Error browsing files and very slow download file with svn tortoise

joseba.ortega's Avatar

joseba.ortega

09 Nov, 2017 09:39 AM

Hello:
I am migrating from collabnet to Rhodecode my subversion repositories. My users use usually svntortoise for browsing repositories.
My problem is that the repobrowser and svn checkout is veryyyyyyyyy slow.
I attach a file where you can see the difference between I use https://myservername/repository across rhodecode using the proxy or if I use apache directly ( port 8090 ) without rhodecode proxy. ( http://myservername:8090/repository). The difference is very big.
Another problem is that, using rhodecode proxy, I can not see the tree where the reposirories are placed. Just using apache, without proxy, I can see them.
File attached showing error.

For these reasons I have stopped the migration. The differences in time are great asn I can nott show the trees and navigate through them.
I think that I have a bad configuration in proxy section. Besides I think too that the proxy doesn't convert https to http or upside down. If I open tortoise repo-browser, I can add a file to repository but I can not del or rename it.
File Attached trying to del a file from the repository.

My configuration files are:
Apache:
<VirtualHost *:8090>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName aketz.tech.ingeteam.local

ServerAdmin webmaster@localhost
DocumentRoot /repos

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

LogLevel Info
        HttpProtocolOptions Unsafe

        #SVNAdvertiseV2Protocol off

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf

        
include /home/rhodecode/.rccontrol/community-1/mod_dav_svn.conf

</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

## HTTP to HTTPS rewrite
<VirtualHost *:80>
   ServerName aketz.tech.ingeteam.local
   DocumentRoot /var/www/html
   Redirect permanent / https://aketz.tech.ingeteam.local/
</VirtualHost>

## MAIN SSL enabled server
<VirtualHost *:443>

    ServerName aketz.tech.ingeteam.local
    ServerAlias aketz

    ## serve static files by Apache, recommended for performance
    Alias /_static /home/rhodecode/.rccontrol/community-1/static

    #MODIFICADO JOSEBA 08112017
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Ssl on

    ## channelstream websocket handling
    ProxyPass /_channelstream ws://localhost:8090
    ProxyPassReverse /_channelstream ws://localhost:8090

    <Proxy *>
      Order allow,deny
      Allow from all
    </Proxy>

    # Directive to properly generate url (clone url) for RhodeCode
    ProxyPreserveHost On

    # Url to running RhodeCode instance. This is shown as `- URL:` when
    # running rccontrol status.
    ProxyPass / http://127.0.0.1:10002/ retry=1 timeout=7200 Keepalive=On

#MODIFICADO POR JOSEBA
 
    ProxyPassReverse / http://127.0.0.1:10002/

    # Increase headers for large Mercurial headers
    LimitRequestLine 16380

    # strict http prevents from https -> http downgrade
    Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"

    # Set x-frame options
    Header always append X-Frame-Options SAMEORIGIN

    # To enable https use line below
    SetEnvIf X-Url-Scheme https HTTPS=1

    # SSL setup
    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl/rhodecode.crt
    SSLCertificateKeyFile /etc/apache2/ssl/rhodecode.key

    SSLProtocol all -SSLv2 -SSLv3
    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
    SSLHonorCipherOrder on

    # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
    #SSLOpenSSLConfCmd DHParameters "/etc/apache2/dhparam.pem"

