##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

issue #7 remove obsolete configuration
domruf -
r4501:a68fc4ab default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,615 +1,587 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Development config: #
4 4 # listening on *:5000 #
5 5 # sqlite and kallithea.db #
6 6 # initial_repo_scan = true #
7 7 # set debug = true #
8 8 # verbose and colorful logging #
9 9 # #
10 10 # The %(here)s variable will be replaced with the parent directory of this file#
11 11 ################################################################################
12 12 ################################################################################
13 13
14 14 [DEFAULT]
15 15 debug = true
16 16 pdebug = false
17 17
18 18 ################################################################################
19 19 ## Uncomment and replace with the address which should receive ##
20 20 ## any error reports after application crash ##
21 21 ## Additionally those settings will be used by Kallithea mailing system ##
22 22 ################################################################################
23 23 #email_to = admin@localhost
24 24 #error_email_from = paste_error@localhost
25 25 #app_email_from = kallithea-noreply@localhost
26 26 #error_message =
27 27 #email_prefix = [Kallithea]
28 28
29 29 #smtp_server = mail.server.com
30 30 #smtp_username =
31 31 #smtp_password =
32 32 #smtp_port =
33 33 #smtp_use_tls = false
34 34 #smtp_use_ssl = true
35 35 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
36 36 #smtp_auth =
37 37
38 38 [server:main]
39 39 ## PASTE ##
40 40 #use = egg:Paste#http
41 41 ## nr of worker threads to spawn
42 42 #threadpool_workers = 5
43 43 ## max request before thread respawn
44 44 #threadpool_max_requests = 10
45 45 ## option to use threads of process
46 46 #use_threadpool = true
47 47
48 48 ## WAITRESS ##
49 49 use = egg:waitress#main
50 50 ## number of worker threads
51 51 threads = 5
52 52 ## MAX BODY SIZE 100GB
53 53 max_request_body_size = 107374182400
54 54 ## use poll instead of select, fixes fd limits, may not work on old
55 55 ## windows systems.
56 56 #asyncore_use_poll = True
57 57
58 58 ## GUNICORN ##
59 59 #use = egg:gunicorn#main
60 60 ## number of process workers. You must set `instance_id = *` when this option
61 61 ## is set to more than one worker
62 62 #workers = 1
63 63 ## process name
64 64 #proc_name = kallithea
65 65 ## type of worker class, one of sync, eventlet, gevent, tornado
66 66 ## recommended for bigger setup is using of of other than sync one
67 67 #worker_class = sync
68 68 #max_requests = 1000
69 69 ## ammount of time a worker can handle request before it gets killed and
70 70 ## restarted
71 71 #timeout = 3600
72 72
73 73 ## UWSGI ##
74 74 ## run with uwsgi --ini-paste-logged <inifile.ini>
75 75 #[uwsgi]
76 76 #socket = /tmp/uwsgi.sock
77 77 #master = true
78 78 #http = 127.0.0.1:5000
79 79
80 80 ## set as deamon and redirect all output to file
81 81 #daemonize = ./uwsgi_kallithea.log
82 82
83 83 ## master process PID
84 84 #pidfile = ./uwsgi_kallithea.pid
85 85
86 86 ## stats server with workers statistics, use uwsgitop
87 87 ## for monitoring, `uwsgitop 127.0.0.1:1717`
88 88 #stats = 127.0.0.1:1717
89 89 #memory-report = true
90 90
91 91 ## log 5XX errors
92 92 #log-5xx = true
93 93
94 94 ## Set the socket listen queue size.
95 95 #listen = 256
96 96
97 97 ## Gracefully Reload workers after the specified amount of managed requests
98 98 ## (avoid memory leaks).
99 99 #max-requests = 1000
100 100
101 101 ## enable large buffers
102 102 #buffer-size=65535
103 103
104 104 ## socket and http timeouts ##
105 105 #http-timeout=3600
106 106 #socket-timeout=3600
107 107
108 108 ## Log requests slower than the specified number of milliseconds.
109 109 #log-slow = 10
110 110
111 111 ## Exit if no app can be loaded.
112 112 #need-app = true
113 113
114 114 ## Set lazy mode (load apps in workers instead of master).
115 115 #lazy = true
116 116
117 117 ## scaling ##
118 118 ## set cheaper algorithm to use, if not set default will be used
119 119 #cheaper-algo = spare
120 120
121 121 ## minimum number of workers to keep at all times
122 122 #cheaper = 1
123 123
124 124 ## number of workers to spawn at startup
125 125 #cheaper-initial = 1
126 126
127 127 ## maximum number of workers that can be spawned
128 128 #workers = 4
129 129
130 130 ## how many workers should be spawned at a time
131 131 #cheaper-step = 1
132 132
133 133 ## COMMON ##
134 134 host = 0.0.0.0
135 135 port = 5000
136 136
137 137 ## prefix middleware for rc
138 138 #[filter:proxy-prefix]
139 139 #use = egg:PasteDeploy#prefix
140 140 #prefix = /<your-prefix>
141 141
142 142 [app:main]
143 143 use = egg:kallithea
144 144 ## enable proxy prefix middleware
145 145 #filter-with = proxy-prefix
146 146
147 147 full_stack = true
148 148 static_files = true
149 149 ## Available Languages:
150 150 ## de en fr ja pl pt_BR ru zh_CN zh_TW
151 151 lang = en
152 152 cache_dir = %(here)s/data
153 153 index_dir = %(here)s/data/index
154 154
155 155 ## perform a full repository scan on each server start, this should be
156 156 ## set to false after first startup, to allow faster server restarts.
157 157 #initial_repo_scan = false
158 158 initial_repo_scan = true
159 159
160 160 ## uncomment and set this path to use archive download cache
161 161 archive_cache_dir = %(here)s/tarballcache
162 162
163 163 ## change this to unique ID for security
164 164 app_instance_uuid = development-not-secret
165 165
166 166 ## cut off limit for large diffs (size in bytes)
167 167 cut_off_limit = 256000
168 168
169 169 ## use cache version of scm repo everywhere
170 170 vcs_full_cache = true
171 171
172 172 ## force https in Kallithea, fixes https redirects, assumes it's always https
173 173 force_https = false
174 174
175 175 ## use Strict-Transport-Security headers
176 176 use_htsts = false
177 177
178 178 ## number of commits stats will parse on each iteration
179 179 commit_parse_limit = 25
180 180
181 ## use gravatar service to display avatars
182 use_gravatar = true
183
184 181 ## path to git executable
185 182 git_path = git
186 183
187 184 ## git rev filter option, --all is the default filter, if you need to
188 185 ## hide all refs in changelog switch this to --branches --tags
189 186 #git_rev_filter = --branches --tags
190 187
191 188 ## RSS feed options
192 189 rss_cut_off_limit = 256000
193 190 rss_items_per_page = 10
194 191 rss_include_diff = false
195 192
196 193 ## options for showing and identifying changesets
197 194 show_sha_length = 12
198 195 show_revision_number = true
199 196
200 197 ## gist URL alias, used to create nicer urls for gist. This should be an
201 198 ## url that does rewrites to _admin/gists/<gistid>.
202 199 ## example: http://gist.kallithea.server/{gistid}. Empty means use the internal
203 200 ## Kallithea url, ie. http[s]://your.kallithea.server/_admin/gists/<gistid>
204 201 gist_alias_url =
205 202
206 203 ## white list of API enabled controllers. This allows to add list of
207 204 ## controllers to which access will be enabled by api_key. eg: to enable
208 205 ## api access to raw_files put `FilesController:raw`, to enable access to patches
209 206 ## add `ChangesetController:changeset_patch`. This list should be "," separated
210 207 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
211 208 ## Recommended settings below are commented out:
212 209 api_access_controllers_whitelist =
213 210 # ChangesetController:changeset_patch,
214 211 # ChangesetController:changeset_raw,
215 212 # FilesController:raw,
216 213 # FilesController:archivefile
217 214
218 ## alternative_gravatar_url allows you to use your own avatar server application
219 ## the following parts of the URL will be replaced
220 ## {email} user email
221 ## {md5email} md5 hash of the user email (like at gravatar.com)
222 ## {size} size of the image that is expected from the server application
223 ## {scheme} http/https from Kallithea server
224 ## {netloc} network location from Kallithea server
225 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
226 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
227
228
229 ## container auth options
230 container_auth_enabled = false
231 proxypass_auth_enabled = false
232
233 215 ## default encoding used to convert from and to unicode
234 216 ## can be also a comma seperated list of encoding in case of mixed encodings
235 217 default_encoding = utf8
236 218
237 ## overwrite schema of clone url
238 ## available vars:
239 ## scheme - http/https
240 ## user - current user
241 ## pass - password
242 ## netloc - network location
243 ## path - usually repo_name
244
245 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
246
247 219 ## issue tracker for Kallithea (leave blank to disable, absent for default)
248 220 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
249 221
250 222 ## issue tracking mapping for commits messages
251 223 ## comment out issue_pat, issue_server, issue_prefix to enable
252 224
253 225 ## pattern to get the issues from commit messages
254 226 ## default one used here is #<numbers> with a regex passive group for `#`
255 227 ## {id} will be all groups matched from this pattern
256 228
257 229 issue_pat = (?:\s*#)(\d+)
258 230
259 231 ## server url to the issue, each {id} will be replaced with match
260 232 ## fetched from the regex and {repo} is replaced with full repository name
261 233 ## including groups {repo_name} is replaced with just name of repo
262 234
263 235 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
264 236
265 237 ## prefix to add to link to indicate it's an url
266 238 ## #314 will be replaced by <issue_prefix><id>
267 239
268 240 issue_prefix = #
269 241
270 242 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
271 243 ## multiple patterns, to other issues server, wiki or others
272 244 ## below an example how to create a wiki pattern
273 245 # wiki-some-id -> https://mywiki.com/some-id
274 246
275 247 #issue_pat_wiki = (?:wiki-)(.+)
276 248 #issue_server_link_wiki = https://mywiki.com/{id}
277 249 #issue_prefix_wiki = WIKI-
278 250
279 251
280 252 ## instance-id prefix
281 253 ## a prefix key for this instance used for cache invalidation when running
282 254 ## multiple instances of kallithea, make sure it's globally unique for
283 255 ## all running kallithea instances. Leave empty if you don't use it
284 256 instance_id =
285 257
286 258 ## alternative return HTTP header for failed authentication. Default HTTP
287 259 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
288 260 ## handling that. Set this variable to 403 to return HTTPForbidden
289 261 auth_ret_code =
290 262
291 263 ## locking return code. When repository is locked return this HTTP code. 2XX
292 264 ## codes don't break the transactions while 4XX codes do
293 265 lock_ret_code = 423
294 266
295 267 ## allows to change the repository location in settings page
296 268 allow_repo_location_change = True
297 269
298 270 ## allows to setup custom hooks in settings page
299 271 allow_custom_hooks_settings = True
300 272
301 273
302 274 ####################################
303 275 ### CELERY CONFIG ####
304 276 ####################################
305 277
306 278 use_celery = false
307 279 broker.host = localhost
308 280 broker.vhost = rabbitmqhost
309 281 broker.port = 5672
310 282 broker.user = rabbitmq
311 283 broker.password = qweqwe
312 284
313 285 celery.imports = kallithea.lib.celerylib.tasks
314 286
315 287 celery.result.backend = amqp
316 288 celery.result.dburi = amqp://
317 289 celery.result.serialier = json
318 290
319 291 #celery.send.task.error.emails = true
320 292 #celery.amqp.task.result.expires = 18000
321 293
322 294 celeryd.concurrency = 2
323 295 #celeryd.log.file = celeryd.log
324 296 celeryd.log.level = debug
325 297 celeryd.max.tasks.per.child = 1
326 298
327 299 ## tasks will never be sent to the queue, but executed locally instead.
328 300 celery.always.eager = false
329 301
330 302 ####################################
331 303 ### BEAKER CACHE ####
332 304 ####################################
333 305
334 306 beaker.cache.data_dir=%(here)s/data/cache/data
335 307 beaker.cache.lock_dir=%(here)s/data/cache/lock
336 308
337 309 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
338 310
339 311 beaker.cache.super_short_term.type=memory
340 312 beaker.cache.super_short_term.expire=10
341 313 beaker.cache.super_short_term.key_length = 256
342 314
343 315 beaker.cache.short_term.type=memory
344 316 beaker.cache.short_term.expire=60
345 317 beaker.cache.short_term.key_length = 256
346 318
347 319 beaker.cache.long_term.type=memory
348 320 beaker.cache.long_term.expire=36000
349 321 beaker.cache.long_term.key_length = 256
350 322
351 323 beaker.cache.sql_cache_short.type=memory
352 324 beaker.cache.sql_cache_short.expire=10
353 325 beaker.cache.sql_cache_short.key_length = 256
354 326
355 327 beaker.cache.sql_cache_med.type=memory
356 328 beaker.cache.sql_cache_med.expire=360
357 329 beaker.cache.sql_cache_med.key_length = 256
358 330
359 331 beaker.cache.sql_cache_long.type=file
360 332 beaker.cache.sql_cache_long.expire=3600
361 333 beaker.cache.sql_cache_long.key_length = 256
362 334
363 335 ####################################
364 336 ### BEAKER SESSION ####
365 337 ####################################
366 338 ## Type of storage used for the session, current types are
367 339 ## dbm, file, memcached, database, and memory.
368 340 ## The storage uses the Container API
369 341 ## that is also used by the cache system.
370 342
371 343 ## db session ##
372 344 #beaker.session.type = ext:database
373 345 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
374 346 #beaker.session.table_name = db_session
375 347
376 348 ## encrypted cookie client side session, good for many instances ##
377 349 #beaker.session.type = cookie
378 350
379 351 ## file based cookies (default) ##
380 352 #beaker.session.type = file
381 353
382 354 beaker.session.key = kallithea
383 355 beaker.session.secret = development-not-secret
384 356
385 357 ## Secure encrypted cookie. Requires AES and AES python libraries
386 358 ## you must disable beaker.session.secret to use this
387 359 #beaker.session.encrypt_key = <key_for_encryption>
388 360 #beaker.session.validate_key = <validation_key>
389 361
390 362 ## sets session as invalid if it haven't been accessed for given amount of time
391 363 beaker.session.timeout = 2592000
392 364 beaker.session.httponly = true
393 365 #beaker.session.cookie_path = /<your-prefix>
394 366
395 367 ## uncomment for https secure cookie
396 368 beaker.session.secure = false
397 369
398 370 ## auto save the session to not to use .save()
399 371 beaker.session.auto = False
400 372
401 373 ## default cookie expiration time in seconds `true` expire at browser close ##
402 374 #beaker.session.cookie_expires = 3600
403 375
404 376
405 377 ############################
406 378 ## ERROR HANDLING SYSTEMS ##
407 379 ############################
408 380
409 381 ####################
410 382 ### [errormator] ###
411 383 ####################
412 384
413 385 ## Errormator is tailored to work with Kallithea, see
414 386 ## http://errormator.com for details how to obtain an account
415 387 ## you must install python package `errormator_client` to make it work
416 388
417 389 ## errormator enabled
418 390 errormator = false
419 391
420 392 errormator.server_url = https://api.errormator.com
421 393 errormator.api_key = YOUR_API_KEY
422 394
423 395 ## TWEAK AMOUNT OF INFO SENT HERE
424 396
425 397 ## enables 404 error logging (default False)
426 398 errormator.report_404 = false
427 399
428 400 ## time in seconds after request is considered being slow (default 1)
429 401 errormator.slow_request_time = 1
430 402
431 403 ## record slow requests in application
432 404 ## (needs to be enabled for slow datastore recording and time tracking)
433 405 errormator.slow_requests = true
434 406
435 407 ## enable hooking to application loggers
436 408 # errormator.logging = true
437 409
438 410 ## minimum log level for log capture
439 411 # errormator.logging.level = WARNING
440 412
441 413 ## send logs only from erroneous/slow requests
442 414 ## (saves API quota for intensive logging)
443 415 errormator.logging_on_error = false
444 416
445 417 ## list of additonal keywords that should be grabbed from environ object
446 418 ## can be string with comma separated list of words in lowercase
447 419 ## (by default client will always send following info:
448 420 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
449 421 ## start with HTTP* this list be extended with additional keywords here
450 422 errormator.environ_keys_whitelist =
451 423
452 424
453 425 ## list of keywords that should be blanked from request object
454 426 ## can be string with comma separated list of words in lowercase
455 427 ## (by default client will always blank keys that contain following words
456 428 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
457 429 ## this list be extended with additional keywords set here
458 430 errormator.request_keys_blacklist =
459 431
460 432
461 433 ## list of namespaces that should be ignores when gathering log entries
462 434 ## can be string with comma separated list of namespaces
463 435 ## (by default the client ignores own entries: errormator_client.client)
464 436 errormator.log_namespace_blacklist =
465 437
466 438
467 439 ################
468 440 ### [sentry] ###
469 441 ################
470 442
471 443 ## sentry is a alternative open source error aggregator
472 444 ## you must install python packages `sentry` and `raven` to enable
473 445
474 446 sentry.dsn = YOUR_DNS
475 447 sentry.servers =
476 448 sentry.name =
477 449 sentry.key =
478 450 sentry.public_key =
479 451 sentry.secret_key =
480 452 sentry.project =
481 453 sentry.site =
482 454 sentry.include_paths =
483 455 sentry.exclude_paths =
484 456
485 457
486 458 ################################################################################
487 459 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
488 460 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
489 461 ## execute malicious code after an exception is raised. ##
490 462 ################################################################################
491 463 #set debug = false
492 464 set debug = true
493 465
494 466 ##################################
495 467 ### LOGVIEW CONFIG ###
496 468 ##################################
497 469
498 470 logview.sqlalchemy = #faa
499 471 logview.pylons.templating = #bfb
500 472 logview.pylons.util = #eee
501 473
502 474 #########################################################
503 475 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
504 476 #########################################################
505 477
506 478 # SQLITE [default]
507 479 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
508 480
509 481 # POSTGRESQL
510 482 # sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
511 483
512 484 # MySQL
513 485 # sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
514 486
515 487 # see sqlalchemy docs for others
516 488
517 489 sqlalchemy.db1.echo = false
518 490 sqlalchemy.db1.pool_recycle = 3600
519 491 sqlalchemy.db1.convert_unicode = true
520 492
521 493 ################################
522 494 ### LOGGING CONFIGURATION ####
523 495 ################################
524 496
525 497 [loggers]
526 498 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
527 499
528 500 [handlers]
529 501 keys = console, console_sql
530 502
531 503 [formatters]
532 504 keys = generic, color_formatter, color_formatter_sql
533 505
534 506 #############
535 507 ## LOGGERS ##
536 508 #############
537 509
538 510 [logger_root]
539 511 level = NOTSET
540 512 handlers = console
541 513
542 514 [logger_routes]
543 515 level = DEBUG
544 516 handlers =
545 517 qualname = routes.middleware
546 518 ## "level = DEBUG" logs the route matched and routing variables.
