##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

config: clarify that we only recommend and support single threaded operation...
Mads Kiilerich -
r6666:716e53c0 stable
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,591 +1,591 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Development config: #
4 4 # listening on *:5000 #
5 5 # sqlite and kallithea.db #
6 6 # initial_repo_scan = true #
7 7 # set debug = true #
8 8 # verbose and colorful logging #
9 9 # #
10 10 # The %(here)s variable will be replaced with the parent directory of this file#
11 11 ################################################################################
12 12 ################################################################################
13 13
14 14 [DEFAULT]
15 15 debug = true
16 16 pdebug = false
17 17
18 18 ################################################################################
19 19 ## Email settings ##
20 20 ## ##
21 21 ## Refer to the documentation ("Email settings") for more details. ##
22 22 ## ##
23 23 ## It is recommended to use a valid sender address that passes access ##
24 24 ## validation and spam filtering in mail servers. ##
25 25 ################################################################################
26 26
27 27 ## 'From' header for application emails. You can optionally add a name.
28 28 ## Default:
29 29 #app_email_from = Kallithea
30 30 ## Examples:
31 31 #app_email_from = Kallithea <kallithea-noreply@example.com>
32 32 #app_email_from = kallithea-noreply@example.com
33 33
34 34 ## Subject prefix for application emails.
35 35 ## A space between this prefix and the real subject is automatically added.
36 36 ## Default:
37 37 #email_prefix =
38 38 ## Example:
39 39 #email_prefix = [Kallithea]
40 40
41 41 ## Recipients for error emails and fallback recipients of application mails.
42 42 ## Multiple addresses can be specified, space-separated.
43 43 ## Only addresses are allowed, do not add any name part.
44 44 ## Default:
45 45 #email_to =
46 46 ## Examples:
47 47 #email_to = admin@example.com
48 48 #email_to = admin@example.com another_admin@example.com
49 49
50 50 ## 'From' header for error emails. You can optionally add a name.
51 51 ## Default:
52 52 #error_email_from = pylons@yourapp.com
53 53 ## Examples:
54 54 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
55 55 #error_email_from = paste_error@example.com
56 56
57 57 ## SMTP server settings
58 58 ## Only smtp_server is mandatory. All other settings take the specified default
59 59 ## values.
60 60 #smtp_server = smtp.example.com
61 61 #smtp_username =
62 62 #smtp_password =
63 63 #smtp_port = 25
64 64 #smtp_use_tls = false
65 65 #smtp_use_ssl = false
66 66 ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).
67 67 ## If empty, use any of the authentication parameters supported by the server.
68 68 #smtp_auth =
69 69
70 70 [server:main]
71 71 ## PASTE ##
72 72 #use = egg:Paste#http
73 73 ## nr of worker threads to spawn
74 #threadpool_workers = 5
74 #threadpool_workers = 1
75 75 ## max request before thread respawn
76 #threadpool_max_requests = 10
76 #threadpool_max_requests = 100
77 77 ## option to use threads of process
78 78 #use_threadpool = true
79 79
80 80 ## WAITRESS ##
81 81 use = egg:waitress#main
82 82 ## number of worker threads
83 threads = 5
83 threads = 1
84 84 ## MAX BODY SIZE 100GB
85 85 max_request_body_size = 107374182400
86 86 ## use poll instead of select, fixes fd limits, may not work on old
87 87 ## windows systems.
88 88 #asyncore_use_poll = True
89 89
90 90 ## GUNICORN ##
91 91 #use = egg:gunicorn#main
92 92 ## number of process workers. You must set `instance_id = *` when this option
93 93 ## is set to more than one worker
94 94 #workers = 1
95 95 ## process name
96 96 #proc_name = kallithea
97 97 ## type of worker class, one of sync, eventlet, gevent, tornado
98 98 ## recommended for bigger setup is using of of other than sync one
99 99 #worker_class = sync
100 100 #max_requests = 1000
101 101 ## ammount of time a worker can handle request before it gets killed and
102 102 ## restarted
103 103 #timeout = 3600
104 104
105 105 ## UWSGI ##
106 106 ## run with uwsgi --ini-paste-logged <inifile.ini>
107 107 #[uwsgi]
108 108 #socket = /tmp/uwsgi.sock
109 109 #master = true
110 110 #http = 127.0.0.1:5000
111 111
112 112 ## set as deamon and redirect all output to file
113 113 #daemonize = ./uwsgi_kallithea.log
114 114
115 115 ## master process PID
116 116 #pidfile = ./uwsgi_kallithea.pid
117 117
118 118 ## stats server with workers statistics, use uwsgitop
119 119 ## for monitoring, `uwsgitop 127.0.0.1:1717`
120 120 #stats = 127.0.0.1:1717
121 121 #memory-report = true
122 122
123 123 ## log 5XX errors
124 124 #log-5xx = true
125 125
126 126 ## Set the socket listen queue size.
127 127 #listen = 256
128 128
129 129 ## Gracefully Reload workers after the specified amount of managed requests
130 130 ## (avoid memory leaks).
131 131 #max-requests = 1000
132 132
133 133 ## enable large buffers
134 134 #buffer-size = 65535
135 135
136 136 ## socket and http timeouts ##
137 137 #http-timeout = 3600
138 138 #socket-timeout = 3600
139 139
140 140 ## Log requests slower than the specified number of milliseconds.
141 141 #log-slow = 10
142 142
143 143 ## Exit if no app can be loaded.
144 144 #need-app = true
145 145
146 146 ## Set lazy mode (load apps in workers instead of master).
147 147 #lazy = true
148 148
149 149 ## scaling ##
150 150 ## set cheaper algorithm to use, if not set default will be used
151 151 #cheaper-algo = spare
152 152
153 153 ## minimum number of workers to keep at all times
154 154 #cheaper = 1
155 155
156 156 ## number of workers to spawn at startup
157 157 #cheaper-initial = 1
158 158
159 159 ## maximum number of workers that can be spawned
160 160 #workers = 4
161 161
162 162 ## how many workers should be spawned at a time
163 163 #cheaper-step = 1
164 164
165 165 ## COMMON ##
166 166 host = 0.0.0.0
167 167 port = 5000
168 168
169 169 ## middleware for hosting the WSGI application under a URL prefix
170 170 #[filter:proxy-prefix]
171 171 #use = egg:PasteDeploy#prefix
172 172 #prefix = /<your-prefix>
173 173
174 174 [app:main]
175 175 use = egg:kallithea
176 176 ## enable proxy prefix middleware
177 177 #filter-with = proxy-prefix
178 178
179 179 full_stack = true
180 180 static_files = true
181 181 ## Available Languages:
182 182 ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
183 183 lang =
184 184 cache_dir = %(here)s/data
185 185 index_dir = %(here)s/data/index
186 186
187 187 ## perform a full repository scan on each server start, this should be
188 188 ## set to false after first startup, to allow faster server restarts.
189 189 #initial_repo_scan = false
190 190 initial_repo_scan = true
191 191
192 192 ## uncomment and set this path to use archive download cache
193 193 archive_cache_dir = %(here)s/tarballcache
194 194
195 195 ## change this to unique ID for security
196 196 app_instance_uuid = development-not-secret
197 197
198 198 ## cut off limit for large diffs (size in bytes)
199 199 cut_off_limit = 256000
200 200
201 201 ## use cache version of scm repo everywhere
202 202 vcs_full_cache = true
203 203
204 204 ## force https in Kallithea, fixes https redirects, assumes it's always https
205 205 force_https = false
206 206
207 207 ## use Strict-Transport-Security headers
208 208 use_htsts = false
209 209
210 210 ## number of commits stats will parse on each iteration
211 211 commit_parse_limit = 25
212 212
213 213 ## path to git executable
214 214 git_path = git
215 215
216 216 ## git rev filter option, --all is the default filter, if you need to
217 217 ## hide all refs in changelog switch this to --branches --tags
218 218 #git_rev_filter = --branches --tags
219 219
220 220 ## RSS feed options
221 221 rss_cut_off_limit = 256000
222 222 rss_items_per_page = 10
223 223 rss_include_diff = false
224 224
225 225 ## options for showing and identifying changesets
226 226 show_sha_length = 12
227 227 show_revision_number = false
228 228
229 229 ## gist URL alias, used to create nicer urls for gist. This should be an
230 230 ## url that does rewrites to _admin/gists/<gistid>.
231 231 ## example: http://gist.example.com/{gistid}. Empty means use the internal
232 232 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
233 233 gist_alias_url =
234 234
235 235 ## white list of API enabled controllers. This allows to add list of
236 236 ## controllers to which access will be enabled by api_key. eg: to enable
237 237 ## api access to raw_files put `FilesController:raw`, to enable access to patches
238 238 ## add `ChangesetController:changeset_patch`. This list should be "," separated
239 239 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
240 240 ## Recommended settings below are commented out:
241 241 api_access_controllers_whitelist =
242 242 # ChangesetController:changeset_patch,
243 243 # ChangesetController:changeset_raw,
244 244 # FilesController:raw,
245 245 # FilesController:archivefile
246 246
247 247 ## default encoding used to convert from and to unicode
248 248 ## can be also a comma seperated list of encoding in case of mixed encodings
249 249 default_encoding = utf8
250 250
251 251 ## issue tracker for Kallithea (leave blank to disable, absent for default)
252 252 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
253 253
254 254 ## issue tracking mapping for commits messages
255 255 ## comment out issue_pat, issue_server, issue_prefix to enable
256 256
257 257 ## pattern to get the issues from commit messages
258 258 ## default one used here is #<numbers> with a regex passive group for `#`
259 259 ## {id} will be all groups matched from this pattern
260 260
261 261 issue_pat = (?:\s*#)(\d+)
262 262
263 263 ## server url to the issue, each {id} will be replaced with match
264 264 ## fetched from the regex and {repo} is replaced with full repository name
265 265 ## including groups {repo_name} is replaced with just name of repo
266 266
267 267 issue_server_link = https://issues.example.com/{repo}/issue/{id}
268 268
269 269 ## prefix to add to link to indicate it's an url
270 270 ## #314 will be replaced by <issue_prefix><id>
271 271
272 272 issue_prefix = #
273 273
274 274 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
275 275 ## multiple patterns, to other issues server, wiki or others
276 276 ## below an example how to create a wiki pattern
277 277 # wiki-some-id -> https://wiki.example.com/some-id
278 278
279 279 #issue_pat_wiki = (?:wiki-)(.+)
280 280 #issue_server_link_wiki = https://wiki.example.com/{id}
281 281 #issue_prefix_wiki = WIKI-
282 282
283 283 ## instance-id prefix
284 284 ## a prefix key for this instance used for cache invalidation when running
285 285 ## multiple instances of kallithea, make sure it's globally unique for
286 286 ## all running kallithea instances. Leave empty if you don't use it
287 287 instance_id =
288 288
289 289 ## alternative return HTTP header for failed authentication. Default HTTP
290 290 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
291 291 ## handling that. Set this variable to 403 to return HTTPForbidden
292 292 auth_ret_code =
293 293
294 294 ## locking return code. When repository is locked return this HTTP code. 2XX
295 295 ## codes don't break the transactions while 4XX codes do
296 296 lock_ret_code = 423
297 297
298 298 ## allows to change the repository location in settings page
299 299 allow_repo_location_change = True
300 300
301 301 ## allows to setup custom hooks in settings page
302 302 allow_custom_hooks_settings = True
303 303
304 304 ####################################
305 305 ### CELERY CONFIG ####
306 306 ####################################
307 307
308 308 use_celery = false
309 309 broker.host = localhost
310 310 broker.vhost = rabbitmqhost
311 311 broker.port = 5672
312 312 broker.user = rabbitmq
313 313 broker.password = qweqwe
314 314
315 315 celery.imports = kallithea.lib.celerylib.tasks
316 316
317 317 celery.result.backend = amqp
318 318 celery.result.dburi = amqp://
319 319 celery.result.serialier = json
320 320
321 321 #celery.send.task.error.emails = true
322 322 #celery.amqp.task.result.expires = 18000
323 323
324 324 celeryd.concurrency = 2
325 325 #celeryd.log.file = celeryd.log
326 326 celeryd.log.level = DEBUG
327 327 celeryd.max.tasks.per.child = 1
328 328
329 329 ## tasks will never be sent to the queue, but executed locally instead.
330 330 celery.always.eager = false
331 331
332 332 ####################################
333 333 ### BEAKER CACHE ####
334 334 ####################################
335 335
336 336 beaker.cache.data_dir = %(here)s/data/cache/data
337 337 beaker.cache.lock_dir = %(here)s/data/cache/lock
338 338
339 339 beaker.cache.regions = short_term,long_term,sql_cache_short
340 340
341 341 beaker.cache.short_term.type = memory
342 342 beaker.cache.short_term.expire = 60
343 343 beaker.cache.short_term.key_length = 256
344 344
345 345 beaker.cache.long_term.type = memory
346 346 beaker.cache.long_term.expire = 36000
347 347 beaker.cache.long_term.key_length = 256
348 348
349 349 beaker.cache.sql_cache_short.type = memory
350 350 beaker.cache.sql_cache_short.expire = 10
351 351 beaker.cache.sql_cache_short.key_length = 256
352 352
353 353 ####################################
354 354 ### BEAKER SESSION ####
355 355 ####################################
356 356
357 357 ## Name of session cookie. Should be unique for a given host and path, even when running
358 358 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
359 359 beaker.session.key = kallithea
360 360 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
361 361 beaker.session.httponly = true
362 362 ## Session lifetime. 2592000 seconds is 30 days.
363 363 beaker.session.timeout = 2592000
364 364
365 365 ## Server secret used with HMAC to ensure integrity of cookies.
366 366 beaker.session.secret = development-not-secret
367 367 ## Further, encrypt the data with AES.
368 368 #beaker.session.encrypt_key = <key_for_encryption>
369 369 #beaker.session.validate_key = <validation_key>
370 370
371 371 ## Type of storage used for the session, current types are
372 372 ## dbm, file, memcached, database, and memory.
373 373
374 374 ## File system storage of session data. (default)
375 375 #beaker.session.type = file
376 376
377 377 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
378 378 #beaker.session.type = cookie
379 379
380 380 ## Database storage of session data.
