Re: [PATCH] gnu: services: Add git-service.

[ng0]

address@hidden (宋文武) writes:

> ng0 <address@hidden> writes:
>
>>> [...]
>>> +
>>> address@hidden {Data Type} git-daemon-configuration
>>> +Data type representing the configuration of git-demon.
>>
>> Typo, it should be "git-daemon".
>>
>
> OK.
>>> +
>>> address@hidden @asis
>>> address@hidden @code{package} (default: @var{git})
>>> +Package object of the Git distributed version control system.
>>> +
>>> address@hidden @code{export-all?} (default: @var{#f})
>>> +Whether to allow access for all Git repositories, even if they do not
>>> +have the @file{git-daemon-export-ok} file.
>>> +
>>> address@hidden @code{base-path} (default: @file{/srv/git})
>>
>> Why /srv ? Will the other services (mail, web, etc) use /srv
>> aswell or do they use /var ? I used /var/git because of /var/www
>> and iirc this is also in the upstream documentation.
>>
>
> it's for serving files to public, our nginx-service use '/srv/http' too.

That's okay for me then.

>> [...]
>>
>> Ah, nice. So you basically ended up with what I wanted in the
>> first revision of the git-service.
>> Documentation looks good to me except this one question about
>> location, and the one typo.
>
> Cool, thanks for your work and feedback!
>
>>> [...]
>>> +(define %git-daemon-accounts
>>> +  ;; User account and group for git-daemon.
>>> +  (list (user-group
>>> +         (name "git-daemon")
>>> +         (system? #t))
>>> +        (user-account
>>> +         (name "git-daemon")
>>> +         (system? #t)
>>> +         (group "git-daemon")
>>> +         (comment "Git daemon user")
>>> +         (home-directory "/var/empty")
>>> +         (shell (file-append shadow "/sbin/nologin")))))
>>
>> Why? I think it should have a home (/var/git (or whereever else))
>> and use the git-shell so that the ssh functionality is enabled,
>> which can be used for minimal servers, so you don't actually need
>> to add the git account.
>> It's also expected that the name is "git" for this reason and not
>> "git-daemon".
>> iirc this affects more software than just git-daemon, every scm
>> which does not ship its own git daemon uses "git-daemon" by git
>> upstream. It's reasonable not to break with expectations (and
>> keep the name short) and give it the name "git", group-name could
>> be anything though.
>>
>
> Um, the git-daemon really has nothing to do with git-shell and ssh
> access.  If I have ssh service running, I can access all the
> repositories the login user can access without git-daemon.  If I want
> annoymous ssh access, I can add a 'git' user using 'git-shell', which
> rely the exist ssh service, so I leave it..  hope it make sense.
>
>
> Thanks!
>

Okay, I can understand this. If there should be the need to
change this, we can always apply it later.

Looks good to me, just the one typo which can be fixed before
applying. I will build a vm with this later to verify that it
works, but in theory it should just work.

-- 
♥Ⓐ  ng0  | ng0.chaosnet.org