forge/Vervis
1
0
Fork 0
Code Pull requests Activity

Move remaining env/state files into state/ dir

Browse source
This commit is contained in:
Pere Lev 2024-10-16 01:00:15 +03:00
parent 27f1fe2db3
commit 0e2ab56219
No known key found for this signature in database
GPG key ID: 5252C5C863E5E57D
8 changed files with 20 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.gitignore vendored
View file

@ -10,12 +10,9 @@ stack.yaml.lock
# yesod # yesod
static/tmp/ static/tmp/
static/combined/ static/combined/
config/client_session_key.aes state/client_session_key.aes
yesod-devel/ yesod-devel/
# vervis # vervis
config/settings.yml
config/ssh-host-key
config/ssh-host-key.pub
lib/ lib/
state/ state/

6
INSTALL.md
View file

@ -104,13 +104,13 @@ Create a directory to hold mutable application state:
Generate a new SSH key with a blank password: Generate a new SSH key with a blank password:
$ ssh-keygen -t rsa -m PEM -f config/ssh-host-key $ ssh-keygen -t rsa -m PEM -f state/ssh-host-key
Update the settings to specify correct database connection details and other Update the settings to specify correct database connection details and other
settings. settings.
$ cp config/settings-default.yaml config/settings.yml $ cp settings-default.yaml state/settings.yml
$ vim config/settings.yml $ vim state/settings.yml
Create a directory that will keep all the VCS repositories hosted by Vervis. Create a directory that will keep all the VCS repositories hosted by Vervis.
Its name should match the `repo-dir` setting in `config/settings.yml`. For Its name should match the `repo-dir` setting in `config/settings.yml`. For

4
config/settings-default.yaml → settings-default.yaml
View file

@ -20,9 +20,6 @@ ip-from-header: "_env:IP_FROM_HEADER:false"
# you deploy an instance. # you deploy an instance.
instance-host: "_env:INSTANCE_HOST:localhost" instance-host: "_env:INSTANCE_HOST:localhost"
# Encryption key file for encrypting the session cookie sent to clients
client-session-key: config/client_session_key.aes
# How much time after the last request it takes for the session cookie to # How much time after the last request it takes for the session cookie to
# expire # expire
client-session-timeout: client-session-timeout:
@ -92,7 +89,6 @@ diff-context-lines: 5
############################################################################### ###############################################################################
ssh-port: 5022 ssh-port: 5022
ssh-key-file: config/ssh-host-key
############################################################################### ###############################################################################
# Accounts # Accounts

10
src/Vervis/Application.hs
View file

@ -165,6 +165,9 @@ moveFileIfExists from to = do
exists <- doesFileExist from exists <- doesFileExist from
when exists $ renameFile from to when exists $ renameFile from to
settingsYml :: FilePath
settingsYml = "state/settings.yml"
-- This line actually creates our YesodDispatch instance. It is the second half -- This line actually creates our YesodDispatch instance. It is the second half
-- of the call to mkYesodData which occurs in Foundation.hs. Please see the -- of the call to mkYesodData which occurs in Foundation.hs. Please see the
-- comments there for more details. -- comments there for more details.
@ -461,7 +464,7 @@ getApplicationDev = do
return (wsettings, app) return (wsettings, app)
getAppSettings :: IO AppSettings getAppSettings :: IO AppSettings
getAppSettings = loadYamlSettings [configSettingsYml] [] useEnv getAppSettings = loadYamlSettings [settingsYml] [] useEnv
-- | main function for use by yesod devel -- | main function for use by yesod devel
develMain :: IO () develMain :: IO ()
@ -552,10 +555,13 @@ fillPermitRecords = do
-- | The @main@ function for an executable running this site. -- | The @main@ function for an executable running this site.
appMain :: IO () appMain :: IO ()
appMain = do appMain = do
-- Remove in 2025
moveFileIfExists "config/settings.yml" "state/settings.yml"
-- Get the settings from all relevant sources -- Get the settings from all relevant sources
settings <- loadYamlSettings settings <- loadYamlSettings
-- Read settings from the settings file -- Read settings from the settings file
[configSettingsYml] [settingsYml]
-- Fall back to compile-time values, set to [] to require values at -- Fall back to compile-time values, set to [] to require values at
-- runtime -- runtime

3
src/Vervis/Foundation.hs
View file

@ -41,6 +41,7 @@ import Database.Persist.Sql (ConnectionPool)
import Fcf (Eval, Map) import Fcf (Eval, Map)
import Network.HTTP.Client (Manager, HasHttpManager (..)) import Network.HTTP.Client (Manager, HasHttpManager (..))
import Network.HTTP.Types.Header import Network.HTTP.Types.Header
import System.FilePath ((</>))
import Text.Shakespeare.Text (textFile) import Text.Shakespeare.Text (textFile)
import Text.Hamlet (hamletFile) import Text.Hamlet (hamletFile)
--import Text.Jasmine (minifym) --import Text.Jasmine (minifym)
@ -222,7 +223,7 @@ instance Yesod App where
let s = appSettings app let s = appSettings app
t = fromIntegral t = fromIntegral
(toTimeUnit $ appClientSessionTimeout s :: U.Minute) (toTimeUnit $ appClientSessionTimeout s :: U.Minute)
k = appClientSessionKeyFile s k = appStateDir s </> "client_session_key.aes"
in Just <$> defaultClientSessionBackend t k in Just <$> defaultClientSessionBackend t k
-- Yesod Middleware allows you to run code before and after each handler function. -- Yesod Middleware allows you to run code before and after each handler function.

