##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

docs: augment setup description with more details of http server and database...
Mads Kiilerich -
r8326:ff8651b2 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,520 +1,520 b''
1 ###################################################################################
1 ###################################################################################
2 ###################################################################################
2 ###################################################################################
3 ## Kallithea config file generated with kallithea-cli ##
3 ## Kallithea config file generated with kallithea-cli ##
4 ## ##
4 ## ##
5 ## The %(here)s variable will generally be replaced with the parent directory of ##
5 ## The %(here)s variable will generally be replaced with the parent directory of ##
6 ## this file. Other use of % must be escaped as %% . ##
6 ## this file. Other use of % must be escaped as %% . ##
7 ###################################################################################
7 ###################################################################################
8 ###################################################################################
8 ###################################################################################
9
9
10 [DEFAULT]
10 [DEFAULT]
11
11
12 ################################################################################
12 ################################################################################
13 ## Email settings ##
13 ## Email settings ##
14 ## ##
14 ## ##
15 ## Refer to the documentation ("Email settings") for more details. ##
15 ## Refer to the documentation ("Email settings") for more details. ##
16 ## ##
16 ## ##
17 ## It is recommended to use a valid sender address that passes access ##
17 ## It is recommended to use a valid sender address that passes access ##
18 ## validation and spam filtering in mail servers. ##
18 ## validation and spam filtering in mail servers. ##
19 ################################################################################
19 ################################################################################
20
20
21 ## 'From' header for application emails. You can optionally add a name.
21 ## 'From' header for application emails. You can optionally add a name.
22 ## Default:
22 ## Default:
23 #app_email_from = Kallithea
23 #app_email_from = Kallithea
24 ## Examples:
24 ## Examples:
25 #app_email_from = Kallithea <kallithea-noreply@example.com>
25 #app_email_from = Kallithea <kallithea-noreply@example.com>
26 #app_email_from = kallithea-noreply@example.com
26 #app_email_from = kallithea-noreply@example.com
27
27
28 ## Subject prefix for application emails.
28 ## Subject prefix for application emails.
29 ## A space between this prefix and the real subject is automatically added.
29 ## A space between this prefix and the real subject is automatically added.
30 ## Default:
30 ## Default:
31 #email_prefix =
31 #email_prefix =
32 ## Example:
32 ## Example:
33 #email_prefix = [Kallithea]
33 #email_prefix = [Kallithea]
34
34
35 ## Recipients for error emails and fallback recipients of application mails.
35 ## Recipients for error emails and fallback recipients of application mails.
36 ## Multiple addresses can be specified, comma-separated.
36 ## Multiple addresses can be specified, comma-separated.
37 ## Only addresses are allowed, do not add any name part.
37 ## Only addresses are allowed, do not add any name part.
38 ## Default:
38 ## Default:
39 #email_to =
39 #email_to =
40 ## Examples:
40 ## Examples:
41 #email_to = admin@example.com
41 #email_to = admin@example.com
42 #email_to = admin@example.com,another_admin@example.com
42 #email_to = admin@example.com,another_admin@example.com
43 email_to =
43 email_to =
44
44
45 ## 'From' header for error emails. You can optionally add a name.
45 ## 'From' header for error emails. You can optionally add a name.
46 ## Default: (none)
46 ## Default: (none)
47 ## Examples:
47 ## Examples:
48 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
48 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
49 #error_email_from = kallithea_errors@example.com
49 #error_email_from = kallithea_errors@example.com
50 error_email_from =
50 error_email_from =
51
51
52 ## SMTP server settings
52 ## SMTP server settings
53 ## If specifying credentials, make sure to use secure connections.
53 ## If specifying credentials, make sure to use secure connections.
54 ## Default: Send unencrypted unauthenticated mails to the specified smtp_server.
54 ## Default: Send unencrypted unauthenticated mails to the specified smtp_server.
55 ## For "SSL", use smtp_use_ssl = true and smtp_port = 465.
55 ## For "SSL", use smtp_use_ssl = true and smtp_port = 465.
56 ## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
56 ## For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
57 smtp_server =
57 smtp_server =
58 smtp_username =
58 smtp_username =
59 smtp_password =
59 smtp_password =
60 smtp_port =
60 smtp_port =
61 smtp_use_ssl = false
61 smtp_use_ssl = false
62 smtp_use_tls = false
62 smtp_use_tls = false
63
63
64 ## Entry point for 'gearbox serve'
64 ## Entry point for 'gearbox serve'
65 [server:main]
65 [server:main]
66 #host = 127.0.0.1
66 #host = 127.0.0.1
67 host = 0.0.0.0
67 host = 0.0.0.0
68 port = 5000
68 port = 5000
69
69
70 ## Gearbox serve uses the Waitress web server ##
70 ## Gearbox serve uses the Waitress web server ##
71 use = egg:waitress#main
71 use = egg:waitress#main
72 ## avoid multi threading
72 ## avoid multi threading
73 threads = 1
73 threads = 1
74 ## allow push of repos bigger than the default of 1 GB
74 ## allow push of repos bigger than the default of 1 GB
75 max_request_body_size = 107374182400
75 max_request_body_size = 107374182400
76 ## use poll instead of select, fixes fd limits, may not work on old
76 ## use poll instead of select, fixes fd limits, may not work on old
77 ## windows systems.
77 ## windows systems.
78 #asyncore_use_poll = True
78 #asyncore_use_poll = True
79
79
80 ## middleware for hosting the WSGI application under a URL prefix
80 ## middleware for hosting the WSGI application under a URL prefix
81 #[filter:proxy-prefix]
81 #[filter:proxy-prefix]
82 #use = egg:PasteDeploy#prefix
82 #use = egg:PasteDeploy#prefix
83 #prefix = /<your-prefix>
83 #prefix = /<your-prefix>
84
84
85 [app:main]
85 [app:main]
86 use = egg:kallithea
86 use = egg:kallithea
87 ## enable proxy prefix middleware
87 ## enable proxy prefix middleware
88 #filter-with = proxy-prefix
88 #filter-with = proxy-prefix
89
89
90 full_stack = true
90 full_stack = true
91 static_files = true
91 static_files = true
92
92
93 ## Internationalization (see setup documentation for details)
93 ## Internationalization (see setup documentation for details)
94 ## By default, the languages requested by the browser are used if available, with English as default.
94 ## By default, the languages requested by the browser are used if available, with English as default.
95 ## Set i18n.enabled=false to disable automatic language choice.
95 ## Set i18n.enabled=false to disable automatic language choice.
96 #i18n.enabled = true
96 #i18n.enabled = true
97 ## To Force a language, set i18n.enabled=false and specify the language in i18n.lang.
97 ## To Force a language, set i18n.enabled=false and specify the language in i18n.lang.
98 ## Valid values are the names of subdirectories in kallithea/i18n with a LC_MESSAGES/kallithea.mo
98 ## Valid values are the names of subdirectories in kallithea/i18n with a LC_MESSAGES/kallithea.mo
99 #i18n.lang = en
99 #i18n.lang = en
100
100
101 cache_dir = %(here)s/data
101 cache_dir = %(here)s/data
102 index_dir = %(here)s/data/index
102 index_dir = %(here)s/data/index
103
103
104 ## uncomment and set this path to use archive download cache
104 ## uncomment and set this path to use archive download cache
105 archive_cache_dir = %(here)s/tarballcache
105 archive_cache_dir = %(here)s/tarballcache
106
106
107 ## change this to unique ID for security
107 ## change this to unique ID for security
108 #app_instance_uuid = VERY-SECRET
108 #app_instance_uuid = VERY-SECRET
109 app_instance_uuid = development-not-secret
109 app_instance_uuid = development-not-secret
110
110
111 ## cut off limit for large diffs (size in bytes)
111 ## cut off limit for large diffs (size in bytes)
112 cut_off_limit = 256000
112 cut_off_limit = 256000
113
113
114 ## force https in Kallithea, fixes https redirects, assumes it's always https
114 ## force https in Kallithea, fixes https redirects, assumes it's always https
115 force_https = false
115 force_https = false
116
116
117 ## use Strict-Transport-Security headers
117 ## use Strict-Transport-Security headers
118 use_htsts = false
118 use_htsts = false
119
119
120 ## number of commits stats will parse on each iteration
120 ## number of commits stats will parse on each iteration
121 commit_parse_limit = 25
121 commit_parse_limit = 25
122
122
123 ## Path to Python executable to be used for git hooks.
123 ## Path to Python executable to be used for git hooks.
124 ## This value will be written inside the git hook scripts as the text
124 ## This value will be written inside the git hook scripts as the text
125 ## after '#!' (shebang). When empty or not defined, the value of
125 ## after '#!' (shebang). When empty or not defined, the value of
126 ## 'sys.executable' at the time of installation of the git hooks is
126 ## 'sys.executable' at the time of installation of the git hooks is
127 ## used, which is correct in many cases but for example not when using uwsgi.
127 ## used, which is correct in many cases but for example not when using uwsgi.
128 ## If you change this setting, you should reinstall the Git hooks via
128 ## If you change this setting, you should reinstall the Git hooks via
129 ## Admin > Settings > Remap and Rescan.
129 ## Admin > Settings > Remap and Rescan.
130 #git_hook_interpreter = /srv/kallithea/venv/bin/python3
130 #git_hook_interpreter = /srv/kallithea/venv/bin/python3
131
131
132 ## path to git executable
132 ## path to git executable
133 git_path = git
133 git_path = git
134
134
135 ## git rev filter option, --all is the default filter, if you need to
135 ## git rev filter option, --all is the default filter, if you need to
136 ## hide all refs in changelog switch this to --branches --tags
136 ## hide all refs in changelog switch this to --branches --tags
137 #git_rev_filter = --branches --tags
137 #git_rev_filter = --branches --tags
138
138
139 ## RSS feed options
139 ## RSS feed options
140 rss_cut_off_limit = 256000
140 rss_cut_off_limit = 256000
141 rss_items_per_page = 10
141 rss_items_per_page = 10
142 rss_include_diff = false
142 rss_include_diff = false
143
143
144 ## options for showing and identifying changesets
144 ## options for showing and identifying changesets
145 show_sha_length = 12
145 show_sha_length = 12
146 show_revision_number = false
146 show_revision_number = false
147
147
148 ## Canonical URL to use when creating full URLs in UI and texts.
148 ## Canonical URL to use when creating full URLs in UI and texts.
149 ## Useful when the site is available under different names or protocols.
149 ## Useful when the site is available under different names or protocols.
150 ## Defaults to what is provided in the WSGI environment.
150 ## Defaults to what is provided in the WSGI environment.
151 #canonical_url = https://kallithea.example.com/repos
151 #canonical_url = https://kallithea.example.com/repos
152
152
153 ## gist URL alias, used to create nicer urls for gist. This should be an
153 ## gist URL alias, used to create nicer urls for gist. This should be an
154 ## url that does rewrites to _admin/gists/<gistid>.
154 ## url that does rewrites to _admin/gists/<gistid>.
155 ## example: http://gist.example.com/{gistid}. Empty means use the internal
155 ## example: http://gist.example.com/{gistid}. Empty means use the internal
156 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
156 ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
157 gist_alias_url =
157 gist_alias_url =
158
158
159 ## default encoding used to convert from and to unicode
159 ## default encoding used to convert from and to unicode
160 ## can be also a comma separated list of encoding in case of mixed encodings
160 ## can be also a comma separated list of encoding in case of mixed encodings
161 default_encoding = utf-8
161 default_encoding = utf-8
162
162
163 ## Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea
163 ## Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea
164 hgencoding = utf-8
164 hgencoding = utf-8
165
165
166 ## issue tracker for Kallithea (leave blank to disable, absent for default)
166 ## issue tracker for Kallithea (leave blank to disable, absent for default)
167 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
167 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
168
168
169 ## issue tracking mapping for commit messages, comments, PR descriptions, ...
169 ## issue tracking mapping for commit messages, comments, PR descriptions, ...
170 ## Refer to the documentation ("Integration with issue trackers") for more details.
170 ## Refer to the documentation ("Integration with issue trackers") for more details.
171
171
172 ## regular expression to match issue references
172 ## regular expression to match issue references
173 ## This pattern may/should contain parenthesized groups, that can
173 ## This pattern may/should contain parenthesized groups, that can
174 ## be referred to in issue_server_link or issue_sub using Python backreferences
174 ## be referred to in issue_server_link or issue_sub using Python backreferences
175 ## (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.
175 ## (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.
176 ## To require mandatory whitespace before the issue pattern, use:
176 ## To require mandatory whitespace before the issue pattern, use:
177 ## (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace
177 ## (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace
178 ## behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.
178 ## behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.
179
179
180 issue_pat = #(\d+)
180 issue_pat = #(\d+)
181
181
182 ## server url to the issue
182 ## server url to the issue
183 ## This pattern may/should contain backreferences to parenthesized groups in issue_pat.
183 ## This pattern may/should contain backreferences to parenthesized groups in issue_pat.
184 ## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group
184 ## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group
185 ## called 'groupname' in issue_pat.
185 ## called 'groupname' in issue_pat.
186 ## The special token {repo} is replaced with the full repository name
186 ## The special token {repo} is replaced with the full repository name
187 ## including repository groups, while {repo_name} is replaced with just
187 ## including repository groups, while {repo_name} is replaced with just
188 ## the name of the repository.
188 ## the name of the repository.
189
189
190 issue_server_link = https://issues.example.com/{repo}/issue/\1
190 issue_server_link = https://issues.example.com/{repo}/issue/\1
191
191
192 ## substitution pattern to use as the link text
192 ## substitution pattern to use as the link text
193 ## If issue_sub is empty, the text matched by issue_pat is retained verbatim
193 ## If issue_sub is empty, the text matched by issue_pat is retained verbatim
194 ## for the link text. Otherwise, the link text is that of issue_sub, with any
194 ## for the link text. Otherwise, the link text is that of issue_sub, with any
195 ## backreferences to groups in issue_pat replaced.
195 ## backreferences to groups in issue_pat replaced.
196
196
197 issue_sub =
197 issue_sub =
198
198
199 ## issue_pat, issue_server_link and issue_sub can have suffixes to specify
199 ## issue_pat, issue_server_link and issue_sub can have suffixes to specify
200 ## multiple patterns, to other issues server, wiki or others
200 ## multiple patterns, to other issues server, wiki or others
201 ## below an example how to create a wiki pattern
201 ## below an example how to create a wiki pattern
202 ## wiki-some-id -> https://wiki.example.com/some-id
202 ## wiki-some-id -> https://wiki.example.com/some-id
203
203
204 #issue_pat_wiki = wiki-(\S+)
204 #issue_pat_wiki = wiki-(\S+)
205 #issue_server_link_wiki = https://wiki.example.com/\1
205 #issue_server_link_wiki = https://wiki.example.com/\1
206 #issue_sub_wiki = WIKI-\1
206 #issue_sub_wiki = WIKI-\1
207
207
208 ## alternative return HTTP header for failed authentication. Default HTTP
208 ## alternative return HTTP header for failed authentication. Default HTTP
209 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
209 ## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
210 ## handling that. Set this variable to 403 to return HTTPForbidden
210 ## handling that. Set this variable to 403 to return HTTPForbidden
211 auth_ret_code =
211 auth_ret_code =
212
212
213 ## allows to change the repository location in settings page
213 ## allows to change the repository location in settings page
214 allow_repo_location_change = True
214 allow_repo_location_change = True
215
215
216 ## allows to setup custom hooks in settings page
216 ## allows to setup custom hooks in settings page
217 allow_custom_hooks_settings = True
217 allow_custom_hooks_settings = True
218
218
219 ## extra extensions for indexing, space separated and without the leading '.'.
219 ## extra extensions for indexing, space separated and without the leading '.'.
220 #index.extensions =
220 #index.extensions =
221 # gemfile
221 # gemfile
222 # lock
222 # lock
223
223
224 ## extra filenames for indexing, space separated
224 ## extra filenames for indexing, space separated
225 #index.filenames =
225 #index.filenames =
226 # .dockerignore
226 # .dockerignore
227 # .editorconfig
227 # .editorconfig
228 # INSTALL
228 # INSTALL
229 # CHANGELOG
229 # CHANGELOG
230
230
231 ####################################
231 ####################################
232 ## SSH CONFIG ##
232 ## SSH CONFIG ##
233 ####################################
233 ####################################
234
234
235 ## SSH is disabled by default, until an Administrator decides to enable it.