#include /home/rhodecode/.rccontrol/community-1/mod_dav_svn.conf

</VirtualHost>

MODDAV FILE
# Auto generated configuration for use with the Apache mod_dav_svn module.
#
# WARNING: Make sure your Apache instance which runs the mod_dav_svn module is
# only accessible by RhodeCode. Otherwise everyone is able to browse
# the repositories or run subversion operations (checkout/commit/etc.).
#
# The mod_dav_svn module does not support subversion repositories which are
# organized in subfolders. To support the repository groups of RhodeCode it is
# required to provide a <Location> block for each group pointing to the
# repository group sub folder. To ease the configuration RhodeCode auto
# generates this file whenever a repository group is created/changed/deleted.
# Auto generation can be configured in the ini file. Settings are prefixed with
# ``svn.proxy``.
#
# To include this configuration into your apache config you can use the
# `Include` directive. See the following example snippet of a virtual host how
# to include this configuration file.
#
# <VirtualHost *:8090>
# ServerAdmin webmaster@localhost
# DocumentRoot /var/www/html
# ErrorLog ${APACHE_LOG_DIR}/error.log
# CustomLog ${APACHE_LOG_DIR}/access.log combined
# LogLevel info
# # allows custom host names, prevents 400 errors on checkout
# HttpProtocolOptions Unsafe
# Include /path/to/generated/mod_dav_svn.conf
# </VirtualHost>
#
# Depending on the apache configuration you may encounter the following error if
# you are using speecial characters in your repository or repository group
# names.
#
# ``Error converting entry in directory '/path/to/repo' to UTF-8``
#
# In this case you have to change the LANG environment variable in the apache
# configuration. This setting is typically located at ``/etc/apache2/envvars``.
# You have to change it to an UTF-8 value like ``export LANG="en_US.UTF-8"``.
# After changing this a stop and start of Apache is required (using restart
# doesn't work).

# fix https -> http downgrade with DAV. It requires an header downgrade for
# https -> http reverse proxy to work properly
#RequestHeader edit Destination ^https: http: early

<Location "/">
    # The mod_dav_svn module takes the username from the apache request object.
    # Without authorization this will be empty and no username is logged for the
    # transactions. This will result in "(no author)" for each revision. The
    # following directives implement a fake authentication that allows every
    # username/password combination.
    AuthType Basic
    AuthName "Ingeteam RhodeCode Authentication"
    AuthBasicProvider anon
    Anonymous *
    Anonymous_LogEmail off
    Require valid-user

    DAV svn
    SVNParentPath "/repos"
    SVNListParentPath On

    Allow from all
    Order allow,deny
</Location>

<Location "/AD">
    AuthType Basic
    AuthName "Ingeteam RhodeCode Authentication"
    AuthBasicProvider anon
    Anonymous *
    Anonymous_LogEmail off
    Require valid-user

    DAV svn
    SVNParentPath "/repos/AD"
    SVNListParentPath On

    Allow from all
    Order allow,deny
</Location>

<Location "/DOCTEC2">
    AuthType Basic
    AuthName "Ingeteam RhodeCode Authentication"
    AuthBasicProvider anon
    Anonymous *
    Anonymous_LogEmail off
    Require valid-user

    DAV svn
    SVNParentPath "/repos/DOCTEC2"
    SVNListParentPath On

    Allow from all
    Order allow,deny
</Location>

<Location "/DOCTEC2/AR">
    AuthType Basic
    AuthName "Ingeteam RhodeCode Authentication"
    AuthBasicProvider anon
    Anonymous *
    Anonymous_LogEmail off
    Require valid-user

    DAV svn
    SVNParentPath "/repos/DOCTEC2/AR"
    SVNListParentPath On

    Allow from all
    Order allow,deny
</Location>
AND MORE LOCATIONS.......

RHODECODE INI

################################################################################
## RHODECODE COMMUNITY EDITION CONFIGURATION ##
# The %(here)s variable will be replaced with the parent directory of this file#
################################################################################

[DEFAULT]
debug = true

################################################################################
## EMAIL CONFIGURATION ##
## Uncomment and replace with the email address which should receive ##
## any error reports after an application crash ##
## Additionally these settings will be used by the RhodeCode mailing system ##
################################################################################

## prefix all emails subjects with given prefix, helps filtering out emails
email_prefix = [Ingeteam RhodeCode]

## email FROM address all mails will be sent
##app_email_from = [email blocked]
app_email_from = [email blocked]
## Uncomment and replace with the address which should receive any error report
## note: using appenlight for error handling doesn't need this to be uncommented
email_to = [email blocked]

## in case of Application errors, sent an error email form
##error_email_from = [email blocked]
error_email_from = [email blocked]

## additional error message to be send in case of server crash
error_message = Error

smtp_server = mail.ingesare.com
smtp_username = repositorios.ingeteam
smtp_password = ******
smtp_port = 25
smtp_use_tls = false
smtp_use_ssl = false
## Specify available auth parameters here (e.g. LOGIN PLAIN CRAM-MD5, etc.)
smtp_auth = PLAIN

