diff options
| author | Tony Finch <dot@dotat.at> | 2010-03-31 03:24:20 +0100 |
|---|---|---|
| committer | Ian Jackson <ian@liberator.relativity.greenend.org.uk> | 2010-05-22 15:54:42 +0100 |
| commit | e9fec26ad6b6fdbdf77a2422f7b0bdf2eeb5e07b (patch) | |
| tree | 32f580e5801fa208c382644fbfdc4920fe5de41d /git-daemon | |
| parent | 35b4c7158dd386490bd600a4c5b5448aa077bcbf (diff) | |
| download | userv-utils-e9fec26ad6b6fdbdf77a2422f7b0bdf2eeb5e07b.tar.gz | |
git-daemon: add Makefile and documentation.
Diffstat (limited to 'git-daemon')
| -rw-r--r-- | git-daemon/Makefile | 28 | ||||
| -rw-r--r-- | git-daemon/README | 63 | ||||
| -rw-r--r-- | git-daemon/TODO | 7 | ||||
| -rw-r--r-- | git-daemon/chiark-urlmap | 27 | ||||
| -rwxr-xr-x | git-daemon/git-service | 7 | ||||
| -rw-r--r-- | git-daemon/git-upload-pack.in (renamed from git-daemon/git-upload-pack) | 3 | ||||
| -rw-r--r-- | git-daemon/git-urlmap | 53 | ||||
| -rw-r--r-- | git-daemon/inetd.conf | 2 | ||||
| -rw-r--r-- | git-daemon/inetd.conf.in | 2 |
9 files changed, 163 insertions, 29 deletions
diff --git a/git-daemon/Makefile b/git-daemon/Makefile new file mode 100644 index 0000000..07969cd --- /dev/null +++ b/git-daemon/Makefile @@ -0,0 +1,28 @@ +# Makefile for userv-git-daemon +# +# This was written by Tony Finch <dot@dotat.at> +# You may do anything with it, at your own risk. +# http://creativecommons.org/publicdomain/zero/1.0/ + +include ../settings.make + +TARGETS= git-upload-pack inetd.conf + +SUBSTVARS= libuserv etcuserv +SEDSCRIPT= '$(foreach f, $(SUBSTVARS), s,@$f@,$($f),g; )' + +all: $(TARGETS) + +%: %.in + sed $(SEDSCRIPT) <$< >$@.new && mv -f $@.new $@ + +install: all + mkdir -p $(libuserv) $(etcuserv) $(services) + cp git-daemon git-service $(libuserv) + cp git-upload-pack $(services) + cp git-urlmap $(etcuserv) + +clean: + rm -f $(TARGETS) + +# end diff --git a/git-daemon/README b/git-daemon/README new file mode 100644 index 0000000..d8e6a7a --- /dev/null +++ b/git-daemon/README @@ -0,0 +1,63 @@ +userv-git-daemon is a replacement for the standard git daemon, +which provides anonymous remote access to git repositories. + +It uses userv to invoke the service requested by the client, and users +can configure it to map git:// URLs to repositories and enable and +disable services as they see fit, without intervention from the system +administrator. + + +To install: +----------- + +Adjust the paths in ../settings.make as necessary. +userv-git-daemon uses $(libuserv), $(etcuserv), and $(services). + +Type make install. + +Create a "git" user that will run the outer part of the git-daemon. +Ensure your /etc/services contains a line like "git 9418/tcp". + +Insert the inetd.conf fragment into your /etc/inetd.conf +and tell inetd to reload. + +As a test user, create a 'public-git' directory, and copy a bare git +repository into it, e.g. + git clone --bare git://dotat.at/unifdef.git public-git/unifdef.git + +This repository should now be visible: + git ls-remote git://localhost/~test/unifdef.git + + +Operation: +---------- + +The userv-git-daemon is invoked by inetd which also tells it where to +find its global git-urlmap script. + +The git-daemon parses the request from the network and uses the global +git-urlmap script to determine which user will run the requested +service. It invokes userv for the request to be performed. The most +common service is git-upload-pack, which is confusingly named: it +uploads from the repository to the network; other services supported +by git are git-upload-archive and git-receive-pack. + +The git-daemon will pass any service beginning git- to userv. The +userv configuration determines which services may be requested. This +package includes example git-upload-pack service configurations. + +The service configuration uses the git-service script to run the +service. It passes the global and per-user git-urlmap scripts to the +git-service script to determine where in the filesyetem the requested +repository is. Later urlmap scripts override the choices made by +earlier ones. See the sample git-urlmap script for details of the +variables they can examine and set. + +If a repository is located, the git-service script runs the requested +service, which is simply the git program with the same name. + + +---------------------------------------------- +This was written by Tony Finch <dot@dotat.at> +You may do anything with it, at your own risk. +http://creativecommons.org/publicdomain/zero/1.0/ diff --git a/git-daemon/TODO b/git-daemon/TODO deleted file mode 100644 index d47804b..0000000 --- a/git-daemon/TODO +++ /dev/null @@ -1,7 +0,0 @@ -userv git daemon todo: - -Makefile - -documentation! - -limit multiple simultaneous invocations with with-lock-ex? diff --git a/git-daemon/chiark-urlmap b/git-daemon/chiark-urlmap new file mode 100644 index 0000000..d3bb876 --- /dev/null +++ b/git-daemon/chiark-urlmap @@ -0,0 +1,27 @@ +# chiark's configuration for the userv git daemon. +# +# This was written by Tony Finch <dot@dotat.at> +# You may do anything with it, at your own risk. +# http://creativecommons.org/publicdomain/zero/1.0/ + +if ($host eq 'git.chiark.greenend.org.uk') { + if ($path =~ m{^~([^/]*)/(.