQLite is a good option when having a small load on the system. But due to | |
29 | locking issues with SQLite, it is not recommended to use it for larger |
|
29 | locking issues with SQLite, it is not recommended to use it for larger | |
30 | deployments. Switching to MySQL or PostgreSQL will result in an immediate |
|
30 | deployments. Switching to MySQL or PostgreSQL will result in an immediate | |
31 | performance increase. A tool like SQLAlchemyGrate_ can be used for |
|
31 | performance increase. A tool like SQLAlchemyGrate_ can be used for | |
32 | migrating to another database platform. |
|
32 | migrating to another database platform. | |
33 |
|
33 | |||
34 | 3. Scale Kallithea horizontally |
|
34 | 3. Scale Kallithea horizontally | |
35 |
|
35 | |||
36 | Scaling horizontally can give huge performance benefits when dealing with |
|
36 | Scaling horizontally can give huge performance benefits when dealing with | |
37 | large amounts of traffic (many users, CI servers, etc.). Kallithea can be |
|
37 | large amounts of traffic (many users, CI servers, etc.). Kallithea can be | |
38 |
scaled horizontally on one (recommended) or multiple machines. |
|
38 | scaled horizontally on one (recommended) or multiple machines. | |
39 | to scale horizontally you need to do the following: |
|
39 | ||
|
40 | It is generally possible to run WSGI applications multithreaded, so that | |||
|
41 | several HTTP requests are served from the same Python process at once. That | |||
|
42 | can in principle give better utilization of internal caches and less | |||
|
43 | process overhead. | |||
|
44 | ||||
|
45 | One danger of running multithreaded is that program execution becomes much | |||
|
46 | more complex; programs must be written to consider all combinations of | |||
|
47 | events and problems might depend on timing and be impossible to reproduce. | |||
|
48 | ||||
|
49 | Kallithea can't promise to be thread-safe, just like the embedded Mercurial | |||
|
50 | backend doesn't make any strong promises when used as Kallithea uses it. | |||
|
51 | Instead, we recommend scaling by using multiple server processes. | |||
|
52 | ||||
|
53 | Web servers with multiple worker processes (such as ``mod_wsgi`` with the | |||
|
54 | ``WSGIDaemonProcess`` ``processes`` parameter) will work out of the box. | |||
|
55 | ||||
|
56 | In order to scale horizontally on multiple machines, you need to do the | |||
|
57 | following: | |||
40 |
|
58 | |||
41 | - Each instance needs its own .ini file and unique ``instance_id`` set. |
|
59 | - Each instance needs its own .ini file and unique ``instance_id`` set. | |
42 | - Each instance's ``data`` storage needs to be configured to be stored on a |
|
60 | - Each instance's ``data`` storage needs to be configured to be stored on a | |
43 | shared disk storage, preferably together with repositories. This ``data`` |
|
61 | shared disk storage, preferably together with repositories. This ``data`` | |
44 | dir contains template caches, sessions, whoosh index and is used for |
|
62 | dir contains template caches, sessions, whoosh index and is used for | |
45 | task locking (so it is safe across multiple instances). Set the |
|
63 | task locking (so it is safe across multiple instances). Set the | |
46 | ``cache_dir``, ``index_dir``, ``beaker.cache.data_dir``, ``beaker.cache.lock_dir`` |
|
64 | ``cache_dir``, ``index_dir``, ``beaker.cache.data_dir``, ``beaker.cache.lock_dir`` | |
47 | variables in each .ini file to a shared location across Kallithea instances |
|
65 | variables in each .ini file to a shared location across Kallithea instances | |
48 | - If celery is used each instance should run a separate Celery instance, but |
|
66 | - If using several Celery instances, | |
49 | the message broker should be common to all of them (e.g., one |
|
67 | the message broker should be common to all of them (e.g., one | |
50 | shared RabbitMQ server) |
|
68 | shared RabbitMQ server) | |
51 | - Load balance using round robin or IP hash, recommended is writing LB rules |
|
69 | - Load balance using round robin or IP hash, recommended is writing LB rules | |
52 | that will separate regular user traffic from automated processes like CI |
|
70 | that will separate regular user traffic from automated processes like CI | |
53 | servers or build bots. |
|
71 | servers or build bots. | |
54 |
|
72 | |||
55 |
|
73 | |||
56 | .. _SQLAlchemyGrate: https://github.com/shazow/sqlalchemygrate |
|
74 | .. _SQLAlchemyGrate: https://github.com/shazow/sqlalchemygrate |
@@ -1,591 +1,591 b'' | |||||
1 | ## -*- coding: utf-8 -*- |
|
1 | ## -*- coding: utf-8 -*- | |
2 | <%text>################################################################################</%text> |
|
2 | <%text>################################################################################</%text> | |
3 | <%text>################################################################################</%text> |
|
3 | <%text>################################################################################</%text> | |
4 | # Kallithea - config file generated with kallithea-config # |
|
4 | # Kallithea - config file generated with kallithea-config # | |
5 | <%text>################################################################################</%text> |
|
5 | <%text>################################################################################</%text> | |
6 | <%text>################################################################################</%text> |
|
6 | <%text>################################################################################</%text> | |
7 |
|
7 | |||
8 | [DEFAULT] |
|
8 | [DEFAULT] | |
9 | debug = true |
|
9 | debug = true | |
10 | pdebug = false |
|
10 | pdebug = false | |
11 |
|
11 | |||
12 | <%text>################################################################################</%text> |
|
12 | <%text>################################################################################</%text> | |
13 | <%text>## Email settings ##</%text> |
|
13 | <%text>## Email settings ##</%text> | |
14 | <%text>## ##</%text> |
|
14 | <%text>## ##</%text> | |
15 | <%text>## Refer to the documentation ("Email settings") for more details. ##</%text> |
|
15 | <%text>## Refer to the documentation ("Email settings") for more details. ##</%text> | |
16 | <%text>## ##</%text> |
|
16 | <%text>## ##</%text> | |
17 | <%text>## It is recommended to use a valid sender address that passes access ##</%text> |
|
17 | <%text>## It is recommended to use a valid sender address that passes access ##</%text> | |
18 | <%text>## validation and spam filtering in mail servers. ##</%text> |
|
18 | <%text>## validation and spam filtering in mail servers. ##</%text> | |
19 | <%text>################################################################################</%text> |
|
19 | <%text>################################################################################</%text> | |
20 |
|
20 | |||
21 | <%text>## 'From' header for application emails. You can optionally add a name.</%text> |
|
21 | <%text>## 'From' header for application emails. You can optionally add a name.</%text> | |
22 | <%text>## Default:</%text> |
|
22 | <%text>## Default:</%text> | |
23 | #app_email_from = Kallithea |
|
23 | #app_email_from = Kallithea | |
24 | <%text>## Examples:</%text> |
|
24 | <%text>## Examples:</%text> | |
25 | #app_email_from = Kallithea <kallithea-noreply@example.com> |
|
25 | #app_email_from = Kallithea <kallithea-noreply@example.com> | |
26 | #app_email_from = kallithea-noreply@example.com |
|
26 | #app_email_from = kallithea-noreply@example.com | |
27 |
|
27 | |||
28 | <%text>## Subject prefix for application emails.</%text> |
|
28 | <%text>## Subject prefix for application emails.</%text> | |
29 | <%text>## A space between this prefix and the real subject is automatically added.</%text> |
|
29 | <%text>## A space between this prefix and the real subject is automatically added.</%text> | |
30 | <%text>## Default:</%text> |
|
30 | <%text>## Default:</%text> | |
31 | #email_prefix = |
|
31 | #email_prefix = | |
32 | <%text>## Example:</%text> |
|
32 | <%text>## Example:</%text> | |
33 | #email_prefix = [Kallithea] |
|
33 | #email_prefix = [Kallithea] | |
34 |
|
34 | |||
35 | <%text>## Recipients for error emails and fallback recipients of application mails.</%text> |
|
35 | <%text>## Recipients for error emails and fallback recipients of application mails.</%text> | |
36 | <%text>## Multiple addresses can be specified, space-separated.</%text> |
|
36 | <%text>## Multiple addresses can be specified, space-separated.</%text> | |
37 | <%text>## Only addresses are allowed, do not add any name part.</%text> |
|
37 | <%text>## Only addresses are allowed, do not add any name part.</%text> | |
38 | <%text>## Default:</%text> |
|
38 | <%text>## Default:</%text> | |
39 | #email_to = |
|
39 | #email_to = | |
40 | <%text>## Examples:</%text> |
|
40 | <%text>## Examples:</%text> | |
41 | #email_to = admin@example.com |
|
41 | #email_to = admin@example.com | |
42 | #email_to = admin@example.com another_admin@example.com |
|
42 | #email_to = admin@example.com another_admin@example.com | |
43 |
|
43 | |||
44 | <%text>## 'From' header for error emails. You can optionally add a name.</%text> |
|
44 | <%text>## 'From' header for error emails. You can optionally add a name.</%text> | |
45 | <%text>## Default:</%text> |
|
45 | <%text>## Default:</%text> | |
46 | #error_email_from = pylons@yourapp.com |
|
46 | #error_email_from = pylons@yourapp.com | |
47 | <%text>## Examples:</%text> |
|
47 | <%text>## Examples:</%text> | |
48 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> |
|
48 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> | |
49 | #error_email_from = paste_error@example.com |
|
49 | #error_email_from = paste_error@example.com | |
50 |
|
50 | |||
51 | <%text>## SMTP server settings</%text> |
|
51 | <%text>## SMTP server settings</%text> | |
52 | <%text>## Only smtp_server is mandatory. All other settings take the specified default</%text> |
|
52 | <%text>## Only smtp_server is mandatory. All other settings take the specified default</%text> | |
53 | <%text>## values.</%text> |
|
53 | <%text>## values.</%text> | |
54 | #smtp_server = smtp.example.com |
|
54 | #smtp_server = smtp.example.com | |
55 | #smtp_username = |
|
55 | #smtp_username = | |
56 | #smtp_password = |
|
56 | #smtp_password = | |
57 | #smtp_port = 25 |
|
57 | #smtp_port = 25 | |
58 | #smtp_use_tls = false |
|
58 | #smtp_use_tls = false | |
59 | #smtp_use_ssl = false |
|
59 | #smtp_use_ssl = false | |
60 | <%text>## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).</%text> |
|
60 | <%text>## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).</%text> | |
61 | <%text>## If empty, use any of the authentication parameters supported by the server.</%text> |
|
61 | <%text>## If empty, use any of the authentication parameters supported by the server.</%text> | |
62 | #smtp_auth = |
|
62 | #smtp_auth = | |
63 |
|
63 | |||
64 | [server:main] |
|
64 | [server:main] | |
65 | %if http_server == 'paste': |
|
65 | %if http_server == 'paste': | |
66 | <%text>## PASTE ##</%text> |
|
66 | <%text>## PASTE ##</%text> | |
67 | use = egg:Paste#http |
|
67 | use = egg:Paste#http | |
68 | <%text>## nr of worker threads to spawn</%text> |
|
68 | <%text>## nr of worker threads to spawn</%text> | |
69 |
threadpool_workers = |
|
69 | threadpool_workers = 1 | |
70 | <%text>## max request before thread respawn</%text> |
|
70 | <%text>## max request before thread respawn</%text> | |
71 | threadpool_max_requests = 10 |
|
71 | threadpool_max_requests = 100 | |
72 | <%text>## option to use threads of process</%text> |
|
72 | <%text>## option to use threads of process</%text> | |
73 | use_threadpool = true |
|
73 | use_threadpool = true | |
74 |
|
74 | |||
75 | %elif http_server == 'waitress': |
|
75 | %elif http_server == 'waitress': | |
76 | <%text>## WAITRESS ##</%text> |
|
76 | <%text>## WAITRESS ##</%text> | |
77 | use = egg:waitress#main |
|
77 | use = egg:waitress#main | |
78 | <%text>## number of worker threads</%text> |
|
78 | <%text>## number of worker threads</%text> | |
79 |
threads = |
|
79 | threads = 1 | |
80 | <%text>## MAX BODY SIZE 100GB</%text> |
|
80 | <%text>## MAX BODY SIZE 100GB</%text> | |
81 | max_request_body_size = 107374182400 |
|
81 | max_request_body_size = 107374182400 | |
82 | <%text>## use poll instead of select, fixes fd limits, may not work on old</%text> |
|
82 | <%text>## use poll instead of select, fixes fd limits, may not work on old</%text> | |
83 | <%text>## windows systems.</%text> |
|
83 | <%text>## windows systems.</%text> | |
84 | #asyncore_use_poll = True |
|
84 | #asyncore_use_poll = True | |
85 |
|
85 | |||
86 | %elif http_server == 'gunicorn': |
|
86 | %elif http_server == 'gunicorn': | |
87 | <%text>## GUNICORN ##</%text> |
|
87 | <%text>## GUNICORN ##</%text> | |
88 | use = egg:gunicorn#main |
|
88 | use = egg:gunicorn#main | |
89 | <%text>## number of process workers. You must set `instance_id = *` when this option</%text> |
|
89 | <%text>## number of process workers. You must set `instance_id = *` when this option</%text> | |
90 | <%text>## is set to more than one worker</%text> |
|
90 | <%text>## is set to more than one worker</%text> | |
91 | workers = 1 |
|
91 | workers = 1 | |
92 | <%text>## process name</%text> |
|
92 | <%text>## process name</%text> | |
93 | proc_name = kallithea |
|
93 | proc_name = kallithea | |
94 | <%text>## type of worker class, one of sync, eventlet, gevent, tornado</%text> |
|
94 | <%text>## type of worker class, one of sync, eventlet, gevent, tornado</%text> | |
95 | <%text>## recommended for bigger setup is using of of other than sync one</%text> |
|
95 | <%text>## recommended for bigger setup is using of of other than sync one</%text> | |
96 | worker_class = sync |
|
96 | worker_class = sync | |
97 | max_requests = 1000 |
|
97 | max_requests = 1000 | |
98 | <%text>## ammount of time a worker can handle request before it gets killed and</%text> |
|
98 | <%text>## ammount of time a worker can handle request before it gets killed and</%text> | |
99 | <%text>## restarted</%text> |
|
99 | <%text>## restarted</%text> | |
100 | timeout = 3600 |
|
100 | timeout = 3600 | |
101 |
|
101 | |||
102 | %elif http_server == 'uwsgi': |
|
102 | %elif http_server == 'uwsgi': | |
103 | <%text>## UWSGI ##</%text> |
|
103 | <%text>## UWSGI ##</%text> | |
104 | <%text>## run with uwsgi --ini-paste-logged <inifile.ini></%text> |
|
104 | <%text>## run with uwsgi --ini-paste-logged <inifile.ini></%text> | |
105 | [uwsgi] |
|
105 | [uwsgi] | |
106 | socket = /tmp/uwsgi.sock |
|
106 | socket = /tmp/uwsgi.sock | |
107 | master = true |
|
107 | master = true | |
108 | http = 127.0.0.1:5000 |
|
108 | http = 127.0.0.1:5000 | |
109 |
|
109 | |||
110 | <%text>## set as deamon and redirect all output to file</%text> |
|
110 | <%text>## set as deamon and redirect all output to file</%text> | |
111 | #daemonize = ./uwsgi_kallithea.log |
|
111 | #daemonize = ./uwsgi_kallithea.log | |
112 |
|
112 | |||
113 | <%text>## master process PID</%text> |
|
113 | <%text>## master process PID</%text> | |
114 | pidfile = ./uwsgi_kallithea.pid |
|
114 | pidfile = ./uwsgi_kallithea.pid | |
115 |
|
115 | |||
116 | <%text>## stats server with workers statistics, use uwsgitop</%text> |
|
116 | <%text>## stats server with workers statistics, use uwsgitop</%text> | |
117 | <%text>## for monitoring, `uwsgitop 127.0.0.1:1717`</%text> |
|
117 | <%text>## for monitoring, `uwsgitop 127.0.0.1:1717`</%text> | |
118 | stats = 127.0.0.1:1717 |
|
118 | stats = 127.0.0.1:1717 | |
119 | memory-report = true |
|
119 | memory-report = true | |
120 |
|
120 | |||
121 | <%text>## log 5XX errors</%text> |
|
121 | <%text>## log 5XX errors</%text> | |
122 | log-5xx = true |
|
122 | log-5xx = true | |
123 |
|
123 | |||
124 | <%text>## Set the socket listen queue size.</%text> |
|
124 | <%text>## Set the socket listen queue size.</%text> | |
125 | listen = 256 |
|
125 | listen = 256 | |
126 |
|
126 | |||
127 | <%text>## Gracefully Reload workers after the specified amount of managed requests</%text> |
|
127 | <%text>## Gracefully Reload workers after the specified amount of managed requests</%text> | |
128 | <%text>## (avoid memory leaks).</%text> |
|
128 | <%text>## (avoid memory leaks).</%text> | |
129 | max-requests = 1000 |
|
129 | max-requests = 1000 | |
130 |
|
130 | |||
131 | <%text>## enable large buffers</%text> |
|
131 | <%text>## enable large buffers</%text> | |
132 | buffer-size = 65535 |
|
132 | buffer-size = 65535 | |
133 |
|
133 | |||
134 | <%text>## socket and http timeouts ##</%text> |
|
134 | <%text>## socket and http timeouts ##</%text> | |
135 | http-timeout = 3600 |
|
135 | http-timeout = 3600 | |
136 | socket-timeout = 3600 |
|
136 | socket-timeout = 3600 | |
137 |
|
137 | |||
138 | <%text>## Log requests slower than the specified number of milliseconds.</%text> |
|
138 | <%text>## Log requests slower than the specified number of milliseconds.</%text> | |
139 | log-slow = 10 |
|
139 | log-slow = 10 | |
140 |
|
140 | |||
141 | <%text>## Exit if no app can be loaded.</%text> |
|
141 | <%text>## Exit if no app can be loaded.</%text> | |
142 | need-app = true |
|
142 | need-app = true | |
143 |
|
143 | |||
144 | <%text>## Set lazy mode (load apps in workers instead of master).</%text> |
|
144 | <%text>## Set lazy mode (load apps in workers instead of master).</%text> | |
145 | lazy = true |
|
145 | lazy = true | |
146 |
|
146 | |||
147 | <%text>## scaling ##</%text> |
|
147 | <%text>## scaling ##</%text> | |
148 | <%text>## set cheaper algorithm to use, if not set default will be used</%text> |
|
148 | <%text>## set cheaper algorithm to use, if not set default will be used</%text> | |
149 | cheaper-algo = spare |
|
149 | cheaper-algo = spare | |
150 |
|
150 | |||
151 | <%text>## minimum number of workers to keep at all times</%text> |
|
151 | <%text>## minimum number of workers to keep at all times</%text> | |
152 | cheaper = 1 |
|
152 | cheaper = 1 | |
153 |
|
153 | |||
154 | <%text>## number of workers to spawn at startup</%text> |
|
