diff options
Diffstat (limited to 'roles/git/files')
-rw-r--r-- | roles/git/files/etc/cgitrc | 85 | ||||
-rw-r--r-- | roles/git/files/etc/gitweb.conf | 40 | ||||
-rw-r--r-- | roles/git/files/etc/nginx/sites-available/git | 74 | ||||
-rw-r--r-- | roles/git/files/etc/nginx/sites-available/gitweb | 48 | ||||
-rw-r--r-- | roles/git/files/etc/uwsgi/apps-available/cgit.ini | 6 | ||||
-rw-r--r-- | roles/git/files/etc/uwsgi/apps-available/git-http-backend.ini | 4 | ||||
-rw-r--r-- | roles/git/files/lib/systemd/system/gitweb.service | 15 | ||||
-rw-r--r-- | roles/git/files/lib/systemd/system/gitweb.socket | 11 | ||||
-rwxr-xr-x | roles/git/files/usr/lib/cgi-bin/gitweb-wrapper.fcgi | 22 | ||||
-rwxr-xr-x | roles/git/files/usr/lib/cgit/filters/syntax-highlighting2.sh | 121 |
10 files changed, 260 insertions, 166 deletions
diff --git a/roles/git/files/etc/cgitrc b/roles/git/files/etc/cgitrc new file mode 100644 index 0000000..b862dc3 --- /dev/null +++ b/roles/git/files/etc/cgitrc @@ -0,0 +1,85 @@ +# +# cgit config +# see cgitrc(5) for details + +# Enable caching of up to 1000 output entries +cache-size=1000 + +# Specify some default clone url prefixes +clone-url=https://$HTTP_HOST/$CGIT_REPO_NAME ssh://$HTTP_HOST/$CGIT_REPO_NAME + +# Specify the css, logo and favicon urls +css=/static/cgit.css +logo=/static/cgit.png +favicon=/static/favicon.ico + +# Show owner on index page +enable-index-owner=1 + +# Disallow dumb http transport git clone +enable-http-clone=0 + +# Show extra links for each repository on the index page +enable-index-links=1 + +# Enable ASCII art commit history graph on the log pages +enable-commit-graph=1 + +# Show number of affected files per commit on the log pages +enable-log-filecount=1 + +# Enable statistics per week, month and quarter +max-stats=quarter + +# Set the title and heading of the repository index page +root-title=Fripost's git repositories + +# Set a subheading for the repository index page +root-desc=Git repositories hosted at fripost.org + +# Enable indexing by web crawlers +robots=index + +# Use root URL for all cgit links +virtual-root=/ + +# Allow download of tar.gz, tar.bz2 and zip-files +#tar.gz tar.bz2 + +## +## List of common mimetypes +## + +mimetype.gif=image/gif +mimetype.html=text/html +mimetype.jpg=image/jpeg +mimetype.jpeg=image/jpeg +mimetype.pdf=application/pdf +mimetype.png=image/png +mimetype.svg=image/svg+xml + +# Highlight source code with python pygments-based highlighter +source-filter=/usr/lib/cgit/filters/syntax-highlighting2.sh + +# Format markdown, restructuredtext, manpages, text files, and html files +# through the right converters +about-filter=/usr/lib/cgit/filters/about-formatting.sh + +# Search for these files in the root of the default branch of repositories +# for coming up with the about page: +readme=:README.html +readme=:readme.html +readme=:README.htm +readme=:readme.htm +readme=:README.txt +readme=:readme.txt +readme=:README +readme=:readme +readme=:INSTALL +readme=:install + +# List of repositories. +enable-git-config=1 +remove-suffix=1 +project-list=/var/lib/gitolite/projects.list +scan-path=/var/lib/gitolite/repositories diff --git a/roles/git/files/etc/gitweb.conf b/roles/git/files/etc/gitweb.conf deleted file mode 100644 index 0d667b7..0000000 --- a/roles/git/files/etc/gitweb.conf +++ /dev/null @@ -1,40 +0,0 @@ -$site_name = "Fripost Git"; - -# path to git projects (<project>.git) -$projectroot = "/var/lib/gitolite/repositories"; - -# directory to use for temp files -$git_temp = "/tmp"; - -# target of the home link on top of all pages -#$home_link = $my_uri || "/"; - -# html text to include at home page -$home_text = ""; - -# file with project list; by default, simply scan the projectroot dir. -$projects_list = "/var/lib/gitolite/projects.list"; - -#$projects_list = $projectroot; -#$export_ok = "git-daemon-export-ok"; - -# stylesheet to use -#push @stylesheets, "static/gitweb.css"; - -# javascript code for gitweb -$javascript = "static/gitweb.js"; - -# logo to use -$logo = "static/git-logo.png"; - -# the 'favicon' -$favicon = "static/git-favicon.png"; - -# git-diff-tree(1) options to use for generated patches -#@diff_opts = ("-M"); -@diff_opts = (); - -# the base url -@git_base_url_list = ( 'git clone ssh://gitolite@git.fripost.org' - , 'git clone https://git.fripost.org' - ) diff --git a/roles/git/files/etc/nginx/sites-available/git b/roles/git/files/etc/nginx/sites-available/git index 9510620..75c1512 100644 --- a/roles/git/files/etc/nginx/sites-available/git +++ b/roles/git/files/etc/nginx/sites-available/git @@ -7,31 +7,38 @@ server { access_log /var/log/nginx/git.access.log; error_log /var/log/nginx/git.error.log info; + location ^~ /static/ { + alias /usr/share/cgit/; + expires 30d; + } + # Bypass the CGI to return static files stored on disk. Try first repo with # a trailing '.git', then without. - location ~* "^/((?U)[^/]+)(?:\.git)?/objects/([0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" { + location ~* "^/((?U)[^/]+)(?:\.git)?/objects/(?:[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" { root /var/lib/gitolite/repositories; try_files /$1.git/objects/$2 /$1/objects/$2 =404; + expires 30d; + # TODO honor git-daemon-export-ok } - # Disallow push over HTTP(S) - location ~* ^/[^/]+/git-receive-pack$ { - return 403; - } + # disallow push over HTTP/HTTPS + location ~* "^/[^/]+/git-receive-pack$" { return 403; } - location ~* ^/[^/]+/(:?HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$ { - fastcgi_param PATH_INFO $uri; - fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; - fastcgi_param GIT_HTTP_EXPORT_ALL 1; - fastcgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories; - include fastcgi/params; - fastcgi_pass unix:/var/run/fcgiwrap.socket; + location ~* "^/[^/]+/(?:HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$" { gzip off; + include uwsgi_params; + uwsgi_modifier1 9; + uwsgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories; + uwsgi_pass unix:/run/uwsgi/app/git-http-backend/socket; } - # Redirect to gitweb otherwise - location ~ ^/([^/]+/?)?$ { - return 302 $scheme://gitweb.fripost.org/$1; + + # send all other URLs to cgit + location / { + gzip off; + include uwsgi_params; + uwsgi_modifier1 9; + uwsgi_pass unix:/run/uwsgi/app/cgit/socket; } } @@ -49,30 +56,37 @@ server { access_log /var/log/nginx/git.access.log; error_log /var/log/nginx/git.error.log info; + location ^~ /static/ { + alias /usr/share/cgit/; + expires 30d; + } + # Bypass the CGI to return static files stored on disk. Try first repo with # a trailing '.git', then without. - location ~* "^/((?U)[^/]+)(?:\.git)?