Fossil SCM
Renamed www/server/openbsd/httpd.md to fastcgi.md and added the "FastCGI" column to the "Activation Tutorials" table on the main server index page. Made the fonts narrower in that table as a consequence, to keep the table from wrapping. The rename is necessary because the doc doesn't tell how to do HTTP proxying of "fossil server" as all the peer pages in that column do. If such a tutorial for OpenBSD *were* written, it might then be openbsd/httpd.md.
Commit
62ec4100c616770d5c435cdc5bcac668ec3ef8a2507fa1fc96ca3c0fc4d849c3
Parent
a447df702140df5…
3 files changed
+11
-1
-195
+11
-1
| --- www/server/index.html | ||
| +++ www/server/index.html | ||
| @@ -36,17 +36,21 @@ | ||
| 36 | 36 | overflow: hidden; |
| 37 | 37 | } |
| 38 | 38 | |
| 39 | 39 | th.fep { |
| 40 | 40 | background-color: #e8e8e8; |
| 41 | + font-family: "Helvetica Neue", "Arial Narrow", "Myriad Pro", "Avenir Next Condensed"; | |
| 42 | + font-stretch: condensed; | |
| 41 | 43 | min-width: 3em; |
| 42 | 44 | padding: 0.4em; |
| 43 | 45 | white-space: nowrap; |
| 44 | 46 | } |
| 45 | 47 | |
| 46 | 48 | th.host { |
| 47 | 49 | background-color: #e8e8e8; |
| 50 | + font-family: "Helvetica Neue", "Arial Narrow", "Myriad Pro", "Avenir Next Condensed"; | |
| 51 | + font-stretch: condensed; | |
| 48 | 52 | padding: 0.4em; |
| 49 | 53 | text-align: right; |
| 50 | 54 | } |
| 51 | 55 | |
| 52 | 56 | td.doc { |
| @@ -197,10 +201,11 @@ | ||
| 197 | 201 | <th class="fep">direct</th> |
| 198 | 202 | <th class="fep">inetd</th> |
| 199 | 203 | <th class="fep">stunnel</th> |
| 200 | 204 | <th class="fep">CGI</th> |
| 201 | 205 | <th class="fep">SCGI</th> |
| 206 | + <th class="fep">FastCGI</th> | |
| 202 | 207 | <th class="fep">althttpd</th> |
| 203 | 208 | <th class="fep">proxy</th> |
| 204 | 209 | <th class="fep">service</th> |
| 205 | 210 | </tr> |
| 206 | 211 | |
| @@ -209,10 +214,11 @@ | ||
| 209 | 214 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 210 | 215 | <td class="doc"><a href="any/inetd.md">✅</a></td> |
| 211 | 216 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 212 | 217 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 213 | 218 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 219 | + <td class="doc">❌</td> | |
| 214 | 220 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 215 | 221 | <td class="doc">❌</td> |
| 216 | 222 | <td class="doc">❌</td> |
| 217 | 223 | </tr> |
| 218 | 224 | |
| @@ -221,10 +227,11 @@ | ||
| 221 | 227 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 222 | 228 | <td class="doc"><a href="any/inetd.md">✅</a></td> |
| 223 | 229 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 224 | 230 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 225 | 231 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 232 | + <td class="doc">❌</td> | |
| 226 | 233 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 227 | 234 | <td class="doc"><a href="debian/nginx.md">✅</a></td> |
| 228 | 235 | <td class="doc"><a href="debian/service.md">✅</a></td> |
| 229 | 236 | </tr> |
| 230 | 237 | |
| @@ -233,10 +240,11 @@ | ||
| 233 | 240 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 234 | 241 | <td class="doc">❌</td> |
| 235 | 242 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 236 | 243 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 237 | 244 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 245 | + <td class="doc">❌</td> | |
| 238 | 246 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 239 | 247 | <td class="doc">❌</td> |
| 240 | 248 | <td class="doc"><a href="macos/service.md">✅</a></td> |
| 241 | 249 | </tr> |
| 242 | 250 | |
| @@ -245,21 +253,23 @@ | ||
| 245 | 253 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 246 | 254 | <td class="doc">❌</td> |
