Fossil SCM

Broke most of the contents of www/server/wiki out into a series of www/server/*.md articles that are now linked from a checkmark table in its place, which also links to the new www/server/windows/*.md files created to start this branch off. This is not purely a matter of moving prose around: there is a fair bit of improvement to the pre-existing prose as well, most notably that we now document the Fossil chroot jail requirements for the first time. (Previously, you had to go dig up mailing list or forum posts (or even RTFS!) to work out those requirements.) There's more to do on all of this; do not merge it to trunk yet.

wyoung 2019-08-16 07:13 server-docs
Commit fad82714aab2c5b73c47c2b750578b83e79d5ca7471fa4bd68d11c61994b58b1
Parent a9fd086f132705b…
7 files changed +1 -1 +176 -266 +1 +13 +41 +3 +24
~ www/env-opts.md ~ www/server.wiki + www/server/any/cgi.md + www/server/any/inetd.md + www/server/any/none.md + www/server/any/scgi.md + www/server/any/xinetd.md
M www/env-opts.md
+1 -1
--- www/env-opts.md
+++ www/env-opts.md
@@ -432,11 +432,11 @@
432432
 can be selected with either the `--vfs VFSNAME` option or the
433433
 `FOSSIL_VFS` environment variable. The `--vfs` option takes
434434
 precedence.
435435
436436
437
-### Temporary File Location
437
+### <a name="temp"></a>Temporary File Location
438438
439439
 Fossil places some temporary files in the checkout directory. Most notably,
440440
 supporting files related to merge conflicts are placed in the same
441441
 folder as the merge result.
442442
443443
--- www/env-opts.md
+++ www/env-opts.md
@@ -432,11 +432,11 @@
432 can be selected with either the `--vfs VFSNAME` option or the
433 `FOSSIL_VFS` environment variable. The `--vfs` option takes
434 precedence.
435
436
437 ### Temporary File Location
438
439 Fossil places some temporary files in the checkout directory. Most notably,
440 supporting files related to merge conflicts are placed in the same
441 folder as the merge result.
442
443
--- www/env-opts.md
+++ www/env-opts.md
@@ -432,11 +432,11 @@
432 can be selected with either the `--vfs VFSNAME` option or the
433 `FOSSIL_VFS` environment variable. The `--vfs` option takes
434 precedence.
435
436
437 ### <a name="temp"></a>Temporary File Location
438
439 Fossil places some temporary files in the checkout directory. Most notably,
440 supporting files related to merge conflicts are placed in the same
441 folder as the merge result.
442
443
M www/server.wiki
+176 -266
--- www/server.wiki
+++ www/server.wiki
@@ -10,14 +10,14 @@
1010
 </blockquote>
1111
1212
 <h2>But, A Server Can Be Useful</h2>
1313
1414
 <blockquote>
15
-Fossil does not require a a server,
15
+Fossil does not require a server,
1616
 but a server does make collaboration easier.
1717
 A Fossil server also works well as a complete website for a project.
18
-For example, the complete [https://www.fossil-scm.org/] website, including the
18
+For example, the [https://www.fossil-scm.org/] website, including the
1919
 page you are now reading,
2020
 is just a Fossil server displaying the content of the
2121
 self-hosting repository for Fossil.
2222
2323
 This article is a guide for setting up your own Fossil server.
@@ -26,288 +26,198 @@
2626
 information on the underlying CGI technology.
2727
 See "[./sync.wiki|The Fossil Sync Protocol]" for information on the
2828
 wire protocol used for client/server communication.
2929
 </blockquote>
3030
31
-<h2>Overview</h2>
31
+<h2>Methods</h2>
3232
3333
 <blockquote>
3434
 There are basically four ways to set up a Fossil server:
3535
3636
 <ol>
37
- <li>A stand-alone server
38
- <li>Using inetd, xinetd, or stunnel
39
- <li>CGI
40
- <li>SCGI (a.k.a. SimpleCGI)
41
-</ol>
42
-
43
-Each of these can serve either a single repository, or a directory hierarchy
44
-containing many repositories with names ending in ".fossil".
45
-</blockquote>
46
-
47
-
48
-<h2 id="standalone">Standalone server</h2>
49
-
50
-<blockquote>
51
-The easiest way to set up a Fossil server is to use either the
52
-[/help/server|server] or the [/help/ui|ui] commands:
53
-
54
-<ul>
55
- <li><b>fossil server</b> <i>REPOSITORY</i>
56
- <li><b>fossil ui</b> <i>REPOSITORY</i>
57
-</ul>
58
-
59
-The <i>REPOSITORY</i> argument is either the name of the repository file, or
60
-a directory containing many repositories named <tt>*.fossil</tt>.
61
-Both of these commands start a Fossil server, usually on TCP port 8080, though
62
-a higher numbered port might also be used if 8080 is already occupied. You can
63
-access these using URLs of the form <b>http://localhost:8080/</b>, or if
64
-<i>REPOSITORY</i> is a directory, URLs of the form
65
-<b>http://localhost:8080/</b><i>repo</i><b>/</b> where <i>repo</i> is the base
66
-name of the repository file without the ".fossil" suffix.
67
-
68
-There are several key differences between "ui" and "server":
69
-
70
-<ul>
71
- <li>"ui" always binds the server to the loopback IP address
72
- (127.0.0.1) so that it cannot serve to other machines.
73
- <li>anyone who visits this URL is treated as the all-powerful Setup
74
- user, which is why the first difference exists.
75
- <li>"ui" launches a local web browser pointed at this URL.
76
-</ul>
77
-
78
-You can omit the <i>REPOSITORY</i> argument if you run one of the above
79
-commands from within a Fossil checkout directory to serve that
80
-repository:
81
-
82
-<blockquote><pre>
83
-$ fossil ui # or...
84
-$ fossil serve
85
-</pre></blockquote>
86
-
87
-Note that you can abbreviate Fossil sub-commands, as long as they are
88
-unambiguous. "<tt>server</tt>" can currently be as short as
89
-"<tt>ser</tt>".
90
-
91
-As a more complicated example, you can serve a directory containing
92
-multiple <tt>*.fossil</tt> files like so:
93
-
94
-<blockquote><pre>
95
-$ fossil server --port 9000 --repolist /path/to/repo/dir
96
-</pre></blockquote>
97
-
98
-There is an [/file/tools/fslsrv | example script] in the Fossil
99
-distribution that wraps <tt>fossil server</tt> to produce more
100
-complicated effects. Feel free to take it, study it, and modify it to
101
-suit your local needs.
102
-
103
-See the [/help/server|online documentation] for more information on the
104
-options and arguments you can give to these commands.
