gitblit/src/main/distrib/data/gitblit.properties

#
# Gitblit Settings
#

# This settings file supports parameterization from the command-line for the
# following command-line parameters:
#
#   --baseFolder    ${baseFolder}    SINCE 1.2.1
#
# Settings that support ${baseFolder} parameter substitution are indicated with the
# BASEFOLDER attribute.  If the --baseFolder argument is unspecified, ${baseFolder}
# and it's trailing / will be discarded from the setting value leaving a relative
# path that is equivalent to pre-1.2.1 releases.
#
# e.g. "${baseFolder}/git" becomes "git", if --baseFolder is unspecified 
#
# Git Servlet Settings
#

# Base folder for repositories.
# This folder may contain bare and non-bare repositories but Gitblit will only
# allow you to push to bare repositories.
# Use forward slashes even on Windows!!
# e.g. c:/gitrepos
#
# SINCE 0.5.0
# RESTART REQUIRED
# BASEFOLDER
git.repositoriesFolder = ${baseFolder}/git

# Build the available repository list at startup and cache this list for reuse.
# This reduces disk io when presenting the repositories page, responding to rpcs,
# etc, but it means that  Gitblit will not automatically identify repositories
# added or deleted by external tools.
#
# For this case you can use curl, wget, etc to issue an rpc request to clear the
# cache (e.g. https://localhost/rpc?req=CLEAR_REPOSITORY_CACHE)
#
# SINCE 1.1.0
git.cacheRepositoryList = true

# Search the repositories folder subfolders for other repositories.
# Repositories MAY NOT be nested (i.e. one repository within another)
# but they may be grouped together in subfolders.
# e.g. c:/gitrepos/libraries/mylibrary.git
#      c:/gitrepos/libraries/myotherlibrary.git
#
# SINCE 0.5.0
git.searchRepositoriesSubfolders = true

# Maximum number of folders to recurse into when searching for repositories.
# The default value, -1, disables depth limits.
#
# SINCE 1.1.0
git.searchRecursionDepth = -1

# List of regex exclusion patterns to match against folders found in
# *git.repositoriesFolder*.
# Use forward slashes even on Windows!!
# e.g. test/jgit\.git
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.1.0
git.searchExclusions =

# List of regex url patterns for extracting a repository name when locating
# submodules.
#   e.g. git.submoduleUrlPatterns = .*?://github.com/(.*) will extract
#   *gitblit/gitblit.git* from *git://github.com/gitblit/gitblit.git*
# If no matches are found then the submodule repository name is assumed to be
# whatever trails the last / character. (e.g. gitblit.git).
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.1.0
git.submoduleUrlPatterns = .*?://github.com/(.*)

# Specify the interface for Git Daemon to bind it's service.
# You may specify an ip or an empty value to bind to all interfaces.
# Specifying localhost will result in Gitblit ONLY listening to requests to
# localhost.
#
# SINCE 1.3.0
# RESTART REQUIRED
git.daemonBindInterface = 

# port for serving the Git Daemon service.  <= 0 disables this service.
# On Unix/Linux systems, ports < 1024 require root permissions.
# Recommended value: 9418
#
# SINCE 1.3.0
# RESTART REQUIRED
git.daemonPort = 9418

# The port for serving the SSH service.  <= 0 disables this service.
# On Unix/Linux systems, ports < 1024 require root permissions.
# Recommended value: 29418
#
# SINCE 1.5.0
# RESTART REQUIRED
git.sshPort = 29418

# Specify the interface for the SSH daemon to bind its service.
# You may specify an ip or an empty value to bind to all interfaces.
# Specifying localhost will result in Gitblit ONLY listening to requests to
# localhost.
#
# SINCE 1.5.0
# RESTART REQUIRED
git.sshBindInterface = 

# Specify the SSH key manager to use for retrieving, storing, and removing
# SSH keys.
#
# Valid key managers are:
#    com.gitblit.transport.ssh.FileKeyManager
#
# SINCE 1.5.0
git.sshKeysManager = com.gitblit.transport.ssh.FileKeyManager

# Directory for storing user SSH keys when using the FileKeyManager.
#
# SINCE 1.5.0
git.sshKeysFolder= ${baseFolder}/ssh

# SSH backend NIO2|MINA.
#
# The Apache Mina project recommends using the NIO2 backend.
#
# SINCE 1.5.0
git.sshBackend = NIO2

# Number of threads used to parse a command line submitted by a client over SSH
# for execution, create the internal data structures used by that command,
# and schedule it for execution on another thread.
#
# SINCE 1.5.0
git.sshCommandStartThreads = 2


# Allow push/pull over http/https with JGit servlet.
# If you do NOT want to allow Git clients to clone/push to Gitblit set this
# to false.  You might want to do this if you are only using ssh:// or git://.
# If you set this false, consider changing the *web.otherUrls* setting to
# indicate your clone/push urls.
#
# SINCE 0.5.0
git.enableGitServlet = true

# If you want to restrict all git servlet access to those with valid X509 client
# certificates then set this value to true.
#
# SINCE 1.2.0
git.requiresClientCertificate = false

# Enforce date checks on client certificates to ensure that they are not being
# used prematurely and that they have not expired.
#
# SINCE 1.2.0
git.enforceCertificateValidity = true

# List of OIDs to extract from a client certificate DN to map a certificate to
# an account username.
#
# e.g. git.certificateUsernameOIDs = CN
# e.g. git.certificateUsernameOIDs = FirstName LastName
#
# SPACE-DELIMITED
# SINCE 1.2.0
git.certificateUsernameOIDs = CN

# Only serve/display bare repositories.
# If there are non-bare repositories in git.repositoriesFolder and this setting
# is true, they will be excluded from the ui. 
#
# SINCE 0.9.0
git.onlyAccessBareRepositories = false


# Specify the list of acceptable transports for pushes.
# If this setting is empty, all transports are acceptable.
#
# Valid choices are: GIT HTTP HTTPS SSH
#
# SINCE 1.5.0
# SPACE-DELIMITED
git.acceptedPushTransports = HTTP HTTPS SSH

# Allow an authenticated user to create a destination repository on a push if
# the repository does not already exist.
#
# Administrator accounts can create a repository in any project.
# These repositories are created with the default access restriction and authorization
# control values.  The pushing account is set as the owner.
#
# Non-administrator accounts with the CREATE role may create personal repositories.
# These repositories are created as VIEW restricted for NAMED users.
# The pushing account is set as the owner.
#
# SINCE 1.2.0
git.allowCreateOnPush = true

# Global setting to control anonymous pushes.
#
# This setting allows/rejects anonymous pushes at the level of the receive pack.
# This trumps all repository config settings.  While anonymous pushes are convenient
# on your own box when you are a lone developer,  they are not recommended for
# any multi-user installation where accountability is required.  Since Gitblit
# tracks pushes and user accounts, allowing anonymous pushes compromises that
# information.
#
# SINCE 1.4.0
git.allowAnonymousPushes = false

# The default access restriction for new repositories.
# Valid values are NONE, PUSH, CLONE, VIEW
#  NONE = anonymous view, clone, & push
#  PUSH = anonymous view & clone and authenticated push
#  CLONE = anonymous view, authenticated clone & push
#  VIEW = authenticated view, clone, & push
#
# SINCE 1.0.0
git.defaultAccessRestriction = PUSH

# The default authorization control for new repositories.
# Valid values are AUTHENTICATED and NAMED
#  AUTHENTICATED = any authenticated user is granted restricted access
#  NAMED = only named users/teams are granted restricted access
#
# SINCE 1.1.0
git.defaultAuthorizationControl = NAMED

