## This pattern may/should contain backreferences to parenthesized groups in issue_pat.

## A backreference can be \1, \2, ... or \g<groupname> if you specified a named group

## called 'groupname' in issue_pat.

## The special token {repo} is replaced with the full repository name

## including repository groups, while {repo_name} is replaced with just

## the name of the repository.

issue_server_link = https://issues.example.com/{repo}/issue/\1

## substitution pattern to use as the link text

## If issue_sub is empty, the text matched by issue_pat is retained verbatim

## for the link text. Otherwise, the link text is that of issue_sub, with any

## backreferences to groups in issue_pat replaced.

issue_sub =

## issue_pat, issue_server_link and issue_sub can have suffixes to specify

## multiple patterns, to other issues server, wiki or others

## below an example how to create a wiki pattern

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

## alternative return HTTP header for failed authentication. Default HTTP

## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with

## handling that. Set this variable to 403 to return HTTPForbidden

auth_ret_code =

## allows to change the repository location in settings page

allow_repo_location_change = True

## allows to setup custom hooks in settings page

allow_custom_hooks_settings = True

## extra extensions for indexing, space separated and without the leading '.'.

# index.extensions =

#    gemfile

#    lock

## extra filenames for indexing, space separated

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

####################################

###           SSH CONFIG        ####

####################################

## SSH is disabled by default, until an Administrator decides to enable it.

ssh_enabled = false

## File where users' SSH keys will be stored *if* ssh_enabled is true.

#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys

## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.

#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

## Locale to be used in the ssh-serve command.

## This is needed because an SSH client may try to use its own locale

## settings, which may not be available on the server.

## See `locale -a` for valid values on this system.

#ssh_locale = C.UTF-8

####################################

###        CELERY CONFIG        ####

####################################

## Note: Celery doesn't support Windows.

use_celery = false

## Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.

## Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':

celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost

celery.result.backend = db+sqlite:///celery-results.db

#celery.amqp.task.result.expires = 18000

celery.worker_concurrency = 2

celery.worker_max_tasks_per_child = 1

## If true, tasks will never be sent to the queue, but executed locally instead.

celery.task_always_eager = false

####################################

###         BEAKER CACHE        ####

####################################

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.long_term_file.type = file

beaker.cache.long_term_file.expire = 604800

beaker.cache.long_term_file.key_length = 256

####################################

###       BEAKER SESSION        ####

####################################

## Name of session cookie. Should be unique for a given host and path, even when running

## on different ports. Otherwise, cookie sessions will be shared and messed up.

session.key = kallithea

## Sessions should always only be accessible by the browser, not directly by JavaScript.

session.httponly = true

## Session lifetime. 2592000 seconds is 30 days.

session.timeout = 2592000

## Server secret used with HMAC to ensure integrity of cookies.

#session.secret = VERY-SECRET

session.secret = development-not-secret

## Further, encrypt the data with AES.

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

## Type of storage used for the session, current types are

## dbm, file, memcached, database, and memory.

## File system storage of session data. (default)

#session.type = file

## Cookie only, store all session data inside the cookie. Requires secure secrets.

#session.type = cookie

## Database storage of session data.

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

############################

## ERROR HANDLING SYSTEMS ##

############################

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

get trace_errors.smtp_server = smtp_server

get trace_errors.smtp_port = smtp_port

get trace_errors.from_address = error_email_from

get trace_errors.error_email = email_to

get trace_errors.smtp_username = smtp_username

get trace_errors.smtp_password = smtp_password

get trace_errors.smtp_use_tls = smtp_use_tls

################################################################################

## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT*              ##

## Debug mode will enable the interactive debugging tool, allowing ANYONE to  ##

## execute malicious code after an exception is raised.                       ##

################################################################################

#debug = false

debug = true

##################################

###       LOGVIEW CONFIG       ###

##################################

logview.sqlalchemy = #faa

logview.pylons.templating = #bfb

logview.pylons.util = #eee

#########################################################

### DB CONFIGS - EACH DB WILL HAVE IT'S OWN CONFIG    ###

#########################################################

# SQLITE [default]

sqlalchemy.url = sqlite:///%(here)s/kallithea.db?timeout=60

# see sqlalchemy docs for others

sqlalchemy.pool_recycle = 3600

################################

### ALEMBIC CONFIGURATION   ####

################################

[alembic]

script_location = kallithea:alembic

################################

### LOGGING CONFIGURATION   ####

################################

[loggers]

keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash

<%text>## substitution pattern to use as the link text</%text>

<%text>## If issue_sub is empty, the text matched by issue_pat is retained verbatim</%text>

<%text>## for the link text. Otherwise, the link text is that of issue_sub, with any</%text>

<%text>## backreferences to groups in issue_pat replaced.</%text>

issue_sub =

<%text>## issue_pat, issue_server_link and issue_sub can have suffixes to specify</%text>

<%text>## multiple patterns, to other issues server, wiki or others</%text>

<%text>## below an example how to create a wiki pattern</%text>

# wiki-some-id -> https://wiki.example.com/some-id

#issue_pat_wiki = wiki-(\S+)