105
-</blockquote>
106
-
107
-
108
-<h2 id="inetd">Fossil as an inetd/xinetd service</h2>
109
-
110
-<blockquote>
111
-
112
-A Fossil server can be launched on-demand by inetd or xinetd using
113
-the [/help/http|fossil http] command. To launch Fossil from inetd, modify
114
-your inetd configuration file (typically "/etc/inetd.conf") to contain a
115
-line something like this:
116
-
117
-<blockquote>
118
-<pre>
119
-80 stream tcp nowait.1000 root /usr/bin/fossil /usr/bin/fossil http /home/fossil/repo.fossil
120
-</pre>
121
-</blockquote>
122
-
123
-In this example, you are telling "inetd" that when an incoming connection
124
-appears on TCP port "80", that it should launch the binary "/usr/bin/fossil"
125
-program with the arguments shown.
126
-Obviously you will
127
-need to modify the pathnames for your particular setup.
128
-The final argument is either the name of the fossil repository to be served,
129
-or a directory containing multiple repositories.
130
-
131
-
132
-If you use a non-standard TCP port on
133
-systems where the port-specification must be a symbolic name and cannot be
134
-numeric, add the desired name and port to /etc/services. For example, if
135
-you want your Fossil server running on TCP port 12345 instead of 80, you
136
-will need to add:
137
-
138
-<blockquote>
139
-<pre>
140
-fossil 12345/tcp #fossil server
141
-</pre>
142
-</blockquote>
143
-
144
-and use the symbolic name ('fossil' in this example) instead of the numeral ('12345')
145
-in inetd.conf. For details, see the relevant section in your system's documentation, e.g.
146
-the [https://www.freebsd.org/doc/en/books/handbook/network-inetd.html|FreeBSD Handbook] in
147
-case you use FreeBSD.
148
-
149
-If your system is running xinetd, then the configuration is likely to be
150
-in the file "/etc/xinetd.conf" or in a subfile of "/etc/xinetd.d".
151
-An xinetd configuration file will appear like this:
152
-
153
-<blockquote>
154
-<pre>
155
-service http
156
-{
157
- port = 80
158
- socket_type = stream
159
- wait = no
160
- user = root
161
- server = /usr/bin/fossil
162
- server_args = http /home/fossil/repos/
163
-}
164
-</pre>
165
-</blockquote>
166
-
167
-The xinetd example above has Fossil configured to serve multiple
168
-repositories, contained under the "/home/fossil/repos/" directory.
169
-
170
-In both cases notice that Fossil was launched as root. This is not required,
171
-but if it is done, then Fossil will automatically put itself into a chroot
172
-jail for the user who owns the fossil repository before reading any information
173
-off of the wire.
174
-
175
-Inetd or xinetd must be enabled, and must be (re)started whenever their configuration
176
-changes - consult your system's documentation for details.
177
-
178
-Using inetd or xinetd is a more complex setup
179
-than the "standalone" server, but it has the
180
-advantage of only using system resources when an actual connection is
181
-attempted. If no-one ever connects to that port, a Fossil server will
182
-not (automatically) run. It has the disadvantage of requiring "root" access
183
-and therefore may not normally be available to lower-priced "shared" servers
184
-on the Internet.
185
-
186
-The configuration for <tt>stunnel</tt> is similar, but it is covered in
187
-[./ssl.wiki#stunnel|a separate document].
188
-</blockquote>
189
-
190
-<h2 id="cgi">Fossil as CGI</h2>
191
-
192
-<blockquote>
193
-
194
-A Fossil server can also be run from an ordinary web server as a CGI program.
195
-This feature allows Fossil to be seamlessly integrated into a larger website.
196
-CGI is how the [./selfhost.wiki | self-hosting fossil repositories] are
197
-implemented.
198
-
199
-To run Fossil as CGI, create a CGI script (here called "repo") in the CGI directory
200
-of your web server and having content like this:
201
-
202
-<blockquote><pre>
203
-#!/usr/bin/fossil
204
-repository: /home/fossil/repo.fossil
205
-</pre></blockquote>
206
-
207
-As always, adjust your paths appropriately.
208
-It may be necessary to set permissions properly, or to modify an ".htaccess"
209
-file or make other server-specific changes. Consult the documentation
210
-for your particular web server. In particular, the following permissions are
211
-<em>normally</em> required (but, again, may be different for a particular
212
-configuration):
213
-
214
-<ul>
215
- <li>The Fossil binary (/usr/bin/fossil in the example above)
216
- must be readable/executable, and ALL directories leading up to it
217
- must be readable by the process which executes the CGI.</li>
218
- <li>ALL directories leading to the CGI script must also be readable and the CGI
219
- script itself must be executable for the user under which it will run (which often differs
220
- from the one running the web server - consult your site's documentation or administrator).</li>
221
- <li>The repository file AND the directory containing it must be writable by the same account
222
- which executes the Fossil binary (again, this might differ from the WWW user). The directory
223
- needs to be writable so that SQLite can write its journal files.</li>
224
- <li>Fossil must be able to create temporary files, the default directory
225
- for which depends on the OS. When the CGI process is operating within
226
- a chroot, ensure that this directory exists and is readable/writeable
227
- by the user who executes the Fossil binary.</li>
228
-</ul>
229
-
230
-Once the script is set up correctly, and assuming your server is also set
231
-correctly, you should be able to access your repository with a URL like:
232
-<b>http://mydomain.org/cgi-bin/repo</b> (assuming the "repo" script is
233
-accessible under "cgi-bin", which would be a typical deployment on Apache
234
-for instance).
235
-
236
-To serve multiple repositories from a directory using CGI, use the "directory:"
237
-tag in the CGI script rather than "repository:". You might also want to add
238
-a "notfound:" tag to tell where to redirect if the particular repository requested
239
-by the URL is not found:
240
-
241
-<blockquote><pre>
242
-#!/usr/bin/fossil
243
-directory: /home/fossil/repos
244
-notfound: http://url-to-go-to-if-repo-not-found/
245
-</pre></blockquote>
246
-
247
-Once deployed, a URL like: <b>http://mydomain.org/cgi-bin/repo/XYZ</b>
248
-will serve up the repository "/home/fossil/repos/XYZ.fossil" (if it exists).
249
-
250
-Additional options available to the CGI script are
251
-[./cgi.wiki|documented separately].
252
-
253
-Note that Fossil itself can be launched as CGI, as described here. But
254
-Fossil can also launch [./serverext.wiki|sub-CGIs to implement server extensions].
255
-Do not confuse these two concepts. Note also that the
256
-[./serverext.wiki|sub-CGI mechanism] works regardless of how the main
257
-Fossil server is launched.
