####################################

###           SSH CONFIG        ####

####################################

## SSH is disabled by default, until an Administrator decides to enable it.

ssh_enabled = false

## File where users' SSH keys will be stored *if* ssh_enabled is true.

#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys

## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.

#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

## Locale to be used in the ssh-serve command.

## This is needed because an SSH client may try to use its own locale

## settings, which may not be available on the server.

## See `locale -a` for valid values on this system.

#ssh_locale = C.UTF-8

####################################

###        CELERY CONFIG        ####

####################################

## Note: Celery doesn't support Windows.

use_celery = false

## Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.

## Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':

celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost

celery.result.backend = db+sqlite:///celery-results.db

#celery.amqp.task.result.expires = 18000

celery.worker_concurrency = 2

celery.worker_max_tasks_per_child = 1

## If true, tasks will never be sent to the queue, but executed locally instead.

celery.task_always_eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.long_term_file.type = file

beaker.cache.long_term_file.expire = 604800

beaker.cache.long_term_file.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Name of session cookie. Should be unique for a given host and path, even when running

## on different ports. Otherwise, cookie sessions will be shared and messed up.

session.key = kallithea

## Sessions should always only be accessible by the browser, not directly by JavaScript.

session.httponly = true

## Session lifetime. 2592000 seconds is 30 days.

session.timeout = 2592000

## Server secret used with HMAC to ensure integrity of cookies.

#session.secret = VERY-SECRET

session.secret = development-not-secret

## Further, encrypt the data with AES.

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

## Type of storage used for the session, current types are

## dbm, file, memcached, database, and memory.

## File system storage of session data. (default)

#session.type = file

## Cookie only, store all session data inside the cookie. Requires secure secrets.

#session.type = cookie

## Database storage of session data.

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

############################

## ERROR HANDLING SYSTEMS ##

############################

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

%if user_home_path:

ssh_authorized_keys = ${user_home_path}/.ssh/authorized_keys

%endif

<%text>## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.</%text>

#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

%if kallithea_cli_path:

kallithea_cli_path = ${kallithea_cli_path}

%endif

<%text>## Locale to be used in the ssh-serve command.</%text>

<%text>## This is needed because an SSH client may try to use its own locale</%text>

<%text>## settings, which may not be available on the server.</%text>

<%text>## See `locale -a` for valid values on this system.</%text>

#ssh_locale = C.UTF-8

%if ssh_locale:

ssh_locale = ${ssh_locale}

%endif

<%text>####################################</%text>

<%text>###        CELERY CONFIG        ####</%text>

<%text>####################################</%text>

<%text>## Note: Celery doesn't support Windows.</%text>

use_celery = false

<%text>## Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.</%text>

<%text>## Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':</%text>

celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost

celery.result.backend = db+sqlite:///celery-results.db

#celery.amqp.task.result.expires = 18000

celery.worker_concurrency = 2

celery.worker_max_tasks_per_child = 1

<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

celery.task_always_eager = false

<%text>####################################</%text>

<%text>###         BEAKER CACHE        ####</%text>

<%text>####################################</%text>

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.long_term_file.type = file

beaker.cache.long_term_file.expire = 604800

beaker.cache.long_term_file.key_length = 256

<%text>####################################</%text>

<%text>###       BEAKER SESSION        ####</%text>

<%text>####################################</%text>

<%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>

<%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>

session.key = kallithea

<%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>

session.httponly = true

<%text>## Session lifetime. 2592000 seconds is 30 days.</%text>

session.timeout = 2592000

<%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>

session.secret = ${uuid()}

<%text>## Further, encrypt the data with AES.</%text>

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

<%text>## Type of storage used for the session, current types are</%text>

<%text>## dbm, file, memcached, database, and memory.</%text>

<%text>## File system storage of session data. (default)</%text>

#session.type = file

<%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>

#session.type = cookie

<%text>## Database storage of session data.</%text>

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

<%text>############################</%text>

<%text>## ERROR HANDLING SYSTEMS ##</%text>

<%text>############################</%text>

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

get trace_errors.smtp_server = smtp_server

def check_git_version():

    """

    Checks what version of git is installed on the system, and raise a system exit

    if it's too old for Kallithea to work properly.

    """

    if 'git' not in kallithea.BACKENDS:

        return None

    if not settings.GIT_EXECUTABLE_PATH:

        log.warning('No git executable configured - check "git_path" in the ini file.')

        return None

    try:

        stdout, stderr = GitRepository._run_git_command(['--version'])

    except RepositoryError as e:

        # message will already have been logged as error

        log.warning('No working git executable found - check "git_path" in the ini file.')

        return None

    if stderr:

        log.warning('Error/stderr from "%s --version":\n%s', settings.GIT_EXECUTABLE_PATH, safe_str(stderr))

    if not stdout:

        log.warning('No working git executable found - check "git_path" in the ini file.')

        return None

    output = safe_str(stdout).strip()

    m = re.search(r"\d+.\d+.\d+", output)

    if m:

        ver = StrictVersion(m.group(0))

        log.debug('Git executable: "%s", version %s (parsed from: "%s")',

                  settings.GIT_EXECUTABLE_PATH, ver, output)

        if ver < git_req_ver:

            log.error('Kallithea detected %s version %s, which is too old '

                      'for the system to function properly. '

                      'Please upgrade to version %s or later. '

                      'If you strictly need Mercurial repositories, you can '

                      'clear the "git_path" setting in the ini file.',

                      settings.GIT_EXECUTABLE_PATH, ver, git_req_ver)

            log.error("Terminating ...")

            sys.exit(1)

    else:

        ver = StrictVersion('0.0.0')

        log.warning('Error finding version number in "%s --version" stdout:\n%s',

                    settings.GIT_EXECUTABLE_PATH, output)

    return ver