[server:main]
## COMMON ##
host = 127.0.0.1
port = 10002

##################################
## WAITRESS WSGI SERVER ##
## Recommended for Development ##
##################################

#use = egg:waitress#main
## number of worker threads
#threads = 5
## MAX BODY SIZE 100GB
#max_request_body_size = 107374182400
## Use poll instead of select, fixes file descriptors limits problems.
## May not work on old windows systems.
#asyncore_use_poll = true

##########################
## GUNICORN WSGI SERVER ##
##########################
## run with gunicorn --log-config rhodecode.ini --paste rhodecode.ini>

use = egg:gunicorn#main
## Sets the number of process workers. You must set `instance_id = *`
## when this option is set to more than one worker, recommended
## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers
## The `instance_id = *` must be set in the [app:main] section below
workers = 9
## number of threads for each of the worker, must be set to 1 for gevent
## generally recommened to be at 1
#threads = 1
## process name
proc_name = RhodeCodeCommunity
## type of worker class, one of sync, gevent
## recommended for bigger setup is using of of other than sync one
worker_class = sync
## The maximum number of simultaneous clients. Valid only for Gevent
#worker_connections = 10
## max number of requests that worker will handle before being gracefully
## restarted, could prevent memory leaks
max_requests = 2000
max_requests_jitter = 30
## amount of time a worker can spend with handling a request before it
## gets killed and restarted. Set to 6hrs
timeout = 21600

## prefix middleware for RhodeCode.
## recommended when using proxy setup.
## allows to set RhodeCode under a prefix in server.
## eg https://server.com/custom_prefix. Enable `filter-with =` option below as well.
## And set your prefix like: `prefix = /custom_prefix`
## be sure to also set beaker.session.cookie_path = /custom_prefix if you need
## to make your cookies only work on prefix url
[filter:proxy-prefix]
use = egg:PasteDeploy#prefix
prefix = /

[app:main]
use = egg:rhodecode-enterprise-ce

## enable proxy prefix middleware, defined above
#filter-with = proxy-prefix

## encryption key used to encrypt social plugin tokens,
## remote_urls with credentials etc, if not set it defaults to
## `beaker.session.secret`
#rhodecode.encrypted_values.secret =

## decryption strict mode (enabled by default). It controls if decryption raises
## `SignatureVerificationError` in case of wrong key, or damaged encryption data.
#rhodecode.encrypted_values.strict = false

## return gzipped responses from Rhodecode (static files/application)
gzip_responses = false

## autogenerate javascript routes file on startup
generate_js_files = false

## Optional Languages
## en(default), be, de, es, fr, it, ja, pl, pt, ru, zh
lang = en

## perform a full repository scan on each server start, this should be
## set to false after first startup, to allow faster server restarts.
startup.import_repos = false

## Uncomment and set this path to use archive download cache.
## Once enabled, generated archives will be cached at this location
## and served from the cache during subsequent requests for the same archive of
## the repository.
#archive_cache_dir = /home/rhodecode/.rccontrol/community-1/tarballcache

## change this to unique ID for security
app_instance_uuid = b889a92293f94f2c873d2e1684e7d212

## cut off limit for large diffs (size in bytes)
cut_off_limit_diff = 2048000
cut_off_limit_file = 512000

## use cache version of scm repo everywhere
vcs_full_cache = true

## force https in RhodeCode, fixes https redirects, assumes it's always https
## Normally this is controlled by proper http flags sent from http server

##MODIFICADO POR JOSEBA ORTEGA 27-09-2017
force_https = true

## use Strict-Transport-Security headers
use_htsts = true

## number of commits stats will parse on each iteration
commit_parse_limit = 25

## git rev filter option, --all is the default filter, if you need to
## hide all refs in changelog switch this to --branches --tags
git_rev_filter = --branches --tags