547 519 propagate = 1
548 520
549 521 [logger_beaker]
550 522 level = DEBUG
551 523 handlers =
552 524 qualname = beaker.container
553 525 propagate = 1
554 526
555 527 [logger_templates]
556 528 level = INFO
557 529 handlers =
558 530 qualname = pylons.templating
559 531 propagate = 1
560 532
561 533 [logger_kallithea]
562 534 level = DEBUG
563 535 handlers =
564 536 qualname = kallithea
565 537 propagate = 1
566 538
567 539 [logger_sqlalchemy]
568 540 level = INFO
569 541 handlers = console_sql
570 542 qualname = sqlalchemy.engine
571 543 propagate = 0
572 544
573 545 [logger_whoosh_indexer]
574 546 level = DEBUG
575 547 handlers =
576 548 qualname = whoosh_indexer
577 549 propagate = 1
578 550
579 551 ##############
580 552 ## HANDLERS ##
581 553 ##############
582 554
583 555 [handler_console]
584 556 class = StreamHandler
585 557 args = (sys.stderr,)
586 558 #level = INFO
587 559 #formatter = generic
588 560 level = DEBUG
589 561 formatter = color_formatter
590 562
591 563 [handler_console_sql]
592 564 class = StreamHandler
593 565 args = (sys.stderr,)
594 566 #level = WARN
595 567 #formatter = generic
596 568 level = DEBUG
597 569 formatter = color_formatter_sql
598 570
599 571 ################
600 572 ## FORMATTERS ##
601 573 ################
602 574
603 575 [formatter_generic]
604 576 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
605 577 datefmt = %Y-%m-%d %H:%M:%S
606 578
607 579 [formatter_color_formatter]
608 580 class=kallithea.lib.colored_formatter.ColorFormatter
609 581 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
610 582 datefmt = %Y-%m-%d %H:%M:%S
611 583
612 584 [formatter_color_formatter_sql]
613 585 class=kallithea.lib.colored_formatter.ColorFormatterSql
614 586 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
615 587 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,747 +1,739 b''
1 1 .. _setup:
2 2
3 3 =====
4 4 Setup
5 5 =====
6 6
7 7
8 8 Setting up Kallithea
9 9 --------------------
10 10
11 11 First, you will need to create a Kallithea configuration file. Run the
12 12 following command to do this::
13 13
14 14 paster make-config Kallithea production.ini
15 15
16 16 - This will create the file `production.ini` in the current directory. This
17 17 configuration file contains the various settings for Kallithea, e.g proxy
18 18 port, email settings, usage of static files, cache, celery settings and
19 19 logging.
20 20
21 21
22 22 Next, you need to create the databases used by Kallithea. I recommend that you
23 23 use postgresql or sqlite (default). If you choose a database other than the
24 24 default ensure you properly adjust the db url in your production.ini
25 25 configuration file to use this other database. Kallithea currently supports
26 26 postgresql, sqlite and mysql databases. Create the database by running
27 27 the following command::
28 28
29 29 paster setup-db production.ini
30 30
31 31 This will prompt you for a "root" path. This "root" path is the location where
32 32 Kallithea will store all of its repositories on the current machine. After
33 33 entering this "root" path ``setup-db`` will also prompt you for a username
34 34 and password for the initial admin account which ``setup-db`` sets
35 35 up for you.
36 36
37 37 setup process can be fully automated, example for lazy::
38 38
39 39 paster setup-db production.ini --user=nn --password=secret --email=nn@your.kallithea.server --repos=/home/nn/my_repos
40 40
41 41
42 42 - The ``setup-db`` command will create all of the needed tables and an
43 43 admin account. When choosing a root path you can either use a new empty
44 44 location, or a location which already contains existing repositories. If you
45 45 choose a location which contains existing repositories Kallithea will simply
46 46 add all of the repositories at the chosen location to it's database.
47 47 (Note: make sure you specify the correct path to the root).
48 48 - Note: the given path for mercurial_ repositories **must** be write accessible
49 49 for the application. It's very important since the Kallithea web interface
50 50 will work without write access, but when trying to do a push it will
51 51 eventually fail with permission denied errors unless it has write access.
52 52
53 53 You are now ready to use Kallithea, to run it simply execute::
54 54
55 55 paster serve production.ini
56 56
57 57 - This command runs the Kallithea server. The web app should be available at the
58 58 127.0.0.1:5000. This ip and port is configurable via the production.ini
59 59 file created in previous step
60 60 - Use the admin account you created above when running ``setup-db``
61 61 to login to the web app.
62 62 - The default permissions on each repository is read, and the owner is admin.
63 63 Remember to update these if needed.
64 64 - In the admin panel you can toggle ldap, anonymous, permissions settings. As
65 65 well as edit more advanced options on users and repositories
66 66
67 67 Optionally users can create `rcextensions` package that extends Kallithea
68 68 functionality. To do this simply execute::
69 69
70 70 paster make-rcext production.ini
71 71
72 72 This will create `rcextensions` package in the same place that your `ini` file
73 73 lives. With `rcextensions` it's possible to add additional mapping for whoosh,
74 74 stats and add additional code into the push/pull/create/delete repo hooks.
75 75 For example for sending signals to build-bots such as jenkins.
76 76 Please see the `__init__.py` file inside `rcextensions` package
77 77 for more details.
78 78
79 79
80 80 Using Kallithea with SSH
81 81 ------------------------
82 82
83 83 Kallithea currently only hosts repositories using http and https. (The addition
84 84 of ssh hosting is a planned future feature.) However you can easily use ssh in
85 85 parallel with Kallithea. (Repository access via ssh is a standard "out of
86 86 the box" feature of mercurial_ and you can use this to access any of the
87 87 repositories that Kallithea is hosting. See PublishingRepositories_)
88 88
89 89 Kallithea repository structures are kept in directories with the same name
90 90 as the project. When using repository groups, each group is a subdirectory.
91 91 This allows you to easily use ssh for accessing repositories.
92 92
93 93 In order to use ssh you need to make sure that your web-server and the users
94 94 login accounts have the correct permissions set on the appropriate directories.
95 95 (Note that these permissions are independent of any permissions you have set up
96 96 using the Kallithea web interface.)
97 97
98 98 If your main directory (the same as set in Kallithea settings) is for example
99 99 set to **/home/hg** and the repository you are using is named `kallithea`, then
100 100 to clone via ssh you should run::
101 101
102 102 hg clone ssh://user@server.com/home/hg/kallithea
103 103
104 104 Using other external tools such as mercurial-server_ or using ssh key based
105 105 authentication is fully supported.
106 106
107 107 Note: In an advanced setup, in order for your ssh access to use the same
108 108 permissions as set up via the Kallithea web interface, you can create an
109 109 authentication hook to connect to the Kallithea db and runs check functions for
110 110 permissions against that.
111 111
112 112 Setting up Whoosh full text search
113 113 ----------------------------------
114 114
115 115 Starting from version 1.1 the whoosh index can be build by using the paster
116 116 command ``make-index``. To use ``make-index`` you must specify the configuration
117 117 file that stores the location of the index. You may specify the location of the
118 118 repositories (`--repo-location`). If not specified, this value is retrieved
119 119 from the Kallithea database. This was required prior to 1.2. Starting from
120 120 version 1.2 it is also possible to specify a comma separated list of
121 121 repositories (`--index-only`) to build index only on chooses repositories
122 122 skipping any other found in repos location
123 123
124 124 You may optionally pass the option `-f` to enable a full index rebuild. Without
125 125 the `-f` option, indexing will run always in "incremental" mode.
126 126
127 127 For an incremental index build use::
128 128
129 129 paster make-index production.ini
130 130
131 131 For a full index rebuild use::
132 132
133 133 paster make-index production.ini -f
134 134
135 135
136 136 building index just for chosen repositories is possible with such command::
137 137
138 138 paster make-index production.ini --index-only=vcs,kallithea
139 139
140 140
141 141 In order to do periodical index builds and keep your index always up to date.
142 142 It's recommended to do a crontab entry for incremental indexing.
143 143 An example entry might look like this::
144 144
145 145 /path/to/python/bin/paster make-index /path/to/kallithea/production.ini
146 146
147 147 When using incremental mode (the default) whoosh will check the last
148 148 modification date of each file and add it to be reindexed if a newer file is
149 149 available. The indexing daemon checks for any removed files and removes them
150 150 from index.
151 151
152 152 If you want to rebuild index from scratch, you can use the `-f` flag as above,
153 153 or in the admin panel you can check `build from scratch` flag.
154 154
155 155
156 156 Setting up LDAP support
157 157 -----------------------
158 158
159 159 Kallithea starting from version 1.1 supports ldap authentication. In order
160 160 to use LDAP, you have to install the python-ldap_ package. This package is
161 161 available via pypi, so you can install it by running
162 162
163 163 using easy_install::
164 164
165 165 easy_install python-ldap
166 166
167 167 using pip::
168 168
169 169 pip install python-ldap
170 170
171 171 .. note::
172 172 python-ldap requires some certain libs on your system, so before installing
173 173 it check that you have at least `openldap`, and `sasl` libraries.
174 174
175 175 LDAP settings are located in admin->ldap section,
176 176
177 177 Here's a typical ldap setup::
178 178
179 179 Connection settings
180 180 Enable LDAP = checked
181 181 Host = host.example.org
182 182 Port = 389
183 183 Account = <account>
184 184 Password = <password>
185 185 Connection Security = LDAPS connection
186 186 Certificate Checks = DEMAND
187 187
188 188 Search settings
189 189 Base DN = CN=users,DC=host,DC=example,DC=org
190 190 LDAP Filter = (&(objectClass=user)(!(objectClass=computer)))
191 191 LDAP Search Scope = SUBTREE
192 192
193 193 Attribute mappings
194 194 Login Attribute = uid
195 195 First Name Attribute = firstName
196 196 Last Name Attribute = lastName
197 197 E-mail Attribute = mail
198 198
199 199 If your user groups are placed in a Organisation Unit (OU) structure the Search Settings configuration differs::
200 200
201 201 Search settings
202 202 Base DN = DC=host,DC=example,DC=org
203 203 LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user))
204 204 LDAP Search Scope = SUBTREE
205 205
206 206 .. _enable_ldap:
207 207
208 208 Enable LDAP : required
209 209 Whether to use LDAP for authenticating users.
210 210
211 211 .. _ldap_host:
212 212
213 213 Host : required
214 214 LDAP server hostname or IP address. Can be also a comma separated
215 215 list of servers to support LDAP fail-over.
216 216
217 217 .. _Port:
218 218
219 219 Port : required
220 220 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP.
221 221
222 222 .. _ldap_account:
223 223
224 224 Account : optional
225 225 Only required if the LDAP server does not allow anonymous browsing of
226 226 records. This should be a special account for record browsing. This
227 227 will require `LDAP Password`_ below.
228 228
229 229 .. _LDAP Password:
230 230
231 231 Password : optional
232 232 Only required if the LDAP server does not allow anonymous browsing of
233 233 records.
234 234
235 235 .. _Enable LDAPS:
236 236
237 237 Connection Security : required
238 238 Defines the connection to LDAP server
239 239
240 240 No encryption
241 241 Plain non encrypted connection
242 242
243 243 LDAPS connection
244 244 Enable ldaps connection. It will likely require `Port`_ to be set to
245 245 a different value (standard LDAPS port is 636). When LDAPS is enabled
246 246 then `Certificate Checks`_ is required.
247 247
248 248 START_TLS on LDAP connection
249 249 START TLS connection
250 250
251 251 .. _Certificate Checks:
252 252
253 253 Certificate Checks : optional
254 254 How SSL certificates verification is handled - this is only useful when
255 255 `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security
256 256 while the other options are susceptible to man-in-the-middle attacks. SSL
257 257 certificates can be installed to /etc/openldap/cacerts so that the
258 258 DEMAND or HARD options can be used with self-signed certificates or
259 259 certificates that do not have traceable certificates of authority.
260 260
261 261 NEVER
262 262 A serve certificate will never be requested or checked.
263 263
264 264 ALLOW
265 265 A server certificate is requested. Failure to provide a
266 266 certificate or providing a bad certificate will not terminate the
267 267 session.
268 268
269 269 TRY
270 270 A server certificate is requested. Failure to provide a
271 271 certificate does not halt the session; providing a bad certificate
272 272 halts the session.
273 273
274 274 DEMAND
275 275 A server certificate is requested and must be provided and
276 276 authenticated for the session to proceed.
277 277
278 278 HARD
279 279 The same as DEMAND.
280 280
281 281 .. _Base DN:
282 282
283 283 Base DN : required
284 284 The Distinguished Name (DN) where searches for users will be performed.
285 285 Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_.
286 286
287 287 .. _LDAP Filter:
288 288
289 289 LDAP Filter : optional
290 290 A LDAP filter defined by RFC 2254. This is more useful when `LDAP
291 291 Search Scope`_ is set to SUBTREE. The filter is useful for limiting
292 292 which LDAP objects are identified as representing Users for
293 293 authentication. The filter is augmented by `Login Attribute`_ below.
294 294 This can commonly be left blank.
295 295
296 296 .. _LDAP Search Scope:
297 297
298 298 LDAP Search Scope : required
299 299 This limits how far LDAP will search for a matching object.
300 300
301 301 BASE
302 302 Only allows searching of `Base DN`_ and is usually not what you
303 303 want.
304 304
305 305 ONELEVEL
306 306 Searches all entries under `Base DN`_, but not Base DN itself.
307 307
308 308 SUBTREE
309 309 Searches all entries below `Base DN`_, but not Base DN itself.
310 310 When using SUBTREE `LDAP Filter`_ is useful to limit object
311 311 location.
312 312
313 313 .. _Login Attribute:
314 314
315 315 Login Attribute : required
316 316 The LDAP record attribute that will be matched as the USERNAME or
317 317 ACCOUNT used to connect to Kallithea. This will be added to `LDAP
318 318 Filter`_ for locating the User object. If `LDAP Filter`_ is specified as
319 319 "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has
320 320 connected as "jsmith" then the `LDAP Filter`_ will be augmented as below
321 321 ::
322 322
323 323 (&(LDAPFILTER)(uid=jsmith))
324 324
325 325 .. _ldap_attr_firstname:
326 326
327 327 First Name Attribute : required
328 328 The LDAP record attribute which represents the user's first name.
329 329
330 330 .. _ldap_attr_lastname:
331 331
332 332 Last Name Attribute : required
333 333 The LDAP record attribute which represents the user's last name.
334 334
335 335 .. _ldap_attr_email:
336 336
337 337 Email Attribute : required
338 338 The LDAP record attribute which represents the user's email address.
339 339
340 340 If all data are entered correctly, and python-ldap_ is properly installed
341 341 users should be granted access to Kallithea with ldap accounts. At this
342 342 time user information is copied from LDAP into the Kallithea user database.