# The prefix for a users personal repository directory.
#
# Personal user repositories are created in this directory, named by the user name
# prefixed with the userRepositoryPrefix. For eaxmple, a user 'john' would have his
# personal repositories in the directory '~john'.
#
# Cannot be an empty string. Also, absolute paths are changed to relative paths by 
# removing the first directory separator.
#
# It is not recommended to change this value AFTER your user's have created
# personal repositories because it will break all permissions, ownership, and
# repository push/pull operations. 
#
# RESTART REQUIRED
# SINCE 1.4.0
git.userRepositoryPrefix = ~

# The default incremental push tag prefix.  Tag prefix applied to a repository
# that has automatic push tags enabled and does not specify a custom tag prefix.
#
# If incremental push tags are enabled, the tips of each branch in the push will
# be tagged with an increasing revision integer.
#
# e.g. refs/tags/r2345 or refs/tags/rev_2345 
#
# SINCE 1.3.0
git.defaultIncrementalPushTagPrefix = r

# Controls creating a repository as --shared on Unix servers.
#
# In an Unix environment where mixed access methods exist for shared repositories,
# the repository should be created with 'git init --shared' to make sure that
# it can be accessed e.g. via ssh (user git) and http (user www-data).
#
# Valid values are the values available for the '--shared' option. The the manual
# page for 'git init' for more information on shared repositories.
#
# SINCE 1.4.0
git.createRepositoriesShared = false

# Enable JGit-based garbage collection. (!!EXPERIMENTAL!!)
#
# USE AT YOUR OWN RISK!
#
# If enabled, the garbage collection executor scans all repositories once a day
# at the hour of your choosing.  The GC executor will take each repository "offline",
# one-at-a-time, to check if the repository satisfies it's GC trigger requirements.
#
# While the repository is offline it will be inaccessible from the web UI or from
# any of the other services (git, rpc, rss, etc).
#
# Gitblit's GC Executor MAY NOT PLAY NICE with the other Git kids on the block,
# especially on Windows systems, so if you are using other tools please coordinate
# their usage with your GC Executor schedule or do not use this feature.
#
# The GC algorithm complex and the JGit team advises caution when using their
# young implementation of GC.
#
# http://wiki.eclipse.org/EGit/New_and_Noteworthy/2.1#Garbage_Collector_and_Repository_Storage_Statistics
#
# EXPERIMENTAL
# SINCE 1.2.0
# RESTART REQUIRED
git.enableGarbageCollection = false

# Hour of the day for the GC Executor to scan repositories.
# This value is in 24-hour time.
#
# SINCE 1.2.0
git.garbageCollectionHour = 0

# The default minimum total filesize of loose objects to trigger early garbage
# collection.
#
# You may specify a custom threshold for a repository in the repository's settings.
# Common unit suffixes of k, m, or g are supported.
#
# SINCE 1.2.0
git.defaultGarbageCollectionThreshold = 500k

# The default period, in days, between GCs for a repository.  If the total filesize
# of the loose object exceeds *git.garbageCollectionThreshold* or the repository's
# custom threshold, this period will be short-circuited. 
#
# e.g. if a repository collects 100KB of loose objects every day with a 500KB
# threshold and a period of 7 days, it will take 5 days for the loose objects to
# be collected, packed, and pruned.
#
# OR
#
# if a repository collects 10KB of loose objects every day with a 500KB threshold
# and a period of 7 days, it will take the full 7 days for the loose objects to be
# collected, packed, and pruned.
#
# You may specify a custom period for a repository in the repository's settings.
#
# The minimum value is 1 day since the GC Executor only runs once a day.
#
# SINCE 1.2.0
git.defaultGarbageCollectionPeriod = 7

# Gitblit can automatically fetch ref updates for a properly configured mirror
# repository.
#
# Requirements:
# 1. you must manually clone the repository using native git
#    git clone --mirror git://somewhere.com/myrepo.git
# 2. the "origin" remote must be the mirror source
# 3. the "origin" repository must be accessible without authentication OR the
#    credentials must be embedded in the origin url (not recommended)
#
# Notes:
# 1. "origin" SSH urls are untested and not likely to work
# 2. mirrors cloned while Gitblit is running are likely to require clearing the
#    gitblit cache (link on the repositories page of an administrator account)
# 3. Gitblit will automatically repair any invalid fetch refspecs with a "//"
#    sequence.
#
# SINCE 1.4.0
# RESTART REQUIRED
git.enableMirroring = false

# Specify the period between update checks for mirrored repositories.
# The shortest period you may specify between mirror update checks is 5 mins.
#
# SINCE 1.4.0
# RESTART REQUIRED
git.mirrorPeriod = 30 mins

# Number of bytes of a pack file to load into memory in a single read operation.
# This is the "page size" of the JGit buffer cache, used for all pack access
# operations. All disk IO occurs as single window reads. Setting this too large
# may cause the process to load more data than is required; setting this too small
# may increase the frequency of read() system calls.
#
# Default on JGit is 8 KiB on all platforms.
#
# Common unit suffixes of k, m, or g are supported.
# Documentation courtesy of the Gerrit project.
#
# SINCE 1.0.0
# RESTART REQUIRED
git.packedGitWindowSize = 8k

# Maximum number of bytes to load and cache in memory from pack files. If JGit
# needs to access more than this many bytes it will unload less frequently used
# windows to reclaim memory space within the process. As this buffer must be shared
# with the rest of the JVM heap, it should be a fraction of the total memory available.
#
# The JGit team recommends setting this value larger than the size of your biggest
# repository. This ensures you can serve most requests from memory.
#
# Default on JGit is 10 MiB on all platforms.
#
# Common unit suffixes of k, m, or g are supported.
# Documentation courtesy of the Gerrit project.
#
# SINCE 1.0.0
# RESTART REQUIRED
git.packedGitLimit = 10m

# Maximum number of bytes to reserve for caching base objects that multiple deltafied
# objects reference. By storing the entire decompressed base object in a cache Git
# is able to avoid unpacking and decompressing frequently used base objects multiple times.
#
# Default on JGit is 10 MiB on all platforms. You probably do not need to adjust
# this value.
#
# Common unit suffixes of k, m, or g are supported.
# Documentation courtesy of the Gerrit project.
#
# SINCE 1.0.0
# RESTART REQUIRED
git.deltaBaseCacheLimit = 10m

# Maximum number of pack files to have open at once. A pack file must be opened
# in order for any of its data to be available in a cached window.
#
# If you increase this to a larger setting you may need to also adjust the ulimit
# on file descriptors for the host JVM, as Gitblit needs additional file descriptors
# available for network sockets and other repository data manipulation.
#
# Default on JGit is 128 file descriptors on all platforms.
# Documentation courtesy of the Gerrit project.
#
# SINCE 1.0.0
# RESTART REQUIRED
git.packedGitOpenFiles = 128

