##// END OF EJS Templates
make the htsts headers optional and stored in .ini file....
marcink -
r3359:c394a564 beta
parent child Browse files
Show More
@@ -1,439 +1,442 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # RhodeCode - Pylons environment configuration #
4 4 # #
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10 pdebug = false
11 11 ################################################################################
12 12 ## Uncomment and replace with the address which should receive ##
13 13 ## any error reports after application crash ##
14 14 ## Additionally those settings will be used by RhodeCode mailing system ##
15 15 ################################################################################
16 16 #email_to = admin@localhost
17 17 #error_email_from = paste_error@localhost
18 18 #app_email_from = rhodecode-noreply@localhost
19 19 #error_message =
20 20 #email_prefix = [RhodeCode]
21 21
22 22 #smtp_server = mail.server.com
23 23 #smtp_username =
24 24 #smtp_password =
25 25 #smtp_port =
26 26 #smtp_use_tls = false
27 27 #smtp_use_ssl = true
28 28 # Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
29 29 #smtp_auth =
30 30
31 31 [server:main]
32 32 ## PASTE
33 33 ##nr of threads to spawn
34 34 #threadpool_workers = 5
35 35
36 36 ##max request before thread respawn
37 37 #threadpool_max_requests = 10
38 38
39 39 ##option to use threads of process
40 40 #use_threadpool = true
41 41
42 42 #use = egg:Paste#http
43 43
44 44 #WAITRESS
45 45 threads = 5
46 46 use = egg:waitress#main
47 47
48 48 host = 0.0.0.0
49 49 port = 5000
50 50
51 51 [filter:proxy-prefix]
52 52 # prefix middleware for rc
53 53 use = egg:PasteDeploy#prefix
54 54 prefix = /<your-prefix>
55 55
56 56 [app:main]
57 57 use = egg:rhodecode
58 58 #filter-with = proxy-prefix
59 59 full_stack = true
60 60 static_files = true
61 61 # Optional Languages
62 62 # en, fr, ja, pt_BR, zh_CN, zh_TW, pl
63 63 lang = en
64 64 cache_dir = %(here)s/data
65 65 index_dir = %(here)s/data/index
66 66 app_instance_uuid = rc-develop
67 67 cut_off_limit = 256000
68 68 vcs_full_cache = True
69 # force https in RhodeCode, fixes https redirects, assumes it's always https
69 70 force_https = false
71 # use Strict-Transport-Security headers
72 use_htsts = false
70 73 commit_parse_limit = 25
71 74 # number of items displayed in lightweight dashboard before paginating
72 75 dashboard_items = 100
73 76 use_gravatar = true
74 77
75 78 ## RSS feed options
76 79
77 80 rss_cut_off_limit = 256000
78 81 rss_items_per_page = 10
79 82 rss_include_diff = false
80 83
81 84
82 85 ## alternative_gravatar_url allows you to use your own avatar server application
83 86 ## the following parts of the URL will be replaced
84 87 ## {email} user email
85 88 ## {md5email} md5 hash of the user email (like at gravatar.com)
86 89 ## {size} size of the image that is expected from the server application
87 90 ## {scheme} http/https from RhodeCode server
88 91 ## {netloc} network location from RhodeCode server
89 92 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
90 93 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
91 94
92 95 container_auth_enabled = false
93 96 proxypass_auth_enabled = false
94 97 ## default encoding used to convert from and to unicode
95 98 ## can be also a comma seperated list of encoding in case of mixed encodings
96 99 default_encoding = utf8
97 100
98 101 ## overwrite schema of clone url
99 102 ## available vars:
100 103 ## scheme - http/https
101 104 ## user - current user
102 105 ## pass - password
103 106 ## netloc - network location
104 107 ## path - usually repo_name
105 108
106 109 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
107 110
108 111 ## issue tracking mapping for commits messages
109 112 ## comment out issue_pat, issue_server, issue_prefix to enable
110 113
111 114 ## pattern to get the issues from commit messages
112 115 ## default one used here is #<numbers> with a regex passive group for `#`
113 116 ## {id} will be all groups matched from this pattern
114 117
115 118 issue_pat = (?:\s*#)(\d+)
116 119
117 120 ## server url to the issue, each {id} will be replaced with match
118 121 ## fetched from the regex and {repo} is replaced with full repository name
119 122 ## including groups {repo_name} is replaced with just name of repo
120 123
121 124 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
122 125
123 126 ## prefix to add to link to indicate it's an url
124 127 ## #314 will be replaced by <issue_prefix><id>
125 128
126 129 issue_prefix = #
127 130
128 131 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
129 132 ## multiple patterns, to other issues server, wiki or others
130 133 ## below an example how to create a wiki pattern
131 134 # #wiki-some-id -> https://mywiki.com/some-id
132 135
133 136 #issue_pat_wiki = (?:wiki-)(.+)
134 137 #issue_server_link_wiki = https://mywiki.com/{id}
135 138 #issue_prefix_wiki = WIKI-
136 139
137 140
138 141 ## instance-id prefix
139 142 ## a prefix key for this instance used for cache invalidation when running
140 143 ## multiple instances of rhodecode, make sure it's globally unique for
141 144 ## all running rhodecode instances. Leave empty if you don't use it
142 145 instance_id =
143 146
144 147 ## alternative return HTTP header for failed authentication. Default HTTP
145 148 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
146 149 ## handling that. Set this variable to 403 to return HTTPForbidden
147 150 auth_ret_code =
148 151
149 152 ####################################
150 153 ### CELERY CONFIG ####
151 154 ####################################
152 155 use_celery = false
153 156 broker.host = localhost
154 157 broker.vhost = rabbitmqhost
155 158 broker.port = 5672
156 159 broker.user = rabbitmq
157 160 broker.password = qweqwe
158 161
159 162 celery.imports = rhodecode.lib.celerylib.tasks
160 163
161 164 celery.result.backend = amqp
162 165 celery.result.dburi = amqp://
163 166 celery.result.serialier = json
164 167
165 168 #celery.send.task.error.emails = true
166 169 #celery.amqp.task.result.expires = 18000
167 170
168 171 celeryd.concurrency = 2
169 172 #celeryd.log.file = celeryd.log
170 173 celeryd.log.level = debug
171 174 celeryd.max.tasks.per.child = 1
172 175
173 176 #tasks will never be sent to the queue, but executed locally instead.
