# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import click

import kallithea.bin.kallithea_cli_base as cli_base

import os

import sys

import uuid

from collections import defaultdict

import mako.exceptions

from kallithea.lib import inifile

def show_defaults(ctx, param, value):

    # Following construct is taken from the Click documentation:

    # https://click.palletsprojects.com/en/7.x/options/#callbacks-and-eager-options

    # "The resilient_parsing flag is applied to the context if Click wants to

    # parse the command line without any destructive behavior that would change

    # the execution flow. In this case, because we would exit the program, we

    # instead do nothing."

    if not value or ctx.resilient_parsing:

        return

    for key, value in inifile.default_variables.items():

        click.echo('%s=%s' % (key, value))

    ctx.exit()

@cli_base.register_command()

@click.option('--show-defaults', callback=show_defaults,

              is_flag=True, expose_value=False, is_eager=True,

              help='Show the default values that can be overridden')

@click.argument('config_file', type=click.Path(dir_okay=False, writable=True), required=True)

@click.argument('key_value_pairs', nargs=-1)

def config_create(config_file, key_value_pairs):

    """Create a new configuration file.

    This command creates a default configuration file, possibly adding/updating

    settings you specify.

    The primary high level configuration keys and their default values are

    shown with --show-defaults . Custom values for these keys can be specified

    on the command line as key=value arguments.

    Additional key=value arguments will be patched/inserted in the [app:main]

    section ... until another section name specifies where any following values

    should go.

    """

    mako_variable_values = {

        'git_hook_interpreter': sys.executable,

        'user_home_path': os.path.expanduser('~'),

        'kallithea_cli_path': cli_base.kallithea_cli_path,

    }

    ini_settings = defaultdict(dict)

    section_name = None

    for parameter in key_value_pairs:

        parts = parameter.split('=', 1)

        if len(parts) == 1 and parameter.startswith('[') and parameter.endswith(']'):

            section_name = parameter

        elif len(parts) == 2:

            key, value = parts

            if section_name is None and key in inifile.default_variables:

                mako_variable_values[key] = value

            else:

                if section_name is None:

                    section_name = '[app:main]'

                ini_settings[section_name][key] = value

        else:

            raise ValueError("Invalid name=value parameter %r" % parameter)

    # use default that cannot be replaced

    mako_variable_values.update({

        'uuid': lambda: uuid.uuid4().hex,

    })

    try:

        config_file_abs = os.path.abspath(config_file)

        inifile.create(config_file_abs, mako_variable_values, ini_settings)

        click.echo('Wrote new config file in %s' % config_file_abs)

        click.echo("Don't forget to build the front-end using 'kallithea-cli front-end-build'.")

    except Exception:

        click.echo(mako.exceptions.text_error_template().render())

# -*- coding: utf-8 -*-

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import logging

import os

import sys

log = logging.getLogger(__name__)

def current_locale_is_valid():

    """Verify that things work when Dulwich passes unicode paths to the file system layer.

    Note: UTF-8 is preferred, but for example ISO-8859-1 or mbcs should also

    work under the right circumstances."""

    try:

        u'\xe9'.encode(sys.getfilesystemencoding()) # Test using é (é)

    except UnicodeEncodeError:

        log.error("Cannot encode Unicode paths to file system encoding %r", sys.getfilesystemencoding())

        for var in ['LC_ALL', 'LC_CTYPE', 'LANG']:

            if var in os.environ:

                val = os.environ[var]

                log.error("Note: Environment variable %s is %r - perhaps change it to some other value from 'locale -a', like 'C.UTF-8' or 'en_US.UTF-8'", var, val)

                break

        else:

            log.error("Note: No locale setting found in environment variables - perhaps set LC_CTYPE to some value from 'locale -a', like 'C.UTF-8' or 'en_US.UTF-8'")

        return False

    return True

<%text>## scaling ##</%text>

<%text>## set cheaper algorithm to use, if not set default will be used</%text>

cheaper-algo = spare

<%text>## minimum number of workers to keep at all times</%text>

cheaper = 1

<%text>## number of workers to spawn at startup</%text>

cheaper-initial = 1

<%text>## maximum number of workers that can be spawned</%text>

workers = 4

<%text>## how many workers should be spawned at a time</%text>

cheaper-step = 1

%endif

<%text>## middleware for hosting the WSGI application under a URL prefix</%text>

#[filter:proxy-prefix]

