Show More
@@ -0,0 +1,87 b'' | |||
|
1 | import os | |
|
2 | from paste.script.appinstall import AbstractInstallCommand | |
|
3 | from paste.script.command import BadCommand | |
|
4 | from paste.deploy import appconfig | |
|
5 | ||
|
6 | ||
|
7 | class SetupCommand(AbstractInstallCommand): | |
|
8 | ||
|
9 | default_verbosity = 1 | |
|
10 | max_args = 1 | |
|
11 | min_args = 1 | |
|
12 | summary = "Setup an application, given a config file" | |
|
13 | usage = "CONFIG_FILE" | |
|
14 | ||
|
15 | description = """\ | |
|
16 | Note: this is an experimental command, and it will probably change | |
|
17 | in several ways by the next release. | |
|
18 | ||
|
19 | Setup an application according to its configuration file. This is | |
|
20 | the second part of a two-phase web application installation | |
|
21 | process (the first phase is prepare-app). The setup process may | |
|
22 | consist of things like creating directories and setting up | |
|
23 | databases. | |
|
24 | """ | |
|
25 | ||
|
26 | parser = AbstractInstallCommand.standard_parser( | |
|
27 | simulate=True, quiet=True, interactive=True) | |
|
28 | parser.add_option('--user', | |
|
29 | action='store', | |
|
30 | dest='username', | |
|
31 | default=None, | |
|
32 | help='Admin Username') | |
|
33 | parser.add_option('--email', | |
|
34 | action='store', | |
|
35 | dest='email', | |
|
36 | default=None, | |
|
37 | help='Admin Email') | |
|
38 | parser.add_option('--password', | |
|
39 | action='store', | |
|
40 | dest='password', | |
|
41 | default=None, | |
|
42 | help='Admin password min 6 chars') | |
|
43 | parser.add_option('--repos', | |
|
44 | action='store', | |
|
45 | dest='repos_location', | |
|
46 | default=None, | |
|
47 | help='Absolute path to repositories location') | |
|
48 | parser.add_option('--name', | |
|
49 | action='store', | |
|
50 | dest='section_name', | |
|
51 | default=None, | |
|
52 | help='The name of the section to set up (default: app:main)') | |
|
53 | ||
|
54 | def command(self): | |
|
55 | config_spec = self.args[0] | |
|
56 | section = self.options.section_name | |
|
57 | if section is None: | |
|
58 | if '#' in config_spec: | |
|
59 | config_spec, section = config_spec.split('#', 1) | |
|
60 | else: | |
|
61 | section = 'main' | |
|
62 | if not ':' in section: | |
|
63 | plain_section = section | |
|
64 | section = 'app:'+section | |
|
65 | else: | |
|
66 | plain_section = section.split(':', 1)[0] | |
|
67 | if not config_spec.startswith('config:'): | |
|
68 | config_spec = 'config:' + config_spec | |
|
69 | if plain_section != 'main': | |
|
70 | config_spec += '#' + plain_section | |
|
71 | config_file = config_spec[len('config:'):].split('#', 1)[0] | |
|
72 | config_file = os.path.join(os.getcwd(), config_file) | |
|
73 | self.logging_file_config(config_file) | |
|
74 | conf = appconfig(config_spec, relative_to=os.getcwd()) | |
|
75 | ep_name = conf.context.entry_point_name | |
|
76 | ep_group = conf.context.protocol | |
|
77 | dist = conf.context.distribution | |
|
78 | if dist is None: | |
|
79 | raise BadCommand( | |
|
80 | "The section %r is not the application (probably a filter). " | |
|
81 | "You should add #section_name, where section_name is the " | |
|
82 | "section that configures your application" % plain_section) | |
|
83 | installer = self.get_installer(dist, ep_group, ep_name) | |
|
84 | installer.setup_config( | |
|
85 | self, config_file, section, self.sysconfig_install_vars(installer)) | |
|
86 | self.call_sysconfig_functions( | |
|
87 | 'post_setup_hook', installer, config_file) No newline at end of file |
@@ -1,661 +1,664 b'' | |||
|
1 | 1 | .. _changelog: |
|
2 | 2 | |
|
3 | 3 | ========= |
|
4 | 4 | Changelog |
|
5 | 5 | ========= |
|
6 | 6 | |
|
7 | 7 | 1.4.0 (**2012-XX-XX**) |
|
8 | 8 | ---------------------- |
|
9 | 9 | |
|
10 | 10 | :status: in-progress |
|
11 | 11 | :branch: beta |
|
12 | 12 | |
|
13 | 13 | news |
|
14 | 14 | ++++ |
|
15 | 15 | |
|
16 | - new codereview system | |
|
17 | - changed setup-app into setup-rhodecode and added default options to it. | |
|
18 | ||
|
16 | 19 | fixes |
|
17 | 20 | +++++ |
|
18 | 21 | |
|
19 | 22 | 1.3.6 (**2012-05-16**) |
|
20 | 23 | ---------------------- |
|
21 | 24 | |
|
22 | 25 | news |
|
23 | 26 | ++++ |
|
24 | 27 | |
|
25 | 28 | - chinese traditional translation |
|
26 | 29 | |
|
27 | 30 | fixes |
|
28 | 31 | +++++ |
|
29 | 32 | |
|
30 | 33 | - fixed no scm found warning |
|
31 | 34 | - fixed __future__ import error on rcextensions |
|
32 | 35 | - made simplejson required lib for speedup on JSON encoding |
|
33 | 36 | - fixes #449 bad regex could get more than revisions from parsing history |
|
34 | 37 | |
|
35 | 38 | 1.3.5 (**2012-05-10**) |
|
36 | 39 | ---------------------- |
|
37 | 40 | |
|
38 | 41 | news |
|
39 | 42 | ++++ |
|
40 | 43 | |
|
41 | 44 | - use ext_json for json module |
|
42 | 45 | - unified annotation view with file source view |
|
43 | 46 | - notification improvements, better inbox + css |
|
44 | 47 | - #419 don't strip passwords for login forms, make rhodecode |
|
45 | 48 | more compatible with LDAP servers |
|
46 | 49 | - Added HTTP_X_FORWARDED_FOR as another method of extracting |
|
47 | 50 | IP for pull/push logs. - moved all to base controller |
|
48 | 51 | - #415: Adding comment to changeset causes reload. |
|
49 | 52 | Comments are now added via ajax and doesn't reload the page |
|
50 | 53 | - #374 LDAP config is discarded when LDAP can't be activated |
|
51 | 54 | - limited push/pull operations are now logged for git in the journal |
|
52 | 55 | - bumped mercurial to 2.2.X series |
|
53 | 56 | - added support for displaying submodules in file-browser |
|
54 | 57 | - #421 added bookmarks in changelog view |
|
55 | 58 | |
|
56 | 59 | fixes |
|
57 | 60 | +++++ |
|
58 | 61 | |
|
59 | 62 | - fixed dev-version marker for stable when served from source codes |
|
60 | 63 | - fixed missing permission checks on show forks page |
|
61 | 64 | - #418 cast to unicode fixes in notification objects |
|
62 | 65 | - #426 fixed mention extracting regex |
|
63 | 66 | - fixed remote-pulling for git remotes remopositories |
|
64 | 67 | - fixed #434: Error when accessing files or changesets of a git repository |
|
65 | 68 | with submodules |
|
66 | 69 | - fixed issue with empty APIKEYS for users after registration ref. #438 |
|
67 | 70 | - fixed issue with getting README files from git repositories |
|
68 | 71 | |
|
69 | 72 | 1.3.4 (**2012-03-28**) |
|
70 | 73 | ---------------------- |
|
71 | 74 | |
|
72 | 75 | news |
|
73 | 76 | ++++ |
|
74 | 77 | |
|
75 | 78 | - Whoosh logging is now controlled by the .ini files logging setup |
|
76 | 79 | - added clone-url into edit form on /settings page |
|
77 | 80 | - added help text into repo add/edit forms |
|
78 | 81 | - created rcextensions module with additional mappings (ref #322) and |
|
79 | 82 | post push/pull/create repo hooks callbacks |
|
80 | 83 | - implemented #377 Users view for his own permissions on account page |
|
81 | 84 | - #399 added inheritance of permissions for users group on repos groups |
|
82 | 85 | - #401 repository group is automatically pre-selected when adding repos |
|
83 | 86 | inside a repository group |
|
84 | 87 | - added alternative HTTP 403 response when client failed to authenticate. Helps |
|
85 | 88 | solving issues with Mercurial and LDAP |
|
86 | 89 | - #402 removed group prefix from repository name when listing repositories |
|
87 | 90 | inside a group |
|
88 | 91 | - added gravatars into permission view and permissions autocomplete |
|
89 | 92 | - #347 when running multiple RhodeCode instances, properly invalidates cache |
|
90 | 93 | for all registered servers |
|
91 | 94 | |
|
92 | 95 | fixes |
|
93 | 96 | +++++ |
|
94 | 97 | |
|
95 | 98 | - fixed #390 cache invalidation problems on repos inside group |
|
96 | 99 | - fixed #385 clone by ID url was loosing proxy prefix in URL |
|
97 | 100 | - fixed some unicode problems with waitress |
|
98 | 101 | - fixed issue with escaping < and > in changeset commits |
|
99 | 102 | - fixed error occurring during recursive group creation in API |
|
100 | 103 | create_repo function |
|
101 | 104 | - fixed #393 py2.5 fixes for routes url generator |
|
102 | 105 | - fixed #397 Private repository groups shows up before login |
|
103 | 106 | - fixed #396 fixed problems with revoking users in nested groups |
|
104 | 107 | - fixed mysql unicode issues + specified InnoDB as default engine with |
|
105 | 108 | utf8 charset |
|
106 | 109 | - #406 trim long branch/tag names in changelog to not break UI |
|
107 | 110 | |
|
108 | 111 | 1.3.3 (**2012-03-02**) |
|
109 | 112 | ---------------------- |
|
110 | 113 | |
|
111 | 114 | news |
|
112 | 115 | ++++ |
|
113 | 116 | |
|
114 | 117 | |
|
115 | 118 | fixes |
|
116 | 119 | +++++ |
|
117 | 120 | |
|
118 | 121 | - fixed some python2.5 compatibility issues |
|
119 | 122 | - fixed issues with removed repos was accidentally added as groups, after |
|
120 | 123 | full rescan of paths |
|
121 | 124 | - fixes #376 Cannot edit user (using container auth) |
|
122 | 125 | - fixes #378 Invalid image urls on changeset screen with proxy-prefix |
|
123 | 126 | configuration |
|
124 | 127 | - fixed initial sorting of repos inside repo group |
|
125 | 128 | - fixes issue when user tried to resubmit same permission into user/user_groups |
|
126 | 129 | - bumped beaker version that fixes #375 leap error bug |
|
127 | 130 | - fixed raw_changeset for git. It was generated with hg patch headers |
|
128 | 131 | - fixed vcs issue with last_changeset for filenodes |
|
129 | 132 | - fixed missing commit after hook delete |
|
130 | 133 | - fixed #372 issues with git operation detection that caused a security issue |
|
131 | 134 | for git repos |
|
132 | 135 | |
|
133 | 136 | 1.3.2 (**2012-02-28**) |
|
134 | 137 | ---------------------- |
|
135 | 138 | |
|
136 | 139 | news |
|
137 | 140 | ++++ |
|
138 | 141 | |
|
139 | 142 | |
|
140 | 143 | fixes |
|
141 | 144 | +++++ |
|
142 | 145 | |
|
143 | 146 | - fixed git protocol issues with repos-groups |
|
144 | 147 | - fixed git remote repos validator that prevented from cloning remote git repos |
|
145 | 148 | - fixes #370 ending slashes fixes for repo and groups |
|
146 | 149 | - fixes #368 improved git-protocol detection to handle other clients |
|
147 | 150 | - fixes #366 When Setting Repository Group To Blank Repo Group Wont Be |
|
148 | 151 | Moved To Root |
|
149 | 152 | - fixes #371 fixed issues with beaker/sqlalchemy and non-ascii cache keys |
|
150 | 153 | - fixed #373 missing cascade drop on user_group_to_perm table |
|
151 | 154 | |
|
152 | 155 | 1.3.1 (**2012-02-27**) |
|
153 | 156 | ---------------------- |
|
154 | 157 | |
|
155 | 158 | news |
|
156 | 159 | ++++ |
|
157 | 160 | |
|
158 | 161 | |
|
159 | 162 | fixes |
|
160 | 163 | +++++ |
|
161 | 164 | |
|
162 | 165 | - redirection loop occurs when remember-me wasn't checked during login |
|
163 | 166 | - fixes issues with git blob history generation |
|
164 | 167 | - don't fetch branch for git in file history dropdown. Causes unneeded slowness |
|
165 | 168 | |
|
166 | 169 | 1.3.0 (**2012-02-26**) |
|
167 | 170 | ---------------------- |
|
168 | 171 | |
|
169 | 172 | news |
|
170 | 173 | ++++ |
|
171 | 174 | |
|
172 | 175 | - code review, inspired by github code-comments |
|
173 | 176 | - #215 rst and markdown README files support |
|
174 | 177 | - #252 Container-based and proxy pass-through authentication support |
|
175 | 178 | - #44 branch browser. Filtering of changelog by branches |
|
176 | 179 | - mercurial bookmarks support |
|
177 | 180 | - new hover top menu, optimized to add maximum size for important views |
|
178 | 181 | - configurable clone url template with possibility to specify protocol like |
|
179 | 182 | ssh:// or http:// and also manually alter other parts of clone_url. |
|
180 | 183 | - enabled largefiles extension by default |
|
181 | 184 | - optimized summary file pages and saved a lot of unused space in them |
|
182 | 185 | - #239 option to manually mark repository as fork |
|
183 | 186 | - #320 mapping of commit authors to RhodeCode users |
|
184 | 187 | - #304 hashes are displayed using monospace font |
|
185 | 188 | - diff configuration, toggle white lines and context lines |
|
186 | 189 | - #307 configurable diffs, whitespace toggle, increasing context lines |
|
187 | 190 | - sorting on branches, tags and bookmarks using YUI datatable |
|
188 | 191 | - improved file filter on files page |
|
189 | 192 | - implements #330 api method for listing nodes ar particular revision |
|
190 | 193 | - #73 added linking issues in commit messages to chosen issue tracker url |
