Configuration¶
All settings are stored in settings.py
(as is usual for Django).
Note
After changing any of these settings, you need to restart Weblate — both WSGI and Celery processes.
In case it is run as mod_wsgi
, you need to restart Apache to reload the
configuration.
See also
Please also check Django’s documentation for parameters configuring Django itself.
ADMINS_CONTACT¶
Configures where contact form sends e-mails. If not configured,
e-mail addresses from ADMINS
are used.
Configure this as a list of e-mail addresses:
ADMINS_CONTACT = ["admin@example.com", "support@example.com"]
See also
ANONYMOUS_USER_NAME¶
Username of users that are not signed in.
See also
AUDITLOG_EXPIRY¶
How many days Weblate should keep audit logs (which contain info about account activity).
Defaults to 180 days.
AUTH_LOCK_ATTEMPTS¶
Maximum number of failed authentication attempts before rate limiting is applied.
This is currently applied in the following locations:
Sign in. Deletes the account password, preventing the user from signing in without requesting a new password.
Password reset. Prevents new e-mails from being sent, avoiding spamming users with too many password-reset attempts.
Defaults to 10.
See also
AUTO_UPDATE¶
Updates all repositories on a daily basis.
Hint
Useful if you are not using Notification hooks to update Weblate repositories automatically.
Note
On/off options exist in addition to string selection for backward compatibility.
The options are:
"none"
No daily updates.
"remote"
alsoFalse
Only update remotes.
"full"
alsoTrue
Update remotes and merge working copy.
Note
This requires that Background tasks using Celery is working, and will take effect after it is restarted.
AVATAR_URL_PREFIX¶
Prefix for constructing avatar URLs as:
${AVATAR_URL_PREFIX}/avatar/${MAIL_HASH}?${PARAMS}
.
The following services are known to work:
- Gravatar (default), as per https://gravatar.com/
AVATAR_URL_PREFIX = 'https://www.gravatar.com/'
- Libravatar, as per https://www.libravatar.org/
AVATAR_URL_PREFIX = 'https://www.libravatar.org/'
See also
AUTH_TOKEN_VALID¶
How long the authentication token and temporary password from password reset e-mails is valid for. Set in number of seconds, defaulting to 172800 (2 days).
AUTH_PASSWORD_DAYS¶
How many days Weblate rejects reusing a previously used password for a user.
The checking is based on the audit log, AUDITLOG_EXPIRY
needs to be
at least same as this.
Note
Password changes made prior to Weblate 2.15 will not be accounted for in this policy.
Defaults to 180 days.
AUTOFIX_LIST¶
List of automatic fixes to apply when saving a string.
Note
Provide a fully-qualified path to the Python class that implements the autofixer interface.
Available fixes:
weblate.trans.autofixes.whitespace.SameBookendingWhitespace
Matches whitespace at the start and end of the string to the source.
weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis
Replaces trailing dots (…) if the source string has a corresponding ellipsis (…).
weblate.trans.autofixes.chars.RemoveZeroSpace
Removes zero-width space characters if the source does not contain any.
weblate.trans.autofixes.chars.RemoveControlChars
Removes control characters if the source does not contain any.
weblate.trans.autofixes.chars.DevanagariDanda
Replaces sentence full stop in Bangla by the devanagari danda character.
weblate.trans.autofixes.html.BleachHTML
Removes unsafe HTML markup from strings flagged as
safe-html
(see Unsafe HTML).
You can select which ones to use:
AUTOFIX_LIST = (
"weblate.trans.autofixes.whitespace.SameBookendingWhitespace",
"weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis",
)
See also
BACKGROUND_TASKS¶
Added in version 4.5.2.
Defines how often lengthy maintenance tasks should be triggered for a component.
Right now this controls:
Automatic translation add-on
Checks and fixups recalculation
Possible choices:
monthly
(this is the default)weekly
daily
never
Note
Increasing the frequency is not recommended when Weblate contains thousands of components.
BASIC_LANGUAGES¶
Added in version 4.4.
List of languages to offer users for starting a new translation. When not specified, a built-in list is used (which includes all commonly used languages, but without country specific variants).
This only limits non privileged users to add unwanted languages. Project admins are still presented with the full selection of languages defined in Weblate.
Note
This does not define new languages for Weblate — it only filters existing ones in the database.
Example:
BASIC_LANGUAGES = {"cs", "it", "ja", "en"}
See also
BORG_EXTRA_ARGS¶
Added in version 4.9.
