[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-commits-diffs] net.venge.monotone: 37610c8e8486e1ff2369f6d8a3
|
From: |
code |
|
Subject: |
[Monotone-commits-diffs] net.venge.monotone: 37610c8e8486e1ff2369f6d8a35c1dbe9ffbd028 |
|
Date: |
Thu, 25 Nov 2010 18:01:22 GMT |
revision: 37610c8e8486e1ff2369f6d8a35c1dbe9ffbd028
date: 2010-11-25T17:59:13
author: Richard Levitte <address@hidden>
branch: net.venge.monotone
changelog:
Add an example of how to set up a central monotone server
manifest:
format_version "1"
new_manifest [7792cbe727109b675ed4dc72fac54cf51474ff81]
old_revision [afaee98893bb20f64b3a9f1042d5f5e43df58bbe]
add_dir "examples/server-setup"
add_file "examples/server-setup/README"
content [738bc40ea204a3fc08e740351cfe377dc3a07739]
add_file "examples/server-setup/monotone.init"
content [09e74a6fe3d7fcfd08fa5640797d082e72a901d6]
add_file "examples/server-setup/monotone.run"
content [f163d5e9dc2501d1b86319dceca66c701db05d43]
add_file "examples/server-setup/serverrc"
content [07ad1a21a9d899c4023ec5018ffe010d554833f6]
============================================================
--- /dev/null
+++ examples/server-setup/README 738bc40ea204a3fc08e740351cfe377dc3a07739
@@ -0,0 +1,168 @@
+Server startup
+==============
+
+Server startup can be done in many ways, and the ideas are probably
+many. Here's one of the possibilities, which is mostly a shameless
+rip-off from the monotone-server package in Debian.
+
+The monotone server really depends on a few sections of information:
+
+ - configuration information, which is controlled by the admin and
+ goes into /etc/monotone.
+ - dynamic information, which is the database itself and other things
+ belonging with it. My suggestion is /var/lib/monotone.
+ - a script to start, stop and restart the server process.
+
+
+Creating the monotone user
+--------------------------
+
+For the sake of safety, the best is to run the monotone server process
+under its own user. On Debian, it would be done like this:
+
+ adduser --system --group --home /var/lib/monotone --no-create-home \
+ --disabled-password --quiet --gecos "Monotone" monotone
+
+On FreeBSD, I'd do it like this (haven't tested, honestly):
+
+ adduser -d /var/lib/monotone -k /dev/null -w no -M 0750 -s /bin/false -S \
+ monotone
+
+
+Creating and populating directories
+-----------------------------------
+
+Now, time to create the other directories and populate them, set safer
+permissions and populate them. Let's start on the directories:
+
+ mkdir /etc/monotone /etc/monotone/hooks.d
+ mkdir /var/lib/monotone/keys /var/log/monotone
+
+Now, time to populate them. Copy the following files (found in this
+directory) to /etc/monotone:
+
+ - serverrc This is a very simple file, all it does is load hooks
+ with their corresponding configuration from
+ /etc/monotone/hooks.d
+
+Copy your choice of the following files (from the monotone contrib/
+directory) to /etc/monotone/hooks.d:
+
+ - get_passphrase_from_file.lua
+ This will use the file passphrases in the monotone
+ configuration directory (in this setup, it's
+ /etc/monotone) to open any key it needs to use, for
+ example the server key.
+ - authorize_remote_automate.lua
+ This will use the file remote-automate-permissions in
+ the monotone configuration directory to permit remote
+ automate operations to select users, through their
+ keys.
+ - monotone-mail-notify.lua, monotone-mail-notify.sh
+ This will send an email notification to an email
+ address of your choice, for the branches of your
+ choice. Read the comments at the top of
+ monotone-mail-notify.lua for details.
+ Note: it needs mime-construct and source-highlight.
+
+There are more hooks to be found, have a look!
