Blame doc/configuration.rst

Pierre-Yves Chibon 2cf341
Configuration
Pierre-Yves Chibon 2cf341
=============
Pierre-Yves Chibon 2cf341
Pierre-Yves Chibon 7eabf8
Pagure offers a wide varieties of options that must or can be used to
Pierre-Yves Chibon 2cf341
adjust its behavior.
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon dde1e3
All of these options can be edited or added to your configuration file.
Pierre-Yves Chibon dde1e3
If you have installed pagure, this configuration file is likely located in
Pierre-Yves Chibon dde1e3
``/etc/pagure/pagure.cfg``. Otherwise, it will depend on your
Pierre-Yves Chibon dde1e3
setup/deployment.
Pierre-Yves Chibon 909a5f
Pierre-Yves Chibon 494104
Pierre-Yves Chibon a6079f
Must options
Pierre-Yves Chibon a6079f
------------
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon 7eabf8
Here are the options you must set up in order to get pagure running.
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
SECRET_KEY
Pierre-Yves Chibon a6079f
~~~~~~~~~~
Pierre-Yves Chibon a6079f
bill auger e9ffb5
This configuration key is used by flask to create the session. It should be kept secret
Pierre-Yves Chibon a6079f
and set as a long and random string.
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon 764459
SALT_EMAIL
Pierre-Yves Chibon 764459
~~~~~~~~~~
Pierre-Yves Chibon 764459
bill auger e9ffb5
This configuration key is used to ensure that when sending
Pierre-Yves Chibon 764459
notifications to different users, each one of them has a different, unique
René Genz 520020
and unfakeable ``Reply-To`` header. This header is then used by the milter to find
Pierre-Yves Chibon 764459
out if the response received is a real one or a fake/invalid one.
Pierre-Yves Chibon 764459
Pierre-Yves Chibon 764459
Pierre-Yves Chibon a6079f
DB_URL
Pierre-Yves Chibon a6079f
~~~~~~
Pierre-Yves Chibon a6079f
bill auger e9ffb5
This configuration key indicates to the framework how and where to connect to the database
bill auger e9ffb5
server. Pagure uses `SQLAchemy <http: www.sqlalchemy.org="">`_ to connect</http:>
bill auger e9ffb5
to a wide range of database server including MySQL, PostgreSQL, and SQLite.
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
Examples values:
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
::
Pierre-Yves Chibon a6079f
bill auger e9ffb5
    DB_URL = 'mysql://user:pass@host/db_name'
bill auger e9ffb5
    DB_URL = 'postgres://user:pass@host/db_name'
Pierre-Yves Chibon a6079f
    DB_URL = 'sqlite:////var/tmp/pagure_dev.sqlite'
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
Defaults to ``sqlite:////var/tmp/pagure_dev.sqlite``
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
Pierre-Yves Chibon a6079f
APP_URL
Pierre-Yves Chibon a6079f
~~~~~~~
Pierre-Yves Chibon a6079f
bill auger e9ffb5
This configuration key indicates the URL at which this pagure instance will be made available.
Pierre-Yves Chibon a6079f
Neal Gompa 9c34c4
Defaults to: ``http://localhost.localdomain/``
Pierre-Yves Chibon 2e4eca
Pierre-Yves Chibon 2e4eca
Pierre-Yves Chibon 2e4eca
EMAIL_ERROR
Pierre-Yves Chibon 2e4eca
~~~~~~~~~~~
Pierre-Yves Chibon 2e4eca
René Genz 520020
Pagure sends email when it catches an unexpected error (which saves you from
bill auger e9ffb5
having to monitor the logs regularly; but if you like, the error is still
Pierre-Yves Chibon 2e4eca
present in the logs).
bill auger e9ffb5
This configuration key allows you to specify to which email address to send
bill auger e9ffb5
these error reports.
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 7a3469
GIT_URL_SSH
Pierre-Yves Chibon 7a3469
~~~~~~~~~~~
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 7a3469
This configuration key provides the information to the user on how to clone
Pierre-Yves Chibon 78aca2
the git repos hosted on pagure via `SSH <https: en.wikipedia.org="" secure_shell="" wiki="">`_.</https:>
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 7a3469
The URL should end with a slash ``/``.
Pierre-Yves Chibon 7a3469
Neal Gompa 9c34c4
Defaults to: ``'ssh://git@llocalhost.localdomain/'``
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 8a18c8
.. note:: If you are using a custom setup for your deployment where every
Pierre-Yves Chibon 8a18c8
        user has an account on the machine you may want to tweak this URL
Pierre-Yves Chibon 8a18c8
        to include the username. If that is the case, you can use
Pierre-Yves Chibon 8a18c8
        ``{username}`` in the URL and it will be expanded to the username
Pierre-Yves Chibon 8a18c8
        of the user viewing the page when rendered.
Pierre-Yves Chibon 8a18c8
        For example: ``'ssh://{username}@pagure.org/'``
Pierre-Yves Chibon 8a18c8
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 7a3469
GIT_URL_GIT
Pierre-Yves Chibon 7a3469
~~~~~~~~~~~
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 7a3469
This configuration key provides the information to the user on how to clone
Pierre-Yves Chibon ffa951
the git repos hosted on pagure anonymously. This access can be granted via
Pierre-Yves Chibon 7a3469
the ``git://`` or ``http(s)://`` protocols.
Pierre-Yves Chibon 7a3469
Pierre-Yves Chibon 7a3469
The URL should end with a slash ``/``.
Pierre-Yves Chibon 7a3469
Neal Gompa 9c34c4
Defaults to: ``'git://localhost.localdomain/'``
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon 77edd1
BROKER_URL
Pierre-Yves Chibon 77edd1
~~~~~~~~~~
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
This configuration key is used to point celery to the broker to use. This
Pierre-Yves Chibon 77edd1
is the broker that is used to communicate between the web application and
Pierre-Yves Chibon 77edd1
its workers.
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
Defaults to: ``'redis://%s' % APP.config['REDIS_HOST']``
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
.. note:: See the :ref:`redis-section` for the ``REDIS_HOST`` configuration
Pierre-Yves Chibon 77edd1
          key
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 494104
bill auger e9ffb5
Repo Directories
bill auger e9ffb5
----------------
Pierre-Yves Chibon d4c756
Slavek Kabrda adea20
Each project in pagure has 2 to 4 git repositories, depending on configuration
Slavek Kabrda adea20
of the Pagure instance (see below):
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon d4c756
- the main repo for the code
Slavek Kabrda adea20
- the doc repo showed in the doc server (optional)
Slavek Kabrda adea20
- the ticket repo storing the metadata of the tickets (optional)
bill auger e9ffb5
- the request repo storing the metadata of the pull-requests
Pierre-Yves Chibon d4c756
bill auger e9ffb5
There are then another 3 folders: one for specifying the locations of the forks, one
bill auger e9ffb5
for the remote git repo used for the remotes pull-requests (ie: those coming from
bill auger e9ffb5
a project not hosted on this instance of pagure), and one for user-uploaded tarballs.
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon d4c756
bill auger e9ffb5
GIT_FOLDER
bill auger e9ffb5
~~~~~~~~~~
Pierre-Yves Chibon d4c756
Slavek Kabrda adea20
This configuration key points to the folder where the git repos are stored.
Slavek Kabrda adea20
For every project, two to four repos are created:
Pierre-Yves Chibon d4c756
Slavek Kabrda adea20
* a repo with source code of the project
Slavek Kabrda adea20
* a repo with documentation of the project
Slavek Kabrda adea20
  (if ``ENABLE_DOCS`` is ``True``)
Slavek Kabrda adea20
* a repo with metadata of tickets opened against the project
Slavek Kabrda adea20
  (if ``ENABLE_TICKETS`` is ``True``)
Slavek Kabrda adea20
* a repo with metadata of pull requests opened against the project
Pierre-Yves Chibon d4c756
Slavek Kabrda adea20
Note that gitolite config value ``GL_REPO_BASE`` (if using gitolite 3)
Slavek Kabrda adea20
or ``$REPO_BASE`` (if using gitolite 2) **must** have exactly the same
Slavek Kabrda adea20
value as ``GIT_FOLDER``.
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon d4c756
REMOTE_GIT_FOLDER
Pierre-Yves Chibon d4c756
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon d4c756
Pierre-Yves Chibon aadfc3
This configuration key points to the folder where the remote git repos (ie:
Pierre-Yves Chibon aadfc3
not hosted on pagure) that someone used to open a pull-request against a
Pierre-Yves Chibon aadfc3
project hosted on pagure are stored.
Pierre-Yves Chibon 0928d4
Pierre-Yves Chibon 0928d4
bill auger e9ffb5
UPLOAD_FOLDER_PATH
bill auger e9ffb5
~~~~~~~~~~~~~~~~~~
bill auger e9ffb5
bill auger e9ffb5
This configuration key points to the folder where user-uploaded tarballs
bill auger e9ffb5
are stored and served from.
bill auger e9ffb5
bill auger e9ffb5
Pierre-Yves Chibon 77edd1
ATTACHMENTS_FOLDER
Pierre-Yves Chibon 77edd1
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
This configuration key points to the folder where attachments can be cached
Pierre-Yves Chibon 77edd1
for easier access by the web-server (allowing to not interact with the git
Pierre-Yves Chibon 77edd1
repo having it to serve it).
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 7dac79
UPLOAD_FOLDER_URL
Pierre-Yves Chibon 7dac79
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 7dac79
René Genz 520020
Full URL to where the uploads are available. It is highly recommended for
Pierre-Yves Chibon 7dac79
security reasons that this URL lives on a different domain than the main
Pierre-Yves Chibon 7dac79
application (an entirely different domain, not just a sub-domain).
Pierre-Yves Chibon 7dac79
Pierre-Yves Chibon 7dac79
Defaults to: ``/releases/``, unsafe for production!
Pierre-Yves Chibon 7dac79
Pierre-Yves Chibon 7dac79
Pierre-Yves Chibon 7dac79
.. warning:: both `UPLOAD_FOLDER_PATH` and `UPLOAD_FOLDER_URL` must be
Pierre-Yves Chibon 7dac79
            specified for the upload release feature to work
Pierre-Yves Chibon 7dac79
Pierre-Yves Chibon 7dac79
Pierre-Yves Chibon 0928d4
SESSION_COOKIE_SECURE
Pierre-Yves Chibon 0928d4
~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 0928d4
Pierre-Yves Chibon 0928d4
When this is set to True, the session cookie will only be returned to the
Pierre-Yves Chibon 0928d4
server via ssl (https). If you connect to the server via plain http, the
Pierre-Yves Chibon 0928d4
cookie will not be sent. This prevents sniffing of the cookie contents.
Pierre-Yves Chibon 0928d4
This may be set to False when testing your application but should always
Pierre-Yves Chibon 0928d4
be set to True in production.
Pierre-Yves Chibon 0928d4
Pierre-Yves Chibon 0928d4
Defaults to: ``False`` for development, must be ``True`` in production with
Pierre-Yves Chibon 0928d4
https.
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
Slavek Kabrda 9c176a
SESSION_TYPE
Slavek Kabrda 9c176a
~~~~~~~~~~~~
Slavek Kabrda 9c176a
Slavek Kabrda 9c176a
Enables the `flask-session <https: flask-session="" pythonhosted.org="">`_</https:>
Slavek Kabrda 9c176a
extension if set to a value other than ``None``. The ``flask-session``
Slavek Kabrda 9c176a
package needs to be installed and proper
Lubomír Sedlář 250277
`configuration <https: #configuration="" flask-session="" pythonhosted.org="">`_</https:>
Slavek Kabrda 9c176a
needs to be included in the Pagure config file.
Slavek Kabrda 9c176a
Slavek Kabrda 9c176a
This is useful when the Pagure server needs to be scaled up to multiple
Slavek Kabrda 9c176a
instances, which requires the flask session keys to be shared between those.
Slavek Kabrda 9c176a
Flask-session allows you to use Redis, Memcached, relational database
Slavek Kabrda 9c176a
or MongoDB for storing shared session keys.
Slavek Kabrda 9c176a
Slavek Kabrda 9c176a
Pierre-Yves Chibon 909a5f
FROM_EMAIL
Pierre-Yves Chibon 909a5f
~~~~~~~~~~
Pierre-Yves Chibon 909a5f
bill auger e9ffb5
This configuration key specifies the email address used by this pagure instance
Pierre-Yves Chibon 909a5f
when sending emails (notifications).
Pierre-Yves Chibon 909a5f
Neal Gompa 9c34c4
Defaults to: ``pagure@localhost.localdomain``
Pierre-Yves Chibon 909a5f
Pierre-Yves Chibon 909a5f
Pierre-Yves Chibon 1b7aad
DOMAIN_EMAIL_NOTIFICATIONS
Pierre-Yves Chibon 1b7aad
~~~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 1b7aad
bill auger e9ffb5
This configuration key specifies the domain used by this pagure instance
bill auger e9ffb5
when sending emails (notifications). More precisely, it is used
Pierre-Yves Chibon 1b7aad
when building the ``msg-id`` header of the emails sent.
Pierre-Yves Chibon 1b7aad
Neal Gompa 9c34c4
Defaults to: ``localhost.localdomain``
Pierre-Yves Chibon 1b7aad
Pierre-Yves Chibon 1b7aad
Patrick Uiterwijk 78afb3
VIRUS_SCAN_ATTACHMENTS
Patrick Uiterwijk 78afb3
~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 78afb3
bill auger e9ffb5
This configuration key configures whether attachments are scanned for viruses on
Patrick Uiterwijk 78afb3
upload. For more information, see the install.rst guide.
Patrick Uiterwijk 78afb3
Patrick Uiterwijk 78afb3
Defaults to: ``False``
Patrick Uiterwijk 78afb3
Patrick Uiterwijk 78afb3
Patrick Uiterwijk ad0b72
GIT_AUTH_BACKEND
Patrick Uiterwijk ad0b72
^^^^^^^^^^^^^^^^
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
This configuration key allows specifying which git auth backend to use.
