可選 Weblate 模組¶

Several optional modules are available for your setup.

Git 匯出器¶

Provides you read-only access to the underlying Git repository using HTTP(S).

安裝¶

Add weblate.gitexport to installed apps in settings.py:
```
INSTALLED_APPS += ("weblate.gitexport",)
```
Export existing repositories by migrating your database after installation:
```
weblate migrate
```

提示

Git exporter is turned on in our official Docker image. To turn it of, use:

WEBLATE_REMOVE_APPS=weblate.gitexport

使用¶

The module automatically hooks into Weblate and sets the exported repository URL in the 組件配置. The repositories are accessible under the /git/ part of the Weblate URL, for example https://example.org/git/weblate/main/.

公開可用專案的儲存庫可以被複製而無需認證：

git clone 'https://example.org/git/weblate/main/'

Access to browse the repositories with restricted access (with Private access control or when REQUIRE_LOGIN is enabled) requires an API token which can be obtained in your user profile:

git clone 'https://user:KEY@example.org/git/weblate/main/'

備註

Weblate serves the Git repository itself, but it does not serve Git LFS objects. For repositories using Git LFS, clone from the upstream repository and add Weblate as another remote. If you only need Git-tracked files, you can clone from Weblate with GIT_LFS_SKIP_SMUDGE=1 to skip downloading Git LFS objects.

提示

By default members or Users group and anonymous user have access to the repositories for public projects via Access repository and Power user roles.

帳單¶

This is used on Hosted Weblate to define billing plans, track invoices and usage limits.

安裝¶

1. Add weblate.billing to installed apps in settings.py:

INSTALLED_APPS += ("weblate.billing",)

Run the database migration to optionally install additional database structures for the module:

weblate migrate

Billing plan creation and assignment¶

You first need to create a billing plan to activate billing. Navigate to the Administration section (represented by the wrench icon) and open the Tools screen. From there, proceed to the Django admin interface.

In the Django admin interface, locate the BILLING section and add a billing plan. For instance, you can add a Free plan with no cost.

If you wish to assign a billing plan to an existing project, this can also be done within the Django admin interface using the Customer billings option.

Lastly, the Django admin interface provides an Invoice option for logging your customer payments.

使用¶

After installation you can control billing in the admin interface. Users with billing enabled will get new Billing tab in their 使用者設定檔.

The billing module additionally allows users to create new projects and components without being superusers (see 新增翻譯專案和組件). This is possible when following conditions are met:

The billing is in its configured limits (any overusage results in blocking of project/component creation) and paid (if its price is non zero)
The user has Add projects to workspace permission for the workspace covered by the billing plan.

Upon project creation user is able to choose which workspace should contain the project. Projects created in a workspace with billing count against the billing plan assigned to that workspace. Users with the Edit workspace settings permission can view and pay the billing plan; billing notification e-mails are sent to these users. See 帳單 for details.

法律模組¶

This is used on Hosted Weblate to provide required legal documents. It comes provided with blank documents, and you are expected to fill out the following templates in the documents:

legal/documents/tos.html: 服務條款文件
legal/documents/privacy.html: 隱私政策文件
legal/documents/summary.html: 服務條款與隱私政策的簡短概覽
legal/documents/contracts.html: Subcontractor information

The legal module embeds these templates inside Weblate and uses legal/documents/tos.html for terms of service confirmation. This is separate from LEGAL_URL and PRIVACY_URL, which are meant for linking to externally hosted legal documents from the footer when the legal module is not enabled. When the legal module is enabled, Weblate links to the internal legal pages by default.

On changing the terms of service documents, please adjust LEGAL_TOS_DATE so that users are forced to agree with the updated documents.

備註

Legal documents for the Hosted Weblate service operated by Weblate s.r.o. are available in this Git repository: <https://github.com/WeblateOrg/wllegal/tree/main/wllegal/templates/legal/documents>.

The bundled terms of service and related legal documents are specific to that service and are not intended for general use. They might still come in handy as a starting point if adjusted to meet your needs.