You can pass additional arguments to borg create when built-in backups are triggered.
Example:
BORG_EXTRA_ARGS = ["--exclude", "vcs/"]
See also
CACHE_DIR¶
Added in version 4.16.
Directory where Weblate stores cache files. Defaults to cache
subfolder
in DATA_DIR
.
Change this to local or temporary filesystem if DATA_DIR
is on a
network filesystem.
The Docker container uses a separate volume for this, see Docker container volumes.
The following subdirectories usually exist:
fonts
font-config cache for Managing fonts.
avatar
Cached user avatars, see Avatars.
static
Default location for static Django files, specified by
STATIC_ROOT
. See Serving static files.tesseract
OCR trained data for Visual context for strings.
CSP_SCRIPT_SRC, CSP_IMG_SRC, CSP_CONNECT_SRC, CSP_STYLE_SRC, CSP_FONT_SRC, CSP_FORM_SRC¶
Customize Content-Security-Policy header for Weblate. The header is automatically generated based on enabled integrations with third-party services (Matomo, Google Analytics, Sentry, …).
All these default to empty list.
Example:
# Enable Cloudflare Javascript optimizations
CSP_SCRIPT_SRC = ["ajax.cloudflare.com"]
CHECK_LIST¶
List of quality checks to perform on a translation.
Note
Provide a fully-qualified path to the Python class implementing the check interface.
Adjust the list of checks to include ones relevant to you.
All built-in Quality checks are turned on by default, from where you can change these settings. By default they are commented out in Sample configuration so that default values are used. New checks are then carried out for each new Weblate version.
You can turn off all checks:
CHECK_LIST = ()
You can turn on only a few:
CHECK_LIST = (
"weblate.checks.chars.BeginNewlineCheck",
"weblate.checks.chars.EndNewlineCheck",
"weblate.checks.chars.MaxLengthCheck",
)
Note
Changing this setting only affects newly changed translations. Existing checks
will still be stored in the database. To also apply changes to the stored translations, run
updatechecks
.
COMMIT_PENDING_HOURS¶
Number of hours between committing pending changes by way of the background task.
CONTACT_FORM¶
Added in version 4.6.
Configures how e-mail from the contact form is being sent. Choose a configuration that matches the configuration of your mail server.
"reply-to"
The sender is used in as Reply-To, this is the default behaviour.
"from"
The sender is used in as From. Your mail server needs to allow sending such e-mails.
See also
DATA_DIR¶
The folder Weblate stores all data in. It contains links to VCS repositories, a fulltext index and various configuration files for external tools.
The following subdirectories usually exist:
home
Home directory used for invoking scripts.
ssh
SSH keys and configuration.
media
Default location for Django media files, specified by
MEDIA_ROOT
. Contains uploaded screenshots, see Visual context for strings.vcs
Version-control repositories for translations.
backups
Daily backup data. Please check Dumped data for backups for details.
fonts
:User-uploaded fonts, see Managing fonts.
cache
Various caches. Can be placed elsewhere using
CACHE_DIR
.The Docker container uses a separate volume for this, see Docker container volumes.
Note
This directory has to be writable by Weblate. Running it as uWSGI means
the www-data
user should have write access to it.
The easiest way to achieve this is to make the user the owner of the directory:
sudo chown www-data:www-data -R $DATA_DIR
Defaults to /home/weblate/data
, but it is expected to be configured.
DATABASE_BACKUP¶
Whether the database backups should be stored as plain text, compressed or skipped. The authorized values are:
"plain"
"compressed"
"none"
See also
DEFAULT_ACCESS_CONTROL¶
The default access-control setting for new projects:
0
Public
1
Protected
100
Private
200
Custom
Use Custom if you are managing ACL manually, which means not relying on the internal Weblate management.
See also
DEFAULT_AUTO_WATCH¶
Added in version 4.5.
Configures whether Automatically watch projects on contribution
should be turned on for new users. Defaults to True
.
See also
DEFAULT_RESTRICTED_COMPONENT¶
Added in version 4.1.
The default value for component restriction.
See also
DEFAULT_ADD_MESSAGE, DEFAULT_ADDON_MESSAGE, DEFAULT_COMMIT_MESSAGE, DEFAULT_DELETE_MESSAGE, DEFAULT_MERGE_MESSAGE¶
Default commit messages for different operations, please check Component configuration for details.