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
Git auth backends can either be static (like gitolite), where a file is
Patrick Uiterwijk ad0b72
generated when something changed and then used on login, or dynamic,
Patrick Uiterwijk ad0b72
where the actual ACLs are checked in a git hook before being applied.
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
By default pagure provides the following backends:
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
- `test_auth`: simple debugging backend printing and returning the string ``Called GitAuthTestHelper.generate_acls()``
Patrick Uiterwijk ad0b72
- `gitolite2`: allows deploying pagure on the top of gitolite 2
Patrick Uiterwijk ad0b72
- `gitolite3`: allows deploying pagure on the top of gitolite 3
mrx@mailinator.com 607f4a
- `pagure`: Pagure git auth implementation (using keyhelper.py and aclchecker.py)
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
Defaults to: ``gitolite3``
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
.. note:: The option GITOLITE_BACKEND is the legacy name, and for backwards compatibility reasons will override this setting
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
.. note:: These options can be expended, cf :ref:`custom-gitolite`.
Patrick Uiterwijk ad0b72
Pierre-Yves Chibon 494104
Pierre-Yves Chibon f17ee3
Configure Gitolite
Pierre-Yves Chibon f17ee3
------------------
Pierre-Yves Chibon f17ee3
Patrick Uiterwijk ad0b72
Pagure can use `gitolite <http: gitolite.com="">`_ as an authorization layer.</http:>
Pierre-Yves Chibon f17ee3
Gitolite relies on `SSH <https: en.wikipedia.org="" secure_shell="" wiki="">`_ for</https:>
Pierre-Yves Chibon 145998
the authentication. In other words, SSH lets you in and gitolite checks if
Pierre-Yves Chibon 145998
you are allowed to do what you are trying to do once you are inside.
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon 145998
Pagure supports both gitolite 2 and gitolite 3 and the code generating
Pierre-Yves Chibon 145998
the gitolite configuration can be customized for easier integration with
Pierre-Yves Chibon 145998
other systems (cf :ref:`custom-gitolite`).
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
**gitolite 2 and 3**
Pierre-Yves Chibon 145998
~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
GITOLITE_HOME
Pierre-Yves Chibon 9774b7
^^^^^^^^^^^^^
Pierre-Yves Chibon f17ee3
bill auger e9ffb5
This configuration key points to the home directory of the user under which
bill auger e9ffb5
gitolite is ran.
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
GITOLITE_KEYDIR
Pierre-Yves Chibon 9774b7
^^^^^^^^^^^^^^^
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
This configuration key points to the folder where gitolite stores and accesses
Pierre-Yves Chibon f17ee3
the public SSH keys of all the user have access to the server.
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
Since pagure is the user interface, it is pagure that writes down the files
bill auger e9ffb5
in this directory, effectively setting up the users to be able to use gitolite.
bill auger e9ffb5
bill auger e9ffb5
bill auger e9ffb5
GITOLITE_CONFIG
Pierre-Yves Chibon 9774b7
^^^^^^^^^^^^^^^
bill auger e9ffb5
bill auger e9ffb5
This configuration key points to the gitolite.conf file where pagure writes
bill auger e9ffb5
the gitolite repository access configuration.
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon 56e29f
GITOLITE_CELERY_QUEUE
Pierre-Yves Chibon 9774b7
^^^^^^^^^^^^^^^^^^^^^
Pierre-Yves Chibon 56e29f
Pierre-Yves Chibon 56e29f
This configuration is useful for large pagure deployment where recompiling
Pierre-Yves Chibon 56e29f
the gitolite config file can take a long time. By default the compilation
Pierre-Yves Chibon 56e29f
of gitolite's configuration file is done by the pagure_worker, which spawns
Pierre-Yves Chibon 56e29f
by default 4 concurrent workers. If it takes a while to recompile the
Pierre-Yves Chibon 56e29f
gitolite configuration file, these workers may be stepping on each others'
Pierre-Yves Chibon 56e29f
toes.
Pierre-Yves Chibon 56e29f
In this situation, this configuration key allows you to direct the messages
Pierre-Yves Chibon 56e29f
asking for the gitolite configuration file to be compiled to a different
Pierre-Yves Chibon 56e29f
queue which can then be handled by a different service/worker.
Pierre-Yves Chibon 56e29f
Pierre-Yves Chibon 56e29f
Pagure provides a ``pagure_gitolite_worker.service`` systemd service file
Pierre-Yves Chibon 56e29f
pre-configured to handles these messages if this configuration key is set
Pierre-Yves Chibon 56e29f
to ``gitolite_queue``.
Pierre-Yves Chibon 56e29f
Pierre-Yves Chibon 56e29f
Pierre-Yves Chibon 145998
**gitolite 2 only**
Pierre-Yves Chibon 145998
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 145998
Pierre-Yves Chibon f17ee3
GL_RC
Pierre-Yves Chibon 9774b7
^^^^^
Pierre-Yves Chibon f17ee3
bill auger e9ffb5
This configuration key points to the file ``gitolite.rc`` used by gitolite
Pierre-Yves Chibon f17ee3
to record who has access to what (ie: who has access to which repo/branch).
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
GL_BINDIR
Pierre-Yves Chibon 9774b7
^^^^^^^^^
Pierre-Yves Chibon f17ee3
Pierre-Yves Chibon f17ee3
This configuration key indicates the folder in which the gitolite tools can
Pierre-Yves Chibon f17ee3
be found. It can be as simple as ``/usr/bin/`` if the tools have been installed
Pierre-Yves Chibon f17ee3
using a package manager or something like ``/opt/bin/`` for a more custom
Pierre-Yves Chibon f17ee3
install.
Pierre-Yves Chibon a9a543
Pierre-Yves Chibon 9774b7
Slavek Kabrda 6197ad
**gitolite 3 only**
Slavek Kabrda 6197ad
~~~~~~~~~~~~~~~~~~~
Slavek Kabrda 6197ad
Slavek Kabrda 6197ad
GITOLITE_HAS_COMPILE_1
Pierre-Yves Chibon 9774b7
^^^^^^^^^^^^^^^^^^^^^^
Pierre-Yves Chibon a9a543
Slavek Kabrda 6197ad
By setting this configuration key to ``True``, you can turn on using the
Slavek Kabrda 6197ad
gitolite ``compile-1`` binary. This speeds up gitolite task when it recompiles
Pierre-Yves Chibon c7a8ff
configuration after new project is created. In order to use this, you need to
Pierre-Yves Chibon c7a8ff
have the ``compile-1`` gitolite command.
Pierre-Yves Chibon c7a8ff
Pierre-Yves Chibon c7a8ff
There are two ways to have it,
Pierre-Yves Chibon c7a8ff
Pierre-Yves Chibon c7a8ff
#. You distribution already has the file installed for you and you can then
Pierre-Yves Chibon c7a8ff
   just use it.
Pierre-Yves Chibon c7a8ff
#. You need to download and install it yourself. We are describing what
Pierre-Yves Chibon c7a8ff
   needs to be done for this here below.
Pierre-Yves Chibon c7a8ff
Pierre-Yves Chibon c7a8ff
Installing the ``compile-1`` command:
Pierre-Yves Chibon c7a8ff
Slavek Kabrda 6197ad
* You also have to make sure that your distribution of gitolite contains
Slavek Kabrda 6197ad
  `patch <https: c4b6521a4b82e639f6ed776abad79c="" commit="" github.com="" gitolite="" sitaramc="">`_</https:>
Pierre-Yves Chibon c7a8ff
  which makes gitolite respect ``ALLOW_ORPHAN_GL_CONF`` configuration variable,
Pierre-Yves Chibon c7a8ff
  if this patch isn't already present, you will have to make the change yourself.
Pierre-Yves Chibon c7a8ff
* In your ``gitolite.rc`` set ``ALLOW_ORPHAN_GL_CONF`` to ``1`` (you may
Pierre-Yves Chibon c7a8ff
  have to add it yourself).
Pierre-Yves Chibon c7a8ff
* Still in your ``gitolite.rc`` file, uncomment ``LOCAL_CODE`` file and set
Pierre-Yves Chibon c7a8ff
  it to a full path of a directory that you choose (for example
Pierre-Yves Chibon c7a8ff
  ``/usr/local/share/gitolite3``).
Pierre-Yves Chibon c7a8ff
* Create a subdirectory ``commands`` under the path you picked for ``LOCAL_CODE``
Pierre-Yves Chibon c7a8ff
  (in our example, you will need to do: ``mkdir -p /usr/local/share/gitolite3/commands``)
Pierre-Yves Chibon c7a8ff
* Finally, install the ``compile-1`` command in this ``commands`` subdirectory
Pierre-Yves Chibon c7a8ff
  If your installation doesn't ship this file, you can `download it
Pierre-Yves Chibon c7a8ff
  <https: blob="" commands="" compile-1="" contrib="" github.com="" gitolite="" master="" sitaramc="">`_.</https:>
Pierre-Yves Chibon c7a8ff
  (Ensure the file is executable, otherwise gitolite will not find it)
Slavek Kabrda 6197ad
Slavek Kabrda 6197ad
Defaults to: ``False``
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 9774b7
Pierre-Yves Chibon 8fc6b7
EventSource options
Pierre-Yves Chibon 8fc6b7
-------------------
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
EVENTSOURCE_SOURCE
Pierre-Yves Chibon 8fc6b7
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
This configuration key indicates the URL at which the EventSource server is
Pierre-Yves Chibon 8fc6b7
available. If not defined, pagure will behave as if there are no EventSource
Pierre-Yves Chibon 8fc6b7
server running.
Pierre-Yves Chibon 8fc6b7
bill auger e9ffb5
Pierre-Yves Chibon 8fc6b7
EVENTSOURCE_PORT
Pierre-Yves Chibon 8fc6b7
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
This configuration key indicates the port at which the EventSource server is
bill auger e9ffb5
running.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 68903e
.. note:: The EventSource server requires a redis server (see ``Redis options``
Pierre-Yves Chibon 68903e
         below)
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 68903e
Web-hooks notifications
Pierre-Yves Chibon 68903e
-----------------------
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 68903e
WEBHOOK
Pierre-Yves Chibon 68903e
~~~~~~~
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 68903e
This configuration key allows turning on or off web-hooks notifications for
Pierre-Yves Chibon 68903e
this pagure instance.
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 68903e
Defaults to: ``False``.
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 68903e
.. note:: The Web-hooks server requires a redis server (see ``Redis options``
Pierre-Yves Chibon 68903e
         below)
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 77edd1
.. _redis-section:
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 68903e
Redis options
Pierre-Yves Chibon 68903e
-------------
Pierre-Yves Chibon 68903e
Pierre-Yves Chibon 8fc6b7
REDIS_HOST
Pierre-Yves Chibon 8fc6b7
~~~~~~~~~~
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
This configuration key indicates the host at which the `redis <http: redis.io="">`_</http:>
Pierre-Yves Chibon 8fc6b7
server is running.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
Defaults to: ``0.0.0.0``.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
REDIS_PORT
Pierre-Yves Chibon 8fc6b7
~~~~~~~~~~
Pierre-Yves Chibon 8fc6b7
bill auger e9ffb5
This configuration key indicates the port at which the redis server can be
Pierre-Yves Chibon 8fc6b7
contacted.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
Defaults to: ``6379``.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
REDIS_DB
Pierre-Yves Chibon 8fc6b7
~~~~~~~~
Pierre-Yves Chibon 8fc6b7
bill auger e9ffb5
This configuration key indicates the name of the redis database to use for
bill auger e9ffb5
communicating with the EventSource server.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
Defaults to: ``0``.
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 8fc6b7
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 1abf96
Authentication options
Pierre-Yves Chibon 1abf96
----------------------
Pierre-Yves Chibon 1abf96
Pierre-Yves Chibon 1abf96
ADMIN_GROUP
Pierre-Yves Chibon 1abf96
~~~~~~~~~~~
Pierre-Yves Chibon 1abf96
bill auger e9ffb5
List of groups, either local or remote (if the openid server used supports the
bill auger e9ffb5
group extension), that are the site admins. These admins can regenerate the
bill auger e9ffb5
gitolite configuration, the ssh key files, and the hook-token for every project
Pierre-Yves Chibon 1abf96
as well as manage users and groups.
Pierre-Yves Chibon 1abf96
Pierre-Yves Chibon 1abf96
Pierre-Yves Chibon 1abf96
PAGURE_ADMIN_USERS
Pierre-Yves Chibon 1abf96
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 1abf96
bill auger e9ffb5
List of local users that are the site admins. These admins have the same rights as
bill auger e9ffb5
the users in the admin groups listed above as well as admin rights to
bill auger e9ffb5
all projects hosted on this pagure instance.
Pierre-Yves Chibon 1abf96
Pierre-Yves Chibon 1abf96
Pierre-Yves Chibon 585163
Celery Queue options
Pierre-Yves Chibon 585163
--------------------
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
In order to help prioritize between tasks having a direct impact on the user
Pierre-Yves Chibon 585163
experience and tasks needed to be run on the background but not directly
Pierre-Yves Chibon 585163
impacting the users, we have split the generic tasks triggered by the web
Pierre-Yves Chibon 585163
application into three possible queues: Fast, Medium, Slow.
Pierre-Yves Chibon 585163
If none of these options are set, a single queue will be used for all tasks.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
FAST_CELERY_QUEUE
Pierre-Yves Chibon 585163
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
This configuration key allows to specify a dedicated queue for tasks that
Pierre-Yves Chibon 585163
are triggered by the web frontend and need to be processed quickly for the
Pierre-Yves Chibon 585163
best user experience.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
This will be used for tasks such as creating a new project, forking or
Pierre-Yves Chibon 585163
merging a pull-request.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
Defaults to: ``None``.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
MEDIUM_CELERY_QUEUE
Pierre-Yves Chibon 585163
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
This configuration key allows to specify a dedicated queue for tasks that
Pierre-Yves Chibon 585163
are triggered by the web frontend and need to be processed but aren't critical
Pierre-Yves Chibon 585163
for the best user experience.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
This will be used for tasks such as updating a file in a git repository.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
Defaults to: ``None``.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
SLOW_CELERY_QUEUE
Pierre-Yves Chibon 585163
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
This configuration key allows to specify a dedicated queue for tasks that
Pierre-Yves Chibon 585163
are triggered by the web frontend, are slow and do not impact the user
Pierre-Yves Chibon 585163
experience in the user interface.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
This will be used for tasks such as updating the ticket git repo based on
Pierre-Yves Chibon 585163
the content posted in the user interface.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
Defaults to: ``None``.
