Optional Weblate modules

Weblate comes with several optional modules which might be useful for your setup.

Git exporter

New in version 2.10.

The Git exporter provides you read only access to the underlying Git repository using HTTP.

Installation

To install, simply add weblate.gitexport to installed applications in settings.py:

INSTALLED_APPS += (
    'weblate.gitexport',
)

After installing, you need to migrate your database so that existing repositories are properly exported:

./manage.py migrate

Usage

The module automatically hooks into Weblate and sets exported repository URL in the Component configuration. The repositories are accessible under /git/ path of the Weblate, for example https://example.org/git/weblate/master/:

git clone 'https://example.org/git/weblate/master/'

Repositories are available anonymously unless Per project access control is enabled. In that case you need to authenticate using your API token (you can obtain it in your User profile):

git clone 'https://user:[email protected]/git/weblate/master/'

Billing

New in version 2.4.

Billing module is used on Hosted Weblate and is used to define billing plans, track invoices and usage limits.

Installation

To install, simply add weblate.billing to installed applications in settings.py:

INSTALLED_APPS += (
    'weblate.billing',
)

This module includes additional database structures, to have them installed you should run the database migration:

./manage.py migrate

Usage

After installation you can control billing in the admin interface. Users with billing enabled will get new Billing tab in their User profile.

The billing module additionally allows project admins to create new projects and components without being superusers (see Adding translation projects and components). This is possible when following conditions are met:

  • The billing is in it’s configured limits (any overusage results in blocking of project/component creation) and paid (if it’s price is non zero)
  • The user is admin of existing project with billing or user is owner of billing (the latter is necessary when creating new billing for users to be able to import new projects).

Upon project creation user is able to choose which billing should be charged for the project in case he has access to more of them.

Avatars

Weblate comes with built in support for showing user avatars based on emails. This can be disabled using ENABLE_AVATARS. The avatars are downloaded and cached server side to reduce information leaks to the sites serving them.

Weblate currently supports single backend:

Spam protection

Optionally Weblate can be protected against suggestion spamming by unauthenticated users through akismet.com service.

To enable this, you need to install akismet Python module and configure Akismet API key.

See also

AKISMET_API_KEY

Signing Git commits by GnuPG

New in version 3.1.

Weblate allows you to sign all commits by it’s GnuPG key. To configure this, you need to enable WEBLATE_GPG_IDENTITY. Weblate will generate GnuPG key when needed and will use it to sign all translation commits.

This feature needs GnuPG 2.1 or newer installed.

You can find the key in the DATA_DIR and the public key is shown on the about page:

../_images/about-gpg.png

Alternatively you can also import existing keys into Weblate, just set HOME=$DATA_DIR/home when invoking gpg.

Rate limiting

Changed in version 3.2: The rate limiting now accepts more fine grained configuration.

Several operations in Weblate are rate limited. At most RATELIMIT_ATTEMPTS attempts are allowed within RATELIMIT_WINDOW seconds. The user is then blocked for RATELIMIT_LOCKOUT. There are also per scope variants of those settings, eg. RATELIMIT_CONTACT_ATTEMPTS, see scopes below.

Following operations are subject to rate limiting:

  • Registration (REGISTRATION scope)
  • Sending message to admins (MESSAGE scope)
  • Password authentication on login (LOGIN scope)
  • Sitewide search (SEARCH scope)

Additionally if there are more than AUTH_LOCK_ATTEMPTS failed authentication attempts on one account, this account password authentication is disabled and it’s not possible to login until user asks for password reset.

IP address for rate limiting

The rate limiting is based on client IP address. This is obtained from HTTP headers and you will have to change configuration in the event Weblate is running behind reverse proxy to work it properly.