DEFAULT_ADDONS¶
Default add-ons to install for every created component.
Note
This setting affects only newly created components.
Example:
DEFAULT_ADDONS = {
# Add-on with no parameters
"weblate.flags.target_edit": {},
# Add-on with parameters
"weblate.autotranslate.autotranslate": {
"mode": "suggest",
"filter_type": "todo",
"auto_source": "mt",
"component": "",
"engines": ["weblate-translation-memory"],
"threshold": "80",
},
}
See also
DEFAULT_COMMITER_EMAIL¶
Committer e-mail address, defaulting to noreply@weblate.org
.
See also
DEFAULT_COMMITER_NAME¶
Committer name, defaulting to Weblate
.
See also
DEFAULT_LANGUAGE¶
Added in version 4.3.2.
Source language for any new components.
Defaults to en. The matching language object needs to exist in the database.
See also
DEFAULT_MERGE_STYLE¶
Merge style for any new components.
rebase - default
merge
See also
DEFAULT_TRANSLATION_PROPAGATION¶
Default setting for translation propagation, defaults to True
.
DEFAULT_PULL_MESSAGE¶
Configures the default title and message for pull requests.
ENABLE_AVATARS¶
Whether to turn on Gravatar-based avatars for users. On by default.
Avatars are fetched and cached on the server, lowering the risk of leaking private info, speeding up the user experience.
See also
ENABLE_HOOKS¶
Whether to turn on anonymous remote hooks.
See also
ENABLE_HTTPS¶
Changed in version 5.7: Weblate now requires https for WebAuthn support.
Whether to send links to Weblate as HTTPS or HTTP. This setting affects sent e-mails and generated absolute URLs.
In the default configuration this is also used for several Django settings related to HTTPS — it enables secure cookies, toggles HSTS or enables redirection to a HTTPS URL.
The HTTPS redirection might be problematic in some cases and you might hit
an issue with infinite redirection in case you are using a reverse proxy doing
an SSL termination which does not correctly pass protocol headers to Django.
Please tweak your reverse proxy configuration to emit X-Forwarded-Proto or
Forwarded headers or configure SECURE_PROXY_SSL_HEADER
to
let Django correctly detect the SSL status.
In case this is disabled, Weblate will fail to start with an
otp_webauthn.E031
error. You can silence this error by adding it to
SILENCED_SYSTEM_CHECKS
, but still WebAuthn will not work for
sites without HTTPS.
ENABLE_SHARING¶
Turn on/off the Share menu so users can share translation progress on social networks.
EXTRA_HTML_HEAD¶
Added in version 4.15.
Insert additional markup into the HTML header. Can be used for verification of site ownership, for example:
EXTRA_HTML_HEAD = '<link href="https://fosstodon.org/@weblate" rel="me">'
Warning
No sanitization is performed on the string. It is inserted as-is into the HTML header.
GET_HELP_URL¶
Added in version 4.5.2.
URL where support for your Weblate instance can be found.
GITEA_CREDENTIALS¶
Added in version 4.12.
List for credentials for Gitea servers.
GITEA_CREDENTIALS = {
"try.gitea.io": {
"username": "weblate",
"token": "your-api-token",
},
}
The configuration dictionary consists of credentials defined for each API host. The layout is same for almost all version control integrations and is described at Configuring version control credentials.
GITLAB_CREDENTIALS¶
Added in version 4.3.
List for credentials for GitLab servers.
GITLAB_CREDENTIALS = {
"gitlab.com": {
"username": "weblate",
"token": "your-api-token",
},
}
The configuration dictionary consists of credentials defined for each API host. The layout is same for almost all version control integrations and is described at Configuring version control credentials.
GITHUB_CREDENTIALS¶
Added in version 4.3.
List for credentials for GitHub servers.
GITHUB_CREDENTIALS = {
"api.github.com": {
"username": "weblate",
"token": "your-api-token",
},
}
Note
When creating a fine-grained personal access token, grant read and write access to Contents and Pull requests.
Hint
Use api.github.com
as a API host for https://github.com/.
The configuration dictionary consists of credentials defined for each API host. The layout is same for almost all version control integrations and is described at Configuring version control credentials.
BITBUCKETSERVER_CREDENTIALS¶
Added in version 4.16.
List for credentials for Bitbucket servers.
BITBUCKETSERVER_CREDENTIALS = {
"git.self-hosted.com": {
"username": "weblate",
"token": "http-access-token",
},
}
The configuration dictionary consists of credentials defined for each API host. The layout is same for almost all version control integrations and is described at Configuring version control credentials.
