search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gc.sh: optimize test in repack_gfi_packs
[girocco.git] / install.sh
blobfd6782add44edc7ca411cfc8be418cee31e498ab
1 #!/bin/sh
2 # The Girocco installation script
3 # We will OVERWRITE basedir!
4
5 set -e
6
7 [ -n "$MAKE" ] || MAKE="$(MAKEFLAGS= make -s gnu_make_command_name | grep '^gnu_make_command_name=' | sed 's/^[^=]*=//')"
8 if [ -z "$MAKE" ]; then
9 echo "ERROR: cannot determine name of the GNU make command" >&2
10 echo "Please set MAKE to the name of the GNU make executable" >&2
11 exit 1
12 fi
13
14 # Run perl module checker
15 if [ ! -x toolbox/check-perl-modules.pl ]; then
16 echo "ERROR: missing toolbox/check-perl-modules.pl!" >&2
17 exit 1
18 fi
19
20 # What Config should we use?
21 [ -n "$GIROCCO_CONF" ] || GIROCCO_CONF=Girocco::Config
22 echo "*** Initializing using $GIROCCO_CONF..."
23
24 # First run Girocco::Config consistency checks
25 perl -I. -M$GIROCCO_CONF -e ''
26
27 . ./shlib.sh
28 umask 0022
29 "$var_perl_bin" toolbox/check-perl-modules.pl
30
31 owngroup=""
32 [ -z "$cfg_owning_group" ] || owngroup=":$cfg_owning_group"
33 if [ -n "$cfg_httpspushurl" -a -z "$cfg_certsdir" ]; then
34 echo "ERROR: \$httpspushurl is set but \$certsdir is not!" >&2
35 echo "ERROR: perhaps you have an incorrect Config.pm?" >&2
36 exit 1
37 fi
38
39
40 # Check for extra required tools
41 if [ -n "$cfg_xmllint_readme" -a "$cfg_xmllint_readme" != "0" ] && ! command -v xmllint >/dev/null; then
42 echo "ERROR: \$xmllint_readme set but xmllint not in \$PATH!" >&2
43 exit 1
44 fi
45
46
47 echo "*** Checking for compiled utilities..."
48 if [ ! -x src/can_user_push ]; then
49 echo "ERROR: src/can_user_push is not built! Did you _REALLY_ read INSTALL?" >&2
50 echo "ERROR: perhaps you forgot to run make?" >&2
51 exit 1
52 fi
53 if [ ! -x src/can_user_push_http ]; then
54 echo "ERROR: src/can_user_push_http is not built! Did you _REALLY_ read INSTALL?" >&2
55 echo "ERROR: perhaps you forgot to run make?" >&2
56 exit 1
57 fi
58 if [ ! -x src/getent ]; then
59 echo "ERROR: src/getent is not built! Did you _REALLY_ read INSTALL?" >&2
60 echo "ERROR: perhaps you forgot to run make?" >&2
61 exit 1
62 fi
63 if [ ! -x src/get_user_uuid ]; then
64 echo "ERROR: src/get_user_uuid is not built! Did you _REALLY_ read INSTALL?" >&2
65 echo "ERROR: perhaps you forgot to run make?" >&2
66 exit 1
67 fi
68 if [ ! -x src/peek_packet ]; then
69 echo "ERROR: src/peek_packet is not built! Did you _REALLY_ read INSTALL?" >&2
70 echo "ERROR: perhaps you forgot to run make?" >&2
71 exit 1
72 fi
73 if [ ! -x src/rangecgi ]; then
74 echo "ERROR: src/rangecgi is not built! Did you _REALLY_ read INSTALL?" >&2
75 echo "ERROR: perhaps you forgot to run make?" >&2
76 exit 1
77 fi
78 if [ ! -x src/throttle ]; then
79 echo "ERROR: src/throttle is not built! Did you _REALLY_ read INSTALL?" >&2
80 echo "ERROR: perhaps you forgot to run make?" >&2
81 exit 1
82 fi
83 if [ ! -x src/list_packs ]; then
84 echo "ERROR: src/list_packs is not built! Did you _REALLY_ read INSTALL?" >&2
85 echo "ERROR: perhaps you forgot to run make?" >&2
86 exit 1
87 fi
88
89
90 echo "*** Checking for ezcert..."
91 if ! [ -f ezcert.git/CACreateCert -a -x ezcert.git/CACreateCert ]; then
92 echo "ERROR: ezcert.git is not checked out! Did you _REALLY_ read INSTALL?" >&2
93 exit 1
94 fi
95
96
97 echo "*** Checking for git..."
