| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The cgit logo image is no longer used in our configuration, so serving
it via the webserver is not necessary.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
"Normalmode" is the name of the hosted platform that this software
package was constructed to power. To better distinguish between the two
and to give this project more of a standalone identity, it is rebranded
with a new name.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
cgit does include a robots.txt file, but the previous server
configuration did not allow it to be served.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
A gitolite POST_CREATE trigger is added to initialize the description
file in new repos. This prevents the "Unnamed repository; edit this
file ..." string from being used by default.
This affects new repositories, existing projects will remain as is.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
It used to be expected to copy a pubkey file into the git tree for
building the docker images (every time). This is no longer the case,
and I feel no need to keep this ignore file around.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The previous version fails to handle nested branch names containing
slashes. For example, if pushing a single new branch named
`feat/example`, the script would set HEAD to `feat` and remain dangling.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The previous content of gitolite.conf defined the standard access rules
for normalmode. These are now moved to a new file which will be baked
into the gitolite docker image and not managed by the gitolite-admin
repository.
This will allow for easier management of the normalmode rules via this
git repository (aka, part of the normalmode distribution) and prevent
the need for user intervention and to stomp on gitolite-admin to adopt
new updates. The goal is to give users nearly complete ownership of
their gitolite.conf file.
Added to the gitolite.conf template is a definition for a new @creators
group. The normalmode rules are updated to permit only users from this
group to create and own new wildcard repositories. This allows creating
new users which can only contribute to other's repos (as either a
MAINTAINER or CONTRIBUTOR), or access private repos.
As alluded by the previous paragraph, administrators may define private
repos within gitolite using normalmode. This is done by manually
configuring them in gitolite.conf. This use-case has always been
possible, but has only recently been tested to confirm that the access
restrictions are compatible with the rest of normalmode's operations.
(aka: Nothing is leaked via cgit, and the normalmode access rules don't
break anything). Easing this use-case is another reason for the clean
separation of config files.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
I'm considering this default behavior as a bug for normalmode. The
creation of a repository via a read activity seems far too accidental
for my taste. Repositories are created by pushing to them.
This does mean that:
git clone <new-url>
...
git push
is no longer a shorthand for:
git init
git remote add origin <new-url>
...
git push
I'm ok with that.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Since it is now allowed to remove the remote default branch, this script
needs to handle cases where there are no branches following a push.
In this case, the `git symbolic-ref` command will fail, and we return
our standard warning for when HEAD is dangling.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The new installation procedure is to start with ./configure to set your
pubkey up for admin access. The initialize script is updated to use an
active prompt, since as-is, CTRL-C won't properly terminate the script
to cancel.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Port the cgit docker image to build from Alpine Linux, and finish the
file tree clean up started by the previous merge.
* cgit-alpine-port:
cgit: Update SSH clone URLs
cgit: Update scan-path / repository mount location
cgit: Update user and file paths for alpine distro
cgit: Port Dockerfile for alpine base
cgit: Consolidate config files into a single directory
|
|
The username used to access gitolite has changed from 'gitolite' to
'git'. Reflect this in the cgit UI.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Since the data volume now only contains git repositories, rather than
the whole gitolite host home directory, there is no need to mount to a
nested path. Anticipate moving the mount point, and change the cgit
scan path to /repositories.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Move the cgit image off of archlinux for the same reasons as gitolite.
However, in this case, debian isn't necessary, and going with alpine
will give even smaller images. As is, it seems simpler to port the
config files over to alpine anyway.
See 90858ead45f6 for more context.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Continue cleaning the folder structure from the previous merge.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Refactor the gitolite docker image to build from Debian, but also clean
up a lot of the original build process.
The move off of archlinux is done since it is a sub-optimal pick for a
docker base. However, I'm specifically moving off it because archlinux
does not allow for the use of normalmode on i386 machines. Most offical
bases do, and debian seems to be a good fit for running gitolite.
Previously, this git repository was serving double duty as the code
repository for normalmode, as well as the site gitolite-admin
repository. This is no longer going to be the case - gitolite-admin is
now completely separate. Not only does this allow me to clean up the
folder structure, but going forward, the out-of-the-box experience of a
new install will be 'more correct' for what normalmode intends. IE: Our
config files will more often already be installed by default, instead of
requiring user-intervention on the gitolite-admin side of things.
The docker-compose.yml file is left behind. I'll update it after cgit
gets a similar treatment.
