##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

config: clarify that we only recommend and support single threaded operation...
Mads Kiilerich -
r6116:d6942b2b default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,605 +1,605 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Development config: #
4 4 # listening on *:5000 #
5 5 # sqlite and kallithea.db #
6 6 # initial_repo_scan = true #
7 7 # set debug = true #
8 8 # verbose and colorful logging #
9 9 # #
10 10 # The %(here)s variable will be replaced with the parent directory of this file#
11 11 ################################################################################
12 12 ################################################################################
13 13
14 14 [DEFAULT]
15 15 debug = true
16 16 pdebug = false
17 17
18 18 ################################################################################
19 19 ## Email settings ##
20 20 ## ##
21 21 ## Refer to the documentation ("Email settings") for more details. ##
22 22 ## ##
23 23 ## It is recommended to use a valid sender address that passes access ##
24 24 ## validation and spam filtering in mail servers. ##
25 25 ################################################################################
26 26
27 27 ## 'From' header for application emails. You can optionally add a name.
28 28 ## Default:
29 29 #app_email_from = Kallithea
30 30 ## Examples:
31 31 #app_email_from = Kallithea <kallithea-noreply@example.com>
32 32 #app_email_from = kallithea-noreply@example.com
33 33
34 34 ## Subject prefix for application emails.
35 35 ## A space between this prefix and the real subject is automatically added.
36 36 ## Default:
37 37 #email_prefix =
38 38 ## Example:
39 39 #email_prefix = [Kallithea]
40 40
41 41 ## Recipients for error emails and fallback recipients of application mails.
42 42 ## Multiple addresses can be specified, space-separated.
43 43 ## Only addresses are allowed, do not add any name part.
44 44 ## Default:
45 45 #email_to =
46 46 ## Examples:
47 47 #email_to = admin@example.com
48 48 #email_to = admin@example.com another_admin@example.com
49 49
50 50 ## 'From' header for error emails. You can optionally add a name.
51 51 ## Default:
52 52 #error_email_from = pylons@yourapp.com
53 53 ## Examples:
54 54 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
55 55 #error_email_from = paste_error@example.com
56 56
57 57 ## SMTP server settings
58 58 ## If specifying credentials, make sure to use secure connections.
59 59 ## Default: Send unencrypted unauthenticated mails to the specified smtp_server.
60 60 ## For "SSL", use smtp_use_ssl = true and smtp_port = 465.
61 61 ## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
62 62 #smtp_server = smtp.example.com
63 63 #smtp_username =
64 64 #smtp_password =
65 65 #smtp_port = 25
66 66 #smtp_use_ssl = false
67 67 #smtp_use_tls = false
68 68
69 69 [server:main]
70 70 ## PASTE ##
71 71 #use = egg:Paste#http
72 72 ## nr of worker threads to spawn
73 #threadpool_workers = 5
73 #threadpool_workers = 1
74 74 ## max request before thread respawn
75 #threadpool_max_requests = 10
75 #threadpool_max_requests = 100
76 76 ## option to use threads of process
77 77 #use_threadpool = true
78 78
79 79 ## WAITRESS ##
80 80 use = egg:waitress#main
81 81 ## number of worker threads
82 threads = 5
82 threads = 1
83 83 ## MAX BODY SIZE 100GB
84 84 max_request_body_size = 107374182400
85 85 ## use poll instead of select, fixes fd limits, may not work on old
86 86 ## windows systems.
87 87 #asyncore_use_poll = True
88 88
89 89 ## GUNICORN ##
90 90 #use = egg:gunicorn#main
91 91 ## number of process workers. You must set `instance_id = *` when this option
92 92 ## is set to more than one worker
93 93 #workers = 1
94 94 ## process name
95 95 #proc_name = kallithea
96 96 ## type of worker class, one of sync, eventlet, gevent, tornado
97 97 ## recommended for bigger setup is using of of other than sync one
98 98 #worker_class = sync
99 99 #max_requests = 1000
100 100 ## amount of time a worker can handle request before it gets killed and
101 101 ## restarted
102 102 #timeout = 3600
103 103
104 104 ## UWSGI ##
105 105 ## run with uwsgi --ini-paste-logged <inifile.ini>
106 106 #[uwsgi]
107 107 #socket = /tmp/uwsgi.sock
108 108 #master = true
109 109 #http = 127.0.0.1:5000
110 110
111 111 ## set as deamon and redirect all output to file
112 112 #daemonize = ./uwsgi_kallithea.log
113 113
114 114 ## master process PID
115 115 #pidfile = ./uwsgi_kallithea.pid
116 116
117 117 ## stats server with workers statistics, use uwsgitop
118 118 ## for monitoring, `uwsgitop 127.0.0.1:1717`
119 119 #stats = 127.0.0.1:1717
120 120 #memory-report = true
121 121
122 122 ## log 5XX errors
123 123 #log-5xx = true
124 124
125 125 ## Set the socket listen queue size.
126 126 #listen = 256
127 127
128 128 ## Gracefully Reload workers after the specified amount of managed requests
129 129 ## (avoid memory leaks).
130 130 #max-requests = 1000
131 131
132 132 ## enable large buffers
133 133 #buffer-size = 65535
134 134
135 135 ## socket and http timeouts ##
136 136 #http-timeout = 3600
137 137 #socket-timeout = 3600
138 138
139 139 ## Log requests slower than the specified number of milliseconds.
140 140 #log-slow = 10
141 141
142 142 ## Exit if no app can be loaded.
143 143 #need-app = true
144 144
145 145 ## Set lazy mode (load apps in workers instead of master).
146 146 #lazy = true
147 147
148 148 ## scaling ##
149 149 ## set cheaper algorithm to use, if not set default will be used
150 150 #cheaper-algo = spare
151 151
152 152 ## minimum number of workers to keep at all times
153 153 #cheaper = 1
154 154
155 155 ## number of workers to spawn at startup
156 156 #cheaper-initial = 1
157 157
158 158 ## maximum number of workers that can be spawned
159 159 #workers = 4
160 160
161 161 ## how many workers should be spawned at a time
162 162 #cheaper-step = 1
163 163
164 164 ## COMMON ##
165 165 #host = 127.0.0.1
166 166 host = 0.0.0.0
167 167 port = 5000
168 168
169 169 ## middleware for hosting the WSGI application under a URL prefix
170 170 #[filter:proxy-prefix]
171 171 #use = egg:PasteDeploy#prefix
172 172 #prefix = /<your-prefix>
173 173
174 174 [app:main]
175 175 use = egg:kallithea
176 176 ## enable proxy prefix middleware
177 177 #filter-with = proxy-prefix
178 178
179 179 full_stack = true
180 180 static_files = true
181 181 ## Available Languages:
182 182 ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
183 183 lang =
184 184 cache_dir = %(here)s/data
185 185 index_dir = %(here)s/data/index
186 186
187 187 ## perform a full repository scan on each server start, this should be
188 188 ## set to false after first startup, to allow faster server restarts.
189 189 #initial_repo_scan = false
190 190 initial_repo_scan = true
191 191
192 192 ## uncomment and set this path to use archive download cache
193 193 archive_cache_dir = %(here)s/tarballcache
194 194
195 195 ## change this to unique ID for security
196 196 app_instance_uuid = development-not-secret
197 197
198 198 ## cut off limit for large diffs (size in bytes)
199 199 cut_off_limit = 256000
200 200
201 201 ## force https in Kallithea, fixes https redirects, assumes it's always https
202 202 force_https = false
203 203
204 204 ## use Strict-Transport-Security headers
205 205 use_htsts = false
206 206
207 207 ## number of commits stats will parse on each iteration
208 208 commit_parse_limit = 25
209 209
210 210 ## path to git executable
211 211 git_path = git
212 212
213 213 ## git rev filter option, --all is the default filter, if you need to
214 214 ## hide all refs in changelog switch this to --branches --tags
215 215 #git_rev_filter = --branches --tags
216 216
217 217 ## RSS feed options
218 218 rss_cut_off_limit = 256000
219 219 rss_items_per_page = 10
220 220 rss_include_diff = false
221 221
222 222 ## options for showing and identifying changesets
223 223 show_sha_length = 12
224 224 show_revision_number = false
225 225
226 226 ## Canonical URL to use when creating full URLs in UI and texts.
227 227 ## Useful when the site is available under different names or protocols.
228 228 ## Defaults to what is provided in the WSGI environment.
229 229 #canonical_url = https://kallithea.example.com/repos
230 230
231 231 ## gist URL alias, used to create nicer urls for gist. This should be an
232 232 ## url that does rewrites to _admin/gists/<gistid>.
233 233 ## example: http://gist.example.com/{gistid}. Empty means use the internal
234 234 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
235 235 gist_alias_url =
236 236
237 237 ## white list of API enabled controllers. This allows to add list of
238 238 ## controllers to which access will be enabled by api_key. eg: to enable
239 239 ## api access to raw_files put `FilesController:raw`, to enable access to patches
240 240 ## add `ChangesetController:changeset_patch`. This list should be "," separated
241 241 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
242 242 ## Recommended settings below are commented out:
243 243 api_access_controllers_whitelist =
244 244 # ChangesetController:changeset_patch,
245 245 # ChangesetController:changeset_raw,
246 246 # FilesController:raw,
247 247 # FilesController:archivefile
248 248
249 249 ## default encoding used to convert from and to unicode
250 250 ## can be also a comma separated list of encoding in case of mixed encodings
251 251 default_encoding = utf8
252 252
253 253 ## issue tracker for Kallithea (leave blank to disable, absent for default)
254 254 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
255 255
256 256 ## issue tracking mapping for commits messages
257 257 ## comment out issue_pat, issue_server, issue_prefix to enable
258 258
259 259 ## pattern to get the issues from commit messages
260 260 ## default one used here is #<numbers> with a regex passive group for `#`
261 261 ## {id} will be all groups matched from this pattern
262 262
263 263 issue_pat = (?:\s*#)(\d+)
264 264
265 265 ## server url to the issue, each {id} will be replaced with match
266 266 ## fetched from the regex and {repo} is replaced with full repository name
267 267 ## including groups {repo_name} is replaced with just name of repo
268 268
269 269 issue_server_link = https://issues.example.com/{repo}/issue/{id}
270 270
271 271 ## prefix to add to link to indicate it's an url
272 272 ## #314 will be replaced by <issue_prefix><id>
273 273
274 274 issue_prefix = #
275 275
276 276 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
277 277 ## multiple patterns, to other issues server, wiki or others
278 278 ## below an example how to create a wiki pattern
279 279 # wiki-some-id -> https://wiki.example.com/some-id
280 280
281 281 #issue_pat_wiki = (?:wiki-)(.+)
282 282 #issue_server_link_wiki = https://wiki.example.com/{id}
283 283 #issue_prefix_wiki = WIKI-
284 284
285 285 ## alternative return HTTP header for failed authentication. Default HTTP
286 286 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
287 287 ## handling that. Set this variable to 403 to return HTTPForbidden
288 288 auth_ret_code =
289 289
290 290 ## locking return code. When repository is locked return this HTTP code. 2XX
291 291 ## codes don't break the transactions while 4XX codes do
292 292 lock_ret_code = 423
293 293
294 294 ## allows to change the repository location in settings page
295 295 allow_repo_location_change = True
296 296
297 297 ## allows to setup custom hooks in settings page
298 298 allow_custom_hooks_settings = True
299 299
300 300 ## extra extensions for indexing, space separated and without the leading '.'.
301 301 # index.extensions =
302 302 # gemfile
303 303 # lock
304 304
305 305 ## extra filenames for indexing, space separated
306 306 # index.filenames =
307 307 # .dockerignore
308 308 # .editorconfig
309 309 # INSTALL
310 310 # CHANGELOG
311 311
312 312 ####################################
313 313 ### CELERY CONFIG ####
314 314 ####################################
315 315
316 316 use_celery = false
317 317 broker.host = localhost
318 318 broker.vhost = rabbitmqhost
319 319 broker.port = 5672
320 320 broker.user = rabbitmq
321 321 broker.password = qweqwe
322 322
323 323 celery.imports = kallithea.lib.celerylib.tasks
324 324
325 325 celery.result.backend = amqp
326 326 celery.result.dburi = amqp://
327 327 celery.result.serialier = json
328 328
329 329 #celery.send.task.error.emails = true
330 330 #celery.amqp.task.result.expires = 18000
331 331
332 332 celeryd.concurrency = 2
333 333 #celeryd.log.file = celeryd.log
334 334 celeryd.log.level = DEBUG
335 335 celeryd.max.tasks.per.child = 1
336 336
337 337 ## tasks will never be sent to the queue, but executed locally instead.
338 338 celery.always.eager = false
339 339
340 340 ####################################
341 341 ### BEAKER CACHE ####
342 342 ####################################
343 343
344 344 beaker.cache.data_dir = %(here)s/data/cache/data
345 345 beaker.cache.lock_dir = %(here)s/data/cache/lock
346 346
347 347 beaker.cache.regions = short_term,long_term,sql_cache_short
348 348
349 349 beaker.cache.short_term.type = memory
350 350 beaker.cache.short_term.expire = 60
351 351 beaker.cache.short_term.key_length = 256
352 352
353 353 beaker.cache.long_term.type = memory
354 354 beaker.cache.long_term.expire = 36000
355 355 beaker.cache.long_term.key_length = 256
356 356
357 357 beaker.cache.sql_cache_short.type = memory
358 358 beaker.cache.sql_cache_short.expire = 10
359 359 beaker.cache.sql_cache_short.key_length = 256
360 360
361 361 ####################################
362 362 ### BEAKER SESSION ####
363 363 ####################################
364 364
365 365 ## Name of session cookie. Should be unique for a given host and path, even when running
366 366 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
367 367 beaker.session.key = kallithea
368 368 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
369 369 beaker.session.httponly = true
370 370 ## Session lifetime. 2592000 seconds is 30 days.
371 371 beaker.session.timeout = 2592000
372 372
373 373 ## Server secret used with HMAC to ensure integrity of cookies.
374 374 beaker.session.secret = development-not-secret
375 375 ## Further, encrypt the data with AES.
376 376 #beaker.session.encrypt_key = <key_for_encryption>
377 377 #beaker.session.validate_key = <validation_key>
378 378
379 379 ## Type of storage used for the session, current types are
380 380 ## dbm, file, memcached, database, and memory.
381 381
382 382 ## File system storage of session data. (default)
383 383 #beaker.session.type = file
384 384
385 385 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
386 386 #beaker.session.type = cookie
387 387
388 388 ## Database storage of session data.
