mail.sh: provide a way to pass an extra email header
[girocco.git] / Girocco / Config.pm
blobee9917a4906b9f246c840cd1380bad6bea4c3be6
1 package Girocco::Config;
3 use strict;
4 use warnings;
7 ## Basic settings
9 # Name of the service
10 our $name = "GiroccoEx";
12 # Nickname of the service (undef for initial part of $name upto first '.')
13 our $nickname = undef;
15 # Title of the service (as shown in gitweb)
16 our $title = "Example Girocco Hosting";
18 # Path to the Git binary to use (you MUST set this, even if to /usr/bin/git!)
19 our $git_bin = '/usr/bin/git';
21 # Path to the git-http-backend binary to use (undef to use /usr/lib/git-core/git-http-backend)
22 # If both $httppullurl and $httpspushurl are undef this will never be used
23 our $git_http_backend_bin = undef;
25 # E-mail of the site admin
26 our $admin = 'admin@example.org';
28 # Copy $admin on failure/recovery messages?
29 our $admincc = 1;
31 # Girocco branch to use for html.cgi view source links (undef for HEAD)
32 our $giroccobranch = undef;
35 ## Feature knobs
37 # Enable mirroring mode if true
38 our $mirror = 1;
40 # Enable push mode if true
41 our $push = 1;
43 # Enable user management if true; this means the interface for registering
44 # user accounts and uploading SSH keys. This implies full chroot.
45 our $manage_users = 1;
47 # Enable the special 'mob' user if set to 'mob'
48 our $mob = "mob";
50 # Let users set admin passwords; if false, all password inputs are assumed empty.
51 # This will make new projects use empty passwords and all operations on them
52 # unrestricted, but you will be able to do no operations on previously created
53 # projects you have set a password on.
54 our $project_passwords = 1;
56 # How to determine project owner; 'email' adds a form item asking for their
57 # email contact, 'source' takes realname of owner of source repository if it
58 # is a local path (and empty string otherwise). 'source' is suitable in case
59 # the site operates only as mirror of purely local-filesystem repositories.
60 our $project_owners = 'email';
62 # Which project fields to make editable, out of 'shortdesc', 'homepage',
63 # 'README', 'notifymail', 'notifyjson', 'notifycia'. (This is currently
64 # soft restriction - form fields aren't used, but manually injected values
65 # *are* used. Submit a patch if that's an issue for you.)
66 our @project_fields = qw(homepage shortdesc README notifymail notifyjson notifycia);
68 # Minimal number of seconds to pass between two updates of a project.
69 our $min_mirror_interval = 3600; # 1 hour
71 # Minimal number of seconds to pass between two garbage collections of a project.
72 our $min_gc_interval = 604800; # 1 week
75 ## Paths
77 # Path where the main chunk of Girocco files will be installed
78 # This will get COMPLETELY OVERWRITTEN by each make install!!!
79 our $basedir = '/home/repo/repomgr';
81 # Path where the automatically generated non-user certificates will be stored
82 # (The per-user certificates are always stored in $chroot/etc/sshcerts/)
83 # This is preserved by each make install and MUST NOT be under $basedir!
84 # Not used unless $httpspushurl is defined
85 our $certsdir = '/home/repo/certs';
87 # The repository collection
88 # "$reporoot-recyclebin" will also be created for use by toolbox/trash-project.pl
89 our $reporoot = "/srv/git";
91 # The repository collection's location within the chroot jail
92 # Normally $reporoot will be bind mounted onto $chroot/$jailreporoot
93 # Should NOT start with '/'
94 our $jailreporoot = "srv/git";
96 # The chroot for ssh pushing; location for project database and other run-time
97 # data even in non-chroot setups
98 our $chroot = "/home/repo/j";
100 # The gitweb files web directory (corresponds to $gitwebfiles)
101 our $webroot = "/home/repo/WWW";
103 # The CGI-enabled web directory (corresponds to $gitweburl and $webadmurl)
104 our $cgiroot = "/home/repo/WWW";
106 # A web-accessible symlink to $reporoot (corresponds to $httppullurl, can be undef)
107 our $webreporoot = "/home/repo/WWW/r";
110 ## Certificates (only used if $httpspushurl is defined)
112 # path to root certificate (undef to use automatic root cert)
113 # this certificate is made available for easy download and should be whatever
114 # the root certificate is for the https certificate being used by the web server
115 our $rootcert = undef;
117 # The certificate to sign user push client authentication certificates with (undef for auto)
118 # The automatically generated certificate should always be fine
119 our $clientcert = undef;
121 # The private key for $clientcert (undef for auto)
122 # The automatically generated key should always be fine
123 our $clientkey = undef;
125 # The client certificate chain suffix (a pemseq file to append to user client certs) (undef for auto)
126 # The automatically generated chain should always be fine
127 # This suffix will also be appended to the $mobusercert before making it available for download
128 our $clientcertsuffix = undef;
130 # The mob user certificate signed by $clientcert (undef for auto)
131 # The automatically generated certificate should always be fine
132 # Not used unless $mob is set to 'mob'
133 # The $clientcertsuffix will be appended before making $mobusercert available for download
134 our $mobusercert = undef;
136 # The private key for $mobusercert (undef for auto)
137 # The automatically generated key should always be fine
138 # Not used unless $mob is set to 'mob'
139 our $mobuserkey = undef;
142 ## URL addresses
144 # URL of the gitweb.cgi script (must be in pathinfo mode)
145 our $gitweburl = "http://repo.or.cz/w";
147 # URL of the extra gitweb files (CSS, .js files, images, ...)