|
191 | 194 | based on user defined regular expression |
|
192 | 195 | - added linking of changesets in commit messages |
|
193 | 196 | - new compact changelog with expandable commit messages |
|
194 | 197 | - firstname and lastname are optional in user creation |
|
195 | 198 | - #348 added post-create repository hook |
|
196 | 199 | - #212 global encoding settings is now configurable from .ini files |
|
197 | 200 | - #227 added repository groups permissions |
|
198 | 201 | - markdown gets codehilite extensions |
|
199 | 202 | - new API methods, delete_repositories, grante/revoke permissions for groups |
|
200 | 203 | and repos |
|
201 | 204 | |
|
202 | 205 | |
|
203 | 206 | fixes |
|
204 | 207 | +++++ |
|
205 | 208 | |
|
206 | 209 | - rewrote dbsession management for atomic operations, and better error handling |
|
207 | 210 | - fixed sorting of repo tables |
|
208 | 211 | - #326 escape of special html entities in diffs |
|
209 | 212 | - normalized user_name => username in api attributes |
|
210 | 213 | - fixes #298 ldap created users with mixed case emails created conflicts |
|
211 | 214 | on saving a form |
|
212 | 215 | - fixes issue when owner of a repo couldn't revoke permissions for users |
|
213 | 216 | and groups |
|
214 | 217 | - fixes #271 rare JSON serialization problem with statistics |
|
215 | 218 | - fixes #337 missing validation check for conflicting names of a group with a |
|
216 | 219 | repositories group |
|
217 | 220 | - #340 fixed session problem for mysql and celery tasks |
|
218 | 221 | - fixed #331 RhodeCode mangles repository names if the a repository group |
|
219 | 222 | contains the "full path" to the repositories |
|
220 | 223 | - #355 RhodeCode doesn't store encrypted LDAP passwords |
|
221 | 224 | |
|
222 | 225 | 1.2.5 (**2012-01-28**) |
|
223 | 226 | ---------------------- |
|
224 | 227 | |
|
225 | 228 | news |
|
226 | 229 | ++++ |
|
227 | 230 | |
|
228 | 231 | fixes |
|
229 | 232 | +++++ |
|
230 | 233 | |
|
231 | 234 | - #340 Celery complains about MySQL server gone away, added session cleanup |
|
232 | 235 | for celery tasks |
|
233 | 236 | - #341 "scanning for repositories in None" log message during Rescan was missing |
|
234 | 237 | a parameter |
|
235 | 238 | - fixed creating archives with subrepos. Some hooks were triggered during that |
|
236 | 239 | operation leading to crash. |
|
237 | 240 | - fixed missing email in account page. |
|
238 | 241 | - Reverted Mercurial to 2.0.1 for windows due to bug in Mercurial that makes |
|
239 | 242 | forking on windows impossible |
|
240 | 243 | |
|
241 | 244 | 1.2.4 (**2012-01-19**) |
|
242 | 245 | ---------------------- |
|
243 | 246 | |
|
244 | 247 | news |
|
245 | 248 | ++++ |
|
246 | 249 | |
|
247 | 250 | - RhodeCode is bundled with mercurial series 2.0.X by default, with |
|
248 | 251 | full support to largefiles extension. Enabled by default in new installations |
|
249 | 252 | - #329 Ability to Add/Remove Groups to/from a Repository via AP |
|
250 | 253 | - added requires.txt file with requirements |
|
251 | 254 | |
|
252 | 255 | fixes |
|
253 | 256 | +++++ |
|
254 | 257 | |
|
255 | 258 | - fixes db session issues with celery when emailing admins |
|
256 | 259 | - #331 RhodeCode mangles repository names if the a repository group |
|
257 | 260 | contains the "full path" to the repositories |
|
258 | 261 | - #298 Conflicting e-mail addresses for LDAP and RhodeCode users |
|
259 | 262 | - DB session cleanup after hg protocol operations, fixes issues with |
|
260 | 263 | `mysql has gone away` errors |
|
261 | 264 | - #333 doc fixes for get_repo api function |
|
262 | 265 | - #271 rare JSON serialization problem with statistics enabled |
|
263 | 266 | - #337 Fixes issues with validation of repository name conflicting with |
|
264 | 267 | a group name. A proper message is now displayed. |
|
265 | 268 | - #292 made ldap_dn in user edit readonly, to get rid of confusion that field |
|
266 | 269 | doesn't work |
|
267 | 270 | - #316 fixes issues with web description in hgrc files |
|
268 | 271 | |
|
269 | 272 | 1.2.3 (**2011-11-02**) |
|
270 | 273 | ---------------------- |
|
271 | 274 | |
|
272 | 275 | news |
|
273 | 276 | ++++ |
|
274 | 277 | |
|
275 | 278 | - added option to manage repos group for non admin users |
|
276 | 279 | - added following API methods for get_users, create_user, get_users_groups, |
|
277 | 280 | get_users_group, create_users_group, add_user_to_users_groups, get_repos, |
|
278 | 281 | get_repo, create_repo, add_user_to_repo |
|
279 | 282 | - implements #237 added password confirmation for my account |
|
280 | 283 | and admin edit user. |
|
281 | 284 | - implements #291 email notification for global events are now sent to all |
|
282 | 285 | administrator users, and global config email. |
|
283 | 286 | |
|
284 | 287 | fixes |
|
285 | 288 | +++++ |
|
286 | 289 | |
|
287 | 290 | - added option for passing auth method for smtp mailer |
|
288 | 291 | - #276 issue with adding a single user with id>10 to usergroups |
|
289 | 292 | - #277 fixes windows LDAP settings in which missing values breaks the ldap auth |
|
290 | 293 | - #288 fixes managing of repos in a group for non admin user |
|
291 | 294 | |
|
292 | 295 | 1.2.2 (**2011-10-17**) |
|
293 | 296 | ---------------------- |
|
294 | 297 | |
|
295 | 298 | news |
|
296 | 299 | ++++ |
|
297 | 300 | |
|
298 | 301 | - #226 repo groups are available by path instead of numerical id |
|
299 | 302 | |
|
300 | 303 | fixes |
|
301 | 304 | +++++ |
|
302 | 305 | |
|
303 | 306 | - #259 Groups with the same name but with different parent group |
|
304 | 307 | - #260 Put repo in group, then move group to another group -> repo becomes unavailable |
|
305 | 308 | - #258 RhodeCode 1.2 assumes egg folder is writable (lockfiles problems) |
|
306 | 309 | - #265 ldap save fails sometimes on converting attributes to booleans, |
|
307 | 310 | added getter and setter into model that will prevent from this on db model level |
|
308 | 311 | - fixed problems with timestamps issues #251 and #213 |
|
309 | 312 | - fixes #266 RhodeCode allows to create repo with the same name and in |
|
310 | 313 | the same parent as group |
|
311 | 314 | - fixes #245 Rescan of the repositories on Windows |
|
312 | 315 | - fixes #248 cannot edit repos inside a group on windows |
|
313 | 316 | - fixes #219 forking problems on windows |
|
314 | 317 | |
|
315 | 318 | 1.2.1 (**2011-10-08**) |
|
316 | 319 | ---------------------- |
|
317 | 320 | |
|
318 | 321 | news |
|
319 | 322 | ++++ |
|
320 | 323 | |
|
321 | 324 | |
|
322 | 325 | fixes |
|
323 | 326 | +++++ |
|
324 | 327 | |
|
325 | 328 | - fixed problems with basic auth and push problems |
|
326 | 329 | - gui fixes |
|
327 | 330 | - fixed logger |
|
328 | 331 | |
|
329 | 332 | 1.2.0 (**2011-10-07**) |
|
330 | 333 | ---------------------- |
|
331 | 334 | |
|
332 | 335 | news |
|
333 | 336 | ++++ |
|
334 | 337 | |
|
335 | 338 | - implemented #47 repository groups |
|
336 | 339 | - implemented #89 Can setup google analytics code from settings menu |
|
337 | 340 | - implemented #91 added nicer looking archive urls with more download options |
|
338 | 341 | like tags, branches |
|
339 | 342 | - implemented #44 into file browsing, and added follow branch option |
|
340 | 343 | - implemented #84 downloads can be enabled/disabled for each repository |
|
341 | 344 | - anonymous repository can be cloned without having to pass default:default |
|
342 | 345 | into clone url |
|
343 | 346 | - fixed #90 whoosh indexer can index chooses repositories passed in command |
|
344 | 347 | line |
|
345 | 348 | - extended journal with day aggregates and paging |
|
346 | 349 | - implemented #107 source code lines highlight ranges |
|
347 | 350 | - implemented #93 customizable changelog on combined revision ranges - |
|
348 | 351 | equivalent of githubs compare view |
|
349 | 352 | - implemented #108 extended and more powerful LDAP configuration |
|
350 | 353 | - implemented #56 users groups |
|
351 | 354 | - major code rewrites optimized codes for speed and memory usage |
|
352 | 355 | - raw and diff downloads are now in git format |
|
353 | 356 | - setup command checks for write access to given path |
|
354 | 357 | - fixed many issues with international characters and unicode. It uses utf8 |
|
355 | 358 | decode with replace to provide less errors even with non utf8 encoded strings |
|
356 | 359 | - #125 added API KEY access to feeds |
|
357 | 360 | - #109 Repository can be created from external Mercurial link (aka. remote |
|
358 | 361 | repository, and manually updated (via pull) from admin panel |
|
359 | 362 | - beta git support - push/pull server + basic view for git repos |
|
360 | 363 | - added followers page and forks page |
|
361 | 364 | - server side file creation (with binary file upload interface) |
|
362 | 365 | and edition with commits powered by codemirror |
|
363 | 366 | - #111 file browser file finder, quick lookup files on whole file tree |
|
364 | 367 | - added quick login sliding menu into main page |
|
365 | 368 | - changelog uses lazy loading of affected files details, in some scenarios |
|
366 | 369 | this can improve speed of changelog page dramatically especially for |
|
367 | 370 | larger repositories. |
|
368 | 371 | - implements #214 added support for downloading subrepos in download menu. |
|
369 | 372 | - Added basic API for direct operations on rhodecode via JSON |
|
370 | 373 | - Implemented advanced hook management |
|
371 | 374 | |
|
372 | 375 | fixes |
|
373 | 376 | +++++ |
|
374 | 377 | |
|
375 | 378 | - fixed file browser bug, when switching into given form revision the url was |
|
376 | 379 | not changing |
|
377 | 380 | - fixed propagation to error controller on simplehg and simplegit middlewares |
|
378 | 381 | - fixed error when trying to make a download on empty repository |
|
379 | 382 | - fixed problem with '[' chars in commit messages in journal |
|
380 | 383 | - fixed #99 Unicode errors, on file node paths with non utf-8 characters |
|
381 | 384 | - journal fork fixes |
|
382 | 385 | - removed issue with space inside renamed repository after deletion |
|
383 | 386 | - fixed strange issue on formencode imports |
|
384 | 387 | - fixed #126 Deleting repository on Windows, rename used incompatible chars. |
|
385 | 388 | - #150 fixes for errors on repositories mapped in db but corrupted in |
|
386 | 389 | filesystem |
|
387 | 390 | - fixed problem with ascendant characters in realm #181 |
|
388 | 391 | - fixed problem with sqlite file based database connection pool |
|
389 | 392 | - whoosh indexer and code stats share the same dynamic extensions map |
|
390 | 393 | - fixes #188 - relationship delete of repo_to_perm entry on user removal |
|
391 | 394 | - fixes issue #189 Trending source files shows "show more" when no more exist |
|
392 | 395 | - fixes issue #197 Relative paths for pidlocks |
|
393 | 396 | - fixes issue #198 password will require only 3 chars now for login form |
|
394 | 397 | - fixes issue #199 wrong redirection for non admin users after creating a repository |
|
395 | 398 | - fixes issues #202, bad db constraint made impossible to attach same group |
|
396 | 399 | more than one time. Affects only mysql/postgres |
|
397 | 400 | - fixes #218 os.kill patch for windows was missing sig param |
|
398 | 401 | - improved rendering of dag (they are not trimmed anymore when number of |
|
399 | 402 | heads exceeds 5) |
|
400 | 403 | |
|
401 | 404 | 1.1.8 (**2011-04-12**) |
|
402 | 405 | ---------------------- |
|
403 | 406 | |
|
404 | 407 | news |
|
405 | 408 | ++++ |
|
406 | 409 | |
|
407 | 410 | - improved windows support |
|
408 | 411 | |
|
409 | 412 | fixes |
|
410 | 413 | +++++ |
|
411 | 414 | |
|
412 | 415 | - fixed #140 freeze of python dateutil library, since new version is python2.x |
|
413 | 416 | incompatible |
|
414 | 417 | - setup-app will check for write permission in given path |
|
415 | 418 | - cleaned up license info issue #149 |
|
416 | 419 | - fixes for issues #137,#116 and problems with unicode and accented characters. |
|
417 | 420 | - fixes crashes on gravatar, when passed in email as unicode |
|
418 | 421 | - fixed tooltip flickering problems |
|
419 | 422 | - fixed came_from redirection on windows |
|
420 | 423 | - fixed logging modules, and sql formatters |
|
421 | 424 | - windows fixes for os.kill issue #133 |
|
422 | 425 | - fixes path splitting for windows issues #148 |
|
423 | 426 | - fixed issue #143 wrong import on migration to 1.1.X |
|
424 | 427 | - fixed problems with displaying binary files, thanks to Thomas Waldmann |
|
425 | 428 | - removed name from archive files since it's breaking ui for long repo names |