+
+
+Creating the database and server key
+------------------------------------
+
+Now, it's time to generate a server database and key. Let's start
+with the database:
+
+ mtn --db /var/lib/monotone/default.mtn db init \
+ --no-standard-rcfiles \
+ --keydir=/var/lib/monotone/keys --confdir=/etc/monotone
+
+Then, let's create the server key. For simplicity, I'm placing the
+key name (no spaces allowed here!) and password in shell variables
+(change anything within braces ({}) to things of your choice), and
+create /etc/monotone/passphrases:
+
+ KEYNAME="address@hidden"
+ KEYPASS="{I REALLY HOPE YOU USE SOMETHING SMARTER THAN THIS ;-)}"
+ yes "$KEYPASS" | \
+ mtn --db /var/lib/monotone/default.mtn genkey $KEYNAME --quiet \
+ --no-standard-rcfiles \
+ --keydir=/var/lib/monotone/keys --confdir=/etc/monotone
+ echo "$KEYNAME \"$KEYPASS\"" > /etc/monotone/passphrases
+
+
+Setting up permissions
+----------------------
+
+Finally, you might want to start on /etc/monotone/read-permissions and
+/etc/monotone/write-permissions. You can use the examples from
+monotone's example directory to see how it should be done.
+
+Another way is to create the directories /etc/monotone/read-permissions.d
+and /etc/monotone/write-permissions.d, which can hold separate files
+with setups as you choose to separate it. If you do this, there's a
+simple and useful script in monotone's contrib/ directory called
+mtn_makepermissions that compiles the files in read-permissions.d and
+write-permissions into the files read-permissions and write-permissions
+that monotone depends on.
+
+
+Ownership and protection
+------------------------
+
+At this point, things are set up, and it's time to get protective.
+First of all, let's make sure the monotone user owns everything:
+
+ chown -R monotone:monotone /etc/monotone
+ chown -R monotone:monotone /var/lib/monotone
+ chown -R monotone:monotone /var/log/monotone
+
+Now, set the permissions where it may be important:
+
+ chmod 0750 /etc/monotone
+ chmod 0750 /var/lib/monotone
+
+ chmod -R 0640 /etc/monotone/write-permissions*
+ chmod -R 0640 /etc/monotone/read-permissions*
+ chmod 0640 /etc/monotone/serverrc
+
+ chmod 0600 /var/lib/monotone/default.mtn
+
+ chmod 0400 /etc/monotone/passphrases
+
+
+Server startup
+--------------
+
+The last bit is the server startup. It can be done in one of several
+ways.
+
+daemontools:
+
+ If you prefer to use daemontools (from http://cr.yp.to/daemontools.html),
+ set up the service by copying monotone.run (found in this directory)
+ to to your service directory (let's assume you have your services in
+ /var/services), like this:
+
+ mkdir /var/services/monotone
+ cp monotone.run /var/services/monotone/run
+
+ Now, all you have to do is start it:
+
+ svc -u /var/services/monotone
+
+SysV init style:
+
+ If you prefer to use something toward SysV init style, copy
+ monotone.init to /etc/init.d and make softlinks to /etc/rc?.d, as
+ follows. Note that this script depends on sudo and that root has
+ permission to run as the user monotone.
