Skip to content

Commit

Permalink
Adding server side files
Browse files Browse the repository at this point in the history
- server_side/service
    Systemd unit for auto starting rgit under dedicated user

- server_side/rgit_pre_flight_check
    Pre flight check, includes check on the rgit service being install

- server_side/rgitsss
    Helper script for dealing with rgit related tasks as
    - creating an user account for rgit service
    - making directory for that user
    - git clone into rgit directory
    - git into into rgit directory
    - publish and unpublish git repositories
    - place descriptions on git repos
    - handling SSH-keys

- server_side/config
    Input for further discussion

- server_side/default
    Temporary configuration file

- server_side/README
    Documents the server side files

Also modified  Cargo.toml. To effect the output/outcome of `cargo deb`.

Signed-off-by: Geert Stappers <[email protected]>
  • Loading branch information
stappersg committed Sep 19, 2023
1 parent b3a5f8c commit 54ba740
Show file tree
Hide file tree
Showing 7 changed files with 410 additions and 0 deletions.
10 changes: 10 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,13 @@ rsass = "0.28.0"

[package.metadata.deb]
section = "web"
maintainer-scripts = "server_side/"
systemd-units = { enable = false }
assets = [
[ "target/release/rgit", "/usr/bin/rgit", "755" ],
[ "server_side/default", "/etc/default/rgit", "644" ],
[ "server_side/config", "/etc/rgit/config", "644" ],
[ "server_side/rgitsss", "/usr/bin/rgitsss", "755" ],
[ "server_side/rgit_pre_flight_check", "/usr/bin/rgit_pre_flight_check", "755" ],
# FYI `cargo deb` installs the systemd service file
]
110 changes: 110 additions & 0 deletions server_side/README
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@

For autostarting `rgit` is a systemd service unit available.

Rgit only opens only self owned files. Systemd helps with running the
rgit proces as a dedicated user.

Script rgit_pre_flight_check verifies if the user defined
in the systemd unit, is available on the system.

For dealing with self owned files, there is `rgitsss`. The triple s
stands for Server Side Script.

Default user for `rgitsss` is 'git'. For other username, set RGIT_ACCOUNT
environment variable. ( `export RGIT_ACCOUNT=foo` )


Now much more about `rgitsss`.

Try

rgitsss
rgitsss help

for getting an idea what is to come.

Commands, subcommands, like `adduser` and `mkdir` are root privileges needed.
For the other subcommands also, unless you are willing to set and type in
the password for the rgit user. That is why rgitsss is prefixed with sudo.

Type along while reading

sudo rgitsss adduser

sudo rgitsss mkdir /srv/rgit
sudo rgitsss mkdir /srv/rgit/t
sudo rgitsss mkdir /srv/rgit/cache

sudo rgitsss clone https://gitlab.com/stappersg/bong /srv/rgit/t/bong.git

sudo rgitss publish /srv/rgit/t/bong.git

Now it makes sense to start rgit

sudo systemctl start rgit

and to visit the URL where you have rgit running, with a webbrowser.
Notice the odd description. Reproduce it with

rgitsss describe /srv/rgit/t/bong.git

Change it by

echo "a ping wrapper, reduces ping output while a server reboots" > nd
sudo rgitsss describe /srv/rgit/t/bong.git nd

Now wait for the next rgit cache update, or force that by

sudo systemctl restart rgit

Webbrowser shows updated description.

For start upon reboot:

sudo systemctl enable rgit

By design doesn't allow `rgit` writing. For "git writes" is SSH used.
And for SSH access are ssh pub keys needed. Ask the people who you want
to grant access to do

cat ~/.ssh/id_ed22519.pub # or simular

Collect the public keys in a text file, say "these_keys", then:

sudo rgitsss sshkeys these_keys

See which SSH-keys are present by:

sudo rgitsss sshkeys


And with a new git repository?

sudo rgitsss init /srv/rgit/t/baz.git
sudo rgitsss publish /srv/rgit/t/baz.git
echo "Proof of concept" > textfile
sudo rgitsss describe /srv/rgit/t/baz.git textfile


Then at **other** place, either:

git clone [email protected]:/srv/rgit/t/baz.git
# with notice on empty git repository
cd baz
git branch -m main # sets 'main' as branch name
$EDITOR content
git add content
git commit
git push

or:

cd directory/with/git/repository
git remote add origin [email protected]:/srv/rgit/t/baz.git
git fetch origin
git push origin

And splitting '[email protected]:/srv/rgit/t/baz.git' from above
into 'git', 'rgit.example.com' and '/srv/rgit/t/baz.git'. The 'git'
is RGIT_ACCOUNT, 'rgit.example.com' server running `rgit`.
The '/srv/rgit/t/baz.git' is the path of the rgitsss init command.
17 changes: 17 additions & 0 deletions server_side/config
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#
# rgit configuration file
# currently only a wish
#

# For further discussion:
#
# - format options:
# - yaml
# - toml
# - ......
#
# - options for location:
# - fixed, like: /etc/rgit/config
# - command line parameter
# - environment variable, e.g. RGIT_CONFIG
#
22 changes: 22 additions & 0 deletions server_side/default
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#
# File with `rgit` parameter values.
# It will be read by the systemd service file as environment file.
#
# Bind address and port
RGIT_BIND='[::]:49418'
RGIT_BIND='127.0.0.1:49418'
#
# scan path top directory
RGIT_PATH=/srv/rgit/t
#
RGIT_CACHE=/srv/rgit/cache
#
# mandatory
RGIT_SHIM=--db-store
#
#
# For what it is worth:
# This file with environment variables exists because at the time of writing,
# no real configuration file existed.
#
# Last Line
42 changes: 42 additions & 0 deletions server_side/rgit_pre_flight_check
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
#!/bin/sh
# rgit pre flight check
# (early release)
# does various (silent) tests
# exits with error code EX_CONFIG on first failed test
# Intented use is being executed by systemd service unit

EX_CONFIG=78
# comes from https://man.freebsd.org/cgi/man.cgi?query=sysexits

SERVICE_SIZE=$( systemctl cat rgit.service 2>/dev/null | wc -l )
if [ ${SERVICE_SIZE} -lt 4 ] ; then
echo "E: Line count of systemd rgit service is unlikely small."
echo "I: Is the rgit systemd service unit installed?"
echo "I:"
echo "I: Do know that you can start rgit without Systemd."
exit ${EX_CONFIG}
fi

# Does user exist?
USER=$( systemctl cat rgit.service 2>/dev/null \
| awk -F= '$1 ~ /User/ { U = $2 } END { print U}' )
if [ -z ${USER} ] ; then
echo "E: No username found in the systemd service unit."
exit ${EX_CONFIG}
fi
id ${USER} > /dev/null 2>&1
if [ ${?} -gt 0 ] ; then
echo "E: \`id ${USER}\` failed."
echo "I: /usr/bin/rgitsss has an add user subcommand"
exit ${EX_CONFIG}
fi

DIR=idea # read from configuration file
DIR=/srv/rgit/t
if [ ! -d ${DIR} ] ; then
echo "E: Directory ${DIR} nout found"
exit ${EX_CONFIG}
fi

# all good
exit 0
Loading

0 comments on commit 54ba740

Please sign in to comment.