/objects/([0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" { + location ~* "^/((?U)[^/]+)(?:\.git)?/objects/(?:[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" { root /var/lib/gitolite/repositories; try_files /$1.git/objects/$2 /$1/objects/$2 =404; + expires 30d; + # TODO honor git-daemon-export-ok } - # Disallow push over HTTP(S) - location ~* ^/[^/]+/git-receive-pack$ { - return 403; - } + # disallow push over HTTP/HTTPS + location ~* "^/[^/]+/git-receive-pack$" { return 403; } - location ~* ^/[^/]+/(:?HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$ { - fastcgi_param PATH_INFO $uri; - fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; - fastcgi_param GIT_HTTP_EXPORT_ALL 1; - fastcgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories; - include fastcgi/params; - fastcgi_pass unix:/var/run/fcgiwrap.socket; + location ~* "^/[^/]+/(?:HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$" { gzip off; + include uwsgi_params; + uwsgi_modifier1 9; + uwsgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories; + uwsgi_pass unix:/run/uwsgi/app/git-http-backend/socket; } - # Redirect to gitweb otherwise - location ~ ^/([^/]+/?)?$ { - return 302 $scheme://gitweb.fripost.org/$1; + + # send all other URLs to cgit + location / { + gzip off; + include uwsgi_params; + uwsgi_modifier1 9; + uwsgi_pass unix:/run/uwsgi/app/cgit/socket; } } diff --git a/roles/git/files/etc/nginx/sites-available/gitweb b/roles/git/files/etc/nginx/sites-available/gitweb deleted file mode 100644 index 3814145..0000000 --- a/roles/git/files/etc/nginx/sites-available/gitweb +++ /dev/null @@ -1,48 +0,0 @@ -server { - listen 80; - listen [::]:80; - - server_name gitweb.fripost.org; - - access_log /var/log/nginx/gitweb.access.log; - error_log /var/log/nginx/gitweb.error.log info; - - location ^~ /static/ { - alias /usr/share/gitweb/static/; - } - - try_files $uri @fcgi; - location @fcgi { - root /var/lib/gitolite/repositories; - include fastcgi/params; - fastcgi_pass unix:/run/gitweb.socket; - gzip off; - } -} - - -server { - listen 443; - listen [::]:443; - - server_name gitweb.fripost.org; - - include ssl/config; - ssl_certificate /etc/nginx/ssl/git.fripost.org.pem; - ssl_certificate_key /etc/nginx/ssl/git.fripost.org.key; - - access_log /var/log/nginx/gitweb.access.log; - error_log /var/log/nginx/gitweb.error.log info; - - location ^~ /static/ { - alias /usr/share/gitweb/static/; - } - - try_files $uri @fcgi; - location @fcgi { - root /var/lib/gitolite/repositories; - include fastcgi/params; - fastcgi_pass unix:/run/gitweb.socket; - gzip off; - } -} diff --git a/roles/git/files/etc/uwsgi/apps-available/cgit.ini b/roles/git/files/etc/uwsgi/apps-available/cgit.ini new file mode 100644 index 0000000..2fb5b25 --- /dev/null +++ b/roles/git/files/etc/uwsgi/apps-available/cgit.ini @@ -0,0 +1,6 @@ +[uwsgi] +plugins = cgi +procname-master = uwsgi %(deb-confname) +cgi = /usr/lib/cgit/cgit.cgi +uid = cgit +gid = www-data diff --git a/roles/git/files/etc/uwsgi/apps-available/git-http-backend.ini b/roles/git/files/etc/uwsgi/apps-available/git-http-backend.ini new file mode 100644 index 0000000..6718237 --- /dev/null +++ b/roles/git/files/etc/uwsgi/apps-available/git-http-backend.ini @@ -0,0 +1,4 @@ +[uwsgi] +plugins = cgi +procname-master = uwsgi %(deb-confname) +cgi = /usr/lib/git-core/git-http-backend diff --git a/roles/git/files/lib/systemd/system/gitweb.service b/roles/git/files/lib/systemd/system/gitweb.service deleted file mode 100644 index 3ba1cc8..0000000 --- a/roles/git/files/lib/systemd/system/gitweb.