+ Mounted static files (at web/html) to /static.
+ Added AURWEB_VERSION to aurweb.config (this is used around HTML
to refer back to aurweb's release on git.archlinux.org), so we
need it easily accessible in the Python codebase.
+ Implemented basic Jinja2 partials to put together whole aurweb
pages. This may be missing some things currently and is a WIP
until this set is ready to be merged.
+ Added config [options] aurwebdir = YOUR_AUR_ROOT; this configuration
option should specify the root directory of the aurweb project.
It is used by various parts of the FastAPI codebase to target
project directories.
Added routes via aurweb.routers.html:
* POST /language: Set your session language.
* GET /favicon.ico: Redirect to /static/images/favicon.ico.
* Some browsers always look for $ROOT/favicon.ico to get an icon
for the page being loaded, regardless of a specified "shortcut
icon" given in a <link> directive.
* GET /: Home page; WIP.
* Updated aurweb.routers.html.language passes query parameters to
its next redirection.
When calling aurweb.templates.render_template, the context passed should
be formed via the aurweb.templates.make_context. See
aurweb.routers.html.index for an example of this.
Signed-off-by: Kevin Morris <kevr@0cost.org>
+ Added SUPPORTED_LANGUAGES, a global constant dictionary of
language => display pairs for languages we support.
+ Add Translator.get_translator, a function used to retrieve a
translator after initializing it (if needed). Use `fallback=True`
while creating languages, in case we setup a language that we
don't have a translation for, it will noop the translation.
This is particularly useful for "en," since we do not translate
it, but doing this will allow us to go through our normal translation
flow in any case.
+ Added typing.
+ Added get_request_language, a function that grabs the language for
a request session, defaulting to aurweb.config [options] default_lang.
+ Added get_raw_translator_for_request, a function that retrieves
the concrete translation object for a given language.
+ Added tr, a jinja2 contextfilter that can be used to inline translate
strings in jinja2 templates.
+ Added `python-jinja` dep to .gitlab-ci.yml. This needs to be
included in documentation before this set is merged in.
+ Introduce pytest units (test_l10n.py) in `test` along with
__init__.py, which marks `test` as a test package.
+ Additionally, fix up notify.py to use the global translator. Also
reduce its source width to <= 80 by newlining some code.
+ Additionally, prepare locale in .gitlab-ci.yml and add
aurweb.config [options] localedir to config.dev with YOUR_AUR_ROOT
like others.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This feature was originally introduced by
f961ffd9c7 as a fix for FS#12898
<https://bugs.archlinux.org/task/12898>.
As of today, it is broken because of the `q.SessionID IS NULL` condition
in the WHERE clause, which can’t be true because SessionID is not
nullable. As a consequence, the session limit was not applied.
The fact the absence of the session limit hasn’t caused any issue so
far, and hadn’t even been noticed, suggests the feature is unneeded.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Developers can go to /sso/login to get redirected to the SSO. On
successful login, the ID token is displayed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
conf/config.dev’s purpose is to provide a lighter configuration template
for developers, and split development-specific options off the default
configuration file.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
aurweb.spawn used to launch only PHP’s built-in server. Now it spawns a
dummy FastAPI application too. Since both stacks spawn their own HTTP
server, aurweb.spawn also spawns nginx as a reverse proxy to mount them
under the same base URL, defined by aur_location in the configuration.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This program makes it easier for developers to spawn the PHP server
since it fetches automatically what it needs from the configuration
file, rather than having the user explicitly pass arguments to the php
executable.
When the setup gets more complicated as we introduce Python,
aurweb.spawn will keep providing the same interface, while under the
hood it is planned to support running multiple sub-processes.
Its Python interface provides an way for the test suite to spawn the
test server when it needs to perform HTTP requests to the test server.
The current implementation is somewhat weak as it doesn’t detect when a
child process dies, but this is not supposed to happen often, and it is
only meant for aurweb developers.
In the long term, aurweb.spawn will eventually become obsolete, and
replaced by Docker or Flask’s tools.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add more options to configure the smtplib implementation for sending
notification emails.
The port can be changed using the new smtp-port option.
Encryption can be configured using smtp-use-ssl and smtp-use-starttls.
Keep in mind that you usually also need to change the port when enabling
either of these options.
Authentication can be configured using smtp-user and smtp-password.
Authentication is disabled if either of these values is empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Support mail delivery without a local MTA. Instead, an SMTP server can
now be configured using the smtp-server option in the [notifications]
section. In order to use this option, the value of the sendmail option
must be empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The TTL for package details can be much longer than for generic values
since they never change. Note that when an update is pushed via Git, all
packages belonging to that package base are deleted and new packages are
created.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add a new configuration option to specify the locale directory to use.
This allows the Python scripts to find the translations, even when not
being run from the source code checkout. At the same time, multiple
parallel aurweb setups can still use different sets of translations.
Fixes FS#59278.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In the process, rename config.proto to config.defaults (because that is
what it is now).
