|
Jeremy Cline |
4e3668 |
import os
|
|
Jeremy Cline |
4e3668 |
from datetime import timedelta
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Set the time after which the admin session expires
|
|
Jeremy Cline |
4e3668 |
# There are two sessions on pagure, login that holds for 31 days and
|
|
Jeremy Cline |
4e3668 |
# the session defined here after which an user has to re-login.
|
|
Jeremy Cline |
4e3668 |
# This session is used when accessing all administrative parts of pagure
|
|
Jeremy Cline |
4e3668 |
# (ie: changing a project's or a user's settings)
|
|
Jeremy Cline |
4e3668 |
ADMIN_SESSION_LIFETIME = timedelta(minutes=20000000)
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Secret key for the Flask application
|
|
Jeremy Cline |
4e3668 |
SECRET_KEY='<the application="" key="" secret="" web="">'</the>
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### url to the database server:
|
|
Jeremy Cline |
4e3668 |
#DB_URL=mysql://user:pass@host/db_name
|
|
Jeremy Cline |
4e3668 |
#DB_URL=postgres://user:pass@host/db_name
|
|
Jeremy Cline |
4e3668 |
DB_URL = 'sqlite:////home/vagrant/pagure_data/pagure_dev.sqlite'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### The FAS group in which the admin of pagure are
|
|
Jeremy Cline |
4e3668 |
ADMIN_GROUP = ['sysadmin-main']
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Hard-coded list of global admins
|
|
Jeremy Cline |
4e3668 |
PAGURE_ADMIN_USERS = []
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### The URL at which the project is available.
|
|
Jeremy Cline |
c82c27 |
APP_URL = '*'
|
|
Jeremy Cline |
4e3668 |
### The URL at which the documentation of projects will be available
|
|
Jeremy Cline |
4e3668 |
## This should be in a different domain to avoid XSS issues since we want
|
|
Jeremy Cline |
4e3668 |
## to allow raw html to be displayed (different domain, ie not a sub-domain).
|
|
Jeremy Cline |
c82c27 |
DOC_APP_URL = '*'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# Avoid sending emails while developing by default
|
|
Jeremy Cline |
4e3668 |
EMAIL_SEND = False
|
|
Jeremy Cline |
4e3668 |
EMAIL_ERROR = 'vagrant@localhost'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### The URL to use to clone git repositories.
|
|
Jeremy Cline |
4e3668 |
GIT_URL_SSH = 'ssh://vagrant@pagure-dev.example.com/'
|
|
Jeremy Cline |
4e3668 |
GIT_URL_GIT = 'http://pagure-dev.example.com:5000/'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Folder containing to the git repos
|
|
Jeremy Cline |
4e3668 |
STORAGE_ROOT = '/home/vagrant/pagure_data/'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
GIT_FOLDER = os.path.join(STORAGE_ROOT, 'repos')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Folder containing the docs repos
|
|
Jeremy Cline |
4e3668 |
DOCS_FOLDER = os.path.join(STORAGE_ROOT, 'docs')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Folder containing the tickets repos
|
|
Jeremy Cline |
4e3668 |
TICKETS_FOLDER = os.path.join(STORAGE_ROOT, 'tickets')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Folder containing the pull-requests repos
|
|
Jeremy Cline |
4e3668 |
REQUESTS_FOLDER = os.path.join(STORAGE_ROOT, 'requests')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Folder containing the clones for the remote pull-requests
|
|
Jeremy Cline |
4e3668 |
REMOTE_GIT_FOLDER = os.path.join(STORAGE_ROOT, 'remotes')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Whether to enable scanning for viruses in attachments
|
|
Jeremy Cline |
4e3668 |
VIRUS_SCAN_ATTACHMENTS = False
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Home folder of the gitolite user
|
|
Jeremy Cline |
4e3668 |
### Folder where to run gl-compile-conf from
|
|
Jeremy Cline |
4e3668 |
GITOLITE_HOME = '/home/vagrant/'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Configuration file for gitolite
|
|
Jeremy Cline |
4e3668 |
GITOLITE_CONFIG = os.path.join(GITOLITE_HOME, '.gitolite/conf/gitolite.conf')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Version of gitolite used: 2 or 3?
|
|
Jeremy Cline |
4e3668 |
GITOLITE_VERSION = 3
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Folder containing all the public ssh keys for gitolite
|
|
Jeremy Cline |
4e3668 |
GITOLITE_KEYDIR = os.path.join(GITOLITE_HOME, '.gitolite/keydir/')
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Path to the gitolite.rc file
|
|
Jeremy Cline |
4e3668 |
GL_RC = '/home/vagrant/.gitolite.rc'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Path to the /bin directory where the gitolite tools can be found
|
|
Jeremy Cline |
4e3668 |
GL_BINDIR = '/usr/bin/'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# SSH Information
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### The ssh certificates of the git server to be provided to the user
|
|
Jeremy Cline |
4e3668 |
### /!\ format is important
|
|
Jeremy Cline |
4e3668 |
# SSH_KEYS = {'RSA': {'fingerprint': '<foo>', 'pubkey': '<bar>'}}</bar></foo>
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# Optional configuration
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Number of items displayed per page
|
|
Jeremy Cline |
4e3668 |
# Used when listing items
|
|
Jeremy Cline |
4e3668 |
ITEM_PER_PAGE = 50
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Maximum size of the uploaded content
|
|
Jeremy Cline |
4e3668 |
# Used to limit the size of file attached to a ticket for example
|
|
Jeremy Cline |
4e3668 |
MAX_CONTENT_LENGTH = 4 * 1024 * 1024 # 4 megabytes
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Lenght for short commits ids or file hex
|
|
Jeremy Cline |
4e3668 |
SHORT_LENGTH = 6
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### List of blacklisted project names that can conflicts for pagure's URLs
|
|
Jeremy Cline |
4e3668 |
### or other
|
|
Jeremy Cline |
4e3668 |
BLACKLISTED_PROJECTS = [
|
|
Jeremy Cline |
4e3668 |
'static', 'pv', 'releases', 'new', 'api', 'settings',
|
|
Jeremy Cline |
4e3668 |
'logout', 'login', 'users', 'groups', 'projects']
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### IP addresses allowed to access the internal endpoints
|
|
Jeremy Cline |
4e3668 |
### These endpoints are used by the milter and are security sensitive, thus
|
|
Jeremy Cline |
4e3668 |
### the IP filter
|
|
Jeremy Cline |
4e3668 |
IP_ALLOWED_INTERNAL = ['127.0.0.1', 'localhost', '::1',]
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### EventSource/Web-Hook/Redis configuration