|
426 | 429 | - fixed issue with archive headers sent to browser, thanks to Thomas Waldmann |
|
427 | 430 | - fixed compatibility for 1024px displays, and larger dpi settings, thanks to |
|
428 | 431 | Thomas Waldmann |
|
429 | 432 | - fixed issue #166 summary pager was skipping 10 revisions on second page |
|
430 | 433 | |
|
431 | 434 | |
|
432 | 435 | 1.1.7 (**2011-03-23**) |
|
433 | 436 | ---------------------- |
|
434 | 437 | |
|
435 | 438 | news |
|
436 | 439 | ++++ |
|
437 | 440 | |
|
438 | 441 | fixes |
|
439 | 442 | +++++ |
|
440 | 443 | |
|
441 | 444 | - fixed (again) #136 installation support for FreeBSD |
|
442 | 445 | |
|
443 | 446 | |
|
444 | 447 | 1.1.6 (**2011-03-21**) |
|
445 | 448 | ---------------------- |
|
446 | 449 | |
|
447 | 450 | news |
|
448 | 451 | ++++ |
|
449 | 452 | |
|
450 | 453 | fixes |
|
451 | 454 | +++++ |
|
452 | 455 | |
|
453 | 456 | - fixed #136 installation support for FreeBSD |
|
454 | 457 | - RhodeCode will check for python version during installation |
|
455 | 458 | |
|
456 | 459 | 1.1.5 (**2011-03-17**) |
|
457 | 460 | ---------------------- |
|
458 | 461 | |
|
459 | 462 | news |
|
460 | 463 | ++++ |
|
461 | 464 | |
|
462 | 465 | - basic windows support, by exchanging pybcrypt into sha256 for windows only |
|
463 | 466 | highly inspired by idea of mantis406 |
|
464 | 467 | |
|
465 | 468 | fixes |
|
466 | 469 | +++++ |
|
467 | 470 | |
|
468 | 471 | - fixed sorting by author in main page |
|
469 | 472 | - fixed crashes with diffs on binary files |
|
470 | 473 | - fixed #131 problem with boolean values for LDAP |
|
471 | 474 | - fixed #122 mysql problems thanks to striker69 |
|
472 | 475 | - fixed problem with errors on calling raw/raw_files/annotate functions |
|
473 | 476 | with unknown revisions |
|
474 | 477 | - fixed returned rawfiles attachment names with international character |
|
475 | 478 | - cleaned out docs, big thanks to Jason Harris |
|
476 | 479 | |
|
477 | 480 | 1.1.4 (**2011-02-19**) |
|
478 | 481 | ---------------------- |
|
479 | 482 | |
|
480 | 483 | news |
|
481 | 484 | ++++ |
|
482 | 485 | |
|
483 | 486 | fixes |
|
484 | 487 | +++++ |
|
485 | 488 | |
|
486 | 489 | - fixed formencode import problem on settings page, that caused server crash |
|
487 | 490 | when that page was accessed as first after server start |
|
488 | 491 | - journal fixes |
|
489 | 492 | - fixed option to access repository just by entering http://server/<repo_name> |
|
490 | 493 | |
|
491 | 494 | 1.1.3 (**2011-02-16**) |
|
492 | 495 | ---------------------- |
|
493 | 496 | |
|
494 | 497 | news |
|
495 | 498 | ++++ |
|
496 | 499 | |
|
497 | 500 | - implemented #102 allowing the '.' character in username |
|
498 | 501 | - added option to access repository just by entering http://server/<repo_name> |
|
499 | 502 | - celery task ignores result for better performance |
|
500 | 503 | |
|
501 | 504 | fixes |
|
502 | 505 | +++++ |
|
503 | 506 | |
|
504 | 507 | - fixed ehlo command and non auth mail servers on smtp_lib. Thanks to |
|
505 | 508 | apollo13 and Johan Walles |
|
506 | 509 | - small fixes in journal |
|
507 | 510 | - fixed problems with getting setting for celery from .ini files |
|
508 | 511 | - registration, password reset and login boxes share the same title as main |
|
509 | 512 | application now |
|
510 | 513 | - fixed #113: to high permissions to fork repository |
|
511 | 514 | - fixed problem with '[' chars in commit messages in journal |
|
512 | 515 | - removed issue with space inside renamed repository after deletion |
|
513 | 516 | - db transaction fixes when filesystem repository creation failed |
|
514 | 517 | - fixed #106 relation issues on databases different than sqlite |
|
515 | 518 | - fixed static files paths links to use of url() method |
|
516 | 519 | |
|
517 | 520 | 1.1.2 (**2011-01-12**) |
|
518 | 521 | ---------------------- |
|
519 | 522 | |
|
520 | 523 | news |
|
521 | 524 | ++++ |
|
522 | 525 | |
|
523 | 526 | |
|
524 | 527 | fixes |
|
525 | 528 | +++++ |
|
526 | 529 | |
|
527 | 530 | - fixes #98 protection against float division of percentage stats |
|
528 | 531 | - fixed graph bug |
|
529 | 532 | - forced webhelpers version since it was making troubles during installation |
|
530 | 533 | |
|
531 | 534 | 1.1.1 (**2011-01-06**) |
|
532 | 535 | ---------------------- |
|
533 | 536 | |
|
534 | 537 | news |
|
535 | 538 | ++++ |
|
536 | 539 | |
|
537 | 540 | - added force https option into ini files for easier https usage (no need to |
|
538 | 541 | set server headers with this options) |
|
539 | 542 | - small css updates |
|
540 | 543 | |
|
541 | 544 | fixes |
|
542 | 545 | +++++ |
|
543 | 546 | |
|
544 | 547 | - fixed #96 redirect loop on files view on repositories without changesets |
|
545 | 548 | - fixed #97 unicode string passed into server header in special cases (mod_wsgi) |
|
546 | 549 | and server crashed with errors |
|
547 | 550 | - fixed large tooltips problems on main page |
|
548 | 551 | - fixed #92 whoosh indexer is more error proof |
|
549 | 552 | |
|
550 | 553 | 1.1.0 (**2010-12-18**) |
|
551 | 554 | ---------------------- |
|
552 | 555 | |
|
553 | 556 | news |
|
554 | 557 | ++++ |
|
555 | 558 | |
|
556 | 559 | - rewrite of internals for vcs >=0.1.10 |
|
557 | 560 | - uses mercurial 1.7 with dotencode disabled for maintaining compatibility |
|
558 | 561 | with older clients |
|
559 | 562 | - anonymous access, authentication via ldap |
|
560 | 563 | - performance upgrade for cached repos list - each repository has its own |
|
561 | 564 | cache that's invalidated when needed. |
|
562 | 565 | - performance upgrades on repositories with large amount of commits (20K+) |
|
563 | 566 | - main page quick filter for filtering repositories |
|
564 | 567 | - user dashboards with ability to follow chosen repositories actions |
|
565 | 568 | - sends email to admin on new user registration |
|
566 | 569 | - added cache/statistics reset options into repository settings |
|
567 | 570 | - more detailed action logger (based on hooks) with pushed changesets lists |
|
568 | 571 | and options to disable those hooks from admin panel |
|
569 | 572 | - introduced new enhanced changelog for merges that shows more accurate results |
|
570 | 573 | - new improved and faster code stats (based on pygments lexers mapping tables, |
|
571 | 574 | showing up to 10 trending sources for each repository. Additionally stats |
|
572 | 575 | can be disabled in repository settings. |
|
573 | 576 | - gui optimizations, fixed application width to 1024px |
|
574 | 577 | - added cut off (for large files/changesets) limit into config files |
|
575 | 578 | - whoosh, celeryd, upgrade moved to paster command |
|
576 | 579 | - other than sqlite database backends can be used |
|
577 | 580 | |
|
578 | 581 | fixes |
|
579 | 582 | +++++ |
|
580 | 583 | |
|
581 | 584 | - fixes #61 forked repo was showing only after cache expired |
|
582 | 585 | - fixes #76 no confirmation on user deletes |
|
583 | 586 | - fixes #66 Name field misspelled |
|
584 | 587 | - fixes #72 block user removal when he owns repositories |
|
585 | 588 | - fixes #69 added password confirmation fields |
|
586 | 589 | - fixes #87 RhodeCode crashes occasionally on updating repository owner |
|
587 | 590 | - fixes #82 broken annotations on files with more than 1 blank line at the end |
|
588 | 591 | - a lot of fixes and tweaks for file browser |
|
589 | 592 | - fixed detached session issues |
|
590 | 593 | - fixed when user had no repos he would see all repos listed in my account |
|
591 | 594 | - fixed ui() instance bug when global hgrc settings was loaded for server |
|
592 | 595 | instance and all hgrc options were merged with our db ui() object |
|
593 | 596 | - numerous small bugfixes |
|
594 | 597 | |
|
595 | 598 | (special thanks for TkSoh for detailed feedback) |
|
596 | 599 | |
|
597 | 600 | |
|
598 | 601 | 1.0.2 (**2010-11-12**) |
|
599 | 602 | ---------------------- |
|
600 | 603 | |
|
601 | 604 | news |
|
602 | 605 | ++++ |
|
603 | 606 | |
|
604 | 607 | - tested under python2.7 |
|
605 | 608 | - bumped sqlalchemy and celery versions |
|
606 | 609 | |
|
607 | 610 | fixes |
|
608 | 611 | +++++ |
|
609 | 612 | |
|
610 | 613 | - fixed #59 missing graph.js |
|
611 | 614 | - fixed repo_size crash when repository had broken symlinks |
|
612 | 615 | - fixed python2.5 crashes. |
|
613 | 616 | |
|
614 | 617 | |
|
615 | 618 | 1.0.1 (**2010-11-10**) |
|
616 | 619 | ---------------------- |
|
617 | 620 | |
|
618 | 621 | news |
|
619 | 622 | ++++ |
|
620 | 623 | |
|
621 | 624 | - small css updated |
|
622 | 625 | |
|
623 | 626 | fixes |
|
624 | 627 | +++++ |
|
625 | 628 | |
|
626 | 629 | - fixed #53 python2.5 incompatible enumerate calls |
|
627 | 630 | - fixed #52 disable mercurial extension for web |
|
628 | 631 | - fixed #51 deleting repositories don't delete it's dependent objects |
|
629 | 632 | |
|
630 | 633 | |
|
631 | 634 | 1.0.0 (**2010-11-02**) |
|
632 | 635 | ---------------------- |
|
633 | 636 | |
|
634 | 637 | - security bugfix simplehg wasn't checking for permissions on commands |
|
635 | 638 | other than pull or push. |
|
636 | 639 | - fixed doubled messages after push or pull in admin journal |
|
637 | 640 | - templating and css corrections, fixed repo switcher on chrome, updated titles |
|
638 | 641 | - admin menu accessible from options menu on repository view |
|
639 | 642 | - permissions cached queries |
|
640 | 643 | |
|
641 | 644 | 1.0.0rc4 (**2010-10-12**) |
|
642 | 645 | -------------------------- |
|
643 | 646 | |
|
644 | 647 | - fixed python2.5 missing simplejson imports (thanks to Jens BΓ€ckman) |
|
645 | 648 | - removed cache_manager settings from sqlalchemy meta |
|
646 | 649 | - added sqlalchemy cache settings to ini files |
|
647 | 650 | - validated password length and added second try of failure on paster setup-app |
|
648 | 651 | - fixed setup database destroy prompt even when there was no db |
|
649 | 652 | |
|
650 | 653 | |
|
651 | 654 | 1.0.0rc3 (**2010-10-11**) |
|
652 | 655 | ------------------------- |
|
653 | 656 | |
|
654 | 657 | - fixed i18n during installation. |
|
655 | 658 | |
|
656 | 659 | 1.0.0rc2 (**2010-10-11**) |
|
657 | 660 | ------------------------- |
|
658 | 661 | |
|
659 | 662 | - Disabled dirsize in file browser, it's causing nasty bug when dir renames |
|
660 | 663 | occure. After vcs is fixed it'll be put back again. |
|
661 | 664 | - templating/css rewrites, optimized css. No newline at end of file |
@@ -1,731 +1,732 b'' | |||
|
1 | 1 | .. _setup: |
|
2 | 2 | |
|
3 | 3 | ===== |
|
4 | 4 | Setup |
|
5 | 5 | ===== |
|
6 | 6 | |
|
7 | 7 | |
|
8 | 8 | Setting up RhodeCode |
|
9 | 9 | -------------------- |
|
10 | 10 | |
|
11 | 11 | First, you will need to create a RhodeCode configuration file. Run the |
|
12 | 12 | following command to do this:: |
|
13 | 13 | |
|
14 | 14 | paster make-config RhodeCode production.ini |
|
15 | 15 | |
|
16 | 16 | - This will create the file `production.ini` in the current directory. This |
|
17 | 17 | configuration file contains the various settings for RhodeCode, e.g proxy |
|
18 | 18 | port, email settings, usage of static files, cache, celery settings and |
|
19 | 19 | logging. |
|
20 | 20 | |
|
21 | 21 | |
|
22 | 22 | Next, you need to create the databases used by RhodeCode. I recommend that you |
|
23 | 23 | use postgresql or sqlite (default). If you choose a database other than the |
|
24 | 24 | default ensure you properly adjust the db url in your production.ini |
|
25 | 25 | configuration file to use this other database. RhodeCode currently supports |
|
26 | 26 | postgresql, sqlite and mysql databases. Create the database by running |
|
27 | 27 | the following command:: |
|
28 | 28 | |
|
29 |
paster setup- |
|
|
29 | paster setup-rhodecode production.ini | |
|
30 | 30 | |
|
31 | 31 | This will prompt you for a "root" path. This "root" path is the location where |
|
32 | 32 | RhodeCode will store all of its repositories on the current machine. After |
|
33 |
entering this "root" path ``setup- |
|
|
34 |
and password for the initial admin account which ``setup- |
|
|
33 | entering this "root" path ``setup-rhodecode`` will also prompt you for a username | |
|
34 | and password for the initial admin account which ``setup-rhodecode`` sets | |
|
35 | up for you. | |
|
35 | 36 | |
|
36 |
- The ``setup- |
|
|
37 |
account. When choosing a root path you can either use a new empty |
|
|
38 |
or a location which already contains existing repositories. If you |
|
|
39 |
location which contains existing repositories RhodeCode will simply |
|
|
40 |
of the repositories at the chosen location to it's database. |
