* [PATCH] gnu: service: Add git-service.
@ 2016-08-29 13:04 ng0
2016-08-29 14:12 ` Andy Wingo
0 siblings, 1 reply; 13+ messages in thread
From: ng0 @ 2016-08-29 13:04 UTC (permalink / raw)
To: guix-devel
[-- Attachment #1: Type: text/plain, Size: 510 bytes --]
I'd be happy to take review comments and changes to apply.
The service runs, but due to limitations of our guix system vm
(https://lists.gnu.org/archive/html/guix-devel/2016-08/msg01816.html)
I was not able to test a situation where I add a pubkey to $HOME/.ssh/
of user "git", export a repository, clone it from VM to HOST and push
some changes to the git daemon running on the VM.
I know I should add a section about it to documentation, but first I
want to get comments for the service as it currently is.
[-- Attachment #2: 0001-gnu-services-Add-git-service.patch --]
[-- Type: text/x-patch, Size: 5229 bytes --]
From e84e27862683fcb42be50e0b74b868e89cfb2dbc Mon Sep 17 00:00:00 2001
From: ng0 <ng0@we.make.ritual.n0.is>
Date: Fri, 8 Jul 2016 15:42:55 +0000
Subject: [PATCH] gnu: services: Add git-service.
* gnu/services/version-control.scm: New file, create it.
(git-service): New Procedures.
(git-service-type): New variable.
---
gnu/local.mk | 1 +
gnu/services/version-control.scm | 116 +++++++++++++++++++++++++++++++++++++++
2 files changed, 117 insertions(+)
create mode 100644 gnu/services/version-control.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index 7ce8ad0..3bedd97 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -390,6 +390,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/herd.scm \
%D%/services/spice.scm \
%D%/services/ssh.scm \
+ %D%/services/version-control.scm \
%D%/services/web.scm \
%D%/services/xorg.scm \
\
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
new file mode 100644
index 0000000..f32a592
--- /dev/null
+++ b/gnu/services/version-control.scm
@@ -0,0 +1,116 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services version-control)
+ #:use-module (gnu services)
+ #:use-module (gnu services base)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu system shadow)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages admin)
+ #:use-module (guix records)
+ #:use-module (guix gexp)
+ #:use-module (srfi srfi-1)
+ #:use-module (ice-9 match)
+ #:export (git-service
+ git-service-type
+ git-configuration
+ git-configuration?
+ git-configuration-git
+ git-configuration-port
+ git-configuration-base-path))
+
+;;; Commentary:
+;;;
+;;; Version Control related services.
+;;;
+;;; Code:
+
+\f
+;;;
+;;; git
+;;;
+
+(define-record-type* <git-configuration> git-configuration
+ make-git-configuration
+ git-configuration?
+ (git git-configuration-git ;package
+ (default git))
+ (base-path git-configuration-base-path) ;string
+ (port git-configuration-port)) ;number
+
+(define (git-shepherd-service config)
+ "Return a <shepherd-service> for git with CONFIG."
+ (define git (git-configuration-git config))
+
+ (define git-command
+ #~(list
+ (string-append #$git "/bin/git") "daemon" "--syslog"
+ "--informative-errors"
+ (string-append "--port=" #$(number->string (git-configuration-port config)))
+ (string-append "--base-path=" #$(git-configuration-base-path config))))
+
+ (define requires
+ '(networking syslogd))
+
+ (list (shepherd-service
+ (documentation "Git daemon server for git repositories")
+ (requirement requires)
+ (provision '(git))
+ (start #~(make-forkexec-constructor #$git-command))
+ (stop #~(make-kill-destructor)))))
+
+(define %git-accounts
+ ;; User account and groups for git-daemon.
+ ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
+ (list (user-group (name "git") (system? #t))
+ (user-account
+ (name "git")
+ (group "git")
+ (system? #t)
+ (comment "git-daemon user")
+ (home-directory "/var/git")
+ (shell #~(string-append #$shadow "/bin/git-shell")))))
+
+(define (git-activation config)
+ "Return the activation gexp for CONFIG."
+ #~(begin (use-modules (guix build utils))
+ ;; Create the default base-path (where the repositories are).
+ (mkdir-p "/var/git/repositories")))
+
+(define git-service-type
+ (service-type (name 'git)
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ git-shepherd-service)
+ (service-extension activation-service-type
+ git-activation)))))
+
+(define* (git-service #:key
+ (git git)
+ (base-path "/var/git/repositories")
+ (port 9418))
+ "Return a service that runs @url{https://git-scm.org,git} as a daemon.
+The daemon will listen on the port specified in @var{port}.
+In addition, @var{base-path} specifies the path which will repositories
+which can be exported by adding 'git-daemon-export-ok' files to them."
+ (service git-service-type
+ (git-configuration
+ (git git)
+ (base-path base-path)
+ (port port))))
--
2.9.3
[-- Attachment #3: Type: text/plain, Size: 70 bytes --]
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-29 13:04 [PATCH] gnu: service: Add git-service ng0
@ 2016-08-29 14:12 ` Andy Wingo
2016-08-29 14:34 ` ng0
0 siblings, 1 reply; 13+ messages in thread
From: Andy Wingo @ 2016-08-29 14:12 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
On Mon 29 Aug 2016 15:04, ng0 <ng0@we.make.ritual.n0.is> writes:
> I know I should add a section about it to documentation, but first I
> want to get comments for the service as it currently is.
No real comments until I know how it's supposed to work, which the
documentation will tell me :)
A
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-29 14:12 ` Andy Wingo
@ 2016-08-29 14:34 ` ng0
2016-08-29 20:05 ` ng0
0 siblings, 1 reply; 13+ messages in thread
From: ng0 @ 2016-08-29 14:34 UTC (permalink / raw)
To: Andy Wingo; +Cc: guix-devel
Andy Wingo <wingo@igalia.com> writes:
> On Mon 29 Aug 2016 15:04, ng0 <ng0@we.make.ritual.n0.is> writes:
>
>> I know I should add a section about it to documentation, but first I
>> want to get comments for the service as it currently is.
>
> No real comments until I know how it's supposed to work, which the
> documentation will tell me :)
>
> A
Oh. Sorry, my testvm was just run with this in
(services cons* (git-service)
as I was not able to try otherwise, the guix system vm lacked HOST -> VM
network, the only thing I could make sure is that the process with the
default parameters I gave it runs.
This is my first service, so I have no idea if it is correct or how to
do it, etc... I lack references.
I'll add documentation later.
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-29 14:34 ` ng0
@ 2016-08-29 20:05 ` ng0
2016-08-30 7:40 ` Andy Wingo
0 siblings, 1 reply; 13+ messages in thread
From: ng0 @ 2016-08-29 20:05 UTC (permalink / raw)
To: Andy Wingo; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 37 bytes --]
First try with added documentation.
[-- Attachment #2: 0001-gnu-services-Add-git-service.patch --]
[-- Type: text/x-patch, Size: 6886 bytes --]
From d796e150183d15b8ce639051f202138970153a9e Mon Sep 17 00:00:00 2001
From: ng0 <ng0@we.make.ritual.n0.is>
Date: Fri, 8 Jul 2016 15:42:55 +0000
Subject: [PATCH] gnu: services: Add git-service.
* gnu/services/version-control.scm: New file, create it.
(git-service): New Procedures.
(git-service-type): New variable.
* doc/guix.texi: Add documentation.
---
doc/guix.texi | 24 ++++++++
gnu/local.mk | 1 +
gnu/services/version-control.scm | 116 +++++++++++++++++++++++++++++++++++++++
3 files changed, 141 insertions(+)
create mode 100644 gnu/services/version-control.scm
diff --git a/doc/guix.texi b/doc/guix.texi
index e25cf58..33fa4c6 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7494,6 +7494,7 @@ declaration.
* Database Services:: SQL databases.
* Mail Services:: IMAP, POP3, SMTP, and all that.
* Web Services:: Web servers.
+* Version Control:: Git and others.
* Various Services:: Other services.
@end menu
@@ -9910,6 +9911,29 @@ directories are created when the service is activated.
@end deffn
+@node Version Control
+@subsubsection Version Control
+
+The @code{(gnu services version-control)} module provides the following services:
+
+@deffn {Scheme Procedure} git-service [git @var{git}] @
+ [base-path ``/var/git/repositories''] @
+ [port ``9418'']
+
+Return a service to run the @uref{https://git-scm.com, git} daemon version control
+daemon.
+The git daemon runs as the @code{git} unprivileged user. It is started with
+the fixed parameters @code{--informative-errors} and @code{--syslog}. You can
+pass the parameter @var{base-path}, which remaps all the pathrequests as
+relative to the given path. If you run git daemon with
+@var{base-path /var/git/repositories} on example.com, then if you later try
+to pull @code{git://example.com/hello.git}, git daemon will interpret the path
+as /var/git/repositories/hello.git.
+Furthermore it takes the parameter @var{port} which defaults to 9418.
+Run @command{man git daemon} for information about the options.