343 343 This means that updates of an LDAP user object may not be reflected as a
344 344 user update in Kallithea.
345 345
346 346 If You have problems with LDAP access and believe You entered correct
347 347 information check out the Kallithea logs, any error messages sent from LDAP
348 348 will be saved there.
349 349
350 350 Active Directory
351 351 ''''''''''''''''
352 352
353 353 Kallithea can use Microsoft Active Directory for user authentication. This
354 354 is done through an LDAP or LDAPS connection to Active Directory. The
355 355 following LDAP configuration settings are typical for using Active
356 356 Directory ::
357 357
358 358 Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local
359 359 Login Attribute = sAMAccountName
360 360 First Name Attribute = givenName
361 361 Last Name Attribute = sn
362 362 E-mail Attribute = mail
363 363
364 364 All other LDAP settings will likely be site-specific and should be
365 365 appropriately configured.
366 366
367 367
368 368 Authentication by container or reverse-proxy
369 369 --------------------------------------------
370 370
371 Starting with version 1.3, Kallithea supports delegating the authentication
371 Kallithea supports delegating the authentication
372 372 of users to its WSGI container, or to a reverse-proxy server through which all
373 373 clients access the application.
374 374
375 375 When these authentication methods are enabled in Kallithea, it uses the
376 376 username that the container/proxy (Apache/Nginx/etc) authenticated and doesn't
377 377 perform the authentication itself. The authorization, however, is still done by
378 378 Kallithea according to its settings.
379 379
380 380 When a user logs in for the first time using these authentication methods,
381 381 a matching user account is created in Kallithea with default permissions. An
382 382 administrator can then modify it using Kallithea's admin interface.
383 383 It's also possible for an administrator to create accounts and configure their
384 384 permissions before the user logs in for the first time.
385 385
386
386 387 Container-based authentication
387 388 ''''''''''''''''''''''''''''''
388 389
389 390 In a container-based authentication setup, Kallithea reads the user name from
390 391 the ``REMOTE_USER`` server variable provided by the WSGI container.
391 392
392 393 After setting up your container (see `Apache's WSGI config`_), you'd need
393 394 to configure it to require authentication on the location configured for
394 395 Kallithea.
395 396
396 In order for Kallithea to start using the provided username, you should set the
397 following in the [app:main] section of your .ini file::
398
399 container_auth_enabled = true
400
401 397
402 398 Proxy pass-through authentication
403 399 '''''''''''''''''''''''''''''''''
404 400
405 401 In a proxy pass-through authentication setup, Kallithea reads the user name
406 402 from the ``X-Forwarded-User`` request header, which should be configured to be
407 403 sent by the reverse-proxy server.
408 404
409 405 After setting up your proxy solution (see `Apache virtual host reverse proxy example`_,
410 406 `Apache as subdirectory`_ or `Nginx virtual host example`_), you'd need to
411 407 configure the authentication and add the username in a request header named
412 408 ``X-Forwarded-User``.
413 409
414 410 For example, the following config section for Apache sets a subdirectory in a
415 411 reverse-proxy setup with basic auth::
416 412
417 413 <Location /<someprefix> >
418 414 ProxyPass http://127.0.0.1:5000/<someprefix>
419 415 ProxyPassReverse http://127.0.0.1:5000/<someprefix>
420 416 SetEnvIf X-Url-Scheme https HTTPS=1
421 417
422 418 AuthType Basic
423 419 AuthName "Kallithea authentication"
424 420 AuthUserFile /home/web/kallithea/.htpasswd
425 421 require valid-user
426 422
427 423 RequestHeader unset X-Forwarded-User
428 424
429 425 RewriteEngine On
430 426 RewriteCond %{LA-U:REMOTE_USER} (.+)
431 427 RewriteRule .* - [E=RU:%1]
432 428 RequestHeader set X-Forwarded-User %{RU}e
433 429 </Location>
434 430
435 In order for Kallithea to start using the forwarded username, you should set
436 the following in the [app:main] section of your .ini file::
437
438 proxypass_auth_enabled = true
439 431
440 432 .. note::
441 433 If you enable proxy pass-through authentication, make sure your server is
442 434 only accessible through the proxy. Otherwise, any client would be able to
443 435 forge the authentication header and could effectively become authenticated
444 436 using any account of their liking.
445 437
446 438 Integration with Issue trackers
447 439 -------------------------------
448 440
449 441 Kallithea provides a simple integration with issue trackers. It's possible
450 442 to define a regular expression that will fetch issue id stored in commit
451 443 messages and replace that with an url to this issue. To enable this simply
452 444 uncomment following variables in the ini file::
453 445
454 446 issue_pat = (?:^#|\s#)(\w+)
455 447 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
456 448 issue_prefix = #
457 449
458 450 `issue_pat` is the regular expression that will fetch issues from commit messages.
459 451 Default regex will match issues in format of #<number> eg. #300.
460 452
461 453 Matched issues will be replace with the link specified as `issue_server_link`
462 454 {id} will be replaced with issue id, and {repo} with repository name.
463 455 Since the # is striped `issue_prefix` is added as a prefix to url.
464 456 `issue_prefix` can be something different than # if you pass
465 457 ISSUE- as issue prefix this will generate an url in format::
466 458
467 459 <a href="https://myissueserver.com/example_repo/issue/300">ISSUE-300</a>
468 460
469 461 Hook management
470 462 ---------------
471 463
472 464 Hooks can be managed in similar way to this used in .hgrc files.
473 465 To access hooks setting click `advanced setup` on Hooks section of Mercurial
474 466 Settings in Admin.
475 467
476 468 There are 4 built in hooks that cannot be changed (only enable/disable by
477 469 checkboxes on previos section).
478 470 To add another custom hook simply fill in first section with
479 471 <name>.<hook_type> and the second one with hook path. Example hooks
480 472 can be found at *kallithea.lib.hooks*.
481 473
482 474
483 475 Changing default encoding
484 476 -------------------------
485 477
486 478 By default Kallithea uses utf8 encoding, starting from 1.3 series this
487 479 can be changed, simply edit default_encoding in .ini file to desired one.
488 480 This affects many parts in Kallithea including committers names, filenames,
489 481 encoding of commit messages. In addition Kallithea can detect if `chardet`
490 482 library is installed. If `chardet` is detected Kallithea will fallback to it
491 483 when there are encode/decode errors.
492 484
493 485
494 486 Setting Up Celery
495 487 -----------------
496 488
497 489 Since version 1.1 celery is configured by the Kallithea ini configuration files.
498 490 Simply set use_celery=true in the ini file then add / change the configuration
499 491 variables inside the ini file.
500 492
501 493 Remember that the ini files use the format with '.' not with '_' like celery.
502 494 So for example setting `BROKER_HOST` in celery means setting `broker.host` in
503 495 the config file.
504 496
505 497 In order to start using celery run::
506 498
507 499 paster celeryd <configfile.ini>
508 500
509 501
510 502 .. note::
511 503 Make sure you run this command from the same virtualenv, and with the same
512 504 user that Kallithea runs.
513 505
514 506 HTTPS support
515 507 -------------
516 508
517 509 Kallithea will by default generate URLs based on the WSGI environment.
518 510
519 511 Alternatively, you can use some special configuration settings to control
520 512 directly which scheme/protocol Kallithea will use when generating URLs:
521 513
522 514 - With `https_fixup = true`, the scheme will be taken from the HTTP_X_URL_SCHEME,
523 515 HTTP_X_FORWARDED_SCHEME or HTTP_X_FORWARDED_PROTO HTTP header (default 'http').
524 516 - With `force_https = true` the default will be 'https'.
525 517 - With `use_htsts = true`, it will set Strict-Transport-Security when using https.
526 518
527 519 Nginx virtual host example
528 520 --------------------------
529 521
530 522 Sample config for nginx using proxy::
531 523
532 524 upstream rc {
533 525 server 127.0.0.1:5000;
534 526 # add more instances for load balancing
535 527 #server 127.0.0.1:5001;
536 528 #server 127.0.0.1:5002;
537 529 }
538 530
539 531 ## gist alias
540 532 server {
541 533 listen 443;
542 534 server_name gist.myserver.com;
543 535 access_log /var/log/nginx/gist.access.log;
544 536 error_log /var/log/nginx/gist.error.log;
545 537
546 538 ssl on;
547 539 ssl_certificate gist.your.kallithea.server.crt;
548 540 ssl_certificate_key gist.your.kallithea.server.key;
549 541
550 542 ssl_session_timeout 5m;
551 543
552 544 ssl_protocols SSLv3 TLSv1;
553 545 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
554 546 ssl_prefer_server_ciphers on;
555 547
556 548 rewrite ^/(.+)$ https://your.kallithea.server/_admin/gists/$1;
557 549 rewrite (.*) https://your.kallithea.server/_admin/gists;
558 550 }
559 551
560 552 server {
561 553 listen 443;
562 554 server_name your.kallithea.server;
563 555 access_log /var/log/nginx/kallithea.access.log;
564 556 error_log /var/log/nginx/kallithea.error.log;
565 557
566 558 ssl on;
567 559 ssl_certificate your.kallithea.server.crt;
568 560 ssl_certificate_key your.kallithea.server.key;
569 561
570 562 ssl_session_timeout 5m;
571 563
572 564 ssl_protocols SSLv3 TLSv1;
573 565 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
574 566 ssl_prefer_server_ciphers on;
575 567
576 568 ## uncomment root directive if you want to serve static files by nginx
577 569 ## requires static_files = false in .ini file
578 570 #root /path/to/installation/kallithea/public;
579 571 include /etc/nginx/proxy.conf;
580 572 location / {
581 573 try_files $uri @rhode;
582 574 }
583 575
584 576 location @rhode {
585 577 proxy_pass http://rc;
586 578 }
587 579
588 580 }
589 581
590 582 Here's the proxy.conf. It's tuned so it will not timeout on long
591 583 pushes or large pushes::
592 584
593 585 proxy_redirect off;
594 586 proxy_set_header Host $host;
595 587 ## needed for container auth
596 588 #proxy_set_header REMOTE_USER $remote_user;
597 589 #proxy_set_header X-Forwarded-User $remote_user;
598 590 proxy_set_header X-Url-Scheme $scheme;
599 591 proxy_set_header X-Host $http_host;
600 592 proxy_set_header X-Real-IP $remote_addr;
601 593 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
602 594 proxy_set_header Proxy-host $proxy_host;
603 595 proxy_buffering off;
604 596 proxy_connect_timeout 7200;
605 597 proxy_send_timeout 7200;
606 598 proxy_read_timeout 7200;
607 599 proxy_buffers 8 32k;
608 600 client_max_body_size 1024m;
609 601 client_body_buffer_size 128k;
610 602 large_client_header_buffers 8 64k;
611 603
612 604
613 605 Apache virtual host reverse proxy example
614 606 -----------------------------------------
615 607
616 608 Here is a sample configuration file for apache using proxy::
617 609
618 610 <VirtualHost *:80>
619 611 ServerName hg.myserver.com
620 612 ServerAlias hg.myserver.com
621 613
622 614 <Proxy *>
623 615 Order allow,deny
624 616 Allow from all
625 617 </Proxy>
626 618
627 619 #important !
628 620 #Directive to properly generate url (clone url) for pylons
629 621 ProxyPreserveHost On
630 622
631 623 #kallithea instance
632 624 ProxyPass / http://127.0.0.1:5000/
633 625 ProxyPassReverse / http://127.0.0.1:5000/
634 626
635 627 #to enable https use line below
636 628 #SetEnvIf X-Url-Scheme https HTTPS=1
637 629
638 630 </VirtualHost>
639 631
640 632
641 633 Additional tutorial
642 634 http://wiki.pylonshq.com/display/pylonscookbook/Apache+as+a+reverse+proxy+for+Pylons
643 635
644 636
645 637 Apache as subdirectory
646 638 ----------------------
647 639
648 640 Apache subdirectory part::
649 641
650 642 <Location /<someprefix> >
651 643 ProxyPass http://127.0.0.1:5000/<someprefix>
652 644 ProxyPassReverse http://127.0.0.1:5000/<someprefix>
653 645 SetEnvIf X-Url-Scheme https HTTPS=1
654 646 </Location>
655 647
656 648 Besides the regular apache setup you will need to add the following line
657 649 into [app:main] section of your .ini file::
658 650
659 651 filter-with = proxy-prefix
660 652
661 653 Add the following at the end of the .ini file::
662 654
663 655 [filter:proxy-prefix]
664 656 use = egg:PasteDeploy#prefix
665 657 prefix = /<someprefix>
666 658
667 659
668 660 then change <someprefix> into your chosen prefix
669 661
670 662 Apache's WSGI config
671 663 --------------------
672 664
673 665 Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
674 666 that, you'll need to:
675 667
676 668 - Install mod_wsgi. If using a Debian-based distro, you can install
677 669 the package libapache2-mod-wsgi::
678 670
679 671 aptitude install libapache2-mod-wsgi
680 672
681 673 - Enable mod_wsgi::
682 674
683 675 a2enmod wsgi
684 676
685 677 - Create a wsgi dispatch script, like the one below. Make sure you
686 678 check the paths correctly point to where you installed Kallithea
687 679 and its Python Virtual Environment.
688 680 - Enable the WSGIScriptAlias directive for the wsgi dispatch script,
689 681 as in the following example. Once again, check the paths are
690 682 correctly specified.
691 683
692 684 Here is a sample excerpt from an Apache Virtual Host configuration file::
693 685
694 686 WSGIDaemonProcess pylons \
695 687 threads=4 \
696 688 python-path=/home/web/kallithea/pyenv/lib/python2.6/site-packages
697 689 WSGIScriptAlias / /home/web/kallithea/dispatch.wsgi
698 690 WSGIPassAuthorization On
699 691
700 692 .. note::
701 693 when running apache as root please add: `user=www-data group=www-data`
702 694 into above configuration
703 695
704 696 .. note::
705 697 Running Kallithea in multiprocess mode in apache is not supported,
706 698 make sure you don't specify `processes=num` directive in the config
707 699
708 700
709 701 Example wsgi dispatch script::
710 702
711 703 import os
712 704 os.environ["HGENCODING"] = "UTF-8"
713 705 os.environ['PYTHON_EGG_CACHE'] = '/home/web/kallithea/.egg-cache'
714 706
715 707 # sometimes it's needed to set the curent dir
716 708 os.chdir('/home/web/kallithea/')
717 709
718 710 import site
719 711 site.addsitedir("/home/web/kallithea/pyenv/lib/python2.6/site-packages")
720 712
721 713 from paste.deploy import loadapp
722 714 from paste.script.util.logging_config import fileConfig
723 715
724 716 fileConfig('/home/web/kallithea/production.ini')
725 717 application = loadapp('config:/home/web/kallithea/production.ini')
726 718
727 719 Note: when using mod_wsgi you'll need to install the same version of
728 720 Mercurial that's inside Kallithea's virtualenv also on the system's Python
729 721 environment.