258
-
259
-<h2 id="scgi">Fossil as SCGI</h2>
260
-<blockquote>
261
-
262
-The [/help/server|fossil server] command, described above as a way of
263
-starting a stand-alone web server, can also be used for SCGI. Simply add
264
-the --scgi command-line option and the stand-alone server will interpret
265
-and respond to the SimpleCGI or SCGI protocol rather than raw HTTP. This can
266
-be used in combination with a web server (such as [http://nginx.org|Nginx])
267
-that does not support CGI. A typical Nginx configuration to support SCGI
268
-with Fossil would look something like this:
269
-
270
-<blockquote><pre>
271
-location /demo_project/ {
272
- include scgi_params;
273
- scgi_pass localhost:9000;
274
- scgi_param SCRIPT_NAME "/demo_project";
275
- scgi_param HTTPS "on";
276
-}
277
-</pre></blockquote>
278
-
279
-Note that Fossil requires the SCRIPT_NAME variable
280
-in order to function properly, but Nginx does not provide this
281
-variable by default,
282
-so it is necessary to provide the SCRIPT_NAME parameter in the configuration.
283
-Failure to do this will cause Fossil to return an error.
284
-
285
-All of the features of the stand-alone server mode described above,
286
-such as the ability to serve a directory full of Fossil repositories
287
-rather than just a single repository, work the same way in SCGI mode.
288
-
289
-For security, it is probably a good idea to add the --localhost option
290
-to the [/help/server|fossil server] command to prevent Fossil from accepting
291
-off-site connections. One might also want to specify the listening TCP port
292
-number, rather than letting Fossil choose one for itself, just to avoid
293
-ambiguity. A typical command to start a Fossil SCGI server
294
-would be something like this:
295
-
296
-<blockquote><pre>
297
-fossil server $REPOSITORY --scgi --localhost --port 9000
298
-</pre></blockquote>
299
-</blockquote>
37
+ <li>Socket activation: inetd, xinetd, stunnel...
38
+ <li>Stand-alone HTTP server
39
+ <li>SCGI
40
+ <li>CGI
41
+</ol>
42
+
43
+The HTTP and SCGI options also allow for various sorts of reverse
44
+proxying: Apache, nginx, HAProxy, stunnel (proxy mode), IIS...
45
+
46
+Regardless of the method you choose, all can serve either a single repository
47
+or a directory hierarchy containing many repositories with names ending in ".fossil".
48
+
49
+We've broken the configuration for each method out into a series of
50
+sub-articles, some of which are OS-specific:
51
+</blockquote>
52
+
53
+<table style="margin-left: 6em;">
54
+ <tr>
55
+ <th>&nbsp;</th>
56
+ <th colspan="10" style="background-color: #efefef">Fossil Front-End Program</th>
57
+ </tr>
58
+
59
+ <tr>
60
+ <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Host OS</th>
61
+ <th>none</th>
62
+ <th>inetd</th>
63
+ <th>xinetd</th>
64
+ <th>stunnel</th>
65
+ <th>CGI</th>
66
+ <th>SCGI</th>
67
+ <th>nginx</th>
68
+ <th>Apache</th>
69
+ <th>IIS</th>
70
+ <th>OS&nbsp;service</th>
71
+ </tr>
72
+
73
+ <tr>
74
+ <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Any</th>
75
+ <td style="text-align: center"><a href="./server/any/none.md">✅</a></td>
76
+ <td style="text-align: center"><a href="./server/any/inetd.md">✅</a></td>
77
+ <td style="text-align: center"><a href="./server/any/xinetd.md">✅</a></td>
78
+ <td style="text-align: center"><a href="./ssl.wiki#stunnel">✅</a></td>
79
+ <td style="text-align: center"><a href="./server/any/cgi.md">✅</a></td>
80
+ <td style="text-align: center"><a href="./server/any/scgi.md">✅</a></td>
81
+ <td style="text-align: center">❌</td>
82
+ <td style="text-align: center">❌</td>
83
+ <td style="text-align: center">❌</td>
84
+ <td style="text-align: center">❌</td>
85
+ </tr>
86
+
87
+ <tr>
88
+ <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Debian/Ubuntu</th>
89
+ <td style="text-align: center"><a href="./server/any/none.md">✅</a></td>
90
+ <td style="text-align: center"><a href="./server/any/inetd.md">✅</a></td>
91
+ <td style="text-align: center"><a href="./server/any/xinetd.md">✅</a></td>
92
+ <td style="text-align: center"><a href="./ssl.wiki#stunnel">✅</a></td>
93
+ <td style="text-align: center"><a href="./server/any/cgi.md">✅</a></td>
94
+ <td style="text-align: center"><a href="./server/any/scgi.md">✅</a></td>
95
+ <td style="text-align: center"><a href="./server/debian/nginx.md">✅</a></td>
96
+ <td style="text-align: center">❌</td>
97
+ <td style="text-align: center">❌</td>
98
+ <td style="text-align: center">❌</td>
99
+ </tr>
100
+
101
+ <tr>
102
+ <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Windows</th>
103
+ <td style="text-align: center">❌</td>
104
+ <td style="text-align: center">❌</td>
105
+ <td style="text-align: center">❌</td>
106
+ <td style="text-align: center"><a href="./server/windows/stunnel.md">✅</a></td>
107
+ <td style="text-align: center">❌</td>
108
+ <td style="text-align: center">❌</td>
109
+ <td style="text-align: center">❌</td>
110
+ <td style="text-align: center">❌</td>
111
+ <td style="text-align: center">❌</td>
112
+ <td style="text-align: center"><a href="./server/windows/service.md">✅</a></td>
113
+ </tr>
114
+</table>
115
+
116
+<blockquote>
117
+Where there is a check mark in the "Any" row, the method for that is
118
+generic enough that it works across OSes that Fossil is known to work
119
+on. The check marks below that usually just link to this generic
120
+documentation.
121
+
122
+There are several widely-deployed socket activation schemes besides the
123
+<tt>inetd</tt>, <tt>xinetd</tt>, and <tt>stunnel</tt> schemes with
124
+documents linked above: Apple’s <tt>launchd</tt>, Linux’s
125
+<tt>systemd</tt>, Solaris’ SMF, etc. We would welcome [./contribute.wiki
126
+| contributions] to cover these as well. We also welcome contributions
127
+to fill gaps (❌) in the table above.
128
+</blockquote>
129
+
130
+
131
+<h2 id="standalone">Standalone HTTP server</h2>
132
+
133
+<blockquote>
134
+ This is the easiest way to set up a Fossil server. It's covered in
135
+ [./server/any/none.md | a separate article].