+
+@end deffn
+
@node Various Services
@subsubsection Various Services
diff --git a/gnu/local.mk b/gnu/local.mk
index 7ce8ad0..3bedd97 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -390,6 +390,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/herd.scm \
%D%/services/spice.scm \
%D%/services/ssh.scm \
+ %D%/services/version-control.scm \
%D%/services/web.scm \
%D%/services/xorg.scm \
\
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
new file mode 100644
index 0000000..f32a592
--- /dev/null
+++ b/gnu/services/version-control.scm
@@ -0,0 +1,116 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services version-control)
+ #:use-module (gnu services)
+ #:use-module (gnu services base)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu system shadow)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages admin)
+ #:use-module (guix records)
+ #:use-module (guix gexp)
+ #:use-module (srfi srfi-1)
+ #:use-module (ice-9 match)
+ #:export (git-service
+ git-service-type
+ git-configuration
+ git-configuration?
+ git-configuration-git
+ git-configuration-port
+ git-configuration-base-path))
+
+;;; Commentary:
+;;;
+;;; Version Control related services.
+;;;
+;;; Code:
+
+\f
+;;;
+;;; git
+;;;
+
+(define-record-type* <git-configuration> git-configuration
+ make-git-configuration
+ git-configuration?
+ (git git-configuration-git ;package
+ (default git))
+ (base-path git-configuration-base-path) ;string
+ (port git-configuration-port)) ;number
+
+(define (git-shepherd-service config)
+ "Return a <shepherd-service> for git with CONFIG."
+ (define git (git-configuration-git config))
+
+ (define git-command
+ #~(list
+ (string-append #$git "/bin/git") "daemon" "--syslog"
+ "--informative-errors"
+ (string-append "--port=" #$(number->string (git-configuration-port config)))
+ (string-append "--base-path=" #$(git-configuration-base-path config))))
+
+ (define requires
+ '(networking syslogd))
+
+ (list (shepherd-service
+ (documentation "Git daemon server for git repositories")
+ (requirement requires)
+ (provision '(git))
+ (start #~(make-forkexec-constructor #$git-command))
+ (stop #~(make-kill-destructor)))))
+
+(define %git-accounts
+ ;; User account and groups for git-daemon.
+ ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
+ (list (user-group (name "git") (system? #t))
+ (user-account
+ (name "git")
+ (group "git")
+ (system? #t)
+ (comment "git-daemon user")
+ (home-directory "/var/git")
+ (shell #~(string-append #$shadow "/bin/git-shell")))))
+
+(define (git-activation config)
+ "Return the activation gexp for CONFIG."
+ #~(begin (use-modules (guix build utils))
+ ;; Create the default base-path (where the repositories are).
+ (mkdir-p "/var/git/repositories")))
+
+(define git-service-type
+ (service-type (name 'git)
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ git-shepherd-service)
+ (service-extension activation-service-type
+ git-activation)))))
+
+(define* (git-service #:key
+ (git git)
+ (base-path "/var/git/repositories")
+ (port 9418))
+ "Return a service that runs @url{https://git-scm.org,git} as a daemon.
+The daemon will listen on the port specified in @var{port}.
+In addition, @var{base-path} specifies the path which will repositories
+which can be exported by adding 'git-daemon-export-ok' files to them."
+ (service git-service-type
+ (git-configuration
+ (git git)
+ (base-path base-path)
+ (port port))))
--
2.9.3
[-- Attachment #3: Type: text/plain, Size: 70 bytes --]
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-29 20:05 ` ng0
@ 2016-08-30 7:40 ` Andy Wingo
2016-08-30 11:45 ` ng0
0 siblings, 1 reply; 13+ messages in thread
From: Andy Wingo @ 2016-08-30 7:40 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
On Mon 29 Aug 2016 22:05, ng0 <ng0@we.make.ritual.n0.is> writes:
> +@node Version Control
> +@subsubsection Version Control
> +
> +The @code{(gnu services version-control)} module provides the following services:
> +
> +@deffn {Scheme Procedure} git-service [git @var{git}] @
> + [base-path ``/var/git/repositories''] @
> + [port ``9418'']
Though there are no strict conventions for this, the right way to do
this is to use #:foo for keyword arguments, and then regular scheme for
the default value initializers. So
@deffn {Scheme Procedure} git-service [#:git git] @
[#:base-path "/var/git/repositories"] @
[#:port 9418]
Note lack of smart quotes on base-path. I also think that "path" might
not be the right word, which in GNU manuals is only used for search
paths. See the "GNU Manuals" section of standards.texi for more.
Anyway I suggest #:base-directory. Make sure the port is an integer and
not a string.
> +Return a service to run the @uref{https://git-scm.com, git} daemon version control
> +daemon.
Extra "daemon" here. Probably needs a sentence on what running the
daemon will do (namely, expose local repositories for remote access).
What about authentication? Is this purely anonymous?
> +The git daemon runs as the @code{git} unprivileged user. It is started with
> +the fixed parameters @code{--informative-errors} and @code{--syslog}. You can
> +pass the parameter @var{base-path}, which remaps all the pathrequests as
> +relative to the given path. If you run git daemon with
> +@var{base-path /var/git/repositories} on example.com, then if you later try
> +to pull @code{git://example.com/hello.git}, git daemon will interpret the path
> +as /var/git/repositories/hello.git.
Need @code{} on this last file name. Use "file name" instead of path in general.
> +Furthermore it takes the parameter @var{port} which defaults to 9418.
> +Run @command{man git daemon} for information about the options.
This man command does not work.
> +(define %git-accounts
> + ;; User account and groups for git-daemon.
> + ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
What does this comment mean? Why would we switch?
> +(define* (git-service #:key
> + (git git)
> + (base-path "/var/git/repositories")
> + (port 9418))
> + "Return a service that runs @url{https://git-scm.org,git} as a daemon.
> +The daemon will listen on the port specified in @var{port}.
> +In addition, @var{base-path} specifies the path which will repositories
> +which can be exported by adding 'git-daemon-export-ok' files to them."
This docstring needs updating as regards the word "path" I think and
also this info about git-daemon-export-ok probably needs to go in the
manual.
Other than that, looking good :)
Andy
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-30 7:40 ` Andy Wingo
@ 2016-08-30 11:45 ` ng0
2016-08-30 12:12 ` Andy Wingo
0 siblings, 1 reply; 13+ messages in thread
From: ng0 @ 2016-08-30 11:45 UTC (permalink / raw)
To: Andy Wingo; +Cc: guix-devel
Hi,
Andy Wingo <wingo@igalia.com> writes:
> On Mon 29 Aug 2016 22:05, ng0 <ng0@we.make.ritual.n0.is> writes:
>
>> +@node Version Control
>> +@subsubsection Version Control
>> +
>> +The @code{(gnu services version-control)} module provides the following services:
>> +
>> +@deffn {Scheme Procedure} git-service [git @var{git}] @
>> + [base-path ``/var/git/repositories''] @
>> + [port ``9418'']
>
> Though there are no strict conventions for this, the right way to do
> this is to use #:foo for keyword arguments, and then regular scheme for
> the default value initializers. So
>
> @deffn {Scheme Procedure} git-service [#:git git] @
> [#:base-path "/var/git/repositories"] @
> [#:port 9418]
>
> Note lack of smart quotes on base-path.
I had this at first, but then I found a service which did not use
#:keyword, so I got confused. Writing this service was hard enough
because I understand scheme in general more than 9 months ago, but not
enough to explain or understand all of what I've written in this
service, as it started as a modification of parts of other services. I
will adjust and we'll see if it works. Thanks.
>I also think that "path" might
> not be the right word, which in GNU manuals is only used for search
> paths. See the "GNU Manuals" section of standards.texi for more.
> Anyway I suggest #:base-directory. Make sure the port is an integer and
> not a string.
See 'man git daemon'. The switch is called --base-path. Looking at
the openrc conf.d/git or what the config file was called again, they
stick to this name too. It would just cause confusion if we go ahead
and call it differently. Upstream should be fixed, but I'm not going
there. If you think we should break expectations, I can rename it.
>> +Return a service to run the @uref{https://git-scm.com, git} daemon version control
>> +daemon.
>
> Extra "daemon" here. Probably needs a sentence on what running the
> daemon will do (namely, expose local repositories for remote access).
>
> What about authentication? Is this purely anonymous?
Exactly, authentication is handled via other daemons, for example ssh or
gitolite. git daemon supports no authentication and is read-only, as far
as I know. At the servers I use and setup, I pull via
git://,http://,https:// and push via ssh.
Its selfdescription is:
git-daemon - A really simple server for Git repositories.
A really simple TCP Git daemon that normally listens on port
"DEFAULT_GIT_PORT" aka 9418. It waits for a connection asking for a
service, and will serve that service if it is enabled.
It verifies that the directory has the magic file
"git-daemon-export-ok", and it will refuse to export any Git directory
that hasn’t explicitly been marked for export this way (unless the
--export-all parameter is specified). If you pass some directory paths
as git daemon arguments, you can further restrict the offers to a
whitelist comprising of those.
By default, only upload-pack service is enabled, which serves git
fetch-pack and git ls-remote clients, which are invoked from git fetch,
git pull, and git clone.
