kallithea Changeset - 4869a8bb1237

Changeset - 4869a8bb1237

Parent rev.

Child rev.

[Not reviewed]

default

0 3 0

Mads Kiilerich - 6 years ago 2020-04-22 20:47:02
mads@kiilerich.com

Grafted from: fddfd8c4b84e

ini: tweak template configuration for TG's handling of application errors

Mention what was learned while debugging request processing at WSGI/TG level
and the complexity of the TG stack gets in the way.

3 files changed with 45 insertions and 19 deletions:

development.ini

docs/contributing.rst

kallithea/lib/paster_commands/template.ini.mako

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -297,69 +297,75 @@ session.httponly = true @@
 ## Session lifetime. 2592000 seconds is 30 days.
 session.timeout = 2592000
 ## Server secret used with HMAC to ensure integrity of cookies.
 #session.secret = VERY-SECRET
 session.secret = development-not-secret
 ## Further, encrypt the data with AES.
 #session.encrypt_key = <key_for_encryption>
 #session.validate_key = <validation_key>
 ## Type of storage used for the session, current types are
 ## dbm, file, memcached, database, and memory.
 ## File system storage of session data. (default)
 #session.type = file
 ## Cookie only, store all session data inside the cookie. Requires secure secrets.
 #session.type = cookie
 ## Database storage of session data.
 #session.type = ext:database
 #session.sa.url = postgresql://postgres:qwe@localhost/kallithea
 #session.table_name = db_session
 ############################
 ## ERROR HANDLING SYSTEMS ##
 ############################
 ####################################
 ###       ERROR HANDLING        ####
 ####################################
 ## Show a nice error page for application HTTP errors and exceptions (default true)
 #errorpage.enabled = true
 ## Enable Backlash client-side interactive debugger (default false)
 ## WARNING: *THIS MUST BE false IN PRODUCTION ENVIRONMENTS!!!*
 ## This debug mode will allow all visitors to execute malicious code.
 #debug = false
 debug = true
 ## Enable Backlash server-side error reporting (unless debug mode handles it client-side) (default true)
 #trace_errors.enable = true
 ## Errors will be reported by mail if trace_errors.error_email is set.
 ## Propagate email settings to ErrorReporter of TurboGears2
 ## You do not normally need to change these lines
 get trace_errors.smtp_server = smtp_server
 get trace_errors.smtp_port = smtp_port
 get trace_errors.from_address = error_email_from
 get trace_errors.error_email = email_to
 get trace_errors.smtp_username = smtp_username
 get trace_errors.smtp_password = smtp_password
 get trace_errors.smtp_use_tls = smtp_use_tls
 ################################################################################
 ## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT*              ##
 ## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##
 ## execute malicious code after an exception is raised.                       ##
 ################################################################################
 #debug = false
 debug = true
 ##################################
 ###       LOGVIEW CONFIG       ###
 ##################################
 logview.sqlalchemy = #faa
 logview.pylons.templating = #bfb
 logview.pylons.util = #eee
 #########################################################
 ### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###
 #########################################################
 ## SQLITE [default]
 sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
 ## see sqlalchemy docs for other backends
 sqlalchemy.pool_recycle = 3600
 ################################
 ### ALEMBIC CONFIGURATION   ####
 ################################

docs/contributing.rst

➞

Show inline comments

@@ @@ -245,48 +245,62 @@ that SQLAlchemy will ensure that they're @@
 (but also means that they cannot be shared across requests).
 Objects can be added to the session using ``Session().add``, but this is
 rarely needed:
 * When creating a database object by calling the constructor directly,
   it must explicitly be added to the session.
 * When creating an object using a factory function (like
   ``create_repo``), the returned object has already (by convention)
   been added to the session, and should not be added again.
 * When getting an object from the session (via ``Session().query`` or
   any of the utility functions that look up objects in the database),
   it's already part of the session, and should not be added again.
   SQLAlchemy monitors attribute modifications automatically for all
   objects it knows about and syncs them to the database.
 SQLAlchemy also flushes changes to the database automatically; manually
 calling ``Session().flush`` is usually only necessary when the Python
 code needs the database to assign an "auto-increment" primary key ID to
 a freshly created model object (before flushing, the ID attribute will
 be ``None``).
 Debugging
 ^^^^^^^^^
 A good way to trace what Kallithea is doing is to keep an eye on the output of
 stdout/stderr from the server process. Perhaps change ``my.ini`` to log at
 ``DEBUG`` or ``INFO`` level, especially ``[logger_kallithea]``, but perhaps
 also other loggers. It is often easier to add additional ``log`` or ``print``
 statements than to use a Python debugger.
 Sometimes it is simpler to disable ``errorpage.enabled`` and perhaps also
 ``trace_errors.enable`` to expose raw errors instead of adding extra
 processing. Enabling ``debug`` can be helpful for showing and exploring
 tracebacks in the browser, but is also insecure and will add extra processing.
 TurboGears2 DebugBar
 ^^^^^^^^^^^^^^^^^^^^
 It is possible to enable the TurboGears2-provided DebugBar_, a toolbar overlayed
 over the Kallithea web interface, allowing you to see:
 * timing information of the current request, including profiling information
 * request data, including GET data, POST data, cookies, headers and environment
   variables
 * a list of executed database queries, including timing and result values
 DebugBar is only activated when ``debug = true`` is set in the configuration
 file. This is important, because the DebugBar toolbar will be visible for all
 users, and allow them to see information they should not be allowed to see. Like
 is anyway the case for ``debug = true``, do not use this in production!
 To enable DebugBar, install ``tgext.debugbar`` and ``kajiki`` (typically via
 ``pip``) and restart Kallithea (in debug mode).
 "Roadmap"
 ---------
 We do not have a road map but are waiting for your contributions. Refer to the

