catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)
Main RocketGit repo
Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 v0.71 v0.72 v0.73 v0.77 v0.78 v0.79 v0.80 group1/branch1 group2/subgroup1/branch2 main master release
List of commits:
Subject Hash Author Date (UTC)
samples updated b42d3dd5947ae9bcf3994854219e759d93abcafa Catalin(ux) M. BOIE 2018-08-29 21:32:03
docker updates f26097f046666d3ab5ca96e69f6fc458188a33ed Catalin(ux) M. BOIE 2018-08-29 21:31:16
Cosmetic changes d5069178bed9736db02c3233e95564ad7b429e17 Catalin(ux) M. BOIE 2018-08-29 21:30:42
tests: added helper for totp enrollment bad21ca093b427b200b3fbdcf2a2e1dd1820f93a Catalin(ux) M. BOIE 2018-08-29 20:59:17
Store the timestamp of the deletion for a repo, not 1 e761b36efaa37fc3c453e8382127e340bc736bc7 Catalin(ux) M. BOIE 2018-06-04 18:00:35
totp: urlencode must be used when building the url for 2fa f85ea05bf4b456cc0430e78f2705347dc79343ae Catalin(ux) M. BOIE 2018-05-29 17:39:06
totp: remove expired entries 06cd360eff667740bcf8a580447cb86f3c2e6850 Catalin(ux) M. BOIE 2018-05-29 17:38:16
Show disk size in users list 9cc05cb0307cf31d6d2ebacda0846b0774e704d7 Catalin(ux) M. BOIE 2017-12-25 08:09:22
Added timeout for ldap bind/search operations 502fbf1287f1ad37f7c6c82c473c9b472d3fa65a Catalin(ux) M. BOIE 2017-11-26 15:46:51
Default uid_attr for ldap is now 'uid' 6e3993359d506d76ec739dd87fa682eea6b5a3b6 Catalin(ux) M. BOIE 2017-11-26 14:57:58
lock cache must not store 'ok' field 5a600b275fcf50c2df2cb0253a80aa99ae145b0d Catalin(ux) M. BOIE 2017-11-26 14:41:33
CURLOPT_SSLCERT must not be provided in newer versions of curl d14ad10139a9a5f4f59961fbaa3fe371754e806a Catalin(ux) M. BOIE 2017-11-26 14:25:32
Newer git, by providing an empty user, will not sent the user. This is bad, switch to using 'guest' user 0c84bf03fa4ceb3fe4b832c39134116d8cea6105 Catalin(ux) M. BOIE 2017-11-26 14:23:11
Fixed edit_no_check's pass field usage ebd3ff1f73009bcf5943589e19ee8a573d80f6ac Catalin(ux) M. BOIE 2017-11-26 14:20:45
Small fix for typos in test runner a85032bd5854816c8df6e8d23a1817e462a6f31e Catalin(ux) M. BOIE 2017-11-26 13:47:18
We must set oversize_diff, even if also_patch is false c347c23a5ecc022a4354cfa27088fe3db5cddeea Catalin(ux) M. BOIE 2017-11-26 13:43:31
Added debug for rg_cache_merge function 740eb3b5dbd19ff8ab852ff745c4cad4b1b1a4fb Catalin(ux) M. BOIE 2017-11-26 13:42:38
Improved a little bit the way the tests are run c169ce030975bd0580d867a806df9c401a2b38e8 Catalin(ux) M. BOIE 2017-11-26 13:42:06
Latest git breaks anonymous push - fix it by using 'guest' user instead of the empty one b3d1265cc9b44786c0fd7aa2988c5614f62db978 Catalin(ux) M. BOIE 2017-11-26 12:39:43
Lots of changes, but mostly LDAP support 029d34fdc14587b9ef6eb9e87ac36f66caefdacf Catalin(ux) M. BOIE 2017-11-24 19:35:59
Commit b42d3dd5947ae9bcf3994854219e759d93abcafa - samples updated
Author: Catalin(ux) M. BOIE
Author date (UTC): 2018-08-29 21:32
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2018-08-29 21:32
Parent(s): f26097f046666d3ab5ca96e69f6fc458188a33ed
Signer:
Signing key:
Signing status: N
Tree: b36a6284ddfc8994f93c9f0f9e987ed8d387d1c2
File Lines added Lines deleted
samples/nginx.conf 17 8
samples/php-fpm.conf 1 1
samples/pool.conf 1 1
samples/rg.conf 5 5
samples/rocketgit-fpm.service 3 1
File samples/nginx.conf changed (mode: 100644) (index f73ece0..c4a7885)
... ... server {
6 6 server_tokens off; server_tokens off;
7 7 root /usr/share/rocketgit/root; root /usr/share/rocketgit/root;
8 8
9 tcp_nopush on;
10 sendfile on;
11
9 12 # TODO - is ok in this context? # TODO - is ok in this context?
10 13 client_max_body_size 1000m; client_max_body_size 1000m;
11 14 # more than that is written into a file first # more than that is written into a file first
 