# Largest object size, in bytes, that JGit will allocate as a contiguous byte
# array. Any file revision larger than this threshold will have to be streamed,
# typically requiring the use of temporary files under $GIT_DIR/objects to implement
# psuedo-random access during delta decompression.
#
# Servers with very high traffic should set this to be larger than the size of
# their common big files. For example a server managing the Android platform
# typically has to deal with ~10-12 MiB XML files, so 15 m would be a reasonable
# setting in that environment. Setting this too high may cause the JVM to run out
# of heap space when handling very big binary files, such as device firmware or
# CD-ROM ISO images. Make sure to adjust your JVM heap accordingly. 
#
# Default is 50 MiB on all platforms.
#
# Common unit suffixes of k, m, or g are supported.
# Documentation courtesy of the Gerrit project.
#
#
# NOTE: The importance of JGit's streamFileTreshold AND Git's bigFileThreshold
# ISSUE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=394078
#
# "core.bigFileThreshold  
#
#    Files larger than this size are stored deflated, without
#    attempting delta compression.  Storing large files without
#    delta compression avoids excessive memory usage, at the
#    slight expense of increased disk usage.
#
#  Default is 512 MiB on all platforms.
#  This should be reasonable for most projects as source code and other 
#  text files can still be delta compressed, 
#  but larger binary media files won't be."
#  -- Git documentation
#
# If streamFileTreshold < bigFileTreshold you _may_ spend alot of time waiting
# for push and/or fetch to complete.  It may even look hung.
#
# Until the issue is resolved gracefully, a workaround is to configure
# bigFileThreshold < streamFileTreshold AND then repack the repository.
#
# e.g. from the repository folder with Gitblit NOT running:
#     git config core.bigFileTreshold 40m
#     git gc --aggressive
#
# SINCE 1.0.0
# RESTART REQUIRED
git.streamFileThreshold = 50m

# When true, JGit will use mmap() rather than malloc()+read() to load data from
# pack files.  The use of mmap can be problematic on some JVMs as the garbage
# collector must deduce that a memory mapped segment is no longer in use before
# a call to munmap() can be made by the JVM native code.
#
# In server applications (such as Gitblit) that need to access many pack files,
# setting this to true risks artificially running out of virtual address space, 
# as the garbage collector cannot reclaim unused mapped spaces fast enough.
#
# Default on JGit is false. Although potentially slower, it yields much more
# predictable behavior.
# Documentation courtesy of the Gerrit project.
#
# SINCE 1.0.0
# RESTART REQUIRED
git.packedGitMmap = false

# Validate all received (pushed) objects are valid.
#
# SINCE 1.5.0
git.checkReceivedObjects = true

# Validate all referenced but not supplied objects are reachable.
#
# If enabled, Gitblit will verify that references to objects not contained
# within the received pack are already reachable through at least one other
# reference advertised to clients.
#
# This feature is useful when Gitblit doesn't trust the client to not provide a
# forged SHA-1 reference to an object, in an attempt to access parts of the DAG
# that they aren't allowed to see and which have been hidden from them via the
# configured AdvertiseRefsHook or RefFilter.
#
# Enabling this feature may imply at least some, if not all, of the same functionality
# performed by git.checkReceivedObjects. 
#
# SINCE 1.5.0
git.checkReferencedObjectsAreReachable = true

# Set the maximum allowed Git object size.
#
# If an object is larger than the given size the pack-parsing will throw an exception
# aborting the receive-pack operation.  The default value, 0, disables maximum
# object size checking.
#
# SINCE 1.5.0
git.maxObjectSizeLimit = 0

# Set the maximum allowed pack size.
#
# A pack exceeding this size will be rejected. The default value, -1, disables
# maximum pack size checking.
#
# SINCE 1.5.0
git.maxPackSizeLimit = -1

# Use the Gitblit patch receive pack for processing contributions and tickets.
# This allows the user to push a patch using the familiar Gerrit syntax:
#
#    git push <remote> HEAD:refs/for/<targetBranch>
#
# NOTE:
# This requires git.enableGitServlet = true AND it requires an authenticated
# git transport connection (http/https) when pushing from a client.
#
# Valid services include:
#    com.gitblit.tickets.FileTicketService
#    com.gitblit.tickets.BranchTicketService
#    com.gitblit.tickets.RedisTicketService
#
# SINCE 1.4.0
# RESTART REQUIRED
tickets.service = 

# Globally enable or disable creation of new bug, enhancement, task, etc tickets
# for all repositories.
#
# If false, no tickets can be created through the ui for any repositories.
# If true, each repository can control if they allow new tickets to be created.
#
# NOTE:
# If a repository is accepting patchsets, new proposal tickets can be created
# regardless of this setting.
#
# SINCE 1.4.0
tickets.acceptNewTickets = true

# Globally enable or disable pushing patchsets to all repositories.
#
# If false, no patchsets will be accepted for any repositories.
# If true, each repository can control if they accept new patchsets.
#
# NOTE:
# If a repository is accepting patchsets, new proposal tickets can be created
# regardless of the acceptNewTickets setting.
#
# SINCE 1.4.0
tickets.acceptNewPatchsets = true

# Default setting to control patchset merge through the web ui.  If true, patchsets
# must have an approval score to enable the merge button.  This setting can be
# overriden per-repository.
#
# SINCE 1.4.0
tickets.requireApproval = false

# The case-insensitive regular expression used to identify and close tickets on
# push to the integration branch for commits that are NOT already referenced as
# a patchset tip.
#
# SINCE 1.5.0
tickets.closeOnPushCommitMessageRegex = (?:fixes|closes)[\\s-]+#?(\\d+)

# Specify the location of the Lucene Ticket index
#
# SINCE 1.4.0
# RESTART REQUIRED
tickets.indexFolder = ${baseFolder}/tickets/lucene

# Define the url for the Redis server.
#
# e.g. redis://localhost:6379
#      redis://:foobared@localhost:6379/2
#
# SINCE 1.4.0
# RESTART REQUIRED
tickets.redis.url =

# The number of tickets to display on a page.
#
# SINCE 1.4.0
tickets.perPage = 25

# The folder where plugins are loaded from.
#
# SINCE 1.5.0
# RESTART REQUIRED
# BASEFOLDER
plugins.folder = ${baseFolder}/plugins

# The registry of available plugins.
#
# SINCE 1.5.0
plugins.registry = http://plugins.gitblit.com/plugins.json

#
# Groovy Integration
#

# Location of Groovy scripts to use for Pre and Post receive hooks.
# Use forward slashes even on Windows!!
# e.g. c:/groovy
#
# RESTART REQUIRED
# SINCE 0.8.0
# BASEFOLDER
groovy.scriptsFolder = ${baseFolder}/groovy

# Specify the directory Grape uses for downloading libraries.
# http://groovy.codehaus.org/Grape
#
# RESTART REQUIRED
# SINCE 1.0.0
# BASEFOLDER
groovy.grapeFolder = ${baseFolder}/groovy/grape

# Scripts to execute on Pre-Receive.
#
# These scripts execute after an incoming push has been parsed and validated
# but BEFORE the changes are applied to the repository.  You might reject a
# push in this script based on the repository and branch the push is attempting
# to change.
#
# Script names are case-sensitive on case-sensitive file systems.  You may omit
# the traditional ".groovy" from this list if your file extension is ".groovy" 
#
# NOTE:
# These scripts are only executed when pushing to *Gitblit*, not to other Git
# tooling you may be using.  Also note that these scripts are shared between
# repositories. These are NOT repository-specific scripts!  Within the script
# you may customize the control-flow for a specific repository by checking the
# *repository* variable.
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 0.8.0
groovy.preReceiveScripts =

# Scripts to execute on Post-Receive.
#
# These scripts execute AFTER an incoming push has been applied to a repository.
# You might trigger a continuous-integration build here or send a notification.
#
# Script names are case-sensitive on case-sensitive file systems.  You may omit
# the traditional ".groovy" from this list if your file extension is ".groovy" 
#
# NOTE:
# These scripts are only executed when pushing to *Gitblit*, not to other Git
# tooling you may be using.  Also note that these scripts are shared between
# repositories. These are NOT repository-specific scripts!  Within the script
# you may customize the control-flow for a specific repository by checking the
# *repository* variable.
# 
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 0.8.0
groovy.postReceiveScripts =

# Repository custom fields for Groovy Hook mechanism
#
# List of key=label pairs of custom fields to prompt for in the Edit Repository
# page.  These keys are stored in the repository's git config file in the 
# section [gitblit "customFields"].  Key names are alphanumeric only.  These
# fields are intended to be used for the Groovy hook mechanism where a script
# can adjust it's execution based on the custom fields stored in the repository
# config.
#
# e.g. "commitMsgRegex=Commit Message Regular Expression" anotherProperty=Another
#
# SPACE-DELIMITED
# SINCE 1.0.0
groovy.customFields = 

#
# Fanout Settings
#

# Fanout is a PubSub notification service that can be used by Sparkleshare
# to eliminate repository change polling.  The fanout service runs in a separate
# thread on a separate port from the Gitblit http/https application.
# This service is provided so that Sparkleshare may be used with Gitblit in
# firewalled environments or where reliance on Sparkleshare's default notifications
# server (notifications.sparkleshare.org) is unwanted.
#
# This service maintains an open socket connection from the client to the
# Fanout PubSub service. This service may not work properly behind a proxy server.  