* gitolite-debian-refactor:
gitolite: Add admin initialization script
gitolite: Allow users to delete remote HEAD branches
gitolite: Remove hard-coded admin username
gitolite: Correct site-local code location
gitolite: Refactor Dockerfile for debian base
gitolite: Consolidate config files into a single directory
|
|
Per docker image changes, this serves as an alternative entrypoint for
performing initial pubkey configuration.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
This allows the branch considered the repo default to be deleted via
push. I'm not totally opposed to allowing this, even though it's not
entirely necessary. However, the ability to do this is now required by
the docker image entrypoint script.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The default gitolite.conf file is now patched in to the gitolite
installation in the docker image. This is so that the intended version
of the file is used in the gitolite-admin repo from the very beginning.
This is made necessary by the decoupling of repo purposes.
Instead of using (literal) 'admin', '%ADMIN' will be substituted with
the actual admin username during `gitolite setup`.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Per the previous commit, site-local code is now to be located directly
in the git user's home directory, as static content in the docker image.
Correct this setting in the RC file.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Building from debian:latest will make for a smaller image, a faster
build, and will make the image more accessible to a wider variety of
platforms.
The effort started by 19e7dc8932c is expanded upon such that the image
cleanly bakes in all static config files into the image - ie. the entire
hosting user's home directory, except for the repositories directory.
This removal of config management from the gitolite-admin repo is part
of the reason why it is being decoupled from this repo.
The gitolite image will now never utilize a user pubkey during build.
Instead, it can be invoked with an alternative entrypoint to
interactively configure a new install.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The repository is being reworked to decouple its roles as normalmode
source and gitolite-admin config. The gitolite-admin repository will be
entirely separate. So there is no need to keep the conf or local
directories around where they are at.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Automating the build of this image will be awkward if we need a
user-supplied input file each time. At best, it will probably lead to
building out of per-instance configuration branches that store the
file...
The initial administrator pubkey is only really needed to include in the
first image that is run at any given site, since a new install doesn't
have a config/repository datastore yet. Once that is the case, the
procedure in the Dockerfile to init the /var/lib/gitolite directory (now
refactored to a shell script file) can be skipped, since that directory
will be replaced by the previous container's volume.
This is probably not the final form of this kind of build design change,
but will work for now to get up and running easily with cychedelic.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
By default, the idle times shown by cgit only reflect the most recent
push to the master branch - and that is the time of the push, not of the
actual commit.
This patch causes the age/timestamp to be set by pushes to any branch.
The times will reflect the age of the youngest commit on any branch or
tag.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The non-core feature 'symbolic-ref' that ships with gitolite opens a
bigger hole than I would intend to (in the form of allowing arbitrary
git-symbolic-ref commands to be executed).
As an alternative, a post-git gitolite trigger is added. Its only
purpose at the moment is to check on the state of HEAD following any
pushes.
Under normal circumstances, HEAD will point to a valid branch, or on a
first push, the master branch will be provided, validating HEAD. If
after the first push, there is no branch called master, we assume the
creator wishes to use another name for the default branch, and so will
update the ref if doing so is unambiguous (there is only one other
branch). If multiple non-master branches are present in this case, a
warning is issued, and HEAD is left invalid, awaiting a later push to
master.
This _should_ only be an issue for the first push. Once HEAD refers to
a valid branch (of any name), this action is bypassed going forward.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Although user@server:path would be the preferred URL form, cgit
interprets this as an HTTP link, relative to the repository base URL.
That is, even though the desired text appears on screen, the text's link
is broken. Someone copying the link, as opposed to copying the text, to
use with an actual clone (or git-remote add) will have a bad time.
Using a full URL with the ssh:// protocol scheme solves this problem.
'.git' is omitted from the end of the path for consistency with the HTTP
url (it's use is optional for ssh protocol).
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Provide a config file for the back-end SSH daemon. Primarily, this
explicitly disables root login, password auth, and additional
unnecessary frills. Additionally, the sftp subsystem is omitted.
Now that this file is added, hostkey files (and the external volume
containing them) are moved to a new dedicated location (/hostkeys/...).
This allows us to bake sshd_config into the built gitolite image,
instead of it also living in the external volume. This makes it easier
for future changes to be incorporated by simply updating the image.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
This is useful as documentation to the user, but can be necessary to
work with some docker-compose setups.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
cgit is unable to resolve the owner of repositories, since they are all
owned by the same unix user account. By adopting this gitweb-specific
config key, we can communicate the end-user name via git-config.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Apache webserver (httpd) is setup minimally to host cgit on a website
(sub)domain root. cgitrc config file is based on that from my previous
installation, in my personal website.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
For compatibility with the front-end docker image, ensure git
repositories (and their parent directories) have mode 0755, aka: go+rx.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
