Optionale Weblate-Module

Für Ihre Einrichtung sind mehrere optionale Module verfügbar.

Git-Exporter

Ermöglicht Ihnen den Nur-Lese-Zugriff auf das zugrunde liegende Git-Repository über HTTP(S).

Installation

1. weblate.gitexport zu installierten Anwendungen in settings.py hinzufügen:

INSTALLED_APPS += ("weblate.gitexport",)

2. Vorhandene Repositorys exportieren, indem Sie Ihre Datenbank nach der Installation migrieren:

weblate migrate

Anwendung

Das Modul klinkt sich automatisch in Weblate ein und setzt die exportierte Repository-URL in der Komponentenkonfiguration. Die Repositorys sind unter dem /git/-Teil der Weblate-URL zugänglich, zum Beispiel https://example.org/git/weblate/main/.

Repositorys für öffentlich zugängliche Projekte können ohne Authentifizierung geklont werden:

git clone 'https://example.org/git/weblate/main/'

Access to browse the repositories with restricted access (with Private access control or when REQUIRE_LOGIN is enabled) requires an API token which can be obtained in your user profile:

git clone 'https://user:KEY@example.org/git/weblate/main/'

Hinweis

Standardmäßig haben Mitglieder der Gruppe Benutzer und anonyme Benutzer über die Rollen Auf Repository zugreifen und Hauptbenutzer Zugriff auf die Repositorys für öffentliche Projekte.

Abrechnung

This is used on Hosted Weblate to define billing plans, track invoices and usage limits.

Installation

1. Add weblate.billing to installed apps in settings.py:

INSTALLED_APPS += ("weblate.billing",)

2. Run the database migration to optionally install additional database structures for the module:

weblate migrate

Anwendung

After installation you can control billing in the admin interface. Users with billing enabled will get new Billing tab in their Benutzerprofil.

The billing module additionally allows project admins to create new projects and components without being superusers (see Adding translation projects and components). This is possible when following conditions are met:

• The billing is in its configured limits (any overusage results in blocking of project/component creation) and paid (if its price is non zero)

• The user is admin of existing project with billing or user is owner of billing (the latter is necessary when creating new billing for users to be able to import new projects).

Upon project creation user is able to choose which billing should be charged for the project in case he has access to more of them.

Rechtliche Grundlagen

This is used on Hosted Weblate to provide required legal documents. It comes provided with blank documents, and you are expected to fill out the following templates in the documents:

legal/documents/tos.html

Terms of service document

legal/documents/privacy.html

Privacy policy document

legal/documents/summary.html

Short overview of the terms of service and privacy policy

On changing the terms of service documents, please adjust LEGAL_TOS_DATE so that users are forced to agree with the updated documents.

Bemerkung

Legal documents for the Hosted Weblate service are available in this Git repository <https://github.com/WeblateOrg/wllegal/tree/main/wllegal/templates/legal/documents>.

Most likely these will not be directly usable to you, but might come in handy as a starting point if adjusted to meet your needs.

Installation

1. Add weblate.legal to installed apps in settings.py:

INSTALLED_APPS += ("weblate.legal",)

# Optional:

# Social auth pipeline to confirm TOS upon registration/subsequent sign in
SOCIAL_AUTH_PIPELINE += ("weblate.legal.pipeline.tos_confirm",)

# Middleware to enforce TOS confirmation of signed in users
MIDDLEWARE += [
    "weblate.legal.middleware.RequireTOSMiddleware",
]

2. Run the database migration to optionally install additional database structures for the module:

weblate migrate

3. Edit the legal documents in the weblate/legal/templates/legal/ folder to match your service.

Anwendung

After installation and editing, the legal documents are shown in the Weblate UI.

Avatars

Avatars are downloaded and cached server-side to reduce information leaks to the sites serving them by default. The built-in support for fetching avatars from e-mails addresses configured for it can be turned off using ENABLE_AVATARS.

Weblate currently supports:

• Gravatar

• Libravatar

Siehe auch

Avatar-Caching, AVATAR_URL_PREFIX, ENABLE_AVATARS

Spam protection

You can protect against spamming by users by using the Akismet service.

1. Install the akismet Python module (this is already included in the official Docker image).

2. Obtain the Akismet API key.

3. Store it as AKISMET_API_KEY or WEBLATE_AKISMET_API_KEY in Docker.

Following content is sent to Akismet for checking:

• Vorschläge von unautorisierten Benutzern

• Projekt- und Komponentenbeschreibungen und Links

Bemerkung

This (among other things) relies on IP address of the client, please see Hinter einem Reverse-Proxy ausführen for properly configuring that.

Siehe auch

Hinter einem Reverse-Proxy ausführen, AKISMET_API_KEY, WEBLATE_AKISMET_API_KEY

Signing Git commits with GnuPG

Neu in Version 3.1.

All commits can be signed by the GnuPG key of the Weblate instance.

1. Turn on WEBLATE_GPG_IDENTITY. (Weblate will generate a GnuPG key when needed and will use it to sign all translation commits.)

This feature needs GnuPG 2.1 or newer installed.

You can find the key in the DATA_DIR and the public key is shown on the „About“ page:

2. Alternatively you can also import existing keys into Weblate, just set HOME=$DATA_DIR/home when invoking gpg.

Siehe auch

WEBLATE_GPG_IDENTITY

Ratenbegrenzung

Geändert in Version 3.2: Die Ratenbegrenzung lässt nun eine feiner abgestufte Konfiguration zu.

Geändert in Version 4.6: The rate limiting no longer applies to superusers.

Several operations in Weblate are rate limited. At most RATELIMIT_ATTEMPTS attempts are allowed within RATELIMIT_WINDOW seconds. The user is then blocked for RATELIMIT_LOCKOUT. There are also settings specific to scopes, for example RATELIMIT_CONTACT_ATTEMPTS or RATELIMIT_TRANSLATE_ATTEMPTS. The table below is a full list of available scopes.

The following operations are subject to rate limiting:

Name	Zielgruppe	Allowed attempts	Ratelimit window	Lockout period
Registrierung	REGISTRATION	5	300	600
Nachricht an Administratoren senden	MESSAGE	2	300	600
Passwort-Authentifizierung bei der Anmeldung	LOGIN	5	300	600
Plattformweite Suche	SEARCH	6	60	60
Translating	TRANSLATE	30	60	600
Adding to glossary	GLOSSARY	30	60	600
Beginn der Übersetzung in eine neue Sprache	LANGUAGE	2	300	600
Neues Projekt erstellen	PROJECT	5	600	600

If a user fails to sign in AUTH_LOCK_ATTEMPTS times, password authentication will be turned off on the account until having gone through the process of having its password reset.

The settings can be also applied in the Docker container by adding WEBLATE_ prefix to the setting name, for example RATELIMIT_ATTEMPTS becomes WEBLATE_RATELIMIT_ATTEMPTS.

The API has separate rate limiting settings, see API-Ratenbegrenzung.

Siehe auch

Ratenbegrenzung, Hinter einem Reverse-Proxy ausführen, API-Ratenbegrenzung

Integration von Fedora-Messaging

Fedora Messaging is AMQP-based publisher for all changes happening in Weblate. You can hook additional services on changes happening in Weblate using this.

The Fedora Messaging integration is available as a separate Python module weblate-fedora-messaging. Please see <https://github.com/WeblateOrg/fedora_messaging/> for setup instructions.