This is ideally suited for read-only updates, i.e., pulling from Git
repositories.
An upload-archive also exists to serve git archive.
>> +The git daemon runs as the @code{git} unprivileged user. It is started with
>> +the fixed parameters @code{--informative-errors} and @code{--syslog}. You can
>
>> +pass the parameter @var{base-path}, which remaps all the pathrequests as
>> +relative to the given path. If you run git daemon with
>> +@var{base-path /var/git/repositories} on example.com, then if you later try
>> +to pull @code{git://example.com/hello.git}, git daemon will interpret the path
>> +as /var/git/repositories/hello.git.
>
> Need @code{} on this last file name.
>Use "file name" instead of path in general.
Why? It is 1 or more files in a path which happens to sit in
$base-path/$repository.
You will also requests a number of files, not one individual file and
the .git is not a file but a directory. Path for me reads correct, can
you give me some explanation why you think file name should be used
instead of path?
>> +Furthermore it takes the parameter @var{port} which defaults to 9418.
>> +Run @command{man git daemon} for information about the options.
>
> This man command does not work.
Works for me. As far as I know man pages were merged into git package
recently. When I run this on debian with guix, 'man git daemon' works
too.
>> +(define %git-accounts
>> + ;; User account and groups for git-daemon.
>> + ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
>
> What does this comment mean? Why would we switch?
I am not sure about the limitations of git-shell compared to
/bin/sh. If this turns out to be a mistake, it can be corrected. The
only thing I know about git-shell is that it allows no logins.
>> +(define* (git-service #:key
>> + (git git)
>> + (base-path "/var/git/repositories")
>> + (port 9418))
>> + "Return a service that runs @url{https://git-scm.org,git} as a daemon.
>> +The daemon will listen on the port specified in @var{port}.
>> +In addition, @var{base-path} specifies the path which will repositories
>> +which can be exported by adding 'git-daemon-export-ok' files to them."
>
> This docstring needs updating as regards the word "path" I think and
> also this info about git-daemon-export-ok probably needs to go in the
> manual.
I'm not sure what has to be documented. I find the upstream
documentation complete enough.
If we stick to our current general view on documentation we should not
provide this info at all. When I got started it was as easy as adding
base-path and port to the config of the service on gentoo and some
additional switches. I then had to read the upstream docs to discover
that git-daemon-export-ok was needed. If services in guix are
translated, and in upstream they aren't that is the only reason why I
would include more info than necessary. I would even remove most of the
description as this was just to test what needs to go in there.
From your first email I assume you have never run or setup git daemon on
a computer. Could you read the upstream documentation and tell me if
there are open questions after readin them? Those are the things I must
point out in the service documentation.
man page: https://git-scm.com/docs/git-daemon
documentation: https://git-scm.com/book/en/v2/Git-on-the-Server-Git-Daemon
> Other than that, looking good :)
>
> Andy
Many thanks for taking your time to review this.
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-30 11:45 ` ng0
@ 2016-08-30 12:12 ` Andy Wingo
2016-08-30 17:50 ` ng0
0 siblings, 1 reply; 13+ messages in thread
From: Andy Wingo @ 2016-08-30 12:12 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
On Tue 30 Aug 2016 13:45, ng0 <ng0@we.make.ritual.n0.is> writes:
>>I also think that "path" might
>> not be the right word, which in GNU manuals is only used for search
>> paths. See the "GNU Manuals" section of standards.texi for more.
>> Anyway I suggest #:base-directory. Make sure the port is an integer and
>> not a string.
>
> See 'man git daemon'.
I ran this and it did not work -- first showed me a page for git then
for daemon. I believe you want "man git-daemon"?
> The switch is called --base-path. Looking at the openrc conf.d/git or
> what the config file was called again, they stick to this name too.
> It would just cause confusion if we go ahead and call it differently.
> Upstream should be fixed, but I'm not going there. If you think we
> should break expectations, I can rename it.
"Fixing" upstream is out of our remit :) All I can ask is that we do
not introduce new uses of the word "path".
>>> +Return a service to run the @uref{https://git-scm.com, git} daemon version control
>>> +daemon.
>>
>> Extra "daemon" here. Probably needs a sentence on what running the
>> daemon will do (namely, expose local repositories for remote access).
>>
>> What about authentication? Is this purely anonymous?
>
> Exactly, authentication is handled via other daemons, for example ssh or
> gitolite. git daemon supports no authentication and is read-only, as far
> as I know. At the servers I use and setup, I pull via
> git://,http://,https:// and push via ssh.
> Its selfdescription is:
> git-daemon - A really simple server for Git repositories.
This needs to be documented in the manual, is what I was getting at :)
Mention that this is for anonymous read-only access please.
>>Use "file name" instead of path in general.
>
> Why?
It is because it is standard in the GNU project. I mentioned this
before. See "info standards" and go to "GNU manuals".
>>> +Furthermore it takes the parameter @var{port} which defaults to 9418.
>>> +Run @command{man git daemon} for information about the options.
>>
>> This man command does not work.
>
> Works for me. As far as I know man pages were merged into git package
> recently. When I run this on debian with guix, 'man git daemon' works
> too.
It does not work for me on NixOS with Guix. Maybe I am out of date
though.
>>> +(define %git-accounts
>>> + ;; User account and groups for git-daemon.
>>> + ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
>>
>> What does this comment mean? Why would we switch?
>
> I am not sure about the limitations of git-shell compared to
> /bin/sh. If this turns out to be a mistake, it can be corrected. The
> only thing I know about git-shell is that it allows no logins.
If you do not want a login then probably what you want is
#~(string-append #$shadow "/sbin/nologin").
Andy
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-30 12:12 ` Andy Wingo
@ 2016-08-30 17:50 ` ng0
2016-09-27 8:18 ` ng0
2016-09-27 8:20 ` ng0
0 siblings, 2 replies; 13+ messages in thread
From: ng0 @ 2016-08-30 17:50 UTC (permalink / raw)
To: Andy Wingo; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 3237 bytes --]
I tried to address most of what you've written.
While I was correcting the documentation I decided to add more options,
now it doesn't work anymore, probably because of the ifs I added.
Andy Wingo <wingo@igalia.com> writes:
> On Tue 30 Aug 2016 13:45, ng0 <ng0@we.make.ritual.n0.is> writes:
>
>>>I also think that "path" might
>>> not be the right word, which in GNU manuals is only used for search
>>> paths. See the "GNU Manuals" section of standards.texi for more.
>>> Anyway I suggest #:base-directory. Make sure the port is an integer and
>>> not a string.
>>
>> See 'man git daemon'.
>
> I ran this and it did not work -- first showed me a page for git then
> for daemon. I believe you want "man git-daemon"?
>
>> The switch is called --base-path. Looking at the openrc conf.d/git or
>> what the config file was called again, they stick to this name too.
>> It would just cause confusion if we go ahead and call it differently.
>> Upstream should be fixed, but I'm not going there. If you think we
>> should break expectations, I can rename it.
>
> "Fixing" upstream is out of our remit :) All I can ask is that we do
> not introduce new uses of the word "path".
>
>>>> +Return a service to run the @uref{https://git-scm.com, git} daemon version control
>>>> +daemon.
>>>
>>> Extra "daemon" here. Probably needs a sentence on what running the
>>> daemon will do (namely, expose local repositories for remote access).
>>>
>>> What about authentication? Is this purely anonymous?
>>
>> Exactly, authentication is handled via other daemons, for example ssh or
>> gitolite. git daemon supports no authentication and is read-only, as far
>> as I know. At the servers I use and setup, I pull via
>> git://,http://,https:// and push via ssh.
>> Its selfdescription is:
>> git-daemon - A really simple server for Git repositories.
>
> This needs to be documented in the manual, is what I was getting at :)
> Mention that this is for anonymous read-only access please.
read-only was wrong, anonymous write-access for all the world can be set
up but it is not default.
>
>>>Use "file name" instead of path in general.
>>
>> Why?
>
> It is because it is standard in the GNU project. I mentioned this
> before. See "info standards" and go to "GNU manuals".
>
>>>> +Furthermore it takes the parameter @var{port} which defaults to 9418.
>>>> +Run @command{man git daemon} for information about the options.
>>>
>>> This man command does not work.
>>
>> Works for me. As far as I know man pages were merged into git package
>> recently. When I run this on debian with guix, 'man git daemon' works
>> too.
>
> It does not work for me on NixOS with Guix. Maybe I am out of date
> though.
>
>>>> +(define %git-accounts
>>>> + ;; User account and groups for git-daemon.
>>>> + ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
>>>
>>> What does this comment mean? Why would we switch?
>>
>> I am not sure about the limitations of git-shell compared to
>> /bin/sh. If this turns out to be a mistake, it can be corrected. The
>> only thing I know about git-shell is that it allows no logins.
>
> If you do not want a login then probably what you want is
> #~(string-append #$shadow "/sbin/nologin").