174 177 celery.always.eager = false
175 178
176 179 ####################################
177 180 ### BEAKER CACHE ####
178 181 ####################################
179 182 beaker.cache.data_dir=%(here)s/data/cache/data
180 183 beaker.cache.lock_dir=%(here)s/data/cache/lock
181 184
182 185 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
183 186
184 187 beaker.cache.super_short_term.type=memory
185 188 beaker.cache.super_short_term.expire=10
186 189 beaker.cache.super_short_term.key_length = 256
187 190
188 191 beaker.cache.short_term.type=memory
189 192 beaker.cache.short_term.expire=60
190 193 beaker.cache.short_term.key_length = 256
191 194
192 195 beaker.cache.long_term.type=memory
193 196 beaker.cache.long_term.expire=36000
194 197 beaker.cache.long_term.key_length = 256
195 198
196 199 beaker.cache.sql_cache_short.type=memory
197 200 beaker.cache.sql_cache_short.expire=10
198 201 beaker.cache.sql_cache_short.key_length = 256
199 202
200 203 beaker.cache.sql_cache_med.type=memory
201 204 beaker.cache.sql_cache_med.expire=360
202 205 beaker.cache.sql_cache_med.key_length = 256
203 206
204 207 beaker.cache.sql_cache_long.type=file
205 208 beaker.cache.sql_cache_long.expire=3600
206 209 beaker.cache.sql_cache_long.key_length = 256
207 210
208 211 ####################################
209 212 ### BEAKER SESSION ####
210 213 ####################################
211 214 ## Type of storage used for the session, current types are
212 215 ## dbm, file, memcached, database, and memory.
213 216 ## The storage uses the Container API
214 217 ## that is also used by the cache system.
215 218
216 219 ## db session ##
217 220 #beaker.session.type = ext:database
218 221 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode
219 222 #beaker.session.table_name = db_session
220 223
221 224 ## encrypted cookie client side session, good for many instances ##
222 225 #beaker.session.type = cookie
223 226
224 227 ## file based cookies (default) ##
225 228 #beaker.session.type = file
226 229
227 230
228 231 beaker.session.key = rhodecode
229 232 ## secure cookie requires AES python libraries ##
230 233 #beaker.session.encrypt_key = g654dcno0-9873jhgfreyu
231 234 #beaker.session.validate_key = 9712sds2212c--zxc123
232 235 ## sets session as invalid if it haven't been accessed for given amount of time
233 236 beaker.session.timeout = 2592000
234 237 beaker.session.httponly = true
235 238 #beaker.session.cookie_path = /<your-prefix>
236 239
237 240 ## uncomment for https secure cookie ##
238 241 beaker.session.secure = false
239 242
240 243 ## auto save the session to not to use .save() ##
241 244 beaker.session.auto = False
242 245
243 246 ## default cookie expiration time in seconds `true` expire at browser close ##
244 247 #beaker.session.cookie_expires = 3600
245 248
246 249
247 250 ############################
248 251 ## ERROR HANDLING SYSTEMS ##
249 252 ############################
250 253
251 254 ####################
252 255 ### [errormator] ###
253 256 ####################
254 257
255 258 # Errormator is tailored to work with RhodeCode, see
256 259 # http://errormator.com for details how to obtain an account
257 260 # you must install python package `errormator_client` to make it work
258 261
259 262 # errormator enabled
260 263 errormator = true
261 264
262 265 errormator.server_url = https://api.errormator.com
263 266 errormator.api_key = YOUR_API_KEY
264 267
265 268 # TWEAK AMOUNT OF INFO SENT HERE
266 269
267 270 # enables 404 error logging (default False)
268 271 errormator.report_404 = false
269 272
270 273 # time in seconds after request is considered being slow (default 1)
271 274 errormator.slow_request_time = 1
272 275
273 276 # record slow requests in application
274 277 # (needs to be enabled for slow datastore recording and time tracking)
275 278 errormator.slow_requests = true
276 279
277 280 # enable hooking to application loggers
278 281 # errormator.logging = true
279 282
280 283 # minimum log level for log capture
281 284 # errormator.logging.level = WARNING
282 285
283 286 # send logs only from erroneous/slow requests
284 287 # (saves API quota for intensive logging)
285 288 errormator.logging_on_error = false
286 289
287 290 # list of additonal keywords that should be grabbed from environ object
288 291 # can be string with comma separated list of words in lowercase
289 292 # (by default client will always send following info:
290 293 # 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
291 294 # start with HTTP* this list be extended with additional keywords here
292 295 errormator.environ_keys_whitelist =
293 296
294 297
295 298 # list of keywords that should be blanked from request object
296 299 # can be string with comma separated list of words in lowercase
297 300 # (by default client will always blank keys that contain following words
298 301 # 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
299 302 # this list be extended with additional keywords set here
300 303 errormator.request_keys_blacklist =
301 304
302 305
303 306 # list of namespaces that should be ignores when gathering log entries
304 307 # can be string with comma separated list of namespaces
305 308 # (by default the client ignores own entries: errormator_client.client)
306 309 errormator.log_namespace_blacklist =
307 310
308 311
309 312 ################
310 313 ### [sentry] ###
311 314 ################
312 315
313 316 # sentry is a alternative open source error aggregator
314 317 # you must install python packages `sentry` and `raven` to enable
315 318
316 319 sentry.dsn = YOUR_DNS
317 320 sentry.servers =
318 321 sentry.name =
319 322 sentry.key =
320 323 sentry.public_key =
321 324 sentry.secret_key =
322 325 sentry.project =
323 326 sentry.site =
324 327 sentry.include_paths =
325 328 sentry.exclude_paths =
326 329
327 330
328 331 ################################################################################
329 332 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
330 333 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
331 334 ## execute malicious code after an exception is raised. ##
332 335 ################################################################################
333 336 #set debug = false
334 337
335 338 ##################################
336 339 ### LOGVIEW CONFIG ###
337 340 ##################################
338 341 logview.sqlalchemy = #faa
339 342 logview.pylons.templating = #bfb
340 343 logview.pylons.util = #eee
341 344
342 345 #########################################################
343 346 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
344 347 #########################################################
345 348 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
346 349 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode
347 350 sqlalchemy.db1.echo = false
348 351 sqlalchemy.db1.pool_recycle = 3600
349 352 sqlalchemy.db1.convert_unicode = true
350 353
351 354 ################################
352 355 ### LOGGING CONFIGURATION ####
353 356 ################################
354 357 [loggers]
355 358 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, whoosh_indexer
356 359
357 360 [handlers]
358 361 keys = console, console_sql
359 362
360 363 [formatters]
361 364 keys = generic, color_formatter, color_formatter_sql
362 365
363 366 #############
364 367 ## LOGGERS ##
365 368 #############
366 369 [logger_root]
367 370 level = NOTSET
368 371 handlers = console
369 372
370 373 [logger_routes]
371 374 level = DEBUG
372 375 handlers =
373 376 qualname = routes.middleware
374 377 # "level = DEBUG" logs the route matched and routing variables.