... ... server {
36 39 } }
37 40
38 41 location / { location / {
39 gzip off;
42 gzip on;
43 #gzip_comp_level 6;
44 gzip_types text/plain text/xml text/css text/javascript application/javascript application/x-javascript;
40 45
41 46 # To be able to know that the client closed the connection # To be able to know that the client closed the connection
42 47 # TODO: equivalent for apache? # TODO: equivalent for apache?
 
... ... server {
51 56 include /etc/nginx/fastcgi_params; include /etc/nginx/fastcgi_params;
52 57 fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name;
53 58
54 fastcgi_pass unix:/run/php-fpm/rocketgit.sock;
59 fastcgi_pass unix:/run/rocketgit-fpm/rocketgit.sock;
55 60 } }
56 61 } }
57 62
 
... ... server {
63 68 server_tokens off; server_tokens off;
64 69 root /usr/share/rocketgit/root; root /usr/share/rocketgit/root;
65 70
66 # TODO - is ok in this context?
71 tcp_nopush on;
72 sendfile on;
73
74 # TODO - is ok in this context? You can put 0 for no limit.
67 75 client_max_body_size 1000m; client_max_body_size 1000m;
68 76 # more than that is written into a file first # more than that is written into a file first
69 77 client_body_buffer_size 128k; client_body_buffer_size 128k;
 
... ... server {
94 102 } }
95 103
96 104 location / { location / {
97 gzip off;
105 gzip on;
106 #gzip_comp_level 6;
107 gzip_types text/plain text/xml text/css text/javascript application/javascript application/x-javascript;
98 108
99 109 # To be able to know that the client closed the connection # To be able to know that the client closed the connection
100 110 # TODO: equivalent for apache? # TODO: equivalent for apache?
 
... ... server {
109 119 include /etc/nginx/fastcgi_params; include /etc/nginx/fastcgi_params;
110 120 fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name;
111 121
112 fastcgi_pass unix:/run/php-fpm/rocketgit.sock;
122 fastcgi_pass unix:/run/rocketgit-fpm/rocketgit.sock;
113 123 } }
114 124
115 125 ssl_certificate /etc/pki/tls/certs/localhost.crt; ssl_certificate /etc/pki/tls/certs/localhost.crt;
 
... ... server {
119 129 # https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm # https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm
120 130 ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"; ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
121 131 ssl_protocols TLSv1.2; ssl_protocols TLSv1.2;
122 ssl_session_cache shared:SSL:1m;
123 ssl_session_timeout 5m;
132 ssl_session_cache shared:SSL:10m;
133 ssl_session_timeout 120m;
124 134
125 135 # https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning # https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning
126 136 # To generate pin-sha256 string: openssl s_client -servername <server> -connect <server>:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 # To generate pin-sha256 string: openssl s_client -servername <server> -connect <server>:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
127 137 # add_header Public-Key-Pins "pin-sha256=\"base64+primary==\"; pin-sha256=\"base64+backup==\"; max-age=5184000; includeSubDomains; report-uri=\"https://www.example.org/hpkp-report\"" # add_header Public-Key-Pins "pin-sha256=\"base64+primary==\"; pin-sha256=\"base64+backup==\"; max-age=5184000; includeSubDomains; report-uri=\"https://www.example.org/hpkp-report\""
128 138 # add_header Public-Key-Pins-Report-Only ... # to not block users! # add_header Public-Key-Pins-Report-Only ... # to not block users!
129
130 139 } }
File samples/php-fpm.conf changed (mode: 100644) (index d10ccea..4f8492e)
... ... include=/etc/rocketgit/pool.conf
17 17 [global] [global]
18 18 ; Pid file ; Pid file
19 19 ; Default Value: none ; Default Value: none
20 pid = /run/php-fpm/rocketgit.pid
20 pid = /run/rocketgit-fpm/rocketgit.pid
21 21
22 22 ; Error log file ; Error log file
23 23 ; If it's set to "syslog", log is sent to syslogd instead of being written ; If it's set to "syslog", log is sent to syslogd instead of being written
File samples/pool.conf changed (mode: 100644) (index 7fd6bd9..84d98cf)
... ... group = rocketgit
36 36 ; (IPv6 and IPv4-mapped) on a specific port; ; (IPv6 and IPv4-mapped) on a specific port;
37 37 ; '/path/to/unix/socket' - to listen on a unix socket. ; '/path/to/unix/socket' - to listen on a unix socket.
38 38 ; Note: This value is mandatory. ; Note: This value is mandatory.
39 listen = /run/php-fpm/rocketgit.sock
39 listen = /run/rocketgit-fpm/rocketgit.sock
40 40
41 41 ; Set listen(2) backlog. ; Set listen(2) backlog.
42 42 ; Default Value: 65535 ; Default Value: 65535
File samples/rg.conf changed (mode: 100644) (index 3fd84f1..a9bcdd8)
65 65 DeflateBufferSize 81920 DeflateBufferSize 81920
66 66
67 67 <FilesMatch "\.php$"> <FilesMatch "\.php$">
68 SetHandler "proxy:unix:/run/php-fpm/rocketgit.sock|fcgi://localhost"
68 SetHandler "proxy:unix:/run/rocketgit-fpm/rocketgit.sock|fcgi://localhost"
69 69 </FilesMatch> </FilesMatch>
70 70 </VirtualHost> </VirtualHost>
71 71
 