安裝¶

1. Add weblate.legal to installed apps in settings.py:

INSTALLED_APPS += ("weblate.legal",)

# Optional:

# Social auth pipeline to confirm TOS upon registration/subsequent sign in
SOCIAL_AUTH_PIPELINE += ("weblate.legal.pipeline.tos_confirm",)

# Middleware to enforce TOS confirmation of signed in users
MIDDLEWARE += [
    "weblate.legal.middleware.RequireTOSMiddleware",
]

Run the database migration to optionally install additional database structures for the module:

weblate migrate

Edit the legal documents in the weblate/legal/templates/legal/ folder to match your service.

提示

In Docker deployments, enable the legal module using WEBLATE_LEGAL_INTEGRATION instead of editing settings.py. Use tos-confirm to enable the legal module and terms of service confirmation enforcement, or wllegal to additionally load the hosted legal document templates used by services operated by Weblate s.r.o. These templates are not intended for general use. To provide your own templates in Docker, place them in /app/data/python/customize/templates/legal/documents, see 取代標誌與其它靜態檔案.

Recreate the Docker container after changing environment variables, for example using docker compose up -d. Restarting an existing container does not apply changed environment values.

使用¶

After installation and editing, the legal documents are shown in the Weblate UI.

The legal document templates are regular Django templates. Text is translated only when you use Django translation tags such as {% translate %} or {% blocktranslate %}; plain HTML text is shown as written.

Legal pages and the sign-in and registration overview provide terms_url and privacy_url variables for linking to the terms of service and privacy policy documents.

By default, legal document wrappers use the tos CSS class. This class automatically numbers h2 headings, paragraphs with item, subitem, or subsubitem classes, and top-level ordered list items. If your legal text already contains numbering, set LEGAL_DOCUMENT_CSS_CLASS to an empty string to disable this styling.

Use LEGAL_HIDDEN_DOCUMENTS to hide optional legal pages such as subcontractors from the legal menu. Hidden pages return a 404 response when requested directly. If terms or privacy is hidden, links using terms_url or privacy_url fall back to LEGAL_URL or PRIVACY_URL when configured, otherwise the link is omitted.

To use externally hosted legal documents with terms confirmation, configure LEGAL_HIDDEN_DOCUMENTS to hide terms and privacy and set LEGAL_URL and PRIVACY_URL. The confirmation page then links to those external documents without requiring a legal/documents/tos.html template override.

頭像¶

Avatars are downloaded and cached server-side to reduce information leaks to the sites serving them by default. The built-in support for fetching avatars from e-mails addresses configured for it can be turned off using ENABLE_AVATARS.

Weblate 目前支援：

也參考

在地化 CDN¶

The JavaScript 在地化 CDN and 翻譯檔案 CDN add-ons write files to LOCALIZE_CDN_PATH; Weblate does not serve them. Configure the web server or CDN serving LOCALIZE_CDN_URL as a public, read-only static file host.

Treat every published CDN file as public. The add-on specific UUID in the URL is not an access-control mechanism. Do not enable CDN add-ons for components that contain private strings, unreleased product text, customer data, internal URLs, API examples, repository paths, translator comments, or file-format metadata that should not be exposed.

The 翻譯檔案 CDN add-on publishes raw translation files in formats supported by Weblate. Some formats can be interpreted by browsers or other clients as HTML, SVG, XML, JavaScript, YAML, or application-specific configuration. Serve the CDN from a dedicated domain that is separate from Weblate and from the application consuming the translations. Do not share authentication cookies with the CDN domain.

推薦的伺服器配置：

Serve only the directory configured by LOCALIZE_CDN_PATH; do not expose Weblate repositories, backups, media, configuration, or the whole data directory.
Disable directory listing.
使用 HTTPS 並使網路伺服器對 CDN 主機唯讀。
Send X-Content-Type-Options with nosniff.
Configure conservative MIME types. Serve unknown translation formats as text/plain or application/octet-stream; only serve weblate.js as JavaScript.
For raw translation formats that are not intended to be rendered in a browser, consider adding Content-Disposition with attachment.
Configure Access-Control-Allow-Origin only for sites that need browser access to the files.
Set cache lifetimes that match your update expectations, and purge CDN caches when stale translations must disappear quickly.