98 case "$cfg_git_bin" in /*) :;; *)
99 echo 'ERROR: $Girocco::Config::git_bin must be set to an absolute path' >&2
100 exit 1
101 esac
102 if [ ! -x "$cfg_git_bin" ]; then
103 echo "ERROR: $cfg_git_bin does not exist or is not executable" >&2
104 exit 1
105 fi
106 if ! git_version="$("$cfg_git_bin" version)"; then
107 echo "ERROR: $cfg_git_bin version failed" >&2
108 exit 1
109 fi
110 case "$git_version" in
111 [Gg]"it version "*) :;;
112 *)
113 echo "ERROR: '$cfg_git_bin version' output does not start with 'git version '" >&2
114 exit 1
115 esac
116 echo "Found $cfg_git_bin $git_version"
117 git_vernum="$(echo "$git_version" | sed -ne 's/^[^0-9]*\([0-9][0-9]*\(\.[0-9][0-9]*\)*\).*$/\1/p')"
118 echo "*** Checking Git $git_vernum for compatibility..."
119 if [ "$(vcmp "$git_vernum" 1.6.6)" -lt 0 ]; then
120 echo 'ERROR: $Girocco::Config::git_bin must be at least Git version 1.6.6'
121 exit 1
122 fi
123 if [ "$(vcmp "$git_vernum" 1.6.6.3)" -lt 0 ]; then
124 echo 'WARNING: $Girocco::Config::git_bin version < 1.6.6.3, clients will not see useful error messages'
125 fi
126 if [ "$(vcmp "$git_vernum" 1.7.3)" -lt 0 ]; then
127 cat <<'EOT'
128
129 ***
130 *** SEVERE WARNING: $Girocco::Config::git_bin is set to a version of Git before 1.7.3
131 ***
132
133 Some Girocco functionality will be gracefully disabled and other things will
134 just not work at all such as race condition protection against simultaneous
135 client pushes and server garbage collections.
136
137 EOT
138 fi
139 if [ -n "$cfg_mirror" -a "$(vcmp "$git_vernum" 1.7.5)" -lt 0 ]; then
140 echo 'WARNING: $Girocco::Config::git_bin version < 1.7.5 and mirroring enabled, some sources can cause an infinite fetch loop'
141 fi
142 if [ "$(vcmp "$git_vernum" 1.7.6.6)" -lt 0 ]; then
143 echo 'WARNING: $Girocco::Config::git_bin version < 1.7.6.6, performance may be degraded'
144 fi
145 if [ "$(uname -m 2>/dev/null)" = "x86_64" ] && [ "$(vcmp "$git_vernum" 1.7.11)" -ge 0 ]; then
146 echo 'WARNING: $Girocco::Config::git_bin version >= 1.7.11 and x86_64, make sure Git built WITHOUT XDL_FAST_HASH'
147 echo 'WARNING: See http://thread.gmane.org/gmane.comp.version-control.git/261638 for details'
148 fi
149 if [ "$(vcmp "$git_vernum" 1.8.4.2)" -ge 0 ] && [ -n "$cfg_mirror" -a "$(vcmp "$git_vernum" 2)" -lt 0 ]; then
150 echo 'WARNING: $Girocco::Config::git_bin version >= 1.8.4.2 and < 2.0.0, git-daemon needs write access for shallow clones'
151 echo 'WARNING: $Girocco::Config::git_bin version >= 1.8.4.2 and < 2.0.0, shallow clones will leave repository turds'
152 fi
153 if [ "$(vcmp "$git_vernum" 1.8.4.3)" -lt 0 ]; then
154 echo 'WARNING: $Girocco::Config::git_bin version < 1.8.4.3, clients will not receive symref=HEAD:refs/heads/...'
155 fi
156 if [ "$(vcmp "$git_vernum" 2.1)" -lt 0 ]; then
157 echo 'WARNING: $Girocco::Config::git_bin version < 2.1.0, pack bitmaps will not be available'
158 fi
159 if [ "$(vcmp "$git_vernum" 2.1)" -ge 0 ] && [ "$(vcmp "$git_vernum" 2.1.3)" -lt 0 ]; then
160 echo 'WARNING: $Girocco::Config::git_bin version >= 2.1.0 and < 2.1.3, pack bitmaps may not be reliable, please upgrade to at least Git version 2.1.3'
161 fi
162 if [ "$(vcmp "$git_vernum" 2.2)" -ge 0 ] && [ "$(vcmp "$git_vernum" 2.3.2)" -lt 0 ]; then
163 cat <<'EOT'
164
165 ***
166 *** ERROR: $Girocco::Config::git_bin is set to an incompatible version of Git
167 ***
168
169 Git versions starting with 2.2.0 and continuing up through 2.3.1 are incompatible
170 with Girocco due to various unresolved issues. Please either downgrade to 2.1.4
171 or earlier or, more preferred, upgrade to 2.3.2 (ideally 2.4.11) or later.
