commit - d073d3f60f917a66668a92017476c06a397d486d
commit + f96f8ec1ff084359c6bfac2340274c608a46100c
blob - 5e33bc0ee069b151d1b27dbb3d468a34214bab3b
blob + 50e0dd82cd72677cbe351f1088f2643126122517
--- git-repository.5.html
+++ git-repository.5.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 21579685020a15a499e032ccbb75d2e716603f3f
blob + 6c71739282b60bc0b3631fb7915dd626687cc8aa
--- gitwrapper.1.html
+++ gitwrapper.1.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 1ef15f1cac40c76f943067cfa3136d7757c3890e
blob + 5d88a220f172d44fef4448d9543af7dd2a350305
--- got-worktree.5.html
+++ got-worktree.5.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - c055824c1c5dac4a80d98d10483555eeae3355c7
blob + 1c061b37bfb88a39b9173edc19c735aa4956aa39
--- got.1.html
+++ got.1.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - e781d863e4573f7712764bda8072ebdd6caa6292
blob + 01c141e915d81b3a3e3458ade3476712a2c38640
--- got.conf.5.html
+++ got.conf.5.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 569bec9adfe527a96c118f4dd0c133f33e9e0961
blob + d6ac463f48a47207fff2a634ffa76745e56f8436
--- gotadmin.1.html
+++ gotadmin.1.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 55d09dc50b63fe586fc6dfdc2863fd1bea44e5d1
blob + a08e8d85eb04e13db66c17007696b09401b8d0fe
--- gotctl.8.html
+++ gotctl.8.html
<dt id="stop"><a class="permalink" href="#stop"><code class="Cm">stop</code></a></dt>
<dd>Stop a running <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>
instance. This operation requires root privileges.</dd>
+ <dt id="reload"><a class="permalink" href="#reload"><code class="Cm">reload</code></a>
+ [<code class="Fl">-c</code> <var class="Ar">config-file</var>]
+ [<code class="Fl">-n</code>] [<code class="Fl">-s</code>
+ <var class="Ar">secrets</var>]</dt>
+ <dd>Reload a running <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>
+ instance. <a class="Xr" aria-label="gotd, section 8">gotd(8)</a> will
+ relaunch with an updated configuration read from the provided
+ configuration files. The previous instance of
+ <a class="Xr" aria-label="gotd, section 8">gotd(8)</a> will continue to
+ serve existing client connections and then exit.
+ <p class="Pp">This operation requires root privileges.</p>
+ <p class="Pp">The options for <code class="Cm">gotctl reload</code> are as
+ follows:</p>
+ <dl class="Bl-tag">
+ <dt id="f~2"><a class="permalink" href="#f~2"><code class="Fl">-f</code></a>
+ <var class="Ar">config-file</var></dt>
+ <dd>Set the path to the configuration file. If not specified, the file
+ <span class="Pa">/etc/gotd.conf</span> will be used.</dd>
+ <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+ <dd>Only check the configuration files for validity.</dd>
+ <dt id="s"><a class="permalink" href="#s"><code class="Fl">-s</code></a>
+ <var class="Ar">secrets</var></dt>
+ <dd>Set the path to the secrets file. If not specified, the file
+ <span class="Pa">/etc/gotd-secrets.conf</span> will be used if it
+ exists.</dd>
+ </dl>
+ </dd>
</dl>
</section>
<section class="Sh">
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 536274a37c082b3c13fcde345ac3f977e9d83b32
blob + 2a2e66577c192eef4968869e22d20f85a9973d0d
--- gotd-secrets.conf.5.html
+++ gotd-secrets.conf.5.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 9679b17f0199552d0a3f8f8c8525945716c6934c
blob + bd5a32dbb3a7047484c8b303c04317edcb257fc3
--- gotd.8.html
+++ gotd.8.html
<a class="Xr" aria-label="git-repository, section 5">git-repository(5)</a>,
<a class="Xr" aria-label="gotd.conf, section 5">gotd.conf(5)</a>
<a class="Xr" aria-label="gotd-secrets.conf, section
- 5">gotd-secrets.conf(5)</a></p>
+ 5">gotd-secrets.conf(5)</a>, <a class="Xr" aria-label="gotctl, section
+ 8">gotctl(8)</a></p>
</section>
<section class="Sh">
<h2 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h2>
that use the sha256 object ID hashing algorithm because
<code class="Nm">gotd</code> does not yet support version 2 of the Git
network protocol.</p>
+<p class="Pp"><code class="Nm">gotd</code> cannot honour the SIGHUP signal
+ because the <span class="Pa">/etc/gotd-secrets.conf</span> file is only
+ readable by root, and <code class="Nm">gotd</code> runs entirely without
+ root privileges after initial startup. The configuration of a running
+ <code class="Nm">gotd</code> instance can be reloaded by running
+ <code class="Cm">gotctl reload</code> as root.</p>
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 4db32bcfdcd80210f923f45bf6c2c4eda47c43f9
blob + 145badb241270ccf4b3191b112de41fe47135988
--- gotd.conf.5.html
+++ gotd.conf.5.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - c2f938054d79808d62298be53d9d214744b9a44a
blob + fe77c71b732a2dc08f3d4f12861823feec144e46
--- gotsh.1.html
+++ gotsh.1.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - 9119c73f3a75f1676f0c2e4e12f65b89fde502ba
blob + 94fd997f9780754d96106acf354e7baedf2f3ab8
--- gotwebd.8.html
+++ gotwebd.8.html
<li>Optionally, the run-time behaviour of <code class="Nm">gotwebd</code> can
be configured via the <a class="Xr" aria-label="gotwebd.conf, section
5">gotwebd.conf(5)</a> configuration file.</li>
- <li id="not">Git repositories must be created at a suitable location inside
- the web server's <a class="Xr" aria-label="chroot, section
- 2">chroot(2)</a> environment. These repositories should
- <a class="permalink" href="#not"><i class="Em">not</i></a> be writable by
- the user ID shared between <code class="Nm">gotwebd</code> and
- <a class="Xr" aria-label="httpd, section 8">httpd(8)</a>. The default
- location for repositories published by <code class="Nm">gotwebd</code> is
+ <li id="not">Git repositories must be created. These repositories may reside
+ anywhere in the filesystem and must be readable, but should
+ <a class="permalink" href="#not"><i class="Em">not</i></a> be writable, by
+ the user <code class="Nm">gotwebd</code> runs as. The default location for
+ repositories published by <code class="Nm">gotwebd</code> is
<span class="Pa">/var/www/got/public</span>.</li>
- <li>Git repositories served by <code class="Nm">gotwebd</code> should be kept
- up-to-date with a mechanism such as <code class="Cm">got fetch</code>,
+ <li>If the Git repositories served by <code class="Nm">gotwebd</code> do not
+ receive changes from committers directly, they need to be kept up-to-date
+ with a mechanism such as <code class="Cm">got fetch</code>,
<a class="Xr" aria-label="git-fetch, section 1">git-fetch(1)</a>, or
<a class="Xr" aria-label="rsync, section 1">rsync(1)</a>, scheduled by
<a class="Xr" aria-label="cron, section 8">cron(8)</a>.</li>
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - /dev/null
blob + ae9d8dd4e23144df7c27cff91656b1d53b6aa07f (mode 644)
--- /dev/null
+++ gotsys.1.html
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="mandoc.css" type="text/css" media="all"/>
+ <title>GOTSYS(1)</title>
+</head>
+<!-- This is an automatically generated file. Do not edit.
