Mercurial > kallithea
comparison docs/setup.rst @ 3960:5293d4bbb1ea
Merged dev into stable/default/master branch
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Fri, 07 Jun 2013 00:31:11 +0200 |
parents | 3563bb7b4b82 a5bccf34c512 |
children | 2c82dd8ba318 |
comparison
equal
deleted
inserted
replaced
3879:51596d9ef2f8 | 3960:5293d4bbb1ea |
---|---|
194 Login Attribute = uid | 194 Login Attribute = uid |
195 First Name Attribute = firstName | 195 First Name Attribute = firstName |
196 Last Name Attribute = lastName | 196 Last Name Attribute = lastName |
197 E-mail Attribute = mail | 197 E-mail Attribute = mail |
198 | 198 |
199 If your user groups are placed in a Organisation Unit (OU) structure the Search Settings configuration differs:: | |
200 | |
201 Search settings | |
202 Base DN = DC=host,DC=example,DC=org | |
203 LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user)) | |
204 LDAP Search Scope = SUBTREE | |
205 | |
199 .. _enable_ldap: | 206 .. _enable_ldap: |
200 | 207 |
201 Enable LDAP : required | 208 Enable LDAP : required |
202 Whether to use LDAP for authenticating users. | 209 Whether to use LDAP for authenticating users. |
203 | 210 |
442 RhodeCode provides a simple integration with issue trackers. It's possible | 449 RhodeCode provides a simple integration with issue trackers. It's possible |
443 to define a regular expression that will fetch issue id stored in commit | 450 to define a regular expression that will fetch issue id stored in commit |
444 messages and replace that with an url to this issue. To enable this simply | 451 messages and replace that with an url to this issue. To enable this simply |
445 uncomment following variables in the ini file:: | 452 uncomment following variables in the ini file:: |
446 | 453 |
447 url_pat = (?:^#|\s#)(\w+) | 454 issue_pat = (?:^#|\s#)(\w+) |
448 issue_server_link = https://myissueserver.com/{repo}/issue/{id} | 455 issue_server_link = https://myissueserver.com/{repo}/issue/{id} |
449 issue_prefix = # | 456 issue_prefix = # |
450 | 457 |
451 `url_pat` is the regular expression that will fetch issues from commit messages. | 458 `issue_pat` is the regular expression that will fetch issues from commit messages. |
452 Default regex will match issues in format of #<number> eg. #300. | 459 Default regex will match issues in format of #<number> eg. #300. |
453 | 460 |
454 Matched issues will be replace with the link specified as `issue_server_link` | 461 Matched issues will be replace with the link specified as `issue_server_link` |
455 {id} will be replaced with issue id, and {repo} with repository name. | 462 {id} will be replaced with issue id, and {repo} with repository name. |
456 Since the # is striped `issue_prefix` is added as a prefix to url. | 463 Since the # is striped `issue_prefix` is added as a prefix to url. |
525 # add more instances for load balancing | 532 # add more instances for load balancing |
526 #server 127.0.0.1:5001; | 533 #server 127.0.0.1:5001; |
527 #server 127.0.0.1:5002; | 534 #server 127.0.0.1:5002; |
528 } | 535 } |
529 | 536 |
537 ## gist alias | |
538 server { | |
539 listen 443; | |
540 server_name gist.myserver.com; | |
541 access_log /var/log/nginx/gist.access.log; | |
542 error_log /var/log/nginx/gist.error.log; | |
543 | |
544 ssl on; | |
545 ssl_certificate gist.rhodecode.myserver.com.crt; | |
546 ssl_certificate_key gist.rhodecode.myserver.com.key; | |
547 | |
548 ssl_session_timeout 5m; | |
549 | |
550 ssl_protocols SSLv3 TLSv1; | |
551 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; | |
552 ssl_prefer_server_ciphers on; | |
553 | |
554 rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1; | |
555 rewrite (.*) https://rhodecode.myserver.com/_admin/gists; | |
556 } | |
557 | |
530 server { | 558 server { |
531 listen 443; | 559 listen 443; |
532 server_name rhodecode.myserver.com; | 560 server_name rhodecode.myserver.com; |
533 access_log /var/log/nginx/rhodecode.access.log; | 561 access_log /var/log/nginx/rhodecode.access.log; |
534 error_log /var/log/nginx/rhodecode.error.log; | 562 error_log /var/log/nginx/rhodecode.error.log; |
541 | 569 |
542 ssl_protocols SSLv3 TLSv1; | 570 ssl_protocols SSLv3 TLSv1; |
543 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; | 571 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; |
544 ssl_prefer_server_ciphers on; | 572 ssl_prefer_server_ciphers on; |
545 | 573 |
546 # uncomment if you have nginx with chunking module compiled | 574 ## uncomment root directive if you want to serve static files by nginx |
547 # fixes the issues of having to put postBuffer data for large git | 575 ## requires static_files = false in .ini file |
548 # pushes | |
549 #chunkin on; | |
550 #error_page 411 = @my_411_error; | |
551 #location @my_411_error { | |
552 # chunkin_resume; | |
553 #} | |
554 | |
555 # uncomment if you want to serve static files by nginx | |
556 #root /path/to/installation/rhodecode/public; | 576 #root /path/to/installation/rhodecode/public; |
557 | 577 include /etc/nginx/proxy.conf; |
558 location / { | 578 location / { |
559 try_files $uri @rhode; | 579 try_files $uri @rhode; |
560 } | 580 } |
561 | 581 |
562 location @rhode { | 582 location @rhode { |
563 proxy_pass http://rc; | 583 proxy_pass http://rc; |
564 include /etc/nginx/proxy.conf; | |
565 } | 584 } |
566 | 585 |
567 } | 586 } |
568 | 587 |
569 Here's the proxy.conf. It's tuned so it will not timeout on long | 588 Here's the proxy.conf. It's tuned so it will not timeout on long |
574 proxy_set_header X-Url-Scheme $scheme; | 593 proxy_set_header X-Url-Scheme $scheme; |
575 proxy_set_header X-Host $http_host; | 594 proxy_set_header X-Host $http_host; |
576 proxy_set_header X-Real-IP $remote_addr; | 595 proxy_set_header X-Real-IP $remote_addr; |
577 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | 596 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
578 proxy_set_header Proxy-host $proxy_host; | 597 proxy_set_header Proxy-host $proxy_host; |
579 client_max_body_size 400m; | |
580 client_body_buffer_size 128k; | |
581 proxy_buffering off; | 598 proxy_buffering off; |
582 proxy_connect_timeout 7200; | 599 proxy_connect_timeout 7200; |
583 proxy_send_timeout 7200; | 600 proxy_send_timeout 7200; |
584 proxy_read_timeout 7200; | 601 proxy_read_timeout 7200; |
585 proxy_buffers 8 32k; | 602 proxy_buffers 8 32k; |
586 | 603 client_max_body_size 1024m; |
587 Also, when using root path with nginx you might set the static files to false | 604 client_body_buffer_size 128k; |
588 in the production.ini file:: | 605 large_client_header_buffers 8 64k; |
589 | |
590 [app:main] | |
591 use = egg:rhodecode | |
592 full_stack = true | |
593 static_files = false | |
594 lang=en | |
595 cache_dir = %(here)s/data | |
596 | |
597 In order to not have the statics served by the application. This improves speed. | |
598 | 606 |
599 | 607 |
600 Apache virtual host reverse proxy example | 608 Apache virtual host reverse proxy example |
601 ----------------------------------------- | 609 ----------------------------------------- |
602 | 610 |