148 our $gitwebfiles = "http://repo.or.cz";
150 # URL of the Girocco CGI web admin interface (Girocco cgi/ subdirectory)
151 our $webadmurl = "http://repo.or.cz";
153 # URL of the Girocco CGI html templater (Girocco cgi/html.cgi)
154 our $htmlurl = "http://repo.or.cz/h";
156 # HTTP URL of the repository collection (undef if N/A)
157 our $httppullurl = "http://repo.or.cz/r";
159 # HTTPS push URL of the repository collection (undef if N/A)
160 # If this is defined, the openssl command must be available
161 # Normally this should be set to $httppullurl with http: replaced with https:
162 our $httpspushurl = undef;
164 # Git URL of the repository collection (undef if N/A)
165 # (You need to set up git-daemon on your system, and Girocco will not
166 # do this particular thing for you.)
167 our $gitpullurl = "git://repo.or.cz";
169 # Pushy SSH URL of the repository collection (undef if N/A)
170 our $pushurl = "ssh://repo.or.cz/$jailreporoot";
172 # URL of gitweb of this Girocco instance (set to undef if you're not nice
173 # to the community)
174 our $giroccourl = "$Girocco::Config::gitweburl/girocco.git";
177 ## Some templating settings
179 # Legal warning (on reguser and regproj pages)
180 our $legalese = <<EOT;
181 <p>By submitting this form, you are confirming that you will mirror or push
182 only what we can store and show to anyone else who can visit this site without
183 breaking any law, and that you will be nice to all small furry animals.
184 <sup><a href="$Girocco::Config::htmlurl/about.html">(more details)</a></sup>
185 </p>
188 # Pre-configured mirror sources (set to undef for none)
189 # Arrayref of name - record pairs, the record has these attributes:
190 # label: The label of this source
191 # url: The template URL; %1, %2, ... will be substituted for inputs
192 # desc: Optional VERY short description
193 # link: Optional URL to make the desc point at
194 # inputs: Arrayref of hashref input records:
195 # label: Label of input record
196 # suffix: Optional suffix
197 # If the inputs arrayref is undef, single URL input is shown,
198 # pre-filled with url (probably empty string).
199 our $mirror_sources = [
201 label => 'Anywhere',
202 url => '',
203 desc => 'Any HTTP/Git/rsync pull URL - bring it on!',
204 inputs => undef
207 label => 'GitHub',
208 url => 'git://github.com/%1/%2.git',
209 desc => 'GitHub Social Code Hosting',
210 link => 'http://github.com/',
211 inputs => [ { label => 'User:' }, { label => 'Project:', suffix => '.git' } ]
214 label => 'Gitorious',
215 url => 'git://gitorious.org/%1/%2.git',
216 desc => 'Green and Orange Boxes',
217 link => 'http://gitorious.org/',
218 inputs => [ { label => 'Project:' }, { label => 'Repository:', suffix => '.git' } ]
222 # You can customize the gitweb interface widely by editing
223 # gitweb/gitweb_config.perl
226 ## Permission settings
228 # Girocco needs some way to manipulate write permissions to various parts of
229 # all repositories; this concerns three entities:
230 # - www-data: the web interface needs to be able to rewrite few files within
231 # the repository
232 # - repo: a user designated for cronjobs; handles mirroring and repacking;
233 # this one is optional if not $mirror
234 # - others: the designated users that are supposed to be able to push; they
235 # may have account either within chroot, or outside of it
237 # There are several ways how to use Girocco based on a combination of the
238 # following settings.
240 # (Non-chroot) UNIX user the CGI scripts run on; note that if some non-related
241 # untrusted CGI scripts run on this account too, that can be a big security
242 # problem and you'll probably need to set up suexec (poor you).
243 # This must always be set.
244 our $cgi_user = 'www-data';
246 # (Non-chroot) UNIX user performing mirroring jobs; this is the user who
247 # should run all the daemons and cronjobs and
248 # the user who should be running make install (if not root).