+ Copyright (c) 2025 Stefan Sperling
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ -->
+<body>
+<div class="head" role="doc-pageheader" aria-label="Manual header
+ line"><span class="head-ltitle">GOTSYS(1)</span>
+ <span class="head-vol">General Commands Manual</span>
+ <span class="head-rtitle">GOTSYS(1)</span></div>
+<main class="manual-text">
+<section class="Sh">
+<h2 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h2>
+<p class="Pp"><code class="Nm">gotsys</code> —
+ <span class="Nd" role="doc-subtitle">manage
+ <a class="Xr" aria-label="gotsys.conf, section
+ 5">gotsys.conf(5)</a></span></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h2>
+<table class="Nm">
+ <tr>
+ <td><code class="Nm">gotsys</code></td>
+ <td>[<code class="Fl">-hV</code>] <var class="Ar">command</var>
+ [<var class="Ar">arg ...</var>]</td>
+ </tr>
+</table>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h2>
+<p class="Pp"><code class="Nm">gotsys</code> performs tasks involving the
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a>
+ configuration file consumed by <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a>.</p>
+<p class="Pp">The options for <code class="Nm">gotsys</code> are as follows:</p>
+<dl class="Bl-tag">
+ <dt id="h"><a class="permalink" href="#h"><code class="Fl">-h</code></a></dt>
+ <dd>Display usage information and exit immediately.</dd>
+ <dt id="V"><a class="permalink" href="#V"><code class="Fl">-V</code></a>,
+ <code class="Fl">--version</code></dt>
+ <dd>Display program version and exit immediately.</dd>
+</dl>
+<p class="Pp">The commands for <code class="Nm">gotsys</code> are as
+ follows:</p>
+<dl class="Bl-tag">
+ <dt id="apply"><a class="permalink" href="#apply"><code class="Cm">apply</code></a>
+ [<code class="Fl">-c</code> <var class="Ar">commit</var>]
+ [<code class="Fl">-f</code> <var class="Ar">socket</var>]
+ [<code class="Fl">-r</code> <var class="Ar">repository-path</var>]
+ [<var class="Ar">file</var>]</dt>
+ <dd>Trigger system configuration tasks based on the
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a>
+ configuration <var class="Ar">file</var> found in the
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> system
+ repository. If no <var class="Ar">file</var> argument is specified, the
+ file path <span class="Pa">gotsys.conf</span> will be used.
+ <p class="Pp" id="system">Usually, <a class="Xr" aria-label="gotd, section
+ 8">gotd(8)</a> will trigger system configuration tasks whenever a new
+ version of <a class="Xr" aria-label="gotsys.conf, section
+ 5">gotsys.conf(5)</a> is sent to the <a class="Xr" aria-label="gotsysd,
+ section 8">gotsysd(8)</a>
+ <a class="permalink" href="#system"><i class="Em">system
+ repository</i></a>. If system configuration fails or causes problems for
+ any reason, system administrators with shell access to the server can
+ use <code class="Ic">gotsys apply</code> to reconfigure the system back
+ into a working state.</p>
+ <p class="Pp"><code class="Ic">gotsys apply</code> requires on-disk read
+ access to the <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a> system repository, as well as access to the
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> unix
+ socket. By default, only the root and _gotd users have the required
+ access permissions.</p>
+ <p class="Pp">The options for <code class="Cm">gotsys apply</code> are as
+ follows:</p>
+ <dl class="Bl-tag">
+ <dt id="c"><a class="permalink" href="#c"><code class="Fl">-c</code></a>
+ <var class="Ar">commit</var></dt>
+ <dd>Obtain the <a class="Xr" aria-label="gotsys.conf, section
+ 5">gotsys.conf(5)</a> configuration <var class="Ar">file</var> from
+ the specified <var class="Ar">commit</var>.
+ <p class="Pp">The expected <var class="Ar">commit</var> argument is a
+ commit ID, or a reference name or a keyword which will be resolved
+ to a commit ID. An abbreviated hash argument will be expanded to a
+ full commit ID automatically, provided the abbreviation is
+ unique.</p>
+ <p class="Pp">If no <var class="Ar">commit</var> is specified, a commit
+ corresponding to the repository's HEAD reference will be used.</p>
+ </dd>
+ <dt id="f"><a class="permalink" href="#f"><code class="Fl">-f</code></a>
+ <var class="Ar">socket</var></dt>
+ <dd>Set the path to the unix <var class="Ar">socket</var> which
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> is
+ listening on. If not specified, the path
+ <span class="Pa">/var/run/gotsysd.sock</span> will be used.</dd>
+ <dt id="r"><a class="permalink" href="#r"><code class="Fl">-r</code></a>
+ <var class="Ar">repository-path</var></dt>
+ <dd>Use the repository at the specified path. If not specified, the
+ repository path <span class="Pa">/git/gotsys.git</span> will be
+ used.</dd>
+ </dl>
+ </dd>
+ <dt id="check"><a class="permalink" href="#check"><code class="Cm">check</code></a>
+ [<code class="Fl">-q</code>] [<code class="Fl">-f</code>
+ <var class="Ar">file</var>]</dt>
+ <dd>Read a <a class="Xr" aria-label="gotsys.conf, section
+ 5">gotsys.conf(5)</a> configuration <var class="Ar">file</var> and report
+ any errors. If no <var class="Ar">file</var> is specified, the file
+ <span class="Pa">gotsys.conf</span> in the current working directory will
+ be read.
+ <p class="Pp"><code class="Ic">gotsys check</code> is intended to be used by
+ administrators who manage a <a class="Xr" aria-label="gotd, section
+ 8">gotd(8)</a> server remotely by committing changes to
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a>.