375 378 propagate = 1
376 379
377 380 [logger_beaker]
378 381 level = DEBUG
379 382 handlers =
380 383 qualname = beaker.container
381 384 propagate = 1
382 385
383 386 [logger_templates]
384 387 level = INFO
385 388 handlers =
386 389 qualname = pylons.templating
387 390 propagate = 1
388 391
389 392 [logger_rhodecode]
390 393 level = DEBUG
391 394 handlers =
392 395 qualname = rhodecode
393 396 propagate = 1
394 397
395 398 [logger_sqlalchemy]
396 399 level = INFO
397 400 handlers = console_sql
398 401 qualname = sqlalchemy.engine
399 402 propagate = 0
400 403
401 404 [logger_whoosh_indexer]
402 405 level = DEBUG
403 406 handlers =
404 407 qualname = whoosh_indexer
405 408 propagate = 1
406 409
407 410 ##############
408 411 ## HANDLERS ##
409 412 ##############
410 413
411 414 [handler_console]
412 415 class = StreamHandler
413 416 args = (sys.stderr,)
414 417 level = DEBUG
415 418 formatter = color_formatter
416 419
417 420 [handler_console_sql]
418 421 class = StreamHandler
419 422 args = (sys.stderr,)
420 423 level = DEBUG
421 424 formatter = color_formatter_sql
422 425
423 426 ################
424 427 ## FORMATTERS ##
425 428 ################
426 429
427 430 [formatter_generic]
428 431 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
429 432 datefmt = %Y-%m-%d %H:%M:%S
430 433
431 434 [formatter_color_formatter]
432 435 class=rhodecode.lib.colored_formatter.ColorFormatter
433 436 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
434 437 datefmt = %Y-%m-%d %H:%M:%S
435 438
436 439 [formatter_color_formatter_sql]
437 440 class=rhodecode.lib.colored_formatter.ColorFormatterSql
438 441 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
439 442 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,439 +1,442 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # RhodeCode - Pylons environment configuration #
4 4 # #
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10 pdebug = false
11 11 ################################################################################
12 12 ## Uncomment and replace with the address which should receive ##
13 13 ## any error reports after application crash ##
14 14 ## Additionally those settings will be used by RhodeCode mailing system ##
15 15 ################################################################################
16 16 #email_to = admin@localhost
17 17 #error_email_from = paste_error@localhost
18 18 #app_email_from = rhodecode-noreply@localhost
19 19 #error_message =
20 20 #email_prefix = [RhodeCode]
21 21
22 22 #smtp_server = mail.server.com
23 23 #smtp_username =
24 24 #smtp_password =
25 25 #smtp_port =
26 26 #smtp_use_tls = false
27 27 #smtp_use_ssl = true
28 28 # Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
29 29 #smtp_auth =
30 30
31 31 [server:main]
32 32 ## PASTE
33 33 ##nr of threads to spawn
34 34 #threadpool_workers = 5
35 35
36 36 ##max request before thread respawn
37 37 #threadpool_max_requests = 10
38 38
39 39 ##option to use threads of process
40 40 #use_threadpool = true
41 41
42 42 #use = egg:Paste#http
43 43
44 44 #WAITRESS
45 45 threads = 5
46 46 use = egg:waitress#main
47 47
48 48 host = 127.0.0.1
49 49 port = 8001
50 50
51 51 [filter:proxy-prefix]
52 52 # prefix middleware for rc
53 53 use = egg:PasteDeploy#prefix
54 54 prefix = /<your-prefix>
55 55
56 56 [app:main]
57 57 use = egg:rhodecode
58 58 #filter-with = proxy-prefix
59 59 full_stack = true
60 60 static_files = true
61 61 # Optional Languages
62 62 # en, fr, ja, pt_BR, zh_CN, zh_TW, pl
63 63 lang = en
64 64 cache_dir = %(here)s/data
65 65 index_dir = %(here)s/data/index
66 66 app_instance_uuid = rc-production
67 67 cut_off_limit = 256000
68 68 vcs_full_cache = True
69 # force https in RhodeCode, fixes https redirects, assumes it's always https
69 70 force_https = false
71 # use Strict-Transport-Security headers
72 use_htsts = false
70 73 commit_parse_limit = 50
71 74 # number of items displayed in lightweight dashboard before paginating
72 75 dashboard_items = 100
73 76 use_gravatar = true
74 77
75 78 ## RSS feed options
76 79
77 80 rss_cut_off_limit = 256000
78 81 rss_items_per_page = 10
79 82 rss_include_diff = false
80 83
81 84
82 85 ## alternative_gravatar_url allows you to use your own avatar server application
83 86 ## the following parts of the URL will be replaced
84 87 ## {email} user email
85 88 ## {md5email} md5 hash of the user email (like at gravatar.com)
86 89 ## {size} size of the image that is expected from the server application
87 90 ## {scheme} http/https from RhodeCode server
88 91 ## {netloc} network location from RhodeCode server
89 92 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
90 93 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
91 94
92 95 container_auth_enabled = false
