Stasiek Michalski 81413a
import os
Stasiek Michalski 81413a
from datetime import timedelta
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Set the time after which the admin session expires
Stasiek Michalski 81413a
# There are two sessions on pagure, login that holds for 31 days and
Stasiek Michalski 81413a
# the session defined here after which an user has to re-login.
Stasiek Michalski 81413a
# This session is used when accessing all administrative parts of pagure
Stasiek Michalski 81413a
# (ie: changing a project's or a user's settings)
Stasiek Michalski 81413a
ADMIN_SESSION_LIFETIME = timedelta(minutes=20)
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Enable tickets and docs for all repos
Stasiek Michalski 81413a
ENABLE_TICKETS = True
Stasiek Michalski 81413a
ENABLE_DOCS = True
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Enables / Disables private projects
Stasiek Michalski 016c05
PRIVATE_PROJECTS = False
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Secret key for the Flask application
Stasiek Michalski 81413a
SECRET_KEY='{{ pillar['profile']['pagure']['secret_key'] }}'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### url to the database server:
Stasiek Michalski 81413a
#DB_URL = 'mysql://user:pass@host/db_name'
Stasiek Michalski 81413a
#DB_URL = 'postgres://user:pass@host/db_name'
Stasiek Michalski 81413a
DB_URL = 'postgres://{{ pillar['profile']['pagure']['database_user'] }}:{{ pillar['postgres']['users']['pagure']['password'] }}@{{ pillar['profile']['pagure']['database_host'] }}/pagure'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Send FedMsg notifications of events in pagure
Stasiek Michalski 81413a
FEDMSG_NOTIFICATIONS = False
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### The FAS group in which the admin of pagure are
Stasiek Michalski 016c05
#ADMIN_GROUP = ['sysadmin-main']
Stasiek Michalski 81413a
Stasiek Michalski 351a2d
# The publicly visible admin email address
Stasiek Michalski 351a2d
ADMIN_EMAIL = 'admin@opensuse.org'
Stasiek Michalski 351a2d
Stasiek Michalski 81413a
### Hard-coded list of global admins
Stasiek Michalski 016c05
PAGURE_ADMIN_USERS = ['hellcp', 'Pharaoh_Atem']
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Enables sending email using SMTP credentials.
Stasiek Michalski 81413a
EMAIL_SEND = True
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### The email address to which the flask.log will send the errors (tracebacks)
Stasiek Michalski 81413a
EMAIL_ERROR = 'root@localhost'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### SMTP settings
Stasiek Michalski 81413a
SMTP_SERVER = 'localhost'
Stasiek Michalski 81413a
SMTP_PORT = 25
Stasiek Michalski 81413a
SMTP_SSL = False
Stasiek Michalski 81413a
Stasiek Michalski 81413a
#Specify both for enabling SMTP with auth
Stasiek Michalski 81413a
SMTP_USERNAME = None
Stasiek Michalski 81413a
SMTP_PASSWORD = None
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Information used to sent notifications
Stasiek Michalski 81413a
FROM_EMAIL = 'pagure@opensuse.org'
Stasiek Michalski 81413a
DOMAIN_EMAIL_NOTIFICATIONS = 'code.opensuse.org'
Stasiek Michalski 81413a
SALT_EMAIL = '{{ pillar['profile']['pagure']['salt_email'] }}'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Restrict outgoing emails to these domains:
Stasiek Michalski 81413a
## If set, adding emailaccounts that don't end with these domainnames
Stasiek Michalski 81413a
## will not be permitted. Mails to already existing emailaccounts
Stasiek Michalski 81413a
## that are not covered by this list will not get sent.
Stasiek Michalski 81413a
# ALLOWED_EMAIL_DOMAINS = [ 'localhost.localdomain', 'example.com' ]
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Disallow remote pull requests
Stasiek Michalski 81413a
## If set, remote pull requests will be disabled and not available
Stasiek Michalski 81413a
## anymore as a selection in the PR dropdown menus
Stasiek Michalski 81413a
DISABLE_REMOTE_PR = False
Stasiek Michalski 81413a
2711f9
### Allow HTTP(S) pushes with local/token auth
2711f9
ALLOW_HTTP_PUSH = True
2711f9
Stasiek Michalski 81413a
### The URL at which the project is available.
Stasiek Michalski 81413a
APP_URL = 'https://code.opensuse.org/'
Stasiek Michalski 81413a
### The URL at which the documentation of projects will be available
Stasiek Michalski 81413a
## This should be in a different domain to avoid XSS issues since we want
Stasiek Michalski 81413a
## to allow raw html to be displayed (different domain, ie not a sub-domain).
Stasiek Michalski 81413a
DOC_APP_URL = 'https://pages.opensuse.org'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### The URL to use to clone git repositories.