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
Pierre-Yves Chibon 585163
Slavek Kabrda 631df5
Stomp Options
Slavek Kabrda 631df5
-------------
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Pagure integration with Stomp allows you to emit messages to any
Slavek Kabrda 631df5
stomp-compliant message bus.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_NOTIFICATIONS
Slavek Kabrda 631df5
~~~~~~~~~~~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
This configuration key allows to turn on or off notifications via
Slavek Kabrda 631df5
`stomp protocol <https: stomp.github.io="">`_. All other stomp-related</https:>
Slavek Kabrda 631df5
settings don't need to be present if this is set to ``False``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Defaults to: ``False``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_BROKERS
Slavek Kabrda 631df5
~~~~~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
List of 2-tuples with broker domain names and ports. For example
Slavek Kabrda 631df5
``[('primary.msg.bus.com', 6543), ('backup.msg.bus.com`, 6543)]``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_HIERARCHY
Slavek Kabrda 631df5
~~~~~~~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Base name of the hierarchy to emit messages to. For example
Slavek Kabrda 631df5
``/queue/some.hierarchy.``. Note that this **must** end with
Slavek Kabrda 631df5
a dot. Pagure will append queue names such as ``project.new``
Slavek Kabrda 631df5
to this value, resulting in queue names being e.g.
Slavek Kabrda 631df5
``/queue/some.hierarchy.project.new``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_SSL
Slavek Kabrda 631df5
~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Whether or not to use SSL when connecting to message brokers.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Defaults to: ``False``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_KEY_FILE
Slavek Kabrda 631df5
~~~~~~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Absolute path to key file for SSL connection. Only required if
Slavek Kabrda 631df5
``STOMP_SSL`` is set to ``True``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_CERT_FILE
Slavek Kabrda 631df5
~~~~~~~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Absolute path to certificate file for SSL connection. Only required if
Slavek Kabrda 631df5
``STOMP_SSL`` is set to ``True``.
Slavek Kabrda 631df5
Slavek Kabrda 631df5
STOMP_CREDS_PASSWORD
Slavek Kabrda 631df5
~~~~~~~~~~~~~~~~~~~~
Slavek Kabrda 631df5
Slavek Kabrda 631df5
Password for decoding ``STOMP_CERT_FILE`` and ``STOMP_KEY_FILE``. Only
Slavek Kabrda 631df5
required if ``STOMP_SSL`` is set to ``True`` and credentials files are
Slavek Kabrda 631df5
password-encoded.
Slavek Kabrda 631df5
Pierre-Yves Chibon daeb44
ALWAYS_STOMP_ON_COMMITS
Pierre-Yves Chibon daeb44
~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon daeb44
Pierre-Yves Chibon daeb44
This configuration key allows to enforce `stomp <https: stomp.github.io="">`_</https:>
Pierre-Yves Chibon daeb44
notifications on commits made on all projects in a pagure instance.
Pierre-Yves Chibon daeb44
Pierre-Yves Chibon daeb44
Defaults to: ``False``.
Pierre-Yves Chibon daeb44
Slavek Kabrda 631df5
Pierre-Yves Chibon a892ce
API token ACLs
Pierre-Yves Chibon a892ce
--------------
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
ACLS
Pierre-Yves Chibon a892ce
~~~~
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
This configuration key lists all the ACLs that can be associated with an API
Pierre-Yves Chibon a892ce
token with a short description of what the ACL allows to do.
Pierre-Yves Chibon a892ce
This key it not really meant to be changed unless you really know what you
Pierre-Yves Chibon a892ce
are doing.
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
USER_ACLS
Pierre-Yves Chibon a892ce
~~~~~~~~~
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
This configuration key allows to list which of the ACLs listed in ``ACLS``
Pierre-Yves Chibon a892ce
can be associated with an API token of a project in the (web) user interface.
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
Use this configuration key in combination with ``ADMIN_API_ACLS`` to disable
Pierre-Yves Chibon a892ce
certain ACLs for users while allowing admins to generate keys with them.
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon d0c6fa
Defaults to: ``[key for key in ACLS.keys() if key != 'generate_acls_project']``
Pierre-Yves Chibon d0c6fa
    (ie: all the ACLs in ``ACLS`` except for ``generate_acls_project``)
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
ADMIN_API_ACLS
Pierre-Yves Chibon a892ce
~~~~~~~~~~~~~~
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
This configuration key allows to list which of the ACLs listed in ``ACLS``
Pierre-Yves Chibon a892ce
can be generated by the ``pagure-admin`` CLI tool by admins.
Pierre-Yves Chibon a892ce
Slavek Kabrda 835cab
Defaults to: ``['issue_comment', 'issue_create', 'issue_change_status', 'pull_request_flag', 'pull_request_comment', 'pull_request_merge', 'generate_acls_project', 'commit_flag', 'create_branch']``
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
CROSS_PROJECT_ACLS
Pierre-Yves Chibon a892ce
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon a892ce
This configuration key allows to list which of the ACLs listed in ``ACLS``
Pierre-Yves Chibon a892ce
can be associated with a project-less API token in the (web) user interface.
Pierre-Yves Chibon a892ce
These project-less API tokens can be generated in the user's settings page
Pierre-Yves Chibon a892ce
and allows action in multiple projects instead of being restricted to a
Pierre-Yves Chibon a892ce
specific one.
Pierre-Yves Chibon a892ce
Slavek Kabrda 835cab
Defaults to: ``['create_project', 'fork_project', 'modify_project']``
Pierre-Yves Chibon a892ce
Pierre-Yves Chibon 494104
Pierre-Yves Chibon a9a543
Optional options
Pierre-Yves Chibon a9a543
----------------
Pierre-Yves Chibon a9a543
Ryan Lerch 2db901
Theming
Ryan Lerch 2db901
~~~~~~~
Ryan Lerch 2db901
Ryan Lerch 2db901
THEME
Ryan Lerch 2db901
^^^^^
Ryan Lerch 2db901
Ryan Lerch 2db901
This configuration key allows you to specify the theme to be used. The
Ryan Lerch 2db901
string specified is the name of the theme directory in ``pagure/themes/``
Ryan Lerch 2db901
Ryan Lerch 2db901
For more information about theming see the :doc:`usage/theming`
Ryan Lerch 2db901
Ryan Lerch 2db901
Default options:
Ryan Lerch 2db901
Ryan Lerch 2db901
- ``chameleon``  The OpenSUSE theme for pagure
Ryan Lerch 2db901
- ``default``  The default theme for pagure
Ryan Lerch 2db901
- ``pagureio``  The theme used at https://pagure.io
Ryan Lerch 2db901
- ``srcfpo``  The theme used at https://src.fedoraproject.org
Ryan Lerch 2db901
Ryan Lerch 2db901
Defaults to: ``default``
Ryan Lerch 2db901
Ryan Lerch 2db901
Pierre-Yves Chibon 75a89d
Git repository templates
Pierre-Yves Chibon 75a89d
~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon 75a89d
PROJECT_TEMPLATE_PATH
Pierre-Yves Chibon 75a89d
^^^^^^^^^^^^^^^^^^^^^
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon 75a89d
This configuration key allows you to specify the path to a git repository
Pierre-Yves Chibon 75a89d
to use as a template when creating new repository for new projects.
Pierre-Yves Chibon 75a89d
This template will not be used for forks nor any of the git repository but
Pierre-Yves Chibon 75a89d
the one used for the sources (ie: it will not be used for the tickets,
Pierre-Yves Chibon 75a89d
requests or docs repositories).
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon 75a89d
FORK_TEMPLATE_PATH
Pierre-Yves Chibon 75a89d
^^^^^^^^^^^^^^^^^^
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon 75a89d
This configuration key allows you to specify the path to a git repository
Pierre-Yves Chibon 75a89d
to use as a template when creating new repository for new forks.
Pierre-Yves Chibon 75a89d
This template will not be used for any of the git repository but
Pierre-Yves Chibon 75a89d
the one used for the sources of forks (ie: it will not be used for the
Pierre-Yves Chibon 75a89d
tickets, requests or docs repositories).
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon a9a543
SSH_KEYS
Pierre-Yves Chibon a9a543
~~~~~~~~
Pierre-Yves Chibon a9a543
René Genz 520020
It is a good practice to publish the fingerprint and public SSH key of a
Pierre-Yves Chibon a9a543
server you provide access to.
Pierre-Yves Chibon a9a543
Pagure offers the possibility to expose this information based on the values
Pierre-Yves Chibon a9a543
set in the configuration file, in the ``SSH_KEYS`` configuration key.
Pierre-Yves Chibon a9a543
Pierre-Yves Chibon a9a543
See the `SSH hostkeys/Fingerprints page on pagure.io <https: pagure.io="" ssh_info="">`_.</https:>
Pierre-Yves Chibon a9a543
Pierre-Yves Chibon a9a543
.. warning: The format is important
Pierre-Yves Chibon a9a543
Pierre-Yves Chibon a9a543
    SSH_KEYS = {'RSA': {'fingerprint': '<foo>', 'pubkey': '<bar>'}}</bar></foo>
Pierre-Yves Chibon a9a543
Pierre-Yves Chibon a9a543
Where `<foo>` and `<bar>` must be replaced by your values.</bar></foo>
Pierre-Yves Chibon b1260e
Pierre-Yves Chibon b1260e
Pierre-Yves Chibon 79802b
CSP_HEADERS
Pierre-Yves Chibon 79802b
~~~~~~~~~~~
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
Content Security Policy (CSP) is a computer security standard introduced to
Pierre-Yves Chibon 79802b
prevent cross-site scripting (XSS), clickjacking and other code injection
Pierre-Yves Chibon 79802b
attacks resulting from execution of malicious content in the trusted web page
Pierre-Yves Chibon 79802b
context
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
Source: https://en.wikipedia.org/wiki/Content_Security_Policy
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
Defaults to:
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
::
Pierre-Yves Chibon 79802b
    CSP_HEADERS = (
Pierre-Yves Chibon 79802b
        "default-src 'self' https:; "
Pierre-Yves Chibon 79802b
        "script-src 'self' 'nonce-{nonce}'; "
Pierre-Yves Chibon 79802b
        "style-src 'self' 'nonce-{nonce}'"
Pierre-Yves Chibon 79802b
    )
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
Where ``{nonce}`` is dynamically set by pagure.
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 79802b
Pierre-Yves Chibon 24747e
LOGGING
Pierre-Yves Chibon 24747e
~~~~~~~
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
This configuration key allows you to set up the logging of the application.
Pierre-Yves Chibon 24747e
It relies on the standard `python logging module
Pierre-Yves Chibon 24747e
<https: 2="" docs.python.org="" library="" logging.html="">`_.</https:>
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
The default value is:
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
::
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
    LOGGING = {
Pierre-Yves Chibon 24747e
        'version': 1,
Pierre-Yves Chibon 24747e
        'disable_existing_loggers': False,
Pierre-Yves Chibon 24747e
        'formatters': {
Pierre-Yves Chibon 24747e
            'standard': {
Pierre-Yves Chibon 24747e
                'format': '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
            'email_format': {
Pierre-Yves Chibon 24747e
                'format': MSG_FORMAT
Pierre-Yves Chibon 24747e
            }
Pierre-Yves Chibon 24747e
        },
Pierre-Yves Chibon 24747e
        'filters': {
Pierre-Yves Chibon 24747e
            'myfilter': {
Pierre-Yves Chibon 24747e
                '()': ContextInjector,
Pierre-Yves Chibon 24747e
            }
Pierre-Yves Chibon 24747e
        },
Pierre-Yves Chibon 24747e
        'handlers': {
Pierre-Yves Chibon 24747e
            'console': {
Pierre-Yves Chibon 24747e
                'level': 'INFO',
Pierre-Yves Chibon 24747e
                'formatter': 'standard',
Pierre-Yves Chibon 24747e
                'class': 'logging.StreamHandler',
Pierre-Yves Chibon 24747e
                'stream': 'ext://sys.stdout',
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
            'email': {
Pierre-Yves Chibon 24747e
                'level': 'ERROR',
Pierre-Yves Chibon 24747e
                'formatter': 'email_format',
Pierre-Yves Chibon 24747e
                'class': 'logging.handlers.SMTPHandler',
Pierre-Yves Chibon 24747e
                'mailhost': 'localhost',
Pierre-Yves Chibon 24747e
                'fromaddr': 'pagure@localhost',
Pierre-Yves Chibon 24747e
                'toaddrs': 'root@localhost',
Pierre-Yves Chibon 24747e
                'subject': 'ERROR on pagure',
Pierre-Yves Chibon 24747e
                'filters': ['myfilter'],
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
        },
Pierre-Yves Chibon 24747e
        # The root logger configuration; this is a catch-all configuration
Pierre-Yves Chibon 24747e
        # that applies to all log messages not handled by a different logger
Pierre-Yves Chibon 24747e
        'root': {
Pierre-Yves Chibon 24747e
            'level': 'INFO',
Pierre-Yves Chibon 24747e
            'handlers': ['console'],
Pierre-Yves Chibon 24747e
        },
Pierre-Yves Chibon 24747e
        'loggers': {
Pierre-Yves Chibon 24747e
            'pagure': {
Pierre-Yves Chibon 24747e
                'handlers': ['console'],
Pierre-Yves Chibon 24747e
                'level': 'DEBUG',
Pierre-Yves Chibon 24747e
                'propagate': True
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
            'flask': {
Pierre-Yves Chibon 24747e
                'handlers': ['console'],
Pierre-Yves Chibon 24747e
                'level': 'INFO',
Pierre-Yves Chibon 24747e
                'propagate': False
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
            'sqlalchemy': {
Pierre-Yves Chibon 24747e
                'handlers': ['console'],
Pierre-Yves Chibon 24747e
                'level': 'WARN',
Pierre-Yves Chibon 24747e
                'propagate': False
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
            'binaryornot': {
Pierre-Yves Chibon 24747e
                'handlers': ['console'],
Pierre-Yves Chibon 24747e
                'level': 'WARN',
Pierre-Yves Chibon 24747e
                'propagate': True
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
            'pagure.lib.encoding_utils': {
Pierre-Yves Chibon 24747e
                'handlers': ['console'],
Pierre-Yves Chibon 24747e
                'level': 'WARN',
Pierre-Yves Chibon 24747e
                'propagate': False
Pierre-Yves Chibon 24747e
            },
Pierre-Yves Chibon 24747e
        }
Pierre-Yves Chibon 24747e
    }
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
.. note:: as you can see there is an ``email`` handler defined. It's not used
Pierre-Yves Chibon 24747e
    anywhere by default but you can use it to get report of errors by email
Pierre-Yves Chibon 24747e
    and thus monitor your pagure instance.