730 722
731 723
732 724 Other configuration files
733 725 -------------------------
734 726
735 727 Some example init.d scripts can be found in init.d directory::
736 728
737 729 https://kallithea-scm.org/repos/kallithea/files/tip/init.d/
738 730
739 731 .. _virtualenv: http://pypi.python.org/pypi/virtualenv
740 732 .. _python: http://www.python.org/
741 733 .. _mercurial: http://mercurial.selenic.com/
742 734 .. _celery: http://celeryproject.org/
743 735 .. _rabbitmq: http://www.rabbitmq.com/
744 736 .. _python-ldap: http://www.python-ldap.org/
745 737 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
746 738 .. _PublishingRepositories: http://mercurial.selenic.com/wiki/PublishingRepositories
747 739 .. _Issues tracker: https://bitbucket.org/conservancy/kallithea/issues
Show file before | Show file after | Hide comments
@@ -1,609 +1,581 b''
1 1 ## -*- coding: utf-8 -*-
2 2 <%text>################################################################################
3 3 ################################################################################
4 4 # Kallithea - config file generated with kallithea-config #
5 5 ################################################################################
6 6 ################################################################################
7 7 </%text>
8 8 [DEFAULT]
9 9 debug = true
10 10 pdebug = false
11 11 <%text>
12 12 ################################################################################
13 13 ## Uncomment and replace with the address which should receive ##
14 14 ## any error reports after application crash ##
15 15 ## Additionally those settings will be used by Kallithea mailing system ##
16 16 ################################################################################</%text>
17 17 #email_to = admin@localhost
18 18 #error_email_from = paste_error@localhost
19 19 #app_email_from = kallithea-noreply@localhost
20 20 #error_message =
21 21 #email_prefix = [Kallithea]
22 22
23 23 #smtp_server = mail.server.com
24 24 #smtp_username =
25 25 #smtp_password =
26 26 #smtp_port =
27 27 #smtp_use_tls = false
28 28 #smtp_use_ssl = true
29 29 <%text>## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)</%text>
30 30 #smtp_auth =
31 31
32 32 [server:main]
33 33 %if http_server == 'paste':
34 34 <%text>## PASTE ##</%text>
35 35 use = egg:Paste#http
36 36 <%text>## nr of worker threads to spawn</%text>
37 37 threadpool_workers = 5
38 38 <%text>## max request before thread respawn</%text>
39 39 threadpool_max_requests = 10
40 40 <%text>## option to use threads of process</%text>
41 41 use_threadpool = true
42 42 %endif
43 43 %if http_server == 'waitress':
44 44 <%text>## WAITRESS ##</%text>
45 45 use = egg:waitress#main
46 46 <%text>## number of worker threads</%text>
47 47 threads = 5
48 48 <%text>## MAX BODY SIZE 100GB</%text>
49 49 max_request_body_size = 107374182400
50 50 <%text>## use poll instead of select, fixes fd limits, may not work on old</%text>
51 51 <%text>## windows systems.</%text>
52 52 #asyncore_use_poll = True
53 53 %endif
54 54 %if http_server == 'gunicorn':
55 55 <%text>## GUNICORN ##</%text>
56 56 use = egg:gunicorn#main
57 57 <%text>## number of process workers. You must set `instance_id = *` when this option</%text>
58 58 <%text>## is set to more than one worker</%text>
59 59 workers = 1
60 60 <%text>## process name</%text>
61 61 proc_name = kallithea
62 62 <%text>## type of worker class, one of sync, eventlet, gevent, tornado</%text>
63 63 <%text>## recommended for bigger setup is using of of other than sync one</%text>
64 64 worker_class = sync
65 65 max_requests = 1000
66 66 <%text>## ammount of time a worker can handle request before it gets killed and</%text>
67 67 <%text>## restarted</%text>
68 68 timeout = 3600
69 69 %endif
70 70 %if http_server == 'uwsgi':
71 71 <%text>## UWSGI ##</%text>
72 72 <%text>## run with uwsgi --ini-paste-logged <inifile.ini></%text>
73 73 [uwsgi]
74 74 socket = /tmp/uwsgi.sock
75 75 master = true
76 76 http = 127.0.0.1:5000
77 77
78 78 <%text>## set as deamon and redirect all output to file</%text>
79 79 #daemonize = ./uwsgi_kallithea.log
80 80
81 81 <%text>## master process PID</%text>
82 82 pidfile = ./uwsgi_kallithea.pid
83 83
84 84 <%text>## stats server with workers statistics, use uwsgitop</%text>
85 85 <%text>## for monitoring, `uwsgitop 127.0.0.1:1717`</%text>
86 86 stats = 127.0.0.1:1717
87 87 memory-report = true
88 88
89 89 <%text>## log 5XX errors</%text>
90 90 log-5xx = true
91 91
92 92 <%text>## Set the socket listen queue size.</%text>
93 93 listen = 256
94 94
95 95 <%text>## Gracefully Reload workers after the specified amount of managed requests</%text>
96 96 <%text>## (avoid memory leaks).</%text>
97 97 max-requests = 1000
98 98
99 99 <%text>## enable large buffers</%text>
100 100 buffer-size=65535
101 101
102 102 <%text>## socket and http timeouts ##</%text>
103 103 http-timeout=3600
104 104 socket-timeout=3600
105 105
106 106 <%text>## Log requests slower than the specified number of milliseconds.</%text>
107 107 log-slow = 10
108 108
109 109 <%text>## Exit if no app can be loaded.</%text>
110 110 need-app = true
111 111
112 112 <%text>## Set lazy mode (load apps in workers instead of master).</%text>
113 113 lazy = true
114 114
115 115 <%text>## scaling ##</%text>
116 116 <%text>## set cheaper algorithm to use, if not set default will be used</%text>
117 117 cheaper-algo = spare
118 118
119 119 <%text>## minimum number of workers to keep at all times</%text>
120 120 cheaper = 1
121 121
122 122 <%text>## number of workers to spawn at startup</%text>
123 123 cheaper-initial = 1
124 124
125 125 <%text>## maximum number of workers that can be spawned</%text>
126 126 workers = 4
127 127
128 128 <%text>## how many workers should be spawned at a time</%text>
129 129 cheaper-step = 1
130 130 %endif
131 131 <%text>## COMMON ##</%text>
132 132 host = ${host}
133 133 port = ${port}
134 134
135 135 <%text>## prefix middleware for rc</%text>
136 136 #[filter:proxy-prefix]
137 137 #use = egg:PasteDeploy#prefix
138 138 #prefix = /<your-prefix>
139 139
140 140 [app:main]
141 141 use = egg:kallithea
142 142 <%text>## enable proxy prefix middleware</%text>
143 143 #filter-with = proxy-prefix
144 144
145 145 full_stack = true
146 146 static_files = true
147 147 <%text>## Available Languages:</%text>
148 148 <%text>## de en fr ja pl pt_BR ru zh_CN zh_TW</%text>
149 149 lang = ${lang}
150 150 cache_dir = ${here}/data
151 151 index_dir = ${here}/data/index
152 152
153 153 <%text>## perform a full repository scan on each server start, this should be</%text>
154 154 <%text>## set to false after first startup, to allow faster server restarts.</%text>
155 155 initial_repo_scan = false
156 156
157 157 <%text>## uncomment and set this path to use archive download cache</%text>
158 158 archive_cache_dir = ${here}/tarballcache
159 159
160 160 <%text>## change this to unique ID for security</%text>
161 161 app_instance_uuid = ${uuid()}
162 162
163 163 <%text>## cut off limit for large diffs (size in bytes)</%text>
164 164 cut_off_limit = 256000
165 165
166 166 <%text>## use cache version of scm repo everywhere</%text>
167 167 vcs_full_cache = true
168 168
169 169 <%text>## force https in Kallithea, fixes https redirects, assumes it's always https</%text>
170 170 force_https = false
171 171
172 172 <%text>## use Strict-Transport-Security headers</%text>
173 173 use_htsts = false
174 174
175 175 <%text>## number of commits stats will parse on each iteration</%text>
176 176 commit_parse_limit = 25
177 177
178 <%text>## use gravatar service to display avatars</%text>
179 use_gravatar = true
180
181 178 <%text>## path to git executable</%text>
182 179 git_path = git
183 180
184 181 <%text>## git rev filter option, --all is the default filter, if you need to</%text>
185 182 <%text>## hide all refs in changelog switch this to --branches --tags</%text>
186 183 #git_rev_filter = --branches --tags
187 184
188 185 <%text>## RSS feed options</%text>
189 186 rss_cut_off_limit = 256000
190 187 rss_items_per_page = 10
191 188 rss_include_diff = false
192 189
193 190 <%text>## options for showing and identifying changesets</%text>
194 191 show_sha_length = 12
195 192 show_revision_number = true
196 193
197 194 <%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text>
198 195 <%text>## url that does rewrites to _admin/gists/<gistid>.</%text>
199 196 <%text>## example: http://gist.kallithea.server/{gistid}. Empty means use the internal</%text>
200 197 <%text>## Kallithea url, ie. http[s]://your.kallithea.server/_admin/gists/<gistid></%text>
201 198 gist_alias_url =
202 199
203 200 <%text>## white list of API enabled controllers. This allows to add list of</%text>
204 201 <%text>## controllers to which access will be enabled by api_key. eg: to enable</%text>
205 202 <%text>## api access to raw_files put `FilesController:raw`, to enable access to patches</%text>
206 203 <%text>## add `ChangesetController:changeset_patch`. This list should be "," separated</%text>
207 204 <%text>## Syntax is <ControllerClass>:<function>. Check debug logs for generated names</%text>
208 205 <%text>## Recommended settings below are commented out:</%text>
209 206 api_access_controllers_whitelist =
210 207 # ChangesetController:changeset_patch,
211 208 # ChangesetController:changeset_raw,
212 209 # FilesController:raw,
213 210 # FilesController:archivefile
214 211
215 <%text>## alternative_gravatar_url allows you to use your own avatar server application</%text>
216 <%text>## the following parts of the URL will be replaced</%text>
217 <%text>## {email} user email</%text>
218 <%text>## {md5email} md5 hash of the user email (like at gravatar.com)</%text>
219 <%text>## {size} size of the image that is expected from the server application</%text>
220 <%text>## {scheme} http/https from Kallithea server</%text>
221 <%text>## {netloc} network location from Kallithea server</%text>
222 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
223 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
224
225
226 <%text>## container auth options</%text>
227 container_auth_enabled = false
228 proxypass_auth_enabled = false
229
230 212 <%text>## default encoding used to convert from and to unicode</%text>
231 213 <%text>## can be also a comma seperated list of encoding in case of mixed encodings</%text>
232 214 default_encoding = utf8
233 215
234 <%text>## overwrite schema of clone url</%text>
235 <%text>## available vars:</%text>
236 <%text>## scheme - http/https</%text>
237 <%text>## user - current user</%text>
238 <%text>## pass - password</%text>
239 <%text>## netloc - network location</%text>
240 <%text>## path - usually repo_name</%text>
241
242 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
243
244 216 <%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text>
245 217 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
246 218
247 219 <%text>## issue tracking mapping for commits messages</%text>
248 220 <%text>## comment out issue_pat, issue_server, issue_prefix to enable</%text>
249 221
250 222 <%text>## pattern to get the issues from commit messages</%text>
251 223 <%text>## default one used here is #<numbers> with a regex passive group for `#`</%text>
252 224 <%text>## {id} will be all groups matched from this pattern</%text>
253 225
254 226 issue_pat = (?:\s*#)(\d+)
255 227
256 228 <%text>## server url to the issue, each {id} will be replaced with match</%text>
257 229 <%text>## fetched from the regex and {repo} is replaced with full repository name</%text>
258 230 <%text>## including groups {repo_name} is replaced with just name of repo</%text>
259 231
260 232 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
261 233
262 234 <%text>## prefix to add to link to indicate it's an url</%text>
263 235 <%text>## #314 will be replaced by <issue_prefix><id></%text>
264 236
265 237 issue_prefix = #
266 238
267 239 <%text>## issue_pat, issue_server_link, issue_prefix can have suffixes to specify</%text>
268 240 <%text>## multiple patterns, to other issues server, wiki or others</%text>
269 241 <%text>## below an example how to create a wiki pattern</%text>
270 242 # wiki-some-id -> https://mywiki.com/some-id
271 243
272 244 #issue_pat_wiki = (?:wiki-)(.+)
273 245 #issue_server_link_wiki = https://mywiki.com/{id}
274 246 #issue_prefix_wiki = WIKI-
275 247
276 248
277 249 <%text>## instance-id prefix</%text>
278 250 <%text>## a prefix key for this instance used for cache invalidation when running</%text>
279 251 <%text>## multiple instances of kallithea, make sure it's globally unique for</%text>
280 252 <%text>## all running kallithea instances. Leave empty if you don't use it</%text>
281 253 instance_id =
282 254
283 255 <%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>
284 256 <%text>## response is 401 HTTPUnauthorized. Currently HG clients have troubles with</%text>
285 257 <%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>
286 258 auth_ret_code =
287 259
288 260 <%text>## locking return code. When repository is locked return this HTTP code. 2XX</%text>
289 261 <%text>## codes don't break the transactions while 4XX codes do</%text>
290 262 lock_ret_code = 423
291 263
292 264 <%text>## allows to change the repository location in settings page</%text>
293 265 allow_repo_location_change = True
294 266
295 267 <%text>## allows to setup custom hooks in settings page</%text>
296 268 allow_custom_hooks_settings = True
297 269
298 270 <%text>
299 271 ####################################
300 272 ### CELERY CONFIG ####
301 273 ####################################
302 274 </%text>
303 275 use_celery = false
304 276 broker.host = localhost
305 277 broker.vhost = rabbitmqhost
306 278 broker.port = 5672
307 279 broker.user = rabbitmq
308 280 broker.password = qweqwe
309 281
310 282 celery.imports = kallithea.lib.celerylib.tasks
311 283
312 284 celery.result.backend = amqp
313 285 celery.result.dburi = amqp://
314 286 celery.result.serialier = json
315 287
316 288 #celery.send.task.error.emails = true
317 289 #celery.amqp.task.result.expires = 18000
318 290
319 291 celeryd.concurrency = 2
320 292 #celeryd.log.file = celeryd.log
321 293 celeryd.log.level = debug
322 294 celeryd.max.tasks.per.child = 1
323 295
324 296 <%text>## tasks will never be sent to the queue, but executed locally instead.</%text>
325 297 celery.always.eager = false
326 298 <%text>
327 299 ####################################
328 300 ### BEAKER CACHE ####
329 301 ####################################
330 302 </%text>
331 303 beaker.cache.data_dir=${here}/data/cache/data
332 304 beaker.cache.lock_dir=${here}/data/cache/lock
333 305
334 306 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
335 307
336 308 beaker.cache.super_short_term.type=memory
337 309 beaker.cache.super_short_term.expire=10
338 310 beaker.cache.super_short_term.key_length = 256
339 311
340 312 beaker.cache.short_term.type=memory
341 313 beaker.cache.short_term.expire=60
342 314 beaker.cache.short_term.key_length = 256
343 315
344 316 beaker.cache.long_term.type=memory
345 317 beaker.cache.long_term.expire=36000
346 318 beaker.cache.long_term.key_length = 256
347 319
348 320 beaker.cache.sql_cache_short.type=memory
349 321 beaker.cache.sql_cache_short.expire=10
350 322 beaker.cache.sql_cache_short.key_length = 256
351 323
352 324 beaker.cache.sql_cache_med.type=memory
353 325 beaker.cache.sql_cache_med.expire=360
354 326 beaker.cache.sql_cache_med.key_length = 256
355 327
356 328 beaker.cache.sql_cache_long.type=file
357 329 beaker.cache.sql_cache_long.expire=3600
358 330 beaker.cache.sql_cache_long.key_length = 256
359 331 <%text>
360 332 ####################################
361 333 ### BEAKER SESSION ####
362 334 ####################################
363 335 ## Type of storage used for the session, current types are
364 336 ## dbm, file, memcached, database, and memory.
365 337 ## The storage uses the Container API
366 338 ## that is also used by the cache system.