235 ## SSH is disabled by default, until an Administrator decides to enable it.
236 ssh_enabled = false
236 ssh_enabled = false
237
237
238 ## File where users' SSH keys will be stored *if* ssh_enabled is true.
238 ## File where users' SSH keys will be stored *if* ssh_enabled is true.
239 #ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
239 #ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
240
240
241 ## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.
241 ## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.
242 #kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
242 #kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
243
243
244 ## Locale to be used in the ssh-serve command.
244 ## Locale to be used in the ssh-serve command.
245 ## This is needed because an SSH client may try to use its own locale
245 ## This is needed because an SSH client may try to use its own locale
246 ## settings, which may not be available on the server.
246 ## settings, which may not be available on the server.
247 ## See `locale -a` for valid values on this system.
247 ## See `locale -a` for valid values on this system.
248 #ssh_locale = C.UTF-8
248 #ssh_locale = C.UTF-8
249
249
250 ####################################
250 ####################################
251 ## CELERY CONFIG ##
251 ## CELERY CONFIG ##
252 ####################################
252 ####################################
253
253
254 ## Note: Celery doesn't support Windows.
254 ## Note: Celery doesn't support Windows.
255 use_celery = false
255 use_celery = false
256
256
257 ## Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.
257 ## Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.
258
258
259 ## Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':
259 ## Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':
260 celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost
260 celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost
261
261
262 celery.result.backend = db+sqlite:///celery-results.db
262 celery.result.backend = db+sqlite:///celery-results.db
263
263
264 #celery.amqp.task.result.expires = 18000
264 #celery.amqp.task.result.expires = 18000
265
265
266 celery.worker_concurrency = 2
266 celery.worker_concurrency = 2
267 celery.worker_max_tasks_per_child = 1
267 celery.worker_max_tasks_per_child = 1
268
268
269 ## If true, tasks will never be sent to the queue, but executed locally instead.
269 ## If true, tasks will never be sent to the queue, but executed locally instead.
270 celery.task_always_eager = false
270 celery.task_always_eager = false
271
271
272 ####################################
272 ####################################
273 ## BEAKER CACHE ##
273 ## BEAKER CACHE ##
274 ####################################
274 ####################################
275
275
276 beaker.cache.data_dir = %(here)s/data/cache/data
276 beaker.cache.data_dir = %(here)s/data/cache/data
277 beaker.cache.lock_dir = %(here)s/data/cache/lock
277 beaker.cache.lock_dir = %(here)s/data/cache/lock
278
278
279 beaker.cache.regions = long_term,long_term_file
279 beaker.cache.regions = long_term,long_term_file
280
280
281 beaker.cache.long_term.type = memory
281 beaker.cache.long_term.type = memory
282 beaker.cache.long_term.expire = 36000
282 beaker.cache.long_term.expire = 36000
283 beaker.cache.long_term.key_length = 256
283 beaker.cache.long_term.key_length = 256
284
284
285 beaker.cache.long_term_file.type = file
285 beaker.cache.long_term_file.type = file
286 beaker.cache.long_term_file.expire = 604800
286 beaker.cache.long_term_file.expire = 604800
287 beaker.cache.long_term_file.key_length = 256
287 beaker.cache.long_term_file.key_length = 256
288
288
289 ####################################
289 ####################################
290 ## BEAKER SESSION ##
290 ## BEAKER SESSION ##
291 ####################################
291 ####################################
292
292
293 ## Name of session cookie. Should be unique for a given host and path, even when running
293 ## Name of session cookie. Should be unique for a given host and path, even when running
294 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
294 ## on different ports. Otherwise, cookie sessions will be shared and messed up.
295 session.key = kallithea
295 session.key = kallithea
296 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
296 ## Sessions should always only be accessible by the browser, not directly by JavaScript.
297 session.httponly = true
297 session.httponly = true
298 ## Session lifetime. 2592000 seconds is 30 days.
298 ## Session lifetime. 2592000 seconds is 30 days.
299 session.timeout = 2592000
299 session.timeout = 2592000
300
300
301 ## Server secret used with HMAC to ensure integrity of cookies.
301 ## Server secret used with HMAC to ensure integrity of cookies.
302 #session.secret = VERY-SECRET
302 #session.secret = VERY-SECRET
303 session.secret = development-not-secret
303 session.secret = development-not-secret
304 ## Further, encrypt the data with AES.
304 ## Further, encrypt the data with AES.
305 #session.encrypt_key = <key_for_encryption>
305 #session.encrypt_key = <key_for_encryption>
306 #session.validate_key = <validation_key>
306 #session.validate_key = <validation_key>
307
307
308 ## Type of storage used for the session, current types are
308 ## Type of storage used for the session, current types are
309 ## dbm, file, memcached, database, and memory.
309 ## dbm, file, memcached, database, and memory.
310
310
311 ## File system storage of session data. (default)
311 ## File system storage of session data. (default)
312 #session.type = file
312 #session.type = file
313
313
314 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
314 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
315 #session.type = cookie
315 #session.type = cookie
316
316
317 ## Database storage of session data.
317 ## Database storage of session data.
318 #session.type = ext:database
318 #session.type = ext:database
319 #session.sa.url = postgresql://postgres:qwe@localhost/kallithea
319 #session.sa.url = postgresql://postgres:qwe@localhost/kallithea
320 #session.table_name = db_session
320 #session.table_name = db_session
321
321
322 ####################################
322 ####################################
323 ## ERROR HANDLING ##
323 ## ERROR HANDLING ##
324 ####################################
324 ####################################
325
325
326 ## Show a nice error page for application HTTP errors and exceptions (default true)
326 ## Show a nice error page for application HTTP errors and exceptions (default true)
327 #errorpage.enabled = true
327 #errorpage.enabled = true
328
328
329 ## Enable Backlash client-side interactive debugger (default false)
329 ## Enable Backlash client-side interactive debugger (default false)
330 ## WARNING: *THIS MUST BE false IN PRODUCTION ENVIRONMENTS!!!*
330 ## WARNING: *THIS MUST BE false IN PRODUCTION ENVIRONMENTS!!!*
331 ## This debug mode will allow all visitors to execute malicious code.
331 ## This debug mode will allow all visitors to execute malicious code.
332 #debug = false
332 #debug = false
333 debug = true
333 debug = true
334
334
335 ## Enable Backlash server-side error reporting (unless debug mode handles it client-side) (default true)
335 ## Enable Backlash server-side error reporting (unless debug mode handles it client-side) (default true)
336 #trace_errors.enable = true
336 #trace_errors.enable = true
337 ## Errors will be reported by mail if trace_errors.error_email is set.
337 ## Errors will be reported by mail if trace_errors.error_email is set.
338
338
339 ## Propagate email settings to ErrorReporter of TurboGears2
339 ## Propagate email settings to ErrorReporter of TurboGears2
340 ## You do not normally need to change these lines
340 ## You do not normally need to change these lines
341 get trace_errors.smtp_server = smtp_server
341 get trace_errors.smtp_server = smtp_server
342 get trace_errors.smtp_port = smtp_port
342 get trace_errors.smtp_port = smtp_port
343 get trace_errors.from_address = error_email_from
343 get trace_errors.from_address = error_email_from
344 get trace_errors.error_email = email_to
344 get trace_errors.error_email = email_to
345 get trace_errors.smtp_username = smtp_username
345 get trace_errors.smtp_username = smtp_username
346 get trace_errors.smtp_password = smtp_password
346 get trace_errors.smtp_password = smtp_password
347 get trace_errors.smtp_use_tls = smtp_use_tls
347 get trace_errors.smtp_use_tls = smtp_use_tls
348
348
349
349
350 ##################################
350 ##################################
351 ## LOGVIEW CONFIG ##
351 ## LOGVIEW CONFIG ##
352 ##################################
352 ##################################
353
353
354 logview.sqlalchemy = #faa
354 logview.sqlalchemy = #faa
355 logview.pylons.templating = #bfb
355 logview.pylons.templating = #bfb
356 logview.pylons.util = #eee
356 logview.pylons.util = #eee
357
357
358 #########################
358 #########################
359 ## DB CONFIG ##
359 ## DB CONFIG ##
360 #########################
360 #########################
361
361
362 sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
362 sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
363 #sqlalchemy.url = postgresql://user:pass@localhost/kallithea
363 #sqlalchemy.url = postgresql://kallithea:password@localhost/kallithea
364 #sqlalchemy.url = mysql://user:pass@localhost/kallithea?charset=utf8
364 #sqlalchemy.url = mysql://kallithea:password@localhost/kallithea?charset=utf8
365 ## Note: the mysql:// prefix should also be used for MariaDB
365 ## Note: the mysql:// prefix should also be used for MariaDB
366
366
367 sqlalchemy.pool_recycle = 3600
367 sqlalchemy.pool_recycle = 3600
368
368
369 ################################
369 ################################
370 ## ALEMBIC CONFIGURATION ##
370 ## ALEMBIC CONFIGURATION ##
371 ################################
371 ################################
372
372
373 [alembic]
373 [alembic]
374 script_location = kallithea:alembic
374 script_location = kallithea:alembic
375
375
376 ################################
376 ################################
377 ## LOGGING CONFIGURATION ##
377 ## LOGGING CONFIGURATION ##
378 ################################
378 ################################
379
379
380 [loggers]
380 [loggers]
381 keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash
381 keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash
382
382
383 [handlers]
383 [handlers]
384 keys = console, console_color, console_color_sql, null
384 keys = console, console_color, console_color_sql, null
385
385
386 [formatters]
386 [formatters]
387 keys = generic, color_formatter, color_formatter_sql
387 keys = generic, color_formatter, color_formatter_sql
388
388
389 #############
389 #############
390 ## LOGGERS ##
390 ## LOGGERS ##
391 #############
391 #############
392
392
393 [logger_root]
393 [logger_root]
394 level = NOTSET
394 level = NOTSET
395 #handlers = console
395 #handlers = console
396 ## For coloring based on log level:
396 ## For coloring based on log level:
397 handlers = console_color
397 handlers = console_color
398
398
399 [logger_routes]
399 [logger_routes]
400 #level = WARN
400 #level = WARN
401 level = DEBUG
401 level = DEBUG
402 handlers =
402 handlers =
403 qualname = routes.middleware
403 qualname = routes.middleware
404 ## "level = DEBUG" logs the route matched and routing variables.
404 ## "level = DEBUG" logs the route matched and routing variables.
405
405
406 [logger_beaker]
406 [logger_beaker]
407 #level = WARN
407 #level = WARN
408 level = DEBUG
408 level = DEBUG
409 handlers =
409 handlers =
410 qualname = beaker.container
410 qualname = beaker.container
411
411
412 [logger_templates]
412 [logger_templates]
413 #level = WARN
413 #level = WARN
414 level = INFO
414 level = INFO
415 handlers =
415 handlers =
416 qualname = pylons.templating
416 qualname = pylons.templating
417
417
418 [logger_kallithea]
418 [logger_kallithea]
419 #level = WARN
419 #level = WARN
420 level = DEBUG
420 level = DEBUG
421 handlers =
421 handlers =
422 qualname = kallithea
422 qualname = kallithea
423
423
424 [logger_tg]
424 [logger_tg]
425 #level = WARN
425 #level = WARN
426 level = DEBUG
426 level = DEBUG
427 handlers =
427 handlers =
428 qualname = tg
428 qualname = tg
429
429
430 [logger_gearbox]
430 [logger_gearbox]
431 #level = WARN
431 #level = WARN
432 level = DEBUG
432 level = DEBUG
433 handlers =
433 handlers =
434 qualname = gearbox
434 qualname = gearbox
435
435
436 [logger_sqlalchemy]
436 [logger_sqlalchemy]
437 level = WARN
437 level = WARN
438 handlers =
438 handlers =
439 qualname = sqlalchemy.engine
439 qualname = sqlalchemy.engine
440 ## For coloring based on log level and pretty printing of SQL:
440 ## For coloring based on log level and pretty printing of SQL:
441 #level = INFO
441 #level = INFO
442 #handlers = console_color_sql
442 #handlers = console_color_sql
443 #propagate = 0
443 #propagate = 0
444
444
445 [logger_whoosh_indexer]
445 [logger_whoosh_indexer]
446 #level = WARN
446 #level = WARN
447 level = DEBUG
447 level = DEBUG
448 handlers =
448 handlers =
449 qualname = whoosh_indexer
449 qualname = whoosh_indexer
450
450
451 [logger_werkzeug]
451 [logger_werkzeug]
452 level = WARN
452 level = WARN
453 handlers =
453 handlers =
454 qualname = werkzeug
454 qualname = werkzeug
455
455
456 [logger_backlash]
456 [logger_backlash]
457 level = WARN
457 level = WARN
458 handlers =
458 handlers =
459 qualname = backlash
459 qualname = backlash
460
460
461 ##############
461 ##############
462 ## HANDLERS ##
462 ## HANDLERS ##
463 ##############
463 ##############
464
464
465 [handler_console]
465 [handler_console]
466 class = StreamHandler
466 class = StreamHandler
467 args = (sys.stderr,)
467 args = (sys.stderr,)
468 formatter = generic
468 formatter = generic
469
469
470 [handler_console_color]
470 [handler_console_color]
471 ## ANSI color coding based on log level
471 ## ANSI color coding based on log level
472 class = StreamHandler
472 class = StreamHandler
473 args = (sys.stderr,)
473 args = (sys.stderr,)
474 formatter = color_formatter
474 formatter = color_formatter
475
475
476 [handler_console_color_sql]
476 [handler_console_color_sql]
477 ## ANSI color coding and pretty printing of SQL statements
477 ## ANSI color coding and pretty printing of SQL statements
478 class = StreamHandler
478 class = StreamHandler
479 args = (sys.stderr,)
479 args = (sys.stderr,)
480 formatter = color_formatter_sql
480 formatter = color_formatter_sql
481
481
482 [handler_null]
482 [handler_null]
483 class = NullHandler
483 class = NullHandler
484 args = ()
484 args = ()
485
485
486 ################
486 ################
487 ## FORMATTERS ##
487 ## FORMATTERS ##
488 ################
488 ################
489
489
490 [formatter_generic]
490 [formatter_generic]
491 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
491 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
492 datefmt = %Y-%m-%d %H:%M:%S
492 datefmt = %Y-%m-%d %H:%M:%S
493
493
494 [formatter_color_formatter]
494 [formatter_color_formatter]
495 class = kallithea.lib.colored_formatter.ColorFormatter
495 class = kallithea.lib.colored_formatter.ColorFormatter
496 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
496 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
497 datefmt = %Y-%m-%d %H:%M:%S
497 datefmt = %Y-%m-%d %H:%M:%S
498
498
499 [formatter_color_formatter_sql]
499 [formatter_color_formatter_sql]
500 class = kallithea.lib.colored_formatter.ColorFormatterSql
500 class = kallithea.lib.colored_formatter.ColorFormatterSql
501 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
501 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
502 datefmt = %Y-%m-%d %H:%M:%S
502 datefmt = %Y-%m-%d %H:%M:%S
503
503
504 #################
504 #################
505 ## SSH LOGGING ##
505 ## SSH LOGGING ##
506 #################
506 #################
507
507
508 ## The default loggers use 'handler_console' that uses StreamHandler with
508 ## The default loggers use 'handler_console' that uses StreamHandler with
509 ## destination 'sys.stderr'. In the context of the SSH server process, these log
509 ## destination 'sys.stderr'. In the context of the SSH server process, these log
510 ## messages would be sent to the client, which is normally not what you want.
510 ## messages would be sent to the client, which is normally not what you want.