BITBUCKETCLOUD_CREDENTIALS¶
Added in version 5.8.
List for credentials for Bitbucket Cloud servers.
BITBUCKETCLOUD_CREDENTIALS = {
"bitbucket.org": {
"username": "your-username",
"workspace": "your-workspace-slug",
"token": "your-app-password",
},
}
The configuration dictionary consists of credentials defined for each API host.
The API host might be different from what you use in the web browser, for
example GitHub API is accessed as api.github.com
.
The following configuration is available for each host:
username
API user.
workspace
The user workspace slug.
token
The App password with pullrequest:write permission.
Additional settings not described here can be found at Configuring version control credentials.
See also
Bitbucket Cloud pull requests, Create an App password <https://support.atlassian.com/bitbucket-cloud/docs/create-an-app-password/>, App password permissions
AZURE_DEVOPS_CREDENTIALS¶
Added in version 5.2.
List for credentials for Azure DevOps servers.
AZURE_DEVOPS_CREDENTIALS = {
"dev.azure.com": {
"username": "project-name",
"token": "your-api-token",
"organization": "organization-name",
},
}
The configuration dictionary consists of credentials defined for each API host.
The API host might be different from what you use in the web browser, for
example GitHub API is accessed as api.github.com
.
The following configuration is available for each host:
username
The name of the Azure DevOps project. This is not the repository name.
organization
The name of the organization of the project.
workItemIds
An optional list of work items IDs from your organization. When provided new pull requests will have these attached.
token
API token for the API user, required.
Additional settings not described here can be found at Configuring version control credentials.
GOOGLE_ANALYTICS_ID¶
Google Analytics ID to turn on monitoring of Weblate using Google Analytics.
HIDE_REPO_CREDENTIALS¶
Hide repository credentials from the web interface. In case you have repository URL with user and password, Weblate will hide it when related info is shown to users.
For example instead of https://user:password@git.example.com/repo.git
it
will show just https://git.example.com/repo.git
. It tries to clean up VCS
error messages too in a similar manner.
Note
On by default.
HIDE_VERSION¶
Added in version 4.3.1.
Hides version info from unauthenticated users. This also makes all documentation links point to the latest version instead of the documentation matching the currently installed version.
Hiding the version is a recommended security practice in some corporations, does not prevent an attacker from figuring out version by probing behavior.
Note
This is turned off by default.
INTERLEDGER_PAYMENT_POINTERS¶
Added in version 4.12.1.
List of Interledger Payment Pointers (ILPs) for Web Monetization.
If multiple are specified, probabilistic revenue sharing is achieved by selecting one randomly.
Please check <https://webmonetization.org/> for more details.
Hint
The default value lets users fund Weblate itself.
IP_BEHIND_REVERSE_PROXY¶
Indicates whether Weblate is running behind a reverse proxy.
If set to True
, Weblate gets IP address from a header defined by
IP_PROXY_HEADER
.
Warning
Ensure you are actually using a reverse proxy and that it sets this header, otherwise users will be able to fake the IP address.
Note
This is not on by default.
IP_PROXY_HEADER¶
Indicates which header Weblate should obtain the IP address from when
IP_BEHIND_REVERSE_PROXY
is turned on.
Defaults to HTTP_X_FORWARDED_FOR
.
IP_PROXY_OFFSET¶
Changed in version 5.0.1: The default changed from 1 to -1.
Indicates which part of IP_PROXY_HEADER
is used as client IP
address.
Depending on your setup, this header might consist of several IP addresses,
(for example X-Forwarded-For: client-ip, proxy-a, proxy-b
) and you can configure
which address from the header is used as client IP address here.
Warning
Setting this affects the security of your installation. You should only configure it to use trusted proxies for determining the IP address. Please check <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#security_and_privacy_concerns> for more details.
Defaults to -1.
LEGAL_TOS_DATE¶
Added in version 4.15.
Note
You need Legal installed to make this work.
Date of last update of terms of service documents. Whenever the date changes, users are required to agree with the updated terms of service.
from datetime import date
LEGAL_TOS_DATE = date(2022, 2, 2)
LEGAL_URL¶
URL where your Weblate instance shows its legal documents.
Hint
Useful if you host your legal documents outside Weblate for embedding them inside Weblate. Please check Legal for details.
