Configuration
All settings are stored in settings.py
(as is usual for Django).
Note
After changing any of these settings, you need to restart Weblate - both WSGI and Celery processes.
In case it is run as mod_wsgi
, you need to restart Apache to reload the
configuration.
See also
Please also check Django’s documentation for parameters configuring Django itself.
ANONYMOUS_USER_NAME
Username of users that are not signed in.
See also
AUDITLOG_EXPIRY
New in version 3.6.
How many days Weblate should keep audit logs, which contain info about account activity.
Defaults to 180 days.
AUTH_LOCK_ATTEMPTS
New in version 2.14.
Maximum number of failed authentication attempts before rate limiting is applied.
This is currently applied in the following locations:
Logins. Deletes the account password, preventing the user from signing in without requesting a new password.
Password resets. Prevents new e-mails from being sent, avoiding spamming users with too many password reset attempts.
Defaults to 10.
See also
AUTO_UPDATE
New in version 3.2.
Changed in version 3.11: The original on/off option was changed to differentiate which strings are accepted.
Updates all repositories on a daily basis.
Hint
Useful if you are not using Notification hooks to update Weblate repositories automatically.
Note
On/off options exist in addition to string selection for backward compatibility.
Options are:
"none"
No daily updates.
"remote"
alsoFalse
Only update remotes.
"full"
alsoTrue
Update remotes and merge working copy.
Note
This requires that Background tasks using Celery is working, and will take effect after it is restarted.
AVATAR_URL_PREFIX
Prefix for constructing avatar URLs as:
${AVATAR_URL_PREFIX}/avatar/${MAIL_HASH}?${PARAMS}
.
The following services are known to work:
- Gravatar (default), as per https://gravatar.com/
AVATAR_URL_PREFIX = 'https://www.gravatar.com/'
- Libravatar, as per https://www.libravatar.org/
AVATAR_URL_PREFIX = 'https://www.libravatar.org/'
See also
AUTH_TOKEN_VALID
New in version 2.14.
How long the authentication token and temporary password from password reset e-mails is valid for. Set in number of seconds, defaulting to 172800 (2 days).
AUTH_PASSWORD_DAYS
New in version 2.15.
How many days using the same password should be allowed.
Note
Password changes made prior to Weblate 2.15 will not be accounted for in this policy.
Defaults to 180 days.
AUTOFIX_LIST
List of automatic fixes to apply when saving a string.
Note
Provide a fully-qualified path to the Python class that implementing the autofixer interface.
Available fixes:
weblate.trans.autofixes.whitespace.SameBookendingWhitespace
Matches whitespace at the start and end of the string to the source.
weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis
Replaces trailing dots (…) if the source string has a corresponding ellipsis (…).
weblate.trans.autofixes.chars.RemoveZeroSpace
Removes zero-width space characters if the source does not contain any.
weblate.trans.autofixes.chars.RemoveControlChars
Removes control characters if the source does not contain any.
weblate.trans.autofixes.html.BleachHTML
Removes unsafe HTML markup from strings flagged as
safe-html
(see Unsafe HTML).
You can select which ones to use:
AUTOFIX_LIST = (
"weblate.trans.autofixes.whitespace.SameBookendingWhitespace",
"weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis",
)
See also
BACKGROUND_TASKS
New in version 4.5.2.
Defines how often lengthy maintenance tasks should be triggered for a component.
Right now this controls:
Automatic translation addon
Checks and fixups recalculation
Possible choices:
monthly
(this is the default)weekly
daily
never
Note
Increasing the frequency is not recommended when Weblate contains thousands of components.
BASE_DIR
Base directory where Weblate sources are located. Used to derive several other paths by default:
Default value: Top level directory of Weblate sources.
BASIC_LANGUAGES
New in version 4.4.
List of languages to offer users for starting new translation. When not specified built-in list is used which includes all commonly used languages, but without country specific variants.
This only limits non privileged users to add unwanted languages. The project admins are still presented with full selection of languages defined in Weblate.
Note
This does not define new languages for Weblate, it only filters existing ones in the database.
Example:
BASIC_LANGUAGES = {"cs", "it", "ja", "en"}
See also
BORG_EXTRA_ARGS
New in version 4.9.
You can pass additional arguments to borg create when built-in backups are triggered.