|
|
41 | sure you specify the correct path to the root). | |
|
37 | - The ``setup-rhodecode`` command will create all of the needed tables and an | |
|
38 | admin account. When choosing a root path you can either use a new empty | |
|
39 | location, or a location which already contains existing repositories. If you | |
|
40 | choose a location which contains existing repositories RhodeCode will simply | |
|
41 | add all of the repositories at the chosen location to it's database. | |
|
42 | (Note: make sure you specify the correct path to the root). | |
|
42 | 43 | - Note: the given path for mercurial_ repositories **must** be write accessible |
|
43 | 44 | for the application. It's very important since the RhodeCode web interface |
|
44 | 45 | will work without write access, but when trying to do a push it will |
|
45 | 46 | eventually fail with permission denied errors unless it has write access. |
|
46 | 47 | |
|
47 | 48 | You are now ready to use RhodeCode, to run it simply execute:: |
|
48 | 49 | |
|
49 | 50 | paster serve production.ini |
|
50 | 51 | |
|
51 | 52 | - This command runs the RhodeCode server. The web app should be available at the |
|
52 | 53 | 127.0.0.1:5000. This ip and port is configurable via the production.ini |
|
53 | 54 | file created in previous step |
|
54 |
- Use the admin account you created above when running ``setup- |
|
|
55 | to the web app. | |
|
55 | - Use the admin account you created above when running ``setup-rhodecode`` | |
|
56 | to login to the web app. | |
|
56 | 57 | - The default permissions on each repository is read, and the owner is admin. |
|
57 | 58 | Remember to update these if needed. |
|
58 | 59 | - In the admin panel you can toggle ldap, anonymous, permissions settings. As |
|
59 | 60 | well as edit more advanced options on users and repositories |
|
60 | 61 | |
|
61 | 62 | Optionally users can create `rcextensions` package that extends RhodeCode |
|
62 | 63 | functionality. To do this simply execute:: |
|
63 | 64 | |
|
64 | 65 | paster make-rcext production.ini |
|
65 | 66 | |
|
66 | 67 | This will create `rcextensions` package in the same place that your `ini` file |
|
67 | 68 | lives. With `rcextensions` it's possible to add additional mapping for whoosh, |
|
68 | 69 | stats and add additional code into the push/pull/create repo hooks. For example |
|
69 | 70 | for sending signals to build-bots such as jenkins. |
|
70 | 71 | Please see the `__init__.py` file inside `rcextensions` package |
|
71 | 72 | for more details. |
|
72 | 73 | |
|
73 | 74 | |
|
74 | 75 | Using RhodeCode with SSH |
|
75 | 76 | ------------------------ |
|
76 | 77 | |
|
77 | 78 | RhodeCode currently only hosts repositories using http and https. (The addition |
|
78 | 79 | of ssh hosting is a planned future feature.) However you can easily use ssh in |
|
79 | 80 | parallel with RhodeCode. (Repository access via ssh is a standard "out of |
|
80 | 81 | the box" feature of mercurial_ and you can use this to access any of the |
|
81 | 82 | repositories that RhodeCode is hosting. See PublishingRepositories_) |
|
82 | 83 | |
|
83 | 84 | RhodeCode repository structures are kept in directories with the same name |
|
84 | 85 | as the project. When using repository groups, each group is a subdirectory. |
|
85 | 86 | This allows you to easily use ssh for accessing repositories. |
|
86 | 87 | |
|
87 | 88 | In order to use ssh you need to make sure that your web-server and the users |
|
88 | 89 | login accounts have the correct permissions set on the appropriate directories. |
|
89 | 90 | (Note that these permissions are independent of any permissions you have set up |
|
90 | 91 | using the RhodeCode web interface.) |
|
91 | 92 | |
|
92 | 93 | If your main directory (the same as set in RhodeCode settings) is for example |
|
93 | 94 | set to **/home/hg** and the repository you are using is named `rhodecode`, then |
|
94 | 95 | to clone via ssh you should run:: |
|
95 | 96 | |
|
96 | 97 | hg clone ssh://user@server.com/home/hg/rhodecode |
|
97 | 98 | |
|
98 | 99 | Using other external tools such as mercurial-server_ or using ssh key based |
|
99 | 100 | authentication is fully supported. |
|
100 | 101 | |
|
101 | 102 | Note: In an advanced setup, in order for your ssh access to use the same |
|
102 | 103 | permissions as set up via the RhodeCode web interface, you can create an |
|
103 | 104 | authentication hook to connect to the rhodecode db and runs check functions for |
|
104 | 105 | permissions against that. |
|
105 | 106 | |
|
106 | 107 | Setting up Whoosh full text search |
|
107 | 108 | ---------------------------------- |
|
108 | 109 | |
|
109 | 110 | Starting from version 1.1 the whoosh index can be build by using the paster |
|
110 | 111 | command ``make-index``. To use ``make-index`` you must specify the configuration |
|
111 | 112 | file that stores the location of the index. You may specify the location of the |
|
112 | 113 | repositories (`--repo-location`). If not specified, this value is retrieved |
|
113 | 114 | from the RhodeCode database. This was required prior to 1.2. Starting from |
|
114 | 115 | version 1.2 it is also possible to specify a comma separated list of |
|
115 | 116 | repositories (`--index-only`) to build index only on chooses repositories |
|
116 | 117 | skipping any other found in repos location |
|
117 | 118 | |
|
118 | 119 | You may optionally pass the option `-f` to enable a full index rebuild. Without |
|
119 | 120 | the `-f` option, indexing will run always in "incremental" mode. |
|
120 | 121 | |
|
121 | 122 | For an incremental index build use:: |
|
122 | 123 | |
|
123 | 124 | paster make-index production.ini |
|
124 | 125 | |
|
125 | 126 | For a full index rebuild use:: |
|
126 | 127 | |
|
127 | 128 | paster make-index production.ini -f |
|
128 | 129 | |
|
129 | 130 | |
|
130 | 131 | building index just for chosen repositories is possible with such command:: |
|
131 | 132 | |
|
132 | 133 | paster make-index production.ini --index-only=vcs,rhodecode |
|
133 | 134 | |
|
134 | 135 | |
|
135 | 136 | In order to do periodical index builds and keep your index always up to date. |
|
136 | 137 | It's recommended to do a crontab entry for incremental indexing. |
|
137 | 138 | An example entry might look like this:: |
|
138 | 139 | |
|
139 | 140 | /path/to/python/bin/paster make-index /path/to/rhodecode/production.ini |
|
140 | 141 | |
|
141 | 142 | When using incremental mode (the default) whoosh will check the last |
|
142 | 143 | modification date of each file and add it to be reindexed if a newer file is |
|
143 | 144 | available. The indexing daemon checks for any removed files and removes them |
|
144 | 145 | from index. |
|
145 | 146 | |
|
146 | 147 | If you want to rebuild index from scratch, you can use the `-f` flag as above, |
|
147 | 148 | or in the admin panel you can check `build from scratch` flag. |
|
148 | 149 | |
|
149 | 150 | |
|
150 | 151 | Setting up LDAP support |
|
151 | 152 | ----------------------- |
|
152 | 153 | |
|
153 | 154 | RhodeCode starting from version 1.1 supports ldap authentication. In order |
|
154 | 155 | to use LDAP, you have to install the python-ldap_ package. This package is |
|
155 | 156 | available via pypi, so you can install it by running |
|
156 | 157 | |
|
157 | 158 | using easy_install:: |
|
158 | 159 | |
|
159 | 160 | easy_install python-ldap |
|
160 | 161 | |
|
161 | 162 | using pip:: |
|
162 | 163 | |
|
163 | 164 | pip install python-ldap |
|
164 | 165 | |
|
165 | 166 | .. note:: |
|
166 | 167 | python-ldap requires some certain libs on your system, so before installing |
|
167 | 168 | it check that you have at least `openldap`, and `sasl` libraries. |
|
168 | 169 | |
|
169 | 170 | LDAP settings are located in admin->ldap section, |
|
170 | 171 | |
|
171 | 172 | Here's a typical ldap setup:: |
|
172 | 173 | |
|
173 | 174 | Connection settings |
|
174 | 175 | Enable LDAP = checked |
|
175 | 176 | Host = host.example.org |
|
176 | 177 | Port = 389 |
|
177 | 178 | Account = <account> |
|
178 | 179 | Password = <password> |
|
179 | 180 | Connection Security = LDAPS connection |
|
180 | 181 | Certificate Checks = DEMAND |
|
181 | 182 | |
|
182 | 183 | Search settings |
|
183 | 184 | Base DN = CN=users,DC=host,DC=example,DC=org |
|
184 | 185 | LDAP Filter = (&(objectClass=user)(!(objectClass=computer))) |
|
185 | 186 | LDAP Search Scope = SUBTREE |
|
186 | 187 | |
|
187 | 188 | Attribute mappings |
|
188 | 189 | Login Attribute = uid |
|
189 | 190 | First Name Attribute = firstName |
|
190 | 191 | Last Name Attribute = lastName |
|
191 | 192 | E-mail Attribute = mail |
|
192 | 193 | |
|
193 | 194 | .. _enable_ldap: |
|
194 | 195 | |
|
195 | 196 | Enable LDAP : required |
|
196 | 197 | Whether to use LDAP for authenticating users. |
|
197 | 198 | |
|
198 | 199 | .. _ldap_host: |
|
199 | 200 | |
|
200 | 201 | Host : required |
|
201 | 202 | LDAP server hostname or IP address. |
|
202 | 203 | |
|
203 | 204 | .. _Port: |
|
204 | 205 | |
|
205 | 206 | Port : required |
|
206 | 207 | 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP. |
|
207 | 208 | |
|
208 | 209 | .. _ldap_account: |
|
209 | 210 | |
|
210 | 211 | Account : optional |
|
211 | 212 | Only required if the LDAP server does not allow anonymous browsing of |
|
212 | 213 | records. This should be a special account for record browsing. This |
|
213 | 214 | will require `LDAP Password`_ below. |
|
214 | 215 | |
|
215 | 216 | .. _LDAP Password: |
|
216 | 217 | |
|
217 | 218 | Password : optional |
|
218 | 219 | Only required if the LDAP server does not allow anonymous browsing of |
|
219 | 220 | records. |
|
220 | 221 | |
|
221 | 222 | .. _Enable LDAPS: |
|
222 | 223 | |
|
223 | 224 | Connection Security : required |
|
224 | 225 | Defines the connection to LDAP server |
|
225 | 226 | |
|
226 | 227 | No encryption |
|
227 | 228 | Plain non encrypted connection |
|
228 | 229 | |
|
229 | 230 | LDAPS connection |
|
230 | 231 | Enable ldaps connection. It will likely require `Port`_ to be set to |
|
231 | 232 | a different value (standard LDAPS port is 636). When LDAPS is enabled |
|
232 | 233 | then `Certificate Checks`_ is required. |
|
233 | 234 | |
|
234 | 235 | START_TLS on LDAP connection |
|
235 | 236 | START TLS connection |
|
236 | 237 | |
|
237 | 238 | .. _Certificate Checks: |
|
238 | 239 | |
|
239 | 240 | Certificate Checks : optional |
|
240 | 241 | How SSL certificates verification is handled - this is only useful when |
|
241 | 242 | `Enable LDAPS`_ is enabled. Only DEMAND or HARD offer full SSL security |
|
242 | 243 | while the other options are susceptible to man-in-the-middle attacks. SSL |
|
243 | 244 | certificates can be installed to /etc/openldap/cacerts so that the |
|
244 | 245 | DEMAND or HARD options can be used with self-signed certificates or |
|
245 | 246 | certificates that do not have traceable certificates of authority. |
|
246 | 247 | |
|
247 | 248 | NEVER |
|
248 | 249 | A serve certificate will never be requested or checked. |
|
249 | 250 | |
|
250 | 251 | ALLOW |
|
251 | 252 | A server certificate is requested. Failure to provide a |
|
252 | 253 | certificate or providing a bad certificate will not terminate the |
|
253 | 254 | session. |
|
254 | 255 | |
|
255 | 256 | TRY |
|
256 | 257 | A server certificate is requested. Failure to provide a |
|
257 | 258 | certificate does not halt the session; providing a bad certificate |
|
258 | 259 | halts the session. |
|
259 | 260 | |
|
260 | 261 | DEMAND |
|
261 | 262 | A server certificate is requested and must be provided and |
|
262 | 263 | authenticated for the session to proceed. |
|
263 | 264 | |
|
264 | 265 | HARD |
|
265 | 266 | The same as DEMAND. |
|
266 | 267 | |
|
267 | 268 | .. _Base DN: |
|
268 | 269 | |
|
269 | 270 | Base DN : required |
|
270 | 271 | The Distinguished Name (DN) where searches for users will be performed. |
|
271 | 272 | Searches can be controlled by `LDAP Filter`_ and `LDAP Search Scope`_. |
|
272 | 273 | |
|
273 | 274 | .. _LDAP Filter: |
|
274 | 275 | |
|
275 | 276 | LDAP Filter : optional |
|
276 | 277 | A LDAP filter defined by RFC 2254. This is more useful when `LDAP |
|
277 | 278 | Search Scope`_ is set to SUBTREE. The filter is useful for limiting |
|
278 | 279 | which LDAP objects are identified as representing Users for |
|
279 | 280 | authentication. The filter is augmented by `Login Attribute`_ below. |
|
280 | 281 | This can commonly be left blank. |
|
281 | 282 | |
|
282 | 283 | .. _LDAP Search Scope: |
|
283 | 284 | |
|
284 | 285 | LDAP Search Scope : required |
|
285 | 286 | This limits how far LDAP will search for a matching object. |
