Commit Graph

117 Commits

Author SHA1 Message Date
Jason A. Donenfeld
b826537cb4 authentication: use hidden form instead of referer
This also gives us some CSRF protection. Note that we make use of the
hmac to protect the redirect value.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-16 12:13:39 +01:00
Jason A. Donenfeld
d6e9200cc3 auth: add basic authentication filter framework
This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-16 02:28:12 +01:00
Jason A. Donenfeld
6ca734da8f filter: allow returning exit code from filter
Filters can now indicate a status back to cgit by means of the exit code
for exec, or the return value from close for Lua.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-14 18:09:52 +01:00
Lukas Fleischer
70546a3458 cgitrc.5.txt: Fix documentation of the snapshot mask
Mention that the snapshot setting only specifies the formats that links
are generated for and not the set of formats that are accessible via
HTTP.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-14 02:30:01 +01:00
Jason A. Donenfeld
786609bd36 filter: add page source to email filter
Since the email filter is called from lots of places, the script might
benefit from knowing the origin. That way it can modify its contents
and/or size depending.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-14 02:00:07 +01:00
Jason A. Donenfeld
a5e1553726 filter: add support for email filter
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-14 02:00:07 +01:00
Jason A. Donenfeld
f43b228d0b filter: add lua support
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-14 02:00:07 +01:00
John Keeping
4bb87cbf17 filter: introduce "filter type" prefix
This allows different filter implementations to be specified in the
configuration file.  Currently only "exec" is supported, but it may now
be specified either with or without the "exec:" prefix.

Signed-off-by: John Keeping <john@keeping.me.uk>
2014-01-14 02:00:07 +01:00
Přemysl Janouch
4f6fb32f58 Add a suggestion to the manpage
So that people wishing to use "enable-http-clone" don't have to find
out the correct settings on their own.

Signed-off-by: Přemysl Janouch <p.janouch@gmail.com>
2014-01-08 16:48:02 +01:00
Přemysl Janouch
17e6a2af9d Fix the example configuration
"enable-git-clone" doesn't exist, replaced with "enable-http-clone".

Signed-off-by: Přemysl Janouch <p.janouch@gmail.com>
2014-01-08 16:47:23 +01:00
Přemysl Janouch
88028ad597 Fix some spelling errors
Signed-off-by: Přemysl Janouch <p.janouch@gmail.com>
2014-01-08 16:45:42 +01:00
Jason A. Donenfeld
cf152604c3 Fix silly spelling error. 2013-08-16 13:15:17 -06:00
Christian Hesse
820df9c660 add a note about generating agefile in hook 2013-08-12 13:14:10 -06:00
Jason A. Donenfeld
61ff10065b cache: document negative ttls and add about ttl
We've long supported negative ttls, for infinite cache, except the
documentation incorrectly showed one of our defaults as being 5 and not
-1. As well, with a negative ttl, we were actually making the HTTP
expired header go backwards. This changes it to go ahead ten years
instead.

Further, we add an cache-about-ttl option to set a different ttl for
about pages, which are now increasingly being filtered through markdown
or just sent statically anyway.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-08-12 13:14:10 -06:00
Christian Hesse
830eb6f6ff use favicon by default 2013-08-12 12:44:44 -06:00
Jason A. Donenfeld
d6d3dbc858 cgitrc.5: improve example config
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-27 21:54:16 +02:00
Jason A. Donenfeld
dcbc0438b2 readme: use string_list instead of space deliminations
Now this is possible in cgitrc -

readme=:README.md
readme=:readme.md
readme=:README.mkd
readme=:readme.mkd
readme=:README.rst
readme=:readme.rst
readme=:README.html
readme=:readme.html
readme=:README.htm
readme=:readme.htm
readme=:README.txt
readme=:readme.txt
readme=:README
readme=:readme
readme=:INSTALL.txt
readme=:install.txt
readme=:INSTALL
readme=:install

Suggested-by: John Keeping <john@keeping.me.uk>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-26 16:30:03 +02:00
Jason A. Donenfeld
2a1ead3efb cgitrc.5: information on directory traversal and multiple readme files
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25 20:33:28 +02:00
Jason A. Donenfeld
c0dfaf1c28 ui-summary: Pass filename to about-filter
This gives the about-filter API the same semantics as source-filter,
where the filter receives the filename so it can decide what to do next
with it.

While we're at it, plug a memory leak.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25 20:33:28 +02:00
Jason A. Donenfeld
3cb5d86dc6 ui-summary: Use default branch for readme if : prefix
If the readme value begins with ":", and has no specified branch before
it, use the repository's default branch.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25 20:33:28 +02:00
Jason A. Donenfeld
a8d613efdc cgitrc.5.txt: Specify when scan-path must be defined before.
Several options must be specified prior to scan-path. This is consistant
source of user confusion. Document these facts.

