Configuration

All settings are stored in settings.py (as is usual for Django).

Note

After changing any of these settings, you need to restart Weblate - both WSGI and Celery processes.

In case it is run as mod_wsgi, you need to restart Apache to reload the configuration.

See also

Please also check Django’s documentation for parameters configuring Django itself.

AKISMET_API_KEY

Weblate can use Akismet to check incoming anonymous suggestions for spam. Visit akismet.com to purchase an API key and associate it with a site.

ANONYMOUS_USER_NAME

Username of users that are not signed in.

See also

Access control

AUDITLOG_EXPIRY

New in version 3.6.

How many days Weblate should keep audit logs, which contain info about account activity.

Defaults to 180 days.

AUTH_LOCK_ATTEMPTS

New in version 2.14.

Maximum number of failed authentication attempts before rate limiting is applied.

This is currently applied in the following locations:

  • Logins. Deletes the account password, preventing the user from loggin in without requesting a new password.

  • Password resets. Prevents new e-mails from being sent, avoiding spamming users with too many password reset attempts.

Defaults to 10.

See also

Rate limiting,

AUTO_UPDATE

New in version 3.2.

Changed in version 3.11: The original on/off option was changed to differentiate which strings are accepted.

Updates all repositories on a daily basis.

Hint

Useful if you are not using Notification hooks to update Weblate repositories automatically.

Note

On/off options exist in addition to string selection for backward compatibility.

Options are:

"none"

No daily updates.

"remote" also False

Only update remotes.

"full" also True

Update remotes and merge working copy.

Note

This requires that Background tasks using Celery is working, and will take effect after it is restarted.

AVATAR_URL_PREFIX

Prefix for constructing avatar URLs as: ${AVATAR_URL_PREFIX}/avatar/${MAIL_HASH}?${PARAMS}. The following services are known to work:

Gravatar (default), see https://gravatar.com/

AVATAR_URL_PREFIX = 'https://www.gravatar.com/'

Libravatar, see https://www.libravatar.org/

AVATAR_URL_PREFIX = 'https://seccdn.libravatar.org/'

AUTH_TOKEN_VALID

New in version 2.14.

How long the authentication token and temporary password from password reset e-mails is valid for.

An amount of seconds defaulting to 172800 (2 days).

AUTH_PASSWORD_DAYS

New in version 2.15.

How many days using the same password should be allowed.

Note

Password changes made prior to Weblate 2.15 will not be accounted for in this policy.

Defaults to 180 days.

AUTOFIX_LIST

List of automatic fixes to apply when saving a string.

Note

Provide a fully-qualified path to the Python class that implementing the autofixer interface.

Available fixes:

weblate.trans.autofixes.whitespace.SameBookendingWhitespace

Matches whitespace at the strt and end of the string to the source.

weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis

Replaces trailing dots (…) if the source string has ellipsis (…).

weblate.trans.autofixes.chars.RemoveZeroSpace

Removes zero-width space characters if the source does not contain any.

weblate.trans.autofixes.chars.RemoveControlChars

Removes control characters if the source does not contain any.

weblate.trans.autofixes.html.BleachHTML

Removes unsafe HTML markup from strings flagged as safe-html (see Unsafe HTML).

You can select which ones to use:

AUTOFIX_LIST = (
    'weblate.trans.autofixes.whitespace.SameBookendingWhitespace',
    'weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis',
)

BASE_DIR

Base directory where Weblate sources are located. Used to derive several other paths by default:

Default value: Top level directory of Weblate sources.

CHECK_LIST

List of quality checks to perform on a translation.

Note

Provide a fully-qualified path to the Python class implementing the check interface.

Adjust the list list of checks to include the ones you want to have performed.

All built-in quality Quality checks are turned on by default, from where you can change these settings. They are also commented out in Sample configuration to use default values, which is to have new checks carried out when going to a new Weblate version.