|
286 | 287 | |
|
287 | 288 | BASE |
|
288 | 289 | Only allows searching of `Base DN`_ and is usually not what you |
|
289 | 290 | want. |
|
290 | 291 | |
|
291 | 292 | ONELEVEL |
|
292 | 293 | Searches all entries under `Base DN`_, but not Base DN itself. |
|
293 | 294 | |
|
294 | 295 | SUBTREE |
|
295 | 296 | Searches all entries below `Base DN`_, but not Base DN itself. |
|
296 | 297 | When using SUBTREE `LDAP Filter`_ is useful to limit object |
|
297 | 298 | location. |
|
298 | 299 | |
|
299 | 300 | .. _Login Attribute: |
|
300 | 301 | |
|
301 | 302 | Login Attribute : required |
|
302 | 303 | The LDAP record attribute that will be matched as the USERNAME or |
|
303 | 304 | ACCOUNT used to connect to RhodeCode. This will be added to `LDAP |
|
304 | 305 | Filter`_ for locating the User object. If `LDAP Filter`_ is specified as |
|
305 | 306 | "LDAPFILTER", `Login Attribute`_ is specified as "uid" and the user has |
|
306 | 307 | connected as "jsmith" then the `LDAP Filter`_ will be augmented as below |
|
307 | 308 | :: |
|
308 | 309 | |
|
309 | 310 | (&(LDAPFILTER)(uid=jsmith)) |
|
310 | 311 | |
|
311 | 312 | .. _ldap_attr_firstname: |
|
312 | 313 | |
|
313 | 314 | First Name Attribute : required |
|
314 | 315 | The LDAP record attribute which represents the user's first name. |
|
315 | 316 | |
|
316 | 317 | .. _ldap_attr_lastname: |
|
317 | 318 | |
|
318 | 319 | Last Name Attribute : required |
|
319 | 320 | The LDAP record attribute which represents the user's last name. |
|
320 | 321 | |
|
321 | 322 | .. _ldap_attr_email: |
|
322 | 323 | |
|
323 | 324 | Email Attribute : required |
|
324 | 325 | The LDAP record attribute which represents the user's email address. |
|
325 | 326 | |
|
326 | 327 | If all data are entered correctly, and python-ldap_ is properly installed |
|
327 | 328 | users should be granted access to RhodeCode with ldap accounts. At this |
|
328 | 329 | time user information is copied from LDAP into the RhodeCode user database. |
|
329 | 330 | This means that updates of an LDAP user object may not be reflected as a |
|
330 | 331 | user update in RhodeCode. |
|
331 | 332 | |
|
332 | 333 | If You have problems with LDAP access and believe You entered correct |
|
333 | 334 | information check out the RhodeCode logs, any error messages sent from LDAP |
|
334 | 335 | will be saved there. |
|
335 | 336 | |
|
336 | 337 | Active Directory |
|
337 | 338 | '''''''''''''''' |
|
338 | 339 | |
|
339 | 340 | RhodeCode can use Microsoft Active Directory for user authentication. This |
|
340 | 341 | is done through an LDAP or LDAPS connection to Active Directory. The |
|
341 | 342 | following LDAP configuration settings are typical for using Active |
|
342 | 343 | Directory :: |
|
343 | 344 | |
|
344 | 345 | Base DN = OU=SBSUsers,OU=Users,OU=MyBusiness,DC=v3sys,DC=local |
|
345 | 346 | Login Attribute = sAMAccountName |
|
346 | 347 | First Name Attribute = givenName |
|
347 | 348 | Last Name Attribute = sn |
|
348 | 349 | E-mail Attribute = mail |
|
349 | 350 | |
|
350 | 351 | All other LDAP settings will likely be site-specific and should be |
|
351 | 352 | appropriately configured. |
|
352 | 353 | |
|
353 | 354 | |
|
354 | 355 | Authentication by container or reverse-proxy |
|
355 | 356 | -------------------------------------------- |
|
356 | 357 | |
|
357 | 358 | Starting with version 1.3, RhodeCode supports delegating the authentication |
|
358 | 359 | of users to its WSGI container, or to a reverse-proxy server through which all |
|
359 | 360 | clients access the application. |
|
360 | 361 | |
|
361 | 362 | When these authentication methods are enabled in RhodeCode, it uses the |
|
362 | 363 | username that the container/proxy (Apache/Nginx/etc) authenticated and doesn't |
|
363 | 364 | perform the authentication itself. The authorization, however, is still done by |
|
364 | 365 | RhodeCode according to its settings. |
|
365 | 366 | |
|
366 | 367 | When a user logs in for the first time using these authentication methods, |
|
367 | 368 | a matching user account is created in RhodeCode with default permissions. An |
|
368 | 369 | administrator can then modify it using RhodeCode's admin interface. |
|
369 | 370 | It's also possible for an administrator to create accounts and configure their |
|
370 | 371 | permissions before the user logs in for the first time. |
|
371 | 372 | |
|
372 | 373 | Container-based authentication |
|
373 | 374 | '''''''''''''''''''''''''''''' |
|
374 | 375 | |
|
375 | 376 | In a container-based authentication setup, RhodeCode reads the user name from |
|
376 | 377 | the ``REMOTE_USER`` server variable provided by the WSGI container. |
|
377 | 378 | |
|
378 | 379 | After setting up your container (see `Apache's WSGI config`_), you'd need |
|
379 | 380 | to configure it to require authentication on the location configured for |
|
380 | 381 | RhodeCode. |
|
381 | 382 | |
|
382 | 383 | In order for RhodeCode to start using the provided username, you should set the |
|
383 | 384 | following in the [app:main] section of your .ini file:: |
|
384 | 385 | |
|
385 | 386 | container_auth_enabled = true |
|
386 | 387 | |
|
387 | 388 | |
|
388 | 389 | Proxy pass-through authentication |
|
389 | 390 | ''''''''''''''''''''''''''''''''' |
|
390 | 391 | |
|
391 | 392 | In a proxy pass-through authentication setup, RhodeCode reads the user name |
|
392 | 393 | from the ``X-Forwarded-User`` request header, which should be configured to be |
|
393 | 394 | sent by the reverse-proxy server. |
|
394 | 395 | |
|
395 | 396 | After setting up your proxy solution (see `Apache virtual host reverse proxy example`_, |
|
396 | 397 | `Apache as subdirectory`_ or `Nginx virtual host example`_), you'd need to |
|
397 | 398 | configure the authentication and add the username in a request header named |
|
398 | 399 | ``X-Forwarded-User``. |
|
399 | 400 | |
|
400 | 401 | For example, the following config section for Apache sets a subdirectory in a |
|
401 | 402 | reverse-proxy setup with basic auth:: |
|
402 | 403 | |
|
403 | 404 | <Location /<someprefix> > |
|
404 | 405 | ProxyPass http://127.0.0.1:5000/<someprefix> |
|
405 | 406 | ProxyPassReverse http://127.0.0.1:5000/<someprefix> |
|
406 | 407 | SetEnvIf X-Url-Scheme https HTTPS=1 |
|
407 | 408 | |
|
408 | 409 | AuthType Basic |
|
409 | 410 | AuthName "RhodeCode authentication" |
|
410 | 411 | AuthUserFile /home/web/rhodecode/.htpasswd |
|
411 | 412 | require valid-user |
|
412 | 413 | |
|
413 | 414 | RequestHeader unset X-Forwarded-User |
|
414 | 415 | |
|
415 | 416 | RewriteEngine On |
|
416 | 417 | RewriteCond %{LA-U:REMOTE_USER} (.+) |
|
417 | 418 | RewriteRule .* - [E=RU:%1] |
|
418 | 419 | RequestHeader set X-Forwarded-User %{RU}e |
|
419 | 420 | </Location> |
|
420 | 421 | |
|
421 | 422 | In order for RhodeCode to start using the forwarded username, you should set |
|
422 | 423 | the following in the [app:main] section of your .ini file:: |
|
423 | 424 | |
|
424 | 425 | proxypass_auth_enabled = true |
|
425 | 426 | |
|
426 | 427 | .. note:: |
|
427 | 428 | If you enable proxy pass-through authentication, make sure your server is |
|
428 | 429 | only accessible through the proxy. Otherwise, any client would be able to |
|
429 | 430 | forge the authentication header and could effectively become authenticated |
|
430 | 431 | using any account of their liking. |
|
431 | 432 | |
|
432 | 433 | Integration with Issue trackers |
|
433 | 434 | ------------------------------- |
|
434 | 435 | |
|
435 | 436 | RhodeCode provides a simple integration with issue trackers. It's possible |
|
436 | 437 | to define a regular expression that will fetch issue id stored in commit |
|
437 | 438 | messages and replace that with an url to this issue. To enable this simply |
|
438 | 439 | uncomment following variables in the ini file:: |
|
439 | 440 | |
|
440 | 441 | url_pat = (?:^#|\s#)(\w+) |
|
441 | 442 | issue_server_link = https://myissueserver.com/{repo}/issue/{id} |
|
442 | 443 | issue_prefix = # |
|
443 | 444 | |
|
444 | 445 | `url_pat` is the regular expression that will fetch issues from commit messages. |
|
445 | 446 | Default regex will match issues in format of #<number> eg. #300. |
|
446 | 447 | |
|
447 | 448 | Matched issues will be replace with the link specified as `issue_server_link` |
|
448 | 449 | {id} will be replaced with issue id, and {repo} with repository name. |
|
449 | 450 | Since the # is striped `issue_prefix` is added as a prefix to url. |
|
450 | 451 | `issue_prefix` can be something different than # if you pass |
|
451 | 452 | ISSUE- as issue prefix this will generate an url in format:: |
|
452 | 453 | |
|
453 | 454 | <a href="https://myissueserver.com/example_repo/issue/300">ISSUE-300</a> |
|
454 | 455 | |
|
455 | 456 | Hook management |
|
456 | 457 | --------------- |
|
457 | 458 | |
|
458 | 459 | Hooks can be managed in similar way to this used in .hgrc files. |
|
459 | 460 | To access hooks setting click `advanced setup` on Hooks section of Mercurial |
|
460 | 461 | Settings in Admin. |
|
461 | 462 | |
|
462 | 463 | There are 4 built in hooks that cannot be changed (only enable/disable by |
|
463 | 464 | checkboxes on previos section). |
|
464 | 465 | To add another custom hook simply fill in first section with |
|
465 | 466 | <name>.<hook_type> and the second one with hook path. Example hooks |
|
466 | 467 | can be found at *rhodecode.lib.hooks*. |
|
467 | 468 | |
|
468 | 469 | |
|
469 | 470 | Changing default encoding |
|
470 | 471 | ------------------------- |
|
471 | 472 | |
|
472 | 473 | By default RhodeCode uses utf8 encoding, starting from 1.3 series this |
|
473 | 474 | can be changed, simply edit default_encoding in .ini file to desired one. |
|
474 | 475 | This affects many parts in rhodecode including commiters names, filenames, |
|
475 | 476 | encoding of commit messages. In addition RhodeCode can detect if `chardet` |
|
476 | 477 | library is installed. If `chardet` is detected RhodeCode will fallback to it |
|
477 | 478 | when there are encode/decode errors. |
|
478 | 479 | |
|
479 | 480 | |
|
480 | 481 | Setting Up Celery |
|
481 | 482 | ----------------- |
|
482 | 483 | |
|
483 | 484 | Since version 1.1 celery is configured by the rhodecode ini configuration files. |
|
484 | 485 | Simply set use_celery=true in the ini file then add / change the configuration |
|
485 | 486 | variables inside the ini file. |
|
486 | 487 | |
|
487 | 488 | Remember that the ini files use the format with '.' not with '_' like celery. |
|
488 | 489 | So for example setting `BROKER_HOST` in celery means setting `broker.host` in |
|
489 | 490 | the config file. |
|
490 | 491 | |
|
491 | 492 | In order to start using celery run:: |
|
492 | 493 | |
|
493 | 494 | paster celeryd <configfile.ini> |
|
494 | 495 | |
|
495 | 496 | |
|
496 | 497 | .. note:: |
|
497 | 498 | Make sure you run this command from the same virtualenv, and with the same |
|
498 | 499 | user that rhodecode runs. |
|
499 | 500 | |
|
500 | 501 | HTTPS support |
|
501 | 502 | ------------- |
|
502 | 503 | |
|
503 | 504 | There are two ways to enable https: |
|
504 | 505 | |
|
505 | 506 | - Set HTTP_X_URL_SCHEME in your http server headers, than rhodecode will |
|
506 | 507 | recognize this headers and make proper https redirections |
|
507 | 508 | - Alternatively, change the `force_https = true` flag in the ini configuration |
|
508 | 509 | to force using https, no headers are needed than to enable https |
|
509 | 510 | |
|
510 | 511 | |
|
511 | 512 | Nginx virtual host example |
|
512 | 513 | -------------------------- |
|
513 | 514 | |
|
514 | 515 | Sample config for nginx using proxy:: |
|
515 | 516 | |
|
516 | 517 | upstream rc { |
|
517 | 518 | server 127.0.0.1:5000; |
|
518 | 519 | # add more instances for load balancing |
|
519 | 520 | #server 127.0.0.1:5001; |
|
520 | 521 | #server 127.0.0.1:5002; |
|
521 | 522 | } |
|
522 | 523 | |
|
523 | 524 | server { |
|
524 | 525 | listen 80; |
|
525 | 526 | server_name hg.myserver.com; |
|
526 | 527 | access_log /var/log/nginx/rhodecode.access.log; |
|
527 | 528 | error_log /var/log/nginx/rhodecode.error.log; |
|
528 | 529 | |
|
529 | 530 | location / { |
|
530 | 531 | try_files $uri @rhode; |
|
531 | 532 | } |
|
532 | 533 | |
|
533 | 534 | location @rhode { |
|
534 | 535 | proxy_pass http://rc; |
|
535 | 536 | include /etc/nginx/proxy.conf; |
|
536 | 537 | } |
|
537 | 538 | |
|
538 | 539 | } |
|
539 | 540 | |
|
540 | 541 | Here's the proxy.conf. It's tuned so it will not timeout on long |
|
541 | 542 | pushes or large pushes:: |
|
542 | 543 | |
|
543 | 544 | proxy_redirect off; |
|