+ Files which do not pass <code class="Ic">gotsys check</code> will be
+ rejected by the server. Running <code class="Ic">gotsys check</code>
+ before committing changes to <a class="Xr" aria-label="gotsys.conf,
+ section 5">gotsys.conf(5)</a> is therefore recommended.</p>
+ <p class="Pp">The options for <code class="Cm">gotsys check</code> are as
+ follows:</p>
+ <dl class="Bl-tag">
+ <dt id="f~2"><a class="permalink" href="#f~2"><code class="Fl">-f</code></a>
+ <var class="Ar">file</var></dt>
+ <dd>The path to the configuration <var class="Ar">file</var> to read. A
+ hyphen (-) can be used to read standard input: <code class="Cm">gotsys
+ check -f -</code></dd>
+ <dt id="q"><a class="permalink" href="#q"><code class="Fl">-q</code></a></dt>
+ <dd>Stay silent on standard output. Only report errors.</dd>
+ </dl>
+ </dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="EXIT_STATUS"><a class="permalink" href="#EXIT_STATUS">EXIT
+ STATUS</a></h2>
+<p class="Pp">The <code class="Nm">gotsys</code> utility exits 0 on
+ success, and >0 if an error occurs.</p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
+ ALSO</a></h2>
+<p class="Pp"><a class="Xr" aria-label="gotsys.conf, section
+ 5">gotsys.conf(5)</a>, <a class="Xr" aria-label="gotd, section
+ 8">gotd(8)</a>, <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h2>
+<p class="Pp"><span class="An">Stefan Sperling</span>
+ <<a class="Mt" href="mailto:stsp@openbsd.org">stsp@openbsd.org</a>></p>
+</section>
+</main>
+<div class="foot" role="doc-pagefooter" aria-label="Manual footer
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
+</body>
+</html>
blob - ad69c4f642071037a54fcb1fe1e8e428af05d7c6
blob + 629185abf19409d7972d8b30d28f1c4b537c9410
--- gotwebd.conf.5.html
+++ gotwebd.conf.5.html
<pre>lan_addr = "192.168.0.1"
listen on $lan_addr port 9090</pre>
</div>
-<p class="Pp">Paths mentioned in <code class="Nm">gotwebd.conf</code> must be
- relative to <span class="Pa">/var/www</span>, the
- <a class="Xr" aria-label="chroot, section 2">chroot(2)</a> environment of
- <a class="Xr" aria-label="httpd, section 8">httpd(8)</a>.</p>
</section>
<section class="Sh">
<h2 class="Sh" id="GLOBAL_CONFIGURATION"><a class="permalink" href="#GLOBAL_CONFIGURATION">GLOBAL
<dd>Set the path to the <a class="Xr" aria-label="chroot, section
2">chroot(2)</a> environment of <a class="Xr" aria-label="httpd, section
8">httpd(8)</a>. If not specified, it defaults to
- <span class="Pa">/var/www</span>, the home directory of the www user.</dd>
+ <span class="Pa">/var/www</span>, the home directory of the www user.
+ Setting the <var class="Ar">path</var> to <span class="Pa">/</span>
+ effectively disables chroot.</dd>
<dt id="listen"><a class="permalink" href="#listen"><code class="Ic">listen
on</code></a> <var class="Ar">address</var> <code class="Ic">port</code>
<var class="Ar">number</var></dt>
on socket</code></a> <var class="Ar">path</var></dt>
<dd>Configure a <span class="Ux">UNIX</span>-domain socket for incoming
FastCGI connections. May be specified multiple times to build up a list of
- listening sockets.</dd>
+ listening sockets.
+ <p class="Pp">While the specified <var class="Ar">path</var> must be
+ absolute, it should usually point inside the web server's chroot
+ directory such that the web server can access the socket.</p>
+ </dd>
<dt id="prefork"><a class="permalink" href="#prefork"><code class="Ic">prefork</code></a>
<var class="Ar">number</var></dt>
<dd>Run the specified number of server processes.
<var class="Ar">user</var></dt>
<dd>Set the <var class="Ar">user</var> which will run
<a class="Xr" aria-label="gotwebd, section 8">gotwebd(8)</a>. If not
+ specified, the user _gotwebd will be used.</dd>
+ <dt id="www"><a class="permalink" href="#www"><code class="Ic">www
+ user</code></a> <var class="Ar">user</var></dt>
+ <dd>Set the <var class="Ar">user</var> which runs
+ <a class="Xr" aria-label="httpd, section 8">httpd(8)</a>. Needed to ensure
+ that the web server can access UNIX-domain sockets created by
+ <a class="Xr" aria-label="gotwebd, section 8">gotwebd(8)</a>. If not
specified, the user www will be used.</dd>
</dl>
<p class="Pp">If no <code class="Ic">listen</code> directive is used,
<var class="Ar">path</var></dt>
<dd>Set the path to a custom Cascading Style Sheet (CSS) to be used. If this
option is not specified then the default style sheet
- ‘gotweb.css’ will be used.</dd>
+ ‘gotweb.css’ will be used.
+ <p class="Pp">This path must be valid in the web server's URL space since
+ browsers will attempt to fetch it.</p>
+ </dd>
<dt id="logo"><a class="permalink" href="#logo"><code class="Ic">logo</code></a>
<var class="Ar">path</var></dt>
<dd>Set the path to an image file containing a logo to be displayed. Defaults
- to ‘got.png’.</dd>
+ to ‘got.png’.
+ <p class="Pp">This path must be valid in the web server's URL space since
+ browsers will attempt to fetch it.</p>
+ </dd>
<dt id="logo_url"><a class="permalink" href="#logo_url"><code class="Ic">logo_url</code></a>
<var class="Ar">url</var></dt>
<dd>Set a hyperlink for the logo. Defaults to
<dt id="repos_path"><a class="permalink" href="#repos_path"><code class="Ic">repos_path</code></a>
<var class="Ar">path</var></dt>
<dd>Set the path to the directory which contains Git repositories that the
- server should publish. Defaults to <span class="Pa">/got/public</span>
- under the chroot.</dd>
+ server should publish. This path is absolute. Repositories can be served
+ even if they reside outside the web server's chroot directory.