You can turn off all checks:

CHECK_LIST = ()

You can turn on only a few:

CHECK_LIST = (
    'weblate.checks.chars.BeginNewlineCheck',
    'weblate.checks.chars.EndNewlineCheck',
    'weblate.checks.chars.MaxLengthCheck',
)

Note

Changing this setting only affects newly changed translations, existing checks will still be stored in the database. To also apply changes to the stored translations, run updatechecks.

COMMENT_CLEANUP_DAYS

New in version 3.6.

Delete comments after a given number of days. Defaults to None, meaning no deletion at all.

COMMIT_PENDING_HOURS

New in version 2.10.

Number of hours between committing pending changes with background task.

DATA_DIR

The folder Weblate stores all data in. it contains links to VCS repositories, a fulltext index and various configuration files for external tools.

The following subdirectories usually exist:

home

Home directory used for invoking scripts.

ssh

SSH keys and configuration.

static

Default location for static Django files, specified by STATIC_ROOT.

media

Default location for Django media files, specified by MEDIA_ROOT.

vcs

Version control repositories.

backups

Daily backup data, see Dumped data for backups.

Note

This directory has to be writable by Weblate. If if running it as uWSGI means the www-data user should have write access to it.

The easiest way to achieve this is to make the user the owner of the directory:

sudo chown www-data:www-data -R $DATA_DIR

Defaults to $BASE_DIR/data.

DATABASE_BACKUP

New in version 3.1.

Whether the database backups should be stored as plain text, compressed or skipped. The authorized values are:

  • "plain"

  • "compressed"

  • "none"

DEFAULT_ACCESS_CONTROL

New in version 3.3.

The default access control setting for new projects:

0

Public

1

Protected

100

Private

200

Custom

Use Custom if you managing ACL manually, which means not realying on the internal Weblate management.

DEFAULT_RESTRICTED_COMPONENT

New in version 4.1.

The default value for component restriction.

DEFAULT_ADD_MESSAGE, DEFAULT_ADDON_MESSAGE, DEFAULT_COMMIT_MESSAGE, DEFAULT_DELETE_MESSAGE, DEFAULT_MERGE_MESSAGE

Default commit messages for different operations, see Component configuration.

DEFAULT_ADDONS

Default addons to install on every created component.

Note

This setting affects only newly created components.

Example:

DEFAULT_ADDONS = {
     # Addon with no parameters
     "weblate.flags.target_edit": {},

     # Addon with parameters
     "weblate.autotranslate.autotranslate": {
         "mode": "suggest",
         "filter_type": "todo",
         "auto_source": "mt",
         "component": "",
         "engines": ["weblate-translation-memory"],
         "threshold": "80",
     }
}

See also

install_addon

DEFAULT_COMMITER_EMAIL

New in version 2.4.

Committer e-mail address for created translation components defaulting to noreply@weblate.org.

DEFAULT_COMMITER_NAME

New in version 2.4.

Committer name for created translation components defualting to Weblate.

DEFAULT_MERGE_STYLE

New in version 3.4.

Merge style for any new components.

  • rebase - default

  • merge

DEFAULT_TRANSLATION_PROPAGATION

New in version 2.5.

Default setting for translation propagation, defaults to True.

DEFAULT_PULL_MESSAGE

Title for new pull requests, defaulting to 'Update from Weblate'.

ENABLE_AVATARS

Whether to enable Gravatar based avatars for users. By default this is enabled.

Avatars are fetched and cached on the server, lowering the risk of leaking private info, speeding up the user experience.

ENABLE_HOOKS

Whether to enable anonymous remote hooks.

ENABLE_HTTPS

Whether to send links to Weblate as HTTPS or HTTP. This setting affects sent e-mails and generated absolute URLs.

Hint

In the default configuration this is also used for several Django settings related to HTTPS.

ENABLE_SHARING

Enable/disable the Share menu so users can share translation progress on social networks.

GITLAB_USERNAME

GitLab username used to send merge requests for translation updates.

GITHUB_USERNAME

GitHub username used to send pull requests for translation updates.

GOOGLE_ANALYTICS_ID

Google Analytics ID to turn on monitoring of Weblate using Google Analytics.