544 | 545 | proxy_set_header Host $host; |
|
545 | 546 | proxy_set_header X-Url-Scheme $scheme; |
|
546 | 547 | proxy_set_header X-Host $http_host; |
|
547 | 548 | proxy_set_header X-Real-IP $remote_addr; |
|
548 | 549 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
549 | 550 | proxy_set_header Proxy-host $proxy_host; |
|
550 | 551 | client_max_body_size 400m; |
|
551 | 552 | client_body_buffer_size 128k; |
|
552 | 553 | proxy_buffering off; |
|
553 | 554 | proxy_connect_timeout 7200; |
|
554 | 555 | proxy_send_timeout 7200; |
|
555 | 556 | proxy_read_timeout 7200; |
|
556 | 557 | proxy_buffers 8 32k; |
|
557 | 558 | |
|
558 | 559 | Also, when using root path with nginx you might set the static files to false |
|
559 | 560 | in the production.ini file:: |
|
560 | 561 | |
|
561 | 562 | [app:main] |
|
562 | 563 | use = egg:rhodecode |
|
563 | 564 | full_stack = true |
|
564 | 565 | static_files = false |
|
565 | 566 | lang=en |
|
566 | 567 | cache_dir = %(here)s/data |
|
567 | 568 | |
|
568 | 569 | In order to not have the statics served by the application. This improves speed. |
|
569 | 570 | |
|
570 | 571 | |
|
571 | 572 | Apache virtual host reverse proxy example |
|
572 | 573 | ----------------------------------------- |
|
573 | 574 | |
|
574 | 575 | Here is a sample configuration file for apache using proxy:: |
|
575 | 576 | |
|
576 | 577 | <VirtualHost *:80> |
|
577 | 578 | ServerName hg.myserver.com |
|
578 | 579 | ServerAlias hg.myserver.com |
|
579 | 580 | |
|
580 | 581 | <Proxy *> |
|
581 | 582 | Order allow,deny |
|
582 | 583 | Allow from all |
|
583 | 584 | </Proxy> |
|
584 | 585 | |
|
585 | 586 | #important ! |
|
586 | 587 | #Directive to properly generate url (clone url) for pylons |
|
587 | 588 | ProxyPreserveHost On |
|
588 | 589 | |
|
589 | 590 | #rhodecode instance |
|
590 | 591 | ProxyPass / http://127.0.0.1:5000/ |
|
591 | 592 | ProxyPassReverse / http://127.0.0.1:5000/ |
|
592 | 593 | |
|
593 | 594 | #to enable https use line below |
|
594 | 595 | #SetEnvIf X-Url-Scheme https HTTPS=1 |
|
595 | 596 | |
|
596 | 597 | </VirtualHost> |
|
597 | 598 | |
|
598 | 599 | |
|
599 | 600 | Additional tutorial |
|
600 | 601 | http://wiki.pylonshq.com/display/pylonscookbook/Apache+as+a+reverse+proxy+for+Pylons |
|
601 | 602 | |
|
602 | 603 | |
|
603 | 604 | Apache as subdirectory |
|
604 | 605 | ---------------------- |
|
605 | 606 | |
|
606 | 607 | Apache subdirectory part:: |
|
607 | 608 | |
|
608 | 609 | <Location /<someprefix> > |
|
609 | 610 | ProxyPass http://127.0.0.1:5000/<someprefix> |
|
610 | 611 | ProxyPassReverse http://127.0.0.1:5000/<someprefix> |
|
611 | 612 | SetEnvIf X-Url-Scheme https HTTPS=1 |
|
612 | 613 | </Location> |
|
613 | 614 | |
|
614 | 615 | Besides the regular apache setup you will need to add the following line |
|
615 | 616 | into [app:main] section of your .ini file:: |
|
616 | 617 | |
|
617 | 618 | filter-with = proxy-prefix |
|
618 | 619 | |
|
619 | 620 | Add the following at the end of the .ini file:: |
|
620 | 621 | |
|
621 | 622 | [filter:proxy-prefix] |
|
622 | 623 | use = egg:PasteDeploy#prefix |
|
623 | 624 | prefix = /<someprefix> |
|
624 | 625 | |
|
625 | 626 | |
|
626 | 627 | then change <someprefix> into your choosen prefix |
|
627 | 628 | |
|
628 | 629 | Apache's WSGI config |
|
629 | 630 | -------------------- |
|
630 | 631 | |
|
631 | 632 | Alternatively, RhodeCode can be set up with Apache under mod_wsgi. For |
|
632 | 633 | that, you'll need to: |
|
633 | 634 | |
|
634 | 635 | - Install mod_wsgi. If using a Debian-based distro, you can install |
|
635 | 636 | the package libapache2-mod-wsgi:: |
|
636 | 637 | |
|
637 | 638 | aptitude install libapache2-mod-wsgi |
|
638 | 639 | |
|
639 | 640 | - Enable mod_wsgi:: |
|
640 | 641 | |
|
641 | 642 | a2enmod wsgi |
|
642 | 643 | |
|
643 | 644 | - Create a wsgi dispatch script, like the one below. Make sure you |
|
644 | 645 | check the paths correctly point to where you installed RhodeCode |
|
645 | 646 | and its Python Virtual Environment. |
|
646 | 647 | - Enable the WSGIScriptAlias directive for the wsgi dispatch script, |
|
647 | 648 | as in the following example. Once again, check the paths are |
|
648 | 649 | correctly specified. |
|
649 | 650 | |
|
650 | 651 | Here is a sample excerpt from an Apache Virtual Host configuration file:: |
|
651 | 652 | |
|
652 | 653 | WSGIDaemonProcess pylons user=www-data group=www-data processes=1 \ |
|
653 | 654 | threads=4 \ |
|
654 | 655 | python-path=/home/web/rhodecode/pyenv/lib/python2.6/site-packages |
|
655 | 656 | WSGIScriptAlias / /home/web/rhodecode/dispatch.wsgi |
|
656 | 657 | WSGIPassAuthorization On |
|
657 | 658 | |
|
658 | 659 | Example wsgi dispatch script:: |
|
659 | 660 | |
|
660 | 661 | import os |
|
661 | 662 | os.environ["HGENCODING"] = "UTF-8" |
|
662 | 663 | os.environ['PYTHON_EGG_CACHE'] = '/home/web/rhodecode/.egg-cache' |
|
663 | 664 | |
|
664 | 665 | # sometimes it's needed to set the curent dir |
|
665 | 666 | os.chdir('/home/web/rhodecode/') |
|
666 | 667 | |
|
667 | 668 | import site |
|
668 | 669 | site.addsitedir("/home/web/rhodecode/pyenv/lib/python2.6/site-packages") |
|
669 | 670 | |
|
670 | 671 | from paste.deploy import loadapp |
|
671 | 672 | from paste.script.util.logging_config import fileConfig |
|
672 | 673 | |
|
673 | 674 | fileConfig('/home/web/rhodecode/production.ini') |
|
674 | 675 | application = loadapp('config:/home/web/rhodecode/production.ini') |
|
675 | 676 | |
|
676 | 677 | Note: when using mod_wsgi you'll need to install the same version of |
|
677 | 678 | Mercurial that's inside RhodeCode's virtualenv also on the system's Python |
|
678 | 679 | environment. |
|
679 | 680 | |
|
680 | 681 | |
|
681 | 682 | Other configuration files |
|
682 | 683 | ------------------------- |
|
683 | 684 | |
|
684 | 685 | Some example init.d scripts can be found here, for debian and gentoo: |
|
685 | 686 | |
|
686 | 687 | https://rhodecode.org/rhodecode/files/tip/init.d |
|
687 | 688 | |
|
688 | 689 | |
|
689 | 690 | Troubleshooting |
|
690 | 691 | --------------- |
|
691 | 692 | |
|
692 | 693 | :Q: **Missing static files?** |
|
693 | 694 | :A: Make sure either to set the `static_files = true` in the .ini file or |
|
694 | 695 | double check the root path for your http setup. It should point to |
|
695 | 696 | for example: |
|
696 | 697 | /home/my-virtual-python/lib/python2.6/site-packages/rhodecode/public |
|
697 | 698 | |
|
698 | 699 | | |
|
699 | 700 | |
|
700 | 701 | :Q: **Can't install celery/rabbitmq** |
|
701 | 702 | :A: Don't worry RhodeCode works without them too. No extra setup is required. |
|
702 | 703 | |
|
703 | 704 | | |
|
704 | 705 | |
|
705 | 706 | :Q: **Long lasting push timeouts?** |
|
706 | 707 | :A: Make sure you set a longer timeouts in your proxy/fcgi settings, timeouts |
|
707 | 708 | are caused by https server and not RhodeCode. |
|
708 | 709 | |
|
709 | 710 | | |
|
710 | 711 | |
|
711 | 712 | :Q: **Large pushes timeouts?** |
|
712 | 713 | :A: Make sure you set a proper max_body_size for the http server. |
|
713 | 714 | |
|
714 | 715 | | |
|
715 | 716 | |
|
716 | 717 | :Q: **Apache doesn't pass basicAuth on pull/push?** |
|
717 | 718 | :A: Make sure you added `WSGIPassAuthorization true`. |
|
718 | 719 | |
|
719 | 720 | For further questions search the `Issues tracker`_, or post a message in the |
|
720 | 721 | `google group rhodecode`_ |
|
721 | 722 | |
|
722 | 723 | .. _virtualenv: http://pypi.python.org/pypi/virtualenv |
|
723 | 724 | .. _python: http://www.python.org/ |
|
724 | 725 | .. _mercurial: http://mercurial.selenic.com/ |
|
725 | 726 | .. _celery: http://celeryproject.org/ |
|
726 | 727 | .. _rabbitmq: http://www.rabbitmq.com/ |
|
727 | 728 | .. _python-ldap: http://www.python-ldap.org/ |
|
728 | 729 | .. _mercurial-server: http://www.lshift.net/mercurial-server.html |
|
729 | 730 | .. _PublishingRepositories: http://mercurial.selenic.com/wiki/PublishingRepositories |
|
730 | 731 | .. _Issues tracker: https://bitbucket.org/marcinkuzminski/rhodecode/issues |
|
731 | 732 | .. _google group rhodecode: http://groups.google.com/group/rhodecode |
@@ -1,527 +1,535 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | """ |
|
3 | 3 | rhodecode.lib.db_manage |
|
4 | 4 | ~~~~~~~~~~~~~~~~~~~~~~~ |
|
5 | 5 | |
|
6 | 6 | Database creation, and setup module for RhodeCode. Used for creation |
|
7 | 7 | of database as well as for migration operations |
|
8 | 8 | |
|
9 | 9 | :created_on: Apr 10, 2010 |
|
10 | 10 | :author: marcink |
|
11 | 11 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
12 | 12 | :license: GPLv3, see COPYING for more details. |
|
13 | 13 | """ |
|
14 | 14 | # This program is free software: you can redistribute it and/or modify |
|
15 | 15 | # it under the terms of the GNU General Public License as published by |
|
16 | 16 | # the Free Software Foundation, either version 3 of the License, or |
|
17 | 17 | # (at your option) any later version. |
|
18 | 18 | # |
|
19 | 19 | # This program is distributed in the hope that it will be useful, |
|
20 | 20 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
21 | 21 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
22 | 22 | # GNU General Public License for more details. |
|
23 | 23 | # |
|
24 | 24 | # You should have received a copy of the GNU General Public License |
|
25 | 25 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
26 | 26 | |
|
27 | 27 | import os |
|
28 | 28 | import sys |
|
29 | 29 | import uuid |
|
30 | 30 | import logging |
|
31 | 31 | from os.path import dirname as dn, join as jn |
|
32 | 32 | |
|
33 | 33 | from rhodecode import __dbversion__ |
|
34 | 34 | from rhodecode.model import meta |
|
35 | 35 | |
|
36 | 36 | from rhodecode.model.user import UserModel |
|
37 | 37 | from rhodecode.lib.utils import ask_ok |
|
38 | 38 | from rhodecode.model import init_model |
|
39 | 39 | from rhodecode.model.db import User, Permission, RhodeCodeUi, \ |
|
40 | 40 | RhodeCodeSetting, UserToPerm, DbMigrateVersion, RepoGroup,\ |
|
41 | 41 | UserRepoGroupToPerm |
|
42 | 42 | |
|
43 | 43 | from sqlalchemy.engine import create_engine |
|
44 | 44 | from rhodecode.model.repos_group import ReposGroupModel |
|
45 | 45 | |
|
46 | 46 | log = logging.getLogger(__name__) |
|
47 | 47 | |
|
48 | 48 | |
|
49 | 49 | class DbManage(object): |
|
50 | 50 | def __init__(self, log_sql, dbconf, root, tests=False): |
|
51 | 51 | self.dbname = dbconf.split('/')[-1] |
|
52 | 52 | self.tests = tests |
|
53 | 53 | self.root = root |
|
54 | 54 | self.dburi = dbconf |
|
55 | 55 | self.log_sql = log_sql |
|
56 | 56 | self.db_exists = False |
|
57 | 57 | self.init_db() |
|
58 | 58 | |
|
59 | 59 | def init_db(self): |
|
60 | 60 | engine = create_engine(self.dburi, echo=self.log_sql) |
|
61 | 61 | init_model(engine) |
|
62 | 62 | self.sa = meta.Session |
|
63 | 63 | |
|
64 | 64 | def create_tables(self, override=False): |
|
65 | 65 | """ |
|
66 | 66 | Create a auth database |
|
67 | 67 | """ |
|
68 | 68 | |
|
69 | 69 | log.info("Any existing database is going to be destroyed") |
|
70 | 70 | if self.tests: |
|
71 | 71 | destroy = True |
|
72 | 72 | else: |
|
73 | 73 | destroy = ask_ok('Are you sure to destroy old database ? [y/n]') |
|
74 | 74 | if not destroy: |
|
75 | 75 | sys.exit() |
|
76 | 76 | if destroy: |
|
77 | 77 | meta.Base.metadata.drop_all() |
|
78 | 78 | |
|
79 | 79 | checkfirst = not override |
|
80 | 80 | meta.Base.metadata.create_all(checkfirst=checkfirst) |
|
81 | 81 | log.info('Created tables for %s' % self.dbname) |
|
82 | 82 | |
|
83 | 83 | def set_db_version(self): |
|
84 | 84 | ver = DbMigrateVersion() |
|
85 | 85 | ver.version = __dbversion__ |
|
86 | 86 | ver.repository_id = 'rhodecode_db_migrations' |
|
87 | 87 | ver.repository_path = 'versions' |
|
88 | 88 | self.sa.add(ver) |
|
89 | 89 | log.info('db version set to: %s' % __dbversion__) |
|
90 | 90 | |
|
91 | 91 | def upgrade(self): |
|
92 | 92 | """ |
|
93 | 93 | Upgrades given database schema to given revision following |
|
94 | 94 | all needed steps, to perform the upgrade |
|
95 | 95 | |
|
96 | 96 | """ |
|
97 | 97 | |
|
98 | 98 | from rhodecode.lib.dbmigrate.migrate.versioning import api |
|
99 | 99 | from rhodecode.lib.dbmigrate.migrate.exceptions import \ |
|
100 | 100 | DatabaseNotControlledError |
|
101 | 101 | |
|
102 | 102 | if 'sqlite' in self.dburi: |
|
103 | 103 | print ( |
|
104 | 104 | '********************** WARNING **********************\n' |
|
105 | 105 | 'Make sure your version of sqlite is at least 3.7.X. \n' |
|
106 | 106 | 'Earlier versions are known to fail on some migrations\n' |
|
107 | 107 | '*****************************************************\n' |
