Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Simplify git-lfs-authenticate, rip out Gitolite | Rutger Broekhoff | 2024-01-09 | 2 | -133/+309 |
| | | | | | | Zero dependencies for git-lfs-authenticate now. Not compatible with the LFS server. Assumes that any user who has access to the Git user, should have access to all repositories. | ||||
* | rm .gitattributes | Rutger Broekhoff | 2024-01-02 | 1 | -1/+0 |
| | |||||
* | Make tokens short-lived | Rutger Broekhoff | 2024-01-02 | 2 | -3/+3 |
| | |||||
* | Remove NixOS module part from flake | Rutger Broekhoff | 2024-01-02 | 1 | -6/+1 |
| | |||||
* | Add license | Rutger Broekhoff | 2024-01-02 | 1 | -0/+19 |
| | |||||
* | Remove some cruft, add 'GITOLFS3_' prefix to envs | Rutger Broekhoff | 2024-01-02 | 1 | -30/+18 |
| | |||||
* | Return after makeRespError; add notice in README.txt | Rutger Broekhoff | 2024-01-02 | 2 | -0/+8 |
| | |||||
* | Delete vendor directory | Rutger Broekhoff | 2024-01-02 | 848 | -412860/+1 |
| | |||||
* | Wheee | Rutger Broekhoff | 2024-01-02 | 1 | -7/+20 |
| | |||||
* | Don't use die() for printing usage | Rutger Broekhoff | 2024-01-02 | 1 | -2/+4 |
| | |||||
* | Print usage in git-lfs-authenticate | Rutger Broekhoff | 2024-01-02 | 1 | -2/+4 |
| | |||||
* | Remove concurrency stuff in git-lfs-authenticate | Rutger Broekhoff | 2024-01-02 | 1 | -21/+9 |
| | |||||
* | Write Content-Length in object GET | Rutger Broekhoff | 2024-01-02 | 1 | -0/+3 |
| | |||||
* | Token types, download verification | Rutger Broekhoff | 2024-01-02 | 2 | -20/+140 |
| | |||||
* | Better logging (for a standalone server) | Rutger Broekhoff | 2024-01-02 | 1 | -7/+6 |
| | |||||
* | 🚫 No CGI 🚫 | Rutger Broekhoff | 2024-01-02 | 1 | -2/+10 |
| | |||||
* | catch panic | Rutger Broekhoff | 2024-01-02 | 1 | -1/+10 |
| | |||||
* | Try generating more descriptive errors | Rutger Broekhoff | 2024-01-02 | 1 | -1/+10 |
| | |||||
* | lol oops | Rutger Broekhoff | 2024-01-02 | 1 | -1/+1 |
| | |||||
* | Uploading objects is a PUT, not a POST | Rutger Broekhoff | 2024-01-02 | 1 | -1/+1 |
| | |||||
* | Fix upload regex | Rutger Broekhoff | 2024-01-02 | 1 | -1/+1 |
| | |||||
* | Upload validation by proxying | Rutger Broekhoff | 2024-01-02 | 1 | -58/+263 |
| | | | | Yes, the code is a mess | ||||
* | Specify x-amz-content-sha256 as in Scaleway docs | Rutger Broekhoff | 2023-12-31 | 1 | -0/+1 |
| | |||||
* | Try formatting x-amz-checksum-sha256 as Base64 | Rutger Broekhoff | 2023-12-31 | 1 | -1/+15 |
| | | | | | | | Although this already looks like a lost cause (Scaleway Object Storage doesn't seem to care about these headers -- certainly not about Content-Length -- I wanted to see if I could still get automatic checksum verification working. | ||||
* | Fix mistake | Rutger Broekhoff | 2023-12-30 | 1 | -4/+4 |
| | |||||
* | Only print environment when dying | Rutger Broekhoff | 2023-12-30 | 1 | -5/+4 |
| | |||||
* | Add .git suffix to repo in href construction | Rutger Broekhoff | 2023-12-30 | 1 | -5/+5 |
| | |||||
* | git-lfs-authenticate: allow setting repo href base URL | Rutger Broekhoff | 2023-12-30 | 1 | -8/+27 |
| | |||||
* | Implement authorization in git-lfs-server, test presigned PUTs | Rutger Broekhoff | 2023-12-30 | 2 | -31/+182 |