389 389 #beaker.session.type = ext:database
390 390 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
391 391 #beaker.session.table_name = db_session
392 392
393 393 ############################
394 394 ## ERROR HANDLING SYSTEMS ##
395 395 ############################
396 396
397 397 ####################
398 398 ### [errormator] ###
399 399 ####################
400 400
401 401 ## Errormator is tailored to work with Kallithea, see
402 402 ## http://errormator.com for details how to obtain an account
403 403 ## you must install python package `errormator_client` to make it work
404 404
405 405 ## errormator enabled
406 406 errormator = false
407 407
408 408 errormator.server_url = https://api.errormator.com
409 409 errormator.api_key = YOUR_API_KEY
410 410
411 411 ## TWEAK AMOUNT OF INFO SENT HERE
412 412
413 413 ## enables 404 error logging (default False)
414 414 errormator.report_404 = false
415 415
416 416 ## time in seconds after request is considered being slow (default 1)
417 417 errormator.slow_request_time = 1
418 418
419 419 ## record slow requests in application
420 420 ## (needs to be enabled for slow datastore recording and time tracking)
421 421 errormator.slow_requests = true
422 422
423 423 ## enable hooking to application loggers
424 424 #errormator.logging = true
425 425
426 426 ## minimum log level for log capture
427 427 #errormator.logging.level = WARNING
428 428
429 429 ## send logs only from erroneous/slow requests
430 430 ## (saves API quota for intensive logging)
431 431 errormator.logging_on_error = false
432 432
433 433 ## list of additional keywords that should be grabbed from environ object
434 434 ## can be string with comma separated list of words in lowercase
435 435 ## (by default client will always send following info:
436 436 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
437 437 ## start with HTTP* this list be extended with additional keywords here
438 438 errormator.environ_keys_whitelist =
439 439
440 440 ## list of keywords that should be blanked from request object
441 441 ## can be string with comma separated list of words in lowercase
442 442 ## (by default client will always blank keys that contain following words
443 443 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
444 444 ## this list be extended with additional keywords set here
445 445 errormator.request_keys_blacklist =
446 446
447 447 ## list of namespaces that should be ignores when gathering log entries
448 448 ## can be string with comma separated list of namespaces
449 449 ## (by default the client ignores own entries: errormator_client.client)
450 450 errormator.log_namespace_blacklist =
451 451
452 452 ################
453 453 ### [sentry] ###
454 454 ################
455 455
456 456 ## sentry is a alternative open source error aggregator
457 457 ## you must install python packages `sentry` and `raven` to enable
458 458
459 459 sentry.dsn = YOUR_DNS
460 460 sentry.servers =
461 461 sentry.name =
462 462 sentry.key =
463 463 sentry.public_key =
464 464 sentry.secret_key =
465 465 sentry.project =
466 466 sentry.site =
467 467 sentry.include_paths =
468 468 sentry.exclude_paths =
469 469
470 470 ################################################################################
471 471 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
472 472 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
473 473 ## execute malicious code after an exception is raised. ##
474 474 ################################################################################
475 475 #set debug = false
476 476 set debug = true
477 477
478 478 ##################################
479 479 ### LOGVIEW CONFIG ###
480 480 ##################################
481 481
482 482 logview.sqlalchemy = #faa
483 483 logview.pylons.templating = #bfb
484 484 logview.pylons.util = #eee
485 485
486 486 #########################################################
487 487 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
488 488 #########################################################
489 489
490 490 # SQLITE [default]
491 491 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
492 492
493 493 # POSTGRESQL
494 494 #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
495 495
496 496 # MySQL
497 497 #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea?charset=utf8
498 498
499 499 # see sqlalchemy docs for others
500 500
501 501 sqlalchemy.db1.echo = false
502 502 sqlalchemy.db1.pool_recycle = 3600
503 503
504 504 ################################
505 505 ### ALEMBIC CONFIGURATION ####
506 506 ################################
507 507
508 508 [alembic]
509 509 script_location = kallithea:alembic
510 510
511 511 ################################
512 512 ### LOGGING CONFIGURATION ####
513 513 ################################
514 514
515 515 [loggers]
516 516 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
517 517
518 518 [handlers]
519 519 keys = console, console_sql
520 520
521 521 [formatters]
522 522 keys = generic, color_formatter, color_formatter_sql
523 523
524 524 #############
525 525 ## LOGGERS ##
526 526 #############
527 527
528 528 [logger_root]
529 529 level = NOTSET
530 530 handlers = console
531 531
532 532 [logger_routes]
533 533 level = DEBUG
534 534 handlers =
535 535 qualname = routes.middleware
536 536 ## "level = DEBUG" logs the route matched and routing variables.
537 537 propagate = 1
538 538
539 539 [logger_beaker]
540 540 level = DEBUG
541 541 handlers =
542 542 qualname = beaker.container
543 543 propagate = 1
544 544
545 545 [logger_templates]
546 546 level = INFO
547 547 handlers =
548 548 qualname = pylons.templating
549 549 propagate = 1
550 550
551 551 [logger_kallithea]
552 552 level = DEBUG
553 553 handlers =
554 554 qualname = kallithea
555 555 propagate = 1
556 556
557 557 [logger_sqlalchemy]
558 558 level = INFO
559 559 handlers = console_sql
560 560 qualname = sqlalchemy.engine
561 561 propagate = 0
562 562
563 563 [logger_whoosh_indexer]
564 564 level = DEBUG
565 565 handlers =
566 566 qualname = whoosh_indexer
567 567 propagate = 1
568 568
569 569 ##############
570 570 ## HANDLERS ##
571 571 ##############
572 572
573 573 [handler_console]
574 574 class = StreamHandler
575 575 args = (sys.stderr,)
576 576 #level = INFO
577 577 level = DEBUG
578 578 #formatter = generic
579 579 formatter = color_formatter
580 580
581 581 [handler_console_sql]
582 582 class = StreamHandler
583 583 args = (sys.stderr,)
584 584 #level = WARN
585 585 level = DEBUG
586 586 #formatter = generic
587 587 formatter = color_formatter_sql
588 588
589 589 ################
590 590 ## FORMATTERS ##
591 591 ################
592 592
593 593 [formatter_generic]
594 594 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
595 595 datefmt = %Y-%m-%d %H:%M:%S
596 596
597 597 [formatter_color_formatter]
598 598 class = kallithea.lib.colored_formatter.ColorFormatter
599 599 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
600 600 datefmt = %Y-%m-%d %H:%M:%S
601 601
602 602 [formatter_color_formatter_sql]
603 603 class = kallithea.lib.colored_formatter.ColorFormatterSql
604 604 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
605 605 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,864 +1,863 b''
1 1 .. _setup:
2 2
3 3 =====
4 4 Setup
5 5 =====
6 6
7 7
8 8 Setting up Kallithea
9 9 --------------------
10 10
11 11 First, you will need to create a Kallithea configuration file. Run the
12 12 following command to do so::
13 13
14 14 paster make-config Kallithea my.ini
15 15
16 16 This will create the file ``my.ini`` in the current directory. This
17 17 configuration file contains the various settings for Kallithea, e.g.
18 18 proxy port, email settings, usage of static files, cache, Celery
19 19 settings, and logging.
20 20
21 21 Next, you need to create the databases used by Kallithea. It is recommended to
22 22 use PostgreSQL or SQLite (default). If you choose a database other than the
23 23 default, ensure you properly adjust the database URL in your ``my.ini``
24 24 configuration file to use this other database. Kallithea currently supports
25 25 PostgreSQL, SQLite and MySQL databases. Create the database by running
26 26 the following command::
27 27
28 28 paster setup-db my.ini
29 29
30 30 This will prompt you for a "root" path. This "root" path is the location where
31 31 Kallithea will store all of its repositories on the current machine. After
32 32 entering this "root" path ``setup-db`` will also prompt you for a username
33 33 and password for the initial admin account which ``setup-db`` sets
34 34 up for you.
35 35
36 36 The ``setup-db`` values can also be given on the command line.
37 37 Example::
38 38
39 39 paster setup-db my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
40 40
41 41 The ``setup-db`` command will create all needed tables and an
42 42 admin account. When choosing a root path you can either use a new
43 43 empty location, or a location which already contains existing
44 44 repositories. If you choose a location which contains existing
45 45 repositories Kallithea will add all of the repositories at the chosen
46 46 location to its database. (Note: make sure you specify the correct
47 47 path to the root).
48 48
49 49 .. note:: the given path for Mercurial_ repositories **must** be write
50 50 accessible for the application. It's very important since
51 51 the Kallithea web interface will work without write access,
52 52 but when trying to do a push it will fail with permission
53 53 denied errors unless it has write access.
54 54
55 55 You are now ready to use Kallithea. To run it simply execute::
56 56
57 57 paster serve my.ini
58 58
59 59 - This command runs the Kallithea server. The web app should be available at
60 60 http://127.0.0.1:5000. The IP address and port is configurable via the
61 61 configuration file created in the previous step.
62 62 - Log in to Kallithea using the admin account created when running ``setup-db``.
63 63 - The default permissions on each repository is read, and the owner is admin.
64 64 Remember to update these if needed.
65 65 - In the admin panel you can toggle LDAP, anonymous, and permissions
66 66 settings, as well as edit more advanced options on users and
67 67 repositories.
68 68
69 69
70 70 Using Kallithea with SSH
71 71 ------------------------
72 72
73 73 Kallithea currently only hosts repositories using http and https. (The addition
74 74 of ssh hosting is a planned future feature.) However you can easily use ssh in
75 75 parallel with Kallithea. (Repository access via ssh is a standard "out of
76 76 the box" feature of Mercurial_ and you can use this to access any of the
77 77 repositories that Kallithea is hosting. See PublishingRepositories_)
78 78
79 79 Kallithea repository structures are kept in directories with the same name
80 80 as the project. When using repository groups, each group is a subdirectory.
81 81 This allows you to easily use ssh for accessing repositories.
82 82
83 83 In order to use ssh you need to make sure that your web server and the users'
84 84 login accounts have the correct permissions set on the appropriate directories.
85 85
86 86 .. note:: These permissions are independent of any permissions you
87 87 have set up using the Kallithea web interface.
88 88
89 89 If your main directory (the same as set in Kallithea settings) is for
90 90 example set to ``/srv/repos`` and the repository you are using is
91 91 named ``kallithea``, then to clone via ssh you should run::
92 92
93 93 hg clone ssh://user@kallithea.example.com/srv/repos/kallithea
94 94
95 95 Using other external tools such as mercurial-server_ or using ssh key-based
96 96 authentication is fully supported.
97 97
98 98 .. note:: In an advanced setup, in order for your ssh access to use
99 99 the same permissions as set up via the Kallithea web
100 100 interface, you can create an authentication hook to connect
101 101 to the Kallithea db and run check functions for permissions
102 102 against that.
103 103
104 104
105 105 Setting up Whoosh full text search
106 106 ----------------------------------
107 107
108 108 Kallithea provides full text search of repositories using `Whoosh`__.
109 109
110 110 .. __: https://pythonhosted.org/Whoosh/
111 111
112 112 For an incremental index build, run::
113 113
114 114 paster make-index my.ini
115 115
116 116 For a full index rebuild, run::
117 117
118 118 paster make-index my.ini -f
119 119
120 120 The ``--repo-location`` option allows the location of the repositories to be overridden;
121 121 usually, the location is retrieved from the Kallithea database.
122 122
123 123 The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
124 124
125 125 paster make-index my.ini --index-only=vcs,kallithea
126 126
127 127 To keep your index up-to-date it is necessary to do periodic index builds;
128 128 for this, it is recommended to use a crontab entry. Example::
129 129
130 130 0 3 * * * /path/to/virtualenv/bin/paster make-index /path/to/kallithea/my.ini
131 131
132 132 When using incremental mode (the default), Whoosh will check the last
133 133 modification date of each file and add it to be reindexed if a newer file is
134 134 available. The indexing daemon checks for any removed files and removes them
135 135 from index.
136 136
137 137 If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
138 138 or in the admin panel you can check the "build from scratch" checkbox.
139 139
140 140 .. _ldap-setup:
141 141
142 142
143 143 Setting up LDAP support
144 144 -----------------------
145 145
146 146 Kallithea supports LDAP authentication. In order
147 147 to use LDAP, you have to install the python-ldap_ package. This package is
148 148 available via PyPI, so you can install it by running::
149 149
150 150 pip install python-ldap
151 151
152 152 .. note:: ``python-ldap`` requires some libraries to be installed on
153 153 your system, so before installing it check that you have at
154 154 least the ``openldap`` and ``sasl`` libraries.
155 155
156 156 Choose *Admin > Authentication*, click the ``kallithea.lib.auth_modules.auth_ldap`` button
157 157 and then *Save*, to enable the LDAP plugin and configure its settings.
158 158
159 159 Here's a typical LDAP setup::
160 160
161 161 Connection settings
162 162 Enable LDAP = checked
163 163 Host = host.example.com
164 164 Port = 389
165 165 Account = <account>
166 166 Password = <password>
167 167 Connection Security = LDAPS connection
168 168 Certificate Checks = DEMAND
169 169
170 170 Search settings
171 171 Base DN = CN=users,DC=host,DC=example,DC=org
172 172 LDAP Filter = (&(objectClass=user)(!(objectClass=computer)))
173 173 LDAP Search Scope = SUBTREE
174 174
175 175 Attribute mappings
176 176 Login Attribute = uid
177 177 First Name Attribute = firstName
178 178 Last Name Attribute = lastName
179 179 Email Attribute = mail
180 180
181 181 If your user groups are placed in an Organisation Unit (OU) structure, the Search Settings configuration differs::
182 182
183 183 Search settings
184 184 Base DN = DC=host,DC=example,DC=org
185 185 LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user))
186 186 LDAP Search Scope = SUBTREE
187 187
188 188 .. _enable_ldap:
189 189
190 190 Enable LDAP : required
191 191 Whether to use LDAP for authenticating users.
192 192
193 193 .. _ldap_host:
194 194
195 195 Host : required
196 196 LDAP server hostname or IP address. Can be also a comma separated
197 197 list of servers to support LDAP fail-over.
198 198
199 199 .. _Port:
200 200
201 201 Port : required
202 202 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP.
203 203
204 204 .. _ldap_account:
205 205
206 206 Account : optional
207 207 Only required if the LDAP server does not allow anonymous browsing of
208 208 records. This should be a special account for record browsing. This
209 209 will require `LDAP Password`_ below.
210 210
211 211 .. _LDAP Password:
212 212
213 213 Password : optional
214 214 Only required if the LDAP server does not allow anonymous browsing of
215 215 records.
216 216
217 217 .. _Enable LDAPS:
218 218
219 219 Connection Security : required
220 220 Defines the connection to LDAP server
221 221
222 222 No encryption
223 223 Plain non encrypted connection
224 224
225 225 LDAPS connection
226 226 Enable LDAPS connections. It will likely require `Port`_ to be set to
227 227 a different value (standard LDAPS port is 636). When LDAPS is enabled
228 228 then `Certificate Checks`_ is required.
229 229
230 230 START_TLS on LDAP connection
231 231 START TLS connection
232 232
233 233 .. _Certificate Checks:
234 234
235 235 Certificate Checks : optional
236 236 How SSL certificates verification is handled -- this is only useful when
237 237 `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security
238 238 while the other options are susceptible to man-in-the-middle attacks. SSL
239 239 certificates can be installed to /etc/openldap/cacerts so that the
240 240 DEMAND or HARD options can be used with self-signed certificates or
241 241 certificates that do not have traceable certificates of authority.
242 242
243 243 NEVER
244 244 A serve certificate will never be requested or checked.
245 245
246 246 ALLOW
247 247 A server certificate is requested. Failure to provide a
248 248 certificate or providing a bad certificate will not terminate the
249 249 session.
250 250
251 251 TRY
252 252 A server certificate is requested. Failure to provide a
253 253 certificate does not halt the session; providing a bad certificate
254 254 halts the session.
255 255
256 256 DEMAND
257 257 A server certificate is requested and must be provided and
258 258 authenticated for the session to proceed.
259 259
260 260 HARD
261 261 The same as DEMAND.
262 262
263 263 .. _Base DN:
264 264
265 265 Base DN : required
266 266 The Distinguished Name (DN) where searches for users will be performed.
267 267 Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_.
268 268
269 269 .. _LDAP Filter:
270 270
271 271 LDAP Filter : optional
272 272 A LDAP filter defined by RFC 2254. This is more useful when `LDAP
273 273 Search Scope`_ is set to SUBTREE. The filter is useful for limiting
274 274 which LDAP objects are identified as representing Users for
275 275 authentication. The filter is augmented by `Login Attribute`_ below.
276 276 This can commonly be left blank.
277 277
278 278 .. _LDAP Search Scope:
279 279
280 280 LDAP Search Scope : required
281 281 This limits how far LDAP will search for a matching object.