93 96 proxypass_auth_enabled = false
94 97 ## default encoding used to convert from and to unicode
95 98 ## can be also a comma seperated list of encoding in case of mixed encodings
96 99 default_encoding = utf8
97 100
98 101 ## overwrite schema of clone url
99 102 ## available vars:
100 103 ## scheme - http/https
101 104 ## user - current user
102 105 ## pass - password
103 106 ## netloc - network location
104 107 ## path - usually repo_name
105 108
106 109 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
107 110
108 111 ## issue tracking mapping for commits messages
109 112 ## comment out issue_pat, issue_server, issue_prefix to enable
110 113
111 114 ## pattern to get the issues from commit messages
112 115 ## default one used here is #<numbers> with a regex passive group for `#`
113 116 ## {id} will be all groups matched from this pattern
114 117
115 118 issue_pat = (?:\s*#)(\d+)
116 119
117 120 ## server url to the issue, each {id} will be replaced with match
118 121 ## fetched from the regex and {repo} is replaced with full repository name
119 122 ## including groups {repo_name} is replaced with just name of repo
120 123
121 124 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
122 125
123 126 ## prefix to add to link to indicate it's an url
124 127 ## #314 will be replaced by <issue_prefix><id>
125 128
126 129 issue_prefix = #
127 130
128 131 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
129 132 ## multiple patterns, to other issues server, wiki or others
130 133 ## below an example how to create a wiki pattern
131 134 # #wiki-some-id -> https://mywiki.com/some-id
132 135
133 136 #issue_pat_wiki = (?:wiki-)(.+)
134 137 #issue_server_link_wiki = https://mywiki.com/{id}
135 138 #issue_prefix_wiki = WIKI-
136 139
137 140
138 141 ## instance-id prefix
139 142 ## a prefix key for this instance used for cache invalidation when running
140 143 ## multiple instances of rhodecode, make sure it's globally unique for
141 144 ## all running rhodecode instances. Leave empty if you don't use it
142 145 instance_id =
143 146
144 147 ## alternative return HTTP header for failed authentication. Default HTTP
145 148 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
146 149 ## handling that. Set this variable to 403 to return HTTPForbidden
147 150 auth_ret_code =
148 151
149 152 ####################################
150 153 ### CELERY CONFIG ####
151 154 ####################################
152 155 use_celery = false
153 156 broker.host = localhost
154 157 broker.vhost = rabbitmqhost
155 158 broker.port = 5672
156 159 broker.user = rabbitmq
157 160 broker.password = qweqwe
158 161
159 162 celery.imports = rhodecode.lib.celerylib.tasks
160 163
161 164 celery.result.backend = amqp
162 165 celery.result.dburi = amqp://
163 166 celery.result.serialier = json
164 167
165 168 #celery.send.task.error.emails = true
166 169 #celery.amqp.task.result.expires = 18000
167 170
168 171 celeryd.concurrency = 2
169 172 #celeryd.log.file = celeryd.log
170 173 celeryd.log.level = debug
171 174 celeryd.max.tasks.per.child = 1
172 175
173 176 #tasks will never be sent to the queue, but executed locally instead.
174 177 celery.always.eager = false
175 178
176 179 ####################################
177 180 ### BEAKER CACHE ####
178 181 ####################################
179 182 beaker.cache.data_dir=%(here)s/data/cache/data
180 183 beaker.cache.lock_dir=%(here)s/data/cache/lock
181 184
182 185 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
183 186
184 187 beaker.cache.super_short_term.type=memory
185 188 beaker.cache.super_short_term.expire=10
186 189 beaker.cache.super_short_term.key_length = 256
187 190
188 191 beaker.cache.short_term.type=memory
189 192 beaker.cache.short_term.expire=60
190 193 beaker.cache.short_term.key_length = 256
191 194
192 195 beaker.cache.long_term.type=memory
193 196 beaker.cache.long_term.expire=36000
194 197 beaker.cache.long_term.key_length = 256
195 198
196 199 beaker.cache.sql_cache_short.type=memory
197 200 beaker.cache.sql_cache_short.expire=10
198 201 beaker.cache.sql_cache_short.key_length = 256
199 202
200 203 beaker.cache.sql_cache_med.type=memory
201 204 beaker.cache.sql_cache_med.expire=360
202 205 beaker.cache.sql_cache_med.key_length = 256
203 206
204 207 beaker.cache.sql_cache_long.type=file
205 208 beaker.cache.sql_cache_long.expire=3600
206 209 beaker.cache.sql_cache_long.key_length = 256
207 210
208 211 ####################################
209 212 ### BEAKER SESSION ####
210 213 ####################################
211 214 ## Type of storage used for the session, current types are
212 215 ## dbm, file, memcached, database, and memory.
213 216 ## The storage uses the Container API
214 217 ## that is also used by the cache system.