172
173 In order to bypass this check you will have to modify install.sh in which case
174 USE THE SELECTED GIT BINARY AT YOUR OWN RISK!
175
176 EOT
177 exit 1
178 fi
179 if [ "$(vcmp "$git_vernum" 2.3.3)" -lt 0 ]; then
180 echo 'WARNING: $Girocco::Config::git_bin version < 2.3.3, performance will be sub-optimal'
181 fi
182 if [ "$(vcmp "$git_vernum" 2.4.4)" -lt 0 ]; then
183 echo 'WARNING: $Girocco::Config::git_bin version < 2.4.4, many refs smart HTTP fetches can deadlock'
184 fi
185 secmsg=
186 if [ "$(vcmp "$git_vernum" 2.4.11)" -lt 0 ]; then
187 secmsg='prior to 2.4.11'
188 fi
189 if [ "$(vcmp "$git_vernum" 2.5)" -ge 0 ] && [ "$(vcmp "$git_vernum" 2.5.5)" -lt 0 ]; then
190 secmsg='2.5.x prior to 2.5.5'
191 fi
192 if [ "$(vcmp "$git_vernum" 2.6)" -ge 0 ] && [ "$(vcmp "$git_vernum" 2.6.6)" -lt 0 ]; then
193 secmsg='2.6.x prior to 2.6.6'
194 fi
195 if [ "$(vcmp "$git_vernum" 2.7)" -ge 0 ] && [ "$(vcmp "$git_vernum" 2.7.4)" -lt 0 ]; then
196 secmsg='2.7.x prior to 2.7.4'
197 fi
198 if [ -n "$secmsg" ]; then
199 cat <<EOT
200
201 ***
202 *** SEVERE WARNING: \$Girocco::Config::git_bin is set to a version of Git $secmsg
203 ***
204
205 Security issues exist in Git versions prior to 2.4.11, 2.5.x prior to 2.5.5,
206 2.6.x prior to 2.6.6 and 2.7.x prior to 2.7.4.
207
208 Besides the security fixes included in later versions, versions prior to
209 2.2.0 may accidentally prune unreachable loose objects earlier than
210 intended. Since Git version 2.4.11 is the minimum version to include all
211 security fixes to date, it should be considered the absolute minimum
212 version of Git to use when running Girocco.
213
214 This is not enforced, but Git is easy to build from the git.git submodule
215 and upgrading to GIT VERSION 2.4.11 OR LATER IS HIGHLY RECOMMENDED.
216
217 We will now pause for a moment so you can reflect on this warning.
218
219 EOT
220 sleep 60
221 fi
222 if [ -n "$cfg_mirror" -a "$cfg_mirror" != 0 ] && grep -q ns_parserr "$cfg_git_bin"; then
223 cat <<'EOT'
224
225 ***
226 *** WARNING: $Girocco::Config::git_bin is set to a questionable Git binary
227 ***
228
229 You appear to have enabled mirroring and the Git binary you have selected
230 appears to contain an experimental patch that cannot be disabled. This
231 patch can generate invalid network DNS traffic and/or cause long delays
232 when fetching using the "git:" protocol when no port number is specified.
233 It may also end up retrieving repsitory contents from a host other than
234 the one specified in the "git:" URL when the port is omitted.
235
236 You are advised to either build your own version of Git (the problem patch
237 is not part of the official Git repository) or disable mirroring (via the
238 $Girocco::Config:mirror setting) to avoid these potential problems.
239
240 USE THE SELECTED GIT BINARY AT YOUR OWN RISK!
241
242 EOT
243 sleep 5
244 fi
245
246 chown_make() {
247 if [ "$LOGNAME" = root -a -n "$SUDO_USER" -a "$SUDO_USER" != root ]; then
248 find "$@" -user root -print0 2>/dev/null | \
249 xargs -0 chown "$SUDO_USER:$(id -gn "$SUDO_USER")"
250 elif [ "$LOGNAME" = root -a -z "$SUDO_USER" -o "$SUDO_USER" = root ]; then
251 echo "*** WARNING: running make as root w/o sudo may leave root-owned: $*"
252 fi
253 }
254
255 echo "*** Setting up basedir..."