282 282
283 283 BASE
284 284 Only allows searching of `Base DN`_ and is usually not what you
285 285 want.
286 286
287 287 ONELEVEL
288 288 Searches all entries under `Base DN`_, but not Base DN itself.
289 289
290 290 SUBTREE
291 291 Searches all entries below `Base DN`_, but not Base DN itself.
292 292 When using SUBTREE `LDAP Filter`_ is useful to limit object
293 293 location.
294 294
295 295 .. _Login Attribute:
296 296
297 297 Login Attribute : required
298 298 The LDAP record attribute that will be matched as the USERNAME or
299 299 ACCOUNT used to connect to Kallithea. This will be added to `LDAP
300 300 Filter`_ for locating the User object. If `LDAP Filter`_ is specified as
301 301 "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has
302 302 connected as "jsmith" then the `LDAP Filter`_ will be augmented as below
303 303 ::
304 304
305 305 (&(LDAPFILTER)(uid=jsmith))
306 306
307 307 .. _ldap_attr_firstname:
308 308
309 309 First Name Attribute : required
310 310 The LDAP record attribute which represents the user's first name.
311 311
312 312 .. _ldap_attr_lastname:
313 313
314 314 Last Name Attribute : required
315 315 The LDAP record attribute which represents the user's last name.
316 316
317 317 .. _ldap_attr_email:
318 318
319 319 Email Attribute : required
320 320 The LDAP record attribute which represents the user's email address.
321 321
322 322 If all data are entered correctly, and python-ldap_ is properly installed
323 323 users should be granted access to Kallithea with LDAP accounts. At this
324 324 time user information is copied from LDAP into the Kallithea user database.
325 325 This means that updates of an LDAP user object may not be reflected as a
326 326 user update in Kallithea.
327 327
328 328 If You have problems with LDAP access and believe You entered correct
329 329 information check out the Kallithea logs, any error messages sent from LDAP
330 330 will be saved there.
331 331
332 332 Active Directory
333 333 ^^^^^^^^^^^^^^^^
334 334
335 335 Kallithea can use Microsoft Active Directory for user authentication. This
336 336 is done through an LDAP or LDAPS connection to Active Directory. The
337 337 following LDAP configuration settings are typical for using Active
338 338 Directory ::
339 339
340 340 Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local
341 341 Login Attribute = sAMAccountName
342 342 First Name Attribute = givenName
343 343 Last Name Attribute = sn
344 344 Email Attribute = mail
345 345
346 346 All other LDAP settings will likely be site-specific and should be
347 347 appropriately configured.
348 348
349 349
350 350 Authentication by container or reverse-proxy
351 351 --------------------------------------------
352 352
353 353 Kallithea supports delegating the authentication
354 354 of users to its WSGI container, or to a reverse-proxy server through which all
355 355 clients access the application.
356 356
357 357 When these authentication methods are enabled in Kallithea, it uses the
358 358 username that the container/proxy (Apache or Nginx, etc.) provides and doesn't
359 359 perform the authentication itself. The authorization, however, is still done by
360 360 Kallithea according to its settings.
361 361
362 362 When a user logs in for the first time using these authentication methods,
363 363 a matching user account is created in Kallithea with default permissions. An
364 364 administrator can then modify it using Kallithea's admin interface.
365 365
366 366 It's also possible for an administrator to create accounts and configure their
367 367 permissions before the user logs in for the first time, using the :ref:`create-user` API.
368 368
369 369 Container-based authentication
370 370 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
371 371
372 372 In a container-based authentication setup, Kallithea reads the user name from
373 373 the ``REMOTE_USER`` server variable provided by the WSGI container.
374 374
375 375 After setting up your container (see `Apache with mod_wsgi`_), you'll need
376 376 to configure it to require authentication on the location configured for
377 377 Kallithea.
378 378
379 379 Proxy pass-through authentication
380 380 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
381 381
382 382 In a proxy pass-through authentication setup, Kallithea reads the user name
383 383 from the ``X-Forwarded-User`` request header, which should be configured to be
384 384 sent by the reverse-proxy server.
385 385
386 386 After setting up your proxy solution (see `Apache virtual host reverse proxy example`_,
387 387 `Apache as subdirectory`_ or `Nginx virtual host example`_), you'll need to
388 388 configure the authentication and add the username in a request header named
389 389 ``X-Forwarded-User``.
390 390
391 391 For example, the following config section for Apache sets a subdirectory in a
392 392 reverse-proxy setup with basic auth:
393 393
394 394 .. code-block:: apache
395 395
396 396 <Location /someprefix>
397 397 ProxyPass http://127.0.0.1:5000/someprefix
398 398 ProxyPassReverse http://127.0.0.1:5000/someprefix
399 399 SetEnvIf X-Url-Scheme https HTTPS=1
400 400
401 401 AuthType Basic
402 402 AuthName "Kallithea authentication"
403 403 AuthUserFile /srv/kallithea/.htpasswd
404 404 Require valid-user
405 405
406 406 RequestHeader unset X-Forwarded-User
407 407
408 408 RewriteEngine On
409 409 RewriteCond %{LA-U:REMOTE_USER} (.+)
410 410 RewriteRule .* - [E=RU:%1]
411 411 RequestHeader set X-Forwarded-User %{RU}e
412 412 </Location>
413 413
414 414 Setting metadata in container/reverse-proxy
415 415 """""""""""""""""""""""""""""""""""""""""""
416 416 When a new user account is created on the first login, Kallithea has no information about
417 417 the user's email and full name. So you can set some additional request headers like in the
418 418 example below. In this example the user is authenticated via Kerberos and an Apache
419 419 mod_python fixup handler is used to get the user information from a LDAP server. But you
420 420 could set the request headers however you want.
421 421
422 422 .. code-block:: apache
423 423
424 424 <Location /someprefix>
425 425 ProxyPass http://127.0.0.1:5000/someprefix
426 426 ProxyPassReverse http://127.0.0.1:5000/someprefix
427 427 SetEnvIf X-Url-Scheme https HTTPS=1
428 428
429 429 AuthName "Kerberos Login"
430 430 AuthType Kerberos
431 431 Krb5Keytab /etc/apache2/http.keytab
432 432 KrbMethodK5Passwd off
433 433 KrbVerifyKDC on
434 434 Require valid-user
435 435
436 436 PythonFixupHandler ldapmetadata
437 437
438 438 RequestHeader set X_REMOTE_USER %{X_REMOTE_USER}e
439 439 RequestHeader set X_REMOTE_EMAIL %{X_REMOTE_EMAIL}e
440 440 RequestHeader set X_REMOTE_FIRSTNAME %{X_REMOTE_FIRSTNAME}e
441 441 RequestHeader set X_REMOTE_LASTNAME %{X_REMOTE_LASTNAME}e
442 442 </Location>
443 443
444 444 .. code-block:: python
445 445
446 446 from mod_python import apache
447 447 import ldap
448 448
449 449 LDAP_SERVER = "ldap://server.mydomain.com:389"
450 450 LDAP_USER = ""
451 451 LDAP_PASS = ""
452 452 LDAP_ROOT = "dc=mydomain,dc=com"
453 453 LDAP_FILTER = "sAMAccountName=%s"
454 454 LDAP_ATTR_LIST = ['sAMAccountName','givenname','sn','mail']
455 455
456 456 def fixuphandler(req):
457 457 if req.user is None:
458 458 # no user to search for
459 459 return apache.OK
460 460 else:
461 461 try:
462 462 if('\\' in req.user):
463 463 username = req.user.split('\\')[1]
464 464 elif('@' in req.user):
465 465 username = req.user.split('@')[0]
466 466 else:
467 467 username = req.user
468 468 l = ldap.initialize(LDAP_SERVER)
469 469 l.simple_bind_s(LDAP_USER, LDAP_PASS)
470 470 r = l.search_s(LDAP_ROOT, ldap.SCOPE_SUBTREE, LDAP_FILTER % username, attrlist=LDAP_ATTR_LIST)
471 471
472 472 req.subprocess_env['X_REMOTE_USER'] = username
473 473 req.subprocess_env['X_REMOTE_EMAIL'] = r[0][1]['mail'][0].lower()
474 474 req.subprocess_env['X_REMOTE_FIRSTNAME'] = "%s" % r[0][1]['givenname'][0]
475 475 req.subprocess_env['X_REMOTE_LASTNAME'] = "%s" % r[0][1]['sn'][0]
476 476 except Exception, e:
477 477 apache.log_error("error getting data from ldap %s" % str(e), apache.APLOG_ERR)
478 478
479 479 return apache.OK
480 480
481 481 .. note::
482 482 If you enable proxy pass-through authentication, make sure your server is
483 483 only accessible through the proxy. Otherwise, any client would be able to
484 484 forge the authentication header and could effectively become authenticated
485 485 using any account of their liking.
486 486
487 487
488 488 Integration with issue trackers
489 489 -------------------------------
490 490
491 491 Kallithea provides a simple integration with issue trackers. It's possible
492 492 to define a regular expression that will match an issue ID in commit messages,
493 493 and have that replaced with a URL to the issue. To enable this simply
494 494 uncomment the following variables in the ini file::
495 495
496 496 issue_pat = (?:^#|\s#)(\w+)
497 497 issue_server_link = https://issues.example.com/{repo}/issue/{id}
498 498 issue_prefix = #
499 499
500 500 ``issue_pat`` is the regular expression describing which strings in
501 501 commit messages will be treated as issue references. A match group in
502 502 parentheses should be used to specify the actual issue id.
503 503
504 504 The default expression matches issues in the format ``#<number>``, e.g., ``#300``.
505 505
506 506 Matched issue references are replaced with the link specified in
507 507 ``issue_server_link``. ``{id}`` is replaced with the issue ID, and
508 508 ``{repo}`` with the repository name. Since the # is stripped away,
509 509 ``issue_prefix`` is prepended to the link text. ``issue_prefix`` doesn't
510 510 necessarily need to be ``#``: if you set issue prefix to ``ISSUE-`` this will
511 511 generate a URL in the format:
512 512
513 513 .. code-block:: html
514 514
515 515 <a href="https://issues.example.com/example_repo/issue/300">ISSUE-300</a>
516 516
517 517 If needed, more than one pattern can be specified by appending a unique suffix to
518 518 the variables. For example::
519 519
520 520 issue_pat_wiki = (?:wiki-)(.+)
521 521 issue_server_link_wiki = https://wiki.example.com/{id}
522 522 issue_prefix_wiki = WIKI-
523 523
524 524 With these settings, wiki pages can be referenced as wiki-some-id, and every
525 525 such reference will be transformed into:
526 526
527 527 .. code-block:: html
528 528
529 529 <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
530 530
531 531
532 532 Hook management
533 533 ---------------
534 534
535 535 Hooks can be managed in similar way to that used in ``.hgrc`` files.
536 536 To manage hooks, choose *Admin > Settings > Hooks*.
537 537
538 538 The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
539 539
540 540 To add another custom hook simply fill in the first textbox with
541 541 ``<name>.<hook_type>`` and the second with the hook path. Example hooks
542 542 can be found in ``kallithea.lib.hooks``.
543 543
544 544
545 545 Changing default encoding
546 546 -------------------------
547 547
548 548 By default, Kallithea uses UTF-8 encoding.
549 549 This is configurable as ``default_encoding`` in the .ini file.
550 550 This affects many parts in Kallithea including user names, filenames, and
551 551 encoding of commit messages. In addition Kallithea can detect if the ``chardet``
552 552 library is installed. If ``chardet`` is detected Kallithea will fallback to it
553 553 when there are encode/decode errors.
554 554
555 555
556 556 Celery configuration
557 557 --------------------
558 558
559 559 Kallithea can use the distributed task queue system Celery_ to run tasks like
560 560 cloning repositories or sending emails.
561 561
562 562 Kallithea will in most setups work perfectly fine out of the box (without
563 563 Celery), executing all tasks in the web server process. Some tasks can however
564 564 take some time to run and it can be better to run such tasks asynchronously in
565 565 a separate process so the web server can focus on serving web requests.
566 566
567 567 For installation and configuration of Celery, see the `Celery documentation`_.
568 568 Note that Celery requires a message broker service like RabbitMQ_ (recommended)
569 569 or Redis_.
570 570
571 571 The use of Celery is configured in the Kallithea ini configuration file.
572 572 To enable it, simply set::
573 573
574 574 use_celery = true
575 575
576 576 and add or change the ``celery.*`` and ``broker.*`` configuration variables.
577 577
578 578 Remember that the ini files use the format with '.' and not with '_' like
579 579 Celery. So for example setting `BROKER_HOST` in Celery means setting
580 580 `broker.host` in the configuration file.
581 581
582 582 To start the Celery process, run::
583 583
584 584 paster celeryd <configfile.ini>
585 585
586 586 .. note::
587 587 Make sure you run this command from the same virtualenv, and with the same
588 588 user that Kallithea runs.
589 589
590 590
591 591 HTTPS support
592 592 -------------
593 593
594 594 Kallithea will by default generate URLs based on the WSGI environment.
595 595
596 596 Alternatively, you can use some special configuration settings to control
597 597 directly which scheme/protocol Kallithea will use when generating URLs:
598 598
599 599 - With ``https_fixup = true``, the scheme will be taken from the
600 600 ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
601 601 (default ``http``).
602 602 - With ``force_https = true`` the default will be ``https``.
603 603 - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
604 604
605 605
606 606 Nginx virtual host example
607 607 --------------------------
608 608
609 609 Sample config for Nginx using proxy:
610 610
611 611 .. code-block:: nginx
612 612
613 613 upstream kallithea {
614 614 server 127.0.0.1:5000;
615 615 # add more instances for load balancing
616 616 #server 127.0.0.1:5001;
617 617 #server 127.0.0.1:5002;
618 618 }
619 619
620 620 ## gist alias
621 621 server {
622 622 listen 443;
623 623 server_name gist.example.com;
624 624 access_log /var/log/nginx/gist.access.log;
625 625 error_log /var/log/nginx/gist.error.log;
626 626
627 627 ssl on;
628 628 ssl_certificate gist.your.kallithea.server.crt;
629 629 ssl_certificate_key gist.your.kallithea.server.key;
630 630
631 631 ssl_session_timeout 5m;
632 632
633 633 ssl_protocols SSLv3 TLSv1;
634 634 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
635 635 ssl_prefer_server_ciphers on;
636 636
637 637 rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
638 638 rewrite (.*) https://kallithea.example.com/_admin/gists;
639 639 }
640 640
641 641 server {
642 642 listen 443;
643 643 server_name kallithea.example.com
644 644 access_log /var/log/nginx/kallithea.access.log;
645 645 error_log /var/log/nginx/kallithea.error.log;
646 646
647 647 ssl on;
648 648 ssl_certificate your.kallithea.server.crt;
649 649 ssl_certificate_key your.kallithea.server.key;
650 650
651 651 ssl_session_timeout 5m;
652 652
653 653 ssl_protocols SSLv3 TLSv1;
654 654 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
655 655 ssl_prefer_server_ciphers on;
656 656
657 657 ## uncomment root directive if you want to serve static files by nginx
658 658 ## requires static_files = false in .ini file
659 659 #root /srv/kallithea/kallithea/kallithea/public;
660 660 include /etc/nginx/proxy.conf;
661 661 location / {
662 662 try_files $uri @kallithea;
663 663 }
664 664
665 665 location @kallithea {
666 666 proxy_pass http://127.0.0.1:5000;
667 667 }
668 668
669 669 }
670 670
671 671 Here's the proxy.conf. It's tuned so it will not timeout on long
672 672 pushes or large pushes::
673 673
674 674 proxy_redirect off;
675 675 proxy_set_header Host $host;
676 676 ## needed for container auth
677 677 #proxy_set_header REMOTE_USER $remote_user;
678 678 #proxy_set_header X-Forwarded-User $remote_user;
679 679 proxy_set_header X-Url-Scheme $scheme;
680 680 proxy_set_header X-Host $http_host;
681 681 proxy_set_header X-Real-IP $remote_addr;
682 682 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
683 683 proxy_set_header Proxy-host $proxy_host;
684 684 proxy_buffering off;
685 685 proxy_connect_timeout 7200;
686 686 proxy_send_timeout 7200;
687 687 proxy_read_timeout 7200;
688 688 proxy_buffers 8 32k;
689 689 client_max_body_size 1024m;
690 690 client_body_buffer_size 128k;
691 691 large_client_header_buffers 8 64k;
692 692
693 693
694 694 Apache virtual host reverse proxy example
695 695 -----------------------------------------
696 696
697 697 Here is a sample configuration file for Apache using proxy:
698 698
699 699 .. code-block:: apache
700 700
701 701 <VirtualHost *:80>
702 702 ServerName kallithea.example.com
703 703
704 704 <Proxy *>
705 705 # For Apache 2.4 and later:
706 706 Require all granted
707 707
708 708 # For Apache 2.2 and earlier, instead use:
709 709 # Order allow,deny
710 710 # Allow from all
711 711 </Proxy>
712 712
713 713 #important !