154 | <%text>## number of workers to spawn at startup</%text> | |
155 | cheaper-initial = 1 |
|
155 | cheaper-initial = 1 | |
156 |
|
156 | |||
157 | <%text>## maximum number of workers that can be spawned</%text> |
|
157 | <%text>## maximum number of workers that can be spawned</%text> | |
158 | workers = 4 |
|
158 | workers = 4 | |
159 |
|
159 | |||
160 | <%text>## how many workers should be spawned at a time</%text> |
|
160 | <%text>## how many workers should be spawned at a time</%text> | |
161 | cheaper-step = 1 |
|
161 | cheaper-step = 1 | |
162 |
|
162 | |||
163 | %endif |
|
163 | %endif | |
164 | <%text>## COMMON ##</%text> |
|
164 | <%text>## COMMON ##</%text> | |
165 | host = ${host} |
|
165 | host = ${host} | |
166 | port = ${port} |
|
166 | port = ${port} | |
167 |
|
167 | |||
168 | <%text>## middleware for hosting the WSGI application under a URL prefix</%text> |
|
168 | <%text>## middleware for hosting the WSGI application under a URL prefix</%text> | |
169 | #[filter:proxy-prefix] |
|
169 | #[filter:proxy-prefix] | |
170 | #use = egg:PasteDeploy#prefix |
|
170 | #use = egg:PasteDeploy#prefix | |
171 | #prefix = /<your-prefix> |
|
171 | #prefix = /<your-prefix> | |
172 |
|
172 | |||
173 | [app:main] |
|
173 | [app:main] | |
174 | use = egg:kallithea |
|
174 | use = egg:kallithea | |
175 | <%text>## enable proxy prefix middleware</%text> |
|
175 | <%text>## enable proxy prefix middleware</%text> | |
176 | #filter-with = proxy-prefix |
|
176 | #filter-with = proxy-prefix | |
177 |
|
177 | |||
178 | full_stack = true |
|
178 | full_stack = true | |
179 | static_files = true |
|
179 | static_files = true | |
180 | <%text>## Available Languages:</%text> |
|
180 | <%text>## Available Languages:</%text> | |
181 | <%text>## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW</%text> |
|
181 | <%text>## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW</%text> | |
182 | lang = |
|
182 | lang = | |
183 | cache_dir = ${here}/data |
|
183 | cache_dir = ${here}/data | |
184 | index_dir = ${here}/data/index |
|
184 | index_dir = ${here}/data/index | |
185 |
|
185 | |||
186 | <%text>## perform a full repository scan on each server start, this should be</%text> |
|
186 | <%text>## perform a full repository scan on each server start, this should be</%text> | |
187 | <%text>## set to false after first startup, to allow faster server restarts.</%text> |
|
187 | <%text>## set to false after first startup, to allow faster server restarts.</%text> | |
188 | initial_repo_scan = false |
|
188 | initial_repo_scan = false | |
189 |
|
189 | |||
190 | <%text>## uncomment and set this path to use archive download cache</%text> |
|
190 | <%text>## uncomment and set this path to use archive download cache</%text> | |
191 | archive_cache_dir = ${here}/tarballcache |
|
191 | archive_cache_dir = ${here}/tarballcache | |
192 |
|
192 | |||
193 | <%text>## change this to unique ID for security</%text> |
|
193 | <%text>## change this to unique ID for security</%text> | |
194 | app_instance_uuid = ${uuid()} |
|
194 | app_instance_uuid = ${uuid()} | |
195 |
|
195 | |||
196 | <%text>## cut off limit for large diffs (size in bytes)</%text> |
|
196 | <%text>## cut off limit for large diffs (size in bytes)</%text> | |
197 | cut_off_limit = 256000 |
|
197 | cut_off_limit = 256000 | |
198 |
|
198 | |||
199 | <%text>## use cache version of scm repo everywhere</%text> |
|
199 | <%text>## use cache version of scm repo everywhere</%text> | |
200 | vcs_full_cache = true |
|
200 | vcs_full_cache = true | |
201 |
|
201 | |||
202 | <%text>## force https in Kallithea, fixes https redirects, assumes it's always https</%text> |
|
202 | <%text>## force https in Kallithea, fixes https redirects, assumes it's always https</%text> | |
203 | force_https = false |
|
203 | force_https = false | |
204 |
|
204 | |||
205 | <%text>## use Strict-Transport-Security headers</%text> |
|
205 | <%text>## use Strict-Transport-Security headers</%text> | |
206 | use_htsts = false |
|
206 | use_htsts = false | |
207 |
|
207 | |||
208 | <%text>## number of commits stats will parse on each iteration</%text> |
|
208 | <%text>## number of commits stats will parse on each iteration</%text> | |
209 | commit_parse_limit = 25 |
|
209 | commit_parse_limit = 25 | |
210 |
|
210 | |||
211 | <%text>## path to git executable</%text> |
|
211 | <%text>## path to git executable</%text> | |
212 | git_path = git |
|
212 | git_path = git | |
213 |
|
213 | |||
214 | <%text>## git rev filter option, --all is the default filter, if you need to</%text> |
|
214 | <%text>## git rev filter option, --all is the default filter, if you need to</%text> | |
215 | <%text>## hide all refs in changelog switch this to --branches --tags</%text> |
|
215 | <%text>## hide all refs in changelog switch this to --branches --tags</%text> | |
216 | #git_rev_filter = --branches --tags |
|
216 | #git_rev_filter = --branches --tags | |
217 |
|
217 | |||
218 | <%text>## RSS feed options</%text> |
|
218 | <%text>## RSS feed options</%text> | |
219 | rss_cut_off_limit = 256000 |
|
219 | rss_cut_off_limit = 256000 | |
220 | rss_items_per_page = 10 |
|
220 | rss_items_per_page = 10 | |
221 | rss_include_diff = false |
|
221 | rss_include_diff = false | |
222 |
|
222 | |||
223 | <%text>## options for showing and identifying changesets</%text> |
|
223 | <%text>## options for showing and identifying changesets</%text> | |
224 | show_sha_length = 12 |
|
224 | show_sha_length = 12 | |
225 | show_revision_number = false |
|
225 | show_revision_number = false | |
226 |
|
226 | |||
227 | <%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text> |
|
227 | <%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text> | |
228 | <%text>## url that does rewrites to _admin/gists/<gistid>.</%text> |
|
228 | <%text>## url that does rewrites to _admin/gists/<gistid>.</%text> | |
229 | <%text>## example: http://gist.example.com/{gistid}. Empty means use the internal</%text> |
|
229 | <%text>## example: http://gist.example.com/{gistid}. Empty means use the internal</%text> | |
230 | <%text>## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid></%text> |
|
230 | <%text>## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid></%text> | |
231 | gist_alias_url = |
|
231 | gist_alias_url = | |
232 |
|
232 | |||
233 | <%text>## white list of API enabled controllers. This allows to add list of</%text> |
|
233 | <%text>## white list of API enabled controllers. This allows to add list of</%text> | |
234 | <%text>## controllers to which access will be enabled by api_key. eg: to enable</%text> |
|
234 | <%text>## controllers to which access will be enabled by api_key. eg: to enable</%text> | |
235 | <%text>## api access to raw_files put `FilesController:raw`, to enable access to patches</%text> |
|
235 | <%text>## api access to raw_files put `FilesController:raw`, to enable access to patches</%text> | |
236 | <%text>## add `ChangesetController:changeset_patch`. This list should be "," separated</%text> |
|
236 | <%text>## add `ChangesetController:changeset_patch`. This list should be "," separated</%text> | |
237 | <%text>## Syntax is <ControllerClass>:<function>. Check debug logs for generated names</%text> |
|
237 | <%text>## Syntax is <ControllerClass>:<function>. Check debug logs for generated names</%text> | |
238 | <%text>## Recommended settings below are commented out:</%text> |
|
238 | <%text>## Recommended settings below are commented out:</%text> | |
239 | api_access_controllers_whitelist = |
|
239 | api_access_controllers_whitelist = | |
240 | # ChangesetController:changeset_patch, |
|
240 | # ChangesetController:changeset_patch, | |
241 | # ChangesetController:changeset_raw, |
|
241 | # ChangesetController:changeset_raw, | |
242 | # FilesController:raw, |
|
242 | # FilesController:raw, | |
243 | # FilesController:archivefile |
|
243 | # FilesController:archivefile | |
244 |
|
244 | |||
245 | <%text>## default encoding used to convert from and to unicode</%text> |
|
245 | <%text>## default encoding used to convert from and to unicode</%text> | |
246 | <%text>## can be also a comma seperated list of encoding in case of mixed encodings</%text> |
|
246 | <%text>## can be also a comma seperated list of encoding in case of mixed encodings</%text> | |
247 | default_encoding = utf8 |
|
247 | default_encoding = utf8 | |
248 |
|
248 | |||
249 | <%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text> |
|
249 | <%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text> | |
250 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues |
|
250 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues | |
251 |
|
251 | |||
252 | <%text>## issue tracking mapping for commits messages</%text> |
|
252 | <%text>## issue tracking mapping for commits messages</%text> | |
253 | <%text>## comment out issue_pat, issue_server, issue_prefix to enable</%text> |
|
253 | <%text>## comment out issue_pat, issue_server, issue_prefix to enable</%text> | |
254 |
|
254 | |||
255 | <%text>## pattern to get the issues from commit messages</%text> |
|
255 | <%text>## pattern to get the issues from commit messages</%text> | |
256 | <%text>## default one used here is #<numbers> with a regex passive group for `#`</%text> |
|
256 | <%text>## default one used here is #<numbers> with a regex passive group for `#`</%text> | |
257 | <%text>## {id} will be all groups matched from this pattern</%text> |
|
257 | <%text>## {id} will be all groups matched from this pattern</%text> | |
258 |
|
258 | |||
259 | issue_pat = (?:\s*#)(\d+) |
|
259 | issue_pat = (?:\s*#)(\d+) | |
260 |
|
260 | |||
261 | <%text>## server url to the issue, each {id} will be replaced with match</%text> |
|
261 | <%text>## server url to the issue, each {id} will be replaced with match</%text> | |
262 | <%text>## fetched from the regex and {repo} is replaced with full repository name</%text> |
|
262 | <%text>## fetched from the regex and {repo} is replaced with full repository name</%text> | |
263 | <%text>## including groups {repo_name} is replaced with just name of repo</%text> |
|
263 | <%text>## including groups {repo_name} is replaced with just name of repo</%text> | |
264 |
|
264 | |||
265 | issue_server_link = https://issues.example.com/{repo}/issue/{id} |
|
265 | issue_server_link = https://issues.example.com/{repo}/issue/{id} | |
266 |
|
266 | |||
267 | <%text>## prefix to add to link to indicate it's an url</%text> |
|
267 | <%text>## prefix to add to link to indicate it's an url</%text> | |
268 | <%text>## #314 will be replaced by <issue_prefix><id></%text> |
|
268 | <%text>## #314 will be replaced by <issue_prefix><id></%text> | |
269 |
|
269 | |||
270 | issue_prefix = # |
|
270 | issue_prefix = # | |
271 |
|
271 | |||
272 | <%text>## issue_pat, issue_server_link, issue_prefix can have suffixes to specify</%text> |
|
272 | <%text>## issue_pat, issue_server_link, issue_prefix can have suffixes to specify</%text> | |
273 | <%text>## multiple patterns, to other issues server, wiki or others</%text> |
|
273 | <%text>## multiple patterns, to other issues server, wiki or others</%text> | |
274 | <%text>## below an example how to create a wiki pattern</%text> |
|
274 | <%text>## below an example how to create a wiki pattern</%text> | |
275 | # wiki-some-id -> https://wiki.example.com/some-id |
|
275 | # wiki-some-id -> https://wiki.example.com/some-id | |
276 |
|
276 | |||
277 | #issue_pat_wiki = (?:wiki-)(.+) |
|
277 | #issue_pat_wiki = (?:wiki-)(.+) | |
278 | #issue_server_link_wiki = https://wiki.example.com/{id} |
|
278 | #issue_server_link_wiki = https://wiki.example.com/{id} | |
279 | #issue_prefix_wiki = WIKI- |
|
279 | #issue_prefix_wiki = WIKI- | |
280 |
|
280 | |||
281 | <%text>## instance-id prefix</%text> |
|
281 | <%text>## instance-id prefix</%text> | |
282 | <%text>## a prefix key for this instance used for cache invalidation when running</%text> |
|
282 | <%text>## a prefix key for this instance used for cache invalidation when running</%text> | |
283 | <%text>## multiple instances of kallithea, make sure it's globally unique for</%text> |
|
283 | <%text>## multiple instances of kallithea, make sure it's globally unique for</%text> | |
284 | <%text>## all running kallithea instances. Leave empty if you don't use it</%text> |
|
284 | <%text>## all running kallithea instances. Leave empty if you don't use it</%text> | |
285 | instance_id = |
|
285 | instance_id = | |
286 |
|
286 | |||
287 | <%text>## alternative return HTTP header for failed authentication. Default HTTP</%text> |
|
287 | <%text>## alternative return HTTP header for failed authentication. Default HTTP</%text> | |
288 | <%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text> |
|
288 | <%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text> | |
289 | <%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text> |
|
289 | <%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text> | |
290 | auth_ret_code = |
|
290 | auth_ret_code = | |
291 |
|
291 | |||
292 | <%text>## locking return code. When repository is locked return this HTTP code. 2XX</%text> |
|
292 | <%text>## locking return code. When repository is locked return this HTTP code. 2XX</%text> | |
293 | <%text>## codes don't break the transactions while 4XX codes do</%text> |
|
293 | <%text>## codes don't break the transactions while 4XX codes do</%text> | |
294 | lock_ret_code = 423 |
|
294 | lock_ret_code = 423 | |
295 |
|
295 | |||
296 | <%text>## allows to change the repository location in settings page</%text> |
|
296 | <%text>## allows to change the repository location in settings page</%text> | |
297 | allow_repo_location_change = True |
|
297 | allow_repo_location_change = True | |
298 |
|
298 | |||
299 | <%text>## allows to setup custom hooks in settings page</%text> |
|
299 | <%text>## allows to setup custom hooks in settings page</%text> | |
300 | allow_custom_hooks_settings = True |
|
300 | allow_custom_hooks_settings = True | |
301 |
|
301 | |||
302 | <%text>####################################</%text> |
|
302 | <%text>####################################</%text> | |
303 | <%text>### CELERY CONFIG ####</%text> |
|
303 | <%text>### CELERY CONFIG ####</%text> | |
304 | <%text>####################################</%text> |
|
304 | <%text>####################################</%text> | |
305 |
|
305 | |||
306 | use_celery = false |
|
306 | use_celery = false | |
307 | broker.host = localhost |
|
307 | broker.host = localhost | |
308 | broker.vhost = rabbitmqhost |
|
308 | broker.vhost = rabbitmqhost | |
309 | broker.port = 5672 |
|
309 | broker.port = 5672 | |
310 | broker.user = rabbitmq |
|
310 | broker.user = rabbitmq | |
311 | broker.password = qweqwe |
|
311 | broker.password = qweqwe | |
312 |
|
312 | |||
313 | celery.imports = kallithea.lib.celerylib.tasks |
|
313 | celery.imports = kallithea.lib.celerylib.tasks | |
314 |
|
314 | |||
315 | celery.result.backend = amqp |
|
315 | celery.result.backend = amqp | |
316 | celery.result.dburi = amqp:// |
|
316 | celery.result.dburi = amqp:// | |
317 | celery.result.serialier = json |
|
317 | celery.result.serialier = json | |
318 |
|
318 | |||
319 | #celery.send.task.error.emails = true |
|
319 | #celery.send.task.error.emails = true | |
320 | #celery.amqp.task.result.expires = 18000 |
|
320 | #celery.amqp.task.result.expires = 18000 | |
321 |
|
321 | |||
322 | celeryd.concurrency = 2 |
|
322 | celeryd.concurrency = 2 | |
323 | #celeryd.log.file = celeryd.log |
|
323 | #celeryd.log.file = celeryd.log | |
324 | celeryd.log.level = DEBUG |
|
324 | celeryd.log.level = DEBUG | |
325 | celeryd.max.tasks.per.child = 1 |
|
325 | celeryd.max.tasks.per.child = 1 | |
326 |
|
326 | |||
327 | <%text>## tasks will never be sent to the queue, but executed locally instead.</%text> |
|
327 | <%text>## tasks will never be sent to the queue, but executed locally instead.</%text> | |
328 | celery.always.eager = false |
|
328 | celery.always.eager = false | |
329 |
|
329 | |||
330 | <%text>####################################</%text> |
|
330 | <%text>####################################</%text> | |
331 | <%text>### BEAKER CACHE ####</%text> |
|
331 | <%text>### BEAKER CACHE ####</%text> | |
332 | <%text>####################################</%text> |
|
332 | <%text>####################################</%text> | |
333 |
|
333 | |||
334 | beaker.cache.data_dir = ${here}/data/cache/data |
|
334 | beaker.cache.data_dir = ${here}/data/cache/data | |
335 | beaker.cache.lock_dir = ${here}/data/cache/lock |
|
335 | beaker.cache.lock_dir = ${here}/data/cache/lock | |
336 |
|
336 | |||
337 | beaker.cache.regions = short_term,long_term,sql_cache_short |
|
337 | beaker.cache.regions = short_term,long_term,sql_cache_short | |
338 |
|
338 | |||
339 | beaker.cache.short_term.type = memory |
|
339 | beaker.cache.short_term.type = memory | |
340 | beaker.cache.short_term.expire = 60 |
|
340 | beaker.cache.short_term.expire = 60 | |
341 | beaker.cache.short_term.key_length = 256 |
|
341 | beaker.cache.short_term.key_length = 256 | |
342 |
|
342 | |||
343 | beaker.cache.long_term.type = memory |
|
343 | beaker.cache.long_term.type = memory | |
344 | beaker.cache.long_term.expire = 36000 |
|
344 | beaker.cache.long_term.expire = 36000 | |
345 | beaker.cache.long_term.key_length = 256 |
|
345 | beaker.cache.long_term.key_length = 256 | |
346 |
|
346 | |||
347 | beaker.cache.sql_cache_short.type = memory |
|
347 | beaker.cache.sql_cache_short.type = memory | |
348 | beaker.cache.sql_cache_short.expire = 10 |
|
348 | beaker.cache.sql_cache_short.expire = 10 | |
349 | beaker.cache.sql_cache_short.key_length = 256 |
|
349 | beaker.cache.sql_cache_short.key_length = 256 | |
350 |
|
350 | |||
351 | <%text>####################################</%text> |
|
351 | <%text>####################################</%text> | |
352 | <%text>### BEAKER SESSION ####</%text> |
|
352 | <%text>### BEAKER SESSION ####</%text> | |
353 | <%text>####################################</%text> |
|
353 | <%text>####################################</%text> | |
354 |
|
354 | |||
355 | <%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text> |
|
