Main RocketGit repo
List of commits:
| Subject | Hash | Author | Date (UTC) |
|---|---|---|---|
| TODO changes | 0072cc306c6dfec9349a7d67dd1d71650dc0ef3a | Catalin(ux) M. BOIE | 2017-02-24 21:57:31 |
| SELinux policy; php-fpm pids, logs and sockets | cf7770b2233a216c697e3f340f95960ccfe843cf | Catalin(ux) M. BOIE | 2017-02-24 21:57:12 |
| Improved testing; add a fetch over git for a private repo | 8241de314aff22da494bbd0ed5b1ee2017674c6f | Catalin(ux) M. BOIE | 2017-02-24 21:52:02 |
| Change caps for some error message; no code changes. | aab9ce336362beda61a4470cbd63ccc06778eeb1 | Catalin(ux) M. BOIE | 2017-02-24 21:48:13 |
| Some clients, for exampple JGit sends the request gzipped. Deal with it. Thanks Gabi for the report! | ea9023af24a172724ec22313c8c0c15cc88f90df | Catalin(ux) M. BOIE | 2017-02-24 19:47:29 |
| Switch to quotes to be able to use commas; small corrections | ab27969287d666d0fb526f7b24b04f65ab7d54f7 | Catalin(ux) M. BOIE | 2017-02-14 18:28:13 |
| Added more info to comparison and added baloons (Stig suggestion) | 07c13312204980b85229acf7f0ab1e3a66aa6677 | Catalin(ux) M. BOIE | 2017-02-13 18:31:41 |
| Comparison updated based on Stig's help! Thanks! | d45c87235c003153b0579d9d875b62a0f6e0f209 | Catalin(ux) M. BOIE | 2017-02-13 17:54:00 |
| Corrected a ORDER before WHERE affecting the listing of the users in admin section | ee889bb3e9fb175af625cc5dab26c079fe6a6108 | Catalin(ux) M. BOIE | 2017-01-31 18:08:47 |
| Bump version to v0.65 | 23209e409cae8a83b33b53b3cb3109a63be7bd8c | Catalin(ux) M. BOIE | 2017-01-30 18:52:26 |
| Updates SELinux policy file | fa9d4acd0c6ee730ee45c3e3ab57b55665e74666 | Catalin(ux) M. BOIE | 2017-01-30 18:51:52 |
| Added credits for TLS setup about perfect forward secrecy | 63ff4cf11961421d6f187d2597354d12eff9a810 | Catalin(ux) M. BOIE | 2017-01-30 18:51:31 |
| Make more clear the text about Enterprise Edition | 20a621f3de637975d93cbb260213c2d833a0acab | Catalin(ux) M. BOIE | 2017-01-30 18:50:50 |
| TODO updates | 29e7ddcea2ed6add27a13dfef09c8660d4b3520e | Catalin(ux) M. BOIE | 2017-01-30 18:49:28 |
| Use IdentitiesOnly when setup SSH config for RocketGit | fbd5d71c0341f9187cfd677d2d620749d09c61d6 | Catalin(ux) M. BOIE | 2017-01-30 18:49:10 |
| Fixed push by HTTP; fixing some tests | af00ea421d6eec2877cab0c37f9c492fff3860ec | Catalin(ux) M. BOIE | 2017-01-30 18:48:19 |
| If user is suspended or deleted, show an error | c308a9b435c9e5baa39ac3529c794df227ab9196 | Catalin(ux) M. BOIE | 2017-01-06 07:12:32 |
| Allow users to delete their account | 2a2338aca850737f16febc056c1d248daf935736 | Catalin(ux) M. BOIE | 2016-12-30 12:49:48 |
| Improved TLS cyphers list for better security | 00f1ad9bffc47d0cd786e6caa6f9777fae27b2ff | Catalin(ux) M. BOIE | 2016-12-30 12:47:54 |
| Corrected the api key mail | 3ac431ae8e880ceebc18507383771b23ce5d9b6a | Catalin(ux) M. BOIE | 2016-12-08 04:20:30 |
Commit 0072cc306c6dfec9349a7d67dd1d71650dc0ef3a
- TODO changes
Author: Catalin(ux) M. BOIE
Author date (UTC): 2017-02-24 21:57
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2017-02-24 21:57
Parent(s): cf7770b2233a216c697e3f340f95960ccfe843cf
Signer:
Signing key:
Signing status: N
Tree: 9aa1acfb5e980da95bd321ce30a1fb96f05801b2
Author: Catalin(ux) M. BOIE
Author date (UTC): 2017-02-24 21:57
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2017-02-24 21:57
Parent(s): cf7770b2233a216c697e3f340f95960ccfe843cf
Signer:
Signing key:
Signing status: N
Tree: 9aa1acfb5e980da95bd321ce30a1fb96f05801b2
| File | Lines added | Lines deleted |
|---|---|---|
| TODO | 56 | 4 |
| TODO.vm | 5 | 2 |
| File TODO changed (mode: 100644) (index f657fd7..48e2f69) | |||
| 1 | 1 | == Where I stopped last time == | == Where I stopped last time == |
| 2 | 2 | [ ] test docker | [ ] test docker |
| 3 | [ ] rg_ssh_totp_verify_ip: strange: why I give error if the list is empty | ||
| 4 | but the user is not enrolled?! | ||
| 5 | If user is not enrolled, we return FALSE! | ||
| 6 | Audit all calls to verify_ip! | ||
| 7 | 3 | [ ] | [ ] |
| 8 | 4 | ||
| 9 | 5 | == BEFORE NEXT RELEASE == | == BEFORE NEXT RELEASE == |
| 6 | [ ] Use --timeout=<n> for git-upload-pack. Maybe others! | ||
| 7 | What about --strict? | ||
| 8 | [ ] Should I login the user if s/he pushes by https?! | ||
| 9 | I think not? Maybe we would be able to use the cookies? | ||
| 10 | [ ] Add a network backend to be able to deliver git objects to scale the FS. | ||
| 11 | [ ] Use https://websetnet.com/setup-lighttpd-web-server-ubuntu-1504-centos-7/ | ||
| 12 | to create a configuration for lighttpd. | ||
| 13 | Switch to lighttpd for the vm?! | ||
| 14 | [ ] Use a custom php.ini for rocketgit-php-fpm so we can remove some modules! | ||