381 381 #beaker.session.type = ext:database
382 382 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
383 383 #beaker.session.table_name = db_session
384 384
385 385 ############################
386 386 ## ERROR HANDLING SYSTEMS ##
387 387 ############################
388 388
389 389 ####################
390 390 ### [appenlight] ###
391 391 ####################
392 392
393 393 ## AppEnlight is tailored to work with Kallithea, see
394 394 ## http://appenlight.com for details how to obtain an account
395 395 ## you must install python package `appenlight_client` to make it work
396 396
397 397 ## appenlight enabled
398 398 appenlight = false
399 399
400 400 appenlight.server_url = https://api.appenlight.com
401 401 appenlight.api_key = YOUR_API_KEY
402 402
403 403 ## TWEAK AMOUNT OF INFO SENT HERE
404 404
405 405 ## enables 404 error logging (default False)
406 406 appenlight.report_404 = false
407 407
408 408 ## time in seconds after request is considered being slow (default 1)
409 409 appenlight.slow_request_time = 1
410 410
411 411 ## record slow requests in application
412 412 ## (needs to be enabled for slow datastore recording and time tracking)
413 413 appenlight.slow_requests = true
414 414
415 415 ## enable hooking to application loggers
416 416 #appenlight.logging = true
417 417
418 418 ## minimum log level for log capture
419 419 #appenlight.logging.level = WARNING
420 420
421 421 ## send logs only from erroneous/slow requests
422 422 ## (saves API quota for intensive logging)
423 423 appenlight.logging_on_error = false
424 424
425 425 ## list of additonal keywords that should be grabbed from environ object
426 426 ## can be string with comma separated list of words in lowercase
427 427 ## (by default client will always send following info:
428 428 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
429 429 ## start with HTTP* this list be extended with additional keywords here
430 430 appenlight.environ_keys_whitelist =
431 431
432 432 ## list of keywords that should be blanked from request object
433 433 ## can be string with comma separated list of words in lowercase
434 434 ## (by default client will always blank keys that contain following words
435 435 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
436 436 ## this list be extended with additional keywords set here
437 437 appenlight.request_keys_blacklist =
438 438
439 439 ## list of namespaces that should be ignores when gathering log entries
440 440 ## can be string with comma separated list of namespaces
441 441 ## (by default the client ignores own entries: appenlight_client.client)
442 442 appenlight.log_namespace_blacklist =
443 443
444 444 ################
445 445 ### [sentry] ###
446 446 ################
447 447
448 448 ## sentry is a alternative open source error aggregator
449 449 ## you must install python packages `sentry` and `raven` to enable
450 450
451 451 sentry.dsn = YOUR_DNS
452 452 sentry.servers =
453 453 sentry.name =
454 454 sentry.key =
455 455 sentry.public_key =
456 456 sentry.secret_key =
457 457 sentry.project =
458 458 sentry.site =
459 459 sentry.include_paths =
460 460 sentry.exclude_paths =
461 461
462 462 ################################################################################
463 463 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
464 464 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
465 465 ## execute malicious code after an exception is raised. ##
466 466 ################################################################################
467 467 #set debug = false
468 468 set debug = true
469 469
470 470 ##################################
471 471 ### LOGVIEW CONFIG ###
472 472 ##################################
473 473
474 474 logview.sqlalchemy = #faa
475 475 logview.pylons.templating = #bfb
476 476 logview.pylons.util = #eee
477 477
478 478 #########################################################
479 479 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
480 480 #########################################################
481 481
482 482 # SQLITE [default]
483 483 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
484 484
485 485 # POSTGRESQL
486 486 #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
487 487
488 488 # MySQL
489 489 #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
490 490
491 491 # see sqlalchemy docs for others
492 492
493 493 sqlalchemy.db1.echo = false
494 494 sqlalchemy.db1.pool_recycle = 3600
495 495 sqlalchemy.db1.convert_unicode = true
496 496
497 497 ################################
498 498 ### LOGGING CONFIGURATION ####
499 499 ################################
500 500
501 501 [loggers]
502 502 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
503 503
504 504 [handlers]
505 505 keys = console, console_sql
506 506
507 507 [formatters]
508 508 keys = generic, color_formatter, color_formatter_sql
509 509
510 510 #############
511 511 ## LOGGERS ##
512 512 #############
513 513
514 514 [logger_root]
515 515 level = NOTSET
516 516 handlers = console
517 517
518 518 [logger_routes]
519 519 level = DEBUG
520 520 handlers =
521 521 qualname = routes.middleware
522 522 ## "level = DEBUG" logs the route matched and routing variables.
523 523 propagate = 1
524 524
525 525 [logger_beaker]
526 526 level = DEBUG
527 527 handlers =
528 528 qualname = beaker.container
529 529 propagate = 1
530 530
531 531 [logger_templates]
532 532 level = INFO
533 533 handlers =
534 534 qualname = pylons.templating
535 535 propagate = 1
536 536
537 537 [logger_kallithea]
538 538 level = DEBUG
539 539 handlers =
540 540 qualname = kallithea
541 541 propagate = 1
542 542
543 543 [logger_sqlalchemy]
544 544 level = INFO
545 545 handlers = console_sql
546 546 qualname = sqlalchemy.engine
547 547 propagate = 0
548 548
549 549 [logger_whoosh_indexer]
550 550 level = DEBUG
551 551 handlers =
552 552 qualname = whoosh_indexer
553 553 propagate = 1
554 554
555 555 ##############
556 556 ## HANDLERS ##
557 557 ##############
558 558
559 559 [handler_console]
560 560 class = StreamHandler
561 561 args = (sys.stderr,)
562 562 #level = INFO
563 563 #formatter = generic
564 564 level = DEBUG
565 565 formatter = color_formatter
566 566
567 567 [handler_console_sql]
568 568 class = StreamHandler
569 569 args = (sys.stderr,)
570 570 #level = WARN
571 571 #formatter = generic
572 572 level = DEBUG
573 573 formatter = color_formatter_sql
574 574
575 575 ################
576 576 ## FORMATTERS ##
577 577 ################
578 578
579 579 [formatter_generic]
580 580 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
581 581 datefmt = %Y-%m-%d %H:%M:%S
582 582
583 583 [formatter_color_formatter]
584 584 class = kallithea.lib.colored_formatter.ColorFormatter
585 585 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
586 586 datefmt = %Y-%m-%d %H:%M:%S
587 587
588 588 [formatter_color_formatter_sql]
589 589 class = kallithea.lib.colored_formatter.ColorFormatterSql
590 590 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
591 591 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,819 +1,818 b''
1 1 .. _setup:
2 2
3 3 =====
4 4 Setup
5 5 =====
6 6
7 7
8 8 Setting up Kallithea
9 9 --------------------
10 10
11 11 First, you will need to create a Kallithea configuration file. Run the
12 12 following command to do so::
13 13
14 14 paster make-config Kallithea my.ini
15 15
16 16 This will create the file ``my.ini`` in the current directory. This
17 17 configuration file contains the various settings for Kallithea, e.g.
18 18 proxy port, email settings, usage of static files, cache, Celery
19 19 settings, and logging.
20 20
21 21 Next, you need to create the databases used by Kallithea. It is recommended to
22 22 use PostgreSQL or SQLite (default). If you choose a database other than the
23 23 default, ensure you properly adjust the database URL in your ``my.ini``
24 24 configuration file to use this other database. Kallithea currently supports
25 25 PostgreSQL, SQLite and MySQL databases. Create the database by running
26 26 the following command::
27 27
28 28 paster setup-db my.ini
29 29
30 30 This will prompt you for a "root" path. This "root" path is the location where
31 31 Kallithea will store all of its repositories on the current machine. After
32 32 entering this "root" path ``setup-db`` will also prompt you for a username
33 33 and password for the initial admin account which ``setup-db`` sets
34 34 up for you.
35 35
36 36 The ``setup-db`` values can also be given on the command line.
37 37 Example::
38 38
39 39 paster setup-db my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
40 40
41 41 The ``setup-db`` command will create all needed tables and an
42 42 admin account. When choosing a root path you can either use a new
43 43 empty location, or a location which already contains existing
44 44 repositories. If you choose a location which contains existing
45 45 repositories Kallithea will add all of the repositories at the chosen
46 46 location to its database. (Note: make sure you specify the correct
47 47 path to the root).
48 48
49 49 .. note:: the given path for Mercurial_ repositories **must** be write
50 50 accessible for the application. It's very important since
51 51 the Kallithea web interface will work without write access,
52 52 but when trying to do a push it will fail with permission
53 53 denied errors unless it has write access.
54 54
55 55 You are now ready to use Kallithea. To run it simply execute::
56 56
57 57 paster serve my.ini
58 58
59 59 - This command runs the Kallithea server. The web app should be available at
60 60 http://127.0.0.1:5000. The IP address and port is configurable via the
61 61 configuration file created in the previous step.
62 62 - Log in to Kallithea using the admin account created when running ``setup-db``.
63 63 - The default permissions on each repository is read, and the owner is admin.
64 64 Remember to update these if needed.
65 65 - In the admin panel you can toggle LDAP, anonymous, and permissions
66 66 settings, as well as edit more advanced options on users and
67 67 repositories.
68 68
69 69
70 70 Extensions
71 71 ----------
72 72
73 73 Optionally one can create an ``rcextensions`` package that extends Kallithea
74 74 functionality.
75 75 To generate a skeleton extensions package, run::
76 76
77 77 paster make-rcext my.ini
78 78
79 79 This will create an ``rcextensions`` package next to the specified ``ini`` file.
80 80 With ``rcextensions`` it's possible to add additional mapping for whoosh,
81 81 stats and add additional code into the push/pull/create/delete repo hooks,
82 82 for example for sending signals to build-bots such as Jenkins.
83 83
84 84 See the ``__init__.py`` file inside the generated ``rcextensions`` package
85 85 for more details.
86 86
87 87
88 88 Using Kallithea with SSH
89 89 ------------------------
90 90
91 91 Kallithea currently only hosts repositories using http and https. (The addition
92 92 of ssh hosting is a planned future feature.) However you can easily use ssh in
93 93 parallel with Kallithea. (Repository access via ssh is a standard "out of
94 94 the box" feature of Mercurial_ and you can use this to access any of the
95 95 repositories that Kallithea is hosting. See PublishingRepositories_)
96 96
97 97 Kallithea repository structures are kept in directories with the same name
98 98 as the project. When using repository groups, each group is a subdirectory.
99 99 This allows you to easily use ssh for accessing repositories.
100 100
101 101 In order to use ssh you need to make sure that your web server and the users'
102 102 login accounts have the correct permissions set on the appropriate directories.
103 103
104 104 .. note:: These permissions are independent of any permissions you
105 105 have set up using the Kallithea web interface.
106 106
107 107 If your main directory (the same as set in Kallithea settings) is for
108 108 example set to ``/srv/repos`` and the repository you are using is
109 109 named ``kallithea``, then to clone via ssh you should run::
110 110
111 111 hg clone ssh://user@kallithea.example.com/srv/repos/kallithea
112 112
113 113 Using other external tools such as mercurial-server_ or using ssh key-based
114 114 authentication is fully supported.
115 115
116 116 .. note:: In an advanced setup, in order for your ssh access to use
117 117 the same permissions as set up via the Kallithea web
118 118 interface, you can create an authentication hook to connect
119 119 to the Kallithea db and run check functions for permissions
120 120 against that.
121 121
122 122
123 123 Setting up Whoosh full text search
124 124 ----------------------------------
125 125
126 126 Kallithea provides full text search of repositories using `Whoosh`__.
127 127
128 128 .. __: https://pythonhosted.org/Whoosh/
129 129
130 130 For an incremental index build, run::
131 131
132 132 paster make-index my.ini
133 133
134 134 For a full index rebuild, run::
135 135
136 136 paster make-index my.ini -f
137 137
138 138 The ``--repo-location`` option allows the location of the repositories to be overriden;
139 139 usually, the location is retrieved from the Kallithea database.
140 140
141 141 The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
142 142
143 143 paster make-index my.ini --index-only=vcs,kallithea
144 144
145 145 To keep your index up-to-date it is necessary to do periodic index builds;
146 146 for this, it is recommended to use a crontab entry. Example::
147 147
148 148 0 3 * * * /path/to/virtualenv/bin/paster make-index /path/to/kallithea/my.ini
149 149
150 150 When using incremental mode (the default), Whoosh will check the last
151 151 modification date of each file and add it to be reindexed if a newer file is
152 152 available. The indexing daemon checks for any removed files and removes them
153 153 from index.
154 154
155 155 If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
156 156 or in the admin panel you can check the "build from scratch" checkbox.
157 157
158 158 .. _ldap-setup:
159 159
160 160 Setting up LDAP support
161 161 -----------------------
162 162
163 163 Kallithea supports LDAP authentication. In order
164 164 to use LDAP, you have to install the python-ldap_ package. This package is
165 165 available via PyPI, so you can install it by running::
166 166
167 167 pip install python-ldap
168 168
169 169 .. note:: ``python-ldap`` requires some libraries to be installed on
170 170 your system, so before installing it check that you have at
171 171 least the ``openldap`` and ``sasl`` libraries.
172 172
173 173 Choose *Admin > Authentication*, click the ``kallithea.lib.auth_modules.auth_ldap`` button
174 174 and then *Save*, to enable the LDAP plugin and configure its settings.
175 175
176 176 Here's a typical LDAP setup::
177 177
178 178 Connection settings
179 179 Enable LDAP = checked
180 180 Host = host.example.com
181 181 Port = 389
182 182 Account = <account>
183 183 Password = <password>
184 184 Connection Security = LDAPS connection
185 185 Certificate Checks = DEMAND
186 186
187 187 Search settings
188 188 Base DN = CN=users,DC=host,DC=example,DC=org
189 189 LDAP Filter = (&(objectClass=user)(!(objectClass=computer)))
190 190 LDAP Search Scope = SUBTREE
191 191
192 192 Attribute mappings
193 193 Login Attribute = uid
194 194 First Name Attribute = firstName
195 195 Last Name Attribute = lastName
196 196 Email Attribute = mail
197 197
198 198 If your user groups are placed in an Organisation Unit (OU) structure, the Search Settings configuration differs::
199 199
200 200 Search settings
201 201 Base DN = DC=host,DC=example,DC=org
202 202 LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user))
203 203 LDAP Search Scope = SUBTREE
204 204
205 205 .. _enable_ldap:
206 206
207 207 Enable LDAP : required
208 208 Whether to use LDAP for authenticating users.
209 209
210 210 .. _ldap_host:
211 211
212 212 Host : required
213 213 LDAP server hostname or IP address. Can be also a comma separated
214 214 list of servers to support LDAP fail-over.
215 215
216 216 .. _Port:
217 217
218 218 Port : required
219 219 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP.
220 220
221 221 .. _ldap_account:
222 222
223 223 Account : optional
224 224 Only required if the LDAP server does not allow anonymous browsing of
225 225 records. This should be a special account for record browsing. This
226 226 will require `LDAP Password`_ below.
227 227
228 228 .. _LDAP Password:
229 229
230 230 Password : optional
231 231 Only required if the LDAP server does not allow anonymous browsing of
232 232 records.
233 233
234 234 .. _Enable LDAPS:
235 235
236 236 Connection Security : required
237 237 Defines the connection to LDAP server
238 238
239 239 No encryption
240 240 Plain non encrypted connection
241 241
242 242 LDAPS connection
243 243 Enable LDAPS connections. It will likely require `Port`_ to be set to
244 244 a different value (standard LDAPS port is 636). When LDAPS is enabled
245 245 then `Certificate Checks`_ is required.