355 | <%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text> | |
356 | <%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text> |
|
356 | <%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text> | |
357 | beaker.session.key = kallithea |
|
357 | beaker.session.key = kallithea | |
358 | <%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text> |
|
358 | <%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text> | |
359 | beaker.session.httponly = true |
|
359 | beaker.session.httponly = true | |
360 | <%text>## Session lifetime. 2592000 seconds is 30 days.</%text> |
|
360 | <%text>## Session lifetime. 2592000 seconds is 30 days.</%text> | |
361 | beaker.session.timeout = 2592000 |
|
361 | beaker.session.timeout = 2592000 | |
362 |
|
362 | |||
363 | <%text>## Server secret used with HMAC to ensure integrity of cookies.</%text> |
|
363 | <%text>## Server secret used with HMAC to ensure integrity of cookies.</%text> | |
364 | beaker.session.secret = ${uuid()} |
|
364 | beaker.session.secret = ${uuid()} | |
365 | <%text>## Further, encrypt the data with AES.</%text> |
|
365 | <%text>## Further, encrypt the data with AES.</%text> | |
366 | #beaker.session.encrypt_key = <key_for_encryption> |
|
366 | #beaker.session.encrypt_key = <key_for_encryption> | |
367 | #beaker.session.validate_key = <validation_key> |
|
367 | #beaker.session.validate_key = <validation_key> | |
368 |
|
368 | |||
369 | <%text>## Type of storage used for the session, current types are</%text> |
|
369 | <%text>## Type of storage used for the session, current types are</%text> | |
370 | <%text>## dbm, file, memcached, database, and memory.</%text> |
|
370 | <%text>## dbm, file, memcached, database, and memory.</%text> | |
371 |
|
371 | |||
372 | <%text>## File system storage of session data. (default)</%text> |
|
372 | <%text>## File system storage of session data. (default)</%text> | |
373 | #beaker.session.type = file |
|
373 | #beaker.session.type = file | |
374 |
|
374 | |||
375 | <%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text> |
|
375 | <%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text> | |
376 | #beaker.session.type = cookie |
|
376 | #beaker.session.type = cookie | |
377 |
|
377 | |||
378 | <%text>## Database storage of session data.</%text> |
|
378 | <%text>## Database storage of session data.</%text> | |
379 | #beaker.session.type = ext:database |
|
379 | #beaker.session.type = ext:database | |
380 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea |
|
380 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea | |
381 | #beaker.session.table_name = db_session |
|
381 | #beaker.session.table_name = db_session | |
382 |
|
382 | |||
383 | %if error_aggregation_service == 'appenlight': |
|
383 | %if error_aggregation_service == 'appenlight': | |
384 | <%text>############################</%text> |
|
384 | <%text>############################</%text> | |
385 | <%text>## ERROR HANDLING SYSTEMS ##</%text> |
|
385 | <%text>## ERROR HANDLING SYSTEMS ##</%text> | |
386 | <%text>############################</%text> |
|
386 | <%text>############################</%text> | |
387 |
|
387 | |||
388 | <%text>####################</%text> |
|
388 | <%text>####################</%text> | |
389 | <%text>### [appenlight] ###</%text> |
|
389 | <%text>### [appenlight] ###</%text> | |
390 | <%text>####################</%text> |
|
390 | <%text>####################</%text> | |
391 |
|
391 | |||
392 | <%text>## AppEnlight is tailored to work with Kallithea, see</%text> |
|
392 | <%text>## AppEnlight is tailored to work with Kallithea, see</%text> | |
393 | <%text>## http://appenlight.com for details how to obtain an account</%text> |
|
393 | <%text>## http://appenlight.com for details how to obtain an account</%text> | |
394 | <%text>## you must install python package `appenlight_client` to make it work</%text> |
|
394 | <%text>## you must install python package `appenlight_client` to make it work</%text> | |
395 |
|
395 | |||
396 | <%text>## appenlight enabled</%text> |
|
396 | <%text>## appenlight enabled</%text> | |
397 | appenlight = false |
|
397 | appenlight = false | |
398 |
|
398 | |||
399 | appenlight.server_url = https://api.appenlight.com |
|
399 | appenlight.server_url = https://api.appenlight.com | |
400 | appenlight.api_key = YOUR_API_KEY |
|
400 | appenlight.api_key = YOUR_API_KEY | |
401 |
|
401 | |||
402 | <%text>## TWEAK AMOUNT OF INFO SENT HERE</%text> |
|
402 | <%text>## TWEAK AMOUNT OF INFO SENT HERE</%text> | |
403 |
|
403 | |||
404 | <%text>## enables 404 error logging (default False)</%text> |
|
404 | <%text>## enables 404 error logging (default False)</%text> | |
405 | appenlight.report_404 = false |
|
405 | appenlight.report_404 = false | |
406 |
|
406 | |||
407 | <%text>## time in seconds after request is considered being slow (default 1)</%text> |
|
407 | <%text>## time in seconds after request is considered being slow (default 1)</%text> | |
408 | appenlight.slow_request_time = 1 |
|
408 | appenlight.slow_request_time = 1 | |
409 |
|
409 | |||
410 | <%text>## record slow requests in application</%text> |
|
410 | <%text>## record slow requests in application</%text> | |
411 | <%text>## (needs to be enabled for slow datastore recording and time tracking)</%text> |
|
411 | <%text>## (needs to be enabled for slow datastore recording and time tracking)</%text> | |
412 | appenlight.slow_requests = true |
|
412 | appenlight.slow_requests = true | |
413 |
|
413 | |||
414 | <%text>## enable hooking to application loggers</%text> |
|
414 | <%text>## enable hooking to application loggers</%text> | |
415 | #appenlight.logging = true |
|
415 | #appenlight.logging = true | |
416 |
|
416 | |||
417 | <%text>## minimum log level for log capture</%text> |
|
417 | <%text>## minimum log level for log capture</%text> | |
418 | #appenlight.logging.level = WARNING |
|
418 | #appenlight.logging.level = WARNING | |
419 |
|
419 | |||
420 | <%text>## send logs only from erroneous/slow requests</%text> |
|
420 | <%text>## send logs only from erroneous/slow requests</%text> | |
421 | <%text>## (saves API quota for intensive logging)</%text> |
|
421 | <%text>## (saves API quota for intensive logging)</%text> | |
422 | appenlight.logging_on_error = false |
|
422 | appenlight.logging_on_error = false | |
423 |
|
423 | |||
424 | <%text>## list of additonal keywords that should be grabbed from environ object</%text> |
|
424 | <%text>## list of additonal keywords that should be grabbed from environ object</%text> | |
425 | <%text>## can be string with comma separated list of words in lowercase</%text> |
|
425 | <%text>## can be string with comma separated list of words in lowercase</%text> | |
426 | <%text>## (by default client will always send following info:</%text> |
|
426 | <%text>## (by default client will always send following info:</%text> | |
427 | <%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text> |
|
427 | <%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text> | |
428 | <%text>## start with HTTP* this list be extended with additional keywords here</%text> |
|
428 | <%text>## start with HTTP* this list be extended with additional keywords here</%text> | |
429 | appenlight.environ_keys_whitelist = |
|
429 | appenlight.environ_keys_whitelist = | |
430 |
|
430 | |||
431 | <%text>## list of keywords that should be blanked from request object</%text> |
|
431 | <%text>## list of keywords that should be blanked from request object</%text> | |
432 | <%text>## can be string with comma separated list of words in lowercase</%text> |
|
432 | <%text>## can be string with comma separated list of words in lowercase</%text> | |
433 | <%text>## (by default client will always blank keys that contain following words</%text> |
|
433 | <%text>## (by default client will always blank keys that contain following words</%text> | |
434 | <%text>## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'</%text> |
|
434 | <%text>## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'</%text> | |
435 | <%text>## this list be extended with additional keywords set here</%text> |
|
435 | <%text>## this list be extended with additional keywords set here</%text> | |
436 | appenlight.request_keys_blacklist = |
|
436 | appenlight.request_keys_blacklist = | |
437 |
|
437 | |||
438 | <%text>## list of namespaces that should be ignores when gathering log entries</%text> |
|
438 | <%text>## list of namespaces that should be ignores when gathering log entries</%text> | |
439 | <%text>## can be string with comma separated list of namespaces</%text> |
|
439 | <%text>## can be string with comma separated list of namespaces</%text> | |
440 | <%text>## (by default the client ignores own entries: appenlight_client.client)</%text> |
|
440 | <%text>## (by default the client ignores own entries: appenlight_client.client)</%text> | |
441 | appenlight.log_namespace_blacklist = |
|
441 | appenlight.log_namespace_blacklist = | |
442 |
|
442 | |||
443 | %elif error_aggregation_service == 'sentry': |
|
443 | %elif error_aggregation_service == 'sentry': | |
444 | <%text>################</%text> |
|
444 | <%text>################</%text> | |
445 | <%text>### [sentry] ###</%text> |
|
445 | <%text>### [sentry] ###</%text> | |
446 | <%text>################</%text> |
|
446 | <%text>################</%text> | |
447 |
|
447 | |||
448 | <%text>## sentry is a alternative open source error aggregator</%text> |
|
448 | <%text>## sentry is a alternative open source error aggregator</%text> | |
449 | <%text>## you must install python packages `sentry` and `raven` to enable</%text> |
|
449 | <%text>## you must install python packages `sentry` and `raven` to enable</%text> | |
450 |
|
450 | |||
451 | sentry.dsn = YOUR_DNS |
|
451 | sentry.dsn = YOUR_DNS | |
452 | sentry.servers = |
|
452 | sentry.servers = | |
453 | sentry.name = |
|
453 | sentry.name = | |
454 | sentry.key = |
|
454 | sentry.key = | |
455 | sentry.public_key = |
|
455 | sentry.public_key = | |
456 | sentry.secret_key = |
|
456 | sentry.secret_key = | |
457 | sentry.project = |
|
457 | sentry.project = | |
458 | sentry.site = |
|
458 | sentry.site = | |
459 | sentry.include_paths = |
|
459 | sentry.include_paths = | |
460 | sentry.exclude_paths = |
|
460 | sentry.exclude_paths = | |
461 |
|
461 | |||
462 | %endif |
|
462 | %endif | |
463 | <%text>################################################################################</%text> |
|
463 | <%text>################################################################################</%text> | |
464 | <%text>## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##</%text> |
|
464 | <%text>## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##</%text> | |
465 | <%text>## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##</%text> |
|
465 | <%text>## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##</%text> | |
466 | <%text>## execute malicious code after an exception is raised. ##</%text> |
|
466 | <%text>## execute malicious code after an exception is raised. ##</%text> | |
467 | <%text>################################################################################</%text> |
|
467 | <%text>################################################################################</%text> | |
468 | set debug = false |
|
468 | set debug = false | |
469 |
|
469 | |||
470 | <%text>##################################</%text> |
|
470 | <%text>##################################</%text> | |
471 | <%text>### LOGVIEW CONFIG ###</%text> |
|
471 | <%text>### LOGVIEW CONFIG ###</%text> | |
472 | <%text>##################################</%text> |
|
472 | <%text>##################################</%text> | |
473 |
|
473 | |||
474 | logview.sqlalchemy = #faa |
|
474 | logview.sqlalchemy = #faa | |
475 | logview.pylons.templating = #bfb |
|
475 | logview.pylons.templating = #bfb | |
476 | logview.pylons.util = #eee |
|
476 | logview.pylons.util = #eee | |
477 |
|
477 | |||
478 | <%text>#########################################################</%text> |
|
478 | <%text>#########################################################</%text> | |
479 | <%text>### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###</%text> |
|
479 | <%text>### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###</%text> | |
480 | <%text>#########################################################</%text> |
|
480 | <%text>#########################################################</%text> | |
481 |
|
481 | |||
482 | %if database_engine == 'sqlite': |
|
482 | %if database_engine == 'sqlite': | |
483 | # SQLITE [default] |
|
483 | # SQLITE [default] | |
484 | sqlalchemy.db1.url = sqlite:///${here}/kallithea.db?timeout=60 |
|
484 | sqlalchemy.db1.url = sqlite:///${here}/kallithea.db?timeout=60 | |
485 |
|
485 | |||
486 | %elif database_engine == 'postgres': |
|
486 | %elif database_engine == 'postgres': | |
487 | # POSTGRESQL |
|
487 | # POSTGRESQL | |
488 | sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea |
|
488 | sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea | |
489 |
|
489 | |||
490 | %elif database_engine == 'mysql': |
|
490 | %elif database_engine == 'mysql': | |
491 | # MySQL |
|
491 | # MySQL | |
492 | sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea |
|
492 | sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea | |
493 |
|
493 | |||
494 | %endif |
|
494 | %endif | |
495 | # see sqlalchemy docs for others |
|
495 | # see sqlalchemy docs for others | |
496 |
|
496 | |||
497 | sqlalchemy.db1.echo = false |
|
497 | sqlalchemy.db1.echo = false | |
498 | sqlalchemy.db1.pool_recycle = 3600 |
|
498 | sqlalchemy.db1.pool_recycle = 3600 | |
499 | sqlalchemy.db1.convert_unicode = true |
|
499 | sqlalchemy.db1.convert_unicode = true | |
500 |
|
500 | |||
501 | <%text>################################</%text> |
|
501 | <%text>################################</%text> | |
502 | <%text>### LOGGING CONFIGURATION ####</%text> |
|
502 | <%text>### LOGGING CONFIGURATION ####</%text> | |
503 | <%text>################################</%text> |
|
503 | <%text>################################</%text> | |
504 |
|
504 | |||
505 | [loggers] |
|
505 | [loggers] | |
506 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer |
|
506 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer | |
507 |
|
507 | |||
508 | [handlers] |
|
508 | [handlers] | |
509 | keys = console, console_sql |
|
509 | keys = console, console_sql | |
510 |
|
510 | |||
511 | [formatters] |
|
511 | [formatters] | |
512 | keys = generic, color_formatter, color_formatter_sql |
|
512 | keys = generic, color_formatter, color_formatter_sql | |
513 |
|
513 | |||
514 | <%text>#############</%text> |
|
514 | <%text>#############</%text> | |
515 | <%text>## LOGGERS ##</%text> |
|
515 | <%text>## LOGGERS ##</%text> | |
516 | <%text>#############</%text> |
|
516 | <%text>#############</%text> | |
517 |
|
517 | |||
518 | [logger_root] |
|
518 | [logger_root] | |
519 | level = NOTSET |
|
519 | level = NOTSET | |
520 | handlers = console |
|
520 | handlers = console | |
521 |
|
521 | |||
522 | [logger_routes] |
|
522 | [logger_routes] | |
523 | level = DEBUG |
|
523 | level = DEBUG | |
524 | handlers = |
|
524 | handlers = | |
525 | qualname = routes.middleware |
|
525 | qualname = routes.middleware | |
526 | <%text>## "level = DEBUG" logs the route matched and routing variables.</%text> |
|
526 | <%text>## "level = DEBUG" logs the route matched and routing variables.</%text> | |
527 | propagate = 1 |
|
527 | propagate = 1 | |
528 |
|
528 | |||
529 | [logger_beaker] |
|
529 | [logger_beaker] | |
530 | level = DEBUG |
|
530 | level = DEBUG | |
531 | handlers = |
|
531 | handlers = | |
532 | qualname = beaker.container |
|
532 | qualname = beaker.container | |
533 | propagate = 1 |
|
533 | propagate = 1 | |
534 |
|
534 | |||
535 | [logger_templates] |
|
535 | [logger_templates] | |
536 | level = INFO |
|
536 | level = INFO | |
537 | handlers = |
|
537 | handlers = | |
538 | qualname = pylons.templating |
|
538 | qualname = pylons.templating | |
539 | propagate = 1 |
|
539 | propagate = 1 | |
540 |
|
540 | |||
541 | [logger_kallithea] |
|
541 | [logger_kallithea] | |
542 | level = DEBUG |
|
542 | level = DEBUG | |
543 | handlers = |
|
543 | handlers = | |
544 | qualname = kallithea |
|
544 | qualname = kallithea | |
545 | propagate = 1 |
|
545 | propagate = 1 | |
546 |
|
546 | |||
547 | [logger_sqlalchemy] |
|
547 | [logger_sqlalchemy] | |
548 | level = INFO |
|
548 | level = INFO | |
549 | handlers = console_sql |
|
549 | handlers = console_sql | |
550 | qualname = sqlalchemy.engine |
|
550 | qualname = sqlalchemy.engine | |
551 | propagate = 0 |
|
551 | propagate = 0 | |
552 |
|
552 | |||
553 | [logger_whoosh_indexer] |
|
553 | [logger_whoosh_indexer] | |
554 | level = DEBUG |
|
554 | level = DEBUG | |
555 | handlers = |
|
555 | handlers = | |
556 | qualname = whoosh_indexer |
|
556 | qualname = whoosh_indexer | |
557 | propagate = 1 |
|
557 | propagate = 1 | |
558 |
|
558 | |||
559 | <%text>##############</%text> |
|
559 | <%text>##############</%text> | |
560 | <%text>## HANDLERS ##</%text> |
|
560 | <%text>## HANDLERS ##</%text> | |
561 | <%text>##############</%text> |
|
561 | <%text>##############</%text> | |
562 |
|
562 | |||
563 | [handler_console] |
|
563 | [handler_console] | |
564 | class = StreamHandler |
|
564 | class = StreamHandler | |
565 | args = (sys.stderr,) |
|
565 | args = (sys.stderr,) | |
566 | level = INFO |
|
566 | level = INFO | |
567 | formatter = generic |
|
567 | formatter = generic | |
568 |
|
568 | |||
569 | [handler_console_sql] |
|
569 | [handler_console_sql] | |
570 | class = StreamHandler |
|
570 | class = StreamHandler | |
571 | args = (sys.stderr,) |
|
571 | args = (sys.stderr,) | |
572 | level = WARN |
|
572 | level = WARN | |
573 | formatter = generic |
|
573 | formatter = generic | |
574 |
|
574 | |||
575 | <%text>################</%text> |
|
575 | <%text>################</%text> | |
576 | <%text>## FORMATTERS ##</%text> |
|
576 | <%text>## FORMATTERS ##</%text> | |
577 | <%text>################</%text> |
|
577 | <%text>################</%text> | |
578 |
|
578 | |||
579 | [formatter_generic] |
|
579 | [formatter_generic] | |