+ <p class="Pp">Defaults to <span class="Pa">/got/public</span> inside the web
+ server's chroot directory. The <code class="Cm">chroot</code> directive
+ must be used before the server declaration in order to take effect.</p>
+ </dd>
<dt id="respect_exportok"><a class="permalink" href="#respect_exportok"><code class="Ic">respect_exportok</code></a>
<var class="Ar">on</var> | <var class="Ar">off</var></dt>
<dd>Set whether to display the repository only if it contains the magic
<h2 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h2>
<p class="Pp">A sample configuration:</p>
<div class="Bd Pp Bd-indent Li">
-<pre>server "localhost" {
+<pre>www user "www" # www username needs quotes since www is a keyword
+
+server "localhost" {
site_name "my public repos"
site_owner "Flan Hacker"
site_link "Flan' Projects"
}</pre>
</div>
<p class="Pp">Another example, this time listening on a local port instead of
- the implicit <span class="Ux">UNIX</span> socket.</p>
+ the implicit <span class="Ux">UNIX</span> socket, and serving repositories
+ located outside the web server's chroot:</p>
<div class="Bd Pp Bd-indent Li">
<pre>listen on 127.0.0.1 port 9000
listen on ::1 port 9000
server "localhost" {
- site_name "my public repos"
+ site_name "my public repos"
+ repos_path "/var/git"
}</pre>
</div>
</section>
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
blob - /dev/null
blob + 1533d4ae7d0064b07c5ebef2554084c377d4c227 (mode 644)
--- /dev/null
+++ gotsys.conf.5.html
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="mandoc.css" type="text/css" media="all"/>
+ <title>GOTSYS.CONF(5)</title>
+</head>
+<!-- This is an automatically generated file. Do not edit.
+ Copyright (c) 2024 Stefan Sperling <stsp@openbsd.org>
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ -->
+<body>
+<div class="head" role="doc-pageheader" aria-label="Manual header
+ line"><span class="head-ltitle">GOTSYS.CONF(5)</span>
+ <span class="head-vol">File Formats Manual</span>
+ <span class="head-rtitle">GOTSYS.CONF(5)</span></div>
+<main class="manual-text">
+<section class="Sh">
+<h2 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h2>
+<p class="Pp"><code class="Nm">gotsys.conf</code> —
+ <span class="Nd" role="doc-subtitle">gotsys configuration file</span></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h2>
+<p class="Pp"><code class="Nm">gotsys.conf</code> provides system configuration
+ information to <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a>.</p>
+<p class="Pp" id="system"><code class="Nm">gotsys.conf</code> allows remote
+ administrators to configure aspects of Git repository services without
+ having shell access to the Git server's operating system. Remote
+ administrators merely need to be granted write access to a special-purpose
+ <a class="permalink" href="#system"><i class="Em">system repository</i></a>
+ hosted by <a class="Xr" aria-label="gotd, section 8">gotd(8)</a> in order to
+ configure Git repository services.</p>
+<p class="Pp">The file format is line-based, with one configuration directive
+ per line. Any lines beginning with a ‘#’ are treated as
+ comments and ignored.</p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="GLOBAL_CONFIGURATION"><a class="permalink" href="#GLOBAL_CONFIGURATION">GLOBAL
+ CONFIGURATION</a></h2>
+<br/>
+<p class="Pp"> The available global configuration directives are as follows:</p>
+<dl class="Bl-tag">
+ <dt id="group"><a class="permalink" href="#group"><code class="Ic">group</code></a>
+ <var class="Ar">name</var></dt>
+ <dd>Declare a group with the given <var class="Ar">name</var>. Users can then
+ be granted membership of this group in order to manage repository access
+ rules on a per-group basis.
+ <p class="Pp">Group names may only contain alphabetic ASCII characters (a-z,
+ A-Z), non-leading digits (0-9), non-leading hyphens (-), non-leading
+ underscores (_), and non-leading periods (.).</p>
+ <p class="Pp">The <var class="Ar">name</var> “anonymous” is
+ reserved for use with the <code class="Ic">permit</code> directive and
+ cannot be used with the <code class="Ic">group</code> directive.</p>
+ <p class="Pp">User and group names which are used for special purposes by
+ the <span class="Ux">OpenBSD</span> system cannot be used in
+ <code class="Nm">gotsys.conf</code>. The current list of reserved names
+ is “build”, “root”, “wheel”,
+ “daemon”, “kmem”, “sys”,
+ “tty”, “operator”, “bin”,
+ “wsrc”, “users”, “auth”,
+ “games”, “staff”, “wobj”,
+ “sshd”, “guest”, “utmp”,
+ “crontab”, “www”, “network”,
+ “authpf”, “dialer”, “nogroup”,
+ and “nobody”.</p>
+ </dd>
+ <dt id="user"><a class="permalink" href="#user"><code class="Ic">user</code></a>
+ <var class="Ar">name</var></dt>
+ <dd>Declare a user which can then be granted access to specific repositories.
+ <p class="Pp">A user must be declared with a unique
+ <var class="Ar">name</var>, followed by user-specific configuration
+ directives inside curly braces:</p>
+ <p class="Pp"><code class="Ic">user</code> <var class="Ar">name</var>
+ {...}</p>
+ <p class="Pp">User names may only contain alphabetic ASCII characters (a-z,
+ A-Z), non-leading digits (0-9), non-leading hyphens (-), non-leading
+ underscores (_), and non-leading periods (.).</p>
+ <p class="Pp">The <var class="Ar">name</var> “anonymous” is
+ reserved for use with the <code class="Ic">permit</code> directive and
+ cannot be used with the <code class="Ic">user</code> directive.</p>
+ <p class="Pp">User and group names used for special purposes by the
+ <span class="Ux">OpenBSD</span> system cannot be used in
+ <code class="Nm">gotsys.conf</code>. The list of reserved user names is
+ the same as documented above for the <code class="Ic">group</code>
+ directive.</p>
+ <p class="Pp">When a user's declaration is removed from
+ <code class="Nm">gotsys.conf</code> the server account password will be
+ locked, and any previously installed authorized keys will be removed,
+ rendering the account inaccessible. The account can be made accessible
+ again by restoring the user's <code class="Nm">gotsys.conf</code>
+ entry.</p>
+ <p class="Pp">The available <code class="Cm">user</code> parameters are as
+ follows:</p>
+ <dl class="Bl-tag">
+ <dt id="group~2"><a class="permalink" href="#group~2"><code class="Ic">group</code></a>
+ <var class="Ar">group</var></dt>
+ <dd>Make the user a member of the given <var class="Ar">group</var>. This
+ directive may be specified multiple times to add the user to multiple
+ groups. All groups listed here must already have been declared with
+ the <code class="Ic">group</code> directive.</dd>
+ <dt id="password"><a class="permalink" href="#password"><code class="Ic">password</code></a>
+ <var class="Ar">string</var></dt>
+ <dd>Set a password for the user. The <var class="Ar">string</var> argument
+ must be an encrypted password string, as generated by OpenBSD's
+ <a class="Xr" aria-label="encrypt, section 1">encrypt(1)</a> command.