Also use dict.get('key', default_value) when querying os.environ, rather
than an if block, as it is more pythonic/readable/concise, and reduces
the number of dict lookups.
This change allows aurweb configuration to be done via either:
- copying config.defaults to config and modifying values
- creating a new config only containing modified values, next to a
config.defaults containing unmodified values
The motivation for this change is to enable ansible configuration in our
flagship deployment by storing only changed values, and deferring to
config.defaults otherwise.
A side benefit is, it is easier to see what has changed by inspecting
only the site configuration file.
If a config.defaults file does not exist next to $AUR_CONFIG or in
$AUR_CONFIG_DEFAULTS, it is ignored and *all* values are expected to
live in the modified config file.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Change the defines to config_get and add one cache option and one option
to define memcache_servers. Mention the required dependency to get
memcached working in the INSTALL file.
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This allows us to prevent users from hammering the API every few seconds
to check if any of their packages were updated. Real world users check
as often as every 5 or 10 seconds.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In addition to the packages list and the package base list, also create
a list of registered user names.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Automatically detect Git commit identifiers, shorten them, and make them
link to the cgit interface.
Implements FS#43290.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of converting package comments from plain text to HTML code when
they are displayed, do the conversion when the comment is posted and
store the rendered result in the database. The conversion itself is done
by a Python script which uses Bleach for sanitizing the text.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, each source file which is an external link (http://,
https://, ...) is a clickable link.
This commit extends the behaviour by making files from the repository
clickable as well. The link brings the user to the corresponding cgit
page.
Also, the link to the PKGBUILD is altered to make the configuration more
consistent.
Signed-off-by: Janne Heß <jannehess@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
As of commit 3718860 (Make maintenance scripts installable, 2016-10-17),
the notification script is installed as aurweb-notify. Update the
sample configuration file accordingly.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, aurweb displays all dates and times in UTC time. This patch
adds a capability for each logged in user to set their preferred
timezone.
Implements FS#48729.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
There are 95 printable ASCII characters which with a minimum length of 4
gives 95^4 or 81 million possible passwords. Increasing the minimum
length to 8 increases the number of possible passwords by a factor of
about 10^7.
Relates to FS#52297.
Signed-off-by: Alex Muller <alex@mullr.net>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Move the Git interface scripts from git-interface/ to aurweb/git/. Use
setuptools to automatically create wrappers which can be installed using
`python3 setup.py install`. Update the configuration files, the test
suite as well as the INSTALL and README files to reflect these changes.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Support for multiple servers has never been used by the official aurweb
setup and the current implementation makes it impossible to use server
URIs that contain spaces. For simplicity, change the implementation such
that only a single server is supported.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of writing the output to hardcoded files (relative to the
document root), make the output paths of mkpkglists configurable.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In addition to MySQL, add support for SQLite to the database abstraction
layer. Also, add a new configuration option to select the DBMS.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
From the sshd(8) man page:
Enable all restrictions, i.e. disable port, agent and X11
forwarding, as well as disabling PTY allocation and execution of
~/.ssh/rc. If any future restriction capabilities are added to
authorized_keys files they will be included in this set.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Introduce a configuration option max_depends which can be used to
specify a maximum number of (reverse) dependencies to display on the
package details pages.
Fixes FS#49059.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Circumvents the temporary regression in git that clones a repository
as foo-git.git instead of foo-git and matches the format used by
other commonly used git hosting providers.
Fixes FS#45834.
Signed-off-by: Stefan Auditor <stefan.auditor@erdfisch.de>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Implement a new command that can be used to restore deleted package
bases without having to push a new commit.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Use a Python script for sending notification emails. The notification
action and additional parameters are passed via command line arguments.
For comment and package request notifications, the text is passed via
stdin.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Using uWSGI for the Smart HTTP protocol caused some issues, see e.g.
FS#45428. Suggest using fcgiwrap instead which is more lightweight, has
better documentation and is easier to debug.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Prior to aurweb 4.0.0, URLPath in the JSON RPC didn't include the host
name, only the path.
This removes the host name and makes the URL compatible with programs
expecting the old semantics (i.e. cower).
Closes FS#45333.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Allow for excluding certain IP addresses from the maintenance mode. This
allows administrators to view the web page while the site is still under
maintenance for the rest of the world.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add support for a maintenance mode that disables both the website and
the SSH interface and can be enabled easily using a configuration
option.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Make the locations of the PKGBUILD preview, the log and the snapshot
tarball configurable. This increases flexibility and simplifies the code
a bit.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Remove the template-path and git-update-hook options which are no longer
used. Update the git_clone_uri_anon default value.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of using one Git repository per package, use a single large
object storage for space efficiency. The refs of the individual package
bases are divided using gitnamespaces(7) which allows for exposing each
namespace as an independent repository easily. Also, git-serve is
modified to create a branch for each package, allowing to browse the
large repository with cgit.
Helped-by: Florian Pritz <bluewind@xinu.at>
Helped-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
We no longer run a separate SSH daemon on port 2222. Change the default
configuration accordingly. Also remove some configuration files that are
no longer needed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
