summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--server-config/www.the-brannons.com/etc/cgitrc25
-rw-r--r--server-config/www.the-brannons.com/etc/lighttpd/handle-acme.lua8
-rw-r--r--server-config/www.the-brannons.com/etc/lighttpd/lighttpd.conf95
-rw-r--r--server-config/www.the-brannons.com/etc/lighttpd/mime.conf56
-rwxr-xr-xserver-config/www.the-brannons.com/etc/sv/gitolite/run5
-rw-r--r--server-config/www.the-brannons.com/var/lib/gitolite/.gitolite203
-rw-r--r--server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GITOLITE_HTTP_HOME1
-rw-r--r--server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_HTTP_EXPORT_ALL1
-rw-r--r--server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_PROJECT_ROOT1
-rw-r--r--server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/HOME1
-rwxr-xr-xserver-config/www.the-brannons.com/var/lib/gitolite/web/git3
11 files changed, 399 insertions, 0 deletions
diff --git a/server-config/www.the-brannons.com/etc/cgitrc b/server-config/www.the-brannons.com/etc/cgitrc
new file mode 100644
index 0000000..7b8463c
--- /dev/null
+++ b/server-config/www.the-brannons.com/etc/cgitrc
@@ -0,0 +1,25 @@
+about-filter=/usr/lib/cgit/filters/about-formatting.sh
+clone-prefix=/git
+css=/cgit/cgit.css
+logo=/cgit/cgit.png
+
+# Allow http transport git clone
+#enable-http-clone=0
+
+snapshots=all
+
+# if you do not want that webcrawler (like google) index your site
+robots=noindex, nofollow
+
+# if cgit messes up links, use a virtual-root. For example, cgit.example.org/ has this value:
+virtual-root=/cgit/cgit.cgi/
+repo.url=nawp
+repo.path=/var/lib/gitolite/repositories/nawp.git
+repo.desc=NAWP Aint WordPress
+repo.readme=master:README.md
+repo.url=chicken-xml-rpc
+repo.path=/var/lib/gitolite/repositories/chicken-xml-rpc.git
+repo.desc=xml-rpc egg for Chicken 5.x
+repo.url=random-things
+repo.path=/var/lib/gitolite/repositories/random-things.git
+repo.desc=collection of random Chris things
diff --git a/server-config/www.the-brannons.com/etc/lighttpd/handle-acme.lua b/server-config/www.the-brannons.com/etc/lighttpd/handle-acme.lua
new file mode 100644
index 0000000..b27d95f
--- /dev/null
+++ b/server-config/www.the-brannons.com/etc/lighttpd/handle-acme.lua
@@ -0,0 +1,8 @@
+# To the best of my knowledge, the thumbprint doesn't have to be
+# kept secret, so I'll let it all hang out, as it were:
+# Take the thing after /.well-known/acme-challenge/ from the path:
+ challenge = lighty.env["uri.path"]:sub(29)
+ret = challenge .. '.N0Jo0TsZjiLudJJSasZ2ZGMTrMRe6_44SywWheEZTk8'
+lighty.header["Content-Type"] = "text/plain"
+lighty.content = { ret }
+return 200
diff --git a/server-config/www.the-brannons.com/etc/lighttpd/lighttpd.conf b/server-config/www.the-brannons.com/etc/lighttpd/lighttpd.conf
new file mode 100644
index 0000000..b575a2f
--- /dev/null
+++ b/server-config/www.the-brannons.com/etc/lighttpd/lighttpd.conf
@@ -0,0 +1,95 @@
+# This is a minimal example config
+# See /usr/share/doc/lighttpd
+# and http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ConfigurationOptions
+
+server.bind = "0.0.0.0"
+server.port = 80
+server.username = "_lighttpd"
+server.groupname = "_lighttpd"
+server.document-root = "/srv/http/the-brannons.com"
+server.errorlog = "/var/log/lighttpd/error.log"
+server.modules = (
+ "mod_access",
+ "mod_simple_vhost",
+ "mod_accesslog",
+ "mod_cgi",
+ "mod_fastcgi",
+ "mod_proxy",
+ "mod_rewrite",
+ "mod_openssl"
+)
+server.breakagelog = "/var/log/lighttpd/breakage.log"
+
+$SERVER["socket"] == "[::]:80" {
+}
+
+ssl.pemfile = "/etc/ssl/acme/the-brannons.com/fullchain"
+ssl.privkey = "/etc/ssl/acme/the-brannons.com/privkey"
+$SERVER["socket"] == ":443" {
+ ssl.engine = "enable"
+}
+$SERVER["socket"] == "[::]:443" {