+ If not specified, password-based authentication will be disabled for
+ this user.</dd>
+ <dt id="authorized"><a class="permalink" href="#authorized"><code class="Ic">authorized</code></a>
+ <code class="Ic">key</code> <var class="Ar">type</var>
+ <var class="Ar">key</var> [<var class="Ar">comment</var>]</dt>
+ <dd>Allow the user to authenticate with an SSH public key.
+ <p class="Pp">The list of arguments consist of the following
+ space-separated fields: the key <var class="Ar">type</var>, the
+ base64-encoded <var class="Ar">key</var>, and an optional
+ <var class="Ar">comment</var>. These arguments will usually
+ correspond to the contents of an
+ <span class="Pa">id_ecdsa.pub</span>,
+ <span class="Pa">id_ecdsa_sk.pub</span>,
+ <span class="Pa">id_ed25519.pub</span>,
+ <span class="Pa">id_ed25519_sk.pub</span>, or
+ <span class="Pa">id_rsa.pub</span> file provided by the user.</p>
+ <p class="Pp">The supported key types are:</p>
+ <p class="Pp"></p>
+ <ul class="Bl-item Bd-indent Bl-compact">
+ <li>sk-ecdsa-sha2-nistp256@openssh.com</li>
+ <li>ecdsa-sha2-nistp256</li>
+ <li>ecdsa-sha2-nistp384</li>
+ <li>ecdsa-sha2-nistp521</li>
+ <li>sk-ssh-ed25519@openssh.com</li>
+ <li>ssh-ed25519</li>
+ <li>ssh-rsa</li>
+ </ul>
+ <p class="Pp">The optional <var class="Ar">comment</var> is not used for
+ anything, but may be convenient for the user to identify the
+ key.</p>
+ <p class="Pp">The <code class="Ic">authorized</code>
+ <code class="Ic">key</code> directive may be specified multiple
+ times to allow the user to authenticate with any of the specified
+ keys.</p>
+ <p class="Pp" id="sk-ssh-ed25519@openssh.com">Two-factor authentication
+ with FIDO keys can be enforced by only adding keys of type
+ <a class="permalink" href="#sk-ssh-ed25519@openssh.com"><i class="Em">sk-ssh-ed25519@openssh.com</i></a>
+ or
+ <a class="permalink" href="#sk-ecdsa-sha2-nistp256@openssh.com"><i class="Em" id="sk-ecdsa-sha2-nistp256@openssh.com">sk-ecdsa-sha2-nistp256@openssh.com</i></a>.</p>
+ </dd>
+ </dl>
+ </dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="REPOSITORY_CONFIGURATION"><a class="permalink" href="#REPOSITORY_CONFIGURATION">REPOSITORY
+ CONFIGURATION</a></h2>
+<p class="Pp">Repositories declared in <code class="Nm">gotsys.conf</code> will
+ be created on the server if they do not already exist. Each repository must
+ be given a unique <var class="Ar">name</var>, followed by
+ repository-specific configuration directives inside curly braces:</p>
+<p class="Pp"><code class="Ic">repository</code> <var class="Ar">name</var>
+ {...}</p>
+<p class="Pp">Repository names may only contain alphabetic ASCII characters
+ (a-z, A-Z), non-leading digits (0-9), non-leading hyphens (-), non-leading
+ underscores (_), and non-leading periods (.).</p>
+<p class="Pp">For each repository, access rules must be configured using the
+ <code class="Ic">permit</code> and <code class="Ic">deny</code>
+ configuration directives. Multiple access rules can be specified, and the
+ last matching rule determines the action taken. If no rule matches, access
+ to the repository is denied.</p>
+<p class="Pp">The available repository configuration directives are as
+ follows:</p>
+<dl class="Bl-tag">
+ <dt id="head"><a class="permalink" href="#head"><code class="Ic">head</code></a>
+ <var class="Ar">branch</var></dt>
+ <dd>Point the repository's symbolic <span class="Pa">HEAD</span> reference at
+ the specified <var class="Ar">branch</var>. If not specified,
+ <span class="Pa">HEAD</span> will point at the branch
+ “main”, regardless of whether this branch actually exists in
+ the repository.
+ <p class="Pp">If <span class="Pa">HEAD</span> points at a non-existent
+ branch then clients may fail to clone the repository because they rely
+ on <span class="Pa">HEAD</span> to determine which branch to fetch by
+ default.</p>
+ </dd>
+ <dt id="deny"><a class="permalink" href="#deny"><code class="Ic">deny</code></a>
+ <var class="Ar">identity</var></dt>
+ <dd>Deny repository access to users with the username
+ <var class="Ar">identity</var>. Group names may be matched by prepending a
+ colon (‘:’) to <var class="Ar">identity</var>.</dd>
+ <dt id="permit"><a class="permalink" href="#permit"><code class="Ic">permit</code></a>
+ <var class="Ar">mode</var> <var class="Ar">identity</var></dt>
+ <dd>Permit repository access to users with the username
+ <var class="Ar">identity</var>. The <var class="Ar">mode</var> argument
+ must be set to either <code class="Ic">ro</code> for read-only access, or
+ <code class="Ic">rw</code> for read-write access. Group names may be
+ matched by prepending a colon (‘:’) to
+ <var class="Ar">identity</var>.