# Specify the interface for Fanout to bind it's service.
# You may specify an ip or an empty value to bind to all interfaces.
# Specifying localhost will result in Gitblit ONLY listening to requests to
# localhost.
#
# SINCE 1.2.1
# RESTART REQUIRED
fanout.bindInterface = 

# port for serving the Fanout PubSub service.  <= 0 disables this service.
# On Unix/Linux systems, ports < 1024 require root permissions.
# Recommended value: 17000
#
# SINCE 1.2.1
# RESTART REQUIRED
fanout.port = 0

# Use Fanout NIO service.  If false, a multi-threaded socket service will be used.
# Be advised, the socket implementation spawns a thread per connection plus the
# connection acceptor thread.  The NIO implementation is completely single-threaded.
#
# SINCE 1.2.1
# RESTART REQUIRED
fanout.useNio = true

# Concurrent connection limit.  <= 0 disables concurrent connection throttling.
# If > 0, only the specified number of concurrent connections will be allowed
# and all other connections will be rejected.
#
# SINCE 1.2.1
# RESTART REQUIRED
fanout.connectionLimit = 0

#
# Authentication Settings
#

# Require authentication to see everything but the admin pages
#
# SINCE 0.5.0
# RESTART REQUIRED
web.authenticateViewPages = false

# If web.authenticateViewPages=true you may optionally require a client-side
# basic authentication prompt instead of the standard form-based login. 
#
# SINCE 1.3.0
web.enforceHttpBasicAuthentication = false

# Require admin authentication for the admin functions and pages
#
# SINCE 0.5.0
# RESTART REQUIRED
web.authenticateAdminPages = true

# Allow Gitblit to store a cookie in the user's browser for automatic
# authentication.  The cookie is generated by the user service.
#
# SINCE 0.5.0
web.allowCookieAuthentication = true

# Allow deletion of non-empty repositories. This is enforced for all delete vectors.
#
# SINCE 1.6.0
web.allowDeletingNonEmptyRepositories = true

# Config file for storing project metadata
#
# SINCE 1.2.0
# BASEFOLDER
web.projectsFile = ${baseFolder}/projects.conf

# Either the full path to a user config file (users.conf)
# OR a fully qualified class name that implements the IUserService interface.
#
# Any custom user service implementation must have a public default constructor.
#
# SINCE 0.5.0
# RESTART REQUIRED
# BASEFOLDER
realm.userService = ${baseFolder}/users.conf

# Ordered list of external authentication providers which will be used if
# authentication against the local user service fails.
#
# Valid providers are:
#
#    htpasswd
#    ldap
#    pam
#    redmine
#    salesforce
#    windows

# e.g. realm.authenticationProviders = htpasswd windows
#
# SINCE 1.4.0
# RESTART REQUIRED
# SPACE-DELIMITED
realm.authenticationProviders =

# How to store passwords.
# Valid values are plain, md5, or combined-md5.  md5 is the hash of password.
# combined-md5 is the hash of username.toLowerCase()+password.
# Default is md5.
#
# SINCE 0.5.0 
realm.passwordStorage = md5

# Minimum valid length for a plain text password.
# Default value is 5.  Absolute minimum is 4.
#
# SINCE 0.5.0 
realm.minPasswordLength = 5

#
# Gitblit Web Settings
#
# If blank Gitblit is displayed.
#
# SINCE 0.5.0
web.siteName =

# The canonical url of your Gitblit server to bs used in email notifications.
# e.g. web.canonicalUrl = https://demo-gitblit.rhcloud.com
#
# SINCE 1.4.0
web.canonicalUrl = 

# You may specify a different logo image for the header but it must be 120x45px.
# If the specified file does not exist, the default Gitblit logo will be used.
#
# SINCE 1.3.0
# BASEFOLDER
web.headerLogo = ${baseFolder}/logo.png

# You may specify a different link URL for the logo image anchor.
# If blank the Gitblit main page URL is used.
#
# SINCE 1.3.0
# BASEFOLDER
web.rootLink =

# You may specify a custom header background CSS color.  If unspecified, the
# default color will be used.
#
# e.g. web.headerBackgroundColor = #002060
#
# SINCE 1.3.0
web.headerBackgroundColor =

# You may specify a custom header foreground CSS color.  If unspecified, the
# default color will be used.
#
# e.g. web.headerForegroundColor = white
#
# SINCE 1.3.0
web.headerForegroundColor =

# You may specify a custom header foreground hover CSS color.  If unspecified, the
# default color will be used.
#
# e.g. web.headerHoverColor = white
#
# SINCE 1.3.0
web.headerHoverColor =

# You may specify a custom header border CSS color.  If unspecified, the default
# color will be used.
#
# e.g. web.headerBorderColor = #002060
#
# SINCE 1.3.0
web.headerBorderColor =

# You may specify a custom header border CSS color.  If unspecified, the default
# color will be used.
#
# e.g. web.headerBorderFocusColor = #ff9900
#
# SINCE 1.3.0
web.headerBorderFocusColor =

# If *web.authenticateAdminPages*=true, users with "admin" role can create
# repositories, create users, and edit repository metadata.
#
# If *web.authenticateAdminPages*=false, any user can execute the aforementioned
# functions. 
#
# SINCE 0.5.0 
web.allowAdministration = true

# Setting to disable rendering the top-level navigation header which includes
# the login form, top-level links like dashboard, repositories, search, etc.
# This setting is only useful if you plan to embed Gitblit within another page
# or system.
#
# SINCE 1.4.0
web.hideHeader = false

# Allows rpc clients to list repositories and possibly manage or administer the 
# Gitblit server, if the authenticated account has administrator permissions.
# See *web.enableRpcManagement* and *web.enableRpcAdministration*.
#
# SINCE 0.7.0 
web.enableRpcServlet = true

# Allows rpc clients to manage repositories and users of the Gitblit instance,
# if the authenticated account has administrator permissions.
# Requires *web.enableRpcServlet=true*.
#
# SINCE 0.7.0 
web.enableRpcManagement = false

# Allows rpc clients to control the server settings and monitor the health of this
# this Gitblit instance, if the authenticated account has administrator permissions.
# Requires *web.enableRpcServlet=true* and *web.enableRpcManagement*.
#
# SINCE 0.7.0 
web.enableRpcAdministration = false

# Full path to a configurable robots.txt file.  With this file you can control
# what parts of your Gitblit server respectable robots are allowed to traverse.
# http://googlewebmastercentral.blogspot.com/2008/06/improving-on-robots-exclusion-protocol.html
#
# SINCE 1.0.0
# BASEFOLDER
web.robots.txt = ${baseFolder}/robots.txt