Pierre-Yves Chibon 24747e
    To do this the easiest is to set, on the ``root`` logger:
Pierre-Yves Chibon 24747e
    ::
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
        'handlers': ['console', 'email'],
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon 24747e
Pierre-Yves Chibon b1260e
ITEM_PER_PAGE
Pierre-Yves Chibon b1260e
~~~~~~~~~~~~~
Pierre-Yves Chibon 75a89d
Pierre-Yves Chibon b1260e
This configuration key allows you to configure the length of a page by
bill auger e9ffb5
setting the number of items on the page. Items can be commits, users, groups,
Pierre-Yves Chibon b1260e
or projects for example.
Pierre-Yves Chibon b1260e
Pierre-Yves Chibon b1260e
Defaults to: ``50``.
Pierre-Yves Chibon 1435af
Pierre-Yves Chibon 1435af
Slavek Kabrda 07edc0
PR_TARGET_MATCHING_BRANCH
Slavek Kabrda 07edc0
~~~~~~~~~~~~~~~~~~~~~~~~~
Slavek Kabrda 07edc0
Slavek Kabrda 07edc0
If set to ``True``, the default target branch for all pull requests in UI
Slavek Kabrda 07edc0
is the branch that is longest substring of the branch that the pull request
Slavek Kabrda 07edc0
is created from. For example, a ``mybranch`` branch in original repo will
Slavek Kabrda 07edc0
be the default target of a pull request from branch ``mybranch-feature-1``
Slavek Kabrda 07edc0
in a fork when opening a new pull request. If this is set to ``False``,
Slavek Kabrda 07edc0
the default branch of the repo will be the default target of all pull requests.
Slavek Kabrda 07edc0
Slavek Kabrda 07edc0
Defaults to: ``False``.
Slavek Kabrda 07edc0
Pierre-Yves Chibon 2a925d
SMTP configuration
Pierre-Yves Chibon 2a925d
~~~~~~~~~~~~~~~~~~
Slavek Kabrda 07edc0
Pierre-Yves Chibon 1435af
SMTP_SERVER
Pierre-Yves Chibon 2a925d
^^^^^^^^^^^
Pierre-Yves Chibon 1435af
bill auger e9ffb5
This configuration key specifies the SMTP server to use when
Pierre-Yves Chibon 1435af
sending emails.
Pierre-Yves Chibon 1435af
Pierre-Yves Chibon 1435af
Defaults to: ``localhost``.
Pierre-Yves Chibon ae1519
bill auger e9ffb5
Vyacheslav Anzhiganov 3f9d9d
SMTP_PORT
Pierre-Yves Chibon 2a925d
^^^^^^^^^
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
This configuration key specifies the SMTP server port.
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
SMTP by default uses TCP port 25. The protocol for mail submission is
Vyacheslav Anzhiganov 3f9d9d
the same, but uses port 587.
Vyacheslav Anzhiganov 3f9d9d
SMTP connections secured by SSL, known as SMTPS, default to port 465
Vyacheslav Anzhiganov 3f9d9d
(nonstandard, but sometimes used for legacy reasons).
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
Defaults to: ``25``
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
Vyacheslav Anzhiganov 3f9d9d
SMTP_SSL
Pierre-Yves Chibon 2a925d
^^^^^^^^
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
This configuration key specifies whether the SMTP connections
bill auger e9ffb5
should be secured over SSL.
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
Defaults to: ``False``
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
Vyacheslav Anzhiganov 3f9d9d
SMTP_USERNAME
Pierre-Yves Chibon 2a925d
^^^^^^^^^^^^^
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
This configuration key allows usage of SMTP with auth.
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
Note: Specify SMTP_USERNAME and SMTP_PASSWORD for using SMTP auth
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
Defaults to: ``None``
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
Vyacheslav Anzhiganov 3f9d9d
SMTP_PASSWORD
Pierre-Yves Chibon 2a925d
^^^^^^^^^^^^^
Vyacheslav Anzhiganov 3f9d9d
bill auger e9ffb5
This configuration key allows usage of SMTP with auth.
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
Note: Specify SMTP_USERNAME and SMTP_PASSWORD for using SMTP auth
Vyacheslav Anzhiganov 3f9d9d
Vyacheslav Anzhiganov 3f9d9d
Defaults to: ``None``
Pierre-Yves Chibon ae1519
Pierre-Yves Chibon bbaa51
Pierre-Yves Chibon ae1519
SHORT_LENGTH
Pierre-Yves Chibon ae1519
~~~~~~~~~~~~
Pierre-Yves Chibon ae1519
bill auger e9ffb5
This configuration key specifies the length of the commit ids or
Pierre-Yves Chibon ae1519
file hex displayed in the user interface.
Pierre-Yves Chibon ae1519
Pierre-Yves Chibon ae1519
Defaults to: ``6``.
Pierre-Yves Chibon a0e179
Pierre-Yves Chibon a0e179
Pierre-Yves Chibon a0e179
BLACKLISTED_PROJECTS
Pierre-Yves Chibon a0e179
~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon a0e179
bill auger e9ffb5
This configuration key specifies a list of project names that are forbidden.
Pierre-Yves Chibon a0e179
This list is used for example to avoid conflicts at the URL level between the
Pierre-Yves Chibon a0e179
static files located under ``/static/`` and a project that would be named
Pierre-Yves Chibon a0e179
``static`` and thus be located at ``/static``.
Pierre-Yves Chibon a0e179
Pierre-Yves Chibon a0e179
Defaults to:
Pierre-Yves Chibon a0e179
Pierre-Yves Chibon a0e179
::
Pierre-Yves Chibon a0e179
Pierre-Yves Chibon a0e179
    [
Pierre-Yves Chibon a0e179
        'static', 'pv', 'releases', 'new', 'api', 'settings',
Mary Kate Fain a16918
        'logout', 'login', 'users', 'groups', 'about'
Pierre-Yves Chibon a0e179
    ]
Pierre-Yves Chibon 969487
Pierre-Yves Chibon 969487
Pierre-Yves Chibon 969487
CHECK_SESSION_IP
Pierre-Yves Chibon 969487
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 969487
bill auger e9ffb5
This configuration key specifies whether to check the user's IP
Pierre-Yves Chibon aadfc3
address when retrieving its session. This makes things more secure but
Pierre-Yves Chibon 7dac79
under certain setups it might not work (for example if there
bill auger e9ffb5
are proxies in front of the application).
Pierre-Yves Chibon 969487
Pierre-Yves Chibon 969487
Defaults to: ``True``.
Pierre-Yves Chibon bf4ab5
Pierre-Yves Chibon bf4ab5
Pierre-Yves Chibon bf4ab5
PAGURE_AUTH
Pierre-Yves Chibon bf4ab5
~~~~~~~~~~~~
Pierre-Yves Chibon bf4ab5
bill auger e9ffb5
This configuration key specifies which authentication method to use.
Michael Watters ded9f5
Valid options are ``fas``, ``openid``, ``oidc``, or ``local``.
Michael Watters ded9f5
Michael Watters ded9f5
* ``fas`` uses the Fedora Account System `FAS <https: accounts="" admin.fedoraproject.org="">`</https:>
ymdatta 3df0e0
  to provide user authentication and enforces that users sign the FPCA.
Michael Watters ded9f5
Michael Watters ded9f5
* ``openid`` uses OpenID authentication.  Any provider may be used by
ymdatta 3df0e0
  changing the FAS_OPENID_ENDPOINT configuration key.  By default
ymdatta 3df0e0
  FAS (without FPCA) will be used.
Michael Watters ded9f5
Michael Watters ded9f5
* ``oidc`` enables OpenID Connect using any provider.  This provider requires
Pierre-Yves Chibon 68aed2
  the configuration options starting with ``OIDC_`` (see below) to be provided.
Michael Watters ded9f5
Michael Watters ded9f5
* ``local`` causes pagure to use the local pagure database for user management.
Pierre-Yves Chibon bf4ab5
Neal Gompa 8bcba6
Defaults to: ``local``.
Pierre-Yves Chibon f271cd
Pierre-Yves Chibon bbaa51
Slavek Kabrda df7bf8
OIDC Settings
Slavek Kabrda df7bf8
~~~~~~~~~~~~~
Slavek Kabrda df7bf8
Pierre-Yves Chibon 824441
.. note:: Pagure uses `flask-oidc <https: flask-oidc="" github.com="" puiterwijk="">`_</https:>
Pierre-Yves Chibon 824441
   to support OIDC authentication. This extension has a `number of configuration
Pierre-Yves Chibon 824441
   keys <http: #settings-reference="" en="" flask-oidc.readthedocs.io="" latest="">`_</http:>
Pierre-Yves Chibon 824441
   that may be useful depending on your set-up
Pierre-Yves Chibon 824441
Pierre-Yves Chibon 824441
Slavek Kabrda df7bf8
OIDC_CLIENT_SECRETS
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Provide a path to client secrets file on local filesystem. This file can be
Slavek Kabrda df7bf8
obtained from your OpenID Connect identity provider. Note that some providers
Slavek Kabrda df7bf8
don't fill in ``userinfo_uri``. If that is the case, you need to add it to
Slavek Kabrda df7bf8
the secrets file manually.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_ID_TOKEN_COOKIE_SECURE
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
When this is set to True, the cookie with OpenID Connect Token will only be
Slavek Kabrda df7bf8
returned to the server via ssl (https). If you connect to the server via plain
Slavek Kabrda df7bf8
http, the cookie will not be sent. This prevents sniffing of the cookie contents.
Slavek Kabrda df7bf8
This may be set to False when testing your application but should always
Slavek Kabrda df7bf8
be set to True in production.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Defaults to: ``True`` for production with https, can be set to ``False`` for
Slavek Kabrda df7bf8
convenient development.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_SCOPES
Slavek Kabrda df7bf8
^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
List of `OpenID Connect scopes http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims`
Slavek Kabrda df7bf8
to request from identity provider.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_PAGURE_EMAIL
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Name of key of user's email in userinfo JSON returned by identity provider.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_PAGURE_FULLNAME
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Name of key of user's full name in userinfo JSON returned by identity provider.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_PAGURE_USERNAME
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Name of key of user's preferred username in userinfo JSON returned by identity
Slavek Kabrda df7bf8
provider.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_PAGURE_SSH_KEY
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Name of key of user's ssh key in userinfo JSON returned by identity provider.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_PAGURE_GROUPS
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
Name of key of user's groups in userinfo JSON returned by identity provider.
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
OIDC_PAGURE_USERNAME_FALLBACK
Slavek Kabrda df7bf8
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Slavek Kabrda df7bf8
Slavek Kabrda df7bf8
This specifies fallback for getting username assuming ``OIDC_PAGURE_USERNAME``
Slavek Kabrda df7bf8
is empty - can be ``email`` (to use the part before ``@``) or ``sub``
Slavek Kabrda df7bf8
(IdP-specific user id, can be a nickname, email or a numeric ID
Slavek Kabrda df7bf8
depending on identity provider).
Pierre-Yves Chibon f271cd
Pierre-Yves Chibon bbaa51
Pierre-Yves Chibon f271cd
IP_ALLOWED_INTERNAL
Pierre-Yves Chibon f271cd
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon f271cd
bill auger e9ffb5
This configuration key specifies which IP addresses are allowed
Pierre-Yves Chibon f271cd
to access the internal API endpoint. These endpoints are accessed by the
bill auger e9ffb5
milters for example and allow performing actions in the name of someone else
bill auger e9ffb5
which is sensitive, thus the origin of the request using
bill auger e9ffb5
these endpoints is validated.
Pierre-Yves Chibon f271cd
Pierre-Yves Chibon f271cd
Defaults to: ``['127.0.0.1', 'localhost', '::1']``.
Pierre-Yves Chibon c297f0
Pierre-Yves Chibon c297f0
Pierre-Yves Chibon c297f0
MAX_CONTENT_LENGTH
Pierre-Yves Chibon c297f0
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon c297f0
bill auger e9ffb5
This configuration key specifies the maximum file size allowed when
Pierre-Yves Chibon c297f0
uploading content to pagure (for example, screenshots to a ticket).
Pierre-Yves Chibon c297f0
Pierre-Yves Chibon c297f0
Defaults to: ``4 * 1024 * 1024`` which corresponds to 4 megabytes.
Pierre-Yves Chibon 7840b5
Pierre-Yves Chibon 7840b5
Pierre-Yves Chibon 7840b5
ENABLE_TICKETS
Pierre-Yves Chibon 7840b5
~~~~~~~~~~~~~~
Pierre-Yves Chibon 7840b5
René Genz 520020
This configuration key activates or deactivates the ticketing system
Pierre-Yves Chibon 7840b5
for all the projects hosted on this pagure instance.