Example:
BORG_EXTRA_ARGS = ["--exclude", "vcs/"]
See also
CSP_SCRIPT_SRC, CSP_IMG_SRC, CSP_CONNECT_SRC, CSP_STYLE_SRC, CSP_FONT_SRC
Customize Content-Security-Policy
header for Weblate. The header is
automatically generated based on enabled integrations with third-party services
(Matomo, Google Analytics, Sentry, …).
All these default to empty list.
Example:
# Enable Cloudflare Javascript optimizations
CSP_SCRIPT_SRC = ["ajax.cloudflare.com"]
CHECK_LIST
List of quality checks to perform on a translation.
Note
Provide a fully-qualified path to the Python class implementing the check interface.
Adjust the list of checks to include ones relevant to you.
All built-in Quality checks are turned on by default, from where you can change these settings. By default they are commented out in Sample configuration so that default values are used. New checks then carried out for each new Weblate version.
You can turn off all checks:
CHECK_LIST = ()
You can turn on only a few:
CHECK_LIST = (
"weblate.checks.chars.BeginNewlineCheck",
"weblate.checks.chars.EndNewlineCheck",
"weblate.checks.chars.MaxLengthCheck",
)
Note
Changing this setting only affects newly changed translations, existing checks
will still be stored in the database. To also apply changes to the stored translations, run
updatechecks
.
COMMIT_PENDING_HOURS
New in version 2.10.
Number of hours between committing pending changes by way of the background task.
CONTACT_FORM
New in version 4.6.
Configures how e-mail from the contact form is being sent. Choose a configuration that matches your mail server configuration.
"reply-to"
The sender is used in as Reply-To, this is the default behaviour.
"from"
The sender is used in as From. Your mail server needs to allow sending such e-mails.
DATA_DIR
The folder Weblate stores all data in. It contains links to VCS repositories, a fulltext index and various configuration files for external tools.
The following subdirectories usually exist:
home
Home directory used for invoking scripts.
ssh
SSH keys and configuration.
static
Default location for static Django files, specified by
STATIC_ROOT
. See Serving static files.The Docker container uses a separate volume for this, see Docker container volumes.
media
Default location for Django media files, specified by
MEDIA_ROOT
. Contains uploaded screenshots, see Visual context for strings.vcs
Version control repositories for translations.
backups
Daily backup data, please check Dumped data for backups for details.
celery
Celery scheduler data, see Background tasks using Celery.
fonts
:User-uploaded fonts, see Managing fonts.
Note
This directory has to be writable by Weblate. Running it as uWSGI means
the www-data
user should have write access to it.
The easiest way to achieve this is to make the user the owner of the directory:
sudo chown www-data:www-data -R $DATA_DIR
Defaults to $BASE_DIR/data
.
DATABASE_BACKUP
New in version 3.1.
Whether the database backups should be stored as plain text, compressed or skipped. The authorized values are:
"plain"
"compressed"
"none"
See also
DEFAULT_ACCESS_CONTROL
New in version 3.3.
The default access control setting for new projects:
0
Public
1
Protected
100
Private
200
Custom
Use Custom if you are managing ACL manually, which means not relying on the internal Weblate management.
See also
DEFAULT_AUTO_WATCH
New in version 4.5.
Configures whether Automatically watch projects on contribution
should be turned on for new users. Defaults to True
.
See also
DEFAULT_RESTRICTED_COMPONENT
New in version 4.1.
The default value for component restriction.
See also
DEFAULT_ADD_MESSAGE, DEFAULT_ADDON_MESSAGE, DEFAULT_COMMIT_MESSAGE, DEFAULT_DELETE_MESSAGE, DEFAULT_MERGE_MESSAGE
Default commit messages for different operations, please check Component configuration for details.
DEFAULT_ADDONS
Default addons to install on every created component.
Note
This setting affects only newly created components.
Example:
DEFAULT_ADDONS = {
# Add-on with no parameters
"weblate.flags.target_edit": {},
# Add-on with parameters
"weblate.autotranslate.autotranslate": {
"mode": "suggest",
"filter_type": "todo",
"auto_source": "mt",
"component": "",
"engines": ["weblate-translation-memory"],
"threshold": "80",
},
}
See also
DEFAULT_COMMITER_EMAIL
New in version 2.4.
Committer e-mail address defaulting to noreply@weblate.org
.
