From aaf33b0485235b0ea905f184ba2f56de3a8633f2 Mon Sep 17 00:00:00 2001 From: "The repo.or.cz admin team" Date: Tue, 31 Jan 2023 05:39:11 +0100 Subject: [PATCH] Girocco/Config.pm: update for dev.repo.or.cz support --- Girocco/Config.pm | 52 ++++++++++++++++++++++++++-------------------------- acme/install.sh | 14 +++++++------- acme/issue.sh | 4 ++-- apache.conf.in | 4 ++-- 4 files changed, 37 insertions(+), 37 deletions(-) rewrite acme/install.sh (100%) diff --git a/Girocco/Config.pm b/Girocco/Config.pm index d7508c0..01ca18f 100644 --- a/Girocco/Config.pm +++ b/Girocco/Config.pm @@ -12,18 +12,18 @@ use warnings; # Name of the service (typically a single word or a domain name) # (no spaces allowed) -our $name = "repo.or.cz"; +our $name = "dev.repo.or.cz"; # Nickname of the service (undef for initial part of $name upto first '.') # (no spaces allowed) -our $nickname = "rorcz"; +our $nickname = "devrorcz"; # Title of the service (as shown in gitweb) # (may contain spaces) -our $title = "Public Git Hosting"; +our $title = "Dev Public Git Hosting"; # Path to the Git binary to use (you MUST set this, even if to /usr/bin/git!) -our $git_bin = '/home/repo/bin/git'; +our $git_bin = '/home/repo-dev/bin/git'; # Path to the git-daemon binary to use (undef to use default) # If $gitpullurl is undef this will never be used (assuming no git inetd @@ -71,7 +71,7 @@ our $openssl_bin = undef; our $sendmail_bin = 'sendmail.pl'; # E-mail of the site admin -our $admin = 'admin@repo.or.cz'; +our $admin = 'admin@dev.repo.or.cz'; # Sender of emails # This is the SMTP 'MAIL FROM:' value @@ -94,7 +94,7 @@ our $sender = 'admin-noreply@repo.or.cz'; our $admincc = 0; # Girocco branch to use for html.cgi view source links (undef for HEAD) -our $giroccobranch = 'rorcz'; +our $giroccobranch = 'repo-dev'; # PATH adjustments # If the PATH needs to be customized to find required executables on @@ -297,7 +297,7 @@ our $update_pwd_db = 0; # Port the sshd running in the jail should listen on # Be sure to update $pushurl to match # Not used if $pushurl is undef -our $sshd_jail_port = 22; +our $sshd_jail_port = 24; # If this is true then host names used in mirror source URLs will be checked # and any that are not DNS names (i.e. IPv4 or IPv6) or match one of the DNS @@ -450,19 +450,19 @@ our $mirror_hg = 0; # Path where the main chunk of Girocco files will be installed # This will get COMPLETELY OVERWRITTEN by each make install!!! # MUST be an absolute path -our $basedir = '/home/repo/repomgr'; +our $basedir = '/home/repo-dev/repomgr'; # Path where the automatically generated non-user certificates will be stored # (The per-user certificates are always stored in $chroot/etc/sshcerts/) # This is preserved by each make install and MUST NOT be under $basedir! # The secrets used to generate TimedTokens are also stored in here. # MUST be an absolute path -our $certsdir = '/home/repo/certs'; +our $certsdir = '/home/repo-dev/certs'; # The repository collection # "$reporoot/_recyclebin" will also be created for use by toolbox/trash-project.pl # MUST be an absolute path -our $reporoot = "/srv/git"; +our $reporoot = "/home/repo-dev/j/srv/git"; # The repository collection's location within the chroot jail # Normally $reporoot will be bind mounted onto $chroot/$jailreporoot @@ -472,7 +472,7 @@ our $jailreporoot = "srv/git"; # The chroot for ssh pushing; location for project database and other run-time # data even in non-chroot setups # MUST be an absolute path -our $chroot = "/home/repo/j"; +our $chroot = "/home/repo-dev/j"; # An installation that will never run a chrooted sshd