# The number of minutes to cache a page in the browser since the last request.
# The default value is 0 minutes.  A value <= 0 disables all page caching which
# is the default behavior for Gitblit <= 1.3.0.
#
# SINCE 1.3.1
web.pageCacheExpires = 0

# If true, the web ui layout will respond and adapt to the browser's dimensions.
# if false, the web ui will use a 940px fixed-width layout.
# http://twitter.github.com/bootstrap/scaffolding.html#responsive
#
# SINCE 1.0.0
web.useResponsiveLayout = true

# Allow Gravatar images to be displayed in Gitblit pages.
#
# SINCE 0.8.0
web.allowGravatar = true

# Allow dynamic zip downloads.
#
# SINCE 0.5.0   
web.allowZipDownloads = true

# If *web.allowZipDownloads=true* the following formats will be displayed for
# download compressed archive links:
#
# zip   = standard .zip
# tar   = standard tar format (preserves *nix permissions and symlinks)
# gz    = gz-compressed tar
# xz    = xz-compressed tar
# bzip2 = bzip2-compressed tar
#
# SPACE-DELIMITED
# SINCE 1.2.0
web.compressedDownloads = zip gz

# Allow optional Lucene integration. Lucene indexing is an opt-in feature.
# A repository may specify branches to index with Lucene instead of using Git
# commit traversal. There are scenarios where you may want to completely disable
# Lucene indexing despite a repository specifying indexed branches.  One such
# scenario is on a resource-constrained federated Gitblit mirror.
#
# SINCE 0.9.0
web.allowLuceneIndexing = true

# Allows an authenticated user to create forks of a repository
#
# set this to false if you want to disable all fork controls on the web site
#
web.allowForking = true

# Controls the length of shortened commit hash ids
#
# SINCE 1.2.0
web.shortCommitIdLength = 6

# Use Clippy (Flash solution) to provide a copy-to-clipboard button.
# If false, a button with a more primitive JavaScript-based prompt box will
# offer a 3-step (click, ctrl+c, enter) copy-to-clipboard alternative.
#
# SINCE 0.8.0
web.allowFlashCopyToClipboard = true

# Default maximum number of commits that a repository may contribute to the
# activity page, regardless of the selected duration.  This setting may be valuable
# for an extremely busy server.  This value may also be configed per-repository
# in Edit Repository. 0 disables this throttle.
#
# SINCE 1.2.0
web.maxActivityCommits = 0

# Default number of entries to include in RSS Syndication links
#
# SINCE 0.5.0
web.syndicationEntries = 25

# Show the size of each repository on the repositories page.
# This requires recursive traversal of each repository folder.  This may be
# non-performant on some operating systems and/or filesystems. 
#
# SINCE 0.5.2
web.showRepositorySizes = true

# List of custom regex expressions that can be displayed in the Filters menu
# of the Repositories and Activity pages.  Keep them very simple because you
# are likely to run into encoding issues if they are too complex.
#
# Use !!! to separate the filters 
#
# SINCE 0.8.0
web.customFilters =

# Show federation registrations (without token) and the current pull status
# to non-administrator users. 
#
# SINCE 0.6.0
web.showFederationRegistrations = false

# This is the message displayed when *web.authenticateViewPages=true*.
# This can point to a file with Markdown content.
# Specifying "gitblit" uses the internal login message.
#
# SINCE 0.7.0
# BASEFOLDER
web.loginMessage = gitblit

# This is the message displayed above the repositories table.
# This can point to a file with Markdown content.
# Specifying "gitblit" uses the internal welcome message.
#
# SINCE 0.5.0
# BASEFOLDER
web.repositoriesMessage = gitblit

# Ordered list of charsets/encodings to use when trying to display a blob.
# If empty, UTF-8 and ISO-8859-1 are used.  The server's default charset
# is always appended to the encoding list.  If all encodings fail to cleanly
# decode the blob content, UTF-8 will be used with the standard malformed
# input/unmappable character replacement strings.
# 
# SPACE-DELIMITED
# SINCE 1.0.0
web.blobEncodings = UTF-8 ISO-8859-1

# Manually set the default timezone to be used by Gitblit for display in the 
# web ui.  This value is independent of the JVM timezone.  Specifying a blank
# value will default to the JVM timezone.
# e.g. America/New_York, US/Pacific, UTC, Europe/Berlin
#
# SINCE 0.9.0
# RESTART REQUIRED
web.timezone =

# Use the client timezone when formatting dates.
# This uses AJAX to determine the browser's timezone and may require more
# server overhead because a Wicket session is created.  All Gitblit pages
# attempt to be stateless, if possible.
#
# SINCE 0.5.0
# RESTART REQUIRED
web.useClientTimezone = false

# Time format
# <http://download.oracle.com/javase/6/docs/api/java/text/SimpleDateFormat.html>
#
# SINCE 0.8.0
web.timeFormat = HH:mm

# Short date format
# <http://download.oracle.com/javase/6/docs/api/java/text/SimpleDateFormat.html>
#
# SINCE 0.5.0
web.datestampShortFormat = yyyy-MM-dd

# Long date format
#
# SINCE 0.8.0
web.datestampLongFormat = EEEE, MMMM d, yyyy

# Long timestamp format
# <http://download.oracle.com/javase/6/docs/api/java/text/SimpleDateFormat.html>
#
# SINCE 0.5.0
web.datetimestampLongFormat = EEEE, MMMM d, yyyy HH:mm Z

# Mount URL parameters
# This setting controls if pretty or parameter URLs are used.
# i.e.
# if true:
#     http://localhost/commit/myrepo/abcdef
# if false:
#     http://localhost/commit/?r=myrepo&h=abcdef
#
# SINCE 0.5.0
# RESTART REQUIRED
web.mountParameters = true

# Some servlet containers (e.g. Tomcat >= 6.0.10) disallow '/' (%2F) encoding
# in URLs as a security precaution for proxies.  This setting tells Gitblit
# to preemptively replace '/' with '*' or '!' for url string parameters.
#
# <https://issues.apache.org/jira/browse/WICKET-1303>
# <http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10>
# Add *-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true* to your
# *CATALINA_OPTS* or to your JVM launch parameters
#
# SINCE 0.5.2
web.forwardSlashCharacter = /

# Show other URLs on the summary page for accessing your git repositories
# Use spaces to separate urls.
#
# {0} is the token for the repository name
# {1} is the token for the username
#
# The username is only practical if you have setup your other git serving
# solutions accounts to have the same username as the Gitblit account.
#
# e.g.
# web.otherUrls = ssh://localhost/git/{0} git://localhost/git/{0} https://{1}@localhost/r/{0}
#
# SPACE-DELIMITED
# SINCE 0.5.0
web.otherUrls = 

# Should app-specific clone links be displayed for SourceTree, SparkleShare, etc?
#
# SINCE 1.3.0
web.allowAppCloneLinks = true

# Choose how to present the repositories list.
#   grouped = group nested/subfolder repositories together (no sorting)
#   flat = flat list of repositories (sorting allowed)
#
# SINCE 0.5.0
web.repositoryListType = grouped

# If using a grouped repository list and there are repositories at the
# root level of your repositories folder, you may specify the displayed
# group name with this setting.  This value is only used for web presentation.
#
# SINCE 0.5.0
web.repositoryRootGroupName = main

# Display the repository swatch color next to the repository name link in the 
# repositories list. 
#
# SINCE 0.8.0
web.repositoryListSwatches = true