# Set to true if your repos are exposed using the dumb protocol
git_update_server_info = false

## RSS/ATOM feed options
rss_cut_off_limit = 256000
rss_items_per_page = 10
rss_include_diff = false

## gist URL alias, used to create nicer urls for gist. This should be an
## url that does rewrites to _admin/gists/{gistid}.
## example: http://gist.rhodecode.org/{gistid}. Empty means use the internal
## RhodeCode url, ie. http[s]://rhodecode.server/_admin/gists/{gistid}
gist_alias_url = ""

## List of controllers (using glob pattern syntax) that AUTH TOKENS could be
## used for access.
## Adding ?auth_token=TOKEN_HASH to the url authenticates this request as if it
## came from the the logged in user who own this authentication token.
##
## Syntax is ControllerClass:function_pattern.
## To enable access to raw_files put `FilesController:raw`.
## To enable access to patches add `ChangesetController:changeset_patch`.
## The list should be "," separated and on a single line.
##
## Recommended controllers to enable:
## ChangesetController:changeset_patch,
## ChangesetController:changeset_raw,
## FilesController:raw,
## FilesController:archivefile,
## GistsController:*,
api_access_controllers_whitelist = ""

## default encoding used to convert from and to unicode
## can be also a comma separated list of encoding in case of mixed encodings
default_encoding = UTF-8

## instance-id prefix
## a prefix key for this instance used for cache invalidation when running
## multiple instances of rhodecode, make sure it's globally unique for
## all running rhodecode instances. Leave empty if you don't use it
instance_id = ""

## Fallback authentication plugin. Set this to a plugin ID to force the usage
## of an authentication plugin also if it is disabled by it's settings.
## This could be useful if you are unable to log in to the system due to broken
## authentication settings. Then you can enable e.g. the internal rhodecode auth
## module to log in again and fix the settings.
##
## Available builtin plugin IDs (hash is part of the ID):
## egg:rhodecode-enterprise-ce#rhodecode
## egg:rhodecode-enterprise-ce#pam
## egg:rhodecode-enterprise-ce#ldap
## egg:rhodecode-enterprise-ce#jasig_cas
## egg:rhodecode-enterprise-ce#headers
## egg:rhodecode-enterprise-ce#crowd
#rhodecode.auth_plugin_fallback = egg:rhodecode-enterprise-ce#rhodecode

## alternative return HTTP header for failed authentication. Default HTTP
## response is 401 HTTPUnauthorized. Currently HG clients have troubles with
## handling that causing a series of failed authentication calls.
## Set this variable to 403 to return HTTPForbidden, or any other HTTP code
## This will be served instead of default 401 on bad authnetication
auth_ret_code = ""

## use special detection method when serving auth_ret_code, instead of serving
## ret_code directly, use 401 initially (Which triggers credentials prompt)
## and then serve auth_ret_code to clients
auth_ret_code_detection = false

## locking return code. When repository is locked return this HTTP code. 2XX
## codes don't break the transactions while 4XX codes do
lock_ret_code = 423

## allows to change the repository location in settings page
allow_repo_location_change = true

## allows to setup custom hooks in settings page
allow_custom_hooks_settings = true

## generated license token, goto license page in RhodeCode settings to obtain
## new token
license_token = 5d88-77d1-4b82-11e7

## supervisor connection uri, for managing supervisor and logs.
supervisor.uri = 127.0.0.1:10000
## supervisord group name/id we only want this RC instance to handle
supervisor.group_id = community-1

## Display extended labs settings
labs_settings_active = true

####################################
### CELERY CONFIG ####
####################################
use_celery = false
broker.host = localhost
broker.vhost = rabbitmqhost
broker.port = 5672
broker.user = rabbitmq
broker.password = qweqwe

celery.imports = rhodecode.lib.celerylib.tasks

celery.result.backend = amqp
celery.result.dburi = amqp://
celery.result.serialier = json

#celery.send.task.error.emails = true
#celery.amqp.task.result.expires = 18000

celeryd.concurrency = 2
#celeryd.log.file = celeryd.log
celeryd.log.level = debug
celeryd.max.tasks.per.child = 1

## tasks will never be sent to the queue, but executed locally instead.
celery.always.eager = false

####################################
### BEAKER CACHE ####
####################################
## default cache dir for templates. Putting this into a ramdisk
## can boost performance, eg. %(here)s/data_ramdisk
cache_dir = %(here)s/data