714 714 #Directive to properly generate url (clone url) for pylons
715 715 ProxyPreserveHost On
716 716
717 717 #kallithea instance
718 718 ProxyPass / http://127.0.0.1:5000/
719 719 ProxyPassReverse / http://127.0.0.1:5000/
720 720
721 721 #to enable https use line below
722 722 #SetEnvIf X-Url-Scheme https HTTPS=1
723 723 </VirtualHost>
724 724
725 725 Additional tutorial
726 726 http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
727 727
728 728
729 729 Apache as subdirectory
730 730 ----------------------
731 731
732 732 Apache subdirectory part:
733 733
734 734 .. code-block:: apache
735 735
736 736 <Location /<someprefix> >
737 737 ProxyPass http://127.0.0.1:5000/<someprefix>
738 738 ProxyPassReverse http://127.0.0.1:5000/<someprefix>
739 739 SetEnvIf X-Url-Scheme https HTTPS=1
740 740 </Location>
741 741
742 742 Besides the regular apache setup you will need to add the following line
743 743 into ``[app:main]`` section of your .ini file::
744 744
745 745 filter-with = proxy-prefix
746 746
747 747 Add the following at the end of the .ini file::
748 748
749 749 [filter:proxy-prefix]
750 750 use = egg:PasteDeploy#prefix
751 751 prefix = /<someprefix>
752 752
753 753 then change ``<someprefix>`` into your chosen prefix
754 754
755 755
756 756 Apache with mod_wsgi
757 757 --------------------
758 758
759 759 Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
760 760 that, you'll need to:
761 761
762 762 - Install mod_wsgi. If using a Debian-based distro, you can install
763 763 the package libapache2-mod-wsgi::
764 764
765 765 aptitude install libapache2-mod-wsgi
766 766
767 767 - Enable mod_wsgi::
768 768
769 769 a2enmod wsgi
770 770
771 771 - Add global Apache configuration to tell mod_wsgi that Python only will be
772 772 used in the WSGI processes and shouldn't be initialized in the Apache
773 773 processes::
774 774
775 775 WSGIRestrictEmbedded On
776 776
777 777 - Create a wsgi dispatch script, like the one below. Make sure you
778 778 check that the paths correctly point to where you installed Kallithea
779 779 and its Python Virtual Environment.
780 780 - Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script,
781 781 as in the following example. Once again, check the paths are
782 782 correctly specified.
783 783
784 784 Here is a sample excerpt from an Apache Virtual Host configuration file:
785 785
786 786 .. code-block:: apache
787 787
788 WSGIDaemonProcess kallithea \
789 threads=4 \
788 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
790 789 python-home=/srv/kallithea/venv
791 790 WSGIProcessGroup kallithea
792 791 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
793 792 WSGIPassAuthorization On
794 793
795 794 Or if using a dispatcher WSGI script with proper virtualenv activation:
796 795
797 796 .. code-block:: apache
798 797
799 WSGIDaemonProcess kallithea threads=4
798 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100
800 799 WSGIProcessGroup kallithea
801 800 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
802 801 WSGIPassAuthorization On
803 802
804 803 Apache will by default run as a special Apache user, on Linux systems
805 804 usually ``www-data`` or ``apache``. If you need to have the repositories
806 805 directory owned by a different user, use the user and group options to
807 806 WSGIDaemonProcess to set the name of the user and group.
808 807
809 808 Example WSGI dispatch script:
810 809
811 810 .. code-block:: python
812 811
813 812 import os
814 813 os.environ["HGENCODING"] = "UTF-8"
815 814 os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
816 815
817 816 # sometimes it's needed to set the current dir
818 817 os.chdir('/srv/kallithea/')
819 818
820 819 import site
821 820 site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages")
822 821
823 822 ini = '/srv/kallithea/my.ini'
824 823 from paste.script.util.logging_config import fileConfig
825 824 fileConfig(ini)
826 825 from paste.deploy import loadapp
827 826 application = loadapp('config:' + ini)
828 827
829 828 Or using proper virtualenv activation:
830 829
831 830 .. code-block:: python
832 831
833 832 activate_this = '/srv/kallithea/venv/bin/activate_this.py'
834 833 execfile(activate_this, dict(__file__=activate_this))
835 834
836 835 import os
837 836 os.environ['HOME'] = '/srv/kallithea'
838 837
839 838 ini = '/srv/kallithea/kallithea.ini'
840 839 from paste.script.util.logging_config import fileConfig
841 840 fileConfig(ini)
842 841 from paste.deploy import loadapp
843 842 application = loadapp('config:' + ini)
844 843
845 844
846 845 Other configuration files
847 846 -------------------------
848 847
849 848 A number of `example init.d scripts`__ can be found in
850 849 the ``init.d`` directory of the Kallithea source.
851 850
852 851 .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
853 852
854 853
855 854 .. _virtualenv: http://pypi.python.org/pypi/virtualenv
856 855 .. _python: http://www.python.org/
857 856 .. _Mercurial: http://mercurial.selenic.com/
858 857 .. _Celery: http://celeryproject.org/
859 858 .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
860 859 .. _RabbitMQ: http://www.rabbitmq.com/
861 860 .. _Redis: http://redis.io/
862 861 .. _python-ldap: http://www.python-ldap.org/
863 862 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
864 863 .. _PublishingRepositories: http://mercurial.selenic.com/wiki/PublishingRepositories
Show file before | Show file after | Hide comments
@@ -1,81 +1,99 b''
1 1 .. _performance:
2 2
3 3 ================================
4 4 Optimizing Kallithea performance
5 5 ================================
6 6
7 7 When serving a large amount of big repositories, Kallithea can start
8 8 performing slower than expected. Because of the demanding nature of handling large
9 9 amounts of data from version control systems, here are some tips on how to get
10 10 the best performance.
11 11
12 12 Follow these few steps to improve performance of Kallithea system.
13 13
14 14 1. Kallithea is often I/O bound, and hence a fast disk (SSD/SAN) is
15 15 usually more important than a fast CPU.
16 16
17 17 2. Increase cache
18 18
19 19 Tweak beaker cache settings in the ini file. The actual effect of that
20 20 is questionable.
21 21
22 22 3. Switch from SQLite to PostgreSQL or MySQL
23 23
24 24 SQLite is a good option when having a small load on the system. But due to
25 25 locking issues with SQLite, it is not recommended to use it for larger
26 26 deployments. Switching to MySQL or PostgreSQL will result in an immediate
27 27 performance increase. A tool like SQLAlchemyGrate_ can be used for
28 28 migrating to another database platform.
29 29
30 30 4. Scale Kallithea horizontally
31 31
32 32 Scaling horizontally can give huge performance benefits when dealing with
33 33 large amounts of traffic (many users, CI servers, etc.). Kallithea can be
34 scaled horizontally on one (recommended) or multiple machines. In order
35 to scale horizontally you need to do the following:
34 scaled horizontally on one (recommended) or multiple machines.
35
36 It is generally possible to run WSGI applications multithreaded, so that
37 several HTTP requests are served from the same Python process at once. That
38 can in principle give better utilization of internal caches and less
39 process overhead.
40
41 One danger of running multithreaded is that program execution becomes much
42 more complex; programs must be written to consider all combinations of
43 events and problems might depend on timing and be impossible to reproduce.
44
45 Kallithea can't promise to be thread-safe, just like the embedded Mercurial
46 backend doesn't make any strong promises when used as Kallithea uses it.
47 Instead, we recommend scaling by using multiple server processes.
48
49 Web servers with multiple worker processes (such as ``mod_wsgi`` with the
50 ``WSGIDaemonProcess`` ``processes`` parameter) will work out of the box.
51
52 In order to scale horizontally on multiple machines, you need to do the
53 following:
36 54
37 55 - Each instance's ``data`` storage needs to be configured to be stored on a
38 56 shared disk storage, preferably together with repositories. This ``data``
39 57 dir contains template caches, sessions, whoosh index and is used for
40 58 task locking (so it is safe across multiple instances). Set the
41 59 ``cache_dir``, ``index_dir``, ``beaker.cache.data_dir``, ``beaker.cache.lock_dir``
42 60 variables in each .ini file to a shared location across Kallithea instances
43 - If celery is used each instance should run a separate Celery instance, but
61 - If using several Celery instances,
44 62 the message broker should be common to all of them (e.g., one
45 63 shared RabbitMQ server)
46 64 - Load balance using round robin or IP hash, recommended is writing LB rules
47 65 that will separate regular user traffic from automated processes like CI
48 66 servers or build bots.
49 67
50 68 5. Serve static files directly from the web server
51 69
52 70 With the default ``static_files`` ini setting, the Kallithea WSGI application
53 71 will take care of serving the static files found in ``kallithea/public`` from
54 72 the root of the application URL. While doing that, it will currently also
55 73 apply buffering and compression of all the responses it is serving.
56 74
57 75 The actual serving of the static files is unlikely to be a problem in a
58 76 Kallithea setup. The buffering of responses is more likely to be a problem;
59 77 large responses (clones or pulls) will have to be fully processed and spooled
60 78 to disk or memory before the client will see any response.
61 79
62 80 To serve static files from the web server, use something like this Apache config
63 81 snippet::
64 82
65 83 Alias /images/ /srv/kallithea/kallithea/kallithea/public/images/
66 84 Alias /css/ /srv/kallithea/kallithea/kallithea/public/css/
67 85 Alias /js/ /srv/kallithea/kallithea/kallithea/public/js/
68 86 Alias /codemirror/ /srv/kallithea/kallithea/kallithea/public/codemirror/
69 87 Alias /fontello/ /srv/kallithea/kallithea/kallithea/public/fontello/
70 88
71 89 Then disable serving of static files in the ``.ini`` ``app:main`` section::
72 90
73 91 static_files = false
74 92
75 93 If using Kallithea installed as a package, you should be able to find the files
76 94 under site-packages/kallithea, either in your Python installation or in your
77 95 virtualenv. When upgrading, make sure to update the web server configuration
78 96 too if necessary.