Suggested-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-04-10 14:49:31 +02:00
Jason A. Donenfeld
389cc17357 Add branch-sort and repo.branch-sort options.
When set to "name", branches are sorted by name, which is the current
default. When set to "age", branches are sorted by the age of the
repository.

This feature was requested by Konstantin Ryabitsev for use on
kernel.org.

Proposed-by: Konstantin Ryabitsev <mricon@kernel.org>
2013-04-10 14:48:26 +02:00
Florian Pritz
b1e172acca Make "owner" column on index page configurable
This is not really needed for personal sites where all repos belong to
the same person. Since it is pretty useful for shared sites however, it
should be configurable.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-02-01 12:50:24 +01:00
Jason A. Donenfeld
c6f5bc7264 man: fix up default value duplication 2012-11-15 17:21:47 +01:00
Jason A. Donenfeld
ab9805aa86 man: show mime type default value 2012-11-15 01:26:06 +01:00
Jason A. Donenfeld
37141051ed Fix man page typo. 2012-10-18 23:36:44 +02:00
Tobias Bieniek
792f813d34 ui-log: Add "commit-sort" option for controlling commit ordering
This makes it possible to use strict commit date ordering or strict
topological ordering by passing the corresponding flags to "git log".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-17 16:30:29 +02:00
Tobias Bieniek
7a4e7c8ffb ui-repolist: Add "section-sort" flag to control section sorting.
Flag which, when set to "1", will sort the sections on the repository
listing by name. Set this flag to "0" if the order in the cgitrc file
should be preserved. Default value: "1".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-17 16:30:22 +02:00
Jason A. Donenfeld
521e10c884 scan-tree: Unify gitweb.* and cgit.* settings into one config option.
After some back and forth with Jamie and René, it looks like the git
config semantics are going to be like this:

- gitweb.category maps to the cgit repo config key "section"
- gitweb.description maps to the cgit repo config key "desc"
- gitweb.owner maps to the cgit repo config key "owner"
- cgit.* maps to all cgit repo config keys

This option can be enabled with "enable-git-config=1", and replaces
all previous "enable-gitweb-*" config keys.

The order of operations is as follows:

- git config settings are applied in the order that they exist in
  the git config file
- if the owner is not set from git config, get the owner using the
  usual getpwuid call
- if the description is not set from git config, look inside the
  static $path/description file
- if section-from-path=1, override whatever previous settings were
  inside of git config using the section-from-path logic
- parse $path/cgitrc for local repo.* settings, that override all
  previous settings
2012-10-17 16:30:09 +02:00
Jason A. Donenfeld
fdfb6a6d80 ui-repolist: Rename section-sort to repository-sort.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-16 23:32:53 +02:00
Jason A. Donenfeld
184c5655b2 ui-repolist: Case insensitive sorting and age sort
Add two options, one for doing the ordinary name sorts in a
case-insensitive manner, and another for choosing to sort repos in each
section by age instead of by name.
2012-07-12 20:01:46 +02:00
Jason A. Donenfeld
fc9181ff3d scan-tree: Support gitweb.category.
Use gitweb.category from git config to determine repo's section, if
option is enabled.
2012-07-12 20:01:46 +02:00
Jason A. Donenfeld
b56be4ba3a scan-tree: Support gitweb.description.
Use gitweb.description instead of description file to determine
description, if option is enabled.
2012-07-12 20:01:46 +02:00
Lars Hjemli
ae90a0b2d1 Merge branch 'fh/mimetypes' 2012-03-18 21:01:28 +00:00
Lars Hjemli
181b6e789b Merge branch 'jp/defbranch' 2012-03-18 21:00:18 +00:00
Lars Hjemli
2b9fab8d30 Merge branch 'lh/module-links' 2012-03-18 20:59:36 +00:00
Lukas Fleischer
d96d2c98eb shared.c: Only setenv() if value is non-null
Some setenv() implementations (e.g. the one in OpenBSD's stdlib)
segfault if we pass a NULL value. Only set environment variables if the
corresponding settings are defined to avoid this.

Note that this is a minor behaviour change as environment variables were
supposed to be set to an empty string if a setting was undefined. Given
that this feature isn't part of any official release yet, there's no
need to worry about backwards compatibility, really. Change the
documentation accordingly.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2012-01-03 14:59:36 +00:00
Ferry Huberts
d01c600c17 ui_plain: automatically lookup mimetype when mimetype-file is set
For sites that do not want to configure mime types by hand but
still want the correct mime type for 'plain' blobs, configuring
a mime type file is made possible. This is handy since such a
file is normally already provided (at least on Linux systems).

