html/mob.html

   1 @section=site guide
   2 @heading=About the Mob Account
   3 @header
   4
   5 <!-- This file is preprocessed by cgi/html.cgi -->
   6
   7
   8 <p>The <tt>mob</tt> account (the name a tribute to the paper
   9 <a href="http://www.dreamsongs.com/MobSoftware.html">Mob Software: The Erotic Life of Code</a>)
  10 is.a way to enable <em>anonymous push access</em> for your project.
  11 This is largely an experiment and may be scrapped in the future if
  12 it will not get widespread use, but we think it's an interesting try.
  13 The idea is to provide unmoderated <em>side</em> channel for random
  14 contributors to work on a project, with similar rationale as
  15 e.g. Wikipedia - that given enough interested people, the quality
  16 will grow rapidly and occassional "vandalism" will get fixed quickly.
  17 Of course this may not work nearly as well for software, but here
  18 we are, to give it a try.</p>
  19
  20 <h2>For Repository Admins</h2>
  21
  22 <p>How it works? First, you need to add the <tt>mob</tt> user to the
  23 list of users allowed to push in your project. <tt>mob</tt> is a
  24 keyless, passwordless user that anyone can use to push, without
  25 any special setup. <strong>But</strong> this does not mean that
  26 your project is now in the hands of raging mindless mob! The <tt>mob</tt>
  27 user has a special restriction: it can push only to an existing
  28 <tt>mob</tt> branch. This means that the second step you need to take
  29 is to create a <tt>mob</tt> branch in the repository (e.g.
  30 <code>git checkout -b mob
  31         &amp;&amp; git push origin mob</code>). Then the <tt>mob</tt> user
  32 will be able to push to this and only this branch, and it won't be
  33 able to push whatsoever until you take the second step.</p>
  34
  35 <p>To sum it up: Anonymous pushes are allowed <em>only</em> to the <tt>mob</tt>
  36 branch and <em>only</em> if you add a <tt>mob</tt> user and do an initial
  37 pushout of the <tt>mob</tt> branch.</p>
  38
  39 <h2>For Users</h2>
  40
  41 <p>After cloning the repository, do <code>git checkout mob</code> to move to the
  42 <tt>mob</tt> branch.</p>
  43
  44 <p><strong>Note that you are taking a huge security risk on yourself
  45         if you just blindly grab the mob branch and run it on your
  46         system.</strong></p>
  47
  48 <h2>For Developers</h2>
  49
  50 <p>Just commit on the <tt>mob</tt> branch you've checked out and
  51 <code>git push</code> when the time is ripe.
  52 Have fun and enjoy, you are making the history!</p>
  53
  54 <h2>In Detail Examples</h2>
  55
  56 @@ifssh@@
  57 <h3>Pushing to the mob branch with ssh</h3>
  58
  59 <p>Nothing special is needed except to remember to set the mob user name in the push url:</p>
  60
  61 <blockquote><pre>
  62 cd /tmp
  63 git clone -b mob @@gitpullurl@@/mobexample.git
  64 cd mobexample
  65 git remote set-url --push origin @@mobpushurl@@/mobexample.git
  66 echo 'It worked!' >> example.txt
  67 git add example.txt
  68 git commit -m 'example commit'
  69 git push origin mob
  70 </pre></blockquote>
  71
  72 <p>Note that it&#x2019;s not strictly necessary to fetch with the git protocol,
  73 the ssh protocol can also be used for fetching.</p>
  74 @@end@@
  75
  76 @@ifhttps@@
  77 <h3 id="httpsmobpush">Pushing to the mob branch with https</h3>
  78
  79 <p>In order to push with https, several things will be needed first:</p>
  80
  81 <ol>
  82 <li>The @@nickname@@ root certificate
  83 <p>This can be fetched from <a href="@@path(webadmurl)@@/@@nickname@@_root_cert.pem">here</a>
  84 and will be assumed to be saved to <tt>/tmp/@@nickname@@_root_cert.pem</tt> in the push example.
  85 See also the <a href="@@path(htmlurl)@@/rootcert.html">Root Certificate Information</a>.</p>
  86 <pre>
  87 cd /tmp &amp;&amp; curl -O @@gitwebfiles@@/@@nickname@@_root_cert.pem
  88 </pre></li>
  89
  90 <li>The mob user certificate
  91 <p>This can be fetched from <a href="@@path(webadmurl)@@/@@nickname@@_mob_user.pem">here</a>
  92 and will be assumed to be saved to <tt>/tmp/@@nickname@@_mob_user.pem</tt> in the push example.</p>
  93 <pre>
  94 cd /tmp &amp;&amp; curl -O @@gitwebfiles@@/@@nickname@@_mob_user.pem
  95 </pre></li>
  96
  97 <li>The mob user private key
  98 <p>This can be fetched from <a href="@@path(webadmurl)@@/@@nickname@@_mob_key.pem">here</a>
  99 and will be assumed to be saved to <tt>/tmp/@@nickname@@_mob_key.pem</tt> in the push example.
 100 Normally, of course, private keys are never shared, but as described above, since everyone
 101 is allowed to push to the mob branch the private key for the mob user must be shared with everyone.</p>
 102 <pre>
 103 cd /tmp &amp;&amp; curl -O @@gitwebfiles@@/@@nickname@@_mob_key.pem
 104 </pre></li>
 105 </ol>
 106
 107 <p>With the prerequisites out of the way, here&#x2019;s the mob ssh example
 108 redone to use the smart http protocol:</p>
 109
 110 <blockquote><pre>
 111 cd /tmp
 112 git clone -b mob @@httppullurl@@/mobexample.git
 113 cd mobexample
 114 git config http.sslCAInfo /tmp/@@nickname@@_root_cert.pem
 115 git config http.sslCert /tmp/@@nickname@@_mob_user.pem
 116 git config http.sslKey /tmp/@@nickname@@_mob_key.pem
 117 git remote set-url --push origin @@httpspushurl@@/mobexample.git
 118 echo 'It worked!' >> example.txt
 119 git add example.txt
 120 git commit -m 'example commit'
 121 git push origin mob
 122 </pre></blockquote>
 123
 124 <p>Note that it&#x2019;s not strictly necessary to fetch with the http protocol,
 125 the https protocol can also be used for fetching but when initially cloning the repository
 126 it can be a bother to get the two certificates and the key set properly without a
 127 project-specific place to configure them yet.  See the output of <tt>git config help</tt> for
 128 more information about configuring certificates and keys.</p>
 129 @@end@@