See also
DEFAULT_COMMITER_NAME
New in version 2.4.
Committer name defaulting to Weblate
.
See also
DEFAULT_LANGUAGE
New in version 4.3.2.
Default source language to use for example in Source language.
Defaults to en. The matching language object needs to exist in the database.
See also
DEFAULT_MERGE_STYLE
New in version 3.4.
Merge style for any new components.
rebase - default
merge
See also
DEFAULT_TRANSLATION_PROPAGATION
New in version 2.5.
Default setting for translation propagation, defaults to True
.
DEFAULT_PULL_MESSAGE
Title for new pull requests,
defaulting to 'Update from Weblate'
.
ENABLE_AVATARS
Whether to turn on Gravatar-based avatars for users. By default this is on.
Avatars are fetched and cached on the server, lowering the risk of leaking private info, speeding up the user experience.
See also
ENABLE_HOOKS
Whether to enable anonymous remote hooks.
See also
ENABLE_HTTPS
Whether to send links to Weblate as HTTPS or HTTP. This setting affects sent e-mails and generated absolute URLs.
In the default configuration this is also used for several Django settings related to HTTPS - it enables secure cookies, toggles HSTS or enables redirection to HTTPS URL.
The HTTPS redirection might be problematic in some cases and you might hit
issue with infinite redirection in case you are using a reverse proxy doing SSL
termination which does not correctly pass protocol headers to Django. Please
tweak your reverse proxy configuration to emit X-Forwarded-Proto
or
Forwarded
headers or configure SECURE_PROXY_SSL_HEADER
to
let Django correctly detect the SSL status.
ENABLE_SHARING
Turn on/off the Share menu so users can share translation progress on social networks.
GET_HELP_URL
New in version 4.5.2.
URL where support for your Weblate instance can be found.
GITLAB_CREDENTIALS
New in version 4.3.
List for credentials for GitLab servers.
Hint
Use this in case you want Weblate to interact with more of them, for single
GitLab endpoint stick with GITLAB_USERNAME
and GITLAB_TOKEN
.
GITLAB_CREDENTIALS = {
"gitlab.com": {
"username": "weblate",
"token": "your-api-token",
},
"gitlab.example.com": {
"username": "weblate",
"token": "another-api-token",
},
}
GITLAB_USERNAME
GitLab username used to send merge requests for translation updates.
See also
GITLAB_TOKEN
New in version 4.3.
GitLab personal access token used to make API calls for translation updates.
GITHUB_CREDENTIALS
New in version 4.3.
List for credentials for GitHub servers.
Hint
Use this in case you want Weblate to interact with more of them, for single
GitHub endpoint stick with GITHUB_USERNAME
and GITHUB_TOKEN
.
GITHUB_CREDENTIALS = {
"api.github.com": {
"username": "weblate",
"token": "your-api-token",
},
"github.example.com": {
"username": "weblate",
"token": "another-api-token",
},
}
GITHUB_USERNAME
GitHub username used to send pull requests for translation updates.
See also
GITHUB_TOKEN
New in version 4.3.
GitHub personal access token used to make API calls to send pull requests for translation updates.
GOOGLE_ANALYTICS_ID
Google Analytics ID to turn on monitoring of Weblate using Google Analytics.
HIDE_REPO_CREDENTIALS
Hide repository credentials from the web interface. In case you have repository URL with user and password, Weblate will hide it when related info is shown to users.
For example instead of https://user:password@git.example.com/repo.git
it
will show just https://git.example.com/repo.git
. It tries to clean up VCS
error messages too in a similar manner.
Note
This is turned on by default.
HIDE_VERSION
New in version 4.3.1.
Hides version information from unauthenticated users. This also makes all documentation links point to latest version instead of the documentation matching currently installed version.
Hiding version is recommended security practice in some corporations, but it doesn’t prevent attacker to figure out version by probing the behavior.
Note
This is turned off by default.
IP_BEHIND_REVERSE_PROXY
New in version 2.14.
Indicates whether Weblate is running behind a reverse proxy.
If set to True
, Weblate gets IP address from a header defined by
IP_PROXY_HEADER
.
Warning
Ensure you are actually using a reverse proxy and that it sets this header, otherwise users will be able to fake the IP address.
Note
This is not on by default.
IP_PROXY_HEADER
New in version 2.14.