256 "$MAKE" --no-print-directory --silent apache.conf
257 chown_make apache.conf
258 "$MAKE" --no-print-directory --silent -C src
259 chown_make src
260 rm -fr "$cfg_basedir"
261 mkdir -p "$cfg_basedir" "$cfg_basedir/gitweb" "$cfg_basedir/cgi"
262 cp cgi/*.cgi "$cfg_basedir/cgi"
263 cp -pR Girocco jobd taskd html jobs toolbox hooks apache.conf shlib.sh bin screen "$cfg_basedir"
264 cp -p src/can_user_push src/can_user_push_http src/get_user_uuid src/peek_packet src/rangecgi \
265 src/throttle src/list_packs ezcert.git/CACreateCert cgi/authrequired.cgi cgi/snapshot.cgi "$cfg_basedir/bin"
266 cp -p gitweb/*.sh gitweb/*.perl "$cfg_basedir/gitweb"
267 [ -n "$cfg_httpspushurl" ] || rm -f "$cfg_basedir"/html/rootcert.html "$cfg_basedir"/html/httpspush.html
268 [ -n "$cfg_mob" ] || rm -f "$cfg_basedir"/html/mob.html
269
270 # Put the correct Config in place
271 [ "$GIROCCO_CONF" = "Girocco::Config" ] || cp "$(echo "$GIROCCO_CONF" | sed 's#::#/#g; s/$/.pm/')" "$cfg_basedir/Girocco/Config.pm"
272
273 shbin="${cfg_posix_sh_bin:-/bin/sh}"
274 [ -n "$shbin" ] && [ -x "$shbin" ] && [ "$("$shbin" -c 'echo sh $(( 1 + 1 ))' 2>/dev/null)" = "sh 2" ] || {
275 echo "ERROR: invalid $Girocco::Config::posix_sh_bin setting" >&2
276 exit 1
277 }
278 ln -s "$shbin" "$cfg_basedir/bin"
279 perlbin="$var_perl_bin"
280 [ -n "$perlbin" ] && [ -x "$perlbin" ] && [ "$("$perlbin" -wle 'print STDOUT "perl ", + ( 1 + 1 )' 2>/dev/null)" = "perl 2" ] || {
281 echo "ERROR: invalid $Girocco::Config::perl_bin setting" >&2
282 exit 1
283 }
284 ln -s "$perlbin" "$cfg_basedir/bin"
285
286 echo "*** Preprocessing scripts..."
287 SHBIN="$shbin" && export SHBIN
288 PERLBIN="$perlbin" && export PERLBIN
289 perl -I. -M$GIROCCO_CONF -i -p \
290 -e 's/^#!.*perl/#!$ENV{PERLBIN}/ if $. == 1;' \
291 -e 's/^#!.*sh/#!$ENV{SHBIN}/ if $. == 1;' \
292 -e 's/(?<!")\@basedir\@/"$Girocco::Config::basedir"/g;' \
293 -e 's/(?<=")\@basedir\@/$Girocco::Config::basedir/g;' \
294 -e 's/\@reporoot\@/"$Girocco::Config::reporoot"/g;' \
295 -e 's/\@shbin\@/"$ENV{SHBIN}"/g;' \
296 -e 's/\@perlbin\@/"$ENV{PERLBIN}"/g;' \
297 -e 's/\@jailreporoot\@/"$Girocco::Config::jailreporoot"/g;' \
298 -e 's/\@chroot\@/"$Girocco::Config::chroot"/g;' \
299 -e 's/\@webadmurl\@/"$Girocco::Config::webadmurl"/g;' \
300 -e 's/\@screen_acl_file\@/"$Girocco::Config::screen_acl_file"/g;' \
301 -e 's/\@mob\@/"$Girocco::Config::mob"/g;' \
302 -e 's/\@git_server_ua\@/"$Girocco::Config::git_server_ua"/g;' \
303 -e 's/\@defined_git_server_ua\@/defined($Girocco::Config::git_server_ua)/ge;' \
304 -e 's/\@var_xargs_r\@/"'"$var_xargs_r"'"/g;' \
305 -e 'close ARGV if eof;' \
306 "$cfg_basedir"/jobs/*.sh "$cfg_basedir"/jobd/*.sh \
307 "$cfg_basedir"/taskd/*.sh "$cfg_basedir"/gitweb/*.sh \
308 "$cfg_basedir"/shlib.sh "$cfg_basedir"/hooks/* \
309 "$cfg_basedir"/toolbox/*.sh "$cfg_basedir"/toolbox/*.pl \
310 "$cfg_basedir"/toolbox/reports/*.sh \
311 "$cfg_basedir"/bin/git-* "$cfg_basedir"/bin/*.sh \
312 "$cfg_basedir"/bin/create-* "$cfg_basedir"/bin/update-* \
313 "$cfg_basedir"/bin/*.cgi "$cfg_basedir"/screen/*
314 perl -i -p \
315 -e 's/^#!.*perl/#!$ENV{PERLBIN}/ if $. == 1;' \
316 -e 'close ARGV if eof;' \
317 "$cfg_basedir"/jobd/jobd.pl "$cfg_basedir"/taskd/taskd.pl \
318 "$cfg_basedir"/bin/sendmail.pl "$cfg_basedir"/bin/CACreateCert
319 perl -i -p \
320 -e 's/^#!.*perl/#!$ENV{PERLBIN}/ if $. == 1;' \
321 -e 's/^#!.*sh/#!$ENV{SHBIN}/ if $. == 1;' \
322 -e 'close ARGV if eof;' \
323 "$cfg_basedir"/bin/format-readme "$cfg_basedir/cgi"/*.cgi
324 unset PERLBIN
325 unset SHBIN
326
327 # Dump all the cfg_ and defined_ variables to shlib_vars.sh
328 get_girocco_config_var_list > "$cfg_basedir"/shlib_vars.sh
329
330 if [ -n "$cfg_mirror" ]; then
331 echo "--- Remember to start $cfg_basedir/taskd/taskd.pl"
332 fi
333 echo "--- Also remember to either start $cfg_basedir/jobd/jobd.sh, or add this"
334 echo "--- to the crontab of $cfg_mirror_user (adjust frequency on number of repos):"
335 echo "*/30 * * * * /usr/bin/nice -n 18 $cfg_basedir/jobd/jobd.sh -q --all-once"
336
337
338 echo "*** Setting up repository root..."