| 247 | 255 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 248 | 256 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 249 | 257 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 258 | + <td class="doc"><a href="openbsd/fastcgi.md">✅</a></td> | |
| 250 | 259 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 251 | - <td class="doc"><a href="openbsd/httpd.md">✅</a></td> | |
| 260 | + <td class="doc">❌</td> | |
| 252 | 261 | <td class="doc">❌</td> |
| 253 | 262 | </tr> |
| 254 | 263 | |
| 255 | 264 | <tr> |
| 256 | 265 | <th class="host"><a href="windows/">Windows</a></th> |
| 257 | 266 | <td class="doc"><a href="windows/none.md">✅</a></td> |
| 258 | 267 | <td class="doc">❌</td> |
| 259 | 268 | <td class="doc"><a href="windows/stunnel.md">✅</a></td> |
| 260 | 269 | <td class="doc"><a href="windows/cgi.md">✅</a></td> |
| 270 | + <td class="doc">❌</td> | |
| 261 | 271 | <td class="doc">❌</td> |
| 262 | 272 | <td class="doc">❌</td> |
| 263 | 273 | <td class="doc"><a href="windows/iis.md">✅</a></td> |
| 264 | 274 | <td class="doc"><a href="windows/service.md">✅</a></td> |
| 265 | 275 | </tr> |
| 266 | 276 | |
| 267 | 277 | ADDED www/server/openbsd/fastcgi.md |
| 268 | 278 | DELETED www/server/openbsd/httpd.md |
| --- www/server/index.html | |
| +++ www/server/index.html | |
| @@ -36,17 +36,21 @@ | |
| 36 | overflow: hidden; |
| 37 | } |
| 38 | |
| 39 | th.fep { |
| 40 | background-color: #e8e8e8; |
| 41 | min-width: 3em; |
| 42 | padding: 0.4em; |
| 43 | white-space: nowrap; |
| 44 | } |
| 45 | |
| 46 | th.host { |
| 47 | background-color: #e8e8e8; |
| 48 | padding: 0.4em; |
| 49 | text-align: right; |
| 50 | } |
| 51 | |
| 52 | td.doc { |
| @@ -197,10 +201,11 @@ | |
| 197 | <th class="fep">direct</th> |
| 198 | <th class="fep">inetd</th> |
| 199 | <th class="fep">stunnel</th> |
| 200 | <th class="fep">CGI</th> |
| 201 | <th class="fep">SCGI</th> |
| 202 | <th class="fep">althttpd</th> |
| 203 | <th class="fep">proxy</th> |
| 204 | <th class="fep">service</th> |
| 205 | </tr> |
| 206 | |
| @@ -209,10 +214,11 @@ | |
| 209 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 210 | <td class="doc"><a href="any/inetd.md">✅</a></td> |
| 211 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 212 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 213 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 214 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 215 | <td class="doc">❌</td> |
| 216 | <td class="doc">❌</td> |
| 217 | </tr> |
| 218 | |
| @@ -221,10 +227,11 @@ | |
| 221 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 222 | <td class="doc"><a href="any/inetd.md">✅</a></td> |
| 223 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 224 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 225 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 226 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 227 | <td class="doc"><a href="debian/nginx.md">✅</a></td> |
| 228 | <td class="doc"><a href="debian/service.md">✅</a></td> |
| 229 | </tr> |
| 230 | |
| @@ -233,10 +240,11 @@ | |
| 233 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 234 | <td class="doc">❌</td> |
| 235 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 236 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 237 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 238 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 239 | <td class="doc">❌</td> |
| 240 | <td class="doc"><a href="macos/service.md">✅</a></td> |
| 241 | </tr> |
| 242 | |
| @@ -245,21 +253,23 @@ | |
| 245 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 246 | <td class="doc">❌</td> |
| 247 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 248 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 249 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 250 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 251 | <td class="doc"><a href="openbsd/httpd.md">✅</a></td> |