+ <p class="Pp">The special user <var class="Ar">identity</var>
+ “anonymous” can be used when public read-only access to
+ repositories over SSH is desired. The anonymous user has an empty
+ password, cannot use an SSH public key, and can only be granted
+ read-only access.</p>
+ </dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h2>
+<div class="Bd Bd-indent Li">
+<pre>group developers
+group porters
+
+user flan_hacker {
+ password "$2b$08$CFWp/ZC.DQi34.iHBgRzBerTzEGB9WY9tDN1CLCbPUpGC.fmNi4Ea"
+ group developers
+}
+
+user flan_squee {
+ group porters
+ authorized key ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAQ2ZWscmMeCYLwm07gDSf0jApFJ58bMNxiErDqUrFz4
+}
+
+repository "src" {
+ permit rw :developers
+ permit ro anonymous
+}
+
+repository "openbsd/ports" {
+ permit rw :porters
+ permit ro anonymous
+ deny flan_hacker
+
+}
+
+repository "secret" {
+ permit rw flan_hacker
+ head "refs/heads/private"
+}</pre>
+</div>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
+ ALSO</a></h2>
+<p class="Pp"><a class="Xr" aria-label="got, section 1">got(1)</a>,
+ <a class="Xr" aria-label="gotsys, section 1">gotsys(1)</a>,
+ <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>,
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="CAVEATS"><a class="permalink" href="#CAVEATS">CAVEATS</a></h2>
+<p class="Pp">There is no way to rename or delete repositories via
+ <code class="Nm">gotsys.conf</code>. Existing repositories that are no
+ longer mentioned in <code class="Nm">gotsys.conf</code> will be
+ inaccessible, as if they had been declared without any access rules.</p>
+</section>
+</main>
+<div class="foot" role="doc-pagefooter" aria-label="Manual footer
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
+</body>
+</html>
blob - /dev/null
blob + c9a90f7e25f17dd40dfeaae3616a67d26209819c (mode 644)
--- /dev/null
+++ gotsysctl.8.html
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="mandoc.css" type="text/css" media="all"/>
+ <title>GOTSYSCTL(8)</title>
+</head>
+<!-- This is an automatically generated file. Do not edit.
+ Copyright (c) 2025 Stefan Sperling
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ -->
+<body>
+<div class="head" role="doc-pageheader" aria-label="Manual header
+ line"><span class="head-ltitle">GOTSYSCTL(8)</span>
+ <span class="head-vol">System Manager's Manual</span>
+ <span class="head-rtitle">GOTSYSCTL(8)</span></div>
+<main class="manual-text">
+<section class="Sh">
+<h2 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h2>
+<p class="Pp"><code class="Nm">gotsysctl</code> —
+ <span class="Nd" role="doc-subtitle">control the Game of Trees System
+ Daemon</span></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h2>
+<table class="Nm">
+ <tr>
+ <td><code class="Nm">gotsysctl</code></td>
+ <td>[<code class="Fl">-hV</code>] [<code class="Fl">-f</code>
+ <var class="Ar">path</var>] <var class="Ar">command</var>
+ [<var class="Ar">arg ...</var>]</td>
+ </tr>
+</table>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h2>
+<p class="Pp"><code class="Nm">gotsysctl</code> controls the
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> daemon.</p>
+<p class="Pp"><code class="Nm">gotsysctl</code> connects to the
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> unix socket,
+ sends a command, and displays the response from
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a>. Access to the
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> unix socket is
+ restricted to specific user accounts, see
+ <a class="Xr" aria-label="gotsysd.conf, section 5">gotsysd.conf(5)</a>.</p>
+<p class="Pp">The options for <code class="Nm">gotsysctl</code> are as
+ follows:</p>
+<dl class="Bl-tag">
+ <dt id="h"><a class="permalink" href="#h"><code class="Fl">-h</code></a></dt>
+ <dd>Display usage information and exit immediately.</dd>
+ <dt id="f"><a class="permalink" href="#f"><code class="Fl">-f</code></a>
+ <var class="Ar">path</var></dt>
+ <dd>Set the <var class="Ar">path</var> to the unix socket which
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> is listening
+ on. If not specified, the path
+ <span class="Pa">/var/run/gotsysd.sock</span> will be used.</dd>
+ <dt id="V"><a class="permalink" href="#V"><code class="Fl">-V</code></a>,
+ <code class="Fl">--version</code></dt>
+ <dd>Display program version and exit immediately.</dd>
+</dl>
+<p class="Pp">The commands for <code class="Nm">gotsysctl</code> are as
+ follows:</p>
+<dl class="Bl-tag">
+ <dt id="info"><a class="permalink" href="#info"><code class="Cm">info</code></a></dt>
+ <dd>Display information about a running <a class="Xr" aria-label="gotsysd,
+ section 8">gotsysd(8)</a> instance.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
+ ALSO</a></h2>
+<p class="Pp"><a class="Xr" aria-label="gotsys.conf, section
+ 5">gotsys.conf(5)</a>, <a class="Xr" aria-label="gotsysd.conf, section
+ 5">gotsysd.conf(5)</a>, <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h2>
+<p class="Pp"><span class="An">Stefan Sperling</span>
+ <<a class="Mt" href="mailto:stsp@openbsd.org">stsp@openbsd.org</a>></p>
+</section>
+</main>
+<div class="foot" role="doc-pagefooter" aria-label="Manual footer
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
+</body>
+</html>
blob - /dev/null
blob + 58d5196966920f2cf37b9acc646db59272109f54 (mode 644)
--- /dev/null
+++ gotsysd.8.html
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="mandoc.css" type="text/css" media="all"/>
+ <title>GOTSYSD(8)</title>
+</head>
+<!-- This is an automatically generated file. Do not edit.
+ Copyright (c) 2024 Stefan Sperling <stsp@openbsd.org>
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ -->
+<body>
+<div class="head" role="doc-pageheader" aria-label="Manual header
+ line"><span class="head-ltitle">GOTSYSD(8)</span>
+ <span class="head-vol">System Manager's Manual</span>
+ <span class="head-rtitle">GOTSYSD(8)</span></div>
+<main class="manual-text">
+<section class="Sh">
+<h2 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h2>
+<p class="Pp"><code class="Nm">gotsysd</code> —
+ <span class="Nd" role="doc-subtitle">Game of Trees System Daemon</span></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h2>
+<table class="Nm">
+ <tr>
+ <td><code class="Nm">gotsysd</code></td>
+ <td>[<code class="Fl">-dnv</code>] [<code class="Fl">-f</code>
+ <var class="Ar">config-file</var>]</td>
+ </tr>
+</table>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h2>
+<p class="Pp"><code class="Nm">gotsysd</code> manages the system configuration
+ of a Git repository server running <a class="Xr" aria-label="gotd, section
+ 8">gotd(8)</a>.</p>
+<p class="Pp" id="system"><code class="Nm">gotsysd</code> allows remote
+ administrators to configure aspects of Git repository services without
+ having shell access to the Git server's operating system. Remote
+ administrators merely need to be granted write access to a special-purpose
+ <a class="permalink" href="#system"><i class="Em">system repository</i></a>
+ called <span class="Pa">gotsys.git</span> in order to configure Git
+ repository services.</p>
+<p class="Pp">Tasks carried out by <code class="Nm">gotsysd</code> include the
+ creation of Git repositores to be served by <a class="Xr" aria-label="gotd,
+ section 8">gotd(8)</a>, and the creation of user accounts which use the
+ <a class="Xr" aria-label="gotsh, section 1">gotsh(1)</a> shell to access
+ <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>. The desired system
+ configuration is described by the file
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a> in the
+ system repository.</p>
+<p class="Pp">The <code class="Nm">gotsysd</code> configuration file format is
+ described in <a class="Xr" aria-label="gotsysd.conf, section
+ 5">gotsysd.conf(5)</a>. <code class="Nm">gotsysd</code> can be run without a
+ configuration file, using default settings.</p>
+<p class="Pp"><code class="Nm">gotsysd</code> listens on a
+ <a class="Xr" aria-label="unix, section 4">unix(4)</a> socket for
+ notifications issued by <a class="Xr" aria-label="gotd, section
+ 8">gotd(8)</a>, and for commands issued via
+ <a class="Xr" aria-label="gotsysctl, section 8">gotsysctl(8)</a>.