79 97
80 98
81 99 .. _SQLAlchemyGrate: https://github.com/shazow/sqlalchemygrate
Show file before | Show file after | Hide comments
@@ -1,604 +1,604 b''
1 1 ## -*- coding: utf-8 -*-
2 2 <%text>################################################################################</%text>
3 3 <%text>################################################################################</%text>
4 4 # Kallithea - config file generated with kallithea-config #
5 5 <%text>################################################################################</%text>
6 6 <%text>################################################################################</%text>
7 7
8 8 [DEFAULT]
9 9 debug = true
10 10 pdebug = false
11 11
12 12 <%text>################################################################################</%text>
13 13 <%text>## Email settings ##</%text>
14 14 <%text>## ##</%text>
15 15 <%text>## Refer to the documentation ("Email settings") for more details. ##</%text>
16 16 <%text>## ##</%text>
17 17 <%text>## It is recommended to use a valid sender address that passes access ##</%text>
18 18 <%text>## validation and spam filtering in mail servers. ##</%text>
19 19 <%text>################################################################################</%text>
20 20
21 21 <%text>## 'From' header for application emails. You can optionally add a name.</%text>
22 22 <%text>## Default:</%text>
23 23 #app_email_from = Kallithea
24 24 <%text>## Examples:</%text>
25 25 #app_email_from = Kallithea <kallithea-noreply@example.com>
26 26 #app_email_from = kallithea-noreply@example.com
27 27
28 28 <%text>## Subject prefix for application emails.</%text>
29 29 <%text>## A space between this prefix and the real subject is automatically added.</%text>
30 30 <%text>## Default:</%text>
31 31 #email_prefix =
32 32 <%text>## Example:</%text>
33 33 #email_prefix = [Kallithea]
34 34
35 35 <%text>## Recipients for error emails and fallback recipients of application mails.</%text>
36 36 <%text>## Multiple addresses can be specified, space-separated.</%text>
37 37 <%text>## Only addresses are allowed, do not add any name part.</%text>
38 38 <%text>## Default:</%text>
39 39 #email_to =
40 40 <%text>## Examples:</%text>
41 41 #email_to = admin@example.com
42 42 #email_to = admin@example.com another_admin@example.com
43 43
44 44 <%text>## 'From' header for error emails. You can optionally add a name.</%text>
45 45 <%text>## Default:</%text>
46 46 #error_email_from = pylons@yourapp.com
47 47 <%text>## Examples:</%text>
48 48 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
49 49 #error_email_from = paste_error@example.com
50 50
51 51 <%text>## SMTP server settings</%text>
52 52 <%text>## If specifying credentials, make sure to use secure connections.</%text>
53 53 <%text>## Default: Send unencrypted unauthenticated mails to the specified smtp_server.</%text>
54 54 <%text>## For "SSL", use smtp_use_ssl = true and smtp_port = 465.</%text>
55 55 <%text>## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.</%text>
56 56 #smtp_server = smtp.example.com
57 57 #smtp_username =
58 58 #smtp_password =
59 59 #smtp_port = 25
60 60 #smtp_use_ssl = false
61 61 #smtp_use_tls = false
62 62
63 63 [server:main]
64 64 %if http_server == 'paste':
65 65 <%text>## PASTE ##</%text>
66 66 use = egg:Paste#http
67 67 <%text>## nr of worker threads to spawn</%text>
68 threadpool_workers = 5
68 threadpool_workers = 1
69 69 <%text>## max request before thread respawn</%text>
70 threadpool_max_requests = 10
70 threadpool_max_requests = 100
71 71 <%text>## option to use threads of process</%text>
72 72 use_threadpool = true
73 73
74 74 %elif http_server == 'waitress':
75 75 <%text>## WAITRESS ##</%text>
76 76 use = egg:waitress#main
77 77 <%text>## number of worker threads</%text>
78 threads = 5
78 threads = 1
79 79 <%text>## MAX BODY SIZE 100GB</%text>
80 80 max_request_body_size = 107374182400
81 81 <%text>## use poll instead of select, fixes fd limits, may not work on old</%text>
82 82 <%text>## windows systems.</%text>
83 83 #asyncore_use_poll = True
84 84
85 85 %elif http_server == 'gunicorn':
86 86 <%text>## GUNICORN ##</%text>
87 87 use = egg:gunicorn#main
88 88 <%text>## number of process workers. You must set `instance_id = *` when this option</%text>
89 89 <%text>## is set to more than one worker</%text>
90 90 workers = 1
91 91 <%text>## process name</%text>
92 92 proc_name = kallithea
93 93 <%text>## type of worker class, one of sync, eventlet, gevent, tornado</%text>
94 94 <%text>## recommended for bigger setup is using of of other than sync one</%text>
95 95 worker_class = sync
96 96 max_requests = 1000
97 97 <%text>## amount of time a worker can handle request before it gets killed and</%text>
98 98 <%text>## restarted</%text>
99 99 timeout = 3600
100 100
101 101 %elif http_server == 'uwsgi':
102 102 <%text>## UWSGI ##</%text>
103 103 <%text>## run with uwsgi --ini-paste-logged <inifile.ini></%text>
104 104 [uwsgi]
105 105 socket = /tmp/uwsgi.sock
106 106 master = true
107 107 http = 127.0.0.1:5000
108 108
109 109 <%text>## set as deamon and redirect all output to file</%text>
110 110 #daemonize = ./uwsgi_kallithea.log
111 111
112 112 <%text>## master process PID</%text>
113 113 pidfile = ./uwsgi_kallithea.pid
114 114
115 115 <%text>## stats server with workers statistics, use uwsgitop</%text>
116 116 <%text>## for monitoring, `uwsgitop 127.0.0.1:1717`</%text>
117 117 stats = 127.0.0.1:1717
118 118 memory-report = true
119 119
120 120 <%text>## log 5XX errors</%text>
121 121 log-5xx = true
122 122
123 123 <%text>## Set the socket listen queue size.</%text>
124 124 listen = 256
125 125
126 126 <%text>## Gracefully Reload workers after the specified amount of managed requests</%text>
127 127 <%text>## (avoid memory leaks).</%text>
128 128 max-requests = 1000
129 129
130 130 <%text>## enable large buffers</%text>
131 131 buffer-size = 65535
132 132
133 133 <%text>## socket and http timeouts ##</%text>
134 134 http-timeout = 3600
135 135 socket-timeout = 3600
136 136
137 137 <%text>## Log requests slower than the specified number of milliseconds.</%text>
138 138 log-slow = 10
139 139
140 140 <%text>## Exit if no app can be loaded.</%text>
141 141 need-app = true
142 142
143 143 <%text>## Set lazy mode (load apps in workers instead of master).</%text>
144 144 lazy = true
145 145
146 146 <%text>## scaling ##</%text>
147 147 <%text>## set cheaper algorithm to use, if not set default will be used</%text>
148 148 cheaper-algo = spare
149 149
150 150 <%text>## minimum number of workers to keep at all times</%text>
151 151 cheaper = 1
152 152
153 153 <%text>## number of workers to spawn at startup</%text>
154 154 cheaper-initial = 1
155 155
156 156 <%text>## maximum number of workers that can be spawned</%text>
157 157 workers = 4
158 158
159 159 <%text>## how many workers should be spawned at a time</%text>
160 160 cheaper-step = 1
161 161
162 162 %endif
163 163 <%text>## COMMON ##</%text>
164 164 host = ${host}
165 165 port = ${port}
166 166
167 167 <%text>## middleware for hosting the WSGI application under a URL prefix</%text>
168 168 #[filter:proxy-prefix]
169 169 #use = egg:PasteDeploy#prefix
170 170 #prefix = /<your-prefix>
171 171
172 172 [app:main]
173 173 use = egg:kallithea
174 174 <%text>## enable proxy prefix middleware</%text>
175 175 #filter-with = proxy-prefix
176 176
177 177 full_stack = true
178 178 static_files = true
179 179 <%text>## Available Languages:</%text>
180 180 <%text>## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW</%text>
181 181 lang =
182 182 cache_dir = ${here}/data
183 183 index_dir = ${here}/data/index
184 184
185 185 <%text>## perform a full repository scan on each server start, this should be</%text>
186 186 <%text>## set to false after first startup, to allow faster server restarts.</%text>
187 187 initial_repo_scan = false
188 188
189 189 <%text>## uncomment and set this path to use archive download cache</%text>
190 190 archive_cache_dir = ${here}/tarballcache
191 191
192 192 <%text>## change this to unique ID for security</%text>
193 193 app_instance_uuid = ${uuid()}
194 194
195 195 <%text>## cut off limit for large diffs (size in bytes)</%text>
196 196 cut_off_limit = 256000
197 197
198 198 <%text>## force https in Kallithea, fixes https redirects, assumes it's always https</%text>
199 199 force_https = false
200 200
201 201 <%text>## use Strict-Transport-Security headers</%text>
202 202 use_htsts = false
203 203
204 204 <%text>## number of commits stats will parse on each iteration</%text>
205 205 commit_parse_limit = 25
206 206
207 207 <%text>## path to git executable</%text>
208 208 git_path = git
209 209
210 210 <%text>## git rev filter option, --all is the default filter, if you need to</%text>
211 211 <%text>## hide all refs in changelog switch this to --branches --tags</%text>
212 212 #git_rev_filter = --branches --tags
213 213
214 214 <%text>## RSS feed options</%text>
215 215 rss_cut_off_limit = 256000
216 216 rss_items_per_page = 10
217 217 rss_include_diff = false
218 218
219 219 <%text>## options for showing and identifying changesets</%text>
220 220 show_sha_length = 12
221 221 show_revision_number = false
222 222
223 223 <%text>## Canonical URL to use when creating full URLs in UI and texts.</%text>
224 224 <%text>## Useful when the site is available under different names or protocols.</%text>
225 225 <%text>## Defaults to what is provided in the WSGI environment.</%text>
226 226 #canonical_url = https://kallithea.example.com/repos
227 227
228 228 <%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text>
229 229 <%text>## url that does rewrites to _admin/gists/<gistid>.</%text>
230 230 <%text>## example: http://gist.example.com/{gistid}. Empty means use the internal</%text>
231 231 <%text>## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid></%text>
232 232 gist_alias_url =
233 233
234 234 <%text>## white list of API enabled controllers. This allows to add list of</%text>
235 235 <%text>## controllers to which access will be enabled by api_key. eg: to enable</%text>
236 236 <%text>## api access to raw_files put `FilesController:raw`, to enable access to patches</%text>
237 237 <%text>## add `ChangesetController:changeset_patch`. This list should be "," separated</%text>
238 238 <%text>## Syntax is <ControllerClass>:<function>. Check debug logs for generated names</%text>
239 239 <%text>## Recommended settings below are commented out:</%text>
240 240 api_access_controllers_whitelist =
241 241 # ChangesetController:changeset_patch,
242 242 # ChangesetController:changeset_raw,
243 243 # FilesController:raw,
244 244 # FilesController:archivefile
245 245
246 246 <%text>## default encoding used to convert from and to unicode</%text>
247 247 <%text>## can be also a comma separated list of encoding in case of mixed encodings</%text>
248 248 default_encoding = utf8
249 249
250 250 <%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text>
251 251 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
252 252
253 253 <%text>## issue tracking mapping for commits messages</%text>
254 254 <%text>## comment out issue_pat, issue_server, issue_prefix to enable</%text>
255 255
256 256 <%text>## pattern to get the issues from commit messages</%text>
257 257 <%text>## default one used here is #<numbers> with a regex passive group for `#`</%text>
258 258 <%text>## {id} will be all groups matched from this pattern</%text>
259 259
260 260 issue_pat = (?:\s*#)(\d+)
261 261
262 262 <%text>## server url to the issue, each {id} will be replaced with match</%text>
263 263 <%text>## fetched from the regex and {repo} is replaced with full repository name</%text>
264 264 <%text>## including groups {repo_name} is replaced with just name of repo</%text>
265 265
266 266 issue_server_link = https://issues.example.com/{repo}/issue/{id}
267 267
268 268 <%text>## prefix to add to link to indicate it's an url</%text>
269 269 <%text>## #314 will be replaced by <issue_prefix><id></%text>
270 270
271 271 issue_prefix = #
272 272
273 273 <%text>## issue_pat, issue_server_link, issue_prefix can have suffixes to specify</%text>
274 274 <%text>## multiple patterns, to other issues server, wiki or others</%text>
275 275 <%text>## below an example how to create a wiki pattern</%text>
276 276 # wiki-some-id -> https://wiki.example.com/some-id
277 277
278 278 #issue_pat_wiki = (?:wiki-)(.+)
279 279 #issue_server_link_wiki = https://wiki.example.com/{id}
280 280 #issue_prefix_wiki = WIKI-
281 281
282 282 <%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>
283 283 <%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>
284 284 <%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>
285 285 auth_ret_code =
286 286
287 287 <%text>## locking return code. When repository is locked return this HTTP code. 2XX</%text>
288 288 <%text>## codes don't break the transactions while 4XX codes do</%text>
289 289 lock_ret_code = 423
290 290
291 291 <%text>## allows to change the repository location in settings page</%text>
292 292 allow_repo_location_change = True
293 293
294 294 <%text>## allows to setup custom hooks in settings page</%text>
295 295 allow_custom_hooks_settings = True
296 296
297 297 <%text>## extra extensions for indexing, space separated and without the leading '.'.</%text>
298 298 # index.extensions =
299 299 # gemfile
300 300 # lock
301 301
302 302 <%text>## extra filenames for indexing, space separated</%text>
303 303 # index.filenames =
304 304 # .dockerignore
305 305 # .editorconfig
306 306 # INSTALL
307 307 # CHANGELOG
308 308
309 309 <%text>####################################</%text>
310 310 <%text>### CELERY CONFIG ####</%text>
311 311 <%text>####################################</%text>
312 312
313 313 use_celery = false
314 314 broker.host = localhost
315 315 broker.vhost = rabbitmqhost
316 316 broker.port = 5672
317 317 broker.user = rabbitmq
318 318 broker.password = qweqwe
319 319
320 320 celery.imports = kallithea.lib.celerylib.tasks
321 321
322 322 celery.result.backend = amqp
323 323 celery.result.dburi = amqp://
324 324 celery.result.serialier = json
325 325
326 326 #celery.send.task.error.emails = true
327 327 #celery.amqp.task.result.expires = 18000
328 328
329 329 celeryd.concurrency = 2
330 330 #celeryd.log.file = celeryd.log
331 331 celeryd.log.level = DEBUG
332 332 celeryd.max.tasks.per.child = 1
333 333
334 334 <%text>## tasks will never be sent to the queue, but executed locally instead.</%text>
335 335 celery.always.eager = false
336 336
337 337 <%text>####################################</%text>
338 338 <%text>### BEAKER CACHE ####</%text>
339 339 <%text>####################################</%text>
340 340
341 341 beaker.cache.data_dir = ${here}/data/cache/data
342 342 beaker.cache.lock_dir = ${here}/data/cache/lock
343 343
344 344 beaker.cache.regions = short_term,long_term,sql_cache_short
345 345
346 346 beaker.cache.short_term.type = memory
347 347 beaker.cache.short_term.expire = 60
348 348 beaker.cache.short_term.key_length = 256
349 349
350 350 beaker.cache.long_term.type = memory
351 351 beaker.cache.long_term.expire = 36000
352 352 beaker.cache.long_term.key_length = 256
353 353
354 354 beaker.cache.sql_cache_short.type = memory
355 355 beaker.cache.sql_cache_short.expire = 10
356 356 beaker.cache.sql_cache_short.key_length = 256
357 357
358 358 <%text>####################################</%text>
359 359 <%text>### BEAKER SESSION ####</%text>
360 360 <%text>####################################</%text>
361 361
362 362 <%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>
363 363 <%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>
364 364 beaker.session.key = kallithea
365 365 <%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>
366 366 beaker.session.httponly = true
367 367 <%text>## Session lifetime. 2592000 seconds is 30 days.</%text>
368 368 beaker.session.timeout = 2592000
369 369
370 370 <%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>
371 371 beaker.session.secret = ${uuid()}
372 372 <%text>## Further, encrypt the data with AES.</%text>
373 373 #beaker.session.encrypt_key = <key_for_encryption>
374 374 #beaker.session.validate_key = <validation_key>
375 375
376 376 <%text>## Type of storage used for the session, current types are</%text>
377 377 <%text>## dbm, file, memcached, database, and memory.</%text>
378 378
379 379 <%text>## File system storage of session data. (default)</%text>
380 380 #beaker.session.type = file
381 381
382 382 <%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>
383 383 #beaker.session.type = cookie
384 384
385 385 <%text>## Database storage of session data.</%text>
386 386 #beaker.session.type = ext:database
387 387 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
388 388 #beaker.session.table_name = db_session
389 389
390 390 %if error_aggregation_service == 'errormator':
391 391 <%text>############################</%text>
392 392 <%text>## ERROR HANDLING SYSTEMS ##</%text>
393 393 <%text>############################</%text>
394 394
395 395 <%text>####################</%text>
396 396 <%text>### [errormator] ###</%text>
397 397 <%text>####################</%text>
398 398
399 399 <%text>## Errormator is tailored to work with Kallithea, see</%text>
400 400 <%text>## http://errormator.com for details how to obtain an account</%text>
401 401 <%text>## you must install python package `errormator_client` to make it work</%text>
402 402
403 403 <%text>## errormator enabled</%text>
404 404 errormator = false
405 405
406 406 errormator.server_url = https://api.errormator.com
407 407 errormator.api_key = YOUR_API_KEY
408 408
409 409 <%text>## TWEAK AMOUNT OF INFO SENT HERE</%text>
410 410
411 411 <%text>## enables 404 error logging (default False)</%text>
412 412 errormator.report_404 = false
413 413
414 414 <%text>## time in seconds after request is considered being slow (default 1)</%text>
415 415 errormator.slow_request_time = 1
416 416
417 417 <%text>## record slow requests in application</%text>