# Defines the default commit message renderer.  This can be configured
# per-repository.
#
# Valid values are: plain, markdown
#
# SINCE 1.4.0
web.commitMessageRenderer = plain

# Control if email addresses are shown in web ui
#
# SINCE 0.5.0
web.showEmailAddresses = true

# Shows a combobox in the page links header with commit, committer, and author
# search selection.  Default search is commit.
#
# SINCE 0.5.0
web.showSearchTypeSelection = false

# Controls display of activity graphs on the dashboard, activity, and summary
# pages.  Charting makes use of the external Google Charts API.
#
# SINCE 0.5.0 
web.generateActivityGraph = true

# Displays the commits branch graph in the summary page and commits/log page.
#
# SINCE 1.4.0
web.showBranchGraph = true

# The default number of days to show on the activity page.
# Value must exceed 0 else default of 7 is used
#
# SINCE 0.8.0
web.activityDuration = 7

# Choices for days of activity to display.
#
# SPACE-DELIMITED
# SINCE 1.3.0
web.activityDurationChoices = 1 3 7 14 21 28

# Maximum number of days of activity that may be displayed on the activity page.
#
# SINCE 1.3.2
web.activityDurationMaximum = 30

# The number of days of commits to cache in memory for the dashboard, activity,
# and project pages.  A value of 0 will disable all caching and will parse commits
# in each repository per-request.  If the value > 0 these pages will try to fulfill
# requests using the commit cache.  If the request specifies a period which falls
# outside the commit cache window, then the cache will be ignored and the request
# will be fulfilled by brute-force parsing all relevant commits per-repository.
#
# Consider the values specified for *web.activityDurationChoices* when setting
# the cache size AND consider adjusting the JVM -Xmx heap parameter appropriately.
#
# SINCE 1.3.0
# RESTART REQUIRED
web.activityCacheDays = 14

# Case-insensitive list of authors to exclude from metrics.  Useful for
# eliminating bots.
#
# SPACE-DELIMITED
# SINCE 1.3.0
web.metricAuthorExclusions =

# The number of commits to display on the summary page
# Value must exceed 0 else default of 20 is used
#
# SINCE 0.5.0
web.summaryCommitCount = 16

# The number of tags/branches to display on the summary page.
# -1 = all tags/branches
# 0 = hide tags/branches
# N = N tags/branches
#
# SINCE 0.5.0
web.summaryRefsCount = 5

# Show a README file, if available, on the summary page.
#
# SINCE 1.4.0
web.summaryShowReadme = false

# The number of items to show on a page before showing the first, prev, next
# pagination links.  A default of 50 is used for any invalid value.
#
# SINCE 0.5.0
web.itemsPerPage = 50

# The number of reflog changes to display on the overview page
# Value must exceed 0 else default of 5 is used
#
# SINCE 1.3.0
web.overviewReflogCount = 5

# The number of reflog changes to show on a reflog page before show the first,
#  prev, next pagination links.  A default of 10 is used for any invalid value.
#
# SINCE 1.3.0
web.reflogChangesPerPage = 10

# Specify the names of documents in the root of your repository to be displayed
# in tabs on your repository docs page.  If the name is not found in the root
# then no tab is added.  The order specified is the order displayed.  Do not
# specify a file extension as the aggregation of markup extensions + txt are used
# in the search algorithm.
#
# SPACE-DELIMITED
# SINCE 1.4.0
web.documents = readme home index changelog contributing submitting_patches copying license notice authors

# Registered file extensions to ignore during Lucene indexing
#
# SPACE-DELIMITED
# SINCE 0.9.0
web.luceneIgnoreExtensions = 7z arc arj bin bmp dll doc docx exe gif gz jar jpg lib lzh odg odf odt pdf ppt pptx png so swf tar xcf xls xlsx zip

# Registered extensions for google-code-prettify
#
# SPACE-DELIMITED
# SINCE 0.5.0
web.prettyPrintExtensions = aea agc basic c cbm cl clj cpp cs css dart el erl erlang frm fs go groovy hs htm html java js latex lisp ll llvm lsp lua ml moxie mumps n nemerle pascal php pl prefs properties proto py r R rb rd Rd rkt s S scala scm sh Splus sql ss tcl tex vb vbs vhd vhdl wiki xml xq xquery yaml yml ymlapollo

# Registered extensions for markdown transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 0.5.0
web.markdownExtensions = md mkd markdown MD MKD

# Registered extensions for mediawiki transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.4.0
web.mediawikiExtensions = mw mediawiki

# Registered extensions for twiki transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.4.0
web.twikiExtensions = twiki

# Registered extensions for textile transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.4.0
web.textileExtensions = textile

# Registered extensions for confluence transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.4.0
web.confluenceExtensions = confluence

# Registered extensions for tracwiki transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.4.0
web.tracwikiExtensions = tracwiki

# Registered extensions for asciidoc transformation
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 1.4.0
web.asciidocExtensions = ad adoc asciidoc

# Image extensions
#
# SPACE-DELIMITED
# SINCE 0.5.0
web.imageExtensions = bmp jpg gif png 

# Registered extensions for binary blobs
#
# SPACE-DELIMITED
# SINCE 0.5.0
web.binaryExtensions = 7z arc arj bin dll doc docx exe gz jar lib lzh odg odf odt pdf ppt pptx so tar xls xlsx zip

# Aggressive heap management will run the garbage collector on every generated
# page.  This slows down page generation a little but improves heap consumption. 
#
# SINCE 0.5.0
web.aggressiveHeapManagement = false

# Run the webapp in debug mode
#
# SINCE 0.5.0
# RESTART REQUIRED
web.debugMode = false

# Force a default locale for all users, ignoring the browser's settings.
# An empty value allows Gitblit to use the translation preferred by the browser.
#
# Changing this value while the server is running will only affect new sessions.
#
# e.g. web.forceDefaultLocale = en
#
# SINCE 1.3.0
web.forceDefaultLocale = 

# Enable/disable global regex substitutions (i.e. shared across repositories)
#
# SINCE 0.5.0
# DEPRECATED 1.4.0 (migrate to bugtraq instead)
regex.global = true

# Example global regex substitutions
# Use !!! to separate the search pattern and the replace pattern
# searchpattern!!!replacepattern
# SINCE 0.5.0

# regex.global.bug = \\b(Bug:)(\\s*[#]?|-){0,1}(\\d+)\\b!!!Bug: <a href="http://somehost/bug/$3">$3</a>
# SINCE 0.5.0

# Example Gerrit links
# regex.global.changeid = \\b(Change-Id:\\s*)([A-Za-z0-9]*)\\b!!!Change-Id: <a href="http://somehost/r/#q,$2,n,z">$2</a>
# regex.global.reviewedon = \\b(Reviewed-on:\\s*)([A-Za-z0-9:/\\.]*)\\b!!!Reviewed-on: <a href="$2">$2</a>

# Example per-repository regex substitutions overrides global
# SINCE 0.5.0
# regex.myrepository.bug = \\b(Bug:)(\\s*[#]?|-){0,1}(\\d+)\\b!!!Bug: <a href="http://elsewhere/bug/$3">$3</a>

#
# Mail Settings
# SINCE 0.6.0
#
# Mail settings are used to notify administrators of received federation proposals
#

# ip or hostname of smtp server
#
# SINCE 0.6.0
mail.server =

# port to use for smtp requests
#
# SINCE 0.6.0
mail.port = 25

# debug the mail executor
#
# SINCE 0.6.0
mail.debug = false

# use SMTPs flag
mail.smtps = false

# use STARTTLS flag
#
# SINCE 1.6.0
mail.starttls = false

# if your smtp server requires authentication, supply the credentials here
#
# SINCE 0.6.0
mail.username =
# SINCE 0.6.0
mail.password =

# from address for generated emails
#
# SINCE 0.6.0
mail.fromAddress = 

# List of email addresses for the Gitblit administrators
#
# SPACE-DELIMITED
# SINCE 0.6.0
mail.adminAddresses = 

# List of email addresses for sending push email notifications.
#
# This key currently requires use of the sendemail.groovy hook script.
# If you set sendemail.groovy in *groovy.postReceiveScripts* then email
# notifications for all repositories (regardless of access restrictions!)
# will be sent to these addresses.
#
# SPACE-DELIMITED
# SINCE 0.8.0
mail.mailingLists =

#
# Federation Settings
# SINCE 0.6.0
#
# A Gitblit federation is a way to backup one Gitblit instance to another.
#
# *git.enableGitServlet* must be true to use this feature.

