upstream/kallithea Commit - r7557:ee37a78c

1

.. _setup:

1

.. _setup:

2

3

=====

3

=====

4

Setup

4

Setup

5

=====

5

=====

6

7

8

Setting up Kallithea

8

Setting up Kallithea

9

--------------------

9

--------------------

10

11

First, you will need to create a Kallithea configuration file. Run the

11

First, you will need to create a Kallithea configuration file. Run the

12

following command to do so::

12

following command to do so::

13

14

kallithea-cli config-create my.ini

14

kallithea-cli config-create my.ini

15

16

This will create the file ``my.ini`` in the current directory. This

16

This will create the file ``my.ini`` in the current directory. This

17

configuration file contains the various settings for Kallithea, e.g.

17

configuration file contains the various settings for Kallithea, e.g.

18

proxy port, email settings, usage of static files, cache, Celery

18

proxy port, email settings, usage of static files, cache, Celery

19

settings, and logging. Extra settings can be specified like::

19

settings, and logging. Extra settings can be specified like::

20

21

kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter

21

kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter

22

23

Next, you need to create the databases used by Kallithea. It is recommended to

23

Next, you need to create the databases used by Kallithea. It is recommended to

24

use PostgreSQL or SQLite (default). If you choose a database other than the

24

use PostgreSQL or SQLite (default). If you choose a database other than the

25

default, ensure you properly adjust the database URL in your ``my.ini``

25

default, ensure you properly adjust the database URL in your ``my.ini``

26

configuration file to use this other database. Kallithea currently supports

26

configuration file to use this other database. Kallithea currently supports

27

PostgreSQL, SQLite and MySQL databases. Create the database by running

27

PostgreSQL, SQLite and MySQL databases. Create the database by running

28

the following command::

28

the following command::

29

30

kallithea-cli db-create -c my.ini

30

kallithea-cli db-create -c my.ini

31

32

This will prompt you for a "root" path. This "root" path is the location where

32

This will prompt you for a "root" path. This "root" path is the location where

33

Kallithea will store all of its repositories on the current machine. After

33

Kallithea will store all of its repositories on the current machine. After

34

entering this "root" path ``db-create`` will also prompt you for a username

34

entering this "root" path ``db-create`` will also prompt you for a username

35

and password for the initial admin account which ``db-create`` sets

35

and password for the initial admin account which ``db-create`` sets

36

up for you.

36

up for you.

37

38

The ``db-create`` values can also be given on the command line.

38

The ``db-create`` values can also be given on the command line.

39

Example::

39

Example::

40

41

kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos

41

kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos

42

43

The ``db-create`` command will create all needed tables and an

43

The ``db-create`` command will create all needed tables and an

44

admin account. When choosing a root path you can either use a new

44

admin account. When choosing a root path you can either use a new

45

empty location, or a location which already contains existing

45

empty location, or a location which already contains existing

46

repositories. If you choose a location which contains existing

46

repositories. If you choose a location which contains existing

47

repositories Kallithea will add all of the repositories at the chosen

47

repositories Kallithea will add all of the repositories at the chosen

48

location to its database. (Note: make sure you specify the correct

48

location to its database. (Note: make sure you specify the correct

49

path to the root).

49

path to the root).

50

51

.. note:: the given path for Mercurial_ repositories **must** be write

51

.. note:: the given path for Mercurial_ repositories **must** be write

52

accessible for the application. It's very important since

52

accessible for the application. It's very important since

53

the Kallithea web interface will work without write access,

53

the Kallithea web interface will work without write access,

54

but when trying to do a push it will fail with permission

54

but when trying to do a push it will fail with permission

55

denied errors unless it has write access.

55

denied errors unless it has write access.

56

57

Finally, prepare the front-end by running::

57

Finally, prepare the front-end by running::

58

59

kallithea-cli front-end-build

59

kallithea-cli front-end-build

60

61

You are now ready to use Kallithea. To run it simply execute::

61

You are now ready to use Kallithea. To run it simply execute::

62

63

gearbox serve -c my.ini

63

gearbox serve -c my.ini

64

65

- This command runs the Kallithea server. The web app should be available at

65

- This command runs the Kallithea server. The web app should be available at

66

http://127.0.0.1:5000. The IP address and port is configurable via the

66

http://127.0.0.1:5000. The IP address and port is configurable via the

67

configuration file created in the previous step.

67

configuration file created in the previous step.

68

- Log in to Kallithea using the admin account created when running ``db-create``.

68

- Log in to Kallithea using the admin account created when running ``db-create``.

69

- The default permissions on each repository is read, and the owner is admin.

69

- The default permissions on each repository is read, and the owner is admin.

70

Remember to update these if needed.

70

Remember to update these if needed.

71

- In the admin panel you can toggle LDAP, anonymous, and permissions

71

- In the admin panel you can toggle LDAP, anonymous, and permissions

72

settings, as well as edit more advanced options on users and

72

settings, as well as edit more advanced options on users and

73

repositories.

73

repositories.

74

75

76

Internationalization (i18n support)

76

Internationalization (i18n support)

77

-----------------------------------

77

-----------------------------------

78

79

The Kallithea web interface is automatically displayed in the user's preferred

79

The Kallithea web interface is automatically displayed in the user's preferred

80

language, as indicated by the browser. Thus, different users may see the

80

language, as indicated by the browser. Thus, different users may see the

81

application in different languages. If the requested language is not available

81

application in different languages. If the requested language is not available

82

(because the translation file for that language does not yet exist or is

82

(because the translation file for that language does not yet exist or is

83

incomplete), the language specified in setting ``i18n.lang`` in the Kallithea

83

incomplete), the language specified in setting ``i18n.lang`` in the Kallithea

84

configuration file is used as fallback. If no fallback language is explicitly

84

configuration file is used as fallback. If no fallback language is explicitly

85

specified, English is used.

85

specified, English is used.

86

87

If you want to disable automatic language detection and instead configure a

87

If you want to disable automatic language detection and instead configure a

88

fixed language regardless of user preference, set ``i18n.enabled = false`` and

88

fixed language regardless of user preference, set ``i18n.enabled = false`` and

89

set ``i18n.lang`` to the desired language (or leave empty for English).

89

set ``i18n.lang`` to the desired language (or leave empty for English).

90

91

92

Using Kallithea with SSH

92

Using Kallithea with SSH

93

------------------------

93

------------------------

94

95

Kallithea currently only hosts repositories using http and https. (The addition

95

Kallithea currently only hosts repositories using http and https. (The addition

96

of ssh hosting is a planned future feature.) However you can easily use ssh in

96

of ssh hosting is a planned future feature.) However you can easily use ssh in

97

parallel with Kallithea. (Repository access via ssh is a standard "out of

97

parallel with Kallithea. (Repository access via ssh is a standard "out of

98

the box" feature of Mercurial_ and you can use this to access any of the

98

the box" feature of Mercurial_ and you can use this to access any of the

99

repositories that Kallithea is hosting. See PublishingRepositories_)

99

repositories that Kallithea is hosting. See PublishingRepositories_)

100

101

Kallithea repository structures are kept in directories with the same name

101

Kallithea repository structures are kept in directories with the same name

102

as the project. When using repository groups, each group is a subdirectory.

