index_dir = %(here)s/data/index

## uncomment and set this path to use archive download cache

archive_cache_dir = %(here)s/data/tarballcache

## change this to unique ID for security

#app_instance_uuid = VERY-SECRET

app_instance_uuid = development-not-secret

## cut off limit for large diffs (size in bytes)

cut_off_limit = 256000

## always pretend the client connected using HTTPS (default false)

#force_https = true

## use Strict-Transport-Security headers (default false)

#use_htsts = true

## number of commits stats will parse on each iteration

commit_parse_limit = 25

## Path to Python executable to be used for git hooks.

## This value will be written inside the git hook scripts as the text

## after '#!' (shebang). When empty or not defined, the value of

the HTTP level. The WSGI server will provide this information to Kallithea in

the "environment".

In some setups, a proxy server will take requests from users and forward

them to the actual Kallithea server. The proxy server will thus be the

immediate client of the Kallithea WSGI server, and Kallithea will basically see

it as such. To make sure Kallithea sees the request as it arrived from the

client to the proxy server, the proxy server must be configured to

somehow pass the original information on to Kallithea, and Kallithea must be

configured to pick that information up and trust it.

Kallithea will by default rely on its WSGI server to provide the IP of the

Kallithea will by default rely on finding the protocol (``http`` or ``https``)

in the WSGI environment as ``wsgi.url_scheme``. If the proxy server puts

the protocol of the client request in the ``X-Url-Scheme``,

``X-Forwarded-Scheme``, or ``X-Forwarded-Proto`` HTTP header,

Kallithea can be configured to trust these headers by setting::

    https_fixup = true

HTTPS support

-------------

    first proxy, so if we have a proxy that is adding one IP address, we can

    only trust the rightmost address.

    """

    if ',' in ip:

        _ips = ip.split(',')

        _first_ip = _ips[-1].strip()

        log.debug('Got multiple IPs %s, using %s', ','.join(_ips), _first_ip)

        return _first_ip

    return ip

def get_ip_addr(environ):

def get_path_info(environ):

    """Return PATH_INFO from environ ... using tg.original_request if available.

    In Python 3 WSGI, PATH_INFO is a unicode str, but kind of contains encoded

    bytes. The code points are guaranteed to only use the lower 8 bit bits, and

    encoding the string with the 1:1 encoding latin1 will give the

    corresponding byte string ... which then can be decoded to proper unicode.

    """

    org_req = environ.get('tg.original_request')

    if org_req is not None:

cache_dir = %(here)s/data

index_dir = %(here)s/data/index

<%text>##</%text> uncomment and set this path to use archive download cache

archive_cache_dir = %(here)s/data/tarballcache

<%text>##</%text> change this to unique ID for security

app_instance_uuid = ${uuid()}

<%text>##</%text> cut off limit for large diffs (size in bytes)

cut_off_limit = 256000

<%text>##</%text> always pretend the client connected using HTTPS (default false)

#force_https = true

<%text>##</%text> use Strict-Transport-Security headers (default false)

#use_htsts = true

<%text>##</%text> number of commits stats will parse on each iteration

commit_parse_limit = 25

<%text>##</%text> Path to Python executable to be used for git hooks.

<%text>##</%text> This value will be written inside the git hook scripts as the text

<%text>##</%text> after '#!' (shebang). When empty or not defined, the value of