# Your federation name is used for federation status acknowledgments.  If it is
# unset, and you elect to send a status acknowledgment, your Gitblit instance
# will be identified by its hostname, if available, else your internal ip address.
# The source Gitblit instance will also append your external IP address to your
# identification to differentiate multiple pulling systems behind a single proxy.
#
# SINCE 0.6.0
federation.name =

# Specify the passphrase of this Gitblit instance.
#
# An unspecified (empty) passphrase disables processing federation requests.
#
# This value can be anything you want: an integer, a sentence, an haiku, etc.
# Keep the value simple, though, to avoid Java properties file encoding issues.
#
# Changing your passphrase will break any registrations you have established with other
# Gitblit instances.
#
# CASE-SENSITIVE
# SINCE 0.6.0
# RESTART REQUIRED *(only to enable or disable federation)*
federation.passphrase =

# Control whether or not this Gitblit instance can receive federation proposals
# from another Gitblit instance.  Registering a federated Gitblit is a manual
# process.  Proposals help to simplify that process by allowing a remote Gitblit
# instance to send your Gitblit instance the federation pull data.
#
# SINCE 0.6.0
federation.allowProposals = false

# The destination folder for cached federation proposals.
# Use forward slashes even on Windows!!
#
# SINCE 0.6.0
# BASEFOLDER
federation.proposalsFolder = ${baseFolder}/proposals

# The default pull frequency if frequency is unspecified on a registration
#
# SINCE 0.6.0
federation.defaultFrequency = 60 mins

# Federation Sets are named groups of repositories.  The Federation Sets are 
# available for selection in the repository settings page.  You can assign a
# repository to one or more sets and then distribute the token for the set.
# This allows you to grant federation pull access to a subset of your available
# repositories.  Tokens for federation sets only grant repository pull access.
#
# SPACE-DELIMITED
# CASE-SENSITIVE
# SINCE 0.6.0
federation.sets = 

# Federation pull registrations
# Registrations are read once, at startup.
#
# RESTART REQUIRED
#
# frequency:
#   The shortest frequency allowed is every 5 minutes
#   Decimal frequency values are cast to integers
#   Frequency values may be specified in mins, hours, or days
#   Values that can not be parsed or are unspecified default to *federation.defaultFrequency*
#
# folder:
#   if unspecified, the folder is *git.repositoriesFolder*
#   if specified, the folder is relative to *git.repositoriesFolder*
#
# bare:
#   if true, each repository will be created as a *bare* repository and will not
#   have a working directory.
#
#   if false, each repository will be created as a normal repository suitable
#   for local work.
#
# mirror:
#   if true, each repository HEAD is reset to *origin/master* after each pull.
#   The repository will be flagged *isFrozen* after the initial clone.
#
#   if false, each repository HEAD will point to the FETCH_HEAD of the initial
#   clone from the origin until pushed to or otherwise manipulated.
#
# mergeAccounts:
#   if true, remote accounts and their permissions are merged into your 
#   users.properties file 
#
# notifyOnError:
#   if true and the mail configuration is properly set, administrators will be
#   notified by email of pull failures
#
# include and exclude:
#   Space-delimited list of repositories to include or exclude from pull
#   may be * wildcard to include or exclude all
#   may use fuzzy match (e.g. org.eclipse.*)

#
# (Nearly) Perfect Mirror example
#

#federation.example1.url = https://go.gitblit.com
#federation.example1.token = 6f3b8a24bf970f17289b234284c94f43eb42f0e4
#federation.example1.frequency = 120 mins
#federation.example1.folder =
#federation.example1.bare = true 
#federation.example1.mirror = true 
#federation.example1.mergeAccounts = true

#
# Advanced Realm Settings
#

# Auto-creates user accounts based on the servlet container principal.  This
# assumes that your Gitblit install is a protected resource and your container's
# authentication process intercepts all Gitblit requests.
#
# SINCE 1.3.0
realm.container.autoCreateAccounts = false

# Allow or prohibit Windows guest account logins
#
# SINCE 1.3.0
realm.windows.allowGuests = false

# Allow user accounts belonging to the BUILTIN\Administrators group to be
# Gitblit administrators.
#
# SINCE 1.4.0
realm.windows.permitBuiltInAdministrators = true

# The default domain for authentication.
#
# If specified, this domain will be used for authentication UNLESS the supplied
# login name manually specifies a domain (.e.g. mydomain\james or james@mydomain)
#
# If unspecified, the username must be specified in UPN format (name@domain).
#
# if "." (dot) is specified, ONLY the local account database will be used.
#
# SINCE 1.3.0
realm.windows.defaultDomain =

# The PAM service name for authentication.
# default: system-auth
#
# SINCE 1.3.1
realm.pam.serviceName = system-auth

# The Apache htpasswd file that contains the users and passwords.
# default: ${baseFolder}/htpasswd
#
# RESTART REQUIRED
# BASEFOLDER
# SINCE 1.3.2
realm.htpasswd.userfile = ${baseFolder}/htpasswd

# Restrict the Salesforce user to members of this org.
# default: 0 (i.e. do not check the Org ID)
#
# SINCE 1.3.0
realm.salesforce.orgId = 0

# URL of the LDAP server.
# To use encrypted transport, use either ldaps:// URL for SSL or ldap+tls:// to
# send StartTLS command.
#
# SINCE 1.0.0
realm.ldap.server = ldap://localhost

# Login username for LDAP searches.
# If this value is unspecified, anonymous LDAP login will be used.
# 
# e.g. mydomain\\username
#
# SINCE 1.0.0
realm.ldap.username = cn=Directory Manager

# Login password for LDAP searches.
#
# SINCE 1.0.0
realm.ldap.password = password

# Bind pattern for Authentication.
# Allow to directly authenticate an user without LDAP Searches.
# 
# e.g. CN=${username},OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain
#
# SINCE 1.5.0
realm.ldap.bindpattern = 


# Delegate team membership control to LDAP.
#
# If true, team user memberships will be specified by LDAP groups.  This will
# disable team selection in Edit User and user selection in Edit Team.
#
# If false, LDAP will only be used for authentication and Gitblit will maintain
# team memberships with the *realm.ldap.backingUserService*.
#
# SINCE 1.0.0
realm.ldap.maintainTeams = false

# Root node for all LDAP users
#
# This is the root node from which subtree user searches will begin.
# If blank, Gitblit will search ALL nodes.
#
# SINCE 1.0.0
realm.ldap.accountBase = OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain

