Changeset - 2ef309c3175d
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 14 years ago 2012-01-06 18:37:36
marcin@python-works.com
docs update
1 file changed with 18 insertions and 0 deletions:
docs/setup.rst
18
0 comments (0 inline, 0 general)
docs/setup.rst
Show inline comments
 
@@ -380,97 +380,115 @@ following in the [app:main] section of y
 

			




	
	
	
		
 
    container_auth_enabled = true

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Proxy pass-through authentication

			




	
	
	
		
 
'''''''''''''''''''''''''''''''''

			




	
	
	
		
 

			




	
	
	
		
 
In a proxy pass-through authentication setup, RhodeCode reads the user name

			




	
	
	
		
 
from the ``X-Forwarded-User`` request header, which should be configured to be

			




	
	
	
		
 
sent by the reverse-proxy server.

			




	
	
	
		
 

			




	
	
	
		
 
After setting up your proxy solution (see `Apache virtual host reverse proxy example`_,

			




	
	
	
		
 
`Apache as subdirectory`_ or `Nginx virtual host example`_), you'd need to

			




	
	
	
		
 
configure the authentication and add the username in a request header named

			




	
	
	
		
 
``X-Forwarded-User``.

			




	
	
	
		
 

			




	
	
	
		
 
For example, the following config section for Apache sets a subdirectory in a

			




	
	
	
		
 
reverse-proxy setup with basic auth::

			




	
	
	
		
 

			




	
	
	
		
 
    <Location /<someprefix> >

			




	
	
	
		
 
      ProxyPass http://127.0.0.1:5000/<someprefix>

			




	
	
	
		
 
      ProxyPassReverse http://127.0.0.1:5000/<someprefix>

			




	
	
	
		
 
      SetEnvIf X-Url-Scheme https HTTPS=1

			




	
	
	
		
 

			




	
	
	
		
 
      AuthType Basic

			




	
	
	
		
 
      AuthName "RhodeCode authentication"

			




	
	
	
		
 
      AuthUserFile /home/web/rhodecode/.htpasswd

			




	
	
	
		
 
      require valid-user

			




	
	
	
		
 

			




	
	
	
		
 
      RequestHeader unset X-Forwarded-User

			




	
	
	
		
 

			




	
	
	
		
 
      RewriteEngine On

			




	
	
	
		
 
      RewriteCond %{LA-U:REMOTE_USER} (.+)

			




	
	
	
		
 
      RewriteRule .* - [E=RU:%1]

			




	
	
	
		
 
      RequestHeader set X-Forwarded-User %{RU}e

			




	
	
	
		
 
    </Location> 

			




	
	
	
		
 

			




	
	
	
		
 
In order for RhodeCode to start using the forwarded username, you should set

			




	
	
	
		
 
the following in the [app:main] section of your .ini file::

			




	
	
	
		
 

			




	
	
	
		
 
    proxypass_auth_enabled = true

			




	
	
	
		
 

			




	
	
	
		
 
.. note::

			




	
	
	
		
 
   If you enable proxy pass-through authentication, make sure your server is

			




	
	
	
		
 
   only accessible through the proxy. Otherwise, any client would be able to

			




	
	
	
		
 
   forge the authentication header and could effectively become authenticated

			




	
	
	
		
 
   using any account of their liking.

			




	
	
	
		
 

			




	
	
	
		
 
Integration with Issue trackers

			




	
	
	
		
 
-------------------------------

			




	
	
	
		
 

			




	
	
	
		
 
RhodeCode provides a simple integration with issue trackers. It's possible

			




	
	
	
		
 
to define a regular expression that will fetch issue id stored in commit

			




	
	
	
		
 
messages and replace that with an url to this issue. To enable this simply

			




	
	
	
		
 
uncomment following variables in the ini file::

			




	
	
	
		
 

			




	
	
	
		
 
    url_pat = (?:^#|\s#)(\w+)

			




	
	
	
		
 
    issue_server = https://myissueserver.com/issue/{id}

			




	
	
	
		
 
    issue_prefix = #

			




	
	
	
		
 

			




	
	
	
		
 
`url_pat` is the regular expression that will match issues, default given regex

			




	
	
	
		
 
will match issues in format of #<number> eg. #300. 

			




	
	
	
		
 
Matched issues will be replace with the `issue_server` url replacing {id} with

			




	
	
	
		
 
id fetched from regex. Since the # is striped `issue_prefix` is added as a 

			




	
	
	
		
 
prefix to url. `issue_prefix` can be something different than # if you pass 

			




	
	
	
		
 
ISSUE- as issue prefix this will generate an url in format 

			




	
	
	
		
 
`<a href="https://myissueserver.com/issue/300">ISSUE-300</a>`  

			




	
	
	
		
 

			




	
	
	
		
 
Hook management

			




	
	
	
		
 
---------------

			




	
	
	
		
 

			




	
	
	
		
 
Hooks can be managed in similar way to this used in .hgrc files.

			




	
	
	
		
 
To access hooks setting click `advanced setup` on Hooks section of Mercurial

			




	
	
	
		
 
Settings in Admin. 

			




	
	
	
		
 

			




	
	
	
		
 
There are 4 built in hooks that cannot be changed (only enable/disable by

			




	
	
	
		
 
checkboxes on previos section).

			




	
	
	
		
 
To add another custom hook simply fill in first section with 

			




	
	
	
		
 
<name>.<hook_type> and the second one with hook path. Example hooks

			




	
	
	
		
 
can be found at *rhodecode.lib.hooks*. 

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Setting Up Celery

			




	
	
	
		
 
-----------------

			




	
	
	
		
 

			




	
	
	
		
 
Since version 1.1 celery is configured by the rhodecode ini configuration files.

			




	
	
	
		
 
Simply set use_celery=true in the ini file then add / change the configuration 

			




	
	
	
		
 
variables inside the ini file.

			




	
	
	
		
 

			




	
	
	
		
 
Remember that the ini files use the format with '.' not with '_' like celery.

			




	
	
	
		
 
So for example setting `BROKER_HOST` in celery means setting `broker.host` in

			




	
	
	
		
 
the config file.

			




	
	
	
		
 

			




	
	
	
		
 
In order to start using celery run::

			




	
	
	
		
 

			




	
	
	
		
 
 paster celeryd <configfile.ini>

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
.. note::

			




	
	
	
		
 
   Make sure you run this command from the same virtualenv, and with the same 

			




	
	
	
		
 
   user that rhodecode runs.

			




	
	
	
		
 
   

			




	
	
	
		
 
HTTPS support

			




	
	
	
		
 
-------------

			




	
	
	
		
 

			




	
	
	
		
 
There are two ways to enable https:

			




	
	
	
		
 

			




	
	
	
		
 
- Set HTTP_X_URL_SCHEME in your http server headers, than rhodecode will

			




	
	
	
		
 
  recognize this headers and make proper https redirections

			




	
	
	
		
 
- Alternatively, change the `force_https = true` flag in the ini configuration 

			




	
	
	
		
 
  to force using https, no headers are needed than to enable https

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Nginx virtual host example

			




	
	
	
		
 
--------------------------

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.