Example:
LEGAL_URL = "https://weblate.org/terms/"
See also
LICENSE_EXTRA¶
Additional licenses to include in the license choices.
Note
Each license definition should be tuple of its short name, a long name and an URL.
For example:
LICENSE_EXTRA = [
(
"AGPL-3.0",
"GNU Affero General Public License v3.0",
"https://www.gnu.org/licenses/agpl-3.0-standalone.html",
),
]
LICENSE_FILTER¶
Changed in version 4.3: Setting this to blank value now disables license alert.
Filter list of licenses to show. This also disables the license alert when set to empty.
Note
This filter uses the short license names.
For example:
LICENSE_FILTER = {"AGPL-3.0", "GPL-3.0-or-later"}
Following disables the license alert:
LICENSE_FILTER = set()
See also
LICENSE_REQUIRED¶
Defines whether the license attribute in Component configuration is required.
Note
This is off by default.
LIMIT_TRANSLATION_LENGTH_BY_SOURCE_LENGTH¶
Whether the length of a given translation should be limited. The restriction is the length of the source string × 10 characters.
Hint
Set this to False
to allow longer translations (up to 10,000 characters) irrespective of source string length.
Note
Defaults to True
.
LOCALIZE_CDN_URL and LOCALIZE_CDN_PATH¶
These settings configure the JavaScript localization CDN add-on.
LOCALIZE_CDN_URL
defines root URL where the localization CDN is
available and LOCALIZE_CDN_PATH
defines path where Weblate should
store generated files which will be served at the LOCALIZE_CDN_URL
.
Hint
On Hosted Weblate, this uses https://weblate-cdn.com/
.
See also
LOGIN_REQUIRED_URLS¶
A list of URLs you want to require signing in. (Besides the standard rules built into Weblate).
Hint
This allows you to password protect a whole installation using:
LOGIN_REQUIRED_URLS = (r"/(.*)$",)
REST_FRAMEWORK["DEFAULT_PERMISSION_CLASSES"] = [
"rest_framework.permissions.IsAuthenticated"
]
Hint
It is desirable to lock down API access as well, as shown in the above example.
See also
LOGIN_REQUIRED_URLS_EXCEPTIONS¶
List of exceptions for LOGIN_REQUIRED_URLS
.
If not specified, users are allowed to access the sign-in page.
See the Sample configuration for recommended configuration of this setting.
MATOMO_SITE_ID¶
ID of the site in Matomo (formerly Piwik) you want to use for tracking Weblate.
Note
This integration does not support the Matomo Tag Manager.
See also
MATOMO_URL¶
Full URL (including trailing slash) of a Matomo (formerly Piwik) installation you want to use to track Weblate use. Please check <https://matomo.org/> for more details.
Hint
This integration does not support the Matomo Tag Manager.
For example:
MATOMO_SITE_ID = 1
MATOMO_URL = "https://example.matomo.cloud/"
See also
NEARBY_MESSAGES¶
How many strings to show around the currently translated string. This is just a default value, users can adjust this in User profile.
DEFAULT_PAGE_LIMIT¶
Added in version 4.7.
Default number of elements to display when pagination is active.
PAGURE_CREDENTIALS¶
Added in version 4.3.2.
List for credentials for Pagure servers.
PAGURE_CREDENTIALS = {
"pagure.io": {
"username": "weblate",
"token": "your-api-token",
},
}
The configuration dictionary consists of credentials defined for each API host. The layout is same for almost all version control integrations and is described at Configuring version control credentials.
See also
PRIVACY_URL¶
Added in version 4.8.1.
URL where your Weblate instance shows its privacy policy.
Hint
Useful if you host your legal documents outside Weblate for embedding them inside Weblate, please check Legal for details.
Example:
PRIVACY_URL = "https://weblate.org/terms/"
See also
PRIVATE_COMMIT_EMAIL_OPT_IN¶
Added in version 4.15.
Configures whether the private commit e-mail is opt-in or opt-out (by default it is opt-in).
Hint
This setting only applies to users which have not explicitly chosen a commit e-mail.
See also
PRIVATE_COMMIT_EMAIL_TEMPLATE¶
Added in version 4.15.
Template to generate private commit e-mail for an user. Defaults to "{username}@users.noreply.{site_domain}"
.
Set to blank string to disable.
Note
Using different commit e-mail is opt-in for users unless configured by
PRIVATE_COMMIT_EMAIL_OPT_IN
. Users can configure commit e-mail in
the Profile.