246 246
247 247 START_TLS on LDAP connection
248 248 START TLS connection
249 249
250 250 .. _Certificate Checks:
251 251
252 252 Certificate Checks : optional
253 253 How SSL certificates verification is handled -- this is only useful when
254 254 `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security
255 255 while the other options are susceptible to man-in-the-middle attacks. SSL
256 256 certificates can be installed to /etc/openldap/cacerts so that the
257 257 DEMAND or HARD options can be used with self-signed certificates or
258 258 certificates that do not have traceable certificates of authority.
259 259
260 260 NEVER
261 261 A serve certificate will never be requested or checked.
262 262
263 263 ALLOW
264 264 A server certificate is requested. Failure to provide a
265 265 certificate or providing a bad certificate will not terminate the
266 266 session.
267 267
268 268 TRY
269 269 A server certificate is requested. Failure to provide a
270 270 certificate does not halt the session; providing a bad certificate
271 271 halts the session.
272 272
273 273 DEMAND
274 274 A server certificate is requested and must be provided and
275 275 authenticated for the session to proceed.
276 276
277 277 HARD
278 278 The same as DEMAND.
279 279
280 280 .. _Base DN:
281 281
282 282 Base DN : required
283 283 The Distinguished Name (DN) where searches for users will be performed.
284 284 Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_.
285 285
286 286 .. _LDAP Filter:
287 287
288 288 LDAP Filter : optional
289 289 A LDAP filter defined by RFC 2254. This is more useful when `LDAP
290 290 Search Scope`_ is set to SUBTREE. The filter is useful for limiting
291 291 which LDAP objects are identified as representing Users for
292 292 authentication. The filter is augmented by `Login Attribute`_ below.
293 293 This can commonly be left blank.
294 294
295 295 .. _LDAP Search Scope:
296 296
297 297 LDAP Search Scope : required
298 298 This limits how far LDAP will search for a matching object.
299 299
300 300 BASE
301 301 Only allows searching of `Base DN`_ and is usually not what you
302 302 want.
303 303
304 304 ONELEVEL
305 305 Searches all entries under `Base DN`_, but not Base DN itself.
306 306
307 307 SUBTREE
308 308 Searches all entries below `Base DN`_, but not Base DN itself.
309 309 When using SUBTREE `LDAP Filter`_ is useful to limit object
310 310 location.
311 311
312 312 .. _Login Attribute:
313 313
314 314 Login Attribute : required
315 315 The LDAP record attribute that will be matched as the USERNAME or
316 316 ACCOUNT used to connect to Kallithea. This will be added to `LDAP
317 317 Filter`_ for locating the User object. If `LDAP Filter`_ is specified as
318 318 "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has
319 319 connected as "jsmith" then the `LDAP Filter`_ will be augmented as below
320 320 ::
321 321
322 322 (&(LDAPFILTER)(uid=jsmith))
323 323
324 324 .. _ldap_attr_firstname:
325 325
326 326 First Name Attribute : required
327 327 The LDAP record attribute which represents the user's first name.
328 328
329 329 .. _ldap_attr_lastname:
330 330
331 331 Last Name Attribute : required
332 332 The LDAP record attribute which represents the user's last name.
333 333
334 334 .. _ldap_attr_email:
335 335
336 336 Email Attribute : required
337 337 The LDAP record attribute which represents the user's email address.
338 338
339 339 If all data are entered correctly, and python-ldap_ is properly installed
340 340 users should be granted access to Kallithea with LDAP accounts. At this
341 341 time user information is copied from LDAP into the Kallithea user database.
342 342 This means that updates of an LDAP user object may not be reflected as a
343 343 user update in Kallithea.
344 344
345 345 If You have problems with LDAP access and believe You entered correct
346 346 information check out the Kallithea logs, any error messages sent from LDAP
347 347 will be saved there.
348 348
349 349 Active Directory
350 350 ''''''''''''''''
351 351
352 352 Kallithea can use Microsoft Active Directory for user authentication. This
353 353 is done through an LDAP or LDAPS connection to Active Directory. The
354 354 following LDAP configuration settings are typical for using Active
355 355 Directory ::
356 356
357 357 Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local
358 358 Login Attribute = sAMAccountName
359 359 First Name Attribute = givenName
360 360 Last Name Attribute = sn
361 361 Email Attribute = mail
362 362
363 363 All other LDAP settings will likely be site-specific and should be
364 364 appropriately configured.
365 365
366 366
367 367 Authentication by container or reverse-proxy
368 368 --------------------------------------------
369 369
370 370 Kallithea supports delegating the authentication
371 371 of users to its WSGI container, or to a reverse-proxy server through which all
372 372 clients access the application.
373 373
374 374 When these authentication methods are enabled in Kallithea, it uses the
375 375 username that the container/proxy (Apache or Nginx, etc.) provides and doesn't
376 376 perform the authentication itself. The authorization, however, is still done by
377 377 Kallithea according to its settings.
378 378
379 379 When a user logs in for the first time using these authentication methods,
380 380 a matching user account is created in Kallithea with default permissions. An
381 381 administrator can then modify it using Kallithea's admin interface.
382 382
383 383 It's also possible for an administrator to create accounts and configure their
384 384 permissions before the user logs in for the first time, using the :ref:`create-user` API.
385 385
386 386 Container-based authentication
387 387 ''''''''''''''''''''''''''''''
388 388
389 389 In a container-based authentication setup, Kallithea reads the user name from
390 390 the ``REMOTE_USER`` server variable provided by the WSGI container.
391 391
392 392 After setting up your container (see `Apache with mod_wsgi`_), you'll need
393 393 to configure it to require authentication on the location configured for
394 394 Kallithea.
395 395
396 396 Proxy pass-through authentication
397 397 '''''''''''''''''''''''''''''''''
398 398
399 399 In a proxy pass-through authentication setup, Kallithea reads the user name
400 400 from the ``X-Forwarded-User`` request header, which should be configured to be
401 401 sent by the reverse-proxy server.
402 402
403 403 After setting up your proxy solution (see `Apache virtual host reverse proxy example`_,
404 404 `Apache as subdirectory`_ or `Nginx virtual host example`_), you'll need to
405 405 configure the authentication and add the username in a request header named
406 406 ``X-Forwarded-User``.
407 407
408 408 For example, the following config section for Apache sets a subdirectory in a
409 409 reverse-proxy setup with basic auth:
410 410
411 411 .. code-block:: apache
412 412
413 413 <Location /someprefix>
414 414 ProxyPass http://127.0.0.1:5000/someprefix
415 415 ProxyPassReverse http://127.0.0.1:5000/someprefix
416 416 SetEnvIf X-Url-Scheme https HTTPS=1
417 417
418 418 AuthType Basic
419 419 AuthName "Kallithea authentication"
420 420 AuthUserFile /srv/kallithea/.htpasswd
421 421 Require valid-user
422 422
423 423 RequestHeader unset X-Forwarded-User
424 424
425 425 RewriteEngine On
426 426 RewriteCond %{LA-U:REMOTE_USER} (.+)
427 427 RewriteRule .* - [E=RU:%1]
428 428 RequestHeader set X-Forwarded-User %{RU}e
429 429 </Location>
430 430
431 431 .. note::
432 432 If you enable proxy pass-through authentication, make sure your server is
433 433 only accessible through the proxy. Otherwise, any client would be able to
434 434 forge the authentication header and could effectively become authenticated
435 435 using any account of their liking.
436 436
437 437
438 438 Integration with issue trackers
439 439 -------------------------------
440 440
441 441 Kallithea provides a simple integration with issue trackers. It's possible
442 442 to define a regular expression that will match an issue ID in commit messages,
443 443 and have that replaced with a URL to the issue. To enable this simply
444 444 uncomment the following variables in the ini file::
445 445
446 446 issue_pat = (?:^#|\s#)(\w+)
447 447 issue_server_link = https://issues.example.com/{repo}/issue/{id}
448 448 issue_prefix = #
449 449
450 450 ``issue_pat`` is the regular expression describing which strings in
451 451 commit messages will be treated as issue references. A match group in
452 452 parentheses should be used to specify the actual issue id.
453 453
454 454 The default expression matches issues in the format ``#<number>``, e.g., ``#300``.
455 455
456 456 Matched issue references are replaced with the link specified in
457 457 ``issue_server_link``. ``{id}`` is replaced with the issue ID, and
458 458 ``{repo}`` with the repository name. Since the # is stripped away,
459 459 ``issue_prefix`` is prepended to the link text. ``issue_prefix`` doesn't
460 460 necessarily need to be ``#``: if you set issue prefix to ``ISSUE-`` this will
461 461 generate a URL in the format:
462 462
463 463 .. code-block:: html
464 464
465 465 <a href="https://issues.example.com/example_repo/issue/300">ISSUE-300</a>
466 466
467 467 If needed, more than one pattern can be specified by appending a unique suffix to
468 468 the variables. For example::
469 469
470 470 issue_pat_wiki = (?:wiki-)(.+)
471 471 issue_server_link_wiki = https://wiki.example.com/{id}
472 472 issue_prefix_wiki = WIKI-
473 473
474 474 With these settings, wiki pages can be referenced as wiki-some-id, and every
475 475 such reference will be transformed into:
476 476
477 477 .. code-block:: html
478 478
479 479 <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
480 480
481 481
482 482 Hook management
483 483 ---------------
484 484
485 485 Hooks can be managed in similar way to that used in ``.hgrc`` files.
486 486 To manage hooks, choose *Admin > Settings > Hooks*.
487 487
488 488 The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
489 489
490 490 To add another custom hook simply fill in the first textbox with
491 491 ``<name>.<hook_type>`` and the second with the hook path. Example hooks
492 492 can be found in ``kallithea.lib.hooks``.
493 493
494 494
495 495 Changing default encoding
496 496 -------------------------
497 497
498 498 By default, Kallithea uses UTF-8 encoding.
499 499 This is configurable as ``default_encoding`` in the .ini file.
500 500 This affects many parts in Kallithea including user names, filenames, and
501 501 encoding of commit messages. In addition Kallithea can detect if the ``chardet``
502 502 library is installed. If ``chardet`` is detected Kallithea will fallback to it
503 503 when there are encode/decode errors.
504 504
505 505
506 506 Celery configuration
507 507 --------------------
508 508
509 509 Kallithea can use the distributed task queue system Celery_ to run tasks like
510 510 cloning repositories or sending emails.
511 511
512 512 Kallithea will in most setups work perfectly fine out of the box (without
513 513 Celery), executing all tasks in the web server process. Some tasks can however
514 514 take some time to run and it can be better to run such tasks asynchronously in
515 515 a separate process so the web server can focus on serving web requests.
516 516
517 517 For installation and configuration of Celery, see the `Celery documentation`_.
518 518 Note that Celery requires a message broker service like RabbitMQ_ (recommended)
519 519 or Redis_.
520 520
521 521 The use of Celery is configured in the Kallithea ini configuration file.
522 522 To enable it, simply set::
523 523
524 524 use_celery = true
525 525
526 526 and add or change the ``celery.*`` and ``broker.*`` configuration variables.
527 527
528 528 Remember that the ini files use the format with '.' and not with '_' like
529 529 Celery. So for example setting `BROKER_HOST` in Celery means setting
530 530 `broker.host` in the configuration file.
531 531
532 532 To start the Celery process, run::
533 533
534 534 paster celeryd <configfile.ini>
535 535
536 536 .. note::
537 537 Make sure you run this command from the same virtualenv, and with the same
538 538 user that Kallithea runs.
539 539
540 540
541 541 HTTPS support
542 542 -------------
543 543
544 544 Kallithea will by default generate URLs based on the WSGI environment.
545 545
546 546 Alternatively, you can use some special configuration settings to control
547 547 directly which scheme/protocol Kallithea will use when generating URLs:
548 548
549 549 - With ``https_fixup = true``, the scheme will be taken from the
550 550 ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
551 551 (default ``http``).
552 552 - With ``force_https = true`` the default will be ``https``.
553 553 - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
554 554
555 555
556 556 Nginx virtual host example
557 557 --------------------------
558 558
559 559 Sample config for Nginx using proxy:
560 560
561 561 .. code-block:: nginx
562 562
563 563 upstream kallithea {
564 564 server 127.0.0.1:5000;
565 565 # add more instances for load balancing
566 566 #server 127.0.0.1:5001;
567 567 #server 127.0.0.1:5002;
568 568 }
569 569
570 570 ## gist alias
571 571 server {
572 572 listen 443;
573 573 server_name gist.example.com;
574 574 access_log /var/log/nginx/gist.access.log;
575 575 error_log /var/log/nginx/gist.error.log;
576 576
577 577 ssl on;
578 578 ssl_certificate gist.your.kallithea.server.crt;
579 579 ssl_certificate_key gist.your.kallithea.server.key;
580 580
581 581 ssl_session_timeout 5m;
582 582
583 583 ssl_protocols SSLv3 TLSv1;
584 584 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
585 585 ssl_prefer_server_ciphers on;
586 586
587 587 rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
588 588 rewrite (.*) https://kallithea.example.com/_admin/gists;
589 589 }
590 590
591 591 server {
592 592 listen 443;
593 593 server_name kallithea.example.com
594 594 access_log /var/log/nginx/kallithea.access.log;
595 595 error_log /var/log/nginx/kallithea.error.log;
596 596
597 597 ssl on;
598 598 ssl_certificate your.kallithea.server.crt;
599 599 ssl_certificate_key your.kallithea.server.key;
600 600
601 601 ssl_session_timeout 5m;
602 602
603 603 ssl_protocols SSLv3 TLSv1;
604 604 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
605 605 ssl_prefer_server_ciphers on;
606 606
607 607 ## uncomment root directive if you want to serve static files by nginx
608 608 ## requires static_files = false in .ini file
609 609 #root /path/to/installation/kallithea/public;
610 610 include /etc/nginx/proxy.conf;
611 611 location / {
612 612 try_files $uri @kallithea;
613 613 }
614 614
615 615 location @kallithea {
616 616 proxy_pass http://127.0.0.1:5000;
617 617 }
618 618
619 619 }
620 620
621 621 Here's the proxy.conf. It's tuned so it will not timeout on long
622 622 pushes or large pushes::
623 623
624 624 proxy_redirect off;
625 625 proxy_set_header Host $host;
626 626 ## needed for container auth
627 627 #proxy_set_header REMOTE_USER $remote_user;
628 628 #proxy_set_header X-Forwarded-User $remote_user;
629 629 proxy_set_header X-Url-Scheme $scheme;
630 630 proxy_set_header X-Host $http_host;
631 631 proxy_set_header X-Real-IP $remote_addr;
632 632 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
633 633 proxy_set_header Proxy-host $proxy_host;
634 634 proxy_buffering off;
635 635 proxy_connect_timeout 7200;
636 636 proxy_send_timeout 7200;
637 637 proxy_read_timeout 7200;
638 638 proxy_buffers 8 32k;
639 639 client_max_body_size 1024m;
640 640 client_body_buffer_size 128k;
641 641 large_client_header_buffers 8 64k;
642 642
643 643
644 644 Apache virtual host reverse proxy example
645 645 -----------------------------------------
646 646
647 647 Here is a sample configuration file for Apache using proxy:
648 648
649 649 .. code-block:: apache
650 650
651 651 <VirtualHost *:80>
652 652 ServerName kallithea.example.com
653 653
654 654 <Proxy *>
655 655 # For Apache 2.4 and later:
656 656 Require all granted
657 657
658 658 # For Apache 2.2 and earlier, instead use:
659 659 # Order allow,deny
660 660 # Allow from all
661 661 </Proxy>
662 662
663 663 #important !