91 91 #LogLevel rewrite:trace8 #LogLevel rewrite:trace8
92 92
93 93 # Allow .ico, 'themes' folder and robots.txt # Allow .ico, 'themes' folder and robots.txt
94 RewriteCond %{REQUEST_URI} ^/(favicon\.ico|themes/.*|robots\.txt|\.well-known/.*)$
94 RewriteCond %{REQUEST_URI} ^/(favicon\.ico|themes/.*|robots\.txt|\.well-known/.*)$ [nocase]
95 95 RewriteRule .* - [last] RewriteRule .* - [last]
96 96
97 97 # Force the use of only one name even if we have more aliases. # Force the use of only one name even if we have more aliases.
98 98 # https://httpd.apache.org/docs/2.4/rewrite/remapping.html # https://httpd.apache.org/docs/2.4/rewrite/remapping.html
99 #RewriteCond expr "%{HTTP_HOST} != %{SERVER_NAME}"
100 #RewriteRule "^/?(.*)" "https://%{SERVER_NAME}:%{SERVER_PORT}/$1" [last,redirect=301,noescape]
99 #RewriteCond expr "%{HTTP_HOST} != %{SERVER_NAME}" [nocase]
100 #RewriteRule "^/?(.*)" "https://%{SERVER_NAME}:%{SERVER_PORT}/$1" [last,redirect=301,noescape,nocase]
101 101
102 102 # all rest # all rest
103 103 RewriteRule (.*) /index.php [last] RewriteRule (.*) /index.php [last]
 
151 151 DeflateBufferSize 81920 DeflateBufferSize 81920
152 152
153 153 <FilesMatch "\.php$"> <FilesMatch "\.php$">
154 SetHandler "proxy:unix:/run/php-fpm/rocketgit.sock|fcgi://localhost"
154 SetHandler "proxy:unix:/run/rocketgit-fpm/rocketgit.sock|fcgi://localhost"
155 155 </FilesMatch> </FilesMatch>
156 156 </VirtualHost> </VirtualHost>
File samples/rocketgit-fpm.service changed (mode: 100644) (index fd285d9..49fb287)
... ... After=syslog.target network.target
12 12
13 13 [Service] [Service]
14 14 Type=notify Type=notify
15 PIDFile=/run/php-fpm/rocketgit.pid
15 PIDFile=/run/rocketgit-fpm/rocketgit.pid
16 16 ExecStart=/usr/sbin/php-fpm --fpm-config /etc/rocketgit/php-fpm.conf ExecStart=/usr/sbin/php-fpm --fpm-config /etc/rocketgit/php-fpm.conf
17 17 ExecReload=/bin/kill -USR2 $MAINPID ExecReload=/bin/kill -USR2 $MAINPID
18 18 PrivateTmp=true PrivateTmp=true
19 RuntimeDirectory=rocketgit-fpm
20 RuntimeDirectoryMode=0755
19 21 #Seems I get a denial #Seems I get a denial
20 22 #NoNewPrivileges=yes #NoNewPrivileges=yes
21 23 Restart=always Restart=always
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main