>
> Andy
[-- Attachment #2: 0001-gnu-services-Add-git-service.patch --]
[-- Type: text/x-patch, Size: 12063 bytes --]
From d1d7eb59ca53833098cea2d6eddaa59f1494b579 Mon Sep 17 00:00:00 2001
From: ng0 <ng0@we.make.ritual.n0.is>
Date: Fri, 8 Jul 2016 15:42:55 +0000
Subject: [PATCH] gnu: services: Add git-service.
* gnu/services/version-control.scm: New file, create it.
(git-service): New Procedures.
(git-service-type): New variable.
* doc/guix.texi: Add documentation.
---
doc/guix.texi | 37 ++++++++
gnu/local.mk | 1 +
gnu/services/version-control.scm | 196 +++++++++++++++++++++++++++++++++++++++
3 files changed, 234 insertions(+)
create mode 100644 gnu/services/version-control.scm
diff --git a/doc/guix.texi b/doc/guix.texi
index b22cf4a..78d7ee1 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7494,6 +7494,7 @@ declaration.
* Database Services:: SQL databases.
* Mail Services:: IMAP, POP3, SMTP, and all that.
* Web Services:: Web servers.
+* Version Control:: Git and others.
* Various Services:: Other services.
@end menu
@@ -9910,6 +9911,42 @@ directories are created when the service is activated.
@end deffn
+@node Version Control
+@subsubsection Version Control
+
+The @code{(gnu services version-control)} module provides the following services:
+
+@deffn {Scheme Procedure} git-service [#:git @var{git}] @
+ [#:base-directory "/var/git/repositories"] @
+ [#:user-directory? #f ""] [#:port 9418] @
+ [#:directory? #f ""] [#:max-connections 32] @
+ [#:pid-file? #t "/var/run/git-daemon.pid"]
+
+Return a service to run the @uref{https://git-scm.com, Git} daemon, a really simple
+TCP Git service which exposes local repositories for anonymous remote access.
+
+The git daemon runs as the @code{git} unprivileged user. It is started with
+the fixed parameters @code{--syslog}, @code{--reuseaddr} and
+@code{"--no-informative-errors"}.
+You can pass the parameter @var{base-directory}, which remaps all the directory
+requests as relative to the given directory. If you run git-service with
+@var{base-directory "/var/git/repositories"} on example.com, then if you later try
+to pull @code{git://example.com/hello.git}, git-service will interpret the directory
+as @code{/var/git/repositories/hello.git}.
+@var{max-connections} sets the maximum number of concurrent clients, it defaults to 32.
+Set it to 0 for no limit.
+@var{user-directory} allows allows ~user notation to be used in requests. When
+specified with no parameter, requests to @code{git://host/~alice/foo} is taken as a
+request to access @code{foo} repository in the home directory of user @code{alice}.
+If @var{user-directory "path"} is specified, the same request is taken as a request
+to access @code{path/foo} repository in the home directory of user @code{alice}.
+The parameter @var{directory "foo"} adds the directory "foo" and its subdirectories
+to the whitelist of allowed directories.
+Furthermore git-service takes the parameter @var{port}, which defaults to 9418.
+Run @command{man git daemon} for information about the options.
+
+@end deffn
+
@node Various Services
@subsubsection Various Services
diff --git a/gnu/local.mk b/gnu/local.mk
index d75ab54..9220d06 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -390,6 +390,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/herd.scm \
%D%/services/spice.scm \
%D%/services/ssh.scm \
+ %D%/services/version-control.scm \
%D%/services/web.scm \
%D%/services/xorg.scm \
\
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
new file mode 100644
index 0000000..5578003
--- /dev/null
+++ b/gnu/services/version-control.scm
@@ -0,0 +1,196 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services version-control)
+ #:use-module (gnu services)
+ #:use-module (gnu services base)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu system shadow)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages admin)
+ #:use-module (guix records)
+ #:use-module (guix gexp)
+ #:use-module (srfi srfi-1)
+ #:use-module (ice-9 match)
+ #:export (git-service
+ git-service-type
+ git-configuration
+ git-configuration?
+ git-configuration-git
+ git-configuration-port
+ git-configuration-base-directory
+ git-configuration-pid-file
+ git-configuration-max-connections
+ git-configuration-user-directory
+ git-configuration-directory))
+
+;;; Commentary:
+;;;
+;;; Version Control related services.
+;;;
+;;; Code:
+
+\f
+;;;
+;;; git
+;;;
+
+(define-record-type* <git-configuration> git-configuration
+ make-git-configuration
+ git-configuration?
+ (git git-configuration-git ;package
+ (default git))
+ (pid-file? git-configuration-pid-file) ;string
+ (base-directory git-configuration-base-directory) ;string
+ (user-directory? git-configuration-user-directory) ;string
+ (directory? git-configuration-directory) ;string
+ (max-connections git-configuration-max-connections) ;number
+ (port git-configuration-port)) ;number
+
+(define (git-shepherd-service config)
+ "Return a <shepherd-service> for git with CONFIG."
+ (define git (git-configuration-git config))
+
+ ;; Comments do not list all the features available, but the commented ones are
+ ;; features which are a TODO for this service.
+ (define git-command
+ #~(list
+ (string-append #$git "/bin/git") "daemon"
+
+ ;; Log to syslog instead of stderr. Note that this option does not imply
+ ;; --verbose, thus by default only error conditions will be logged.
+ "--syslog"
+
+ ;; Convenient for clients, but may leak information about the existence of
+ ;; unexported repositories. When informative errors are not enabled, all
+ ;; errors report "access denied" to the client.
+ "--no-informative-errors"
+
+ ;; Use SO_REUSEADDR when binding the listening socket. This allows the
+ ;; server to restart without waiting for old connections to time out.
+ "--reuseaddr"
+
+ ;; A directory to add to the whitelist of allowed directories. Unless
+ ;; --strict-paths is specified this will also include subdirectories of
+ ;; each named directory.
+ ;; --directory
+ ;; TODO: Add the option to add multiple occurences of --directory
+ (if (git-configuration-directory? config)
+ (string-append "--directory=" #$(git-configuration-directory config))
+ "")
+
+ ;; --interpolated-path=<pathtemplate>
+ ;; To support virtual hosting, an interpolated path template can be used to
+ ;; dynamically construct alternate paths. The template supports %H for the target
+ ;; hostname as supplied by the client but converted to all lowercase,
+ ;; %CH for the canonical hostname, %IP for the server’s IP address,
+ ;; %P for the port number, and %D for the absolute path of the named repository.
+ ;; After interpolation, the path is validated against the directory whitelist.
+
+ ;; --export-all
+ ;; Allow pulling from all directories that look like Git repositories (have the
+ ;; objects and refs subdirectories), even if they do not have the git-daemon-export-ok
+ ;; file.
+
+ ;; --listen=<host_or_ipaddr>
+ ;; Listen on a specific IP address or hostname. IP addresses can be either an IPv4
+ ;; address or an IPv6 address if supported. If IPv6 is not supported, then
+ ;; --listen=hostname is also not supported and --listen must be given an IPv4 address.
+ ;; Can be given more than once. Incompatible with --inetd option.
+
+ ;; Maximum number of concurrent clients, defaults to 32. Set it to zero for no limit.
+ (string-append "--max-connections=" #$(number->string
+ (git-configuration-max-connections config)))
+
+ ;; --user-path, --user-path=<path>
+ ;; Allow ~user notation to be used in requests. When specified with no parameter,
+ ;; requests to git://host/~alice/foo is taken as a request to access foo repository
+ ;; in the home directory of user alice. If --user-path=path is specified, the same
+ ;; request is taken as a request to access path/foo repository in the home
+ ;; directory of user alice.
+ (if (git-configuration-user-directory? config)
+ "--user-path" "")
+
+ ;; Save the process id in file. Ignored when the daemon is run under --inetd.
+ (if (git-configuration-pid-file? config)
+ (string-append "--pid-file=" #$(git-configuration-pid-file config))
+ "")
+ (string-append "--port=" #$(number->string (git-configuration-port config)))
+ (string-append "--base-path=" #$(git-configuration-base-directory config))))
+
+ (define requires
+ '(networking syslogd))
+
+ (list (shepherd-service
+ (documentation "Git daemon server for git repositories")
+ (requirement requires)
+ (provision '(git))
+ (start #~(make-forkexec-constructor #$git-command))
+ (stop #~(make-kill-destructor)))))
+
+(define %git-accounts
+ ;; User account and groups for git-daemon.
+ (list (user-group
+ (name "git")
+ (system? #t))
+ (user-account
+ (name "git")
+ (system? #t)
+ (group "git")
+ (comment "Shepherd created user for the git-daemon service")
+ (home-directory "/var/git")
+ (shell #~(string-append #$shadow "/bin/git-shell")))))
+
+(define (git-activation config)
+ "Return the activation gexp for CONFIG."
+ #~(begin (use-modules (guix build utils))
+ ;; Create the default base-directory, see `man git daemon'.
+ (mkdir-p "/var/git/repositories")))
+
+(define git-service-type
+ (service-type (name 'git)
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ git-shepherd-service)
+ (service-extension activation-service-type
+ git-activation)))))
+
+(define* (git-service #:key
+ (git git)
+ (base-directory "/var/git/repositories")
+ (user-directory? #f)
+ (user-directory? "")
+ (directory? #f)
+ (directory "")
+ (port 9418)
+ (pid-file? #t)
+ (pid-file "/var/run/git-daemon.pid")
+ (max-connections 32))
+ "Return a service that runs @url{https://git-scm.org,git} as a daemon.