664 664 #Directive to properly generate url (clone url) for pylons
665 665 ProxyPreserveHost On
666 666
667 667 #kallithea instance
668 668 ProxyPass / http://127.0.0.1:5000/
669 669 ProxyPassReverse / http://127.0.0.1:5000/
670 670
671 671 #to enable https use line below
672 672 #SetEnvIf X-Url-Scheme https HTTPS=1
673 673 </VirtualHost>
674 674
675 675 Additional tutorial
676 676 http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
677 677
678 678
679 679 Apache as subdirectory
680 680 ----------------------
681 681
682 682 Apache subdirectory part:
683 683
684 684 .. code-block:: apache
685 685
686 686 <Location /<someprefix> >
687 687 ProxyPass http://127.0.0.1:5000/<someprefix>
688 688 ProxyPassReverse http://127.0.0.1:5000/<someprefix>
689 689 SetEnvIf X-Url-Scheme https HTTPS=1
690 690 </Location>
691 691
692 692 Besides the regular apache setup you will need to add the following line
693 693 into ``[app:main]`` section of your .ini file::
694 694
695 695 filter-with = proxy-prefix
696 696
697 697 Add the following at the end of the .ini file::
698 698
699 699 [filter:proxy-prefix]
700 700 use = egg:PasteDeploy#prefix
701 701 prefix = /<someprefix>
702 702
703 703 then change ``<someprefix>`` into your chosen prefix
704 704
705 705
706 706 Apache with mod_wsgi
707 707 --------------------
708 708
709 709 Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
710 710 that, you'll need to:
711 711
712 712 - Install mod_wsgi. If using a Debian-based distro, you can install
713 713 the package libapache2-mod-wsgi::
714 714
715 715 aptitude install libapache2-mod-wsgi
716 716
717 717 - Enable mod_wsgi::
718 718
719 719 a2enmod wsgi
720 720
721 721 - Add global Apache configuration to tell mod_wsgi that Python only will be
722 722 used in the WSGI processes and shouldn't be initialized in the Apache
723 723 processes::
724 724
725 725 WSGIRestrictEmbedded On
726 726
727 727 - Create a wsgi dispatch script, like the one below. Make sure you
728 728 check that the paths correctly point to where you installed Kallithea
729 729 and its Python Virtual Environment.
730 730 - Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script,
731 731 as in the following example. Once again, check the paths are
732 732 correctly specified.
733 733
734 734 Here is a sample excerpt from an Apache Virtual Host configuration file:
735 735
736 736 .. code-block:: apache
737 737
738 WSGIDaemonProcess kallithea \
739 threads=4 \
738 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
740 739 python-home=/srv/kallithea/venv
741 740 WSGIProcessGroup kallithea
742 741 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
743 742 WSGIPassAuthorization On
744 743
745 744 Or if using a dispatcher WSGI script with proper virtualenv activation:
746 745
747 746 .. code-block:: apache
748 747
749 WSGIDaemonProcess kallithea threads=4
748 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100
750 749 WSGIProcessGroup kallithea
751 750 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
752 751 WSGIPassAuthorization On
753 752
754 753 Apache will by default run as a special Apache user, on Linux systems
755 754 usually ``www-data`` or ``apache``. If you need to have the repositories
756 755 directory owned by a different user, use the user and group options to
757 756 WSGIDaemonProcess to set the name of the user and group.
758 757
759 758 .. note::
760 759 If running Kallithea in multiprocess mode,
761 760 make sure you set ``instance_id = *`` in the configuration so each process
762 761 gets it's own cache invalidation key.
763 762
764 763 Example WSGI dispatch script:
765 764
766 765 .. code-block:: python
767 766
768 767 import os
769 768 os.environ["HGENCODING"] = "UTF-8"
770 769 os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
771 770
772 771 # sometimes it's needed to set the curent dir
773 772 os.chdir('/srv/kallithea/')
774 773
775 774 import site
776 775 site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages")
777 776
778 777 ini = '/srv/kallithea/my.ini'
779 778 from paste.script.util.logging_config import fileConfig
780 779 fileConfig(ini)
781 780 from paste.deploy import loadapp
782 781 application = loadapp('config:' + ini)
783 782
784 783 Or using proper virtualenv activation:
785 784
786 785 .. code-block:: python
787 786
788 787 activate_this = '/srv/kallithea/venv/bin/activate_this.py'
789 788 execfile(activate_this, dict(__file__=activate_this))
790 789
791 790 import os
792 791 os.environ['HOME'] = '/srv/kallithea'
793 792
794 793 ini = '/srv/kallithea/kallithea.ini'
795 794 from paste.script.util.logging_config import fileConfig
796 795 fileConfig(ini)
797 796 from paste.deploy import loadapp
798 797 application = loadapp('config:' + ini)
799 798
800 799
801 800 Other configuration files
802 801 -------------------------
803 802
804 803 A number of `example init.d scripts`__ can be found in
805 804 the ``init.d`` directory of the Kallithea source.
806 805
807 806 .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
808 807
809 808
810 809 .. _virtualenv: http://pypi.python.org/pypi/virtualenv
811 810 .. _python: http://www.python.org/
812 811 .. _Mercurial: https://www.mercurial-scm.org/
813 812 .. _Celery: http://celeryproject.org/
814 813 .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
815 814 .. _RabbitMQ: http://www.rabbitmq.com/
816 815 .. _Redis: http://redis.io/
817 816 .. _python-ldap: http://www.python-ldap.org/
818 817 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
819 818 .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories
Show file before | Show file after | Hide comments
@@ -1,56 +1,74 b''
1 1 .. _performance:
2 2
3 3 ================================
4 4 Optimizing Kallithea performance
5 5 ================================
6 6
7 7 When serving a large amount of big repositories, Kallithea can start
8 8 performing slower than expected. Because of the demanding nature of handling large
9 9 amounts of data from version control systems, here are some tips on how to get
10 10 the best performance.
11 11
12 12 * Kallithea is often I/O bound, and hence a fast disk (SSD/SAN) is
13 13 usually more important than a fast CPU.
14 14
15 15 * Sluggish loading of the front page can easily be fixed by grouping repositories or by
16 16 increasing cache size (see below). This includes using the lightweight dashboard
17 17 option and ``vcs_full_cache`` setting in .ini file.
18 18
19 19 Follow these few steps to improve performance of Kallithea system.
20 20
21 21 1. Increase cache
22 22
23 23 Tweak beaker cache settings in the ini file. The actual effect of that
24 24 is questionable.
25 25
26 26 2. Switch from SQLite to PostgreSQL or MySQL
27 27
28 28 SQLite is a good option when having a small load on the system. But due to
29 29 locking issues with SQLite, it is not recommended to use it for larger
30 30 deployments. Switching to MySQL or PostgreSQL will result in an immediate
31 31 performance increase. A tool like SQLAlchemyGrate_ can be used for
32 32 migrating to another database platform.
33 33
34 34 3. Scale Kallithea horizontally
35 35
36 36 Scaling horizontally can give huge performance benefits when dealing with
37 37 large amounts of traffic (many users, CI servers, etc.). Kallithea can be
38 scaled horizontally on one (recommended) or multiple machines. In order
39 to scale horizontally you need to do the following:
38 scaled horizontally on one (recommended) or multiple machines.
39
40 It is generally possible to run WSGI applications multithreaded, so that
41 several HTTP requests are served from the same Python process at once. That
42 can in principle give better utilization of internal caches and less
43 process overhead.
44
45 One danger of running multithreaded is that program execution becomes much
46 more complex; programs must be written to consider all combinations of
47 events and problems might depend on timing and be impossible to reproduce.
48
49 Kallithea can't promise to be thread-safe, just like the embedded Mercurial
50 backend doesn't make any strong promises when used as Kallithea uses it.
51 Instead, we recommend scaling by using multiple server processes.
52
53 Web servers with multiple worker processes (such as ``mod_wsgi`` with the
54 ``WSGIDaemonProcess`` ``processes`` parameter) will work out of the box.
55
56 In order to scale horizontally on multiple machines, you need to do the
57 following:
40 58
41 59 - Each instance needs its own .ini file and unique ``instance_id`` set.
42 60 - Each instance's ``data`` storage needs to be configured to be stored on a
43 61 shared disk storage, preferably together with repositories. This ``data``
44 62 dir contains template caches, sessions, whoosh index and is used for
45 63 task locking (so it is safe across multiple instances). Set the
46 64 ``cache_dir``, ``index_dir``, ``beaker.cache.data_dir``, ``beaker.cache.lock_dir``
47 65 variables in each .ini file to a shared location across Kallithea instances
48 - If celery is used each instance should run a separate Celery instance, but
66 - If using several Celery instances,
49 67 the message broker should be common to all of them (e.g., one
50 68 shared RabbitMQ server)
51 69 - Load balance using round robin or IP hash, recommended is writing LB rules
52 70 that will separate regular user traffic from automated processes like CI
53 71 servers or build bots.
54 72
55 73
56 74 .. _SQLAlchemyGrate: https://github.com/shazow/sqlalchemygrate
Show file before | Show file after | Hide comments
@@ -1,591 +1,591 b''
1 1 ## -*- coding: utf-8 -*-
2 2 <%text>################################################################################</%text>
3 3 <%text>################################################################################</%text>
4 4 # Kallithea - config file generated with kallithea-config #
5 5 <%text>################################################################################</%text>
6 6 <%text>################################################################################</%text>
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10 pdebug = false
11 11
12 12 <%text>################################################################################</%text>
13 13 <%text>## Email settings ##</%text>
14 14 <%text>## ##</%text>
15 15 <%text>## Refer to the documentation ("Email settings") for more details. ##</%text>
16 16 <%text>## ##</%text>
17 17 <%text>## It is recommended to use a valid sender address that passes access ##</%text>
18 18 <%text>## validation and spam filtering in mail servers. ##</%text>
19 19 <%text>################################################################################</%text>
20 20
21 21 <%text>## 'From' header for application emails. You can optionally add a name.</%text>
22 22 <%text>## Default:</%text>
23 23 #app_email_from = Kallithea
24 24 <%text>## Examples:</%text>
25 25 #app_email_from = Kallithea <kallithea-noreply@example.com>
26 26 #app_email_from = kallithea-noreply@example.com
27 27
28 28 <%text>## Subject prefix for application emails.</%text>
29 29 <%text>## A space between this prefix and the real subject is automatically added.</%text>
30 30 <%text>## Default:</%text>
31 31 #email_prefix =
32 32 <%text>## Example:</%text>
33 33 #email_prefix = [Kallithea]
34 34
35 35 <%text>## Recipients for error emails and fallback recipients of application mails.</%text>
36 36 <%text>## Multiple addresses can be specified, space-separated.</%text>
37 37 <%text>## Only addresses are allowed, do not add any name part.</%text>
38 38 <%text>## Default:</%text>
39 39 #email_to =
40 40 <%text>## Examples:</%text>
41 41 #email_to = admin@example.com
42 42 #email_to = admin@example.com another_admin@example.com
43 43
44 44 <%text>## 'From' header for error emails. You can optionally add a name.</%text>
45 45 <%text>## Default:</%text>
46 46 #error_email_from = pylons@yourapp.com
47 47 <%text>## Examples:</%text>
48 48 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
49 49 #error_email_from = paste_error@example.com
50 50
51 51 <%text>## SMTP server settings</%text>
52 52 <%text>## Only smtp_server is mandatory. All other settings take the specified default</%text>
53 53 <%text>## values.</%text>
54 54 #smtp_server = smtp.example.com
55 55 #smtp_username =
56 56 #smtp_password =
57 57 #smtp_port = 25
58 58 #smtp_use_tls = false
59 59 #smtp_use_ssl = false
60 60 <%text>## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).</%text>
61 61 <%text>## If empty, use any of the authentication parameters supported by the server.</%text>
62 62 #smtp_auth =
63 63
64 64 [server:main]
65 65 %if http_server == 'paste':
66 66 <%text>## PASTE ##</%text>
67 67 use = egg:Paste#http
68 68 <%text>## nr of worker threads to spawn</%text>
69 threadpool_workers = 5
69 threadpool_workers = 1
70 70 <%text>## max request before thread respawn</%text>
71 threadpool_max_requests = 10
71 threadpool_max_requests = 100
72 72 <%text>## option to use threads of process</%text>
73 73 use_threadpool = true
74 74
75 75 %elif http_server == 'waitress':
76 76 <%text>## WAITRESS ##</%text>
77 77 use = egg:waitress#main
78 78 <%text>## number of worker threads</%text>
79 threads = 5
79 threads = 1
80 80 <%text>## MAX BODY SIZE 100GB</%text>
81 81 max_request_body_size = 107374182400
82 82 <%text>## use poll instead of select, fixes fd limits, may not work on old</%text>
83 83 <%text>## windows systems.</%text>
84 84 #asyncore_use_poll = True
85 85
86 86 %elif http_server == 'gunicorn':
87 87 <%text>## GUNICORN ##</%text>
88 88 use = egg:gunicorn#main
89 89 <%text>## number of process workers. You must set `instance_id = *` when this option</%text>
90 90 <%text>## is set to more than one worker</%text>
91 91 workers = 1
92 92 <%text>## process name</%text>
93 93 proc_name = kallithea
94 94 <%text>## type of worker class, one of sync, eventlet, gevent, tornado</%text>
95 95 <%text>## recommended for bigger setup is using of of other than sync one</%text>
96 96 worker_class = sync
97 97 max_requests = 1000
98 98 <%text>## ammount of time a worker can handle request before it gets killed and</%text>
99 99 <%text>## restarted</%text>
100 100 timeout = 3600
101 101
102 102 %elif http_server == 'uwsgi':
103 103 <%text>## UWSGI ##</%text>
104 104 <%text>## run with uwsgi --ini-paste-logged <inifile.ini></%text>
105 105 [uwsgi]
106 106 socket = /tmp/uwsgi.sock
107 107 master = true
108 108 http = 127.0.0.1:5000
109 109
110 110 <%text>## set as deamon and redirect all output to file</%text>
111 111 #daemonize = ./uwsgi_kallithea.log
112 112
113 113 <%text>## master process PID</%text>
114 114 pidfile = ./uwsgi_kallithea.pid
115 115
116 116 <%text>## stats server with workers statistics, use uwsgitop</%text>
117 117 <%text>## for monitoring, `uwsgitop 127.0.0.1:1717`</%text>
118 118 stats = 127.0.0.1:1717
119 119 memory-report = true
120 120
121 121 <%text>## log 5XX errors</%text>
122 122 log-5xx = true
123 123
124 124 <%text>## Set the socket listen queue size.</%text>
125 125 listen = 256
126 126
127 127 <%text>## Gracefully Reload workers after the specified amount of managed requests</%text>
128 128 <%text>## (avoid memory leaks).</%text>
129 129 max-requests = 1000
130 130
131 131 <%text>## enable large buffers</%text>