kallithea/lib/paster_commands/template.ini.mako

➞

Show inline comments

@@ @@ -370,51 +370,63 @@ session.key = kallithea @@
 session.httponly = true
 <%text>## Session lifetime. 2592000 seconds is 30 days.</%text>
 session.timeout = 2592000
 <%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>
 session.secret = ${uuid()}
 <%text>## Further, encrypt the data with AES.</%text>
 #session.encrypt_key = <key_for_encryption>
 #session.validate_key = <validation_key>
 <%text>## Type of storage used for the session, current types are</%text>
 <%text>## dbm, file, memcached, database, and memory.</%text>
 <%text>## File system storage of session data. (default)</%text>
 #session.type = file
 <%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>
 #session.type = cookie
 <%text>## Database storage of session data.</%text>
 #session.type = ext:database
 #session.sa.url = postgresql://postgres:qwe@localhost/kallithea
 #session.table_name = db_session
 <%text>############################</%text>
 <%text>## ERROR HANDLING SYSTEMS ##</%text>
 <%text>############################</%text>
 <%text>####################################</%text>
 <%text>###       ERROR HANDLING        ####</%text>
 <%text>####################################</%text>
 <%text>## Show a nice error page for application HTTP errors and exceptions (default true)</%text>
 #errorpage.enabled = true
 <%text>## Enable Backlash client-side interactive debugger (default false)</%text>
 <%text>## WARNING: *THIS MUST BE false IN PRODUCTION ENVIRONMENTS!!!*</%text>
 <%text>## This debug mode will allow all visitors to execute malicious code.</%text>
 #debug = false
 <%text>## Enable Backlash server-side error reporting (unless debug mode handles it client-side) (default true)</%text>
 #trace_errors.enable = true
 <%text>## Errors will be reported by mail if trace_errors.error_email is set.</%text>
 <%text>## Propagate email settings to ErrorReporter of TurboGears2</%text>
 <%text>## You do not normally need to change these lines</%text>
 get trace_errors.smtp_server = smtp_server
 get trace_errors.smtp_port = smtp_port
 get trace_errors.from_address = error_email_from
 get trace_errors.error_email = email_to
 get trace_errors.smtp_username = smtp_username
 get trace_errors.smtp_password = smtp_password
 get trace_errors.smtp_use_tls = smtp_use_tls
 %if error_aggregation_service == 'appenlight':
 <%text>####################</%text>
 <%text>### [appenlight] ###</%text>
 <%text>####################</%text>
 <%text>## AppEnlight is tailored to work with Kallithea, see</%text>
 <%text>## http://appenlight.com for details how to obtain an account</%text>
 <%text>## you must install python package `appenlight_client` to make it work</%text>
 <%text>## appenlight enabled</%text>
 appenlight = false
 appenlight.server_url = https://api.appenlight.com
@@ @@ -460,54 +472,48 @@ appenlight.request_keys_blacklist = @@
 <%text>## can be string with comma separated list of namespaces</%text>
 <%text>## (by default the client ignores own entries: appenlight_client.client)</%text>
 appenlight.log_namespace_blacklist =
 %elif error_aggregation_service == 'sentry':
 <%text>################</%text>
 <%text>### [sentry] ###</%text>
 <%text>################</%text>
 <%text>## sentry is a alternative open source error aggregator</%text>
 <%text>## you must install python packages `sentry` and `raven` to enable</%text>
 sentry.dsn = YOUR_DNS
 sentry.servers =
 sentry.name =
 sentry.key =
 sentry.public_key =
 sentry.secret_key =
 sentry.project =
 sentry.site =
 sentry.include_paths =
 sentry.exclude_paths =
 %endif
 <%text>################################################################################</%text>
 <%text>## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT*              ##</%text>
 <%text>## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##</%text>
 <%text>## execute malicious code after an exception is raised.                       ##</%text>
 <%text>################################################################################</%text>
 debug = false
 <%text>##################################</%text>
 <%text>###       LOGVIEW CONFIG       ###</%text>
 <%text>##################################</%text>
 logview.sqlalchemy = #faa
 logview.pylons.templating = #bfb
 logview.pylons.util = #eee
 <%text>#########################################################</%text>
 <%text>### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###</%text>
 <%text>#########################################################</%text>
 %if database_engine == 'sqlite':
 <%text>## SQLITE [default]</%text>
 sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60
 %elif database_engine == 'postgres':
 <%text>## POSTGRESQL</%text>
 sqlalchemy.url = postgresql://user:pass@localhost/kallithea
 %elif database_engine == 'mysql':
 <%text>## MySQL</%text>
 sqlalchemy.url = mysql://user:pass@localhost/kallithea?charset=utf8

0 comments (0 inline, 0 general)