580 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
580 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
581 | datefmt = %Y-%m-%d %H:%M:%S |
|
581 | datefmt = %Y-%m-%d %H:%M:%S | |
582 |
|
582 | |||
583 | [formatter_color_formatter] |
|
583 | [formatter_color_formatter] | |
584 | class = kallithea.lib.colored_formatter.ColorFormatter |
|
584 | class = kallithea.lib.colored_formatter.ColorFormatter | |
585 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
585 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
586 | datefmt = %Y-%m-%d %H:%M:%S |
|
586 | datefmt = %Y-%m-%d %H:%M:%S | |
587 |
|
587 | |||
588 | [formatter_color_formatter_sql] |
|
588 | [formatter_color_formatter_sql] | |
589 | class = kallithea.lib.colored_formatter.ColorFormatterSql |
|
589 | class = kallithea.lib.colored_formatter.ColorFormatterSql | |
590 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
590 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
591 | datefmt = %Y-%m-%d %H:%M:%S |
|
591 | datefmt = %Y-%m-%d %H:%M:%S |
@@ -1,580 +1,580 b'' | |||||
1 | ################################################################################ |
|
1 | ################################################################################ | |
2 | ################################################################################ |
|
2 | ################################################################################ | |
3 | # Kallithea - Example config # |
|
3 | # Kallithea - Example config # | |
4 | # # |
|
4 | # # | |
5 | # The %(here)s variable will be replaced with the parent directory of this file# |
|
5 | # The %(here)s variable will be replaced with the parent directory of this file# | |
6 | ################################################################################ |
|
6 | ################################################################################ | |
7 | ################################################################################ |
|
7 | ################################################################################ | |
8 |
|
8 | |||
9 | [DEFAULT] |
|
9 | [DEFAULT] | |
10 | debug = true |
|
10 | debug = true | |
11 | pdebug = false |
|
11 | pdebug = false | |
12 |
|
12 | |||
13 | ################################################################################ |
|
13 | ################################################################################ | |
14 | ## Email settings ## |
|
14 | ## Email settings ## | |
15 | ## ## |
|
15 | ## ## | |
16 | ## Refer to the documentation ("Email settings") for more details. ## |
|
16 | ## Refer to the documentation ("Email settings") for more details. ## | |
17 | ## ## |
|
17 | ## ## | |
18 | ## It is recommended to use a valid sender address that passes access ## |
|
18 | ## It is recommended to use a valid sender address that passes access ## | |
19 | ## validation and spam filtering in mail servers. ## |
|
19 | ## validation and spam filtering in mail servers. ## | |
20 | ################################################################################ |
|
20 | ################################################################################ | |
21 |
|
21 | |||
22 | ## 'From' header for application emails. You can optionally add a name. |
|
22 | ## 'From' header for application emails. You can optionally add a name. | |
23 | ## Default: |
|
23 | ## Default: | |
24 | #app_email_from = Kallithea |
|
24 | #app_email_from = Kallithea | |
25 | ## Examples: |
|
25 | ## Examples: | |
26 | #app_email_from = Kallithea <kallithea-noreply@example.com> |
|
26 | #app_email_from = Kallithea <kallithea-noreply@example.com> | |
27 | #app_email_from = kallithea-noreply@example.com |
|
27 | #app_email_from = kallithea-noreply@example.com | |
28 |
|
28 | |||
29 | ## Subject prefix for application emails. |
|
29 | ## Subject prefix for application emails. | |
30 | ## A space between this prefix and the real subject is automatically added. |
|
30 | ## A space between this prefix and the real subject is automatically added. | |
31 | ## Default: |
|
31 | ## Default: | |
32 | #email_prefix = |
|
32 | #email_prefix = | |
33 | ## Example: |
|
33 | ## Example: | |
34 | #email_prefix = [Kallithea] |
|
34 | #email_prefix = [Kallithea] | |
35 |
|
35 | |||
36 | ## Recipients for error emails and fallback recipients of application mails. |
|
36 | ## Recipients for error emails and fallback recipients of application mails. | |
37 | ## Multiple addresses can be specified, space-separated. |
|
37 | ## Multiple addresses can be specified, space-separated. | |
38 | ## Only addresses are allowed, do not add any name part. |
|
38 | ## Only addresses are allowed, do not add any name part. | |
39 | ## Default: |
|
39 | ## Default: | |
40 | #email_to = |
|
40 | #email_to = | |
41 | ## Examples: |
|
41 | ## Examples: | |
42 | #email_to = admin@example.com |
|
42 | #email_to = admin@example.com | |
43 | #email_to = admin@example.com another_admin@example.com |
|
43 | #email_to = admin@example.com another_admin@example.com | |
44 |
|
44 | |||
45 | ## 'From' header for error emails. You can optionally add a name. |
|
45 | ## 'From' header for error emails. You can optionally add a name. | |
46 | ## Default: |
|
46 | ## Default: | |
47 | #error_email_from = pylons@yourapp.com |
|
47 | #error_email_from = pylons@yourapp.com | |
48 | ## Examples: |
|
48 | ## Examples: | |
49 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> |
|
49 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> | |
50 | #error_email_from = paste_error@example.com |
|
50 | #error_email_from = paste_error@example.com | |
51 |
|
51 | |||
52 | ## SMTP server settings |
|
52 | ## SMTP server settings | |
53 | ## Only smtp_server is mandatory. All other settings take the specified default |
|
53 | ## Only smtp_server is mandatory. All other settings take the specified default | |
54 | ## values. |
|
54 | ## values. | |
55 | #smtp_server = smtp.example.com |
|
55 | #smtp_server = smtp.example.com | |
56 | #smtp_username = |
|
56 | #smtp_username = | |
57 | #smtp_password = |
|
57 | #smtp_password = | |
58 | #smtp_port = 25 |
|
58 | #smtp_port = 25 | |
59 | #smtp_use_tls = false |
|
59 | #smtp_use_tls = false | |
60 | #smtp_use_ssl = false |
|
60 | #smtp_use_ssl = false | |
61 | ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.). |
|
61 | ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.). | |
62 | ## If empty, use any of the authentication parameters supported by the server. |
|
62 | ## If empty, use any of the authentication parameters supported by the server. | |
63 | #smtp_auth = |
|
63 | #smtp_auth = | |
64 |
|
64 | |||
65 | [server:main] |
|
65 | [server:main] | |
66 | ## PASTE ## |
|
66 | ## PASTE ## | |
67 | #use = egg:Paste#http |
|
67 | #use = egg:Paste#http | |
68 | ## nr of worker threads to spawn |
|
68 | ## nr of worker threads to spawn | |
69 |
#threadpool_workers = |
|
69 | #threadpool_workers = 1 | |
70 | ## max request before thread respawn |
|
70 | ## max request before thread respawn | |
71 | #threadpool_max_requests = 10 |
|
71 | #threadpool_max_requests = 100 | |
72 | ## option to use threads of process |
|
72 | ## option to use threads of process | |
73 | #use_threadpool = true |
|
73 | #use_threadpool = true | |
74 |
|
74 | |||
75 | ## WAITRESS ## |
|
75 | ## WAITRESS ## | |
76 | use = egg:waitress#main |
|
76 | use = egg:waitress#main | |
77 | ## number of worker threads |
|
77 | ## number of worker threads | |
78 |
threads = |
|
78 | threads = 1 | |
79 | ## MAX BODY SIZE 100GB |
|
79 | ## MAX BODY SIZE 100GB | |
80 | max_request_body_size = 107374182400 |
|
80 | max_request_body_size = 107374182400 | |
81 | ## use poll instead of select, fixes fd limits, may not work on old |
|
81 | ## use poll instead of select, fixes fd limits, may not work on old | |
82 | ## windows systems. |
|
82 | ## windows systems. | |
83 | #asyncore_use_poll = True |
|
83 | #asyncore_use_poll = True | |
84 |
|
84 | |||
85 | ## GUNICORN ## |
|
85 | ## GUNICORN ## | |
86 | #use = egg:gunicorn#main |
|
86 | #use = egg:gunicorn#main | |
87 | ## number of process workers. You must set `instance_id = *` when this option |
|
87 | ## number of process workers. You must set `instance_id = *` when this option | |
88 | ## is set to more than one worker |
|
88 | ## is set to more than one worker | |
89 | #workers = 1 |
|
89 | #workers = 1 | |
90 | ## process name |
|
90 | ## process name | |
91 | #proc_name = kallithea |
|
91 | #proc_name = kallithea | |
92 | ## type of worker class, one of sync, eventlet, gevent, tornado |
|
92 | ## type of worker class, one of sync, eventlet, gevent, tornado | |
93 | ## recommended for bigger setup is using of of other than sync one |
|
93 | ## recommended for bigger setup is using of of other than sync one | |
94 | #worker_class = sync |
|
94 | #worker_class = sync | |
95 | #max_requests = 1000 |
|
95 | #max_requests = 1000 | |
96 | ## ammount of time a worker can handle request before it gets killed and |
|
96 | ## ammount of time a worker can handle request before it gets killed and | |
97 | ## restarted |
|
97 | ## restarted | |
98 | #timeout = 3600 |
|
98 | #timeout = 3600 | |
99 |
|
99 | |||
100 | ## UWSGI ## |
|
100 | ## UWSGI ## | |
101 | ## run with uwsgi --ini-paste-logged <inifile.ini> |
|
101 | ## run with uwsgi --ini-paste-logged <inifile.ini> | |
102 | #[uwsgi] |
|
102 | #[uwsgi] | |
103 | #socket = /tmp/uwsgi.sock |
|
103 | #socket = /tmp/uwsgi.sock | |
104 | #master = true |
|
104 | #master = true | |
105 | #http = 127.0.0.1:5000 |
|
105 | #http = 127.0.0.1:5000 | |
106 |
|
106 | |||
107 | ## set as deamon and redirect all output to file |
|
107 | ## set as deamon and redirect all output to file | |
108 | #daemonize = ./uwsgi_kallithea.log |
|
108 | #daemonize = ./uwsgi_kallithea.log | |
109 |
|
109 | |||
110 | ## master process PID |
|
110 | ## master process PID | |
111 | #pidfile = ./uwsgi_kallithea.pid |
|
111 | #pidfile = ./uwsgi_kallithea.pid | |
112 |
|
112 | |||
113 | ## stats server with workers statistics, use uwsgitop |
|
113 | ## stats server with workers statistics, use uwsgitop | |
114 | ## for monitoring, `uwsgitop 127.0.0.1:1717` |
|
114 | ## for monitoring, `uwsgitop 127.0.0.1:1717` | |
115 | #stats = 127.0.0.1:1717 |
|
115 | #stats = 127.0.0.1:1717 | |
116 | #memory-report = true |
|
116 | #memory-report = true | |
117 |
|
117 | |||
118 | ## log 5XX errors |
|
118 | ## log 5XX errors | |
119 | #log-5xx = true |
|
119 | #log-5xx = true | |
120 |
|
120 | |||
121 | ## Set the socket listen queue size. |
|
121 | ## Set the socket listen queue size. | |
122 | #listen = 256 |
|
122 | #listen = 256 | |
123 |
|
123 | |||
124 | ## Gracefully Reload workers after the specified amount of managed requests |
|
124 | ## Gracefully Reload workers after the specified amount of managed requests | |
125 | ## (avoid memory leaks). |
|
125 | ## (avoid memory leaks). | |
126 | #max-requests = 1000 |
|
126 | #max-requests = 1000 | |
127 |
|
127 | |||
128 | ## enable large buffers |
|
128 | ## enable large buffers | |
129 | #buffer-size = 65535 |
|
129 | #buffer-size = 65535 | |
130 |
|
130 | |||
131 | ## socket and http timeouts ## |
|
131 | ## socket and http timeouts ## | |
132 | #http-timeout = 3600 |
|
132 | #http-timeout = 3600 | |
133 | #socket-timeout = 3600 |
|
133 | #socket-timeout = 3600 | |
134 |
|
134 | |||
135 | ## Log requests slower than the specified number of milliseconds. |
|
135 | ## Log requests slower than the specified number of milliseconds. | |
136 | #log-slow = 10 |
|
136 | #log-slow = 10 | |
137 |
|
137 | |||
138 | ## Exit if no app can be loaded. |
|
138 | ## Exit if no app can be loaded. | |
139 | #need-app = true |
|
139 | #need-app = true | |
140 |
|
140 | |||
141 | ## Set lazy mode (load apps in workers instead of master). |
|
141 | ## Set lazy mode (load apps in workers instead of master). | |
142 | #lazy = true |
|
142 | #lazy = true | |
143 |
|
143 | |||
144 | ## scaling ## |
|
144 | ## scaling ## | |
145 | ## set cheaper algorithm to use, if not set default will be used |
|
145 | ## set cheaper algorithm to use, if not set default will be used | |
146 | #cheaper-algo = spare |
|
146 | #cheaper-algo = spare | |
147 |
|
147 | |||
148 | ## minimum number of workers to keep at all times |
|
148 | ## minimum number of workers to keep at all times | |
149 | #cheaper = 1 |
|
149 | #cheaper = 1 | |
150 |
|
150 | |||
151 | ## number of workers to spawn at startup |
|
151 | ## number of workers to spawn at startup | |
152 | #cheaper-initial = 1 |
|
152 | #cheaper-initial = 1 | |
153 |
|
153 | |||
154 | ## maximum number of workers that can be spawned |
|
154 | ## maximum number of workers that can be spawned | |
155 | #workers = 4 |
|
155 | #workers = 4 | |
156 |
|
156 | |||
157 | ## how many workers should be spawned at a time |
|
157 | ## how many workers should be spawned at a time | |
158 | #cheaper-step = 1 |
|
158 | #cheaper-step = 1 | |
159 |
|
159 | |||
160 | ## COMMON ## |
|
160 | ## COMMON ## | |
161 | host = 127.0.0.1 |
|
161 | host = 127.0.0.1 | |
162 | port = 5000 |
|
162 | port = 5000 | |
163 |
|
163 | |||
164 | ## middleware for hosting the WSGI application under a URL prefix |
|
164 | ## middleware for hosting the WSGI application under a URL prefix | |
165 | #[filter:proxy-prefix] |
|
165 | #[filter:proxy-prefix] | |
166 | #use = egg:PasteDeploy#prefix |
|
166 | #use = egg:PasteDeploy#prefix | |
167 | #prefix = /<your-prefix> |
|
167 | #prefix = /<your-prefix> | |
168 |
|
168 | |||
169 | [app:main] |
|
169 | [app:main] | |
170 | use = egg:kallithea |
|
170 | use = egg:kallithea | |
171 | ## enable proxy prefix middleware |
|
171 | ## enable proxy prefix middleware | |
172 | #filter-with = proxy-prefix |
|
172 | #filter-with = proxy-prefix | |
173 |
|
173 | |||
174 | full_stack = true |
|
174 | full_stack = true | |
175 | static_files = true |
|
175 | static_files = true | |
176 | ## Available Languages: |
|
176 | ## Available Languages: | |
177 | ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW |
|
177 | ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW | |
178 | lang = |
|
178 | lang = | |
179 | cache_dir = %(here)s/data |
|
179 | cache_dir = %(here)s/data | |
180 | index_dir = %(here)s/data/index |
|
180 | index_dir = %(here)s/data/index | |
181 |
|
181 | |||
182 | ## perform a full repository scan on each server start, this should be |
|
182 | ## perform a full repository scan on each server start, this should be | |
183 | ## set to false after first startup, to allow faster server restarts. |
|
183 | ## set to false after first startup, to allow faster server restarts. | |
184 | initial_repo_scan = false |
|
184 | initial_repo_scan = false | |
185 |
|
185 | |||
186 | ## uncomment and set this path to use archive download cache |
|
186 | ## uncomment and set this path to use archive download cache | |
187 | archive_cache_dir = %(here)s/tarballcache |
|
187 | archive_cache_dir = %(here)s/tarballcache | |
188 |
|
188 | |||
189 | ## change this to unique ID for security |
|
189 | ## change this to unique ID for security | |
190 | app_instance_uuid = ${app_instance_uuid} |
|
190 | app_instance_uuid = ${app_instance_uuid} | |
191 |
|
191 | |||
192 | ## cut off limit for large diffs (size in bytes) |
|
192 | ## cut off limit for large diffs (size in bytes) | |
193 | cut_off_limit = 256000 |
|
193 | cut_off_limit = 256000 | |
194 |
|
194 | |||
195 | ## use cache version of scm repo everywhere |
|
195 | ## use cache version of scm repo everywhere | |
196 | vcs_full_cache = true |
|
196 | vcs_full_cache = true | |
197 |
|
197 | |||
198 | ## force https in Kallithea, fixes https redirects, assumes it's always https |
|
198 | ## force https in Kallithea, fixes https redirects, assumes it's always https | |
199 | force_https = false |
|
199 | force_https = false | |
200 |
|
200 | |||
201 | ## use Strict-Transport-Security headers |
|
201 | ## use Strict-Transport-Security headers | |
202 | use_htsts = false |
|
202 | use_htsts = false | |
203 |
|
203 | |||
204 | ## number of commits stats will parse on each iteration |
|
204 | ## number of commits stats will parse on each iteration | |
205 | commit_parse_limit = 25 |
|
205 | commit_parse_limit = 25 | |
206 |
|
206 | |||
207 | ## path to git executable |
|
207 | ## path to git executable | |
208 | git_path = git |
|
208 | git_path = git | |
209 |
|
209 | |||
210 | ## git rev filter option, --all is the default filter, if you need to |
|
210 | ## git rev filter option, --all is the default filter, if you need to | |
211 | ## hide all refs in changelog switch this to --branches --tags |
|
211 | ## hide all refs in changelog switch this to --branches --tags | |
212 | #git_rev_filter = --branches --tags |
|
212 | #git_rev_filter = --branches --tags | |
213 |
|
213 | |||
214 | ## RSS feed options |
|
214 | ## RSS feed options | |
215 | rss_cut_off_limit = 256000 |
|
215 | rss_cut_off_limit = 256000 | |
216 | rss_items_per_page = 10 |
|
216 | rss_items_per_page = 10 | |
217 | rss_include_diff = false |
|
217 | rss_include_diff = false | |
218 |
|
218 | |||
219 | ## options for showing and identifying changesets |
|
219 | ## options for showing and identifying changesets | |
220 | show_sha_length = 12 |
|
220 | show_sha_length = 12 | |
221 | show_revision_number = false |
|
221 | show_revision_number = false | |
222 |
|
222 | |||
223 | ## gist URL alias, used to create nicer urls for gist. This should be an |
|
223 | ## gist URL alias, used to create nicer urls for gist. This should be an | |
224 | ## url that does rewrites to _admin/gists/<gistid>. |
|
224 | ## url that does rewrites to _admin/gists/<gistid>. | |
225 | ## example: http://gist.example.com/{gistid}. Empty means use the internal |
|
225 | ## example: http://gist.example.com/{gistid}. Empty means use the internal | |
226 | ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid> |
|
226 | ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid> | |
227 | gist_alias_url = |
|
227 | gist_alias_url = | |
228 |
|
228 | |||
229 | ## white list of API enabled controllers. This allows to add list of |
|
229 | ## white list of API enabled controllers. This allows to add list of | |