367 339 </%text>
368 340 <%text>## db session ##</%text>
369 341 #beaker.session.type = ext:database
370 342 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
371 343 #beaker.session.table_name = db_session
372 344
373 345 <%text>## encrypted cookie client side session, good for many instances ##</%text>
374 346 #beaker.session.type = cookie
375 347
376 348 <%text>## file based cookies (default) ##</%text>
377 349 #beaker.session.type = file
378 350
379 351 beaker.session.key = kallithea
380 352 beaker.session.secret = ${uuid()}
381 353
382 354 <%text>## Secure encrypted cookie. Requires AES and AES python libraries</%text>
383 355 <%text>## you must disable beaker.session.secret to use this</%text>
384 356 #beaker.session.encrypt_key = <key_for_encryption>
385 357 #beaker.session.validate_key = <validation_key>
386 358
387 359 <%text>## sets session as invalid if it haven't been accessed for given amount of time</%text>
388 360 beaker.session.timeout = 2592000
389 361 beaker.session.httponly = true
390 362 #beaker.session.cookie_path = /<your-prefix>
391 363
392 364 <%text>## uncomment for https secure cookie</%text>
393 365 beaker.session.secure = false
394 366
395 367 <%text>## auto save the session to not to use .save()</%text>
396 368 beaker.session.auto = False
397 369
398 370 <%text>## default cookie expiration time in seconds `true` expire at browser close ##</%text>
399 371 #beaker.session.cookie_expires = 3600
400 372
401 373 %if error_aggregation_service == 'errormator':
402 374 <%text>
403 375 ############################
404 376 ## ERROR HANDLING SYSTEMS ##
405 377 ############################
406 378
407 379 ####################
408 380 ### [errormator] ###
409 381 ####################
410 382
411 383 ## Errormator is tailored to work with Kallithea, see
412 384 ## http://errormator.com for details how to obtain an account
413 385 ## you must install python package `errormator_client` to make it work
414 386 </%text>
415 387 <%text>## errormator enabled</%text>
416 388 errormator = false
417 389
418 390 errormator.server_url = https://api.errormator.com
419 391 errormator.api_key = YOUR_API_KEY
420 392
421 393 <%text>## TWEAK AMOUNT OF INFO SENT HERE</%text>
422 394
423 395 <%text>## enables 404 error logging (default False)</%text>
424 396 errormator.report_404 = false
425 397
426 398 <%text>## time in seconds after request is considered being slow (default 1)</%text>
427 399 errormator.slow_request_time = 1
428 400
429 401 <%text>## record slow requests in application</%text>
430 402 <%text>## (needs to be enabled for slow datastore recording and time tracking)</%text>
431 403 errormator.slow_requests = true
432 404
433 405 <%text>## enable hooking to application loggers</%text>
434 406 # errormator.logging = true
435 407
436 408 <%text>## minimum log level for log capture</%text>
437 409 # errormator.logging.level = WARNING
438 410
439 411 <%text>## send logs only from erroneous/slow requests</%text>
440 412 <%text>## (saves API quota for intensive logging)</%text>
441 413 errormator.logging_on_error = false
442 414
443 415 <%text>## list of additonal keywords that should be grabbed from environ object</%text>
444 416 <%text>## can be string with comma separated list of words in lowercase</%text>
445 417 <%text>## (by default client will always send following info:</%text>
446 418 <%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text>
447 419 <%text>## start with HTTP* this list be extended with additional keywords here</%text>
448 420 errormator.environ_keys_whitelist =
449 421
450 422
451 423 <%text>## list of keywords that should be blanked from request object</%text>
452 424 <%text>## can be string with comma separated list of words in lowercase</%text>
453 425 <%text>## (by default client will always blank keys that contain following words</%text>
454 426 <%text>## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'</%text>
455 427 <%text>## this list be extended with additional keywords set here</%text>
456 428 errormator.request_keys_blacklist =
457 429
458 430
459 431 <%text>## list of namespaces that should be ignores when gathering log entries</%text>
460 432 <%text>## can be string with comma separated list of namespaces</%text>
461 433 <%text>## (by default the client ignores own entries: errormator_client.client)</%text>
462 434 errormator.log_namespace_blacklist =
463 435 %elif error_aggregation_service == 'sentry':
464 436 <%text>
465 437 ################
466 438 ### [sentry] ###
467 439 ################
468 440
469 441 ## sentry is a alternative open source error aggregator
470 442 ## you must install python packages `sentry` and `raven` to enable
471 443 </%text>
472 444 sentry.dsn = YOUR_DNS
473 445 sentry.servers =
474 446 sentry.name =
475 447 sentry.key =
476 448 sentry.public_key =
477 449 sentry.secret_key =
478 450 sentry.project =
479 451 sentry.site =
480 452 sentry.include_paths =
481 453 sentry.exclude_paths =
482 454 %endif
483 455 <%text>
484 456 ################################################################################
485 457 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
486 458 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
487 459 ## execute malicious code after an exception is raised. ##
488 460 ################################################################################</%text>
489 461 set debug = false
490 462 <%text>
491 463 ##################################
492 464 ### LOGVIEW CONFIG ###
493 465 ##################################
494 466 </%text>
495 467 logview.sqlalchemy = #faa
496 468 logview.pylons.templating = #bfb
497 469 logview.pylons.util = #eee
498 470 <%text>
499 471 #########################################################
500 472 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
501 473 #########################################################
502 474 </%text>
503 475 %if database_engine == 'sqlite':
504 476 # SQLITE [default]
505 477 sqlalchemy.db1.url = sqlite:///${here}/kallithea.db?timeout=60
506 478 %elif database_engine == 'postgres':
507 479 # POSTGRESQL
508 480 sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
509 481 %elif database_engine == 'mysql':
510 482 # MySQL
511 483 sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
512 484 %endif
513 485 # see sqlalchemy docs for others
514 486
515 487 sqlalchemy.db1.echo = false
516 488 sqlalchemy.db1.pool_recycle = 3600
517 489 sqlalchemy.db1.convert_unicode = true
518 490 <%text>
519 491 ################################
520 492 ### LOGGING CONFIGURATION ####
521 493 ################################
522 494 </%text>
523 495 [loggers]
524 496 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
525 497
526 498 [handlers]
527 499 keys = console, console_sql
528 500
529 501 [formatters]
530 502 keys = generic, color_formatter, color_formatter_sql
531 503 <%text>
532 504 #############
533 505 ## LOGGERS ##
534 506 #############
535 507 </%text>
536 508 [logger_root]
537 509 level = NOTSET
538 510 handlers = console
539 511
540 512 [logger_routes]
541 513 level = DEBUG
542 514 handlers =
543 515 qualname = routes.middleware
544 516 <%text>## "level = DEBUG" logs the route matched and routing variables.</%text>
545 517 propagate = 1
546 518
547 519 [logger_beaker]
548 520 level = DEBUG
549 521 handlers =
550 522 qualname = beaker.container
551 523 propagate = 1
552 524
553 525 [logger_templates]
554 526 level = INFO
555 527 handlers =
556 528 qualname = pylons.templating
557 529 propagate = 1
558 530
559 531 [logger_kallithea]
560 532 level = DEBUG
561 533 handlers =
562 534 qualname = kallithea
563 535 propagate = 1
564 536
565 537 [logger_sqlalchemy]
566 538 level = INFO
567 539 handlers = console_sql
568 540 qualname = sqlalchemy.engine
569 541 propagate = 0
570 542
571 543 [logger_whoosh_indexer]
572 544 level = DEBUG
573 545 handlers =
574 546 qualname = whoosh_indexer
575 547 propagate = 1
576 548 <%text>
577 549 ##############
578 550 ## HANDLERS ##
579 551 ##############
580 552 </%text>
581 553 [handler_console]
582 554 class = StreamHandler
583 555 args = (sys.stderr,)
584 556 level = INFO
585 557 formatter = generic
586 558
587 559 [handler_console_sql]
588 560 class = StreamHandler
589 561 args = (sys.stderr,)
590 562 level = WARN
591 563 formatter = generic
592 564 <%text>
593 565 ################
594 566 ## FORMATTERS ##
595 567 ################
596 568 </%text>
597 569 [formatter_generic]
598 570 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
599 571 datefmt = %Y-%m-%d %H:%M:%S
600 572
601 573 [formatter_color_formatter]
602 574 class=kallithea.lib.colored_formatter.ColorFormatter
603 575 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
604 576 datefmt = %Y-%m-%d %H:%M:%S
605 577
606 578 [formatter_color_formatter_sql]
607 579 class=kallithea.lib.colored_formatter.ColorFormatterSql
608 580 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
609 581 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,604 +1,576 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Example config #
4 4 # #
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7 ################################################################################
8 8
9 9 [DEFAULT]
10 10 debug = true
11 11 pdebug = false
12 12
13 13 ################################################################################
14 14 ## Uncomment and replace with the address which should receive ##
15 15 ## any error reports after application crash ##
16 16 ## Additionally those settings will be used by Kallithea mailing system ##
17 17 ################################################################################
18 18 #email_to = admin@localhost
19 19 #error_email_from = paste_error@localhost
20 20 #app_email_from = kallithea-noreply@localhost
21 21 #error_message =
22 22 #email_prefix = [Kallithea]
23 23
24 24 #smtp_server = mail.server.com
25 25 #smtp_username =
26 26 #smtp_password =
27 27 #smtp_port =
28 28 #smtp_use_tls = false
29 29 #smtp_use_ssl = true
30 30 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
31 31 #smtp_auth =
32 32
33 33 [server:main]
34 34 ## PASTE ##
35 35 #use = egg:Paste#http
36 36 ## nr of worker threads to spawn
37 37 #threadpool_workers = 5
38 38 ## max request before thread respawn
39 39 #threadpool_max_requests = 10
40 40 ## option to use threads of process
41 41 #use_threadpool = true
42 42
43 43 ## WAITRESS ##
44 44 use = egg:waitress#main
45 45 ## number of worker threads
46 46 threads = 5
47 47 ## MAX BODY SIZE 100GB
48 48 max_request_body_size = 107374182400
49 49 ## use poll instead of select, fixes fd limits, may not work on old
50 50 ## windows systems.
51 51 #asyncore_use_poll = True
52 52
53 53 ## GUNICORN ##
54 54 #use = egg:gunicorn#main
55 55 ## number of process workers. You must set `instance_id = *` when this option
56 56 ## is set to more than one worker
57 57 #workers = 1
58 58 ## process name
59 59 #proc_name = kallithea
60 60 ## type of worker class, one of sync, eventlet, gevent, tornado
61 61 ## recommended for bigger setup is using of of other than sync one
62 62 #worker_class = sync
63 63 #max_requests = 1000
64 64 ## ammount of time a worker can handle request before it gets killed and
65 65 ## restarted
66 66 #timeout = 3600
67 67
68 68 ## UWSGI ##
69 69 ## run with uwsgi --ini-paste-logged <inifile.ini>
70 70 #[uwsgi]
71 71 #socket = /tmp/uwsgi.sock
72 72 #master = true
73 73 #http = 127.0.0.1:5000
74 74
75 75 ## set as deamon and redirect all output to file
76 76 #daemonize = ./uwsgi_kallithea.log
77 77
78 78 ## master process PID
79 79 #pidfile = ./uwsgi_kallithea.pid
80 80
81 81 ## stats server with workers statistics, use uwsgitop
82 82 ## for monitoring, `uwsgitop 127.0.0.1:1717`
83 83 #stats = 127.0.0.1:1717
84 84 #memory-report = true
85 85
86 86 ## log 5XX errors
87 87 #log-5xx = true
88 88
89 89 ## Set the socket listen queue size.
90 90 #listen = 256
91 91
92 92 ## Gracefully Reload workers after the specified amount of managed requests
93 93 ## (avoid memory leaks).
94 94 #max-requests = 1000
95 95
96 96 ## enable large buffers
97 97 #buffer-size=65535
98 98
99 99 ## socket and http timeouts ##
100 100 #http-timeout=3600
101 101 #socket-timeout=3600
102 102
103 103 ## Log requests slower than the specified number of milliseconds.
104 104 #log-slow = 10
105 105
106 106 ## Exit if no app can be loaded.
107 107 #need-app = true
108 108
109 109 ## Set lazy mode (load apps in workers instead of master).
110 110 #lazy = true
111 111
112 112 ## scaling ##
113 113 ## set cheaper algorithm to use, if not set default will be used
114 114 #cheaper-algo = spare
115 115
116 116 ## minimum number of workers to keep at all times
117 117 #cheaper = 1
118 118
119 119 ## number of workers to spawn at startup
120 120 #cheaper-initial = 1
121 121
122 122 ## maximum number of workers that can be spawned
123 123 #workers = 4
124 124
125 125 ## how many workers should be spawned at a time
126 126 #cheaper-step = 1
127 127
128 128 ## COMMON ##
129 129 host = 127.0.0.1
130 130 port = 5000
131 131
132 132 ## prefix middleware for rc
133 133 #[filter:proxy-prefix]
134 134 #use = egg:PasteDeploy#prefix
135 135 #prefix = /<your-prefix>
136 136
137 137 [app:main]
138 138 use = egg:kallithea
139 139 ## enable proxy prefix middleware
140 140 #filter-with = proxy-prefix
141 141
142 142 full_stack = true
143 143 static_files = true
144 144 ## Available Languages:
145 145 ## de en fr ja pl pt_BR ru zh_CN zh_TW
146 146 lang = en
147 147 cache_dir = %(here)s/data
148 148 index_dir = %(here)s/data/index
149 149
150 150 ## perform a full repository scan on each server start, this should be
151 151 ## set to false after first startup, to allow faster server restarts.
152 152 initial_repo_scan = false
153 153
154 154 ## uncomment and set this path to use archive download cache
155 155 archive_cache_dir = %(here)s/tarballcache
156 156
157 157 ## change this to unique ID for security
158 158 app_instance_uuid = ${app_instance_uuid}
159 159
160 160 ## cut off limit for large diffs (size in bytes)
161 161 cut_off_limit = 256000
162 162
163 163 ## use cache version of scm repo everywhere
164 164 vcs_full_cache = true
165 165
166 166 ## force https in Kallithea, fixes https redirects, assumes it's always https
167 167 force_https = false
168 168
169 169 ## use Strict-Transport-Security headers
170 170 use_htsts = false
171 171
172 172 ## number of commits stats will parse on each iteration
173 173 commit_parse_limit = 25
174 174
175 ## use gravatar service to display avatars
176 use_gravatar = true
177
178 175 ## path to git executable
179 176 git_path = git
180 177
181 178 ## git rev filter option, --all is the default filter, if you need to
182 179 ## hide all refs in changelog switch this to --branches --tags
183 180 #git_rev_filter = --branches --tags
184 181
185 182 ## RSS feed options
186 183 rss_cut_off_limit = 256000
187 184 rss_items_per_page = 10
188 185 rss_include_diff = false
189 186
190 187 ## options for showing and identifying changesets
191 188 show_sha_length = 12
192 189 show_revision_number = true
193 190
194 191 ## gist URL alias, used to create nicer urls for gist. This should be an
195 192 ## url that does rewrites to _admin/gists/<gistid>.
196 193 ## example: http://gist.kallithea.server/{gistid}. Empty means use the internal
197 194 ## Kallithea url, ie. http[s]://your.kallithea.server/_admin/gists/<gistid>
198 195 gist_alias_url =
199 196
200 197 ## white list of API enabled controllers. This allows to add list of
201 198 ## controllers to which access will be enabled by api_key. eg: to enable
202 199 ## api access to raw_files put `FilesController:raw`, to enable access to patches
203 200 ## add `ChangesetController:changeset_patch`. This list should be "," separated
204 201 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
205 202 ## Recommended settings below are commented out:
206 203 api_access_controllers_whitelist =
207 204 # ChangesetController:changeset_patch,
208 205 # ChangesetController:changeset_raw,
209 206 # FilesController:raw,
210 207 # FilesController:archivefile
211 208
212 ## alternative_gravatar_url allows you to use your own avatar server application
213 ## the following parts of the URL will be replaced
214 ## {email} user email
215 ## {md5email} md5 hash of the user email (like at gravatar.com)
216 ## {size} size of the image that is expected from the server application
217 ## {scheme} http/https from Kallithea server
218 ## {netloc} network location from Kallithea server
219 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
220 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
221
222
223 ## container auth options
224 container_auth_enabled = false
225 proxypass_auth_enabled = false
226
227 209 ## default encoding used to convert from and to unicode
228 210 ## can be also a comma seperated list of encoding in case of mixed encodings
229 211 default_encoding = utf8
230 212
231 ## overwrite schema of clone url
232 ## available vars:
233 ## scheme - http/https
234 ## user - current user
235 ## pass - password
236 ## netloc - network location
237 ## path - usually repo_name
238
239 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
240
241 213 ## issue tracker for Kallithea (leave blank to disable, absent for default)
242 214 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
243 215
244 216 ## issue tracking mapping for commits messages
245 217 ## comment out issue_pat, issue_server, issue_prefix to enable
246 218
247 219 ## pattern to get the issues from commit messages
248 220 ## default one used here is #<numbers> with a regex passive group for `#`
249 221 ## {id} will be all groups matched from this pattern
250 222
251 223 issue_pat = (?:\s*#)(\d+)
252 224
253 225 ## server url to the issue, each {id} will be replaced with match
254 226 ## fetched from the regex and {repo} is replaced with full repository name
255 227 ## including groups {repo_name} is replaced with just name of repo
256 228
257 229 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
258 230
259 231 ## prefix to add to link to indicate it's an url
260 232 ## #314 will be replaced by <issue_prefix><id>
261 233
262 234 issue_prefix = #
263 235
264 236 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
265 237 ## multiple patterns, to other issues server, wiki or others
266 238 ## below an example how to create a wiki pattern
267 239 # wiki-some-id -> https://mywiki.com/some-id
268 240
269 241 #issue_pat_wiki = (?:wiki-)(.+)
270 242 #issue_server_link_wiki = https://mywiki.com/{id}
271 243 #issue_prefix_wiki = WIKI-
272 244
273 245
274 246 ## instance-id prefix
275 247 ## a prefix key for this instance used for cache invalidation when running
276 248 ## multiple instances of kallithea, make sure it's globally unique for
277 249 ## all running kallithea instances. Leave empty if you don't use it
278 250 instance_id =
279 251
280 252 ## alternative return HTTP header for failed authentication. Default HTTP
281 253 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
282 254 ## handling that. Set this variable to 403 to return HTTPForbidden
283 255 auth_ret_code =
284 256
285 257 ## locking return code. When repository is locked return this HTTP code. 2XX
286 258 ## codes don't break the transactions while 4XX codes do
287 259 lock_ret_code = 423
288 260
289 261 ## allows to change the repository location in settings page
290 262 allow_repo_location_change = True
291 263
292 264 ## allows to setup custom hooks in settings page
293 265 allow_custom_hooks_settings = True
294 266
295 267
296 268 ####################################
297 269 ### CELERY CONFIG ####
298 270 ####################################
299 271
300 272 use_celery = false
301 273 broker.host = localhost
302 274 broker.vhost = rabbitmqhost
303 275 broker.port = 5672
304 276 broker.user = rabbitmq
305 277 broker.password = qweqwe
306 278
307 279 celery.imports = kallithea.lib.celerylib.tasks
308 280
309 281 celery.result.backend = amqp
310 282 celery.result.dburi = amqp://
311 283 celery.result.serialier = json
312 284
313 285 #celery.send.task.error.emails = true
314 286 #celery.amqp.task.result.expires = 18000
315 287
316 288 celeryd.concurrency = 2
317 289 #celeryd.log.file = celeryd.log
318 290 celeryd.log.level = debug
319 291 celeryd.max.tasks.per.child = 1
320 292
321 293 ## tasks will never be sent to the queue, but executed locally instead.
