Mercurial > kallithea
comparison docs/setup.rst @ 3960:5293d4bbb1ea
Merged dev into stable/default/master branch
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Fri, 07 Jun 2013 00:31:11 +0200 |
| parents | 3563bb7b4b82 a5bccf34c512 |
| children | 2c82dd8ba318 |
comparison
equal
deleted
inserted
replaced
| 3879:51596d9ef2f8 | 3960:5293d4bbb1ea |
|---|---|
| 194 Login Attribute = uid | 194 Login Attribute = uid |
| 195 First Name Attribute = firstName | 195 First Name Attribute = firstName |
| 196 Last Name Attribute = lastName | 196 Last Name Attribute = lastName |
| 197 E-mail Attribute = mail | 197 E-mail Attribute = mail |
| 198 | 198 |
| 199 If your user groups are placed in a Organisation Unit (OU) structure the Search Settings configuration differs:: | |
| 200 | |
| 201 Search settings | |
| 202 Base DN = DC=host,DC=example,DC=org | |
| 203 LDAP Filter = (&(memberOf=CN=your user group,OU=subunit,OU=unit,DC=host,DC=example,DC=org)(objectClass=user)) | |
| 204 LDAP Search Scope = SUBTREE | |
| 205 | |
| 199 .. _enable_ldap: | 206 .. _enable_ldap: |
| 200 | 207 |
| 201 Enable LDAP : required | 208 Enable LDAP : required |
| 202 Whether to use LDAP for authenticating users. | 209 Whether to use LDAP for authenticating users. |
| 203 | 210 |
| 442 RhodeCode provides a simple integration with issue trackers. It's possible | 449 RhodeCode provides a simple integration with issue trackers. It's possible |
| 443 to define a regular expression that will fetch issue id stored in commit | 450 to define a regular expression that will fetch issue id stored in commit |
| 444 messages and replace that with an url to this issue. To enable this simply | 451 messages and replace that with an url to this issue. To enable this simply |
| 445 uncomment following variables in the ini file:: | 452 uncomment following variables in the ini file:: |
| 446 | 453 |
| 447 url_pat = (?:^#|\s#)(\w+) | 454 issue_pat = (?:^#|\s#)(\w+) |
| 448 issue_server_link = https://myissueserver.com/{repo}/issue/{id} | 455 issue_server_link = https://myissueserver.com/{repo}/issue/{id} |
| 449 issue_prefix = # | 456 issue_prefix = # |
| 450 | 457 |
| 451 `url_pat` is the regular expression that will fetch issues from commit messages. | 458 `issue_pat` is the regular expression that will fetch issues from commit messages. |
| 452 Default regex will match issues in format of #<number> eg. #300. | 459 Default regex will match issues in format of #<number> eg. #300. |
| 453 | 460 |
| 454 Matched issues will be replace with the link specified as `issue_server_link` | 461 Matched issues will be replace with the link specified as `issue_server_link` |
| 455 {id} will be replaced with issue id, and {repo} with repository name. | 462 {id} will be replaced with issue id, and {repo} with repository name. |
| 456 Since the # is striped `issue_prefix` is added as a prefix to url. | 463 Since the # is striped `issue_prefix` is added as a prefix to url. |
| 525 # add more instances for load balancing | 532 # add more instances for load balancing |
| 526 #server 127.0.0.1:5001; | 533 #server 127.0.0.1:5001; |
| 527 #server 127.0.0.1:5002; | 534 #server 127.0.0.1:5002; |
| 528 } | 535 } |
| 529 | 536 |
| 537 ## gist alias | |
| 538 server { | |
| 539 listen 443; | |
| 540 server_name gist.myserver.com; | |
| 541 access_log /var/log/nginx/gist.access.log; | |
| 542 error_log /var/log/nginx/gist.error.log; | |
| 543 | |
| 544 ssl on; | |
| 545 ssl_certificate gist.rhodecode.myserver.com.crt; | |
| 546 ssl_certificate_key gist.rhodecode.myserver.com.key; | |
| 547 | |
| 548 ssl_session_timeout 5m; | |
| 549 | |
| 550 ssl_protocols SSLv3 TLSv1; | |