The following nginx snippet serves only the configured CDN directory and applies conservative defaults for raw translation files:

weblate/examples/weblate.nginx.cdn.conf¶

#
# nginx configuration for the Weblate localization CDN
#
# You will want to change:
#
# - server_name to match the host configured in LOCALIZE_CDN_URL
# - root to match LOCALIZE_CDN_PATH
# - Access-Control-Allow-Origin to the sites that need browser access
# - TLS configuration if HTTPS is not terminated before nginx
#
server {
    listen 80;
    server_name cdn.example.com;

    # LOCALIZE_CDN_PATH
    root /home/weblate/data/l10n-cdn;

    autoindex off;
    disable_symlinks on;

    location = / {
        return 404;
    }

    # The JavaScript localization add-on publishes this loader.
    location ~ "^/[0-9a-f]{32}/weblate\.js$" {
        try_files $uri =404;

        types {
            application/javascript js;
        }
        default_type application/javascript;

        add_header X-Content-Type-Options nosniff always;
        # add_header Access-Control-Allow-Origin "https://www.example.com" always;

        expires 1h;
    }

    # Other CDN files are translation files. Serve them conservatively so raw
    # formats are not interpreted as active browser content.
    location / {
        try_files $uri =404;

        types {
        }
        default_type text/plain;

        add_header X-Content-Type-Options nosniff always;
        add_header Content-Disposition "attachment" always;
        # add_header Access-Control-Allow-Origin "https://www.example.com" always;

        expires 1h;
    }
}

也參考

Signing Git commits with GnuPG¶

All commits can be signed by the GnuPG key of the Weblate instance.

Turn on WEBLATE_GPG_IDENTITY. (Weblate will generate a GnuPG key when needed and will use it to sign all translation commits.)

這個特性需要安裝 GnuPG 2.1 或更新版。

您可以在 DATA_DIR 中找到金鑰，而公鑰顯示在“關於”頁面上：
Alternatively you can also import existing keys into Weblate, just set HOME=$DATA_DIR/home when invoking gpg.

提示

The key material is cached by Weblate for a long period. In case you let Weblate generate a key with WEBLATE_GPG_IDENTITY and then import key with the same identity to use an existing key, purging redis cache is recommended to see the effect of such change.

備註

When sharing DATA_DIR between multiple hosts, please follow instructions at https://wiki.gnupg.org/NFS to make GnuPG signing work reliably.

也參考

WEBLATE_GPG_IDENTITY

速率限制¶

在 4.6 版的變更: The rate limiting no longer applies to signed in superusers.

Several operations in Weblate are rate limited. At most RATELIMIT_ATTEMPTS attempts are allowed within RATELIMIT_WINDOW seconds. The user is then blocked for RATELIMIT_LOCKOUT. There are also settings specific to scopes, for example RATELIMIT_CONTACT_ATTEMPTS or RATELIMIT_TRANSLATE_ATTEMPTS. The table below is a full list of available scopes.

後面的操作受到速率限制：

名稱	範圍	允許的嘗試	速率限制視窗	鎖定時間
註冊	`REGISTRATION`	5	300	600
Sending message to admins	`MESSAGE`	2	300	600
Password authentication on sign-in	`LOGIN`	5	300	600
第二要素身分驗證	`SECOND_FACTOR`	5	300	600
網站範圍搜尋	`SEARCH`	6	60	60
翻譯	`TRANSLATE`	30	60	600
新增至詞彙表	`GLOSSARY`	30	60	600
Starting translation into a new language	`LANGUAGE`	2	300	600
建立新專案	`PROJECT`	5	600	600

The rate limiting is based on sessions when user is signed in and on IP address if not.

If a user fails to sign in AUTH_LOCK_ATTEMPTS times, password authentication will be turned off on the account until having gone through the process of having its password reset.

The settings can be also applied in the Docker container by adding WEBLATE_ prefix to the setting name, for example RATELIMIT_ATTEMPTS becomes WEBLATE_RATELIMIT_ATTEMPTS.

API 具有另外的速率限制設定，請參閱 API 速率限制。

也參考