322 294 celery.always.eager = false
323 295
324 296 ####################################
325 297 ### BEAKER CACHE ####
326 298 ####################################
327 299
328 300 beaker.cache.data_dir=%(here)s/data/cache/data
329 301 beaker.cache.lock_dir=%(here)s/data/cache/lock
330 302
331 303 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
332 304
333 305 beaker.cache.super_short_term.type=memory
334 306 beaker.cache.super_short_term.expire=10
335 307 beaker.cache.super_short_term.key_length = 256
336 308
337 309 beaker.cache.short_term.type=memory
338 310 beaker.cache.short_term.expire=60
339 311 beaker.cache.short_term.key_length = 256
340 312
341 313 beaker.cache.long_term.type=memory
342 314 beaker.cache.long_term.expire=36000
343 315 beaker.cache.long_term.key_length = 256
344 316
345 317 beaker.cache.sql_cache_short.type=memory
346 318 beaker.cache.sql_cache_short.expire=10
347 319 beaker.cache.sql_cache_short.key_length = 256
348 320
349 321 beaker.cache.sql_cache_med.type=memory
350 322 beaker.cache.sql_cache_med.expire=360
351 323 beaker.cache.sql_cache_med.key_length = 256
352 324
353 325 beaker.cache.sql_cache_long.type=file
354 326 beaker.cache.sql_cache_long.expire=3600
355 327 beaker.cache.sql_cache_long.key_length = 256
356 328
357 329 ####################################
358 330 ### BEAKER SESSION ####
359 331 ####################################
360 332 ## Type of storage used for the session, current types are
361 333 ## dbm, file, memcached, database, and memory.
362 334 ## The storage uses the Container API
363 335 ## that is also used by the cache system.
364 336
365 337 ## db session ##
366 338 #beaker.session.type = ext:database
367 339 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
368 340 #beaker.session.table_name = db_session
369 341
370 342 ## encrypted cookie client side session, good for many instances ##
371 343 #beaker.session.type = cookie
372 344
373 345 ## file based cookies (default) ##
374 346 #beaker.session.type = file
375 347
376 348 beaker.session.key = kallithea
377 349 beaker.session.secret = ${app_instance_uuid}
378 350
379 351 ## Secure encrypted cookie. Requires AES and AES python libraries
380 352 ## you must disable beaker.session.secret to use this
381 353 #beaker.session.encrypt_key = <key_for_encryption>
382 354 #beaker.session.validate_key = <validation_key>
383 355
384 356 ## sets session as invalid if it haven't been accessed for given amount of time
385 357 beaker.session.timeout = 2592000
386 358 beaker.session.httponly = true
387 359 #beaker.session.cookie_path = /<your-prefix>
388 360
389 361 ## uncomment for https secure cookie
390 362 beaker.session.secure = false
391 363
392 364 ## auto save the session to not to use .save()
393 365 beaker.session.auto = False
394 366
395 367 ## default cookie expiration time in seconds `true` expire at browser close ##
396 368 #beaker.session.cookie_expires = 3600
397 369
398 370
399 371 ############################
400 372 ## ERROR HANDLING SYSTEMS ##
401 373 ############################
402 374
403 375 ####################
404 376 ### [errormator] ###
405 377 ####################
406 378
407 379 ## Errormator is tailored to work with Kallithea, see
408 380 ## http://errormator.com for details how to obtain an account
409 381 ## you must install python package `errormator_client` to make it work
410 382
411 383 ## errormator enabled
412 384 errormator = false
413 385
414 386 errormator.server_url = https://api.errormator.com
415 387 errormator.api_key = YOUR_API_KEY
416 388
417 389 ## TWEAK AMOUNT OF INFO SENT HERE
418 390
419 391 ## enables 404 error logging (default False)
420 392 errormator.report_404 = false
421 393
422 394 ## time in seconds after request is considered being slow (default 1)
423 395 errormator.slow_request_time = 1
424 396
425 397 ## record slow requests in application
426 398 ## (needs to be enabled for slow datastore recording and time tracking)
427 399 errormator.slow_requests = true
428 400
429 401 ## enable hooking to application loggers
430 402 # errormator.logging = true
431 403
432 404 ## minimum log level for log capture
433 405 # errormator.logging.level = WARNING
434 406
435 407 ## send logs only from erroneous/slow requests
436 408 ## (saves API quota for intensive logging)
437 409 errormator.logging_on_error = false
438 410
439 411 ## list of additonal keywords that should be grabbed from environ object
440 412 ## can be string with comma separated list of words in lowercase
441 413 ## (by default client will always send following info:
442 414 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
443 415 ## start with HTTP* this list be extended with additional keywords here
444 416 errormator.environ_keys_whitelist =
445 417
446 418
447 419 ## list of keywords that should be blanked from request object
448 420 ## can be string with comma separated list of words in lowercase
449 421 ## (by default client will always blank keys that contain following words
450 422 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
451 423 ## this list be extended with additional keywords set here
452 424 errormator.request_keys_blacklist =
453 425
454 426
455 427 ## list of namespaces that should be ignores when gathering log entries
456 428 ## can be string with comma separated list of namespaces
457 429 ## (by default the client ignores own entries: errormator_client.client)
458 430 errormator.log_namespace_blacklist =
459 431
460 432
461 433 ################
462 434 ### [sentry] ###
463 435 ################
464 436
465 437 ## sentry is a alternative open source error aggregator
466 438 ## you must install python packages `sentry` and `raven` to enable
467 439
468 440 sentry.dsn = YOUR_DNS
469 441 sentry.servers =
470 442 sentry.name =
471 443 sentry.key =
472 444 sentry.public_key =
473 445 sentry.secret_key =
474 446 sentry.project =
475 447 sentry.site =
476 448 sentry.include_paths =
477 449 sentry.exclude_paths =
478 450
479 451
480 452 ################################################################################
481 453 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
482 454 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
483 455 ## execute malicious code after an exception is raised. ##
484 456 ################################################################################
485 457 set debug = false
486 458
487 459 ##################################
488 460 ### LOGVIEW CONFIG ###
489 461 ##################################
490 462
491 463 logview.sqlalchemy = #faa
492 464 logview.pylons.templating = #bfb
493 465 logview.pylons.util = #eee
494 466
495 467 #########################################################
496 468 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
497 469 #########################################################
498 470
499 471 # SQLITE [default]
500 472 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
501 473
502 474 # POSTGRESQL
503 475 # sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
504 476
505 477 # MySQL
506 478 # sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
507 479
508 480 # see sqlalchemy docs for others
509 481
510 482 sqlalchemy.db1.echo = false
511 483 sqlalchemy.db1.pool_recycle = 3600
512 484 sqlalchemy.db1.convert_unicode = true
513 485
514 486 ################################
515 487 ### LOGGING CONFIGURATION ####
516 488 ################################
517 489
518 490 [loggers]
519 491 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
520 492
521 493 [handlers]
522 494 keys = console, console_sql
523 495
524 496 [formatters]
525 497 keys = generic, color_formatter, color_formatter_sql
526 498
527 499 #############
528 500 ## LOGGERS ##
529 501 #############
530 502
531 503 [logger_root]
532 504 level = NOTSET
533 505 handlers = console
534 506
535 507 [logger_routes]
536 508 level = DEBUG
537 509 handlers =
538 510 qualname = routes.middleware
539 511 ## "level = DEBUG" logs the route matched and routing variables.
540 512 propagate = 1
541 513
542 514 [logger_beaker]
543 515 level = DEBUG
544 516 handlers =
545 517 qualname = beaker.container
546 518 propagate = 1
547 519
548 520 [logger_templates]
549 521 level = INFO
550 522 handlers =
551 523 qualname = pylons.templating
552 524 propagate = 1
553 525
554 526 [logger_kallithea]
555 527 level = DEBUG
556 528 handlers =
557 529 qualname = kallithea
558 530 propagate = 1
559 531
560 532 [logger_sqlalchemy]
561 533 level = INFO
562 534 handlers = console_sql
563 535 qualname = sqlalchemy.engine
564 536 propagate = 0
565 537
566 538 [logger_whoosh_indexer]
567 539 level = DEBUG
568 540 handlers =
569 541 qualname = whoosh_indexer
570 542 propagate = 1
571 543
572 544 ##############
573 545 ## HANDLERS ##
574 546 ##############
575 547
576 548 [handler_console]
577 549 class = StreamHandler
578 550 args = (sys.stderr,)
579 551 level = INFO
580 552 formatter = generic
581 553
582 554 [handler_console_sql]
583 555 class = StreamHandler
584 556 args = (sys.stderr,)
585 557 level = WARN
586 558 formatter = generic
587 559
588 560 ################
589 561 ## FORMATTERS ##
590 562 ################
591 563
592 564 [formatter_generic]
593 565 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
594 566 datefmt = %Y-%m-%d %H:%M:%S
595 567
596 568 [formatter_color_formatter]
597 569 class=kallithea.lib.colored_formatter.ColorFormatter
598 570 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
599 571 datefmt = %Y-%m-%d %H:%M:%S
600 572
601 573 [formatter_color_formatter_sql]
602 574 class=kallithea.lib.colored_formatter.ColorFormatterSql
603 575 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
604 576 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,608 +1,580 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Example config #
4 4 # Exactly as generated with "paster make-config Kallithea production.ini" #
5 5 # using sqlite and kallithea.db .
6 6 # Note: you should generate your own config with your own UUIDs for security #
7 7 # and consider not using sqlite for production. #
8 8 # #
9 9 # The %(here)s variable will be replaced with the parent directory of this file#
10 10 ################################################################################
11 11 ################################################################################
12 12
13 13 [DEFAULT]
14 14 debug = true
15 15 pdebug = false
16 16
17 17 ################################################################################
18 18 ## Uncomment and replace with the address which should receive ##
19 19 ## any error reports after application crash ##
20 20 ## Additionally those settings will be used by Kallithea mailing system ##
21 21 ################################################################################
22 22 #email_to = admin@localhost
23 23 #error_email_from = paste_error@localhost
24 24 #app_email_from = kallithea-noreply@localhost
25 25 #error_message =
26 26 #email_prefix = [Kallithea]
27 27
28 28 #smtp_server = mail.server.com
29 29 #smtp_username =
30 30 #smtp_password =
31 31 #smtp_port =
32 32 #smtp_use_tls = false
33 33 #smtp_use_ssl = true
34 34 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
35 35 #smtp_auth =
36 36
37 37 [server:main]
38 38 ## PASTE ##
39 39 #use = egg:Paste#http
40 40 ## nr of worker threads to spawn
41 41 #threadpool_workers = 5
42 42 ## max request before thread respawn
43 43 #threadpool_max_requests = 10
44 44 ## option to use threads of process
45 45 #use_threadpool = true
46 46
47 47 ## WAITRESS ##
48 48 use = egg:waitress#main
49 49 ## number of worker threads
50 50 threads = 5
51 51 ## MAX BODY SIZE 100GB
52 52 max_request_body_size = 107374182400
53 53 ## use poll instead of select, fixes fd limits, may not work on old
54 54 ## windows systems.
55 55 #asyncore_use_poll = True
56 56
57 57 ## GUNICORN ##
58 58 #use = egg:gunicorn#main
59 59 ## number of process workers. You must set `instance_id = *` when this option
60 60 ## is set to more than one worker
61 61 #workers = 1
62 62 ## process name
63 63 #proc_name = kallithea
64 64 ## type of worker class, one of sync, eventlet, gevent, tornado
65 65 ## recommended for bigger setup is using of of other than sync one
66 66 #worker_class = sync
67 67 #max_requests = 1000
68 68 ## ammount of time a worker can handle request before it gets killed and
69 69 ## restarted
70 70 #timeout = 3600
71 71
72 72 ## UWSGI ##
73 73 ## run with uwsgi --ini-paste-logged <inifile.ini>
74 74 #[uwsgi]
75 75 #socket = /tmp/uwsgi.sock
76 76 #master = true
77 77 #http = 127.0.0.1:5000
78 78
79 79 ## set as deamon and redirect all output to file
80 80 #daemonize = ./uwsgi_kallithea.log
81 81
82 82 ## master process PID
83 83 #pidfile = ./uwsgi_kallithea.pid
84 84
85 85 ## stats server with workers statistics, use uwsgitop
86 86 ## for monitoring, `uwsgitop 127.0.0.1:1717`
87 87 #stats = 127.0.0.1:1717
88 88 #memory-report = true
89 89
90 90 ## log 5XX errors
91 91 #log-5xx = true
92 92
93 93 ## Set the socket listen queue size.
94 94 #listen = 256
95 95
96 96 ## Gracefully Reload workers after the specified amount of managed requests
97 97 ## (avoid memory leaks).
98 98 #max-requests = 1000
99 99
100 100 ## enable large buffers
101 101 #buffer-size=65535
102 102
103 103 ## socket and http timeouts ##
104 104 #http-timeout=3600
105 105 #socket-timeout=3600
106 106
107 107 ## Log requests slower than the specified number of milliseconds.
108 108 #log-slow = 10
109 109
110 110 ## Exit if no app can be loaded.
111 111 #need-app = true
112 112
113 113 ## Set lazy mode (load apps in workers instead of master).
114 114 #lazy = true
115 115
116 116 ## scaling ##
117 117 ## set cheaper algorithm to use, if not set default will be used
118 118 #cheaper-algo = spare
119 119
120 120 ## minimum number of workers to keep at all times
121 121 #cheaper = 1
122 122
123 123 ## number of workers to spawn at startup
124 124 #cheaper-initial = 1
125 125
126 126 ## maximum number of workers that can be spawned
127 127 #workers = 4
128 128
129 129 ## how many workers should be spawned at a time
130 130 #cheaper-step = 1
131 131
132 132 ## COMMON ##
133 133 host = 127.0.0.1
134 134 port = 5000
135 135
136 136 ## prefix middleware for rc
137 137 #[filter:proxy-prefix]
138 138 #use = egg:PasteDeploy#prefix
139 139 #prefix = /<your-prefix>
140 140
141 141 [app:main]
142 142 use = egg:kallithea
143 143 ## enable proxy prefix middleware
144 144 #filter-with = proxy-prefix
145 145
146 146 full_stack = true
147 147 static_files = true
148 148 ## Available Languages:
149 149 ## de en fr ja pl pt_BR ru zh_CN zh_TW
150 150 lang = en
151 151 cache_dir = %(here)s/data
152 152 index_dir = %(here)s/data/index
153 153
154 154 ## perform a full repository scan on each server start, this should be
155 155 ## set to false after first startup, to allow faster server restarts.
156 156 initial_repo_scan = false
157 157
158 158 ## uncomment and set this path to use archive download cache
159 159 archive_cache_dir = %(here)s/tarballcache
160 160
161 161 ## change this to unique ID for security
162 162 app_instance_uuid = change-me
163 163
164 164 ## cut off limit for large diffs (size in bytes)
165 165 cut_off_limit = 256000
166 166
167 167 ## use cache version of scm repo everywhere
168 168 vcs_full_cache = true
169 169
170 170 ## force https in Kallithea, fixes https redirects, assumes it's always https
171 171 force_https = false
172 172
173 173 ## use Strict-Transport-Security headers
174 174 use_htsts = false
175 175
176 176 ## number of commits stats will parse on each iteration
177 177 commit_parse_limit = 25
178 178
179 ## use gravatar service to display avatars
180 use_gravatar = true
181
182 179 ## path to git executable
183 180 git_path = git
184 181
185 182 ## git rev filter option, --all is the default filter, if you need to
186 183 ## hide all refs in changelog switch this to --branches --tags
187 184 #git_rev_filter = --branches --tags
188 185
189 186 ## RSS feed options
190 187 rss_cut_off_limit = 256000
191 188 rss_items_per_page = 10
192 189 rss_include_diff = false
193 190
194 191 ## options for showing and identifying changesets
195 192 show_sha_length = 12
196 193 show_revision_number = true
197 194
198 195 ## gist URL alias, used to create nicer urls for gist. This should be an
199 196 ## url that does rewrites to _admin/gists/<gistid>.