+ <a class="Xr" aria-label="gotd, section 8">gotd(8)</a> notifications are
+ sent when a remote administrator modifies the file
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a> in the
+ system repository.</p>
+<p class="Pp">Only the users root and _gotd are granted access to the
+ <code class="Nm">gotsysd</code> unix socket by default. Alternative access
+ rules can be configured in <a class="Xr" aria-label="gotsysd.conf, section
+ 5">gotsysd.conf(5)</a>.</p>
+<p class="Pp">The options for <code class="Nm">gotsysd</code> are as
+ follows:</p>
+<dl class="Bl-tag">
+ <dt id="d"><a class="permalink" href="#d"><code class="Fl">-d</code></a></dt>
+ <dd>Do not daemonize. Send log output to stderr.</dd>
+ <dt id="f"><a class="permalink" href="#f"><code class="Fl">-f</code></a>
+ <var class="Ar">config-file</var></dt>
+ <dd>Set the path to the configuration file. If not specified, the file
+ <span class="Pa">/etc/gotsysd.conf</span> will be used. This file is not
+ required to exist.</dd>
+ <dt id="n"><a class="permalink" href="#n"><code class="Fl">-n</code></a></dt>
+ <dd>Configtest mode. Only check the configuration file for validity.</dd>
+ <dt id="v"><a class="permalink" href="#v"><code class="Fl">-v</code></a></dt>
+ <dd>Verbose mode. Verbosity increases if this option is used multiple
+ times.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h2>
+<dl class="Bl-tag Bl-compact">
+ <dt><span class="Pa">/etc/gotsysd.conf</span></dt>
+ <dd>Default location of the configuration file.</dd>
+ <dt><span class="Pa">/git</span></dt>
+ <dd>Default directory containing Git repositories managed by
+ <code class="Nm">gotsysd</code>. This path can be configured in
+ <a class="Xr" aria-label="gotsysd.conf, section
+ 5">gotsysd.conf(5)</a>.</dd>
+ <dt><span class="Pa">/var/db/gotsysd</span></dt>
+ <dd>The directory where <code class="Nm">gotsysd</code> stores persistent
+ state. Files in this directory are opened with exclusive locks, ensuring
+ that only one instance of <code class="Nm">gotsysd</code> runs on a given
+ <span class="Ux">OpenBSD</span> system.</dd>
+ <dt><span class="Pa">/var/run/gotsysd.sock</span></dt>
+ <dd>Default location of the unix socket which <code class="Nm">gotsysd</code>
+ is listening on. This path can be configured in
+ <a class="Xr" aria-label="gotsysd.conf, section
+ 5">gotsysd.conf(5)</a>.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
+ ALSO</a></h2>
+<p class="Pp"><a class="Xr" aria-label="got, section 1">got(1)</a>,
+ <a class="Xr" aria-label="gotsh, section 1">gotsh(1)</a>,
+ <a class="Xr" aria-label="gotsys, section 1">gotsys(1)</a>,
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a>,
+ <a class="Xr" aria-label="gotsysd.conf, section 5">gotsysd.conf(5)</a>,
+ <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>,
+ <a class="Xr" aria-label="gotsysctl, section 8">gotsysctl(8)</a></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h2>
+<p class="Pp"><span class="An">Stefan Sperling</span>
+ <<a class="Mt" href="mailto:stsp@openbsd.org">stsp@openbsd.org</a>></p>
+</section>
+</main>
+<div class="foot" role="doc-pagefooter" aria-label="Manual footer
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
+</body>
+</html>
blob - /dev/null
blob + e22dbbebf09658a95b99c06fbd6de581aaf4f8d4 (mode 644)
--- /dev/null
+++ gotsysd.conf.5.html
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="mandoc.css" type="text/css" media="all"/>
+ <title>GOTSYSD.CONF(5)</title>
+</head>
+<!-- This is an automatically generated file. Do not edit.
+ Copyright (c) 2024 Stefan Sperling <stsp@openbsd.org>
+
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ -->
+<body>
+<div class="head" role="doc-pageheader" aria-label="Manual header
+ line"><span class="head-ltitle">GOTSYSD.CONF(5)</span>
+ <span class="head-vol">File Formats Manual</span>
+ <span class="head-rtitle">GOTSYSD.CONF(5)</span></div>
+<main class="manual-text">
+<section class="Sh">
+<h2 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h2>
+<p class="Pp"><code class="Nm">gotsysd.conf</code> —
+ <span class="Nd" role="doc-subtitle">gotsysd configuration file</span></p>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h2>
+<p class="Pp"><code class="Nm">gotsysd.conf</code> is the run-time configuration
+ file for <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a>.</p>
+<p class="Pp">nhe file format is line-based, with one configuration directive
+ per line. Comments can be put anywhere in the file using a hash mark
+ (‘#’), and extend to the end of the current line. Arguments
+ names not beginning with a letter, digit or underscore, as well as reserved
+ words (such as <code class="Ic">listen</code>,
+ <code class="Ic">repository</code> <span class="No">or</span>
+ <code class="Ic">user</code>), must be quoted. Arguments containing
+ whitespace should be surrounded by double quotes (").</p>
+<p class="Pp">Macros can be defined that are later expanded in context. Macro
+ names must start with a letter, digit, or underscore, and may contain any of
+ those characters, but may not be reserved words. Macros are not expanded
+ inside quotes. For example:</p>
+<div class="Bd Pp Bd-indent Li">
+<pre>path = "/var/run/gotsysd.sock"
+listen on $path</pre>
+</div>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="GLOBAL_CONFIGURATION"><a class="permalink" href="#GLOBAL_CONFIGURATION">GLOBAL
+ CONFIGURATION</a></h2>
+<br/>
+<p class="Pp"> The available global configuration directives are as follows:</p>
+<dl class="Bl-tag">
+ <dt id="gotd"><a class="permalink" href="#gotd"><code class="Ic">gotd</code></a>
+ <code class="Ic">user</code> <var class="Ar">user</var></dt>
+ <dd>The name of the <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>
+ user account. Defauls to “_gotd”.