249 # This must always be set.
250 our $mirror_user = 'repo';
252 # (Non-chroot) UNIX group owning the repositories by default; it owns whole
253 # mirror repositories and at least web-writable metadata of push repositories.
254 # If you undefine this, all the data will become WORLD-WRITABLE.
255 # Both $cgi_user and $mirror_user should be members of this group!
256 our $owning_group = 'repo';
258 # Whether to use chroot jail for pushing; this must be always the same
259 # as $manage_users.
260 # TODO: Gitosis support for $manage_users and not $chrooted?
261 our $chrooted = $manage_users;
263 # How to control permissions of push-writable data in push repositories:
264 # * 'Group' for the traditional model: The $chroot/etc/group project database
265 # file is used as the UNIX group(5) file; the directories have gid appropriate
266 # for the particular repository and are group-writable. This works only if
267 # $chrooted so that users are put in the proper groups on login when using
268 # SSH push. Smart HTTPS push does not require a chroot to work -- simply
269 # run "make install" as the non-root $mirror_user user, but leave
270 # $manage_users and $chrooted enabled.
271 # * 'ACL' for a model based on POSIX ACL: The directories are coupled with ACLs
272 # listing the users with push permissions. This works for both chroot and
273 # non-chroot setups, however it requires ACL support within the filesystem.
274 # This option is BASICALLY UNTESTED, too. And UNIMPLEMENTED. :-)
275 # * 'Hooks' for a relaxed model: The directories are world-writable and push
276 # permission control is purely hook-driven. This is INSECURE and works only
277 # when you trust all your users; on the other hand, the attack vectors are
278 # mostly just DoS or fully-traceable tinkering.
279 our $permission_control = 'Group';
281 # Path to alternate screen multiuser acl file (see screen/README, undef for none)
282 our $screen_acl_file = undef;
284 # Couple of sanity checks and default settings (do not change these)
285 $nickname = (split(/[.]/, $Girocco::Config::name))[0] unless $nickname;
286 ($mirror_user) or die "Girocco::Config: \$mirror_user must be set even if to current user";
287 $screen_acl_file = "$basedir/screen/giroccoacl" unless $screen_acl_file;
288 $jailreporoot =~ s,^/+,,;
289 ($reporoot) or die "Girocco::Config \$reporoot must be set";
290 ($jailreporoot) or die "Girocco::Config \$jailreporoot must be set";
291 (not $mob or $mob eq 'mob') or die "Girocco::Config \$mob must be undef (or '') or 'mob'";
292 $admincc = $admincc ? 1 : 0;
293 $rootcert = "$certsdir/girocco_root_crt.pem" if $httpspushurl && !$rootcert;
294 $clientcert = "$certsdir/girocco_client_crt.pem" if $httpspushurl && !$clientcert;
295 $clientkey = "$certsdir/girocco_client_key.pem" if $httpspushurl && !$clientkey;
296 $clientcertsuffix = "$certsdir/girocco_client_suffix.pem" if $httpspushurl && !$clientcertsuffix;
297 $mobusercert = "$certsdir/girocco_mob_user_crt.pem" if $httpspushurl && $mob && !$mobusercert;
298 $mobuserkey = "$certsdir/girocco_mob_user_key.pem" if $httpspushurl && $mob && !$mobuserkey;
299 our $mobpushurl = $pushurl;
300 $mobpushurl =~ s,^ssh://,ssh://mob@,i if $mobpushurl;
301 our $httpsdnsname = ($httpspushurl =~ m,https://([A-Za-z0-9.-]+),i) ? lc($1) : undef if $httpspushurl;
302 ($mirror or $push) or die "Girocco::Config: neither \$mirror nor \$push is set?!";
303 (not $push or ($pushurl or $httpspushurl or $gitpullurl or $httppullurl)) or die "Girocco::Config: no pull URL is set";
304 (not $push or ($pushurl or $httpspushurl)) or die "Girocco::Config: \$push set but \$pushurl and \$httpspushurl are undef";
305 (not $mirror or $mirror_user) or die "Girocco::Config: \$mirror set but \$mirror_user is undef";
306 ($manage_users == $chrooted) or die "Girocco::Config: \$manage_users and \$chrooted must be set to the same value";
307 (not $chrooted or $permission_control ne 'ACL') or die "Girocco::Config: resolving uids for ACL not supported when using chroot";
308 (grep { $permission_control eq $_ } qw(Group Hooks)) or die "Girocco::Config: \$permission_control must be set to Group or Hooks";
309 ($chrooted or not $mob) or die "Girocco::Config: mob user supported only in the chrooted mode";
310 (not $httpspushurl or $httpsdnsname) or die "Girocco::Config invalid \$httpspushurl does not start with https://domainname";