xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
Clone URLs: https://code.reversed.top/user/xaizek/rocketgit ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 local master
Commit b42d3dd5947ae9bcf3994854219e759d93abcafa

samples updated
Author: Catalin(ux) M. BOIE
Author date (UTC): 2018-08-29 21:32
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2018-08-29 21:32
Parent(s): f26097f046666d3ab5ca96e69f6fc458188a33ed
Signing key:
Tree: b36a6284ddfc8994f93c9f0f9e987ed8d387d1c2
File Lines added Lines deleted
samples/nginx.conf 17 8
samples/php-fpm.conf 1 1
samples/pool.conf 1 1
samples/rg.conf 5 5
samples/rocketgit-fpm.service 3 1
File samples/nginx.conf changed (mode: 100644) (index f73ece0..c4a7885)
... ... server {
6 6 server_tokens off; server_tokens off;
7 7 root /usr/share/rocketgit/root; root /usr/share/rocketgit/root;
8 8
9 tcp_nopush on;
10 sendfile on;
11
9 12 # TODO - is ok in this context? # TODO - is ok in this context?
10 13 client_max_body_size 1000m; client_max_body_size 1000m;
11 14 # more than that is written into a file first # more than that is written into a file first
 
... ... server {
36 39 } }
37 40
38 41 location / { location / {
39 gzip off;
42 gzip on;
43 #gzip_comp_level 6;
44 gzip_types text/plain text/xml text/css text/javascript application/javascript application/x-javascript;
40 45
41 46 # To be able to know that the client closed the connection # To be able to know that the client closed the connection
42 47 # TODO: equivalent for apache? # TODO: equivalent for apache?
 
... ... server {
51 56 include /etc/nginx/fastcgi_params; include /etc/nginx/fastcgi_params;
52 57 fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name;
53 58
54 fastcgi_pass unix:/run/php-fpm/rocketgit.sock;
59 fastcgi_pass unix:/run/rocketgit-fpm/rocketgit.sock;
55 60 } }
56 61 } }
57 62
 
... ... server {
63 68 server_tokens off; server_tokens off;
64 69 root /usr/share/rocketgit/root; root /usr/share/rocketgit/root;
65 70
66 # TODO - is ok in this context?
71 tcp_nopush on;
72 sendfile on;
73
74 # TODO - is ok in this context? You can put 0 for no limit.
67 75 client_max_body_size 1000m; client_max_body_size 1000m;
68 76 # more than that is written into a file first # more than that is written into a file first
69 77 client_body_buffer_size 128k; client_body_buffer_size 128k;
 
... ... server {
94 102 } }
95 103
96 104 location / { location / {
97 gzip off;
105 gzip on;
106 #gzip_comp_level 6;
107 gzip_types text/plain text/xml text/css text/javascript application/javascript application/x-javascript;
98 108
99 109 # To be able to know that the client closed the connection # To be able to know that the client closed the connection
100 110 # TODO: equivalent for apache? # TODO: equivalent for apache?
 
... ... server {
109 119 include /etc/nginx/fastcgi_params; include /etc/nginx/fastcgi_params;
110 120 fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root/index.php$fastcgi_script_name;
111 121
112 fastcgi_pass unix:/run/php-fpm/rocketgit.sock;
122 fastcgi_pass unix:/run/rocketgit-fpm/rocketgit.sock;
113 123 } }
114 124
115 125 ssl_certificate /etc/pki/tls/certs/localhost.crt; ssl_certificate /etc/pki/tls/certs/localhost.crt;
 