HIDE_REPO_CREDENTIALS

Hide repository credentials from appearing in the web interface. In case you have repository URL with user and password, Weblate will hide it when related info is shown to users.

For example instead of https://user:password@git.example.com/repo.git it will show just https://git.example.com/repo.git. It tries to clean up VCS error messages too in a similar manner.

Note

This is turned on by default.

IP_BEHIND_REVERSE_PROXY

New in version 2.14.

Indicates whether Weblate is running behind a reverse proxy.

If set to “True”, Weblate gets IP address from a header defined by IP_BEHIND_REVERSE_PROXY. Ensure you are actually using a reverse proxy and that it sets this header, otherwise users will be able to fake the IP address.

Note

This is not on by default.

IP_PROXY_HEADER

New in version 2.14.

Indicates which header Weblate should obtain the IP address from when IP_BEHIND_REVERSE_PROXY is turned on.

Defaults to HTTP_X_FORWARDED_FOR.

IP_PROXY_OFFSET

New in version 2.14.

Indicates which part of IP_BEHIND_REVERSE_PROXY is used as client IP address.

Depending on your setup, this header might consist of several IP addresses, (for example X-Forwarded-For: a, b, client-ip) and you can configure which address from the header is used as client IP address here.

Warning

Setting this affects the security of your installation, you should only configure it to use trusted proxies for determining IP address.

Defaults to 0.

LICENSE_EXTRA

Additional licenses to include in the license choices.

Note

Each license definition should be tuple of its short name, a long name and an URL.

For example:

LICENSE_EXTRA = [
    (
        "GPL-3.0-only",
        "GNU General Public License v3.0 only",
        "https://www.gnu.org/licenses/gpl-3.0-standalone.html",
    ),
]

LICENSE_FILTER

Optional addition of licenses to show.

Note

This filter uses the short license names.

For example:

LICENSE_FILTER = {"GPL-3.0-only", "GPL-3.0-or-later"}

LICENSE_REQUIRED

Defines whether the license attribute in Component configuration is required.

Note

This is off by default.

LIMIT_TRANSLATION_LENGTH_BY_SOURCE_LENGTH

Whether the length of a given translation should be limited. The restriction is the length of the source string * 10 characters.

Hint

Set this to False to allow longer translations (up to 10.000 characters) irrespective of source string length.

Note

Defaults to True.

LOGIN_REQUIRED_URLS

A list of URLs you want to require logging into. (Besides the standard rules built into Weblate).

Hint

This allows you to password protect a whole installation using:

LOGIN_REQUIRED_URLS = (
    r'/(.*)$',
)
REST_FRAMEWORK["DEFAULT_PERMISSION_CLASSES"] = [
    "rest_framework.permissions.IsAuthenticated"
]

Hint

It is desirable to lock down API access as well, as shown in the above example.

LOGIN_REQUIRED_URLS_EXCEPTIONS

List of exceptions for LOGIN_REQUIRED_URLS. If not specified, users are allowed to access the login page.

Some of exceptions you might want to include:

LOGIN_REQUIRED_URLS_EXCEPTIONS = (
    r'/accounts/(.*)$', # Required for login
    r'/static/(.*)$',   # Required for development mode
    r'/widgets/(.*)$',  # Allowing public access to widgets
    r'/data/(.*)$',     # Allowing public access to data exports
    r'/hooks/(.*)$',    # Allowing public access to notification hooks
    r'/api/(.*)$',      # Allowing access to API
    r'/js/i18n/$',      # JavaScript localization
)

MATOMO_SITE_ID

ID of a site in Matomo (formerly Piwik) you want to track.

Note

This integration does not support the Matomo Tag Manager.

See also

MATOMO_URL

MATOMO_URL

Full URL (including trailing slash) of a Matomo (formerly Piwik) installation you want to use to track Weblate use. For more info about Matomo, see <https://matomo.org/>.

Hint

This integration does not support the Matomo Tag Manager.

