commit f96f8ec1ff084359c6bfac2340274c608a46100c from: Stefan Sperling date: Tue Apr 22 14:43:54 2025 UTC sync manual pages commit - d073d3f60f917a66668a92017476c06a397d486d commit + f96f8ec1ff084359c6bfac2340274c608a46100c blob - 5e33bc0ee069b151d1b27dbb3d468a34214bab3b blob + 50e0dd82cd72677cbe351f1088f2643126122517 --- git-repository.5.html +++ git-repository.5.html @@ -215,7 +215,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 21579685020a15a499e032ccbb75d2e716603f3f blob + 6c71739282b60bc0b3631fb7915dd626687cc8aa --- gitwrapper.1.html +++ gitwrapper.1.html @@ -142,7 +142,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 1ef15f1cac40c76f943067cfa3136d7757c3890e blob + 5d88a220f172d44fef4448d9543af7dd2a350305 --- got-worktree.5.html +++ got-worktree.5.html @@ -187,7 +187,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - c055824c1c5dac4a80d98d10483555eeae3355c7 blob + 1c061b37bfb88a39b9173edc19c735aa4956aa39 --- got.1.html +++ got.1.html @@ -3659,7 +3659,7 @@ remote "origin" {
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - e781d863e4573f7712764bda8072ebdd6caa6292 blob + 01c141e915d81b3a3e3458ade3476712a2c38640 --- got.conf.5.html +++ got.conf.5.html @@ -325,7 +325,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 569bec9adfe527a96c118f4dd0c133f33e9e0961 blob + d6ac463f48a47207fff2a634ffa76745e56f8436 --- gotadmin.1.html +++ gotadmin.1.html @@ -439,7 +439,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 55d09dc50b63fe586fc6dfdc2863fd1bea44e5d1 blob + a08e8d85eb04e13db66c17007696b09401b8d0fe --- gotctl.8.html +++ gotctl.8.html @@ -71,6 +71,33 @@
Stop a running gotd(8) instance. This operation requires root privileges.
+
+ [-c config-file] + [-n] [-s + secrets]
+
Reload a running gotd(8) + instance. gotd(8) will + relaunch with an updated configuration read from the provided + configuration files. The previous instance of + gotd(8) will continue to + serve existing client connections and then exit. +

This operation requires root privileges.

+

The options for gotctl reload are as + follows:

+
+
+ config-file
+
Set the path to the configuration file. If not specified, the file + /etc/gotd.conf will be used.
+
+
Only check the configuration files for validity.
+
+ secrets
+
Set the path to the secrets file. If not specified, the file + /etc/gotd-secrets.conf will be used if it + exists.
+
+
@@ -86,7 +113,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 536274a37c082b3c13fcde345ac3f977e9d83b32 blob + 2a2e66577c192eef4968869e22d20f85a9973d0d --- gotd-secrets.conf.5.html +++ gotd-secrets.conf.5.html @@ -112,7 +112,7 @@ repository "openbsd/src" {
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 9679b17f0199552d0a3f8f8c8525945716c6934c blob + bd5a32dbb3a7047484c8b303c04317edcb257fc3 --- gotd.8.html +++ gotd.8.html @@ -127,7 +127,8 @@ git-repository(5), gotd.conf(5) gotd-secrets.conf(5)

+ 5">gotd-secrets.conf(5), gotctl(8)

@@ -140,10 +141,16 @@ that use the sha256 object ID hashing algorithm because gotd does not yet support version 2 of the Git network protocol.

+

gotd cannot honour the SIGHUP signal + because the /etc/gotd-secrets.conf file is only + readable by root, and gotd runs entirely without + root privileges after initial startup. The configuration of a running + gotd instance can be reloaded by running + gotctl reload as root.

