Mercurial Mercurial > repos > isabelle / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
removed obsolete material: already covered by documentation or tools;
authorwenzelm
Wed, 13 Nov 2019 17:34:35 +0100
changeset 71110 070a9b62f44a
parent 71109 8c1c717a830b
child 71111 cd166c3904dd
removed obsolete material: already covered by documentation or tools;
Admin/Phabricator/README file | annotate | diff | comparison | revisions
Admin/Phabricator/phd/phd-phabricator.service file | annotate | diff | comparison | revisions
Admin/Phabricator/ssh/ssh-hook file | annotate | diff | comparison | revisions
Admin/Phabricator/ssh/sshd-phabricator.service file | annotate | diff | comparison | revisions
Admin/Phabricator/ssh/sshd_config.phabricator file | annotate | diff | comparison | revisions
Admin/Phabricator/ssh/sudoers.d/phabricator file | annotate | diff | comparison | revisions 
--- a/Admin/Phabricator/README	Wed Nov 13 17:33:59 2019 +0100
+++ b/Admin/Phabricator/README	Wed Nov 13 17:34:35 2019 +0100
@@ -8,40 +8,10 @@
 - Configuration / Authentication:
   https://secure.phabricator.com/book/phabricator/article/configuring_accounts_and_registration
 
-  . only local User/Password, *not* Google, Github etc.
   . auth.require-email-verification true
 
   . policy.allow-public true
 
-- Configuration/SSH:
-  https://secure.phabricator.com/book/phabricator/article/diffusion_hosting
-
-  /etc/ssh/sshd_config:
-  Port 222
-
-  /etc/passwd:
-  phabricator:x:118:126::/home/phabricator:/bin/bash
-  vcs:x:119:125::/home/vcs:/bin/bash
-
-  /etc/group:
-  phabricator:x:126:
-  vcs:x:125:
-
-  $ cp ssh/ssh-hook /usr/local/bin/.
-  $ cp ssh/sshd_config.phabricator /etc/ssh/.
-  $ cp ssh/sshd-phabricator.service /lib/systemd/system/.
-  $ cp ssh/sudoers.d/phabricator /etc/sudoers.d/.
-
-  $ ./bin/config set phd.user phabricator
-  $ ./bin/config set diffusion.ssh-user vcs
-  $ ./bin/config set diffusion.ssh-port 22
-
-  $ systemctl enable sshd-phabricator
-  $ systemctl start sshd-phabricator
-
-  Test on local machine:
-  $ echo "{}" | ssh vcs@phabricator.sketis.net conduit conduit.ping
-
 - Update:
   https://secure.phabricator.com/book/phabricator/article/upgrading
 
@@ -49,7 +19,7 @@
 
 - Documentation:
   /var/www/phabricator-vcs/libphutil/scripts/build_xhpast.php
-  ./bin/diviner generate
+  ./bin/diviner generate  #slow
 
 - Backup:
   https://secure.phabricator.com/book/phabricator/article/configuring_backups
--- a/Admin/Phabricator/phd/phd-phabricator.service	Wed Nov 13 17:33:59 2019 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-[Unit]
-Description=PHP daemon (Phabricator)
-After=syslog.target network.target apache2.service mysql.service
-
-[Service]
-Type=oneshot
-User=phabricator
-Group=phabricator
-Environment=PATH=/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin
-ExecStart=/var/www/phabricator/phabricator/bin/phd start
-ExecStop=/var/www/phabricator/phabricator/bin/phd stop
-RemainAfterExit=yes
-
-[Install]
-WantedBy=multi-user.target
--- a/Admin/Phabricator/ssh/ssh-hook	Wed Nov 13 17:33:59 2019 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-#!/bin/sh
-
-# NOTE: Replace this with the username that you expect users to connect with.
-VCSUSER="vcs"
-
-# NOTE: Replace this with the path to your Phabricator directory.
-ROOT="/var/www/phabricator/phabricator"
-
-if [ "$1" != "$VCSUSER" ];
-then
-  exit 1
-fi
-
-exec "$ROOT/bin/ssh-auth" $@
--- a/Admin/Phabricator/ssh/sshd-phabricator.service	Wed Nov 13 17:33:59 2019 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[Unit]
-Description=OpenBSD Secure Shell server (Phabricator)
-After=network.target auditd.service
-ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
-
-[Service]
-EnvironmentFile=-/etc/default/ssh
-ExecStartPre=/usr/sbin/sshd -f /etc/ssh/sshd_config.phabricator -t
-ExecStart=/usr/sbin/sshd -f /etc/ssh/sshd_config.phabricator -D $SSHD_OPTS
-ExecReload=/usr/sbin/sshd -f /etc/ssh/sshd_config.phabricator -t
-ExecReload=/bin/kill -HUP $MAINPID
-KillMode=process
-Restart=on-failure
-RestartPreventExitStatus=255
-Type=notify
-RuntimeDirectory=sshd-phabricator
-RuntimeDirectoryMode=0755
-
-[Install]
-WantedBy=multi-user.target
-Alias=sshd-phabricator.service
--- a/Admin/Phabricator/ssh/sshd_config.phabricator	Wed Nov 13 17:33:59 2019 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-# NOTE: You must have OpenSSHD 6.2 or newer; support for AuthorizedKeysCommand
-# was added in this version.
-
-# NOTE: Edit these to the correct values for your setup.
-
-AuthorizedKeysCommand /usr/local/bin/ssh-hook
-AuthorizedKeysCommandUser vcs
-AllowUsers vcs
-
-# You may need to tweak these options, but mostly they just turn off everything
-# dangerous.
-
-Port 22
-Protocol 2
-PermitRootLogin no
-AllowAgentForwarding no
-AllowTcpForwarding no
-PrintMotd no
-PrintLastLog no
-PasswordAuthentication no
-ChallengeResponseAuthentication no
-AuthorizedKeysFile none
-
-PidFile /var/run/sshd-phabricator.pid
--- a/Admin/Phabricator/ssh/sudoers.d/phabricator	Wed Nov 13 17:33:59 2019 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,2 +0,0 @@
-www-data ALL=(phabricator) SETENV: NOPASSWD: /usr/bin/git, /usr/bin/hg, /usr/bin/ssh, /usr/bin/id
-vcs ALL=(phabricator) SETENV: NOPASSWD: /usr/bin/git, /usr/bin/git-upload-pack, /usr/bin/git-receive-pack, /usr/bin/hg, /usr/bin/svnserve, /usr/bin/ssh, /usr/bin/id
isabelle