215 218
216 219 ## db session ##
217 220 #beaker.session.type = ext:database
218 221 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode
219 222 #beaker.session.table_name = db_session
220 223
221 224 ## encrypted cookie client side session, good for many instances ##
222 225 #beaker.session.type = cookie
223 226
224 227 ## file based cookies (default) ##
225 228 #beaker.session.type = file
226 229
227 230
228 231 beaker.session.key = rhodecode
229 232 ## secure cookie requires AES python libraries ##
230 233 #beaker.session.encrypt_key = g654dcno0-9873jhgfreyu
231 234 #beaker.session.validate_key = 9712sds2212c--zxc123
232 235 ## sets session as invalid if it haven't been accessed for given amount of time
233 236 beaker.session.timeout = 2592000
234 237 beaker.session.httponly = true
235 238 #beaker.session.cookie_path = /<your-prefix>
236 239
237 240 ## uncomment for https secure cookie ##
238 241 beaker.session.secure = false
239 242
240 243 ## auto save the session to not to use .save() ##
241 244 beaker.session.auto = False
242 245
243 246 ## default cookie expiration time in seconds `true` expire at browser close ##
244 247 #beaker.session.cookie_expires = 3600
245 248
246 249
247 250 ############################
248 251 ## ERROR HANDLING SYSTEMS ##
249 252 ############################
250 253
251 254 ####################
252 255 ### [errormator] ###
253 256 ####################
254 257
255 258 # Errormator is tailored to work with RhodeCode, see
256 259 # http://errormator.com for details how to obtain an account
257 260 # you must install python package `errormator_client` to make it work
258 261
259 262 # errormator enabled
260 263 errormator = true
261 264
262 265 errormator.server_url = https://api.errormator.com
263 266 errormator.api_key = YOUR_API_KEY
264 267
265 268 # TWEAK AMOUNT OF INFO SENT HERE
266 269
267 270 # enables 404 error logging (default False)
268 271 errormator.report_404 = false
269 272
270 273 # time in seconds after request is considered being slow (default 1)
271 274 errormator.slow_request_time = 1
272 275
273 276 # record slow requests in application
274 277 # (needs to be enabled for slow datastore recording and time tracking)
275 278 errormator.slow_requests = true
276 279
277 280 # enable hooking to application loggers
278 281 # errormator.logging = true
279 282
280 283 # minimum log level for log capture
281 284 # errormator.logging.level = WARNING
282 285
283 286 # send logs only from erroneous/slow requests
284 287 # (saves API quota for intensive logging)
285 288 errormator.logging_on_error = false
286 289
287 290 # list of additonal keywords that should be grabbed from environ object
288 291 # can be string with comma separated list of words in lowercase
289 292 # (by default client will always send following info:
290 293 # 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
291 294 # start with HTTP* this list be extended with additional keywords here
292 295 errormator.environ_keys_whitelist =
293 296
294 297
295 298 # list of keywords that should be blanked from request object
296 299 # can be string with comma separated list of words in lowercase
297 300 # (by default client will always blank keys that contain following words
298 301 # 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
299 302 # this list be extended with additional keywords set here
300 303 errormator.request_keys_blacklist =
301 304
302 305
303 306 # list of namespaces that should be ignores when gathering log entries
304 307 # can be string with comma separated list of namespaces
305 308 # (by default the client ignores own entries: errormator_client.client)
306 309 errormator.log_namespace_blacklist =
307 310
308 311
309 312 ################
310 313 ### [sentry] ###
311 314 ################
312 315
313 316 # sentry is a alternative open source error aggregator
314 317 # you must install python packages `sentry` and `raven` to enable
315 318
316 319 sentry.dsn = YOUR_DNS
317 320 sentry.servers =
318 321 sentry.name =
319 322 sentry.key =
320 323 sentry.public_key =
321 324 sentry.secret_key =
322 325 sentry.project =
323 326 sentry.site =
324 327 sentry.include_paths =
325 328 sentry.exclude_paths =
326 329
327 330
328 331 ################################################################################
329 332 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
330 333 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
331 334 ## execute malicious code after an exception is raised. ##
332 335 ################################################################################
333 336 set debug = false
334 337
335 338 ##################################
336 339 ### LOGVIEW CONFIG ###
337 340 ##################################
338 341 logview.sqlalchemy = #faa
339 342 logview.pylons.templating = #bfb
340 343 logview.pylons.util = #eee
341 344
342 345 #########################################################
343 346 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
344 347 #########################################################
345 348 #sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
346 349 sqlalchemy.db1.url = postgresql://postgres:qwe@localhost/rhodecode
347 350 sqlalchemy.db1.echo = false
348 351 sqlalchemy.db1.pool_recycle = 3600
349 352 sqlalchemy.db1.convert_unicode = true
350 353
351 354 ################################
352 355 ### LOGGING CONFIGURATION ####
353 356 ################################
354 357 [loggers]
355 358 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, whoosh_indexer
356 359
357 360 [handlers]
358 361 keys = console, console_sql
359 362
360 363 [formatters]
361 364 keys = generic, color_formatter, color_formatter_sql
362 365
363 366 #############
364 367 ## LOGGERS ##
365 368 #############
366 369 [logger_root]
367 370 level = NOTSET
368 371 handlers = console
369 372
370 373 [logger_routes]
371 374 level = DEBUG
372 375 handlers =
373 376 qualname = routes.middleware
374 377 # "level = DEBUG" logs the route matched and routing variables.
375 378 propagate = 1
376 379
377 380 [logger_beaker]
378 381 level = DEBUG
379 382 handlers =
380 383 qualname = beaker.container
381 384 propagate = 1
382 385
383 386 [logger_templates]
384 387 level = INFO
385 388 handlers =
386 389 qualname = pylons.templating
387 390 propagate = 1
388 391
389 392 [logger_rhodecode]
390 393 level = DEBUG
391 394 handlers =
392 395 qualname = rhodecode
393 396 propagate = 1
394 397
395 398 [logger_sqlalchemy]
396 399 level = INFO
397 400 handlers = console_sql
398 401 qualname = sqlalchemy.engine
399 402 propagate = 0
400 403
401 404 [logger_whoosh_indexer]
402 405 level = DEBUG
403 406 handlers =
404 407 qualname = whoosh_indexer
405 408 propagate = 1
406 409
407 410 ##############
408 411 ## HANDLERS ##
409 412 ##############
410 413
411 414 [handler_console]
412 415 class = StreamHandler
413 416 args = (sys.stderr,)
414 417 level = INFO
415 418 formatter = generic
416 419
417 420 [handler_console_sql]
