From 97c5bcec136eb549b57cdb74ebd9da7ca1338e90 Mon Sep 17 00:00:00 2001 From: Eli Schwartz Date: Sun, 15 Apr 2018 10:29:43 -0400 Subject: config: allow reading both the defaults file and the modified config In the process, rename config.proto to config.defaults (because that is what it is now). Also use dict.get('key', default_value) when querying os.environ, rather than an if block, as it is more pythonic/readable/concise, and reduces the number of dict lookups. This change allows aurweb configuration to be done via either: - copying config.defaults to config and modifying values - creating a new config only containing modified values, next to a config.defaults containing unmodified values The motivation for this change is to enable ansible configuration in our flagship deployment by storing only changed values, and deferring to config.defaults otherwise. A side benefit is, it is easier to see what has changed by inspecting only the site configuration file. If a config.defaults file does not exist next to $AUR_CONFIG or in $AUR_CONFIG_DEFAULTS, it is ignored and *all* values are expected to live in the modified config file. Signed-off-by: Eli Schwartz Signed-off-by: Lukas Fleischer --- INSTALL | 6 ++-- TESTING | 2 +- aurweb/config.py | 10 +++--- conf/config.defaults | 81 ++++++++++++++++++++++++++++++++++++++++++++++ conf/config.proto | 81 ---------------------------------------------- web/lib/confparser.inc.php | 12 ++++++- 6 files changed, 103 insertions(+), 89 deletions(-) create mode 100644 conf/config.defaults delete mode 100644 conf/config.proto diff --git a/INSTALL b/INSTALL index c72c4a2e..7170aea1 100644 --- a/INSTALL +++ b/INSTALL @@ -40,8 +40,10 @@ read the instructions below. Ensure to enable the pdo_mysql extension in php.ini. -3) Copy conf/config.proto to /etc/aurweb/config and adjust the configuration - (pay attention to disable_http_login, enable_maintenance and aur_location). +3) Optionally copy conf/config.defaults to /etc/aurweb/. Create or copy + /etc/aurweb/config (this is expected to contain all configuration settings + if the defaults file does not exist) and adjust the configuration (pay + attention to disable_http_login, enable_maintenance and aur_location). 4) Create a new MySQL database and a user and import the aurweb SQL schema: diff --git a/TESTING b/TESTING index 53ffef24..b0a5f628 100644 --- a/TESTING +++ b/TESTING @@ -23,7 +23,7 @@ INSTALL. $ sqlite3 ../aurweb.sqlite3 < aur-schema-sqlite.sql $ sqlite3 ../aurweb.sqlite3 < out.sql -4) Copy conf/config.proto to conf/config and adjust the configuration +4) Copy conf/config.defaults to conf/config and adjust the configuration (pay attention to disable_http_login, enable_maintenance and aur_location). Be sure to change backend to sqlite and name to the file location of your diff --git a/aurweb/config.py b/aurweb/config.py index a52d9422..52ec461e 100644 --- a/aurweb/config.py +++ b/aurweb/config.py @@ -8,11 +8,13 @@ def _get_parser(): global _parser if not _parser: + path = os.environ.get('AUR_CONFIG', '/etc/aurweb/config') + defaults = os.environ.get('AUR_CONFIG_DEFAULTS', path + '.defaults') + _parser = configparser.RawConfigParser() - if 'AUR_CONFIG' in os.environ: - path = os.environ.get('AUR_CONFIG') - else: - path = "/etc/aurweb/config" + if os.path.isfile(defaults): + with open(defaults) as f: + _parser.read_file(f) _parser.read(path) return _parser diff --git a/conf/config.defaults b/conf/config.defaults new file mode 100644 index 00000000..be37f430 --- /dev/null +++ b/conf/config.defaults @@ -0,0 +1,81 @@ +[database] +backend = mysql +host = localhost +socket = /var/run/mysqld/mysqld.sock +name = AUR +user = aur +password = aur + +[options] +username_min_len = 3 +username_max_len = 16 +passwd_min_len = 8 +default_lang = en +default_timezone = UTC +sql_debug = 0 +max_sessions_per_user = 8 +login_timeout = 7200 +persistent_cookie_timeout = 2592000 +max_filesize_uncompressed = 8388608 +disable_http_login = 1 +aur_location = https://aur.archlinux.org +git_clone_uri_anon = https://aur.archlinux.org/%s.git +git_clone_uri_priv = ssh://aur@aur.archlinux.org/%s.git +max_rpc_results = 5000 +max_depends = 1000 +aur_request_ml = aur-requests@archlinux.org +request_idle_time = 1209600 +request_archive_time = 15552000 +auto_orphan_age = 15552000 +auto_delete_age = 86400 +source_file_uri = https://aur.archlinux.org/cgit/aur.git/tree/%s?h=%s +log_uri = https://aur.archlinux.org/cgit/aur.git/log/?h=%s +commit_uri = https://aur.archlinux.org/cgit/aur.git/commit/?h=%s&id=%s +snapshot_uri = /cgit/aur.git/snapshot/%s.tar.gz +enable-maintenance = 1 +maintenance-exceptions = 127.0.0.1 +render-comment-cmd = /usr/local/bin/aurweb-rendercomment +# memcache or apc +cache = none +memcache_servers = 127.0.0.1:11211 + +[ratelimit] +request_limit = 4000 +window_length = 86400 + +[notifications] +notify-cmd = /usr/local/bin/aurweb-notify +sendmail = /usr/bin/sendmail +sender = notify@aur.archlinux.org +reply-to = noreply@aur.archlinux.org + +[fingerprints] +Ed25519 = SHA256:HQ03dn6EasJHNDlt51KpQpFkT3yBX83x7BoIkA1iv2k +ECDSA = SHA256:L71Q91yHwmHPYYkJMDgj0xmUuw16qFOhJbBr1mzsiOI +RSA = SHA256:Ju+yWiMb/2O+gKQ9RJCDqvRg7l+Q95KFAeqM5sr6l2s + +[auth] +valid-keytypes = ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519 +username-regex = [a-zA-Z0-9]+[.