Indicates which header Weblate should obtain the IP address from when
IP_BEHIND_REVERSE_PROXY
is turned on.
Defaults to HTTP_X_FORWARDED_FOR
.
IP_PROXY_OFFSET
New in version 2.14.
Indicates which part of IP_PROXY_HEADER
is used as client IP
address.
Depending on your setup, this header might consist of several IP addresses,
(for example X-Forwarded-For: a, b, client-ip
) and you can configure
which address from the header is used as client IP address here.
Warning
Setting this affects the security of your installation, you should only configure it to use trusted proxies for determining IP address.
Defaults to 0.
LEGAL_URL
New in version 3.5.
URL where your Weblate instance shows its legal documents.
Hint
Useful if you host your legal documents outside Weblate for embedding them inside Weblate, please check Legal for details.
Example:
LEGAL_URL = "https://weblate.org/terms/"
See also
LICENSE_EXTRA
Additional licenses to include in the license choices.
Note
Each license definition should be tuple of its short name, a long name and an URL.
For example:
LICENSE_EXTRA = [
(
"AGPL-3.0",
"GNU Affero General Public License v3.0",
"https://www.gnu.org/licenses/agpl-3.0-standalone.html",
),
]
LICENSE_FILTER
Changed in version 4.3: Setting this to blank value now disables license alert.
Filter list of licenses to show. This also disables the license alert when set to empty.
Note
This filter uses the short license names.
For example:
LICENSE_FILTER = {"AGPL-3.0", "GPL-3.0-or-later"}
Following disables the license alert:
LICENSE_FILTER = set()
See also
LICENSE_REQUIRED
Defines whether the license attribute in Component configuration is required.
Note
This is off by default.
LIMIT_TRANSLATION_LENGTH_BY_SOURCE_LENGTH
Whether the length of a given translation should be limited. The restriction is the length of the source string * 10 characters.
Hint
Set this to False
to allow longer translations (up to 10.000 characters) irrespective of source string length.
Note
Defaults to True
.
LOCALIZE_CDN_URL and LOCALIZE_CDN_PATH
These settings configure the JavaScript localization CDN addon.
LOCALIZE_CDN_URL
defines root URL where the localization CDN is
available and LOCALIZE_CDN_PATH
defines path where Weblate should
store generated files which will be served at the LOCALIZE_CDN_URL
.
Hint
On Hosted Weblate, this uses https://weblate-cdn.com/
.
See also
LOGIN_REQUIRED_URLS
A list of URLs you want to require logging into. (Besides the standard rules built into Weblate).
Hint
This allows you to password protect a whole installation using:
LOGIN_REQUIRED_URLS = (r"/(.*)$",)
REST_FRAMEWORK["DEFAULT_PERMISSION_CLASSES"] = [
"rest_framework.permissions.IsAuthenticated"
]
Hint
It is desirable to lock down API access as well, as shown in the above example.
See also
LOGIN_REQUIRED_URLS_EXCEPTIONS
List of exceptions for LOGIN_REQUIRED_URLS
.
If not specified, users are allowed to access the sign in page.
Some of exceptions you might want to include:
LOGIN_REQUIRED_URLS_EXCEPTIONS = (
r"/accounts/(.*)$", # Required for sign in
r"/static/(.*)$", # Required for development mode
r"/widgets/(.*)$", # Allowing public access to widgets
r"/data/(.*)$", # Allowing public access to data exports
r"/hooks/(.*)$", # Allowing public access to notification hooks
r"/api/(.*)$", # Allowing access to API
r"/js/i18n/$", # JavaScript localization
)
MATOMO_SITE_ID
ID of a site in Matomo (formerly Piwik) you want to track.
Note
This integration does not support the Matomo Tag Manager.
See also
MATOMO_URL
Full URL (including trailing slash) of a Matomo (formerly Piwik) installation you want to use to track Weblate use. Please check <https://matomo.org/> for more details.
Hint
This integration does not support the Matomo Tag Manager.
For example:
MATOMO_SITE_ID = 1
MATOMO_URL = "https://example.matomo.cloud/"
See also
MT_SERVICES
Changed in version 3.0: The setting was renamed from MACHINE_TRANSLATION_SERVICES
to
MT_SERVICES
to be consistent with other machine translation settings.
List of enabled machine translation services to use.