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Gitweb Service -After=network.target -Requires=gitweb.socket - -[Service] -StandardInput=socket -User=gitweb -Group=gitweb -Environment=SCRIPT_FILENAME=/usr/lib/cgi-bin/gitweb-wrapper.fcgi -ExecStart=/usr/lib/cgi-bin/gitweb-wrapper.fcgi -Restart=on-failure - -[Install] -WantedBy=multi-user.target diff --git a/roles/git/files/lib/systemd/system/gitweb.socket b/roles/git/files/lib/systemd/system/gitweb.socket deleted file mode 100644 index 355b490..0000000 --- a/roles/git/files/lib/systemd/system/gitweb.socket +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Gitweb Listen Socket - -[Socket] -SocketUser=www-data -SocketGroup=www-data -SocketMode=0600 -ListenStream=/run/gitweb.socket - -[Install] -WantedBy=sockets.target diff --git a/roles/git/files/usr/lib/cgi-bin/gitweb-wrapper.fcgi b/roles/git/files/usr/lib/cgi-bin/gitweb-wrapper.fcgi deleted file mode 100755 index a7eea8c..0000000 --- a/roles/git/files/usr/lib/cgi-bin/gitweb-wrapper.fcgi +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/perl -# gitweb.cgi wrapper that fixes the UTF-8 problem with fastcgi - -# Local redefinition of FCGI::Stream::PRINT -use Encode; -use FCGI; - -our $enc = Encode::find_encoding('UTF-8'); -our $org = \&FCGI::Stream::PRINT; -no warnings 'redefine'; - -local *FCGI::Stream::PRINT = sub { - my @OUTPUT = @_; - for (my $i = 1; $i < @_; $i++) { - $OUTPUT[$i] = $enc->encode($_[$i], Encode::FB_CROAK|Encode::LEAVE_SRC); - } - @_ = @OUTPUT; - goto $org; -}; - -# Execute original script -do "/usr/lib/cgi-bin/gitweb.cgi"; diff --git a/roles/git/files/usr/lib/cgit/filters/syntax-highlighting2.sh b/roles/git/files/usr/lib/cgit/filters/syntax-highlighting2.sh new file mode 100755 index 0000000..3342bbc --- /dev/null +++ b/roles/git/files/usr/lib/cgit/filters/syntax-highlighting2.sh @@ -0,0 +1,121 @@ +#!/bin/sh +# This script can be used to implement syntax highlighting in the cgit +# tree-view by refering to this file with the source-filter or repo.source- +# filter options in cgitrc. +# +# This script requires a shell supporting the ${var##pattern} syntax. +# It is supported by at least dash and bash, however busybox environments +# might have to use an external call to sed instead. +# +# Note: the highlight command (http://www.andre-simon.de/) uses css for syntax +# highlighting, so you'll probably want something like the following included +# in your css file: +# +# Style definition file generated by highlight 2.4.8, http://www.andre-simon.de/ +# +# table.blob .num { color:#2928ff; } +# table.blob .esc { color:#ff00ff; } +# table.blob .str { color:#ff0000; } +# table.blob .dstr { color:#818100; } +# table.blob .slc { color:#838183; font-style:italic; } +# table.blob .com { color:#838183; font-style:italic; } +# table.blob .dir { color:#008200; } +# table.blob .sym { color:#000000; } +# table.blob .kwa { color:#000000; font-weight:bold; } +# table.blob .kwb { color:#830000; } +# table.blob .kwc { color:#000000; font-weight:bold; } +# table.blob .kwd { color:#010181; } +# +# +# Style definition file generated by highlight 