+
+ cp monotone.init /etc/init.d/monotone
+ for starter in /etc/rc[2-5].d; do ln -s /etc/init.d/monotone $starter; done
+ for killer in /etc/rc[0126].d; do ln -s /etc/init.d/monotone $killer; done
+
+ To start it, all you have to do is this:
+
+ /etc/init.d/monotone start
============================================================
--- /dev/null
+++ examples/server-setup/monotone.init 09e74a6fe3d7fcfd08fa5640797d082e72a901d6
@@ -0,0 +1,58 @@
+#! /bin/sh
+
+set -e
+
+NAME=monotone
+EXECNAME=mtn
+DAEMON=/usr/bin/$EXECNAME
+PIDDIR=/var/run/$NAME
+SCRIPTNAME=/etc/init.d/$NAME
+MAINLOG=/var/log/$NAME/$EXECNAME.log
+ERRORLOG=/var/log/$NAME/error.log
+
+ADDRESS=0.0.0.0
+MTN_HOME=/var/lib/monotone
+MTN_CONFDIR=/etc/monotone
+MTN_KEYDIR=$MTN_HOME/keys
+MTN_DB=$MTN_HOME/default.mtn
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+PIDFILE=$PIDDIR/$EXECNAME.pid
+
+case "$1" in
+ start)
+ # If /var/run is created in tmpfs, it will be wiped of previous data
+ if [ ! -d "$PIDDIR" ]; then
+ mkdir -p "$PIDDIR" && chown monotone:monotone "$PIDDIR"
+ fi
+
+ # If there's a pid file, there may be a runnign server already
+ if [ -e "$PIDFILE" ] && kill -0 `cat "$PIDFILE"` 2>/dev/null; then
+ echo "Already started $DESC : $NAME"
+ else
+ rm -f "$PIDFILE"
+ cd $MTN_HOME
+ sudo -u monotone -b -H -n $DAEMON \
+ --confdir=$MTN_CONFDIR --db=$MTN_DB --keydir=$MTN_KEYDIR \
+ --no-standard-rcfiles --rcfile=$MTN_CONFDIR/hooks.lua \
+ --pid-file=$PIDFILE --timestamps --quiet \
+ --bind=$ADDRESS serve >> $MAINLOG 2>&1 < /dev/null &
+ if [ -e "$PIDFILE" ]; then
+ echo "Starting $DESC : $NAME"
+ else
+ echo "Failed starting $DESC"
+ fi
+ fi
+ ;;
+ stop)
+ if [ -e "$PIDFILE" ] && kill `cat "$PIDFILE"` 2>/dev/null; then
+ echo "Stopped $DESC : $NAME"
+ fi
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop}" >&2
+ exit 1
+ ;;
+esac
============================================================
--- /dev/null
+++ examples/server-setup/monotone.run f163d5e9dc2501d1b86319dceca66c701db05d43
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+NAME=monotone
+EXECNAME=mtn
+DAEMON=/usr/bin/$EXECNAME
+MAINLOG=/var/log/$NAME/$EXECNAME.log
+
+ADDRESS=0.0.0.0
+MTN_HOME=/var/lib/monotone
+MTN_CONFDIR=/etc/monotone
+MTN_KEYDIR=$MTN_HOME/keys
+MTN_DB=$MTN_HOME/default.mtn
+
+cd /var/lib/monotone
+exec >> $MAINLOG 2>&1
+exec \
+ softlimit -d192000000 \
+ setuidgid monotone \
+ /usr/bin/monotone \
+ --confdir=$MTN_CONFDIR --keydir=$MTN_KEYDIR --db=$MTN_DB \
+ --no-standard-rcfiles --rcfile=$MTN_CONFDIR/hooks.lua \
+ --timestamps --quiet --bind=$ADDRESS serve
============================================================
--- /dev/null
+++ examples/server-setup/serverrc 07ad1a21a9d899c4023ec5018ffe010d554833f6
@@ -0,0 +1,12 @@
+-- -*- mode: Lua -*-
+
+---- Load local hooks if they exist.
+-- The way this is supposed to work is that hooks.d can contain symbolic
+-- links to lua scripts. These links MUST have the extension .lua
+-- If the script needs some configuration, a corresponding lua file with
+-- the extension .conf is the right spot.
+----
+-- First load the configuration of the hooks, if applicable
+includedirpattern(get_confdir() .. "/hooks.d/","*.conf")
+-- Then load the hooks themselves
+includedirpattern(get_confdir() .. "/hooks.d/","*.lua")
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Monotone-commits-diffs] net.venge.monotone: 37610c8e8486e1ff2369f6d8a35c1dbe9ffbd028,
code <=