511 ## By default, when running ssh-serve, just use NullHandler and disable logging
511 ## By default, when running ssh-serve, just use NullHandler and disable logging
512 ## completely. For other logging options, see:
512 ## completely. For other logging options, see:
513 ## https://docs.python.org/2/library/logging.handlers.html
513 ## https://docs.python.org/2/library/logging.handlers.html
514
514
515 [ssh_serve:logger_root]
515 [ssh_serve:logger_root]
516 level = CRITICAL
516 level = CRITICAL
517 handlers = null
517 handlers = null
518
518
519 ## Note: If logging is configured with other handlers, they might need similar
519 ## Note: If logging is configured with other handlers, they might need similar
520 ## muting for ssh-serve too.
520 ## muting for ssh-serve too.
Show file before | Show file after | Hide comments
@@ -1,657 +1,685 b''
1 .. _setup:
1 .. _setup:
2
2
3 =====
3 =====
4 Setup
4 Setup
5 =====
5 =====
6
6
7
7
8 Setting up Kallithea
8 Setting up Kallithea
9 --------------------
9 --------------------
10
10
11 Some further details to the steps mentioned in the overview.
11 Some further details to the steps mentioned in the overview.
12
12
13 Create low level configuration file
13 Create low level configuration file
14 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
14 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
15
15
16 First, you will need to create a Kallithea configuration file. Run the
16 First, you will need to create a Kallithea configuration file. The
17 following command to do so::
17 configuration file is a ``.ini`` file that contains various low level settings
18 for Kallithea, e.g. configuration of how to use database, web server, email,
19 and logging.
18
20
19 kallithea-cli config-create my.ini
21 Run the following command to create the file ``my.ini`` in the current
22 directory::
20
23
21 This will create the file ``my.ini`` in the current directory. This
24 kallithea-cli config-create my.ini http_server=waitress
22 configuration file contains the various settings for Kallithea, e.g.
25
23 proxy port, email settings, usage of static files, cache, Celery
26 To get a good starting point for your configuration, specify the http server
24 settings, and logging. Extra settings can be specified like::
27 you intend to use. It can be ``waitress``, ``gearbox``, ``gevent``,
28 ``gunicorn``, or ``uwsgi``. (Apache ``mod_wsgi`` will not use this
29 configuration file, and it is fine to keep the default http_server configuration
30 unused. ``mod_wsgi`` is configured using ``httpd.conf`` directives and a WSGI
31 wrapper script.)
32
33 Extra custom settings can be specified like::
25
34
26 kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter
35 kallithea-cli config-create my.ini host=8.8.8.8 "[handler_console]" formatter=color_formatter
27
36
28 Populate the database
37 Populate the database
29 ^^^^^^^^^^^^^^^^^^^^^
38 ^^^^^^^^^^^^^^^^^^^^^
30
39
31 Next, you need to create the databases used by Kallithea. It is recommended to
40 Next, you need to create the databases used by Kallithea. Kallithea currently
32 use PostgreSQL or SQLite (default). If you choose a database other than the
41 supports PostgreSQL, SQLite and MariaDB/MySQL databases. It is recommended to
33 default, ensure you properly adjust the database URL in your ``my.ini``
42 start out using SQLite (the default) and move to PostgreSQL if it becomes a
34 configuration file to use this other database. Kallithea currently supports
43 bottleneck or to get a "proper" database. MariaDB/MySQL is also supported.
35 PostgreSQL, SQLite and MariaDB/MySQL databases. Create the database by running
44
36 the following command::
45 For PostgreSQL, run ``pip install psycopg2`` to get the database driver. Make
46 sure the PostgreSQL server is initialized and running. Make sure you have a
47 database user with password authentication with permissions to create databases
48 - for example by running::
49
50 sudo -u postgres createuser 'kallithea' --pwprompt --createdb
51
52 For MariaDB/MySQL, run ``pip install mysqlclient`` to get the ``MySQLdb``
53 database driver. Make sure the database server is initialized and running. Make
54 sure you have a database user with password authentication with permissions to
55 create the database - for example by running::
56
57 echo 'CREATE USER "kallithea"@"localhost" IDENTIFIED BY "password"' | sudo -u mysql mysql
58 echo 'GRANT ALL PRIVILEGES ON `kallithea`.* TO "kallithea"@"localhost"' | sudo -u mysql mysql
59
60 Check and adjust ``sqlalchemy.url`` in your ``my.ini`` configuration file to use
61 this database.
62
63 Create the database, tables, and initial content by running the following
64 command::
37
65
38 kallithea-cli db-create -c my.ini
66 kallithea-cli db-create -c my.ini
39
67
40 This will first prompt you for a "root" path. This "root" path is the location
68 This will first prompt you for a "root" path. This "root" path is the location
41 where Kallithea will store all of its repositories on the current machine. This
69 where Kallithea will store all of its repositories on the current machine. This
42 location must be writable for the running Kallithea application. Next,
70 location must be writable for the running Kallithea application. Next,
43 ``db-create`` will prompt you for a username and password for the initial admin
71 ``db-create`` will prompt you for a username and password for the initial admin
44 account it sets up for you.
72 account it sets up for you.
45
73
46 The ``db-create`` values can also be given on the command line.
74 The ``db-create`` values can also be given on the command line.
47 Example::
75 Example::
48
76
49 kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
77 kallithea-cli db-create -c my.ini --user=nn --password=secret --email=nn@example.com --repos=/srv/repos
50
78
51 The ``db-create`` command will create all needed tables and an
79 The ``db-create`` command will create all needed tables and an
52 admin account. When choosing a root path you can either use a new
80 admin account. When choosing a root path you can either use a new
53 empty location, or a location which already contains existing
81 empty location, or a location which already contains existing
54 repositories. If you choose a location which contains existing
82 repositories. If you choose a location which contains existing
55 repositories Kallithea will add all of the repositories at the chosen
83 repositories Kallithea will add all of the repositories at the chosen
56 location to its database. (Note: make sure you specify the correct
84 location to its database. (Note: make sure you specify the correct
57 path to the root).
85 path to the root).
58
86
59
60 Prepare front-end files
87 Prepare front-end files
61 ^^^^^^^^^^^^^^^^^^^^^^^
88 ^^^^^^^^^^^^^^^^^^^^^^^
62
89
63 Finally, the front-end files must be prepared. This requires ``npm`` version 6
90 Finally, the front-end files must be prepared. This requires ``npm`` version 6
64 or later, which needs ``node.js`` (version 12 or later). Prepare the front-end
91 or later, which needs ``node.js`` (version 12 or later). Prepare the front-end
65 by running::
92 by running::
66
93
67 kallithea-cli front-end-build
94 kallithea-cli front-end-build
68
95
69 Running
96 Running
70 ^^^^^^^
97 ^^^^^^^
71
98
72 You are now ready to use Kallithea. To run it simply execute::
99 You are now ready to use Kallithea. To run it using a gearbox web server,
100 simply execute::
73
101
74 gearbox serve -c my.ini
102 gearbox serve -c my.ini
75
103
76 - This command runs the Kallithea server. The web app should be available at
104 - This command runs the Kallithea server. The web app should be available at
77 http://127.0.0.1:5000. The IP address and port is configurable via the
105 http://127.0.0.1:5000. The IP address and port is configurable via the
78 configuration file created in the previous step.
106 configuration file created in the previous step.
79 - Log in to Kallithea using the admin account created when running ``db-create``.
107 - Log in to Kallithea using the admin account created when running ``db-create``.
80 - The default permissions on each repository is read, and the owner is admin.
108 - The default permissions on each repository is read, and the owner is admin.
81 Remember to update these if needed.
109 Remember to update these if needed.
82 - In the admin panel you can toggle LDAP, anonymous, and permissions
110 - In the admin panel you can toggle LDAP, anonymous, and permissions
83 settings, as well as edit more advanced options on users and
111 settings, as well as edit more advanced options on users and
84 repositories.
112 repositories.
85
113
86
114
87 Internationalization (i18n support)
115 Internationalization (i18n support)
88 -----------------------------------
116 -----------------------------------
89
117
90 The Kallithea web interface is automatically displayed in the user's preferred
118 The Kallithea web interface is automatically displayed in the user's preferred
91 language, as indicated by the browser. Thus, different users may see the
119 language, as indicated by the browser. Thus, different users may see the
92 application in different languages. If the requested language is not available
120 application in different languages. If the requested language is not available
93 (because the translation file for that language does not yet exist or is
121 (because the translation file for that language does not yet exist or is
94 incomplete), English is used.
122 incomplete), English is used.
95
123
96 If you want to disable automatic language detection and instead configure a
124 If you want to disable automatic language detection and instead configure a
97 fixed language regardless of user preference, set ``i18n.enabled = false`` and
125 fixed language regardless of user preference, set ``i18n.enabled = false`` and
98 specify another language by setting ``i18n.lang`` in the Kallithea
126 specify another language by setting ``i18n.lang`` in the Kallithea
99 configuration file.
127 configuration file.
100
128
101
129
102 Using Kallithea with SSH
130 Using Kallithea with SSH
103 ------------------------
131 ------------------------
104
132
105 Kallithea supports repository access via SSH key based authentication.
133 Kallithea supports repository access via SSH key based authentication.
106 This means:
134 This means:
107
135
108 - repository URLs like ``ssh://kallithea@example.com/name/of/repository``
136 - repository URLs like ``ssh://kallithea@example.com/name/of/repository``
109
137
110 - all network traffic for both read and write happens over the SSH protocol on
138 - all network traffic for both read and write happens over the SSH protocol on
111 port 22, without using HTTP/HTTPS nor the Kallithea WSGI application
139 port 22, without using HTTP/HTTPS nor the Kallithea WSGI application
112
140
113 - encryption and authentication protocols are managed by the system's ``sshd``
141 - encryption and authentication protocols are managed by the system's ``sshd``
114 process, with all users using the same Kallithea system user (e.g.
142 process, with all users using the same Kallithea system user (e.g.
115 ``kallithea``) when connecting to the SSH server, but with users' public keys
143 ``kallithea``) when connecting to the SSH server, but with users' public keys
116 in the Kallithea system user's `.ssh/authorized_keys` file granting each user
144 in the Kallithea system user's `.ssh/authorized_keys` file granting each user
117 sandboxed access to the repositories.
145 sandboxed access to the repositories.
118
146
119 - users and admins can manage SSH public keys in the web UI
147 - users and admins can manage SSH public keys in the web UI
120
148
121 - in their SSH client configuration, users can configure how the client should
149 - in their SSH client configuration, users can configure how the client should
122 control access to their SSH key - without passphrase, with passphrase, and
150 control access to their SSH key - without passphrase, with passphrase, and
123 optionally with passphrase caching in the local shell session (``ssh-agent``).
151 optionally with passphrase caching in the local shell session (``ssh-agent``).
124 This is standard SSH functionality, not something Kallithea provides or
152 This is standard SSH functionality, not something Kallithea provides or
125 interferes with.
153 interferes with.
126
154
127 - network communication between client and server happens in a bidirectional
155 - network communication between client and server happens in a bidirectional
128 stateful stream, and will in some cases be faster than HTTP/HTTPS with several
156 stateful stream, and will in some cases be faster than HTTP/HTTPS with several
129 stateless round-trips.
157 stateless round-trips.
130
158
131 .. note:: At this moment, repository access via SSH has been tested on Unix
159 .. note:: At this moment, repository access via SSH has been tested on Unix
132 only. Windows users that care about SSH are invited to test it and report
160 only. Windows users that care about SSH are invited to test it and report
133 problems, ideally contributing patches that solve these problems.
161 problems, ideally contributing patches that solve these problems.
134
162
135 Users and admins can upload SSH public keys (e.g. ``.ssh/id_rsa.pub``) through
163 Users and admins can upload SSH public keys (e.g. ``.ssh/id_rsa.pub``) through
136 the web interface. The server's ``.ssh/authorized_keys`` file is automatically
164 the web interface. The server's ``.ssh/authorized_keys`` file is automatically
137 maintained with an entry for each SSH key. Each entry will tell ``sshd`` to run
165 maintained with an entry for each SSH key. Each entry will tell ``sshd`` to run
138 ``kallithea-cli`` with the ``ssh-serve`` sub-command and the right Kallithea user ID
166 ``kallithea-cli`` with the ``ssh-serve`` sub-command and the right Kallithea user ID
139 when encountering the corresponding SSH key.
167 when encountering the corresponding SSH key.
140
168
141 To enable SSH repository access, Kallithea must be configured with the path to
169 To enable SSH repository access, Kallithea must be configured with the path to
142 the ``.ssh/authorized_keys`` file for the Kallithea user, and the path to the
170 the ``.ssh/authorized_keys`` file for the Kallithea user, and the path to the
143 ``kallithea-cli`` command. Put something like this in the ``.ini`` file::
171 ``kallithea-cli`` command. Put something like this in the ``.ini`` file::
144
172
145 ssh_enabled = true
173 ssh_enabled = true
146 ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
174 ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
147 kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
175 kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
148
176
149 The SSH service must be running, and the Kallithea user account must be active
177 The SSH service must be running, and the Kallithea user account must be active
150 (not necessarily with password access, but public key access must be enabled),
178 (not necessarily with password access, but public key access must be enabled),
151 all file permissions must be set as sshd wants it, and ``authorized_keys`` must
179 all file permissions must be set as sshd wants it, and ``authorized_keys`` must
152 be writeable by the Kallithea user.
180 be writeable by the Kallithea user.
153
181
154 .. note:: The ``authorized_keys`` file will be rewritten from scratch on
182 .. note:: The ``authorized_keys`` file will be rewritten from scratch on
155 each update. If it already exists with other data, Kallithea will not
183 each update. If it already exists with other data, Kallithea will not
156 overwrite the existing ``authorized_keys``, and the server process will
184 overwrite the existing ``authorized_keys``, and the server process will
157 instead throw an exception. The system administrator thus cannot ssh
185 instead throw an exception. The system administrator thus cannot ssh
158 directly to the Kallithea user but must use su/sudo from another account.
186 directly to the Kallithea user but must use su/sudo from another account.
159
187
160 If ``/home/kallithea/.ssh/`` (the directory of the path specified in the
188 If ``/home/kallithea/.ssh/`` (the directory of the path specified in the
161 ``ssh_authorized_keys`` setting of the ``.ini`` file) does not exist as a
189 ``ssh_authorized_keys`` setting of the ``.ini`` file) does not exist as a
162 directory, Kallithea will attempt to create it. If that path exists but is
190 directory, Kallithea will attempt to create it. If that path exists but is
163 *not* a directory, or is not readable-writable-executable by the server
191 *not* a directory, or is not readable-writable-executable by the server
164 process, the server process will raise an exception each time it attempts to
192 process, the server process will raise an exception each time it attempts to
165 write the ``authorized_keys`` file.
193 write the ``authorized_keys`` file.
166
194
167 .. note:: It is possible to configure the SSH server to look for authorized
195 .. note:: It is possible to configure the SSH server to look for authorized
168 keys in multiple files, for example reserving ``ssh/authorized_keys`` to be
196 keys in multiple files, for example reserving ``ssh/authorized_keys`` to be
169 used for normal SSH and with Kallithea using
197 used for normal SSH and with Kallithea using
170 ``.ssh/authorized_keys_kallithea``. In ``/etc/ssh/sshd_config`` set
198 ``.ssh/authorized_keys_kallithea``. In ``/etc/ssh/sshd_config`` set
171 ``AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys_kallithea``
199 ``AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys_kallithea``
172 and restart sshd, and in ``my.ini`` set ``ssh_authorized_keys =
200 and restart sshd, and in ``my.ini`` set ``ssh_authorized_keys =
173 /home/kallithea/.ssh/authorized_keys_kallithea``. Note that this new
201 /home/kallithea/.ssh/authorized_keys_kallithea``. Note that this new
174 location will apply to all system users, and that multiple entries for the
202 location will apply to all system users, and that multiple entries for the
175 same SSH key will shadow each other.
203 same SSH key will shadow each other.