## locking and default file storage for Beaker. Putting this into a ramdisk
## can boost performance, eg. %(here)s/data_ramdisk/cache/beaker_data
beaker.cache.data_dir = %(here)s/data/cache/beaker_data
beaker.cache.lock_dir = %(here)s/data/cache/beaker_lock

beaker.cache.regions = super_short_term, short_term, long_term, sql_cache_short, auth_plugins, repo_cache_long

beaker.cache.super_short_term.type = memory
beaker.cache.super_short_term.expire = 10
beaker.cache.super_short_term.key_length = 256

beaker.cache.short_term.type = memory
beaker.cache.short_term.expire = 60
beaker.cache.short_term.key_length = 256

beaker.cache.long_term.type = memory
beaker.cache.long_term.expire = 36000
beaker.cache.long_term.key_length = 256

beaker.cache.sql_cache_short.type = memory
beaker.cache.sql_cache_short.expire = 10
beaker.cache.sql_cache_short.key_length = 256

## default is memory cache, configure only if required
## using multi-node or multi-worker setup
#beaker.cache.auth_plugins.type = ext:database
#beaker.cache.auth_plugins.lock_dir = %(here)s/data/cache/auth_plugin_lock
#beaker.cache.auth_plugins.url = postgresql://postgres:secret@localhost/rhodecode
#beaker.cache.auth_plugins.url = mysql://root:[email blocked].0.1/rhodecode
#beaker.cache.auth_plugins.sa.pool_recycle = 3600
#beaker.cache.auth_plugins.sa.pool_size = 10
#beaker.cache.auth_plugins.sa.max_overflow = 0

beaker.cache.repo_cache_long.type = memorylru_base
beaker.cache.repo_cache_long.max_items = 4096
beaker.cache.repo_cache_long.expire = 2592000

## default is memorylru_base cache, configure only if required
## using multi-node or multi-worker setup
#beaker.cache.repo_cache_long.type = ext:memcached
#beaker.cache.repo_cache_long.url = localhost:11211
#beaker.cache.repo_cache_long.expire = 1209600
#beaker.cache.repo_cache_long.key_length = 256

####################################
### BEAKER SESSION ####
####################################

## .session.type is type of storage options for the session, current allowed
## types are file, ext:memcached, ext:database, and memory (default).
beaker.session.type = file
beaker.session.data_dir = %(here)s/data/sessions/data

## db based session, fast, and allows easy management over logged in users
#beaker.session.type = ext:database
#beaker.session.table_name = db_session
#beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode
#beaker.session.sa.url = mysql://root:[email blocked].0.1/rhodecode
#beaker.session.sa.pool_recycle = 3600
#beaker.session.sa.echo = false

beaker.session.key = community-1
beaker.session.secret = 2b051a1f43084cb884d1abbd5d818874
beaker.session.lock_dir = %(here)s/data/sessions/lock

## Secure encrypted cookie. Requires AES and AES python libraries
## you must disable beaker.session.secret to use this
#beaker.session.encrypt_key = key_for_encryption
#beaker.session.validate_key = validation_key

## sets session as invalid(also logging out user) if it haven not been
## accessed for given amount of time in seconds
beaker.session.timeout = 2592000
beaker.session.httponly = true
## Path to use for the cookie. Set to prefix if you use prefix middleware
#beaker.session.cookie_path = /custom_prefix

## uncomment for https secure cookie
beaker.session.secure = false

## auto save the session to not to use .save()
beaker.session.auto = false

## default cookie expiration time in seconds, set to `true` to set expire
## at browser close
#beaker.session.cookie_expires = 3600

###################################
## SEARCH INDEXING CONFIGURATION ##
###################################
## Full text search indexer is available in rhodecode-tools under
## `rhodecode-tools index` command

## WHOOSH Backend, doesn't require additional services to run
## it works good with few dozen repos
search.module = rhodecode.lib.index.whoosh
search.location = %(here)s/data/index