339 mkdir -p "$cfg_reporoot" "$cfg_reporoot/_recyclebin"
340 if [ "$cfg_owning_group" ]; then
341 chgrp "$cfg_owning_group" "$cfg_reporoot" || echo "WARNING: Cannot chgrp $cfg_owning_group $cfg_reporoot"
342 chgrp "$cfg_owning_group" "$cfg_reporoot/_recyclebin" || echo "WARNING: Cannot chgrp $cfg_owning_group $cfg_reporoot/_recyclebin"
343 fi
344 chmod 02775 "$cfg_reporoot" || echo "WARNING: Cannot chmod $cfg_reporoot properly"
345 chmod 02775 "$cfg_reporoot/_recyclebin" || echo "WARNING: Cannot chmod $cfg_reporoot/_recyclebin properly"
346
347
348 if [ -n "$cfg_chrooted" ]; then
349 echo "*** Setting up chroot jail for pushing..."
350 if [ "$(id -u)" -eq 0 ]; then
351 ./jailsetup.sh
352 else
353 echo "WARNING: Skipping jail setup, not root"
354 fi
355 fi
356
357
358 echo "*** Setting up jail configuration (project database)..."
359 [ "$(id -u)" -eq 0 ] || ./jailsetup.sh dbonly
360 mkdir -p "$cfg_chroot" "$cfg_chroot/etc"
361 touch "$cfg_chroot/etc/passwd" "$cfg_chroot/etc/group"
362 chown "$cfg_mirror_user""$owngroup" "$cfg_chroot/etc" ||
363 echo "WARNING: Cannot chown $cfg_mirror_user$owngroup $cfg_chroot/etc"
364 chown "$cfg_cgi_user""$owngroup" "$cfg_chroot/etc/passwd" "$cfg_chroot/etc/group" ||
365 echo "WARNING: Cannot chown $cfg_cgi_user$owngroup the etc/passwd and/or etc/group files"
366 chmod g+w "$cfg_chroot/etc/passwd" "$cfg_chroot/etc/group" ||
367 echo "WARNING: Cannot chmod g+w the etc/passwd and/or etc/group files"
368 chmod 02775 "$cfg_chroot/etc" || echo "WARNING: Cannot chmod 02775 $cfg_chroot/etc"
369
370 echo "*** Setting up gitweb from git.git..."
371 if [ ! -f git.git/Makefile ]; then
372 echo "ERROR: git.git is not checked out! Did you _REALLY_ read INSTALL?" >&2
373 exit 1
374 fi
375 mkdir -p "$cfg_webroot" "$cfg_cgiroot"
376 (cd git.git && "$MAKE" --no-print-directory --silent NO_SUBDIR=: bindir="$(dirname "$cfg_git_bin")" \
377 GITWEB_CONFIG="$cfg_basedir/gitweb/gitweb_config.perl" SHELL_PATH="$shbin" gitweb && \
378 chown_make gitweb && \
379 PERLBIN="$perlbin" && export PERLBIN && \
380 perl -p -e 's/^#!.*perl/#!$ENV{PERLBIN}/ if $. == 1;' \
381 -e 's/^(\s*use\s+warnings\s*;.*)$/#$1/;' gitweb/gitweb.cgi > "$cfg_cgiroot"/gitweb.cgi.$$ && \
382 chmod a+x "$cfg_cgiroot"/gitweb.cgi.$$ && \
383 chown_make "$cfg_cgiroot"/gitweb.cgi.$$ && \
384 mv -f "$cfg_cgiroot"/gitweb.cgi.$$ "$cfg_cgiroot"/gitweb.cgi && \
385 cp gitweb/static/*.png gitweb/static/*.css gitweb/static/*.js "$cfg_webroot")
386 test $? -eq 0
387
388
389 echo "*** Setting up git-browser from git-browser.git..."
