diff --git a/development.ini b/development.ini --- a/development.ini +++ b/development.ini @@ -153,18 +153,6 @@ show_revision_number = false ## Kallithea url, ie. http[s]://kallithea.example.com/_admin/gists/ gist_alias_url = -## white list of API enabled controllers. This allows to add list of -## controllers to which access will be enabled by api_key. eg: to enable -## api access to raw_files put `FilesController:raw`, to enable access to patches -## add `ChangesetController:changeset_patch`. This list should be "," separated -## Syntax is :. Check debug logs for generated names -## Recommended settings below are commented out: -api_access_controllers_whitelist = -# ChangesetController:changeset_patch, -# ChangesetController:changeset_raw, -# FilesController:raw, -# FilesController:archivefile - ## default encoding used to convert from and to unicode ## can be also a comma separated list of encoding in case of mixed encodings default_encoding = utf-8 @@ -219,10 +207,6 @@ issue_sub = ## handling that. Set this variable to 403 to return HTTPForbidden auth_ret_code = -## locking return code. When repository is locked return this HTTP code. 2XX -## codes don't break the transactions while 4XX codes do -lock_ret_code = 423 - ## allows to change the repository location in settings page allow_repo_location_change = True @@ -242,6 +226,25 @@ allow_custom_hooks_settings = True # CHANGELOG #################################### +### SSH CONFIG #### +#################################### + +## SSH is disabled by default, until an Administrator decides to enable it. +ssh_enabled = false + +## File where users' SSH keys will be stored *if* ssh_enabled is true. +#ssh_authorized_keys = /home/kallithea/.ssh/authorized_keys + +## Path to be used in ssh_authorized_keys file to invoke kallithea-cli with ssh-serve. +#kallithea_cli_path = /srv/kallithea/venv/bin/kallithea-cli + +## Locale to be used in the ssh-serve command. +## This is needed because an SSH client may try to use its own locale +## settings, which may not be available on the server. +## See `locale -a` for valid values on this system. +#ssh_locale = C.UTF-8 + +#################################### ### CELERY CONFIG #### #################################### @@ -292,32 +295,43 @@ beaker.cache.sql_cache_short.key_length ## Name of session cookie. Should be unique for a given host and path, even when running ## on different ports. Otherwise, cookie sessions will be shared and messed up. -beaker.session.key = kallithea +session.key = kallithea ## Sessions should always only be accessible by the browser, not directly by JavaScript. -beaker.session.httponly = true +session.httponly = true ## Session lifetime. 2592000 seconds is 30 days. -beaker.session.timeout = 2592000 +session.timeout = 2592000 ## Server secret used with HMAC to ensure integrity of cookies. -#beaker.session.secret = VERY-SECRET -beaker.session.secret = development-not-secret +#session.secret = VERY-SECRET +session.secret = development-not-secret ## Further, encrypt the data with AES. -#beaker.session.encrypt_key = -#beaker.session.validate_key = +#session.encrypt_key = +#session.validate_key = ## Type of storage used for the session, current types are ## dbm, file, memcached, database, and memory. ## File system storage of session data. (default) -#beaker.session.type = file +#session.type = file ## Cookie only, store all session data inside the cookie. Requires secure secrets. -#beaker.session.type = cookie +#session.type = cookie ## Database storage of session data. -#beaker.session.type = ext:database -#beaker.session.sa.url = postgresql://postgres:qwe@localhost/kallithea -#beaker.session.table_name = db_session +#session.type = ext:database +#session.sa.url = postgresql://postgres:qwe@localhost/kallithea +#session.table_name = db_session + +############################ +## ERROR HANDLING SYSTEMS ## +############################ + +# Propagate email settings to ErrorReporter of TurboGears2 +# You do not normally need to change these lines +get trace_errors.error_email = email_to +get trace_errors.smtp_server = smtp_server +get trace_errors.smtp_port = smtp_port +get trace_errors.from_address = error_email_from ################################################################################ ## WARNING: *DEBUG MODE MUST BE OFF IN A PRODUCTION ENVIRONMENT* ## @@ -361,7 +375,7 @@ script_location = kallithea:alembic keys = root, routes, kallithea, sqlalchemy, tg, gearbox, beaker, templates, whoosh_indexer, werkzeug, backlash [handlers] -keys = console, console_sql +keys = console, console_color, console_color_sql, null [formatters] keys = generic, color_formatter, color_formatter_sql @@ -372,7 +386,10 @@ keys = generic, color_formatter, color_f [logger_root] level = NOTSET -handlers = console +#handlers = console +handlers = console_color +# For coloring based on log level: +# handlers = console_color [logger_routes] #level = WARN @@ -380,67 +397,61 @@ level = DEBUG handlers = qualname = routes.middleware ## "level = DEBUG" logs the route matched and routing variables. -propagate = 1 [logger_beaker] #level = WARN level = DEBUG handlers = qualname = beaker.container -propagate = 1 [logger_templates] #level = WARN level = INFO handlers = qualname = pylons.templating -propagate = 1 [logger_kallithea] #level = WARN level = DEBUG handlers = qualname = kallithea -propagate = 1 [logger_tg] #level = WARN level = DEBUG handlers = qualname = tg -propagate = 1 [logger_gearbox] #level = WARN level = DEBUG handlers = qualname = gearbox -propagate = 1 [logger_sqlalchemy] level = WARN -handlers = console_sql +handlers = qualname = sqlalchemy.engine -propagate = 0 +# For coloring based on log level and pretty printing of SQL: +# level = INFO +# handlers = console_color_sql +# propagate = 0 [logger_whoosh_indexer] #level = WARN level = DEBUG handlers = qualname = whoosh_indexer -propagate = 1 [logger_werkzeug] level = WARN handlers = qualname = werkzeug -propagate = 1 [logger_backlash] level = WARN handlers = qualname = backlash -propagate = 1 ############## ## HANDLERS ## @@ -449,15 +460,24 @@ propagate = 1 [handler_console] class = StreamHandler args = (sys.stderr,) -#formatter = generic +formatter = generic + +[handler_console_color] +# ANSI color coding based on log level +class = StreamHandler +args = (sys.stderr,) formatter = color_formatter -[handler_console_sql] +[handler_console_color_sql] +# ANSI color coding and pretty printing of SQL statements class = StreamHandler args = (sys.stderr,) -#formatter = generic formatter = color_formatter_sql +[handler_null] +class = NullHandler +args = () + ################ ## FORMATTERS ## ################ @@ -475,3 +495,21 @@ datefmt = %Y-%m-%d %H:%M:%S class = kallithea.lib.colored_formatter.ColorFormatterSql format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s datefmt = %Y-%m-%d %H:%M:%S + +################# +## SSH LOGGING ## +################# + +# The default loggers use 'handler_console' that uses StreamHandler with +# destination 'sys.stderr'. In the context of the SSH server process, these log +# messages would be sent to the client, which is normally not what you want. +# By default, when running ssh-serve, just use NullHandler and disable logging +# completely. For other logging options, see: +# https://docs.python.org/2/library/logging.handlers.html + +[ssh_serve:logger_root] +level = CRITICAL +handlers = null + +# Note: If logging is configured with other handlers, they might need similar +# muting for ssh-serve too.