For example:

MATOMO_SITE_ID = 1
MATOMO_URL = "https://example.matomo.cloud/"

See also

MATOMO_SITE_ID

MT_SERVICES

Changed in version 3.0: The setting was renamed from MACHINE_TRANSLATION_SERVICES to MT_SERVICES to be consistent with other machine translation settings.

List of enabled machine translation services to use.

Note

Many of the services need additional configuration like API keys, please check their documentation ref: machine for more details.

MT_SERVICES = (
    'weblate.machinery.apertium.ApertiumAPYTranslation',
    'weblate.machinery.deepl.DeepLTranslation',
    'weblate.machinery.glosbe.GlosbeTranslation',
    'weblate.machinery.google.GoogleTranslation',
    'weblate.machinery.microsoft.MicrosoftCognitiveTranslation',
    'weblate.machinery.microsoftterminology.MicrosoftTerminologyService',
    'weblate.machinery.mymemory.MyMemoryTranslation',
    'weblate.machinery.tmserver.AmagamaTranslation',
    'weblate.machinery.tmserver.TMServerTranslation',
    'weblate.machinery.yandex.YandexTranslation',
    'weblate.machinery.weblatetm.WeblateTranslation',
    'weblate.machinery.saptranslationhub.SAPTranslationHub',
    'weblate.memory.machine.WeblateMemory',
)

MT_APERTIUM_APY

URL of the Apertium-APy server, see http://wiki.apertium.org/wiki/Apertium-apy

MT_AWS_ACCESS_KEY_ID

Access key ID for Amazon Translate.

MT_AWS_SECRET_ACCESS_KEY

API secret key for Amazon Translate.

MT_AWS_REGION

Region name to use for Amazon Translate.

MT_BAIDU_ID

Client ID for the Baidu Zhiyun API, you can register at https://api.fanyi.baidu.com/api/trans/product/index

MT_BAIDU_SECRET

Client secret for the Baidu Zhiyun API, you can register at https://api.fanyi.baidu.com/api/trans/product/index

MT_DEEPL_API_VERSION

New in version 4.1.1.

API version to use with DeepL service. The version limits scope of usage:

v1

Is meant for CAT tools and is usable with user based suscription.

v2

Is meant for API usage and the subscription is usage based.

Previously Weblate was classified as a CAT tool by DeepL, so it was supposed to use v1 API, but now it is not classified that way and is supposed to use v2 API. Therefore it defaults to v2, you can change it to v1 in case you have existing CAT subscription and want Weblate to use that.

MT_DEEPL_KEY

API key for the DeepL API, you can register at https://www.deepl.com/pro.html

MT_GOOGLE_KEY

API key for Google Translate API v2, you can register at https://cloud.google.com/translate/docs

MT_GOOGLE_CREDENTIALS

API v3 json credentials file obtained in Google cloud console. Please provide full OS path. Credentials are per service-account affiliated with certain project. See https://cloud.google.com/docs/authentication/getting-started

MT_GOOGLE_PROJECT

API v3 Google cloud project id with activated Translation service having billing activated. See https://cloud.google.com/appengine/docs/standard/nodejs/building-app/creating-project

MT_GOOGLE_LOCATION

API v3 Google Cloud Application Engine may be specific to a location. Change accordingly if default global fallback does not work for you.

See https://cloud.google.com/appengine/docs/locations

MT_MICROSOFT_BASE_URL

Region base url domain as defined in the Base URLs section.

Defaults to api.cognitive.microsofttranslator.com for Azure Global.

For Azure China, please use api.translator.azure.cn.

MT_MICROSOFT_COGNITIVE_KEY

Client key for the Microsoft Cognitive Services Translator API.

MT_MICROSOFT_REGION

Region prefix as defined in Multi service subscription.

MT_MICROSOFT_ENDPOINT_URL

Region endpoint url domain for access token as defined in the Authenticating with an access token section.

Defaults to api.cognitive.microsoft.com for Azure Global.

For Azure China, please use your endpoint from Azure Portal.

MT_MYMEMORY_EMAIL

MyMemory identification e-mail address, you can get 1000 requests per day with this.