| 551 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; | |
| 552 ssl_prefer_server_ciphers on; | |
| 553 | |
| 554 rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1; | |
| 555 rewrite (.*) https://rhodecode.myserver.com/_admin/gists; | |
| 556 } | |
| 557 | |
| 530 server { | 558 server { |
| 531 listen 443; | 559 listen 443; |
| 532 server_name rhodecode.myserver.com; | 560 server_name rhodecode.myserver.com; |
| 533 access_log /var/log/nginx/rhodecode.access.log; | 561 access_log /var/log/nginx/rhodecode.access.log; |
| 534 error_log /var/log/nginx/rhodecode.error.log; | 562 error_log /var/log/nginx/rhodecode.error.log; |
| 541 | 569 |
| 542 ssl_protocols SSLv3 TLSv1; | 570 ssl_protocols SSLv3 TLSv1; |
| 543 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; | 571 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5; |
| 544 ssl_prefer_server_ciphers on; | 572 ssl_prefer_server_ciphers on; |
| 545 | 573 |
| 546 # uncomment if you have nginx with chunking module compiled | 574 ## uncomment root directive if you want to serve static files by nginx |
| 547 # fixes the issues of having to put postBuffer data for large git | 575 ## requires static_files = false in .ini file |
| 548 # pushes | |
| 549 #chunkin on; | |
| 550 #error_page 411 = @my_411_error; | |
| 551 #location @my_411_error { | |
| 552 # chunkin_resume; | |
| 553 #} | |
| 554 | |
| 555 # uncomment if you want to serve static files by nginx | |
| 556 #root /path/to/installation/rhodecode/public; | 576 #root /path/to/installation/rhodecode/public; |
| 557 | 577 include /etc/nginx/proxy.conf; |
| 558 location / { | 578 location / { |
| 559 try_files $uri @rhode; | 579 try_files $uri @rhode; |
| 560 } | 580 } |
| 561 | 581 |
| 562 location @rhode { | 582 location @rhode { |
| 563 proxy_pass http://rc; | 583 proxy_pass http://rc; |
| 564 include /etc/nginx/proxy.conf; | |
| 565 } | 584 } |
| 566 | 585 |
| 567 } | 586 } |
| 568 | 587 |
| 569 Here's the proxy.conf. It's tuned so it will not timeout on long | 588 Here's the proxy.conf. It's tuned so it will not timeout on long |
| 574 proxy_set_header X-Url-Scheme $scheme; | 593 proxy_set_header X-Url-Scheme $scheme; |
| 575 proxy_set_header X-Host $http_host; | 594 proxy_set_header X-Host $http_host; |
| 576 proxy_set_header X-Real-IP $remote_addr; | 595 proxy_set_header X-Real-IP $remote_addr; |
| 577 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | 596 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
| 578 proxy_set_header Proxy-host $proxy_host; | 597 proxy_set_header Proxy-host $proxy_host; |
| 579 client_max_body_size 400m; | |
| 580 client_body_buffer_size 128k; | |
| 581 proxy_buffering off; | 598 proxy_buffering off; |
| 582 proxy_connect_timeout 7200; | 599 proxy_connect_timeout 7200; |
| 583 proxy_send_timeout 7200; | 600 proxy_send_timeout 7200; |
| 584 proxy_read_timeout 7200; | 601 proxy_read_timeout 7200; |
| 585 proxy_buffers 8 32k; | 602 proxy_buffers 8 32k; |
| 586 | 603 client_max_body_size 1024m; |
| 587 Also, when using root path with nginx you might set the static files to false | 604 client_body_buffer_size 128k; |
| 588 in the production.ini file:: | 605 large_client_header_buffers 8 64k; |
| 589 | |
| 590 [app:main] | |
| 591 use = egg:rhodecode | |
| 592 full_stack = true | |
| 593 static_files = false | |
| 594 lang=en | |
| 595 cache_dir = %(here)s/data | |
| 596 | |
| 597 In order to not have the statics served by the application. This improves speed. | |
| 598 | 606 |
| 599 | 607 |
| 600 Apache virtual host reverse proxy example | 608 Apache virtual host reverse proxy example |
| 601 ----------------------------------------- | 609 ----------------------------------------- |
| 602 | 610 |