230 | ## controllers to which access will be enabled by api_key. eg: to enable |
|
230 | ## controllers to which access will be enabled by api_key. eg: to enable | |
231 | ## api access to raw_files put `FilesController:raw`, to enable access to patches |
|
231 | ## api access to raw_files put `FilesController:raw`, to enable access to patches | |
232 | ## add `ChangesetController:changeset_patch`. This list should be "," separated |
|
232 | ## add `ChangesetController:changeset_patch`. This list should be "," separated | |
233 | ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names |
|
233 | ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names | |
234 | ## Recommended settings below are commented out: |
|
234 | ## Recommended settings below are commented out: | |
235 | api_access_controllers_whitelist = |
|
235 | api_access_controllers_whitelist = | |
236 | # ChangesetController:changeset_patch, |
|
236 | # ChangesetController:changeset_patch, | |
237 | # ChangesetController:changeset_raw, |
|
237 | # ChangesetController:changeset_raw, | |
238 | # FilesController:raw, |
|
238 | # FilesController:raw, | |
239 | # FilesController:archivefile |
|
239 | # FilesController:archivefile | |
240 |
|
240 | |||
241 | ## default encoding used to convert from and to unicode |
|
241 | ## default encoding used to convert from and to unicode | |
242 | ## can be also a comma seperated list of encoding in case of mixed encodings |
|
242 | ## can be also a comma seperated list of encoding in case of mixed encodings | |
243 | default_encoding = utf8 |
|
243 | default_encoding = utf8 | |
244 |
|
244 | |||
245 | ## issue tracker for Kallithea (leave blank to disable, absent for default) |
|
245 | ## issue tracker for Kallithea (leave blank to disable, absent for default) | |
246 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues |
|
246 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues | |
247 |
|
247 | |||
248 | ## issue tracking mapping for commits messages |
|
248 | ## issue tracking mapping for commits messages | |
249 | ## comment out issue_pat, issue_server, issue_prefix to enable |
|
249 | ## comment out issue_pat, issue_server, issue_prefix to enable | |
250 |
|
250 | |||
251 | ## pattern to get the issues from commit messages |
|
251 | ## pattern to get the issues from commit messages | |
252 | ## default one used here is #<numbers> with a regex passive group for `#` |
|
252 | ## default one used here is #<numbers> with a regex passive group for `#` | |
253 | ## {id} will be all groups matched from this pattern |
|
253 | ## {id} will be all groups matched from this pattern | |
254 |
|
254 | |||
255 | issue_pat = (?:\s*#)(\d+) |
|
255 | issue_pat = (?:\s*#)(\d+) | |
256 |
|
256 | |||
257 | ## server url to the issue, each {id} will be replaced with match |
|
257 | ## server url to the issue, each {id} will be replaced with match | |
258 | ## fetched from the regex and {repo} is replaced with full repository name |
|
258 | ## fetched from the regex and {repo} is replaced with full repository name | |
259 | ## including groups {repo_name} is replaced with just name of repo |
|
259 | ## including groups {repo_name} is replaced with just name of repo | |
260 |
|
260 | |||
261 | issue_server_link = https://issues.example.com/{repo}/issue/{id} |
|
261 | issue_server_link = https://issues.example.com/{repo}/issue/{id} | |
262 |
|
262 | |||
263 | ## prefix to add to link to indicate it's an url |
|
263 | ## prefix to add to link to indicate it's an url | |
264 | ## #314 will be replaced by <issue_prefix><id> |
|
264 | ## #314 will be replaced by <issue_prefix><id> | |
265 |
|
265 | |||
266 | issue_prefix = # |
|
266 | issue_prefix = # | |
267 |
|
267 | |||
268 | ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify |
|
268 | ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify | |
269 | ## multiple patterns, to other issues server, wiki or others |
|
269 | ## multiple patterns, to other issues server, wiki or others | |
270 | ## below an example how to create a wiki pattern |
|
270 | ## below an example how to create a wiki pattern | |
271 | # wiki-some-id -> https://wiki.example.com/some-id |
|
271 | # wiki-some-id -> https://wiki.example.com/some-id | |
272 |
|
272 | |||
273 | #issue_pat_wiki = (?:wiki-)(.+) |
|
273 | #issue_pat_wiki = (?:wiki-)(.+) | |
274 | #issue_server_link_wiki = https://wiki.example.com/{id} |
|
274 | #issue_server_link_wiki = https://wiki.example.com/{id} | |
275 | #issue_prefix_wiki = WIKI- |
|
275 | #issue_prefix_wiki = WIKI- | |
276 |
|
276 | |||
277 | ## instance-id prefix |
|
277 | ## instance-id prefix | |
278 | ## a prefix key for this instance used for cache invalidation when running |
|
278 | ## a prefix key for this instance used for cache invalidation when running | |
279 | ## multiple instances of kallithea, make sure it's globally unique for |
|
279 | ## multiple instances of kallithea, make sure it's globally unique for | |
280 | ## all running kallithea instances. Leave empty if you don't use it |
|
280 | ## all running kallithea instances. Leave empty if you don't use it | |
281 | instance_id = |
|
281 | instance_id = | |
282 |
|
282 | |||
283 | ## alternative return HTTP header for failed authentication. Default HTTP |
|
283 | ## alternative return HTTP header for failed authentication. Default HTTP | |
284 | ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with |
|
284 | ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with | |
285 | ## handling that. Set this variable to 403 to return HTTPForbidden |
|
285 | ## handling that. Set this variable to 403 to return HTTPForbidden | |
286 | auth_ret_code = |
|
286 | auth_ret_code = | |
287 |
|
287 | |||
288 | ## locking return code. When repository is locked return this HTTP code. 2XX |
|
288 | ## locking return code. When repository is locked return this HTTP code. 2XX | |
289 | ## codes don't break the transactions while 4XX codes do |
|
289 | ## codes don't break the transactions while 4XX codes do | |
290 | lock_ret_code = 423 |
|
290 | lock_ret_code = 423 | |
291 |
|
291 | |||
292 | ## allows to change the repository location in settings page |
|
292 | ## allows to change the repository location in settings page | |
293 | allow_repo_location_change = True |
|
293 | allow_repo_location_change = True | |
294 |
|
294 | |||
295 | ## allows to setup custom hooks in settings page |
|
295 | ## allows to setup custom hooks in settings page | |
296 | allow_custom_hooks_settings = True |
|
296 | allow_custom_hooks_settings = True | |
297 |
|
297 | |||
298 | #################################### |
|
298 | #################################### | |
299 | ### CELERY CONFIG #### |
|
299 | ### CELERY CONFIG #### | |
300 | #################################### |
|
300 | #################################### | |
301 |
|
301 | |||
302 | use_celery = false |
|
302 | use_celery = false | |
303 | broker.host = localhost |
|
303 | broker.host = localhost | |
304 | broker.vhost = rabbitmqhost |
|
304 | broker.vhost = rabbitmqhost | |
305 | broker.port = 5672 |
|
305 | broker.port = 5672 | |
306 | broker.user = rabbitmq |
|
306 | broker.user = rabbitmq | |
307 | broker.password = qweqwe |
|
307 | broker.password = qweqwe | |
308 |
|
308 | |||
309 | celery.imports = kallithea.lib.celerylib.tasks |
|
309 | celery.imports = kallithea.lib.celerylib.tasks | |
310 |
|
310 | |||
311 | celery.result.backend = amqp |
|
311 | celery.result.backend = amqp | |
312 | celery.result.dburi = amqp:// |
|
312 | celery.result.dburi = amqp:// | |
313 | celery.result.serialier = json |
|
313 | celery.result.serialier = json | |
314 |
|
314 | |||
315 | #celery.send.task.error.emails = true |
|
315 | #celery.send.task.error.emails = true | |
316 | #celery.amqp.task.result.expires = 18000 |
|
316 | #celery.amqp.task.result.expires = 18000 | |
317 |
|
317 | |||
318 | celeryd.concurrency = 2 |
|
318 | celeryd.concurrency = 2 | |
319 | #celeryd.log.file = celeryd.log |
|
319 | #celeryd.log.file = celeryd.log | |
320 | celeryd.log.level = DEBUG |
|
320 | celeryd.log.level = DEBUG | |
321 | celeryd.max.tasks.per.child = 1 |
|
321 | celeryd.max.tasks.per.child = 1 | |
322 |
|
322 | |||
323 | ## tasks will never be sent to the queue, but executed locally instead. |
|
323 | ## tasks will never be sent to the queue, but executed locally instead. | |
324 | celery.always.eager = false |
|
324 | celery.always.eager = false | |
325 |
|
325 | |||
326 | #################################### |
|
326 | #################################### | |
327 | ### BEAKER CACHE #### |
|
327 | ### BEAKER CACHE #### | |
328 | #################################### |
|
328 | #################################### | |
329 |
|
329 | |||
330 | beaker.cache.data_dir = %(here)s/data/cache/data |
|
330 | beaker.cache.data_dir = %(here)s/data/cache/data | |
331 | beaker.cache.lock_dir = %(here)s/data/cache/lock |
|
331 | beaker.cache.lock_dir = %(here)s/data/cache/lock | |
332 |
|
332 | |||
333 | beaker.cache.regions = short_term,long_term,sql_cache_short |
|
333 | beaker.cache.regions = short_term,long_term,sql_cache_short | |
334 |
|
334 | |||
335 | beaker.cache.short_term.type = memory |
|
335 | beaker.cache.short_term.type = memory | |
336 | beaker.cache.short_term.expire = 60 |
|
336 | beaker.cache.short_term.expire = 60 | |
337 | beaker.cache.short_term.key_length = 256 |
|
337 | beaker.cache.short_term.key_length = 256 | |
338 |
|
338 | |||
339 | beaker.cache.long_term.type = memory |
|
339 | beaker.cache.long_term.type = memory | |
340 | beaker.cache.long_term.expire = 36000 |
|
340 | beaker.cache.long_term.expire = 36000 | |
341 | beaker.cache.long_term.key_length = 256 |
|
341 | beaker.cache.long_term.key_length = 256 | |
342 |
|
342 | |||
343 | beaker.cache.sql_cache_short.type = memory |
|
343 | beaker.cache.sql_cache_short.type = memory | |
344 | beaker.cache.sql_cache_short.expire = 10 |
|
344 | beaker.cache.sql_cache_short.expire = 10 | |
345 | beaker.cache.sql_cache_short.key_length = 256 |
|
345 | beaker.cache.sql_cache_short.key_length = 256 | |
346 |
|
346 | |||
347 | #################################### |
|
347 | #################################### | |
348 | ### BEAKER SESSION #### |
|
348 | ### BEAKER SESSION #### | |
349 | #################################### |
|
349 | #################################### | |
350 |
|
350 | |||
351 | ## Name of session cookie. Should be unique for a given host and path, even when running |
|
351 | ## Name of session cookie. Should be unique for a given host and path, even when running | |
352 | ## on different ports. Otherwise, cookie sessions will be shared and messed up. |
|
352 | ## on different ports. Otherwise, cookie sessions will be shared and messed up. | |
353 | beaker.session.key = kallithea |
|
353 | beaker.session.key = kallithea | |
354 | ## Sessions should always only be accessible by the browser, not directly by JavaScript. |
|
354 | ## Sessions should always only be accessible by the browser, not directly by JavaScript. | |
355 | beaker.session.httponly = true |
|
355 | beaker.session.httponly = true | |
356 | ## Session lifetime. 2592000 seconds is 30 days. |
|
356 | ## Session lifetime. 2592000 seconds is 30 days. | |
357 | beaker.session.timeout = 2592000 |
|
357 | beaker.session.timeout = 2592000 | |
358 |
|
358 | |||
359 | ## Server secret used with HMAC to ensure integrity of cookies. |
|
359 | ## Server secret used with HMAC to ensure integrity of cookies. | |
360 | beaker.session.secret = ${app_instance_uuid} |
|
360 | beaker.session.secret = ${app_instance_uuid} | |
361 | ## Further, encrypt the data with AES. |
|
361 | ## Further, encrypt the data with AES. | |
362 | #beaker.session.encrypt_key = <key_for_encryption> |
|
362 | #beaker.session.encrypt_key = <key_for_encryption> | |
363 | #beaker.session.validate_key = <validation_key> |
|
363 | #beaker.session.validate_key = <validation_key> | |
364 |
|
364 | |||
365 | ## Type of storage used for the session, current types are |
|
365 | ## Type of storage used for the session, current types are | |
366 | ## dbm, file, memcached, database, and memory. |
|
366 | ## dbm, file, memcached, database, and memory. | |
367 |
|
367 | |||
368 | ## File system storage of session data. (default) |
|
368 | ## File system storage of session data. (default) | |
369 | #beaker.session.type = file |
|
369 | #beaker.session.type = file | |
370 |
|
370 | |||
371 | ## Cookie only, store all session data inside the cookie. Requires secure secrets. |
|
371 | ## Cookie only, store all session data inside the cookie. Requires secure secrets. | |
372 | #beaker.session.type = cookie |
|
372 | #beaker.session.type = cookie | |
373 |
|
373 | |||
374 | ## Database storage of session data. |
|
374 | ## Database storage of session data. | |
375 | #beaker.session.type = ext:database |
|
375 | #beaker.session.type = ext:database | |
376 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea |
|
376 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea | |
377 | #beaker.session.table_name = db_session |
|
377 | #beaker.session.table_name = db_session | |
378 |
|
378 | |||
379 | ############################ |
|
379 | ############################ | |
380 | ## ERROR HANDLING SYSTEMS ## |
|
380 | ## ERROR HANDLING SYSTEMS ## | |
381 | ############################ |
|
381 | ############################ | |
382 |
|
382 | |||
383 | #################### |
|
383 | #################### | |
384 | ### [appenlight] ### |
|
384 | ### [appenlight] ### | |
385 | #################### |
|
385 | #################### | |
386 |
|
386 | |||
387 | ## AppEnlight is tailored to work with Kallithea, see |
|
387 | ## AppEnlight is tailored to work with Kallithea, see | |
388 | ## http://appenlight.com for details how to obtain an account |
|
388 | ## http://appenlight.com for details how to obtain an account | |
389 | ## you must install python package `appenlight_client` to make it work |
|
389 | ## you must install python package `appenlight_client` to make it work | |
390 |
|
390 | |||
391 | ## appenlight enabled |
|
391 | ## appenlight enabled | |
392 | appenlight = false |
|
392 | appenlight = false | |
393 |
|
393 | |||
394 | appenlight.server_url = https://api.appenlight.com |
|
394 | appenlight.server_url = https://api.appenlight.com | |
395 | appenlight.api_key = YOUR_API_KEY |
|
395 | appenlight.api_key = YOUR_API_KEY | |
396 |
|
396 | |||
397 | ## TWEAK AMOUNT OF INFO SENT HERE |
|
397 | ## TWEAK AMOUNT OF INFO SENT HERE | |
398 |
|
398 | |||
399 | ## enables 404 error logging (default False) |
|
399 | ## enables 404 error logging (default False) | |
400 | appenlight.report_404 = false |
|
400 | appenlight.report_404 = false | |
401 |
|
401 | |||
402 | ## time in seconds after request is considered being slow (default 1) |
|
402 | ## time in seconds after request is considered being slow (default 1) | |
403 | appenlight.slow_request_time = 1 |
|
403 | appenlight.slow_request_time = 1 | |
404 |
|
404 | |||
405 | ## record slow requests in application |
|
405 | ## record slow requests in application | |
406 | ## (needs to be enabled for slow datastore recording and time tracking) |
|
406 | ## (needs to be enabled for slow datastore recording and time tracking) | |
407 | appenlight.slow_requests = true |
|
407 | appenlight.slow_requests = true | |
408 |
|
408 | |||
409 | ## enable hooking to application loggers |
|
409 | ## enable hooking to application loggers | |
410 | #appenlight.logging = true |
|
410 | #appenlight.logging = true | |
411 |
|
411 | |||
412 | ## minimum log level for log capture |
|
412 | ## minimum log level for log capture | |
413 | #appenlight.logging.level = WARNING |
|
413 | #appenlight.logging.level = WARNING | |
414 |
|
414 | |||
415 | ## send logs only from erroneous/slow requests |
|
415 | ## send logs only from erroneous/slow requests | |
416 | ## (saves API quota for intensive logging) |
|
416 | ## (saves API quota for intensive logging) | |
417 | appenlight.logging_on_error = false |
|
417 | appenlight.logging_on_error = false | |
418 |
|
418 | |||
419 | ## list of additonal keywords that should be grabbed from environ object |
|
419 | ## list of additonal keywords that should be grabbed from environ object | |
420 | ## can be string with comma separated list of words in lowercase |
|
420 | ## can be string with comma separated list of words in lowercase | |
421 | ## (by default client will always send following info: |
|
421 | ## (by default client will always send following info: | |
422 | ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that |
|
422 | ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that | |
423 | ## start with HTTP* this list be extended with additional keywords here |
|
423 | ## start with HTTP* this list be extended with additional keywords here | |
424 | appenlight.environ_keys_whitelist = |
|
424 | appenlight.environ_keys_whitelist = | |
425 |
|
425 | |||
426 | ## list of keywords that should be blanked from request object |
|
426 | ## list of keywords that should be blanked from request object | |
427 | ## can be string with comma separated list of words in lowercase |
|
427 | ## can be string with comma separated list of words in lowercase | |
428 | ## (by default client will always blank keys that contain following words |
|
428 | ## (by default client will always blank keys that contain following words | |
429 | ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' |
|
429 | ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' | |
430 | ## this list be extended with additional keywords set here |
|
430 | ## this list be extended with additional keywords set here | |
431 | appenlight.request_keys_blacklist = |
|
431 | appenlight.request_keys_blacklist = | |
432 |
|
432 | |||
433 | ## list of namespaces that should be ignores when gathering log entries |
|
433 | ## list of namespaces that should be ignores when gathering log entries | |
434 | ## can be string with comma separated list of namespaces |
|
434 | ## can be string with comma separated list of namespaces | |
435 | ## (by default the client ignores own entries: appenlight_client.client) |