132 132 buffer-size = 65535
133 133
134 134 <%text>## socket and http timeouts ##</%text>
135 135 http-timeout = 3600
136 136 socket-timeout = 3600
137 137
138 138 <%text>## Log requests slower than the specified number of milliseconds.</%text>
139 139 log-slow = 10
140 140
141 141 <%text>## Exit if no app can be loaded.</%text>
142 142 need-app = true
143 143
144 144 <%text>## Set lazy mode (load apps in workers instead of master).</%text>
145 145 lazy = true
146 146
147 147 <%text>## scaling ##</%text>
148 148 <%text>## set cheaper algorithm to use, if not set default will be used</%text>
149 149 cheaper-algo = spare
150 150
151 151 <%text>## minimum number of workers to keep at all times</%text>
152 152 cheaper = 1
153 153
154 154 <%text>## number of workers to spawn at startup</%text>
155 155 cheaper-initial = 1
156 156
157 157 <%text>## maximum number of workers that can be spawned</%text>
158 158 workers = 4
159 159
160 160 <%text>## how many workers should be spawned at a time</%text>
161 161 cheaper-step = 1
162 162
163 163 %endif
164 164 <%text>## COMMON ##</%text>
165 165 host = ${host}
166 166 port = ${port}
167 167
168 168 <%text>## middleware for hosting the WSGI application under a URL prefix</%text>
169 169 #[filter:proxy-prefix]
170 170 #use = egg:PasteDeploy#prefix
171 171 #prefix = /<your-prefix>
172 172
173 173 [app:main]
174 174 use = egg:kallithea
175 175 <%text>## enable proxy prefix middleware</%text>
176 176 #filter-with = proxy-prefix
177 177
178 178 full_stack = true
179 179 static_files = true
180 180 <%text>## Available Languages:</%text>
181 181 <%text>## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW</%text>
182 182 lang =
183 183 cache_dir = ${here}/data
184 184 index_dir = ${here}/data/index
185 185
186 186 <%text>## perform a full repository scan on each server start, this should be</%text>
187 187 <%text>## set to false after first startup, to allow faster server restarts.</%text>
188 188 initial_repo_scan = false
189 189
190 190 <%text>## uncomment and set this path to use archive download cache</%text>
191 191 archive_cache_dir = ${here}/tarballcache
192 192
193 193 <%text>## change this to unique ID for security</%text>
194 194 app_instance_uuid = ${uuid()}
195 195
196 196 <%text>## cut off limit for large diffs (size in bytes)</%text>
197 197 cut_off_limit = 256000
198 198
199 199 <%text>## use cache version of scm repo everywhere</%text>
200 200 vcs_full_cache = true
201 201
202 202 <%text>## force https in Kallithea, fixes https redirects, assumes it's always https</%text>
203 203 force_https = false
204 204
205 205 <%text>## use Strict-Transport-Security headers</%text>
206 206 use_htsts = false
207 207
208 208 <%text>## number of commits stats will parse on each iteration</%text>
209 209 commit_parse_limit = 25
210 210
211 211 <%text>## path to git executable</%text>
212 212 git_path = git
213 213
214 214 <%text>## git rev filter option, --all is the default filter, if you need to</%text>
215 215 <%text>## hide all refs in changelog switch this to --branches --tags</%text>
216 216 #git_rev_filter = --branches --tags
217 217
218 218 <%text>## RSS feed options</%text>
219 219 rss_cut_off_limit = 256000
220 220 rss_items_per_page = 10
221 221 rss_include_diff = false
222 222
223 223 <%text>## options for showing and identifying changesets</%text>
224 224 show_sha_length = 12
225 225 show_revision_number = false
226 226
227 227 <%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text>
228 228 <%text>## url that does rewrites to _admin/gists/<gistid>.</%text>
229 229 <%text>## example: http://gist.example.com/{gistid}. Empty means use the internal</%text>
230 230 <%text>## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid></%text>
231 231 gist_alias_url =
232 232
233 233 <%text>## white list of API enabled controllers. This allows to add list of</%text>
234 234 <%text>## controllers to which access will be enabled by api_key. eg: to enable</%text>
235 235 <%text>## api access to raw_files put `FilesController:raw`, to enable access to patches</%text>
236 236 <%text>## add `ChangesetController:changeset_patch`. This list should be "," separated</%text>
237 237 <%text>## Syntax is <ControllerClass>:<function>. Check debug logs for generated names</%text>
238 238 <%text>## Recommended settings below are commented out:</%text>
239 239 api_access_controllers_whitelist =
240 240 # ChangesetController:changeset_patch,
241 241 # ChangesetController:changeset_raw,
242 242 # FilesController:raw,
243 243 # FilesController:archivefile
244 244
245 245 <%text>## default encoding used to convert from and to unicode</%text>
246 246 <%text>## can be also a comma seperated list of encoding in case of mixed encodings</%text>
247 247 default_encoding = utf8
248 248
249 249 <%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text>
250 250 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
251 251
252 252 <%text>## issue tracking mapping for commits messages</%text>
253 253 <%text>## comment out issue_pat, issue_server, issue_prefix to enable</%text>
254 254
255 255 <%text>## pattern to get the issues from commit messages</%text>
256 256 <%text>## default one used here is #<numbers> with a regex passive group for `#`</%text>
257 257 <%text>## {id} will be all groups matched from this pattern</%text>
258 258
259 259 issue_pat = (?:\s*#)(\d+)
260 260
261 261 <%text>## server url to the issue, each {id} will be replaced with match</%text>
262 262 <%text>## fetched from the regex and {repo} is replaced with full repository name</%text>
263 263 <%text>## including groups {repo_name} is replaced with just name of repo</%text>
264 264
265 265 issue_server_link = https://issues.example.com/{repo}/issue/{id}
266 266
267 267 <%text>## prefix to add to link to indicate it's an url</%text>
268 268 <%text>## #314 will be replaced by <issue_prefix><id></%text>
269 269
270 270 issue_prefix = #
271 271
272 272 <%text>## issue_pat, issue_server_link, issue_prefix can have suffixes to specify</%text>
273 273 <%text>## multiple patterns, to other issues server, wiki or others</%text>
274 274 <%text>## below an example how to create a wiki pattern</%text>
275 275 # wiki-some-id -> https://wiki.example.com/some-id
276 276
277 277 #issue_pat_wiki = (?:wiki-)(.+)
278 278 #issue_server_link_wiki = https://wiki.example.com/{id}
279 279 #issue_prefix_wiki = WIKI-
280 280
281 281 <%text>## instance-id prefix</%text>
282 282 <%text>## a prefix key for this instance used for cache invalidation when running</%text>
283 283 <%text>## multiple instances of kallithea, make sure it's globally unique for</%text>
284 284 <%text>## all running kallithea instances. Leave empty if you don't use it</%text>
285 285 instance_id =
286 286
287 287 <%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>
288 288 <%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>
289 289 <%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>
290 290 auth_ret_code =
291 291
292 292 <%text>## locking return code. When repository is locked return this HTTP code. 2XX</%text>
293 293 <%text>## codes don't break the transactions while 4XX codes do</%text>
294 294 lock_ret_code = 423
295 295
296 296 <%text>## allows to change the repository location in settings page</%text>
297 297 allow_repo_location_change = True
298 298
299 299 <%text>## allows to setup custom hooks in settings page</%text>
300 300 allow_custom_hooks_settings = True
301 301
302 302 <%text>####################################</%text>
303 303 <%text>### CELERY CONFIG ####</%text>
304 304 <%text>####################################</%text>
305 305
306 306 use_celery = false
307 307 broker.host = localhost
308 308 broker.vhost = rabbitmqhost
309 309 broker.port = 5672
310 310 broker.user = rabbitmq
311 311 broker.password = qweqwe
312 312
313 313 celery.imports = kallithea.lib.celerylib.tasks
314 314
315 315 celery.result.backend = amqp
316 316 celery.result.dburi = amqp://
317 317 celery.result.serialier = json
318 318
319 319 #celery.send.task.error.emails = true
320 320 #celery.amqp.task.result.expires = 18000
321 321
322 322 celeryd.concurrency = 2
323 323 #celeryd.log.file = celeryd.log
324 324 celeryd.log.level = DEBUG
325 325 celeryd.max.tasks.per.child = 1
326 326
327 327 <%text>## tasks will never be sent to the queue, but executed locally instead.</%text>
328 328 celery.always.eager = false
329 329
330 330 <%text>####################################</%text>
331 331 <%text>### BEAKER CACHE ####</%text>
332 332 <%text>####################################</%text>
333 333
334 334 beaker.cache.data_dir = ${here}/data/cache/data
335 335 beaker.cache.lock_dir = ${here}/data/cache/lock
336 336
337 337 beaker.cache.regions = short_term,long_term,sql_cache_short
338 338
339 339 beaker.cache.short_term.type = memory
340 340 beaker.cache.short_term.expire = 60
341 341 beaker.cache.short_term.key_length = 256
342 342
343 343 beaker.cache.long_term.type = memory
344 344 beaker.cache.long_term.expire = 36000
345 345 beaker.cache.long_term.key_length = 256
346 346
347 347 beaker.cache.sql_cache_short.type = memory
348 348 beaker.cache.sql_cache_short.expire = 10
349 349 beaker.cache.sql_cache_short.key_length = 256
350 350
351 351 <%text>####################################</%text>
352 352 <%text>### BEAKER SESSION ####</%text>
353 353 <%text>####################################</%text>
354 354
355 355 <%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>
356 356 <%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>
357 357 beaker.session.key = kallithea
358 358 <%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>
359 359 beaker.session.httponly = true
360 360 <%text>## Session lifetime. 2592000 seconds is 30 days.</%text>
361 361 beaker.session.timeout = 2592000
362 362
363 363 <%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>
364 364 beaker.session.secret = ${uuid()}
365 365 <%text>## Further, encrypt the data with AES.</%text>
366 366 #beaker.session.encrypt_key = <key_for_encryption>
367 367 #beaker.session.validate_key = <validation_key>
368 368
369 369 <%text>## Type of storage used for the session, current types are</%text>
370 370 <%text>## dbm, file, memcached, database, and memory.</%text>
371 371
372 372 <%text>## File system storage of session data. (default)</%text>
373 373 #beaker.session.type = file
374 374
375 375 <%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>
376 376 #beaker.session.type = cookie
377 377
378 378 <%text>## Database storage of session data.</%text>
379 379 #beaker.session.type = ext:database
380 380 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
381 381 #beaker.session.table_name = db_session
382 382
383 383 %if error_aggregation_service == 'appenlight':
384 384 <%text>############################</%text>
385 385 <%text>## ERROR HANDLING SYSTEMS ##</%text>
386 386 <%text>############################</%text>
387 387
388 388 <%text>####################</%text>
389 389 <%text>### [appenlight] ###</%text>
390 390 <%text>####################</%text>
391 391
392 392 <%text>## AppEnlight is tailored to work with Kallithea, see</%text>
393 393 <%text>## http://appenlight.com for details how to obtain an account</%text>
394 394 <%text>## you must install python package `appenlight_client` to make it work</%text>
395 395
396 396 <%text>## appenlight enabled</%text>
397 397 appenlight = false
398 398
399 399 appenlight.server_url = https://api.appenlight.com
400 400 appenlight.api_key = YOUR_API_KEY
401 401
402 402 <%text>## TWEAK AMOUNT OF INFO SENT HERE</%text>
403 403
404 404 <%text>## enables 404 error logging (default False)</%text>
405 405 appenlight.report_404 = false
406 406
407 407 <%text>## time in seconds after request is considered being slow (default 1)</%text>
408 408 appenlight.slow_request_time = 1
409 409
410 410 <%text>## record slow requests in application</%text>
411 411 <%text>## (needs to be enabled for slow datastore recording and time tracking)</%text>
412 412 appenlight.slow_requests = true
413 413
414 414 <%text>## enable hooking to application loggers</%text>
415 415 #appenlight.logging = true
416 416
417 417 <%text>## minimum log level for log capture</%text>
418 418 #appenlight.logging.level = WARNING
419 419
420 420 <%text>## send logs only from erroneous/slow requests</%text>
421 421 <%text>## (saves API quota for intensive logging)</%text>
422 422 appenlight.logging_on_error = false
423 423
424 424 <%text>## list of additonal keywords that should be grabbed from environ object</%text>
425 425 <%text>## can be string with comma separated list of words in lowercase</%text>
426 426 <%text>## (by default client will always send following info:</%text>
427 427 <%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text>
428 428 <%text>## start with HTTP* this list be extended with additional keywords here</%text>
429 429 appenlight.environ_keys_whitelist =
430 430
431 431 <%text>## list of keywords that should be blanked from request object</%text>
432 432 <%text>## can be string with comma separated list of words in lowercase</%text>
433 433 <%text>## (by default client will always blank keys that contain following words</%text>
434 434 <%text>## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'</%text>
435 435 <%text>## this list be extended with additional keywords set here</%text>
436 436 appenlight.request_keys_blacklist =
437 437
438 438 <%text>## list of namespaces that should be ignores when gathering log entries</%text>
439 439 <%text>## can be string with comma separated list of namespaces</%text>
440 440 <%text>## (by default the client ignores own entries: appenlight_client.client)</%text>
441 441 appenlight.log_namespace_blacklist =
442 442
443 443 %elif error_aggregation_service == 'sentry':
444 444 <%text>################</%text>
445 445 <%text>### [sentry] ###</%text>
446 446 <%text>################</%text>
447 447
448 448 <%text>## sentry is a alternative open source error aggregator</%text>
449 449 <%text>## you must install python packages `sentry` and `raven` to enable</%text>
450 450
451 451 sentry.dsn = YOUR_DNS
452 452 sentry.servers =
453 453 sentry.name =
454 454 sentry.key =
455 455 sentry.public_key =
456 456 sentry.secret_key =
457 457 sentry.project =
458 458 sentry.site =
459 459 sentry.include_paths =
460 460 sentry.exclude_paths =
461 461
462 462 %endif
463 463 <%text>################################################################################</%text>
464 464 <%text>## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##</%text>
465 465 <%text>## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##</%text>
466 466 <%text>## execute malicious code after an exception is raised. ##</%text>
467 467 <%text>################################################################################</%text>
468 468 set debug = false
469 469
470 470 <%text>##################################</%text>
471 471 <%text>### LOGVIEW CONFIG ###</%text>
472 472 <%text>##################################</%text>
473 473
474 474 logview.sqlalchemy = #faa
475 475 logview.pylons.templating = #bfb
476 476 logview.pylons.util = #eee
477 477
478 478 <%text>#########################################################</%text>
