import os from datetime import timedelta ### Set the time after which the admin session expires # There are two sessions on pagure, login that holds for 31 days and # the session defined here after which an user has to re-login. # This session is used when accessing all administrative parts of pagure # (ie: changing a project's or a user's settings) ADMIN_SESSION_LIFETIME = timedelta(minutes=20) # Enable tickets and docs for all repos ENABLE_TICKETS = True ENABLE_DOCS = True ### Secret key for the Flask application SECRET_KEY='__SECRET_KEY__' ### url to the database server: #DB_URL=mysql://user:pass@host/db_name DB_URL = 'postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__' #DB_URL = 'sqlite:////var/tmp/pagure_dev.sqlite' ### The FAS group in which the admin of pagure are ADMIN_GROUP = ['sysadmin-main'] ### Hard-coded list of global admins PAGURE_ADMIN_USERS = ['__ADMIN__'] ### The email address to which the flask.log will send the errors (tracebacks) EMAIL_ERROR = 'root@__DOMAIN__' ### SMTP settings SMTP_SERVER = 'localhost' SMTP_PORT = 587 SMTP_SSL = True #Specify both for enabling SMTP with auth SMTP_USERNAME = None SMTP_PASSWORD = None ### Information used to sent notifications FROM_EMAIL = 'pagure@__DOMAIN__' DOMAIN_EMAIL_NOTIFICATIONS = '__DOMAIN__' SALT_EMAIL = '__SALT_EMAIL__' ### The URL at which the project is available. APP_URL = 'https://__DOMAIN__/' ### The URL at which the documentation of projects will be available ## This should be in a different domain to avoid XSS issues since we want ## to allow raw html to be displayed (different domain, ie not a sub-domain). DOC_APP_URL = 'https://docs.__DOMAIN__' ### The URL to use to clone git repositories. GIT_URL_SSH = 'ssh://git@__DOMAIN__/' GIT_URL_GIT = 'git://__DOMAIN__/' ### Folder containing to the git repos GIT_FOLDER = os.path.join( os.path.abspath(os.path.dirname(__file__)), '..', 'repos' ) ### Folder containing the clones for the remote pull-requests REMOTE_GIT_FOLDER = os.path.join( os.path.abspath(os.path.dirname(__file__)), '..', 'remotes' ) ### Whether to enable scanning for viruses in attachments VIRUS_SCAN_ATTACHMENTS = False ### Configuration file for gitolite GITOLITE_CONFIG = os.path.join( os.path.abspath(os.path.dirname(__file__)), '..', 'gitolite.conf' ) ### Home folder of the gitolite user ### Folder where to run gl-compile-conf from GITOLITE_HOME = None ### Version of gitolite used: 2 or 3? GITOLITE_VERSION = 3 ### Folder containing all the public ssh keys for gitolite GITOLITE_KEYDIR = None ### Path to the gitolite.rc file GL_RC = None ### Path to the /bin directory where the gitolite tools can be found GL_BINDIR = None # SSH Information ### The ssh certificates of the git server to be provided to the user ### /!\ format is important # SSH_KEYS = {'RSA': {'fingerprint': '', 'pubkey': ''}} # Optional configuration ### Number of items displayed per page # Used when listing items ITEM_PER_PAGE = 50 ### Maximum size of the uploaded content # Used to limit the size of file attached to a ticket for example MAX_CONTENT_LENGTH = 4 * 1024 * 1024 # 4 megabytes ### Lenght for short commits ids or file hex SHORT_LENGTH = 6 ### List of blacklisted project names that can conflicts for pagure's URLs ### or other BLACKLISTED_PROJECTS = [ 'static', 'pv', 'releases', 'new', 'api', 'settings', 'logout', 'login', 'users', 'groups', 'projects'] ### IP addresses allowed to access the internal endpoints ### These endpoints are used by the milter and are security sensitive, thus ### the IP filter IP_ALLOWED_INTERNAL = ['127.0.0.1', 'localhost', '::1'] ### EventSource/Web-Hook/Redis configuration # The eventsource integration is what allows pagure to refresh the content # on your page when someone else comments on the ticket (and this without # asking you to reload the page. # By default it is off, ie: EVENTSOURCE_SOURCE is None, to turn it on, specify # here what the URL of the eventsource server is, for example: # https://ev.pagure.io or https://pagure.io:8080 or whatever you are using # (Note: the urls sent to it start with a '/' so no need to add one yourself) EVENTSOURCE_SOURCE = None # Port where the event source server is running (maybe be the same port # as the one specified in EVENTSOURCE_SOURCE or a different one if you # have something running in front of the server such as apache or stunnel). EVENTSOURCE_PORT = 8080 # If this port is specified, the event source server will run another server # at this port and will provide information about the number of active # connections running on the first (main) event source server #EV_STATS_PORT = 8888 # Web-hook can be turned on or off allowing using them for notifications, or # not. WEBHOOK = False ### Redis configuration # A redis server is required for both the Event-Source server or the web-hook # server. REDIS_HOST = '127.0.0.1' REDIS_PORT = 6379 REDIS_DB = __REDIS_DB__ # Authentication related configuration option ### Switch the authentication method # Specify which authentication method to use, defaults to `fas` can be or # `local` # Default: ``fas``. PAGURE_AUTH = 'local' # When this is set to True, the session cookie will only be returned to the # server via ssl (https). If you connect to the server via plain http, the # cookie will not be sent. This prevents sniffing of the cookie contents. # This may be set to False when testing your application but should always # be set to True in production. # Default: ``True``. SESSION_COOKIE_SECURE = True # The name of the cookie used to store the session id. # Default: ``.pagure``. SESSION_COOKIE_NAME = 'pagure' # Boolean specifying whether to check the user's IP address when retrieving # its session. This make things more secure (thus is on by default) but # under certain setup it might not work (for example is there are proxies # in front of the application). CHECK_SESSION_IP = True # Used by SESSION_COOKIE_PATH APPLICATION_ROOT = '/' # Allow the backward compatiblity endpoints for the old URLs schema to # see the commits of a repo. This is only interesting if you pagure instance # was running since before version 1.3 and if you care about backward # compatibility in your URLs. OLD_VIEW_COMMIT_ENABLED = False