Commit graph

516 commits

Author SHA1 Message Date
Sitaram Chamarty 4957900360 (doc) who-uses-it 2010-09-28 20:26:26 +05:30
Sitaram Chamarty da9a1b5cbf gitosis migr doc update to handle user@foo type keys
thanks to frogonwheels for catching this...
2010-09-28 11:46:39 +05:30
Sitaram Chamarty 67a72a3f5b added support for a post-repo-create hook (gl-post-init)
...some people want to run a special function after a repo is created
2010-09-24 16:58:46 +05:30
Sitaram Chamarty c18514e213 (minor) doc updates
inspired by various denizens of #git and the internet at large
2010-09-24 06:04:13 +05:30
Sitaram Chamarty 3f57f18ee2 wildrepos doc badly needed update due to new features:
- 79f0a5f ("(big one!) more than one wildcard may match a repo...")
    makes some of the dire warnings about this irrelevant
  - d1d2c3e and ad64f99 ("git config settings in wild repos: part 1" and
    "...part 2") makes this caveat also useless

While we were about it, we added a quick intro and tried to make some
other details a little clearer.
2010-09-23 14:44:23 +05:30
Sitaram Chamarty 37a6a6a7d3 towel needed more clarity
for people who don't get the continual reference to towels when talking
about the "gl-dont-panic" program, all I can say is that your education
is incomplete ;-)
2010-09-09 06:52:32 +05:30
Sitaram Chamarty 2349afdc78 (http) fixed up the first level error reporting even better
see http://permalink.gmane.org/gmane.comp.version-control.git/155787
2010-09-08 19:57:11 +05:30
Sitaram Chamarty 4dd17b96cb (http) https tested 2010-09-08 19:34:38 +05:30
Sitaram Chamarty f10fa00227 gl-setup now allows editing rc file on first run 2010-09-08 15:59:19 +05:30
Sitaram Chamarty 595410aa55 (http) first level error reporting now works
I didn't know that remote-curl.c requires 200 OK even if you want to
report an error.

With Ilari's patch at [1] you'll get a more readable message but it is
still good enough now.

[1]: http://permalink.gmane.org/gmane.comp.version-control.git/155464
2010-09-06 12:11:19 +05:30
Sitaram Chamarty b6c93c7ce8 (http) I'm sorry DAV, I can't let you do that... 2010-09-05 21:04:39 +05:30
Sitaram Chamarty 370135d230 (http) better guess at reponame 2010-09-05 21:04:39 +05:30
Sitaram Chamarty cc8ccab924 (http) gitolite without ssh? smart http support is here!
As usual there's more documentation than code.

Unlike usual, however, this isn't completely tested.  Please read the
documentation for details of what works, what doesn't, what has been
tested, what hasn't, and so on.
2010-09-05 21:04:39 +05:30
Sitaram Chamarty ec329ca13f (http) gl-setup changes...
- only admin name needed, not pubkey file
  - setup HOME from GITOLITE_HTTP_HOME
2010-09-05 20:47:10 +05:30
Sitaram Chamarty f4e011226a (http) issues of $HOME, startup (birth!), and death
- deal with issues of HOME not being available...
  - "where_is_rc" finally has a purpose; see comment block before
    function
2010-09-05 20:47:06 +05:30
Sitaram Chamarty 52e0ed3488 (http) auth: handle REQUEST_URI and friends
TODO: if the verb doesn't actually contain "git-receive-pack", I am
assuming it is some sort of read.  The list in services[] in
http-backend.c does not seem to look like any other verb is a "write";
need to check this with someone.

For normal git commands:
  - PATH_INFO gives you the repo name
  - REQUEST_URI gives you the verb
  - we construct a fake SSH_ORIGINAL_COMMAND so the rest of the
    processing does not have to change

For our special commands:
  - PATH_INFO is actually the verb
  - QUERY_STRING has the parameters
  - we again fake out the SSH_ORIGINAL_COMMAND
  - we print the extra HTTP headers in anticipation of the actual output

Either way, we also fake out the SSH_CONNECTION so that the IP address
can get logged ok