#use = egg:PasteDeploy#prefix

#prefix = /<your-prefix>

[app:main]

use = egg:kallithea

<%text>## enable proxy prefix middleware</%text>

#filter-with = proxy-prefix

full_stack = true

static_files = true

<%text>## Internationalization (see setup documentation for details)</%text>

<%text>## By default, the language requested by the browser is used if available.</%text>

#i18n.enabled = false

<%text>## Fallback language, empty for English (valid values are the names of subdirectories in kallithea/i18n):</%text>

i18n.lang =

cache_dir = %(here)s/data

index_dir = %(here)s/data/index

<%text>## uncomment and set this path to use archive download cache</%text>

archive_cache_dir = %(here)s/tarballcache

<%text>## change this to unique ID for security</%text>

app_instance_uuid = ${uuid()}

<%text>## cut off limit for large diffs (size in bytes)</%text>

cut_off_limit = 256000

<%text>## force https in Kallithea, fixes https redirects, assumes it's always https</%text>

force_https = false

<%text>## use Strict-Transport-Security headers</%text>

use_htsts = false

<%text>## number of commits stats will parse on each iteration</%text>

commit_parse_limit = 25

<%text>## Path to Python executable to be used for git hooks.</%text>

<%text>## This value will be written inside the git hook scripts as the text</%text>

<%text>## after '#!' (shebang). When empty or not defined, the value of</%text>

<%text>## 'sys.executable' at the time of installation of the git hooks is</%text>

<%text>## used, which is correct in many cases but for example not when using uwsgi.</%text>

<%text>## If you change this setting, you should reinstall the Git hooks via</%text>

<%text>## Admin > Settings > Remap and Rescan.</%text>

# git_hook_interpreter = /srv/kallithea/venv/bin/python2

%if git_hook_interpreter:

git_hook_interpreter = ${git_hook_interpreter}

%endif

<%text>## path to git executable</%text>

git_path = git

<%text>## git rev filter option, --all is the default filter, if you need to</%text>

<%text>## hide all refs in changelog switch this to --branches --tags</%text>

#git_rev_filter = --branches --tags

<%text>## RSS feed options</%text>

rss_cut_off_limit = 256000

rss_items_per_page = 10

rss_include_diff = false

<%text>## options for showing and identifying changesets</%text>

show_sha_length = 12

show_revision_number = false

<%text>## Canonical URL to use when creating full URLs in UI and texts.</%text>

<%text>## Useful when the site is available under different names or protocols.</%text>

<%text>## Defaults to what is provided in the WSGI environment.</%text>

#canonical_url = https://kallithea.example.com/repos

<%text>## gist URL alias, used to create nicer urls for gist. This should be an</%text>

<%text>## url that does rewrites to _admin/gists/<gistid>.</%text>

<%text>## example: http://gist.example.com/{gistid}. Empty means use the internal</%text>

<%text>## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/<gistid></%text>

gist_alias_url =

<%text>## default encoding used to convert from and to unicode</%text>

<%text>## can be also a comma separated list of encoding in case of mixed encodings</%text>

default_encoding = utf-8

<%text>## Set Mercurial encoding, similar to setting HGENCODING before launching Kallithea</%text>

hgencoding = utf-8

<%text>## issue tracker for Kallithea (leave blank to disable, absent for default)</%text>

#bugtracker = https://bitbucket.org/conservancy/kallithea/issues

<%text>## issue tracking mapping for commit messages, comments, PR descriptions, ...</%text>

<%text>## Refer to the documentation ("Integration with issue trackers") for more details.</%text>

<%text>## regular expression to match issue references</%text>

<%text>## This pattern may/should contain parenthesized groups, that can</%text>

<%text>## be referred to in issue_server_link or issue_sub using Python backreferences</%text>