########################################
### CHANNELSTREAM CONFIG ####
########################################
## channelstream enables persistent connections and live notification
## in the system. It's also used by the chat system
channelstream.enabled = false

## server address for channelstream server on the backend
channelstream.server = 127.0.0.1:9800

## location of the channelstream server from outside world
## use ws:// for http or wss:// for https. This address needs to be handled
## by external HTTP server such as Nginx or Apache
## see nginx/apache configuration examples in our docs
channelstream.ws_url = ws://rhodecode.yourserver.com/_channelstream
channelstream.secret = secret
channelstream.history.location = %(here)s/channelstream_history

## Internal application path that Javascript uses to connect into.
## If you use proxy-prefix the prefix should be added before /_channelstream
channelstream.proxy_path = /_channelstream

###################################
## APPENLIGHT CONFIG ##
###################################

## Appenlight is tailored to work with RhodeCode, see
## http://appenlight.com for details how to obtain an account

## appenlight integration enabled
appenlight = false

appenlight.server_url = https://api.appenlight.com
appenlight.api_key = YOUR_API_KEY
#appenlight.transport_config = https://api.appenlight.com?threaded=1&timeout=5

## used for JS client
appenlight.api_public_key = YOUR_API_PUBLIC_KEY

## TWEAK AMOUNT OF INFO SENT HERE

## enables 404 error logging (default False)
appenlight.report_404 = false

## time in seconds after request is considered being slow (default 1)
appenlight.slow_request_time = 1

## record slow requests in application
## (needs to be enabled for slow datastore recording and time tracking)
appenlight.slow_requests = true

## enable hooking to application loggers
appenlight.logging = true

## minimum log level for log capture
appenlight.logging.level = WARNING

## send logs only from erroneous/slow requests
## (saves API quota for intensive logging)
appenlight.logging_on_error = false

## list of additonal keywords that should be grabbed from environ object
## can be string with comma separated list of words in lowercase
## (by default client will always send following info:
## 'REMOTE_USER', 'REMOTE_ADDR', 'SERVER_NAME', 'CONTENT_TYPE' + all keys that
## start with HTTP* this list be extended with additional keywords here
appenlight.environ_keys_whitelist = ""

## list of keywords that should be blanked from request object
## can be string with comma separated list of words in lowercase
## (by default client will always blank keys that contain following words
## 'password', 'passwd', 'pwd', 'auth_tkt', 'secret', 'csrf'
## this list be extended with additional keywords set here
appenlight.request_keys_blacklist = ""

## list of namespaces that should be ignores when gathering log entries
## can be string with comma separated list of namespaces
## (by default the client ignores own entries: appenlight_client.client)
appenlight.log_namespace_blacklist = ""

################################################################################
## WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT* ##
## Debug mode will enable the interactive debugging tool, allowing ANYONE to ##
## execute malicious code after an exception is raised. ##
################################################################################
set debug = false

###########################################
### MAIN RHODECODE DATABASE CONFIG ###
###########################################
#sqlalchemy.db1.url = sqlite:///%(here)s/rhodecode.db?timeout=30
#sqlalchemy.db1.url = postgresql://postgres:qweqwe@localhost/rhodecode
#sqlalchemy.db1.url = mysql://root:qweqwe@localhost/rhodecode
sqlalchemy.db1.url = mysql://****:****[email blocked].XXX:3306/rhodecode

## see sqlalchemy docs for other advanced settings

## print the sql statements to output
sqlalchemy.db1.echo = false
## recycle the connections after this amount of seconds
sqlalchemy.db1.pool_recycle = 3600
sqlalchemy.db1.convert_unicode = true

## the number of connections to keep open inside the connection pool.
## 0 indicates no limit
#sqlalchemy.db1.pool_size = 5

## the number of connections to allow in connection pool "overflow", that is
## connections that can be opened above and beyond the pool_size setting,
## which defaults to five.
#sqlalchemy.db1.max_overflow = 10

##################
### VCS CONFIG ###
##################
vcs.server.enable = true
vcs.server = 127.0.0.1:10001

## Web server connectivity protocol, responsible for web based VCS operatations
## Available protocols are:
## `pyro4` - use pyro4 server
## `http` - use http-rpc backend (default)
vcs.server.protocol = http