102

as the project. When using repository groups, each group is a subdirectory.

103

This allows you to easily use ssh for accessing repositories.

103

This allows you to easily use ssh for accessing repositories.

104

105

In order to use ssh you need to make sure that your web server and the users'

105

In order to use ssh you need to make sure that your web server and the users'

106

login accounts have the correct permissions set on the appropriate directories.

106

login accounts have the correct permissions set on the appropriate directories.

107

108

.. note:: These permissions are independent of any permissions you

108

.. note:: These permissions are independent of any permissions you

109

have set up using the Kallithea web interface.

109

have set up using the Kallithea web interface.

110

111

If your main directory (the same as set in Kallithea settings) is for

111

If your main directory (the same as set in Kallithea settings) is for

112

example set to ``/srv/repos`` and the repository you are using is

112

example set to ``/srv/repos`` and the repository you are using is

113

named ``kallithea``, then to clone via ssh you should run::

113

named ``kallithea``, then to clone via ssh you should run::

114

115

hg clone ssh://user@kallithea.example.com/srv/repos/kallithea

115

hg clone ssh://user@kallithea.example.com/srv/repos/kallithea

116

117

Using other external tools such as mercurial-server_ or using ssh key-based

117

Using other external tools such as mercurial-server_ or using ssh key-based

118

authentication is fully supported.

118

authentication is fully supported.

119

120

.. note:: In an advanced setup, in order for your ssh access to use

120

.. note:: In an advanced setup, in order for your ssh access to use

121

the same permissions as set up via the Kallithea web

121

the same permissions as set up via the Kallithea web

122

interface, you can create an authentication hook to connect

122

interface, you can create an authentication hook to connect

123

to the Kallithea db and run check functions for permissions

123

to the Kallithea db and run check functions for permissions

124

against that.

124

against that.

125

126

127

Setting up Whoosh full text search

127

Setting up Whoosh full text search

128

----------------------------------

128

----------------------------------

129

130

Kallithea provides full text search of repositories using `Whoosh`__.

130

Kallithea provides full text search of repositories using `Whoosh`__.

131

132

.. __: https://whoosh.readthedocs.io/en/latest/

132

.. __: https://whoosh.readthedocs.io/en/latest/

133

134

For an incremental index build, run::

134

For an incremental index build, run::

135

136

kallithea-cli index-create -c my.ini

136

kallithea-cli index-create -c my.ini

137

138

For a full index rebuild, run::

138

For a full index rebuild, run::

139

140

kallithea-cli index-create -c my.ini --full

140

kallithea-cli index-create -c my.ini --full

141

142

The ``--repo-location`` option allows the location of the repositories to be overridden;

142

The ``--repo-location`` option allows the location of the repositories to be overridden;

143

usually, the location is retrieved from the Kallithea database.

143

usually, the location is retrieved from the Kallithea database.

144

145

The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::

145

The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::

146

147

kallithea-cli index-create -c my.ini --index-only=vcs,kallithea

147

kallithea-cli index-create -c my.ini --index-only=vcs,kallithea

148

149

To keep your index up-to-date it is necessary to do periodic index builds;

149

To keep your index up-to-date it is necessary to do periodic index builds;

150

for this, it is recommended to use a crontab entry. Example::

150

for this, it is recommended to use a crontab entry. Example::

151

152

0 3 * * * /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini

152

0 3 * * * /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini

153

154

When using incremental mode (the default), Whoosh will check the last

154

When using incremental mode (the default), Whoosh will check the last

155

modification date of each file and add it to be reindexed if a newer file is

155

modification date of each file and add it to be reindexed if a newer file is

156

available. The indexing daemon checks for any removed files and removes them

156

available. The indexing daemon checks for any removed files and removes them

157

from index.

157

from index.

158

159

If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,

159

If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,

160

or in the admin panel you can check the "build from scratch" checkbox.

160

or in the admin panel you can check the "build from scratch" checkbox.

161

162

163

Integration with issue trackers

163

Integration with issue trackers

164

-------------------------------

164

-------------------------------

165

166

Kallithea provides a simple integration with issue trackers. It's possible

166

Kallithea provides a simple integration with issue trackers. It's possible

167

to define a regular expression that will match an issue ID in commit messages,

167

to define a regular expression that will match an issue ID in commit messages,

168

and have that replaced with a URL to the issue.

168

and have that replaced with a URL to the issue.

169

170

This is achieved with following three variables in the ini file::

170

This is achieved with following three variables in the ini file::

171

172

issue_pat = #(\d+)

172

issue_pat = #(\d+)

173

issue_server_link = https://issues.example.com/{repo}/issue/\1

173

issue_server_link = https://issues.example.com/{repo}/issue/\1

174

issue_sub =

174

issue_sub =

175

176

``issue_pat`` is the regular expression describing which strings in

176

``issue_pat`` is the regular expression describing which strings in

177

commit messages will be treated as issue references. The expression can/should

177

commit messages will be treated as issue references. The expression can/should

178

have one or more parenthesized groups that can later be referred to in

178

have one or more parenthesized groups that can later be referred to in

179

``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups

179

``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups

180

can be used instead of simple parenthesized groups.

180

can be used instead of simple parenthesized groups.

181

182

If the pattern should only match if it is preceded by whitespace, add the

182

If the pattern should only match if it is preceded by whitespace, add the

183

following string before the actual pattern: ``(?:^|(?<=\s))``.

183

following string before the actual pattern: ``(?:^|(?<=\s))``.

184

If the pattern should only match if it is followed by whitespace, add the

184

If the pattern should only match if it is followed by whitespace, add the

185

following string after the actual pattern: ``(?:$|(?=\s))``.

185

following string after the actual pattern: ``(?:$|(?=\s))``.

186

These expressions use lookbehind and lookahead assertions of the Python regular

186

These expressions use lookbehind and lookahead assertions of the Python regular

187

expression module to avoid the whitespace to be part of the actual pattern,

187

expression module to avoid the whitespace to be part of the actual pattern,

188

otherwise the link text will also contain that whitespace.

188

otherwise the link text will also contain that whitespace.

189

190

Matched issue references are replaced with the link specified in

190

Matched issue references are replaced with the link specified in

191

``issue_server_link``, in which any backreferences are resolved. Backreferences

191

``issue_server_link``, in which any backreferences are resolved. Backreferences

192

can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.

192

can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.

193

The special token ``{repo}`` is replaced with the full repository path

193

The special token ``{repo}`` is replaced with the full repository path

194

(including repository groups), while token ``{repo_name}`` is replaced with the

194

(including repository groups), while token ``{repo_name}`` is replaced with the

195

repository name (without repository groups).

195

repository name (without repository groups).

196

197

The link text is determined by ``issue_sub``, which can be a string containing

197

The link text is determined by ``issue_sub``, which can be a string containing

198

backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is

198

backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is

199

empty, then the text matched by ``issue_pat`` is used verbatim.

199

empty, then the text matched by ``issue_pat`` is used verbatim.

200

201

The example settings shown above match issues in the format ``#<number>``.

201

The example settings shown above match issues in the format ``#<number>``.