+The daemon will listen on the port specified in @var{port}.
+In addition, @var{base-path} specifies the path which will repositories
+which can be exported by adding 'git-daemon-export-ok' files to them."
+ (service git-service-type
+ (git-configuration
+ (git git)
+ (base-directory base-directory)
+ (user-directory? user-directory?)
+ (directory? directory?)
+ (port port)
+ (pid-file? pid-file?)
+ (max-connections max-connections))))
--
2.9.3
[-- Attachment #3: Type: text/plain, Size: 70 bytes --]
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-30 17:50 ` ng0
@ 2016-09-27 8:18 ` ng0
2016-09-30 23:49 ` 宋文武
2016-09-27 8:20 ` ng0
1 sibling, 1 reply; 13+ messages in thread
From: ng0 @ 2016-09-27 8:18 UTC (permalink / raw)
Cc: guix-devel
So almost one month passed now.
To continue testing this, I need help on this first.
Thanks.
ng0 <ng0@we.make.ritual.n0.is> writes:
> I tried to address most of what you've written.
>
> While I was correcting the documentation I decided to add more options,
> now it doesn't work anymore, probably because of the ifs I added.
>
> Andy Wingo <wingo@igalia.com> writes:
>
>> On Tue 30 Aug 2016 13:45, ng0 <ng0@we.make.ritual.n0.is> writes:
>>
>>>>I also think that "path" might
>>>> not be the right word, which in GNU manuals is only used for search
>>>> paths. See the "GNU Manuals" section of standards.texi for more.
>>>> Anyway I suggest #:base-directory. Make sure the port is an integer and
>>>> not a string.
>>>
>>> See 'man git daemon'.
>>
>> I ran this and it did not work -- first showed me a page for git then
>> for daemon. I believe you want "man git-daemon"?
>>
>>> The switch is called --base-path. Looking at the openrc conf.d/git or
>>> what the config file was called again, they stick to this name too.
>>> It would just cause confusion if we go ahead and call it differently.
>>> Upstream should be fixed, but I'm not going there. If you think we
>>> should break expectations, I can rename it.
>>
>> "Fixing" upstream is out of our remit :) All I can ask is that we do
>> not introduce new uses of the word "path".
>>
>>>>> +Return a service to run the @uref{https://git-scm.com, git} daemon version control
>>>>> +daemon.
>>>>
>>>> Extra "daemon" here. Probably needs a sentence on what running the
>>>> daemon will do (namely, expose local repositories for remote access).
>>>>
>>>> What about authentication? Is this purely anonymous?
>>>
>>> Exactly, authentication is handled via other daemons, for example ssh or
>>> gitolite. git daemon supports no authentication and is read-only, as far
>>> as I know. At the servers I use and setup, I pull via
>>> git://,http://,https:// and push via ssh.
>>> Its selfdescription is:
>>> git-daemon - A really simple server for Git repositories.
>>
>> This needs to be documented in the manual, is what I was getting at :)
>> Mention that this is for anonymous read-only access please.
>
> read-only was wrong, anonymous write-access for all the world can be set
> up but it is not default.
>
>>
>>>>Use "file name" instead of path in general.
>>>
>>> Why?
>>
>> It is because it is standard in the GNU project. I mentioned this
>> before. See "info standards" and go to "GNU manuals".
>>
>>>>> +Furthermore it takes the parameter @var{port} which defaults to 9418.
>>>>> +Run @command{man git daemon} for information about the options.
>>>>
>>>> This man command does not work.
>>>
>>> Works for me. As far as I know man pages were merged into git package
>>> recently. When I run this on debian with guix, 'man git daemon' works
>>> too.
>>
>> It does not work for me on NixOS with Guix. Maybe I am out of date
>> though.
>>
>>>>> +(define %git-accounts
>>>>> + ;; User account and groups for git-daemon.
>>>>> + ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
>>>>
>>>> What does this comment mean? Why would we switch?
>>>
>>> I am not sure about the limitations of git-shell compared to
>>> /bin/sh. If this turns out to be a mistake, it can be corrected. The
>>> only thing I know about git-shell is that it allows no logins.
>>
>> If you do not want a login then probably what you want is
>> #~(string-append #$shadow "/sbin/nologin").
>>
>> Andy
>
> From d1d7eb59ca53833098cea2d6eddaa59f1494b579 Mon Sep 17 00:00:00 2001
> From: ng0 <ng0@we.make.ritual.n0.is>
> Date: Fri, 8 Jul 2016 15:42:55 +0000
> Subject: [PATCH] gnu: services: Add git-service.
>
> * gnu/services/version-control.scm: New file, create it.
> (git-service): New Procedures.
> (git-service-type): New variable.
> * doc/guix.texi: Add documentation.
> ---
> doc/guix.texi | 37 ++++++++
> gnu/local.mk | 1 +
> gnu/services/version-control.scm | 196 +++++++++++++++++++++++++++++++++++++++
> 3 files changed, 234 insertions(+)
> create mode 100644 gnu/services/version-control.scm
>
> diff --git a/doc/guix.texi b/doc/guix.texi
> index b22cf4a..78d7ee1 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
> @@ -7494,6 +7494,7 @@ declaration.
> * Database Services:: SQL databases.
> * Mail Services:: IMAP, POP3, SMTP, and all that.
> * Web Services:: Web servers.
> +* Version Control:: Git and others.
> * Various Services:: Other services.
> @end menu
>
> @@ -9910,6 +9911,42 @@ directories are created when the service is activated.
>
> @end deffn
>
> +@node Version Control
> +@subsubsection Version Control
> +
> +The @code{(gnu services version-control)} module provides the following services:
> +
> +@deffn {Scheme Procedure} git-service [#:git @var{git}] @
> + [#:base-directory "/var/git/repositories"] @
> + [#:user-directory? #f ""] [#:port 9418] @
> + [#:directory? #f ""] [#:max-connections 32] @
> + [#:pid-file? #t "/var/run/git-daemon.pid"]
> +
> +Return a service to run the @uref{https://git-scm.com, Git} daemon, a really simple
> +TCP Git service which exposes local repositories for anonymous remote access.
> +
> +The git daemon runs as the @code{git} unprivileged user. It is started with
> +the fixed parameters @code{--syslog}, @code{--reuseaddr} and
> +@code{"--no-informative-errors"}.
> +You can pass the parameter @var{base-directory}, which remaps all the directory
> +requests as relative to the given directory. If you run git-service with
> +@var{base-directory "/var/git/repositories"} on example.com, then if you later try
> +to pull @code{git://example.com/hello.git}, git-service will interpret the directory
> +as @code{/var/git/repositories/hello.git}.
> +@var{max-connections} sets the maximum number of concurrent clients, it defaults to 32.
> +Set it to 0 for no limit.
> +@var{user-directory} allows allows ~user notation to be used in requests. When
> +specified with no parameter, requests to @code{git://host/~alice/foo} is taken as a
> +request to access @code{foo} repository in the home directory of user @code{alice}.
> +If @var{user-directory "path"} is specified, the same request is taken as a request
> +to access @code{path/foo} repository in the home directory of user @code{alice}.
> +The parameter @var{directory "foo"} adds the directory "foo" and its subdirectories
> +to the whitelist of allowed directories.
> +Furthermore git-service takes the parameter @var{port}, which defaults to 9418.
> +Run @command{man git daemon} for information about the options.
> +
> +@end deffn
> +
> @node Various Services
> @subsubsection Various Services
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index d75ab54..9220d06 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -390,6 +390,7 @@ GNU_SYSTEM_MODULES = \
> %D%/services/herd.scm \
> %D%/services/spice.scm \
> %D%/services/ssh.scm \
> + %D%/services/version-control.scm \
> %D%/services/web.scm \
> %D%/services/xorg.scm \
> \
> diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
> new file mode 100644
> index 0000000..5578003
> --- /dev/null
> +++ b/gnu/services/version-control.scm
> @@ -0,0 +1,196 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu services version-control)
> + #:use-module (gnu services)
> + #:use-module (gnu services base)
> + #:use-module (gnu services shepherd)
> + #:use-module (gnu system shadow)
> + #:use-module (gnu packages version-control)
> + #:use-module (gnu packages admin)
> + #:use-module (guix records)
> + #:use-module (guix gexp)
> + #:use-module (srfi srfi-1)
> + #:use-module (ice-9 match)
> + #:export (git-service
> + git-service-type
> + git-configuration
> + git-configuration?
> + git-configuration-git
> + git-configuration-port
> + git-configuration-base-directory
> + git-configuration-pid-file
> + git-configuration-max-connections
> + git-configuration-user-directory
> + git-configuration-directory))
> +
> +;;; Commentary:
> +;;;
> +;;; Version Control related services.
> +;;;
> +;;; Code:
> +
> +\f
> +;;;
> +;;; git
> +;;;
> +
> +(define-record-type* <git-configuration> git-configuration
> + make-git-configuration
> + git-configuration?