February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 4db32bcfdcd80210f923f45bf6c2c4eda47c43f9 blob + 145badb241270ccf4b3191b112de41fe47135988 --- gotd.conf.5.html +++ gotd.conf.5.html @@ -499,7 +499,7 @@ connection {
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - c2f938054d79808d62298be53d9d214744b9a44a blob + fe77c71b732a2dc08f3d4f12861823feec144e46 --- gotsh.1.html +++ gotsh.1.html @@ -157,7 +157,7 @@
February 14, - 2025 OpenBSD 7.6
+ line">April 22, + 2025 OpenBSD 7.7 blob - 9119c73f3a75f1676f0c2e4e12f65b89fde502ba blob + 94fd997f9780754d96106acf354e7baedf2f3ab8 --- gotwebd.8.html +++ gotwebd.8.html @@ -87,16 +87,15 @@
  • Optionally, the run-time behaviour of gotwebd can be configured via the gotwebd.conf(5) configuration file.
    • -
  • Git repositories must be created at a suitable location inside - the web server's chroot(2) environment. These repositories should - be writable by - the user ID shared between gotwebd and - httpd(8). The default - location for repositories published by gotwebd is +
  • Git repositories must be created. These repositories may reside + anywhere in the filesystem and must be readable, but should + be writable, by + the user gotwebd runs as. The default location for + repositories published by gotwebd is /var/www/got/public.
    • -
  • Git repositories served by gotwebd should be kept - up-to-date with a mechanism such as got fetch, +
  • If the Git repositories served by gotwebd do not + receive changes from committers directly, they need to be kept up-to-date + with a mechanism such as got fetch, git-fetch(1), or rsync(1), scheduled by cron(8).
    • @@ -191,7 +190,7 @@ server "example.com" {
    February 14, - 2025 OpenBSD 7.6
    + line">April 22, + 2025 OpenBSD 7.7 blob - /dev/null blob + ae9d8dd4e23144df7c27cff91656b1d53b6aa07f (mode 644) --- /dev/null +++ gotsys.1.html @@ -0,0 +1,174 @@ + + + + + + + GOTSYS(1) + + + +
    GOTSYS(1) + General Commands Manual + GOTSYS(1)
    +
    +
    +

    +

    gotsys — + manage + gotsys.conf(5)

    +
    +
    +

    + + + + + +
    gotsys[-hV] command + [arg ...]
    +
    +
    +

    +

    gotsys performs tasks involving the + gotsys.conf(5) + configuration file consumed by gotsysd(8).

    +

    The options for gotsys are as follows:

    +
    +
    +
    Display usage information and exit immediately.
    +
    , + --version
    +
    Display program version and exit immediately.
    +
    +

    The commands for gotsys are as + follows:

    +
    +
    + [-c commit] + [-f socket] + [-r repository-path] + [file]
    +
    Trigger system configuration tasks based on the + gotsys.conf(5) + configuration file found in the + gotsysd(8) system + repository. If no file argument is specified, the + file path gotsys.conf will be used. +

    Usually, gotd(8) will trigger system configuration tasks whenever a new + version of gotsys.conf(5) is sent to the gotsysd(8) + . If system configuration fails or causes problems for + any reason, system administrators with shell access to the server can + use gotsys apply to reconfigure the system back + into a working state.

    +

    gotsys apply requires on-disk read + access to the gotsysd(8) system repository, as well as access to the + gotsysd(8) unix + socket. By default, only the root and _gotd users have the required + access permissions.

    +

    The options for gotsys apply are as + follows:

    +
    +
    + commit
    +
    Obtain the gotsys.conf(5) configuration file from + the specified commit. +

    The expected commit argument is a + commit ID, or a reference name or a keyword which will be resolved + to a commit ID. An abbreviated hash argument will be expanded to a + full commit ID automatically, provided the abbreviation is + unique.

    +

    If no commit is specified, a commit + corresponding to the repository's HEAD reference will be used.