+ ssl.engine = "enable"
+}
+
+dir-listing.activate = "enable"
+index-file.names = ( "index.html" )
+include "mime.conf"
+
+accesslog.filename = "/var/log/lighttpd/access.log"
+
+server.modules += ( "mod_magnet" )
+$HTTP["url"] =~ "^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$" {
+magnet.attract-raw-url-to = ( "/etc/lighttpd/handle-acme.lua" )
+}
+
+simple-vhost.server-root = "/srv/http/"
+simple-vhost.default-host = "default"
+
+$HTTP["url"] =~ "^/cgi-bin" {
+ cgi.assign = ( "" => "" )
+ dir-listing.activate = "disable"
+}
+
+$HTTP["host"] == "blvuug.org" {
+ $HTTP["url"] =~ "^/salmonella" {
+proxy.server = (
+ "" => (
+"blvuug.org" =>
+("host" => "192.168.122.83", "port" => 80)))
+}
+$HTTP["url"] !~ "^/salmonella" {
+proxy.server = (
+ "" => (
+"blvuug.org" =>
+("host" => "10.4.21.2", "port" => 5001)))
+}
+}
+$HTTP["host"] == "salmonella-freebsd-x86-64.call-cc.org" {
+ $HTTP["url"] =~ "^/salmonella" {
+proxy.server = (
+ "" => (
+"salmonella-freebsd-x86-64.call-cc.org" =>
+("host" => "192.168.122.83", "port" => 80)))
+}
+$HTTP["url"] !~ "^/salmonella" {
+ url.access-deny = ("")
+}
+}
+$HTTP["host"] == "bitwarden.number89.net" {
+proxy.server = (
+ "" => (
+"bitwarden.number89.net" =>
+("host" => "10.4.21.3", "port" => 5002)))
+}
+
+cgi.x-sendfile = "enable"
+
+fastcgi.server = ("/git" =>
+(("socket" => "/run/gitolite/gitolite.sock",
+"docroot" => "/var/lib/gitolite/web")))
+
+$HTTP["url"] =~ "^/cgit" {
+ server.indexfiles = ("cgit.cgi")
+ cgi.assign = ("cgit.cgi" => "")
+}
diff --git a/server-config/www.the-brannons.com/etc/lighttpd/mime.conf b/server-config/www.the-brannons.com/etc/lighttpd/mime.conf
new file mode 100644
index 0000000..49a37c7
--- /dev/null
+++ b/server-config/www.the-brannons.com/etc/lighttpd/mime.conf
@@ -0,0 +1,56 @@
+mimetype.use-xattr = "enable"
+mimetype.xattr-name = "user.Content-Type"
+mimetype.assign = ( ".html" => "text/html; charset=utf-8",
+".txt" => "text/plain; charset=utf-8",
+".jpg" => "image/jpeg",
+".png" => "image/png",
+".htm" => "text/html; charset=utf-8",
+".xml" => "text/xml; charset=utf-8",
+".rss20" => "text/xml; charset=utf-8",
+ ".pdf" => "application/pdf",
+ ".sig" => "application/pgp-signature",
+ ".spl" => "application/futuresplash",
+ ".class" => "application/octet-stream",
+ ".ps" => "application/postscript",
+ ".torrent" => "application/x-bittorrent",
+ ".dvi" => "application/x-dvi",
+ ".pac" => "application/x-ns-proxy-autoconfig",
+ ".swf" => "application/x-shockwave-flash",
+ ".tar.gz" => "application/x-tgz",
+ ".tgz" => "application/x-tgz",
+ ".gz" => "application/x-gzip",
+ ".tar" => "application/x-tar",
+ ".zip" => "application/zip",
+ ".mp3" => "audio/mpeg",
+ ".m3u" => "audio/x-mpegurl",
+ ".wma" => "audio/x-ms-wma",
+ ".wax" => "audio/x-ms-wax",
+ ".ogg" => "audio/ogg",
+ ".wav" => "audio/x-wav",
+ ".gif" => "image/gif",
+ ".jpeg" => "image/jpeg",
+ ".xbm" => "image/x-xbitmap",
+ ".xpm" => "image/x-xpixmap",
+ ".xwd" => "image/x-xwindowdump",
+ ".css" => "text/css",
+ ".js" => "text/javascript; charset=utf-8",
+ ".c" => "text/plain; charset=utf-8",
+ ".cpp" => "text/plain; charset=utf-8",
+ ".log" => "text/plain; charset=utf-8",
+ ".conf" => "text/plain; charset=utf-8",
+ ".text" => "text/plain; charset=utf-8",
+ ".dtd" => "text/xml; charset=utf-8",
+ ".mpeg" => "video/mpeg",
+ ".mpg" => "video/mpeg",
+ ".mov" => "video/quicktime",
+ ".qt" => "video/quicktime",
+ ".avi" => "video/x-msvideo",
+ ".asf" => "video/x-ms-asf",
+ ".asx" => "video/x-ms-asf",
+ ".wmv" => "video/x-ms-wmv",
+ ".tbz" => "application/x-bzip-compressed-tar",
+ ".tar.bz2" => "application/x-bzip-compressed-tar",
+ ".bz2" => "application/x-bzip",
+ ".rpm" => "application/x-rpm",
+ # make the default mime type application/octet-stream.