And of course REMOTE_USER is now the incoming userid

Finally, at the end, we exec GIT_HTTP_BACKEND instead of the normal one
2010-09-05 20:47:01 +05:30
Sitaram Chamarty a9e9f98a7e (minor) fixup to post-update hook 2010-09-05 20:46:58 +05:30
Sitaram Chamarty 6b93678ac6 (minor) sshkeys-lint prints correct path to run in instructions 2010-09-04 18:08:29 +05:30
Sitaram Chamarty 7b633049be refactored and lifted out the line parse part from inside parse_conf_file
adapted from code by kpfleming@digium.com.  I basically cherry-picked
the top commit on "pu-work" (30068d1) on his fork at github, and made
some minor fixups to it
2010-09-04 15:03:06 +05:30
Sitaram Chamarty 5f342c0444 more doc revamp; some notes below
- all anchors prefixed by AUTO_ now
  - some bad links fixed (maybe still a few I didn't catch)
  - misc wording changes/additions (support section to README,
    "technical skills" section to install doc, etc).
2010-09-04 03:10:20 +05:30
Sitaram Chamarty 3559c1190e autotoc deletes/re-creates only its own anchors so you can add your own 2010-09-04 03:05:28 +05:30
Sitaram Chamarty 2cf382ca4e (minor) some doc typos 2010-09-03 09:02:47 +05:30
Sitaram Chamarty 07d07cc5f6 rmrepo alternative 2 was too lax
it would have allowed deleting a non-wild repo too!  Fixed.
2010-09-03 09:02:47 +05:30
Sitaram Chamarty 5188ec48ed fix a comment typo which totally changed the meaning! 2010-09-03 09:02:43 +05:30
Sitaram Chamarty bebc67eba3 towel day program was not limiting commits as stated in message 2010-09-03 09:02:42 +05:30
Sitaram Chamarty 6c48647c15 (more ssh documentation shenanigans) 2010-09-01 12:43:35 +05:30
Sitaram Chamarty c1bd3ca69c umpteenth doc revamp...
because someone else found the doc overwhelming.  However, the suggested
reading order (which so far existed only on the wiki) was probably a
good thing to have at the top of the README, and the disclaimers about
ssh may help keep my sanity a little longer ;-)
2010-08-27 16:54:38 +05:30
Sitaram Chamarty 1d566ac46b a bit of optimisation to help another one along
(thanks to reuss for telling me about the problem, although setting
BIG_CONFIG worked just as well in his case, and this patch was not
really needed)
2010-08-26 00:10:47 +05:30
Sitaram Chamarty 8808158bd8 (minor) test script was misnamed 2010-08-24 21:57:25 +05:30
Sitaram Chamarty 6b9e75dfcb allow @all to also include gitweb and daemon
By default, @all does not include gitweb and daemon, but if that's what
you want, you can make it happen...  see GL_ALL_INCLUDES_SPECIAL
variable in conf/example.gitolite.rc
2010-08-24 21:38:46 +05:30
Sitaram Chamarty d78f66af52 doc for change in info/expand command outputs 2010-08-24 17:52:14 +05:30
Sitaram Chamarty 2b066fc9f0 info/expand print better(?) permission codes
see doc/report-output.mkd for details
2010-08-24 17:51:33 +05:30
Sitaram Chamarty d6704d052a doc cleanup on info and expand command
jefferai pointed out that some of the links about this were broken, and
a quick look showed that it was described in multiple places too.
Brought it all together...
2010-08-21 17:02:12 +05:30
Sitaram Chamarty 6e2db12302 allow @groups in setperms command also
This should hopefully be the final step in making wildrepos as close to
normal repos as possible.  You can now do pretty much anything with them
that you can do with normal repos [1]

Implementation notes:

  - compile puts out %groups into the compiled config file regardless of
    GL_BIG_CONFIG because this feature needs it
  - wild_repo_rights caches %groups because the part of the %groups hash
    we care about will not change between calls in the same run

----

[1] **except** use the full-blown config file syntax within the gl-perms
    file :-)  I don't plan to do that; it's too complicated! [2]

[2] yeah yeah I know -- famous last words!
2010-08-21 13:04:13 +05:30
Sitaram Chamarty 34965b1b03 (tests) added tests for delegating with wildcards 2010-08-21 10:48:39 +05:30
Sitaram Chamarty 8faba23177 (minor) make time-style=long-iso explicit in t00
(side-effect of switching one machine from Mandriva to Fedora; nothing
to do with gitolite per se...)
2010-08-21 10:47:47 +05:30
Sitaram Chamarty 3a8f32ac9b minor fixups to the "gitweb/daemon from setperms" code...
- fork was not printing a newline after the permissions
  - "add_del_line" to properly handle that damn projects.list file!
2010-08-20 23:09:11 +05:30
Sitaram Chamarty 870983086c CHANGELOG and progit article updates 2010-08-20 21:03:48 +05:30
Sitaram Chamarty 648676faec gitweb and daemon should now work even from within setperms
modifications:

  - call setup_gitweb_access and setup_daemon_access from with
    get_set_perms so when the user sets a perm explicitly it works
  - in setup_gitweb_access, do not delete description file or
    gitweb.owner if the repo is wild
  - make the "fork" adc set gitweb.owner *and* call setperms using
    GL_WILDREPOS_DEFPERMS
  - add tests

bug fixes:

  - gl-auth did not even *look* at GL_WILDREPOS_DEFPERMS when
    auto-"C"reating a wild repo; fixed
  - setup_gitweb_access did not delete the description file as
    consistently as it deleted the owner

what will NOT work:

  - removing gitweb permissions does not clear the name from
    "projects.list".  That's complicated, so just wait till the next
    "compile" to make this happen

(thanks to Jefferai for driving this...)