202

This will cause the text ``#300`` to be transformed into a link:

202

This will cause the text ``#300`` to be transformed into a link:

203

204

.. code-block:: html

204

.. code-block:: html

205

206

206

207

208

The following example transforms a text starting with either of 'pullrequest',

208

The following example transforms a text starting with either of 'pullrequest',

209

'pull request' or 'PR', followed by an optional space, then a pound character

209

'pull request' or 'PR', followed by an optional space, then a pound character

210

(#) and one or more digits, into a link with the text 'PR #' followed by the

210

(#) and one or more digits, into a link with the text 'PR #' followed by the

211

digits::

211

digits::

212

213

issue_pat = (pullrequest|pull request|PR) ?#(\d+)

213

issue_pat = (pullrequest|pull request|PR) ?#(\d+)

214

issue_server_link = https://issues.example.com/\2

214

issue_server_link = https://issues.example.com/\2

215

issue_sub = PR #\2

215

issue_sub = PR #\2

216

217

The following example demonstrates how to require whitespace before the issue

217

The following example demonstrates how to require whitespace before the issue

218

reference in order for it to be recognized, such that the text ``issue#123`` will

218

reference in order for it to be recognized, such that the text ``issue#123`` will

219

not cause a match, but ``issue #123`` will::

219

not cause a match, but ``issue #123`` will::

220

221

issue_pat = (?:^|(?<=\s))#(\d+)

221

issue_pat = (?:^|(?<=\s))#(\d+)

222

issue_server_link = https://issues.example.com/\1

222

issue_server_link = https://issues.example.com/\1

223

issue_sub =

223

issue_sub =

224

225

If needed, more than one pattern can be specified by appending a unique suffix to

225

If needed, more than one pattern can be specified by appending a unique suffix to

226

the variables. For example, also demonstrating the use of named groups::

226

the variables. For example, also demonstrating the use of named groups::

227

228

issue_pat_wiki = wiki-(?P<pagename>\S+)

228

issue_pat_wiki = wiki-(?P<pagename>\S+)

229

issue_server_link_wiki = https://wiki.example.com/\g<pagename>

229

issue_server_link_wiki = https://wiki.example.com/\g<pagename>

230

issue_sub_wiki = WIKI-\g<pagename>

230

issue_sub_wiki = WIKI-\g<pagename>

231

232

With these settings, wiki pages can be referenced as wiki-some-id, and every

232

With these settings, wiki pages can be referenced as wiki-some-id, and every

233

such reference will be transformed into:

233

such reference will be transformed into:

234

235

.. code-block:: html

235

.. code-block:: html

236

237

237

238

239

Refer to the `Python regular expression documentation`_ for more details about

239

Refer to the `Python regular expression documentation`_ for more details about

240

the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.

240

the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.

241

242

243

Hook management

243

Hook management

244

---------------

244

---------------

245

246

Hooks can be managed in similar way to that used in ``.hgrc`` files.

246

Hooks can be managed in similar way to that used in ``.hgrc`` files.

247

To manage hooks, choose *Admin > Settings > Hooks*.

247

To manage hooks, choose *Admin > Settings > Hooks*.

248

249

The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.

249

The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.

250

251

To add another custom hook simply fill in the first textbox with

251

To add another custom hook simply fill in the first textbox with

252

``<name>.<hook_type>`` and the second with the hook path. Example hooks

252

``<name>.<hook_type>`` and the second with the hook path. Example hooks

253

can be found in ``kallithea.lib.hooks``.

253

can be found in ``kallithea.lib.hooks``.

254

255

256

Changing default encoding

256

Changing default encoding

257

-------------------------

257

-------------------------

258

259

By default, Kallithea uses UTF-8 encoding.

259

By default, Kallithea uses UTF-8 encoding.

260

This is configurable as ``default_encoding`` in the .ini file.

260

This is configurable as ``default_encoding`` in the .ini file.

261

This affects many parts in Kallithea including user names, filenames, and

261

This affects many parts in Kallithea including user names, filenames, and

262

encoding of commit messages. In addition Kallithea can detect if the ``chardet``

262

encoding of commit messages. In addition Kallithea can detect if the ``chardet``

263

library is installed. If ``chardet`` is detected Kallithea will fallback to it

263

library is installed. If ``chardet`` is detected Kallithea will fallback to it

264

when there are encode/decode errors.

264

when there are encode/decode errors.

265

266

The Mercurial encoding is configurable as ``hgencoding``. It is similar to

266

The Mercurial encoding is configurable as ``hgencoding``. It is similar to

267

setting the ``HGENCODING`` environment variable, but will override it.

267

setting the ``HGENCODING`` environment variable, but will override it.

268

269

270

Celery configuration

270

Celery configuration

271

--------------------

271

--------------------

272

273

Kallithea can use the distributed task queue system Celery_ to run tasks like

273

Kallithea can use the distributed task queue system Celery_ to run tasks like

274

cloning repositories or sending emails.

274

cloning repositories or sending emails.

275

276

Kallithea will in most setups work perfectly fine out of the box (without

276

Kallithea will in most setups work perfectly fine out of the box (without

277

Celery), executing all tasks in the web server process. Some tasks can however

277

Celery), executing all tasks in the web server process. Some tasks can however

278

take some time to run and it can be better to run such tasks asynchronously in

278

take some time to run and it can be better to run such tasks asynchronously in

279

a separate process so the web server can focus on serving web requests.

279

a separate process so the web server can focus on serving web requests.

280

281

For installation and configuration of Celery, see the `Celery documentation`_.

281

For installation and configuration of Celery, see the `Celery documentation`_.

282

Note that Celery requires a message broker service like RabbitMQ_ (recommended)

282

Note that Celery requires a message broker service like RabbitMQ_ (recommended)

283

or Redis_.

283

or Redis_.

284

285

The use of Celery is configured in the Kallithea ini configuration file.

285

The use of Celery is configured in the Kallithea ini configuration file.

286

To enable it, simply set::

286

To enable it, simply set::

287

288

use_celery = true

288

use_celery = true

289

290

and add or change the ``celery.*`` and ``broker.*`` configuration variables.

290

and add or change the ``celery.*`` and ``broker.*`` configuration variables.

291

292

Remember that the ini files use the format with '.' and not with '_' like

292

Remember that the ini files use the format with '.' and not with '_' like

293

Celery. So for example setting `BROKER_HOST` in Celery means setting

293

Celery. So for example setting `BROKER_HOST` in Celery means setting

294

`broker.host` in the configuration file.

294

`broker.host` in the configuration file.

295

296

To start the Celery process, run::

296

To start the Celery process, run::

297

298

kallithea-cli celery-run -c my.ini

298

kallithea-cli celery-run -c my.ini

299

300

Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``

300

Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``

301

for more info.

301

for more info.

302

303

.. note::

303

.. note::

304

Make sure you run this command from the same virtualenv, and with the same

304

Make sure you run this command from the same virtualenv, and with the same

305

user that Kallithea runs.

305

user that Kallithea runs.

306

307

308

HTTPS support

308

HTTPS support

309

-------------

309

-------------

310

311

Kallithea will by default generate URLs based on the WSGI environment.