|
435 | ## (by default the client ignores own entries: appenlight_client.client) | |
436 | appenlight.log_namespace_blacklist = |
|
436 | appenlight.log_namespace_blacklist = | |
437 |
|
437 | |||
438 | ################ |
|
438 | ################ | |
439 | ### [sentry] ### |
|
439 | ### [sentry] ### | |
440 | ################ |
|
440 | ################ | |
441 |
|
441 | |||
442 | ## sentry is a alternative open source error aggregator |
|
442 | ## sentry is a alternative open source error aggregator | |
443 | ## you must install python packages `sentry` and `raven` to enable |
|
443 | ## you must install python packages `sentry` and `raven` to enable | |
444 |
|
444 | |||
445 | sentry.dsn = YOUR_DNS |
|
445 | sentry.dsn = YOUR_DNS | |
446 | sentry.servers = |
|
446 | sentry.servers = | |
447 | sentry.name = |
|
447 | sentry.name = | |
448 | sentry.key = |
|
448 | sentry.key = | |
449 | sentry.public_key = |
|
449 | sentry.public_key = | |
450 | sentry.secret_key = |
|
450 | sentry.secret_key = | |
451 | sentry.project = |
|
451 | sentry.project = | |
452 | sentry.site = |
|
452 | sentry.site = | |
453 | sentry.include_paths = |
|
453 | sentry.include_paths = | |
454 | sentry.exclude_paths = |
|
454 | sentry.exclude_paths = | |
455 |
|
455 | |||
456 | ################################################################################ |
|
456 | ################################################################################ | |
457 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## |
|
457 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## | |
458 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## |
|
458 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## | |
459 | ## execute malicious code after an exception is raised. ## |
|
459 | ## execute malicious code after an exception is raised. ## | |
460 | ################################################################################ |
|
460 | ################################################################################ | |
461 | set debug = false |
|
461 | set debug = false | |
462 |
|
462 | |||
463 | ################################## |
|
463 | ################################## | |
464 | ### LOGVIEW CONFIG ### |
|
464 | ### LOGVIEW CONFIG ### | |
465 | ################################## |
|
465 | ################################## | |
466 |
|
466 | |||
467 | logview.sqlalchemy = #faa |
|
467 | logview.sqlalchemy = #faa | |
468 | logview.pylons.templating = #bfb |
|
468 | logview.pylons.templating = #bfb | |
469 | logview.pylons.util = #eee |
|
469 | logview.pylons.util = #eee | |
470 |
|
470 | |||
471 | ######################################################### |
|
471 | ######################################################### | |
472 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### |
|
472 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### | |
473 | ######################################################### |
|
473 | ######################################################### | |
474 |
|
474 | |||
475 | # SQLITE [default] |
|
475 | # SQLITE [default] | |
476 | sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60 |
|
476 | sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60 | |
477 |
|
477 | |||
478 | # POSTGRESQL |
|
478 | # POSTGRESQL | |
479 | #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea |
|
479 | #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea | |
480 |
|
480 | |||
481 | # MySQL |
|
481 | # MySQL | |
482 | #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea |
|
482 | #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea | |
483 |
|
483 | |||
484 | # see sqlalchemy docs for others |
|
484 | # see sqlalchemy docs for others | |
485 |
|
485 | |||
486 | sqlalchemy.db1.echo = false |
|
486 | sqlalchemy.db1.echo = false | |
487 | sqlalchemy.db1.pool_recycle = 3600 |
|
487 | sqlalchemy.db1.pool_recycle = 3600 | |
488 | sqlalchemy.db1.convert_unicode = true |
|
488 | sqlalchemy.db1.convert_unicode = true | |
489 |
|
489 | |||
490 | ################################ |
|
490 | ################################ | |
491 | ### LOGGING CONFIGURATION #### |
|
491 | ### LOGGING CONFIGURATION #### | |
492 | ################################ |
|
492 | ################################ | |
493 |
|
493 | |||
494 | [loggers] |
|
494 | [loggers] | |
495 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer |
|
495 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer | |
496 |
|
496 | |||
497 | [handlers] |
|
497 | [handlers] | |
498 | keys = console, console_sql |
|
498 | keys = console, console_sql | |
499 |
|
499 | |||
500 | [formatters] |
|
500 | [formatters] | |
501 | keys = generic, color_formatter, color_formatter_sql |
|
501 | keys = generic, color_formatter, color_formatter_sql | |
502 |
|
502 | |||
503 | ############# |
|
503 | ############# | |
504 | ## LOGGERS ## |
|
504 | ## LOGGERS ## | |
505 | ############# |
|
505 | ############# | |
506 |
|
506 | |||
507 | [logger_root] |
|
507 | [logger_root] | |
508 | level = NOTSET |
|
508 | level = NOTSET | |
509 | handlers = console |
|
509 | handlers = console | |
510 |
|
510 | |||
511 | [logger_routes] |
|
511 | [logger_routes] | |
512 | level = DEBUG |
|
512 | level = DEBUG | |
513 | handlers = |
|
513 | handlers = | |
514 | qualname = routes.middleware |
|
514 | qualname = routes.middleware | |
515 | ## "level = DEBUG" logs the route matched and routing variables. |
|
515 | ## "level = DEBUG" logs the route matched and routing variables. | |
516 | propagate = 1 |
|
516 | propagate = 1 | |
517 |
|
517 | |||
518 | [logger_beaker] |
|
518 | [logger_beaker] | |
519 | level = DEBUG |
|
519 | level = DEBUG | |
520 | handlers = |
|
520 | handlers = | |
521 | qualname = beaker.container |
|
521 | qualname = beaker.container | |
522 | propagate = 1 |
|
522 | propagate = 1 | |
523 |
|
523 | |||
524 | [logger_templates] |
|
524 | [logger_templates] | |
525 | level = INFO |
|
525 | level = INFO | |
526 | handlers = |
|
526 | handlers = | |
527 | qualname = pylons.templating |
|
527 | qualname = pylons.templating | |
528 | propagate = 1 |
|
528 | propagate = 1 | |
529 |
|
529 | |||
530 | [logger_kallithea] |
|
530 | [logger_kallithea] | |
531 | level = DEBUG |
|
531 | level = DEBUG | |
532 | handlers = |
|
532 | handlers = | |
533 | qualname = kallithea |
|
533 | qualname = kallithea | |
534 | propagate = 1 |
|
534 | propagate = 1 | |
535 |
|
535 | |||
536 | [logger_sqlalchemy] |
|
536 | [logger_sqlalchemy] | |
537 | level = INFO |
|
537 | level = INFO | |
538 | handlers = console_sql |
|
538 | handlers = console_sql | |
539 | qualname = sqlalchemy.engine |
|
539 | qualname = sqlalchemy.engine | |
540 | propagate = 0 |
|
540 | propagate = 0 | |
541 |
|
541 | |||
542 | [logger_whoosh_indexer] |
|
542 | [logger_whoosh_indexer] | |
543 | level = DEBUG |
|
543 | level = DEBUG | |
544 | handlers = |
|
544 | handlers = | |
545 | qualname = whoosh_indexer |
|
545 | qualname = whoosh_indexer | |
546 | propagate = 1 |
|
546 | propagate = 1 | |
547 |
|
547 | |||
548 | ############## |
|
548 | ############## | |
549 | ## HANDLERS ## |
|
549 | ## HANDLERS ## | |
550 | ############## |
|
550 | ############## | |
551 |
|
551 | |||
552 | [handler_console] |
|
552 | [handler_console] | |
553 | class = StreamHandler |
|
553 | class = StreamHandler | |
554 | args = (sys.stderr,) |
|
554 | args = (sys.stderr,) | |
555 | level = INFO |
|
555 | level = INFO | |
556 | formatter = generic |
|
556 | formatter = generic | |
557 |
|
557 | |||
558 | [handler_console_sql] |
|
558 | [handler_console_sql] | |
559 | class = StreamHandler |
|
559 | class = StreamHandler | |
560 | args = (sys.stderr,) |
|
560 | args = (sys.stderr,) | |
561 | level = WARN |
|
561 | level = WARN | |
562 | formatter = generic |
|
562 | formatter = generic | |
563 |
|
563 | |||
564 | ################ |
|
564 | ################ | |
565 | ## FORMATTERS ## |
|
565 | ## FORMATTERS ## | |
566 | ################ |
|
566 | ################ | |
567 |
|
567 | |||
568 | [formatter_generic] |
|
568 | [formatter_generic] | |
569 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
569 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
570 | datefmt = %Y-%m-%d %H:%M:%S |
|
570 | datefmt = %Y-%m-%d %H:%M:%S | |
571 |
|
571 | |||
572 | [formatter_color_formatter] |
|
572 | [formatter_color_formatter] | |
573 | class = kallithea.lib.colored_formatter.ColorFormatter |
|
573 | class = kallithea.lib.colored_formatter.ColorFormatter | |
574 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
574 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
575 | datefmt = %Y-%m-%d %H:%M:%S |
|
575 | datefmt = %Y-%m-%d %H:%M:%S | |
576 |
|
576 | |||
577 | [formatter_color_formatter_sql] |
|
577 | [formatter_color_formatter_sql] | |
578 | class = kallithea.lib.colored_formatter.ColorFormatterSql |
|
578 | class = kallithea.lib.colored_formatter.ColorFormatterSql | |
579 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
579 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
580 | datefmt = %Y-%m-%d %H:%M:%S |
|
580 | datefmt = %Y-%m-%d %H:%M:%S |
@@ -1,591 +1,591 b'' | |||||
1 | ################################################################################ |
|
1 | ################################################################################ | |
2 | ################################################################################ |
|
2 | ################################################################################ | |
3 | # Kallithea - config for tests: # |
|
3 | # Kallithea - config for tests: # | |
4 | # initial_repo_scan = true # |
|
4 | # initial_repo_scan = true # | |
5 | # vcs_full_cache = false # |
|
5 | # vcs_full_cache = false # | |
6 | # sqlalchemy and kallithea_test.sqlite # |
|
6 | # sqlalchemy and kallithea_test.sqlite # | |
7 | # custom logging # |
|
7 | # custom logging # | |
8 | # # |
|
8 | # # | |
9 | # The %(here)s variable will be replaced with the parent directory of this file# |
|
9 | # The %(here)s variable will be replaced with the parent directory of this file# | |
10 | ################################################################################ |
|
10 | ################################################################################ | |
11 | ################################################################################ |
|
11 | ################################################################################ | |
12 |
|
12 | |||
13 | [DEFAULT] |
|
13 | [DEFAULT] | |
14 | debug = true |
|
14 | debug = true | |
15 | pdebug = false |
|
15 | pdebug = false | |
16 |
|
16 | |||
17 | ################################################################################ |
|
17 | ################################################################################ | |
18 | ## Email settings ## |
|
18 | ## Email settings ## | |
19 | ## ## |
|
19 | ## ## | |
20 | ## Refer to the documentation ("Email settings") for more details. ## |
|
20 | ## Refer to the documentation ("Email settings") for more details. ## | |
21 | ## ## |
|
21 | ## ## | |
22 | ## It is recommended to use a valid sender address that passes access ## |
|
22 | ## It is recommended to use a valid sender address that passes access ## | |
23 | ## validation and spam filtering in mail servers. ## |
|
23 | ## validation and spam filtering in mail servers. ## | |
24 | ################################################################################ |
|
24 | ################################################################################ | |
25 |
|
25 | |||
26 | ## 'From' header for application emails. You can optionally add a name. |
|
26 | ## 'From' header for application emails. You can optionally add a name. | |
27 | ## Default: |
|
27 | ## Default: | |
28 | #app_email_from = Kallithea |
|
28 | #app_email_from = Kallithea | |
29 | ## Examples: |
|
29 | ## Examples: | |
30 | #app_email_from = Kallithea <kallithea-noreply@example.com> |
|
30 | #app_email_from = Kallithea <kallithea-noreply@example.com> | |
31 | #app_email_from = kallithea-noreply@example.com |
|
31 | #app_email_from = kallithea-noreply@example.com | |
32 |
|
32 | |||
33 | ## Subject prefix for application emails. |
|
33 | ## Subject prefix for application emails. | |
34 | ## A space between this prefix and the real subject is automatically added. |
|
34 | ## A space between this prefix and the real subject is automatically added. | |
35 | ## Default: |
|
35 | ## Default: | |
36 | #email_prefix = |
|
36 | #email_prefix = | |
37 | ## Example: |
|
37 | ## Example: | |
38 | #email_prefix = [Kallithea] |
|
38 | #email_prefix = [Kallithea] | |
39 |
|
39 | |||
40 | ## Recipients for error emails and fallback recipients of application mails. |
|
40 | ## Recipients for error emails and fallback recipients of application mails. | |
41 | ## Multiple addresses can be specified, space-separated. |
|
41 | ## Multiple addresses can be specified, space-separated. | |
42 | ## Only addresses are allowed, do not add any name part. |
|
42 | ## Only addresses are allowed, do not add any name part. | |
43 | ## Default: |
|
43 | ## Default: | |
44 | #email_to = |
|
44 | #email_to = | |
45 | ## Examples: |
|
45 | ## Examples: | |
46 | #email_to = admin@example.com |
|
46 | #email_to = admin@example.com | |
47 | #email_to = admin@example.com another_admin@example.com |
|
47 | #email_to = admin@example.com another_admin@example.com | |
48 |
|
48 | |||
49 | ## 'From' header for error emails. You can optionally add a name. |
|
49 | ## 'From' header for error emails. You can optionally add a name. | |
50 | ## Default: |
|
50 | ## Default: | |
51 | #error_email_from = pylons@yourapp.com |
|
51 | #error_email_from = pylons@yourapp.com | |
52 | ## Examples: |
|
52 | ## Examples: | |
53 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> |
|
53 | #error_email_from = Kallithea Errors <kallithea-noreply@example.com> | |
54 | #error_email_from = paste_error@example.com |
|
54 | #error_email_from = paste_error@example.com | |
55 |
|
55 | |||
56 | ## SMTP server settings |
|
56 | ## SMTP server settings | |
57 | ## Only smtp_server is mandatory. All other settings take the specified default |
|
57 | ## Only smtp_server is mandatory. All other settings take the specified default | |
58 | ## values. |
|
58 | ## values. | |
59 | #smtp_server = smtp.example.com |
|
59 | #smtp_server = smtp.example.com | |
60 | #smtp_username = |
|
60 | #smtp_username = | |
61 | #smtp_password = |
|
61 | #smtp_password = | |
62 | #smtp_port = 25 |
|
62 | #smtp_port = 25 | |
63 | #smtp_use_tls = false |
|
63 | #smtp_use_tls = false | |
64 | #smtp_use_ssl = false |
|
64 | #smtp_use_ssl = false | |
65 | ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.). |
|
65 | ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.). | |
66 | ## If empty, use any of the authentication parameters supported by the server. |
|
66 | ## If empty, use any of the authentication parameters supported by the server. | |
67 | #smtp_auth = |
|
67 | #smtp_auth = | |
68 |
|
68 | |||
69 | [server:main] |
|
69 | [server:main] | |
70 | ## PASTE ## |
|
70 | ## PASTE ## | |
71 | #use = egg:Paste#http |
|
71 | #use = egg:Paste#http | |
72 | ## nr of worker threads to spawn |
|
72 | ## nr of worker threads to spawn | |
73 |
#threadpool_workers = |
|
73 | #threadpool_workers = 1 | |
74 | ## max request before thread respawn |
|
74 | ## max request before thread respawn | |
75 | #threadpool_max_requests = 10 |
|
75 | #threadpool_max_requests = 100 | |
76 | ## option to use threads of process |
|
76 | ## option to use threads of process | |
77 | #use_threadpool = true |
|
77 | #use_threadpool = true | |
78 |
|
78 | |||
79 | ## WAITRESS ## |
|
79 | ## WAITRESS ## | |
80 | use = egg:waitress#main |
|
80 | use = egg:waitress#main | |
81 | ## number of worker threads |
|
81 | ## number of worker threads | |
82 |
threads = |
|
82 | threads = 1 | |
83 | ## MAX BODY SIZE 100GB |
|
83 | ## MAX BODY SIZE 100GB | |
84 | max_request_body_size = 107374182400 |
|
84 | max_request_body_size = 107374182400 | |
85 | ## use poll instead of select, fixes fd limits, may not work on old |
|
85 | ## use poll instead of select, fixes fd limits, may not work on old | |
86 | ## windows systems. |
|
86 | ## windows systems. | |
87 | #asyncore_use_poll = True |
|
87 | #asyncore_use_poll = True | |
88 |
|
88 | |||
89 | ## GUNICORN ## |
|
89 | ## GUNICORN ## | |
90 | #use = egg:gunicorn#main |
|
90 | #use = egg:gunicorn#main | |
91 | ## number of process workers. You must set `instance_id = *` when this option |
|
91 | ## number of process workers. You must set `instance_id = *` when this option | |
92 | ## is set to more than one worker |
|
92 | ## is set to more than one worker | |
93 | #workers = 1 |
|
93 | #workers = 1 | |
94 | ## process name |
|
94 | ## process name | |
95 | #proc_name = kallithea |
|
95 | #proc_name = kallithea | |
96 | ## type of worker class, one of sync, eventlet, gevent, tornado |
|
96 | ## type of worker class, one of sync, eventlet, gevent, tornado | |
97 | ## recommended for bigger setup is using of of other than sync one |
|
97 | ## recommended for bigger setup is using of of other than sync one | |
98 | #worker_class = sync |
|
98 | #worker_class = sync | |
99 | #max_requests = 1000 |
|
99 | #max_requests = 1000 | |
100 | ## ammount of time a worker can handle request before it gets killed and |
|
100 | ## ammount of time a worker can handle request before it gets killed and | |
101 | ## restarted |
|
101 | ## restarted | |
102 | #timeout = 3600 |
|
102 | #timeout = 3600 | |
103 |
|
103 | |||
104 | ## UWSGI ## |
|
104 | ## UWSGI ## | |
105 | ## run with uwsgi --ini-paste-logged <inifile.ini> |
|
105 | ## run with uwsgi --ini-paste-logged <inifile.ini> | |
106 | #[uwsgi] |
|
106 | #[uwsgi] | |
107 | #socket = /tmp/uwsgi.sock |
|
107 | #socket = /tmp/uwsgi.sock | |
108 | #master = true |
|
108 | #master = true | |
109 | #http = 127.0.0.1:5000 |
|
109 | #http = 127.0.0.1:5000 | |
110 |
|
110 | |||
111 | ## set as deamon and redirect all output to file |
|
111 | ## set as deamon and redirect all output to file | |
112 | #daemonize = ./uwsgi_kallithea.log |