418 421 class = StreamHandler
419 422 args = (sys.stderr,)
420 423 level = WARN
421 424 formatter = generic
422 425
423 426 ################
424 427 ## FORMATTERS ##
425 428 ################
426 429
427 430 [formatter_generic]
428 431 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
429 432 datefmt = %Y-%m-%d %H:%M:%S
430 433
431 434 [formatter_color_formatter]
432 435 class=rhodecode.lib.colored_formatter.ColorFormatter
433 436 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
434 437 datefmt = %Y-%m-%d %H:%M:%S
435 438
436 439 [formatter_color_formatter_sql]
437 440 class=rhodecode.lib.colored_formatter.ColorFormatterSql
438 441 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
439 442 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,449 +1,452 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # RhodeCode - Pylons environment configuration #
4 4 # #
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10 pdebug = false
11 11 ################################################################################
12 12 ## Uncomment and replace with the address which should receive ##
13 13 ## any error reports after application crash ##
14 14 ## Additionally those settings will be used by RhodeCode mailing system ##
15 15 ################################################################################
16 16 #email_to = admin@localhost
17 17 #error_email_from = paste_error@localhost
18 18 #app_email_from = rhodecode-noreply@localhost
19 19 #error_message =
20 20 #email_prefix = [RhodeCode]
21 21
22 22 #smtp_server = mail.server.com
23 23 #smtp_username =
24 24 #smtp_password =
25 25 #smtp_port =
26 26 #smtp_use_tls = false
27 27 #smtp_use_ssl = true
28 28 # Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
29 29 #smtp_auth =
30 30
31 31 [server:main]
32 32 ## PASTE
33 33 ##nr of threads to spawn
34 34 #threadpool_workers = 5
35 35
36 36 ##max request before thread respawn
37 37 #threadpool_max_requests = 10
38 38
39 39 ##option to use threads of process
40 40 #use_threadpool = true
41 41
42 42 #use = egg:Paste#http
43 43
44 44 #WAITRESS
45 45 threads = 5
46 46 use = egg:waitress#main
47 47
48 48 host = 127.0.0.1
49 49 port = 5000
50 50
51 51 [filter:proxy-prefix]
52 52 # prefix middleware for rc
53 53 use = egg:PasteDeploy#prefix
54 54 prefix = /<your-prefix>
55 55
56 56 [app:main]
57 57 use = egg:rhodecode
58 58 #filter-with = proxy-prefix
59 59 full_stack = true
60 60 static_files = true
61 61 # Optional Languages
62 62 # en, fr, ja, pt_BR, zh_CN, zh_TW, pl
63 63 lang = en
64 64 cache_dir = %(here)s/data
65 65 index_dir = %(here)s/data/index
66 66 app_instance_uuid = ${app_instance_uuid}
67 67 cut_off_limit = 256000
68 68 vcs_full_cache = True
69 # force https in RhodeCode, fixes https redirects, assumes it's always https
69 70 force_https = false
71 # use Strict-Transport-Security headers
72 use_htsts = false
70 73 commit_parse_limit = 50
71 74 # number of items displayed in lightweight dashboard before paginating
72 75 dashboard_items = 100
73 76 use_gravatar = true
74 77
75 78 ## RSS feed options
76 79
77 80 rss_cut_off_limit = 256000
78 81 rss_items_per_page = 10
79 82 rss_include_diff = false
80 83
81 84
82 85 ## alternative_gravatar_url allows you to use your own avatar server application
83 86 ## the following parts of the URL will be replaced
84 87 ## {email} user email
85 88 ## {md5email} md5 hash of the user email (like at gravatar.com)
86 89 ## {size} size of the image that is expected from the server application
87 90 ## {scheme} http/https from RhodeCode server
88 91 ## {netloc} network location from RhodeCode server
89 92 #alternative_gravatar_url = http://myavatarserver.com/getbyemail/{email}/{size}
90 93 #alternative_gravatar_url = http://myavatarserver.com/getbymd5/{md5email}?s={size}
91 94
92 95 container_auth_enabled = false
93 96 proxypass_auth_enabled = false
94 97 ## default encoding used to convert from and to unicode
95 98 ## can be also a comma seperated list of encoding in case of mixed encodings
96 99 default_encoding = utf8
97 100
98 101 ## overwrite schema of clone url
99 102 ## available vars:
100 103 ## scheme - http/https
101 104 ## user - current user
102 105 ## pass - password
103 106 ## netloc - network location
104 107 ## path - usually repo_name
105 108
106 109 #clone_uri = {scheme}://{user}{pass}{netloc}{path}
107 110
108 111 ## issue tracking mapping for commits messages
109 112 ## comment out issue_pat, issue_server, issue_prefix to enable
110 113
111 114 ## pattern to get the issues from commit messages
112 115 ## default one used here is #<numbers> with a regex passive group for `#`
113 116 ## {id} will be all groups matched from this pattern
114 117
115 118 issue_pat = (?:\s*#)(\d+)
116 119
117 120 ## server url to the issue, each {id} will be replaced with match
118 121 ## fetched from the regex and {repo} is replaced with full repository name
119 122 ## including groups {repo_name} is replaced with just name of repo
120 123
121 124 issue_server_link = https://myissueserver.com/{repo}/issue/{id}
122 125
123 126 ## prefix to add to link to indicate it's an url
124 127 ## #314 will be replaced by <issue_prefix><id>
125 128
126 129 issue_prefix = #
127 130
128 131 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
129 132 ## multiple patterns, to other issues server, wiki or others
130 133 ## below an example how to create a wiki pattern
131 134 # #wiki-some-id -> https://mywiki.com/some-id
132 135
133 136 #issue_pat_wiki = (?:wiki-)(.+)
134 137 #issue_server_link_wiki = https://mywiki.com/{id}
135 138 #issue_prefix_wiki = WIKI-
136 139
137 140
138 141 ## instance-id prefix
139 142 ## a prefix key for this instance used for cache invalidation when running
140 143 ## multiple instances of rhodecode, make sure it's globally unique for
141 144 ## all running rhodecode instances. Leave empty if you don't use it
142 145 instance_id =
143 146
144 147 ## alternative return HTTP header for failed authentication. Default HTTP
145 148 ## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
146 149 ## handling that. Set this variable to 403 to return HTTPForbidden
147 150 auth_ret_code =
148 151
149 152 ####################################
150 153 ### CELERY CONFIG ####
151 154 ####################################
152 155 use_celery = false
153 156 broker.host = localhost
154 157 broker.vhost = rabbitmqhost
155 158 broker.port = 5672
156 159 broker.user = rabbitmq
157 160 broker.password = qweqwe
158 161
159 162 celery.imports = rhodecode.lib.celerylib.tasks
160 163
161 164 celery.result.backend = amqp
162 165 celery.result.dburi = amqp://
163 166 celery.result.serialier = json
164 167
165 168 #celery.send.task.error.emails = true
166 169 #celery.amqp.task.result.expires = 18000
167 170
168 171 celeryd.concurrency = 2
169 172 #celeryd.log.file = celeryd.log
170 173 celeryd.log.level = debug
171 174 celeryd.max.tasks.per.child = 1
172 175
173 176 #tasks will never be sent to the queue, but executed locally instead.
