From 63168aacd63d712f67ca8c5b448f637729cdc2de Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 25 Feb 2013 08:46:10 -0500
Subject: [PATCH] Documentation

---
 distrib/gitblit.properties |  184 +++++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 172 insertions(+), 12 deletions(-)

diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties
index 60b1a89..f5cc19b 100644
--- a/distrib/gitblit.properties
+++ b/distrib/gitblit.properties
@@ -1,4 +1,19 @@
 #
+# Gitblit Settings
+#
+
+# This settings file supports parameterization from the command-line for the
+# following command-line parameters:
+#
+#   --baseFolder    ${baseFolder}    SINCE 1.2.1
+#
+# Settings that support ${baseFolder} parameter substitution are indicated with the
+# BASEFOLDER attribute.  If the --baseFolder argument is unspecified, ${baseFolder}
+# and it's trailing / will be discarded from the setting value leaving a relative
+# path that is equivalent to pre-1.2.1 releases.
+#
+# e.g. "${baseFolder}/git" becomes "git", if --baseFolder is unspecified 
+#
 # Git Servlet Settings
 #
 
@@ -10,7 +25,8 @@
 #
 # SINCE 0.5.0
 # RESTART REQUIRED
-git.repositoriesFolder = git
+# BASEFOLDER
+git.repositoriesFolder = ${baseFolder}/git
 
 # Build the available repository list at startup and cache this list for reuse.
 # This reduces disk io when presenting the repositories page, responding to rpcs,
@@ -68,6 +84,28 @@
 #
 # SINCE 0.5.0
 git.enableGitServlet = true
+
+# If you want to restrict all git servlet access to those with valid X509 client
+# certificates then set this value to true.
+#
+# SINCE 1.2.0
+git.requiresClientCertificate = false
+
+# Enforce date checks on client certificates to ensure that they are not being
+# used prematurely and that they have not expired.
+#
+# SINCE 1.2.0
+git.enforceCertificateValidity = true
+
+# List of OIDs to extract from a client certificate DN to map a certificate to
+# an account username.
+#
+# e.g. git.certificateUsernameOIDs = CN
+# e.g. git.certificateUsernameOIDs = FirstName LastName
+#
+# SPACE-DELIMITED
+# SINCE 1.2.0
+git.certificateUsernameOIDs = CN
 
 # Only serve/display bare repositories.
 # If there are non-bare repositories in git.repositoriesFolder and this setting
@@ -277,14 +315,16 @@
 #
 # RESTART REQUIRED
 # SINCE 0.8.0
-groovy.scriptsFolder = groovy
+# BASEFOLDER
+groovy.scriptsFolder = ${baseFolder}/groovy
 
 # Specify the directory Grape uses for downloading libraries.
 # http://groovy.codehaus.org/Grape
 #
 # RESTART REQUIRED
 # SINCE 1.0.0
-groovy.grapeFolder = groovy/grape
+# BASEFOLDER
+groovy.grapeFolder = ${baseFolder}/groovy/grape
 
 # Scripts to execute on Pre-Receive.
 #
@@ -344,6 +384,53 @@
 groovy.customFields = 
 
 #
+# Fanout Settings
+#
+
+# Fanout is a PubSub notification service that can be used by Sparkleshare
+# to eliminate repository change polling.  The fanout service runs in a separate
+# thread on a separate port from the Gitblit http/https application.
+# This service is provided so that Sparkleshare may be used with Gitblit in
+# firewalled environments or where reliance on Sparkleshare's default notifications
+# server (notifications.sparkleshare.org) is unwanted.
+#
+# This service maintains an open socket connection from the client to the
+# Fanout PubSub service. This service may not work properly behind a proxy server.  
+
+# Specify the interface for Fanout to bind it's service.
+# You may specify an ip or an empty value to bind to all interfaces.
+# Specifying localhost will result in Gitblit ONLY listening to requests to
+# localhost.
+#
+# SINCE 1.2.1
+# RESTART REQUIRED
+fanout.bindInterface = localhost
+
+# port for serving the Fanout PubSub service.  <= 0 disables this service.
+# On Unix/Linux systems, ports < 1024 require root permissions.
+# Recommended value: 17000
+#
+# SINCE 1.2.1
+# RESTART REQUIRED
+fanout.port = 0
+
+# Use Fanout NIO service.  If false, a multi-threaded socket service will be used.
+# Be advised, the socket implementation spawns a thread per connection plus the
+# connection acceptor thread.  The NIO implementation is completely single-threaded.
+#
+# SINCE 1.2.1
+# RESTART REQUIRED
+fanout.useNio = true
+
+# Concurrent connection limit.  <= 0 disables concurrent connection throttling.
+# If > 0, only the specified number of concurrent connections will be allowed
+# and all other connections will be rejected.
+#
+# SINCE 1.2.1
+# RESTART REQUIRED
+fanout.connectionLimit = 0
+
+#
 # Authentication Settings
 #
 