Also, this reflects the gitweb option '$mimetypes_file'

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-19 09:30:07 +00:00
Julius Plenz
d711de5528 guess default branch from HEAD
This is a saner alternative than hardcoding the default branch to be
"master". The add_repo() function will now check for a symbolic ref in
repo_path/HEAD. If there is a suitable one, overwrite repo->defbranch
with it. Note that you'll need to strip the newline from the file (->
len-17).

If HEAD is a symbolic link pointing directly to a branch below
refs/heads/, do a readlink() instead to find the ref name.

Signed-off-by: Julius Plenz <plenz@cis.fu-berlin.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-20 20:42:19 +02:00
Lars Hjemli
3fbaf09715 Do not provide a default value for module-link
The old default value was an abomination which never should have been
allowed to see the light of day.

This patch removes the default, which is a backwards incompatible change
with low probability of causing anyone any real trouble (a repo with
submodules, displayed by cgit using the default value of `module-link`,
is very unlikely to actually generate working links).

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-15 10:40:13 +02:00
Lars Hjemli
6857bec50a ui-tree.c: add support for path-selected submodule links
The current 'repo.module-link' option is sufficient when all gitlinks
in a repository can be converted to commit links in a uniform way, but
not when different submodules/paths needs different settings.

This patch adds support for 'repo.module-link.<path>', which will be
used for linking to submodules at paths matching one such entry.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-15 10:40:13 +02:00
Lars Hjemli
8729d251a9 Merge branch 'stable' 2011-06-15 10:40:00 +02:00
Lars Hjemli
46ca32e043 cgitrc.5.txt: document repo.module-link
The global module-link option can be overridden per repo, but this has
never been documented.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-15 10:39:43 +02:00
Lars Hjemli
a1429dbc89 cgit.c: add 'clone-url' setting with support for macro expansion
The current 'clone-prefix' setting has some known issues:
* All repos get the same 'clone-prefix' value since the setting is not
  adopted during repo registration (in cgitrc, or during scan-path traversal),
  but only when the setting is used.
* The generated clone-urls for a repo is a combination of 'clone-prefix', a
  slash and the repo url. This doesn't work well with e.g. ssh-style urls
  like 'git@example.org:repo.git', since the inserted slash will make the
  repo relative to the filesystem root.
* If 'remove-suffix' is enabled, the generated clone-urls will not work for
  cloning (except for http-urls to cgit itself) since they miss the '.git'
  suffix.

The new 'clone-url' setting is designed to avoid the mentioned issues:
* Each repo adopts the default 'clone-url' when the repo is defined. This
  allows different groups of repos to adopt different values.
* The clone-urls for a repo is generated by expanding environment variables
  in a string template without inserting arbitrary characters, hence any
  kind of clone-url can be generated.
* Macro expansion also eases the 'remove-suffix' pain since it's now
  possible to define e.g. 'clone-url=git://foo.org/$CGIT_REPO_URL.git' for
  a set of repos. A furter improvement would be to define e.g.
  $CGIT_REPO_SUFFIX to '.git' for all repos which had their url prettified,
  or to store the original $CGIT_REPO_URL in e.g. $CGIT_REPO_REAL_URL before
  suffix removal.

Reviewed-by: Ferry Huberts <mailings@hupie.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13 23:04:30 +00:00
Lars Hjemli
b88cda6e5b cgitrc.5.txt: reformat the "FILTER API" section
This patch makes the generated man-page for the filer api section more
similar to the other sections. Also, the bulleted list of environment
variables wasn't rendered correctly (with asciidoc 8.5.2), without an
empty line before the first item.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13 22:34:13 +00:00
Lars Hjemli
859d106d5e Merge branch 'stable'
Conflicts:
	cgitrc.5.txt
2011-06-13 22:02:02 +00:00
Lars Hjemli
ef13e5eafe cgitrc.5.txt: describe macro expansion of cgitrc options
This is a new feature in cgit-0.9 which was formerly undocumented.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13 21:59:50 +00:00
Lars Hjemli
ab350a77b1 Merge branch 'fh/filter-api'
Conflicts:
	cgit.c
2011-05-23 23:28:38 +02:00
Lars Hjemli
4837fddc35 Merge branch 'dm/disable-clone' 2011-05-14 20:00:33 +02:00
Julius Plenz
facca560d9 Add advice about scan-path in cgitrc.5.txt
Signed-off-by: Julius Plenz <plenz@cis.fu-berlin.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-26 15:21:07 +01:00