Note
Many of the services need additional configuration like API keys, please check their documentation Machine translation for more details.
Hint
When using Docker container, this configuration is automatically generated based on provided API keys, see Machine translation settings.
MT_SERVICES = (
"weblate.machinery.apertium.ApertiumAPYTranslation",
"weblate.machinery.deepl.DeepLTranslation",
"weblate.machinery.glosbe.GlosbeTranslation",
"weblate.machinery.google.GoogleTranslation",
"weblate.machinery.libretranslate.LibreTranslateTranslation",
"weblate.machinery.microsoft.MicrosoftCognitiveTranslation",
"weblate.machinery.microsoftterminology.MicrosoftTerminologyService",
"weblate.machinery.mymemory.MyMemoryTranslation",
"weblate.machinery.tmserver.AmagamaTranslation",
"weblate.machinery.tmserver.TMServerTranslation",
"weblate.machinery.yandex.YandexTranslation",
"weblate.machinery.weblatetm.WeblateTranslation",
"weblate.machinery.saptranslationhub.SAPTranslationHub",
"weblate.memory.machine.WeblateMemory",
)
See also
MT_APERTIUM_APY
URL of the Apertium-APy server, https://wiki.apertium.org/wiki/Apertium-apy
See also
MT_AWS_ACCESS_KEY_ID
Access key ID for Amazon Translate.
See also
MT_AWS_SECRET_ACCESS_KEY
API secret key for Amazon Translate.
See also
MT_AWS_REGION
Region name to use for Amazon Translate.
See also
MT_BAIDU_ID
Client ID for the Baidu Zhiyun API, you can register at https://api.fanyi.baidu.com/api/trans/product/index
MT_BAIDU_SECRET
Client secret for the Baidu Zhiyun API, you can register at https://api.fanyi.baidu.com/api/trans/product/index
MT_DEEPL_API_URL
Changed in version 4.7: The full API URL is now configured to allow using the free plan. Before, it was only possible to
configure the API version using MT_DEEPL_API_VERSION
.
API URL to use with the DeepL service. At the time of writing, there is the v1 API as well as a free and a paid version of the v2 API.
https://api.deepl.com/v2/
(default in Weblate)Is meant for API usage on the paid plan, and the subscription is usage-based.
https://api-free.deepl.com/v2/
Is meant for API usage on the free plan, and the subscription is usage-based.
https://api.deepl.com/v1/
Is meant for CAT tools and is usable with a per-user subscription.
Previously Weblate was classified as a CAT tool by DeepL, so it was supposed to use the v1 API, but now is supposed to use the v2 API. Therefore it defaults to v2, and you can change it to v1 in case you have an existing CAT subscription and want Weblate to use that.
The easiest way to find out which one to use is to open an URL like the following in your browser:
https://api.deepl.com/v2/translate?text=Hello&target_lang=FR&auth_key=XXX
Replace the XXX with your auth_key. If you receive a JSON object which contains «Bonjour», you have the correct URL; if not, try the other three.
See also
MT_DEEPL_KEY
API key for the DeepL API, you can register at https://www.deepl.com/pro.html
See also
MT_LIBRETRANSLATE_API_URL
New in version 4.7.1.
API URL for the LibreTranslate instance to use.
https://libretranslate.com/
(official public instance)Requires an API key to use outside of the website.
Mirrors are documented on the LibreTranslate GitHub repository, some of which can be used without authentication:
https://github.com/LibreTranslate/LibreTranslate#user-content-mirrors
MT_LIBRETRANSLATE_KEY
New in version 4.7.1.
API key for the LibreTranslate instance specified in MT_LIBRETRANSLATE_API_URL.
MT_GOOGLE_KEY
API key for Google Translate API v2, you can register at https://cloud.google.com/translate/docs
MT_GOOGLE_CREDENTIALS
API v3 JSON credentials file obtained in the Google cloud console. Please provide a full OS path. Credentials are per service-account affiliated with certain project. Please check https://cloud.google.com/docs/authentication/getting-started for more details.
MT_GOOGLE_PROJECT
Google Cloud API v3 project id with activated translation service and billing activated. Please check https://cloud.google.com/appengine/docs/standard/nodejs/building-app/creating-project for more details
MT_GOOGLE_LOCATION
API v3 Google Cloud App Engine may be specific to a location.