*)}) { + $user = $1; + $dir = 'public-git'; + $repo = $2; + } else { + $user = 'webmaster'; + $dir = '/u2/git-repos'; + $repo = $path; + } +} elsif (m{^git://cabal[.]greenend[.]org[.]uk/~([^/]*)/(.*)$}) { + $user = $1; + $dir = 'cabal-git'; + $repo = $2; +} elsif ($host eq 'dotat.at') { + $user = 'fanf'; + $dir = 'public-git'; + $repo = $path; +} + +# end diff --git a/git-daemon/git-service b/git-daemon/git-service index 9661434..aeb4e0e 100755 --- a/git-daemon/git-service +++ b/git-daemon/git-service @@ -14,7 +14,7 @@ use Sys::Syslog; ${$::{$_}} = $ENV{"USERV_U_$_"} for grep s|^USERV_U_([a-z_]+)$|$1|, keys %ENV; -our ($client,$service,$path,$host); +our ($client,$service,$path,$host,@opts); openlog "userv-$service", 'pid', 'daemon'; sub fail { syslog 'err', "$client @_"; exit } @@ -33,7 +33,10 @@ $path = $check_export ? "$dir/git-daemon-export-ok" : $dir; fail "$! $path" unless -e $path; syslog 'notice', "$client $dir"; -my @cmd = ($service =~ m|^(git)-(.*)$|, '--strict', '--timeout=30', $dir); +@opts = qw( --strict --timeout-30 ) + if @opts == 0 and $service eq 'git-upload-pack'; + +my @cmd = ($service =~ m|^(git)-(.*)$|, @opts, $dir); no warnings; # suppress errors to stderr exec @cmd or fail "exec $service: $!"; diff --git a/git-daemon/git-upload-pack b/git-daemon/git-upload-pack.in index 3169ccb..c66c61c 100644 --- a/git-daemon/git-upload-pack +++ b/git-daemon/git-upload-pack.in @@ -6,10 +6,11 @@ if ( grep service-user-shell /etc/shells & glob service git-upload-pack + & glob calling-user git ) reset errors-to-syslog daemon error - execute /usr/local/lib/userv/git-service /etc/userv/git-urlmap .userv/git-urlmap + execute @libuserv@/git-service @etcuserv@/git-urlmap .userv/git-urlmap fi # end diff --git a/git-daemon/git-urlmap b/git-daemon/git-urlmap index 61c376c..cf8b557 100644 --- a/git-daemon/git-urlmap +++ b/git-daemon/git-urlmap @@ -1,27 +1,46 @@ -# Example configuration file for the userv git daemon. +# Configuration file for the userv git daemon. # # This was written by Tony Finch <dot@dotat.at> # You may do anything with it, at your own risk. # http://creativecommons.org/publicdomain/zero/1.0/ +# +# This is a perl script which is expected to set a few variables +# to locate the requested repository. +# +# REQUEST VARIABLES +# $service - normally "git-upload-pack" +# `git daemon --help` describes other possible services +# $host +# $path +# $uri = git://$host/$path +# $_ = $uri +# +# CONNECTION VARIABLES +# $client_addr +# $client_port +# $client = [$client_addr]:$client_port +# $server_addr +# $server_port +# $server = [$server_addr]:$server_port +# +# OUTPUT VARIABLES +# $user - who runs the service +# $dir - may be: +# * an absolute path +# * a path relative to the user's home directory +# * equivalently, a path starting ~/ +# $repo - if set, the repository's path is $dir/$repo +# otherwise, the repository's path is just $dir +# $check_export - whether to check for a git-daemon-export-ok file +# (default false) +# $check_repo - whether to restrict the syntax of $repo +# (default true) +# @opts - options for the service command -if ($host eq 'git.chiark.greenend.org.uk') { - if ($path =~ m{^~([^/]*)/(.*)}) { - $user = $1; - $dir = 'public-git'; - $repo = $2; - } else { - $user = 'webmaster'; - $dir = '/u2/git-repos'; - $repo = $path; - } -} elsif (m{^git://cabal[.]greenend[.]org[.]uk/~([^/]*)/(.*)$}) { +if ($path =~ m{^~([^/]*)/(.*)}) { $user = $1; - $dir = 'cabal-git'; - $repo = $2; -} elsif ($host eq 'dotat.at') { - $user = 'fanf'; $dir = 'public-git'; - $repo = $path; + $repo = $2; } # end diff --git a/git-daemon/inetd.conf b/git-daemon/inetd.conf deleted file mode 100644 index d4ecf50..0000000 --- a/git-daemon/inetd.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Example inetd.conf line for the userv git daemon. -git stream tcp nowait git /usr/local/lib/userv/git-daemon git-daemon /etc/userv/git-urlmap diff --git a/git-daemon/inetd.conf.in b/git-daemon/inetd.conf.in new file mode 100644 index 0000000..a40382d --- /dev/null +++ b/git-daemon/inetd.conf.in @@ -0,0 +1,2 @@ +# Example inetd.conf line for the userv git daemon. +git stream tcp nowait git @libuserv@/git-daemon git-daemon @etcuserv@/git-urlmap |