418 418 <%text>## (needs to be enabled for slow datastore recording and time tracking)</%text>
419 419 errormator.slow_requests = true
420 420
421 421 <%text>## enable hooking to application loggers</%text>
422 422 #errormator.logging = true
423 423
424 424 <%text>## minimum log level for log capture</%text>
425 425 #errormator.logging.level = WARNING
426 426
427 427 <%text>## send logs only from erroneous/slow requests</%text>
428 428 <%text>## (saves API quota for intensive logging)</%text>
429 429 errormator.logging_on_error = false
430 430
431 431 <%text>## list of additional keywords that should be grabbed from environ object</%text>
432 432 <%text>## can be string with comma separated list of words in lowercase</%text>
433 433 <%text>## (by default client will always send following info:</%text>
434 434 <%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text>
435 435 <%text>## start with HTTP* this list be extended with additional keywords here</%text>
436 436 errormator.environ_keys_whitelist =
437 437
438 438 <%text>## list of keywords that should be blanked from request object</%text>
439 439 <%text>## can be string with comma separated list of words in lowercase</%text>
440 440 <%text>## (by default client will always blank keys that contain following words</%text>
441 441 <%text>## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'</%text>
442 442 <%text>## this list be extended with additional keywords set here</%text>
443 443 errormator.request_keys_blacklist =
444 444
445 445 <%text>## list of namespaces that should be ignores when gathering log entries</%text>
446 446 <%text>## can be string with comma separated list of namespaces</%text>
447 447 <%text>## (by default the client ignores own entries: errormator_client.client)</%text>
448 448 errormator.log_namespace_blacklist =
449 449
450 450 %elif error_aggregation_service == 'sentry':
451 451 <%text>################</%text>
452 452 <%text>### [sentry] ###</%text>
453 453 <%text>################</%text>
454 454
455 455 <%text>## sentry is a alternative open source error aggregator</%text>
456 456 <%text>## you must install python packages `sentry` and `raven` to enable</%text>
457 457
458 458 sentry.dsn = YOUR_DNS
459 459 sentry.servers =
460 460 sentry.name =
461 461 sentry.key =
462 462 sentry.public_key =
463 463 sentry.secret_key =
464 464 sentry.project =
465 465 sentry.site =
466 466 sentry.include_paths =
467 467 sentry.exclude_paths =
468 468
469 469 %endif
470 470 <%text>################################################################################</%text>
471 471 <%text>## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##</%text>
472 472 <%text>## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##</%text>
473 473 <%text>## execute malicious code after an exception is raised. ##</%text>
474 474 <%text>################################################################################</%text>
475 475 set debug = false
476 476
477 477 <%text>##################################</%text>
478 478 <%text>### LOGVIEW CONFIG ###</%text>
479 479 <%text>##################################</%text>
480 480
481 481 logview.sqlalchemy = #faa
482 482 logview.pylons.templating = #bfb
483 483 logview.pylons.util = #eee
484 484
485 485 <%text>#########################################################</%text>
486 486 <%text>### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###</%text>
487 487 <%text>#########################################################</%text>
488 488
489 489 %if database_engine == 'sqlite':
490 490 # SQLITE [default]
491 491 sqlalchemy.db1.url = sqlite:///${here}/kallithea.db?timeout=60
492 492
493 493 %elif database_engine == 'postgres':
494 494 # POSTGRESQL
495 495 sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
496 496
497 497 %elif database_engine == 'mysql':
498 498 # MySQL
499 499 sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea?charset=utf8
500 500
501 501 %endif
502 502 # see sqlalchemy docs for others
503 503
504 504 sqlalchemy.db1.echo = false
505 505 sqlalchemy.db1.pool_recycle = 3600
506 506
507 507 <%text>################################</%text>
508 508 <%text>### ALEMBIC CONFIGURATION ####</%text>
509 509 <%text>################################</%text>
510 510
511 511 [alembic]
512 512 script_location = kallithea:alembic
513 513
514 514 <%text>################################</%text>
515 515 <%text>### LOGGING CONFIGURATION ####</%text>
516 516 <%text>################################</%text>
517 517
518 518 [loggers]
519 519 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
520 520
521 521 [handlers]
522 522 keys = console, console_sql
523 523
524 524 [formatters]
525 525 keys = generic, color_formatter, color_formatter_sql
526 526
527 527 <%text>#############</%text>
528 528 <%text>## LOGGERS ##</%text>
529 529 <%text>#############</%text>
530 530
531 531 [logger_root]
532 532 level = NOTSET
533 533 handlers = console
534 534
535 535 [logger_routes]
536 536 level = DEBUG
537 537 handlers =
538 538 qualname = routes.middleware
539 539 <%text>## "level = DEBUG" logs the route matched and routing variables.</%text>
540 540 propagate = 1
541 541
542 542 [logger_beaker]
543 543 level = DEBUG
544 544 handlers =
545 545 qualname = beaker.container
546 546 propagate = 1
547 547
548 548 [logger_templates]
549 549 level = INFO
550 550 handlers =
551 551 qualname = pylons.templating
552 552 propagate = 1
553 553
554 554 [logger_kallithea]
555 555 level = DEBUG
556 556 handlers =
557 557 qualname = kallithea
558 558 propagate = 1
559 559
560 560 [logger_sqlalchemy]
561 561 level = INFO
562 562 handlers = console_sql
563 563 qualname = sqlalchemy.engine
564 564 propagate = 0
565 565
566 566 [logger_whoosh_indexer]
567 567 level = DEBUG
568 568 handlers =
569 569 qualname = whoosh_indexer
570 570 propagate = 1
571 571
572 572 <%text>##############</%text>
573 573 <%text>## HANDLERS ##</%text>
574 574 <%text>##############</%text>
575 575
576 576 [handler_console]
577 577 class = StreamHandler
578 578 args = (sys.stderr,)
579 579 level = INFO
580 580 formatter = generic
581 581
582 582 [handler_console_sql]
583 583 class = StreamHandler
584 584 args = (sys.stderr,)
585 585 level = WARN
586 586 formatter = generic
587 587
588 588 <%text>################</%text>
589 589 <%text>## FORMATTERS ##</%text>
590 590 <%text>################</%text>
591 591
592 592 [formatter_generic]
593 593 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
594 594 datefmt = %Y-%m-%d %H:%M:%S
595 595
596 596 [formatter_color_formatter]
597 597 class = kallithea.lib.colored_formatter.ColorFormatter
598 598 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
599 599 datefmt = %Y-%m-%d %H:%M:%S
600 600
601 601 [formatter_color_formatter_sql]
602 602 class = kallithea.lib.colored_formatter.ColorFormatterSql
603 603 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
604 604 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,593 +1,593 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - Example config #
4 4 # #
5 5 # The %(here)s variable will be replaced with the parent directory of this file#
6 6 ################################################################################
7 7 ################################################################################
8 8
9 9 [DEFAULT]
10 10 debug = true
11 11 pdebug = false
12 12
13 13 ################################################################################
14 14 ## Email settings ##
15 15 ## ##
16 16 ## Refer to the documentation ("Email settings") for more details. ##
17 17 ## ##
18 18 ## It is recommended to use a valid sender address that passes access ##
19 19 ## validation and spam filtering in mail servers. ##
20 20 ################################################################################
21 21
22 22 ## 'From' header for application emails. You can optionally add a name.
23 23 ## Default:
24 24 #app_email_from = Kallithea
25 25 ## Examples:
26 26 #app_email_from = Kallithea <kallithea-noreply@example.com>
27 27 #app_email_from = kallithea-noreply@example.com
28 28
29 29 ## Subject prefix for application emails.
30 30 ## A space between this prefix and the real subject is automatically added.
31 31 ## Default:
32 32 #email_prefix =
33 33 ## Example:
34 34 #email_prefix = [Kallithea]
35 35
36 36 ## Recipients for error emails and fallback recipients of application mails.
37 37 ## Multiple addresses can be specified, space-separated.
38 38 ## Only addresses are allowed, do not add any name part.
39 39 ## Default:
40 40 #email_to =
41 41 ## Examples:
42 42 #email_to = admin@example.com
43 43 #email_to = admin@example.com another_admin@example.com
44 44
45 45 ## 'From' header for error emails. You can optionally add a name.
46 46 ## Default:
47 47 #error_email_from = pylons@yourapp.com
48 48 ## Examples:
49 49 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
50 50 #error_email_from = paste_error@example.com
51 51
52 52 ## SMTP server settings
53 53 ## If specifying credentials, make sure to use secure connections.
54 54 ## Default: Send unencrypted unauthenticated mails to the specified smtp_server.
55 55 ## For "SSL", use smtp_use_ssl = true and smtp_port = 465.
56 56 ## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
57 57 #smtp_server = smtp.example.com
58 58 #smtp_username =
59 59 #smtp_password =
60 60 #smtp_port = 25
61 61 #smtp_use_ssl = false
62 62 #smtp_use_tls = false
63 63
64 64 [server:main]
65 65 ## PASTE ##
66 66 #use = egg:Paste#http
67 67 ## nr of worker threads to spawn
68 #threadpool_workers = 5
68 #threadpool_workers = 1
69 69 ## max request before thread respawn
70 #threadpool_max_requests = 10
70 #threadpool_max_requests = 100
71 71 ## option to use threads of process
72 72 #use_threadpool = true
73 73
74 74 ## WAITRESS ##
75 75 use = egg:waitress#main
76 76 ## number of worker threads
77 threads = 5
77 threads = 1
78 78 ## MAX BODY SIZE 100GB
79 79 max_request_body_size = 107374182400
80 80 ## use poll instead of select, fixes fd limits, may not work on old
81 81 ## windows systems.
82 82 #asyncore_use_poll = True
83 83
84 84 ## GUNICORN ##
85 85 #use = egg:gunicorn#main
86 86 ## number of process workers. You must set `instance_id = *` when this option
87 87 ## is set to more than one worker
88 88 #workers = 1
89 89 ## process name
90 90 #proc_name = kallithea
91 91 ## type of worker class, one of sync, eventlet, gevent, tornado
92 92 ## recommended for bigger setup is using of of other than sync one
93 93 #worker_class = sync
94 94 #max_requests = 1000
95 95 ## amount of time a worker can handle request before it gets killed and
96 96 ## restarted
97 97 #timeout = 3600
98 98
99 99 ## UWSGI ##
100 100 ## run with uwsgi --ini-paste-logged <inifile.ini>
101 101 #[uwsgi]
102 102 #socket = /tmp/uwsgi.sock
103 103 #master = true
104 104 #http = 127.0.0.1:5000
105 105
106 106 ## set as deamon and redirect all output to file
107 107 #daemonize = ./uwsgi_kallithea.log
108 108
109 109 ## master process PID
110 110 #pidfile = ./uwsgi_kallithea.pid
111 111
112 112 ## stats server with workers statistics, use uwsgitop
113 113 ## for monitoring, `uwsgitop 127.0.0.1:1717`
114 114 #stats = 127.0.0.1:1717
115 115 #memory-report = true
116 116
117 117 ## log 5XX errors
118 118 #log-5xx = true
119 119
120 120 ## Set the socket listen queue size.
121 121 #listen = 256
122 122
123 123 ## Gracefully Reload workers after the specified amount of managed requests
124 124 ## (avoid memory leaks).
125 125 #max-requests = 1000
126 126
127 127 ## enable large buffers
128 128 #buffer-size = 65535
129 129
130 130 ## socket and http timeouts ##
131 131 #http-timeout = 3600
132 132 #socket-timeout = 3600
133 133
134 134 ## Log requests slower than the specified number of milliseconds.
135 135 #log-slow = 10
136 136
137 137 ## Exit if no app can be loaded.
138 138 #need-app = true
139 139
140 140 ## Set lazy mode (load apps in workers instead of master).
141 141 #lazy = true
142 142
143 143 ## scaling ##
144 144 ## set cheaper algorithm to use, if not set default will be used
145 145 #cheaper-algo = spare
146 146
147 147 ## minimum number of workers to keep at all times
148 148 #cheaper = 1
149 149
150 150 ## number of workers to spawn at startup
151 151 #cheaper-initial = 1
152 152
153 153 ## maximum number of workers that can be spawned
154 154 #workers = 4
155 155
156 156 ## how many workers should be spawned at a time
157 157 #cheaper-step = 1
158 158
159 159 ## COMMON ##
160 160 host = 127.0.0.1
161 161 port = 5000
162 162
163 163 ## middleware for hosting the WSGI application under a URL prefix
164 164 #[filter:proxy-prefix]
165 165 #use = egg:PasteDeploy#prefix
166 166 #prefix = /<your-prefix>
167 167
168 168 [app:main]
169 169 use = egg:kallithea
170 170 ## enable proxy prefix middleware
171 171 #filter-with = proxy-prefix
172 172
173 173 full_stack = true
174 174 static_files = true
175 175 ## Available Languages:
176 176 ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
177 177 lang =
178 178 cache_dir = %(here)s/data
179 179 index_dir = %(here)s/data/index
180 180
181 181 ## perform a full repository scan on each server start, this should be
182 182 ## set to false after first startup, to allow faster server restarts.
183 183 initial_repo_scan = false
184 184
185 185 ## uncomment and set this path to use archive download cache
186 186 archive_cache_dir = %(here)s/tarballcache
187 187
188 188 ## change this to unique ID for security
189 189 app_instance_uuid = ${app_instance_uuid}
190 190
191 191 ## cut off limit for large diffs (size in bytes)
192 192 cut_off_limit = 256000
193 193
194 194 ## force https in Kallithea, fixes https redirects, assumes it's always https
195 195 force_https = false
196 196
197 197 ## use Strict-Transport-Security headers
198 198 use_htsts = false
199 199
200 200 ## number of commits stats will parse on each iteration
201 201 commit_parse_limit = 25
202 202
203 203 ## path to git executable
204 204 git_path = git
205 205
206 206 ## git rev filter option, --all is the default filter, if you need to
207 207 ## hide all refs in changelog switch this to --branches --tags
208 208 #git_rev_filter = --branches --tags
209 209
210 210 ## RSS feed options
211 211 rss_cut_off_limit = 256000
212 212 rss_items_per_page = 10
213 213 rss_include_diff = false
214 214
215 215 ## options for showing and identifying changesets
216 216 show_sha_length = 12
217 217 show_revision_number = false
218 218
219 219 ## Canonical URL to use when creating full URLs in UI and texts.
220 220 ## Useful when the site is available under different names or protocols.
221 221 ## Defaults to what is provided in the WSGI environment.
222 222 #canonical_url = https://kallithea.example.com/repos
223 223
224 224 ## gist URL alias, used to create nicer urls for gist. This should be an
225 225 ## url that does rewrites to _admin/gists/<gistid>.
226 226 ## example: http://gist.example.com/{gistid}. Empty means use the internal
227 227 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
228 228 gist_alias_url =
229 229
230 230 ## white list of API enabled controllers. This allows to add list of
231 231 ## controllers to which access will be enabled by api_key. eg: to enable
232 232 ## api access to raw_files put `FilesController:raw`, to enable access to patches
233 233 ## add `ChangesetController:changeset_patch`. This list should be "," separated
234 234 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
235 235 ## Recommended settings below are commented out:
236 236 api_access_controllers_whitelist =
237 237 # ChangesetController:changeset_patch,
238 238 # ChangesetController:changeset_raw,
239 239 # FilesController:raw,
240 240 # FilesController:archivefile
241 241
242 242 ## default encoding used to convert from and to unicode
243 243 ## can be also a comma separated list of encoding in case of mixed encodings
244 244 default_encoding = utf8
245 245
246 246 ## issue tracker for Kallithea (leave blank to disable, absent for default)
247 247 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
248 248
249 249 ## issue tracking mapping for commits messages
250 250 ## comment out issue_pat, issue_server, issue_prefix to enable
251 251
252 252 ## pattern to get the issues from commit messages
253 253 ## default one used here is #<numbers> with a regex passive group for `#`
254 254 ## {id} will be all groups matched from this pattern
255 255
256 256 issue_pat = (?:\s*#)(\d+)
257 257
258 258 ## server url to the issue, each {id} will be replaced with match
259 259 ## fetched from the regex and {repo} is replaced with full repository name
260 260 ## including groups {repo_name} is replaced with just name of repo
261 261
262 262 issue_server_link = https://issues.example.com/{repo}/issue/{id}
263 263
264 264 ## prefix to add to link to indicate it's an url
265 265 ## #314 will be replaced by <issue_prefix><id>
266 266
267 267 issue_prefix = #
268 268
269 269 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
270 270 ## multiple patterns, to other issues server, wiki or others
271 271 ## below an example how to create a wiki pattern
272 272 # wiki-some-id -> https://wiki.example.com/some-id
273 273
274 274 #issue_pat_wiki = (?:wiki-)(.+)
275 275 #issue_server_link_wiki = https://wiki.example.com/{id}
276 276 #issue_prefix_wiki = WIKI-
277 277
278 278 ## alternative return HTTP header for failed authentication. Default HTTP
279 279 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
280 280 ## handling that. Set this variable to 403 to return HTTPForbidden
281 281 auth_ret_code =
282 282
283 283 ## locking return code. When repository is locked return this HTTP code. 2XX
284 284 ## codes don't break the transactions while 4XX codes do
285 285 lock_ret_code = 423
286 286
287 287 ## allows to change the repository location in settings page
288 288 allow_repo_location_change = True
289 289
290 290 ## allows to setup custom hooks in settings page
291 291 allow_custom_hooks_settings = True
292 292
293 293 ## extra extensions for indexing, space separated and without the leading '.'.
