On Saturday 07 July 2007 10:53:49 seth vidal wrote:
yes, it includes those. I don't think we should be running cgis
of any
sort. They eat ram and expose us to more risk, don't they?
There is some exposure yes. Something we have to evaluate. Being able to
have people easily host/share source control is a nice thing to have. Just
ask some people at Red Hat how "fun" it has been to deal with
people.redhat.com and it's ancient OS with no on the box tools.
> > 4. essentially this box will be for rsync/scp/sftp of files
to a place
> > where everyone can get to. Is there any other package that should be on
> > here?
>
> git would be nice, with the git server setup so that people can easily
> sync up a git repo to there or push via ssh to there and other people can
> get to it with git://
>
> Hg is harder and maybe not possible.
Isn't the above what rsync is for?
For getting content onto the system that's one rather inefficient way for
scms. Since git/hg can both work over ssh, it's /far/ more efficient and
easy to just push via ssh to a directory in your webspace. For other users
to then get access to the files, rsync does not work. You'll want http
access, and really preferably git:// access for the git stuff.
I guess I'm inclined to not have any
scm - this is just a big box which serves files, statically, and does
not open us up to that many attack vectors.
More and more the stuff I find myself chucking at public web space is not
patches, but clones of distributed scm repos with my changes applied so that
the upstream can just pull from my repo instead of doing a patch dance. If
we're going to provide a service, lets try to make it as useful as possible.
Note that none of the above should require the ability to actually log into
the box, just access it remotely.
--
Jesse Keating
Release Engineer: Fedora