| 252 | <td class="doc">❌</td> |
| 253 | </tr> |
| 254 | |
| 255 | <tr> |
| 256 | <th class="host"><a href="windows/">Windows</a></th> |
| 257 | <td class="doc"><a href="windows/none.md">✅</a></td> |
| 258 | <td class="doc">❌</td> |
| 259 | <td class="doc"><a href="windows/stunnel.md">✅</a></td> |
| 260 | <td class="doc"><a href="windows/cgi.md">✅</a></td> |
| 261 | <td class="doc">❌</td> |
| 262 | <td class="doc">❌</td> |
| 263 | <td class="doc"><a href="windows/iis.md">✅</a></td> |
| 264 | <td class="doc"><a href="windows/service.md">✅</a></td> |
| 265 | </tr> |
| 266 | |
| 267 | DDED www/server/openbsd/fastcgi.md |
| 268 | ELETED www/server/openbsd/httpd.md |
| --- www/server/index.html | |
| +++ www/server/index.html | |
| @@ -36,17 +36,21 @@ | |
| 36 | overflow: hidden; |
| 37 | } |
| 38 | |
| 39 | th.fep { |
| 40 | background-color: #e8e8e8; |
| 41 | font-family: "Helvetica Neue", "Arial Narrow", "Myriad Pro", "Avenir Next Condensed"; |
| 42 | font-stretch: condensed; |
| 43 | min-width: 3em; |
| 44 | padding: 0.4em; |
| 45 | white-space: nowrap; |
| 46 | } |
| 47 | |
| 48 | th.host { |
| 49 | background-color: #e8e8e8; |
| 50 | font-family: "Helvetica Neue", "Arial Narrow", "Myriad Pro", "Avenir Next Condensed"; |
| 51 | font-stretch: condensed; |
| 52 | padding: 0.4em; |
| 53 | text-align: right; |
| 54 | } |
| 55 | |
| 56 | td.doc { |
| @@ -197,10 +201,11 @@ | |
| 201 | <th class="fep">direct</th> |
| 202 | <th class="fep">inetd</th> |
| 203 | <th class="fep">stunnel</th> |
| 204 | <th class="fep">CGI</th> |
| 205 | <th class="fep">SCGI</th> |
| 206 | <th class="fep">FastCGI</th> |
| 207 | <th class="fep">althttpd</th> |
| 208 | <th class="fep">proxy</th> |
| 209 | <th class="fep">service</th> |
| 210 | </tr> |
| 211 | |
| @@ -209,10 +214,11 @@ | |
| 214 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 215 | <td class="doc"><a href="any/inetd.md">✅</a></td> |
| 216 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 217 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 218 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 219 | <td class="doc">❌</td> |
| 220 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 221 | <td class="doc">❌</td> |
| 222 | <td class="doc">❌</td> |
| 223 | </tr> |
| 224 | |
| @@ -221,10 +227,11 @@ | |
| 227 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 228 | <td class="doc"><a href="any/inetd.md">✅</a></td> |
| 229 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 230 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 231 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 232 | <td class="doc">❌</td> |
| 233 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 234 | <td class="doc"><a href="debian/nginx.md">✅</a></td> |
| 235 | <td class="doc"><a href="debian/service.md">✅</a></td> |
| 236 | </tr> |
| 237 | |
| @@ -233,10 +240,11 @@ | |
| 240 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 241 | <td class="doc">❌</td> |
| 242 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 243 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 244 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 245 | <td class="doc">❌</td> |
| 246 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 247 | <td class="doc">❌</td> |
| 248 | <td class="doc"><a href="macos/service.md">✅</a></td> |
| 249 | </tr> |
| 250 | |
| @@ -245,21 +253,23 @@ | |
| 253 | <td class="doc"><a href="any/none.md">✅</a></td> |
| 254 | <td class="doc">❌</td> |
| 255 | <td class="doc"><a href="any/stunnel.md">✅</a></td> |
| 256 | <td class="doc"><a href="any/cgi.md">✅</a></td> |
| 257 | <td class="doc"><a href="any/scgi.md">✅</a></td> |
| 258 | <td class="doc"><a href="openbsd/fastcgi.md">✅</a></td> |
| 259 | <td class="doc"><a href="any/althttpd.md">✅</a></td> |