|
108 | 108 | ) |
|
109 | 109 | upgrade = ask_ok('You are about to perform database upgrade, make ' |
|
110 | 110 | 'sure You backed up your database before. ' |
|
111 | 111 | 'Continue ? [y/n]') |
|
112 | 112 | if not upgrade: |
|
113 | 113 | sys.exit('Nothing done') |
|
114 | 114 | |
|
115 | 115 | repository_path = jn(dn(dn(dn(os.path.realpath(__file__)))), |
|
116 | 116 | 'rhodecode/lib/dbmigrate') |
|
117 | 117 | db_uri = self.dburi |
|
118 | 118 | |
|
119 | 119 | try: |
|
120 | 120 | curr_version = api.db_version(db_uri, repository_path) |
|
121 | 121 | msg = ('Found current database under version' |
|
122 | 122 | ' control with version %s' % curr_version) |
|
123 | 123 | |
|
124 | 124 | except (RuntimeError, DatabaseNotControlledError): |
|
125 | 125 | curr_version = 1 |
|
126 | 126 | msg = ('Current database is not under version control. Setting' |
|
127 | 127 | ' as version %s' % curr_version) |
|
128 | 128 | api.version_control(db_uri, repository_path, curr_version) |
|
129 | 129 | |
|
130 | 130 | print (msg) |
|
131 | 131 | |
|
132 | 132 | if curr_version == __dbversion__: |
|
133 | 133 | sys.exit('This database is already at the newest version') |
|
134 | 134 | |
|
135 | 135 | #====================================================================== |
|
136 | 136 | # UPGRADE STEPS |
|
137 | 137 | #====================================================================== |
|
138 | 138 | class UpgradeSteps(object): |
|
139 | 139 | """ |
|
140 | 140 | Those steps follow schema versions so for example schema |
|
141 | 141 | for example schema with seq 002 == step_2 and so on. |
|
142 | 142 | """ |
|
143 | 143 | |
|
144 | 144 | def __init__(self, klass): |
|
145 | 145 | self.klass = klass |
|
146 | 146 | |
|
147 | 147 | def step_0(self): |
|
148 | 148 | # step 0 is the schema upgrade, and than follow proper upgrades |
|
149 | 149 | print ('attempting to do database upgrade to version %s' \ |
|
150 | 150 | % __dbversion__) |
|
151 | 151 | api.upgrade(db_uri, repository_path, __dbversion__) |
|
152 | 152 | print ('Schema upgrade completed') |
|
153 | 153 | |
|
154 | 154 | def step_1(self): |
|
155 | 155 | pass |
|
156 | 156 | |
|
157 | 157 | def step_2(self): |
|
158 | 158 | print ('Patching repo paths for newer version of RhodeCode') |
|
159 | 159 | self.klass.fix_repo_paths() |
|
160 | 160 | |
|
161 | 161 | print ('Patching default user of RhodeCode') |
|
162 | 162 | self.klass.fix_default_user() |
|
163 | 163 | |
|
164 | 164 | log.info('Changing ui settings') |
|
165 | 165 | self.klass.create_ui_settings() |
|
166 | 166 | |
|
167 | 167 | def step_3(self): |
|
168 | 168 | print ('Adding additional settings into RhodeCode db') |
|
169 | 169 | self.klass.fix_settings() |
|
170 | 170 | print ('Adding ldap defaults') |
|
171 | 171 | self.klass.create_ldap_options(skip_existing=True) |
|
172 | 172 | |
|
173 | 173 | def step_4(self): |
|
174 | 174 | print ('create permissions and fix groups') |
|
175 | 175 | self.klass.create_permissions() |
|
176 | 176 | self.klass.fixup_groups() |
|
177 | 177 | |
|
178 | 178 | def step_5(self): |
|
179 | 179 | pass |
|
180 | 180 | |
|
181 | 181 | upgrade_steps = [0] + range(curr_version + 1, __dbversion__ + 1) |
|
182 | 182 | |
|
183 | 183 | # CALL THE PROPER ORDER OF STEPS TO PERFORM FULL UPGRADE |
|
184 | 184 | for step in upgrade_steps: |
|
185 | 185 | print ('performing upgrade step %s' % step) |
|
186 | 186 | getattr(UpgradeSteps(self), 'step_%s' % step)() |
|
187 | 187 | self.sa.commit() |
|
188 | 188 | |
|
189 | 189 | def fix_repo_paths(self): |
|
190 | 190 | """ |
|
191 | 191 | Fixes a old rhodecode version path into new one without a '*' |
|
192 | 192 | """ |
|
193 | 193 | |
|
194 | 194 | paths = self.sa.query(RhodeCodeUi)\ |
|
195 | 195 | .filter(RhodeCodeUi.ui_key == '/')\ |
|
196 | 196 | .scalar() |
|
197 | 197 | |
|
198 | 198 | paths.ui_value = paths.ui_value.replace('*', '') |
|
199 | 199 | |
|
200 | 200 | try: |
|
201 | 201 | self.sa.add(paths) |
|
202 | 202 | self.sa.commit() |
|
203 | 203 | except: |
|
204 | 204 | self.sa.rollback() |
|
205 | 205 | raise |
|
206 | 206 | |
|
207 | 207 | def fix_default_user(self): |
|
208 | 208 | """ |
|
209 | 209 | Fixes a old default user with some 'nicer' default values, |
|
210 | 210 | used mostly for anonymous access |
|
211 | 211 | """ |
|
212 | 212 | def_user = self.sa.query(User)\ |
|
213 | 213 | .filter(User.username == 'default')\ |
|
214 | 214 | .one() |
|
215 | 215 | |
|
216 | 216 | def_user.name = 'Anonymous' |
|
217 | 217 | def_user.lastname = 'User' |
|
218 | 218 | def_user.email = 'anonymous@rhodecode.org' |
|
219 | 219 | |
|
220 | 220 | try: |
|
221 | 221 | self.sa.add(def_user) |
|
222 | 222 | self.sa.commit() |
|
223 | 223 | except: |
|
224 | 224 | self.sa.rollback() |
|
225 | 225 | raise |
|
226 | 226 | |
|
227 | 227 | def fix_settings(self): |
|
228 | 228 | """ |
|
229 | 229 | Fixes rhodecode settings adds ga_code key for google analytics |
|
230 | 230 | """ |
|
231 | 231 | |
|
232 | 232 | hgsettings3 = RhodeCodeSetting('ga_code', '') |
|
233 | 233 | |
|
234 | 234 | try: |
|
235 | 235 | self.sa.add(hgsettings3) |
|
236 | 236 | self.sa.commit() |
|
237 | 237 | except: |
|
238 | 238 | self.sa.rollback() |
|
239 | 239 | raise |
|
240 | 240 | |
|
241 | def admin_prompt(self, second=False): | |
|
241 | def admin_prompt(self, second=False, defaults={}): | |
|
242 | 242 | if not self.tests: |
|
243 | 243 | import getpass |
|
244 | 244 | |
|
245 | # defaults | |
|
246 | username = defaults.get('username') | |
|
247 | password = defaults.get('password') | |
|
248 | email = defaults.get('email') | |
|
249 | ||
|
245 | 250 | def get_password(): |
|
246 | 251 | password = getpass.getpass('Specify admin password ' |
|
247 | 252 | '(min 6 chars):') |
|
248 | 253 | confirm = getpass.getpass('Confirm password:') |
|
249 | 254 | |
|
250 | 255 | if password != confirm: |
|
251 | 256 | log.error('passwords mismatch') |
|
252 | 257 | return False |
|
253 | 258 | if len(password) < 6: |
|
254 | 259 | log.error('password is to short use at least 6 characters') |
|
255 | 260 | return False |
|
256 | 261 | |
|
257 | 262 | return password |
|
258 | ||
|
263 | if username is None: | |
|
259 | 264 | username = raw_input('Specify admin username:') |
|
260 | ||
|
265 | if password is None: | |
|
261 | 266 | password = get_password() |
|
262 | 267 | if not password: |
|
263 | 268 | #second try |
|
264 | 269 | password = get_password() |
|
265 | 270 | if not password: |
|
266 | 271 | sys.exit() |
|
267 | ||
|
272 | if email is None: | |
|
268 | 273 | email = raw_input('Specify admin email:') |
|
269 | 274 | self.create_user(username, password, email, True) |
|
270 | 275 | else: |
|
271 | 276 | log.info('creating admin and regular test users') |
|
272 | 277 | from rhodecode.tests import TEST_USER_ADMIN_LOGIN,\ |
|
273 | 278 | TEST_USER_ADMIN_PASS, TEST_USER_ADMIN_EMAIL,\ |
|
274 | 279 | TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS,\ |
|
275 | 280 | TEST_USER_REGULAR_EMAIL, TEST_USER_REGULAR2_LOGIN, \ |
|
276 | 281 | TEST_USER_REGULAR2_PASS, TEST_USER_REGULAR2_EMAIL |
|
277 | 282 | |
|
278 | 283 | self.create_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS, |
|
279 | 284 | TEST_USER_ADMIN_EMAIL, True) |
|
280 | 285 | |
|
281 | 286 | self.create_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS, |
|
282 | 287 | TEST_USER_REGULAR_EMAIL, False) |
|
283 | 288 | |
|
284 | 289 | self.create_user(TEST_USER_REGULAR2_LOGIN, TEST_USER_REGULAR2_PASS, |
|
285 | 290 | TEST_USER_REGULAR2_EMAIL, False) |
|
286 | 291 | |
|
287 | 292 | def create_ui_settings(self): |
|
288 | 293 | """ |
|
289 | 294 | Creates ui settings, fills out hooks |
|
290 | 295 | and disables dotencode |
|
291 | 296 | """ |
|
292 | 297 | |
|
293 | 298 | #HOOKS |
|
294 | 299 | hooks1_key = RhodeCodeUi.HOOK_UPDATE |
|
295 | 300 | hooks1_ = self.sa.query(RhodeCodeUi)\ |
|
296 | 301 | .filter(RhodeCodeUi.ui_key == hooks1_key).scalar() |
|
297 | 302 | |
|
298 | 303 | hooks1 = RhodeCodeUi() if hooks1_ is None else hooks1_ |
|
299 | 304 | hooks1.ui_section = 'hooks' |
|
300 | 305 | hooks1.ui_key = hooks1_key |
|
301 | 306 | hooks1.ui_value = 'hg update >&2' |
|
302 | 307 | hooks1.ui_active = False |
|
303 | 308 | |
|
304 | 309 | hooks2_key = RhodeCodeUi.HOOK_REPO_SIZE |
|
305 | 310 | hooks2_ = self.sa.query(RhodeCodeUi)\ |
|
306 | 311 | .filter(RhodeCodeUi.ui_key == hooks2_key).scalar() |
|
307 | 312 | |
|
308 | 313 | hooks2 = RhodeCodeUi() if hooks2_ is None else hooks2_ |
|
309 | 314 | hooks2.ui_section = 'hooks' |
|
310 | 315 | hooks2.ui_key = hooks2_key |
|
311 | 316 | hooks2.ui_value = 'python:rhodecode.lib.hooks.repo_size' |
|
312 | 317 | |
|
313 | 318 | hooks3 = RhodeCodeUi() |
|
314 | 319 | hooks3.ui_section = 'hooks' |
|
315 | 320 | hooks3.ui_key = RhodeCodeUi.HOOK_PUSH |
|
316 | 321 | hooks3.ui_value = 'python:rhodecode.lib.hooks.log_push_action' |
|
317 | 322 | |
|
318 | 323 | hooks4 = RhodeCodeUi() |
|
319 | 324 | hooks4.ui_section = 'hooks' |
|
320 | 325 | hooks4.ui_key = RhodeCodeUi.HOOK_PULL |
|
321 | 326 | hooks4.ui_value = 'python:rhodecode.lib.hooks.log_pull_action' |
|
322 | 327 | |
|
323 | 328 | # For mercurial 1.7 set backward comapatibility with format |
|
324 | 329 | dotencode_disable = RhodeCodeUi() |
|
325 | 330 | dotencode_disable.ui_section = 'format' |
|
326 | 331 | dotencode_disable.ui_key = 'dotencode' |
|
327 | 332 | dotencode_disable.ui_value = 'false' |
|
328 | 333 | |
|
329 | 334 | # enable largefiles |
|
330 | 335 | largefiles = RhodeCodeUi() |
|
331 | 336 | largefiles.ui_section = 'extensions' |
|
332 | 337 | largefiles.ui_key = 'largefiles' |
|
333 | 338 | largefiles.ui_value = '' |
|
334 | 339 | |
|
335 | 340 | self.sa.add(hooks1) |
|
336 | 341 | self.sa.add(hooks2) |
|
337 | 342 | self.sa.add(hooks3) |
|
338 | 343 | self.sa.add(hooks4) |
|
339 | 344 | self.sa.add(largefiles) |
|
340 | 345 | |
|
341 | 346 | def create_ldap_options(self, skip_existing=False): |
|
342 | 347 | """Creates ldap settings""" |
|
343 | 348 | |
|
344 | 349 | for k, v in [('ldap_active', 'false'), ('ldap_host', ''), |
|
345 | 350 | ('ldap_port', '389'), ('ldap_tls_kind', 'PLAIN'), |
|
346 | 351 | ('ldap_tls_reqcert', ''), ('ldap_dn_user', ''), |
|
347 | 352 | ('ldap_dn_pass', ''), ('ldap_base_dn', ''), |
|
348 | 353 | ('ldap_filter', ''), ('ldap_search_scope', ''), |
|
349 | 354 | ('ldap_attr_login', ''), ('ldap_attr_firstname', ''), |
|
350 | 355 | ('ldap_attr_lastname', ''), ('ldap_attr_email', '')]: |
|
351 | 356 | |
|
352 | 357 | if skip_existing and RhodeCodeSetting.get_by_name(k) != None: |
|
353 | 358 | log.debug('Skipping option %s' % k) |
|
354 | 359 | continue |
|
355 | 360 | setting = RhodeCodeSetting(k, v) |
|
356 | 361 | self.sa.add(setting) |
|
357 | 362 | |
|
358 | 363 | def fixup_groups(self): |
|
359 | 364 | def_usr = User.get_by_username('default') |
|
360 | 365 | for g in RepoGroup.query().all(): |
|
361 | 366 | g.group_name = g.get_new_name(g.name) |
|
362 | 367 | self.sa.add(g) |
|
363 | 368 | # get default perm |
|
364 | 369 | default = UserRepoGroupToPerm.query()\ |
|
365 | 370 | .filter(UserRepoGroupToPerm.group == g)\ |
|
366 | 371 | .filter(UserRepoGroupToPerm.user == def_usr)\ |
|
367 | 372 | .scalar() |
|
368 | 373 | |
|
369 | 374 | if default is None: |
|
370 | 375 | log.debug('missing default permission for group %s adding' % g) |
|
371 | 376 | ReposGroupModel()._create_default_perms(g) |
|
372 | 377 | |
|
373 | def config_prompt(self, test_repo_path='', retries=3): | |
|
378 | def config_prompt(self, test_repo_path='', retries=3, defaults={}): | |
|
379 | _path = defaults.get('repos_location') | |
|
374 | 380 | if retries == 3: |
|
375 | 381 | log.info('Setting up repositories config') |
|
376 | 382 | |
|
377 | if not self.tests and not test_repo_path: | |
|
383 | if _path is not None: | |
|
384 | path = _path | |
|
385 | elif not self.tests and not test_repo_path: | |
|
378 | 386 | path = raw_input( |
|
379 | 387 | 'Enter a valid absolute path to store repositories. ' |
|
380 | 388 | 'All repositories in that path will be added automatically:' |
|
381 | 389 | ) |
|
382 | 390 | else: |
|
383 | 391 | path = test_repo_path |
|
384 | 392 | path_ok = True |
|
385 | 393 | |
|
386 | 394 | # check proper dir |
|
387 | 395 | if not os.path.isdir(path): |
|
388 | 396 | path_ok = False |
|
389 | 397 | log.error('Given path %s is not a valid directory' % path) |
|
390 | 398 | |
|
391 | 399 | elif not os.path.isabs(path): |
|
392 | 400 | path_ok = False |
|
393 | 401 | log.error('Given path %s is not an absolute path' % path) |
|
394 | 402 | |
|
395 | 403 | # check write access |
|
396 | 404 | elif not os.access(path, os.W_OK) and path_ok: |