#issue_server_link_wiki = https://wiki.example.com/\1

#issue_sub_wiki = WIKI-\1

<%text>## alternative return HTTP header for failed authentication. Default HTTP</%text>

<%text>## response is 401 HTTPUnauthorized. Currently Mercurial clients have trouble with</%text>

<%text>## handling that. Set this variable to 403 to return HTTPForbidden</%text>

auth_ret_code =

<%text>## allows to change the repository location in settings page</%text>

allow_repo_location_change = True

<%text>## allows to setup custom hooks in settings page</%text>

allow_custom_hooks_settings = True

<%text>## extra extensions for indexing, space separated and without the leading '.'.</%text>

# index.extensions =

#    gemfile

#    lock

<%text>## extra filenames for indexing, space separated</%text>

# index.filenames =

#    .dockerignore

#    .editorconfig

#    INSTALL

#    CHANGELOG

<%text>####################################</%text>

<%text>###           SSH CONFIG        ####</%text>

<%text>####################################</%text>

<%text>## SSH is disabled by default, until an Administrator decides to enable it.</%text>

ssh_enabled = false

<%text>## File where users' SSH keys will be stored *if* ssh_enabled is true.</%text>

#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys

%if user_home_path:

ssh_authorized_keys = ${user_home_path}/.ssh/authorized_keys

%endif

<%text>## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve.</%text>

#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli

%if kallithea_cli_path:

kallithea_cli_path = ${kallithea_cli_path}

%endif

<%text>## Locale to be used in the ssh-serve command.</%text>

<%text>## This is needed because an SSH client may try to use its own locale</%text>

<%text>## settings, which may not be available on the server.</%text>

<%text>## See `locale -a` for valid values on this system.</%text>

#ssh_locale = C.UTF-8

%if ssh_locale:

ssh_locale = ${ssh_locale}

%endif

<%text>####################################</%text>

<%text>###        CELERY CONFIG        ####</%text>

<%text>####################################</%text>

<%text>## Note: Celery doesn't support Windows.</%text>

use_celery = false

<%text>## Celery config settings from https://docs.celeryproject.org/en/4.4.0/userguide/configuration.html prefixed with 'celery.'.</%text>

<%text>## Example: use the message queue on the local virtual host 'kallitheavhost' as the RabbitMQ user 'kallithea':</%text>

celery.broker_url = amqp://kallithea:thepassword@localhost:5672/kallitheavhost

celery.result.backend = db+sqlite:///celery-results.db

#celery.amqp.task.result.expires = 18000

celery.worker_concurrency = 2

celery.worker_max_tasks_per_child = 1

<%text>## If true, tasks will never be sent to the queue, but executed locally instead.</%text>

celery.task_always_eager = false

<%text>####################################</%text>

<%text>###         BEAKER CACHE        ####</%text>

<%text>####################################</%text>

beaker.cache.data_dir = %(here)s/data/cache/data

beaker.cache.lock_dir = %(here)s/data/cache/lock

beaker.cache.long_term.type = memory

beaker.cache.long_term.expire = 36000

beaker.cache.long_term.key_length = 256

beaker.cache.long_term_file.type = file

beaker.cache.long_term_file.expire = 604800

beaker.cache.long_term_file.key_length = 256

<%text>####################################</%text>

<%text>###       BEAKER SESSION        ####</%text>

<%text>####################################</%text>

<%text>## Name of session cookie. Should be unique for a given host and path, even when running</%text>

<%text>## on different ports. Otherwise, cookie sessions will be shared and messed up.</%text>

session.key = kallithea

<%text>## Sessions should always only be accessible by the browser, not directly by JavaScript.</%text>

session.httponly = true

<%text>## Session lifetime. 2592000 seconds is 30 days.</%text>

session.timeout = 2592000

<%text>## Server secret used with HMAC to ensure integrity of cookies.</%text>

session.secret = ${uuid()}

<%text>## Further, encrypt the data with AES.</%text>

#session.encrypt_key = <key_for_encryption>

#session.validate_key = <validation_key>

<%text>## Type of storage used for the session, current types are</%text>

<%text>## dbm, file, memcached, database, and memory.</%text>

<%text>## File system storage of session data. (default)</%text>

#session.type = file

<%text>## Cookie only, store all session data inside the cookie. Requires secure secrets.</%text>

#session.type = cookie

<%text>## Database storage of session data.</%text>

#session.type = ext:database

#session.sa.url = postgresql://postgres:qwe@localhost/kallithea

#session.table_name = db_session

<%text>############################</%text>

<%text>## ERROR HANDLING SYSTEMS ##</%text>

<%text>############################</%text>

# Propagate email settings to ErrorReporter of TurboGears2

# You do not normally need to change these lines

get trace_errors.smtp_server = smtp_server

get trace_errors.smtp_port = smtp_port

get trace_errors.from_address = error_email_from

get trace_errors.error_email = email_to

get trace_errors.smtp_username = smtp_username

get trace_errors.smtp_password = smtp_password

get trace_errors.smtp_use_tls = smtp_use_tls

%if error_aggregation_service == 'appenlight':