176
204
177 .. warning:: The handling of SSH access is steered directly by the command
205 .. warning:: The handling of SSH access is steered directly by the command
178 specified in the ``authorized_keys`` file. There is no interaction with the
206 specified in the ``authorized_keys`` file. There is no interaction with the
179 web UI. Once SSH access is correctly configured and enabled, it will work
207 web UI. Once SSH access is correctly configured and enabled, it will work
180 regardless of whether the Kallithea web process is actually running. Hence,
208 regardless of whether the Kallithea web process is actually running. Hence,
181 if you want to perform repository or server maintenance and want to fully
209 if you want to perform repository or server maintenance and want to fully
182 disable all access to the repositories, disable SSH access by setting
210 disable all access to the repositories, disable SSH access by setting
183 ``ssh_enabled = false`` in the correct ``.ini`` file (i.e. the ``.ini`` file
211 ``ssh_enabled = false`` in the correct ``.ini`` file (i.e. the ``.ini`` file
184 specified in the ``authorized_keys`` file.)
212 specified in the ``authorized_keys`` file.)
185
213
186 The ``authorized_keys`` file can be updated manually with ``kallithea-cli
214 The ``authorized_keys`` file can be updated manually with ``kallithea-cli
187 ssh-update-authorized-keys -c my.ini``. This command is not needed in normal
215 ssh-update-authorized-keys -c my.ini``. This command is not needed in normal
188 operation but is for example useful after changing SSH-related settings in the
216 operation but is for example useful after changing SSH-related settings in the
189 ``.ini`` file or renaming that file. (The path to the ``.ini`` file is used in
217 ``.ini`` file or renaming that file. (The path to the ``.ini`` file is used in
190 the generated ``authorized_keys`` file).
218 the generated ``authorized_keys`` file).
191
219
192
220
193 Setting up Whoosh full text search
221 Setting up Whoosh full text search
194 ----------------------------------
222 ----------------------------------
195
223
196 Kallithea provides full text search of repositories using `Whoosh`__.
224 Kallithea provides full text search of repositories using `Whoosh`__.
197
225
198 .. __: https://whoosh.readthedocs.io/en/latest/
226 .. __: https://whoosh.readthedocs.io/en/latest/
199
227
200 For an incremental index build, run::
228 For an incremental index build, run::
201
229
202 kallithea-cli index-create -c my.ini
230 kallithea-cli index-create -c my.ini
203
231
204 For a full index rebuild, run::
232 For a full index rebuild, run::
205
233
206 kallithea-cli index-create -c my.ini --full
234 kallithea-cli index-create -c my.ini --full
207
235
208 The ``--repo-location`` option allows the location of the repositories to be overridden;
236 The ``--repo-location`` option allows the location of the repositories to be overridden;
209 usually, the location is retrieved from the Kallithea database.
237 usually, the location is retrieved from the Kallithea database.
210
238
211 The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
239 The ``--index-only`` option can be used to limit the indexed repositories to a comma-separated list::
212
240
213 kallithea-cli index-create -c my.ini --index-only=vcs,kallithea
241 kallithea-cli index-create -c my.ini --index-only=vcs,kallithea
214
242
215 To keep your index up-to-date it is necessary to do periodic index builds;
243 To keep your index up-to-date it is necessary to do periodic index builds;
216 for this, it is recommended to use a crontab entry. Example::
244 for this, it is recommended to use a crontab entry. Example::
217
245
218 0 3 * * * /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini
246 0 3 * * * /path/to/virtualenv/bin/kallithea-cli index-create -c /path/to/kallithea/my.ini
219
247
220 When using incremental mode (the default), Whoosh will check the last
248 When using incremental mode (the default), Whoosh will check the last
221 modification date of each file and add it to be reindexed if a newer file is
249 modification date of each file and add it to be reindexed if a newer file is
222 available. The indexing daemon checks for any removed files and removes them
250 available. The indexing daemon checks for any removed files and removes them
223 from index.
251 from index.
224
252
225 If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
253 If you want to rebuild the index from scratch, you can use the ``-f`` flag as above,
226 or in the admin panel you can check the "build from scratch" checkbox.
254 or in the admin panel you can check the "build from scratch" checkbox.
227
255
228
256
229 Integration with issue trackers
257 Integration with issue trackers
230 -------------------------------
258 -------------------------------
231
259
232 Kallithea provides a simple integration with issue trackers. It's possible
260 Kallithea provides a simple integration with issue trackers. It's possible
233 to define a regular expression that will match an issue ID in commit messages,
261 to define a regular expression that will match an issue ID in commit messages,
234 and have that replaced with a URL to the issue.
262 and have that replaced with a URL to the issue.
235
263
236 This is achieved with following three variables in the ini file::
264 This is achieved with following three variables in the ini file::
237
265
238 issue_pat = #(\d+)
266 issue_pat = #(\d+)
239 issue_server_link = https://issues.example.com/{repo}/issue/\1
267 issue_server_link = https://issues.example.com/{repo}/issue/\1
240 issue_sub =
268 issue_sub =
241
269
242 ``issue_pat`` is the regular expression describing which strings in
270 ``issue_pat`` is the regular expression describing which strings in
243 commit messages will be treated as issue references. The expression can/should
271 commit messages will be treated as issue references. The expression can/should
244 have one or more parenthesized groups that can later be referred to in
272 have one or more parenthesized groups that can later be referred to in
245 ``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups
273 ``issue_server_link`` and ``issue_sub`` (see below). If you prefer, named groups
246 can be used instead of simple parenthesized groups.
274 can be used instead of simple parenthesized groups.
247
275
248 If the pattern should only match if it is preceded by whitespace, add the
276 If the pattern should only match if it is preceded by whitespace, add the
249 following string before the actual pattern: ``(?:^|(?<=\s))``.
277 following string before the actual pattern: ``(?:^|(?<=\s))``.
250 If the pattern should only match if it is followed by whitespace, add the
278 If the pattern should only match if it is followed by whitespace, add the
251 following string after the actual pattern: ``(?:$|(?=\s))``.
279 following string after the actual pattern: ``(?:$|(?=\s))``.
252 These expressions use lookbehind and lookahead assertions of the Python regular
280 These expressions use lookbehind and lookahead assertions of the Python regular
253 expression module to avoid the whitespace to be part of the actual pattern,
281 expression module to avoid the whitespace to be part of the actual pattern,
254 otherwise the link text will also contain that whitespace.
282 otherwise the link text will also contain that whitespace.
255
283
256 Matched issue references are replaced with the link specified in
284 Matched issue references are replaced with the link specified in
257 ``issue_server_link``, in which any backreferences are resolved. Backreferences
285 ``issue_server_link``, in which any backreferences are resolved. Backreferences
258 can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.
286 can be ``\1``, ``\2``, ... or for named groups ``\g<groupname>``.
259 The special token ``{repo}`` is replaced with the full repository path
287 The special token ``{repo}`` is replaced with the full repository path
260 (including repository groups), while token ``{repo_name}`` is replaced with the
288 (including repository groups), while token ``{repo_name}`` is replaced with the
261 repository name (without repository groups).
289 repository name (without repository groups).
262
290
263 The link text is determined by ``issue_sub``, which can be a string containing
291 The link text is determined by ``issue_sub``, which can be a string containing
264 backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is
292 backreferences to the groups specified in ``issue_pat``. If ``issue_sub`` is
265 empty, then the text matched by ``issue_pat`` is used verbatim.
293 empty, then the text matched by ``issue_pat`` is used verbatim.
266
294
267 The example settings shown above match issues in the format ``#<number>``.
295 The example settings shown above match issues in the format ``#<number>``.
268 This will cause the text ``#300`` to be transformed into a link:
296 This will cause the text ``#300`` to be transformed into a link:
269
297
270 .. code-block:: html
298 .. code-block:: html
271
299
272 <a href="https://issues.example.com/example_repo/issue/300">#300</a>
300 <a href="https://issues.example.com/example_repo/issue/300">#300</a>
273
301
274 The following example transforms a text starting with either of 'pullrequest',
302 The following example transforms a text starting with either of 'pullrequest',
275 'pull request' or 'PR', followed by an optional space, then a pound character
303 'pull request' or 'PR', followed by an optional space, then a pound character
276 (#) and one or more digits, into a link with the text 'PR #' followed by the
304 (#) and one or more digits, into a link with the text 'PR #' followed by the
277 digits::
305 digits::
278
306
279 issue_pat = (pullrequest|pull request|PR) ?#(\d+)
307 issue_pat = (pullrequest|pull request|PR) ?#(\d+)
280 issue_server_link = https://issues.example.com/\2
308 issue_server_link = https://issues.example.com/\2
281 issue_sub = PR #\2
309 issue_sub = PR #\2
282
310
283 The following example demonstrates how to require whitespace before the issue
311 The following example demonstrates how to require whitespace before the issue
284 reference in order for it to be recognized, such that the text ``issue#123`` will
312 reference in order for it to be recognized, such that the text ``issue#123`` will
285 not cause a match, but ``issue #123`` will::
313 not cause a match, but ``issue #123`` will::
286
314
287 issue_pat = (?:^|(?<=\s))#(\d+)
315 issue_pat = (?:^|(?<=\s))#(\d+)
288 issue_server_link = https://issues.example.com/\1
316 issue_server_link = https://issues.example.com/\1
289 issue_sub =
317 issue_sub =
290
318
291 If needed, more than one pattern can be specified by appending a unique suffix to
319 If needed, more than one pattern can be specified by appending a unique suffix to
292 the variables. For example, also demonstrating the use of named groups::
320 the variables. For example, also demonstrating the use of named groups::
293
321
294 issue_pat_wiki = wiki-(?P<pagename>\S+)
322 issue_pat_wiki = wiki-(?P<pagename>\S+)
295 issue_server_link_wiki = https://wiki.example.com/\g<pagename>
323 issue_server_link_wiki = https://wiki.example.com/\g<pagename>
296 issue_sub_wiki = WIKI-\g<pagename>
324 issue_sub_wiki = WIKI-\g<pagename>
297
325
298 With these settings, wiki pages can be referenced as wiki-some-id, and every
326 With these settings, wiki pages can be referenced as wiki-some-id, and every
299 such reference will be transformed into:
327 such reference will be transformed into:
300
328
301 .. code-block:: html
329 .. code-block:: html
302
330
303 <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
331 <a href="https://wiki.example.com/some-id">WIKI-some-id</a>
304
332
305 Refer to the `Python regular expression documentation`_ for more details about
333 Refer to the `Python regular expression documentation`_ for more details about
306 the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.
334 the supported syntax in ``issue_pat``, ``issue_server_link`` and ``issue_sub``.
307
335
308
336
309 Hook management
337 Hook management
310 ---------------
338 ---------------
311
339
312 Hooks can be managed in similar way to that used in ``.hgrc`` files.
340 Hooks can be managed in similar way to that used in ``.hgrc`` files.
313 To manage hooks, choose *Admin > Settings > Hooks*.
341 To manage hooks, choose *Admin > Settings > Hooks*.
314
342
315 The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
343 The built-in hooks cannot be modified, though they can be enabled or disabled in the *VCS* section.
316
344
317 To add another custom hook simply fill in the first textbox with
345 To add another custom hook simply fill in the first textbox with
318 ``<name>.<hook_type>`` and the second with the hook path. Example hooks
346 ``<name>.<hook_type>`` and the second with the hook path. Example hooks
319 can be found in ``kallithea.lib.hooks``.
347 can be found in ``kallithea.lib.hooks``.
320
348
321
349
322 Changing default encoding
350 Changing default encoding
323 -------------------------
351 -------------------------
324
352
325 By default, Kallithea uses UTF-8 encoding.
353 By default, Kallithea uses UTF-8 encoding.
326 This is configurable as ``default_encoding`` in the .ini file.
354 This is configurable as ``default_encoding`` in the .ini file.
327 This affects many parts in Kallithea including user names, filenames, and
355 This affects many parts in Kallithea including user names, filenames, and
328 encoding of commit messages. In addition Kallithea can detect if the ``chardet``
356 encoding of commit messages. In addition Kallithea can detect if the ``chardet``
329 library is installed. If ``chardet`` is detected Kallithea will fallback to it
357 library is installed. If ``chardet`` is detected Kallithea will fallback to it
330 when there are encode/decode errors.
358 when there are encode/decode errors.
331
359
332 The Mercurial encoding is configurable as ``hgencoding``. It is similar to
360 The Mercurial encoding is configurable as ``hgencoding``. It is similar to
333 setting the ``HGENCODING`` environment variable, but will override it.
361 setting the ``HGENCODING`` environment variable, but will override it.
334
362
335
363
336 Celery configuration
364 Celery configuration
337 --------------------
365 --------------------
338
366
339 Kallithea can use the distributed task queue system Celery_ to run tasks like
367 Kallithea can use the distributed task queue system Celery_ to run tasks like
340 cloning repositories or sending emails.
368 cloning repositories or sending emails.
341
369
342 Kallithea will in most setups work perfectly fine out of the box (without
370 Kallithea will in most setups work perfectly fine out of the box (without
343 Celery), executing all tasks in the web server process. Some tasks can however
371 Celery), executing all tasks in the web server process. Some tasks can however
344 take some time to run and it can be better to run such tasks asynchronously in
372 take some time to run and it can be better to run such tasks asynchronously in
345 a separate process so the web server can focus on serving web requests.
373 a separate process so the web server can focus on serving web requests.
346
374
347 For installation and configuration of Celery, see the `Celery documentation`_.
375 For installation and configuration of Celery, see the `Celery documentation`_.
348 Note that Celery requires a message broker service like RabbitMQ_ (recommended)
376 Note that Celery requires a message broker service like RabbitMQ_ (recommended)
349 or Redis_.
377 or Redis_.
350
378
351 The use of Celery is configured in the Kallithea ini configuration file.
379 The use of Celery is configured in the Kallithea ini configuration file.
352 To enable it, simply set::
380 To enable it, simply set::
353
381
354 use_celery = true
382 use_celery = true
355
383
356 and add or change the ``celery.*`` configuration variables.
384 and add or change the ``celery.*`` configuration variables.
357
385
358 Configuration settings are prefixed with 'celery.', so for example setting
386 Configuration settings are prefixed with 'celery.', so for example setting
359 `broker_url` in Celery means setting `celery.broker_url` in the configuration
387 `broker_url` in Celery means setting `celery.broker_url` in the configuration
360 file.
388 file.
361
389
362 To start the Celery process, run::
390 To start the Celery process, run::
363
391
364 kallithea-cli celery-run -c my.ini
392 kallithea-cli celery-run -c my.ini
365
393
366 Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``
394 Extra options to the Celery worker can be passed after ``--`` - see ``-- -h``
367 for more info.
395 for more info.
368
396
369 .. note::
397 .. note::
370 Make sure you run this command from the same virtualenv, and with the same
398 Make sure you run this command from the same virtualenv, and with the same
371 user that Kallithea runs.
399 user that Kallithea runs.
372
400
373
401
374 HTTPS support
402 HTTPS support
375 -------------
403 -------------
376
404
377 Kallithea will by default generate URLs based on the WSGI environment.
405 Kallithea will by default generate URLs based on the WSGI environment.
378
406
379 Alternatively, you can use some special configuration settings to control
407 Alternatively, you can use some special configuration settings to control
380 directly which scheme/protocol Kallithea will use when generating URLs:
408 directly which scheme/protocol Kallithea will use when generating URLs:
381
409
382 - With ``https_fixup = true``, the scheme will be taken from the
410 - With ``https_fixup = true``, the scheme will be taken from the
383 ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
411 ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header
384 (default ``http``).
412 (default ``http``).
385 - With ``force_https = true`` the default will be ``https``.
413 - With ``force_https = true`` the default will be ``https``.
386 - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
414 - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https.