## Push/Pull operations protocol, available options are:
## `pyro4` - use pyro4 server
## `http` - use http-rpc backend (default)
##
vcs.scm_app_implementation = http

## Push/Pull operations hooks protocol, available options are:
## `pyro4` - use pyro4 server
## `http` - use http-rpc backend (default)
vcs.hooks.protocol = http

vcs.server.log_level = info
## Start VCSServer with this instance as a subprocess, usefull for development
vcs.start_server = false

## List of enabled VCS backends, available options are:
## `hg` - mercurial
## `git` - git
## `svn` - subversion

vcs.backends = hg, git, svn

vcs.connection_timeout = 3600
## Compatibility version when creating SVN repositories. Defaults to newest version when commented out.
## Available options are: pre-1.4-compatible, pre-1.5-compatible, pre-1.6-compatible, pre-1.8-compatible
#vcs.svn.compatible_version = pre-1.8-compatible

############################################################
### Subversion proxy support (mod_dav_svn) ###
### Maps RhodeCode repo groups into SVN paths for Apache ###
############################################################
## Enable or disable the config file generation.
svn.proxy.generate_config = true
## Generate config file with `SVNListParentPath` set to `On`.
svn.proxy.list_parent_path = true
## Set location and file name of generated config file.
svn.proxy.config_file_path = /home/rhodecode/.rccontrol/community-1/mod_dav_svn.conf
## Used as a prefix to the `Location` block in the generated config file.
## In most cases it should be set to `/`.
svn.proxy.location_root = /
## Command to reload the mod dav svn configuration on change.
## Example: `/etc/init.d/apache2 reload`
svn.proxy.reload_cmd = /etc/init.d/apache2 reload
## If the timeout expires before the reload command finishes, the command will
## be killed. Setting it to zero means no timeout. Defaults to 10 seconds.
svn.proxy.reload_timeout = 10

## Dummy marker to add new entries after.
## Add any custom entries below. Please don't remove.
custom.conf = 1

################################
### LOGGING CONFIGURATION ####
################################
[loggers]
keys = root, routes, rhodecode, sqlalchemy, beaker, templates

[handlers]
keys = console, console_sql

[formatters]
keys = generic, color_formatter, color_formatter_sql

#############
## LOGGERS ##
#############
[logger_root]
level = NOTSET
handlers = console

[logger_routes]
level = DEBUG
handlers = ""
qualname = routes.middleware
## "level = DEBUG" logs the route matched and routing variables.
propagate = 1

[logger_beaker]
level = DEBUG
handlers = ""
qualname = beaker.container
propagate = 1

[logger_templates]
level = INFO
handlers = ""
qualname = pylons.templating
propagate = 1

[logger_rhodecode]
level = DEBUG
handlers = ""
qualname = rhodecode
propagate = 1

[logger_sqlalchemy]
level = INFO
handlers = console_sql
qualname = sqlalchemy.engine
propagate = 0

##############
## HANDLERS ##
##############

[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = INFO
formatter = generic

[handler_console_sql]
class = StreamHandler
args = (sys.stderr,)
level = WARN
formatter = generic

################
## FORMATTERS ##
################

[formatter_generic]
class = rhodecode.lib.logging_formatter.Pyro4AwareFormatter
format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %Y-%m-%d %H:%M:%S

[formatter_color_formatter]
class = rhodecode.lib.logging_formatter.ColorFormatter
format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %Y-%m-%d %H:%M:%S

[formatter_color_formatter_sql]
class = rhodecode.lib.logging_formatter.ColorFormatterSql
format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %Y-%m-%d %H:%M:%S

  1. Support Staff 1 Posted by Marcin Kuzminsk... on 09 Nov, 2017 09:51 AM

    Marcin Kuzminski's Avatar

    Hi Joseba,

    The speed problem is related to how the HTTP protocol works in subversion. RhodeCode tries to be very secure and it authenticates every single request, that goes via the permission checks, and authentication checks (like LDAP etc..) If your LDAP connection is taking time this relates to a big difference in speed. Apache just does authentication and then it trusts each request thus resulting in speed difference.