Pierre-Yves Chibon 7840b5
Pierre-Yves Chibon 7840b5
Defaults to: ``True``
Pierre-Yves Chibon ed8e6a
Pierre-Yves Chibon ed8e6a
Pierre-Yves Chibon cd4df4
ENABLE_TICKETS_NAMESPACE
Pierre-Yves Chibon cd4df4
~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon cd4df4
Pierre-Yves Chibon cd4df4
This configuration key allows to restrict the namespace in which the ticketing
Pierre-Yves Chibon cd4df4
system is enabled.
Pierre-Yves Chibon cd4df4
So if your pagure instance has ``ENABLE_TICKETS`` as ``True`` and sets
Pierre-Yves Chibon cd4df4
``ENABLE_TICKETS_NAMESPACE`` to ``['tests', 'infra']`` only the projects opened
Pierre-Yves Chibon cd4df4
in these two namespaces will have the ticketing system enabled. All the other
Pierre-Yves Chibon cd4df4
namespaces will not.
Pierre-Yves Chibon cd4df4
Pierre-Yves Chibon cd4df4
Pierre-Yves Chibon cd4df4
Defaults to: ``[]``
Pierre-Yves Chibon cd4df4
Pierre-Yves Chibon cd4df4
Slavek Kabrda adea20
ENABLE_DOCS
Slavek Kabrda adea20
~~~~~~~~~~~
Slavek Kabrda adea20
Slavek Kabrda adea20
This configuration key activates or deactivates creation of git repos
Slavek Kabrda adea20
for documentation for all the projects hosted on this pagure instance.
Slavek Kabrda adea20
Slavek Kabrda adea20
Defaults to: ``True``
Slavek Kabrda adea20
Slavek Kabrda adea20
Pierre-Yves Chibon ed8e6a
ENABLE_NEW_PROJECTS
Pierre-Yves Chibon ed8e6a
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon ed8e6a
bill auger e9ffb5
This configuration key permits or forbids creation of new projects via
Pierre-Yves Chibon cf3d3a
the user interface and the API of this pagure instance.
Pierre-Yves Chibon cf3d3a
Pierre-Yves Chibon cf3d3a
Defaults to: ``True``
Pierre-Yves Chibon cf3d3a
Pierre-Yves Chibon cf3d3a
Pierre-Yves Chibon cf3d3a
ENABLE_UI_NEW_PROJECTS
Pierre-Yves Chibon cf3d3a
~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon cf3d3a
Pierre-Yves Chibon cf3d3a
This configuration key permits or forbids creation of new projects via
Pierre-Yves Chibon cf3d3a
the user interface (only) of this pagure instance. It allows forbidding
Pierre-Yves Chibon cf3d3a
to create new project in the user interface while letting a set of trusted
Pierre-Yves Chibon cf3d3a
person to create projects via the API granted they have the API token with
Pierre-Yves Chibon cf3d3a
the corresponding ACL.
Pierre-Yves Chibon ed8e6a
Pierre-Yves Chibon ed8e6a
Defaults to: ``True``
Pierre-Yves Chibon 7e8963
Pierre-Yves Chibon 7e8963
Pierre-Yves Chibon 7e8963
ENABLE_DEL_PROJECTS
Pierre-Yves Chibon 7e8963
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 7e8963
René Genz 520020
This configuration key permits or forbids deletion of projects via
Pierre-Yves Chibon 7e8963
the user interface of this pagure instance.
Pierre-Yves Chibon 7e8963
Pierre-Yves Chibon 7e8963
Defaults to: ``True``
Pierre-Yves Chibon f47524
Pierre-Yves Chibon f47524
Pierre-Yves Chibon 3f19a5
ENABLE_DEL_FORKS
Pierre-Yves Chibon 3f19a5
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 3f19a5
Pierre-Yves Chibon 3f19a5
This configuration key permits or forbids deletion of forks via
Pierre-Yves Chibon 3f19a5
the user interface of this pagure instance.
Pierre-Yves Chibon 3f19a5
Pierre-Yves Chibon 3f19a5
Defaults to: ``ENABLE_DEL_PROJECTS``
Pierre-Yves Chibon 3f19a5
Pierre-Yves Chibon 3f19a5
Pierre-Yves Chibon 5c0786
GIT_HOOK_DB_RO
Pierre-Yves Chibon 5c0786
~~~~~~~~~~~~~~
Pierre-Yves Chibon 5c0786
Pierre-Yves Chibon 5c0786
This configuration key specifies if the git hook have a read-only (RO) access
Pierre-Yves Chibon 5c0786
to the database or not.
Pierre-Yves Chibon 5c0786
Some pagure deployment provide an actual shell account on the host and thus the
Pierre-Yves Chibon 5c0786
git hook called upon git push are executed under that account. If the user
Pierre-Yves Chibon 5c0786
manages to by-pass git and is able to access the configuration file, they could
Pierre-Yves Chibon 5c0786
have access to "private" information. So in those deployments the git hooks
Pierre-Yves Chibon 5c0786
have a specific configuration file with a database access that is read-only,
Pierre-Yves Chibon 5c0786
making pagure behave differently in those situations.
Pierre-Yves Chibon 5c0786
Pierre-Yves Chibon 5c0786
Defaults to: ``False``
Pierre-Yves Chibon 5c0786
Pierre-Yves Chibon 5c0786
Pierre-Yves Chibon f47524
EMAIL_SEND
Pierre-Yves Chibon f47524
~~~~~~~~~~
Pierre-Yves Chibon f47524
bill auger e9ffb5
This configuration key enables or disables all email notifications for
Pierre-Yves Chibon f47524
this pagure instance. This can be useful to turn off when developing on
Pierre-Yves Chibon f47524
pagure, or for test or pre-production instances.
Pierre-Yves Chibon f47524
Michael Watters f97ab0
Defaults to: ``False``.
Pierre-Yves Chibon c8d656
Jeremy Cline ce61b6
.. note::
Jeremy Cline ce61b6
    This does not disable emails to the email address set in ``EMAIL_ERROR``.
Jeremy Cline ce61b6
Pierre-Yves Chibon c8d656
Pierre-Yves Chibon de6940
FEDMSG_NOTIFICATIONS
Pierre-Yves Chibon de6940
~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon de6940
Pierre-Yves Chibon de6940
This configuration key allows to turn on or off notifications via `fedmsg
Pierre-Yves Chibon de6940
<http: www.fedmsg.com="">`_.</http:>
Pierre-Yves Chibon de6940
Neal Gompa f3525c
Defaults to: ``False``.
Pierre-Yves Chibon de6940
Pierre-Yves Chibon de6940
Pierre-Yves Chibon e99662
FEDORA_MESSAGING_NOTIFICATIONS
Pierre-Yves Chibon e99662
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon e99662
Pierre-Yves Chibon e99662
This configuration key allows to turn on or off sending notifications via
Pierre-Yves Chibon e99662
`fedora-messaging <>`_.
Pierre-Yves Chibon e99662
Pierre-Yves Chibon e99662
Defaults to: ``False``.
Pierre-Yves Chibon e99662
Pierre-Yves Chibon e99662
Pierre-Yves Chibon bbaa51
ALWAYS_FEDMSG_ON_COMMITS
Pierre-Yves Chibon bbaa51
~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon bbaa51
Pierre-Yves Chibon bbaa51
This configuration key allows to enforce `fedmsg <http: www.fedmsg.com="">`_</http:>
Pierre-Yves Chibon bbaa51
notifications on commits made on all projects in a pagure instance.
Pierre-Yves Chibon bbaa51
Pierre-Yves Chibon bbaa51
Defaults to: ``True``.
Pierre-Yves Chibon bbaa51
Pierre-Yves Chibon bbaa51
Pierre-Yves Chibon 1ee8ed
ALLOW_DELETE_BRANCH
Pierre-Yves Chibon 1ee8ed
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 1ee8ed
Pierre-Yves Chibon 1ee8ed
This configuration keys enables or disables allowing users to delete git
Pierre-Yves Chibon 1ee8ed
branches from the user interface. In sensible pagure instance you may
Pierre-Yves Chibon 1ee8ed
want to turn this off and with a customized gitolite configuration you can
Pierre-Yves Chibon 1ee8ed
prevent users from deleting branches in their git repositories.
Pierre-Yves Chibon 1ee8ed
Pierre-Yves Chibon 1ee8ed
Defaults to: ``True``.
Pierre-Yves Chibon 1ee8ed
Pierre-Yves Chibon 1ee8ed
Patrick Uiterwijk ac10ea
ALLOW_ADMIN_IGNORE_EXISTING_REPOS
Patrick Uiterwijk ac10ea
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk ac10ea
Patrick Uiterwijk ac10ea
This enables a checkbox "Ignore existing repos" for admins when creating a new
Patrick Uiterwijk ac10ea
project. When this is checkbox is checked, existing repositories will not cause
Patrick Uiterwijk ac10ea
project creation to fail.
Patrick Uiterwijk ac10ea
This could be used to assume responsibility of existing repositories.
Patrick Uiterwijk ac10ea
Patrick Uiterwijk ac10ea
Defaults to: ``False``.
Patrick Uiterwijk ac10ea
Patrick Uiterwijk ac10ea
Patrick Uiterwijk 9638fb
USERS_IGNORE_EXISTING_REPOS
Patrick Uiterwijk 9638fb
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 9638fb
Patrick Uiterwijk 9638fb
List of users who can al create a project while ignoring existing repositories.
Patrick Uiterwijk 9638fb
Patrick Uiterwijk 9638fb
Defaults to: ``[]``.
Patrick Uiterwijk 9638fb
Patrick Uiterwijk 9638fb
Pierre-Yves Chibon 91c9c0
LOCAL_SSH_KEY
Pierre-Yves Chibon 91c9c0
~~~~~~~~~~~~~
Pierre-Yves Chibon 91c9c0
Pierre-Yves Chibon 91c9c0
This configuration key allows to let pagure administrate the user's ssh keys
Pierre-Yves Chibon 91c9c0
or have a third party tool do it for you.
Pierre-Yves Chibon 91c9c0
In most cases, it will be fine to let pagure handle it.
Pierre-Yves Chibon 91c9c0
Pierre-Yves Chibon 91c9c0
Defaults to ``True``.
Pierre-Yves Chibon 91c9c0
Pierre-Yves Chibon 91c9c0
Pierre-Yves Chibon 39f1dc
DEPLOY_KEY
Pierre-Yves Chibon 39f1dc
~~~~~~~~~~
Pierre-Yves Chibon 39f1dc
Pierre-Yves Chibon 39f1dc
This configuration key allows to disable the deploy keys feature of an
Pierre-Yves Chibon 39f1dc
entire pagure instance. This feature enable to add extra public ssh keys
Pierre-Yves Chibon 39f1dc
that a third party could use to push to a project.
Pierre-Yves Chibon 39f1dc
Pierre-Yves Chibon 39f1dc
Defaults to ``True``.
Pierre-Yves Chibon 39f1dc
Pierre-Yves Chibon 39f1dc
Pierre-Yves Chibon c8d656
OLD_VIEW_COMMIT_ENABLED
Pierre-Yves Chibon c8d656
~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon c8d656
Pierre-Yves Chibon c8d656
In version 1.3, pagure changed its URL scheme to view the commit of a
Pierre-Yves Chibon c8d656
project in order to add support for pseudo-namespaced projects.
Pierre-Yves Chibon c8d656
Pierre-Yves Chibon c8d656
For pagure instances older than 1.3, who care about backward compatibility,
Pierre-Yves Chibon c8d656
we added an endpoint ``view_commit_old`` that brings URL backward
Pierre-Yves Chibon c8d656
compatibility for URLs using the complete git hash (the 40 characters).
Pierre-Yves Chibon c8d656
For URLs using a shorter hash, the URLs will remain broken.
Pierre-Yves Chibon c8d656
bill auger e9ffb5
This configuration key enables or disables this backward compatibility
Pierre-Yves Chibon c8d656
which is useful for pagure instances running since before 1.3 but is not
Pierre-Yves Chibon c8d656
for newer instances.
Pierre-Yves Chibon c8d656
Pierre-Yves Chibon c8d656
Defaults to: ``False``.
Pierre-Yves Chibon 1d815a
Pierre-Yves Chibon 1d815a
Karsten Hopp 9f48c1
DISABLE_REMOTE_PR
Karsten Hopp 9f48c1
~~~~~~~~~~~~~~~~~
Karsten Hopp 9f48c1
Karsten Hopp 9f48c1
In some pagure deployments remote pull requests need to be disabled
Karsten Hopp 9f48c1
due to legal / policy reasons.
Karsten Hopp 9f48c1
Karsten Hopp 9f48c1
Defaults to: ``False``.
Karsten Hopp 9f48c1
Karsten Hopp 9f48c1
Pierre-Yves Chibon 1d815a
PAGURE_CI_SERVICES
Pierre-Yves Chibon 1d815a
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 1d815a
Pierre-Yves Chibon 1d815a
Pagure can be configure to integrate results of a Continuous Integration (CI)
Pierre-Yves Chibon 1d815a
service to pull-requests open against a project.
Pierre-Yves Chibon 1d815a
Pierre-Yves Chibon 1d815a
To enable this integration, follow the documentation on how to install
Pierre-Yves Chibon 1d815a
pagure-ci and set this configuration key to ``['jenkins']`` (Jenkins being
Pierre-Yves Chibon 1d815a
the only CI service supported at the moment).
Pierre-Yves Chibon 1d815a
Pierre-Yves Chibon 1d815a
Defaults to: ``None``.
Pierre-Yves Chibon 1d815a
Pierre-Yves Chibon 1d815a
.. warning:: Requires `Redis` to be configured and running.
Pierre-Yves Chibon bc0554
Pierre-Yves Chibon bc0554
Pierre-Yves Chibon bc0554
INSTANCE_NAME
Pierre-Yves Chibon bc0554
~~~~~~~~~~~~~
Pierre-Yves Chibon bc0554
Pierre-Yves Chibon bc0554
This allows giving a name to this running instance of pagure. The name is
René Genz 520020
then used in the welcome screen shown upon first login.