387
415
388 .. _nginx_virtual_host:
416 .. _nginx_virtual_host:
389
417
390
418
391 Nginx virtual host example
419 Nginx virtual host example
392 --------------------------
420 --------------------------
393
421
394 Sample config for Nginx using proxy:
422 Sample config for Nginx using proxy:
395
423
396 .. code-block:: nginx
424 .. code-block:: nginx
397
425
398 upstream kallithea {
426 upstream kallithea {
399 server 127.0.0.1:5000;
427 server 127.0.0.1:5000;
400 # add more instances for load balancing
428 # add more instances for load balancing
401 #server 127.0.0.1:5001;
429 #server 127.0.0.1:5001;
402 #server 127.0.0.1:5002;
430 #server 127.0.0.1:5002;
403 }
431 }
404
432
405 ## gist alias
433 ## gist alias
406 server {
434 server {
407 listen 443;
435 listen 443;
408 server_name gist.example.com;
436 server_name gist.example.com;
409 access_log /var/log/nginx/gist.access.log;
437 access_log /var/log/nginx/gist.access.log;
410 error_log /var/log/nginx/gist.error.log;
438 error_log /var/log/nginx/gist.error.log;
411
439
412 ssl on;
440 ssl on;
413 ssl_certificate gist.your.kallithea.server.crt;
441 ssl_certificate gist.your.kallithea.server.crt;
414 ssl_certificate_key gist.your.kallithea.server.key;
442 ssl_certificate_key gist.your.kallithea.server.key;
415
443
416 ssl_session_timeout 5m;
444 ssl_session_timeout 5m;
417
445
418 ssl_protocols SSLv3 TLSv1;
446 ssl_protocols SSLv3 TLSv1;
419 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
447 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
420 ssl_prefer_server_ciphers on;
448 ssl_prefer_server_ciphers on;
421
449
422 rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
450 rewrite ^/(.+)$ https://kallithea.example.com/_admin/gists/$1;
423 rewrite (.*) https://kallithea.example.com/_admin/gists;
451 rewrite (.*) https://kallithea.example.com/_admin/gists;
424 }
452 }
425
453
426 server {
454 server {
427 listen 443;
455 listen 443;
428 server_name kallithea.example.com
456 server_name kallithea.example.com
429 access_log /var/log/nginx/kallithea.access.log;
457 access_log /var/log/nginx/kallithea.access.log;
430 error_log /var/log/nginx/kallithea.error.log;
458 error_log /var/log/nginx/kallithea.error.log;
431
459
432 ssl on;
460 ssl on;
433 ssl_certificate your.kallithea.server.crt;
461 ssl_certificate your.kallithea.server.crt;
434 ssl_certificate_key your.kallithea.server.key;
462 ssl_certificate_key your.kallithea.server.key;
435
463
436 ssl_session_timeout 5m;
464 ssl_session_timeout 5m;
437
465
438 ssl_protocols SSLv3 TLSv1;
466 ssl_protocols SSLv3 TLSv1;
439 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
467 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
440 ssl_prefer_server_ciphers on;
468 ssl_prefer_server_ciphers on;
441
469
442 ## uncomment root directive if you want to serve static files by nginx
470 ## uncomment root directive if you want to serve static files by nginx
443 ## requires static_files = false in .ini file
471 ## requires static_files = false in .ini file
444 #root /srv/kallithea/kallithea/kallithea/public;
472 #root /srv/kallithea/kallithea/kallithea/public;
445 include /etc/nginx/proxy.conf;
473 include /etc/nginx/proxy.conf;
446 location / {
474 location / {
447 try_files $uri @kallithea;
475 try_files $uri @kallithea;
448 }
476 }
449
477
450 location @kallithea {
478 location @kallithea {
451 proxy_pass http://127.0.0.1:5000;
479 proxy_pass http://127.0.0.1:5000;
452 }
480 }
453
481
454 }
482 }
455
483
456 Here's the proxy.conf. It's tuned so it will not timeout on long
484 Here's the proxy.conf. It's tuned so it will not timeout on long
457 pushes or large pushes::
485 pushes or large pushes::
458
486
459 proxy_redirect off;
487 proxy_redirect off;
460 proxy_set_header Host $host;
488 proxy_set_header Host $host;
461 ## needed for container auth
489 ## needed for container auth
462 #proxy_set_header REMOTE_USER $remote_user;
490 #proxy_set_header REMOTE_USER $remote_user;
463 #proxy_set_header X-Forwarded-User $remote_user;
491 #proxy_set_header X-Forwarded-User $remote_user;
464 proxy_set_header X-Url-Scheme $scheme;
492 proxy_set_header X-Url-Scheme $scheme;
465 proxy_set_header X-Host $http_host;
493 proxy_set_header X-Host $http_host;
466 proxy_set_header X-Real-IP $remote_addr;
494 proxy_set_header X-Real-IP $remote_addr;
467 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
495 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
468 proxy_set_header Proxy-host $proxy_host;
496 proxy_set_header Proxy-host $proxy_host;
469 proxy_buffering off;
497 proxy_buffering off;
470 proxy_connect_timeout 7200;
498 proxy_connect_timeout 7200;
471 proxy_send_timeout 7200;
499 proxy_send_timeout 7200;
472 proxy_read_timeout 7200;
500 proxy_read_timeout 7200;
473 proxy_buffers 8 32k;
501 proxy_buffers 8 32k;
474 client_max_body_size 1024m;
502 client_max_body_size 1024m;
475 client_body_buffer_size 128k;
503 client_body_buffer_size 128k;
476 large_client_header_buffers 8 64k;
504 large_client_header_buffers 8 64k;
477
505
478 .. _apache_virtual_host_reverse_proxy:
506 .. _apache_virtual_host_reverse_proxy:
479
507
480
508
481 Apache virtual host reverse proxy example
509 Apache virtual host reverse proxy example
482 -----------------------------------------
510 -----------------------------------------
483
511
484 Here is a sample configuration file for Apache using proxy:
512 Here is a sample configuration file for Apache using proxy:
485
513
486 .. code-block:: apache
514 .. code-block:: apache
487
515
488 <VirtualHost *:80>
516 <VirtualHost *:80>
489 ServerName kallithea.example.com
517 ServerName kallithea.example.com
490
518
491 <Proxy *>
519 <Proxy *>
492 # For Apache 2.4 and later:
520 # For Apache 2.4 and later:
493 Require all granted
521 Require all granted
494
522
495 # For Apache 2.2 and earlier, instead use:
523 # For Apache 2.2 and earlier, instead use:
496 # Order allow,deny
524 # Order allow,deny
497 # Allow from all
525 # Allow from all
498 </Proxy>
526 </Proxy>
499
527
500 #important !
528 #important !
501 #Directive to properly generate url (clone url) for Kallithea
529 #Directive to properly generate url (clone url) for Kallithea
502 ProxyPreserveHost On
530 ProxyPreserveHost On
503
531
504 #kallithea instance
532 #kallithea instance
505 ProxyPass / http://127.0.0.1:5000/
533 ProxyPass / http://127.0.0.1:5000/
506 ProxyPassReverse / http://127.0.0.1:5000/
534 ProxyPassReverse / http://127.0.0.1:5000/
507
535
508 #to enable https use line below
536 #to enable https use line below
509 #SetEnvIf X-Url-Scheme https HTTPS=1
537 #SetEnvIf X-Url-Scheme https HTTPS=1
510 </VirtualHost>
538 </VirtualHost>
511
539
512 Additional tutorial
540 Additional tutorial
513 http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
541 http://pylonsbook.com/en/1.1/deployment.html#using-apache-to-proxy-requests-to-pylons
514
542
515 .. _apache_subdirectory:
543 .. _apache_subdirectory:
516
544
517
545
518 Apache as subdirectory
546 Apache as subdirectory
519 ----------------------
547 ----------------------
520
548
521 Apache subdirectory part:
549 Apache subdirectory part:
522
550
523 .. code-block:: apache
551 .. code-block:: apache
524
552
525 <Location /PREFIX >
553 <Location /PREFIX >
526 ProxyPass http://127.0.0.1:5000/PREFIX
554 ProxyPass http://127.0.0.1:5000/PREFIX
527 ProxyPassReverse http://127.0.0.1:5000/PREFIX
555 ProxyPassReverse http://127.0.0.1:5000/PREFIX
528 SetEnvIf X-Url-Scheme https HTTPS=1
556 SetEnvIf X-Url-Scheme https HTTPS=1
529 </Location>
557 </Location>
530
558
531 Besides the regular apache setup you will need to add the following line
559 Besides the regular apache setup you will need to add the following line
532 into ``[app:main]`` section of your .ini file::
560 into ``[app:main]`` section of your .ini file::
533
561
534 filter-with = proxy-prefix
562 filter-with = proxy-prefix
535
563
536 Add the following at the end of the .ini file::
564 Add the following at the end of the .ini file::
537
565
538 [filter:proxy-prefix]
566 [filter:proxy-prefix]
539 use = egg:PasteDeploy#prefix
567 use = egg:PasteDeploy#prefix
540 prefix = /PREFIX
568 prefix = /PREFIX
541
569
542 then change ``PREFIX`` into your chosen prefix
570 then change ``PREFIX`` into your chosen prefix
543
571
544 .. _apache_mod_wsgi:
572 .. _apache_mod_wsgi:
545
573
546
574
547 Apache with mod_wsgi
575 Apache with mod_wsgi
548 --------------------
576 --------------------
549
577
550 Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
578 Alternatively, Kallithea can be set up with Apache under mod_wsgi. For
551 that, you'll need to:
579 that, you'll need to:
552
580
553 - Install mod_wsgi. If using a Debian-based distro, you can install
581 - Install mod_wsgi. If using a Debian-based distro, you can install
554 the package libapache2-mod-wsgi::
582 the package libapache2-mod-wsgi::
555
583
556 aptitude install libapache2-mod-wsgi
584 aptitude install libapache2-mod-wsgi
557
585
558 - Enable mod_wsgi::
586 - Enable mod_wsgi::
559
587
560 a2enmod wsgi
588 a2enmod wsgi
561
589
562 - Add global Apache configuration to tell mod_wsgi that Python only will be
590 - Add global Apache configuration to tell mod_wsgi that Python only will be
563 used in the WSGI processes and shouldn't be initialized in the Apache
591 used in the WSGI processes and shouldn't be initialized in the Apache
564 processes::
592 processes::
565
593
566 WSGIRestrictEmbedded On
594 WSGIRestrictEmbedded On
567
595
568 - Create a WSGI dispatch script, like the one below. Make sure you
596 - Create a WSGI dispatch script, like the one below. Make sure you
569 check that the paths correctly point to where you installed Kallithea
597 check that the paths correctly point to where you installed Kallithea
570 and its Python Virtual Environment.
598 and its Python Virtual Environment.
571
599
572 .. code-block:: python
600 .. code-block:: python
573
601
574 import os
602 import os
575 os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
603 os.environ['PYTHON_EGG_CACHE'] = '/srv/kallithea/.egg-cache'
576
604
577 # sometimes it's needed to set the current dir
605 # sometimes it's needed to set the current dir
578 os.chdir('/srv/kallithea/')
606 os.chdir('/srv/kallithea/')
579
607
580 import site
608 import site
581 site.addsitedir("/srv/kallithea/venv/lib/python3.7/site-packages")
609 site.addsitedir("/srv/kallithea/venv/lib/python3.7/site-packages")
582
610
583 ini = '/srv/kallithea/my.ini'
611 ini = '/srv/kallithea/my.ini'
584 from logging.config import fileConfig
612 from logging.config import fileConfig
585 fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
613 fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
586 from paste.deploy import loadapp
614 from paste.deploy import loadapp
587 application = loadapp('config:' + ini)
615 application = loadapp('config:' + ini)
588
616
589 Or using proper virtualenv activation:
617 Or using proper virtualenv activation:
590
618
591 .. code-block:: python
619 .. code-block:: python
592
620
593 activate_this = '/srv/kallithea/venv/bin/activate_this.py'
621 activate_this = '/srv/kallithea/venv/bin/activate_this.py'
594 execfile(activate_this, dict(__file__=activate_this))
622 execfile(activate_this, dict(__file__=activate_this))
595
623
596 import os
624 import os
597 os.environ['HOME'] = '/srv/kallithea'
625 os.environ['HOME'] = '/srv/kallithea'
598
626
599 ini = '/srv/kallithea/kallithea.ini'
627 ini = '/srv/kallithea/kallithea.ini'
600 from logging.config import fileConfig
628 from logging.config import fileConfig
601 fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
629 fileConfig(ini, {'__file__': ini, 'here': '/srv/kallithea'})
602 from paste.deploy import loadapp
630 from paste.deploy import loadapp
603 application = loadapp('config:' + ini)
631 application = loadapp('config:' + ini)
604
632
605 - Add the necessary ``WSGI*`` directives to the Apache Virtual Host configuration
633 - Add the necessary ``WSGI*`` directives to the Apache Virtual Host configuration
606 file, like in the example below. Notice that the WSGI dispatch script created
634 file, like in the example below. Notice that the WSGI dispatch script created
607 above is referred to with the ``WSGIScriptAlias`` directive.
635 above is referred to with the ``WSGIScriptAlias`` directive.
608 The default locale settings Apache provides for web services are often not
636 The default locale settings Apache provides for web services are often not
609 adequate, with `C` as the default language and `ASCII` as the encoding.
637 adequate, with `C` as the default language and `ASCII` as the encoding.
610 Instead, use the ``lang`` parameter of ``WSGIDaemonProcess`` to specify a
638 Instead, use the ``lang`` parameter of ``WSGIDaemonProcess`` to specify a
611 suitable locale. See also the :ref:`overview` section and the
639 suitable locale. See also the :ref:`overview` section and the
612 `WSGIDaemonProcess documentation`_.
640 `WSGIDaemonProcess documentation`_.
613
641
614 Apache will by default run as a special Apache user, on Linux systems
642 Apache will by default run as a special Apache user, on Linux systems
615 usually ``www-data`` or ``apache``. If you need to have the repositories
643 usually ``www-data`` or ``apache``. If you need to have the repositories
616 directory owned by a different user, use the user and group options to
644 directory owned by a different user, use the user and group options to
617 WSGIDaemonProcess to set the name of the user and group.
645 WSGIDaemonProcess to set the name of the user and group.
618
646
619 Once again, check that all paths are correctly specified.
647 Once again, check that all paths are correctly specified.
620
648
621 .. code-block:: apache
649 .. code-block:: apache
622
650
623 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
651 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 \
624 python-home=/srv/kallithea/venv lang=C.UTF-8
652 python-home=/srv/kallithea/venv lang=C.UTF-8
625 WSGIProcessGroup kallithea
653 WSGIProcessGroup kallithea
626 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
654 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
627 WSGIPassAuthorization On
655 WSGIPassAuthorization On
628
656
629 Or if using a dispatcher WSGI script with proper virtualenv activation:
657 Or if using a dispatcher WSGI script with proper virtualenv activation:
630
658
631 .. code-block:: apache
659 .. code-block:: apache
632
660
633 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 lang=en_US.utf8
661 WSGIDaemonProcess kallithea processes=5 threads=1 maximum-requests=100 lang=en_US.utf8
634 WSGIProcessGroup kallithea
662 WSGIProcessGroup kallithea
635 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
663 WSGIScriptAlias / /srv/kallithea/dispatch.wsgi
636 WSGIPassAuthorization On
664 WSGIPassAuthorization On
637
665
638
666
639 Other configuration files
667 Other configuration files
640 -------------------------
668 -------------------------
641
669
642 A number of `example init.d scripts`__ can be found in
670 A number of `example init.d scripts`__ can be found in
643 the ``init.d`` directory of the Kallithea source.
671 the ``init.d`` directory of the Kallithea source.
644
672
645 .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
673 .. __: https://kallithea-scm.org/repos/kallithea/files/tip/init.d/ .
