Adding server side files

Cargo.toml

@@ -53,3 +53,13 @@ rsass = "0.28.0"
 
 [package.metadata.deb]
 section = "web"
+maintainer-scripts = "server_side/"
+systemd-units = { enable = false }
+assets = [
+    [ "target/release/rgit", "/usr/bin/rgit", "755" ],
+    [ "server_side/default", "/etc/default/rgit", "644" ],
+    [ "server_side/config", "/etc/rgit/config", "644" ],
+    [ "server_side/rgitsss", "/usr/bin/rgitsss", "755" ],
+    [ "server_side/rgit_pre_flight_check", "/usr/bin/rgit_pre_flight_check", "755" ],
+    # FYI `cargo deb` installs the systemd service file
+]

server_side/README

@@ -0,0 +1,110 @@
+
+For autostarting `rgit` is a systemd service unit available.
+
+Rgit only opens only self owned files. Systemd helps with running the
+rgit proces as a dedicated user.
+
+Script rgit_pre_flight_check verifies if the user defined
+in the systemd unit, is available on the system.
+
+For dealing with self owned files, there is `rgitsss`. The triple s
+stands for Server Side Script.
+
+Default user for `rgitsss` is 'git'. For other username, set RGIT_ACCOUNT
+environment variable.  ( `export RGIT_ACCOUNT=foo` )
+
+
+Now much more about `rgitsss`.
+
+Try
+
+    rgitsss
+    rgitsss help
+
+for getting an idea what is to come.
+
+Commands, subcommands, like `adduser` and `mkdir` are root privileges needed.
+For the other subcommands also, unless you are willing to set and type in
+the password for the rgit user. That is why rgitsss is prefixed with sudo.
+
+Type along while reading
+
+    sudo rgitsss adduser
+
+    sudo rgitsss mkdir /srv/rgit
+    sudo rgitsss mkdir /srv/rgit/t
+    sudo rgitsss mkdir /srv/rgit/cache
+
+    sudo rgitsss clone https://gitlab.com/stappersg/bong /srv/rgit/t/bong.git
+
+    sudo rgitss publish /srv/rgit/t/bong.git
+
+Now it makes sense to start rgit
+
+    sudo systemctl start rgit
+
+and to visit the URL where you have rgit running, with a webbrowser.
+Notice the odd description. Reproduce it with
+
+    rgitsss describe /srv/rgit/t/bong.git
+
+Change it by
+
+    echo "a ping wrapper, reduces ping output while a server reboots" > nd
+    sudo rgitsss describe /srv/rgit/t/bong.git nd
+
+Now wait for the next rgit cache update, or force that by
+
+    sudo systemctl restart rgit
+
+Webbrowser shows updated description.
+
+For start upon reboot:
+
+    sudo systemctl enable rgit
+
+By design doesn't allow `rgit` writing. For "git writes" is SSH used.
+And for SSH access are ssh pub keys needed. Ask the people who you want
+to grant access to do
+
+    cat ~/.ssh/id_ed22519.pub  # or simular
+
+Collect the public keys in a text file, say "these_keys", then:
+
+    sudo rgitsss sshkeys these_keys
+
+See which SSH-keys are present by:
+
+    sudo rgitsss sshkeys
+
+
+And with a new git repository?
+
+    sudo rgitsss init /srv/rgit/t/baz.git
+    sudo rgitsss publish /srv/rgit/t/baz.git
+    echo "Proof of concept" > textfile
+    sudo rgitsss describe /srv/rgit/t/baz.git textfile
+
+
+Then at **other** place, either:
+
+    git clone [email protected]:/srv/rgit/t/baz.git
+    # with notice on empty git repository
+    cd baz
+    git branch -m main  # sets 'main' as branch name
+    $EDITOR content
+    git add content
+    git commit
+    git push
+
+or:
+
+    cd directory/with/git/repository
+    git remote add origin [email protected]:/srv/rgit/t/baz.git
+    git fetch origin
+    git push origin
+
+And splitting '[email protected]:/srv/rgit/t/baz.git' from above
+into 'git', 'rgit.example.com' and '/srv/rgit/t/baz.git'. The 'git'
+is RGIT_ACCOUNT, 'rgit.example.com' server running `rgit`.
+The '/srv/rgit/t/baz.git' is the path of the rgitsss init command.

server_side/config

@@ -0,0 +1,17 @@
+#
+#  rgit configuration file
+#  currently only a wish
+#
+
+#  For further discussion:
+#
+#  - format options:
+#    - yaml
+#    - toml
+#    - ......
+#
+#  - options for location:
+#    - fixed, like: /etc/rgit/config
+#    - command line parameter
+#    - environment variable, e.g. RGIT_CONFIG
+#

server_side/default

@@ -0,0 +1,22 @@
+#
+# File with `rgit` parameter values.
+# It will be read by the systemd service file as environment file.
+#
+# Bind address and port
+RGIT_BIND='[::]:49418'
+RGIT_BIND='127.0.0.1:49418'
+#
+# scan path top directory
+RGIT_PATH=/srv/rgit/t
+#
+RGIT_CACHE=/tmp/rgit
+#
+# mandatory
+RGIT_SHIM=--db-store
+#
+#
+# For what it is worth:
+# This file with environment variables exists because at the time of writing,
+# no real configuration file existed.
+#
+# Last Line

server_side/rgit_pre_flight_check

@@ -0,0 +1,42 @@
+#!/bin/sh
+# rgit pre flight check
+# (early release)
+# does various (silent) tests
+# exits with error code EX_CONFIG on first failed test
+# Intented use is being executed by systemd service unit
+
+EX_CONFIG=78
+# comes from https://man.freebsd.org/cgi/man.cgi?query=sysexits
+
+SERVICE_SIZE=$( systemctl cat rgit.service 2>/dev/null | wc -l )
+if [ ${SERVICE_SIZE} -lt 4 ] ; then
+	echo "E: Line count of systemd rgit service is unlikely small."
+	echo "I: Is the rgit systemd service unit installed?"
+	echo "I:"
+	echo "I: Do know that you can start rgit without Systemd."
+	exit ${EX_CONFIG}
+fi
+
+# Does user exist?
+USER=$( systemctl cat rgit.service 2>/dev/null \
+	| awk -F= '$1 ~ /User/ { U = $2 } END { print U}' )
+if [ -z ${USER} ] ; then
+	echo "E: No username found in the systemd service unit."
+	exit ${EX_CONFIG}
+fi
+id ${USER} > /dev/null 2>&1
+if [ ${?} -gt 0 ] ; then
+	echo "E: \`id ${USER}\` failed."
+	echo "I: /usr/bin/rgitsss has an add user subcommand"
+	exit ${EX_CONFIG}
+fi
+
+DIR=idea # read from configuration file
+DIR=/srv/rgit/t
+if [ ! -d ${DIR} ] ; then
+	echo "E: Directory ${DIR} nout found"
+	exit ${EX_CONFIG}
+fi
+
+# all good
+exit 0