@@ -368,7 +455,8 @@
 # Config file for storing project metadata
 #
 # SINCE 1.2.0
-web.projectsFile = projects.conf
+# BASEFOLDER
+web.projectsFile = ${baseFolder}/projects.conf
 
 # Either the full path to a user config file (users.conf)
 # OR the full path to a simple user properties file (users.properties)
@@ -382,7 +470,8 @@
 #
 # SINCE 0.5.0
 # RESTART REQUIRED
-realm.userService = users.conf
+# BASEFOLDER
+realm.userService = ${baseFolder}/users.conf
 
 # How to store passwords.
 # Valid values are plain, md5, or combined-md5.  md5 is the hash of password.
@@ -441,7 +530,8 @@
 # http://googlewebmastercentral.blogspot.com/2008/06/improving-on-robots-exclusion-protocol.html
 #
 # SINCE 1.0.0
-web.robots.txt = 
+# BASEFOLDER
+web.robots.txt = ${baseFolder}/robots.txt
 
 # If true, the web ui layout will respond and adapt to the browser's dimensions.
 # if false, the web ui will use a 940px fixed-width layout.
@@ -460,6 +550,19 @@
 # SINCE 0.5.0   
 web.allowZipDownloads = true
 
+# If *web.allowZipDownloads=true* the following formats will be displayed for
+# download compressed archive links:
+#
+# zip   = standard .zip
+# tar   = standard tar format (preserves *nix permissions and symlinks)
+# gz    = gz-compressed tar
+# xz    = xz-compressed tar
+# bzip2 = bzip2-compressed tar
+#
+# SPACE-DELIMITED
+# SINCE 1.2.0
+web.compressedDownloads = zip gz
+
 # Allow optional Lucene integration. Lucene indexing is an opt-in feature.
 # A repository may specify branches to index with Lucene instead of using Git
 # commit traversal. There are scenarios where you may want to completely disable
@@ -469,12 +572,31 @@
 # SINCE 0.9.0
 web.allowLuceneIndexing = true
 
+# Allows an authenticated user to create forks of a repository
+#
+# set this to false if you want to disable all fork controls on the web site
+#
+web.allowForking = true
+
+# Controls the length of shortened commit hash ids
+#
+# SINCE 1.2.0
+web.shortCommitIdLength = 6
+
 # Use Clippy (Flash solution) to provide a copy-to-clipboard button.
 # If false, a button with a more primitive JavaScript-based prompt box will
 # offer a 3-step (click, ctrl+c, enter) copy-to-clipboard alternative.
 #
 # SINCE 0.8.0
 web.allowFlashCopyToClipboard = true
+
+# Default maximum number of commits that a repository may contribute to the
+# activity page, regardless of the selected duration.  This setting may be valuable
+# for an extremely busy server.  This value may also be configed per-repository
+# in Edit Repository. 0 disables this throttle.
+#
+# SINCE 1.2.0
+web.maxActivityCommits = 0
 
 # Default number of entries to include in RSS Syndication links
 #
@@ -508,6 +630,7 @@
 # Specifying "gitblit" uses the internal login message.
 #
 # SINCE 0.7.0
+# BASEFOLDER
 web.loginMessage = gitblit
 