136
+</blockquote>
137
+
138
+
139
+<h2 id="inetd">Serving via inetd</h2>
140
+
141
+<blockquote>
142
+ See [./server/any/inetd.md | this article].
143
+</blockquote>
144
+
145
+
146
+<h2 id="cgi">Serving via CGI</h2>
147
+
148
+<blockquote>
149
+ See [./server/any/cgi.md | this article].
150
+</blockquote>
151
+
152
+
153
+<h2 id="scgi">Serving via SCGI</h2>
154
+
155
+<blockquote>
156
+ See [./server/any/scgi.md | this article].
157
+</blockquote>
158
+
159
+
160
+<h2 id="ext">CGI Server Extensions</h2>
161
+
162
+<blockquote>
163
+ In addition to serving Fossil repositories via CGI, Fossil can
164
+ itself [./serverext.wiki | launch other programs via CGI] to
165
+ implement server extensions. Do not confuse these two concepts. This
166
+ extension mechanism works regardless of the method above you choose
167
+ to serve your Fossil repository.
168
+</blockquote>
169
+
300170
301171
 <h2 id="tls">Securing a repository with TLS</h2>
302172
303173
 <blockquote>
304174
 Fossil's built-in HTTP server (e.g. "fossil server") does not support
305175
 TLS, but there are multiple ways to protect your Fossil server with
306176
 TLS. All of this is covered in a separate document, <a
307177
 href="./ssl.wiki">Using TLS-Encrypted Communications with Fossil</a>.
308178
 </blockquote>
179
+
180
+
181
+<h2 id="chroot">The Fossil Chroot Jail</h2>
182
+
183
+<blockquote>
184
+If you run Fossil as root in any mode that serves data on the
185
+network, and you're running it on Unix or a compatible OS, Fossil
186
+will drop itself into a [https://en.wikipedia.org/wiki/Chroot |
187
+chroot jail] shortly after starting up. It will drop its root
188
+privileges once it's done everything that requires root access; most
189
+commonly, you run Fossil as root to allow it to bind to TCP port 80
190
+for HTTP service, since normal users are restricted to ports 1024
191
+and up on OSes where this behavior occurs.
192
+
193
+Fossil uses the owner of the Fossil repository file as its new user
194
+ID when dropping root privileges.
195
+
196
+When this happens, Fossil needs to have all of its dependencies
197
+inside the chroot jail. There are several things you typically need
198
+in order to make things work properly:
199
+
200
+<ul>
201
+ <li>the repository file(s)
202
+
203
+ <li><tt>/dev/null</tt> — create it with <tt>mknod(8)</tt>
204
+ inside the jail directory
205
+
206
+ <li><tt>/dev/urandom</tt> — ditto
207
+
208
+ <li>any shared libraries your <tt>fossil</tt> binary is linked
209
+ to, such as <tt>/lib/libssl.so</tt>; consider building Fossil as a
210
+ static binary to avoid this
211
+</ul>
212
+</blockquote>
213
+
214
+<blockquote>
215
+Fossil does all of this in order to protect the host OS. There is
216
+no way to bypass it, on purpose.
217
+</blockquote>
218
+
309219
310220
 <h2 id="loadmgmt">Managing Server Load</h2>
311221
312222
 <blockquote>
313223
 A Fossil server is very efficient and normally presents a very light
314224
315225
ADDED www/server/any/cgi.md
316226
ADDED www/server/any/inetd.md
317227
ADDED www/server/any/none.md
318228
ADDED www/server/any/scgi.md
319229
ADDED www/server/any/xinetd.md
--- www/server.wiki
+++ www/server.wiki
@@ -10,14 +10,14 @@
10 </blockquote>
11
12 <h2>But, A Server Can Be Useful</h2>
13
14 <blockquote>
15 Fossil does not require a a server,
16 but a server does make collaboration easier.
17 A Fossil server also works well as a complete website for a project.
18 For example, the complete [https://www.fossil-scm.org/] website, including the
19 page you are now reading,
20 is just a Fossil server displaying the content of the
21 self-hosting repository for Fossil.
22
23 This article is a guide for setting up your own Fossil server.
@@ -26,288 +26,198 @@
26 information on the underlying CGI technology.
27 See "[./sync.wiki|The Fossil Sync Protocol]" for information on the
28 wire protocol used for client/server communication.
29 </blockquote>
30
31 <h2>Overview</h2>
32
33 <blockquote>
34 There are basically four ways to set up a Fossil server:
35
36 <ol>
37 <li>A stand-alone server
38 <li>Using inetd, xinetd, or stunnel
39 <li>CGI
40 <li>SCGI (a.k.a. SimpleCGI)
41 </ol>
42
43 Each of these can serve either a single repository, or a directory hierarchy
44 containing many repositories with names ending in ".fossil".
45 </blockquote>
46
47
48 <h2 id="standalone">Standalone server</h2>
49
50 <blockquote>
51 The easiest way to set up a Fossil server is to use either the
52 [/help/server|server] or the [/help/ui|ui] commands:
53
54 <ul>
55 <li><b>fossil server</b> <i>REPOSITORY</i>
56 <li><b>fossil ui</b> <i>REPOSITORY</i>
57 </ul>
58
59 The <i>REPOSITORY</i> argument is either the name of the repository file, or
60 a directory containing many repositories named <tt>*.fossil</tt>.
61 Both of these commands start a Fossil server, usually on TCP port 8080, though
62 a higher numbered port might also be used if 8080 is already occupied. You can
63 access these using URLs of the form <b>http://localhost:8080/</b>, or if
64 <i>REPOSITORY</i> is a directory, URLs of the form
65 <b>http://localhost:8080/</b><i>repo</i><b>/</b> where <i>repo</i> is the base
66 name of the repository file without the ".fossil" suffix.
67
68 There are several key differences between "ui" and "server":
69
70 <ul>
71 <li>"ui" always binds the server to the loopback IP address
72 (127.0.0.1) so that it cannot serve to other machines.
73 <li>anyone who visits this URL is treated as the all-powerful Setup
74 user, which is why the first difference exists.
75 <li>"ui" launches a local web browser pointed at this URL.
76 </ul>
77
78 You can omit the <i>REPOSITORY</i> argument if you run one of the above
79 commands from within a Fossil checkout directory to serve that
80 repository:
81
82 <blockquote><pre>
83 $ fossil ui # or...
84 $ fossil serve
85 </pre></blockquote>
86
87 Note that you can abbreviate Fossil sub-commands, as long as they are
88 unambiguous. "<tt>server</tt>" can currently be as short as
89 "<tt>ser</tt>".