Stasiek Michalski 81413a
GIT_URL_SSH = 'ssh://git@code.opensuse.org/'
Stasiek Michalski 81413a
GIT_URL_GIT = 'https://code.opensuse.org/'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Folder containing the pagure user SSH authorized keys
Stasiek Michalski 81413a
SSH_FOLDER = os.path.join(
Stasiek Michalski 81413a
    '/srv',
Stasiek Michalski 81413a
    'gitolite',
Stasiek Michalski 81413a
    '.ssh'
Stasiek Michalski 81413a
)
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Folder containing to the git repos
Stasiek Michalski 81413a
GIT_FOLDER = os.path.join(
Stasiek Michalski 81413a
    '/srv',
Stasiek Michalski 81413a
    'gitolite',
Stasiek Michalski 81413a
    'repositories'
Stasiek Michalski 81413a
)
Stasiek Michalski 81413a
Stasiek Michalski 81413a
REPOSPANNER_PSEUDO_FOLDER = os.path.join(
Stasiek Michalski 81413a
    '/srv',
Stasiek Michalski 81413a
    'gitolite',
Stasiek Michalski 81413a
    'pseudo'
Stasiek Michalski 81413a
)
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Folder containing the clones for the remote pull-requests
Stasiek Michalski 81413a
REMOTE_GIT_FOLDER = os.path.join(
Stasiek Michalski 81413a
    '/srv',
Stasiek Michalski 81413a
    'gitolite',
Stasiek Michalski 81413a
    'remotes'
Stasiek Michalski 81413a
)
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Whether to enable scanning for viruses in attachments
Stasiek Michalski 81413a
VIRUS_SCAN_ATTACHMENTS = False
Stasiek Michalski 81413a
Stasiek Michalski 016c05
GIT_AUTH_BACKEND = "pagure"
Stasiek Michalski 016c05
Stasiek Michalski 81413a
HTTP_REPO_ACCESS_GITOLITE = None
Stasiek Michalski 81413a
Stasiek Michalski 016c05
SSH_KEYS_USERNAME_EXPECT = "git"
Stasiek Michalski 016c05
Stasiek Michalski 81413a
SSH_COMMAND_NON_REPOSPANNER = ([
Stasiek Michalski 81413a
    "/usr/bin/%(cmd)s",
Stasiek Michalski 81413a
    "/srv/gitolite/repositories/%(reponame)s",
Stasiek Michalski 81413a
], {"GL_USER": "%(username)s"})
Stasiek Michalski 81413a
592df2
# Arguments to add to the SSH keys, possible replacements:
592df2
# %(username)s: username owning this key
592df2
SSH_KEYS_OPTIONS = (
592df2
    'restrict,command="/usr/lib/pagure/aclchecker.py %(username)s"'
592df2
)
592df2
Stasiek Michalski 81413a
### Configuration file for gitolite
Stasiek Michalski 81413a
GITOLITE_CONFIG = os.path.join(
Stasiek Michalski 81413a
    '/srv',
Stasiek Michalski 81413a
    'gitolite',
Stasiek Michalski 81413a
    '.gitolite',
Stasiek Michalski 81413a
    'conf',
Stasiek Michalski 81413a
    'gitolite.conf'
Stasiek Michalski 81413a
)
Stasiek Michalski 81413a
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Home folder of the gitolite user
Stasiek Michalski 81413a
### Folder where to run gl-compile-conf from
Stasiek Michalski 81413a
GITOLITE_HOME = '/srv/gitolite'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Version of gitolite used: 2 or 3?