| | |||||
* | Add command for generating ED25519 keypairs | Rutger Broekhoff | 2023-12-30 | 1 | -0/+31 |
| | |||||
* | Properly format request timestamp | Rutger Broekhoff | 2023-12-30 | 1 | -1/+2 |
| | |||||
* | Adjust MkdirAll mode | Rutger Broekhoff | 2023-12-30 | 1 | -2/+2 |
| | |||||
* | Improve git-lfs-authenticate | Rutger Broekhoff | 2023-12-30 | 1 | -10/+70 |
| | |||||
* | Implement git-lfs-authenticate | Rutger Broekhoff | 2023-12-30 | 35 | -59/+2858 |
| | |||||
* | URL as string, lesson learned | Rutger Broekhoff | 2023-12-30 | 1 | -2/+2 |
| | |||||
* | Repo .git suffix | Rutger Broekhoff | 2023-12-30 | 1 | -1/+1 |
| | |||||
* | Request IDs! | Rutger Broekhoff | 2023-12-30 | 1 | -20/+40 |
| | |||||
* | Allow setting Gitolite binary path via env | Rutger Broekhoff | 2023-12-29 | 1 | -8/+14 |
| | |||||
* | Log more | Rutger Broekhoff | 2023-12-29 | 1 | -0/+3 |
| | |||||
* | Swap strings.TrimPrefix args | Rutger Broekhoff | 2023-12-29 | 1 | -2/+2 |
| | |||||
* | Log reqPath 2x more | Rutger Broekhoff | 2023-12-29 | 1 | -0/+2 |
| | |||||
* | Submatch | Rutger Broekhoff | 2023-12-29 | 1 | -5/+7 |
| | |||||
* | Prefer PATH_INFO over request URL | Rutger Broekhoff | 2023-12-29 | 1 | -1/+5 |
| | |||||
* | List envs at start | Rutger Broekhoff | 2023-12-29 | 1 | -11/+21 |
| | |||||
* | Improve handling of MIME types | Rutger Broekhoff | 2023-12-29 | 1 | -5/+17 |
| | |||||
* | Read S3 secrets from file | Rutger Broekhoff | 2023-12-29 | 1 | -13/+23 |
| | |||||
* | Make Nix builds work | Rutger Broekhoff | 2023-12-29 | 824 | -33/+410277 |
| | |||||
* | Add 'lfs/objects' part to path | Rutger Broekhoff | 2023-12-29 | 1 | -1/+1 |
| | |||||
* | Write basic read-only public Git LFS server | Rutger Broekhoff | 2023-12-29 | 3 | -0/+401 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | The 'integration' with Gitolite is honestly pretty bad and should not be taken very seriously: it runs the 'gitolite access' command to check if some user (e.g., daemon/nobody) should be able to read from the repository. Based on this, it grants access to objects stored in S3, by generating Presigned GetObject URLs using the S3 API. Of course, this integration with Gitolite (especially when using the daemon user to check if the user should be able to read) is not very 'high-value': 1. If we already make use of the daemon pseudo-user to control access to public repositories, we may as well check for the existence of git-daemon-export-ok files. In case they exist, we simply assume that the repository is meant to be shown on the public internet and that therefore the LFS archive should also be considered 'open to the public'. 2. The way that Gitolite commands are currently run, this program breaks when not running under the git user without extra configuration; Gitolite decides where repositories are based on the HOME environment variable. This program currently does not set this. This could be set by the CGI server (or fcgiwrap) and would unbreak the system. There's no support for any more advanced kind of authn/authz. Uploading is also not supported yet. That's still to come. | ||||
* | Initial commit | Rutger Broekhoff | 2023-12-29 | 4 | -0/+57 |