90
91 As a more complicated example, you can serve a directory containing
92 multiple <tt>*.fossil</tt> files like so:
93
94 <blockquote><pre>
95 $ fossil server --port 9000 --repolist /path/to/repo/dir
96 </pre></blockquote>
97
98 There is an [/file/tools/fslsrv | example script] in the Fossil
99 distribution that wraps <tt>fossil server</tt> to produce more
100 complicated effects. Feel free to take it, study it, and modify it to
101 suit your local needs.
102
103 See the [/help/server|online documentation] for more information on the
104 options and arguments you can give to these commands.
105 </blockquote>
106
107
108 <h2 id="inetd">Fossil as an inetd/xinetd service</h2>
109
110 <blockquote>
111
112 A Fossil server can be launched on-demand by inetd or xinetd using
113 the [/help/http|fossil http] command. To launch Fossil from inetd, modify
114 your inetd configuration file (typically "/etc/inetd.conf") to contain a
115 line something like this:
116
117 <blockquote>
118 <pre>
119 80 stream tcp nowait.1000 root /usr/bin/fossil /usr/bin/fossil http /home/fossil/repo.fossil
120 </pre>
121 </blockquote>
122
123 In this example, you are telling "inetd" that when an incoming connection
124 appears on TCP port "80", that it should launch the binary "/usr/bin/fossil"
125 program with the arguments shown.
126 Obviously you will
127 need to modify the pathnames for your particular setup.
128 The final argument is either the name of the fossil repository to be served,
129 or a directory containing multiple repositories.
130
131
132 If you use a non-standard TCP port on
133 systems where the port-specification must be a symbolic name and cannot be
134 numeric, add the desired name and port to /etc/services. For example, if
135 you want your Fossil server running on TCP port 12345 instead of 80, you
136 will need to add:
137
138 <blockquote>
139 <pre>
140 fossil 12345/tcp #fossil server
141 </pre>
142 </blockquote>
143
144 and use the symbolic name ('fossil' in this example) instead of the numeral ('12345')
145 in inetd.conf. For details, see the relevant section in your system's documentation, e.g.
146 the [https://www.freebsd.org/doc/en/books/handbook/network-inetd.html|FreeBSD Handbook] in
147 case you use FreeBSD.
148
149 If your system is running xinetd, then the configuration is likely to be
150 in the file "/etc/xinetd.conf" or in a subfile of "/etc/xinetd.d".
151 An xinetd configuration file will appear like this:
152
153 <blockquote>
154 <pre>
155 service http
156 {
157 port = 80
158 socket_type = stream
159 wait = no
160 user = root
161 server = /usr/bin/fossil
162 server_args = http /home/fossil/repos/
163 }
164 </pre>
165 </blockquote>
166
167 The xinetd example above has Fossil configured to serve multiple
168 repositories, contained under the "/home/fossil/repos/" directory.
169
170 In both cases notice that Fossil was launched as root. This is not required,
171 but if it is done, then Fossil will automatically put itself into a chroot
172 jail for the user who owns the fossil repository before reading any information
173 off of the wire.
174
175 Inetd or xinetd must be enabled, and must be (re)started whenever their configuration
176 changes - consult your system's documentation for details.
177
178 Using inetd or xinetd is a more complex setup
179 than the "standalone" server, but it has the
180 advantage of only using system resources when an actual connection is
181 attempted. If no-one ever connects to that port, a Fossil server will
182 not (automatically) run. It has the disadvantage of requiring "root" access
183 and therefore may not normally be available to lower-priced "shared" servers
184 on the Internet.
185
186 The configuration for <tt>stunnel</tt> is similar, but it is covered in
187 [./ssl.wiki#stunnel|a separate document].
188 </blockquote>
189
190 <h2 id="cgi">Fossil as CGI</h2>
191
192 <blockquote>
193
194 A Fossil server can also be run from an ordinary web server as a CGI program.
195 This feature allows Fossil to be seamlessly integrated into a larger website.
196 CGI is how the [./selfhost.wiki | self-hosting fossil repositories] are
197 implemented.
198
199 To run Fossil as CGI, create a CGI script (here called "repo") in the CGI directory
200 of your web server and having content like this:
201
202 <blockquote><pre>
203 #!/usr/bin/fossil
204 repository: /home/fossil/repo.fossil
205 </pre></blockquote>
206
207 As always, adjust your paths appropriately.
208 It may be necessary to set permissions properly, or to modify an ".htaccess"
209 file or make other server-specific changes. Consult the documentation
210 for your particular web server. In particular, the following permissions are
211 <em>normally</em> required (but, again, may be different for a particular
212 configuration):
213
214 <ul>
215 <li>The Fossil binary (/usr/bin/fossil in the example above)
216 must be readable/executable, and ALL directories leading up to it
217 must be readable by the process which executes the CGI.</li>
218 <li>ALL directories leading to the CGI script must also be readable and the CGI
219 script itself must be executable for the user under which it will run (which often differs
220 from the one running the web server - consult your site's documentation or administrator).</li>
221 <li>The repository file AND the directory containing it must be writable by the same account
222 which executes the Fossil binary (again, this might differ from the WWW user). The directory
223 needs to be writable so that SQLite can write its journal files.</li>
224 <li>Fossil must be able to create temporary files, the default directory
225 for which depends on the OS. When the CGI process is operating within
226 a chroot, ensure that this directory exists and is readable/writeable
227 by the user who executes the Fossil binary.</li>
228 </ul>
229
230 Once the script is set up correctly, and assuming your server is also set
231 correctly, you should be able to access your repository with a URL like:
232 <b>http://mydomain.org/cgi-bin/repo</b> (assuming the "repo" script is
233 accessible under "cgi-bin", which would be a typical deployment on Apache
234 for instance).
235
236 To serve multiple repositories from a directory using CGI, use the "directory:"
237 tag in the CGI script rather than "repository:". You might also want to add
238 a "notfound:" tag to tell where to redirect if the particular repository requested
239 by the URL is not found:
240
241 <blockquote><pre>
242 #!/usr/bin/fossil
243 directory: /home/fossil/repos
244 notfound: http://url-to-go-to-if-repo-not-found/
245 </pre></blockquote>
246
247 Once deployed, a URL like: <b>http://mydomain.org/cgi-bin/repo/XYZ</b>
248 will serve up the repository "/home/fossil/repos/XYZ.fossil" (if it exists).
249
250 Additional options available to the CGI script are
251 [./cgi.wiki|documented separately].