| 260 | <td class="doc">❌</td> |
| 261 | <td class="doc">❌</td> |
| 262 | </tr> |
| 263 | |
| 264 | <tr> |
| 265 | <th class="host"><a href="windows/">Windows</a></th> |
| 266 | <td class="doc"><a href="windows/none.md">✅</a></td> |
| 267 | <td class="doc">❌</td> |
| 268 | <td class="doc"><a href="windows/stunnel.md">✅</a></td> |
| 269 | <td class="doc"><a href="windows/cgi.md">✅</a></td> |
| 270 | <td class="doc">❌</td> |
| 271 | <td class="doc">❌</td> |
| 272 | <td class="doc">❌</td> |
| 273 | <td class="doc"><a href="windows/iis.md">✅</a></td> |
| 274 | <td class="doc"><a href="windows/service.md">✅</a></td> |
| 275 | </tr> |
| 276 | |
| 277 | DDED www/server/openbsd/fastcgi.md |
| 278 | ELETED www/server/openbsd/httpd.md |
No diff available
D
www/server/openbsd/httpd.md
-195
| --- a/www/server/openbsd/httpd.md | ||
| +++ b/www/server/openbsd/httpd.md | ||
| @@ -1,195 +0,0 @@ | ||
| 1 | -# Serving via httpd on OpenBSD | |
| 2 | - | |
| 3 | -[`httpd`][httpd] is the default web server that is included in the base | |
| 4 | -install on OpenBSD. It's minimal and lightweight but secure and capable, | |
| 5 | -and provides a clean interface for setting up a Fossil server using | |
| 6 | -FastCGI. | |
| 7 | - | |
| 8 | -This article will detail the steps required to setup a TLS-enabled | |
| 9 | -`httpd` configuration that serves multiple Fossil repositories out of | |
| 10 | -a single directory within a chroot, and allow `ssh` access to create | |
| 11 | -new repositories remotely. | |
| 12 | - | |
| 13 | -**NOTE:** The following instructions assume an OpenBSD 6.7 installation. | |
| 14 | - | |
| 15 | -[httpd]: https://www.openbsd.org/papers/httpdnamesiabsdcon2015.pdf | |
| 16 | - | |
| 17 | -## <a id="fslinstall"></a>Installil, making sure | |
| 18 | -to select | |
| 19 | -upon which `/vsil, making sure | |
| 20 | -to select the statically linked binary. | |
| 21 | - | |
| 22 | -```console | |
| 23 | - $ doas pkg_add fossil | |
| 24 | - sole | |
| 25 | -$ doass pkg_a Ambiguous: choos 0: <None> | |
| 26 | - 1: fossil-2.10v0 | |
| 27 | - > | |
| 28 | - 1: fossil-2.10v0 | |
| 29 | - Your choice: 2 | |
| 30 | - fossil-2.10v0-static: ok | |
| 31 | -``` | |
| 32 | - | |
| 33 | -This installs Fossil into the chroot. To facilitate local use, create a | |
| 34 | -symbolic link of the fossil executable into `/u $ doas ln -s /var/www/bin/fossil /usr/local/bin/fossil | |
| 35 | -``` | |
| 36 | - | |
| 37 | -As a privileged user, create the file `/var/www/cgi-bin/scm` with the | |
| 38 | -following contents to make the CGI script that `httpd` will execute in | |
| 39 | -response to `fsl.domain.tld` requests; all paths are relative to the #!/bin/fossil | |
| 40 | - root. | |
| 41 | - | |
| 42 | -```sh | |
| 43 | -#!/bin/fossil | |
| 44 | -directo notfound: https://domain.tld | |
| 45 | - repolist | |
| 46 | - errorlog: /logs/fossil.log | |
| 47 | - $ doas var/www/dev` with [`mount_mfs(8)`][mfs] so that the `random` and | |
| 48 | -`null` device files can be created. In order to avoieate a tename tree to automatically populate the memory | |
| 49 | -filesystem. | |
| 50 | - | |
| 51 | -```console | |
| 52 | - $ doas mkdir /var/www/dev | |
| 53 | - ce: 2 | |
| 54 | -fossil-2. $ cd /template/dev | |
| 55 | - the chroot. To facilitate l link of the fossil executable # Serving via httpd on OpenB/www/bin/fossil /usr/local/b ged user, create the file `/var/www/cgi-bin/scm` with the | |
| 56 | -following c ontents to make the CGI script that `httpd` will execute in | |
| 57 | -response to `fsl.domain.tld` requests; all paths are relative to the | |
| 58 | -`/var/www` chroot. | |
| 59 | - | |
| 60 | -```sh | |
| 61 | -#!/bin/fossil | |
| 62 | -directory: /htdocs/fsl.domain.tld | |
| 63 | -notfound: https://domain.tld | |
| 64 | -repolist | |