MT_MYMEMORY_KEY

MyMemory access key for private translation memory, use together with MT_MYMEMORY_USER.

MT_MYMEMORY_USER

MyMemory user ID for private translation memory, use together with MT_MYMEMORY_KEY.

MT_NETEASE_KEY

App key for NetEase Sight API, you can register at https://sight.netease.com/

MT_NETEASE_SECRET

App secret for the NetEase Sight API, you can register at https://sight.netease.com/

MT_TMSERVER

URL where tmserver is running.

MT_YANDEX_KEY

API key for the Yandex Translate API, you can register at https://tech.yandex.com/translate/

MT_YOUDAO_ID

Client ID for the Youdao Zhiyun API, you can register at https://ai.youdao.com/product-fanyi-text.s.

MT_YOUDAO_SECRET

Client secret for the Youdao Zhiyun API, you can register at https://ai.youdao.com/product-fanyi-text.s.

MT_SAP_BASE_URL

API URL to the SAP Translation Hub service.

MT_SAP_SANDBOX_APIKEY

API key for sandbox API usage

MT_SAP_USERNAME

Your SAP username

MT_SAP_PASSWORD

Your SAP password

MT_SAP_USE_MT

Whether to also use machine translation services, in addition to the term database. Possible values: True / False

NEARBY_MESSAGES

How many messages to show around the currently translated string.

RATELIMIT_ATTEMPTS

New in version 3.2.

Maximum number of authentication attempts before rate limiting is applied.

Defaults to 5.

RATELIMIT_WINDOW

New in version 3.2.

How long authentication is accepted after rate limiting applies.

An amount of seconds defaulting to 300 (5 minutes).

RATELIMIT_LOCKOUT

New in version 3.2.

How long authentication is locked after rate limiting applies.

An amount of seconds defaulting to 600 (10 minutes).

REGISTRATION_ALLOW_BACKENDS

New in version 4.1.

List of authentication backends to allow registration from in case it is otherwise disabled by REGISTRATION_OPEN.

Example:

REGISTRATION_ALLOW_BACKENDS = ["azuread-oauth2", "azuread-tenant-oauth2"]

Hint

The backend names match names used in URL for authentication.

REGISTRATION_CAPTCHA

A value of either True or False indicating whether registration of new accounts is protected by CAPTCHA. This setting is optional, and a default of True will be assumed if it is not supplied.

If turned on, a CAPTCHA is added to all pages where a users enters their e-mail address:

  • New account registration.

  • Password recovery.

  • Adding e-mail to an account.

  • Contact form for users that are not signed in.

REGISTRATION_EMAIL_MATCH

New in version 2.17.

Allows you to filter which e-mail addresses can register.

Defaults to .*, which allows any e-mail address to be registered.

You can use it to restrict registration to a single e-mail domain:

REGISTRATION_EMAIL_MATCH = r'^.*@weblate\.org$'

REGISTRATION_OPEN

Whether registration of new accounts is currently permitted. This optional setting can be be the default``True`` or changed to False.

This setting affects built-in authentication by e-mail address or through the Python Social Auth (you can white list certain backends using REGISTRATION_ALLOW_BACKENDS).

Note

If using third-party authentication methods such as LDAP authentication, it just hides the registration form, but new users might still be able to sign in and create accounts.

REPOSITORY_ALERT_THRESHOLD

New in version 4.0.2.

Threshold for triggering an alert for outdated repositories, or ones that contain too many changes. Defaults to 25.

SENTRY_DSN

New in version 3.9.

Sentry DSN to use for Collecting error reports.

SIMPLIFY_LANGUAGES

Use simple language codes for default language/country combinations. For example an fr_FR translation will use the fr language code. This is usually the desired behavior, as it simplifies listing languages for these default combinations.

Turn this off if you want to different translations for each variant.

SITE_TITLE

Site title to be used for the website and sent e-mails.

SPECIAL_CHARS

Additional characters to include in the visual keyboard, see Visual keyboard.

The default value is:

SPECIAL_CHARS = ('\t', '\n', '…')

SINGLE_PROJECT

New in version 3.8.