|
112 | #daemonize = ./uwsgi_kallithea.log | |
113 |
|
113 | |||
114 | ## master process PID |
|
114 | ## master process PID | |
115 | #pidfile = ./uwsgi_kallithea.pid |
|
115 | #pidfile = ./uwsgi_kallithea.pid | |
116 |
|
116 | |||
117 | ## stats server with workers statistics, use uwsgitop |
|
117 | ## stats server with workers statistics, use uwsgitop | |
118 | ## for monitoring, `uwsgitop 127.0.0.1:1717` |
|
118 | ## for monitoring, `uwsgitop 127.0.0.1:1717` | |
119 | #stats = 127.0.0.1:1717 |
|
119 | #stats = 127.0.0.1:1717 | |
120 | #memory-report = true |
|
120 | #memory-report = true | |
121 |
|
121 | |||
122 | ## log 5XX errors |
|
122 | ## log 5XX errors | |
123 | #log-5xx = true |
|
123 | #log-5xx = true | |
124 |
|
124 | |||
125 | ## Set the socket listen queue size. |
|
125 | ## Set the socket listen queue size. | |
126 | #listen = 256 |
|
126 | #listen = 256 | |
127 |
|
127 | |||
128 | ## Gracefully Reload workers after the specified amount of managed requests |
|
128 | ## Gracefully Reload workers after the specified amount of managed requests | |
129 | ## (avoid memory leaks). |
|
129 | ## (avoid memory leaks). | |
130 | #max-requests = 1000 |
|
130 | #max-requests = 1000 | |
131 |
|
131 | |||
132 | ## enable large buffers |
|
132 | ## enable large buffers | |
133 | #buffer-size = 65535 |
|
133 | #buffer-size = 65535 | |
134 |
|
134 | |||
135 | ## socket and http timeouts ## |
|
135 | ## socket and http timeouts ## | |
136 | #http-timeout = 3600 |
|
136 | #http-timeout = 3600 | |
137 | #socket-timeout = 3600 |
|
137 | #socket-timeout = 3600 | |
138 |
|
138 | |||
139 | ## Log requests slower than the specified number of milliseconds. |
|
139 | ## Log requests slower than the specified number of milliseconds. | |
140 | #log-slow = 10 |
|
140 | #log-slow = 10 | |
141 |
|
141 | |||
142 | ## Exit if no app can be loaded. |
|
142 | ## Exit if no app can be loaded. | |
143 | #need-app = true |
|
143 | #need-app = true | |
144 |
|
144 | |||
145 | ## Set lazy mode (load apps in workers instead of master). |
|
145 | ## Set lazy mode (load apps in workers instead of master). | |
146 | #lazy = true |
|
146 | #lazy = true | |
147 |
|
147 | |||
148 | ## scaling ## |
|
148 | ## scaling ## | |
149 | ## set cheaper algorithm to use, if not set default will be used |
|
149 | ## set cheaper algorithm to use, if not set default will be used | |
150 | #cheaper-algo = spare |
|
150 | #cheaper-algo = spare | |
151 |
|
151 | |||
152 | ## minimum number of workers to keep at all times |
|
152 | ## minimum number of workers to keep at all times | |
153 | #cheaper = 1 |
|
153 | #cheaper = 1 | |
154 |
|
154 | |||
155 | ## number of workers to spawn at startup |
|
155 | ## number of workers to spawn at startup | |
156 | #cheaper-initial = 1 |
|
156 | #cheaper-initial = 1 | |
157 |
|
157 | |||
158 | ## maximum number of workers that can be spawned |
|
158 | ## maximum number of workers that can be spawned | |
159 | #workers = 4 |
|
159 | #workers = 4 | |
160 |
|
160 | |||
161 | ## how many workers should be spawned at a time |
|
161 | ## how many workers should be spawned at a time | |
162 | #cheaper-step = 1 |
|
162 | #cheaper-step = 1 | |
163 |
|
163 | |||
164 | ## COMMON ## |
|
164 | ## COMMON ## | |
165 | host = 127.0.0.1 |
|
165 | host = 127.0.0.1 | |
166 | port = 4999 |
|
166 | port = 4999 | |
167 |
|
167 | |||
168 | ## middleware for hosting the WSGI application under a URL prefix |
|
168 | ## middleware for hosting the WSGI application under a URL prefix | |
169 | #[filter:proxy-prefix] |
|
169 | #[filter:proxy-prefix] | |
170 | #use = egg:PasteDeploy#prefix |
|
170 | #use = egg:PasteDeploy#prefix | |
171 | #prefix = /<your-prefix> |
|
171 | #prefix = /<your-prefix> | |
172 |
|
172 | |||
173 | [app:main] |
|
173 | [app:main] | |
174 | use = egg:kallithea |
|
174 | use = egg:kallithea | |
175 | ## enable proxy prefix middleware |
|
175 | ## enable proxy prefix middleware | |
176 | #filter-with = proxy-prefix |
|
176 | #filter-with = proxy-prefix | |
177 |
|
177 | |||
178 | full_stack = true |
|
178 | full_stack = true | |
179 | static_files = true |
|
179 | static_files = true | |
180 | ## Available Languages: |
|
180 | ## Available Languages: | |
181 | ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW |
|
181 | ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW | |
182 | lang = |
|
182 | lang = | |
183 | cache_dir = %(here)s/data |
|
183 | cache_dir = %(here)s/data | |
184 | index_dir = %(here)s/data/index |
|
184 | index_dir = %(here)s/data/index | |
185 |
|
185 | |||
186 | ## perform a full repository scan on each server start, this should be |
|
186 | ## perform a full repository scan on each server start, this should be | |
187 | ## set to false after first startup, to allow faster server restarts. |
|
187 | ## set to false after first startup, to allow faster server restarts. | |
188 | #initial_repo_scan = false |
|
188 | #initial_repo_scan = false | |
189 | initial_repo_scan = true |
|
189 | initial_repo_scan = true | |
190 |
|
190 | |||
191 | ## uncomment and set this path to use archive download cache |
|
191 | ## uncomment and set this path to use archive download cache | |
192 | archive_cache_dir = %(here)s/tarballcache |
|
192 | archive_cache_dir = %(here)s/tarballcache | |
193 |
|
193 | |||
194 | ## change this to unique ID for security |
|
194 | ## change this to unique ID for security | |
195 | app_instance_uuid = test |
|
195 | app_instance_uuid = test | |
196 |
|
196 | |||
197 | ## cut off limit for large diffs (size in bytes) |
|
197 | ## cut off limit for large diffs (size in bytes) | |
198 | cut_off_limit = 256000 |
|
198 | cut_off_limit = 256000 | |
199 |
|
199 | |||
200 | ## use cache version of scm repo everywhere |
|
200 | ## use cache version of scm repo everywhere | |
201 | #vcs_full_cache = true |
|
201 | #vcs_full_cache = true | |
202 | vcs_full_cache = false |
|
202 | vcs_full_cache = false | |
203 |
|
203 | |||
204 | ## force https in Kallithea, fixes https redirects, assumes it's always https |
|
204 | ## force https in Kallithea, fixes https redirects, assumes it's always https | |
205 | force_https = false |
|
205 | force_https = false | |
206 |
|
206 | |||
207 | ## use Strict-Transport-Security headers |
|
207 | ## use Strict-Transport-Security headers | |
208 | use_htsts = false |
|
208 | use_htsts = false | |
209 |
|
209 | |||
210 | ## number of commits stats will parse on each iteration |
|
210 | ## number of commits stats will parse on each iteration | |
211 | commit_parse_limit = 25 |
|
211 | commit_parse_limit = 25 | |
212 |
|
212 | |||
213 | ## path to git executable |
|
213 | ## path to git executable | |
214 | git_path = git |
|
214 | git_path = git | |
215 |
|
215 | |||
216 | ## git rev filter option, --all is the default filter, if you need to |
|
216 | ## git rev filter option, --all is the default filter, if you need to | |
217 | ## hide all refs in changelog switch this to --branches --tags |
|
217 | ## hide all refs in changelog switch this to --branches --tags | |
218 | #git_rev_filter = --branches --tags |
|
218 | #git_rev_filter = --branches --tags | |
219 |
|
219 | |||
220 | ## RSS feed options |
|
220 | ## RSS feed options | |
221 | rss_cut_off_limit = 256000 |
|
221 | rss_cut_off_limit = 256000 | |
222 | rss_items_per_page = 10 |
|
222 | rss_items_per_page = 10 | |
223 | rss_include_diff = false |
|
223 | rss_include_diff = false | |
224 |
|
224 | |||
225 | ## options for showing and identifying changesets |
|
225 | ## options for showing and identifying changesets | |
226 | show_sha_length = 12 |
|
226 | show_sha_length = 12 | |
227 | show_revision_number = true |
|
227 | show_revision_number = true | |
228 |
|
228 | |||
229 | ## gist URL alias, used to create nicer urls for gist. This should be an |
|
229 | ## gist URL alias, used to create nicer urls for gist. This should be an | |
230 | ## url that does rewrites to _admin/gists/<gistid>. |
|
230 | ## url that does rewrites to _admin/gists/<gistid>. | |
231 | ## example: http://gist.example.com/{gistid}. Empty means use the internal |
|
231 | ## example: http://gist.example.com/{gistid}. Empty means use the internal | |
232 | ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid> |
|
232 | ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid> | |
233 | gist_alias_url = |
|
233 | gist_alias_url = | |
234 |
|
234 | |||
235 | ## white list of API enabled controllers. This allows to add list of |
|
235 | ## white list of API enabled controllers. This allows to add list of | |
236 | ## controllers to which access will be enabled by api_key. eg: to enable |
|
236 | ## controllers to which access will be enabled by api_key. eg: to enable | |
237 | ## api access to raw_files put `FilesController:raw`, to enable access to patches |
|
237 | ## api access to raw_files put `FilesController:raw`, to enable access to patches | |
238 | ## add `ChangesetController:changeset_patch`. This list should be "," separated |
|
238 | ## add `ChangesetController:changeset_patch`. This list should be "," separated | |
239 | ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names |
|
239 | ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names | |
240 | ## Recommended settings below are commented out: |
|
240 | ## Recommended settings below are commented out: | |
241 | api_access_controllers_whitelist = |
|
241 | api_access_controllers_whitelist = | |
242 | # ChangesetController:changeset_patch, |
|
242 | # ChangesetController:changeset_patch, | |
243 | # ChangesetController:changeset_raw, |
|
243 | # ChangesetController:changeset_raw, | |
244 | # FilesController:raw, |
|
244 | # FilesController:raw, | |
245 | # FilesController:archivefile |
|
245 | # FilesController:archivefile | |
246 |
|
246 | |||
247 | ## default encoding used to convert from and to unicode |
|
247 | ## default encoding used to convert from and to unicode | |
248 | ## can be also a comma seperated list of encoding in case of mixed encodings |
|
248 | ## can be also a comma seperated list of encoding in case of mixed encodings | |
249 | default_encoding = utf8 |
|
249 | default_encoding = utf8 | |
250 |
|
250 | |||
251 | ## issue tracker for Kallithea (leave blank to disable, absent for default) |
|
251 | ## issue tracker for Kallithea (leave blank to disable, absent for default) | |
252 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues |
|
252 | #bugtracker = https://bitbucket.org/conservancy/kallithea/issues | |
253 |
|
253 | |||
254 | ## issue tracking mapping for commits messages |
|
254 | ## issue tracking mapping for commits messages | |
255 | ## comment out issue_pat, issue_server, issue_prefix to enable |
|
255 | ## comment out issue_pat, issue_server, issue_prefix to enable | |
256 |
|
256 | |||
257 | ## pattern to get the issues from commit messages |
|
257 | ## pattern to get the issues from commit messages | |
258 | ## default one used here is #<numbers> with a regex passive group for `#` |
|
258 | ## default one used here is #<numbers> with a regex passive group for `#` | |
259 | ## {id} will be all groups matched from this pattern |
|
259 | ## {id} will be all groups matched from this pattern | |
260 |
|
260 | |||
261 | issue_pat = (?:\s*#)(\d+) |
|
261 | issue_pat = (?:\s*#)(\d+) | |
262 |
|
262 | |||
263 | ## server url to the issue, each {id} will be replaced with match |
|
263 | ## server url to the issue, each {id} will be replaced with match | |
264 | ## fetched from the regex and {repo} is replaced with full repository name |
|
264 | ## fetched from the regex and {repo} is replaced with full repository name | |
265 | ## including groups {repo_name} is replaced with just name of repo |
|
265 | ## including groups {repo_name} is replaced with just name of repo | |
266 |
|
266 | |||
267 | issue_server_link = https://issues.example.com/{repo}/issue/{id} |
|
267 | issue_server_link = https://issues.example.com/{repo}/issue/{id} | |
268 |
|
268 | |||
269 | ## prefix to add to link to indicate it's an url |
|
269 | ## prefix to add to link to indicate it's an url | |
270 | ## #314 will be replaced by <issue_prefix><id> |
|
270 | ## #314 will be replaced by <issue_prefix><id> | |
271 |
|
271 | |||
272 | issue_prefix = # |
|
272 | issue_prefix = # | |
273 |
|
273 | |||
274 | ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify |
|
274 | ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify | |
275 | ## multiple patterns, to other issues server, wiki or others |
|
275 | ## multiple patterns, to other issues server, wiki or others | |
276 | ## below an example how to create a wiki pattern |
|
276 | ## below an example how to create a wiki pattern | |
277 | # wiki-some-id -> https://wiki.example.com/some-id |
|
277 | # wiki-some-id -> https://wiki.example.com/some-id | |
278 |
|
278 | |||
279 | #issue_pat_wiki = (?:wiki-)(.+) |
|
279 | #issue_pat_wiki = (?:wiki-)(.+) | |
280 | #issue_server_link_wiki = https://wiki.example.com/{id} |
|
280 | #issue_server_link_wiki = https://wiki.example.com/{id} | |
281 | #issue_prefix_wiki = WIKI- |
|
281 | #issue_prefix_wiki = WIKI- | |
282 |
|
282 | |||
283 | ## instance-id prefix |
|
283 | ## instance-id prefix | |
284 | ## a prefix key for this instance used for cache invalidation when running |
|
284 | ## a prefix key for this instance used for cache invalidation when running | |
285 | ## multiple instances of kallithea, make sure it's globally unique for |
|
285 | ## multiple instances of kallithea, make sure it's globally unique for | |
286 | ## all running kallithea instances. Leave empty if you don't use it |
|
286 | ## all running kallithea instances. Leave empty if you don't use it | |
287 | instance_id = |
|
287 | instance_id = | |
288 |
|
288 | |||
289 | ## alternative return HTTP header for failed authentication. Default HTTP |
|
289 | ## alternative return HTTP header for failed authentication. Default HTTP | |
290 | ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with |
|
290 | ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with | |
291 | ## handling that. Set this variable to 403 to return HTTPForbidden |
|
291 | ## handling that. Set this variable to 403 to return HTTPForbidden | |
292 | auth_ret_code = |
|
292 | auth_ret_code = | |
293 |
|
293 | |||
294 | ## locking return code. When repository is locked return this HTTP code. 2XX |
|
294 | ## locking return code. When repository is locked return this HTTP code. 2XX | |
295 | ## codes don't break the transactions while 4XX codes do |
|
295 | ## codes don't break the transactions while 4XX codes do | |
296 | lock_ret_code = 423 |
|
296 | lock_ret_code = 423 | |
297 |
|
297 | |||
298 | ## allows to change the repository location in settings page |
|
298 | ## allows to change the repository location in settings page | |
299 | allow_repo_location_change = True |
|
299 | allow_repo_location_change = True | |
300 |
|
300 | |||
301 | ## allows to setup custom hooks in settings page |
|
301 | ## allows to setup custom hooks in settings page | |
302 | allow_custom_hooks_settings = True |
|
302 | allow_custom_hooks_settings = True | |
303 |
|
303 | |||
304 | #################################### |
|
304 | #################################### | |
305 | ### CELERY CONFIG #### |
|
305 | ### CELERY CONFIG #### | |
306 | #################################### |
|
306 | #################################### | |
307 |
|
307 | |||
308 | use_celery = false |
|
308 | use_celery = false | |
309 | broker.host = localhost |
|
309 | broker.host = localhost | |
310 | broker.vhost = rabbitmqhost |
|
310 | broker.vhost = rabbitmqhost | |
311 | broker.port = 5672 |
|
311 | broker.port = 5672 | |
312 | broker.user = rabbitmq |
|
312 | broker.user = rabbitmq | |
313 | broker.password = qweqwe |
|
313 | broker.password = qweqwe | |
314 |
|
314 | |||
315 | celery.imports = kallithea.lib.celerylib.tasks |
|
315 | celery.imports = kallithea.lib.celerylib.tasks | |
316 |
|
316 | |||
317 | celery.result.backend = amqp |
|
317 | celery.result.backend = amqp | |
318 | celery.result.dburi = amqp:// |
|
318 | celery.result.dburi = amqp:// | |
319 | celery.result.serialier = json |
|
319 | celery.result.serialier = json | |
320 |
|
320 | |||
321 | #celery.send.task.error.emails = true |
|
321 | #celery.send.task.error.emails = true | |
322 | #celery.amqp.task.result.expires = 18000 |
|
322 | #celery.amqp.task.result.expires = 18000 | |
323 |
|
323 | |||
324 | celeryd.concurrency = 2 |
|
324 | celeryd.concurrency = 2 | |
325 | #celeryd.log.file = celeryd.log |
|
325 | #celeryd.log.file = celeryd.log | |
326 | celeryd.log.level = DEBUG |
|
326 | celeryd.log.level = DEBUG | |
327 | celeryd.max.tasks.per.child = 1 |
|
327 | celeryd.max.tasks.per.child = 1 | |
328 |
|
328 | |||
329 | ## tasks will never be sent to the queue, but executed locally instead. |
|
329 | ## tasks will never be sent to the queue, but executed locally instead. | |
330 | celery.always.eager = false |
|
330 | celery.always.eager = false | |
331 |
|
331 | |||
332 | #################################### |
|
332 | #################################### | |
333 | ### BEAKER CACHE #### |
|
333 | ### BEAKER CACHE #### | |
334 | #################################### |
|
334 | #################################### | |
335 |
|
335 | |||
336 | beaker.cache.data_dir = %(here)s/data/cache/data |
|
336 | beaker.cache.data_dir = %(here)s/data/cache/data | |
337 | beaker.cache.lock_dir = %(here)s/data/cache/lock |
|
337 | beaker.cache.lock_dir = %(here)s/data/cache/lock | |
338 |
|
338 | |||
339 | beaker.cache.regions = short_term,long_term,sql_cache_short |
|
339 | beaker.cache.regions = short_term,long_term,sql_cache_short | |
340 |
|
340 | |||
341 | beaker.cache.short_term.type = memory |
|
341 | beaker.cache.short_term.type = memory | |
342 | beaker.cache.short_term.expire = 60 |
|
342 | beaker.cache.short_term.expire = 60 | |
343 | beaker.cache.short_term.key_length = 256 |
|
343 | beaker.cache.short_term.key_length = 256 | |
344 |
|
344 | |||
345 | beaker.cache.long_term.type = memory |
|
345 | beaker.cache.long_term.type = memory | |
346 | beaker.cache.long_term.expire = 36000 |
|