Pierre-Yves Chibon bc0554
Pierre-Yves Chibon bc0554
Defaults to: ``Pagure``
Pierre-Yves Chibon bc0554
Pierre-Yves Chibon bc0554
.. note: the welcome screen currently does not work with the `local`
Pierre-Yves Chibon bc0554
         authentication.
Pierre-Yves Chibon 978bbf
Mary Kate Fain a16918
ADMIN_EMAIL
Mary Kate Fain a16918
~~~~~~~~~~~
Mary Kate Fain a16918
Mary Kate Fain a16918
This configuration key allows you to change the default administrator email
Mary Kate Fain a16918
which is displayed on the "about" page. It can also be used elsewhere.
Mary Kate Fain a16918
Mary Kate Fain a16918
Defaults to: ``root@localhost.localdomain``
Mary Kate Fain a16918
Pierre-Yves Chibon 978bbf
Pierre-Yves Chibon d1b9a3
USER_NAMESPACE
Pierre-Yves Chibon d1b9a3
~~~~~~~~~~~~~~
Pierre-Yves Chibon d1b9a3
Pierre-Yves Chibon d1b9a3
This configuration key allows to enforce that project are namespaced under
Pierre-Yves Chibon d1b9a3
the user's username, behaving in this way in a similar fashion as github.com
Pierre-Yves Chibon d1b9a3
or gitlab.com.
Pierre-Yves Chibon d1b9a3
Pierre-Yves Chibon d1b9a3
Defaults to: ``False``
Pierre-Yves Chibon d1b9a3
Pierre-Yves Chibon d1b9a3
Pierre-Yves Chibon 494104
DOC_APP_URL
Pierre-Yves Chibon 494104
~~~~~~~~~~~
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 494104
This configuration key allows you to specify where the documentation server
Pierre-Yves Chibon 494104
is running (preferably in a different domain name entirely).
Pierre-Yves Chibon 494104
If not set, the documentation page will show an error message saying that
Pierre-Yves Chibon 494104
this pagure instance does not have a documentation server.
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 494104
Defaults to: ``None``
Pierre-Yves Chibon 494104
Pierre-Yves Chibon c93a48
Farhaan Bukhsh bef1a5
PRIVATE_PROJECTS
Farhaan Bukhsh bef1a5
~~~~~~~~~~~~~~~~
Farhaan Bukhsh bef1a5
Farhaan Bukhsh bef1a5
This configuration key allows you to host private repositories. These
Farhaan Bukhsh bef1a5
repositories are visible only to the creator of the repository and to the
Farhaan Bukhsh 8267d1
users who are given access to the repository. No information is leaked about the
Farhaan Bukhsh bef1a5
private repository which means redis doesn't have the access to the repository
Farhaan Bukhsh bef1a5
and even fedmsg doesn't get any notifications.
Farhaan Bukhsh bef1a5
Neal Gompa 3c09f6
Defaults to: ``True``
Farhaan Bukhsh bef1a5
Pierre-Yves Chibon 494104
Pierre-Yves Chibon 0f5019
EXCLUDE_GROUP_INDEX
Pierre-Yves Chibon 0f5019
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 0f5019
Pierre-Yves Chibon 0f5019
This configuration key can be used to hide project an user has access to via
Pierre-Yves Chibon 0f5019
one of the groups listed in this key.
Pierre-Yves Chibon 0f5019
Pierre-Yves Chibon 0f5019
The use-case is the following: the Fedora project is deploying pagure has a
Pierre-Yves Chibon 0f5019
front-end for the git repos of the packages in the distribution, that means
Pierre-Yves Chibon 0f5019
about 17,000 git repositories in pagure. The project has a group of people
Pierre-Yves Chibon 0f5019
that have access to all of these repositories, so when viewing the user's
René Genz 520020
page of one member of that group, instead of seeing all the project that
Pierre-Yves Chibon 0f5019
this user works on, you can see all the projects hosted in that pagure
Pierre-Yves Chibon 0f5019
instance. Using this configuration key, pagure will hide all the projects
Pierre-Yves Chibon 0f5019
that this user has access to via the specified groups and thus return only
Pierre-Yves Chibon 0f5019
the groups of forks of that users.
Pierre-Yves Chibon 0f5019
Pierre-Yves Chibon 0f5019
Defaults to: ``[]``
Pierre-Yves Chibon 0f5019
Pierre-Yves Chibon d1b9a3
Pierre-Yves Chibon 6706a2
TRIGGER_CI
Pierre-Yves Chibon 6706a2
~~~~~~~~~~
Pierre-Yves Chibon 6706a2
Pierre-Yves Chibon 6706a2
A run of pagure-ci can be manually triggered if some key sentences are added
Slavek Kabrda a80d7c
as comment to a pull-request, either manually or via the "Rerun CI" dropdown.
Slavek Kabrda a80d7c
This allows to re-run a test that failed due to some network outage or other
Slavek Kabrda a80d7c
unexpected issues unrelated to the test suite.
Pierre-Yves Chibon 6706a2
Pierre-Yves Chibon 6706a2
This configuration key allows to define all the sentences that can be used
Slavek Kabrda a80d7c
to trigger this pagure-ci run. The format is following: ``{"<sentence>":</sentence>
Slavek Kabrda a80d7c
{"name": "<name ci="" of="" the="">", "description": "<short description="">"}}``</short></name>
Pierre-Yves Chibon 6706a2
Slavek Kabrda a80d7c
Sentences which have ``None`` as value won't show up in the "Rerun CI"
Slavek Kabrda a80d7c
dropdown. Additionally, it's possible to add a ``requires_project_hook_attr``
Slavek Kabrda a80d7c
key to the dict with data about a sentence. For example, having
Slavek Kabrda a80d7c
``"requires_project_hook_attr": ("ci_hook", "active_pr", True)`` would make
Slavek Kabrda a80d7c
the "Rerun CI" dropdown have a button for this specific CI only if the
Slavek Kabrda a80d7c
project has ``ci_hook`` activated and its ``active_pr`` value is ``True``.
Slavek Kabrda a80d7c
Slavek Kabrda a80d7c
In versions before 5.2, this was a list containing just the sentences.
Slavek Kabrda a80d7c
Slavek Kabrda a80d7c
Defaults to: ``{"pretty please pagure-ci rebuild": {"name": "Default CI",
Slavek Kabrda a80d7c
"description": "Rerun default CI"}}``
Pierre-Yves Chibon 6706a2
Pierre-Yves Chibon 6706a2
.. note:: The sentences defined in this configuration key should be lower
Pierre-Yves Chibon 6706a2
          case only!
Pierre-Yves Chibon 6706a2
Pierre-Yves Chibon c93a48
Slavek Kabrda 45252f
FLAG_STATUSES_LABELS
Slavek Kabrda 45252f
~~~~~~~~~~~~~~~~~~~~
Slavek Kabrda 45252f
Slavek Kabrda 45252f
By default, Pagure has ``success``, ``failure``, ``error``, ``pending`` and
Slavek Kabrda 45252f
``canceled`` statuses of PR and commit flags. This setting allows you to
Slavek Kabrda 45252f
define a custom mapping of statuses to their respective Bootstrap labels.
Slavek Kabrda 45252f
Pierre-Yves Chibon c93a48
Slavek Kabrda 45252f
FLAG_SUCCESS
Slavek Kabrda 45252f
~~~~~~~~~~~~
Slavek Kabrda 45252f
Slavek Kabrda 45252f
Holds name of PR/commit flag that is considered a success.
Slavek Kabrda 45252f
Slavek Kabrda 45252f
Defaults to: ``success``
Slavek Kabrda 45252f
Pierre-Yves Chibon c93a48
Slavek Kabrda 45252f
FLAG_FAILURE
Slavek Kabrda 45252f
~~~~~~~~~~~~
Slavek Kabrda 45252f
Slavek Kabrda 45252f
Holds name of PR/commit flag that is considered a failure.
Slavek Kabrda 45252f
Slavek Kabrda 45252f
Defaults to: ``failure``
Slavek Kabrda 45252f
Pierre-Yves Chibon c93a48
Slavek Kabrda 45252f
FLAG_PENDING
Slavek Kabrda 45252f
~~~~~~~~~~~~
Slavek Kabrda 45252f
Slavek Kabrda 45252f
Holds name of PR/commit flag that is considered a pending state.
Slavek Kabrda 45252f
Slavek Kabrda 45252f
Defaults to: ``pending``
Pierre-Yves Chibon 6706a2
Pierre-Yves Chibon c93a48
Pierre-Yves Chibon a1fca3
EXTERNAL_COMMITTER
Pierre-Yves Chibon a1fca3
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
The external committer feature is a way to allow members of groups defined
Pierre-Yves Chibon a1fca3
outside pagure (and provided to pagure upon login by the authentication
Pierre-Yves Chibon a1fca3
system) to be consider committers on pagure.
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
This feature can give access to all the projects on the instance, all but
Pierre-Yves Chibon a1fca3
some or just some.
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
Defaults to: ``{}``
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
To give access to all the projects to a group named ``fedora-altarch`` use
Pierre-Yves Chibon a1fca3
a such a structure::
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
    EXTERNAL_COMMITTER = {
Pierre-Yves Chibon a1fca3
        'fedora-altarch': {}
Pierre-Yves Chibon a1fca3
    }
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
To give access to all the projects but one (named ``rpms/test``) to a group
Pierre-Yves Chibon a1fca3
named ``provenpackager`` use a such a structure::
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
    EXTERNAL_COMMITTER = {
Pierre-Yves Chibon a1fca3
        'fedora-altarch': {},
Pierre-Yves Chibon a1fca3
        'provenpackager': {
Pierre-Yves Chibon a1fca3
            'exclude': ['rpms/test']
Pierre-Yves Chibon a1fca3
        }
Pierre-Yves Chibon a1fca3
    }
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
To give access to just some projects (named ``rpms/test`` and
Pierre-Yves Chibon a1fca3
``modules/test``) to a group named ``testers`` use a such a structure::
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon a1fca3
    EXTERNAL_COMMITTER = {
Pierre-Yves Chibon a1fca3
        'fedora-altarch': {},
Pierre-Yves Chibon a1fca3
        'provenpackager': {
Pierre-Yves Chibon a1fca3
            'exclude': ['rpms/test']
Pierre-Yves Chibon a1fca3
        },
Pierre-Yves Chibon a1fca3
        'testers': {
Pierre-Yves Chibon a1fca3
            'restrict': ['rpms/test', 'modules/test']
Pierre-Yves Chibon a1fca3
        }
Pierre-Yves Chibon a1fca3
    }
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon c93a48
Pierre-Yves Chibon 77edd1
REQUIRED_GROUPS
Pierre-Yves Chibon 77edd1
~~~~~~~~~~~~~~~
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
The required groups allows to specify in which group an user must be to be
Pierre-Yves Chibon e1d70f
added to a project with commit or admin access.
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
Defaults to: ``{}``
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
Example configuration::
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
    REQUIRED_GROUPS = {
Pierre-Yves Chibon e1d70f
        'rpms/kernel': ['packager', 'kernel-team'],
Pierre-Yves Chibon e1d70f
        'modules/*': ['module-packager', 'packager'],
Pierre-Yves Chibon e1d70f
        'rpms/*': ['packager'],
Pierre-Yves Chibon e1d70f
        '*': ['contributor'],
Pierre-Yves Chibon e1d70f
    }
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
With this configuration (evaluated in the provided order):
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
* only users that are in the groups ``packager`` and ``kernel-team`` will be
Pierre-Yves Chibon e1d70f
  allowed to be added the ``rpms/kernel`` project (where ``rpms`` is the
Pierre-Yves Chibon e1d70f
  namespace and ``kernel`` the project name).
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
* only users that are in the groups ``module-packager`` and ``packager``
Pierre-Yves Chibon e1d70f
  will be allowed to be added to projects in the ``modules`` namespace.
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
* only users that are in the group ``packager`` will be allowed to be added
Pierre-Yves Chibon e1d70f
  to projects in the ``rpms`` namespace.
Pierre-Yves Chibon e1d70f
Pierre-Yves Chibon e1d70f
* only users in the ``contributor`` group will be allowed to be added to
Pierre-Yves Chibon e1d70f
  any project on this pagure instance.
Pierre-Yves Chibon a1fca3
Pierre-Yves Chibon c93a48
Pierre-Yves Chibon d1fe6f
GITOLITE_PRE_CONFIG
Pierre-Yves Chibon d1fe6f
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
This configuration key allows you to include some content at the *top* of
Pierre-Yves Chibon d1fe6f
the gitolite configuration file (such as some specific group definition),
Pierre-Yves Chibon d1fe6f
thus allowing to customize the gitolite configuration file with elements
Pierre-Yves Chibon d1fe6f
and information that are outside of pagure's control.
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
This can be used in combination with ``GITOLITE_POST_CONFIG`` to further
Pierre-Yves Chibon d1fe6f
customize gitolite's configuration file. It can also be used with
Pierre-Yves Chibon d1fe6f
``EXTERNAL_COMMITTER`` to give commit access to git repos based on external
Pierre-Yves Chibon d1fe6f
information.
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
Defaults to: ``None``
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
GITOLITE_POST_CONFIG
Pierre-Yves Chibon 45a893
~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
This configuration key allows you to include some content at the *end* of
Pierre-Yves Chibon d1fe6f
the gitolite configuration file (such as some project definition or access),
Pierre-Yves Chibon d1fe6f
thus allowing to customize the gitolite configuration file with elements
Pierre-Yves Chibon d1fe6f
and information that are outside of pagure's control.
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
This can be used in combination with ``GITOLITE_PRE_CONFIG`` to further
Pierre-Yves Chibon d1fe6f
customize gitolite's configuration file. It can also be used with
Pierre-Yves Chibon d1fe6f
``EXTERNAL_COMMITTER`` to give commit access to git repos based on external
Pierre-Yves Chibon d1fe6f
information.