Stasiek Michalski 81413a
GITOLITE_VERSION = 3
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Folder containing all the public ssh keys for gitolite
Stasiek Michalski 81413a
GITOLITE_KEYDIR = os.path.join(GITOLITE_HOME, '.gitolite', 'keydir')
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Path to the gitolite.rc file
Stasiek Michalski 81413a
GL_RC = None
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Path to the /bin directory where the gitolite tools can be found
Stasiek Michalski 81413a
GL_BINDIR = None
Stasiek Michalski 81413a
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# SSH Information
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### The ssh certificates of the git server to be provided to the user
Stasiek Michalski 81413a
### /!\ format is important
Stasiek Michalski 351a2d
SSH_KEYS = {
Stasiek Michalski 351a2d
    'RSA': {
Stasiek Michalski 351a2d
        'fingerprint': '3072 5d:dc:89:7f:bf:02:5b:e9:ec:9d:5d:bc:ad:7e:5c:5e   (RSA)',
Stasiek Michalski 351a2d
        'pubkey': 'code.opensuse.org,195.135.221.140,2001:67c:2178:8:0:0:0:16 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXCk+ToHsNvFMO1b0FrO4wiWLPtmNNiXkupXf2hjPGWSexe1FjjjLp2/zjQb8a8srzaF5AFGUX9cOFGRpXa0j53h/q91nNcUVpaiy0I3cCXQbLwVeiPBPmDYjpTbAl0cHYfVQvF8W++VU9SABUfe+yq/OADFKCYVMjYV8gTvtFFpqbIh6YGLELZ/SwHid9HgspA9TSS6jPjDuP89xkCb14m52P47a9h5n9wEHfdOvqcV3MJd2wprJAUM9Ulz+EXydHPh8cNE1wZu5H78yKAQgAHCeMqWy/6FNmp/dU6OJ/ARfkMCXDQwrJd0fm31Zer5bcVkZdALcGOeggL7d2P7+FC7cCkPa5aeU1kpNCMoOXcR5/zra9ssaskHUXwTRODOMlK3YpJON0vx5/NLr6SrN4EQv3dBJS1qrDEpqhxZCqMk1jY1i4ixGDyIEO0ESEI/J57SqhWOvGUNRpweWg/JNKRfdJ6gF7KJsjfOyDQzdyCBZiMu61roKXsG0/FPqPEHE=',
Stasiek Michalski 351a2d
        'SHA256': 'SHA256:1Y2KdDQqRvkv+CGKU4+m4qpkZps0s/qFB5i7FndsBDA',
Stasiek Michalski 351a2d
    }
Stasiek Michalski 351a2d
}
Stasiek Michalski 81413a
Stasiek Michalski 81413a
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Optional configuration
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Number of items displayed per page
Stasiek Michalski 81413a
# Used when listing items
Stasiek Michalski 81413a
ITEM_PER_PAGE = 50
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Maximum size of the uploaded content
Stasiek Michalski 81413a
# Used to limit the size of file attached to a ticket for example
Stasiek Michalski 81413a
MAX_CONTENT_LENGTH = 4 * 1024 * 1024  # 4 megabytes
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Lenght for short commits ids or file hex
Stasiek Michalski 81413a
SHORT_LENGTH = 6
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### List of blacklisted project names that can conflicts for pagure's URLs
Stasiek Michalski 81413a
### or other
Stasiek Michalski 81413a
BLACKLISTED_PROJECTS = [
Stasiek Michalski 81413a
    'static', 'pv', 'releases', 'new', 'api', 'settings',
Stasiek Michalski 81413a
    'logout', 'login', 'users', 'groups', 'projects']
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### IP addresses allowed to access the internal endpoints
Stasiek Michalski 81413a
### These endpoints are used by the milter and are security sensitive, thus
Stasiek Michalski 81413a
### the IP filter
753864
IP_ALLOWED_INTERNAL = ['127.0.0.1', 'localhost', '::1', '']
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### EventSource/Web-Hook/Redis configuration
Stasiek Michalski 81413a
# The eventsource integration is what allows pagure to refresh the content
Stasiek Michalski 81413a
# on your page when someone else comments on the ticket (and this without
Stasiek Michalski 81413a
# asking you to reload the page.
Stasiek Michalski 81413a
# By default it is off, ie: EVENTSOURCE_SOURCE is None, to turn it on, specify
Stasiek Michalski 81413a
# here what the URL of the eventsource server is, for example:
Stasiek Michalski 81413a
# https://ev.pagure.io or https://pagure.io:8080 or whatever you are using
Stasiek Michalski 81413a
# (Note: the urls sent to it start with a '/' so no need to add one yourself)
Stasiek Michalski e158f1
EVENTSOURCE_SOURCE = 'https://ev.opensuse.org'
