summaryrefslogtreecommitdiffstats
path: root/conf
AgeCommit message (Collapse)AuthorFilesLines
2018-02-24Add rate limit support to APIFlorian Pritz1-0/+4
This allows us to prevent users from hammering the API every few seconds to check if any of their packages were updated. Real world users check as often as every 5 or 10 seconds. Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-08-01mkpkglists: Generate a list of user namesLukas Fleischer1-0/+1
In addition to the packages list and the package base list, also create a list of registered user names. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-04-24Make references to Git commits clickableLukas Fleischer1-0/+1
Automatically detect Git commit identifiers, shorten them, and make them link to the cgit interface. Implements FS#43290. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-04-23Render comments when storing them in the databaseLukas Fleischer1-0/+1
Instead of converting package comments from plain text to HTML code when they are displayed, do the conversion when the comment is posted and store the rendered result in the database. The conversion itself is done by a Python script which uses Bleach for sanitizing the text. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-02-15Hide old requests from the dashboardLukas Fleischer1-0/+1
Only show package requests created less than 6 months ago on the dashboard. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-02-12Add direct links to each source fileJanne Heß1-1/+1
Currently, each source file which is an external link (http://, https://, ...) is a clickable link. This commit extends the behaviour by making files from the repository clickable as well. The link brings the user to the corresponding cgit page. Also, the link to the PKGBUILD is altered to make the configuration more consistent. Signed-off-by: Janne Heß <jannehess@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-01-25config.proto: Update path to the notification scriptLukas Fleischer1-1/+1
As of commit 3718860 (Make maintenance scripts installable, 2016-10-17), the notification script is installed as aurweb-notify. Update the sample configuration file accordingly. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-01-20Add user set timezonesMark Weiman1-0/+1
Currently, aurweb displays all dates and times in UTC time. This patch adds a capability for each logged in user to set their preferred timezone. Implements FS#48729. Signed-off-by: Mark Weiman <mark.weiman@markzz.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-01-07Increase minimum password length to 8 charactersAlex Muller1-1/+1
There are 95 printable ASCII characters which with a minimum length of 4 gives 95^4 or 81 million possible passwords. Increasing the minimum length to 8 increases the number of possible passwords by a factor of about 10^7. Relates to FS#52297. Signed-off-by: Alex Muller <alex@mullr.net> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-10-08Reorganize Git interface scriptsLukas Fleischer1-2/+2
Move the Git interface scripts from git-interface/ to aurweb/git/. Use setuptools to automatically create wrappers which can be installed using `python3 setup.py install`. Update the configuration files, the test suite as well as the INSTALL and README files to reflect these changes. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-09-29aurblup: Drop support for multiple serversLukas Fleischer1-1/+1
Support for multiple servers has never been used by the official aurweb setup and the current implementation makes it impossible to use server URIs that contain spaces. For simplicity, change the implementation such that only a single server is supported. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-09-29mkpkglists: Make output files configurableLukas Fleischer1-0/+4
Instead of writing the output to hardcoded files (relative to the document root), make the output paths of mkpkglists configurable. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-interface: Support SQLite as database backendLukas Fleischer1-1/+1
In addition to MySQL, add support for SQLite to the database abstraction layer. Also, add a new configuration option to select the DBMS. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-05git-update: Make maximum blob size configurableLukas Fleischer1-0/+3
Support setting the maximum blob size in the configuration file. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-08-04Change default SSH options to "restrict"Lukas Fleischer1-1/+1
From the sshd(8) man page: Enable all restrictions, i.e. disable port, agent and X11 forwarding, as well as disabling PTY allocation and execution of ~/.ssh/rc. If any future restriction capabilities are added to authorized_keys files they will be included in this set. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-06-26Add hard limit for the length of dependency listsLukas Fleischer1-0/+1
Introduce a configuration option max_depends which can be used to specify a maximum number of (reverse) dependencies to display on the package details pages. Fixes FS#49059. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2016-02-06config.proto: Do not use the ssh+git schemeLukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-12-13cgitrc.proto: Add the aurweb faviconLukas Fleischer1-0/+1
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-11-14Make the notification script configurableLukas Fleischer1-0/+1
Add a configuration option to set the path of the notification script. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-08-16Remove trailing slash from git urlsStefan Auditor1-2/+2
Circumvents the temporary regression in git that clones a repository as foo-git.git instead of foo-git and matches the format used by other commonly used git hosting providers. Fixes FS#45834. Signed-off-by: Stefan Auditor <stefan.auditor@erdfisch.de> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-08-16Add a restore command to the SSH interfaceLukas Fleischer1-0/+1
Implement a new command that can be used to restore deleted package bases without having to push a new commit. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-08-08Port notification routines to PythonLukas Fleischer1-0/+5
Use a Python script for sending notification emails. The notification action and additional parameters are passed via command line arguments. For comment and package request notifications, the text is passed via stdin. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-28Update sample configuration for Smart HTTPLukas Fleischer2-0/+22
Using uWSGI for the Smart HTTP protocol caused some issues, see e.g. FS#45428. Suggest using fcgiwrap instead which is more lightweight, has better documentation and is easier to debug. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-19Remove hostname from URLPath in JSON RPCMikkel Oscar Lyderik1-1/+1