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon d1fe6f
Defaults to: ``None``
Pierre-Yves Chibon d1fe6f
Pierre-Yves Chibon 6706a2
Slavek Kabrda de8507
GIT_GARBAGE_COLLECT
Slavek Kabrda de8507
~~~~~~~~~~~~~~~~~~~
Slavek Kabrda de8507
Slavek Kabrda de8507
This configuration key allows for explicit running of ``git gc --auto``
Slavek Kabrda de8507
after every operation that adds new objects to any git repository -
Slavek Kabrda de8507
that is after pushing and merging. The reason for having this functionality
Slavek Kabrda de8507
in Pagure is that gc is not guaranteed to be run by git after every
Slavek Kabrda de8507
object-adding operation.
Slavek Kabrda de8507
Slavek Kabrda de8507
The garbage collection run by Pagure will respect git settings, so you
Slavek Kabrda de8507
can tweak ``gc.auto`` and ``gc.autoPackLimit`` to your liking
Slavek Kabrda de8507
and that will have immediate effect on the task that runs the garbage
Slavek Kabrda de8507
collection. These values can be configured system-wide in ``/etc/gitconfig``.
Slavek Kabrda de8507
See https://git-scm.com/docs/git-gc#git-gc---auto for more details.
Slavek Kabrda de8507
Slavek Kabrda de8507
This is especially useful if repositories are stored on NFS (or similar
Slavek Kabrda de8507
network storage), where file metadata access is expensive - having unpacked
Slavek Kabrda de8507
objects in repositories requires *a lot* of metadata reads.
Slavek Kabrda de8507
Slavek Kabrda de8507
Note that the garbage collection is only run on repos that are not on
Slavek Kabrda de8507
repoSpanner.
Slavek Kabrda de8507
Slavek Kabrda de8507
Defaults to: ``False``
Slavek Kabrda de8507
Slavek Kabrda de8507
Pierre-Yves Chibon 77edd1
CELERY_CONFIG
Pierre-Yves Chibon 77edd1
~~~~~~~~~~~~~
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
This configuration key allows you to tweak the configuration of celery for
Pierre-Yves Chibon 77edd1
your needs.
Pierre-Yves Chibon 77edd1
See the documentation about `celery configuration
Pierre-Yves Chibon 77edd1
<http: configuration.html="" docs.celeryproject.org="" en="" latest="" userguide="">`_ for</http:>
Pierre-Yves Chibon 77edd1
more information.
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
Defaults to: ``{}``
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon 77edd1
Pierre-Yves Chibon edbdc9
CASE_SENSITIVE
Pierre-Yves Chibon edbdc9
~~~~~~~~~~~~~~
Pierre-Yves Chibon edbdc9
Pierre-Yves Chibon edbdc9
This configuration key allows to make this pagure instance case sensitive
Pierre-Yves Chibon edbdc9
instead of its default: case-insensitive.
Pierre-Yves Chibon edbdc9
Pierre-Yves Chibon edbdc9
Defaults to: ``False``
Pierre-Yves Chibon edbdc9
Pierre-Yves Chibon edbdc9
Pierre-Yves Chibon dc53a9
PROJECT_NAME_REGEX
Pierre-Yves Chibon dc53a9
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon dc53a9
Pierre-Yves Chibon dc53a9
This configuration key allows to customize the regular expression used to
Pierre-Yves Chibon dc53a9
validate new project name.
Pierre-Yves Chibon dc53a9
Pierre-Yves Chibon dc53a9
Defaults to: ``^[a-zA-z0-9_][a-zA-Z0-9-_]*$``
Pierre-Yves Chibon dc53a9
Pierre-Yves Chibon dc53a9
Pierre-Yves Chibon 861b6d
APPLICATION_ROOT
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key is used in the path of the cookie used by pagure.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``'/'``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
ALLOWED_PREFIX
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows to specify a list of allowed namespaces that
Pierre-Yves Chibon 861b6d
will not require creating a group for users to create projects in.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``[]``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
ADMIN_SESSION_LIFETIME
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows specifying the lifetime of the session during
Pierre-Yves Chibon 861b6d
which the user won't have to re-login for admin actions.
Pierre-Yves Chibon 861b6d
In other words, the maximum time between which an user can access a project's
Pierre-Yves Chibon 861b6d
settings page without re-login.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``timedelta(minutes=20)``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
where timedelta comes from the python datetime module
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
BLACKLISTED_GROUPS
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows to blacklist some group names.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``['forks', 'group']``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
ENABLE_GROUP_MNGT
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows to turn on or off managing (ie: creating a
Pierre-Yves Chibon 861b6d
group, adding or removing users in that group) groups in this pagure instance.
Pierre-Yves Chibon 861b6d
If turned off, groups and group members are to be managed outside of pagure
Pierre-Yves Chibon 861b6d
and synced upon login.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``True``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
ENABLE_USER_MNGT
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows to turn on or off managing users (adding or
Pierre-Yves Chibon 861b6d
removing them from a project) in this pagure instance.
Pierre-Yves Chibon 861b6d
If turned off, users are managed outside of pagure.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``True``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
SESSION_COOKIE_NAME
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows to specify the name of the session cookie used
Pierre-Yves Chibon 861b6d
by pagure.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``'pagure'``
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
SHOW_PROJECTS_INDEX
Pierre-Yves Chibon 861b6d
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
This configuration key allows to specify what is shown in the index page of
Pierre-Yves Chibon 861b6d
logged in users.
Pierre-Yves Chibon 861b6d
Pierre-Yves Chibon 861b6d
Defaults to: ``['repos', 'myrepos', 'myforks']``
Pierre-Yves Chibon 4a7dd6
Pierre-Yves Chibon 4a7dd6
Pierre-Yves Chibon 23c9e8
EMAIL_ON_WATCHCOMMITS
Pierre-Yves Chibon 23c9e8
~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 23c9e8
Pierre-Yves Chibon 23c9e8
By default pagure sends an email to every one watch commits on a project when a
Pierre-Yves Chibon 23c9e8
commit is made.
Pierre-Yves Chibon 23c9e8
However some pagure instances may be using a different notification mechanism on
Pierre-Yves Chibon 23c9e8
commits and thus may not want this feature to double the notifications received.
Pierre-Yves Chibon 23c9e8
This configuration key allows to turn on or off email being sent to people
Pierre-Yves Chibon 23c9e8
watching commits on a project upon commits.
Pierre-Yves Chibon 23c9e8
Pierre-Yves Chibon 23c9e8
Defaults to: ``True``
Pierre-Yves Chibon 23c9e8
Pierre-Yves Chibon 23c9e8
Patrick Uiterwijk a50651
ALLOW_HTTP_PULL_PUSH
Patrick Uiterwijk a50651
~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
This configuration key controls whether any HTTP access to repositories is provided
Patrick Uiterwijk a50651
via the support for that that's embedded in Pagure.
Patrick Uiterwijk a50651
This provides HTTP pull access via <pagureurl>/<reponame>.git if nothing else</reponame></pagureurl>
Patrick Uiterwijk a50651
serves this URL.
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
Defaults to: ``True``
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
ALLOW_HTTP_PUSH
Patrick Uiterwijk a50651
~~~~~~~~~~~~~~~
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
This configuration key controls whether pushing is possible via the HTTP interface.
Patrick Uiterwijk a50651
This is disabled by default, as it requires setting up an authentication mechanism
Patrick Uiterwijk a50651
on the webserver that sets REMOTE_USER.
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
Defaults to: ``False``
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
HTTP_REPO_ACCESS_GITOLITE
Patrick Uiterwijk a50651
~~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
This configuration key configures the path to the gitolite-shell binary.
Patrick Uiterwijk a50651
If this is set to None, Git http-backend is used directly.
Patrick Uiterwijk a50651
Only set this to ``None`` if you intend to provide HTTP push access via Pagure, and
Patrick Uiterwijk a50651
are using a dynamic ACL backend.
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
Defaults to: ``/usr/share/gitolite3/gitolite-shell``
Patrick Uiterwijk a50651
Patrick Uiterwijk a50651
Pierre-Yves Chibon 20456f
MIRROR_SSHKEYS_FOLDER
Pierre-Yves Chibon 20456f
~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 20456f
Pierre-Yves Chibon 20456f
This configuration key specificies where pagure should store the ssh keys
Pierre-Yves Chibon 20456f
generated for the mirroring feature. This folder should be properly backed up
Pierre-Yves Chibon 20456f
and kept secure.
Pierre-Yves Chibon 20456f
Pierre-Yves Chibon 20456f
Defaults to: ``/var/lib/pagure/sshkeys/``
Pierre-Yves Chibon 20456f
Pierre-Yves Chibon 20456f
Pierre-Yves Chibon fccbed
LOG_ALL_COMMITS
Pierre-Yves Chibon fccbed
~~~~~~~~~~~~~~~
Pierre-Yves Chibon fccbed
Pierre-Yves Chibon fccbed
This configuration key will make pagure log all commits pushed to all
Pierre-Yves Chibon fccbed
branches of all repositories instead of logging only the once that are
Pierre-Yves Chibon fccbed
pushed to the default branch.
Pierre-Yves Chibon fccbed
Pierre-Yves Chibon fccbed
Defaults to: ``False``
Pierre-Yves Chibon fccbed
Pierre-Yves Chibon fccbed
Pierre-Yves Chibon d85017
DISABLE_MIRROR_IN
Pierre-Yves Chibon d85017
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon d85017
Pierre-Yves Chibon d85017
This configuration key allows a pagure instance to not support mirroring in
Pierre-Yves Chibon d85017
projects (from third party git server).
Pierre-Yves Chibon d85017
Pierre-Yves Chibon d85017
Defaults to: ``False``
Pierre-Yves Chibon d85017
Pierre-Yves Chibon d85017
Ryan Lerch 9fe1c6
SYNTAX_ALIAS_OVERRIDES
Ryan Lerch 9fe1c6
~~~~~~~~~~~~~~~~~~~~~~
Ryan Lerch 9fe1c6
Ryan Lerch 9fe1c6
This configuration key allows to force highlight.js to use a certain logic
Ryan Lerch 9fe1c6
on certain files based on their extensions.
Ryan Lerch 9fe1c6
Ryan Lerch 9fe1c6
It should be a dictionary containing the file extensions as keys and
Ryan Lerch 9fe1c6
the highlighting language/category to use as values.
Ryan Lerch 9fe1c6
Ryan Lerch 9fe1c6
Defaults to: ``{".spec": "specfile", ".patch": "diff"}``
Ryan Lerch 9fe1c6
Ryan Lerch 9fe1c6
Pierre-Yves Chibon b9acae
RepoSpanner Options
Pierre-Yves Chibon 6387ab
-------------------
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Pagure can be integrated with `repoSpanner <https: repospanner.org="">`_</https:>
Pierre-Yves Chibon b9acae
allowing to deploy pagure in a load-balanced environment since the git
Pierre-Yves Chibon b9acae
repositories are then synced accross multiple servers simultaneously.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Support for this integration has been included in Pagure version 5.0 and higher.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Here below are the different options one can/should use to integrate pagure
Pierre-Yves Chibon b9acae
with repoSpanner.
Pierre-Yves Chibon b9acae
Patrick Uiterwijk 8174a4
REPOBRIDGE_BINARY
Patrick Uiterwijk 8174a4
~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 8174a4
Patrick Uiterwijk 8174a4
This should contain the path to the repoBridge binary, which is used for pushing
Patrick Uiterwijk 8174a4
and pulling to/from repoSpanner.
Patrick Uiterwijk 8174a4
Patrick Uiterwijk 8174a4
Defaults to: ``/usr/libexec/repobridge``.
Patrick Uiterwijk 8174a4
Patrick Uiterwijk 8174a4
Pierre-Yves Chibon b9acae
REPOSPANNER_NEW_REPO
Pierre-Yves Chibon b9acae
~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
This configuration key instructs pagure to create new git repositories on
Pierre-Yves Chibon b9acae
repoSpanner or not.
Pierre-Yves Chibon b9acae
Its value should be the region in which the new git repositories should be
Pierre-Yves Chibon b9acae
created on.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Defaults to: ``None``.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
REPOSPANNER_NEW_REPO_ADMIN_OVERRIDE
Pierre-Yves Chibon b9acae
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
This configuration key can be used to let pagure admin override the default
Pierre-Yves Chibon b9acae
region used when creating new git repositories on repoSpanner.
Pierre-Yves Chibon b9acae
Its value should be a boolean.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Defaults to: ``False``
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
REPOSPANNER_NEW_FORK
Pierre-Yves Chibon b9acae
~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
This configuration key instructs pagure on where/how to create new git
Pierre-Yves Chibon b9acae
repositories for the forks with repoSpanner.
Pierre-Yves Chibon b9acae
If ``None``, git repositories for forks are created outside of repoSpanner
Pierre-Yves Chibon b9acae
entirely.
Pierre-Yves Chibon b9acae
If ``True``, git repositories for forks are created in the same region as
Pierre-Yves Chibon b9acae
the parent project.
Pierre-Yves Chibon b9acae
Otherwise, a region can be directly specified where git repositories for
Pierre-Yves Chibon b9acae
forks will be created.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Defaults to: ``True``
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
REPOSPANNER_ADMIN_MIGRATION
Pierre-Yves Chibon b9acae
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
This configuration key can be used to let admin manually migrate individual
Pierre-Yves Chibon b9acae
project into repoSpanner once it is set up.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Defaults to: ``False``
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
REPOSPANNER_REGIONS
Pierre-Yves Chibon b9acae
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
This configuration key allows to specify the different region where repoSpanner
Pierre-Yves Chibon b9acae
is deployed and thus with which this pagure instance can be integrated.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
An example entry could look like:
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
::
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
    REPOSPANNER_REGIONS = {
Pierre-Yves Chibon b9acae
        'default': {'url': 'https://nodea.regiona.repospanner.local:8444',
Pierre-Yves Chibon b9acae
                    'repo_prefix': 'pagure/',
Pierre-Yves Chibon b9acae
                    'hook': None,
Pierre-Yves Chibon b9acae
                    'ca': '/etc/pki/repospanner/pki/ca.crt',
Pierre-Yves Chibon b9acae
                    'admin_cert': {'cert': '/etc/pki/repospanner/pki/admin.crt',
Pierre-Yves Chibon b9acae
                                   'key': '/etc/pki/repospanner/pki/admin.key'},
Pierre-Yves Chibon b9acae
                    'push_cert': {'cert': '/etc/pki/repospanner/pki/pagure.crt',
Pierre-Yves Chibon b9acae
                                  'key': '/etc/pki/repospanner/pki/pagure.key'}}
Pierre-Yves Chibon b9acae
    }
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
If this configuration key is not defined, pagure will consider that it is
Pierre-Yves Chibon b9acae
not set to be integrated with repoSpanner.