294 294 # index.extensions =
295 295 # gemfile
296 296 # lock
297 297
298 298 ## extra filenames for indexing, space separated
299 299 # index.filenames =
300 300 # .dockerignore
301 301 # .editorconfig
302 302 # INSTALL
303 303 # CHANGELOG
304 304
305 305 ####################################
306 306 ### CELERY CONFIG ####
307 307 ####################################
308 308
309 309 use_celery = false
310 310 broker.host = localhost
311 311 broker.vhost = rabbitmqhost
312 312 broker.port = 5672
313 313 broker.user = rabbitmq
314 314 broker.password = qweqwe
315 315
316 316 celery.imports = kallithea.lib.celerylib.tasks
317 317
318 318 celery.result.backend = amqp
319 319 celery.result.dburi = amqp://
320 320 celery.result.serialier = json
321 321
322 322 #celery.send.task.error.emails = true
323 323 #celery.amqp.task.result.expires = 18000
324 324
325 325 celeryd.concurrency = 2
326 326 #celeryd.log.file = celeryd.log
327 327 celeryd.log.level = DEBUG
328 328 celeryd.max.tasks.per.child = 1
329 329
330 330 ## tasks will never be sent to the queue, but executed locally instead.
331 331 celery.always.eager = false
332 332
333 333 ####################################
334 334 ### BEAKER CACHE ####
335 335 ####################################
336 336
337 337 beaker.cache.data_dir = %(here)s/data/cache/data
338 338 beaker.cache.lock_dir = %(here)s/data/cache/lock
339 339
340 340 beaker.cache.regions = short_term,long_term,sql_cache_short
341 341
342 342 beaker.cache.short_term.type = memory
343 343 beaker.cache.short_term.expire = 60
344 344 beaker.cache.short_term.key_length = 256
345 345
346 346 beaker.cache.long_term.type = memory
347 347 beaker.cache.long_term.expire = 36000
348 348 beaker.cache.long_term.key_length = 256
349 349
350 350 beaker.cache.sql_cache_short.type = memory
351 351 beaker.cache.sql_cache_short.expire = 10
352 352 beaker.cache.sql_cache_short.key_length = 256
353 353
354 354 ####################################
355 355 ### BEAKER SESSION ####
356 356 ####################################
357 357
358 358 ## Name of session cookie. Should be unique for a given host and path, even when running
359 359 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
360 360 beaker.session.key = kallithea
361 361 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
362 362 beaker.session.httponly = true
363 363 ## Session lifetime. 2592000 seconds is 30 days.
364 364 beaker.session.timeout = 2592000
365 365
366 366 ## Server secret used with HMAC to ensure integrity of cookies.
367 367 beaker.session.secret = ${app_instance_uuid}
368 368 ## Further, encrypt the data with AES.
369 369 #beaker.session.encrypt_key = <key_for_encryption>
370 370 #beaker.session.validate_key = <validation_key>
371 371
372 372 ## Type of storage used for the session, current types are
373 373 ## dbm, file, memcached, database, and memory.
374 374
375 375 ## File system storage of session data. (default)
376 376 #beaker.session.type = file
377 377
378 378 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
379 379 #beaker.session.type = cookie
380 380
381 381 ## Database storage of session data.
382 382 #beaker.session.type = ext:database
383 383 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
384 384 #beaker.session.table_name = db_session
385 385
386 386 ############################
387 387 ## ERROR HANDLING SYSTEMS ##
388 388 ############################
389 389
390 390 ####################
391 391 ### [errormator] ###
392 392 ####################
393 393
394 394 ## Errormator is tailored to work with Kallithea, see
395 395 ## http://errormator.com for details how to obtain an account
396 396 ## you must install python package `errormator_client` to make it work
397 397
398 398 ## errormator enabled
399 399 errormator = false
400 400
401 401 errormator.server_url = https://api.errormator.com
402 402 errormator.api_key = YOUR_API_KEY
403 403
404 404 ## TWEAK AMOUNT OF INFO SENT HERE
405 405
406 406 ## enables 404 error logging (default False)
407 407 errormator.report_404 = false
408 408
409 409 ## time in seconds after request is considered being slow (default 1)
410 410 errormator.slow_request_time = 1
411 411
412 412 ## record slow requests in application
413 413 ## (needs to be enabled for slow datastore recording and time tracking)
414 414 errormator.slow_requests = true
415 415
416 416 ## enable hooking to application loggers
417 417 #errormator.logging = true
418 418
419 419 ## minimum log level for log capture
420 420 #errormator.logging.level = WARNING
421 421
422 422 ## send logs only from erroneous/slow requests
423 423 ## (saves API quota for intensive logging)
424 424 errormator.logging_on_error = false
425 425
426 426 ## list of additional keywords that should be grabbed from environ object
427 427 ## can be string with comma separated list of words in lowercase
428 428 ## (by default client will always send following info:
429 429 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
430 430 ## start with HTTP* this list be extended with additional keywords here
431 431 errormator.environ_keys_whitelist =
432 432
433 433 ## list of keywords that should be blanked from request object
434 434 ## can be string with comma separated list of words in lowercase
435 435 ## (by default client will always blank keys that contain following words
436 436 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
437 437 ## this list be extended with additional keywords set here
438 438 errormator.request_keys_blacklist =
439 439
440 440 ## list of namespaces that should be ignores when gathering log entries
441 441 ## can be string with comma separated list of namespaces
442 442 ## (by default the client ignores own entries: errormator_client.client)
443 443 errormator.log_namespace_blacklist =
444 444
445 445 ################
446 446 ### [sentry] ###
447 447 ################
448 448
449 449 ## sentry is a alternative open source error aggregator
450 450 ## you must install python packages `sentry` and `raven` to enable
451 451
452 452 sentry.dsn = YOUR_DNS
453 453 sentry.servers =
454 454 sentry.name =
455 455 sentry.key =
456 456 sentry.public_key =
457 457 sentry.secret_key =
458 458 sentry.project =
459 459 sentry.site =
460 460 sentry.include_paths =
461 461 sentry.exclude_paths =
462 462
463 463 ################################################################################
464 464 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
465 465 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
466 466 ## execute malicious code after an exception is raised. ##
467 467 ################################################################################
468 468 set debug = false
469 469
470 470 ##################################
471 471 ### LOGVIEW CONFIG ###
472 472 ##################################
473 473
474 474 logview.sqlalchemy = #faa
475 475 logview.pylons.templating = #bfb
476 476 logview.pylons.util = #eee
477 477
478 478 #########################################################
479 479 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
480 480 #########################################################
481 481
482 482 # SQLITE [default]
483 483 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
484 484
485 485 # POSTGRESQL
486 486 #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
487 487
488 488 # MySQL
489 489 #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea?charset=utf8
490 490
491 491 # see sqlalchemy docs for others
492 492
493 493 sqlalchemy.db1.echo = false
494 494 sqlalchemy.db1.pool_recycle = 3600
495 495
496 496 ################################
497 497 ### ALEMBIC CONFIGURATION ####
498 498 ################################
499 499
500 500 [alembic]
501 501 script_location = kallithea:alembic
502 502
503 503 ################################
504 504 ### LOGGING CONFIGURATION ####
505 505 ################################
506 506
507 507 [loggers]
508 508 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
509 509
510 510 [handlers]
511 511 keys = console, console_sql
512 512
513 513 [formatters]
514 514 keys = generic, color_formatter, color_formatter_sql
515 515
516 516 #############
517 517 ## LOGGERS ##
518 518 #############
519 519
520 520 [logger_root]
521 521 level = NOTSET
522 522 handlers = console
523 523
524 524 [logger_routes]
525 525 level = DEBUG
526 526 handlers =
527 527 qualname = routes.middleware
528 528 ## "level = DEBUG" logs the route matched and routing variables.
529 529 propagate = 1
530 530
531 531 [logger_beaker]
532 532 level = DEBUG
533 533 handlers =
534 534 qualname = beaker.container
535 535 propagate = 1
536 536
537 537 [logger_templates]
538 538 level = INFO
539 539 handlers =
540 540 qualname = pylons.templating
541 541 propagate = 1
542 542
543 543 [logger_kallithea]
544 544 level = DEBUG
545 545 handlers =
546 546 qualname = kallithea
547 547 propagate = 1
548 548
549 549 [logger_sqlalchemy]
550 550 level = INFO
551 551 handlers = console_sql
552 552 qualname = sqlalchemy.engine
553 553 propagate = 0
554 554
555 555 [logger_whoosh_indexer]
556 556 level = DEBUG
557 557 handlers =
558 558 qualname = whoosh_indexer
559 559 propagate = 1
560 560
561 561 ##############
562 562 ## HANDLERS ##
563 563 ##############
564 564
565 565 [handler_console]
566 566 class = StreamHandler
567 567 args = (sys.stderr,)
568 568 level = INFO
569 569 formatter = generic
570 570
571 571 [handler_console_sql]
572 572 class = StreamHandler
573 573 args = (sys.stderr,)
574 574 level = WARN
575 575 formatter = generic
576 576
577 577 ################
578 578 ## FORMATTERS ##
579 579 ################
580 580
581 581 [formatter_generic]
582 582 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
583 583 datefmt = %Y-%m-%d %H:%M:%S
584 584
585 585 [formatter_color_formatter]
586 586 class = kallithea.lib.colored_formatter.ColorFormatter
587 587 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
588 588 datefmt = %Y-%m-%d %H:%M:%S
589 589
590 590 [formatter_color_formatter_sql]
591 591 class = kallithea.lib.colored_formatter.ColorFormatterSql
592 592 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
593 593 datefmt = %Y-%m-%d %H:%M:%S
Show file before | Show file after | Hide comments
@@ -1,609 +1,609 b''
1 1 ################################################################################
2 2 ################################################################################
3 3 # Kallithea - config for tests: #
4 4 # initial_repo_scan = true #
5 5 # sqlalchemy and kallithea_test.sqlite #
6 6 # custom logging #
7 7 # #
8 8 # The %(here)s variable will be replaced with the parent directory of this file#
9 9 ################################################################################
10 10 ################################################################################
11 11
12 12 [DEFAULT]
13 13 debug = true
14 14 pdebug = false
15 15
16 16 ################################################################################
17 17 ## Email settings ##
18 18 ## ##
19 19 ## Refer to the documentation ("Email settings") for more details. ##
20 20 ## ##
21 21 ## It is recommended to use a valid sender address that passes access ##
22 22 ## validation and spam filtering in mail servers. ##
23 23 ################################################################################
24 24
25 25 ## 'From' header for application emails. You can optionally add a name.
26 26 ## Default:
27 27 #app_email_from = Kallithea
28 28 ## Examples:
29 29 #app_email_from = Kallithea <kallithea-noreply@example.com>
30 30 #app_email_from = kallithea-noreply@example.com
31 31
32 32 ## Subject prefix for application emails.
33 33 ## A space between this prefix and the real subject is automatically added.
34 34 ## Default:
35 35 #email_prefix =
36 36 ## Example:
37 37 #email_prefix = [Kallithea]
38 38
39 39 ## Recipients for error emails and fallback recipients of application mails.
40 40 ## Multiple addresses can be specified, space-separated.
41 41 ## Only addresses are allowed, do not add any name part.
42 42 ## Default:
43 43 #email_to =
44 44 ## Examples:
45 45 #email_to = admin@example.com
46 46 #email_to = admin@example.com another_admin@example.com
47 47
48 48 ## 'From' header for error emails. You can optionally add a name.
49 49 ## Default:
50 50 #error_email_from = pylons@yourapp.com
51 51 ## Examples:
52 52 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
53 53 #error_email_from = paste_error@example.com
54 54
55 55 ## SMTP server settings
56 56 ## If specifying credentials, make sure to use secure connections.
57 57 ## Default: Send unencrypted unauthenticated mails to the specified smtp_server.
58 58 ## For "SSL", use smtp_use_ssl = true and smtp_port = 465.
59 59 ## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
60 60 #smtp_server = smtp.example.com
61 61 #smtp_username =
62 62 #smtp_password =
63 63 #smtp_port = 25
64 64 #smtp_use_ssl = false
65 65 #smtp_use_tls = false
66 66
67 67 [server:main]
68 68 ## PASTE ##
69 69 #use = egg:Paste#http
70 70 ## nr of worker threads to spawn
71 #threadpool_workers = 5
71 #threadpool_workers = 1
72 72 ## max request before thread respawn
73 #threadpool_max_requests = 10
73 #threadpool_max_requests = 100
74 74 ## option to use threads of process
75 75 #use_threadpool = true
76 76
77 77 ## WAITRESS ##
78 78 use = egg:waitress#main
79 79 ## number of worker threads
80 threads = 5
80 threads = 1
81 81 ## MAX BODY SIZE 100GB
82 82 max_request_body_size = 107374182400
83 83 ## use poll instead of select, fixes fd limits, may not work on old
84 84 ## windows systems.
85 85 #asyncore_use_poll = True
86 86
87 87 ## GUNICORN ##
88 88 #use = egg:gunicorn#main
89 89 ## number of process workers. You must set `instance_id = *` when this option
90 90 ## is set to more than one worker
91 91 #workers = 1
92 92 ## process name
93 93 #proc_name = kallithea
94 94 ## type of worker class, one of sync, eventlet, gevent, tornado
95 95 ## recommended for bigger setup is using of of other than sync one
96 96 #worker_class = sync
97 97 #max_requests = 1000
98 98 ## amount of time a worker can handle request before it gets killed and
99 99 ## restarted
100 100 #timeout = 3600
101 101
102 102 ## UWSGI ##
103 103 ## run with uwsgi --ini-paste-logged <inifile.ini>
104 104 #[uwsgi]
105 105 #socket = /tmp/uwsgi.sock
106 106 #master = true
107 107 #http = 127.0.0.1:5000
108 108
109 109 ## set as deamon and redirect all output to file
110 110 #daemonize = ./uwsgi_kallithea.log
111 111
112 112 ## master process PID
113 113 #pidfile = ./uwsgi_kallithea.pid
114 114
115 115 ## stats server with workers statistics, use uwsgitop
116 116 ## for monitoring, `uwsgitop 127.0.0.1:1717`
117 117 #stats = 127.0.0.1:1717
118 118 #memory-report = true
119 119
120 120 ## log 5XX errors
121 121 #log-5xx = true
122 122
123 123 ## Set the socket listen queue size.
124 124 #listen = 256
125 125
126 126 ## Gracefully Reload workers after the specified amount of managed requests
127 127 ## (avoid memory leaks).
128 128 #max-requests = 1000
129 129
130 130 ## enable large buffers
131 131 #buffer-size = 65535
132 132
133 133 ## socket and http timeouts ##
134 134 #http-timeout = 3600
135 135 #socket-timeout = 3600
136 136
137 137 ## Log requests slower than the specified number of milliseconds.
138 138 #log-slow = 10
139 139
140 140 ## Exit if no app can be loaded.
141 141 #need-app = true
142 142
143 143 ## Set lazy mode (load apps in workers instead of master).
144 144 #lazy = true
145 145
146 146 ## scaling ##
147 147 ## set cheaper algorithm to use, if not set default will be used
148 148 #cheaper-algo = spare
149 149
150 150 ## minimum number of workers to keep at all times
151 151 #cheaper = 1
152 152
153 153 ## number of workers to spawn at startup
154 154 #cheaper-initial = 1
155 155
156 156 ## maximum number of workers that can be spawned
157 157 #workers = 4
158 158
159 159 ## how many workers should be spawned at a time
160 160 #cheaper-step = 1
161 161
162 162 ## COMMON ##
163 163 host = 127.0.0.1
164 164 #port = 5000
165 165 port = 4999
166 166
167 167 ## middleware for hosting the WSGI application under a URL prefix
168 168 #[filter:proxy-prefix]
169 169 #use = egg:PasteDeploy#prefix
170 170 #prefix = /<your-prefix>
171 171
172 172 [app:main]
173 173 use = egg:kallithea
174 174 ## enable proxy prefix middleware
175 175 #filter-with = proxy-prefix
176 176
177 177 full_stack = true
178 178 static_files = true
179 179 ## Available Languages:
180 180 ## cs de fr hu ja nl_BE pl pt_BR ru sk zh_CN zh_TW
181 181 lang =
182 182 #cache_dir = %(here)s/data
183 183 cache_dir = %(here)s/../../data/test/cache
184 184 #index_dir = %(here)s/data/index
185 185 index_dir = %(here)s/../../data/test/index
186 186
187 187 ## perform a full repository scan on each server start, this should be
188 188 ## set to false after first startup, to allow faster server restarts.