311

Kallithea will by default generate URLs based on the WSGI environment.

312

313

Alternatively, you can use some special configuration settings to control

313

Alternatively, you can use some special configuration settings to control

314

directly which scheme/protocol Kallithea will use when generating URLs:

314

directly which scheme/protocol Kallithea will use when generating URLs:

315

316

- With ``https_fixup = true``, the scheme will be taken from the

316

- With ``https_fixup = true``, the scheme will be taken from the

317

``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header

317

``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header

318

(default ``http``).

318

(default ``http``).

319

- With ``force_https = true`` the default will be ``https``.

319

- With ``force_https = true`` the default will be ``https``.

320

- With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.

320

- With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.

321

322

.. _nginx_virtual_host:

322

.. _nginx_virtual_host:

323

324

325

Nginx virtual host example

325

Nginx virtual host example

326

--------------------------

326

--------------------------

327

328

Sample config for Nginx using proxy:

328

Sample config for Nginx using proxy:

329

330

.. code-block:: nginx

330

.. code-block:: nginx

331

332

upstream kallithea {

332

upstream kallithea {

333

server 127.0.0.1:5000;

333

server 127.0.0.1:5000;

334

# add more instances for load balancing

334

# add more instances for load balancing

335

#server 127.0.0.1:5001;

335

#server 127.0.0.1:5001;

336

#server 127.0.0.1:5002;

336

#server 127.0.0.1:5002;

337

}

337

}

338

339

## gist alias

339

## gist alias

340

server {

340

server {

341

listen 443;

341

listen 443;

342

server_name gist.example.com;

342

server_name gist.example.com;

343

access_log /var/log/nginx/gist.access.log;

343

access_log /var/log/nginx/gist.access.log;

344

error_log /var/log/nginx/gist.error.log;

344

error_log /var/log/nginx/gist.error.log;

345

346

ssl on;

346

ssl on;

347

ssl_certificate gist.your.kallithea.server.crt;

347

ssl_certificate gist.your.kallithea.server.crt;

348

ssl_certificate_key gist.your.kallithea.server.key;

348

ssl_certificate_key gist.your.kallithea.server.key;

349

350

ssl_session_timeout 5m;

350

ssl_session_timeout 5m;

351

352

ssl_protocols SSLv3 TLSv1;

352

ssl_protocols SSLv3 TLSv1;

353

ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

353

ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

354

ssl_prefer_server_ciphers on;

354

ssl_prefer_server_ciphers on;

355

356

rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;

356

rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;

357

rewrite (.*) https://kallithea.example.com/_admin/gists;

357

rewrite (.*) https://kallithea.example.com/_admin/gists;

358

}

358

}

359

360

server {

360

server {

361

listen 443;

361

listen 443;

362

server_name kallithea.example.com

362

server_name kallithea.example.com

363

access_log /var/log/nginx/kallithea.access.log;

363

access_log /var/log/nginx/kallithea.access.log;

364

error_log /var/log/nginx/kallithea.error.log;

364

error_log /var/log/nginx/kallithea.error.log;

365

366

ssl on;

366

ssl on;

367

ssl_certificate your.kallithea.server.crt;

367

ssl_certificate your.kallithea.server.crt;

368

ssl_certificate_key your.kallithea.server.key;

368

ssl_certificate_key your.kallithea.server.key;

369

370

ssl_session_timeout 5m;

370

ssl_session_timeout 5m;

371

372

ssl_protocols SSLv3 TLSv1;

372

ssl_protocols SSLv3 TLSv1;

373

ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

373

ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

374

ssl_prefer_server_ciphers on;

374

ssl_prefer_server_ciphers on;

375

376

## uncomment root directive if you want to serve static files by nginx

376

## uncomment root directive if you want to serve static files by nginx

377

## requires static_files = false in .ini file

377

## requires static_files = false in .ini file

378

#root /srv/kallithea/kallithea/kallithea/public;

378

#root /srv/kallithea/kallithea/kallithea/public;

379

include /etc/nginx/proxy.conf;

379

include /etc/nginx/proxy.conf;

380

location / {

380

location / {

381

try_files $uri @kallithea;

381

try_files $uri @kallithea;

382

}

382

}

383

384

location @kallithea {

384

location @kallithea {

385

proxy_pass http://127.0.0.1:5000;

385

proxy_pass http://127.0.0.1:5000;

386

}

386

}

387

388

}

388

}

389

390

Here's the proxy.conf. It's tuned so it will not timeout on long

390

Here's the proxy.conf. It's tuned so it will not timeout on long

391

pushes or large pushes::

391

pushes or large pushes::

392

393

proxy_redirect off;

393

proxy_redirect off;

394

proxy_set_header Host $host;

394

proxy_set_header Host $host;

395

## needed for container auth

395

## needed for container auth

396

#proxy_set_header REMOTE_USER $remote_user;

396

#proxy_set_header REMOTE_USER $remote_user;

397

#proxy_set_header X-Forwarded-User $remote_user;

397

#proxy_set_header X-Forwarded-User $remote_user;

398

proxy_set_header X-Url-Scheme $scheme;

398

proxy_set_header X-Url-Scheme $scheme;

399

proxy_set_header X-Host $http_host;

399

proxy_set_header X-Host $http_host;

400

proxy_set_header X-Real-IP $remote_addr;

400

proxy_set_header X-Real-IP $remote_addr;

401

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

401

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

402

proxy_set_header Proxy-host $proxy_host;

402

proxy_set_header Proxy-host $proxy_host;

403

proxy_buffering off;

403

proxy_buffering off;

404

proxy_connect_timeout 7200;

404

proxy_connect_timeout 7200;

405

proxy_send_timeout 7200;

405

proxy_send_timeout 7200;

406

proxy_read_timeout 7200;

406

proxy_read_timeout 7200;

407

proxy_buffers 8 32k;

407

proxy_buffers 8 32k;

408

client_max_body_size 1024m;

408

client_max_body_size 1024m;

409

client_body_buffer_size 128k;

409

client_body_buffer_size 128k;

410

large_client_header_buffers 8 64k;

410

large_client_header_buffers 8 64k;

411

412

.. _apache_virtual_host_reverse_proxy:

412

.. _apache_virtual_host_reverse_proxy:

413

414

415

Apache virtual host reverse proxy example

415

Apache virtual host reverse proxy example

416

-----------------------------------------

416

-----------------------------------------

417

418

Here is a sample configuration file for Apache using proxy:

418

Here is a sample configuration file for Apache using proxy:

419

420

.. code-block:: apache

420

.. code-block:: apache

421

422

422

423

ServerName kallithea.example.com

423

ServerName kallithea.example.com

424

425

425

426

# For Apache 2.4 and later:

426

# For Apache 2.4 and later:

427

Require all granted

427

Require all granted

428

429

# For Apache 2.2 and earlier, instead use:

429

# For Apache 2.2 and earlier, instead use:

430

# Order allow,deny

430

# Order allow,deny

431

# Allow from all

431

# Allow from all

432

</Proxy>

432

</Proxy>

433

434

#important !

434

#important !