| 65 | -errorlog: /logs/fossil.log | |
| 66 | -``` | |
| 67 | - | |
| 68 | -The `directory l to serve all repositories | |
| 69 | -found in `/var/www/htdocs/fsl.domain.tld`, while `errorlog` sets logging | |
| 70 | -to be saved to `/var/www/logs/fossil.log`; create the repository | |
| 71 | -directory and log file—making the latter owned by the `www` user, and | |
| 72 | -the script executable. | |
| 73 | - | |
| 74 | -```console | |
| 75 | -$ doas mkdir /var/www/htdocs/fsl.domain.tld | |
| 76 | -$ doas touch /var/www/logs/foss as touch /var/www/logs/fossil chmod 660 /var/www/logs/fossil.log | |
| 77 | -$ doas chmod 755 /var/www/cgi-bin/scm | |
| 78 | -``` | |
| 79 | - | |
| 80 | -## <a id="chroot"></a>Setup chroot | |
| 81 | - | |
| 82 | -Fossil needs both `/dev/random` and `/dev/null`, which aren't accessible | |
| 83 | -from within the chroot, so need to be constructed; `/var`, however, is | |
| 84 | -mounted with the `nodev` option. Rather than removing this default | |
| 85 | -setting, create a small memory filesystem and then mount it on to | |
| 86 | -`/var/www/dev` with [`mount_mfs(8)`][mfs] so that the `random` and | |
| 87 | -`null` device files can be created. In order to avoid necessitating a | |
| 88 | -startup script to recreate the device files at boot, create a template | |
| 89 | -of the needed ``/dev`` tree to automatically populate the memo server "fsl.domain.tld" { | |
| 90 | - lis root "/ 5 eeds both `/dev/random` and `/ight but secure an# Serving via httpd on OpenBSD | |
| 91 | - | |
| 92 | -[`httpd`][httpd] is the default web server that is included in the base | |
| 93 | -install on OpenBSD. It's minimal and lightweight but secure and capable, | |
| 94 | -and provides a clean interface for setting up a Fossil server using | |
| 95 | -FastCGI. | |
| 96 | - | |
| 97 | -This article will detail the steps required to setup a TLS-enabled | |
| 98 | -`httpd` configuration that serves multiple Fossil repositories out of | |
| 99 | -a single directory within a chroot, and allow `ssh` access to create | |
| 100 | -new repositories remotely. | |
| 101 | - | |
| 102 | -**NOTE:** The following instructions assume an OpenBSD 6.7 installation. | |
| 103 | - | |
| 104 | -[httpd]: https://www.openbsd.org/papers/httpdnamesiabsdcon2015.pdf | |
| 105 | - | |
| 106 | -## <a id="fslinstall"></a>Install Fossil | |
| 107 | - | |
| 108 | -Use the OpenBSD package manager `pkg_add` to install Fossil, making sure | |
| 109 | -to select the statically linked binary. | |
| 110 | - | |
| 111 | -```console | |
| 112 | - $ doas pkg_add fossil | |
| 113 | - sole | |
| 114 | -$ doas pkg_a Ambiguous: choos 0: <None> | |
| 115 | - 1: fossil-2.10v0 | |
| 116 | - > | |
| 117 | - 1: fossil-2.10v0 | |
| 118 | - Your choice: 2 | |
| 119 | - fossil-2.10v0-static: ok | |
| 120 | -``` | |
| 121 | - | |
| 122 | -This installs Fossil into the chroot. To facilitate local use, create a | |
| 123 | -symbolic link of the fossil executable into `/u $ doas ln -s /var/www/bin/fossil /usr/local/bin/fossil | |
| 124 | -``` | |
| 125 | - | |
| 126 | -As a privileged user, create the file `/var/www/cgi-bin/scm` with the | |
| 127 | -following contents to make the CGI script that `httpd` will execute in | |
| 128 | -response to `fsl.domain.tld` requests; all paths are relative to the #!/bin/fossil | |
| 129 | - root. | |
| 130 | - | |
| 131 | -```sh | |
| 132 | -#!/bin/fossil | |
| 133 | -directo notfound: https://domain.tld | |
| 134 | - repolist | |
| 135 | - errorlog: /logs/fossil.log | |
| 136 | - $ doas mkdir /var $ doas touc h /var/www/logs $ doas chmod 66 $ doas chmod 755 /var/www/cgi-bin/scm | |
| 137 | -``` | |
| 138 | - | |
| 139 | -## <a id="chroot"></a>Setup chroot | |
| 140 | - | |
| 141 | -Fossil needs both `/dev/random` and `/dev/null`, which aren't accessible | |