PROJECT_BACKUP_KEEP_COUNT¶
Added in version 4.14.
Defines how many backups per project are kept on the server. Defaults to 3.
See also
PROJECT_BACKUP_KEEP_DAYS¶
Added in version 4.14.
Defines how long the project backups will be kept on the server. Defaults to 30 days.
See also
PROJECT_NAME_RESTRICT_RE¶
Added in version 4.15.
Defines a regular expression to restrict project naming. Any matching names will be rejected.
See also
PROJECT_WEB_RESTRICT_HOST¶
Added in version 4.16.2.
Reject using certain hosts in project website. Any subdomain is matched, so
including example.com
will block test.example.com
as well. The list
should contain lower case strings only, the parsed domain is lower cased before
matching.
Default configuration:
PROJECT_WEB_RESTRICT_HOST = {"localhost"}
PROJECT_WEB_RESTRICT_NUMERIC¶
Added in version 4.16.2.
Reject using numeric IP address in project website. On by default.
PROJECT_WEB_RESTRICT_RE¶
Added in version 4.15.
Defines a regular expression to restrict project websites. Any matching URLs will be rejected.
RATELIMIT_ATTEMPTS¶
Maximum number of authentication attempts before rate limiting is applied.
Defaults to 5.
See also
RATELIMIT_WINDOW¶
How long authentication is accepted after rate limiting applies.
An amount of seconds, defaulting to 300 (5 minutes).
See also
RATELIMIT_LOCKOUT¶
How long authentication is locked after rate limiting applies.
An amount of seconds defaulting to 600 (10 minutes).
See also
REGISTRATION_ALLOW_BACKENDS¶
Added in version 4.1.
List of authentication backends to allow registration from. This only limits new registrations, users can still authenticate and add authentication using all configured authentication backends.
It is recommended to keep REGISTRATION_OPEN
on while limiting
registration backends, otherwise users will be able to register, but Weblate
will not show links to register in the user interface.
Example:
REGISTRATION_ALLOW_BACKENDS = ["azuread-oauth2", "azuread-tenant-oauth2"]
Hint
The backend names match names used in the URL for authentication.
See also
REGISTRATION_CAPTCHA¶
Whether registration of new accounts is protected by a CAPTCHA. Defaults to enabled.
If turned on, a CAPTCHA is added to all pages where a users enters their e-mail address:
New account registration.
Password recovery.
Adding e-mail to an account.
Contact form for users that are not signed in.
REGISTRATION_EMAIL_MATCH¶
Allows you to filter which e-mail addresses can register.
Defaults to .*
, which allows any e-mail address to be registered.
You can use it to restrict registration to a single e-mail domain:
REGISTRATION_EMAIL_MATCH = r"^.*@weblate\.org$"
REGISTRATION_OPEN¶
Whether registration of new accounts is currently permitted. Defaults to enabled.
This setting affects built-in authentication by e-mail address or through the
Python Social Auth (you can whitelist certain back-ends using
REGISTRATION_ALLOW_BACKENDS
).
Note
If using third-party authentication methods such as LDAP authentication, it just hides the registration form, but new users might still be able to sign in and create accounts.
REGISTRATION_REBIND¶
Added in version 4.16.
Allow rebinding authentication backends for existing users. Turn this on when migrating between authentication providers.
Note
Off by default to not allow adding other authentication backends to an existing account. Rebinding can lead to account compromise when using more third-party authentication backends.
REPOSITORY_ALERT_THRESHOLD¶
Added in version 4.0.2.
Threshold for triggering an alert for outdated repositories, or ones that contain too many changes. Defaults to 25.
See also
REQUIRE_LOGIN¶
Added in version 4.1.
This enables LOGIN_REQUIRED_URLS
and configures REST framework to
require authentication for all API endpoints.
Note
This is implemented in the Sample configuration. For Docker, use
WEBLATE_REQUIRE_LOGIN
.
SENTRY_DSN¶
Sentry DSN to use for Collecting error reports and monitoring performance.
See also
SENTRY_ENVIRONMENT¶
Configures environment for Sentry. Defaults to devel
.
SENTRY_PROFILES_SAMPLE_RATE¶
Configure sampling rate for performance monitoring. Set to 1 to trace all events, 0 (the default) disables tracing.
See also
SENTRY_SEND_PII¶
Allow Sentry to collect certain personally identifiable information. Turned off by default.
