summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorBryan Bishop <kanzure@gmail.com>2010-10-29 19:46:24 -0500
committerBryan Bishop <kanzure@gmail.com>2010-10-29 19:46:24 -0500
commit7786ce2a332b0eba4b3ca7c57f906a32e8715da3 (patch)
tree5a9fe32b69a93f41ae2ac82a50788fe50c0d86fb /docs
parent413373be9ab30eb21b564cdc180cb2dcda77bfeb (diff)
downloadpiny-code-7786ce2a332b0eba4b3ca7c57f906a32e8715da3.tar.gz
piny-code-7786ce2a332b0eba4b3ca7c57f906a32e8715da3.zip
Starting repo cleanup to make this not so awful
Diffstat (limited to 'docs')
-rw-r--r--docs/architecture.mdwn1
-rw-r--r--docs/architecture/data.mdwn19
-rw-r--r--docs/architecture/features.mdwn7
-rw-r--r--docs/architecture/mail.mdwn6
-rw-r--r--docs/architecture/needed_admin_infrastructure.mdwn7
-rw-r--r--docs/architecture/needed_user_facing_infrastructure.mdwn37
-rw-r--r--docs/architecture/setup_file_overrides.mdwn24
7 files changed, 101 insertions, 0 deletions
diff --git a/docs/architecture.mdwn b/docs/architecture.mdwn
new file mode 100644
index 0000000..581ceb7
--- /dev/null
+++ b/docs/architecture.mdwn
@@ -0,0 +1 @@
+[[!map pages="architecture/* and ! architecture/*/*"]]
diff --git a/docs/architecture/data.mdwn b/docs/architecture/data.mdwn
new file mode 100644
index 0000000..a81a268
--- /dev/null
+++ b/docs/architecture/data.mdwn
@@ -0,0 +1,19 @@
+Data model!
+
+Dynamic data lookup should opportunisticly cache any associated cheap data. For instance, there are three data from stat(/srv/git/$reponame.git), so looking up one should grab the others. Jules points out that everything here is inherently cached, and I should be using getpw*() for passwd parsing.
+
+[[!table format=dsv delimiter=# data="""
+datum #stored location #constraint
+username #usually $ENV{SUDO_USER} # !~ /^git-|^ikiwiki-/ and =~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/
+uid #/etc/passwd # None
+email #/etc/passwd GECOS #Email::Valid::Loose->new("-fqdn" => 1, "-fudge" => 0, "-local_rules" => 0, "-mxcheck" => 1, "-tldcheck" => 0 );
+repoaccess #/etc/group git-$reponame entry # None
+reponame #/srv/git/$reponame.git # =~ /^[a-z0-9][a-z0-9.-]+$/
+repodescription #/srv/git/$reponame.git/description # =~ /^[\x{0020}-\x{FDCF}\x{FDF0}-\x{FFFD}]{1,80}$/
+repoowner #stat /srv/git/$reponame.git/objects uid; might be better as first non-ikiwiki user in /etc/group git-$reponame entry # None
+repoglobalwritable #stat /srv/git/$reponame.git/objects o+w bit # None
+repoglobalreadable #stat /srv/git/$reponame.git/objects o+r bit # None
+repoikiwikidisable #probably in /srv/git/$reponame.git/config # None
+repointernaltemplates #probably in /srv/git/$reponame.git/config # None
+repospecialdomain #probably in /srv/git/$reponame.git/config # None
+"""]]
diff --git a/docs/architecture/features.mdwn b/docs/architecture/features.mdwn
new file mode 100644
index 0000000..fbdedb2
--- /dev/null
+++ b/docs/architecture/features.mdwn
@@ -0,0 +1,7 @@
+An in-distributed-repo model for
+
+- code
+- blogs
+- bugs
+- web pages
+- [[mail]]
diff --git a/docs/architecture/mail.mdwn b/docs/architecture/mail.mdwn
new file mode 100644
index 0000000..61bbfcd
--- /dev/null
+++ b/docs/architecture/mail.mdwn
@@ -0,0 +1,6 @@
+I can presumably get mailing lists into ikiwiki using one of the following:
+
+- MLM+Ikiwiki [comment-by-mail plugin](http://ikiwiki.info/todo/comment_by_mail/)
+- MLM+Ikiwiki [mailbox plugin](http://pivot.cs.unb.ca/git/?p=ikimailbox.git;a=summary)
+
+But how would we get it into git? Might we have to do that externally?
diff --git a/docs/architecture/needed_admin_infrastructure.mdwn b/docs/architecture/needed_admin_infrastructure.mdwn
new file mode 100644
index 0000000..59365c2
--- /dev/null
+++ b/docs/architecture/needed_admin_infrastructure.mdwn
@@ -0,0 +1,7 @@
+- DONE: HTTP AUTH from PAM through the magic of mod-auth-pam
+- DONE: HTTP access from /etc/group through the magic of mod-auth-sys-group
+- DONE: Shell security through rbash and privilege escalation security (for mkwiki, mkuser, etc) through sudo
+- DONE: Guaranteed namespace coherence with the vhosting of cgi, secure, and normal with the aid of a wildcard SSL certificate
+- TODO: Work out how to pass mailing list emails around. Probably either ssh or vserver namespace magic.