<%text>## (e.g. \1, \2, ...). You can also create named groups with '(?P<groupname>)'.</%text>

<%text>## To require mandatory whitespace before the issue pattern, use:</%text>

<%text>## (?:^|(?<=\s)) before the actual pattern, and for mandatory whitespace</%text>

<%text>## behind the issue pattern, use (?:$|(?=\s)) after the actual pattern.</%text>

issue_pat = #(\d+)

<%text>## server url to the issue</%text>

<%text>## This pattern may/should contain backreferences to parenthesized groups in issue_pat.</%text>

<%text>## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group</%text>

<%text>## called 'groupname' in issue_pat.</%text>

<%text>## The special token {repo} is replaced with the full repository name</%text>

<%text>## including repository groups, while {repo_name} is replaced with just</%text>

<%text>## the name of the repository.</%text>

issue_server_link = https://issues.example.com/{repo}/issue/\1

<%text>## substitution pattern to use as the link text</%text>

<%text>## If issue_sub is empty, the text matched by issue_pat is retained verbatim</%text>

<%text>## for the link text. Otherwise, the link text is that of issue_sub, with any</%text>

<%text>## backreferences to groups in issue_pat replaced.</%text>

issue_sub =

<%text>## issue_pat, issue_server_link and issue_sub can have suffixes to specify</%text>

<%text>## multiple patterns, to other issues server, wiki or others</%text>

<%text>## below an example how to create a wiki pattern</%text>

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

<%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>

<%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>

<%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>

auth_ret_code =

<%text>## allows to change the repository location in settings page</%text>

allow_repo_location_change = True

<%text>## allows to setup custom hooks in settings page</%text>

allow_custom_hooks_settings = True

<%text>## extra extensions for indexing, space separated and without the leading '.'.</%text>

# index.extensions =

#    gemfile

#    lock

<%text>## extra filenames for indexing, space separated</%text>

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

<%text>####################################</%text>

<%text>###           SSH CONFIG        ####</%text>

<%text>####################################</%text>

<%text>## SSH is disabled by default, until an Administrator decides to enable it.</%text>

ssh_enabled = false

<%text>## File where users' SSH keys will be stored *if* ssh_enabled is true.</%text>

#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys

%if user_home_path:

ssh_authorized_keys = ${user_home_path}/.ssh/authorized_keys

%endif

<%text>## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.</%text>

#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

%if kallithea_cli_path:

kallithea_cli_path = ${kallithea_cli_path}

%endif

<%text>## Locale to be used in the ssh-serve command.</%text>

<%text>## This is needed because an SSH client may try to use its own locale</%text>

<%text>## settings, which may not be available on the server.</%text>

<%text>## See `locale -a` for valid values on this system.</%text>

#ssh_locale = C.UTF-8

<%text>####################################</%text>

<%text>###        CELERY CONFIG        ####</%text>

<%text>####################################</%text>

use_celery = false

<%text>## Example: connect to the virtual host 'rabbitmqhost' on localhost as rabbitmq:</%text>

broker.url = amqp://rabbitmq:qewqew@localhost:5672/rabbitmqhost

celery.imports = kallithea.lib.celerylib.tasks

celery.accept.content = pickle

celery.result.backend = amqp

celery.result.dburi = amqp://

celery.result.serialier = json

#celery.send.task.error.emails = true

#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2

celeryd.max.tasks.per.child = 1

<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

celery.always.eager = false

<%text>####################################</%text>

<%text>###         BEAKER CACHE        ####</%text>

<%text>####################################</%text>

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.regions = short_term,long_term,sql_cache_short