    To overcome this, we recommend using TTL_CACHE on the auth-plugins, if you'll go to
    admin > authentication, set the TTL_CACHE on the plugin that is used (e.g your ldap)

    Setting it to values of 10-15 should reduce the times significantly.

    Secondly there's a 4.10.X series release that we pushed to public few days ago, it also adds some changes to speed up SVN protocol, we'd recommend upgrading to it too.

    As for the other errors you posted, please check rhodecode logs there should be a detailed exception logs with error.

    Best,

    P.S. Please consider joining our Slack community channel under https://rhodecode.com/join . Get access to our development team as well as community members always willing to help.

  2. 2 Posted by joseba.ortega on 09 Nov, 2017 11:30 AM

    joseba.ortega's Avatar

    hi Marcin:
    Thank you for your quick answr. I have already changed ttl. I am going to update Rhodecode also. After this, I'll check it again and I'll say you the results.
    Thank you again, because our users aren't very happy now with the change.
    :)

  3. Support Staff 3 Posted by Marcin Kuzminsk... on 09 Nov, 2017 11:38 AM

    Marcin Kuzminski's Avatar

    Have you investigated the logs to search for error posted? maybe there's a correlation and it should be also fixed.

    Best,

  4. 4 Posted by joseba.ortega on 09 Nov, 2017 03:12 PM

    joseba.ortega's Avatar

    Hi Marcin:
    There isn't error in the logs. Tomorrow in the morning I am going to update my rhodecode. Later, I'll test it again the speed. I think that although the ldap's authentication is slow at the begining, maybe 5 seconds, the file download is very slow and i suppose that in that moment we aren't using authentication file by file.
    The first 5 secons are assumable but not the rest of the operation.

  5. 5 Posted by joseba.ortega on 10 Nov, 2017 09:05 AM

    joseba.ortega's Avatar

    Hi again:
    I have tried to upgrade Rhodecode this morning. Unfortunately I have to reverse to earlier version because ldap's module doesn't work and the users can not log on to the system. I send community.log. For this reason I couldn't check the speed. The Ldap's configuration was the same before and after.

  6. Support Staff 6 Posted by Marcin Kuzminsk... on 10 Nov, 2017 09:18 AM

    Marcin Kuzminski's Avatar

    Hi Joseba,

    Quick look at the logs this error seems to be present:

    FILTER_ERROR: {'info': 'Resource temporarily unavailable', 'desc': 'Bad search filter', 'errno': 11}

    We haven't change the code for ldap from 4.9.0 vs 4.10.2 so it's very odd. Maybe it was a temporary glitch ? of your ldap server ?

    You can always install another instance using sqlite database for testing purposes, and check out 4.10.2 without upgrading the 4.9.0 version.

  7. Support Staff 7 Posted by Marcin Kuzminsk... on 11 Nov, 2017 07:07 PM

    Marcin Kuzminski's Avatar

    Hi Joseba,

    We have investigated a regression in 4.10.X release, due to the update of ldap library. Thanks for reporting this, a 4.10.3 version was released to address this issue.

    Best,

  8. 8 Posted by joseba.ortega on 13 Nov, 2017 07:24 AM

    joseba.ortega's Avatar

    Thank you Marcin.
    This week I'll try to update it again. Also, I'll check the tortoise's speed.
    Thank you again.
    Regards.

  9. Support Staff 9 Posted by Marcin Kuzminsk... on 21 Nov, 2017 06:38 PM

    Marcin Kuzminski's Avatar

    Hi Joseba,

    have you had a chance to test speed of tortoise after those changes ?

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Already uploaded files

  • 2017-11-09_09_58_42-.png 93.2 KB
  • 2017-11-09_10_14_24-.png 103 KB
  • 2017-11-09_10_30_03-https___aketz.tech.ingeteam.local_TIC_Mantis_-_Repository_Browser_-_TortoiseSVN.png 30.7 KB

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

23 Nov, 2017 03:02 PM
21 Nov, 2017 06:38 PM
03 Oct, 2017 08:26 PM
03 Oct, 2017 05:48 PM
28 Sep, 2017 05:55 PM