252
253 Note that Fossil itself can be launched as CGI, as described here. But
254 Fossil can also launch [./serverext.wiki|sub-CGIs to implement server extensions].
255 Do not confuse these two concepts. Note also that the
256 [./serverext.wiki|sub-CGI mechanism] works regardless of how the main
257 Fossil server is launched.
258
259 <h2 id="scgi">Fossil as SCGI</h2>
260 <blockquote>
261
262 The [/help/server|fossil server] command, described above as a way of
263 starting a stand-alone web server, can also be used for SCGI. Simply add
264 the --scgi command-line option and the stand-alone server will interpret
265 and respond to the SimpleCGI or SCGI protocol rather than raw HTTP. This can
266 be used in combination with a web server (such as [http://nginx.org|Nginx])
267 that does not support CGI. A typical Nginx configuration to support SCGI
268 with Fossil would look something like this:
269
270 <blockquote><pre>
271 location /demo_project/ {
272 include scgi_params;
273 scgi_pass localhost:9000;
274 scgi_param SCRIPT_NAME "/demo_project";
275 scgi_param HTTPS "on";
276 }
277 </pre></blockquote>
278
279 Note that Fossil requires the SCRIPT_NAME variable
280 in order to function properly, but Nginx does not provide this
281 variable by default,
282 so it is necessary to provide the SCRIPT_NAME parameter in the configuration.
283 Failure to do this will cause Fossil to return an error.
284
285 All of the features of the stand-alone server mode described above,
286 such as the ability to serve a directory full of Fossil repositories
287 rather than just a single repository, work the same way in SCGI mode.
288
289 For security, it is probably a good idea to add the --localhost option
290 to the [/help/server|fossil server] command to prevent Fossil from accepting
291 off-site connections. One might also want to specify the listening TCP port
292 number, rather than letting Fossil choose one for itself, just to avoid
293 ambiguity. A typical command to start a Fossil SCGI server
294 would be something like this:
295
296 <blockquote><pre>
297 fossil server $REPOSITORY --scgi --localhost --port 9000
298 </pre></blockquote>
299 </blockquote>
300
301 <h2 id="tls">Securing a repository with TLS</h2>
302
303 <blockquote>
304 Fossil's built-in HTTP server (e.g. "fossil server") does not support
305 TLS, but there are multiple ways to protect your Fossil server with
306 TLS. All of this is covered in a separate document, <a
307 href="./ssl.wiki">Using TLS-Encrypted Communications with Fossil</a>.
308 </blockquote>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
309
310 <h2 id="loadmgmt">Managing Server Load</h2>
311
312 <blockquote>
313 A Fossil server is very efficient and normally presents a very light
314
315 DDED www/server/any/cgi.md
316 DDED www/server/any/inetd.md
317 DDED www/server/any/none.md
318 DDED www/server/any/scgi.md
319 DDED www/server/any/xinetd.md
--- www/server.wiki
+++ www/server.wiki
@@ -10,14 +10,14 @@
10 </blockquote>
11
12 <h2>But, A Server Can Be Useful</h2>
13
14 <blockquote>
15 Fossil does not require a server,
16 but a server does make collaboration easier.
17 A Fossil server also works well as a complete website for a project.
18 For example, the [https://www.fossil-scm.org/] website, including the
19 page you are now reading,
20 is just a Fossil server displaying the content of the
21 self-hosting repository for Fossil.
22
23 This article is a guide for setting up your own Fossil server.
@@ -26,288 +26,198 @@
26 information on the underlying CGI technology.
27 See "[./sync.wiki|The Fossil Sync Protocol]" for information on the
28 wire protocol used for client/server communication.
29 </blockquote>
30
31 <h2>Methods</h2>
32
33 <blockquote>
34 There are basically four ways to set up a Fossil server:
35
36 <ol>
37 <li>Socket activation: inetd, xinetd, stunnel...
38 <li>Stand-alone HTTP server
39 <li>SCGI
40 <li>CGI
41 </ol>
42
43 The HTTP and SCGI options also allow for various sorts of reverse
44 proxying: Apache, nginx, HAProxy, stunnel (proxy mode), IIS...
45
46 Regardless of the method you choose, all can serve either a single repository
47 or a directory hierarchy containing many repositories with names ending in ".fossil".
48
49 We've broken the configuration for each method out into a series of
50 sub-articles, some of which are OS-specific:
51 </blockquote>
52
53 <table style="margin-left: 6em;">
54 <tr>
55 <th>&nbsp;</th>
56 <th colspan="10" style="background-color: #efefef">Fossil Front-End Program</th>
57 </tr>
58
59 <tr>
60 <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Host OS</th>
61 <th>none</th>
62 <th>inetd</th>
63 <th>xinetd</th>
64 <th>stunnel</th>
65 <th>CGI</th>
66 <th>SCGI</th>
67 <th>nginx</th>
68 <th>Apache</th>
69 <th>IIS</th>
70 <th>OS&nbsp;service</th>
71 </tr>
72
73 <tr>
74 <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Any</th>
75 <td style="text-align: center"><a href="./server/any/none.md">✅</a></td>
76 <td style="text-align: center"><a href="./server/any/inetd.md">✅</a></td>
77 <td style="text-align: center"><a href="./server/any/xinetd.md">✅</a></td>
78 <td style="text-align: center"><a href="./ssl.wiki#stunnel">✅</a></td>
79 <td style="text-align: center"><a href="./server/any/cgi.md">✅</a></td>
80 <td style="text-align: center"><a href="./server/any/scgi.md">✅</a></td>
81 <td style="text-align: center">❌</td>
82 <td style="text-align: center">❌</td>
83 <td style="text-align: center">❌</td>
84 <td style="text-align: center">❌</td>
85 </tr>
86
87 <tr>
88 <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Debian/Ubuntu</th>
89 <td style="text-align: center"><a href="./server/any/none.md">✅</a></td>
90 <td style="text-align: center"><a href="./server/any/inetd.md">✅</a></td>
91 <td style="text-align: center"><a href="./server/any/xinetd.md">✅</a></td>
92 <td style="text-align: center"><a href="./ssl.wiki#stunnel">✅</a></td>
93 <td style="text-align: center"><a href="./server/any/cgi.md">✅</a></td>
94 <td style="text-align: center"><a href="./server/any/scgi.md">✅</a></td>
95 <td style="text-align: center"><a href="./server/debian/nginx.md">✅</a></td>
96 <td style="text-align: center">❌</td>
97 <td style="text-align: center">❌</td>
98 <td style="text-align: center">❌</td>
99 </tr>
100
101 <tr>
102 <th style="background-color: #e8e8e8; padding: 6px; text-align: right">Windows</th>
103 <td style="text-align: center">❌</td>
104 <td style="text-align: center">❌</td>
105 <td style="text-align: center">❌</td>
106 <td style="text-align: center"><a href="./server/windows/stunnel.md">✅</a></td>
107 <td style="text-align: center">❌</td>
108 <td style="text-align: center">❌</td>
109 <td style="text-align: center">❌</td>
110 <td style="text-align: center">❌</td>
111 <td style="text-align: center">❌</td>
112 <td style="text-align: center"><a href="./server/windows/service.md">✅</a></td>
113 </tr>
114 </table>
115
116 <blockquote>
117 Where there is a check mark in the "Any" row, the method for that is
118 generic enough that it works across OSes that Fossil is known to work
119 on. The check marks below that usually just link to this generic
120 documentation.