479 479 <%text>### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###</%text>
480 480 <%text>#########################################################</%text>
481 481
482 482 %if database_engine == 'sqlite':
483 483 # SQLITE [default]
484 484 sqlalchemy.db1.url = sqlite:///${here}/kallithea.db?timeout=60
485 485
486 486 %elif database_engine == 'postgres':
487 487 # POSTGRESQL
488 488 sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
489 489
490 490 %elif database_engine == 'mysql':
491 491 # MySQL
492 492 sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
493 493
494 494 %endif
495 495 # see sqlalchemy docs for others
496 496
497 497 sqlalchemy.db1.echo = false
498 498 sqlalchemy.db1.pool_recycle = 3600
499 499 sqlalchemy.db1.convert_unicode = true
500 500
501 501 <%text>################################</%text>
502 502 <%text>### LOGGING CONFIGURATION ####</%text>
503 503 <%text>################################</%text>
504 504
505 505 [loggers]
506 506 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
507 507
508 508 [handlers]
509 509 keys = console, console_sql
510 510
511 511 [formatters]
512 512 keys = generic, color_formatter, color_formatter_sql
513 513
514 514 <%text>#############</%text>
515 515 <%text>## LOGGERS ##</%text>
516 516 <%text>#############</%text>
517 517
518 518 [logger_root]
519 519 level = NOTSET
520 520 handlers = console
521 521
522 522 [logger_routes]
523 523 level = DEBUG
524 524 handlers =
525 525 qualname = routes.middleware
526 526 <%text>## "level = DEBUG" logs the route matched and routing variables.</%text>
527 527 propagate = 1
528 528
529 529 [logger_beaker]
530 530 level = DEBUG
531 531 handlers =
532 532 qualname = beaker.container
533 533 propagate = 1
534 534
535 535 [logger_templates]
536 536 level = INFO
537 537 handlers =
538 538 qualname = pylons.templating
539 539 propagate = 1
540 540
541 541 [logger_kallithea]
542 542 level = DEBUG
543 543 handlers =
544 544 qualname = kallithea
545 545 propagate = 1
546 546
547 547 [logger_sqlalchemy]
548 548 level = INFO
549 549 handlers = console_sql
550 550 qualname = sqlalchemy.engine
551 551 propagate = 0
552 552
553 553 [logger_whoosh_indexer]
554 554 level = DEBUG
555 555 handlers =
556 556 qualname = whoosh_indexer
557 557 propagate = 1
558 558
559 559 <%text>##############</%text>
560 560 <%text>## HANDLERS ##</%text>
561 561 <%text>##############</%text>
562 562
563 563 [handler_console]
564 564 class = StreamHandler
565 565 args = (sys.stderr,)
566 566 level = INFO
567 567 formatter = generic
568 568
569 569 [handler_console_sql]
570 570 class = StreamHandler
571 571 args = (sys.stderr,)
572 572 level = WARN
573 573 formatter = generic
574 574
575 575 <%text>################</%text>
576 576 <%text>## FORMATTERS ##</%text>
577 577 <%text>################</%text>
578 578
579 579 [formatter_generic]
580 580 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
581 581 datefmt = %Y-%m-%d %H:%M:%S
582 582
583 583 [formatter_color_formatter]
584 584 class = kallithea.lib.colored_formatter.ColorFormatter
585 585 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
586 586 datefmt = %Y-%m-%d %H:%M:%S
587 587
588 588 [formatter_color_formatter_sql]
589 589 class = kallithea.lib.colored_formatter.ColorFormatterSql
590 590 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
591 591 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,580 +1,580 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Example config #
4 4 # #
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7 ################################################################################
8 8
9 9 [DEFAULT]
10 10 debug = true
11 11 pdebug = false
12 12
13 13 ################################################################################
14 14 ## Email settings ##
15 15 ## ##
16 16 ## Refer to the documentation ("Email settings") for more details. ##
17 17 ## ##
18 18 ## It is recommended to use a valid sender address that passes access ##
19 19 ## validation and spam filtering in mail servers. ##
20 20 ################################################################################
21 21
22 22 ## 'From' header for application emails. You can optionally add a name.
23 23 ## Default:
24 24 #app_email_from = Kallithea
25 25 ## Examples:
26 26 #app_email_from = Kallithea <kallithea-noreply@example.com>
27 27 #app_email_from = kallithea-noreply@example.com
28 28
29 29 ## Subject prefix for application emails.
30 30 ## A space between this prefix and the real subject is automatically added.
31 31 ## Default:
32 32 #email_prefix =
33 33 ## Example:
34 34 #email_prefix = [Kallithea]
35 35
36 36 ## Recipients for error emails and fallback recipients of application mails.
37 37 ## Multiple addresses can be specified, space-separated.
38 38 ## Only addresses are allowed, do not add any name part.
39 39 ## Default:
40 40 #email_to =
41 41 ## Examples:
42 42 #email_to = admin@example.com
43 43 #email_to = admin@example.com another_admin@example.com
44 44
45 45 ## 'From' header for error emails. You can optionally add a name.
46 46 ## Default:
47 47 #error_email_from = pylons@yourapp.com
48 48 ## Examples:
49 49 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
50 50 #error_email_from = paste_error@example.com
51 51
52 52 ## SMTP server settings
53 53 ## Only smtp_server is mandatory. All other settings take the specified default
54 54 ## values.
55 55 #smtp_server = smtp.example.com
56 56 #smtp_username =
57 57 #smtp_password =
58 58 #smtp_port = 25
59 59 #smtp_use_tls = false
60 60 #smtp_use_ssl = false
61 61 ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).
62 62 ## If empty, use any of the authentication parameters supported by the server.
63 63 #smtp_auth =
64 64
65 65 [server:main]
66 66 ## PASTE ##
67 67 #use = egg:Paste#http
68 68 ## nr of worker threads to spawn
69 #threadpool_workers = 5
69 #threadpool_workers = 1
70 70 ## max request before thread respawn
71 #threadpool_max_requests = 10
71 #threadpool_max_requests = 100
72 72 ## option to use threads of process
73 73 #use_threadpool = true
74 74
75 75 ## WAITRESS ##
76 76 use = egg:waitress#main
77 77 ## number of worker threads
78 threads = 5
78 threads = 1
79 79 ## MAX BODY SIZE 100GB
80 80 max_request_body_size = 107374182400
81 81 ## use poll instead of select, fixes fd limits, may not work on old
82 82 ## windows systems.
83 83 #asyncore_use_poll = True
84 84
85 85 ## GUNICORN ##
86 86 #use = egg:gunicorn#main
87 87 ## number of process workers. You must set `instance_id = *` when this option
88 88 ## is set to more than one worker
89 89 #workers = 1
90 90 ## process name
91 91 #proc_name = kallithea
92 92 ## type of worker class, one of sync, eventlet, gevent, tornado
93 93 ## recommended for bigger setup is using of of other than sync one
94 94 #worker_class = sync
95 95 #max_requests = 1000
96 96 ## ammount of time a worker can handle request before it gets killed and
97 97 ## restarted
98 98 #timeout = 3600
99 99
100 100 ## UWSGI ##
101 101 ## run with uwsgi --ini-paste-logged <inifile.ini>
102 102 #[uwsgi]
103 103 #socket = /tmp/uwsgi.sock
104 104 #master = true
105 105 #http = 127.0.0.1:5000
106 106
107 107 ## set as deamon and redirect all output to file
108 108 #daemonize = ./uwsgi_kallithea.log
109 109
110 110 ## master process PID
111 111 #pidfile = ./uwsgi_kallithea.pid
112 112
113 113 ## stats server with workers statistics, use uwsgitop
114 114 ## for monitoring, `uwsgitop 127.0.0.1:1717`
115 115 #stats = 127.0.0.1:1717
116 116 #memory-report = true
117 117
118 118 ## log 5XX errors
119 119 #log-5xx = true
120 120
121 121 ## Set the socket listen queue size.
122 122 #listen = 256
123 123
124 124 ## Gracefully Reload workers after the specified amount of managed requests
125 125 ## (avoid memory leaks).
126 126 #max-requests = 1000
127 127
128 128 ## enable large buffers
129 129 #buffer-size = 65535
130 130
131 131 ## socket and http timeouts ##
132 132 #http-timeout = 3600
133 133 #socket-timeout = 3600
134 134
135 135 ## Log requests slower than the specified number of milliseconds.
136 136 #log-slow = 10
137 137
138 138 ## Exit if no app can be loaded.
139 139 #need-app = true
140 140
141 141 ## Set lazy mode (load apps in workers instead of master).
142 142 #lazy = true
143 143
144 144 ## scaling ##
145 145 ## set cheaper algorithm to use, if not set default will be used
146 146 #cheaper-algo = spare
147 147
148 148 ## minimum number of workers to keep at all times
149 149 #cheaper = 1
150 150
151 151 ## number of workers to spawn at startup
152 152 #cheaper-initial = 1
153 153
154 154 ## maximum number of workers that can be spawned
155 155 #workers = 4
156 156
157 157 ## how many workers should be spawned at a time
158 158 #cheaper-step = 1
159 159
160 160 ## COMMON ##
161 161 host = 127.0.0.1
162 162 port = 5000
163 163
164 164 ## middleware for hosting the WSGI application under a URL prefix
165 165 #[filter:proxy-prefix]
166 166 #use = egg:PasteDeploy#prefix
167 167 #prefix = /<your-prefix>
168 168
169 169 [app:main]
170 170 use = egg:kallithea
171 171 ## enable proxy prefix middleware
172 172 #filter-with = proxy-prefix
173 173
174 174 full_stack = true
175 175 static_files = true
176 176 ## Available Languages:
177 177 ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
178 178 lang =
179 179 cache_dir = %(here)s/data
180 180 index_dir = %(here)s/data/index
181 181
182 182 ## perform a full repository scan on each server start, this should be
183 183 ## set to false after first startup, to allow faster server restarts.
184 184 initial_repo_scan = false
185 185
186 186 ## uncomment and set this path to use archive download cache
187 187 archive_cache_dir = %(here)s/tarballcache
188 188
189 189 ## change this to unique ID for security
190 190 app_instance_uuid = ${app_instance_uuid}
191 191
192 192 ## cut off limit for large diffs (size in bytes)
193 193 cut_off_limit = 256000
194 194
195 195 ## use cache version of scm repo everywhere
196 196 vcs_full_cache = true
197 197
198 198 ## force https in Kallithea, fixes https redirects, assumes it's always https
199 199 force_https = false
200 200
201 201 ## use Strict-Transport-Security headers
202 202 use_htsts = false
203 203
204 204 ## number of commits stats will parse on each iteration
205 205 commit_parse_limit = 25
206 206
207 207 ## path to git executable
208 208 git_path = git
209 209
210 210 ## git rev filter option, --all is the default filter, if you need to
211 211 ## hide all refs in changelog switch this to --branches --tags
212 212 #git_rev_filter = --branches --tags
213 213
214 214 ## RSS feed options
215 215 rss_cut_off_limit = 256000
216 216 rss_items_per_page = 10
217 217 rss_include_diff = false
218 218
219 219 ## options for showing and identifying changesets
220 220 show_sha_length = 12
221 221 show_revision_number = false
222 222
223 223 ## gist URL alias, used to create nicer urls for gist. This should be an
224 224 ## url that does rewrites to _admin/gists/<gistid>.
225 225 ## example: http://gist.example.com/{gistid}. Empty means use the internal
226 226 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
227 227 gist_alias_url =
228 228
229 229 ## white list of API enabled controllers. This allows to add list of
230 230 ## controllers to which access will be enabled by api_key. eg: to enable
231 231 ## api access to raw_files put `FilesController:raw`, to enable access to patches
232 232 ## add `ChangesetController:changeset_patch`. This list should be "," separated
233 233 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
234 234 ## Recommended settings below are commented out:
235 235 api_access_controllers_whitelist =
236 236 # ChangesetController:changeset_patch,
237 237 # ChangesetController:changeset_raw,
238 238 # FilesController:raw,
239 239 # FilesController:archivefile
240 240
241 241 ## default encoding used to convert from and to unicode
242 242 ## can be also a comma seperated list of encoding in case of mixed encodings
243 243 default_encoding = utf8
244 244
245 245 ## issue tracker for Kallithea (leave blank to disable, absent for default)
246 246 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
247 247
248 248 ## issue tracking mapping for commits messages
249 249 ## comment out issue_pat, issue_server, issue_prefix to enable
250 250
251 251 ## pattern to get the issues from commit messages
252 252 ## default one used here is #<numbers> with a regex passive group for `#`
253 253 ## {id} will be all groups matched from this pattern
254 254
255 255 issue_pat = (?:\s*#)(\d+)
256 256
257 257 ## server url to the issue, each {id} will be replaced with match
258 258 ## fetched from the regex and {repo} is replaced with full repository name
259 259 ## including groups {repo_name} is replaced with just name of repo
260 260
261 261 issue_server_link = https://issues.example.com/{repo}/issue/{id}
262 262
263 263 ## prefix to add to link to indicate it's an url
264 264 ## #314 will be replaced by <issue_prefix><id>
265 265
266 266 issue_prefix = #
267 267
268 268 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
269 269 ## multiple patterns, to other issues server, wiki or others
270 270 ## below an example how to create a wiki pattern
271 271 # wiki-some-id -> https://wiki.example.com/some-id
272 272
273 273 #issue_pat_wiki = (?:wiki-)(.+)
274 274 #issue_server_link_wiki = https://wiki.example.com/{id}
275 275 #issue_prefix_wiki = WIKI-
276 276
277 277 ## instance-id prefix
278 278 ## a prefix key for this instance used for cache invalidation when running
279 279 ## multiple instances of kallithea, make sure it's globally unique for
280 280 ## all running kallithea instances. Leave empty if you don't use it
281 281 instance_id =
282 282
283 283 ## alternative return HTTP header for failed authentication. Default HTTP
284 284 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
285 285 ## handling that. Set this variable to 403 to return HTTPForbidden
286 286 auth_ret_code =
287 287
288 288 ## locking return code. When repository is locked return this HTTP code. 2XX
289 289 ## codes don't break the transactions while 4XX codes do
290 290 lock_ret_code = 423
291 291
292 292 ## allows to change the repository location in settings page
293 293 allow_repo_location_change = True
294 294
295 295 ## allows to setup custom hooks in settings page
296 296 allow_custom_hooks_settings = True
297 297
298 298 ####################################
299 299 ### CELERY CONFIG ####
300 300 ####################################
301 301
302 302 use_celery = false
303 303 broker.host = localhost
304 304 broker.vhost = rabbitmqhost
305 305 broker.port = 5672
306 306 broker.user = rabbitmq
307 307 broker.password = qweqwe
308 308
309 309 celery.imports = kallithea.lib.celerylib.tasks
310 310
311 311 celery.result.backend = amqp
312 312 celery.result.dburi = amqp://
313 313 celery.result.serialier = json
314 314
315 315 #celery.send.task.error.emails = true
316 316 #celery.amqp.task.result.expires = 18000
317 317
318 318 celeryd.concurrency = 2
319 319 #celeryd.log.file = celeryd.log
320 320 celeryd.log.level = DEBUG
321 321 celeryd.max.tasks.per.child = 1
322 322
323 323 ## tasks will never be sent to the queue, but executed locally instead.