435

#Directive to properly generate url (clone url) for Kallithea

435

#Directive to properly generate url (clone url) for Kallithea

436

ProxyPreserveHost On

436

ProxyPreserveHost On

437

438

#kallithea instance

438

#kallithea instance

439

ProxyPass / http://127.0.0.1:5000/

439

ProxyPass / http://127.0.0.1:5000/

440

ProxyPassReverse / http://127.0.0.1:5000/

440

ProxyPassReverse / http://127.0.0.1:5000/

441

442

#to enable https use line below

442

#to enable https use line below

443

#SetEnvIf X-Url-Scheme https HTTPS=1

443

#SetEnvIf X-Url-Scheme https HTTPS=1

444

</VirtualHost>

444

</VirtualHost>

445

446

Additional tutorial

446

Additional tutorial

447

http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons

447

http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons

448

449

.. _apache_subdirectory:

449

.. _apache_subdirectory:

450

451

452

Apache as subdirectory

452

Apache as subdirectory

453

----------------------

453

----------------------

454

455

Apache subdirectory part:

455

Apache subdirectory part:

456

457

.. code-block:: apache

457

.. code-block:: apache

458

459

459

460

ProxyPass http://127.0.0.1:5000/PREFIX

460

ProxyPass http://127.0.0.1:5000/PREFIX

461

ProxyPassReverse http://127.0.0.1:5000/PREFIX

461

ProxyPassReverse http://127.0.0.1:5000/PREFIX

462

SetEnvIf X-Url-Scheme https HTTPS=1

462

SetEnvIf X-Url-Scheme https HTTPS=1

463

</Location>

463

</Location>

464

465

Besides the regular apache setup you will need to add the following line

465

Besides the regular apache setup you will need to add the following line

466

into ``[app:main]`` section of your .ini file::

466

into ``[app:main]`` section of your .ini file::

467

468

filter-with = proxy-prefix

468

filter-with = proxy-prefix

469

470

Add the following at the end of the .ini file::

470

Add the following at the end of the .ini file::

471

472

[filter:proxy-prefix]

472

[filter:proxy-prefix]

473

use = egg:PasteDeploy#prefix

473

use = egg:PasteDeploy#prefix

474

prefix = /PREFIX

474

prefix = /PREFIX

475

476

then change ``PREFIX`` into your chosen prefix

476

then change ``PREFIX`` into your chosen prefix

477

478

.. _apache_mod_wsgi:

478

.. _apache_mod_wsgi:

479

480

481

Apache with mod_wsgi

481

Apache with mod_wsgi

482

--------------------

482

--------------------

483

484

Alternatively, Kallithea can be set up with Apache under mod_wsgi. For

484

Alternatively, Kallithea can be set up with Apache under mod_wsgi. For

485

that, you'll need to:

485

that, you'll need to:

486

487

- Install mod_wsgi. If using a Debian-based distro, you can install

487

- Install mod_wsgi. If using a Debian-based distro, you can install

488

the package libapache2-mod-wsgi::

488

the package libapache2-mod-wsgi::

489

490

aptitude install libapache2-mod-wsgi

490

aptitude install libapache2-mod-wsgi

491

492

- Enable mod_wsgi::

492

- Enable mod_wsgi::

493

494

a2enmod wsgi

494

a2enmod wsgi

495

496

- Add global Apache configuration to tell mod_wsgi that Python only will be

496

- Add global Apache configuration to tell mod_wsgi that Python only will be

497

used in the WSGI processes and shouldn't be initialized in the Apache

497

used in the WSGI processes and shouldn't be initialized in the Apache

498

processes::

498

processes::

499

500

WSGIRestrictEmbedded On

500

WSGIRestrictEmbedded On

501

502

- Create a ~~wsgi~~ dispatch script, like the one below. Make sure you

502

- Create a WSGI dispatch script, like the one below. Make sure you

503

check that the paths correctly point to where you installed Kallithea

503

check that the paths correctly point to where you installed Kallithea

504

and its Python Virtual Environment.

504

and its Python Virtual Environment.

505

- Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script,

505

506

as in the following example. Once again, check the paths are

506

.. code-block:: python

507

correctly specified.

508

507

509

Here is a sample excerpt from an Apache Virtual Host configuration file:

508

import os

509

os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'

510

511

.. code-block:: apache

511

# sometimes it's needed to set the current dir

512

os.chdir('/srv/kallithea/')

512

513

WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \

514

import site

514

python-home=/srv/kallithea/venv

515

site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages")

515

WSGIProcessGroup kallithea

516

WSGIScriptAlias / /srv/kallithea/dispatch.wsgi

517

WSGIPassAuthorization On

518

516

519

Or if using a dispatcher WSGI script with proper virtualenv activation:

517

ini = '/srv/kallithea/my.ini'

518

from logging.config import fileConfig

519

fileConfig(ini)

520

from paste.deploy import loadapp

521

application = loadapp('config:' + ini)

520

522

521

.. code-block:: apache

523

Or using proper virtualenv activation:

522

524

523

WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100

525

.. code-block:: python

524

WSGIProcessGroup kallithea

525

WSGIScriptAlias / /srv/kallithea/dispatch.wsgi

526

WSGIPassAuthorization On

527

526

528

Apache will by default run as a special Apache user, on Linux systems

527

activate_this = '/srv/kallithea/venv/bin/activate_this.py'

529

usually ``www-data`` or ``apache``. If you need to have the repositories

528

execfile(activate_this, dict(__file__=activate_this))

530

directory owned by a different user, use the user and group options to

531

WSGIDaemonProcess to set the name of the user and group.

532

529

533

Example WSGI dispatch script:

530

import os

531

os.environ['HOME'] = '/srv/kallithea'

534

532

535

.. code-block:: python

533

ini = '/srv/kallithea/kallithea.ini'

536

534

from logging.config import fileConfig

537

import os

535

fileConfig(ini)

538

os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'

536

from paste.deploy import loadapp

537

application = loadapp('config:' + ini)

539

538

540

# sometimes it's needed to set the current dir

539

- Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script, as in

541

os.chdir('/srv/kallithea/')

540

the following example from an Apache Virtual Host configuration file. Once

541

again, check the paths are correctly specified.

542

543

import site

543

.. code-block:: apache

544

site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages")

545

544

546

ini = '/srv/kallithea/my.ini'

545

WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \

547

from logging.config import fileConfig

546

python-home=/srv/kallithea/venv

548

fileConfig(ini)

547

WSGIProcessGroup kallithea

549

from paste.deploy import loadapp

548

WSGIScriptAlias / /srv/kallithea/dispatch.wsgi

550

application = loadapp('config:' + ini)

549

WSGIPassAuthorization On

551

550

552

Or using proper virtualenv activation:

551

Or if using a dispatcher WSGI script with proper virtualenv activation:

553

552

554

.. code-block:: ~~python~~

553

.. code-block:: apache

555

554

556

activate_this = '/srv/kallithea/venv/bin/activate_this.py'

555

WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100

557

execfile(activate_this, dict(__file__=activate_this))

556

WSGIProcessGroup kallithea

558

557

WSGIScriptAlias / /srv/kallithea/dispatch.wsgi

559

import os

558

WSGIPassAuthorization On

560

os.environ['HOME'] = '/srv/kallithea'

561

559

562

ini = '/srv/kallithea/kallithea.ini'

560

Apache will by default run as a special Apache user, on Linux systems

563

from logging.config import fileConfig

561

usually ``www-data`` or ``apache``. If you need to have the repositories

564

fileConfig(ini)

562

directory owned by a different user, use the user and group options to

565

from paste.deploy import loadapp

563

WSGIDaemonProcess to set the name of the user and group.