... ... server {
119 129 # https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm # https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm
120 130 ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"; ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
121 131 ssl_protocols TLSv1.2; ssl_protocols TLSv1.2;
122 ssl_session_cache shared:SSL:1m;
123 ssl_session_timeout 5m;
132 ssl_session_cache shared:SSL:10m;
133 ssl_session_timeout 120m;
124 134
125 135 # https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning # https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning
126 136 # To generate pin-sha256 string: openssl s_client -servername <server> -connect <server>:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 # To generate pin-sha256 string: openssl s_client -servername <server> -connect <server>:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
127 137 # add_header Public-Key-Pins "pin-sha256=\"base64+primary==\"; pin-sha256=\"base64+backup==\"; max-age=5184000; includeSubDomains; report-uri=\"https://www.example.org/hpkp-report\"" # add_header Public-Key-Pins "pin-sha256=\"base64+primary==\"; pin-sha256=\"base64+backup==\"; max-age=5184000; includeSubDomains; report-uri=\"https://www.example.org/hpkp-report\""
128 138 # add_header Public-Key-Pins-Report-Only ... # to not block users! # add_header Public-Key-Pins-Report-Only ... # to not block users!
129
130 139 } }
File samples/php-fpm.conf changed (mode: 100644) (index d10ccea..4f8492e)
... ... include=/etc/rocketgit/pool.conf
17 17 [global] [global]
18 18 ; Pid file ; Pid file
19 19 ; Default Value: none ; Default Value: none
20 pid = /run/php-fpm/rocketgit.pid
20 pid = /run/rocketgit-fpm/rocketgit.pid
21 21
22 22 ; Error log file ; Error log file
23 23 ; If it's set to "syslog", log is sent to syslogd instead of being written ; If it's set to "syslog", log is sent to syslogd instead of being written
File samples/pool.conf changed (mode: 100644) (index 7fd6bd9..84d98cf)
... ... group = rocketgit
36 36 ; (IPv6 and IPv4-mapped) on a specific port; ; (IPv6 and IPv4-mapped) on a specific port;
37 37 ; '/path/to/unix/socket' - to listen on a unix socket. ; '/path/to/unix/socket' - to listen on a unix socket.
38 38 ; Note: This value is mandatory. ; Note: This value is mandatory.
39 listen = /run/php-fpm/rocketgit.sock
39 listen = /run/rocketgit-fpm/rocketgit.sock
40 40
41 41 ; Set listen(2) backlog. ; Set listen(2) backlog.
42 42 ; Default Value: 65535 ; Default Value: 65535
File samples/rg.conf changed (mode: 100644) (index 3fd84f1..a9bcdd8)
65 65 DeflateBufferSize 81920 DeflateBufferSize 81920
66 66
67 67 <FilesMatch "\.php$"> <FilesMatch "\.php$">
68 SetHandler "proxy:unix:/run/php-fpm/rocketgit.sock|fcgi://localhost"
68 SetHandler "proxy:unix:/run/rocketgit-fpm/rocketgit.sock|fcgi://localhost"
69 69 </FilesMatch> </FilesMatch>
70 70 </VirtualHost> </VirtualHost>
71 71
 
91 91 #LogLevel rewrite:trace8 #LogLevel rewrite:trace8
92 92
93 93 # Allow .ico, 'themes' folder and robots.txt # Allow .ico, 'themes' folder and robots.txt
94 RewriteCond %{REQUEST_URI} ^/(favicon\.ico|themes/.*|robots\.txt|\.well-known/.*)$
94 RewriteCond %{REQUEST_URI} ^/(favicon\.ico|themes/.*|robots\.txt|\.well-known/.*)$ [nocase]
95 95 RewriteRule .* - [last] RewriteRule .* - [last]
96 96
97 97 # Force the use of only one name even if we have more aliases. # Force the use of only one name even if we have more aliases.
98 98 # https://httpd.apache.org/docs/2.4/rewrite/remapping.html # https://httpd.apache.org/docs/2.4/rewrite/remapping.html
99 #RewriteCond expr "%{HTTP_HOST} != %{SERVER_NAME}"
100 #RewriteRule "^/?(.*)" "https://%{SERVER_NAME}:%{SERVER_PORT}/$1" [last,redirect=301,noescape]
99 #RewriteCond expr "%{HTTP_HOST} != %{SERVER_NAME}" [nocase]
100 #RewriteRule "^/?(.*)" "https://%{SERVER_NAME}:%{SERVER_PORT}/$1" [last,redirect=301,noescape,nocase]
101 101
102 102 # all rest # all rest
103 103 RewriteRule (.*) /index.php [last] RewriteRule (.*) /index.php [last]
 
151 151 DeflateBufferSize 81920 DeflateBufferSize 81920
152 152
153 153 <FilesMatch "\.php$"> <FilesMatch "\.php$">
154 SetHandler "proxy:unix:/run/php-fpm/rocketgit.sock|fcgi://localhost"
154 SetHandler "proxy:unix:/run/rocketgit-fpm/rocketgit.sock|fcgi://localhost"
155 155 </FilesMatch> </FilesMatch>
156 156 </VirtualHost> </VirtualHost>
File samples/rocketgit-fpm.service changed (mode: 100644) (index fd285d9..49fb287)
... ... After=syslog.target network.target
12 12
13 13 [Service] [Service]
14 14 Type=notify Type=notify
15 PIDFile=/run/php-fpm/rocketgit.pid
15 PIDFile=/run/rocketgit-fpm/rocketgit.pid
16 16 ExecStart=/usr/sbin/php-fpm --fpm-config /etc/rocketgit/php-fpm.conf ExecStart=/usr/sbin/php-fpm --fpm-config /etc/rocketgit/php-fpm.conf
17 17 ExecReload=/bin/kill -USR2 $MAINPID ExecReload=/bin/kill -USR2 $MAINPID
18 18 PrivateTmp=true PrivateTmp=true
19 RuntimeDirectory=rocketgit-fpm
20 RuntimeDirectoryMode=0755
19 21 #Seems I get a denial #Seems I get a denial
20 22 #NoNewPrivileges=yes #NoNewPrivileges=yes
21 23 Restart=always Restart=always
Hints
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://code.reversed.top/user/xaizek/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a pull request:
... clone the repository ...
... make some changes and some commits ...
git push origin master