> + (git git-configuration-git ;package
> + (default git))
> + (pid-file? git-configuration-pid-file) ;string
> + (base-directory git-configuration-base-directory) ;string
> + (user-directory? git-configuration-user-directory) ;string
> + (directory? git-configuration-directory) ;string
> + (max-connections git-configuration-max-connections) ;number
> + (port git-configuration-port)) ;number
> +
> +(define (git-shepherd-service config)
> + "Return a <shepherd-service> for git with CONFIG."
> + (define git (git-configuration-git config))
> +
> + ;; Comments do not list all the features available, but the commented ones are
> + ;; features which are a TODO for this service.
> + (define git-command
> + #~(list
> + (string-append #$git "/bin/git") "daemon"
> +
> + ;; Log to syslog instead of stderr. Note that this option does not imply
> + ;; --verbose, thus by default only error conditions will be logged.
> + "--syslog"
> +
> + ;; Convenient for clients, but may leak information about the existence of
> + ;; unexported repositories. When informative errors are not enabled, all
> + ;; errors report "access denied" to the client.
> + "--no-informative-errors"
> +
> + ;; Use SO_REUSEADDR when binding the listening socket. This allows the
> + ;; server to restart without waiting for old connections to time out.
> + "--reuseaddr"
> +
> + ;; A directory to add to the whitelist of allowed directories. Unless
> + ;; --strict-paths is specified this will also include subdirectories of
> + ;; each named directory.
> + ;; --directory
> + ;; TODO: Add the option to add multiple occurences of --directory
> + (if (git-configuration-directory? config)
> + (string-append "--directory=" #$(git-configuration-directory config))
> + "")
> +
> + ;; --interpolated-path=<pathtemplate>
> + ;; To support virtual hosting, an interpolated path template can be used to
> + ;; dynamically construct alternate paths. The template supports %H for the target
> + ;; hostname as supplied by the client but converted to all lowercase,
> + ;; %CH for the canonical hostname, %IP for the server’s IP address,
> + ;; %P for the port number, and %D for the absolute path of the named repository.
> + ;; After interpolation, the path is validated against the directory whitelist.
> +
> + ;; --export-all
> + ;; Allow pulling from all directories that look like Git repositories (have the
> + ;; objects and refs subdirectories), even if they do not have the git-daemon-export-ok
> + ;; file.
> +
> + ;; --listen=<host_or_ipaddr>
> + ;; Listen on a specific IP address or hostname. IP addresses can be either an IPv4
> + ;; address or an IPv6 address if supported. If IPv6 is not supported, then
> + ;; --listen=hostname is also not supported and --listen must be given an IPv4 address.
> + ;; Can be given more than once. Incompatible with --inetd option.
> +
> + ;; Maximum number of concurrent clients, defaults to 32. Set it to zero for no limit.
> + (string-append "--max-connections=" #$(number->string
> + (git-configuration-max-connections config)))
> +
> + ;; --user-path, --user-path=<path>
> + ;; Allow ~user notation to be used in requests. When specified with no parameter,
> + ;; requests to git://host/~alice/foo is taken as a request to access foo repository
> + ;; in the home directory of user alice. If --user-path=path is specified, the same
> + ;; request is taken as a request to access path/foo repository in the home
> + ;; directory of user alice.
> + (if (git-configuration-user-directory? config)
> + "--user-path" "")
> +
> + ;; Save the process id in file. Ignored when the daemon is run under --inetd.
> + (if (git-configuration-pid-file? config)
> + (string-append "--pid-file=" #$(git-configuration-pid-file config))
> + "")
> + (string-append "--port=" #$(number->string (git-configuration-port config)))
> + (string-append "--base-path=" #$(git-configuration-base-directory config))))
> +
> + (define requires
> + '(networking syslogd))
> +
> + (list (shepherd-service
> + (documentation "Git daemon server for git repositories")
> + (requirement requires)
> + (provision '(git))
> + (start #~(make-forkexec-constructor #$git-command))
> + (stop #~(make-kill-destructor)))))
> +
> +(define %git-accounts
> + ;; User account and groups for git-daemon.
> + (list (user-group
> + (name "git")
> + (system? #t))
> + (user-account
> + (name "git")
> + (system? #t)
> + (group "git")
> + (comment "Shepherd created user for the git-daemon service")
> + (home-directory "/var/git")
> + (shell #~(string-append #$shadow "/bin/git-shell")))))
> +
> +(define (git-activation config)
> + "Return the activation gexp for CONFIG."
> + #~(begin (use-modules (guix build utils))
> + ;; Create the default base-directory, see `man git daemon'.
> + (mkdir-p "/var/git/repositories")))
> +
> +(define git-service-type
> + (service-type (name 'git)
> + (extensions
> + (list (service-extension shepherd-root-service-type
> + git-shepherd-service)
> + (service-extension activation-service-type
> + git-activation)))))
> +
> +(define* (git-service #:key
> + (git git)
> + (base-directory "/var/git/repositories")
> + (user-directory? #f)
> + (user-directory? "")
> + (directory? #f)
> + (directory "")
> + (port 9418)
> + (pid-file? #t)
> + (pid-file "/var/run/git-daemon.pid")
> + (max-connections 32))
> + "Return a service that runs @url{https://git-scm.org,git} as a daemon.
> +The daemon will listen on the port specified in @var{port}.
> +In addition, @var{base-path} specifies the path which will repositories
> +which can be exported by adding 'git-daemon-export-ok' files to them."
> + (service git-service-type
> + (git-configuration
> + (git git)
> + (base-directory base-directory)
> + (user-directory? user-directory?)
> + (directory? directory?)
> + (port port)
> + (pid-file? pid-file?)
> + (max-connections max-connections))))
> --
> 2.9.3
>
>
> --
> ng0
> For non-prism friendly talk find me on http://www.psyced.org
--
ng0
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-08-30 17:50 ` ng0
2016-09-27 8:18 ` ng0
@ 2016-09-27 8:20 ` ng0
2016-09-30 7:41 ` Ricardo Wurmus
1 sibling, 1 reply; 13+ messages in thread
From: ng0 @ 2016-09-27 8:20 UTC (permalink / raw)
To: guix-devel
So almost one month passed now.
To continue testing this, I need help on this first.
Thanks.
ng0 <ng0@we.make.ritual.n0.is> writes:
> I tried to address most of what you've written.
>
> While I was correcting the documentation I decided to add more options,
> now it doesn't work anymore, probably because of the ifs I added.
>
> Andy Wingo <wingo@igalia.com> writes:
>
>> On Tue 30 Aug 2016 13:45, ng0 <ng0@we.make.ritual.n0.is> writes:
>>
>>>>I also think that "path" might
>>>> not be the right word, which in GNU manuals is only used for search
>>>> paths. See the "GNU Manuals" section of standards.texi for more.
>>>> Anyway I suggest #:base-directory. Make sure the port is an integer and
>>>> not a string.
>>>
>>> See 'man git daemon'.
>>
>> I ran this and it did not work -- first showed me a page for git then
>> for daemon. I believe you want "man git-daemon"?
>>
>>> The switch is called --base-path. Looking at the openrc conf.d/git or
>>> what the config file was called again, they stick to this name too.
>>> It would just cause confusion if we go ahead and call it differently.
>>> Upstream should be fixed, but I'm not going there. If you think we
>>> should break expectations, I can rename it.
>>
>> "Fixing" upstream is out of our remit :) All I can ask is that we do
>> not introduce new uses of the word "path".
>>
>>>>> +Return a service to run the @uref{https://git-scm.com, git} daemon version control
>>>>> +daemon.
>>>>
>>>> Extra "daemon" here. Probably needs a sentence on what running the
>>>> daemon will do (namely, expose local repositories for remote access).
>>>>
>>>> What about authentication? Is this purely anonymous?
>>>
>>> Exactly, authentication is handled via other daemons, for example ssh or
>>> gitolite. git daemon supports no authentication and is read-only, as far
>>> as I know. At the servers I use and setup, I pull via
>>> git://,http://,https:// and push via ssh.
>>> Its selfdescription is:
>>> git-daemon - A really simple server for Git repositories.
>>
>> This needs to be documented in the manual, is what I was getting at :)
>> Mention that this is for anonymous read-only access please.
>
> read-only was wrong, anonymous write-access for all the world can be set
> up but it is not default.
>
>>
>>>>Use "file name" instead of path in general.
>>>
>>> Why?
>>
>> It is because it is standard in the GNU project. I mentioned this
>> before. See "info standards" and go to "GNU manuals".
>>
>>>>> +Furthermore it takes the parameter @var{port} which defaults to 9418.
>>>>> +Run @command{man git daemon} for information about the options.
>>>>
>>>> This man command does not work.
>>>
>>> Works for me. As far as I know man pages were merged into git package
>>> recently. When I run this on debian with guix, 'man git daemon' works
>>> too.
>>
>> It does not work for me on NixOS with Guix. Maybe I am out of date
>> though.
>>
>>>>> +(define %git-accounts
>>>>> + ;; User account and groups for git-daemon.