646
674
647
675
648 .. _python: http://www.python.org/
676 .. _python: http://www.python.org/
649 .. _Python regular expression documentation: https://docs.python.org/2/library/re.html
677 .. _Python regular expression documentation: https://docs.python.org/2/library/re.html
650 .. _Mercurial: https://www.mercurial-scm.org/
678 .. _Mercurial: https://www.mercurial-scm.org/
651 .. _Celery: http://celeryproject.org/
679 .. _Celery: http://celeryproject.org/
652 .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
680 .. _Celery documentation: http://docs.celeryproject.org/en/latest/getting-started/index.html
653 .. _RabbitMQ: http://www.rabbitmq.com/
681 .. _RabbitMQ: http://www.rabbitmq.com/
654 .. _Redis: http://redis.io/
682 .. _Redis: http://redis.io/
655 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
683 .. _mercurial-server: http://www.lshift.net/mercurial-server.html
656 .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories
684 .. _PublishingRepositories: https://www.mercurial-scm.org/wiki/PublishingRepositories
657 .. _WSGIDaemonProcess documentation: https://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIDaemonProcess.html
685 .. _WSGIDaemonProcess documentation: https://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIDaemonProcess.html
Show file before | Show file after | Hide comments
@@ -1,618 +1,618 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2 <%text>##</%text>#################################################################################
2 <%text>##</%text>#################################################################################
3 <%text>##</%text>#################################################################################
3 <%text>##</%text>#################################################################################
4 <%text>##</%text> Kallithea config file generated with kallithea-cli ${'%-27s' % version }##
4 <%text>##</%text> Kallithea config file generated with kallithea-cli ${'%-27s' % version }##
5 <%text>##</%text> ##
5 <%text>##</%text> ##
6 <%text>##</%text> The %(here)s variable will generally be replaced with the parent directory of ##
6 <%text>##</%text> The %(here)s variable will generally be replaced with the parent directory of ##
7 <%text>##</%text> this file. Other use of % must be escaped as %% . ##
7 <%text>##</%text> this file. Other use of % must be escaped as %% . ##
8 <%text>##</%text>#################################################################################
8 <%text>##</%text>#################################################################################
9 <%text>##</%text>#################################################################################
9 <%text>##</%text>#################################################################################
10
10
11 [DEFAULT]
11 [DEFAULT]
12
12
13 <%text>##</%text>##############################################################################
13 <%text>##</%text>##############################################################################
14 <%text>##</%text> Email settings ##
14 <%text>##</%text> Email settings ##
15 <%text>##</%text> ##
15 <%text>##</%text> ##
16 <%text>##</%text> Refer to the documentation ("Email settings") for more details. ##
16 <%text>##</%text> Refer to the documentation ("Email settings") for more details. ##
17 <%text>##</%text> ##
17 <%text>##</%text> ##
18 <%text>##</%text> It is recommended to use a valid sender address that passes access ##
18 <%text>##</%text> It is recommended to use a valid sender address that passes access ##
19 <%text>##</%text> validation and spam filtering in mail servers. ##
19 <%text>##</%text> validation and spam filtering in mail servers. ##
20 <%text>##</%text>##############################################################################
20 <%text>##</%text>##############################################################################
21
21
22 <%text>##</%text> 'From' header for application emails. You can optionally add a name.
22 <%text>##</%text> 'From' header for application emails. You can optionally add a name.
23 <%text>##</%text> Default:
23 <%text>##</%text> Default:
24 #app_email_from = Kallithea
24 #app_email_from = Kallithea
25 <%text>##</%text> Examples:
25 <%text>##</%text> Examples:
26 #app_email_from = Kallithea <kallithea-noreply@example.com>
26 #app_email_from = Kallithea <kallithea-noreply@example.com>
27 #app_email_from = kallithea-noreply@example.com
27 #app_email_from = kallithea-noreply@example.com
28
28
29 <%text>##</%text> Subject prefix for application emails.
29 <%text>##</%text> Subject prefix for application emails.
30 <%text>##</%text> A space between this prefix and the real subject is automatically added.
30 <%text>##</%text> A space between this prefix and the real subject is automatically added.
31 <%text>##</%text> Default:
31 <%text>##</%text> Default:
32 #email_prefix =
32 #email_prefix =
33 <%text>##</%text> Example:
33 <%text>##</%text> Example:
34 #email_prefix = [Kallithea]
34 #email_prefix = [Kallithea]
35
35
36 <%text>##</%text> Recipients for error emails and fallback recipients of application mails.
36 <%text>##</%text> Recipients for error emails and fallback recipients of application mails.
37 <%text>##</%text> Multiple addresses can be specified, comma-separated.
37 <%text>##</%text> Multiple addresses can be specified, comma-separated.
38 <%text>##</%text> Only addresses are allowed, do not add any name part.
38 <%text>##</%text> Only addresses are allowed, do not add any name part.
39 <%text>##</%text> Default:
39 <%text>##</%text> Default:
40 #email_to =
40 #email_to =
41 <%text>##</%text> Examples:
41 <%text>##</%text> Examples:
42 #email_to = admin@example.com
42 #email_to = admin@example.com
43 #email_to = admin@example.com,another_admin@example.com
43 #email_to = admin@example.com,another_admin@example.com
44 email_to =
44 email_to =
45
45
46 <%text>##</%text> 'From' header for error emails. You can optionally add a name.
46 <%text>##</%text> 'From' header for error emails. You can optionally add a name.
47 <%text>##</%text> Default: (none)
47 <%text>##</%text> Default: (none)
48 <%text>##</%text> Examples:
48 <%text>##</%text> Examples:
49 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
49 #error_email_from = Kallithea Errors <kallithea-noreply@example.com>
50 #error_email_from = kallithea_errors@example.com
50 #error_email_from = kallithea_errors@example.com
51 error_email_from =
51 error_email_from =
52
52
53 <%text>##</%text> SMTP server settings
53 <%text>##</%text> SMTP server settings
54 <%text>##</%text> If specifying credentials, make sure to use secure connections.
54 <%text>##</%text> If specifying credentials, make sure to use secure connections.
55 <%text>##</%text> Default: Send unencrypted unauthenticated mails to the specified smtp_server.
55 <%text>##</%text> Default: Send unencrypted unauthenticated mails to the specified smtp_server.
56 <%text>##</%text> For "SSL", use smtp_use_ssl = true and smtp_port = 465.
56 <%text>##</%text> For "SSL", use smtp_use_ssl = true and smtp_port = 465.
57 <%text>##</%text> For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
57 <%text>##</%text> For "STARTTLS", use smtp_use_tls = true and smtp_port = 587.
58 smtp_server =
58 smtp_server =
59 smtp_username =
59 smtp_username =
60 smtp_password =
60 smtp_password =
61 smtp_port =
61 smtp_port =
62 smtp_use_ssl = false
62 smtp_use_ssl = false
63 smtp_use_tls = false
63 smtp_use_tls = false
64
64
65 %if http_server != 'uwsgi':
65 %if http_server != 'uwsgi':
66 <%text>##</%text> Entry point for 'gearbox serve'
66 <%text>##</%text> Entry point for 'gearbox serve'
67 [server:main]
67 [server:main]
68 host = ${host}
68 host = ${host}
69 port = ${port}
69 port = ${port}
70
70
71 %if http_server == 'gearbox':
71 %if http_server == 'gearbox':
72 <%text>##</%text> Gearbox serve uses the built-in development web server ##
72 <%text>##</%text> Gearbox serve uses the built-in development web server ##
73 use = egg:gearbox#wsgiref
73 use = egg:gearbox#wsgiref
74 <%text>##</%text> nr of worker threads to spawn
74 <%text>##</%text> nr of worker threads to spawn
75 threadpool_workers = 1
75 threadpool_workers = 1
76 <%text>##</%text> max request before thread respawn
76 <%text>##</%text> max request before thread respawn
77 threadpool_max_requests = 100
77 threadpool_max_requests = 100
78 <%text>##</%text> option to use threads of process
78 <%text>##</%text> option to use threads of process
79 use_threadpool = true
79 use_threadpool = true
80
80
81 %elif http_server == 'gevent':
81 %elif http_server == 'gevent':
82 <%text>##</%text> Gearbox serve uses the gevent web server ##
82 <%text>##</%text> Gearbox serve uses the gevent web server ##
83 use = egg:gearbox#gevent
83 use = egg:gearbox#gevent
84
84
85 %elif http_server == 'waitress':
85 %elif http_server == 'waitress':
86 <%text>##</%text> Gearbox serve uses the Waitress web server ##
86 <%text>##</%text> Gearbox serve uses the Waitress web server ##
87 use = egg:waitress#main
87 use = egg:waitress#main
88 <%text>##</%text> avoid multi threading
88 <%text>##</%text> avoid multi threading
89 threads = 1
89 threads = 1
90 <%text>##</%text> allow push of repos bigger than the default of 1 GB
90 <%text>##</%text> allow push of repos bigger than the default of 1 GB
91 max_request_body_size = 107374182400
91 max_request_body_size = 107374182400
92 <%text>##</%text> use poll instead of select, fixes fd limits, may not work on old
92 <%text>##</%text> use poll instead of select, fixes fd limits, may not work on old
93 <%text>##</%text> windows systems.
93 <%text>##</%text> windows systems.
94 #asyncore_use_poll = True
94 #asyncore_use_poll = True
95
95
96 %elif http_server == 'gunicorn':
96 %elif http_server == 'gunicorn':
97 <%text>##</%text> Gearbox serve uses the Gunicorn web server ##
97 <%text>##</%text> Gearbox serve uses the Gunicorn web server ##
98 use = egg:gunicorn#main
98 use = egg:gunicorn#main
99 <%text>##</%text> number of process workers. You must set `instance_id = *` when this option
99 <%text>##</%text> number of process workers. You must set `instance_id = *` when this option
100 <%text>##</%text> is set to more than one worker
100 <%text>##</%text> is set to more than one worker
101 workers = 4
101 workers = 4
102 <%text>##</%text> process name
102 <%text>##</%text> process name
103 proc_name = kallithea
103 proc_name = kallithea
104 <%text>##</%text> type of worker class, one of sync, eventlet, gevent, tornado
104 <%text>##</%text> type of worker class, one of sync, eventlet, gevent, tornado
105 <%text>##</%text> recommended for bigger setup is using of of other than sync one
105 <%text>##</%text> recommended for bigger setup is using of of other than sync one
106 worker_class = sync
106 worker_class = sync
107 max_requests = 1000
107 max_requests = 1000
108 <%text>##</%text> amount of time a worker can handle request before it gets killed and
108 <%text>##</%text> amount of time a worker can handle request before it gets killed and
109 <%text>##</%text> restarted
109 <%text>##</%text> restarted
110 timeout = 3600
110 timeout = 3600
111
111
112 %endif
112 %endif
113 %else:
113 %else:
114 <%text>##</%text> UWSGI ##
114 <%text>##</%text> UWSGI ##
115 [uwsgi]
115 [uwsgi]
116 <%text>##</%text> Note: this section is parsed by the uWSGI .ini parser when run as:
116 <%text>##</%text> Note: this section is parsed by the uWSGI .ini parser when run as:
117 <%text>##</%text> uwsgi --venv /srv/kallithea/venv --ini-paste-logged my.ini
117 <%text>##</%text> uwsgi --venv /srv/kallithea/venv --ini-paste-logged my.ini
118 <%text>##</%text> Note: in uWSGI 2.0.18 or older, pastescript needs to be installed to
118 <%text>##</%text> Note: in uWSGI 2.0.18 or older, pastescript needs to be installed to
119 <%text>##</%text> get correct application logging. In later versions this is not necessary.
119 <%text>##</%text> get correct application logging. In later versions this is not necessary.
120 <%text>##</%text> pip install pastescript
120 <%text>##</%text> pip install pastescript
121
121
122 <%text>##</%text> HTTP Basics:
122 <%text>##</%text> HTTP Basics:
123 http-socket = ${host}:${port}
123 http-socket = ${host}:${port}
124 buffer-size = 65535 ; Mercurial will use huge GET headers for discovery
124 buffer-size = 65535 ; Mercurial will use huge GET headers for discovery
125
125
126 <%text>##</%text> Scaling:
126 <%text>##</%text> Scaling:
127 master = true ; Use separate master and worker processes
127 master = true ; Use separate master and worker processes
128 auto-procname = true ; Name worker processes accordingly
128 auto-procname = true ; Name worker processes accordingly
129 lazy = true ; App *must* be loaded in workers - db connections can't be shared
129 lazy = true ; App *must* be loaded in workers - db connections can't be shared
130 workers = 4 ; On demand scaling up to this many worker processes
130 workers = 4 ; On demand scaling up to this many worker processes
131 cheaper = 1 ; Initial and on demand scaling down to this many worker processes
131 cheaper = 1 ; Initial and on demand scaling down to this many worker processes
132 max-requests = 1000 ; Graceful reload of worker processes to avoid leaks
132 max-requests = 1000 ; Graceful reload of worker processes to avoid leaks
133
133
134 <%text>##</%text> Tweak defaults:
134 <%text>##</%text> Tweak defaults:
135 strict = true ; Fail on unknown config directives
135 strict = true ; Fail on unknown config directives
136 enable-threads = true ; Enable Python threads (not threaded workers)
136 enable-threads = true ; Enable Python threads (not threaded workers)
137 vacuum = true ; Delete sockets during shutdown
137 vacuum = true ; Delete sockets during shutdown
138 single-interpreter = true
138 single-interpreter = true
139 die-on-term = true ; Shutdown when receiving SIGTERM (default is respawn)
139 die-on-term = true ; Shutdown when receiving SIGTERM (default is respawn)
140 need-app = true ; Exit early if no app can be loaded.
140 need-app = true ; Exit early if no app can be loaded.
141 reload-on-exception = true ; Don't assume that the application worker can process more requests after a severe error
141 reload-on-exception = true ; Don't assume that the application worker can process more requests after a severe error
142
142
143 %endif
143 %endif
144 <%text>##</%text> middleware for hosting the WSGI application under a URL prefix
144 <%text>##</%text> middleware for hosting the WSGI application under a URL prefix
145 #[filter:proxy-prefix]
145 #[filter:proxy-prefix]
146 #use = egg:PasteDeploy#prefix
146 #use = egg:PasteDeploy#prefix
147 #prefix = /<your-prefix>
147 #prefix = /<your-prefix>
148
148
149 [app:main]
149 [app:main]
150 use = egg:kallithea
150 use = egg:kallithea
151 <%text>##</%text> enable proxy prefix middleware
151 <%text>##</%text> enable proxy prefix middleware
152 #filter-with = proxy-prefix
152 #filter-with = proxy-prefix
153
153
154 full_stack = true
154 full_stack = true
155 static_files = true
155 static_files = true
156
156
157 <%text>##</%text> Internationalization (see setup documentation for details)
157 <%text>##</%text> Internationalization (see setup documentation for details)
158 <%text>##</%text> By default, the languages requested by the browser are used if available, with English as default.
158 <%text>##</%text> By default, the languages requested by the browser are used if available, with English as default.
159 <%text>##</%text> Set i18n.enabled=false to disable automatic language choice.
159 <%text>##</%text> Set i18n.enabled=false to disable automatic language choice.
160 #i18n.enabled = true
160 #i18n.enabled = true
161 <%text>##</%text> To Force a language, set i18n.enabled=false and specify the language in i18n.lang.
161 <%text>##</%text> To Force a language, set i18n.enabled=false and specify the language in i18n.lang.
162 <%text>##</%text> Valid values are the names of subdirectories in kallithea/i18n with a LC_MESSAGES/kallithea.mo
162 <%text>##</%text> Valid values are the names of subdirectories in kallithea/i18n with a LC_MESSAGES/kallithea.mo
163 #i18n.lang = en
163 #i18n.lang = en
164
164
165 cache_dir = %(here)s/data
165 cache_dir = %(here)s/data
166 index_dir = %(here)s/data/index
166 index_dir = %(here)s/data/index
167
167
168 <%text>##</%text> uncomment and set this path to use archive download cache
168 <%text>##</%text> uncomment and set this path to use archive download cache
169 archive_cache_dir = %(here)s/tarballcache
169 archive_cache_dir = %(here)s/tarballcache
170
170
171 <%text>##</%text> change this to unique ID for security
171 <%text>##</%text> change this to unique ID for security
172 app_instance_uuid = ${uuid()}
172 app_instance_uuid = ${uuid()}
173
173
174 <%text>##</%text> cut off limit for large diffs (size in bytes)
174 <%text>##</%text> cut off limit for large diffs (size in bytes)
175 cut_off_limit = 256000
175 cut_off_limit = 256000
176
176
177 <%text>##</%text> force https in Kallithea, fixes https redirects, assumes it's always https
177 <%text>##</%text> force https in Kallithea, fixes https redirects, assumes it's always https
178 force_https = false
178 force_https = false
179
179
180 <%text>##</%text> use Strict-Transport-Security headers
180 <%text>##</%text> use Strict-Transport-Security headers
181 use_htsts = false
181 use_htsts = false
182
182
183 <%text>##</%text> number of commits stats will parse on each iteration
183 <%text>##</%text> number of commits stats will parse on each iteration
184 commit_parse_limit = 25
184 commit_parse_limit = 25
185
185
186 <%text>##</%text> Path to Python executable to be used for git hooks.