Change accordingly if the default global
fallback does not work for you.
Please check https://cloud.google.com/appengine/docs/locations for more details
See also
MT_MICROSOFT_BASE_URL
Region base URL domain as defined in the «Base URLs» section.
Defaults to api.cognitive.microsofttranslator.com
for Azure Global.
For Azure China, please use api.translator.azure.cn
.
MT_MICROSOFT_COGNITIVE_KEY
Client key for the Microsoft Cognitive Services Translator API.
MT_MICROSOFT_REGION
Region prefix as defined in the «Authenticating with a Multi-service resource» section.
MT_MICROSOFT_ENDPOINT_URL
Region endpoint URL domain for access token as defined in the «Authenticating with an access token» section.
Defaults to api.cognitive.microsoft.com
for Azure Global.
For Azure China, please use your endpoint from the Azure Portal.
MT_MODERNMT_KEY
API key for the ModernMT machine translation engine.
See also
MT_MODERNMT_URL
URL of ModernMT. It defaults to https://api.modernmt.com/
for the cloud
service.
See also
MT_MYMEMORY_EMAIL
MyMemory identification e-mail address. It permits 1000 requests per day.
MT_MYMEMORY_KEY
MyMemory access key for private translation memory, use it with MT_MYMEMORY_USER
.
MT_MYMEMORY_USER
MyMemory user ID for private translation memory, use it with MT_MYMEMORY_KEY
.
MT_NETEASE_KEY
App key for NetEase Sight API, you can register at https://sight.youdao.com/
MT_NETEASE_SECRET
App secret for the NetEase Sight API, you can register at https://sight.youdao.com/
MT_TMSERVER
URL where tmserver is running.
See also
tmserver, Machine translation, Automatic suggestions, tmserver
MT_YANDEX_KEY
API key for the Yandex Translate API, you can register at https://yandex.com/dev/translate/
MT_YOUDAO_ID
Client ID for the Youdao Zhiyun API, you can register at https://ai.youdao.com/product-fanyi-text.s.
MT_YOUDAO_SECRET
Client secret for the Youdao Zhiyun API, you can register at https://ai.youdao.com/product-fanyi-text.s.
MT_SAP_BASE_URL
API URL to the SAP Translation Hub service.
MT_SAP_SANDBOX_APIKEY
API key for sandbox API usage
MT_SAP_USERNAME
Your SAP username
MT_SAP_PASSWORD
Your SAP password
MT_SAP_USE_MT
Whether to also use machine translation services, in addition to the term database.
Possible values: True
or False
NEARBY_MESSAGES
How many strings to show around the currently translated string. This is just a default value, users can adjust this in User profile.
DEFAULT_PAGE_LIMIT
New in version 4.7.
Default number of elements to display when pagination is active.
PAGURE_CREDENTIALS
New in version 4.3.2.
List for credentials for Pagure servers.
Hint
Use this in case you want Weblate to interact with more of them, for single
Pagure endpoint stick with PAGURE_USERNAME
and PAGURE_TOKEN
.
PAGURE_CREDENTIALS = {
"pagure.io": {
"username": "weblate",
"token": "your-api-token",
},
"pagure.example.com": {
"username": "weblate",
"token": "another-api-token",
},
}
PAGURE_USERNAME
New in version 4.3.2.
Pagure username used to send merge requests for translation updates.
See also
PAGURE_TOKEN
New in version 4.3.2.
Pagure personal access token used to make API calls for translation updates.
See also
PRIVACY_URL
New in version 4.8.1.
URL where your Weblate instance shows its privacy policy.
Hint
Useful if you host your legal documents outside Weblate for embedding them inside Weblate, please check Legal for details.
Example:
PRIVACY_URL = "https://weblate.org/terms/"
See also
RATELIMIT_ATTEMPTS
New in version 3.2.
Maximum number of authentication attempts before rate limiting is applied.
Defaults to 5.
See also
RATELIMIT_WINDOW
New in version 3.2.
How long authentication is accepted after rate limiting applies.
An amount of seconds defaulting to 300 (5 minutes).
See also
RATELIMIT_LOCKOUT
New in version 3.2.
How long authentication is locked after rate limiting applies.
An amount of seconds defaulting to 600 (10 minutes).
See also
REGISTRATION_ALLOW_BACKENDS
New in version 4.1.