Changed in version 5.7: This is turned off by default now, used to be turned on by default.
SENTRY_TRACES_SAMPLE_RATE¶
Configure sampling rate for profiling monitoring. Set to 1 to trace all events, 0 (the default) disables tracing.
See also
SIMPLIFY_LANGUAGES¶
Use simple language codes for default language/country combinations.
For example an fr_FR
translation will use the fr
language code.
This is usually the desired behavior, as it simplifies listing languages
for these default combinations.
Turn this off if you want to different translations for each variant.
SITE_DOMAIN¶
Configures site domain. Necessary to produce correct absolute links in many scopes (for example activation e-mails, notifications or RSS feeds).
If Weblate is running on a non-standard port, include it here as well.
Examples:
# Production site with domain name
SITE_DOMAIN = "weblate.example.com"
# Local development with IP address and port
SITE_DOMAIN = "127.0.0.1:8000"
Note
This setting should only contain the domain name. For configuring protocol,
(turning on and enforcing HTTPS) use ENABLE_HTTPS
and for changing
the URL, use URL_PREFIX
.
Hint
On a Docker container, the site domain is configured through
WEBLATE_ALLOWED_HOSTS
.
SITE_TITLE¶
Site title to be used for the website and sent e-mails.
SPECIAL_CHARS¶
Additional characters to include in the visual keyboard, Visual keyboard.
The default value is:
SPECIAL_CHARS = ("\t", "\n", "\u00a0", "…")
SINGLE_PROJECT¶
Redirects users directly to a project or component instead of showing
the dashboard. You can either set it to True
so it only works
if there is actually only single project in Weblate. Alternatively, set
the project slug, and it will redirect unconditionally to this project.
Example:
SINGLE_PROJECT = "test"
SSH_EXTRA_ARGS¶
Added in version 4.9.
Allows adding custom parameters when Weblate is invoking SSH. Useful when connecting to servers using legacy encryption or other non-standard features.
For example when SSH connection in Weblate fails with Unable to negotiate with legacyhost: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1, you can turn that on using:
SSH_EXTRA_ARGS = "-oKexAlgorithms=+diffie-hellman-group1-sha1"
Hint
The string is evaluated by the shell, so ensure any whitespace and special characters is quoted.
See also
STATUS_URL¶
The URL where your Weblate instance reports its status.
SUGGESTION_CLEANUP_DAYS¶
Automatically deletes suggestions after a given number of days.
Defaults to None
, meaning no deletions.
SUPPORT_STATUS_CHECK¶
Added in version 5.5.
Disables semiannual support status check and redirecting superusers upon login to the donation page in case there is no active support subscription.
Hint
Improve your Weblate experience by purchasing a support subscription and boosting Weblate progress instead of turning this off.
UNUSED_ALERT_DAYS¶
Added in version 4.17.
Configures when the Component seems unused alert is triggered.
Defaults to 365 days, set to 0 to turn it off.
UPDATE_LANGUAGES¶
Added in version 4.3.2.
Controls whether languages database should be updated when running database
migration and is on by default. This setting has no effect on invocation
of setuplang
.
Warning
The languages display might become inconsistent with this. Weblate language definitions expand over time and it will not display language code for the defined languages.
See also
URL_PREFIX¶
This setting allows you to run Weblate under some path (otherwise it relies on being run from the webserver root).
Note
To use this setting, you also need to configure your server to strip this prefix.
For example with WSGI, this can be achieved by setting WSGIScriptAlias
.
Hint
The prefix should start with a /
.
Example:
URL_PREFIX = "/translations"
Note
This setting does not work with Django’s built-in server, you would have to
adjust urls.py
to contain this prefix.
VCS_API_DELAY¶
Added in version 4.15.1.
Configures minimal delay in seconds between third-party API calls in GitHub pull requests, GitLab merge requests, Gitea pull requests, Pagure merge requests, and Azure DevOps pull requests.
This rate-limits API calls from Weblate to these services to avoid overloading them.
If you are being limited by secondary rate-limiter at GitHub, increasing this might help.
The default value is 10.
VCS_BACKENDS¶
Configuration of available VCS backends.
Note
Weblate tries to use all supported back-ends you have the tools for.
Hint
You can limit choices or add custom VCS back-ends by using this.
VCS_BACKENDS = ("weblate.vcs.git.GitRepository",)
See also
VCS_CLONE_DEPTH¶
Configures how deep cloning of repositories Weblate should do.
