The TTL for package details can be much longer than for generic values
since they never change. Note that when an update is pushed via Git, all
packages belonging to that package base are deleted and new packages are
created.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add a new configuration option to specify the locale directory to use.
This allows the Python scripts to find the translations, even when not
being run from the source code checkout. At the same time, multiple
parallel aurweb setups can still use different sets of translations.
Fixes FS#59278.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In the process, rename config.proto to config.defaults (because that is
what it is now).
Also use dict.get('key', default_value) when querying os.environ, rather
than an if block, as it is more pythonic/readable/concise, and reduces
the number of dict lookups.
This change allows aurweb configuration to be done via either:
- copying config.defaults to config and modifying values
- creating a new config only containing modified values, next to a
config.defaults containing unmodified values
The motivation for this change is to enable ansible configuration in our
flagship deployment by storing only changed values, and deferring to
config.defaults otherwise.
A side benefit is, it is easier to see what has changed by inspecting
only the site configuration file.
If a config.defaults file does not exist next to $AUR_CONFIG or in
$AUR_CONFIG_DEFAULTS, it is ignored and *all* values are expected to
live in the modified config file.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Change the defines to config_get and add one cache option and one option
to define memcache_servers. Mention the required dependency to get
memcached working in the INSTALL file.
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This allows us to prevent users from hammering the API every few seconds
to check if any of their packages were updated. Real world users check
as often as every 5 or 10 seconds.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In addition to the packages list and the package base list, also create
a list of registered user names.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Automatically detect Git commit identifiers, shorten them, and make them
link to the cgit interface.
Implements FS#43290.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of converting package comments from plain text to HTML code when
they are displayed, do the conversion when the comment is posted and
store the rendered result in the database. The conversion itself is done
by a Python script which uses Bleach for sanitizing the text.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, each source file which is an external link (http://,
https://, ...) is a clickable link.
This commit extends the behaviour by making files from the repository
clickable as well. The link brings the user to the corresponding cgit
page.
Also, the link to the PKGBUILD is altered to make the configuration more
consistent.
Signed-off-by: Janne Heß <jannehess@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
As of commit 3718860 (Make maintenance scripts installable, 2016-10-17),
the notification script is installed as aurweb-notify. Update the
sample configuration file accordingly.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, aurweb displays all dates and times in UTC time. This patch
adds a capability for each logged in user to set their preferred
timezone.
Implements FS#48729.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
There are 95 printable ASCII characters which with a minimum length of 4
gives 95^4 or 81 million possible passwords. Increasing the minimum
length to 8 increases the number of possible passwords by a factor of
about 10^7.
Relates to FS#52297.
Signed-off-by: Alex Muller <alex@mullr.net>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Move the Git interface scripts from git-interface/ to aurweb/git/. Use
setuptools to automatically create wrappers which can be installed using
`python3 setup.py install`. Update the configuration files, the test
suite as well as the INSTALL and README files to reflect these changes.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Support for multiple servers has never been used by the official aurweb
setup and the current implementation makes it impossible to use server
URIs that contain spaces. For simplicity, change the implementation such
that only a single server is supported.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of writing the output to hardcoded files (relative to the
document root), make the output paths of mkpkglists configurable.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In addition to MySQL, add support for SQLite to the database abstraction
layer. Also, add a new configuration option to select the DBMS.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
From the sshd(8) man page:
Enable all restrictions, i.e. disable port, agent and X11
forwarding, as well as disabling PTY allocation and execution of
~/.ssh/rc. If any future restriction capabilities are added to
authorized_keys files they will be included in this set.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Introduce a configuration option max_depends which can be used to
specify a maximum number of (reverse) dependencies to display on the
package details pages.
Fixes FS#49059.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Circumvents the temporary regression in git that clones a repository
as foo-git.git instead of foo-git and matches the format used by
other commonly used git hosting providers.
Fixes FS#45834.
Signed-off-by: Stefan Auditor <stefan.auditor@erdfisch.de>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Implement a new command that can be used to restore deleted package
bases without having to push a new commit.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Use a Python script for sending notification emails. The notification
action and additional parameters are passed via command line arguments.
For comment and package request notifications, the text is passed via
stdin.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Using uWSGI for the Smart HTTP protocol caused some issues, see e.g.
FS#45428. Suggest using fcgiwrap instead which is more lightweight, has
better documentation and is easier to debug.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Prior to aurweb 4.0.0, URLPath in the JSON RPC didn't include the host
name, only the path.
This removes the host name and makes the URL compatible with programs
expecting the old semantics (i.e. cower).
Closes FS#45333.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Allow for excluding certain IP addresses from the maintenance mode. This
allows administrators to view the web page while the site is still under
maintenance for the rest of the world.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add support for a maintenance mode that disables both the website and
the SSH interface and can be enabled easily using a configuration
option.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Make the locations of the PKGBUILD preview, the log and the snapshot
tarball configurable. This increases flexibility and simplifies the code
a bit.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Remove the template-path and git-update-hook options which are no longer
used. Update the git_clone_uri_anon default value.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of using one Git repository per package, use a single large
object storage for space efficiency. The refs of the individual package
bases are divided using gitnamespaces(7) which allows for exposing each
namespace as an independent repository easily. Also, git-serve is
modified to create a branch for each package, allowing to browse the
large repository with cgit.
Helped-by: Florian Pritz <bluewind@xinu.at>
Helped-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
We no longer run a separate SSH daemon on port 2222. Change the default
configuration accordingly. Also remove some configuration files that are
no longer needed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Use the latest version of Damien Miller's patch to extend the parameters
to the AuthorizedKeysCommand.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Allow users to remove their own package bases for a short period of time
after initial submission (defaults to one day).
Implements FS#43648.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Rename the project to help differentiate between the software providing
access to the Arch User Repository and the collection of source packages
itself.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Do not waste disk space by copying dozens of unneeded sample hooks. Use
a custom template directory that only includes the git-update hook.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The AUR backend already uses several Python scripts, rewrite the aurblup
helper as well. This has several advantages:
* We can easily use the main configuration file without using any shell
script wrappers.
* aurblup does not need to be recompiled on libalpm soname bumps.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Show a public clone URL (using Git over HTTP) by default and only show
the private clone URL to the package maintainer.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Remove package submission page from the web interface.
* Replace PKGBUILD and tarball links with links to cgit.
* Remove the "URLPath" field from RPC replies.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