| 142 | -from within the chroot, so neede # Serving via httpd on OpenB/www/bin/fossil /usr/local/b ged user, create the file `/var/www/cgi-bin/scm` with the | |
| 143 | -following c ontents to make the CGI script that `httpd` will execute in | |
| 144 | -response to `fsl.domain. Serving via httpd on OpenBSD | |
| 145 | - | |
| 146 | -[`httpd`][httpd] is the default web server that is included in the base | |
| 147 | -install on OpenBSD. It's minimal and lightweight but secure and capable, | |
| 148 | -and provides a clean interface for setting up a Fossil server using | |
| 149 | -FastCGI. | |
| 150 | - | |
| 151 | -This article will detail the steps required to setup a TLS-enabled | |
| 152 | -`httpd` configuration that serves multiple Fossil repositories out of | |
| 153 | -a single directory within a chroot, and allow `ssh` access to create | |
| 154 | -new repositories remotely. | |
| 155 | - | |
| 156 | -**NOTE:** The following instructions assume an OpenBSD 6.7 installation. | |
| 157 | - | |
| 158 | -[httpd]: https://www.openbsd.org/papers/httpdnamesiabsdcon2015.pdf | |
| 159 | - | |
| 160 | -## <a id="fslinstall"></a>Install Fossil | |
| 161 | - | |
| 162 | -Use the OpenBSD package manager `pkg_add` to install Fossil, making sure | |
| 163 | -to select the statically linked binary. | |
| 164 | - | |
| 165 | -```console | |
| 166 | - $ doas pkg_add fossil | |
| 167 | - sole | |
| 168 | -$ doass pkg_a Ambiguous: choos 0: <None> | |
| 169 | - 1: fossil-2.10v0 | |
| 170 | - > | |
| 171 | - 1: fossil-2.10v0 | |
| 172 | - Your choice: 2 | |
| 173 | - fossil-2.10v0-static: ok | |
| 174 | -``` | |
| 175 | - | |
| 176 | -This installs Fossil into the chroot. To facilitate local use, create a | |
| 177 | -symbolic link of the fossil executable into `/u $ doas ln -s /var/www/bin/fossil /usr/local/bin/fossil | |
| 178 | -``` | |
| 179 | - | |
| 180 | -As a privileged user, create the file `/var/www/cgi-bin/scm` with the | |
| 181 | -following contents to make the CGI script that `httpd` will execute in | |
| 182 | -response to `fsl.domain.tld` requests; all paths are relative to the #!/bin/fossil | |
| 183 | - root. | |
| 184 | - | |
| 185 | -```sh | |
| 186 | -#!/bin/fossil | |
| 187 | -directo notfound: https://domain.tld | |
| 188 | - repolist | |
| 189 | - errorlog: /logs/fossil.log | |
| 190 | - $ doas mkdir /var $ doas touc h /var/www/logs $ doas chmod 66 $ doas chmod 755 /var/www/cgi-bin/scm | |
| 191 | -``` | |
| 192 | - | |
| 193 | -## <a id="chroot"></a>Setup chroot | |
| 194 | - | |
| 195 | -Fossil needs both `/dev/random` and |
| --- a/www/server/openbsd/httpd.md | |
| +++ b/www/server/openbsd/httpd.md | |
| @@ -1,195 +0,0 @@ | |
| 1 | # Serving via httpd on OpenBSD |
| 2 | |
| 3 | [`httpd`][httpd] is the default web server that is included in the base |
| 4 | install on OpenBSD. It's minimal and lightweight but secure and capable, |
| 5 | and provides a clean interface for setting up a Fossil server using |
| 6 | FastCGI. |
| 7 | |
| 8 | This article will detail the steps required to setup a TLS-enabled |
| 9 | `httpd` configuration that serves multiple Fossil repositories out of |
| 10 | a single directory within a chroot, and allow `ssh` access to create |
| 11 | new repositories remotely. |
| 12 | |
| 13 | **NOTE:** The following instructions assume an OpenBSD 6.7 installation. |
| 14 | |
| 15 | [httpd]: https://www.openbsd.org/papers/httpdnamesiabsdcon2015.pdf |
| 16 | |
| 17 | ## <a id="fslinstall"></a>Installil, making sure |
| 18 | to select |
| 19 | upon which `/vsil, making sure |
| 20 | to select the statically linked binary. |
| 21 | |
| 22 | ```console |
| 23 | $ doas pkg_add fossil |
| 24 | sole |
| 25 | $ doass pkg_a Ambiguous: choos 0: <None> |
| 26 | 1: fossil-2.10v0 |
| 27 | > |
| 28 | 1: fossil-2.10v0 |