200 197 ## example: http://gist.kallithea.server/{gistid}. Empty means use the internal
201 198 ## Kallithea url, ie. http[s]://your.kallithea.server/_admin/gists/<gistid>
202 199 gist_alias_url =
203 200
204 201 ## white list of API enabled controllers. This allows to add list of
205 202 ## controllers to which access will be enabled by api_key. eg: to enable
206 203 ## api access to raw_files put `FilesController:raw`, to enable access to patches
207 204 ## add `ChangesetController:changeset_patch`. This list should be "," separated
208 205 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
209 206 ## Recommended settings below are commented out:
210 207 api_access_controllers_whitelist =
211 208 # ChangesetController:changeset_patch,
212 209 # ChangesetController:changeset_raw,
213 210 # FilesController:raw,
214 211 # FilesController:archivefile
215 212
216 ## alternative_gravatar_url allows you to use your own avatar server application
217 ## the following parts of the URL will be replaced
218 ## {email} user email
219 ## {md5email} md5 hash of the user email (like at gravatar.com)
220 ## {size} size of the image that is expected from the server application
221 ## {scheme} http/https from Kallithea server
222 ## {netloc} network location from Kallithea server
223 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
224 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
225
226
227 ## container auth options
228 container_auth_enabled = false
229 proxypass_auth_enabled = false
230
231 213 ## default encoding used to convert from and to unicode
232 214 ## can be also a comma seperated list of encoding in case of mixed encodings
233 215 default_encoding = utf8
234 216
235 ## overwrite schema of clone url
236 ## available vars:
237 ## scheme - http/https
238 ## user - current user
239 ## pass - password
240 ## netloc - network location
241 ## path - usually repo_name
242
243 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
244
245 217 ## issue tracker for Kallithea (leave blank to disable, absent for default)
246 218 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
247 219
248 220 ## issue tracking mapping for commits messages
249 221 ## comment out issue_pat, issue_server, issue_prefix to enable
250 222
251 223 ## pattern to get the issues from commit messages
252 224 ## default one used here is #<numbers> with a regex passive group for `#`
253 225 ## {id} will be all groups matched from this pattern
254 226
255 227 issue_pat = (?:\s*#)(\d+)
256 228
257 229 ## server url to the issue, each {id} will be replaced with match
258 230 ## fetched from the regex and {repo} is replaced with full repository name
259 231 ## including groups {repo_name} is replaced with just name of repo
260 232
261 233 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
262 234
263 235 ## prefix to add to link to indicate it's an url
264 236 ## #314 will be replaced by <issue_prefix><id>
265 237
266 238 issue_prefix = #
267 239
268 240 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
269 241 ## multiple patterns, to other issues server, wiki or others
270 242 ## below an example how to create a wiki pattern
271 243 # wiki-some-id -> https://mywiki.com/some-id
272 244
273 245 #issue_pat_wiki = (?:wiki-)(.+)
274 246 #issue_server_link_wiki = https://mywiki.com/{id}
275 247 #issue_prefix_wiki = WIKI-
276 248
277 249
278 250 ## instance-id prefix
279 251 ## a prefix key for this instance used for cache invalidation when running
280 252 ## multiple instances of kallithea, make sure it's globally unique for
281 253 ## all running kallithea instances. Leave empty if you don't use it
282 254 instance_id =
283 255
284 256 ## alternative return HTTP header for failed authentication. Default HTTP
285 257 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
286 258 ## handling that. Set this variable to 403 to return HTTPForbidden
287 259 auth_ret_code =
288 260
289 261 ## locking return code. When repository is locked return this HTTP code. 2XX
290 262 ## codes don't break the transactions while 4XX codes do
291 263 lock_ret_code = 423
292 264
293 265 ## allows to change the repository location in settings page
294 266 allow_repo_location_change = True
295 267
296 268 ## allows to setup custom hooks in settings page
297 269 allow_custom_hooks_settings = True
298 270
299 271
300 272 ####################################
301 273 ### CELERY CONFIG ####
302 274 ####################################
303 275
304 276 use_celery = false
305 277 broker.host = localhost
306 278 broker.vhost = rabbitmqhost
307 279 broker.port = 5672
308 280 broker.user = rabbitmq
309 281 broker.password = qweqwe
310 282
311 283 celery.imports = kallithea.lib.celerylib.tasks
312 284
313 285 celery.result.backend = amqp
314 286 celery.result.dburi = amqp://
315 287 celery.result.serialier = json
316 288
317 289 #celery.send.task.error.emails = true
318 290 #celery.amqp.task.result.expires = 18000
319 291
320 292 celeryd.concurrency = 2
321 293 #celeryd.log.file = celeryd.log
322 294 celeryd.log.level = debug
323 295 celeryd.max.tasks.per.child = 1
324 296
325 297 ## tasks will never be sent to the queue, but executed locally instead.
326 298 celery.always.eager = false
327 299
328 300 ####################################
329 301 ### BEAKER CACHE ####
330 302 ####################################
331 303
332 304 beaker.cache.data_dir=%(here)s/data/cache/data
333 305 beaker.cache.lock_dir=%(here)s/data/cache/lock
334 306
335 307 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
336 308
337 309 beaker.cache.super_short_term.type=memory
338 310 beaker.cache.super_short_term.expire=10
339 311 beaker.cache.super_short_term.key_length = 256
340 312
341 313 beaker.cache.short_term.type=memory
342 314 beaker.cache.short_term.expire=60
343 315 beaker.cache.short_term.key_length = 256
344 316
345 317 beaker.cache.long_term.type=memory
346 318 beaker.cache.long_term.expire=36000
347 319 beaker.cache.long_term.key_length = 256
348 320
349 321 beaker.cache.sql_cache_short.type=memory
350 322 beaker.cache.sql_cache_short.expire=10
351 323 beaker.cache.sql_cache_short.key_length = 256
352 324
353 325 beaker.cache.sql_cache_med.type=memory
354 326 beaker.cache.sql_cache_med.expire=360
355 327 beaker.cache.sql_cache_med.key_length = 256
356 328
357 329 beaker.cache.sql_cache_long.type=file
358 330 beaker.cache.sql_cache_long.expire=3600
359 331 beaker.cache.sql_cache_long.key_length = 256
360 332
361 333 ####################################
362 334 ### BEAKER SESSION ####
363 335 ####################################
364 336 ## Type of storage used for the session, current types are
365 337 ## dbm, file, memcached, database, and memory.
366 338 ## The storage uses the Container API
367 339 ## that is also used by the cache system.
368 340
369 341 ## db session ##
370 342 #beaker.session.type = ext:database
371 343 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
372 344 #beaker.session.table_name = db_session
373 345
374 346 ## encrypted cookie client side session, good for many instances ##
375 347 #beaker.session.type = cookie
376 348
377 349 ## file based cookies (default) ##
378 350 #beaker.session.type = file
379 351
380 352 beaker.session.key = kallithea
381 353 beaker.session.secret = change-me
382 354
383 355 ## Secure encrypted cookie. Requires AES and AES python libraries
384 356 ## you must disable beaker.session.secret to use this
385 357 #beaker.session.encrypt_key = <key_for_encryption>
386 358 #beaker.session.validate_key = <validation_key>
387 359
388 360 ## sets session as invalid if it haven't been accessed for given amount of time
389 361 beaker.session.timeout = 2592000
390 362 beaker.session.httponly = true
391 363 #beaker.session.cookie_path = /<your-prefix>
392 364
393 365 ## uncomment for https secure cookie
394 366 beaker.session.secure = false
395 367
396 368 ## auto save the session to not to use .save()
397 369 beaker.session.auto = False
398 370
399 371 ## default cookie expiration time in seconds `true` expire at browser close ##
400 372 #beaker.session.cookie_expires = 3600
401 373
402 374
403 375 ############################
404 376 ## ERROR HANDLING SYSTEMS ##
405 377 ############################
406 378
407 379 ####################
408 380 ### [errormator] ###
409 381 ####################
410 382
411 383 ## Errormator is tailored to work with Kallithea, see
412 384 ## http://errormator.com for details how to obtain an account
413 385 ## you must install python package `errormator_client` to make it work
414 386
415 387 ## errormator enabled
416 388 errormator = false
417 389
418 390 errormator.server_url = https://api.errormator.com
419 391 errormator.api_key = YOUR_API_KEY
420 392
421 393 ## TWEAK AMOUNT OF INFO SENT HERE
422 394
423 395 ## enables 404 error logging (default False)
424 396 errormator.report_404 = false
425 397
426 398 ## time in seconds after request is considered being slow (default 1)
427 399 errormator.slow_request_time = 1
428 400
429 401 ## record slow requests in application
430 402 ## (needs to be enabled for slow datastore recording and time tracking)
431 403 errormator.slow_requests = true
432 404
433 405 ## enable hooking to application loggers
434 406 # errormator.logging = true
435 407
436 408 ## minimum log level for log capture
437 409 # errormator.logging.level = WARNING
438 410
439 411 ## send logs only from erroneous/slow requests
440 412 ## (saves API quota for intensive logging)
441 413 errormator.logging_on_error = false
442 414
443 415 ## list of additonal keywords that should be grabbed from environ object
444 416 ## can be string with comma separated list of words in lowercase
445 417 ## (by default client will always send following info:
446 418 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
447 419 ## start with HTTP* this list be extended with additional keywords here
448 420 errormator.environ_keys_whitelist =
449 421
450 422
451 423 ## list of keywords that should be blanked from request object
452 424 ## can be string with comma separated list of words in lowercase
453 425 ## (by default client will always blank keys that contain following words
454 426 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
455 427 ## this list be extended with additional keywords set here
456 428 errormator.request_keys_blacklist =
457 429
458 430
459 431 ## list of namespaces that should be ignores when gathering log entries
460 432 ## can be string with comma separated list of namespaces
461 433 ## (by default the client ignores own entries: errormator_client.client)
462 434 errormator.log_namespace_blacklist =
463 435
464 436
465 437 ################
466 438 ### [sentry] ###
467 439 ################
468 440
469 441 ## sentry is a alternative open source error aggregator
470 442 ## you must install python packages `sentry` and `raven` to enable
471 443
472 444 sentry.dsn = YOUR_DNS
473 445 sentry.servers =
474 446 sentry.name =
475 447 sentry.key =
476 448 sentry.public_key =
477 449 sentry.secret_key =
478 450 sentry.project =
479 451 sentry.site =
480 452 sentry.include_paths =
481 453 sentry.exclude_paths =
482 454
483 455
484 456 ################################################################################
485 457 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
486 458 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
487 459 ## execute malicious code after an exception is raised. ##
488 460 ################################################################################
489 461 set debug = false
490 462
491 463 ##################################
492 464 ### LOGVIEW CONFIG ###
493 465 ##################################
494 466
495 467 logview.sqlalchemy = #faa
496 468 logview.pylons.templating = #bfb
497 469 logview.pylons.util = #eee
498 470
499 471 #########################################################
500 472 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
501 473 #########################################################
502 474
503 475 # SQLITE [default]
504 476 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
505 477
506 478 # POSTGRESQL
507 479 # sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
508 480
509 481 # MySQL
510 482 # sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
511 483
512 484 # see sqlalchemy docs for others
513 485
514 486 sqlalchemy.db1.echo = false
515 487 sqlalchemy.db1.pool_recycle = 3600
516 488 sqlalchemy.db1.convert_unicode = true
517 489
518 490 ################################
519 491 ### LOGGING CONFIGURATION ####
520 492 ################################
521 493
522 494 [loggers]
523 495 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
524 496
525 497 [handlers]
526 498 keys = console, console_sql
527 499
528 500 [formatters]
529 501 keys = generic, color_formatter, color_formatter_sql
530 502
531 503 #############
532 504 ## LOGGERS ##
533 505 #############
534 506
535 507 [logger_root]
536 508 level = NOTSET
537 509 handlers = console
538 510
539 511 [logger_routes]
540 512 level = DEBUG
541 513 handlers =
542 514 qualname = routes.middleware
543 515 ## "level = DEBUG" logs the route matched and routing variables.
544 516 propagate = 1
545 517
546 518 [logger_beaker]
547 519 level = DEBUG
548 520 handlers =
549 521 qualname = beaker.container
550 522 propagate = 1
551 523
552 524 [logger_templates]
553 525 level = INFO
554 526 handlers =
555 527 qualname = pylons.templating
556 528 propagate = 1
557 529
558 530 [logger_kallithea]
559 531 level = DEBUG
560 532 handlers =
561 533 qualname = kallithea
562 534 propagate = 1
563 535
564 536 [logger_sqlalchemy]
565 537 level = INFO
566 538 handlers = console_sql
567 539 qualname = sqlalchemy.engine
568 540 propagate = 0
569 541
570 542 [logger_whoosh_indexer]
571 543 level = DEBUG
572 544 handlers =
573 545 qualname = whoosh_indexer
574 546 propagate = 1
575 547
576 548 ##############
577 549 ## HANDLERS ##
578 550 ##############
579 551
580 552 [handler_console]
581 553 class = StreamHandler
582 554 args = (sys.stderr,)
583 555 level = INFO
584 556 formatter = generic
585 557
586 558 [handler_console_sql]
587 559 class = StreamHandler
588 560 args = (sys.stderr,)
589 561 level = WARN
590 562 formatter = generic
591 563
592 564 ################
593 565 ## FORMATTERS ##
594 566 ################
595 567
596 568 [formatter_generic]
597 569 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
598 570 datefmt = %Y-%m-%d %H:%M:%S
599 571
600 572 [formatter_color_formatter]
601 573 class=kallithea.lib.colored_formatter.ColorFormatter
602 574 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
603 575 datefmt = %Y-%m-%d %H:%M:%S
604 576
605 577 [formatter_color_formatter_sql]
606 578 class=kallithea.lib.colored_formatter.ColorFormatterSql
607 579 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
608 580 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,615 +1,587 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - config for tests: #
4 4 # initial_repo_scan = true #
5 5 # vcs_full_cache = false #
6 6 # sqlalchemy and kallithea_test.sqlite #
7 7 # custom logging #
8 8 # #
9 9 # The %(here)s variable will be replaced with the parent directory of this file#
10 10 ################################################################################
11 11 ################################################################################
12 12
13 13 [DEFAULT]
14 14 debug = true
15 15 pdebug = false
16 16
17 17 ################################################################################
18 18 ## Uncomment and replace with the address which should receive ##
19 19 ## any error reports after application crash ##
20 20 ## Additionally those settings will be used by Kallithea mailing system ##
21 21 ################################################################################
22 22 #email_to = admin@localhost
23 23 #error_email_from = paste_error@localhost
24 24 #app_email_from = kallithea-noreply@localhost
25 25 #error_message =
26 26 #email_prefix = [Kallithea]
27 27
28 28 #smtp_server = mail.server.com
29 29 #smtp_username =
30 30 #smtp_password =
31 31 #smtp_port =
32 32 #smtp_use_tls = false
33 33 #smtp_use_ssl = true
34 34 ## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
35 35 #smtp_auth =
36 36
37 37 [server:main]
38 38 ## PASTE ##
39 39 #use = egg:Paste#http
40 40 ## nr of worker threads to spawn
41 41 #threadpool_workers = 5
42 42 ## max request before thread respawn
43 43 #threadpool_max_requests = 10
44 44 ## option to use threads of process
45 45 #use_threadpool = true
46 46
47 47 ## WAITRESS ##
48 48 use = egg:waitress#main
49 49 ## number of worker threads
50 50 threads = 5
51 51 ## MAX BODY SIZE 100GB
52 52 max_request_body_size = 107374182400
53 53 ## use poll instead of select, fixes fd limits, may not work on old
54 54 ## windows systems.
55 55 #asyncore_use_poll = True
56 56
57 57 ## GUNICORN ##
58 58 #use = egg:gunicorn#main
59 59 ## number of process workers. You must set `instance_id = *` when this option
60 60 ## is set to more than one worker
61 61 #workers = 1
62 62 ## process name
63 63 #proc_name = kallithea
64 64 ## type of worker class, one of sync, eventlet, gevent, tornado
65 65 ## recommended for bigger setup is using of of other than sync one
66 66 #worker_class = sync
67 67 #max_requests = 1000
68 68 ## ammount of time a worker can handle request before it gets killed and
69 69 ## restarted
70 70 #timeout = 3600
71 71
72 72 ## UWSGI ##
73 73 ## run with uwsgi --ini-paste-logged <inifile.ini>
74 74 #[uwsgi]
75 75 #socket = /tmp/uwsgi.sock
76 76 #master = true
77 77 #http = 127.0.0.1:5000
78 78
79 79 ## set as deamon and redirect all output to file
80 80 #daemonize = ./uwsgi_kallithea.log
81 81
82 82 ## master process PID
83 83 #pidfile = ./uwsgi_kallithea.pid
84 84
85 85 ## stats server with workers statistics, use uwsgitop
86 86 ## for monitoring, `uwsgitop 127.0.0.1:1717`
87 87 #stats = 127.0.0.1:1717
88 88 #memory-report = true
89 89
90 90 ## log 5XX errors
91 91 #log-5xx = true
92 92
93 93 ## Set the socket listen queue size.
94 94 #listen = 256
95 95
96 96 ## Gracefully Reload workers after the specified amount of managed requests
97 97 ## (avoid memory leaks).
98 98 #max-requests = 1000
99 99
100 100 ## enable large buffers
101 101 #buffer-size=65535
102 102
103 103 ## socket and http timeouts ##
104 104 #http-timeout=3600
105 105 #socket-timeout=3600
106 106
107 107 ## Log requests slower than the specified number of milliseconds.
108 108 #log-slow = 10
109 109
110 110 ## Exit if no app can be loaded.
111 111 #need-app = true
112 112
113 113 ## Set lazy mode (load apps in workers instead of master).