566

application = loadapp('config:' + ini)

567

564

568

565

569

Other configuration files

566

Other configuration files

570

-------------------------

567

-------------------------

571

568

572

A number of `example init.d scripts`__ can be found in

569

A number of `example init.d scripts`__ can be found in

573

the ``init.d`` directory of the Kallithea source.

570

the ``init.d`` directory of the Kallithea source.

574

571

575

.. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .

572

.. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .

576

573

577

574

578

.. _virtualenv: http://pypi.python.org/pypi/virtualenv

575

.. _virtualenv: http://pypi.python.org/pypi/virtualenv

579

.. _python: http://www.python.org/

576

.. _python: http://www.python.org/

580

.. _Python regular expression documentation: https://docs.python.org/2/library/re.html

577

.. _Python regular expression documentation: https://docs.python.org/2/library/re.html

581

.. _Mercurial: https://www.mercurial-scm.org/

578

.. _Mercurial: https://www.mercurial-scm.org/

582

.. _Celery: http://celeryproject.org/

579

.. _Celery: http://celeryproject.org/

583

.. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html

580

.. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html

584

.. _RabbitMQ: http://www.rabbitmq.com/

581

.. _RabbitMQ: http://www.rabbitmq.com/

585

.. _Redis: http://redis.io/

582

.. _Redis: http://redis.io/

586

.. _mercurial-server: http://www.lshift.net/mercurial-server.html

583

.. _mercurial-server: http://www.lshift.net/mercurial-server.html

587

.. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories

584

.. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             .. _setup:
             =====
             Setup
             =====
             Setting up Kallithea
             --------------------
             First, you will need to create a Kallithea configuration file. Run the
             following command to do so::
                 kallithea-cli config-create my.ini
             This will create the file ``my.ini`` in the current directory. This
             configuration file contains the various settings for Kallithea, e.g.
             proxy port, email settings, usage of static files, cache, Celery
             settings, and logging. Extra settings can be specified like::
                 kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter
             Next, you need to create the databases used by Kallithea. It is recommended to
             use PostgreSQL or SQLite (default). If you choose a database other than the
             default, ensure you properly adjust the database URL in your ``my.ini``
             configuration file to use this other database. Kallithea currently supports
             PostgreSQL, SQLite and MySQL databases. Create the database by running
             the following command::
                 kallithea-cli db-create -c my.ini
             This will prompt you for a "root" path. This "root" path is the location where
             Kallithea will store all of its repositories on the current machine. After
             entering this "root" path ``db-create`` will also prompt you for a username
             and password for the initial admin account which ``db-create`` sets
             up for you.
             The ``db-create`` values can also be given on the command line.
             Example::
                 kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
             The ``db-create`` command will create all needed tables and an
             admin account. When choosing a root path you can either use a new
             empty location, or a location which already contains existing
             repositories. If you choose a location which contains existing
             repositories Kallithea will add all of the repositories at the chosen
             location to its database.  (Note: make sure you specify the correct
             path to the root).
             .. note:: the given path for Mercurial_ repositories **must** be write
                       accessible for the application. It's very important since
                       the Kallithea web interface will work without write access,
                       but when trying to do a push it will fail with permission
                       denied errors unless it has write access.
             Finally, prepare the front-end by running::
                 kallithea-cli front-end-build
             You are now ready to use Kallithea. To run it simply execute::
                 gearbox serve -c my.ini
             - This command runs the Kallithea server. The web app should be available at
               http://127.0.0.1:5000. The IP address and port is configurable via the
               configuration file created in the previous step.
             - Log in to Kallithea using the admin account created when running ``db-create``.
             - The default permissions on each repository is read, and the owner is admin.
               Remember to update these if needed.
             - In the admin panel you can toggle LDAP, anonymous, and permissions
               settings, as well as edit more advanced options on users and
               repositories.
             Internationalization (i18n support)
             -----------------------------------
             The Kallithea web interface is automatically displayed in the user's preferred
             language, as indicated by the browser. Thus, different users may see the
             application in different languages. If the requested language is not available
             (because the translation file for that language does not yet exist or is
             incomplete), the language specified in setting ``i18n.lang`` in the Kallithea
             configuration file is used as fallback. If no fallback language is explicitly
             specified, English is used.
             If you want to disable automatic language detection and instead configure a
             fixed language regardless of user preference, set ``i18n.enabled = false`` and
             set ``i18n.lang`` to the desired language (or leave empty for English).
             Using Kallithea with SSH
             ------------------------
             Kallithea currently only hosts repositories using http and https. (The addition
             of ssh hosting is a planned future feature.) However you can easily use ssh in
             parallel with Kallithea. (Repository access via ssh is a standard "out of
             the box" feature of Mercurial_ and you can use this to access any of the
             repositories that Kallithea is hosting. See PublishingRepositories_)
             Kallithea repository structures are kept in directories with the same name
             as the project. When using repository groups, each group is a subdirectory.
             This allows you to easily use ssh for accessing repositories.
             In order to use ssh you need to make sure that your web server and the users'
             login accounts have the correct permissions set on the appropriate directories.
             .. note:: These permissions are independent of any permissions you
                       have set up using the Kallithea web interface.
             If your main directory (the same as set in Kallithea settings) is for
             example set to ``/srv/repos`` and the repository you are using is
             named ``kallithea``, then to clone via ssh you should run::
                 hg clone ssh://user@kallithea.example.com/srv/repos/kallithea
             Using other external tools such as mercurial-server_ or using ssh key-based
             authentication is fully supported.
             .. note:: In an advanced setup, in order for your ssh access to use
                       the same permissions as set up via the Kallithea web
                       interface, you can create an authentication hook to connect
                       to the Kallithea db and run check functions for permissions
                       against that.
             Setting up Whoosh full text search
             ----------------------------------
             Kallithea provides full text search of repositories using `Whoosh`__.
             .. __: https://whoosh.readthedocs.io/en/latest/
             For an incremental index build, run::
                 kallithea-cli index-create -c my.ini
             For a full index rebuild, run::
                 kallithea-cli index-create -c my.ini --full
             The ``--repo-location`` option allows the location of the repositories to be overridden;
             usually, the location is retrieved from the Kallithea database.
             The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
                 kallithea-cli index-create -c my.ini --index-only=vcs,kallithea
             To keep your index up-to-date it is necessary to do periodic index builds;
             for this, it is recommended to use a crontab entry. Example::
 3  *  *  *  /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini
             When using incremental mode (the default), Whoosh will check the last
             modification date of each file and add it to be reindexed if a newer file is
             available. The indexing daemon checks for any removed files and removes them
             from index.
             If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
             or in the admin panel you can check the "build from scratch" checkbox.
             Integration with issue trackers
             -------------------------------
             Kallithea provides a simple integration with issue trackers. It's possible
             to define a regular expression that will match an issue ID in commit messages,
             and have that replaced with a URL to the issue.