| 29 | Your choice: 2 |
| 30 | fossil-2.10v0-static: ok |
| 31 | ``` |
| 32 | |
| 33 | This installs Fossil into the chroot. To facilitate local use, create a |
| 34 | symbolic link of the fossil executable into `/u $ doas ln -s /var/www/bin/fossil /usr/local/bin/fossil |
| 35 | ``` |
| 36 | |
| 37 | As a privileged user, create the file `/var/www/cgi-bin/scm` with the |
| 38 | following contents to make the CGI script that `httpd` will execute in |
| 39 | response to `fsl.domain.tld` requests; all paths are relative to the #!/bin/fossil |
| 40 | root. |
| 41 | |
| 42 | ```sh |
| 43 | #!/bin/fossil |
| 44 | directo notfound: https://domain.tld |
| 45 | repolist |
| 46 | errorlog: /logs/fossil.log |
| 47 | $ doas var/www/dev` with [`mount_mfs(8)`][mfs] so that the `random` and |
| 48 | `null` device files can be created. In order to avoieate a tename tree to automatically populate the memory |
| 49 | filesystem. |
| 50 | |
| 51 | ```console |
| 52 | $ doas mkdir /var/www/dev |
| 53 | ce: 2 |
| 54 | fossil-2. $ cd /template/dev |
| 55 | the chroot. To facilitate l link of the fossil executable # Serving via httpd on OpenB/www/bin/fossil /usr/local/b ged user, create the file `/var/www/cgi-bin/scm` with the |
| 56 | following c ontents to make the CGI script that `httpd` will execute in |
| 57 | response to `fsl.domain.tld` requests; all paths are relative to the |
| 58 | `/var/www` chroot. |
| 59 | |
| 60 | ```sh |
| 61 | #!/bin/fossil |
| 62 | directory: /htdocs/fsl.domain.tld |
| 63 | notfound: https://domain.tld |
| 64 | repolist |
| 65 | errorlog: /logs/fossil.log |
| 66 | ``` |
| 67 | |
| 68 | The `directory l to serve all repositories |
| 69 | found in `/var/www/htdocs/fsl.domain.tld`, while `errorlog` sets logging |
| 70 | to be saved to `/var/www/logs/fossil.log`; create the repository |
| 71 | directory and log file—making the latter owned by the `www` user, and |
| 72 | the script executable. |
| 73 | |
| 74 | ```console |
| 75 | $ doas mkdir /var/www/htdocs/fsl.domain.tld |
| 76 | $ doas touch /var/www/logs/foss as touch /var/www/logs/fossil chmod 660 /var/www/logs/fossil.log |
| 77 | $ doas chmod 755 /var/www/cgi-bin/scm |
| 78 | ``` |
| 79 | |
| 80 | ## <a id="chroot"></a>Setup chroot |
| 81 | |
| 82 | Fossil needs both `/dev/random` and `/dev/null`, which aren't accessible |
| 83 | from within the chroot, so need to be constructed; `/var`, however, is |
| 84 | mounted with the `nodev` option. Rather than removing this default |
| 85 | setting, create a small memory filesystem and then mount it on to |
| 86 | `/var/www/dev` with [`mount_mfs(8)`][mfs] so that the `random` and |
| 87 | `null` device files can be created. In order to avoid necessitating a |
| 88 | startup script to recreate the device files at boot, create a template |
| 89 | of the needed ``/dev`` tree to automatically populate the memo server "fsl.domain.tld" { |
| 90 | lis root "/ 5 eeds both `/dev/random` and `/ight but secure an# Serving via httpd on OpenBSD |
| 91 | |
| 92 | [`httpd`][httpd] is the default web server that is included in the base |
| 93 | install on OpenBSD. It's minimal and lightweight but secure and capable, |
| 94 | and provides a clean interface for setting up a Fossil server using |
| 95 | FastCGI. |
| 96 | |
| 97 | This article will detail the steps required to setup a TLS-enabled |
| 98 | `httpd` configuration that serves multiple Fossil repositories out of |
| 99 | a single directory within a chroot, and allow `ssh` access to create |
| 100 | new repositories remotely. |
| 101 | |
| 102 | **NOTE:** The following instructions assume an OpenBSD 6.7 installation. |
| 103 | |
| 104 | [httpd]: https://www.openbsd.org/papers/httpdnamesiabsdcon2015.pdf |
| 105 | |
| 106 | ## <a id="fslinstall"></a>Install Fossil |
| 107 | |