114 114 #lazy = true
115 115
116 116 ## scaling ##
117 117 ## set cheaper algorithm to use, if not set default will be used
118 118 #cheaper-algo = spare
119 119
120 120 ## minimum number of workers to keep at all times
121 121 #cheaper = 1
122 122
123 123 ## number of workers to spawn at startup
124 124 #cheaper-initial = 1
125 125
126 126 ## maximum number of workers that can be spawned
127 127 #workers = 4
128 128
129 129 ## how many workers should be spawned at a time
130 130 #cheaper-step = 1
131 131
132 132 ## COMMON ##
133 133 host = 127.0.0.1
134 134 port = 5000
135 135
136 136 ## prefix middleware for rc
137 137 #[filter:proxy-prefix]
138 138 #use = egg:PasteDeploy#prefix
139 139 #prefix = /<your-prefix>
140 140
141 141 [app:main]
142 142 use = egg:kallithea
143 143 ## enable proxy prefix middleware
144 144 #filter-with = proxy-prefix
145 145
146 146 full_stack = true
147 147 static_files = true
148 148 ## Available Languages:
149 149 ## de en fr ja pl pt_BR ru zh_CN zh_TW
150 150 lang = en
151 151 cache_dir = %(here)s/data
152 152 index_dir = %(here)s/data/index
153 153
154 154 ## perform a full repository scan on each server start, this should be
155 155 ## set to false after first startup, to allow faster server restarts.
156 156 #initial_repo_scan = false
157 157 initial_repo_scan = true
158 158
159 159 ## uncomment and set this path to use archive download cache
160 160 archive_cache_dir = %(here)s/tarballcache
161 161
162 162 ## change this to unique ID for security
163 163 app_instance_uuid = test
164 164
165 165 ## cut off limit for large diffs (size in bytes)
166 166 cut_off_limit = 256000
167 167
168 168 ## use cache version of scm repo everywhere
169 169 #vcs_full_cache = true
170 170 vcs_full_cache = false
171 171
172 172 ## force https in Kallithea, fixes https redirects, assumes it's always https
173 173 force_https = false
174 174
175 175 ## use Strict-Transport-Security headers
176 176 use_htsts = false
177 177
178 178 ## number of commits stats will parse on each iteration
179 179 commit_parse_limit = 25
180 180
181 ## use gravatar service to display avatars
182 use_gravatar = true
183
184 181 ## path to git executable
185 182 git_path = git
186 183
187 184 ## git rev filter option, --all is the default filter, if you need to
188 185 ## hide all refs in changelog switch this to --branches --tags
189 186 #git_rev_filter = --branches --tags
190 187
191 188 ## RSS feed options
192 189 rss_cut_off_limit = 256000
193 190 rss_items_per_page = 10
194 191 rss_include_diff = false
195 192
196 193 ## options for showing and identifying changesets
197 194 show_sha_length = 12
198 195 show_revision_number = true
199 196
200 197 ## gist URL alias, used to create nicer urls for gist. This should be an
201 198 ## url that does rewrites to _admin/gists/<gistid>.
202 199 ## example: http://gist.kallithea.server/{gistid}. Empty means use the internal
203 200 ## Kallithea url, ie. http[s]://your.kallithea.server/_admin/gists/<gistid>
204 201 gist_alias_url =
205 202
206 203 ## white list of API enabled controllers. This allows to add list of
207 204 ## controllers to which access will be enabled by api_key. eg: to enable
208 205 ## api access to raw_files put `FilesController:raw`, to enable access to patches
209 206 ## add `ChangesetController:changeset_patch`. This list should be "," separated
210 207 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
211 208 ## Recommended settings below are commented out:
212 209 api_access_controllers_whitelist =
213 210 # ChangesetController:changeset_patch,
214 211 # ChangesetController:changeset_raw,
215 212 # FilesController:raw,
216 213 # FilesController:archivefile
217 214
218 ## alternative_gravatar_url allows you to use your own avatar server application
219 ## the following parts of the URL will be replaced
220 ## {email} user email
221 ## {md5email} md5 hash of the user email (like at gravatar.com)
222 ## {size} size of the image that is expected from the server application
223 ## {scheme} http/https from Kallithea server
224 ## {netloc} network location from Kallithea server
225 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
226 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
227
228
229 ## container auth options
230 container_auth_enabled = false
231 proxypass_auth_enabled = false
232
233 215 ## default encoding used to convert from and to unicode
234 216 ## can be also a comma seperated list of encoding in case of mixed encodings
235 217 default_encoding = utf8
236 218
237 ## overwrite schema of clone url
238 ## available vars:
239 ## scheme - http/https
240 ## user - current user
241 ## pass - password
242 ## netloc - network location
243 ## path - usually repo_name
244
245 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
246
247 219 ## issue tracker for Kallithea (leave blank to disable, absent for default)
248 220 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
249 221
250 222 ## issue tracking mapping for commits messages
251 223 ## comment out issue_pat, issue_server, issue_prefix to enable
252 224
253 225 ## pattern to get the issues from commit messages
254 226 ## default one used here is #<numbers> with a regex passive group for `#`
255 227 ## {id} will be all groups matched from this pattern
256 228
257 229 issue_pat = (?:\s*#)(\d+)
258 230
259 231 ## server url to the issue, each {id} will be replaced with match
260 232 ## fetched from the regex and {repo} is replaced with full repository name
261 233 ## including groups {repo_name} is replaced with just name of repo
262 234
263 235 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
264 236
265 237 ## prefix to add to link to indicate it's an url
266 238 ## #314 will be replaced by <issue_prefix><id>
267 239
268 240 issue_prefix = #
269 241
270 242 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
271 243 ## multiple patterns, to other issues server, wiki or others
272 244 ## below an example how to create a wiki pattern
273 245 # wiki-some-id -> https://mywiki.com/some-id
274 246
275 247 #issue_pat_wiki = (?:wiki-)(.+)
276 248 #issue_server_link_wiki = https://mywiki.com/{id}
277 249 #issue_prefix_wiki = WIKI-
278 250
279 251
280 252 ## instance-id prefix
281 253 ## a prefix key for this instance used for cache invalidation when running
282 254 ## multiple instances of kallithea, make sure it's globally unique for
283 255 ## all running kallithea instances. Leave empty if you don't use it
284 256 instance_id =
285 257
286 258 ## alternative return HTTP header for failed authentication. Default HTTP
287 259 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
288 260 ## handling that. Set this variable to 403 to return HTTPForbidden
289 261 auth_ret_code =
290 262
291 263 ## locking return code. When repository is locked return this HTTP code. 2XX
292 264 ## codes don't break the transactions while 4XX codes do
293 265 lock_ret_code = 423
294 266
295 267 ## allows to change the repository location in settings page
296 268 allow_repo_location_change = True
297 269
298 270 ## allows to setup custom hooks in settings page
299 271 allow_custom_hooks_settings = True
300 272
301 273
302 274 ####################################
303 275 ### CELERY CONFIG ####
304 276 ####################################
305 277
306 278 use_celery = false
307 279 broker.host = localhost
308 280 broker.vhost = rabbitmqhost
309 281 broker.port = 5672
310 282 broker.user = rabbitmq
311 283 broker.password = qweqwe
312 284
313 285 celery.imports = kallithea.lib.celerylib.tasks
314 286
315 287 celery.result.backend = amqp
316 288 celery.result.dburi = amqp://
317 289 celery.result.serialier = json
318 290
319 291 #celery.send.task.error.emails = true
320 292 #celery.amqp.task.result.expires = 18000
321 293
322 294 celeryd.concurrency = 2
323 295 #celeryd.log.file = celeryd.log
324 296 celeryd.log.level = debug
325 297 celeryd.max.tasks.per.child = 1
326 298
327 299 ## tasks will never be sent to the queue, but executed locally instead.
328 300 celery.always.eager = false
329 301
330 302 ####################################
331 303 ### BEAKER CACHE ####
332 304 ####################################
333 305
334 306 beaker.cache.data_dir=%(here)s/data/cache/data
335 307 beaker.cache.lock_dir=%(here)s/data/cache/lock
336 308
337 309 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
338 310
339 311 beaker.cache.super_short_term.type=memory
340 312 beaker.cache.super_short_term.expire=10
341 313 beaker.cache.super_short_term.key_length = 256
342 314
343 315 beaker.cache.short_term.type=memory
344 316 beaker.cache.short_term.expire=60
345 317 beaker.cache.short_term.key_length = 256
346 318
347 319 beaker.cache.long_term.type=memory
348 320 beaker.cache.long_term.expire=36000
349 321 beaker.cache.long_term.key_length = 256
350 322
351 323 beaker.cache.sql_cache_short.type=memory
352 324 beaker.cache.sql_cache_short.expire=10
353 325 beaker.cache.sql_cache_short.key_length = 256
354 326
355 327 beaker.cache.sql_cache_med.type=memory
356 328 beaker.cache.sql_cache_med.expire=360
357 329 beaker.cache.sql_cache_med.key_length = 256
358 330
359 331 beaker.cache.sql_cache_long.type=file
360 332 beaker.cache.sql_cache_long.expire=3600
361 333 beaker.cache.sql_cache_long.key_length = 256
362 334
363 335 ####################################
364 336 ### BEAKER SESSION ####
365 337 ####################################
366 338 ## Type of storage used for the session, current types are
367 339 ## dbm, file, memcached, database, and memory.
368 340 ## The storage uses the Container API
369 341 ## that is also used by the cache system.
370 342
371 343 ## db session ##
372 344 #beaker.session.type = ext:database
373 345 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
374 346 #beaker.session.table_name = db_session
375 347
376 348 ## encrypted cookie client side session, good for many instances ##
377 349 #beaker.session.type = cookie
378 350
379 351 ## file based cookies (default) ##
380 352 #beaker.session.type = file
381 353
382 354 beaker.session.key = kallithea
383 355 beaker.session.secret = {74e0cd75-b339-478b-b129-07dd221def1f}
384 356
385 357 ## Secure encrypted cookie. Requires AES and AES python libraries
386 358 ## you must disable beaker.session.secret to use this
387 359 #beaker.session.encrypt_key = <key_for_encryption>
388 360 #beaker.session.validate_key = <validation_key>
389 361
390 362 ## sets session as invalid if it haven't been accessed for given amount of time
391 363 beaker.session.timeout = 2592000
392 364 beaker.session.httponly = true
393 365 #beaker.session.cookie_path = /<your-prefix>
394 366
395 367 ## uncomment for https secure cookie
396 368 beaker.session.secure = false
397 369
398 370 ## auto save the session to not to use .save()
399 371 beaker.session.auto = False
400 372
401 373 ## default cookie expiration time in seconds `true` expire at browser close ##
402 374 #beaker.session.cookie_expires = 3600
403 375
404 376
405 377 ############################
406 378 ## ERROR HANDLING SYSTEMS ##
407 379 ############################
408 380
409 381 ####################
410 382 ### [errormator] ###
411 383 ####################
412 384
413 385 ## Errormator is tailored to work with Kallithea, see
414 386 ## http://errormator.com for details how to obtain an account
415 387 ## you must install python package `errormator_client` to make it work
416 388
417 389 ## errormator enabled
418 390 errormator = false
419 391
420 392 errormator.server_url = https://api.errormator.com
421 393 errormator.api_key = YOUR_API_KEY
422 394
423 395 ## TWEAK AMOUNT OF INFO SENT HERE
424 396
425 397 ## enables 404 error logging (default False)
426 398 errormator.report_404 = false
427 399
428 400 ## time in seconds after request is considered being slow (default 1)
429 401 errormator.slow_request_time = 1
430 402
431 403 ## record slow requests in application
432 404 ## (needs to be enabled for slow datastore recording and time tracking)
433 405 errormator.slow_requests = true
434 406
435 407 ## enable hooking to application loggers
436 408 # errormator.logging = true
437 409
438 410 ## minimum log level for log capture
439 411 # errormator.logging.level = WARNING
440 412
441 413 ## send logs only from erroneous/slow requests
442 414 ## (saves API quota for intensive logging)
443 415 errormator.logging_on_error = false
444 416
445 417 ## list of additonal keywords that should be grabbed from environ object
446 418 ## can be string with comma separated list of words in lowercase
447 419 ## (by default client will always send following info:
448 420 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
449 421 ## start with HTTP* this list be extended with additional keywords here
450 422 errormator.environ_keys_whitelist =
451 423
452 424
453 425 ## list of keywords that should be blanked from request object
454 426 ## can be string with comma separated list of words in lowercase
455 427 ## (by default client will always blank keys that contain following words
456 428 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
457 429 ## this list be extended with additional keywords set here
458 430 errormator.request_keys_blacklist =
459 431
460 432
461 433 ## list of namespaces that should be ignores when gathering log entries
462 434 ## can be string with comma separated list of namespaces
463 435 ## (by default the client ignores own entries: errormator_client.client)
464 436 errormator.log_namespace_blacklist =
465 437
466 438
467 439 ################
468 440 ### [sentry] ###
469 441 ################
470 442
471 443 ## sentry is a alternative open source error aggregator
472 444 ## you must install python packages `sentry` and `raven` to enable
473 445
474 446 sentry.dsn = YOUR_DNS
475 447 sentry.servers =
476 448 sentry.name =
477 449 sentry.key =
478 450 sentry.public_key =
479 451 sentry.secret_key =
480 452 sentry.project =
481 453 sentry.site =
482 454 sentry.include_paths =
483 455 sentry.exclude_paths =
484 456
485 457
486 458 ################################################################################
487 459 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
488 460 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
489 461 ## execute malicious code after an exception is raised. ##
490 462 ################################################################################
491 463 set debug = false
492 464
493 465 ##################################
494 466 ### LOGVIEW CONFIG ###
495 467 ##################################
496 468
497 469 logview.sqlalchemy = #faa
498 470 logview.pylons.templating = #bfb
499 471 logview.pylons.util = #eee
500 472
501 473 #########################################################
502 474 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
503 475 #########################################################
504 476
505 477 # SQLITE [default]
506 478 #sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
507 479 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea_test.sqlite
508 480
509 481 # POSTGRESQL
510 482 # sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
511 483
512 484 # MySQL
513 485 # sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea
514 486
515 487 # see sqlalchemy docs for others
516 488
517 489 sqlalchemy.db1.echo = false
518 490 sqlalchemy.db1.pool_recycle = 3600
519 491 sqlalchemy.db1.convert_unicode = true
520 492
521 493 ################################
522 494 ### LOGGING CONFIGURATION ####
523 495 ################################
524 496
525 497 [loggers]
526 498 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
527 499
528 500 [handlers]
529 501 keys = console, console_sql
530 502
531 503 [formatters]
532 504 keys = generic, color_formatter, color_formatter_sql
533 505
534 506 #############
535 507 ## LOGGERS ##
536 508 #############
537 509
538 510 [logger_root]
539 511 #level = NOTSET
540 512 level = DEBUG
541 513 handlers = console
542 514
543 515 [logger_routes]
544 516 level = DEBUG
545 517 handlers =
546 518 qualname = routes.middleware
547 519 ## "level = DEBUG" logs the route matched and routing variables.
548 520 propagate = 1
549 521
550 522 [logger_beaker]
551 523 level = DEBUG
552 524 handlers =
553 525 qualname = beaker.container
554 526 propagate = 1
555 527
556 528 [logger_templates]
557 529 level = INFO
558 530 handlers =
559 531 qualname = pylons.templating
560 532 propagate = 1
561 533
562 534 [logger_kallithea]
563 535 level = DEBUG
564 536 handlers =
565 537 qualname = kallithea
566 538 propagate = 1
567 539
568 540 [logger_sqlalchemy]
569 541 #level = INFO
570 542 #handlers = console_sql
571 543 level = ERROR
572 544 handlers = console
573 545 qualname = sqlalchemy.engine
574 546 propagate = 0
575 547
576 548 [logger_whoosh_indexer]
577 549 level = DEBUG
578 550 handlers =
579 551 qualname = whoosh_indexer
580 552 propagate = 1
581 553
582 554 ##############
583 555 ## HANDLERS ##
584 556 ##############
585 557
586 558 [handler_console]
587 559 class = StreamHandler
588 560 args = (sys.stderr,)
589 561 #level = INFO
590 562 level = NOTSET
591 563 formatter = generic
592 564
593 565 [handler_console_sql]
594 566 class = StreamHandler
595 567 args = (sys.stderr,)
596 568 level = WARN
597 569 formatter = generic
598 570
599 571 ################
600 572 ## FORMATTERS ##
601 573 ################
602 574
603 575 [formatter_generic]
604 576 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
605 577 datefmt = %Y-%m-%d %H:%M:%S
606 578
607 579 [formatter_color_formatter]
608 580 class=kallithea.lib.colored_formatter.ColorFormatter
609 581 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
610 582 datefmt = %Y-%m-%d %H:%M:%S
611 583
612 584 [formatter_color_formatter_sql]
613 585 class=kallithea.lib.colored_formatter.ColorFormatterSql
614 586 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
615 587 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now