Stasiek Michalski 81413a
# Port where the event source server is running (maybe be the same port
Stasiek Michalski 81413a
# as the one specified in EVENTSOURCE_SOURCE or a different one if you
Stasiek Michalski 81413a
# have something running in front of the server such as apache or stunnel).
Stasiek Michalski 81413a
EVENTSOURCE_PORT = 8080
Stasiek Michalski 81413a
# If this port is specified, the event source server will run another server
Stasiek Michalski 81413a
# at this port and will provide information about the number of active
Stasiek Michalski 81413a
# connections running on the first (main) event source server
Stasiek Michalski 81413a
#EV_STATS_PORT = 8888
Stasiek Michalski 81413a
# Web-hook can be turned on or off allowing using them for notifications, or
Stasiek Michalski 81413a
# not.
Stasiek Michalski 016c05
WEBHOOK = True
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Redis configuration
Stasiek Michalski 81413a
# A redis server is required for both the Event-Source server or the web-hook
Stasiek Michalski 81413a
# server.
Stasiek Michalski 81413a
REDIS_HOST = '0.0.0.0'
Stasiek Michalski 81413a
REDIS_PORT = 6379
Stasiek Michalski 81413a
REDIS_DB = 0
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Authentication related configuration option
Stasiek Michalski 81413a
Stasiek Michalski 81413a
### Switch the authentication method
Stasiek Michalski 81413a
# Specify which authentication method to use.
Stasiek Michalski 81413a
# Available options: `fas`, `openid`, `oidc`, `local`
Stasiek Michalski 81413a
# Default: ``local``.
Stasiek Michalski 81413a
PAGURE_AUTH = 'openid'
Stasiek Michalski 81413a
Stasiek Michalski 5b931d
FAS_OPENID_ENDPOINT = 'https://www.opensuse.org/openid/'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# When this is set to True, the session cookie will only be returned to the
Stasiek Michalski 81413a
# server via ssl (https). If you connect to the server via plain http, the
Stasiek Michalski 81413a
# cookie will not be sent. This prevents sniffing of the cookie contents.
Stasiek Michalski 81413a
# This may be set to False when testing your application but should always
Stasiek Michalski 81413a
# be set to True in production.
Stasiek Michalski 81413a
# Default: ``True``.
Stasiek Michalski 81413a
SESSION_COOKIE_SECURE = True
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# The name of the cookie used to store the session id.
Stasiek Michalski 81413a
# Default: ``.pagure``.
Stasiek Michalski 81413a
SESSION_COOKIE_NAME = 'pagure'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Boolean specifying whether to check the user's IP address when retrieving
Stasiek Michalski 81413a
# its session. This make things more secure (thus is on by default) but
Stasiek Michalski 81413a
# under certain setup it might not work (for example is there are proxies
Stasiek Michalski 81413a
# in front of the application).
Stasiek Michalski 81413a
CHECK_SESSION_IP = True
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Used by SESSION_COOKIE_PATH
Stasiek Michalski 81413a
APPLICATION_ROOT = '/'
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Allow the backward compatiblity endpoints for the old URLs schema to
Stasiek Michalski 81413a
# see the commits of a repo. This is only interesting if you pagure instance
Stasiek Michalski 81413a
# was running since before version 1.3 and if you care about backward
Stasiek Michalski 81413a
# compatibility in your URLs.
Stasiek Michalski 81413a
OLD_VIEW_COMMIT_ENABLED = False
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# repoSpanner integration settings
Stasiek Michalski 81413a
# https://repospanner.org/
Stasiek Michalski 81413a
# Whether to create new repositories on repoSpanner by default.
Stasiek Michalski 81413a
# Either None or a region name.
Stasiek Michalski 81413a
REPOSPANNER_NEW_REPO = None
Stasiek Michalski 81413a
# Whether to allow admins to override region selection on creation.
Stasiek Michalski 81413a
REPOSPANNER_NEW_REPO_ADMIN_OVERRIDE = False
Stasiek Michalski 81413a
# Whether to create new forks on repoSpanner.
Stasiek Michalski 81413a
# Either None (no repoSpanner), True (same as origin project) or a region name.
Stasiek Michalski 81413a
REPOSPANNER_NEW_FORK = True
Stasiek Michalski 81413a
# Whether to allow an admin to manually migrate an individual project.
Stasiek Michalski 81413a
REPOSPANNER_ADMIN_MIGRATION = False
Stasiek Michalski 81413a
# The repoSpanner regions to be used in this Pagure instance.
Stasiek Michalski 81413a
# Example entry:
Stasiek Michalski 81413a
# 'default': {'url': 'https://nodea.regiona.repospanner.local:8444',
Stasiek Michalski 81413a
#             'repo_prefix': 'pagure/',
Stasiek Michalski 81413a
#             'hook': None,
Stasiek Michalski 81413a
#             'ca': '',
Stasiek Michalski 81413a
#             'admin_cert': {'cert': '',
Stasiek Michalski 81413a
#                            'key': ''},
Stasiek Michalski 81413a
#             'push_cert': {'cert': '',
Stasiek Michalski 81413a
#                           'key': ''}}
Stasiek Michalski 81413a
REPOSPANNER_REGIONS = {}
Stasiek Michalski 81413a
Stasiek Michalski 81413a
# Path to the plugins configuration file that is used to load plugins. Please
Stasiek Michalski 81413a
# look at files/plugins.cfg.sample for a configuration example.
Stasiek Michalski 81413a
# PAGURE_PLUGINS_CONFIG = "/etc/pagure/plugins.cfg"
Stasiek Michalski 016c05
Stasiek Michalski 016c05
THEME = 'chameleon'