<%text>####################</%text>

<%text>### [appenlight] ###</%text>

<%text>####################</%text>

<%text>## AppEnlight is tailored to work with Kallithea, see</%text>

<%text>## http://appenlight.com for details how to obtain an account</%text>

<%text>## you must install python package `appenlight_client` to make it work</%text>

<%text>## appenlight enabled</%text>

appenlight = false

appenlight.server_url = https://api.appenlight.com

appenlight.api_key = YOUR_API_KEY

<%text>## TWEAK AMOUNT OF INFO SENT HERE</%text>

<%text>## enables 404 error logging (default False)</%text>

appenlight.report_404 = false

<%text>## time in seconds after request is considered being slow (default 1)</%text>

appenlight.slow_request_time = 1

<%text>## record slow requests in application</%text>

<%text>## (needs to be enabled for slow datastore recording and time tracking)</%text>

appenlight.slow_requests = true

<%text>## enable hooking to application loggers</%text>

#appenlight.logging = true

<%text>## minimum log level for log capture</%text>

#appenlight.logging.level = WARNING

<%text>## send logs only from erroneous/slow requests</%text>

<%text>## (saves API quota for intensive logging)</%text>

appenlight.logging_on_error = false

<%text>## list of additional keywords that should be grabbed from environ object</%text>

<%text>## can be string with comma separated list of words in lowercase</%text>

<%text>## (by default client will always send following info:</%text>

<%text>## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that</%text>

        if repo.repo_name not in initial_repo_dict:

            if remove_obsolete:

                log.debug("Removing non-existing repository found in db `%s`",

                          repo.repo_name)

                try:

                    RepoModel().delete(repo, forks='detach', fs_remove=False)

                    sa.commit()

                except Exception:

                    #don't hold further removals on error

                    log.error(traceback.format_exc())

                    sa.rollback()

            removed.append(repo.repo_name)

    return added, removed

def load_rcextensions(root_path):

    path = os.path.join(root_path, 'rcextensions', '__init__.py')

    if os.path.isfile(path):

        rcext = create_module('rc', path)

        EXT = kallithea.EXTENSIONS = rcext

        log.debug('Found rcextensions now loading %s...', rcext)

        # Additional mappings that are not present in the pygments lexers

        kallithea.config.conf.LANGUAGES_EXTENSIONS_MAP.update(getattr(EXT, 'EXTRA_MAPPINGS', {}))

        # OVERRIDE OUR EXTENSIONS FROM RC-EXTENSIONS (if present)

        if getattr(EXT, 'INDEX_EXTENSIONS', []):

            log.debug('settings custom INDEX_EXTENSIONS')

            kallithea.config.conf.INDEX_EXTENSIONS = getattr(EXT, 'INDEX_EXTENSIONS', [])

        # ADDITIONAL MAPPINGS

        log.debug('adding extra into INDEX_EXTENSIONS')

        kallithea.config.conf.INDEX_EXTENSIONS.extend(getattr(EXT, 'EXTRA_INDEX_EXTENSIONS', []))

        # auto check if the module is not missing any data, set to default if is

        # this will help autoupdate new feature of rcext module

        #from kallithea.config import rcextensions

        #for k in dir(rcextensions):

        #    if not k.startswith('_') and not hasattr(EXT, k):

        #        setattr(EXT, k, getattr(rcextensions, k))

#==============================================================================

# MISC

#==============================================================================

git_req_ver = StrictVersion('1.7.4')

def check_git_version():

    """

    Checks what version of git is installed on the system, and raise a system exit

    if it's too old for Kallithea to work properly.

    """

    if 'git' not in kallithea.BACKENDS:

        return None

    if not settings.GIT_EXECUTABLE_PATH:

        log.warning('No git executable configured - check "git_path" in the ini file.')

        return None

    try:

        stdout, stderr = GitRepository._run_git_command(['--version'])

    except RepositoryError as e:

        # message will already have been logged as error

        log.warning('No working git executable found - check "git_path" in the ini file.')

        return None

    if stderr:

        log.warning('Error/stderr from "%s --version":\n%s', settings.GIT_EXECUTABLE_PATH, safe_str(stderr))

    if not stdout:

        log.warning('No working git executable found - check "git_path" in the ini file.')

        return None

    output = safe_str(stdout).strip()

    m = re.search(r"\d+.\d+.\d+", output)

    if m:

        ver = StrictVersion(m.group(0))

        log.debug('Git executable: "%s", version %s (parsed from: "%s")',

                  settings.GIT_EXECUTABLE_PATH, ver, output)

        if ver < git_req_ver:

            log.error('Kallithea detected %s version %s, which is too old '

                      'for the system to function properly. '

                      'Please upgrade to version %s or later. '

                      'If you strictly need Mercurial repositories, you can '

                      'clear the "git_path" setting in the ini file.',

                      settings.GIT_EXECUTABLE_PATH, ver, git_req_ver)

            log.error("Terminating ...")

            sys.exit(1)

    else:

        ver = StrictVersion('0.0.0')

        log.warning('Error finding version number in "%s --version" stdout:\n%s',

                    settings.GIT_EXECUTABLE_PATH, output)

    return ver