390 if [ ! -f git-browser.git/git-browser.cgi ]; then
391 echo "ERROR: git-browser.git is not checked out! Did you _REALLY_ read INSTALL?" >&2
392 exit 1
393 fi
394 mkdir -p "$cfg_webroot"/git-browser "$cfg_cgiroot"
395 (cd git-browser.git && \
396 CFG="$cfg_basedir/gitweb/git-browser.conf" && export CFG && \
397 PERLBIN="$perlbin" && export PERLBIN && perl -p \
398 -e 's/^#!.*perl/#!$ENV{PERLBIN}/ if $. == 1;' \
399 -e 's/"git-browser\.conf"/"$ENV{"CFG"}"/' git-browser.cgi > "$cfg_cgiroot"/git-browser.cgi.$$ && \
400 chmod a+x "$cfg_cgiroot"/git-browser.cgi.$$ && \
401 chown_make "$cfg_cgiroot"/git-browser.cgi.$$ && \
402 mv -f "$cfg_cgiroot"/git-browser.cgi.$$ "$cfg_cgiroot"/git-browser.cgi && \
403 cp -r *.html *.js *.css js.lib "$cfg_webroot"/git-browser && \
404 cp -r JSON "$cfg_cgiroot")
405 test $? -eq 0
406 rm -f "$cfg_webroot"/git-browser/index.html
407 cat >"$cfg_basedir/gitweb"/git-browser.conf.$$ <<EOT
408 gitbin: $cfg_git_bin
409 warehouse: $cfg_reporoot
410 doconfig: $cfg_basedir/gitweb/gitbrowser_config.perl
411 EOT
412 chown_make "$cfg_basedir/gitweb"/git-browser.conf.$$
413 mv -f "$cfg_basedir/gitweb"/git-browser.conf.$$ "$cfg_basedir/gitweb"/git-browser.conf
414 cat >"$cfg_webroot"/git-browser/GitConfig.js.$$ <<EOT
415 cfg_gitweb_url="$cfg_gitweburl/"
416 cfg_browsercgi_url="$cfg_webadmurl/git-browser.cgi"
417 EOT
418 chown_make "$cfg_webroot"/git-browser/GitConfig.js.$$
419 mv -f "$cfg_webroot"/git-browser/GitConfig.js.$$ "$cfg_webroot"/git-browser/GitConfig.js
420
421
422 echo "*** Setting up darcs-fast-export from bzr-fastimport.git..."
423 if [ ! -d bzr-fastimport.git/exporters/darcs/ ]; then
424 echo "ERROR: bzr-fastimport.git is not checked out! Did you _REALLY_ read INSTALL?" >&2
425 exit 1
426 fi
427 mkdir -p "$cfg_basedir"/bin
428 cp bzr-fastimport.git/exporters/darcs/darcs-fast-export "$cfg_basedir"/bin
429
430
431 echo "*** Setting up hg-fast-export from fast-export.git..."
432 if [ ! -f fast-export.git/hg-fast-export.py -o ! -f fast-export.git/hg2git.py ]; then
433 echo "ERROR: fast-export.git is not checked out! Did you _REALLY_ read INSTALL?" >&2
434 exit 1
435 fi
436 mkdir -p "$cfg_basedir"/bin
437 cp fast-export.git/hg-fast-export.py fast-export.git/hg2git.py "$cfg_basedir"/bin
438
439
440 echo "*** Setting up markdown from markdown.git..."
441 if [ ! -f markdown.git/Markdown.pl ]; then
442 echo "ERROR: markdown.git is not checked out! Did you _REALLY_ read INSTALL?" >&2
443 exit 1
444 fi
445 mkdir -p "$cfg_basedir"/bin
446 (PERLBIN="$perlbin" && export PERLBIN && \
447 perl -p -e 's/^#!.*perl/#!$ENV{PERLBIN}/ if $. == 1;' \
448 markdown.git/Markdown.pl > "$cfg_basedir"/bin/Markdown.pl.$$ && \
449 chmod a+x "$cfg_basedir"/bin/Markdown.pl.$$ && \
450 mv -f "$cfg_basedir"/bin/Markdown.pl.$$ "$cfg_basedir"/bin/Markdown.pl)
451 test $? -eq 0
452
453
454 echo "*** Setting up our part of the website..."