\-_]?[a-zA-Z0-9]+$ +git-serve-cmd = /usr/local/bin/aurweb-git-serve +ssh-options = restrict + +[serve] +repo-path = /srv/http/aurweb/aur.git/ +repo-regex = [a-z0-9][a-z0-9.+_-]*$ +git-shell-cmd = /usr/bin/git-shell +git-update-cmd = /usr/local/bin/aurweb-git-update +ssh-cmdline = ssh aur@aur.archlinux.org + +[update] +max-blob-size = 256000 + +[aurblup] +db-path = /srv/http/aurweb/aurblup/ +sync-dbs = core extra community multilib testing community-testing +server = ftp://mirrors.kernel.org/archlinux/%s/os/x86_64 + +[mkpkglists] +packagesfile = /srv/http/aurweb/web/html/packages.gz +pkgbasefile = /srv/http/aurweb/web/html/pkgbase.gz +userfile = /srv/http/aurweb/web/html/users.gz diff --git a/conf/config.proto b/conf/config.proto deleted file mode 100644 index be37f430..00000000 --- a/conf/config.proto +++ /dev/null @@ -1,81 +0,0 @@ -[database] -backend = mysql -host = localhost -socket = /var/run/mysqld/mysqld.sock -name = AUR -user = aur -password = aur - -[options] -username_min_len = 3 -username_max_len = 16 -passwd_min_len = 8 -default_lang = en -default_timezone = UTC -sql_debug = 0 -max_sessions_per_user = 8 -login_timeout = 7200 -persistent_cookie_timeout = 2592000 -max_filesize_uncompressed = 8388608 -disable_http_login = 1 -aur_location = https://aur.archlinux.org -git_clone_uri_anon = https://aur.archlinux.org/%s.git -git_clone_uri_priv = ssh://aur@aur.archlinux.org/%s.git -max_rpc_results = 5000 -max_depends = 1000 -aur_request_ml = aur-requests@archlinux.org -request_idle_time = 1209600 -request_archive_time = 15552000 -auto_orphan_age = 15552000 -auto_delete_age = 86400 -source_file_uri = https://aur.archlinux.org/cgit/aur.git/tree/%s?h=%s -log_uri = https://aur.archlinux.org/cgit/aur.git/log/?h=%s -commit_uri = https://aur.archlinux.org/cgit/aur.git/commit/?h=%s&id=%s -snapshot_uri = /cgit/aur.git/snapshot/%s.tar.gz -enable-maintenance = 1 -maintenance-exceptions = 127.0.0.1 -render-comment-cmd = /usr/local/bin/aurweb-rendercomment -# memcache or apc -cache = none -memcache_servers = 127.0.0.1:11211 - -[ratelimit] -request_limit = 4000 -window_length = 86400 - -[notifications] -notify-cmd = /usr/local/bin/aurweb-notify -sendmail = /usr/bin/sendmail -sender = notify@aur.archlinux.org -reply-to = noreply@aur.archlinux.org - -[fingerprints] -Ed25519 = SHA256:HQ03dn6EasJHNDlt51KpQpFkT3yBX83x7BoIkA1iv2k -ECDSA = SHA256:L71Q91yHwmHPYYkJMDgj0xmUuw16qFOhJbBr1mzsiOI -RSA = SHA256:Ju+yWiMb/2O+gKQ9RJCDqvRg7l+Q95KFAeqM5sr6l2s - -[auth] -valid-keytypes = ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519 -username-regex = [a-zA-Z0-9]+[.\-_]?[a-zA-Z0-9]+$ -git-serve-cmd = /usr/local/bin/aurweb-git-serve -ssh-options = restrict - -[serve] -repo-path = /srv/http/aurweb/aur.git/ -repo-regex = [a-z0-9][a-z0-9.+_-]*$ -git-shell-cmd = /usr/bin/git-shell -git-update-cmd = /usr/local/bin/aurweb-git-update -ssh-cmdline = ssh aur@aur.archlinux.org - -[update] -max-blob-size = 256000 - -[aurblup] -db-path = /srv/http/aurweb/aurblup/ -sync-dbs = core extra community multilib testing community-testing -server = ftp://mirrors.kernel.org/archlinux/%s/os/x86_64 - -[mkpkglists] -packagesfile = /srv/http/aurweb/web/html/packages.gz -pkgbasefile = /srv/http/aurweb/web/html/pkgbase.gz -userfile = /srv/http/aurweb/web/html/users.gz diff --git a/web/lib/confparser.inc.php b/web/lib/confparser.inc.php index 499481df..29f17e83 100644 --- a/web/lib/confparser.inc.php +++ b/web/lib/confparser.inc.php @@ -8,11 +8,21 @@ function config_load() { if (!$path) { $path = "/etc/aurweb/config"; } + $defaults_path = getenv('AUR_CONFIG_DEFAULTS'); + if (!$defaults_path) { + $defaults_path = path . ".defaults"; + } + if (file_exists($defaults_path)) { + $default_config = parse_ini_file($defaults_path, true, INI_SCANNER_RAW); + } else { + $default_config = []; + } if (file_exists($path)) { - $AUR_CONFIG = parse_ini_file($path, true, INI_SCANNER_RAW); + $config = parse_ini_file($path, true, INI_SCANNER_RAW); } else { die("aurweb config file not found"); } + $AUR_CONFIG = array_replace_recursive($default_config, $config) } } -- cgit v1.2.3-24-g4f1b