Redirects users directly to a project or component instead of showing the dashboard. You can either set it to True and in this case it only works in case there is actually only single project in Weblate. Alternatively set the project slug, and it will redirect unconditionally to this project.

Changed in version 3.11: The setting now also accepts a project slug, to force displaying that that single project.

Example:

SINGLE_PROJECT = "test"

STATUS_URL

The URL where your Weblate instance reports it’s status.

SUGGESTION_CLEANUP_DAYS

New in version 3.2.1.

Automatically deletes suggestions after a given number of days. Defaults to None, meaning no deletions.

URL_PREFIX

This settings allows you to run Weblate under some path (otherwise it relies on being run from the webserver root).

Note

To use this setting, you also need to configure your server to strip this prefix. For example with WSGI, this can be achieved by setting WSGIScriptAlias.

Hint

The prefix should start with a /.

Example:

URL_PREFIX = '/translations'

Note

This setting does not work with Django’s built-in server, you would have to adjust urls.py to contain this prefix.

VCS_BACKENDS

Configuration of available VCS backends.

Note

Weblate tries to use all supported backends you have the tools for.

Hint

You can limit choices or add custom VCS back-ends by using this.

VCS_BACKENDS = (
   'weblate.vcs.git.GitRepository',
)

VCS_CLONE_DEPTH

New in version 3.10.2.

Configures how deep cloning of repositories Weblate should do.

Note

Currently this is only supported in Git. By default Weblate does shallow clones of the repositories to make cloning faster and save disk space. Depending on your usage (for example when using custom Addons), you might want to increase the depth or turn off shallow clones completely by setting this to 0.

Hint

In case you get fatal: protocol error: expected old/new/ref, got 'shallow <commit hash>' error when pushing from Weblate, turn off shallow clones completely by setting:

VCS_CLONE_DEPTH = 0

WEBLATE_ADDONS

List of addons available for use. To use them, they have to be enabled for a given translation component. By default this includes all built-in addons, when extending the list you will probably want to keep existing ones enabled, for example:

WEBLATE_ADDONS = (
    # Built in addons
    'weblate.addons.gettext.GenerateMoAddon',
    'weblate.addons.gettext.UpdateLinguasAddon',
    'weblate.addons.gettext.UpdateConfigureAddon',
    'weblate.addons.gettext.MsgmergeAddon',
    'weblate.addons.gettext.GettextCustomizeAddon',
    'weblate.addons.gettext.GettextAuthorComments',
    'weblate.addons.cleanup.CleanupAddon',
    'weblate.addons.consistency.LangaugeConsistencyAddon',
    'weblate.addons.discovery.DiscoveryAddon',
    'weblate.addons.flags.SourceEditAddon',
    'weblate.addons.flags.TargetEditAddon',
    'weblate.addons.flags.SameEditAddon',
    'weblate.addons.flags.BulkEditAddon',
    'weblate.addons.generate.GenerateFileAddon',
    'weblate.addons.json.JSONCustomizeAddon',
    'weblate.addons.properties.PropertiesSortAddon',
    'weblate.addons.git.GitSquashAddon',
    'weblate.addons.removal.RemoveComments',
    'weblate.addons.removal.RemoveSuggestions',
    'weblate.addons.resx.ResxUpdateAddon',
    'weblate.addons.autotranslate.AutoTranslateAddon',
    'weblate.addons.yaml.YAMLCustomizeAddon',

    # Addon you want to include
    'weblate.addons.example.ExampleAddon',
)

See also

Addons

WEBLATE_FORMATS

New in version 3.0.

List of file formats available for use.

Note

The default list already has the common formats.

WEBLATE_GPG_IDENTITY

New in version 3.1.

Identity used by Weblate to sign Git commits, for example:

WEBLATE_GPG_IDENTITY = 'Weblate <weblate@example.com>'

Warning

Clean the cache if you change this setting, to clear info about its key is otherwise being cached for seven days. This does not apply for initial setup, as nothing is cached if this feature is not configured.