beaker.cache.short_term.type = memory

beaker.cache.short_term.expire = 60

beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type = memory

beaker.cache.sql_cache_short.expire = 10

beaker.cache.sql_cache_short.key_length = 256

<%text>####################################</%text>

<%text>###       BEAKER SESSION        ####</%text>

<%text>####################################</%text>

<%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>

<%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>

session.key = kallithea

<%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>

session.httponly = true

<%text>## Session lifetime. 2592000 seconds is 30 days.</%text>

session.timeout = 2592000

<%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>

session.secret = ${uuid()}

<%text>## Further, encrypt the data with AES.</%text>

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

<%text>## Type of storage used for the session, current types are</%text>

<%text>## dbm, file, memcached, database, and memory.</%text>

<%text>## File system storage of session data. (default)</%text>

#session.type = file

<%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>

#session.type = cookie

<%text>## Database storage of session data.</%text>

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

<%text>############################</%text>

<%text>## ERROR HANDLING SYSTEMS ##</%text>

<%text>############################</%text>

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

get trace_errors.error_email = email_to

get trace_errors.smtp_server = smtp_server

get trace_errors.smtp_port = smtp_port

get trace_errors.from_address = error_email_from

%if error_aggregation_service == 'appenlight':

<%text>####################</%text>

<%text>### [appenlight] ###</%text>

<%text>####################</%text>

<%text>## AppEnlight is tailored to work with Kallithea, see</%text>

<%text>## http://appenlight.com for details how to obtain an account</%text>

<%text>## you must install python package `appenlight_client` to make it work</%text>

<%text>## appenlight enabled</%text>

appenlight = false

appenlight.server_url = https://api.appenlight.com

appenlight.api_key = YOUR_API_KEY

<%text>## TWEAK AMOUNT OF INFO SENT HERE</%text>

<%text>## enables 404 error logging (default False)</%text>

appenlight.report_404 = false

<%text>## time in seconds after request is considered being slow (default 1)</%text>

appenlight.slow_request_time = 1

<%text>## record slow requests in application</%text>

<%text>## (needs to be enabled for slow datastore recording and time tracking)</%text>

appenlight.slow_requests = true

<%text>## enable hooking to application loggers</%text>

#appenlight.logging = true

<%text>## minimum log level for log capture</%text>

#appenlight.logging.level = WARNING

<%text>## send logs only from erroneous/slow requests</%text>

<%text>## (saves API quota for intensive logging)</%text>

appenlight.logging_on_error = false

<%text>## list of additional keywords that should be grabbed from environ object</%text>

<%text>## can be string with comma separated list of words in lowercase</%text>

<%text>## (by default client will always send following info:</%text>

<%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text>

<%text>## start with HTTP* this list be extended with additional keywords here</%text>

appenlight.environ_keys_whitelist =

<%text>## list of keywords that should be blanked from request object</%text>

<%text>## can be string with comma separated list of words in lowercase</%text>

<%text>## (by default client will always blank keys that contain following words</%text>

<%text>## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'</%text>

<%text>## this list be extended with additional keywords set here</%text>

appenlight.request_keys_blacklist =

<%text>## list of namespaces that should be ignores when gathering log entries</%text>

<%text>## can be string with comma separated list of namespaces</%text>

<%text>## (by default the client ignores own entries: appenlight_client.client)</%text>

appenlight.log_namespace_blacklist =

%elif error_aggregation_service == 'sentry':

<%text>################</%text>

<%text>### [sentry] ###</%text>

<%text>################</%text>

<%text>## sentry is a alternative open source error aggregator</%text>

<%text>## you must install python packages `sentry` and `raven` to enable</%text>

sentry.dsn = YOUR_DNS

sentry.servers =

sentry.name =

sentry.key =

sentry.public_key =

sentry.secret_key =

sentry.project =

sentry.site =

sentry.include_paths =

sentry.exclude_paths =

%endif

<%text>################################################################################</%text>

<%text>## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT*              ##</%text>

<%text>## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##</%text>

<%text>## execute malicious code after an exception is raised.                       ##</%text>

<%text>################################################################################</%text>

debug = false

<%text>##################################</%text>

<%text>###       LOGVIEW CONFIG       ###</%text>

<%text>##################################</%text>

logview.sqlalchemy = #faa

logview.pylons.templating = #bfb

logview.pylons.util = #eee

<%text>#########################################################</%text>

<%text>### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###</%text>

<%text>#########################################################</%text>

%if database_engine == 'sqlite':

# SQLITE [default]

sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60

%elif database_engine == 'postgres':

# POSTGRESQL

sqlalchemy.url = postgresql://user:pass@localhost/kallithea