Note
Currently this is only supported in Git. By default Weblate does shallow clones of the repositories to make cloning faster and save disk space. Depending on your usage (for example when using custom Add-ons), you might want to increase the depth or turn off shallow clones completely by setting this to 0.
Hint
In case you get fatal: protocol error: expected old/new/ref, got 'shallow
<commit hash>'
error when pushing from Weblate, turn off shallow clones completely by setting:
VCS_CLONE_DEPTH = 0
WEBLATE_ADDONS¶
List of add-ons available for use. To use them, they have to be enabled for a given translation component. By default this includes all built-in add-ons, when extending the list you will probably want to keep existing ones enabled, for example:
WEBLATE_ADDONS = (
# Built-in add-ons
"weblate.addons.gettext.GenerateMoAddon",
"weblate.addons.gettext.UpdateLinguasAddon",
"weblate.addons.gettext.UpdateConfigureAddon",
"weblate.addons.gettext.MsgmergeAddon",
"weblate.addons.gettext.GettextCustomizeAddon",
"weblate.addons.gettext.GettextAuthorComments",
"weblate.addons.cleanup.CleanupAddon",
"weblate.addons.consistency.LanguageConsistencyAddon",
"weblate.addons.discovery.DiscoveryAddon",
"weblate.addons.flags.SourceEditAddon",
"weblate.addons.flags.TargetEditAddon",
"weblate.addons.flags.SameEditAddon",
"weblate.addons.flags.BulkEditAddon",
"weblate.addons.generate.GenerateFileAddon",
"weblate.addons.json.JSONCustomizeAddon",
"weblate.addons.xml.XMLCustomizeAddon",
"weblate.addons.properties.PropertiesSortAddon",
"weblate.addons.git.GitSquashAddon",
"weblate.addons.removal.RemoveComments",
"weblate.addons.removal.RemoveSuggestions",
"weblate.addons.resx.ResxUpdateAddon",
"weblate.addons.autotranslate.AutoTranslateAddon",
"weblate.addons.yaml.YAMLCustomizeAddon",
"weblate.addons.cdn.CDNJSAddon",
# Add-on you want to include
"weblate.addons.example.ExampleAddon",
)
Note
Removing the add-on from the list does not uninstall it from the components. Weblate will crash in that case. Please uninstall the add-on from all components prior to removing it from this list.
See also
ADDON_ACTIVITY_LOG_EXPIRY¶
Added in version 5.6.
Configures how long activity logs for add-ons are kept. Defaults to 180 days.
WEBLATE_EXPORTERS¶
Added in version 4.2.
List of a available exporters offering downloading translations or glossaries in various file formats.
See also
WEBLATE_FORMATS¶
List of file formats available for use.
Note
The default list already has the common formats.
See also
WEBLATE_MACHINERY¶
Added in version 4.13.
List of machinery services available for use.
See also
WEBLATE_GPG_IDENTITY¶
Identity used by Weblate to sign Git commits, for example:
WEBLATE_GPG_IDENTITY = "Weblate <weblate@example.com>"
The Weblate GPG keyring is searched for a matching key (home/.gnupg
under
DATA_DIR
). If not found, a key is generated, please check
Signing Git commits with GnuPG for more details.
See also
WEBSITE_REQUIRED¶
Defines whether Project website has to be specified when creating a project. On by default, as that suits public server setups.
Configuring version control credentials¶
Hint
This section describes VCS credential variables as
GITHUB_CREDENTIALS
, GITLAB_CREDENTIALS
,
GITEA_CREDENTIALS
, PAGURE_CREDENTIALS
,
BITBUCKETSERVER_CREDENTIALS
.
The configuration dictionary consists of credentials defined for each API host.
The API host might be different from what you use in the web browser, for
example GitHub API is accessed as api.github.com
.
The credentials can also be overridden in Repository push URL or Source code repository (if push URL is not configured), these take precedence over the ones specified in the configuration file.
The following configuration is available for each host:
username
API user, required.
token
API token for the API user, required.
scheme
Added in version 4.18.
Scheme override. Weblate attempts to parse scheme from the repository URL and falls backs to
https
. If you are running the API server internally, you might want to usehttp
instead, but consider security.
Hint
In the Docker container, the credentials can be configured using environment variables, see Code hosting sites credentials.
COMMENT_CLEANUP_DAYS¶
Delete comments after a given number of days. Defaults to
None
, meaning no deletion at all.