>>>>> + ;; We can give it git-shell for now, otherwise we can switch to /bin/sh.
>>>>
>>>> What does this comment mean? Why would we switch?
>>>
>>> I am not sure about the limitations of git-shell compared to
>>> /bin/sh. If this turns out to be a mistake, it can be corrected. The
>>> only thing I know about git-shell is that it allows no logins.
>>
>> If you do not want a login then probably what you want is
>> #~(string-append #$shadow "/sbin/nologin").
>>
>> Andy
>
> From d1d7eb59ca53833098cea2d6eddaa59f1494b579 Mon Sep 17 00:00:00 2001
> From: ng0 <ng0@we.make.ritual.n0.is>
> Date: Fri, 8 Jul 2016 15:42:55 +0000
> Subject: [PATCH] gnu: services: Add git-service.
>
> * gnu/services/version-control.scm: New file, create it.
> (git-service): New Procedures.
> (git-service-type): New variable.
> * doc/guix.texi: Add documentation.
> ---
> doc/guix.texi | 37 ++++++++
> gnu/local.mk | 1 +
> gnu/services/version-control.scm | 196 +++++++++++++++++++++++++++++++++++++++
> 3 files changed, 234 insertions(+)
> create mode 100644 gnu/services/version-control.scm
>
> diff --git a/doc/guix.texi b/doc/guix.texi
> index b22cf4a..78d7ee1 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
> @@ -7494,6 +7494,7 @@ declaration.
> * Database Services:: SQL databases.
> * Mail Services:: IMAP, POP3, SMTP, and all that.
> * Web Services:: Web servers.
> +* Version Control:: Git and others.
> * Various Services:: Other services.
> @end menu
>
> @@ -9910,6 +9911,42 @@ directories are created when the service is activated.
>
> @end deffn
>
> +@node Version Control
> +@subsubsection Version Control
> +
> +The @code{(gnu services version-control)} module provides the following services:
> +
> +@deffn {Scheme Procedure} git-service [#:git @var{git}] @
> + [#:base-directory "/var/git/repositories"] @
> + [#:user-directory? #f ""] [#:port 9418] @
> + [#:directory? #f ""] [#:max-connections 32] @
> + [#:pid-file? #t "/var/run/git-daemon.pid"]
> +
> +Return a service to run the @uref{https://git-scm.com, Git} daemon, a really simple
> +TCP Git service which exposes local repositories for anonymous remote access.
> +
> +The git daemon runs as the @code{git} unprivileged user. It is started with
> +the fixed parameters @code{--syslog}, @code{--reuseaddr} and
> +@code{"--no-informative-errors"}.
> +You can pass the parameter @var{base-directory}, which remaps all the directory
> +requests as relative to the given directory. If you run git-service with
> +@var{base-directory "/var/git/repositories"} on example.com, then if you later try
> +to pull @code{git://example.com/hello.git}, git-service will interpret the directory
> +as @code{/var/git/repositories/hello.git}.
> +@var{max-connections} sets the maximum number of concurrent clients, it defaults to 32.
> +Set it to 0 for no limit.
> +@var{user-directory} allows allows ~user notation to be used in requests. When
> +specified with no parameter, requests to @code{git://host/~alice/foo} is taken as a
> +request to access @code{foo} repository in the home directory of user @code{alice}.
> +If @var{user-directory "path"} is specified, the same request is taken as a request
> +to access @code{path/foo} repository in the home directory of user @code{alice}.
> +The parameter @var{directory "foo"} adds the directory "foo" and its subdirectories
> +to the whitelist of allowed directories.
> +Furthermore git-service takes the parameter @var{port}, which defaults to 9418.
> +Run @command{man git daemon} for information about the options.
> +
> +@end deffn
> +
> @node Various Services
> @subsubsection Various Services
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index d75ab54..9220d06 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -390,6 +390,7 @@ GNU_SYSTEM_MODULES = \
> %D%/services/herd.scm \
> %D%/services/spice.scm \
> %D%/services/ssh.scm \
> + %D%/services/version-control.scm \
> %D%/services/web.scm \
> %D%/services/xorg.scm \
> \
> diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
> new file mode 100644
> index 0000000..5578003
> --- /dev/null
> +++ b/gnu/services/version-control.scm
> @@ -0,0 +1,196 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu services version-control)
> + #:use-module (gnu services)
> + #:use-module (gnu services base)
> + #:use-module (gnu services shepherd)
> + #:use-module (gnu system shadow)
> + #:use-module (gnu packages version-control)
> + #:use-module (gnu packages admin)
> + #:use-module (guix records)
> + #:use-module (guix gexp)
> + #:use-module (srfi srfi-1)
> + #:use-module (ice-9 match)
> + #:export (git-service
> + git-service-type
> + git-configuration
> + git-configuration?
> + git-configuration-git
> + git-configuration-port
> + git-configuration-base-directory
> + git-configuration-pid-file
> + git-configuration-max-connections
> + git-configuration-user-directory
> + git-configuration-directory))
> +
> +;;; Commentary:
> +;;;
> +;;; Version Control related services.
> +;;;
> +;;; Code:
> +
> +\f
> +;;;
> +;;; git
> +;;;
> +
> +(define-record-type* <git-configuration> git-configuration
> + make-git-configuration
> + git-configuration?
> + (git git-configuration-git ;package
> + (default git))
> + (pid-file? git-configuration-pid-file) ;string
> + (base-directory git-configuration-base-directory) ;string
> + (user-directory? git-configuration-user-directory) ;string
> + (directory? git-configuration-directory) ;string
> + (max-connections git-configuration-max-connections) ;number
> + (port git-configuration-port)) ;number
> +
> +(define (git-shepherd-service config)
> + "Return a <shepherd-service> for git with CONFIG."
> + (define git (git-configuration-git config))
> +
> + ;; Comments do not list all the features available, but the commented ones are
> + ;; features which are a TODO for this service.
> + (define git-command
> + #~(list
> + (string-append #$git "/bin/git") "daemon"
> +
> + ;; Log to syslog instead of stderr. Note that this option does not imply
> + ;; --verbose, thus by default only error conditions will be logged.
> + "--syslog"
> +
> + ;; Convenient for clients, but may leak information about the existence of
> + ;; unexported repositories. When informative errors are not enabled, all
> + ;; errors report "access denied" to the client.
> + "--no-informative-errors"
> +
> + ;; Use SO_REUSEADDR when binding the listening socket. This allows the
> + ;; server to restart without waiting for old connections to time out.
> + "--reuseaddr"
> +
> + ;; A directory to add to the whitelist of allowed directories. Unless
> + ;; --strict-paths is specified this will also include subdirectories of
> + ;; each named directory.
> + ;; --directory
> + ;; TODO: Add the option to add multiple occurences of --directory
> + (if (git-configuration-directory? config)
> + (string-append "--directory=" #$(git-configuration-directory config))
> + "")
> +
> + ;; --interpolated-path=<pathtemplate>
> + ;; To support virtual hosting, an interpolated path template can be used to
> + ;; dynamically construct alternate paths. The template supports %H for the target
> + ;; hostname as supplied by the client but converted to all lowercase,
> + ;; %CH for the canonical hostname, %IP for the server’s IP address,
> + ;; %P for the port number, and %D for the absolute path of the named repository.
> + ;; After interpolation, the path is validated against the directory whitelist.
> +
> + ;; --export-all
> + ;; Allow pulling from all directories that look like Git repositories (have the
> + ;; objects and refs subdirectories), even if they do not have the git-daemon-export-ok
> + ;; file.
> +
> + ;; --listen=<host_or_ipaddr>
> + ;; Listen on a specific IP address or hostname. IP addresses can be either an IPv4
> + ;; address or an IPv6 address if supported. If IPv6 is not supported, then
> + ;; --listen=hostname is also not supported and --listen must be given an IPv4 address.
> + ;; Can be given more than once. Incompatible with --inetd option.
> +
> + ;; Maximum number of concurrent clients, defaults to 32. Set it to zero for no limit.
> + (string-append "--max-connections=" #$(number->string
> + (git-configuration-max-connections config)))
> +
> + ;; --user-path, --user-path=<path>
> + ;; Allow ~user notation to be used in requests. When specified with no parameter,
> + ;; requests to git://host/~alice/foo is taken as a request to access foo repository
> + ;; in the home directory of user alice. If --user-path=path is specified, the same
> + ;; request is taken as a request to access path/foo repository in the home
> + ;; directory of user alice.
> + (if (git-configuration-user-directory? config)
> + "--user-path" "")
> +
> + ;; Save the process id in file. Ignored when the daemon is run under --inetd.
> + (if (git-configuration-pid-file? config)
> + (string-append "--pid-file=" #$(git-configuration-pid-file config))
> + "")
> + (string-append "--port=" #$(number->string (git-configuration-port config)))
> + (string-append "--base-path=" #$(git-configuration-base-directory config))))
> +
> + (define requires
> + '(networking syslogd))
> +
> + (list (shepherd-service
> + (documentation "Git daemon server for git repositories")
> + (requirement requires)
> + (provision '(git))
> + (start #~(make-forkexec-constructor #$git-command))
> + (stop #~(make-kill-destructor)))))
> +
> +(define %git-accounts
> + ;; User account and groups for git-daemon.