2.6.14, http://www.andre-simon.de/ +# +# body.hl { background-color:#ffffff; } +# pre.hl { color:#000000; background-color:#ffffff; font-size:10pt; font-family:'Courier New';} +# .hl.num { color:#2928ff; } +# .hl.esc { color:#ff00ff; } +# .hl.str { color:#ff0000; } +# .hl.dstr { color:#818100; } +# .hl.slc { color:#838183; font-style:italic; } +# .hl.com { color:#838183; font-style:italic; } +# .hl.dir { color:#008200; } +# .hl.sym { color:#000000; } +# .hl.line { color:#555555; } +# .hl.mark { background-color:#ffffbb;} +# .hl.kwa { color:#000000; font-weight:bold; } +# .hl.kwb { color:#830000; } +# .hl.kwc { color:#000000; font-weight:bold; } +# .hl.kwd { color:#010181; } +# +# +# Style definition file generated by highlight 3.8, http://www.andre-simon.de/ +# +# body.hl { background-color:#e0eaee; } +# pre.hl { color:#000000; background-color:#e0eaee; font-size:10pt; font-family:'Courier New';} +# .hl.num { color:#b07e00; } +# .hl.esc { color:#ff00ff; } +# .hl.str { color:#bf0303; } +# .hl.pps { color:#818100; } +# .hl.slc { color:#838183; font-style:italic; } +# .hl.com { color:#838183; font-style:italic; } +# .hl.ppc { color:#008200; } +# .hl.opt { color:#000000; } +# .hl.lin { color:#555555; } +# .hl.kwa { color:#000000; font-weight:bold; } +# .hl.kwb { color:#0057ae; } +# .hl.kwc { color:#000000; font-weight:bold; } +# .hl.kwd { color:#010181; } +# +# +# Style definition file generated by highlight 3.13, http://www.andre-simon.de/ +# +# body.hl { background-color:#e0eaee; } +# pre.hl { color:#000000; background-color:#e0eaee; font-size:10pt; font-family:'Courier New',monospace;} +# .hl.num { color:#b07e00; } +# .hl.esc { color:#ff00ff; } +# .hl.str { color:#bf0303; } +# .hl.pps { color:#818100; } +# .hl.slc { color:#838183; font-style:italic; } +# .hl.com { color:#838183; font-style:italic; } +# .hl.ppc { color:#008200; } +# .hl.opt { color:#000000; } +# .hl.ipl { color:#0057ae; } +# .hl.lin { color:#555555; } +# .hl.kwa { color:#000000; font-weight:bold; } +# .hl.kwb { color:#0057ae; } +# .hl.kwc { color:#000000; font-weight:bold; } +# .hl.kwd { color:#010181; } +# +# +# The following environment variables can be used to retrieve the configuration +# of the repository for which this script is called: +# CGIT_REPO_URL ( = repo.url setting ) +# CGIT_REPO_NAME ( = repo.name setting ) +# CGIT_REPO_PATH ( = repo.path setting ) +# CGIT_REPO_OWNER ( = repo.owner setting ) +# CGIT_REPO_DEFBRANCH ( = repo.defbranch setting ) +# CGIT_REPO_SECTION ( = section setting ) +# CGIT_REPO_CLONE_URL ( = repo.clone-url setting ) +# + +# store filename and extension in local vars +BASENAME="$1" +EXTENSION="${BASENAME##*.}" + +[ "${BASENAME}" = "${EXTENSION}" ] && EXTENSION=txt +[ -z "${EXTENSION}" ] && EXTENSION=txt + +# map Makefile and Makefile.* to .mk +[ "${BASENAME%%.*}" = "Makefile" ] && EXTENSION=mk + +# highlight versions 2 and 3 have different commandline options. Specifically, +# the -X option that is used for version 2 is replaced by the -O xhtml option +# for version 3. +# +# Version 2 can be found (for example) on EPEL 5, while version 3 can be +# found (for example) on EPEL 6. +# +# This is for version 2 +#exec highlight --force -f -I -X -S "$EXTENSION" 2>/dev/null + +# This is for version 3 +exec highlight --force --inline-css -f -I -O xhtml -S "$EXTENSION" 2>/dev/null |