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> will switch
+ to this user account as needed.</dd>
+ <dt id="listen"><a class="permalink" href="#listen"><code class="Ic">listen
+ on</code></a> <var class="Ar">path</var></dt>
+ <dd>Set the path to the unix socket which <a class="Xr" aria-label="gotsysd,
+ section 8">gotsysd(8)</a> should listen on. If not specified, the path
+ <span class="Pa">/var/run/gotsysd.sock</span> will be used.</dd>
+ <dt id="permit"><a class="permalink" href="#permit"><code class="Ic">permit</code></a>
+ <var class="Ar">identity</var></dt>
+ <dd>Permit <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> unix
+ socket access to users with the username <var class="Ar">identity</var>.
+ Group names may be matched by prepending a colon (‘:’) to
+ <var class="Ar">identity</var>. Numeric IDs are also accepted.
+ <p class="Pp">Multiple <code class="Ic">permit</code> rules can be
+ specified.</p>
+ <p class="Pp">If no <code class="Ic">permit</code> rule is specified, the
+ users root and _gotd are granted access by default.</p>
+ </dd>
+ <dt id="repository"><a class="permalink" href="#repository"><code class="Ic">repository</code></a>
+ <code class="Ic">directory</code> <var class="Ar">path</var></dt>
+ <dd>Set the path to the repository directory within which Git repositories
+ will be created and managed by <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a>. This repository directory must be owned by and be
+ exclusively accessible to the <a class="Xr" aria-label="gotd, section
+ 8">gotd(8)</a> user.
+ <p class="Pp">If not specified, the path <span class="Pa">/git</span> will
+ be used.</p>
+ </dd>
+ <dt id="uid"><a class="permalink" href="#uid"><code class="Ic">uid
+ range</code></a> <var class="Ar">start</var> <var class="Ar">end</var></dt>
+ <dd>Set the start and end (inclusive) of the range from which
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> will allocate
+ user and group IDs when creating user accounts specified in
+ <a class="Xr" aria-label="gotsys.conf, section 5">gotsys.conf(5)</a>. The
+ <var class="Ar">start</var> of this range must be greater than 1000 and
+ must be smaller than the <var class="Ar">end</var>.
+ <p class="Pp">The default range is 5000 to 5999.</p>
+ </dd>
+ <dt id="user"><a class="permalink" href="#user"><code class="Ic">user</code></a>
+ <var class="Ar">user</var></dt>
+ <dd>Set the <var class="Ar">user</var> which will run
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a>. Initially,
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a> requires root
+ privileges. Afterwards, <a class="Xr" aria-label="gotsysd, section
+ 8">gotsysd(8)</a> partly drops privileges to its own
+ <var class="Ar">user</var> and to the <a class="Xr" aria-label="gotd,
+ section 8">gotd(8)</a> user. If not specified, the user _gotsysd will be
+ used. Numeric user IDs are also accepted.</dd>
+</dl>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h2>
+<p class="Pp">The following example shows default settings:</p>
+<div class="Bd Pp Bd-indent Li">
+<pre>user _gotsysd
+gotd user _gotd
+listen on "/var/run/gotsysd.sock"
+repository directory "/git"
+uid range 5000 5999</pre>
+</div>
+</section>
+<section class="Sh">
+<h2 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
+ ALSO</a></h2>
+<p class="Pp"><a class="Xr" aria-label="got, section 1">got(1)</a>,
+ <a class="Xr" aria-label="gotd, section 8">gotd(8)</a>,
+ <a class="Xr" aria-label="gotsysd, section 8">gotsysd(8)</a></p>
+</section>
+</main>
+<div class="foot" role="doc-pagefooter" aria-label="Manual footer
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
+</body>
+</html>
blob - 00a4a0957eadf47f6a8a7abe9c37189abb8aa0bd
blob + b2fb5d89179d7cdd96f0184f420e363c893418b7
--- manual.html
+++ manual.html
<li><a href="got.conf.5.html">got.conf</a> — Game of Trees configuration file
<li><a href="got-worktree.5.html">got-worktree</a> — Got work tree format
<li><a href="git-repository.5.html">git-repository</a> — Git repository format
+<li><a href="gotsys.1.html">got</a> — manage gotsys.conf
+<li><a href="gotsys.conf.5.html">got</a> — gotsys configuration file
</ul>
Manual pages installed by the <code>gotwebd</code> package:
<ul>
<li><a href="gotctl.8.html">gotctl</a> — control the Game of Trees Daemon
<li><a href="gotsh.1.html">gotsh</a> — Game of Trees Shell
</ul>
+Manual pages installed by the <code>gotsysd</code> package:
+<ul>
+<li><a href="gotsysd.conf.5.html">gotctl</a> — gotsysd configuration file
+<li><a href="gotsysd.8.html">gotctl</a> — Game of Trees System Daemon
+<li><a href="gotsysctl.8.html">gotctl</a> — control the Game of Trees System Daemon
+</ul>
Manual pages installed by the <code>gitwrapper</code> package:
<ul>
<li><a href="gitwrapper.1.html">gitwrapper</a> — invoke an appropriate Git repository server
blob - ced357b461836747a86cfe0cdc10369f11496efd
blob + aa9d8da208eb871b28baa1bf280176804f12bf04
--- sync-man.sh
+++ sync-man.sh
gotsh/gotsh.1 \
gotctl/gotctl.8 \
gitwrapper/gitwrapper.1 \
+ gotsysd/gotsysd.8 gotsysd/gotsysd.conf.5 gotsysctl/gotsysctl.8 \
+ gotsys/gotsys.1 gotsys/gotsys.conf.5 \
; do
mandoc -T html -O style=mandoc.css "$workdir/$f" > ./${f##*/}.html
done
blob - fbe4a7ba93657ebb7dd095baafbda4e0f5f3bd12
blob + 88f654eeb0ae03cf19858cba35814e0f8e8a83ba
--- tog.1.html
+++ tog.1.html
</section>
</main>
<div class="foot" role="doc-pagefooter" aria-label="Manual footer
- line"><span class="foot-left"></span><span class="foot-date">February 14,
- 2025</span> <span class="foot-os">OpenBSD 7.6</span></div>
+ line"><span class="foot-left"></span><span class="foot-date">April 22,
+ 2025</span> <span class="foot-os">OpenBSD 7.7</span></div>
</body>
</html>