455 mkdir -p "$cfg_webroot" "$cfg_cgiroot"
456 cp "$cfg_basedir"/bin/snapshot.cgi "$cfg_basedir/cgi"
457 cp "$cfg_basedir"/bin/authrequired.cgi "$cfg_basedir/cgi"
458 [ -n "$cfg_httpspushurl" ] || rm -f "$cfg_basedir/cgi"/usercert.cgi "$cfg_cgiroot"/usercert.cgi
459 cp "$cfg_basedir/cgi"/*.cgi "$cfg_cgiroot"
460 ln -fs "$cfg_basedir"/Girocco "$cfg_cgiroot"
461 [ -z "$cfg_webreporoot" ] || { rm -f "$cfg_webreporoot" && ln -s "$cfg_reporoot" "$cfg_webreporoot"; }
462 if [ -z "$cfg_httpspushurl" ]; then
463 grep -v 'rootcert[.]html' gitweb/indextext.html > "$cfg_basedir/gitweb/indextext.html"
464 else
465 cp gitweb/indextext.html "$cfg_basedir/gitweb"
466 fi
467 mv "$cfg_basedir"/html/*.css "$cfg_basedir"/html/*.js "$cfg_webroot"
468 cp mootools.js "$cfg_webroot"
469 cp htaccess "$cfg_webroot/.htaccess"
470 cp cgi/htaccess "$cfg_cgiroot/.htaccess"
471 cp git-favicon.ico "$cfg_webroot/favicon.ico"
472 cp robots.txt "$cfg_webroot"
473 cat gitweb/gitweb.css >>"$cfg_webroot"/gitweb.css
474
475
476 if [ -n "$cfg_httpspushurl" ]; then
477 echo "*** Setting up SSL certificates..."
478 bits=2048
479 if [ "$cfg_rsakeylength" -gt "$bits" ] 2>/dev/null; then
480 bits="$cfg_rsakeylength"
481 fi
482 mkdir -p "$cfg_certsdir"
483 [ -d "$cfg_certsdir" ]
484 wwwcertcn=
485 if [ -e "$cfg_certsdir/girocco_www_crt.pem" ]; then
486 wwwcertcn="$( \
487 openssl x509 -in "$cfg_certsdir/girocco_www_crt.pem" -noout -subject | \
488 sed -e 's,[^/]*,,' \
489 )"
490 fi
491 wwwcertdns=
492 if [ -n "$cfg_wwwcertaltnames" ]; then
493 for dnsopt in $cfg_wwwcertaltnames; do
494 wwwcertdns="${wwwcertdns:+$wwwcertdns }--dns $dnsopt"
495 done
496 fi
497 wwwcertdnsfile=
498 if [ -r "$cfg_certsdir/girocco_www_crt.dns" ]; then
499 wwwcertdnsfile="$(cat "$cfg_certsdir/girocco_www_crt.dns")"
500 fi
501 needroot=
502 [ -e "$cfg_certsdir/girocco_client_crt.pem" -a \
503 -e "$cfg_certsdir/girocco_client_key.pem" -a \
504 -e "$cfg_certsdir/girocco_www_key.pem" -a \
505 -e "$cfg_certsdir/girocco_www_crt.pem" -a "$wwwcertcn" = "/CN=$cfg_httpsdnsname" -a \
506 -e "$cfg_certsdir/girocco_root_crt.pem" ] || needroot=1
507 if [ -n "$needroot" -a ! -e "$cfg_certsdir/girocco_root_key.pem" ]; then
508 rm -f "$cfg_certsdir/girocco_root_crt.pem" "$cfg_certsdir/girocco_root_key.pem"
509 umask 0077
510 openssl genrsa -f4 -out "$cfg_certsdir/girocco_root_key.pem" $bits
511 chmod 0600 "$cfg_certsdir/girocco_root_key.pem"
512 rm -f "$cfg_certsdir/girocco_root_crt.pem"
513 umask 0022
514 echo "Created new root key"
515 fi
516 if [ ! -e "$cfg_certsdir/girocco_root_crt.pem" ]; then
517 "$cfg_basedir/bin/CACreateCert" --root --key "$cfg_certsdir/girocco_root_key.pem" \
518 --out "$cfg_certsdir/girocco_root_crt.pem" "girocco $cfg_nickname root certificate"
519 rm -f "$cfg_certsdir/girocco_www_crt.pem" "$cfg_certsdir/girocco_www_chain.pem"
520 rm -f "$cfg_certsdir/girocco_client_crt.pem" "$cfg_certsdir/girocco_client_suffix.pem"
521 rm -f "$cfg_certsdir/girocco_mob_user_crt.pem"
522 rm -f "$cfg_chroot/etc/sshcerts"/*.pem
523 echo "Created new root certificate"
524 fi
525 if [ ! -e "$cfg_certsdir/girocco_www_key.pem" ]; then
526 umask 0077
527 openssl genrsa -f4 -out "$cfg_certsdir/girocco_www_key.pem" $bits
528 chmod 0600 "$cfg_certsdir/girocco_www_key.pem"
529 rm -f "$cfg_certsdir/girocco_www_crt.pem"