| 15 | [ ] Suggest the users to use SSHFP? | ||
| 16 | ssh-keygen -r aaa -f /etc/ssh/ssh_host_rsa_key.pub | ||
| 17 | [ ] --stateless-rpc seems to be gone from git-upload/receive-pack! | ||
| 18 | [ ] Record page faults, user time, system time etc. | ||
| 19 | [ ] https://liberapay.com/ | ||
| 20 | [ ] https://gratipay.com/ | ||
| 21 | [ ] https://www.bountysource.com/ | ||
| 22 | [ ] https://www.bountysource.com/ | ||
| 23 | [ ] http://breachattack.com/ | ||
| 24 | Investigate the solution to sign[/encrypt] secrets and regenerate them | ||
| 25 | also to not store them in the database! I think the problem was the | ||
| 26 | reuse... | ||
| 27 | [ ] process/io stats for PostgreSQL: | ||
| 28 | http://momjian.us/main/blogs/pgblog/2017.html#February_15_2017 | ||
| 29 | [ ] Investigate repack.writebitmaps | ||
| 30 | [ ] Add possibility to move/clone one instance to other server: | ||
| 31 | repos and meta-information. | ||
| 32 | [ ] Provide links to private instalations in the cloud. | ||
| 33 | [ ] Allow Slack to report failed build. | ||
| 34 | [ ] What if server crashes between update hook and inserting in database | ||
| 35 | the event? I have to insert before, and if the commit id does not | ||
| 36 | exists to bail out! | ||
| 37 | [ ] Investigate pg_recvlogical and pg_receivexlog | ||
| 38 | https://www.postgresql.org/docs/current/static/app-pgreceivexlog.html | ||
| 39 | [ ] Add a SELinux sandbox as a way to run user scripts. | ||
| 40 | man virt-sandbox (LXC) | ||
| 41 | [ ] Pushing by http will not show which user we connect as. | ||
| 42 | [ ] Use asciinema to record some demos. | ||
| 43 | :( - The web player is a huge js file! | ||
| 44 | [ ] Add a pusher webhook which will sync a local git repo with some other | ||
| 45 | place specified by the user. | ||
| 46 | [ ] Add docs on how to setup postgresql replication | ||
| 47 | https://wiki.postgresql.org/wiki/Streaming_Replication | ||
| 48 | [ ] AppArmor profile howto: | ||
| 49 | https://www.digitalocean.com/community/tutorials/how-to-create-an-apparmor-profile-for-nginx-on-ubuntu-14-04 | ||
| 50 | https://wiki.debian.org/AppArmor/Debug | ||
| 51 | [ ] Add a method to recovery the password using a GPG/SSH/etc. key. | ||
| 52 | And add possibility to refuse the recover by e-mail. | ||
| 53 | Think more about this! Especially if the user is enrolled in 2fa! | ||
| 54 | [ ] comparison: Delegated Recovery supported by GitHub | ||
| 55 | [ ] When sending e-mails from events, add also the events.itime field in | ||
| 56 | e-mails, because if the event processing fails, I will get an e-mail | ||
| 57 | after a lot of time! | ||
| 58 | Maybe add also the delay? | ||
| 59 | [ ] For API keys (maybe others), "Last IP" may be the IP who added the key. | ||
| 60 | Or add an "Upload IP" field. | ||
| 61 | [ ] Add NoNewPrivileges to rocketgit-fpm service? | ||
| 10 | 62 | [ ] When I start the virtual machine, can I connect to console tu run the build | [ ] When I start the virtual machine, can I connect to console tu run the build |
| 11 | 63 | script instead connecting by other means? To not have to modify | script instead connecting by other means? To not have to modify |
| 12 | 64 | the image... | the image... |
| File TODO.vm changed (mode: 100644) (index 6489f99..5525d76) | |||
| 1 | [ ] Use "sudo sgdisk -e -d4 -n4:0:0 /dev/<your-device>" to auto extend | ||
| 2 | the downloaded image. | ||
| 1 | [ ] Use 'qcow2 (prealloc metadata)', it is only 6.5MiB. | ||
| 2 | Maybe is faster. | ||
| 3 | [ ] Use 'virsh domifaddrs' to find out the IP addresses? | ||
| 4 | [ ] Use guestfish resize2fs command to make the image smaller. | ||
| 5 | I doubt I will get extra space! | ||
| 3 | 6 | [ ] Add an install method to stream the image dirrectly + copy-on-read? | [ ] Add an install method to stream the image dirrectly + copy-on-read? |
| 4 | 7 | [ ] Check other filesystems: nils2 etc for virtual machine. | [ ] Check other filesystems: nils2 etc for virtual machine. |
| 5 | 8 | [ ] Use guestmount when building VM images? | [ ] Use guestmount when building VM images? |
Hints:
Before first commit, do not forget to setup your git environment:
Clone this repository using HTTP(S):
Clone this repository using ssh (do not forget to upload a key first):
Clone this repository using git:
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"
git config --global user.email "your@email_here"
Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit
Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit
Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main
... make some changes and some commits ...
git push origin main
RocketGit
Rocket your launch!
Rocket your launch!