List of authentication backends to allow registration from. This only limits new registrations, users can still authenticate and add authentication using all configured authentication backends.
It is recommended to keep REGISTRATION_OPEN
enabled while limiting
registration backends, otherwise users will be able to register, but Weblate
will not show links to register in the user interface.
Example:
REGISTRATION_ALLOW_BACKENDS = ["azuread-oauth2", "azuread-tenant-oauth2"]
Hint
The backend names match names used in URL for authentication.
See also
REGISTRATION_CAPTCHA
A value of either True
or False
indicating whether registration of new
accounts is protected by CAPTCHA. This setting is optional, and a default of
True
will be assumed if it is not supplied.
If turned on, a CAPTCHA is added to all pages where a users enters their e-mail address:
New account registration.
Password recovery.
Adding e-mail to an account.
Contact form for users that are not signed in.
REGISTRATION_EMAIL_MATCH
New in version 2.17.
Allows you to filter which e-mail addresses can register.
Defaults to .*
, which allows any e-mail address to be registered.
You can use it to restrict registration to a single e-mail domain:
REGISTRATION_EMAIL_MATCH = r"^.*@weblate\.org$"
REGISTRATION_OPEN
Whether registration of new accounts is currently permitted.
This optional setting can remain the default True
, or changed to False
.
This setting affects built-in authentication by e-mail address or through the
Python Social Auth (you can whitelist certain back-ends using
REGISTRATION_ALLOW_BACKENDS
).
Note
If using third-party authentication methods such as LDAP authentication, it just hides the registration form, but new users might still be able to sign in and create accounts.
REPOSITORY_ALERT_THRESHOLD
New in version 4.0.2.
Threshold for triggering an alert for outdated repositories, or ones that contain too many changes. Defaults to 25.
See also
REQUIRE_LOGIN
New in version 4.1.
This enables LOGIN_REQUIRED_URLS
and configures REST framework to
require authentication for all API endpoints.
Note
This is implemented in the Sample configuration. For Docker, use
WEBLATE_REQUIRE_LOGIN
.
SENTRY_DSN
New in version 3.9.
Sentry DSN to use for Collecting error reports.
See also
SIMPLIFY_LANGUAGES
Use simple language codes for default language/country combinations. For
example an fr_FR
translation will use the fr
language code. This is usually
the desired behavior, as it simplifies listing languages for these default
combinations.
Turn this off if you want to different translations for each variant.
SITE_DOMAIN
Configures site domain. This is necessary to produce correct absolute links in many scopes (for example activation e-mails, notifications or RSS feeds).
In case Weblate is running on non-standard port, include it here as well.
Examples:
# Production site with domain name
SITE_DOMAIN = "weblate.example.com"
# Local development with IP address and port
SITE_DOMAIN = "127.0.0.1:8000"
Note
This setting should only contain the domain name. For configuring protocol,
(enabling and enforcing HTTPS) use ENABLE_HTTPS
and for changing
URL, use URL_PREFIX
.
Hint
On a Docker container, the site domain is configured through
WEBLATE_ALLOWED_HOSTS
.
SITE_TITLE
Site title to be used for the website and sent e-mails.
SPECIAL_CHARS
Additional characters to include in the visual keyboard, Visual keyboard.
The default value is:
SPECIAL_CHARS = ("\t", "\n", "\u00a0", "…")
SINGLE_PROJECT
New in version 3.8.
Redirects users directly to a project or component instead of showing
the dashboard. You can either set it to True
and in this case it only works in
case there is actually only single project in Weblate. Alternatively set
the project slug, and it will redirect unconditionally to this project.
Changed in version 3.11: The setting now also accepts a project slug, to force displaying that single project.
Example:
SINGLE_PROJECT = "test"
SSH_EXTRA_ARGS
New in version 4.9.
Allows to add custom parameters when Weblate is invoking SSH. This is useful when connecting to servers using legacy encryption or other non-standard features.
For example when SSH connection in Weblate fails with Unable to negotiate with legacyhost: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1, you can enable that using:
SSH_EXTRA_ARGS = "-oKexAlgorithms=+diffie-hellman-group1-sha1"
Hint
The string is evaluated by shell, so make sure to quote any whitespace and special characters.
See also
STATUS_URL
The URL where your Weblate instance reports its status.
SUGGESTION_CLEANUP_DAYS
New in version 3.2.1.