----

mildly puzzling:

    for some strange reason, after a "git ls-remote ...try3" in t58,
    instead of not creating a "description" file, we started seeing a
    73-byte file containing this message:

    Unnamed repository; edit this file 'description' to name the repository.
2010-08-20 21:02:18 +05:30
Sitaram Chamarty 0979f02927 expand t58 to check projects.list being created on create 2010-08-20 19:50:44 +05:30
Sitaram Chamarty 38d5ab5e47 (minor) rmrepo has 2 alternatives for who can delete 2010-08-20 19:50:44 +05:30
Sitaram Chamarty 1b5294f26d make info and expand run faster
using a wee bit of local optimisation in an inner function
2010-08-20 19:50:20 +05:30
Sitaram Chamarty da210f21bd log elapsed time
I'm an idiot.  I say I won't do it, then I go and do it anyway.

Fortunately, in this case, the code and execution remain exactly the
same for people who do not set $GL_PERFLOGT in the rc file, so it's
tolerable.

<evil grin> People who want even more than this can contact Greg Lonnon
(see the mailing list archives at
http://groups.google.com/group/gitolite for an obfuscated but easy to
guess email address) ;-)
2010-08-17 22:35:16 +05:30
Sitaram Chamarty 79f0a5fd52 (big one!) more than one wildcard may match a repo...
plus it can also be matched by a normal repo line.  In other words, with

    repo foo/bar
        RW  =   u1

    repo foo/..*
        RW  =   u2

user u2 has access to foo/bar (the non-wild does not cause the wild to
be completely ignored any longer)

implementation notes:

    get_memberships:

      - no more highlander ("there can only be one") for patterns in
        @repo_plus
      - return $wild as a space-separated list of matched patterns

    collect_repo_patts:

      - as of the last change to this section of code it appears we
        weren't using the values anyway, but I had forgotten :-)

    repo_rights: (big change: $wild no longer implies $creator present,
    or vice versa)

      - new type of "creator" (like "was_sitaram") is now possible
2010-08-11 22:38:17 +05:30
Kevin P. Fleming a5601970da make repo patterns work in fragment-named groups 2010-08-11 22:38:17 +05:30
Sitaram Chamarty 204b34e525 lots of changes to tests for big-config
as well as wild, and (as much as I could) both together
2010-08-11 22:38:16 +05:30
Sitaram Chamarty f21e7780a1 fix up gitweb, daemon, for wild + big-config
Implementation notes:

  - %repo_config is now "our", not "my"
  - collect_repo_patts now uses repo_rights to get the name of the wild
    card repo (if any) that pertains to the physical $repo, instead of
    all that new code (duh!)
  - new "can_read(repo, user)" sub (to help daemon and gitweb use)
  - the "convenience copy on steroids" thing now copies %repo_config
    also, not just %repos.  This makes setup_repo_configs simpler
  - $creator gets substituted into %groups also; we need that now that
    we (%repos and %groups) are working closer together :)
2010-08-11 22:38:16 +05:30
Sitaram Chamarty 8deee9b6bd (tests) added t57 for daemon and gitweb stuff 2010-08-11 22:38:16 +05:30
Sitaram Chamarty 509c73b888 gitweb/daemon now work for wild repos also
(thanks to Kevin Fleming for the need/use case)

TODO: tests
TODO: proper documentation; meanwhile, just read this:

  - you can give gitweb and daemon read rights to wild card repos also,
    and it'll all just work -- when a new repo is 'C'reated, it'll pick
    up those rights etc

  - you can assign descriptions (and owners) to individual repos as
    before, except now you can assign them to repos that actually were
    created from wild card patterns.  So for example, you can define
    rules for

        repo foo/..*

    and then assign descriptions like

        foo/repo1 = "repo one"
        foo/repo2 = "repo two"
        foo/dil "scott" = "scott's dilbert repo"

    However, this only works for repos that already exist, and only when
    you push the admin repo.

    Thumb rule: have the user create his wild repo, *then* add and push
    the admin config file with the description.  Not the other way
    around.

implementation notes:

  - wildcard support for git config revamped, refactored...

    it's not just git config that needs wildcard support.  daemon and
    gitweb access also will be needing it soon, so we start by factoring
    out the part that finds the "pattern" given a "real" repo name.

  - GL_NO_DAEMON_NO_GITWEB now gates more than just those two things;
    see doc/big-config.mkd for details

  - we trawl through $GL_REPO_BASE_ABS *once* only, collecting repo
    names and tying them to either the same name or to a wild pattern
    that the repo name was created from

  - nice little subs to setup gitweb, daemon, and git config

  - god bless $GL_REPOPATT and the day I decided to set that env var
    whenever a user hits a wild repo in any way :-)

  - the code in gl-compile-conf is very simple now.  Much nicer than
    before
2010-08-11 22:38:16 +05:30
Sitaram Chamarty 61802045d9 (mini refactor) clean up the repo_base_abs stuff
make it a sort of "super global" (an ENV var) all through, because
*everyone* seems to need it *and* this variable is pretty much constant
for the entire install
2010-08-11 22:38:16 +05:30