configuration.rst 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509
  1. Configuration
  2. =============
  3. Pagure offers a wide varieties of options that must or can be used to
  4. adjust its behavior.
  5. Must options
  6. ------------
  7. Here are the options you must set up in order to get pagure running.
  8. SECRET_KEY
  9. ~~~~~~~~~~
  10. This key is used by flask to create the session. It should be kept secret
  11. and set as a long and random string.
  12. SALT_EMAIL
  13. ~~~~~~~~~~
  14. This key is used for when sending notification to ensure that when sending
  15. notifications to different users, each one of them has a different, unique
  16. and un-fakable ``Reply-To`` header that is then used by the milter to find
  17. out if the response received is a real one or a fake/invalid one.
  18. DB_URL
  19. ~~~~~~
  20. This key indicates to the framework how and where to connect to the database
  21. server. Pagure using `SQLAchemy <http://www.sqlalchemy.org/>`_ it can connect
  22. to a wide range of database server including MySQL, PostgreSQL and SQLite.
  23. Examples values:
  24. ::
  25. DB_URL=mysql://user:pass@host/db_name
  26. DB_URL=postgres://user:pass@host/db_name
  27. DB_URL = 'sqlite:////var/tmp/pagure_dev.sqlite'
  28. Defaults to ``sqlite:////var/tmp/pagure_dev.sqlite``
  29. APP_URL
  30. ~~~~~~~
  31. This key indicates the URL at which this pagure instance will be made available.
  32. Defaults to: ``https://pagure.org/``
  33. EMAIL_ERROR
  34. ~~~~~~~~~~~
  35. Pagure sends email when it caches an un-expected error (which saves you from
  36. having to monitor the logs regularly but if you like, the error is still
  37. present in the logs).
  38. This setting allows you to specify to which email address to send these error
  39. reports.
  40. GIT_URL_SSH
  41. ~~~~~~~~~~~
  42. This configuration key provides the information to the user on how to clone
  43. the git repos hosted on pagure via `SSH <https://en.wikipedia.org/wiki/Secure_Shell>`_.
  44. The URL should end with a slash ``/``.
  45. Defaults to: ``'ssh://git@pagure.org/'``
  46. GIT_URL_GIT
  47. ~~~~~~~~~~~
  48. This configuration key provides the information to the user on how to clone
  49. the git repos hosted on pagure anonymously. This access can be granted via
  50. the ``git://`` or ``http(s)://`` protocols.
  51. The URL should end with a slash ``/``.
  52. Defaults to: ``'git://pagure.org/'``
  53. GIT_FOLDER
  54. ~~~~~~~~~~
  55. This configuration key points to where the folders containing the git repos
  56. of the projects are located.
  57. Each project in pagure has 4 git repositories:
  58. - the main repo for the code
  59. - the doc repo showed in the doc server
  60. - the ticket and request repos storing the metadata of the
  61. tickets/pull-requests
  62. There are then another 2 folders specifying the locations of the forks and
  63. remote git repo used for the remotes pull-requests (ie: pull-request coming
  64. from a project not hosted on this instance of pagure).
  65. FORK_FOLDER
  66. ~~~~~~~~~~~
  67. This configuration key points to the folder where the git repos of forks of
  68. the projects are stored.
  69. DOCS_FOLDER
  70. ~~~~~~~~~~~
  71. This configuration key points to the folder where the git repos for the
  72. documentation of the projects are stored.
  73. TICKETS_FOLDER
  74. ~~~~~~~~~~~~~~
  75. This configuration key points to the folder where the git repos storing the
  76. metadata of the tickets opened against the project are stored .
  77. REQUESTS_FOLDER
  78. ~~~~~~~~~~~~~~~
  79. This configuration key points to the folder where the git repos storing the
  80. metadata of the pull-requests opened against the project are stored.
  81. REMOTE_GIT_FOLDER
  82. ~~~~~~~~~~~~~~~~~
  83. This configuration key points to the folder where the remote git repos (ie:
  84. not hosted on pagure) that someone used to open a pull-request against a
  85. project hosted on pagure are stored.
  86. SESSION_COOKIE_SECURE
  87. ~~~~~~~~~~~~~~~~~~~~~
  88. When this is set to True, the session cookie will only be returned to the
  89. server via ssl (https). If you connect to the server via plain http, the
  90. cookie will not be sent. This prevents sniffing of the cookie contents.
  91. This may be set to False when testing your application but should always
  92. be set to True in production.
  93. Defaults to: ``False`` for development, must be ``True`` in production with
  94. https.
  95. FROM_EMAIL
  96. ~~~~~~~~~~
  97. This setting allows to specify the email address used by this pagure instance
  98. when sending emails (notifications).
  99. Defaults to: ``pagure@pagure.org``
  100. DOMAIN_EMAIL_NOTIFICATIONS
  101. ~~~~~~~~~~~~~~~~~~~~~~~~~~
  102. This setting allows to specify the domain used by this pagure instance
  103. when sending emails (notifications). More precisely, this setting is used
  104. when building the ``msg-id`` header of the emails sent.