# Filter criteria for LDAP users
#
# Query pattern to use when searching for a user account. This may be any valid 
# LDAP query expression, including the standard (&) and (|) operators.
#
# Variables may be injected via the ${variableName} syntax.
# Recognized variables are:
#    ${username} - The text entered as the user name
#
# SINCE 1.0.0
realm.ldap.accountPattern = (&(objectClass=person)(sAMAccountName=${username}))

# Root node for all LDAP groups to be used as Gitblit Teams
#
# This is the root node from which subtree team searches will begin.
# If blank, Gitblit will search ALL nodes.  
#
# SINCE 1.0.0
realm.ldap.groupBase = OU=Groups,OU=UserControl,OU=MyOrganization,DC=MyDomain

# Filter criteria for LDAP groups
#
# Query pattern to use when searching for a team. This may be any valid 
# LDAP query expression, including the standard (&) and (|) operators.
#
# Variables may be injected via the ${variableName} syntax.
# Recognized variables are:
#    ${username} - The text entered as the user name
#    ${dn} - The Distinguished Name of the user logged in
#
# All attributes from the LDAP User record are available. For example, if a user
# has an attribute "fullName" set to "John", "(fn=${fullName})" will be 
# translated to "(fn=John)".
#
# SINCE 1.0.0
realm.ldap.groupMemberPattern = (&(objectClass=group)(member=${dn}))

# Filter criteria for empty LDAP groups
#
# Query pattern to use when searching for an empty team. This may be any valid 
# LDAP query expression, including the standard (&) and (|) operators.
#
# default: (&(objectClass=group)(!(member=*)))
# SINCE 1.4.0
realm.ldap.groupEmptyMemberPattern = (&(objectClass=group)(!(member=*)))

# LDAP users or groups that should be given administrator privileges.
#
# Teams are specified with a leading '@' character.  Groups with spaces in the
# name can be entered as "@team name".  This setting only applies when using
# LDAP to maintain team memberships.
#
# e.g. realm.ldap.admins = john @git_admins "@git admins"
#
# SPACE-DELIMITED
# SINCE 1.0.0
realm.ldap.admins = @Git_Admins

# Attribute(s) on the USER record that indicate their display (or full) name.
# Leave blank for no mapping available in LDAP.
#
# This may be a single attribute, or a string of multiple attributes.  Examples:
#  displayName - Uses the attribute 'displayName' on the user record
#  ${personalTitle}. ${givenName} ${surname} - Will concatenate the 3 
#       attributes together, with a '.' after personalTitle
#
# SINCE 1.0.0
realm.ldap.displayName = displayName

# Attribute(s) on the USER record that indicate their email address.
# Leave blank for no mapping available in LDAP.
#
# This may be a single attribute, or a string of multiple attributes.  Examples:
#  email - Uses the attribute 'email' on the user record
#  ${givenName}.${surname}@gitblit.com -Will concatenate the 2 attributes
#       together with a '.' and '@' creating something like first.last@gitblit.com 
#
# SINCE 1.0.0
realm.ldap.email = email

# Attribute on the USER record that indicate their username to be used in gitblit
# when synchronizing users from LDAP
# if blank, Gitblit will use uid
# For MS Active Directory this may be sAMAccountName
#
# SINCE 1.0.0
realm.ldap.uid = uid

# Defines whether to synchronize all LDAP users and teams into the user service
#
# Valid values: true, false
# If left blank, false is assumed
#
# SINCE 1.4.0
realm.ldap.synchronize = false

# Defines the period to be used when synchronizing users and teams from ldap.
#
# Must be of the form '<long> <TimeUnit>' where <TimeUnit> is one of 'MILLISECONDS', 'SECONDS', 'MINUTES', 'HOURS', 'DAYS' 

# default: 5 MINUTES
#
# RESTART REQUIRED
# SINCE 1.4.0
realm.ldap.syncPeriod = 5 MINUTES

# Defines whether to delete non-existent LDAP users from the user service
# during synchronization. depends on  realm.ldap.synchronize = true
#
# Valid values: true, false
# If left blank, true is assumed
#
# SINCE 1.4.0
realm.ldap.removeDeletedUsers = true

# URL of the Redmine.
#
# SINCE 1.2.0
realm.redmine.url = http://example.com/redmine

#
# Server Settings
#

# The temporary folder to decompress the embedded gitblit webapp. 
#
# SINCE 0.5.0
# RESTART REQUIRED
# BASEFOLDER
server.tempFolder = ${baseFolder}/temp

# Specify the maximum number of concurrent http/https worker threads to allow. 
#
# SINCE 1.3.0
# RESTART REQUIRED
server.threadPoolSize = 50

# Context path for the GO application.  You might want to change the context
# path if running Gitblit behind a proxy layer such as mod_proxy.
#
# SINCE 0.7.0
# RESTART REQUIRED
server.contextPath = /

# Standard http port to serve.  <= 0 disables this connector.
# On Unix/Linux systems, ports < 1024 require root permissions.
# Recommended value: 80 or 8080
#
# SINCE 0.5.0
# RESTART REQUIRED
server.httpPort = 0

# Secure/SSL https port to serve. <= 0 disables this connector.
# On Unix/Linux systems, ports < 1024 require root permissions.
# Recommended value: 443 or 8443
#
# SINCE 0.5.0
# RESTART REQUIRED
server.httpsPort = 8443

# Automatically redirect http requests to the secure https connector.
#
# This setting requires that you have configured server.httpPort and server.httpsPort.
# Unless you are on a private LAN where you trust all client connections, it is
# recommended to use https for all communications.
#
# SINCE 1.4.0
# RESTART REQUIRED
server.redirectToHttpsPort = false

# Specify the interface for Jetty to bind the standard connector.
# You may specify an ip or an empty value to bind to all interfaces.
# Specifying localhost will result in Gitblit ONLY listening to requests to
# localhost.
#
# SINCE 0.5.0
# RESTART REQUIRED
server.httpBindInterface =

# Specify the interface for Jetty to bind the secure connector.
# You may specify an ip or an empty value to bind to all interfaces.
# Specifying localhost will result in Gitblit ONLY listening to requests to
# localhost.
#
# SINCE 0.5.0
# RESTART REQUIRED
server.httpsBindInterface =

# Alias of certificate to use for https/SSL serving.  If blank the first
# certificate found in the keystore will be used. 
#
# SINCE 1.2.0
# RESTART REQUIRED
server.certificateAlias = localhost

# Password for SSL keystore.
# Keystore password and certificate password must match.
# This is provided for convenience, its probably more secure to set this value
# using the --storePassword command line parameter.
#
# If you are using the official JRE or JDK from Oracle you may not have the
# JCE Unlimited Strength Jurisdiction Policy files bundled with your JVM.  Because
# of this, your store/key password can not exceed 7 characters.  If you require
# longer passwords you may need to install the JCE Unlimited Strength Jurisdiction
# Policy files from Oracle.
#
# http://www.oracle.com/technetwork/java/javase/downloads/index.html
#
# Gitblit and the Gitblit Certificate Authority will both indicate if Unlimited
# Strength encryption is available.
#
# SINCE 0.5.0
# RESTART REQUIRED
server.storePassword = gitblit

# If serving over https (recommended) you might consider requiring clients to
# authenticate with ssl certificates.  If enabled, only https clients with the
# a valid client certificate will be able to access Gitblit.
#
# If disabled, client certificate authentication is optional and will be tried
# first before falling-back to form authentication or basic authentication.
#
# Requiring client certificates to access any of Gitblit may be too extreme,
# consider this carefully.
#
# SINCE 1.2.0
# RESTART REQUIRED
server.requireClientCertificates = false

# Port for shutdown monitor to listen on.
#
# SINCE 0.5.0
# RESTART REQUIRED
server.shutdownPort = 8081