Prior to aurweb 4.0.0, URLPath in the JSON RPC didn't include the host name, only the path. This removes the host name and makes the URL compatible with programs expecting the old semantics (i.e. cower). Closes FS#45333. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-14config.proto: Add sample fingerprints sectionJohannes Löthberg1-0/+5
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-11Support exceptions in the maintenance modeLukas Fleischer1-0/+1
Allow for excluding certain IP addresses from the maintenance mode. This allows administrators to view the web page while the site is still under maintenance for the rest of the world. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-11Implement a maintenance modeLukas Fleischer1-0/+1
Add support for a maintenance mode that disables both the website and the SSH interface and can be enabled easily using a configuration option. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-11Make URIs to the individual cgit pages configurableLukas Fleischer1-1/+3
Make the locations of the PKGBUILD preview, the log and the snapshot tarball configurable. This increases flexibility and simplifies the code a bit. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-04cgitrc.proto: Fix clone prefixLukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-02config.proto: CleanupLukas Fleischer1-3/+1
Remove the template-path and git-update-hook options which are no longer used. Update the git_clone_uri_anon default value. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-02Restructure scriptsLukas Fleischer1-4/+4
* Move scripts/git-integration/ to git-interface/. * Move scripts/aurblup/aurblup.py to scripts/aurblup.py. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-06-01Use gitnamespaces for efficient storageLukas Fleischer2-3/+5
Instead of using one Git repository per package, use a single large object storage for space efficiency. The refs of the individual package bases are divided using gitnamespaces(7) which allows for exposing each namespace as an independent repository easily. Also, git-serve is modified to create a branch for each package, allowing to browse the large repository with cgit. Helped-by: Florian Pritz <bluewind@xinu.at> Helped-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-05-23config.proto: Fix default value of ssh-cmdlineLukas Fleischer1-1/+1
We no longer use port 2222 for SSH. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-05-21Change default configuration to use SSH port 22Lukas Fleischer4-16/+2
We no longer run a separate SSH daemon on port 2222. Change the default configuration accordingly. Also remove some configuration files that are no longer needed. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-04-11Update the OpenSSH patchLukas Fleischer1-1/+1
Use the latest version of Damien Miller's patch to extend the parameters to the AuthorizedKeysCommand. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2015-03-04Allow users to delete their own packagesLukas Fleischer1-0/+1
Allow users to remove their own package bases for a short period of time after initial submission (defaults to one day). Implements FS#43648. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2015-02-04Rename the AUR software to aurwebLukas Fleischer3-9/+9
Rename the project to help differentiate between the software providing access to the Arch User Repository and the collection of source packages itself. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2015-01-11Use custom templates for Git repositoriesLukas Fleischer1-0/+1
Do not waste disk space by copying dozens of unneeded sample hooks. Use a custom template directory that only includes the git-update hook. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2015-01-09config.proto: Add prototype for ssh-cmdlineLukas Fleischer1-0/+1
This should have been added in 1b627a3 (git-serve.py: Improve error messages, 2015-01-01). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2015-01-09Rewrite aurblup in PythonLukas Fleischer1-0/+5
The AUR backend already uses several Python scripts, rewrite the aurblup helper as well. This has several advantages: * We can easily use the main configuration file without using any shell script wrappers. * aurblup does not need to be recompiled on libalpm soname bumps. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-29Add systemd unit files for the AUR sshdLukas Fleischer2-0/+14
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-29Add links to public and private clone URLsLukas Fleischer2-2/+3
Show a public clone URL (using Git over HTTP) by default and only show the private clone URL to the package maintainer. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-29config.proto: Sync default values with aur.archlinux.orgLukas Fleischer1-4/+4
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-28Add cgit configuration and style sheetLukas Fleischer1-0/+29
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-27Add public clone URLs to package detailsLukas Fleischer1-0/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-27Use Git repositories to store packagesLukas Fleischer1-4/+1
* Remove package submission page from the web interface. * Replace PKGBUILD and tarball links with links to cgit. * Remove the "URLPath" field from RPC replies. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-27Add update hook templateLukas Fleischer1-0/+1
This adds a script that can be used as an update hook to check all commits for validity and to regenerate the package details page before updating a named ref. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-27Add basic Git authentication/authorization scriptsLukas Fleischer1-0/+11
This adds two scripts to be used together with Git over SSH: * git-auth.py is supposed to be used as AuthorizedKeysCommand. It checks whether the public key belongs to any AUR user and invokes git-serve.py, passing the name of the corresponding user as a command line argument, if any. * git-serve.py is a wrapper around git-shell(1) that checks whether the user passed as command line argument has access to the Git repository that a push operation writes to. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-21Always use virtual URLsLukas Fleischer1-1/+0
Support for non-virtual URLs has been broken for a long time and is no longer used on the official AUR setup. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-24Use an INI-style configuration fileLukas Fleischer1-0/+29
Replace web/lib/config.inc.php with an INI-style configuration file. This allows us to get rid of several globals and makes it easier to use the same configuration file in external scripts. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>