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Defaults to: ``{}``
Pierre-Yves Chibon b9acae
Pierre-Yves Chibon b9acae
Patrick Uiterwijk 6e47de
SSH_KEYS_USERNAME_LOOKUP
Patrick Uiterwijk 6e47de
~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
This configuration key is used by the keyhelper script to indicate that the
Patrick Uiterwijk 6e47de
git username should be used and looked up. Use this if the username that is sent
Patrick Uiterwijk 6e47de
to ssh is specific for a unique Pagure user (i.e. not using a single "git@" user
Patrick Uiterwijk 6e47de
for all git operations).
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
Patrick Uiterwijk e95068
SSH_KEYS_USERNAME_FORBIDDEN
Patrick Uiterwijk e95068
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk e95068
Patrick Uiterwijk e95068
A list of usernames that are exempted from being verified via the keyhelper.
Patrick Uiterwijk e95068
Patrick Uiterwijk e95068
Patrick Uiterwijk 6e47de
SSH_KEYS_USERNAME_EXPECT
Patrick Uiterwijk 6e47de
~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
This configuration key should contain the username that is used for git if a single
Patrick Uiterwijk 6e47de
SSH user is used for all git ssh traffic (i.e. "git").
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
SSH_KEYS_OPTIONS
Patrick Uiterwijk 6e47de
~~~~~~~~~~~~~~~~
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
This configuration key provides the options added to keys as they are returned
Patrick Uiterwijk 6e47de
to sshd, in the same format as AuthorizedKeysFile
Patrick Uiterwijk 6e47de
(see "AUTHORIZED_KEYS FILE FORMAT" in sshd(8)).
Patrick Uiterwijk 6e47de
Patrick Uiterwijk 6e47de
Slavek Kabrda 984d0f
SSH_ADMIN_TOKEN
Slavek Kabrda 984d0f
~~~~~~~~~~~~~~~
Slavek Kabrda 984d0f
Slavek Kabrda 984d0f
If not set to ``None``, ``aclchecker`` and ``keyhelper`` will use this api
Slavek Kabrda 984d0f
admin token to get authorized to internal endpoints that they use. The token
Slavek Kabrda 984d0f
must have the ``internal_access`` ACL.
Slavek Kabrda 984d0f
Slavek Kabrda 984d0f
This is useful when the IP address of sshd service is not predictable
Slavek Kabrda 984d0f
(e.g. because of running in a distributed cloud environment) and so
Slavek Kabrda 984d0f
it's not possible to use the ``IP_ALLOWED_INTERNAL`` address list.
Slavek Kabrda 984d0f
Slavek Kabrda 984d0f
Defaults to: ``None``
Slavek Kabrda 984d0f
Slavek Kabrda 984d0f
Patrick Uiterwijk 59387b
SSH_COMMAND_REPOSPANNER
Patrick Uiterwijk 59387b
~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 59387b
Patrick Uiterwijk 59387b
The command to run if a repository is on repospanner when aclchecker is in use.
Patrick Uiterwijk 59387b
Patrick Uiterwijk 59387b
Patrick Uiterwijk 59387b
SSH_COMMAND_NON_REPOSPANNER
Patrick Uiterwijk 59387b
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Patrick Uiterwijk 59387b
Patrick Uiterwijk 59387b
The command to run if a repository is not on repospanner when aclchecker is in use.
Patrick Uiterwijk 59387b
Patrick Uiterwijk 59387b
Pierre-Yves Chibon c0512f
MQTT Options
Pierre-Yves Chibon c0512f
------------
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
If approprietly configured pagure supports sending messages to an MQTT
Pierre-Yves Chibon c0512f
message queue.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Here below are the different configuration options to make it so.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_NOTIFICATIONS
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Global configuration key to turn on or off the code to send notifications
Pierre-Yves Chibon c0512f
to an MQTT message queue.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``False``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_HOST
Pierre-Yves Chibon c0512f
~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Host name of the MQTT server to send the MQTT notifications to.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_PORT
Pierre-Yves Chibon c0512f
~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Port of the MQTT server to use to send the MQTT notifications to.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_USERNAME
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Username to authenticate to the MQTT server as.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_PASSWORD
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Password to authenticate to the MQTT server with.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_CA_CERTS
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
When using SSL-based authentication to the MQTT server, use this
Pierre-Yves Chibon c0512f
configuration key to point to the CA cert to use.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_CERTFILE
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
When using SSL-based authentication to the MQTT server, use this
Pierre-Yves Chibon c0512f
configuration key to point to the cert file to use.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_KEYFILE
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
When using SSL-based authentication to the MQTT server, use this
Pierre-Yves Chibon c0512f
configuration key to point to the key file to use.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_CERT_REQS
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
When using SSL-based authentication to the MQTT server, use this
Pierre-Yves Chibon c0512f
configuration key to specify if the CERT is required.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``ssl.CERT_REQUIRED`` (from python's ssl library)
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_TLS_VERSION
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
When using SSL-based authentication to the MQTT server, use this
Pierre-Yves Chibon c0512f
configuration key to specify the TLS protocols to support/use.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon 420b95
Defaults to: ``ssl.PROTOCOL_TLSv1_2`` (from python's ssl library)
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
MQTT_CIPHERS
Pierre-Yves Chibon c0512f
~~~~~~~~~~~~
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
When using SSL-based authentication to the MQTT server, use this
Pierre-Yves Chibon c0512f
configuration key to specify the ciphers.
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon c0512f
Defaults to: ``None``
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon 2a914b
Pierre-Yves Chibon 2a914b
MQTT_TOPIC_PREFIX
Pierre-Yves Chibon 2a914b
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 2a914b
Pierre-Yves Chibon 2a914b
This configuration key allows to specify a prefix to the mqtt messages sent.
Pierre-Yves Chibon 2a914b
This prefix will be added to the topic used by pagure thus allowing the mqtt
Pierre-Yves Chibon 2a914b
admins to specify a parent topic for all pagure-related messages.
Pierre-Yves Chibon 2a914b
Pierre-Yves Chibon 2a914b
Defaults to: ``None``
Pierre-Yves Chibon 2a914b
Pierre-Yves Chibon 2a914b
Pierre-Yves Chibon daeb44
ALWAYS_MQTT_ON_COMMITS
Pierre-Yves Chibon daeb44
~~~~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon daeb44
Pierre-Yves Chibon daeb44
This configuration key allows to enforce `mqtt <https: mqtt.org="">`_</https:>
Pierre-Yves Chibon daeb44
notifications on commits made on all projects in a pagure instance.
Pierre-Yves Chibon daeb44
Pierre-Yves Chibon daeb44
Defaults to: ``False``.
Pierre-Yves Chibon daeb44
Pierre-Yves Chibon daeb44
Pierre-Yves Chibon c0512f
Pierre-Yves Chibon 978bbf
Deprecated configuration keys
Pierre-Yves Chibon 978bbf
-----------------------------
Pierre-Yves Chibon 978bbf
Pierre-Yves Chibon 74b49b
FORK_FOLDER
Pierre-Yves Chibon 74b49b
~~~~~~~~~~~
Pierre-Yves Chibon 74b49b
Pierre-Yves Chibon 74b49b
This configuration key used to be use to specify the folder where the forks
Pierre-Yves Chibon 74b49b
are placed. Since the release 2.0 of pagure, it has been deprecated, forks
Pierre-Yves Chibon 74b49b
are now automatically placed in a sub-folder of the folder containing the
Pierre-Yves Chibon 74b49b
mains git repositories (ie ``GIT_FOLDER``).
Pierre-Yves Chibon 74b49b
Pierre-Yves Chibon 74b49b
See the ``UPGRADING.rst`` file for more information about this change and
Pierre-Yves Chibon 74b49b
how to handle it.
Pierre-Yves Chibon 74b49b
Pierre-Yves Chibon 74b49b
Pierre-Yves Chibon 978bbf
UPLOAD_FOLDER
Pierre-Yves Chibon 978bbf
~~~~~~~~~~~~~
Pierre-Yves Chibon 978bbf
Pierre-Yves Chibon 978bbf
This configuration key used to be use to specify where the uploaded releases
Pierre-Yves Chibon 978bbf
are available. It has been replaced by `UPLOAD_FOLDER_PATH` in the release
Pierre-Yves Chibon 978bbf
2.10 of pagure.
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
GITOLITE_VERSION
Pierre-Yves Chibon 145998
~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
This configuration key specifies which version of gitolite you are
Pierre-Yves Chibon 145998
using, it can be either ``2`` or ``3``.
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
Defaults to: ``3``.
Pierre-Yves Chibon 145998
Pierre-Yves Chibon 145998
This has been replaced by `GITOLITE_BACKEND` in the release 3.0 of pagure.
Slavek Kabrda adea20
Pierre-Yves Chibon 23c9e8
Slavek Kabrda adea20
DOCS_FOLDER, REQUESTS_FOLDER, TICKETS_FOLDER
Slavek Kabrda adea20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Slavek Kabrda adea20
Slavek Kabrda adea20
These configuration values were removed. It has been found out that
Slavek Kabrda adea20
due to how Pagure writes repo names in the gitolite configuration file,
Slavek Kabrda adea20
these must have fixed paths relative to `GIT_FOLDER`. Specifically, they
Slavek Kabrda adea20
must occupy subdirectories `docs`, `requests` and `tickets` under `GIT_FOLDER`.
Slavek Kabrda adea20
They are now computed automatically based on value of `GIT_FOLDER`.
Slavek Kabrda adea20
Usage of docs and tickets can be triggered by setting `ENABLE_DOCS` and
Slavek Kabrda adea20
`ENABLE_TICKETS` to `True` (this is the default).
Pierre-Yves Chibon 57cc72
Pierre-Yves Chibon 57cc72
Pierre-Yves Chibon 57cc72
FILE_SIZE_HIGHLIGHT
Pierre-Yves Chibon 57cc72
~~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 57cc72
Pierre-Yves Chibon 57cc72
This configuration key allows to specify the maximum number of characters a file
Pierre-Yves Chibon 57cc72
or diff should have to have syntax highlighting. Everything above this limit
Pierre-Yves Chibon 57cc72
will not have syntax highlighting as this is a memory intensive procedure that
Pierre-Yves Chibon 57cc72
easily leads to out of memory error on large files or diff.
Pierre-Yves Chibon 57cc72
Pierre-Yves Chibon 57cc72
Defaults to: ``5000``
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
BOOTSTRAP_URLS_CSS
Pierre-Yves Chibon 530a3b
~~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
This configuration key allows to specify the URL where are hosted the bootstrap
Pierre-Yves Chibon 530a3b
CSS file since the files hosted on apps.fedoraproject.org used in pagure.io
Pierre-Yves Chibon 530a3b
are not restricted in browser access.
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
Defaults to: ``'https://apps.fedoraproject.org/global/fedora-bootstrap-1.1.1/fedora-bootstrap.css'``
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
This has been deprecated by the new way of theming pagure, see the `theming
Pierre-Yves Chibon 530a3b
documentation <https: docs.pagure.org="" pagure="" theming.html="" usage="">`_</https:>
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
BOOTSTRAP_URLS_JS
Pierre-Yves Chibon 530a3b
~~~~~~~~~~~~~~~~~
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
This configuration key allows to specify the URL where are hosted the bootstrap
Pierre-Yves Chibon 530a3b
JS file since the files hosted on apps.fedoraproject.org used in pagure.io
Pierre-Yves Chibon 530a3b
are not restricted in browser access.
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
Defaults to: ``'https://apps.fedoraproject.org/global/fedora-bootstrap-1.1.1/fedora-bootstrap.js'``
Pierre-Yves Chibon 530a3b
Pierre-Yves Chibon 530a3b
This has been deprecated by the new way of theming pagure, see the `theming
Pierre-Yves Chibon 530a3b
documentation <https: docs.pagure.org="" pagure="" theming.html="" usage="">`_</https:>
Pierre-Yves Chibon 530a3b
Slavek Kabrda 21f28d
Slavek Kabrda 21f28d
HTML_TITLE
Slavek Kabrda 21f28d
~~~~~~~~~~
Slavek Kabrda 21f28d
Slavek Kabrda 21f28d
This configuration key allows you to customize the HTML title of all the
Slavek Kabrda 21f28d
pages, from ``... - pagure`` (default) to ``... - <your value="">``.</your>
Slavek Kabrda 21f28d
Slavek Kabrda 21f28d
Defaults to: ``Pagure``
Slavek Kabrda 21f28d
Slavek Kabrda 21f28d
This has been deprecated by the new way of theming pagure, see the `theming
Slavek Kabrda 21f28d
documentation <https: docs.pagure.org="" pagure="" theming.html="" usage="">`_</https:>
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
GITOLITE_BACKEND
Patrick Uiterwijk ad0b72
~~~~~~~~~~~~~~~~
Patrick Uiterwijk ad0b72
Patrick Uiterwijk ad0b72
This configuration key allowed specifying the gitolite backend.
Patrick Uiterwijk ad0b72
This has now been replaced by GIT_AUTH_BACKEND, please see that option
Patrick Uiterwijk ad0b72
for information on valid values.