  105. Defaults to: ``pagure.org``
  106. Configure Gitolite
  107. ------------------
  108. Pagure uses `gitolite <http://gitolite.com/>`_ as an authorization layer.
  109. Gitolite relies on `SSH <https://en.wikipedia.org/wiki/Secure_Shell>`_ for
  110. the authentication. In other words, SSH let you in and gitolite check if you
  111. are allowed to do what you are trying to do once you are inside.
  112. GITOLITE_HOME
  113. ~~~~~~~~~~~~~
  114. This configuration key should point to the home of the user under which
  115. gitolite is ran.
  116. GITOLITE_VERSION
  117. ~~~~~~~~~~~~~~~~
  118. This configuration key allows to specify which version of gitolite you are
  119. using, it can be either ``2`` or ``3``.
  120. Defaults to: ``3``.
  121. GITOLITE_KEYDIR
  122. ~~~~~~~~~~~~~~~
  123. This configuration key points to the folder where gitolite stores and accesses
  124. the public SSH keys of all the user have access to the server.
  125. Since pagure is the user interface, it is pagure that writes down the files
  126. in this directory effectively setting up the users to be able to use gitolite.
  127. GL_RC
  128. ~~~~~
  129. This configuration key must point to the file ``gitolite.rc`` used by gitolite
  130. to record who has access to what (ie: who has access to which repo/branch).
  131. GL_BINDIR
  132. ~~~~~~~~~
  133. This configuration key indicates the folder in which the gitolite tools can
  134. be found. It can be as simple as ``/usr/bin/`` if the tools have been installed
  135. using a package manager or something like ``/opt/bin/`` for a more custom
  136. install.
  137. EventSource options
  138. -------------------
  139. EVENTSOURCE_SOURCE
  140. ~~~~~~~~~~~~~~~~~~
  141. This configuration key indicates the URL at which the EventSource server is
  142. available. If not defined, pagure will behave as if there are no EventSource
  143. server running.
  144. EVENTSOURCE_PORT
  145. ~~~~~~~~~~~~~~~~
  146. This configuration key indicates the port at which the EventSource server is
  147. running. This allows adjusting the port via the configuration file instead
  148. of hard-coding it in the code.
  149. .. note:: The EventSource server requires a redis server (see ``Redis options``
  150. below)
  151. Web-hooks notifications
  152. -----------------------
  153. WEBHOOK
  154. ~~~~~~~
  155. This configuration key allows turning on or off web-hooks notifications for
  156. this pagure instance.
  157. Defaults to: ``False``.
  158. .. note:: The Web-hooks server requires a redis server (see ``Redis options``
  159. below)
  160. Redis options
  161. -------------
  162. REDIS_HOST
  163. ~~~~~~~~~~
  164. This configuration key indicates the host at which the `redis <http://redis.io/>`_
  165. server is running.
  166. Defaults to: ``0.0.0.0``.
  167. REDIS_PORT
  168. ~~~~~~~~~~
  169. This configuration key indicates the port at which the reds server can be
  170. contacted.
  171. Defaults to: ``6379``.
  172. REDIS_DB
  173. ~~~~~~~~
  174. This configuration key indicates the name of the redis database to use to
  175. communicate with the EventSource server.
  176. Defaults to: ``0``.
  177. Authentication options
  178. ----------------------
  179. ADMIN_GROUP
  180. ~~~~~~~~~~~
  181. List of groups, local or remotes (if the openid server used supports the
  182. group extension), that are site admin. These admins can regenerate the
  183. gitolite configuration, the ssh key files, the hook-token for every project
  184. as well as manage users and groups.
  185. PAGURE_ADMIN_USERS
  186. ~~~~~~~~~~~~~~~~~~
  187. List of usernames that are site admin. These admins have the same rights as
  188. the user in the admin groups (listed above) as well as admin rights to
  189. every projects hosted on this pagure instance.
  190. Optional options
  191. ----------------
  192. SSH_KEYS
  193. ~~~~~~~~
  194. It is a good pratice to publish the fingerprint and public SSH key of a
  195. server you provide access to.
  196. Pagure offers the possibility to expose this information based on the values
  197. set in the configuration file, in the ``SSH_KEYS`` configuration key.
  198. See the `SSH hostkeys/Fingerprints page on pagure.io <https://pagure.io/ssh_info>`_.
  199. .. warning: The format is important
  200. SSH_KEYS = {'RSA': {'fingerprint': '<foo>', 'pubkey': '<bar>'}}
  201. Where `<foo>` and `<bar>` must be replaced by your values.
  202. ITEM_PER_PAGE
  203. ~~~~~~~~~~~~~
  204. This configuration key allows you to configure the length of a page by
  205. setting the number of items on the page. Items can be commits, users, groups
  206. or projects for example.
  207. Defaults to: ``50``.
  208. SMTP_SERVER
  209. ~~~~~~~~~~~
  210. This configuration key allows to configure the SMTP server to use when
  211. sending emails.