346 | beaker.cache.long_term.expire = 36000 | |
347 | beaker.cache.long_term.key_length = 256 |
|
347 | beaker.cache.long_term.key_length = 256 | |
348 |
|
348 | |||
349 | beaker.cache.sql_cache_short.type = memory |
|
349 | beaker.cache.sql_cache_short.type = memory | |
350 | beaker.cache.sql_cache_short.expire = 1 |
|
350 | beaker.cache.sql_cache_short.expire = 1 | |
351 | beaker.cache.sql_cache_short.key_length = 256 |
|
351 | beaker.cache.sql_cache_short.key_length = 256 | |
352 |
|
352 | |||
353 | #################################### |
|
353 | #################################### | |
354 | ### BEAKER SESSION #### |
|
354 | ### BEAKER SESSION #### | |
355 | #################################### |
|
355 | #################################### | |
356 |
|
356 | |||
357 | ## Name of session cookie. Should be unique for a given host and path, even when running |
|
357 | ## Name of session cookie. Should be unique for a given host and path, even when running | |
358 | ## on different ports. Otherwise, cookie sessions will be shared and messed up. |
|
358 | ## on different ports. Otherwise, cookie sessions will be shared and messed up. | |
359 | beaker.session.key = kallithea |
|
359 | beaker.session.key = kallithea | |
360 | ## Sessions should always only be accessible by the browser, not directly by JavaScript. |
|
360 | ## Sessions should always only be accessible by the browser, not directly by JavaScript. | |
361 | beaker.session.httponly = true |
|
361 | beaker.session.httponly = true | |
362 | ## Session lifetime. 2592000 seconds is 30 days. |
|
362 | ## Session lifetime. 2592000 seconds is 30 days. | |
363 | beaker.session.timeout = 2592000 |
|
363 | beaker.session.timeout = 2592000 | |
364 |
|
364 | |||
365 | ## Server secret used with HMAC to ensure integrity of cookies. |
|
365 | ## Server secret used with HMAC to ensure integrity of cookies. | |
366 | beaker.session.secret = {74e0cd75-b339-478b-b129-07dd221def1f} |
|
366 | beaker.session.secret = {74e0cd75-b339-478b-b129-07dd221def1f} | |
367 | ## Further, encrypt the data with AES. |
|
367 | ## Further, encrypt the data with AES. | |
368 | #beaker.session.encrypt_key = <key_for_encryption> |
|
368 | #beaker.session.encrypt_key = <key_for_encryption> | |
369 | #beaker.session.validate_key = <validation_key> |
|
369 | #beaker.session.validate_key = <validation_key> | |
370 |
|
370 | |||
371 | ## Type of storage used for the session, current types are |
|
371 | ## Type of storage used for the session, current types are | |
372 | ## dbm, file, memcached, database, and memory. |
|
372 | ## dbm, file, memcached, database, and memory. | |
373 |
|
373 | |||
374 | ## File system storage of session data. (default) |
|
374 | ## File system storage of session data. (default) | |
375 | #beaker.session.type = file |
|
375 | #beaker.session.type = file | |
376 |
|
376 | |||
377 | ## Cookie only, store all session data inside the cookie. Requires secure secrets. |
|
377 | ## Cookie only, store all session data inside the cookie. Requires secure secrets. | |
378 | #beaker.session.type = cookie |
|
378 | #beaker.session.type = cookie | |
379 |
|
379 | |||
380 | ## Database storage of session data. |
|
380 | ## Database storage of session data. | |
381 | #beaker.session.type = ext:database |
|
381 | #beaker.session.type = ext:database | |
382 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea |
|
382 | #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea | |
383 | #beaker.session.table_name = db_session |
|
383 | #beaker.session.table_name = db_session | |
384 |
|
384 | |||
385 | ############################ |
|
385 | ############################ | |
386 | ## ERROR HANDLING SYSTEMS ## |
|
386 | ## ERROR HANDLING SYSTEMS ## | |
387 | ############################ |
|
387 | ############################ | |
388 |
|
388 | |||
389 | #################### |
|
389 | #################### | |
390 | ### [appenlight] ### |
|
390 | ### [appenlight] ### | |
391 | #################### |
|
391 | #################### | |
392 |
|
392 | |||
393 | ## AppEnlight is tailored to work with Kallithea, see |
|
393 | ## AppEnlight is tailored to work with Kallithea, see | |
394 | ## http://appenlight.com for details how to obtain an account |
|
394 | ## http://appenlight.com for details how to obtain an account | |
395 | ## you must install python package `appenlight_client` to make it work |
|
395 | ## you must install python package `appenlight_client` to make it work | |
396 |
|
396 | |||
397 | ## appenlight enabled |
|
397 | ## appenlight enabled | |
398 | appenlight = false |
|
398 | appenlight = false | |
399 |
|
399 | |||
400 | appenlight.server_url = https://api.appenlight.com |
|
400 | appenlight.server_url = https://api.appenlight.com | |
401 | appenlight.api_key = YOUR_API_KEY |
|
401 | appenlight.api_key = YOUR_API_KEY | |
402 |
|
402 | |||
403 | ## TWEAK AMOUNT OF INFO SENT HERE |
|
403 | ## TWEAK AMOUNT OF INFO SENT HERE | |
404 |
|
404 | |||
405 | ## enables 404 error logging (default False) |
|
405 | ## enables 404 error logging (default False) | |
406 | appenlight.report_404 = false |
|
406 | appenlight.report_404 = false | |
407 |
|
407 | |||
408 | ## time in seconds after request is considered being slow (default 1) |
|
408 | ## time in seconds after request is considered being slow (default 1) | |
409 | appenlight.slow_request_time = 1 |
|
409 | appenlight.slow_request_time = 1 | |
410 |
|
410 | |||
411 | ## record slow requests in application |
|
411 | ## record slow requests in application | |
412 | ## (needs to be enabled for slow datastore recording and time tracking) |
|
412 | ## (needs to be enabled for slow datastore recording and time tracking) | |
413 | appenlight.slow_requests = true |
|
413 | appenlight.slow_requests = true | |
414 |
|
414 | |||
415 | ## enable hooking to application loggers |
|
415 | ## enable hooking to application loggers | |
416 | #appenlight.logging = true |
|
416 | #appenlight.logging = true | |
417 |
|
417 | |||
418 | ## minimum log level for log capture |
|
418 | ## minimum log level for log capture | |
419 | #appenlight.logging.level = WARNING |
|
419 | #appenlight.logging.level = WARNING | |
420 |
|
420 | |||
421 | ## send logs only from erroneous/slow requests |
|
421 | ## send logs only from erroneous/slow requests | |
422 | ## (saves API quota for intensive logging) |
|
422 | ## (saves API quota for intensive logging) | |
423 | appenlight.logging_on_error = false |
|
423 | appenlight.logging_on_error = false | |
424 |
|
424 | |||
425 | ## list of additonal keywords that should be grabbed from environ object |
|
425 | ## list of additonal keywords that should be grabbed from environ object | |
426 | ## can be string with comma separated list of words in lowercase |
|
426 | ## can be string with comma separated list of words in lowercase | |
427 | ## (by default client will always send following info: |
|
427 | ## (by default client will always send following info: | |
428 | ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that |
|
428 | ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that | |
429 | ## start with HTTP* this list be extended with additional keywords here |
|
429 | ## start with HTTP* this list be extended with additional keywords here | |
430 | appenlight.environ_keys_whitelist = |
|
430 | appenlight.environ_keys_whitelist = | |
431 |
|
431 | |||
432 | ## list of keywords that should be blanked from request object |
|
432 | ## list of keywords that should be blanked from request object | |
433 | ## can be string with comma separated list of words in lowercase |
|
433 | ## can be string with comma separated list of words in lowercase | |
434 | ## (by default client will always blank keys that contain following words |
|
434 | ## (by default client will always blank keys that contain following words | |
435 | ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' |
|
435 | ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf' | |
436 | ## this list be extended with additional keywords set here |
|
436 | ## this list be extended with additional keywords set here | |
437 | appenlight.request_keys_blacklist = |
|
437 | appenlight.request_keys_blacklist = | |
438 |
|
438 | |||
439 | ## list of namespaces that should be ignores when gathering log entries |
|
439 | ## list of namespaces that should be ignores when gathering log entries | |
440 | ## can be string with comma separated list of namespaces |
|
440 | ## can be string with comma separated list of namespaces | |
441 | ## (by default the client ignores own entries: appenlight_client.client) |
|
441 | ## (by default the client ignores own entries: appenlight_client.client) | |
442 | appenlight.log_namespace_blacklist = |
|
442 | appenlight.log_namespace_blacklist = | |
443 |
|
443 | |||
444 | ################ |
|
444 | ################ | |
445 | ### [sentry] ### |
|
445 | ### [sentry] ### | |
446 | ################ |
|
446 | ################ | |
447 |
|
447 | |||
448 | ## sentry is a alternative open source error aggregator |
|
448 | ## sentry is a alternative open source error aggregator | |
449 | ## you must install python packages `sentry` and `raven` to enable |
|
449 | ## you must install python packages `sentry` and `raven` to enable | |
450 |
|
450 | |||
451 | sentry.dsn = YOUR_DNS |
|
451 | sentry.dsn = YOUR_DNS | |
452 | sentry.servers = |
|
452 | sentry.servers = | |
453 | sentry.name = |
|
453 | sentry.name = | |
454 | sentry.key = |
|
454 | sentry.key = | |
455 | sentry.public_key = |
|
455 | sentry.public_key = | |
456 | sentry.secret_key = |
|
456 | sentry.secret_key = | |
457 | sentry.project = |
|
457 | sentry.project = | |
458 | sentry.site = |
|
458 | sentry.site = | |
459 | sentry.include_paths = |
|
459 | sentry.include_paths = | |
460 | sentry.exclude_paths = |
|
460 | sentry.exclude_paths = | |
461 |
|
461 | |||
462 | ################################################################################ |
|
462 | ################################################################################ | |
463 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## |
|
463 | ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ## | |
464 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## |
|
464 | ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ## | |
465 | ## execute malicious code after an exception is raised. ## |
|
465 | ## execute malicious code after an exception is raised. ## | |
466 | ################################################################################ |
|
466 | ################################################################################ | |
467 | set debug = false |
|
467 | set debug = false | |
468 |
|
468 | |||
469 | ################################## |
|
469 | ################################## | |
470 | ### LOGVIEW CONFIG ### |
|
470 | ### LOGVIEW CONFIG ### | |
471 | ################################## |
|
471 | ################################## | |
472 |
|
472 | |||
473 | logview.sqlalchemy = #faa |
|
473 | logview.sqlalchemy = #faa | |
474 | logview.pylons.templating = #bfb |
|
474 | logview.pylons.templating = #bfb | |
475 | logview.pylons.util = #eee |
|
475 | logview.pylons.util = #eee | |
476 |
|
476 | |||
477 | ######################################################### |
|
477 | ######################################################### | |
478 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### |
|
478 | ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ### | |
479 | ######################################################### |
|
479 | ######################################################### | |
480 |
|
480 | |||
481 | # SQLITE [default] |
|
481 | # SQLITE [default] | |
482 | #sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60 |
|
482 | #sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60 | |
483 | sqlalchemy.db1.url = sqlite:///%(here)s/kallithea_test.sqlite |
|
483 | sqlalchemy.db1.url = sqlite:///%(here)s/kallithea_test.sqlite | |
484 |
|
484 | |||
485 | # POSTGRESQL |
|
485 | # POSTGRESQL | |
486 | #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea |
|
486 | #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea | |
487 |
|
487 | |||
488 | # MySQL |
|
488 | # MySQL | |
489 | #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea |
|
489 | #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea | |
490 |
|
490 | |||
491 | # see sqlalchemy docs for others |
|
491 | # see sqlalchemy docs for others | |
492 |
|
492 | |||
493 | sqlalchemy.db1.echo = false |
|
493 | sqlalchemy.db1.echo = false | |
494 | sqlalchemy.db1.pool_recycle = 3600 |
|
494 | sqlalchemy.db1.pool_recycle = 3600 | |
495 | sqlalchemy.db1.convert_unicode = true |
|
495 | sqlalchemy.db1.convert_unicode = true | |
496 |
|
496 | |||
497 | ################################ |
|
497 | ################################ | |
498 | ### LOGGING CONFIGURATION #### |
|
498 | ### LOGGING CONFIGURATION #### | |
499 | ################################ |
|
499 | ################################ | |
500 |
|
500 | |||
501 | [loggers] |
|
501 | [loggers] | |
502 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer |
|
502 | keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer | |
503 |
|
503 | |||
504 | [handlers] |
|
504 | [handlers] | |
505 | keys = console, console_sql |
|
505 | keys = console, console_sql | |
506 |
|
506 | |||
507 | [formatters] |
|
507 | [formatters] | |
508 | keys = generic, color_formatter, color_formatter_sql |
|
508 | keys = generic, color_formatter, color_formatter_sql | |
509 |
|
509 | |||
510 | ############# |
|
510 | ############# | |
511 | ## LOGGERS ## |
|
511 | ## LOGGERS ## | |
512 | ############# |
|
512 | ############# | |
513 |
|
513 | |||
514 | [logger_root] |
|
514 | [logger_root] | |
515 | #level = NOTSET |
|
515 | #level = NOTSET | |
516 | level = DEBUG |
|
516 | level = DEBUG | |
517 | handlers = console |
|
517 | handlers = console | |
518 |
|
518 | |||
519 | [logger_routes] |
|
519 | [logger_routes] | |
520 | level = DEBUG |
|
520 | level = DEBUG | |
521 | handlers = |
|
521 | handlers = | |
522 | qualname = routes.middleware |
|
522 | qualname = routes.middleware | |
523 | ## "level = DEBUG" logs the route matched and routing variables. |
|
523 | ## "level = DEBUG" logs the route matched and routing variables. | |
524 | propagate = 1 |
|
524 | propagate = 1 | |
525 |
|
525 | |||
526 | [logger_beaker] |
|
526 | [logger_beaker] | |
527 | level = DEBUG |
|
527 | level = DEBUG | |
528 | handlers = |
|
528 | handlers = | |
529 | qualname = beaker.container |
|
529 | qualname = beaker.container | |
530 | propagate = 1 |
|
530 | propagate = 1 | |
531 |
|
531 | |||
532 | [logger_templates] |
|
532 | [logger_templates] | |
533 | level = INFO |
|
533 | level = INFO | |
534 | handlers = |
|
534 | handlers = | |
535 | qualname = pylons.templating |
|
535 | qualname = pylons.templating | |
536 | propagate = 1 |
|
536 | propagate = 1 | |
537 |
|
537 | |||
538 | [logger_kallithea] |
|
538 | [logger_kallithea] | |
539 | level = DEBUG |
|
539 | level = DEBUG | |
540 | handlers = |
|
540 | handlers = | |
541 | qualname = kallithea |
|
541 | qualname = kallithea | |
542 | propagate = 1 |
|
542 | propagate = 1 | |
543 |
|
543 | |||
544 | [logger_sqlalchemy] |
|
544 | [logger_sqlalchemy] | |
545 | #level = INFO |
|
545 | #level = INFO | |
546 | #handlers = console_sql |
|
546 | #handlers = console_sql | |
547 | level = ERROR |
|
547 | level = ERROR | |
548 | handlers = console |
|
548 | handlers = console | |
549 | qualname = sqlalchemy.engine |
|
549 | qualname = sqlalchemy.engine | |
550 | propagate = 0 |
|
550 | propagate = 0 | |
551 |
|
551 | |||
552 | [logger_whoosh_indexer] |
|
552 | [logger_whoosh_indexer] | |
553 | level = DEBUG |
|
553 | level = DEBUG | |
554 | handlers = |
|
554 | handlers = | |
555 | qualname = whoosh_indexer |
|
555 | qualname = whoosh_indexer | |
556 | propagate = 1 |
|
556 | propagate = 1 | |
557 |
|
557 | |||
558 | ############## |
|
558 | ############## | |
559 | ## HANDLERS ## |
|
559 | ## HANDLERS ## | |
560 | ############## |
|
560 | ############## | |
561 |
|
561 | |||
562 | [handler_console] |
|
562 | [handler_console] | |
563 | class = StreamHandler |
|
563 | class = StreamHandler | |
564 | args = (sys.stderr,) |
|
564 | args = (sys.stderr,) | |
565 | #level = INFO |
|
565 | #level = INFO | |
566 | level = NOTSET |
|
566 | level = NOTSET | |
567 | formatter = generic |
|
567 | formatter = generic | |
568 |
|
568 | |||
569 | [handler_console_sql] |
|
569 | [handler_console_sql] | |
570 | class = StreamHandler |
|
570 | class = StreamHandler | |
571 | args = (sys.stderr,) |
|
571 | args = (sys.stderr,) | |
572 | level = WARN |
|
572 | level = WARN | |
573 | formatter = generic |
|
573 | formatter = generic | |
574 |
|
574 | |||
575 | ################ |
|
575 | ################ | |
576 | ## FORMATTERS ## |
|
576 | ## FORMATTERS ## | |
577 | ################ |
|
577 | ################ | |
578 |
|
578 | |||
579 | [formatter_generic] |
|
579 | [formatter_generic] | |
580 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
580 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
581 | datefmt = %Y-%m-%d %H:%M:%S |
|
581 | datefmt = %Y-%m-%d %H:%M:%S | |
582 |
|
582 | |||
583 | [formatter_color_formatter] |
|
583 | [formatter_color_formatter] | |
584 | class = kallithea.lib.colored_formatter.ColorFormatter |
|
584 | class = kallithea.lib.colored_formatter.ColorFormatter | |
585 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
585 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
586 | datefmt = %Y-%m-%d %H:%M:%S |
|
586 | datefmt = %Y-%m-%d %H:%M:%S | |
587 |
|
587 | |||
588 | [formatter_color_formatter_sql] |
|
588 | [formatter_color_formatter_sql] | |
589 | class = kallithea.lib.colored_formatter.ColorFormatterSql |
|
589 | class = kallithea.lib.colored_formatter.ColorFormatterSql | |
590 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s |
|
590 | format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s | |
591 | datefmt = %Y-%m-%d %H:%M:%S |
|
591 | datefmt = %Y-%m-%d %H:%M:%S |
General Comments 0
You need to be logged in to leave comments.
Login now