530 umask 0022
531 echo "Created new www key"
532 fi
533 if [ ! -e "$cfg_certsdir/girocco_www_crt.pem" ] || \
534 [ "$wwwcertcn" != "/CN=$cfg_httpsdnsname" ] || [ "$wwwcertdns" != "$wwwcertdnsfile" ]; then
535 openssl rsa -in "$cfg_certsdir/girocco_www_key.pem" -pubout |
536 "$cfg_basedir/bin/CACreateCert" --server --key "$cfg_certsdir/girocco_root_key.pem" \
537 --cert "$cfg_certsdir/girocco_root_crt.pem" $wwwcertdns \
538 --out "$cfg_certsdir/girocco_www_crt.pem" "$cfg_httpsdnsname"
539 printf '%s\n' "$wwwcertdns" > "$cfg_certsdir/girocco_www_crt.dns"
540 echo "Created www certificate"
541 fi
542 if [ ! -e "$cfg_certsdir/girocco_www_chain.pem" ]; then
543 cat "$cfg_certsdir/girocco_root_crt.pem" > "$cfg_certsdir/girocco_www_chain.pem"
544 echo "Created www certificate chain file"
545 fi
546 if [ ! -e "$cfg_certsdir/girocco_client_key.pem" ]; then
547 umask 0037
548 openssl genrsa -f4 -out "$cfg_certsdir/girocco_client_key.pem" $bits
549 chmod 0640 "$cfg_certsdir/girocco_client_key.pem"
550 rm -f "$cfg_certsdir/girocco_client_crt.pem"
551 umask 0022
552 echo "Created new client key"
553 fi
554 if [ ! -e "$cfg_certsdir/girocco_client_crt.pem" ]; then
555 openssl rsa -in "$cfg_certsdir/girocco_client_key.pem" -pubout |
556 "$cfg_basedir/bin/CACreateCert" --subca --key "$cfg_certsdir/girocco_root_key.pem" \
557 --cert "$cfg_certsdir/girocco_root_crt.pem" \
558 --out "$cfg_certsdir/girocco_client_crt.pem" "girocco $cfg_nickname client authority"
559 rm -f "$cfg_certsdir/girocco_client_suffix.pem"
560 rm -f "$cfg_certsdir/girocco_mob_user_crt.pem"
561 rm -f "$cfg_chroot/etc/sshcerts"/*.pem
562 echo "Created client certificate"
563 fi
564 if [ ! -e "$cfg_certsdir/girocco_client_suffix.pem" ]; then
565 cat "$cfg_certsdir/girocco_client_crt.pem" > "$cfg_certsdir/girocco_client_suffix.pem"
566 echo "Created client certificate suffix file"
567 fi
568 cat "$cfg_rootcert" > "$cfg_webroot/${cfg_nickname}_root_cert.pem"
569 if [ -n "$cfg_mob" ]; then
570 if [ ! -e "$cfg_certsdir/girocco_mob_user_key.pem" ]; then
571 openssl genrsa -f4 -out "$cfg_certsdir/girocco_mob_user_key.pem" $bits
572 chmod 0644 "$cfg_certsdir/girocco_mob_user_key.pem"
573 rm -f "$cfg_certsdir/girocco_mob_user_crt.pem"
574 echo "Created new mob user key"
575 fi
576 if [ ! -e "$cfg_certsdir/girocco_mob_user_crt.pem" ]; then
577 openssl rsa -in "$cfg_mobuserkey" -pubout |
578 "$cfg_basedir/bin/CACreateCert" --client --key "$cfg_clientkey" \
579 --cert "$cfg_clientcert" \
580 --out "$cfg_certsdir/girocco_mob_user_crt.pem" 'mob'
581 echo "Created mob user client certificate"
582 fi
583 cat "$cfg_mobuserkey" > "$cfg_webroot/${cfg_nickname}_mob_key.pem"
584 cat "$cfg_mobusercert" "$cfg_clientcertsuffix" > "$cfg_webroot/${cfg_nickname}_mob_user.pem"
585 else
586 rm -f "$cfg_webroot/${cfg_nickname}_mob_key.pem" "$cfg_webroot/${cfg_nickname}_mob_user.pem"
587 fi
588 else
589 rm -f "$cfg_webroot/${cfg_nickname}_root_cert.pem"
590 rm -f "$cfg_webroot/${cfg_nickname}_mob_key.pem" "$cfg_webroot/${cfg_nickname}_mob_user.pem"
591 fi
592
593
594 echo "*** Finalizing permissions..."
595 chown -R -h "$cfg_mirror_user""$owngroup" "$cfg_basedir" "$cfg_webroot" "$cfg_cgiroot"
596 [ -z "$cfg_httpspushurl" ] || chown -R -h "$cfg_mirror_user""$owngroup" "$cfg_certsdir"
The repo.or.cz duct tape "Girocco"