186 <%text>##</%text> Path to Python executable to be used for git hooks.
187 <%text>##</%text> This value will be written inside the git hook scripts as the text
187 <%text>##</%text> This value will be written inside the git hook scripts as the text
188 <%text>##</%text> after '#!' (shebang). When empty or not defined, the value of
188 <%text>##</%text> after '#!' (shebang). When empty or not defined, the value of
189 <%text>##</%text> 'sys.executable' at the time of installation of the git hooks is
189 <%text>##</%text> 'sys.executable' at the time of installation of the git hooks is
190 <%text>##</%text> used, which is correct in many cases but for example not when using uwsgi.
190 <%text>##</%text> used, which is correct in many cases but for example not when using uwsgi.
191 <%text>##</%text> If you change this setting, you should reinstall the Git hooks via
191 <%text>##</%text> If you change this setting, you should reinstall the Git hooks via
192 <%text>##</%text> Admin > Settings > Remap and Rescan.
192 <%text>##</%text> Admin > Settings > Remap and Rescan.
193 #git_hook_interpreter = /srv/kallithea/venv/bin/python3
193 #git_hook_interpreter = /srv/kallithea/venv/bin/python3
194 %if git_hook_interpreter:
194 %if git_hook_interpreter:
195 git_hook_interpreter = ${git_hook_interpreter}
195 git_hook_interpreter = ${git_hook_interpreter}
196 %endif
196 %endif
197
197
198 <%text>##</%text> path to git executable
198 <%text>##</%text> path to git executable
199 git_path = git
199 git_path = git
200
200
201 <%text>##</%text> git rev filter option, --all is the default filter, if you need to
201 <%text>##</%text> git rev filter option, --all is the default filter, if you need to
202 <%text>##</%text> hide all refs in changelog switch this to --branches --tags
202 <%text>##</%text> hide all refs in changelog switch this to --branches --tags
203 #git_rev_filter = --branches --tags
203 #git_rev_filter = --branches --tags
204
204
205 <%text>##</%text> RSS feed options
205 <%text>##</%text> RSS feed options
206 rss_cut_off_limit = 256000
206 rss_cut_off_limit = 256000
207 rss_items_per_page = 10
207 rss_items_per_page = 10
208 rss_include_diff = false
208 rss_include_diff = false
209
209
210 <%text>##</%text> options for showing and identifying changesets
210 <%text>##</%text> options for showing and identifying changesets
211 show_sha_length = 12
211 show_sha_length = 12
212 show_revision_number = false
212 show_revision_number = false
213
213
214 <%text>##</%text> Canonical URL to use when creating full URLs in UI and texts.
214 <%text>##</%text> Canonical URL to use when creating full URLs in UI and texts.
215 <%text>##</%text> Useful when the site is available under different names or protocols.
215 <%text>##</%text> Useful when the site is available under different names or protocols.
216 <%text>##</%text> Defaults to what is provided in the WSGI environment.
216 <%text>##</%text> Defaults to what is provided in the WSGI environment.
217 #canonical_url = https://kallithea.example.com/repos
217 #canonical_url = https://kallithea.example.com/repos
218
218
219 <%text>##</%text> gist URL alias, used to create nicer urls for gist. This should be an
219 <%text>##</%text> gist URL alias, used to create nicer urls for gist. This should be an
220 <%text>##</%text> url that does rewrites to _admin/gists/<gistid>.
220 <%text>##</%text> url that does rewrites to _admin/gists/<gistid>.
221 <%text>##</%text> example: http://gist.example.com/{gistid}. Empty means use the internal
221 <%text>##</%text> example: http://gist.example.com/{gistid}. Empty means use the internal
222 <%text>##</%text> Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
222 <%text>##</%text> Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid>
223 gist_alias_url =
223 gist_alias_url =
224
224
225 <%text>##</%text> default encoding used to convert from and to unicode
225 <%text>##</%text> default encoding used to convert from and to unicode
226 <%text>##</%text> can be also a comma separated list of encoding in case of mixed encodings
226 <%text>##</%text> can be also a comma separated list of encoding in case of mixed encodings
227 default_encoding = utf-8
227 default_encoding = utf-8
228
228
229 <%text>##</%text> Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea
229 <%text>##</%text> Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea
230 hgencoding = utf-8
230 hgencoding = utf-8
231
231
232 <%text>##</%text> issue tracker for Kallithea (leave blank to disable, absent for default)
232 <%text>##</%text> issue tracker for Kallithea (leave blank to disable, absent for default)
233 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
233 #bugtracker = https://bitbucket.org/conservancy/kallithea/issues
234
234
235 <%text>##</%text> issue tracking mapping for commit messages, comments, PR descriptions, ...
235 <%text>##</%text> issue tracking mapping for commit messages, comments, PR descriptions, ...
236 <%text>##</%text> Refer to the documentation ("Integration with issue trackers") for more details.
236 <%text>##</%text> Refer to the documentation ("Integration with issue trackers") for more details.
237
237
238 <%text>##</%text> regular expression to match issue references
238 <%text>##</%text> regular expression to match issue references
239 <%text>##</%text> This pattern may/should contain parenthesized groups, that can
239 <%text>##</%text> This pattern may/should contain parenthesized groups, that can
240 <%text>##</%text> be referred to in issue_server_link or issue_sub using Python backreferences
240 <%text>##</%text> be referred to in issue_server_link or issue_sub using Python backreferences
241 <%text>##</%text> (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.
241 <%text>##</%text> (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.
242 <%text>##</%text> To require mandatory whitespace before the issue pattern, use:
242 <%text>##</%text> To require mandatory whitespace before the issue pattern, use:
243 <%text>##</%text> (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace
243 <%text>##</%text> (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace
244 <%text>##</%text> behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.
244 <%text>##</%text> behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.
245
245
246 issue_pat = #(\d+)
246 issue_pat = #(\d+)
247
247
248 <%text>##</%text> server url to the issue
248 <%text>##</%text> server url to the issue
249 <%text>##</%text> This pattern may/should contain backreferences to parenthesized groups in issue_pat.
249 <%text>##</%text> This pattern may/should contain backreferences to parenthesized groups in issue_pat.
250 <%text>##</%text> A backreference can be \1, \2, ... or \g<groupname> if you specified a named group
250 <%text>##</%text> A backreference can be \1, \2, ... or \g<groupname> if you specified a named group
251 <%text>##</%text> called 'groupname' in issue_pat.
251 <%text>##</%text> called 'groupname' in issue_pat.
252 <%text>##</%text> The special token {repo} is replaced with the full repository name
252 <%text>##</%text> The special token {repo} is replaced with the full repository name
253 <%text>##</%text> including repository groups, while {repo_name} is replaced with just
253 <%text>##</%text> including repository groups, while {repo_name} is replaced with just
254 <%text>##</%text> the name of the repository.
254 <%text>##</%text> the name of the repository.
255
255
256 issue_server_link = https://issues.example.com/{repo}/issue/\1
256 issue_server_link = https://issues.example.com/{repo}/issue/\1
257
257
258 <%text>##</%text> substitution pattern to use as the link text
258 <%text>##</%text> substitution pattern to use as the link text
259 <%text>##</%text> If issue_sub is empty, the text matched by issue_pat is retained verbatim
259 <%text>##</%text> If issue_sub is empty, the text matched by issue_pat is retained verbatim
260 <%text>##</%text> for the link text. Otherwise, the link text is that of issue_sub, with any
260 <%text>##</%text> for the link text. Otherwise, the link text is that of issue_sub, with any
261 <%text>##</%text> backreferences to groups in issue_pat replaced.
261 <%text>##</%text> backreferences to groups in issue_pat replaced.
262
262
263 issue_sub =
263 issue_sub =
264
264
265 <%text>##</%text> issue_pat, issue_server_link and issue_sub can have suffixes to specify
265 <%text>##</%text> issue_pat, issue_server_link and issue_sub can have suffixes to specify
266 <%text>##</%text> multiple patterns, to other issues server, wiki or others
266 <%text>##</%text> multiple patterns, to other issues server, wiki or others
267 <%text>##</%text> below an example how to create a wiki pattern
267 <%text>##</%text> below an example how to create a wiki pattern
268 <%text>##</%text> wiki-some-id -> https://wiki.example.com/some-id
268 <%text>##</%text> wiki-some-id -> https://wiki.example.com/some-id
269
269
270 #issue_pat_wiki = wiki-(\S+)
270 #issue_pat_wiki = wiki-(\S+)
271 #issue_server_link_wiki = https://wiki.example.com/\1
271 #issue_server_link_wiki = https://wiki.example.com/\1
272 #issue_sub_wiki = WIKI-\1
272 #issue_sub_wiki = WIKI-\1
273
273
274 <%text>##</%text> alternative return HTTP header for failed authentication. Default HTTP
274 <%text>##</%text> alternative return HTTP header for failed authentication. Default HTTP
275 <%text>##</%text> response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
275 <%text>##</%text> response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with
276 <%text>##</%text> handling that. Set this variable to 403 to return HTTPForbidden
276 <%text>##</%text> handling that. Set this variable to 403 to return HTTPForbidden
277 auth_ret_code =
277 auth_ret_code =
278
278
279 <%text>##</%text> allows to change the repository location in settings page
279 <%text>##</%text> allows to change the repository location in settings page
280 allow_repo_location_change = True
280 allow_repo_location_change = True
281
281
282 <%text>##</%text> allows to setup custom hooks in settings page
282 <%text>##</%text> allows to setup custom hooks in settings page
283 allow_custom_hooks_settings = True
283 allow_custom_hooks_settings = True
284
284
285 <%text>##</%text> extra extensions for indexing, space separated and without the leading '.'.
285 <%text>##</%text> extra extensions for indexing, space separated and without the leading '.'.
286 #index.extensions =
286 #index.extensions =
287 # gemfile
287 # gemfile
288 # lock
288 # lock
289
289
290 <%text>##</%text> extra filenames for indexing, space separated
290 <%text>##</%text> extra filenames for indexing, space separated
291 #index.filenames =
291 #index.filenames =
292 # .dockerignore
292 # .dockerignore
293 # .editorconfig
293 # .editorconfig
294 # INSTALL
294 # INSTALL
295 # CHANGELOG
295 # CHANGELOG
296
296
297 <%text>##</%text>##################################
297 <%text>##</%text>##################################
298 <%text>##</%text> SSH CONFIG ##
298 <%text>##</%text> SSH CONFIG ##
299 <%text>##</%text>##################################
299 <%text>##</%text>##################################
300
300
301 <%text>##</%text> SSH is disabled by default, until an Administrator decides to enable it.
301 <%text>##</%text> SSH is disabled by default, until an Administrator decides to enable it.
302 ssh_enabled = false
302 ssh_enabled = false
303
303
304 <%text>##</%text> File where users' SSH keys will be stored *if* ssh_enabled is true.
304 <%text>##</%text> File where users' SSH keys will be stored *if* ssh_enabled is true.
305 #ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
305 #ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys
306 %if user_home_path:
306 %if user_home_path:
307 ssh_authorized_keys = ${user_home_path}/.ssh/authorized_keys
307 ssh_authorized_keys = ${user_home_path}/.ssh/authorized_keys
308 %endif
308 %endif
309
309
310 <%text>##</%text> Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.
310 <%text>##</%text> Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.
311 #kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
311 #kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli
312 %if kallithea_cli_path:
312 %if kallithea_cli_path:
313 kallithea_cli_path = ${kallithea_cli_path}
313 kallithea_cli_path = ${kallithea_cli_path}
314 %endif
314 %endif
315
315
316 <%text>##</%text> Locale to be used in the ssh-serve command.
316 <%text>##</%text> Locale to be used in the ssh-serve command.
317 <%text>##</%text> This is needed because an SSH client may try to use its own locale
317 <%text>##</%text> This is needed because an SSH client may try to use its own locale
318 <%text>##</%text> settings, which may not be available on the server.
318 <%text>##</%text> settings, which may not be available on the server.
319 <%text>##</%text> See `locale -a` for valid values on this system.
319 <%text>##</%text> See `locale -a` for valid values on this system.
320 #ssh_locale = C.UTF-8
320 #ssh_locale = C.UTF-8
321 %if ssh_locale:
321 %if ssh_locale:
322 ssh_locale = ${ssh_locale}
322 ssh_locale = ${ssh_locale}
323 %endif
323 %endif
324
324
325 <%text>##</%text>##################################
325 <%text>##</%text>##################################
326 <%text>##</%text> CELERY CONFIG ##
326 <%text>##</%text> CELERY CONFIG ##
327 <%text>##</%text>##################################
327 <%text>##</%text>##################################
328
328
329 <%text>##</%text> Note: Celery doesn't support Windows.
329 <%text>##</%text> Note: Celery doesn't support Windows.
330 use_celery = false
330 use_celery = false
331
331
332 <%text>##</%text> Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.
332 <%text>##</%text> Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.
333
333
334 <%text>##</%text> Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':
334 <%text>##</%text> Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':
335 celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost
335 celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost
336
336
337 celery.result.backend = db+sqlite:///celery-results.db
337 celery.result.backend = db+sqlite:///celery-results.db
338
338
339 #celery.amqp.task.result.expires = 18000
339 #celery.amqp.task.result.expires = 18000
340
340
341 celery.worker_concurrency = 2
341 celery.worker_concurrency = 2
342 celery.worker_max_tasks_per_child = 1
342 celery.worker_max_tasks_per_child = 1
343
343
344 <%text>##</%text> If true, tasks will never be sent to the queue, but executed locally instead.
344 <%text>##</%text> If true, tasks will never be sent to the queue, but executed locally instead.
345 celery.task_always_eager = false
345 celery.task_always_eager = false
346
346
347 <%text>##</%text>##################################
347 <%text>##</%text>##################################
348 <%text>##</%text> BEAKER CACHE ##
348 <%text>##</%text> BEAKER CACHE ##
349 <%text>##</%text>##################################
349 <%text>##</%text>##################################
350
350
351 beaker.cache.data_dir = %(here)s/data/cache/data
351 beaker.cache.data_dir = %(here)s/data/cache/data
352 beaker.cache.lock_dir = %(here)s/data/cache/lock
352 beaker.cache.lock_dir = %(here)s/data/cache/lock
353
353
354 beaker.cache.regions = long_term,long_term_file
354 beaker.cache.regions = long_term,long_term_file
355
355
356 beaker.cache.long_term.type = memory
356 beaker.cache.long_term.type = memory
357 beaker.cache.long_term.expire = 36000
357 beaker.cache.long_term.expire = 36000
358 beaker.cache.long_term.key_length = 256
358 beaker.cache.long_term.key_length = 256
359
359
360 beaker.cache.long_term_file.type = file
360 beaker.cache.long_term_file.type = file
361 beaker.cache.long_term_file.expire = 604800
361 beaker.cache.long_term_file.expire = 604800
362 beaker.cache.long_term_file.key_length = 256
362 beaker.cache.long_term_file.key_length = 256
363
363
364 <%text>##</%text>##################################
364 <%text>##</%text>##################################
365 <%text>##</%text> BEAKER SESSION ##
365 <%text>##</%text> BEAKER SESSION ##
366 <%text>##</%text>##################################
366 <%text>##</%text>##################################
367
367
368 <%text>##</%text> Name of session cookie. Should be unique for a given host and path, even when running
368 <%text>##</%text> Name of session cookie. Should be unique for a given host and path, even when running
369 <%text>##</%text> on different ports. Otherwise, cookie sessions will be shared and messed up.
369 <%text>##</%text> on different ports. Otherwise, cookie sessions will be shared and messed up.
370 session.key = kallithea
370 session.key = kallithea
371 <%text>##</%text> Sessions should always only be accessible by the browser, not directly by JavaScript.
371 <%text>##</%text> Sessions should always only be accessible by the browser, not directly by JavaScript.
372 session.httponly = true
372 session.httponly = true
373 <%text>##</%text> Session lifetime. 2592000 seconds is 30 days.
373 <%text>##</%text> Session lifetime. 2592000 seconds is 30 days.