121
122 There are several widely-deployed socket activation schemes besides the
123 <tt>inetd</tt>, <tt>xinetd</tt>, and <tt>stunnel</tt> schemes with
124 documents linked above: Apple’s <tt>launchd</tt>, Linux’s
125 <tt>systemd</tt>, Solaris’ SMF, etc. We would welcome [./contribute.wiki
126 | contributions] to cover these as well. We also welcome contributions
127 to fill gaps (❌) in the table above.
128 </blockquote>
129
130
131 <h2 id="standalone">Standalone HTTP server</h2>
132
133 <blockquote>
134 This is the easiest way to set up a Fossil server. It's covered in
135 [./server/any/none.md | a separate article].
136 </blockquote>
137
138
139 <h2 id="inetd">Serving via inetd</h2>
140
141 <blockquote>
142 See [./server/any/inetd.md | this article].
143 </blockquote>
144
145
146 <h2 id="cgi">Serving via CGI</h2>
147
148 <blockquote>
149 See [./server/any/cgi.md | this article].
150 </blockquote>
151
152
153 <h2 id="scgi">Serving via SCGI</h2>
154
155 <blockquote>
156 See [./server/any/scgi.md | this article].
157 </blockquote>
158
159
160 <h2 id="ext">CGI Server Extensions</h2>
161
162 <blockquote>
163 In addition to serving Fossil repositories via CGI, Fossil can
164 itself [./serverext.wiki | launch other programs via CGI] to
165 implement server extensions. Do not confuse these two concepts. This
166 extension mechanism works regardless of the method above you choose
167 to serve your Fossil repository.
168 </blockquote>
169
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
170
171 <h2 id="tls">Securing a repository with TLS</h2>
172
173 <blockquote>
174 Fossil's built-in HTTP server (e.g. "fossil server") does not support
175 TLS, but there are multiple ways to protect your Fossil server with
176 TLS. All of this is covered in a separate document, <a
177 href="./ssl.wiki">Using TLS-Encrypted Communications with Fossil</a>.
178 </blockquote>
179
180
181 <h2 id="chroot">The Fossil Chroot Jail</h2>
182
183 <blockquote>
184 If you run Fossil as root in any mode that serves data on the
185 network, and you're running it on Unix or a compatible OS, Fossil
186 will drop itself into a [https://en.wikipedia.org/wiki/Chroot |
187 chroot jail] shortly after starting up. It will drop its root
188 privileges once it's done everything that requires root access; most
189 commonly, you run Fossil as root to allow it to bind to TCP port 80
190 for HTTP service, since normal users are restricted to ports 1024
191 and up on OSes where this behavior occurs.
192
193 Fossil uses the owner of the Fossil repository file as its new user
194 ID when dropping root privileges.
195
196 When this happens, Fossil needs to have all of its dependencies
197 inside the chroot jail. There are several things you typically need
198 in order to make things work properly:
199
200 <ul>
201 <li>the repository file(s)
202
203 <li><tt>/dev/null</tt> — create it with <tt>mknod(8)</tt>
204 inside the jail directory
205
206 <li><tt>/dev/urandom</tt> — ditto
207
208 <li>any shared libraries your <tt>fossil</tt> binary is linked
209 to, such as <tt>/lib/libssl.so</tt>; consider building Fossil as a
210 static binary to avoid this
211 </ul>
212 </blockquote>
213
214 <blockquote>
215 Fossil does all of this in order to protect the host OS. There is
216 no way to bypass it, on purpose.
217 </blockquote>
218
219
220 <h2 id="loadmgmt">Managing Server Load</h2>
221
222 <blockquote>
223 A Fossil server is very efficient and normally presents a very light
224
225 DDED www/server/any/cgi.md
226 DDED www/server/any/inetd.md
227 DDED www/server/any/none.md
228 DDED www/server/any/scgi.md
229 DDED www/server/any/xinetd.md
A www/server/any/cgi.md
+1
--- a/www/server/any/cgi.md
+++ b/www/server/any/cgi.md
@@ -0,0 +1 @@
1
+# Serving via Some
--- a/www/server/any/cgi.md
+++ b/www/server/any/cgi.md
@@ -0,0 +1 @@
 
--- a/www/server/any/cgi.md
+++ b/www/server/any/cgi.md
@@ -0,0 +1 @@
1 # Serving via Some
A www/server/any/inetd.md
+13
--- a/www/server/any/inetd.md
+++ b/www/server/any/inetd.md
@@ -0,0 +1,13 @@
1
+# Serving via inetd
2
+
3
+A Fossil server can be launched on-demand by `inetd` by using the
4
+[`fossil http`](/help/http) command. To do so, add a line like the
5
+following to its configuration file, typically `/etc/inetd.conf`:
6
+
7
+ 80 stream tcp nowait.1000 root /usr/bin/fossil /usr/bin/fossil http /home/fossil/repo.fossil
8
+
9
+In this example, you are telling `inetd` that when an incoming
10
+connection appears on TCP port 80 that it should launch the program
11
+`/usr/bin/fossil` with the arguments shown. Obviously you will need to
12
+modify the pathnames for your particular setup. The final argument is
13
+either the name of the fossil repository to be served or a dserver.wi
--- a/www/server/any/inetd.md
+++ b/www/server/any/inetd.md
@@ -0,0 +1,13 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
--- a/www/server/any/inetd.md
+++ b/www/server/any/inetd.md
@@ -0,0 +1,13 @@
1 # Serving via inetd
2
3 A Fossil server can be launched on-demand by `inetd` by using the
4 [`fossil http`](/help/http) command. To do so, add a line like the
5 following to its configuration file, typically `/etc/inetd.conf`:
6
7 80 stream tcp nowait.1000 root /usr/bin/fossil /usr/bin/fossil http /home/fossil/repo.fossil
8
9 In this example, you are telling `inetd` that when an incoming
10 connection appears on TCP port 80 that it should launch the program
11 `/usr/bin/fossil` with the arguments shown. Obviously you will need to
12 modify the pathnames for your particular setup. The final argument is
13 either the name of the fossil repository to be served or a dserver.wi
A www/server/any/none.md
+41
--- a/www/server/any/none.md
+++ b/www/server/any/none.md
@@ -0,0 +1,41 @@
1
+# Standalone HTTP Server
2
+
3
+The easiest way to set up a Fossil server is to use either the
4
+[`server`](/help/server) or [`ui`](/help/ui) command:
5
+
6
+* **fossil server** _REPOSITORY_
7
+* **fossil ui** _REPOSITORY_
8
+
9
+The _REPOSITORY_ argument is either the name of the repository file or a
10
+directory containing many repositories named “`*.fossil`”. Both of these
11
+commands start a Fossil server, usually on TCP port 8080, though a
12
+higher numbered port will be used instead if 8080 is already occupied.