> + (list (user-group
> + (name "git")
> + (system? #t))
> + (user-account
> + (name "git")
> + (system? #t)
> + (group "git")
> + (comment "Shepherd created user for the git-daemon service")
> + (home-directory "/var/git")
> + (shell #~(string-append #$shadow "/bin/git-shell")))))
> +
> +(define (git-activation config)
> + "Return the activation gexp for CONFIG."
> + #~(begin (use-modules (guix build utils))
> + ;; Create the default base-directory, see `man git daemon'.
> + (mkdir-p "/var/git/repositories")))
> +
> +(define git-service-type
> + (service-type (name 'git)
> + (extensions
> + (list (service-extension shepherd-root-service-type
> + git-shepherd-service)
> + (service-extension activation-service-type
> + git-activation)))))
> +
> +(define* (git-service #:key
> + (git git)
> + (base-directory "/var/git/repositories")
> + (user-directory? #f)
> + (user-directory? "")
> + (directory? #f)
> + (directory "")
> + (port 9418)
> + (pid-file? #t)
> + (pid-file "/var/run/git-daemon.pid")
> + (max-connections 32))
> + "Return a service that runs @url{https://git-scm.org,git} as a daemon.
> +The daemon will listen on the port specified in @var{port}.
> +In addition, @var{base-path} specifies the path which will repositories
> +which can be exported by adding 'git-daemon-export-ok' files to them."
> + (service git-service-type
> + (git-configuration
> + (git git)
> + (base-directory base-directory)
> + (user-directory? user-directory?)
> + (directory? directory?)
> + (port port)
> + (pid-file? pid-file?)
> + (max-connections max-connections))))
> --
> 2.9.3
>
>
> --
> ng0
> For non-prism friendly talk find me on http://www.psyced.org
--
ng0
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-09-27 8:20 ` ng0
@ 2016-09-30 7:41 ` Ricardo Wurmus
0 siblings, 0 replies; 13+ messages in thread
From: Ricardo Wurmus @ 2016-09-30 7:41 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
ng0 <ngillmann@runbox.com> writes:
> So almost one month passed now.
> To continue testing this, I need help on this first.
The quoted email is very long with different parties interacting. It is
hard to see what the problem is and you what you need help with.
Could you please ask a clear question? This would make it much more
likely that anyone here could help.
~~ Ricardo
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-09-27 8:18 ` ng0
@ 2016-09-30 23:49 ` 宋文武
2016-10-16 14:30 ` ng0
0 siblings, 1 reply; 13+ messages in thread
From: 宋文武 @ 2016-09-30 23:49 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
ng0 <ng0@we.make.ritual.n0.is> writes:
>> From d1d7eb59ca53833098cea2d6eddaa59f1494b579 Mon Sep 17 00:00:00 2001
>> From: ng0 <ng0@we.make.ritual.n0.is>
>> Date: Fri, 8 Jul 2016 15:42:55 +0000
>> Subject: [PATCH] gnu: services: Add git-service.
>>
>> * gnu/services/version-control.scm: New file, create it.
>> (git-service): New Procedures.
>> (git-service-type): New variable.
>> * doc/guix.texi: Add documentation.
I think it should be: * doc/guix.text (Services)(Version Control): New section.
> [...]
>> +(define %git-accounts
>> + ;; User account and groups for git-daemon.
>> + (list (user-group
>> + (name "git")
>> + (system? #t))
>> + (user-account
>> + (name "git")
>> + (system? #t)
>> + (group "git")
>> + (comment "Shepherd created user for the git-daemon service")
>> + (home-directory "/var/git")
I think it doesn't need a home directory.
>> + (shell #~(string-append #$shadow "/bin/git-shell")))))
Use 'nologin' should be enough, according to `man git-shell', it's for
SSH access.
Also, it seems this 'git' user is not used anywhere, it should be passed
as the '--user' argument to 'git daemon' or as '#:user' to
'make-forkexec-constructor'.
>> +
>> +(define (git-activation config)
>> + "Return the activation gexp for CONFIG."
>> + #~(begin (use-modules (guix build utils))
>> + ;; Create the default base-directory, see `man git daemon'.
>> + (mkdir-p "/var/git/repositories")))
This should create the 'git-configuration-base-directory' of config, and
make sure it's readable by the 'git' user.
>> +(define* (git-service #:key
>> + (git git)
>> + (base-directory "/var/git/repositories")
>> + (user-directory? #f)
>> + (user-directory? "")
>> + (directory? #f)
>> + (directory "")
>> + (port 9418)
>> + (pid-file? #t)
>> + (pid-file "/var/run/git-daemon.pid")
>> + (max-connections 32))
This should just accept a <git-configuration> object, and document it in
the manaual (no need to make detail comments in the git-command, which I
think a mention to `man git-daemon' is fine there).
For testing, I guess 'git clone git://localhost/xxx' in the VM is
enough.
And the patch doesn't apply for me, can you send an update one?
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] gnu: service: Add git-service.
2016-09-30 23:49 ` 宋文武
@ 2016-10-16 14:30 ` ng0
0 siblings, 0 replies; 13+ messages in thread
From: ng0 @ 2016-10-16 14:30 UTC (permalink / raw)
To: 宋文武; +Cc: guix-devel
宋文武 <iyzsong@member.fsf.org> writes:
> ng0 <ng0@we.make.ritual.n0.is> writes:
>
>
>>> From d1d7eb59ca53833098cea2d6eddaa59f1494b579 Mon Sep 17 00:00:00 2001
>>> From: ng0 <ng0@we.make.ritual.n0.is>
>>> Date: Fri, 8 Jul 2016 15:42:55 +0000
>>> Subject: [PATCH] gnu: services: Add git-service.
>>>
>>> * gnu/services/version-control.scm: New file, create it.
>>> (git-service): New Procedures.
>>> (git-service-type): New variable.
>>> * doc/guix.texi: Add documentation.
>
> I think it should be: * doc/guix.text (Services)(Version Control): New section.
>
>> [...]
>>> +(define %git-accounts
>>> + ;; User account and groups for git-daemon.
>>> + (list (user-group
>>> + (name "git")
>>> + (system? #t))
>>> + (user-account
>>> + (name "git")
>>> + (system? #t)
>>> + (group "git")
>>> + (comment "Shepherd created user for the git-daemon service")
>>> + (home-directory "/var/git")
>
> I think it doesn't need a home directory.
>
>>> + (shell #~(string-append #$shadow "/bin/git-shell")))))
>
> Use 'nologin' should be enough, according to `man git-shell', it's for
> SSH access.
The ssh access is intended, that's why it had a home-directory. For now
I will apply what you suggested, but this is a use case I have myself
and why would I use gitolite when git+ssh do the job well enough.
> Also, it seems this 'git' user is not used anywhere, it should be passed
> as the '--user' argument to 'git daemon' or as '#:user' to
> 'make-forkexec-constructor'.
>
>>> +
>>> +(define (git-activation config)
>>> + "Return the activation gexp for CONFIG."
>>> + #~(begin (use-modules (guix build utils))
>>> + ;; Create the default base-directory, see `man git daemon'.
>>> + (mkdir-p "/var/git/repositories")))
>
> This should create the 'git-configuration-base-directory' of config, and
> make sure it's readable by the 'git' user.
>
>
>>> +(define* (git-service #:key
>>> + (git git)
>>> + (base-directory "/var/git/repositories")
>>> + (user-directory? #f)
>>> + (user-directory? "")
>>> + (directory? #f)
>>> + (directory "")
>>> + (port 9418)
>>> + (pid-file? #t)
>>> + (pid-file "/var/run/git-daemon.pid")
>>> + (max-connections 32))
>
> This should just accept a <git-configuration> object, and document it in
> the manaual (no need to make detail comments in the git-command, which I
> think a mention to `man git-daemon' is fine there).
How? This thread is taking so much time because this is one of my 3
first services and I'm trying to learn more guile. I'll look at other
services like before, but I asked for help because I'm stuck. I think
openssh-service had this.. But what I have worked before I added all
other options, and for now I want it this way.. Just debug this without
changing it any further.
But if this would not require much changes which can not break things
further, I'll apply it.
>
> For testing, I guess 'git clone git://localhost/xxx' in the VM is
> enough.
>
> And the patch doesn't apply for me, can you send an update one?
>
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2016-10-16 14:30 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-29 13:04 [PATCH] gnu: service: Add git-service ng0
2016-08-29 14:12 ` Andy Wingo
2016-08-29 14:34 ` ng0
2016-08-29 20:05 ` ng0
2016-08-30 7:40 ` Andy Wingo
2016-08-30 11:45 ` ng0
2016-08-30 12:12 ` Andy Wingo
2016-08-30 17:50 ` ng0
2016-09-27 8:18 ` ng0
2016-09-30 23:49 ` 宋文武
2016-10-16 14:30 ` ng0
2016-09-27 8:20 ` ng0
2016-09-30 7:41 ` Ricardo Wurmus
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.