189 189 #initial_repo_scan = false
190 190 initial_repo_scan = true
191 191
192 192 ## uncomment and set this path to use archive download cache
193 193 #archive_cache_dir = %(here)s/tarballcache
194 194 archive_cache_dir = %(here)s/../../data/test/tarballcache
195 195
196 196 ## change this to unique ID for security
197 197 app_instance_uuid = test
198 198
199 199 ## cut off limit for large diffs (size in bytes)
200 200 cut_off_limit = 256000
201 201
202 202 ## force https in Kallithea, fixes https redirects, assumes it's always https
203 203 force_https = false
204 204
205 205 ## use Strict-Transport-Security headers
206 206 use_htsts = false
207 207
208 208 ## number of commits stats will parse on each iteration
209 209 commit_parse_limit = 25
210 210
211 211 ## path to git executable
212 212 git_path = git
213 213
214 214 ## git rev filter option, --all is the default filter, if you need to
215 215 ## hide all refs in changelog switch this to --branches --tags
216 216 #git_rev_filter = --branches --tags
217 217
218 218 ## RSS feed options
219 219 rss_cut_off_limit = 256000
220 220 rss_items_per_page = 10
221 221 rss_include_diff = false
222 222
223 223 ## options for showing and identifying changesets
224 224 show_sha_length = 12
225 225 #show_revision_number = false
226 226 show_revision_number = true
227 227
228 228 ## Canonical URL to use when creating full URLs in UI and texts.
229 229 ## Useful when the site is available under different names or protocols.
230 230 ## Defaults to what is provided in the WSGI environment.
231 231 #canonical_url = https://kallithea.example.com/repos
232 232
233 233 ## gist URL alias, used to create nicer urls for gist. This should be an
234 234 ## url that does rewrites to _admin/gists/<gistid>.
235 235 ## example: http://gist.example.com/{gistid}. Empty means use the internal
236 236 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
237 237 gist_alias_url =
238 238
239 239 ## white list of API enabled controllers. This allows to add list of
240 240 ## controllers to which access will be enabled by api_key. eg: to enable
241 241 ## api access to raw_files put `FilesController:raw`, to enable access to patches
242 242 ## add `ChangesetController:changeset_patch`. This list should be "," separated
243 243 ## Syntax is <ControllerClass>:<function>. Check debug logs for generated names
244 244 ## Recommended settings below are commented out:
245 245 api_access_controllers_whitelist =
246 246 # ChangesetController:changeset_patch,
247 247 # ChangesetController:changeset_raw,
248 248 # FilesController:raw,
249 249 # FilesController:archivefile
250 250
251 251 ## default encoding used to convert from and to unicode
252 252 ## can be also a comma separated list of encoding in case of mixed encodings
253 253 default_encoding = utf8
254 254
255 255 ## issue tracker for Kallithea (leave blank to disable, absent for default)
256 256 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
257 257
258 258 ## issue tracking mapping for commits messages
259 259 ## comment out issue_pat, issue_server, issue_prefix to enable
260 260
261 261 ## pattern to get the issues from commit messages
262 262 ## default one used here is #<numbers> with a regex passive group for `#`
263 263 ## {id} will be all groups matched from this pattern
264 264
265 265 issue_pat = (?:\s*#)(\d+)
266 266
267 267 ## server url to the issue, each {id} will be replaced with match
268 268 ## fetched from the regex and {repo} is replaced with full repository name
269 269 ## including groups {repo_name} is replaced with just name of repo
270 270
271 271 issue_server_link = https://issues.example.com/{repo}/issue/{id}
272 272
273 273 ## prefix to add to link to indicate it's an url
274 274 ## #314 will be replaced by <issue_prefix><id>
275 275
276 276 issue_prefix = #
277 277
278 278 ## issue_pat, issue_server_link, issue_prefix can have suffixes to specify
279 279 ## multiple patterns, to other issues server, wiki or others
280 280 ## below an example how to create a wiki pattern
281 281 # wiki-some-id -> https://wiki.example.com/some-id
282 282
283 283 #issue_pat_wiki = (?:wiki-)(.+)
284 284 #issue_server_link_wiki = https://wiki.example.com/{id}
285 285 #issue_prefix_wiki = WIKI-
286 286
287 287 ## alternative return HTTP header for failed authentication. Default HTTP
288 288 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
289 289 ## handling that. Set this variable to 403 to return HTTPForbidden
290 290 auth_ret_code =
291 291
292 292 ## locking return code. When repository is locked return this HTTP code. 2XX
293 293 ## codes don't break the transactions while 4XX codes do
294 294 lock_ret_code = 423
295 295
296 296 ## allows to change the repository location in settings page
297 297 allow_repo_location_change = True
298 298
299 299 ## allows to setup custom hooks in settings page
300 300 allow_custom_hooks_settings = True
301 301
302 302 ## extra extensions for indexing, space separated and without the leading '.'.
303 303 # index.extensions =
304 304 # gemfile
305 305 # lock
306 306
307 307 ## extra filenames for indexing, space separated
308 308 # index.filenames =
309 309 # .dockerignore
310 310 # .editorconfig
311 311 # INSTALL
312 312 # CHANGELOG
313 313
314 314 ####################################
315 315 ### CELERY CONFIG ####
316 316 ####################################
317 317
318 318 use_celery = false
319 319 broker.host = localhost
320 320 broker.vhost = rabbitmqhost
321 321 broker.port = 5672
322 322 broker.user = rabbitmq
323 323 broker.password = qweqwe
324 324
325 325 celery.imports = kallithea.lib.celerylib.tasks
326 326
327 327 celery.result.backend = amqp
328 328 celery.result.dburi = amqp://
329 329 celery.result.serialier = json
330 330
331 331 #celery.send.task.error.emails = true
332 332 #celery.amqp.task.result.expires = 18000
333 333
334 334 celeryd.concurrency = 2
335 335 #celeryd.log.file = celeryd.log
336 336 celeryd.log.level = DEBUG
337 337 celeryd.max.tasks.per.child = 1
338 338
339 339 ## tasks will never be sent to the queue, but executed locally instead.
340 340 celery.always.eager = false
341 341
342 342 ####################################
343 343 ### BEAKER CACHE ####
344 344 ####################################
345 345
346 346 #beaker.cache.data_dir = %(here)s/data/cache/data
347 347 beaker.cache.data_dir = %(here)s/../../data/test/cache/data
348 348 #beaker.cache.lock_dir = %(here)s/data/cache/lock
349 349 beaker.cache.lock_dir = %(here)s/../../data/test/cache/lock
350 350
351 351 beaker.cache.regions = short_term,long_term,sql_cache_short
352 352
353 353 beaker.cache.short_term.type = memory
354 354 beaker.cache.short_term.expire = 60
355 355 beaker.cache.short_term.key_length = 256
356 356
357 357 beaker.cache.long_term.type = memory
358 358 beaker.cache.long_term.expire = 36000
359 359 beaker.cache.long_term.key_length = 256
360 360
361 361 beaker.cache.sql_cache_short.type = memory
362 362 #beaker.cache.sql_cache_short.expire = 10
363 363 beaker.cache.sql_cache_short.expire = 1
364 364 beaker.cache.sql_cache_short.key_length = 256
365 365
366 366 ####################################
367 367 ### BEAKER SESSION ####
368 368 ####################################
369 369
370 370 ## Name of session cookie. Should be unique for a given host and path, even when running
371 371 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
372 372 beaker.session.key = kallithea
373 373 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
374 374 beaker.session.httponly = true
375 375 ## Session lifetime. 2592000 seconds is 30 days.
376 376 beaker.session.timeout = 2592000
377 377
378 378 ## Server secret used with HMAC to ensure integrity of cookies.
379 379 beaker.session.secret = {74e0cd75-b339-478b-b129-07dd221def1f}
380 380 ## Further, encrypt the data with AES.
381 381 #beaker.session.encrypt_key = <key_for_encryption>
382 382 #beaker.session.validate_key = <validation_key>
383 383
384 384 ## Type of storage used for the session, current types are
385 385 ## dbm, file, memcached, database, and memory.
386 386
387 387 ## File system storage of session data. (default)
388 388 #beaker.session.type = file
389 389
390 390 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
391 391 #beaker.session.type = cookie
392 392
393 393 ## Database storage of session data.
394 394 #beaker.session.type = ext:database
395 395 #beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea
396 396 #beaker.session.table_name = db_session
397 397
398 398 ############################
399 399 ## ERROR HANDLING SYSTEMS ##
400 400 ############################
401 401
402 402 ####################
403 403 ### [errormator] ###
404 404 ####################
405 405
406 406 ## Errormator is tailored to work with Kallithea, see
407 407 ## http://errormator.com for details how to obtain an account
408 408 ## you must install python package `errormator_client` to make it work
409 409
410 410 ## errormator enabled
411 411 errormator = false
412 412
413 413 errormator.server_url = https://api.errormator.com
414 414 errormator.api_key = YOUR_API_KEY
415 415
416 416 ## TWEAK AMOUNT OF INFO SENT HERE
417 417
418 418 ## enables 404 error logging (default False)
419 419 errormator.report_404 = false
420 420
421 421 ## time in seconds after request is considered being slow (default 1)
422 422 errormator.slow_request_time = 1
423 423
424 424 ## record slow requests in application
425 425 ## (needs to be enabled for slow datastore recording and time tracking)
426 426 errormator.slow_requests = true
427 427
428 428 ## enable hooking to application loggers
429 429 #errormator.logging = true
430 430
431 431 ## minimum log level for log capture
432 432 #errormator.logging.level = WARNING
433 433
434 434 ## send logs only from erroneous/slow requests
435 435 ## (saves API quota for intensive logging)
436 436 errormator.logging_on_error = false
437 437
438 438 ## list of additional keywords that should be grabbed from environ object
439 439 ## can be string with comma separated list of words in lowercase
440 440 ## (by default client will always send following info:
441 441 ## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
442 442 ## start with HTTP* this list be extended with additional keywords here
443 443 errormator.environ_keys_whitelist =
444 444
445 445 ## list of keywords that should be blanked from request object
446 446 ## can be string with comma separated list of words in lowercase
447 447 ## (by default client will always blank keys that contain following words
448 448 ## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
449 449 ## this list be extended with additional keywords set here
450 450 errormator.request_keys_blacklist =
451 451
452 452 ## list of namespaces that should be ignores when gathering log entries
453 453 ## can be string with comma separated list of namespaces
454 454 ## (by default the client ignores own entries: errormator_client.client)
455 455 errormator.log_namespace_blacklist =
456 456
457 457 ################
458 458 ### [sentry] ###
459 459 ################
460 460
461 461 ## sentry is a alternative open source error aggregator
462 462 ## you must install python packages `sentry` and `raven` to enable
463 463
464 464 sentry.dsn = YOUR_DNS
465 465 sentry.servers =
466 466 sentry.name =
467 467 sentry.key =
468 468 sentry.public_key =
469 469 sentry.secret_key =
470 470 sentry.project =
471 471 sentry.site =
472 472 sentry.include_paths =
473 473 sentry.exclude_paths =
474 474
475 475 ################################################################################
476 476 ## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
477 477 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
478 478 ## execute malicious code after an exception is raised. ##
479 479 ################################################################################
480 480 set debug = false
481 481
482 482 ##################################
483 483 ### LOGVIEW CONFIG ###
484 484 ##################################
485 485
486 486 logview.sqlalchemy = #faa
487 487 logview.pylons.templating = #bfb
488 488 logview.pylons.util = #eee
489 489
490 490 #########################################################
491 491 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG ###
492 492 #########################################################
493 493
494 494 # SQLITE [default]
495 495 #sqlalchemy.db1.url = sqlite:///%(here)s/kallithea.db?timeout=60
496 496 sqlalchemy.db1.url = sqlite:///%(here)s/kallithea_test.sqlite
497 497
498 498 # POSTGRESQL
499 499 #sqlalchemy.db1.url = postgresql://user:pass@localhost/kallithea
500 500
501 501 # MySQL
502 502 #sqlalchemy.db1.url = mysql://user:pass@localhost/kallithea?charset=utf8
503 503
504 504 # see sqlalchemy docs for others
505 505
506 506 sqlalchemy.db1.echo = false
507 507 sqlalchemy.db1.pool_recycle = 3600
508 508
509 509 ################################
510 510 ### ALEMBIC CONFIGURATION ####
511 511 ################################
512 512
513 513 [alembic]
514 514 script_location = kallithea:alembic
515 515
516 516 ################################
517 517 ### LOGGING CONFIGURATION ####
518 518 ################################
519 519
520 520 [loggers]
521 521 keys = root, routes, kallithea, sqlalchemy, beaker, templates, whoosh_indexer
522 522
523 523 [handlers]
524 524 keys = console, console_sql
525 525
526 526 [formatters]
527 527 keys = generic, color_formatter, color_formatter_sql
528 528
529 529 #############
530 530 ## LOGGERS ##
531 531 #############
532 532
533 533 [logger_root]
534 534 level = NOTSET
535 535 handlers = console
536 536
537 537 [logger_routes]
538 538 level = DEBUG
539 539 handlers =
540 540 qualname = routes.middleware
541 541 ## "level = DEBUG" logs the route matched and routing variables.
542 542 propagate = 1
543 543
544 544 [logger_beaker]
545 545 level = DEBUG
546 546 handlers =
547 547 qualname = beaker.container
548 548 propagate = 1
549 549
550 550 [logger_templates]
551 551 level = INFO
552 552 handlers =
553 553 qualname = pylons.templating
554 554 propagate = 1
555 555
556 556 [logger_kallithea]
557 557 level = DEBUG
558 558 handlers =
559 559 qualname = kallithea
560 560 propagate = 1
561 561
562 562 [logger_sqlalchemy]
563 563 level = INFO
564 564 handlers = console_sql
565 565 qualname = sqlalchemy.engine
566 566 propagate = 0
567 567
568 568 [logger_whoosh_indexer]
569 569 level = DEBUG
570 570 handlers =
571 571 qualname = whoosh_indexer
572 572 propagate = 1
573 573
574 574 ##############
575 575 ## HANDLERS ##
576 576 ##############
577 577
578 578 [handler_console]
579 579 class = StreamHandler
580 580 args = (sys.stderr,)
581 581 #level = INFO
582 582 level = DEBUG
583 583 #formatter = generic
584 584 formatter = color_formatter
585 585
586 586 [handler_console_sql]
587 587 class = StreamHandler
588 588 args = (sys.stderr,)
589 589 level = WARN
590 590 #formatter = generic
591 591 formatter = color_formatter_sql
592 592
593 593 ################
594 594 ## FORMATTERS ##
595 595 ################
596 596
597 597 [formatter_generic]
598 598 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
599 599 datefmt = %Y-%m-%d %H:%M:%S
600 600
601 601 [formatter_color_formatter]
602 602 class = kallithea.lib.colored_formatter.ColorFormatter
603 603 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
604 604 datefmt = %Y-%m-%d %H:%M:%S
605 605
606 606 [formatter_color_formatter_sql]
607 607 class = kallithea.lib.colored_formatter.ColorFormatterSql
608 608 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
609 609 datefmt = %Y-%m-%d %H:%M:%S
General Comments 0
You need to be logged in to leave comments. Login now