324 324 celery.always.eager = false
325 325
326 326 ####################################
327 327 ### BEAKER CACHE ####
328 328 ####################################
329 329
330 330 beaker.cache.data_dir = %(here)s/data/cache/data
331 331 beaker.cache.lock_dir = %(here)s/data/cache/lock
332 332
333 333 beaker.cache.regions = short_term,long_term,sql_cache_short
334 334
335 335 beaker.cache.short_term.type = memory
336 336 beaker.cache.short_term.expire = 60
337 337 beaker.cache.short_term.key_length = 256
338 338
339 339 beaker.cache.long_term.type = memory
340 340 beaker.cache.long_term.expire = 36000
341 341 beaker.cache.long_term.key_length = 256
342 342
343 343 beaker.cache.sql_cache_short.type = memory
344 344 beaker.cache.sql_cache_short.expire = 10
345 345 beaker.cache.sql_cache_short.key_length = 256
346 346
347 347 ####################################
348 348 ### BEAKER SESSION ####
349 349 ####################################
350 350
351 351 ## Name of session cookie. Should be unique for a given host and path, even when running
352 352 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
353 353 beaker.session.key = kallithea
354 354 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
355 355 beaker.session.httponly = true
356 356 ## Session lifetime. 2592000 seconds is 30 days.
357 357 beaker.session.timeout = 2592000
358 358
359 359 ## Server secret used with HMAC to ensure integrity of cookies.
360 360 beaker.session.secret = ${app_instance_uuid}
361 361 ## Further, encrypt the data with AES.
362 362 #beaker.session.encrypt_key = <key_for_encryption>
363 363 #beaker.session.validate_key = <validation_key>
364 364
365 365 ## Type of storage used for the session, current types are
366 366 ## dbm, file, memcached, database, and memory.
367 367
368 368 ## File system storage of session data. (default)
369 369 #beaker.session.type = file
370 370
371 371 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
372 372 #beaker.session.type = cookie
373 373
374 374 ## Database storage of session data.
375 375 #beaker.session.type = ext:database
376 376 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
377 377 #beaker.session.table_name = db_session
378 378
379 379 ############################
380 380 ## ERROR HANDLING SYSTEMS ##
381 381 ############################
382 382
383 383 ####################
384 384 ### [appenlight] ###
385 385 ####################
386 386
387 387 ## AppEnlight is tailored to work with Kallithea, see
388 388 ## http://appenlight.com for details how to obtain an account
389 389 ## you must install python package `appenlight_client` to make it work
390 390
391 391 ## appenlight enabled
392 392 appenlight = false
393 393
394 394 appenlight.server_url = https://api.appenlight.com
395 395 appenlight.api_key = YOUR_API_KEY
396 396
397 397 ## TWEAK AMOUNT OF INFO SENT HERE
398 398
399 399 ## enables 404 error logging (default False)
400 400 appenlight.report_404 = false
401 401
402 402 ## time in seconds after request is considered being slow (default 1)
403 403 appenlight.slow_request_time = 1
404 404
405 405 ## record slow requests in application
406 406 ## (needs to be enabled for slow datastore recording and time tracking)
407 407 appenlight.slow_requests = true
408 408
409 409 ## enable hooking to application loggers
410 410 #appenlight.logging = true
411 411
412 412 ## minimum log level for log capture
413 413 #appenlight.logging.level = WARNING
414 414
415 415 ## send logs only from erroneous/slow requests
416 416 ## (saves API quota for intensive logging)
417 417 appenlight.logging_on_error = false
418 418
419 419 ## list of additonal keywords that should be grabbed from environ object
420 420 ## can be string with comma separated list of words in lowercase
421 421 ## (by default client will always send following info:
422 422 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
423 423 ## start with HTTP* this list be extended with additional keywords here
424 424 appenlight.environ_keys_whitelist =
425 425
426 426 ## list of keywords that should be blanked from request object
427 427 ## can be string with comma separated list of words in lowercase
428 428 ## (by default client will always blank keys that contain following words
429 429 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
430 430 ## this list be extended with additional keywords set here
431 431 appenlight.request_keys_blacklist =
432 432
433 433 ## list of namespaces that should be ignores when gathering log entries
434 434 ## can be string with comma separated list of namespaces
435 435 ## (by default the client ignores own entries: appenlight_client.client)
436 436 appenlight.log_namespace_blacklist =
437 437
438 438 ################
439 439 ### [sentry] ###
440 440 ################
441 441
442 442 ## sentry is a alternative open source error aggregator
443 443 ## you must install python packages `sentry` and `raven` to enable
444 444
445 445 sentry.dsn = YOUR_DNS
446 446 sentry.servers =
447 447 sentry.name =
448 448 sentry.key =
449 449 sentry.public_key =
450 450 sentry.secret_key =
451 451 sentry.project =
452 452 sentry.site =
453 453 sentry.include_paths =
454 454 sentry.exclude_paths =
455 455
456 456 ################################################################################
457 457 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
458 458 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
459 459 ## execute malicious code after an exception is raised. ##
460 460 ################################################################################
461 461 set debug = false
462 462
463 463 ##################################
464 464 ### LOGVIEW CONFIG ###
465 465 ##################################
466 466
467 467 logview.sqlalchemy = #faa
468 468 logview.pylons.templating = #bfb
469 469 logview.pylons.util = #eee
470 470
471 471 #########################################################
472 472 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
473 473 #########################################################
474 474
475 475 # SQLITE [default]
476 476 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
477 477
478 478 # POSTGRESQL
479 479 #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
480 480
481 481 # MySQL
482 482 #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
483 483
484 484 # see sqlalchemy docs for others
485 485
486 486 sqlalchemy.db1.echo = false
487 487 sqlalchemy.db1.pool_recycle = 3600
488 488 sqlalchemy.db1.convert_unicode = true
489 489
490 490 ################################
491 491 ### LOGGING CONFIGURATION ####
492 492 ################################
493 493
494 494 [loggers]
495 495 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
496 496
497 497 [handlers]
498 498 keys = console, console_sql
499 499
500 500 [formatters]
501 501 keys = generic, color_formatter, color_formatter_sql
502 502
503 503 #############
504 504 ## LOGGERS ##
505 505 #############
506 506
507 507 [logger_root]
508 508 level = NOTSET
509 509 handlers = console
510 510
511 511 [logger_routes]
512 512 level = DEBUG
513 513 handlers =
514 514 qualname = routes.middleware
515 515 ## "level = DEBUG" logs the route matched and routing variables.
516 516 propagate = 1
517 517
518 518 [logger_beaker]
519 519 level = DEBUG
520 520 handlers =
521 521 qualname = beaker.container
522 522 propagate = 1
523 523
524 524 [logger_templates]
525 525 level = INFO
526 526 handlers =
527 527 qualname = pylons.templating
528 528 propagate = 1
529 529
530 530 [logger_kallithea]
531 531 level = DEBUG
532 532 handlers =
533 533 qualname = kallithea
534 534 propagate = 1
535 535
536 536 [logger_sqlalchemy]
537 537 level = INFO
538 538 handlers = console_sql
539 539 qualname = sqlalchemy.engine
540 540 propagate = 0
541 541
542 542 [logger_whoosh_indexer]
543 543 level = DEBUG
544 544 handlers =
545 545 qualname = whoosh_indexer
546 546 propagate = 1
547 547
548 548 ##############
549 549 ## HANDLERS ##
550 550 ##############
551 551
552 552 [handler_console]
553 553 class = StreamHandler
554 554 args = (sys.stderr,)
555 555 level = INFO
556 556 formatter = generic
557 557
558 558 [handler_console_sql]
559 559 class = StreamHandler
560 560 args = (sys.stderr,)
561 561 level = WARN
562 562 formatter = generic
563 563
564 564 ################
565 565 ## FORMATTERS ##
566 566 ################
567 567
568 568 [formatter_generic]
569 569 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
570 570 datefmt = %Y-%m-%d %H:%M:%S
571 571
572 572 [formatter_color_formatter]
573 573 class = kallithea.lib.colored_formatter.ColorFormatter
574 574 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
575 575 datefmt = %Y-%m-%d %H:%M:%S
576 576
577 577 [formatter_color_formatter_sql]
578 578 class = kallithea.lib.colored_formatter.ColorFormatterSql
579 579 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
580 580 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,591 +1,591 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - config for tests: #
4 4 # initial_repo_scan = true #
5 5 # vcs_full_cache = false #
6 6 # sqlalchemy and kallithea_test.sqlite #
7 7 # custom logging #
8 8 # #
9 9 # The %(here)s variable will be replaced with the parent directory of this file#
10 10 ################################################################################
11 11 ################################################################################
12 12
13 13 [DEFAULT]
14 14 debug = true
15 15 pdebug = false
16 16
17 17 ################################################################################
18 18 ## Email settings ##
19 19 ## ##
20 20 ## Refer to the documentation ("Email settings") for more details. ##
21 21 ## ##
22 22 ## It is recommended to use a valid sender address that passes access ##
23 23 ## validation and spam filtering in mail servers. ##
24 24 ################################################################################
25 25
26 26 ## 'From' header for application emails. You can optionally add a name.
27 27 ## Default:
28 28 #app_email_from = Kallithea
29 29 ## Examples:
30 30 #app_email_from = Kallithea <kallithea-noreply@example.com>
31 31 #app_email_from = kallithea-noreply@example.com
32 32
33 33 ## Subject prefix for application emails.
34 34 ## A space between this prefix and the real subject is automatically added.
35 35 ## Default:
36 36 #email_prefix =
37 37 ## Example:
38 38 #email_prefix = [Kallithea]
39 39
40 40 ## Recipients for error emails and fallback recipients of application mails.
41 41 ## Multiple addresses can be specified, space-separated.
42 42 ## Only addresses are allowed, do not add any name part.
43 43 ## Default:
44 44 #email_to =
45 45 ## Examples:
46 46 #email_to = admin@example.com
47 47 #email_to = admin@example.com another_admin@example.com
48 48
49 49 ## 'From' header for error emails. You can optionally add a name.
50 50 ## Default:
51 51 #error_email_from = pylons@yourapp.com
52 52 ## Examples:
53 53 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
54 54 #error_email_from = paste_error@example.com
55 55
56 56 ## SMTP server settings
57 57 ## Only smtp_server is mandatory. All other settings take the specified default
58 58 ## values.
59 59 #smtp_server = smtp.example.com
60 60 #smtp_username =
61 61 #smtp_password =
62 62 #smtp_port = 25
63 63 #smtp_use_tls = false
64 64 #smtp_use_ssl = false
65 65 ## SMTP authentication parameters to use (e.g. LOGIN PLAIN CRAM-MD5, etc.).
66 66 ## If empty, use any of the authentication parameters supported by the server.
67 67 #smtp_auth =
68 68
69 69 [server:main]
70 70 ## PASTE ##
71 71 #use = egg:Paste#http
72 72 ## nr of worker threads to spawn
73 #threadpool_workers = 5
73 #threadpool_workers = 1
74 74 ## max request before thread respawn
75 #threadpool_max_requests = 10
75 #threadpool_max_requests = 100
76 76 ## option to use threads of process
77 77 #use_threadpool = true
78 78
79 79 ## WAITRESS ##
80 80 use = egg:waitress#main
81 81 ## number of worker threads
82 threads = 5
82 threads = 1
83 83 ## MAX BODY SIZE 100GB
84 84 max_request_body_size = 107374182400
85 85 ## use poll instead of select, fixes fd limits, may not work on old
86 86 ## windows systems.
87 87 #asyncore_use_poll = True
88 88
89 89 ## GUNICORN ##
90 90 #use = egg:gunicorn#main
91 91 ## number of process workers. You must set `instance_id = *` when this option
92 92 ## is set to more than one worker
93 93 #workers = 1
94 94 ## process name
95 95 #proc_name = kallithea
96 96 ## type of worker class, one of sync, eventlet, gevent, tornado
97 97 ## recommended for bigger setup is using of of other than sync one
98 98 #worker_class = sync
99 99 #max_requests = 1000
100 100 ## ammount of time a worker can handle request before it gets killed and
101 101 ## restarted
102 102 #timeout = 3600
103 103
104 104 ## UWSGI ##
105 105 ## run with uwsgi --ini-paste-logged <inifile.ini>
106 106 #[uwsgi]
107 107 #socket = /tmp/uwsgi.sock
108 108 #master = true
109 109 #http = 127.0.0.1:5000
110 110
111 111 ## set as deamon and redirect all output to file
112 112 #daemonize = ./uwsgi_kallithea.log
113 113
114 114 ## master process PID
115 115 #pidfile = ./uwsgi_kallithea.pid
116 116
117 117 ## stats server with workers statistics, use uwsgitop
118 118 ## for monitoring, `uwsgitop 127.0.0.1:1717`
119 119 #stats = 127.0.0.1:1717
120 120 #memory-report = true
121 121
122 122 ## log 5XX errors
123 123 #log-5xx = true
124 124
125 125 ## Set the socket listen queue size.
126 126 #listen = 256
127 127
128 128 ## Gracefully Reload workers after the specified amount of managed requests
129 129 ## (avoid memory leaks).
130 130 #max-requests = 1000
131 131
132 132 ## enable large buffers
133 133 #buffer-size = 65535
134 134
135 135 ## socket and http timeouts ##
136 136 #http-timeout = 3600
137 137 #socket-timeout = 3600
138 138
139 139 ## Log requests slower than the specified number of milliseconds.
140 140 #log-slow = 10
141 141
142 142 ## Exit if no app can be loaded.
143 143 #need-app = true
144 144
145 145 ## Set lazy mode (load apps in workers instead of master).