             This is achieved with following three variables in the ini file::
                 issue_pat = #(\d+)
                 issue_server_link = https://issues.example.com/{repo}/issue/\1
                 issue_sub =
             ``issue_pat`` is the regular expression describing which strings in
             commit messages will be treated as issue references. The expression can/should
             have one or more parenthesized groups that can later be referred to in
             ``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups
             can be used instead of simple parenthesized groups.
             If the pattern should only match if it is preceded by whitespace, add the
             following string before the actual pattern: ``(?:^|(?<=\s))``.
             If the pattern should only match if it is followed by whitespace, add the
             following string after the actual pattern: ``(?:$|(?=\s))``.
             These expressions use lookbehind and lookahead assertions of the Python regular
             expression module to avoid the whitespace to be part of the actual pattern,
             otherwise the link text will also contain that whitespace.
             Matched issue references are replaced with the link specified in
             ``issue_server_link``, in which any backreferences are resolved. Backreferences
             can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.
             The special token ``{repo}`` is replaced with the full repository path
             (including repository groups), while token ``{repo_name}`` is replaced with the
             repository name (without repository groups).
             The link text is determined by ``issue_sub``, which can be a string containing
             backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is
             empty, then the text matched by ``issue_pat`` is used verbatim.
             The example settings shown above match issues in the format ``#<number>``.
             This will cause the text ``#300`` to be transformed into a link:
             .. code-block:: html
               <a href="https://issues.example.com/example_repo/issue/300">#300</a>
             The following example transforms a text starting with either of 'pullrequest',
             'pull request' or 'PR', followed by an optional space, then a pound character
             (#) and one or more digits, into a link with the text 'PR #' followed by the
             digits::
                 issue_pat = (pullrequest|pull request|PR) ?#(\d+)
                 issue_server_link = https://issues.example.com/\2
                 issue_sub = PR #\2
             The following example demonstrates how to require whitespace before the issue
             reference in order for it to be recognized, such that the text ``issue#123`` will
             not cause a match, but ``issue #123`` will::
                 issue_pat = (?:^|(?<=\s))#(\d+)
                 issue_server_link = https://issues.example.com/\1
                 issue_sub =
             If needed, more than one pattern can be specified by appending a unique suffix to
             the variables. For example, also demonstrating the use of named groups::
                 issue_pat_wiki = wiki-(?P<pagename>\S+)
                 issue_server_link_wiki = https://wiki.example.com/\g<pagename>
                 issue_sub_wiki = WIKI-\g<pagename>
             With these settings, wiki pages can be referenced as wiki-some-id, and every
             such reference will be transformed into:
             .. code-block:: html
               <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
             Refer to the `Python regular expression documentation`_ for more details about
             the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.
             Hook management
             ---------------
             Hooks can be managed in similar way to that used in ``.hgrc`` files.
             To manage hooks, choose *Admin > Settings > Hooks*.
             The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
             To add another custom hook simply fill in the first textbox with
             ``<name>.<hook_type>`` and the second with the hook path. Example hooks
             can be found in ``kallithea.lib.hooks``.
             Changing default encoding
             -------------------------
             By default, Kallithea uses UTF-8 encoding.
             This is configurable as ``default_encoding`` in the .ini file.
             This affects many parts in Kallithea including user names, filenames, and
             encoding of commit messages. In addition Kallithea can detect if the ``chardet``
             library is installed. If ``chardet`` is detected Kallithea will fallback to it
             when there are encode/decode errors.
             The Mercurial encoding is configurable as ``hgencoding``. It is similar to
             setting the ``HGENCODING`` environment variable, but will override it.
             Celery configuration
             --------------------
             Kallithea can use the distributed task queue system Celery_ to run tasks like
             cloning repositories or sending emails.
             Kallithea will in most setups work perfectly fine out of the box (without
             Celery), executing all tasks in the web server process. Some tasks can however
             take some time to run and it can be better to run such tasks asynchronously in
             a separate process so the web server can focus on serving web requests.
             For installation and configuration of Celery, see the `Celery documentation`_.
             Note that Celery requires a message broker service like RabbitMQ_ (recommended)
             or Redis_.
             The use of Celery is configured in the Kallithea ini configuration file.
             To enable it, simply set::
               use_celery = true
             and add or change the ``celery.*`` and ``broker.*`` configuration variables.
             Remember that the ini files use the format with '.' and not with '_' like
             Celery. So for example setting `BROKER_HOST` in Celery means setting
             `broker.host` in the configuration file.
             To start the Celery process, run::
               kallithea-cli celery-run -c my.ini
             Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``
             for more info.
             .. note::
                Make sure you run this command from the same virtualenv, and with the same
                user that Kallithea runs.
             HTTPS support
             -------------
             Kallithea will by default generate URLs based on the WSGI environment.
             Alternatively, you can use some special configuration settings to control
             directly which scheme/protocol Kallithea will use when generating URLs:
             - With ``https_fixup = true``, the scheme will be taken from the
               ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
               (default ``http``).
             - With ``force_https = true`` the default will be ``https``.
             - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
             .. _nginx_virtual_host:
             Nginx virtual host example
             --------------------------
             Sample config for Nginx using proxy:
             .. code-block:: nginx
                 upstream kallithea {
                     server 127.0.0.1:5000;
                     # add more instances for load balancing
                     #server 127.0.0.1:5001;
                     #server 127.0.0.1:5002;
                 }
                 ## gist alias
                 server {
                    listen          443;
                    server_name     gist.example.com;
                    access_log      /var/log/nginx/gist.access.log;
                    error_log       /var/log/nginx/gist.error.log;
                    ssl on;
                    ssl_certificate     gist.your.kallithea.server.crt;
                    ssl_certificate_key gist.your.kallithea.server.key;
                    ssl_session_timeout 5m;
                    ssl_protocols SSLv3 TLSv1;
                    ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
                    ssl_prefer_server_ciphers on;
                    rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
                    rewrite (.*)    https://kallithea.example.com/_admin/gists;
                 }
                 server {
                    listen          443;
                    server_name     kallithea.example.com
                    access_log      /var/log/nginx/kallithea.access.log;
                    error_log       /var/log/nginx/kallithea.error.log;
                    ssl on;
                    ssl_certificate     your.kallithea.server.crt;
                    ssl_certificate_key your.kallithea.server.key;
                    ssl_session_timeout 5m;
                    ssl_protocols SSLv3 TLSv1;
                    ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
                    ssl_prefer_server_ciphers on;
                    ## uncomment root directive if you want to serve static files by nginx
                    ## requires static_files = false in .ini file
                    #root /srv/kallithea/kallithea/kallithea/public;
                    include         /etc/nginx/proxy.conf;
                    location / {
                         try_files $uri @kallithea;
                    }
                    location @kallithea {
                         proxy_pass      http://127.0.0.1:5000;
                    }
                 }
             Here's the proxy.conf. It's tuned so it will not timeout on long
             pushes or large pushes::
                 proxy_redirect              off;
                 proxy_set_header            Host $host;