  212. Defaults to: ``localhost``.
  213. SMTP_PORT
  214. ~~~~~~~~~
  215. This configuration key allow to define the SMTP server port.
  216. SMTP by default uses TCP port 25. The protocol for mail submission is
  217. the same, but uses port 587.
  218. SMTP connections secured by SSL, known as SMTPS, default to port 465
  219. (nonstandard, but sometimes used for legacy reasons).
  220. Defaults to: ``25``
  221. SMTP_SSL
  222. ~~~~~~~~
  223. This configuration key allows to specify whether the SMTP connections
  224. should secured over SSL
  225. Defaults to: ``False``
  226. SMTP_USERNAME
  227. ~~~~~~~~~~~~~
  228. This configuration key allows usage of SMTP with auth
  229. Note: Specify SMTP_USERNAME and SMTP_PASSWORD for using SMTP auth
  230. Defaults to: ``None``
  231. SMTP_PASSWORD
  232. ~~~~~~~~~~~~~
  233. This configuration key allows usage of SMTP with auth
  234. Note: Specify SMTP_USERNAME and SMTP_PASSWORD for using SMTP auth
  235. Defaults to: ``None``
  236. SHORT_LENGTH
  237. ~~~~~~~~~~~~
  238. This configuration key allows to configure the length of the commit ids or
  239. file hex displayed in the user interface.
  240. Defaults to: ``6``.
  241. BLACKLISTED_PROJECTS
  242. ~~~~~~~~~~~~~~~~~~~~
  243. This configuration key allows to set a list of project name that are forbidden.
  244. This list is used for example to avoid conflicts at the URL level between the
  245. static files located under ``/static/`` and a project that would be named
  246. ``static`` and thus be located at ``/static``.
  247. Defaults to:
  248. ::
  249. [
  250. 'static', 'pv', 'releases', 'new', 'api', 'settings',
  251. 'logout', 'login', 'users', 'groups'
  252. ]
  253. CHECK_SESSION_IP
  254. ~~~~~~~~~~~~~~~~
  255. This configuration key allows to configure whether to check the user's IP
  256. address when retrieving its session. This makes things more secure but
  257. under certain setup it might not work (for example if there are proxies
  258. in front of the application).
  259. Defaults to: ``True``.
  260. PAGURE_AUTH
  261. ~~~~~~~~~~~~
  262. This configuration key allows to specify which authentication method to use.
  263. Pagure supports currently two authentication methods, one relying on the
  264. Fedora Account System `FAS <https://admin.fedoraproject.org/accounts>`_,
  265. the other relying on local user accounts.
  266. It can therefore be either ``fas`` or ``local``.
  267. Defaults to: ``fas``.
  268. IP_ALLOWED_INTERNAL
  269. ~~~~~~~~~~~~~~~~~~~
  270. This configuration key allows to specify which IP addresses are allowed
  271. to access the internal API endpoint. These endpoints are accessed by the
  272. milters for example and allow to perform action in the name of someone else.
  273. So they are sensitive, thus the check for the origin of the request using
  274. these endpoints.
  275. Defaults to: ``['127.0.0.1', 'localhost', '::1']``.
  276. MAX_CONTENT_LENGTH
  277. ~~~~~~~~~~~~~~~~~~
  278. This configuration key allows to specify the maximum size allowed when
  279. uploading content to pagure (for example, screenshots to a ticket).
  280. Defaults to: ``4 * 1024 * 1024`` which corresponds to 4 megabytes.
  281. ENABLE_TICKETS
  282. ~~~~~~~~~~~~~~
  283. This configuration key allows to activate or de-activate the ticketing system
  284. for all the projects hosted on this pagure instance.
  285. Defaults to: ``True``
  286. ENABLE_NEW_PROJECTS
  287. ~~~~~~~~~~~~~~~~~~~
  288. This configuration key allows to create or forbids creating new projects in
  289. the user interface of this pagure instance.
  290. Defaults to: ``True``
  291. ENABLE_DEL_PROJECTS
  292. ~~~~~~~~~~~~~~~~~~~
  293. This configuration key allows to delete or forbids deleting projects in
  294. the user interface of this pagure instance.
  295. Defaults to: ``True``
  296. EMAIL_SEND
  297. ~~~~~~~~~~
  298. This configuration key allows turning on or off all email notification for
  299. this pagure instance. This can be useful to turn off when developing on
  300. pagure, or for test or pre-production instances.
  301. Defaults to: ``True``.
  302. OLD_VIEW_COMMIT_ENABLED
  303. ~~~~~~~~~~~~~~~~~~~~~~~
  304. In version 1.3, pagure changed its URL scheme to view the commit of a
  305. project in order to add support for pseudo-namespaced projects.
  306. For pagure instances older than 1.3, who care about backward compatibility,
  307. we added an endpoint ``view_commit_old`` that brings URL backward
  308. compatibility for URLs using the complete git hash (the 40 characters).
  309. For URLs using a shorter hash, the URLs will remain broken.
  310. This configuration key allows turning on or off this backward compatibility
  311. which is useful for pagure instances running since before 1.3 but is not
  312. for newer instances.
  313. Defaults to: ``False``.