should set this # to a true value (e.g. 1) to guarantee that jailsetup for a chrooted @@ -490,7 +490,7 @@ our $disable_jailsetup = 0; # rebuilt each time "make install" is run. This will make gitweb/git-browser # web services very briefly unavailable while this is happening. # MUST be an absolute path -our $webroot = "/home/repo/www"; +our $webroot = "/home/repo-dev/www"; # The CGI-enabled web directory (corresponds to $gitweburl and $webadmurl) # This will not be web-accessible except that if any aliases point to @@ -502,13 +502,13 @@ our $webroot = "/home/repo/www"; # rebuilt each time "make install" is run. This will make gitweb/git-browser # web services very briefly unavailable while this is happening. # MUST be an absolute path -our $cgiroot = "/home/repo/cgibin"; +our $cgiroot = "/home/repo-dev/cgibin"; # A web-accessible symlink to $reporoot (corresponds to $httppullurl, can be undef) # If using the sample apache.conf (with paths suitably updated) this is not required # to serve either smart or non-smart HTTP repositories to the Git client # MUST be an absolute path if not undef -our $webreporoot = "/home/repo/www/r"; +our $webreporoot = undef; # The location to store the project list cache, gitweb project list and gitweb # cache file. Normally this should not be changed. Note that it must be in @@ -589,30 +589,30 @@ our $rsakeylength = undef; # URL of the gitweb.cgi script (must be in pathinfo mode). If the sample # apache.conf configuration is used, the trailing "/w" is optional. -our $gitweburl = "https://repo.or.cz"; +our $gitweburl = "https://dev.repo.or.cz"; # URL of the extra gitweb files (CSS, .js files, images, ...) -our $gitwebfiles = "https://repo.or.cz"; +our $gitwebfiles = "https://dev.repo.or.cz"; # URL of the Girocco CGI web admin interface (Girocco cgi/ subdirectory) # e.g. reguser.cgi, edituser.cgi, regproj.cgi, editproj.cgi etc. -our $webadmurl = "https://repo.or.cz"; +our $webadmurl = "https://dev.repo.or.cz"; # URL of the Girocco CGI bundles information generator (Girocco cgi/bundles.cgi) # If the sample apache.conf configuration is used, the trailing "/b" is optional. # This is different from $httpbundleurl. This URL lists all available bundles # for a project and returns that as an HTML page. -our $bundlesurl = "https://repo.or.cz"; +our $bundlesurl = "https://dev.repo.or.cz"; # URL of the Girocco CGI html templater (Girocco cgi/html.cgi) # If mod_rewrite is enabled and the sample apache.conf configuration is used, # the trailing "/h" is optional when the template file name ends in ".html" # (which all the provided ones do). -our $htmlurl = "https://repo.or.cz"; +our $htmlurl = "https://dev.repo.or.cz"; # HTTP URL of the repository collection (undef if N/A) # If the sample apache.conf configuration is used, the trailing "/r" is optional. -our $httppullurl = "https://repo.or.cz"; +our $httppullurl = "https://dev.repo.or.cz"; # HTTP URL of the repository collection when fetching a bundle (undef if N/A) # Normally this will be the same as $httppullurl, but note that the bundle @@ -623,7 +623,7 @@ our $httppullurl = "https://repo.or.cz"; # If the sample apache.conf configuration is used, the trailing "/r" is optional. # This is different from $bundlesurl. This URL fetches a single Git-format # .bundle file that is only usable with the 'git bundle' command. -our $httpbundleurl = "https://repo.or.cz"; +our $httpbundleurl = "https://dev.repo.or.cz"; # HTTPS push URL of the repository collection (undef if N/A) # If this is defined, the openssl command must be available @@ -631,18 +631,18 @@ our $httpbundleurl = "https://repo.or.cz"; # mod_rewrite be enabled to support https push operations. # Normally this should be set to $httppullurl with http: replaced with https: # If the sample apache.conf configuration is used, the trailing "/r" is optional. -our $httpspushurl = "https://repo.or.cz"; +our $httpspushurl = "https://dev.repo.or.cz"; # Git URL of the repository collection (undef if N/A) # (You need to set up git-daemon on your system, and Girocco will not # do this particular thing for you.) -our $gitpullurl = "git://repo.or.cz"; +our $gitpullurl = "git://dev.repo.or.cz:8418"; # Pushy SSH URL of the repository collection (undef if N/A) # Note that the "/$jailreporoot" portion is optional and will be automatically # added if appropriate when omitted by the client so this URL can typically # be made the same as $gitpullurl with git: replaced with ssh: -our $pushurl = "ssh://repo.or.cz"; +our $pushurl = "ssh://dev.repo.or.cz:24"; # URL of gitweb of this Girocco instance (set to undef if you're not nice # to the community) @@ -823,13 +823,13 @@ our $cgi_user = 'www-data'; # should run all the daemons and cronjobs and # the user who should be running make install (if not root). # This must always be set. -our $mirror_user = 'repo'; +our $mirror_user = 'repo-dev'; # (Non-chroot) UNIX group owning the repositories by default; it owns whole # mirror repositories and at least web-writable metadata of push repositories. # If you undefine this, all the data will become WORLD-WRITABLE. # Both $cgi_user and $mirror_user should be members of this group! -our $owning_group = 'repo'; +our $owning_group = 'repo-dev'; # Whether to use chroot jail for pushing; this must be always the same # as $manage_users. diff --git a/acme/install.sh b/acme/install.sh dissimilarity index 100% index 2c1e558..9ac8358 100755 --- a/acme/install.sh +++ b/acme/install.sh @@ -1,7 +1,7 @@ -mkdir -p /home/repo/certs/acme && -./acme.sh --install-cert -d repo.or.cz \ ---cert-file /home/repo/certs/acme/girocco_www_crt.pem \ ---key-file /home/repo/certs/acme/girocco_www_key.pem \ ---fullchain-file /home/repo/certs/acme/girocco_www_fullchain.pem && -sed '1,/^-----END/d' < /home/repo/certs/acme/girocco_www_fullchain.pem \ -> /home/repo/certs/acme/girocco_www_chain.pem +mkdir -p /home/repo-dev/certs/acme && +./acme.sh --install-cert -d dev.repo.or.cz \ +--cert-file /home/repo-dev/certs/acme/girocco_www_crt.pem \ +--key-file /home/repo-dev/certs/acme/girocco_www_key.pem \ +--fullchain-file /home/repo-dev/certs/acme/girocco_www_fullchain.pem && +sed '1,/^-----END/d' < /home/repo-dev/certs/acme/girocco_www_fullchain.pem \ +> /home/repo-dev/certs/acme/girocco_www_chain.pem diff --git a/acme/issue.sh b/acme/issue.sh index 83784e1..5a8b967 100755 --- a/acme/issue.sh +++ b/acme/issue.sh @@ -1,2 +1,2 @@ -mkdir -p /home/repo/certs/acme/.well-known/acme-challenge && -./acme.sh --issue -d repo.or.cz -w /home/repo/certs/acme +mkdir -p /home/repo-dev/certs/acme/.well-known/acme-challenge && +./acme.sh --issue -d dev.repo.or.cz -w /home/repo-dev/certs/acme diff --git a/apache.conf.in b/apache.conf.in index 58cf1dc..410da0a 100644 --- a/apache.conf.in +++ b/apache.conf.in @@ -68,8 +68,8 @@ # If your distribution does not set APACHE_LOG_DIR before # starting Apache you will need to edit the next two directives - ErrorLog "/var/log/apache2/repo-error.log" - CustomLog "/var/log/apache2/repo-access.log" girocco + ErrorLog "/var/log/apache2/repo-dev-error.log" + CustomLog "/var/log/apache2/repo-dev-access.log" girocco # Avoid spurious Content-Type values when git-http-backend -- 2.11.4.GIT