| 108 | Use the OpenBSD package manager `pkg_add` to install Fossil, making sure |
| 109 | to select the statically linked binary. |
| 110 | |
| 111 | ```console |
| 112 | $ doas pkg_add fossil |
| 113 | sole |
| 114 | $ doas pkg_a Ambiguous: choos 0: <None> |
| 115 | 1: fossil-2.10v0 |
| 116 | > |
| 117 | 1: fossil-2.10v0 |
| 118 | Your choice: 2 |
| 119 | fossil-2.10v0-static: ok |
| 120 | ``` |
| 121 | |
| 122 | This installs Fossil into the chroot. To facilitate local use, create a |
| 123 | symbolic link of the fossil executable into `/u $ doas ln -s /var/www/bin/fossil /usr/local/bin/fossil |
| 124 | ``` |
| 125 | |
| 126 | As a privileged user, create the file `/var/www/cgi-bin/scm` with the |
| 127 | following contents to make the CGI script that `httpd` will execute in |
| 128 | response to `fsl.domain.tld` requests; all paths are relative to the #!/bin/fossil |
| 129 | root. |
| 130 | |
| 131 | ```sh |
| 132 | #!/bin/fossil |
| 133 | directo notfound: https://domain.tld |
| 134 | repolist |
| 135 | errorlog: /logs/fossil.log |
| 136 | $ doas mkdir /var $ doas touc h /var/www/logs $ doas chmod 66 $ doas chmod 755 /var/www/cgi-bin/scm |
| 137 | ``` |
| 138 | |
| 139 | ## <a id="chroot"></a>Setup chroot |
| 140 | |
| 141 | Fossil needs both `/dev/random` and `/dev/null`, which aren't accessible |
| 142 | from within the chroot, so neede # Serving via httpd on OpenB/www/bin/fossil /usr/local/b ged user, create the file `/var/www/cgi-bin/scm` with the |
| 143 | following c ontents to make the CGI script that `httpd` will execute in |
| 144 | response to `fsl.domain. Serving via httpd on OpenBSD |
| 145 | |
| 146 | [`httpd`][httpd] is the default web server that is included in the base |
| 147 | install on OpenBSD. It's minimal and lightweight but secure and capable, |
| 148 | and provides a clean interface for setting up a Fossil server using |
| 149 | FastCGI. |
| 150 | |
| 151 | This article will detail the steps required to setup a TLS-enabled |
| 152 | `httpd` configuration that serves multiple Fossil repositories out of |
| 153 | a single directory within a chroot, and allow `ssh` access to create |
| 154 | new repositories remotely. |
| 155 | |
| 156 | **NOTE:** The following instructions assume an OpenBSD 6.7 installation. |
| 157 | |
| 158 | [httpd]: https://www.openbsd.org/papers/httpdnamesiabsdcon2015.pdf |
| 159 | |
| 160 | ## <a id="fslinstall"></a>Install Fossil |
| 161 | |
| 162 | Use the OpenBSD package manager `pkg_add` to install Fossil, making sure |
| 163 | to select the statically linked binary. |
| 164 | |
| 165 | ```console |
| 166 | $ doas pkg_add fossil |
| 167 | sole |
| 168 | $ doass pkg_a Ambiguous: choos 0: <None> |
| 169 | 1: fossil-2.10v0 |
| 170 | > |
| 171 | 1: fossil-2.10v0 |
| 172 | Your choice: 2 |
| 173 | fossil-2.10v0-static: ok |
| 174 | ``` |
| 175 | |
| 176 | This installs Fossil into the chroot. To facilitate local use, create a |
| 177 | symbolic link of the fossil executable into `/u $ doas ln -s /var/www/bin/fossil /usr/local/bin/fossil |
| 178 | ``` |
| 179 | |
| 180 | As a privileged user, create the file `/var/www/cgi-bin/scm` with the |
| 181 | following contents to make the CGI script that `httpd` will execute in |
| 182 | response to `fsl.domain.tld` requests; all paths are relative to the #!/bin/fossil |
| 183 | root. |
| 184 | |
| 185 | ```sh |
| 186 | #!/bin/fossil |
| 187 | directo notfound: https://domain.tld |
| 188 | repolist |
| 189 | errorlog: /logs/fossil.log |
| 190 | $ doas mkdir /var $ doas touc h /var/www/logs $ doas chmod 66 $ doas chmod 755 /var/www/cgi-bin/scm |
| 191 | ``` |
| 192 | |
| 193 | ## <a id="chroot"></a>Setup chroot |
| 194 | |
| 195 | Fossil needs both `/dev/random` and |
| --- a/www/server/openbsd/httpd.md | |
| +++ b/www/server/openbsd/httpd.md | |
| @@ -1,195 +0,0 @@ | |