146 146 #lazy = true
147 147
148 148 ## scaling ##
149 149 ## set cheaper algorithm to use, if not set default will be used
150 150 #cheaper-algo = spare
151 151
152 152 ## minimum number of workers to keep at all times
153 153 #cheaper = 1
154 154
155 155 ## number of workers to spawn at startup
156 156 #cheaper-initial = 1
157 157
158 158 ## maximum number of workers that can be spawned
159 159 #workers = 4
160 160
161 161 ## how many workers should be spawned at a time
162 162 #cheaper-step = 1
163 163
164 164 ## COMMON ##
165 165 host = 127.0.0.1
166 166 port = 4999
167 167
168 168 ## middleware for hosting the WSGI application under a URL prefix
169 169 #[filter:proxy-prefix]
170 170 #use = egg:PasteDeploy#prefix
171 171 #prefix = /<your-prefix>
172 172
173 173 [app:main]
174 174 use = egg:kallithea
175 175 ## enable proxy prefix middleware
176 176 #filter-with = proxy-prefix
177 177
178 178 full_stack = true
179 179 static_files = true
180 180 ## Available Languages:
181 181 ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
182 182 lang =
183 183 cache_dir = %(here)s/data
184 184 index_dir = %(here)s/data/index
185 185
186 186 ## perform a full repository scan on each server start, this should be
187 187 ## set to false after first startup, to allow faster server restarts.
188 188 #initial_repo_scan = false
189 189 initial_repo_scan = true
190 190
191 191 ## uncomment and set this path to use archive download cache
192 192 archive_cache_dir = %(here)s/tarballcache
193 193
194 194 ## change this to unique ID for security
195 195 app_instance_uuid = test
196 196
197 197 ## cut off limit for large diffs (size in bytes)
198 198 cut_off_limit = 256000
199 199
200 200 ## use cache version of scm repo everywhere
201 201 #vcs_full_cache = true
202 202 vcs_full_cache = false
203 203
204 204 ## force https in Kallithea, fixes https redirects, assumes it's always https
205 205 force_https = false
206 206
207 207 ## use Strict-Transport-Security headers
208 208 use_htsts = false
209 209
210 210 ## number of commits stats will parse on each iteration
211 211 commit_parse_limit = 25
212 212
213 213 ## path to git executable
214 214 git_path = git
215 215
216 216 ## git rev filter option, --all is the default filter, if you need to
217 217 ## hide all refs in changelog switch this to --branches --tags
218 218 #git_rev_filter = --branches --tags
219 219
220 220 ## RSS feed options
221 221 rss_cut_off_limit = 256000
222 222 rss_items_per_page = 10
223 223 rss_include_diff = false
224 224
225 225 ## options for showing and identifying changesets
226 226 show_sha_length = 12
227 227 show_revision_number = true
228 228
229 229 ## gist URL alias, used to create nicer urls for gist. This should be an
230 230 ## url that does rewrites to _admin/gists/<gistid>.
231 231 ## example: http://gist.example.com/{gistid}. Empty means use the internal
232 232 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
233 233 gist_alias_url =
234 234
235 235 ## white list of API enabled controllers. This allows to add list of
236 236 ## controllers to which access will be enabled by api_key. eg: to enable
237 237 ## api access to raw_files put `FilesController:raw`, to enable access to patches
238 238 ## add `ChangesetController:changeset_patch`. This list should be "," separated
239 239 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
240 240 ## Recommended settings below are commented out:
241 241 api_access_controllers_whitelist =
242 242 # ChangesetController:changeset_patch,
243 243 # ChangesetController:changeset_raw,
244 244 # FilesController:raw,
245 245 # FilesController:archivefile
246 246
247 247 ## default encoding used to convert from and to unicode
248 248 ## can be also a comma seperated list of encoding in case of mixed encodings
249 249 default_encoding = utf8
250 250
251 251 ## issue tracker for Kallithea (leave blank to disable, absent for default)
252 252 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
253 253
254 254 ## issue tracking mapping for commits messages
255 255 ## comment out issue_pat, issue_server, issue_prefix to enable
256 256
257 257 ## pattern to get the issues from commit messages
258 258 ## default one used here is #<numbers> with a regex passive group for `#`
259 259 ## {id} will be all groups matched from this pattern
260 260
261 261 issue_pat = (?:\s*#)(\d+)
262 262
263 263 ## server url to the issue, each {id} will be replaced with match
264 264 ## fetched from the regex and {repo} is replaced with full repository name
265 265 ## including groups {repo_name} is replaced with just name of repo
266 266
267 267 issue_server_link = https://issues.example.com/{repo}/issue/{id}
268 268
269 269 ## prefix to add to link to indicate it's an url
270 270 ## #314 will be replaced by <issue_prefix><id>
271 271
272 272 issue_prefix = #
273 273
274 274 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
275 275 ## multiple patterns, to other issues server, wiki or others
276 276 ## below an example how to create a wiki pattern
277 277 # wiki-some-id -> https://wiki.example.com/some-id
278 278
279 279 #issue_pat_wiki = (?:wiki-)(.+)
280 280 #issue_server_link_wiki = https://wiki.example.com/{id}
281 281 #issue_prefix_wiki = WIKI-
282 282
283 283 ## instance-id prefix
284 284 ## a prefix key for this instance used for cache invalidation when running
285 285 ## multiple instances of kallithea, make sure it's globally unique for
286 286 ## all running kallithea instances. Leave empty if you don't use it
287 287 instance_id =
288 288
289 289 ## alternative return HTTP header for failed authentication. Default HTTP
290 290 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
291 291 ## handling that. Set this variable to 403 to return HTTPForbidden
292 292 auth_ret_code =
293 293
294 294 ## locking return code. When repository is locked return this HTTP code. 2XX
295 295 ## codes don't break the transactions while 4XX codes do
296 296 lock_ret_code = 423
297 297
298 298 ## allows to change the repository location in settings page
299 299 allow_repo_location_change = True
300 300
301 301 ## allows to setup custom hooks in settings page
302 302 allow_custom_hooks_settings = True
303 303
304 304 ####################################
305 305 ### CELERY CONFIG ####
306 306 ####################################
307 307
308 308 use_celery = false
309 309 broker.host = localhost
310 310 broker.vhost = rabbitmqhost
311 311 broker.port = 5672
312 312 broker.user = rabbitmq
313 313 broker.password = qweqwe
314 314
315 315 celery.imports = kallithea.lib.celerylib.tasks
316 316
317 317 celery.result.backend = amqp
318 318 celery.result.dburi = amqp://
319 319 celery.result.serialier = json
320 320
321 321 #celery.send.task.error.emails = true
322 322 #celery.amqp.task.result.expires = 18000
323 323
324 324 celeryd.concurrency = 2
325 325 #celeryd.log.file = celeryd.log
326 326 celeryd.log.level = DEBUG
327 327 celeryd.max.tasks.per.child = 1
328 328
329 329 ## tasks will never be sent to the queue, but executed locally instead.
330 330 celery.always.eager = false
331 331
332 332 ####################################
333 333 ### BEAKER CACHE ####
334 334 ####################################
335 335
336 336 beaker.cache.data_dir = %(here)s/data/cache/data
337 337 beaker.cache.lock_dir = %(here)s/data/cache/lock
338 338
339 339 beaker.cache.regions = short_term,long_term,sql_cache_short
340 340
341 341 beaker.cache.short_term.type = memory
342 342 beaker.cache.short_term.expire = 60
343 343 beaker.cache.short_term.key_length = 256
344 344
345 345 beaker.cache.long_term.type = memory
346 346 beaker.cache.long_term.expire = 36000
347 347 beaker.cache.long_term.key_length = 256
348 348
349 349 beaker.cache.sql_cache_short.type = memory
350 350 beaker.cache.sql_cache_short.expire = 1
351 351 beaker.cache.sql_cache_short.key_length = 256
352 352
353 353 ####################################
354 354 ### BEAKER SESSION ####
355 355 ####################################
356 356
357 357 ## Name of session cookie. Should be unique for a given host and path, even when running
358 358 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
359 359 beaker.session.key = kallithea
360 360 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
361 361 beaker.session.httponly = true
362 362 ## Session lifetime. 2592000 seconds is 30 days.
363 363 beaker.session.timeout = 2592000
364 364
365 365 ## Server secret used with HMAC to ensure integrity of cookies.
366 366 beaker.session.secret = {74e0cd75-b339-478b-b129-07dd221def1f}
367 367 ## Further, encrypt the data with AES.
368 368 #beaker.session.encrypt_key = <key_for_encryption>
369 369 #beaker.session.validate_key = <validation_key>
370 370
371 371 ## Type of storage used for the session, current types are
372 372 ## dbm, file, memcached, database, and memory.
373 373
374 374 ## File system storage of session data. (default)
375 375 #beaker.session.type = file
376 376
377 377 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
378 378 #beaker.session.type = cookie
379 379
380 380 ## Database storage of session data.
381 381 #beaker.session.type = ext:database
382 382 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
383 383 #beaker.session.table_name = db_session
384 384
385 385 ############################
386 386 ## ERROR HANDLING SYSTEMS ##
387 387 ############################
388 388
389 389 ####################
390 390 ### [appenlight] ###
391 391 ####################
392 392
393 393 ## AppEnlight is tailored to work with Kallithea, see
394 394 ## http://appenlight.com for details how to obtain an account
395 395 ## you must install python package `appenlight_client` to make it work
396 396
397 397 ## appenlight enabled
398 398 appenlight = false
399 399
400 400 appenlight.server_url = https://api.appenlight.com
401 401 appenlight.api_key = YOUR_API_KEY
402 402
403 403 ## TWEAK AMOUNT OF INFO SENT HERE
404 404
405 405 ## enables 404 error logging (default False)
406 406 appenlight.report_404 = false
407 407
408 408 ## time in seconds after request is considered being slow (default 1)
409 409 appenlight.slow_request_time = 1
410 410
411 411 ## record slow requests in application
412 412 ## (needs to be enabled for slow datastore recording and time tracking)
413 413 appenlight.slow_requests = true
414 414
415 415 ## enable hooking to application loggers
416 416 #appenlight.logging = true
417 417
418 418 ## minimum log level for log capture
419 419 #appenlight.logging.level = WARNING
420 420
421 421 ## send logs only from erroneous/slow requests
422 422 ## (saves API quota for intensive logging)
423 423 appenlight.logging_on_error = false
424 424
425 425 ## list of additonal keywords that should be grabbed from environ object
426 426 ## can be string with comma separated list of words in lowercase
427 427 ## (by default client will always send following info:
428 428 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
429 429 ## start with HTTP* this list be extended with additional keywords here
430 430 appenlight.environ_keys_whitelist =
431 431
432 432 ## list of keywords that should be blanked from request object
433 433 ## can be string with comma separated list of words in lowercase
434 434 ## (by default client will always blank keys that contain following words
435 435 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
436 436 ## this list be extended with additional keywords set here
437 437 appenlight.request_keys_blacklist =
438 438
439 439 ## list of namespaces that should be ignores when gathering log entries
440 440 ## can be string with comma separated list of namespaces
441 441 ## (by default the client ignores own entries: appenlight_client.client)
442 442 appenlight.log_namespace_blacklist =
443 443
444 444 ################
445 445 ### [sentry] ###
446 446 ################
447 447
448 448 ## sentry is a alternative open source error aggregator
449 449 ## you must install python packages `sentry` and `raven` to enable
450 450
451 451 sentry.dsn = YOUR_DNS
452 452 sentry.servers =
453 453 sentry.name =
454 454 sentry.key =
455 455 sentry.public_key =
456 456 sentry.secret_key =
457 457 sentry.project =
458 458 sentry.site =
459 459 sentry.include_paths =
460 460 sentry.exclude_paths =
461 461
462 462 ################################################################################
463 463 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
464 464 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
465 465 ## execute malicious code after an exception is raised. ##
466 466 ################################################################################
467 467 set debug = false
468 468
469 469 ##################################
470 470 ### LOGVIEW CONFIG ###
471 471 ##################################
472 472
473 473 logview.sqlalchemy = #faa
474 474 logview.pylons.templating = #bfb
475 475 logview.pylons.util = #eee
476 476
477 477 #########################################################
478 478 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
479 479 #########################################################
480 480
481 481 # SQLITE [default]
482 482 #sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
483 483 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea_test.sqlite
484 484
485 485 # POSTGRESQL
486 486 #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
487 487
488 488 # MySQL
489 489 #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
490 490
491 491 # see sqlalchemy docs for others
492 492
493 493 sqlalchemy.db1.echo = false
494 494 sqlalchemy.db1.pool_recycle = 3600
495 495 sqlalchemy.db1.convert_unicode = true
496 496
497 497 ################################
498 498 ### LOGGING CONFIGURATION ####
499 499 ################################
500 500
501 501 [loggers]
502 502 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
503 503
504 504 [handlers]
505 505 keys = console, console_sql
506 506
507 507 [formatters]
508 508 keys = generic, color_formatter, color_formatter_sql
509 509
510 510 #############
511 511 ## LOGGERS ##
512 512 #############
513 513
514 514 [logger_root]
515 515 #level = NOTSET
516 516 level = DEBUG
517 517 handlers = console
518 518
519 519 [logger_routes]
520 520 level = DEBUG
521 521 handlers =
522 522 qualname = routes.middleware
523 523 ## "level = DEBUG" logs the route matched and routing variables.
524 524 propagate = 1
525 525
526 526 [logger_beaker]
527 527 level = DEBUG
528 528 handlers =
529 529 qualname = beaker.container
530 530 propagate = 1
531 531
532 532 [logger_templates]
533 533 level = INFO
534 534 handlers =
535 535 qualname = pylons.templating
536 536 propagate = 1
537 537
538 538 [logger_kallithea]
539 539 level = DEBUG
540 540 handlers =
541 541 qualname = kallithea
542 542 propagate = 1
543 543
544 544 [logger_sqlalchemy]
545 545 #level = INFO
546 546 #handlers = console_sql
547 547 level = ERROR
548 548 handlers = console
549 549 qualname = sqlalchemy.engine
550 550 propagate = 0
551 551
552 552 [logger_whoosh_indexer]
553 553 level = DEBUG
554 554 handlers =
555 555 qualname = whoosh_indexer
556 556 propagate = 1
557 557
558 558 ##############
559 559 ## HANDLERS ##
560 560 ##############
561 561
562 562 [handler_console]
563 563 class = StreamHandler
564 564 args = (sys.stderr,)
565 565 #level = INFO
566 566 level = NOTSET
567 567 formatter = generic
568 568
569 569 [handler_console_sql]
570 570 class = StreamHandler
571 571 args = (sys.stderr,)
572 572 level = WARN
573 573 formatter = generic
574 574
575 575 ################
576 576 ## FORMATTERS ##
577 577 ################
578 578
579 579 [formatter_generic]
580 580 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
581 581 datefmt = %Y-%m-%d %H:%M:%S
582 582
583 583 [formatter_color_formatter]
584 584 class = kallithea.lib.colored_formatter.ColorFormatter
585 585 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
586 586 datefmt = %Y-%m-%d %H:%M:%S
587 587
588 588 [formatter_color_formatter_sql]
589 589 class = kallithea.lib.colored_formatter.ColorFormatterSql
590 590 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
591 591 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now