174 177 celery.always.eager = false
175 178
176 179 ####################################
177 180 ### BEAKER CACHE ####
178 181 ####################################
179 182 beaker.cache.data_dir=%(here)s/data/cache/data
180 183 beaker.cache.lock_dir=%(here)s/data/cache/lock
181 184
182 185 beaker.cache.regions=super_short_term,short_term,long_term,sql_cache_short,sql_cache_med,sql_cache_long
183 186
184 187 beaker.cache.super_short_term.type=memory
185 188 beaker.cache.super_short_term.expire=10
186 189 beaker.cache.super_short_term.key_length = 256
187 190
188 191 beaker.cache.short_term.type=memory
189 192 beaker.cache.short_term.expire=60
190 193 beaker.cache.short_term.key_length = 256
191 194
192 195 beaker.cache.long_term.type=memory
193 196 beaker.cache.long_term.expire=36000
194 197 beaker.cache.long_term.key_length = 256
195 198
196 199 beaker.cache.sql_cache_short.type=memory
197 200 beaker.cache.sql_cache_short.expire=10
198 201 beaker.cache.sql_cache_short.key_length = 256
199 202
200 203 beaker.cache.sql_cache_med.type=memory
201 204 beaker.cache.sql_cache_med.expire=360
202 205 beaker.cache.sql_cache_med.key_length = 256
203 206
204 207 beaker.cache.sql_cache_long.type=file
205 208 beaker.cache.sql_cache_long.expire=3600
206 209 beaker.cache.sql_cache_long.key_length = 256
207 210
208 211 ####################################
209 212 ### BEAKER SESSION ####
210 213 ####################################
211 214 ## Type of storage used for the session, current types are
212 215 ## dbm, file, memcached, database, and memory.
213 216 ## The storage uses the Container API
214 217 ## that is also used by the cache system.
215 218
216 219 ## db session ##
217 220 #beaker.session.type = ext:database
218 221 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/rhodecode
219 222 #beaker.session.table_name = db_session
220 223
221 224 ## encrypted cookie client side session, good for many instances ##
222 225 #beaker.session.type = cookie
223 226
224 227 ## file based cookies (default) ##
225 228 #beaker.session.type = file
226 229
227 230
228 231 beaker.session.key = rhodecode
229 232 ## secure cookie requires AES python libraries ##
230 233 #beaker.session.encrypt_key = g654dcno0-9873jhgfreyu
231 234 #beaker.session.validate_key = 9712sds2212c--zxc123
232 235 ## sets session as invalid if it haven't been accessed for given amount of time
233 236 beaker.session.timeout = 2592000
234 237 beaker.session.httponly = true
235 238 #beaker.session.cookie_path = /<your-prefix>
236 239
237 240 ## uncomment for https secure cookie ##
238 241 beaker.session.secure = false
239 242
240 243 ## auto save the session to not to use .save() ##
241 244 beaker.session.auto = False
242 245
243 246 ## default cookie expiration time in seconds `true` expire at browser close ##
244 247 #beaker.session.cookie_expires = 3600
245 248
246 249
247 250 ############################
248 251 ## ERROR HANDLING SYSTEMS ##
249 252 ############################
250 253
251 254 ####################
252 255 ### [errormator] ###
253 256 ####################
254 257
255 258 # Errormator is tailored to work with RhodeCode, see
256 259 # http://errormator.com for details how to obtain an account
257 260 # you must install python package `errormator_client` to make it work
258 261
259 262 # errormator enabled
260 263 errormator = true
261 264
262 265 errormator.server_url = https://api.errormator.com
263 266 errormator.api_key = YOUR_API_KEY
264 267
265 268 # TWEAK AMOUNT OF INFO SENT HERE
266 269
267 270 # enables 404 error logging (default False)
268 271 errormator.report_404 = false
269 272
270 273 # time in seconds after request is considered being slow (default 1)
271 274 errormator.slow_request_time = 1
272 275
273 276 # record slow requests in application
274 277 # (needs to be enabled for slow datastore recording and time tracking)
275 278 errormator.slow_requests = true
276 279
277 280 # enable hooking to application loggers
278 281 # errormator.logging = true
279 282
280 283 # minimum log level for log capture
281 284 # errormator.logging.level = WARNING
282 285
283 286 # send logs only from erroneous/slow requests
284 287 # (saves API quota for intensive logging)
285 288 errormator.logging_on_error = false
286 289
287 290 # list of additonal keywords that should be grabbed from environ object
288 291 # can be string with comma separated list of words in lowercase
289 292 # (by default client will always send following info:
290 293 # 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
291 294 # start with HTTP* this list be extended with additional keywords here
292 295 errormator.environ_keys_whitelist =
293 296
294 297
295 298 # list of keywords that should be blanked from request object
296 299 # can be string with comma separated list of words in lowercase
297 300 # (by default client will always blank keys that contain following words
298 301 # 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
299 302 # this list be extended with additional keywords set here
300 303 errormator.request_keys_blacklist =
301 304
302 305
303 306 # list of namespaces that should be ignores when gathering log entries
304 307 # can be string with comma separated list of namespaces
305 308 # (by default the client ignores own entries: errormator_client.client)
306 309 errormator.log_namespace_blacklist =
307 310
308 311
309 312 ################
310 313 ### [sentry] ###
311 314 ################
312 315
313 316 # sentry is a alternative open source error aggregator
314 317 # you must install python packages `sentry` and `raven` to enable
315 318
316 319 sentry.dsn = YOUR_DNS
317 320 sentry.servers =
318 321 sentry.name =
319 322 sentry.key =
320 323 sentry.public_key =
321 324 sentry.secret_key =
322 325 sentry.project =
323 326 sentry.site =
324 327 sentry.include_paths =
325 328 sentry.exclude_paths =
326 329
327 330
328 331 ################################################################################
329 332 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
330 333 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
331 334 ## execute malicious code after an exception is raised. ##
332 335 ################################################################################
333 336 set debug = false
334 337
335 338 ##################################
336 339 ### LOGVIEW CONFIG ###
337 340 ##################################
338 341 logview.sqlalchemy = #faa
339 342 logview.pylons.templating = #bfb
340 343 logview.pylons.util = #eee
341 344
342 345 #########################################################
343 346 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
344 347 #########################################################
345 348
346 349 # SQLITE [default]
347 350 sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db
348 351
349 352 # POSTGRESQL
350 353 # sqlalchemy.db1.url = postgresql://user:pass@localhost/rhodecode
351 354
352 355 # MySQL
353 356 # sqlalchemy.db1.url = mysql://user:pass@localhost/rhodecode
354 357
355 358 # see sqlalchemy docs for others
356 359
357 360 sqlalchemy.db1.echo = false
358 361 sqlalchemy.db1.pool_recycle = 3600
359 362 sqlalchemy.db1.convert_unicode = true
360 363
361 364 ################################
362 365 ### LOGGING CONFIGURATION ####
363 366 ################################
364 367 [loggers]
365 368 keys = root, routes, rhodecode, sqlalchemy, beaker, templates, whoosh_indexer
366 369
367 370 [handlers]
368 371 keys = console, console_sql
369 372
370 373 [formatters]
371 374 keys = generic, color_formatter, color_formatter_sql
372 375
373 376 #############
374 377 ## LOGGERS ##
375 378 #############
376 379 [logger_root]
377 380 level = NOTSET
378 381 handlers = console
379 382
380 383 [logger_routes]
381 384 level = DEBUG
382 385 handlers =
383 386 qualname = routes.middleware
384 387 # "level = DEBUG" logs the route matched and routing variables.