374 session.timeout = 2592000
374 session.timeout = 2592000
375
375
376 <%text>##</%text> Server secret used with HMAC to ensure integrity of cookies.
376 <%text>##</%text> Server secret used with HMAC to ensure integrity of cookies.
377 session.secret = ${uuid()}
377 session.secret = ${uuid()}
378 <%text>##</%text> Further, encrypt the data with AES.
378 <%text>##</%text> Further, encrypt the data with AES.
379 #session.encrypt_key = <key_for_encryption>
379 #session.encrypt_key = <key_for_encryption>
380 #session.validate_key = <validation_key>
380 #session.validate_key = <validation_key>
381
381
382 <%text>##</%text> Type of storage used for the session, current types are
382 <%text>##</%text> Type of storage used for the session, current types are
383 <%text>##</%text> dbm, file, memcached, database, and memory.
383 <%text>##</%text> dbm, file, memcached, database, and memory.
384
384
385 <%text>##</%text> File system storage of session data. (default)
385 <%text>##</%text> File system storage of session data. (default)
386 #session.type = file
386 #session.type = file
387
387
388 <%text>##</%text> Cookie only, store all session data inside the cookie. Requires secure secrets.
388 <%text>##</%text> Cookie only, store all session data inside the cookie. Requires secure secrets.
389 #session.type = cookie
389 #session.type = cookie
390
390
391 <%text>##</%text> Database storage of session data.
391 <%text>##</%text> Database storage of session data.
392 #session.type = ext:database
392 #session.type = ext:database
393 #session.sa.url = postgresql://postgres:qwe@localhost/kallithea
393 #session.sa.url = postgresql://postgres:qwe@localhost/kallithea
394 #session.table_name = db_session
394 #session.table_name = db_session
395
395
396 <%text>##</%text>##################################
396 <%text>##</%text>##################################
397 <%text>##</%text> ERROR HANDLING ##
397 <%text>##</%text> ERROR HANDLING ##
398 <%text>##</%text>##################################
398 <%text>##</%text>##################################
399
399
400 <%text>##</%text> Show a nice error page for application HTTP errors and exceptions (default true)
400 <%text>##</%text> Show a nice error page for application HTTP errors and exceptions (default true)
401 #errorpage.enabled = true
401 #errorpage.enabled = true
402
402
403 <%text>##</%text> Enable Backlash client-side interactive debugger (default false)
403 <%text>##</%text> Enable Backlash client-side interactive debugger (default false)
404 <%text>##</%text> WARNING: *THIS MUST BE false IN PRODUCTION ENVIRONMENTS!!!*
404 <%text>##</%text> WARNING: *THIS MUST BE false IN PRODUCTION ENVIRONMENTS!!!*
405 <%text>##</%text> This debug mode will allow all visitors to execute malicious code.
405 <%text>##</%text> This debug mode will allow all visitors to execute malicious code.
406 #debug = false
406 #debug = false
407
407
408 <%text>##</%text> Enable Backlash server-side error reporting (unless debug mode handles it client-side) (default true)
408 <%text>##</%text> Enable Backlash server-side error reporting (unless debug mode handles it client-side) (default true)
409 #trace_errors.enable = true
409 #trace_errors.enable = true
410 <%text>##</%text> Errors will be reported by mail if trace_errors.error_email is set.
410 <%text>##</%text> Errors will be reported by mail if trace_errors.error_email is set.
411
411
412 <%text>##</%text> Propagate email settings to ErrorReporter of TurboGears2
412 <%text>##</%text> Propagate email settings to ErrorReporter of TurboGears2
413 <%text>##</%text> You do not normally need to change these lines
413 <%text>##</%text> You do not normally need to change these lines
414 get trace_errors.smtp_server = smtp_server
414 get trace_errors.smtp_server = smtp_server
415 get trace_errors.smtp_port = smtp_port
415 get trace_errors.smtp_port = smtp_port
416 get trace_errors.from_address = error_email_from
416 get trace_errors.from_address = error_email_from
417 get trace_errors.error_email = email_to
417 get trace_errors.error_email = email_to
418 get trace_errors.smtp_username = smtp_username
418 get trace_errors.smtp_username = smtp_username
419 get trace_errors.smtp_password = smtp_password
419 get trace_errors.smtp_password = smtp_password
420 get trace_errors.smtp_use_tls = smtp_use_tls
420 get trace_errors.smtp_use_tls = smtp_use_tls
421
421
422 %if error_aggregation_service == 'sentry':
422 %if error_aggregation_service == 'sentry':
423 <%text>##</%text>##############
423 <%text>##</%text>##############
424 <%text>##</%text> [sentry] ##
424 <%text>##</%text> [sentry] ##
425 <%text>##</%text>##############
425 <%text>##</%text>##############
426
426
427 <%text>##</%text> sentry is a alternative open source error aggregator
427 <%text>##</%text> sentry is a alternative open source error aggregator
428 <%text>##</%text> you must install python packages `sentry` and `raven` to enable
428 <%text>##</%text> you must install python packages `sentry` and `raven` to enable
429
429
430 sentry.dsn = YOUR_DNS
430 sentry.dsn = YOUR_DNS
431 sentry.servers =
431 sentry.servers =
432 sentry.name =
432 sentry.name =
433 sentry.key =
433 sentry.key =
434 sentry.public_key =
434 sentry.public_key =
435 sentry.secret_key =
435 sentry.secret_key =
436 sentry.project =
436 sentry.project =
437 sentry.site =
437 sentry.site =
438 sentry.include_paths =
438 sentry.include_paths =
439 sentry.exclude_paths =
439 sentry.exclude_paths =
440
440
441 %endif
441 %endif
442
442
443 <%text>##</%text>################################
443 <%text>##</%text>################################
444 <%text>##</%text> LOGVIEW CONFIG ##
444 <%text>##</%text> LOGVIEW CONFIG ##
445 <%text>##</%text>################################
445 <%text>##</%text>################################
446
446
447 logview.sqlalchemy = #faa
447 logview.sqlalchemy = #faa
448 logview.pylons.templating = #bfb
448 logview.pylons.templating = #bfb
449 logview.pylons.util = #eee
449 logview.pylons.util = #eee
450
450
451 <%text>##</%text>#######################
451 <%text>##</%text>#######################
452 <%text>##</%text> DB CONFIG ##
452 <%text>##</%text> DB CONFIG ##
453 <%text>##</%text>#######################
453 <%text>##</%text>#######################
454
454
455 %if database_engine == 'sqlite':
455 %if database_engine == 'sqlite':
456 sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
456 sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
457 %else:
457 %else:
458 #sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
458 #sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
459 %endif
459 %endif
460 %if database_engine == 'postgres':
460 %if database_engine == 'postgres':
461 sqlalchemy.url = postgresql://user:pass@localhost/kallithea
461 sqlalchemy.url = postgresql://kallithea:password@localhost/kallithea
462 %else:
462 %else:
463 #sqlalchemy.url = postgresql://user:pass@localhost/kallithea
463 #sqlalchemy.url = postgresql://kallithea:password@localhost/kallithea
464 %endif
464 %endif
465 %if database_engine == 'mysql':
465 %if database_engine == 'mysql':
466 sqlalchemy.url = mysql://user:pass@localhost/kallithea?charset=utf8
466 sqlalchemy.url = mysql://kallithea:password@localhost/kallithea?charset=utf8
467 %else:
467 %else:
468 #sqlalchemy.url = mysql://user:pass@localhost/kallithea?charset=utf8
468 #sqlalchemy.url = mysql://kallithea:password@localhost/kallithea?charset=utf8
469 %endif
469 %endif
470 <%text>##</%text> Note: the mysql:// prefix should also be used for MariaDB
470 <%text>##</%text> Note: the mysql:// prefix should also be used for MariaDB
471
471
472 sqlalchemy.pool_recycle = 3600
472 sqlalchemy.pool_recycle = 3600
473
473
474 <%text>##</%text>##############################
474 <%text>##</%text>##############################
475 <%text>##</%text> ALEMBIC CONFIGURATION ##
475 <%text>##</%text> ALEMBIC CONFIGURATION ##
476 <%text>##</%text>##############################
476 <%text>##</%text>##############################
477
477
478 [alembic]
478 [alembic]
479 script_location = kallithea:alembic
479 script_location = kallithea:alembic
480
480
481 <%text>##</%text>##############################
481 <%text>##</%text>##############################
482 <%text>##</%text> LOGGING CONFIGURATION ##
482 <%text>##</%text> LOGGING CONFIGURATION ##
483 <%text>##</%text>##############################
483 <%text>##</%text>##############################
484
484
485 [loggers]
485 [loggers]
486 keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash
486 keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash
487
487
488 [handlers]
488 [handlers]
489 keys = console, console_color, console_color_sql, null
489 keys = console, console_color, console_color_sql, null
490
490
491 [formatters]
491 [formatters]
492 keys = generic, color_formatter, color_formatter_sql
492 keys = generic, color_formatter, color_formatter_sql
493
493
494 <%text>##</%text>###########
494 <%text>##</%text>###########
495 <%text>##</%text> LOGGERS ##
495 <%text>##</%text> LOGGERS ##
496 <%text>##</%text>###########
496 <%text>##</%text>###########
497
497
498 [logger_root]
498 [logger_root]
499 level = NOTSET
499 level = NOTSET
500 handlers = console
500 handlers = console
501 <%text>##</%text> For coloring based on log level:
501 <%text>##</%text> For coloring based on log level:
502 #handlers = console_color
502 #handlers = console_color
503
503
504 [logger_routes]
504 [logger_routes]
505 level = WARN
505 level = WARN
506 handlers =
506 handlers =
507 qualname = routes.middleware
507 qualname = routes.middleware
508 <%text>##</%text> "level = DEBUG" logs the route matched and routing variables.
508 <%text>##</%text> "level = DEBUG" logs the route matched and routing variables.
509
509
510 [logger_beaker]
510 [logger_beaker]
511 level = WARN
511 level = WARN
512 handlers =
512 handlers =
513 qualname = beaker.container
513 qualname = beaker.container
514
514
515 [logger_templates]
515 [logger_templates]
516 level = WARN
516 level = WARN
517 handlers =
517 handlers =
518 qualname = pylons.templating
518 qualname = pylons.templating
519
519
520 [logger_kallithea]
520 [logger_kallithea]
521 level = WARN
521 level = WARN
522 handlers =
522 handlers =
523 qualname = kallithea
523 qualname = kallithea
524
524
525 [logger_tg]
525 [logger_tg]
526 level = WARN
526 level = WARN
527 handlers =
527 handlers =
528 qualname = tg
528 qualname = tg
529
529
530 [logger_gearbox]
530 [logger_gearbox]
531 level = WARN
531 level = WARN
532 handlers =
532 handlers =
533 qualname = gearbox
533 qualname = gearbox
534
534
535 [logger_sqlalchemy]
535 [logger_sqlalchemy]
536 level = WARN
536 level = WARN
537 handlers =
537 handlers =
538 qualname = sqlalchemy.engine
538 qualname = sqlalchemy.engine
539 <%text>##</%text> For coloring based on log level and pretty printing of SQL:
539 <%text>##</%text> For coloring based on log level and pretty printing of SQL:
540 #level = INFO
540 #level = INFO
541 #handlers = console_color_sql
541 #handlers = console_color_sql
542 #propagate = 0
542 #propagate = 0
543
543
544 [logger_whoosh_indexer]
544 [logger_whoosh_indexer]
545 level = WARN
545 level = WARN
546 handlers =
546 handlers =
547 qualname = whoosh_indexer
547 qualname = whoosh_indexer
548
548
549 [logger_werkzeug]
549 [logger_werkzeug]
550 level = WARN
550 level = WARN
551 handlers =
551 handlers =
552 qualname = werkzeug
552 qualname = werkzeug
553
553
554 [logger_backlash]
554 [logger_backlash]
555 level = WARN
555 level = WARN
556 handlers =
556 handlers =
557 qualname = backlash
557 qualname = backlash
558
558
559 <%text>##</%text>############
559 <%text>##</%text>############
560 <%text>##</%text> HANDLERS ##
560 <%text>##</%text> HANDLERS ##
561 <%text>##</%text>############
561 <%text>##</%text>############
562
562
563 [handler_console]
563 [handler_console]
564 class = StreamHandler
564 class = StreamHandler
565 args = (sys.stderr,)
565 args = (sys.stderr,)
566 formatter = generic
566 formatter = generic
567
567
568 [handler_console_color]
568 [handler_console_color]
569 <%text>##</%text> ANSI color coding based on log level
569 <%text>##</%text> ANSI color coding based on log level
570 class = StreamHandler
570 class = StreamHandler
571 args = (sys.stderr,)
571 args = (sys.stderr,)
572 formatter = color_formatter
572 formatter = color_formatter
573
573
574 [handler_console_color_sql]
574 [handler_console_color_sql]
575 <%text>##</%text> ANSI color coding and pretty printing of SQL statements
575 <%text>##</%text> ANSI color coding and pretty printing of SQL statements
576 class = StreamHandler
576 class = StreamHandler
577 args = (sys.stderr,)
577 args = (sys.stderr,)
578 formatter = color_formatter_sql
578 formatter = color_formatter_sql
579
579
580 [handler_null]
580 [handler_null]
581 class = NullHandler
581 class = NullHandler
582 args = ()
582 args = ()
583
583
584 <%text>##</%text>##############
584 <%text>##</%text>##############
585 <%text>##</%text> FORMATTERS ##
585 <%text>##</%text> FORMATTERS ##
586 <%text>##</%text>##############
586 <%text>##</%text>##############
587
587
588 [formatter_generic]
588 [formatter_generic]
589 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
589 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
590 datefmt = %Y-%m-%d %H:%M:%S
590 datefmt = %Y-%m-%d %H:%M:%S
591
591
592 [formatter_color_formatter]
592 [formatter_color_formatter]
593 class = kallithea.lib.colored_formatter.ColorFormatter
593 class = kallithea.lib.colored_formatter.ColorFormatter
594 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
594 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
595 datefmt = %Y-%m-%d %H:%M:%S
595 datefmt = %Y-%m-%d %H:%M:%S
596
596
597 [formatter_color_formatter_sql]
597 [formatter_color_formatter_sql]
598 class = kallithea.lib.colored_formatter.ColorFormatterSql
598 class = kallithea.lib.colored_formatter.ColorFormatterSql
599 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
599 format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
600 datefmt = %Y-%m-%d %H:%M:%S
600 datefmt = %Y-%m-%d %H:%M:%S
601
601
602 <%text>##</%text>###############
602 <%text>##</%text>###############
603 <%text>##</%text> SSH LOGGING ##
603 <%text>##</%text> SSH LOGGING ##
604 <%text>##</%text>###############
604 <%text>##</%text>###############
605
605
606 <%text>##</%text> The default loggers use 'handler_console' that uses StreamHandler with
606 <%text>##</%text> The default loggers use 'handler_console' that uses StreamHandler with
607 <%text>##</%text> destination 'sys.stderr'. In the context of the SSH server process, these log
607 <%text>##</%text> destination 'sys.stderr'. In the context of the SSH server process, these log
608 <%text>##</%text> messages would be sent to the client, which is normally not what you want.
608 <%text>##</%text> messages would be sent to the client, which is normally not what you want.
609 <%text>##</%text> By default, when running ssh-serve, just use NullHandler and disable logging
609 <%text>##</%text> By default, when running ssh-serve, just use NullHandler and disable logging
610 <%text>##</%text> completely. For other logging options, see:
610 <%text>##</%text> completely. For other logging options, see:
611 <%text>##</%text> https://docs.python.org/2/library/logging.handlers.html
611 <%text>##</%text> https://docs.python.org/2/library/logging.handlers.html
612
612
613 [ssh_serve:logger_root]
613 [ssh_serve:logger_root]
614 level = CRITICAL
614 level = CRITICAL
615 handlers = null
615 handlers = null
616
616
617 <%text>##</%text> Note: If logging is configured with other handlers, they might need similar
617 <%text>##</%text> Note: If logging is configured with other handlers, they might need similar
618 <%text>##</%text> muting for ssh-serve too.
618 <%text>##</%text> muting for ssh-serve too.
General Comments 0
You need to be logged in to leave comments. Login now