 # This is the message displayed above the repositories table.
@@ -515,6 +638,7 @@
 # Specifying "gitblit" uses the internal welcome message.
 #
 # SINCE 0.5.0
+# BASEFOLDER
 web.repositoriesMessage = gitblit
 
 # Ordered list of charsets/encodings to use when trying to display a blob.
@@ -679,7 +803,7 @@
 #
 # SPACE-DELIMITED
 # SINCE 0.5.0
-web.prettyPrintExtensions = c cpp cs css frm htm html java js php pl prefs properties py rb sh sql xml vb
+web.prettyPrintExtensions = c cpp cs css frm groovy htm html java js php pl prefs properties py rb scala sh sql xml vb
 
 # Registered extensions for markdown transformation
 #
@@ -824,7 +948,8 @@
 # Use forward slashes even on Windows!!
 #
 # SINCE 0.6.0
-federation.proposalsFolder = proposals
+# BASEFOLDER
+federation.proposalsFolder = ${baseFolder}/proposals
 
 # The default pull frequency if frequency is unspecified on a registration
 #
@@ -926,7 +1051,8 @@
 #
 # SINCE 1.0.0
 # RESTART REQUIRED
-realm.ldap.backingUserService = users.conf
+# BASEFOLDER
+realm.ldap.backingUserService = ${baseFolder}/users.conf
 
 # Delegate team membership control to LDAP.
 #
@@ -1022,7 +1148,8 @@
 # default: users.conf
 #
 # RESTART REQUIRED
-realm.redmine.backingUserService = users.conf
+# BASEFOLDER
+realm.redmine.backingUserService = ${baseFolder}/users.conf
 
 # URL of the Redmine.
 realm.redmine.url = http://example.com/redmine
@@ -1035,7 +1162,8 @@
 #
 # SINCE 0.5.0
 # RESTART REQUIRED
-server.tempFolder = temp
+# BASEFOLDER
+server.tempFolder = ${baseFolder}/temp
 
 # Use Jetty NIO connectors.  If false, Jetty Socket connectors will be used.
 #
@@ -1101,17 +1229,49 @@
 # RESTART REQUIRED
 server.ajpBindInterface = localhost
 
+# Alias of certificate to use for https/SSL serving.  If blank the first
+# certificate found in the keystore will be used. 
+#
+# SINCE 1.2.0
+# RESTART REQUIRED
+server.certificateAlias = localhost
+
 # Password for SSL keystore.
 # Keystore password and certificate password must match.
 # This is provided for convenience, its probably more secure to set this value
 # using the --storePassword command line parameter.
 #
+# If you are using the official JRE or JDK from Oracle you may not have the
+# JCE Unlimited Strength Jurisdiction Policy files bundled with your JVM.  Because
+# of this, your store/key password can not exceed 7 characters.  If you require
+# longer passwords you may need to install the JCE Unlimited Strength Jurisdiction
+# Policy files from Oracle.
+#
+# http://www.oracle.com/technetwork/java/javase/downloads/index.html
+#
+# Gitblit and the Gitblit Certificate Authority will both indicate if Unlimited
+# Strength encryption is available.
+#
 # SINCE 0.5.0
 # RESTART REQUIRED
 server.storePassword = gitblit
+
+# If serving over https (recommended) you might consider requiring clients to
+# authenticate with ssl certificates.  If enabled, only https clients with the
+# a valid client certificate will be able to access Gitblit.
+#
+# If disabled, client certificate authentication is optional and will be tried
+# first before falling-back to form authentication or basic authentication.
+#
+# Requiring client certificates to access any of Gitblit may be too extreme,
+# consider this carefully.
+#
+# SINCE 1.2.0
+# RESTART REQUIRED
+server.requireClientCertificates = false
 
 # Port for shutdown monitor to listen on.
 #
 # SINCE 0.5.0
 # RESTART REQUIRED
-server.shutdownPort = 8081
\ No newline at end of file
+server.shutdownPort = 8081

--
Gitblit v1.9.1