5
src/Vervis/Migration.hs
View file

@ -3952,6 +3952,11 @@ changes hLocal ctx =
moveFileIfExists "delivery-counter.sqlite3" "state/delivery-counter.sqlite3" moveFileIfExists "delivery-counter.sqlite3" "state/delivery-counter.sqlite3"
moveFileIfExists "delivery-counter.sqlite3-shm" "state/delivery-counter.sqlite3-shm" moveFileIfExists "delivery-counter.sqlite3-shm" "state/delivery-counter.sqlite3-shm"
moveFileIfExists "delivery-counter.sqlite3-wal" "state/delivery-counter.sqlite3-wal" moveFileIfExists "delivery-counter.sqlite3-wal" "state/delivery-counter.sqlite3-wal"
-- 669
, unchecked $ lift $ liftIO $ do
moveFileIfExists "config/ssh-host-key" "state/ssh-host-key"
moveFileIfExists "config/ssh-host-key.pub" "state/ssh-host-key.pub"
moveFileIfExists "config/client_session_key.aes" "state/client_session_key.aes"
] ]
migrateDB migrateDB

6
src/Vervis/Settings.hs
View file

@ -106,8 +106,6 @@ data AppSettings = AppSettings
-- behind a reverse proxy. -- behind a reverse proxy.
, appIpFromHeader :: Bool , appIpFromHeader :: Bool
-- | Path of session cookie encryption key file
, appClientSessionKeyFile :: FilePath
-- | Idle timeout for session cookie expiration -- | Idle timeout for session cookie expiration
, appClientSessionTimeout :: TimeInterval , appClientSessionTimeout :: TimeInterval
@ -142,8 +140,6 @@ data AppSettings = AppSettings
, appPostApplyHookFile :: FilePath , appPostApplyHookFile :: FilePath
-- | Port for the SSH server component to listen on -- | Port for the SSH server component to listen on
, appSshPort :: Int , appSshPort :: Int
-- | Path to the server's SSH private key file
, appSshKeyFile :: FilePath
-- | Whether new user accounts can be created. -- | Whether new user accounts can be created.
, appRegister :: Bool , appRegister :: Bool
-- | The maximal number of user accounts that can be registered. -- | The maximal number of user accounts that can be registered.
@ -230,7 +226,6 @@ instance FromJSON AppSettings where
let appPort = fromIntegral port let appPort = fromIntegral port
appIpFromHeader <- o .: "ip-from-header" appIpFromHeader <- o .: "ip-from-header"
appClientSessionKeyFile <- o .: "client-session-key"
appClientSessionTimeout <- interval <$> o .: "client-session-timeout" appClientSessionTimeout <- interval <$> o .: "client-session-timeout"
appHttpSigTimeLimit <- interval <$> o .: "request-time-limit" appHttpSigTimeLimit <- interval <$> o .: "request-time-limit"
@ -249,7 +244,6 @@ instance FromJSON AppSettings where
appPostReceiveHookFile <- o .:? "post-receive-hook" .!= detectedHookFile appPostReceiveHookFile <- o .:? "post-receive-hook" .!= detectedHookFile
appPostApplyHookFile <- o .:? "post-apply-hook" .!= detectedDarcsHookFile appPostApplyHookFile <- o .:? "post-apply-hook" .!= detectedDarcsHookFile
appSshPort <- o .: "ssh-port" appSshPort <- o .: "ssh-port"
appSshKeyFile <- o .: "ssh-key-file"
appRegister <- o .: "registration" appRegister <- o .: "registration"
appAccounts <- o .: "max-accounts" appAccounts <- o .: "max-accounts"
appEmailVerification <- o .:? "email-verification" .!= not defaultDev appEmailVerification <- o .:? "email-verification" .!= not defaultDev

2
src/Vervis/Ssh.hs
View file

@ -360,7 +360,7 @@ mkConfig
-> TVar (HashMap RepoId (Ref Repo)) -> TVar (HashMap RepoId (Ref Repo))
-> IO (Config SessionBase ChannelBase UserAuthId) -> IO (Config SessionBase ChannelBase UserAuthId)
mkConfig settings ctx pool logFunc theater reposVar = do mkConfig settings ctx pool logFunc theater reposVar = do
keyPair <- keyPairFromFile $ appSshKeyFile settings keyPair <- keyPairFromFile $ appStateDir settings </> "ssh-host-key"
return $ Config return $ Config
{ cSession = SessionConfig { cSession = SessionConfig
{ scAuthMethods = ["publickey"] { scAuthMethods = ["publickey"]