|
397 | 405 | path_ok = False |
|
398 | 406 | log.error('No write permission to given path %s' % path) |
|
399 | 407 | |
|
400 | 408 | if retries == 0: |
|
401 | 409 | sys.exit('max retries reached') |
|
402 | 410 | if path_ok is False: |
|
403 | 411 | retries -= 1 |
|
404 | 412 | return self.config_prompt(test_repo_path, retries) |
|
405 | 413 | |
|
406 | 414 | return path |
|
407 | 415 | |
|
408 | 416 | def create_settings(self, path): |
|
409 | 417 | |
|
410 | 418 | self.create_ui_settings() |
|
411 | 419 | |
|
412 | 420 | #HG UI OPTIONS |
|
413 | 421 | web1 = RhodeCodeUi() |
|
414 | 422 | web1.ui_section = 'web' |
|
415 | 423 | web1.ui_key = 'push_ssl' |
|
416 | 424 | web1.ui_value = 'false' |
|
417 | 425 | |
|
418 | 426 | web2 = RhodeCodeUi() |
|
419 | 427 | web2.ui_section = 'web' |
|
420 | 428 | web2.ui_key = 'allow_archive' |
|
421 | 429 | web2.ui_value = 'gz zip bz2' |
|
422 | 430 | |
|
423 | 431 | web3 = RhodeCodeUi() |
|
424 | 432 | web3.ui_section = 'web' |
|
425 | 433 | web3.ui_key = 'allow_push' |
|
426 | 434 | web3.ui_value = '*' |
|
427 | 435 | |
|
428 | 436 | web4 = RhodeCodeUi() |
|
429 | 437 | web4.ui_section = 'web' |
|
430 | 438 | web4.ui_key = 'baseurl' |
|
431 | 439 | web4.ui_value = '/' |
|
432 | 440 | |
|
433 | 441 | paths = RhodeCodeUi() |
|
434 | 442 | paths.ui_section = 'paths' |
|
435 | 443 | paths.ui_key = '/' |
|
436 | 444 | paths.ui_value = path |
|
437 | 445 | |
|
438 | 446 | hgsettings1 = RhodeCodeSetting('realm', 'RhodeCode authentication') |
|
439 | 447 | hgsettings2 = RhodeCodeSetting('title', 'RhodeCode') |
|
440 | 448 | hgsettings3 = RhodeCodeSetting('ga_code', '') |
|
441 | 449 | |
|
442 | 450 | self.sa.add(web1) |
|
443 | 451 | self.sa.add(web2) |
|
444 | 452 | self.sa.add(web3) |
|
445 | 453 | self.sa.add(web4) |
|
446 | 454 | self.sa.add(paths) |
|
447 | 455 | self.sa.add(hgsettings1) |
|
448 | 456 | self.sa.add(hgsettings2) |
|
449 | 457 | self.sa.add(hgsettings3) |
|
450 | 458 | |
|
451 | 459 | self.create_ldap_options() |
|
452 | 460 | |
|
453 | 461 | log.info('created ui config') |
|
454 | 462 | |
|
455 | 463 | def create_user(self, username, password, email='', admin=False): |
|
456 | 464 | log.info('creating user %s' % username) |
|
457 | 465 | UserModel().create_or_update(username, password, email, |
|
458 | 466 | name='RhodeCode', lastname='Admin', |
|
459 | 467 | active=True, admin=admin) |
|
460 | 468 | |
|
461 | 469 | def create_default_user(self): |
|
462 | 470 | log.info('creating default user') |
|
463 | 471 | # create default user for handling default permissions. |
|
464 | 472 | UserModel().create_or_update(username='default', |
|
465 | 473 | password=str(uuid.uuid1())[:8], |
|
466 | 474 | email='anonymous@rhodecode.org', |
|
467 | 475 | name='Anonymous', lastname='User') |
|
468 | 476 | |
|
469 | 477 | def create_permissions(self): |
|
470 | 478 | # module.(access|create|change|delete)_[name] |
|
471 | 479 | # module.(none|read|write|admin) |
|
472 | 480 | perms = [ |
|
473 | 481 | ('repository.none', 'Repository no access'), |
|
474 | 482 | ('repository.read', 'Repository read access'), |
|
475 | 483 | ('repository.write', 'Repository write access'), |
|
476 | 484 | ('repository.admin', 'Repository admin access'), |
|
477 | 485 | |
|
478 | 486 | ('group.none', 'Repositories Group no access'), |
|
479 | 487 | ('group.read', 'Repositories Group read access'), |
|
480 | 488 | ('group.write', 'Repositories Group write access'), |
|
481 | 489 | ('group.admin', 'Repositories Group admin access'), |
|
482 | 490 | |
|
483 | 491 | ('hg.admin', 'Hg Administrator'), |
|
484 | 492 | ('hg.create.repository', 'Repository create'), |
|
485 | 493 | ('hg.create.none', 'Repository creation disabled'), |
|
486 | 494 | ('hg.register.none', 'Register disabled'), |
|
487 | 495 | ('hg.register.manual_activate', 'Register new user with RhodeCode ' |
|
488 | 496 | 'without manual activation'), |
|
489 | 497 | |
|
490 | 498 | ('hg.register.auto_activate', 'Register new user with RhodeCode ' |
|
491 | 499 | 'without auto activation'), |
|
492 | 500 | ] |
|
493 | 501 | |
|
494 | 502 | for p in perms: |
|
495 | 503 | if not Permission.get_by_key(p[0]): |
|
496 | 504 | new_perm = Permission() |
|
497 | 505 | new_perm.permission_name = p[0] |
|
498 | 506 | new_perm.permission_longname = p[1] |
|
499 | 507 | self.sa.add(new_perm) |
|
500 | 508 | |
|
501 | 509 | def populate_default_permissions(self): |
|
502 | 510 | log.info('creating default user permissions') |
|
503 | 511 | |
|
504 | 512 | default_user = self.sa.query(User)\ |
|
505 | 513 | .filter(User.username == 'default').scalar() |
|
506 | 514 | |
|
507 | 515 | reg_perm = UserToPerm() |
|
508 | 516 | reg_perm.user = default_user |
|
509 | 517 | reg_perm.permission = self.sa.query(Permission)\ |
|
510 | 518 | .filter(Permission.permission_name == 'hg.register.manual_activate')\ |
|
511 | 519 | .scalar() |
|
512 | 520 | |
|
513 | 521 | create_repo_perm = UserToPerm() |
|
514 | 522 | create_repo_perm.user = default_user |
|
515 | 523 | create_repo_perm.permission = self.sa.query(Permission)\ |
|
516 | 524 | .filter(Permission.permission_name == 'hg.create.repository')\ |
|
517 | 525 | .scalar() |
|
518 | 526 | |
|
519 | 527 | default_repo_perm = UserToPerm() |
|
520 | 528 | default_repo_perm.user = default_user |
|
521 | 529 | default_repo_perm.permission = self.sa.query(Permission)\ |
|
522 | 530 | .filter(Permission.permission_name == 'repository.read')\ |
|
523 | 531 | .scalar() |
|
524 | 532 | |
|
525 | 533 | self.sa.add(reg_perm) |
|
526 | 534 | self.sa.add(create_repo_perm) |
|
527 | 535 | self.sa.add(default_repo_perm) |
@@ -1,49 +1,50 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | """ |
|
3 | 3 | rhodecode.websetup |
|
4 | 4 | ~~~~~~~~~~~~~~~~~~ |
|
5 | 5 | |
|
6 | 6 | Weboperations and setup for rhodecode |
|
7 | 7 | |
|
8 | 8 | :created_on: Dec 11, 2010 |
|
9 | 9 | :author: marcink |
|
10 | 10 | :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com> |
|
11 | 11 | :license: GPLv3, see COPYING for more details. |
|
12 | 12 | """ |
|
13 | 13 | # This program is free software: you can redistribute it and/or modify |
|
14 | 14 | # it under the terms of the GNU General Public License as published by |
|
15 | 15 | # the Free Software Foundation, either version 3 of the License, or |
|
16 | 16 | # (at your option) any later version. |
|
17 | 17 | # |
|
18 | 18 | # This program is distributed in the hope that it will be useful, |
|
19 | 19 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
20 | 20 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
21 | 21 | # GNU General Public License for more details. |
|
22 | 22 | # |
|
23 | 23 | # You should have received a copy of the GNU General Public License |
|
24 | 24 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
25 | 25 | |
|
26 | 26 | import logging |
|
27 | 27 | |
|
28 | 28 | from rhodecode.config.environment import load_environment |
|
29 | 29 | from rhodecode.lib.db_manage import DbManage |
|
30 | 30 | from rhodecode.model.meta import Session |
|
31 | 31 | |
|
32 | 32 | |
|
33 | 33 | log = logging.getLogger(__name__) |
|
34 | 34 | |
|
35 | 35 | |
|
36 | 36 | def setup_app(command, conf, vars): |
|
37 | 37 | """Place any commands to setup rhodecode here""" |
|
38 | 38 | dbconf = conf['sqlalchemy.db1.url'] |
|
39 | 39 | dbmanage = DbManage(log_sql=True, dbconf=dbconf, root=conf['here'], |
|
40 | 40 | tests=False) |
|
41 | 41 | dbmanage.create_tables(override=True) |
|
42 | 42 | dbmanage.set_db_version() |
|
43 | dbmanage.create_settings(dbmanage.config_prompt(None)) | |
|
43 | opts = dbmanage.config_prompt(None, defaults=command.options.__dict__) | |
|
44 | dbmanage.create_settings(opts) | |
|
44 | 45 | dbmanage.create_default_user() |
|
45 | dbmanage.admin_prompt() | |
|
46 | dbmanage.admin_prompt(defaults=command.options.__dict__) | |
|
46 | 47 | dbmanage.create_permissions() |
|
47 | 48 | dbmanage.populate_default_permissions() |
|
48 | 49 | Session.commit() |
|
49 | 50 | load_environment(conf.global_conf, conf.local_conf, initial=True) |
@@ -1,102 +1,103 b'' | |||
|
1 | 1 | import sys |
|
2 | 2 | from rhodecode import get_version |
|
3 | 3 | from rhodecode import __license__ |
|
4 | 4 | from rhodecode import __py_version__ |
|
5 | 5 | from rhodecode import requirements |
|
6 | 6 | |
|
7 | 7 | if __py_version__ < (2, 5): |
|
8 | 8 | raise Exception('RhodeCode requires python 2.5 or later') |
|
9 | 9 | |
|
10 | 10 | dependency_links = [ |
|
11 | 11 | ] |
|
12 | 12 | |
|
13 | 13 | classifiers = [ |
|
14 | 14 | 'Development Status :: 4 - Beta', |
|
15 | 15 | 'Environment :: Web Environment', |
|
16 | 16 | 'Framework :: Pylons', |
|
17 | 17 | 'Intended Audience :: Developers', |
|
18 | 18 | 'License :: OSI Approved :: GNU General Public License (GPL)', |
|
19 | 19 | 'Operating System :: OS Independent', |
|
20 | 20 | 'Programming Language :: Python', |
|
21 | 21 | 'Programming Language :: Python :: 2.5', |
|
22 | 22 | 'Programming Language :: Python :: 2.6', |
|
23 | 23 | 'Programming Language :: Python :: 2.7', |
|
24 | 24 | ] |
|
25 | 25 | |
|
26 | 26 | |
|
27 | 27 | # additional files from project that goes somewhere in the filesystem |
|
28 | 28 | # relative to sys.prefix |
|
29 | 29 | data_files = [] |
|
30 | 30 | |
|
31 | 31 | # additional files that goes into package itself |
|
32 | 32 | package_data = {'rhodecode': ['i18n/*/LC_MESSAGES/*.mo', ], } |
|
33 | 33 | |
|
34 | 34 | description = ('Mercurial repository browser/management with ' |
|
35 | 35 | 'build in push/pull server and full text search') |
|
36 | 36 | keywords = ' '.join(['rhodecode', 'rhodiumcode', 'mercurial', 'git', |
|
37 | 37 | 'code review', 'repo groups', 'ldap' |
|
38 | 38 | 'repository management', 'hgweb replacement' |
|
39 | 39 | 'hgwebdir', 'gitweb replacement', 'serving hgweb', ]) |
|
40 | 40 | # long description |
|
41 | 41 | try: |
|
42 | 42 | readme_file = 'README.rst' |
|
43 | 43 | changelog_file = 'docs/changelog.rst' |
|
44 | 44 | long_description = open(readme_file).read() + '\n\n' + \ |
|
45 | 45 | open(changelog_file).read() |
|
46 | 46 | |
|
47 | 47 | except IOError, err: |
|
48 | 48 | sys.stderr.write("[WARNING] Cannot find file specified as " |
|
49 | 49 | "long_description (%s)\n or changelog (%s) skipping that file" \ |
|
50 | 50 | % (readme_file, changelog_file)) |
|
51 | 51 | long_description = description |
|
52 | 52 | |
|
53 | 53 | |
|
54 | 54 | try: |
|
55 | 55 | from setuptools import setup, find_packages |
|
56 | 56 | except ImportError: |
|
57 | 57 | from ez_setup import use_setuptools |
|
58 | 58 | use_setuptools() |
|
59 | 59 | from setuptools import setup, find_packages |
|
60 | 60 | # packages |
|
61 | 61 | packages = find_packages(exclude=['ez_setup']) |
|
62 | 62 | |
|
63 | 63 | setup( |
|
64 | 64 | name='RhodeCode', |
|
65 | 65 | version=get_version(), |
|
66 | 66 | description=description, |
|
67 | 67 | long_description=long_description, |
|
68 | 68 | keywords=keywords, |
|
69 | 69 | license=__license__, |
|
70 | 70 | author='Marcin Kuzminski', |
|
71 | 71 | author_email='marcin@python-works.com', |
|
72 | 72 | dependency_links=dependency_links, |
|
73 | 73 | url='http://rhodecode.org', |
|
74 | 74 | install_requires=requirements, |
|
75 | 75 | classifiers=classifiers, |
|
76 | 76 | setup_requires=["PasteScript>=1.6.3"], |
|
77 | 77 | data_files=data_files, |
|
78 | 78 | packages=packages, |
|
79 | 79 | include_package_data=True, |
|
80 | 80 | test_suite='nose.collector', |
|
81 | 81 | package_data=package_data, |
|
82 | 82 | message_extractors={'rhodecode': [ |
|
83 | 83 | ('**.py', 'python', None), |
|
84 | 84 | ('templates/**.mako', 'mako', {'input_encoding': 'utf-8'}), |
|
85 | 85 | ('templates/**.html', 'mako', {'input_encoding': 'utf-8'}), |
|
86 | 86 | ('public/**', 'ignore', None)]}, |
|
87 | 87 | zip_safe=False, |
|
88 | 88 | paster_plugins=['PasteScript', 'Pylons'], |
|
89 | 89 | entry_points=""" |
|
90 | 90 | [paste.app_factory] |
|
91 | 91 | main = rhodecode.config.middleware:make_app |
|
92 | 92 | |
|
93 | 93 | [paste.app_install] |
|
94 | 94 | main = pylons.util:PylonsInstaller |
|
95 | 95 | |
|
96 | 96 | [paste.global_paster_command] |
|
97 | setup-rhodecode=rhodecode.config.setup:SetupCommand | |
|
97 | 98 | make-index=rhodecode.lib.indexers:MakeIndex |
|
98 | 99 | make-rcext=rhodecode.config.rcextensions.make_rcextensions:MakeRcExt |
|
99 | 100 | upgrade-db=rhodecode.lib.dbmigrate:UpgradeDb |
|
100 | 101 | celeryd=rhodecode.lib.celerypylons.commands:CeleryDaemonCommand |
|
101 | 102 | """, |
|
102 | 103 | ) |
General Comments 0
You need to be logged in to leave comments.
Login now