385 388 propagate = 1
386 389
387 390 [logger_beaker]
388 391 level = DEBUG
389 392 handlers =
390 393 qualname = beaker.container
391 394 propagate = 1
392 395
393 396 [logger_templates]
394 397 level = INFO
395 398 handlers =
396 399 qualname = pylons.templating
397 400 propagate = 1
398 401
399 402 [logger_rhodecode]
400 403 level = DEBUG
401 404 handlers =
402 405 qualname = rhodecode
403 406 propagate = 1
404 407
405 408 [logger_sqlalchemy]
406 409 level = INFO
407 410 handlers = console_sql
408 411 qualname = sqlalchemy.engine
409 412 propagate = 0
410 413
411 414 [logger_whoosh_indexer]
412 415 level = DEBUG
413 416 handlers =
414 417 qualname = whoosh_indexer
415 418 propagate = 1
416 419
417 420 ##############
418 421 ## HANDLERS ##
419 422 ##############
420 423
421 424 [handler_console]
422 425 class = StreamHandler
423 426 args = (sys.stderr,)
424 427 level = INFO
425 428 formatter = generic
426 429
427 430 [handler_console_sql]
428 431 class = StreamHandler
429 432 args = (sys.stderr,)
430 433 level = WARN
431 434 formatter = generic
432 435
433 436 ################
434 437 ## FORMATTERS ##
435 438 ################
436 439
437 440 [formatter_generic]
438 441 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
439 442 datefmt = %Y-%m-%d %H:%M:%S
440 443
441 444 [formatter_color_formatter]
442 445 class=rhodecode.lib.colored_formatter.ColorFormatter
443 446 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
444 447 datefmt = %Y-%m-%d %H:%M:%S
445 448
446 449 [formatter_color_formatter_sql]
447 450 class=rhodecode.lib.colored_formatter.ColorFormatterSql
448 451 format= %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
449 452 datefmt = %Y-%m-%d %H:%M:%S
@@ -1,66 +1,71 b''
1 1 # -*- coding: utf-8 -*-
2 2 """
3 3 rhodecode.lib.middleware.https_fixup
4 4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
5 5
6 6 middleware to handle https correctly
7 7
8 8 :created_on: May 23, 2010
9 9 :author: marcink
10 10 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
11 11 :license: GPLv3, see COPYING for more details.
12 12 """
13 13 # This program is free software: you can redistribute it and/or modify
14 14 # it under the terms of the GNU General Public License as published by
15 15 # the Free Software Foundation, either version 3 of the License, or
16 16 # (at your option) any later version.
17 17 #
18 18 # This program is distributed in the hope that it will be useful,
19 19 # but WITHOUT ANY WARRANTY; without even the implied warranty of
20 20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 21 # GNU General Public License for more details.
22 22 #
23 23 # You should have received a copy of the GNU General Public License
24 24 # along with this program. If not, see <http://www.gnu.org/licenses/>.
25 25
26 26 from pylons.controllers.util import Request
27 27 from rhodecode.lib.utils2 import str2bool
28 28
29 29
30 30 class HttpsFixup(object):
31 31
32 32 def __init__(self, app, config):
33 33 self.application = app
34 34 self.config = config
35 35
36 36 def __call__(self, environ, start_response):
37 37 self.__fixup(environ)
38 req = Request(environ)
38 debug = str2bool(self.config.get('debug'))
39 if str2bool(self.config.get('use_htsts')) and not debug:
40 req = Request(environ, self.application)
39 41 resp = req.get_response(self.application)
40 42 if environ['wsgi.url_scheme'] == 'https':
41 resp.headers['Strict-Transport-Security'] = 'max-age=8640000; includeSubDomains'
43 resp.headers['Strict-Transport-Security'] = \
44 'max-age=8640000; includeSubDomains'
42 45 return resp(environ, start_response)
43 46
47 return self.application(environ, start_response)
48
44 49 def __fixup(self, environ):
45 50 """
46 51 Function to fixup the environ as needed. In order to use this
47 52 middleware you should set this header inside your
48 53 proxy ie. nginx, apache etc.
49 54 """
50 55 # DETECT PROTOCOL !
51 56 if 'HTTP_X_URL_SCHEME' in environ:
52 57 proto = environ.get('HTTP_X_URL_SCHEME')
53 58 elif 'HTTP_X_FORWARDED_SCHEME' in environ:
54 59 proto = environ.get('HTTP_X_FORWARDED_SCHEME')
55 60 elif 'HTTP_X_FORWARDED_PROTO' in environ:
56 61 proto = environ.get('HTTP_X_FORWARDED_PROTO')
57 62 else:
58 63 proto = 'http'
59 64 org_proto = proto
60 65
61 66 # if we have force, just override
62 67 if str2bool(self.config.get('force_https')):
63 68 proto = 'https'
64 69
65 70 environ['wsgi.url_scheme'] = proto
66 71 environ['wsgi._org_proto'] = org_proto
General Comments 0
You need to be logged in to leave comments. Login now