|
|
Jeremy Cline |
4e3668 |
# The eventsource integration is what allows pagure to refresh the content
|
|
Jeremy Cline |
4e3668 |
# on your page when someone else comments on the ticket (and this without
|
|
Jeremy Cline |
4e3668 |
# asking you to reload the page.
|
|
Jeremy Cline |
4e3668 |
# By default it is off, ie: EVENTSOURCE_SOURCE is None, to turn it on, specify
|
|
Jeremy Cline |
4e3668 |
# here what the URL of the eventsource server is, for example:
|
|
Jeremy Cline |
4e3668 |
# https://ev.pagure.io or https://pagure.io:8080 or whatever you are using
|
|
Jeremy Cline |
4e3668 |
# (Note: the urls sent to it start with a '/' so no need to add one yourself)
|
|
Jeremy Cline |
c82c27 |
EVENTSOURCE_SOURCE = 'http://localhost:8080'
|
|
Jeremy Cline |
4e3668 |
# Port where the event source server is running (maybe be the same port
|
|
Jeremy Cline |
4e3668 |
# as the one specified in EVENTSOURCE_SOURCE or a different one if you
|
|
Jeremy Cline |
4e3668 |
# have something running in front of the server such as apache or stunnel).
|
|
Jeremy Cline |
4e3668 |
EVENTSOURCE_PORT = 8080
|
|
Jeremy Cline |
4e3668 |
# If this port is specified, the event source server will run another server
|
|
Jeremy Cline |
4e3668 |
# at this port and will provide information about the number of active
|
|
Jeremy Cline |
4e3668 |
# connections running on the first (main) event source server
|
|
Jeremy Cline |
4e3668 |
#EV_STATS_PORT = 8888
|
|
Jeremy Cline |
4e3668 |
# Web-hook can be turned on or off allowing using them for notifications, or
|
|
Jeremy Cline |
4e3668 |
# not.
|
|
Jeremy Cline |
4e3668 |
WEBHOOK = True
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Redis configuration
|
|
Jeremy Cline |
4e3668 |
# A redis server is required for both the Event-Source server or the web-hook
|
|
Jeremy Cline |
4e3668 |
# server.
|
|
Jeremy Cline |
c82c27 |
REDIS_HOST = '127.0.0.1'
|
|
Jeremy Cline |
4e3668 |
REDIS_PORT = 6379
|
|
Jeremy Cline |
4e3668 |
REDIS_DB = 0
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# Authentication related configuration option
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
### Switch the authentication method
|
|
Jeremy Cline |
4e3668 |
# Specify which authentication method to use, defaults to `fas` can be or
|
|
Jeremy Cline |
4e3668 |
# `local`
|
|
Jeremy Cline |
4e3668 |
# Default: ``fas``.
|
|
Jeremy Cline |
4e3668 |
PAGURE_AUTH = 'fas'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# When this is set to True, the session cookie will only be returned to the
|
|
Jeremy Cline |
4e3668 |
# server via ssl (https). If you connect to the server via plain http, the
|
|
Jeremy Cline |
4e3668 |
# cookie will not be sent. This prevents sniffing of the cookie contents.
|
|
Jeremy Cline |
4e3668 |
# This may be set to False when testing your application but should always
|
|
Jeremy Cline |
4e3668 |
# be set to True in production.
|
|
Jeremy Cline |
4e3668 |
# Default: ``True``.
|
|
Jeremy Cline |
4e3668 |
SESSION_COOKIE_SECURE = False
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# The name of the cookie used to store the session id.
|
|
Jeremy Cline |
4e3668 |
# Default: ``.pagure``.
|
|
Jeremy Cline |
4e3668 |
SESSION_COOKIE_NAME = 'pagure'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# Boolean specifying whether to check the user's IP address when retrieving
|
|
Jeremy Cline |
4e3668 |
# its session. This make things more secure (thus is on by default) but
|
|
Jeremy Cline |
4e3668 |
# under certain setup it might not work (for example is there are proxies
|
|
Jeremy Cline |
4e3668 |
# in front of the application).
|
|
Jeremy Cline |
4e3668 |
CHECK_SESSION_IP = True
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# Used by SESSION_COOKIE_PATH
|
|
Jeremy Cline |
4e3668 |
APPLICATION_ROOT = '/'
|
|
Jeremy Cline |
4e3668 |
|
|
Jeremy Cline |
4e3668 |
# Allow the backward compatiblity endpoints for the old URLs schema to
|
|
Jeremy Cline |
4e3668 |
# see the commits of a repo. This is only interesting if you pagure instance
|
|
Jeremy Cline |
4e3668 |
# was running since before version 1.3 and if you care about backward
|
|
Jeremy Cline |
4e3668 |
# compatibility in your URLs.
|
|
Jeremy Cline |
4e3668 |
OLD_VIEW_COMMIT_ENABLED = False
|