Automatically deletes suggestions after a given number of days.
Defaults to None
, meaning no deletions.
UPDATE_LANGUAGES
New in version 4.3.2.
Controls whether languages database should be updated when running database
migration and is enabled by default. This setting has no effect on invocation
of setuplang
.
See also
URL_PREFIX
This setting allows you to run Weblate under some path (otherwise it relies on being run from the webserver root).
Note
To use this setting, you also need to configure your server to strip this prefix.
For example with WSGI, this can be achieved by setting WSGIScriptAlias
.
Hint
The prefix should start with a /
.
Example:
URL_PREFIX = "/translations"
Note
This setting does not work with Django’s built-in server, you would have to
adjust urls.py
to contain this prefix.
VCS_BACKENDS
Configuration of available VCS backends.
Note
Weblate tries to use all supported back-ends you have the tools for.
Hint
You can limit choices or add custom VCS back-ends by using this.
VCS_BACKENDS = ("weblate.vcs.git.GitRepository",)
See also
VCS_CLONE_DEPTH
New in version 3.10.2.
Configures how deep cloning of repositories Weblate should do.
Note
Currently this is only supported in Git. By default Weblate does shallow clones of the repositories to make cloning faster and save disk space. Depending on your usage (for example when using custom Add-ons), you might want to increase the depth or turn off shallow clones completely by setting this to 0.
Hint
In case you get fatal: protocol error: expected old/new/ref, got 'shallow
<commit hash>'
error when pushing from Weblate, turn off shallow clones completely by setting:
VCS_CLONE_DEPTH = 0
WEBLATE_ADDONS
List of addons available for use. To use them, they have to be enabled for a given translation component. By default this includes all built-in addons, when extending the list you will probably want to keep existing ones enabled, for example:
WEBLATE_ADDONS = (
# Built-in addons
"weblate.addons.gettext.GenerateMoAddon",
"weblate.addons.gettext.UpdateLinguasAddon",
"weblate.addons.gettext.UpdateConfigureAddon",
"weblate.addons.gettext.MsgmergeAddon",
"weblate.addons.gettext.GettextCustomizeAddon",
"weblate.addons.gettext.GettextAuthorComments",
"weblate.addons.cleanup.CleanupAddon",
"weblate.addons.consistency.LangaugeConsistencyAddon",
"weblate.addons.discovery.DiscoveryAddon",
"weblate.addons.flags.SourceEditAddon",
"weblate.addons.flags.TargetEditAddon",
"weblate.addons.flags.SameEditAddon",
"weblate.addons.flags.BulkEditAddon",
"weblate.addons.generate.GenerateFileAddon",
"weblate.addons.json.JSONCustomizeAddon",
"weblate.addons.properties.PropertiesSortAddon",
"weblate.addons.git.GitSquashAddon",
"weblate.addons.removal.RemoveComments",
"weblate.addons.removal.RemoveSuggestions",
"weblate.addons.resx.ResxUpdateAddon",
"weblate.addons.autotranslate.AutoTranslateAddon",
"weblate.addons.yaml.YAMLCustomizeAddon",
"weblate.addons.cdn.CDNJSAddon",
# Add-on you want to include
"weblate.addons.example.ExampleAddon",
)
Note
Removing the addon from the list does not uninstall it from the components. Weblate will crash in that case. Please uninstall addon from all components prior to removing it from this list.
See also
WEBLATE_EXPORTERS
New in version 4.2.
List of a available exporters offering downloading translations or glossaries in various file formats.
See also
WEBLATE_FORMATS
New in version 3.0.
List of file formats available for use.
Note
The default list already has the common formats.
See also
WEBLATE_GPG_IDENTITY
New in version 3.1.
Identity used by Weblate to sign Git commits, for example:
WEBLATE_GPG_IDENTITY = "Weblate <weblate@example.com>"
The Weblate GPG keyring is searched for a matching key (home/.gnupg
under
DATA_DIR
). If not found, a key is generated, please check
Signing Git commits with GnuPG for more details.
See also
WEBSITE_REQUIRED
Defines whether Project website has to be specified when creating a project. Turned on by default as that suits public server setups.
COMMENT_CLEANUP_DAYS
New in version 3.6.
Delete comments after a given number of days. Defaults to
None
, meaning no deletion at all.