                 ## needed for container auth
                 #proxy_set_header            REMOTE_USER $remote_user;
                 #proxy_set_header            X-Forwarded-User $remote_user;
                 proxy_set_header            X-Url-Scheme $scheme;
                 proxy_set_header            X-Host $http_host;
                 proxy_set_header            X-Real-IP $remote_addr;
                 proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
                 proxy_set_header            Proxy-host $proxy_host;
                 proxy_buffering             off;
                 proxy_connect_timeout       7200;
                 proxy_send_timeout          7200;
                 proxy_read_timeout          7200;
                 proxy_buffers               8 32k;
                 client_max_body_size        1024m;
                 client_body_buffer_size     128k;
                 large_client_header_buffers 8 64k;
             .. _apache_virtual_host_reverse_proxy:
             Apache virtual host reverse proxy example
             -----------------------------------------
             Here is a sample configuration file for Apache using proxy:
             .. code-block:: apache
                 <VirtualHost *:80>
                         ServerName kallithea.example.com
                         <Proxy *>
                           # For Apache 2.4 and later:
                           Require all granted
                           # For Apache 2.2 and earlier, instead use:
                           # Order allow,deny
                           # Allow from all
                         </Proxy>
                         #important !
                         #Directive to properly generate url (clone url) for Kallithea
                         ProxyPreserveHost On
                         #kallithea instance
                         ProxyPass / http://127.0.0.1:5000/
                         ProxyPassReverse / http://127.0.0.1:5000/
                         #to enable https use line below
                         #SetEnvIf X-Url-Scheme https HTTPS=1
                 </VirtualHost>
             Additional tutorial
             http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
             .. _apache_subdirectory:
             Apache as subdirectory
             ----------------------
             Apache subdirectory part:
             .. code-block:: apache
                 <Location /PREFIX >
                   ProxyPass http://127.0.0.1:5000/PREFIX
                   ProxyPassReverse http://127.0.0.1:5000/PREFIX
                   SetEnvIf X-Url-Scheme https HTTPS=1
                 </Location>
             Besides the regular apache setup you will need to add the following line
             into ``[app:main]`` section of your .ini file::
                 filter-with = proxy-prefix
             Add the following at the end of the .ini file::
                 [filter:proxy-prefix]
                 use = egg:PasteDeploy#prefix
                 prefix = /PREFIX
             then change ``PREFIX`` into your chosen prefix
             .. _apache_mod_wsgi:
             Apache with mod_wsgi
             --------------------
             Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
             that, you'll need to:
             - Install mod_wsgi. If using a Debian-based distro, you can install
               the package libapache2-mod-wsgi::
                 aptitude install libapache2-mod-wsgi
             - Enable mod_wsgi::
                 a2enmod wsgi
             - Add global Apache configuration to tell mod_wsgi that Python only will be
               used in the WSGI processes and shouldn't be initialized in the Apache
               processes::
                 WSGIRestrictEmbedded On
-            - Create a wsgi dispatch script, like the one below. Make sure you
+            - Create a WSGI dispatch script, like the one below. Make sure you
               check that the paths correctly point to where you installed Kallithea
               and its Python Virtual Environment.
-            - Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script,
-              as in the following example. Once again, check the paths are
+              .. code-block:: python
-              correctly specified.
-            Here is a sample excerpt from an Apache Virtual Host configuration file:
+                  import os
+                  os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
-            .. code-block:: apache
+                  # sometimes it's needed to set the current dir
+                  os.chdir('/srv/kallithea/')
-                WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
+                  import site
-                    python-home=/srv/kallithea/venv
+                  site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages")
-                WSGIProcessGroup kallithea
-                WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
-                WSGIPassAuthorization On
-            Or if using a dispatcher WSGI script with proper virtualenv activation:
+                  ini = '/srv/kallithea/my.ini'
+                  from logging.config import fileConfig
+                  fileConfig(ini)
+                  from paste.deploy import loadapp
+                  application = loadapp('config:' + ini)
-            .. code-block:: apache
+              Or using proper virtualenv activation:
-                WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100
+              .. code-block:: python
-                WSGIProcessGroup kallithea
-                WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
-                WSGIPassAuthorization On
-            Apache will by default run as a special Apache user, on Linux systems
+                  activate_this = '/srv/kallithea/venv/bin/activate_this.py'
-            usually ``www-data`` or ``apache``. If you need to have the repositories
+                  execfile(activate_this, dict(__file__=activate_this))
-            directory owned by a different user, use the user and group options to
-            WSGIDaemonProcess to set the name of the user and group.
-            Example WSGI dispatch script:
+                  import os
+                  os.environ['HOME'] = '/srv/kallithea'
-            .. code-block:: python
+                  ini = '/srv/kallithea/kallithea.ini'
+                  from logging.config import fileConfig
-                import os
+                  fileConfig(ini)
-                os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
+                  from paste.deploy import loadapp
+                  application = loadapp('config:' + ini)
-                # sometimes it's needed to set the current dir
+            - Enable the ``WSGIScriptAlias`` directive for the WSGI dispatch script, as in
-                os.chdir('/srv/kallithea/')
+              the following example from an Apache Virtual Host configuration file. Once
+              again, check the paths are correctly specified.
-                import site
+              .. code-block:: apache
-                site.addsitedir("/srv/kallithea/venv/lib/python2.7/site-packages")
-                ini = '/srv/kallithea/my.ini'
+                  WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
-                from logging.config import fileConfig
+                      python-home=/srv/kallithea/venv
-                fileConfig(ini)
+                  WSGIProcessGroup kallithea
-                from paste.deploy import loadapp
+                  WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
-                application = loadapp('config:' + ini)
+                  WSGIPassAuthorization On
-            Or using proper virtualenv activation:
+              Or if using a dispatcher WSGI script with proper virtualenv activation:
-            .. code-block:: python
+              .. code-block:: apache
-                activate_this = '/srv/kallithea/venv/bin/activate_this.py'
+                  WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100
-                execfile(activate_this, dict(__file__=activate_this))
+                  WSGIProcessGroup kallithea
+                  WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
-                import os
+                  WSGIPassAuthorization On
-                os.environ['HOME'] = '/srv/kallithea'
-                ini = '/srv/kallithea/kallithea.ini'
+              Apache will by default run as a special Apache user, on Linux systems
-                from logging.config import fileConfig
+              usually ``www-data`` or ``apache``. If you need to have the repositories
-                fileConfig(ini)
+              directory owned by a different user, use the user and group options to
-                from paste.deploy import loadapp
+              WSGIDaemonProcess to set the name of the user and group.
-                application = loadapp('config:' + ini)
             Other configuration files
             -------------------------
             A number of `example init.d scripts`__ can be found in
             the ``init.d`` directory of the Kallithea source.
             .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
             .. _virtualenv: http://pypi.python.org/pypi/virtualenv
             .. _python: http://www.python.org/
             .. _Python regular expression documentation: https://docs.python.org/2/library/re.html
             .. _Mercurial: https://www.mercurial-scm.org/
             .. _Celery: http://celeryproject.org/
             .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
             .. _RabbitMQ: http://www.rabbitmq.com/
             .. _Redis: http://redis.io/
             .. _mercurial-server: http://www.lshift.net/mercurial-server.html
             .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories