| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Implement git-lfs-authenticate |   Rutger Broekhoff | 2023-12-30 | 2 | -57/+130 |
| * | URL as string, lesson learned | Rutger Broekhoff | 2023-12-30 | 1 | -2/+2 |
| * | Repo .git suffix | Rutger Broekhoff | 2023-12-30 | 1 | -1/+1 |
| * | Request IDs! | Rutger Broekhoff | 2023-12-30 | 1 | -20/+40 |
| * | Allow setting Gitolite binary path via env | Rutger Broekhoff | 2023-12-29 | 1 | -8/+14 |
| * | Log more | Rutger Broekhoff | 2023-12-29 | 1 | -0/+3 |
| * | Swap strings.TrimPrefix args | Rutger Broekhoff | 2023-12-29 | 1 | -2/+2 |
| * | Log reqPath 2x more | Rutger Broekhoff | 2023-12-29 | 1 | -0/+2 |
| * | Submatch | Rutger Broekhoff | 2023-12-29 | 1 | -5/+7 |
| * | Prefer PATH_INFO over request URL | Rutger Broekhoff | 2023-12-29 | 1 | -1/+5 |
| * | List envs at start | Rutger Broekhoff | 2023-12-29 | 1 | -11/+21 |
| * | Improve handling of MIME types | Rutger Broekhoff | 2023-12-29 | 1 | -5/+17 |
| * | Read S3 secrets from file | Rutger Broekhoff | 2023-12-29 | 1 | -13/+23 |
| * | Make Nix builds work | Rutger Broekhoff | 2023-12-29 | 1 | -32/+32 |
| * | Add 'lfs/objects' part to path | Rutger Broekhoff | 2023-12-29 | 1 | -1/+1 |
| * | Write basic read-only public Git LFS server•••The 'integration' with Gitolite is honestly pretty bad and should not be
taken very seriously: it runs the 'gitolite access' command to check if
some user (e.g., daemon/nobody) should be able to read from the
repository. Based on this, it grants access to objects stored in S3, by
generating Presigned GetObject URLs using the S3 API.
Of course, this integration with Gitolite (especially when using the
daemon user to check if the user should be able to read) is not very
'high-value':
1. If we already make use of the daemon pseudo-user to control access to
public repositories, we may as well check for the existence of
git-daemon-export-ok files. In case they exist, we simply assume that
the repository is meant to be shown on the public internet and that
therefore the LFS archive should also be considered 'open to the
public'.
2. The way that Gitolite commands are currently run, this program breaks
when not running under the git user without extra configuration;
Gitolite decides where repositories are based on the HOME environment
variable. This program currently does not set this. This could be set
by the CGI server (or fcgiwrap) and would unbreak the system.
There's no support for any more advanced kind of authn/authz. Uploading
is also not supported yet. That's still to come.
| Rutger Broekhoff | 2023-12-29 | 1 | -0/+329 |
| * | Initial commit | Rutger Broekhoff | 2023-12-29 | 2 | -0/+49 |