+ "" => "application/octet-stream")
diff --git a/server-config/www.the-brannons.com/etc/sv/gitolite/run b/server-config/www.the-brannons.com/etc/sv/gitolite/run
new file mode 100755
index 0000000..b8207d9
--- /dev/null
+++ b/server-config/www.the-brannons.com/etc/sv/gitolite/run
@@ -0,0 +1,5 @@
+#!/bin/sh
+# You'll want spawn-fcgi and fcgiwrap to run gitolite as cgi.
+install -d --group=gitolite --mode=0755 --owner=gitolite /run/gitolite
+umask 0002
+exec spawn-fcgi -u gitolite -g gitolite -s /run/gitolite/gitolite.sock -n -d / -- /usr/bin/fcgiwrap -f
diff --git a/server-config/www.the-brannons.com/var/lib/gitolite/.gitolite b/server-config/www.the-brannons.com/var/lib/gitolite/.gitolite
new file mode 100644
index 0000000..01e79be
--- /dev/null
+++ b/server-config/www.the-brannons.com/var/lib/gitolite/.gitolite
@@ -0,0 +1,203 @@
+# configuration variables for gitolite
+
+# This file is in perl syntax. But you do NOT need to know perl to edit it --
+# just mind the commas, use single quotes unless you know what you're doing,
+# and make sure the brackets and braces stay matched up!
+
+# (Tip: perl allows a comma after the last item in a list also!)
+
+# HELP for commands can be had by running the command with "-h".
+
+# HELP for all the other FEATURES can be found in the documentation (look for
+# "list of non-core programs shipped with gitolite" in the master index) or
+# directly in the corresponding source file.
+
+%RC = (
+
+ # ------------------------------------------------------------------
+
+ # default umask gives you perms of '0700'; see the rc file docs for
+ # how/why you might change this
+ UMASK => 0027,
+
+ # look for "git-config" in the documentation
+ GIT_CONFIG_KEYS => '',
+
+ # comment out if you don't need all the extra detail in the logfile
+ LOG_EXTRA => 1,
+ # logging options
+ # 1. leave this section as is for 'normal' gitolite logging (default)
+ # 2. uncomment this line to log ONLY to syslog:
+ # LOG_DEST => 'syslog',
+ # 3. uncomment this line to log to syslog and the normal gitolite log:
+ # LOG_DEST => 'syslog,normal',
+ # 4. prefixing "repo-log," to any of the above will **also** log just the
+ # update records to "gl-log" in the bare repo directory:
+ # LOG_DEST => 'repo-log,normal',
+ # LOG_DEST => 'repo-log,syslog',
+ # LOG_DEST => 'repo-log,syslog,normal',
+ # syslog 'facility': defaults to 'local0', uncomment if needed. For example:
+ # LOG_FACILITY => 'local4',
+
+ # roles. add more roles (like MANAGER, TESTER, ...) here.
+ # WARNING: if you make changes to this hash, you MUST run 'gitolite
+ # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
+ ROLES => {
+ READERS => 1,
+ WRITERS => 1,
+ },
+
+ HTTP_ANON_USER => 'anonymous',
+ # enable caching (currently only Redis). PLEASE RTFM BEFORE USING!!!
+ # CACHE => 'Redis',
+
+ # ------------------------------------------------------------------
+
+ # rc variables used by various features
+
+ # the 'info' command prints this as additional info, if it is set
+ # SITE_INFO => 'Please see http://blahblah/gitolite for more help',
+
+ # the CpuTime feature uses these
+ # display user, system, and elapsed times to user after each git operation
+ # DISPLAY_CPU_TIME => 1,
+ # display a warning if total CPU times (u, s, cu, cs) crosses this limit
+ # CPU_TIME_WARN_LIMIT => 0.1,
+
+ # the Mirroring feature needs this
+ # HOSTNAME => "foo",
+
+ # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING!
+ # CACHE_TTL => 600,
+
+ # ------------------------------------------------------------------
+
+ # suggested locations for site-local gitolite code (see cust.html)
+
+ # this one is managed directly on the server
+ # LOCAL_CODE => "$ENV{HOME}/local",
+
+ # or you can use this, which lets you put everything in a subdirectory
+ # called "local" in your gitolite-admin repo. For a SECURITY WARNING
+ # on this, see http://gitolite.com/gitolite/non-core.html#pushcode
+ # LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local",
+
+ # ------------------------------------------------------------------
+
+ # List of commands and features to enable
+
+ ENABLE => [
+
+ # COMMANDS
+
+ # These are the commands enabled by default
+ 'help',
+ 'desc',
+ 'info',
+ 'perms',
+ 'writable',
+
+ # Uncomment or add new commands here.
+ # 'create',
+ # 'fork',
+ # 'mirror',
+ # 'readme',
+ # 'sskm',
+ # 'D',
+
+ # These FEATURES are enabled by default.
+
+ # essential (unless you're using smart-http mode)
+ 'ssh-authkeys',
+
+ # creates git-config entries from gitolite.conf file entries like 'config foo.bar = baz'
+ 'git-config',
+
+ # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
+ 'daemon',
+
+ # creates projects.list file; if you don't use gitweb, comment this out
+ 'gitweb',
+
+ # These FEATURES are disabled by default; uncomment to enable. If you
+ # need to add new ones, ask on the mailing list :-)
+
+ # user-visible behaviour
+
+ # prevent wild repos auto-create on fetch/clone
+ # 'no-create-on-read',
+ # no auto-create at all (don't forget to enable the 'create' command!)
+ # 'no-auto-create',
+
+ # access a repo by another (possibly legacy) name
+ # 'Alias',
+
+ # give some users direct shell access. See documentation in
+ # sts.html for details on the following two choices.
+ # "Shell $ENV{HOME}/.gitolite.shell-users",
+ # 'Shell alice bob',
+
+ # set default roles from lines like 'option default.roles-1 = ...', etc.
+ # 'set-default-roles',
+
+ # show more detailed messages on deny
+ # 'expand-deny-messages',
+
+ # show a message of the day
+ # 'Motd',
+
+ # system admin stuff
+
+ # enable mirroring (don't forget to set the HOSTNAME too!)
+ # 'Mirroring',
+
+ # allow people to submit pub files with more than one key in them
+ # 'ssh-authkeys-split',
+
+ # selective read control hack
+ # 'partial-copy',
+
+ # manage local, gitolite-controlled, copies of read-only upstream repos
+ # 'upstream',
+
+ # updates 'description' file instead of 'gitweb.description' config item
+ # 'cgit',
+
+ # allow repo-specific hooks to be added
+ # 'repo-specific-hooks',
+
+ # performance, logging, monitoring...
+
+ # be nice
+ # 'renice 10',
+
+ # log CPU times (user, system, cumulative user, cumulative system)
+ # 'CpuTime',
+
+ # syntactic_sugar for gitolite.conf and included files
+
+ # allow backslash-escaped continuation lines in gitolite.conf
+ # 'continuation-lines',
+
+ # create implicit user groups from directory names in keydir/
+ # 'keysubdirs-as-groups',
+
+ # allow simple line-oriented macros
+ # 'macros',
+
+ # Kindergarten mode
+
+ # disallow various things that sensible people shouldn't be doing anyway
+ # 'Kindergarten',
+ ],
+
+);
+
+# ------------------------------------------------------------------------------
+# per perl rules, this should be the last line in such a file:
+1;
+
+# Local variables:
+# mode: perl
+# End:
+# vim: set syn=perl:
diff --git a/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GITOLITE_HTTP_HOME b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GITOLITE_HTTP_HOME
new file mode 100644
index 0000000..b62d1f1
--- /dev/null
+++ b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GITOLITE_HTTP_HOME
@@ -0,0 +1 @@
+/var/lib/gitolite
diff --git a/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_HTTP_EXPORT_ALL b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_HTTP_EXPORT_ALL
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_HTTP_EXPORT_ALL
@@ -0,0 +1 @@
+
diff --git a/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_PROJECT_ROOT b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_PROJECT_ROOT
new file mode 100644
index 0000000..b53d4b7
--- /dev/null
+++ b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/GIT_PROJECT_ROOT
@@ -0,0 +1 @@
+/var/lib/gitolite/repositories
diff --git a/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/HOME b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/HOME
new file mode 100644
index 0000000..b62d1f1
--- /dev/null
+++ b/server-config/www.the-brannons.com/var/lib/gitolite/cgi-environ/HOME
@@ -0,0 +1 @@
+/var/lib/gitolite
diff --git a/server-config/www.the-brannons.com/var/lib/gitolite/web/git b/server-config/www.the-brannons.com/var/lib/gitolite/web/git
new file mode 100755
index 0000000..52b2ba5
--- /dev/null
+++ b/server-config/www.the-brannons.com/var/lib/gitolite/web/git
@@ -0,0 +1,3 @@
+#!/usr/bin/execlineb
+# This is executed as a CGI script under fcgiwrap.
+chpst -e /var/lib/gitolite/cgi-environ /usr/lib/gitolite/gitolite-shell