+- DONE: manual [[setup file overrides]], /etc/ikiwiki/piny/$reponame.setup.pl, included directly with 'do' before dumping state.
+- DONE: rebuildrepo
diff --git a/docs/architecture/needed_user_facing_infrastructure.mdwn b/docs/architecture/needed_user_facing_infrastructure.mdwn
new file mode 100644
index 0000000..1e7284a
--- /dev/null
+++ b/docs/architecture/needed_user_facing_infrastructure.mdwn
@@ -0,0 +1,37 @@
+TODO: user-facing documentation on piny-web
+TODO: help system on pinyshell (display on login)
+
+It'd be nice to maintain feature parity between command line access and web access.
+
+[[!table data="""
+feature |command line |web
+anonymous account creation |DONE: ssh createuser@piny.be |TODO: CGI frontend to adduser
+password modification |DONE: /srv/rbin/passwd |TODO: Authen::PAM chauthtok CGI jblake: the pam interface was *really* not designed with http in mind though if you hard-code the interaction script it's not hard at all
+repo creation, deletion |DONE: /srv/rbin/newrepo, rmrepo, lsrepo |TODO: CGI frontend
+repo user management |DONE: /srv/rbin/addaccess, rmaccess, lsaccess |TODO: CGI frontend
+[[mailing list addition|mail]] |TODO: /srv/rbin/addlist, dependent on getting sympa up |TODO: CGI frontend
+authorized_keys modification |DONE: /srv/rbin/readkeys, writekeys, appendkeys |TODO: CGI frontend, though i am not convinced anyone would care
+disable password auth if ssh key|TODO |Ha ha NEVER
+commit access |DONE: git+ssh://piny.be/srv/git/whatever.git |DONE: Ikiwiki+mod-auth-sys-group/mod-auth-pam, though I am told there is a magic hook to allow public editing through git://
+wysiwyg editing tool |Ha ha no |TODO: wmd a good option, though needs UI tweaks
+fork |TODO: /srv/rbin/fork |TODO: CGI frontend
+upload and commit container contents |no |TODO: CGI frontend
+user or repo activity data aggregation |TODO: /srv/rbin/activity |TODO: rss generation, possibly install a dynamic rss reader
+help system |lock down 'man', print introduction on login |command documentation should be rendered online, perhaps
+config tweaking |PARTIAL: pinyconfig |TODO: CGI frontend
+"""]]
+
+Needed config tweakables
+
+- TODO: ikiwiki-editable vs. git-only
+- TODO: toggle ikiwiki autoindexing
+- TODO: optional use of repository subdirectory as srcdir
+- TODO: globally readable repos vs. group readable repos
+- TODO: globally writable repos vs. group writable repos
+- TODO: editable ikiwiki templates vs. default layout
+- TODO: user-configured domain vs. default piny domain
+
+Other
+
+- TODO: overall site layout/theme/css
+- TODO: front page to piny server editable by sysadmin ("here's what's on this server; readme; faq; about;")
diff --git a/docs/architecture/setup_file_overrides.mdwn b/docs/architecture/setup_file_overrides.mdwn
new file mode 100644
index 0000000..6133a22
--- /dev/null
+++ b/docs/architecture/setup_file_overrides.mdwn
@@ -0,0 +1,24 @@
+Use cases:
+
+### Adding post-update hooks, which requires diverting Ikiwiki's hook.
+
+ mv /srv/git/poop.git/hooks/post-update /srv/git/poop.git/hooks/post-update-ikiwiki
+ cat > /srv/git/poop.git/hooks/post-update
+ #!/bin/sh
+ /srv/git/poop.git/hooks/post-update-ikiwiki &
+ echo This is a hook that does things!
+ cat > /srv/ikiwiki/piny/poop.setup.pl
+ foreach(@{$conf->{wrappers}}) { $_->{wrapper} =~ s/post-update/post-update-ikiwiki/; };
+ rebuildrepo poop
+
+### Adding or removing plugins, or plugin confuration variables.
+
+ cat > /srv/ikiwiki/piny/poop.setup.pl
+ push(@{$conf->{add_plugins}}, 'txt');
+ rebuildrepo poop
+
+### Any other special confuration requests from hosted projects.
+
+ cat > /srv/ikiwiki/piny/poop.setup.pl
+ $conf->{teximg_prefix} .= "\n\\newcommand{\\unit}[1]{\\ensuremath{\\, \\mathrm{#1}}}"
+ rebuildrepo poop