13
+
14
+You can access these using URLs of the form **http://localhost:8080/**,
15
+or if _REPOSITORY_ is a directory, URLs of the form
16
+**http://localhost:8080/**_repo_**/** where _repo_ is the base name of
17
+the repository file without the “`.fossil`” suffix.
18
+
19
+There are several key differences between “`ui`” and “`server`”:
20
+
21
+* “`ui`” always binds the server to the loopback IP address (127.0.0.1)
22
+ so that it cannot serve to other machines.
23
+
24
+* Anyone who visits this URL is treated as the all-powerful Setup
25
+ user, which is why th first difference exists.
26
+
27
+* “`ui`” launches a local web browser pointed at this URL.
28
+
29
+You can omit the _REPOSITORY_ argument if you run one of the above
30
+commands from within a Fossil checkout directory to s $ foss# Standalone HTTP Server
31
+
32
+The easiest way to set up a Fossil server is to use either the
33
+[`server`](/help/server) or [`ui`](/help/ui) command:
34
+
35
+* **fossil server** _REPOSITORY_
36
+* **fossil ui** _REPOSITORY_
37
+
38
+The _REPOSITORY_ argument is either the name of the repository file or a
39
+directory containing many repositories named “`*.fossil`”. Both of these
40
+commands start a Fossil server, usually on TCP port 8080, though a
41
+higher numbered port will be use
--- a/www/server/any/none.md
+++ b/www/server/any/none.md
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
--- a/www/server/any/none.md
+++ b/www/server/any/none.md
@@ -0,0 +1,41 @@
1 # Standalone HTTP Server
2
3 The easiest way to set up a Fossil server is to use either the
4 [`server`](/help/server) or [`ui`](/help/ui) command:
5
6 * **fossil server** _REPOSITORY_
7 * **fossil ui** _REPOSITORY_
8
9 The _REPOSITORY_ argument is either the name of the repository file or a
10 directory containing many repositories named “`*.fossil`”. Both of these
11 commands start a Fossil server, usually on TCP port 8080, though a
12 higher numbered port will be used instead if 8080 is already occupied.
13
14 You can access these using URLs of the form **http://localhost:8080/**,
15 or if _REPOSITORY_ is a directory, URLs of the form
16 **http://localhost:8080/**_repo_**/** where _repo_ is the base name of
17 the repository file without the “`.fossil`” suffix.
18
19 There are several key differences between “`ui`” and “`server`”:
20
21 * “`ui`” always binds the server to the loopback IP address (127.0.0.1)
22 so that it cannot serve to other machines.
23
24 * Anyone who visits this URL is treated as the all-powerful Setup
25 user, which is why th first difference exists.
26
27 * “`ui`” launches a local web browser pointed at this URL.
28
29 You can omit the _REPOSITORY_ argument if you run one of the above
30 commands from within a Fossil checkout directory to s $ foss# Standalone HTTP Server
31
32 The easiest way to set up a Fossil server is to use either the
33 [`server`](/help/server) or [`ui`](/help/ui) command:
34
35 * **fossil server** _REPOSITORY_
36 * **fossil ui** _REPOSITORY_
37
38 The _REPOSITORY_ argument is either the name of the repository file or a
39 directory containing many repositories named “`*.fossil`”. Both of these
40 commands start a Fossil server, usually on TCP port 8080, though a
41 higher numbered port will be use
A www/server/any/scgi.md
+3
--- a/www/server/any/scgi.md
+++ b/www/server/any/scgi.md
@@ -0,0 +1,3 @@
1
+# Serving via SCGI
2
+
3
+There e
--- a/www/server/any/scgi.md
+++ b/www/server/any/scgi.md
@@ -0,0 +1,3 @@
 
 
 
--- a/www/server/any/scgi.md
+++ b/www/server/any/scgi.md
@@ -0,0 +1,3 @@
1 # Serving via SCGI
2
3 There e
A www/server/any/xinetd.md
+24
--- a/www/server/any/xinetd.md
+++ b/www/server/any/xinetd.md
@@ -0,0 +1,24 @@
1
+# Serving via xinetd
2
+
3
+Some operating systems have replaced the old Unix `inetd` daemon with
4
+`xinetd`, which has a similar mission but with a very different
5
+configuration file format.
6
+
7
+The typical configuration file is either `/etc/xinetd.conf` or a subfile
8
+in the `/etc/xinetd.d` directory. You need a configuration something
9
+like this for Fossil:
10
+
11
+ service http
12
+ {
13
+ port = 80
14
+ socket_type = stream
15
+ wait = no
16
+ e = stream
17
+ wait = server = /usr/bin/fossil
18
+ server_args = ht }
19
+
20
+This example configures Fossil to serve multiple repositories under the
21
+`/home/fossil/repos/` directory.
22
+
23
+Beyond this, see the general commentary in our article on [the `inetd`
24
+method](./inetd.md) as they also apply to service via `xinetd`.
--- a/www/server/any/xinetd.md
+++ b/www/server/any/xinetd.md
@@ -0,0 +1,24 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
--- a/www/server/any/xinetd.md
+++ b/www/server/any/xinetd.md
@@ -0,0 +1,24 @@
1 # Serving via xinetd
2
3 Some operating systems have replaced the old Unix `inetd` daemon with
4 `xinetd`, which has a similar mission but with a very different
5 configuration file format.
6
7 The typical configuration file is either `/etc/xinetd.conf` or a subfile
8 in the `/etc/xinetd.d` directory. You need a configuration something
9 like this for Fossil:
10
11 service http
12 {
13 port = 80
14 socket_type = stream
15 wait = no
16 e = stream
17 wait = server = /usr/bin/fossil
18 server_args = ht }
19
20 This example configures Fossil to serve multiple repositories under the
21 `/home/fossil/repos/` directory.
22
23 Beyond this, see the general commentary in our article on [the `inetd`
24 method](./inetd.md) as they also apply to service via `xinetd`.

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button