    +
    +
    + socket
    +
    Set the path to the unix socket which + gotsysd(8) is + listening on. If not specified, the path + /var/run/gotsysd.sock will be used.
    +
    + repository-path
    +
    Use the repository at the specified path. If not specified, the + repository path /git/gotsys.git will be + used.
    +
    +
    +
    + [-q] [-f + file]
    +
    Read a gotsys.conf(5) configuration file and report + any errors. If no file is specified, the file + gotsys.conf in the current working directory will + be read. +

    gotsys check is intended to be used by + administrators who manage a gotd(8) server remotely by committing changes to + gotsys.conf(5). + Files which do not pass gotsys check will be + rejected by the server. Running gotsys check + before committing changes to gotsys.conf(5) is therefore recommended.

    +

    The options for gotsys check are as + follows:

    +
    +
    + file
    +
    The path to the configuration file to read. A + hyphen (-) can be used to read standard input: gotsys + check -f -
    +
    +
    Stay silent on standard output. Only report errors.
    +
    +
    +
    +
    +
    +

    +

    The gotsys utility exits 0 on + success, and >0 if an error occurs.

    +
    +
    +

    +

    gotsys.conf(5), gotd(8), gotsysd(8)

    +
    +
    +

    +

    Stefan Sperling + <stsp@openbsd.org>

    +
    +
    +
    April 22, + 2025 OpenBSD 7.7
    + + blob - ad69c4f642071037a54fcb1fe1e8e428af05d7c6 blob + 629185abf19409d7972d8b30d28f1c4b537c9410 --- gotwebd.conf.5.html +++ gotwebd.conf.5.html @@ -52,10 +52,6 @@ 
    lan_addr = "192.168.0.1"
 listen on $lan_addr port 9090
    -

    Paths mentioned in gotwebd.conf must be - relative to /var/www, the - chroot(2) environment of - httpd(8).

    chroot(2) environment of httpd(8). If not specified, it defaults to - /var/www, the home directory of the www user.
    + /var/www, the home directory of the www user. + Setting the path to / + effectively disables chroot.
    address port number
    @@ -81,7 +79,11 @@ listen on $lan_addr port 9090 on socket path
    Configure a UNIX-domain socket for incoming FastCGI connections. May be specified multiple times to build up a list of - listening sockets.
    + listening sockets. +

    While the specified path must be + absolute, it should usually point inside the web server's chroot + directory such that the web server can access the socket.

    +
    number
    Run the specified number of server processes. @@ -91,6 +93,13 @@ listen on $lan_addr port 9090 user
    Set the user which will run gotwebd(8). If not + specified, the user _gotwebd will be used.
    +
    user
    +
    Set the user which runs + httpd(8). Needed to ensure + that the web server can access UNIX-domain sockets created by + gotwebd(8). If not specified, the user www will be used.

    If no listen directive is used, @@ -119,11 +128,17 @@ listen on $lan_addr port 9090 path

    Set the path to a custom Cascading Style Sheet (CSS) to be used. If this option is not specified then the default style sheet - ‘gotweb.css’ will be used.
    + ‘gotweb.css’ will be used. +

    This path must be valid in the web server's URL space since + browsers will attempt to fetch it.

    +
    Set the path to an image file containing a logo to be displayed. Defaults - to ‘got.png’.
    + to ‘got.png’. +

    This path must be valid in the web server's URL space since + browsers will attempt to fetch it.

    +
    url
    Set a hyperlink for the logo. Defaults to @@ -140,8 +155,12 @@ listen on $lan_addr port 9090
    path
    Set the path to the directory which contains Git repositories that the - server should publish. Defaults to /got/public - under the chroot.
    + server should publish. This path is absolute. Repositories can be served + even if they reside outside the web server's chroot directory. +

    Defaults to /got/public inside the web + server's chroot directory. The chroot directive + must be used before the server declaration in order to take effect.

    +
    on | off
    Set whether to display the repository only if it contains the magic @@ -214,20 +233,24 @@ owner = "Your Name"

    A sample configuration:

    -
    server "localhost" {
+
    www user "www"   # www username needs quotes since www is a keyword
+
+server "localhost" {
 	site_name	"my public repos"
 	site_owner	"Flan Hacker"
 	site_link	"Flan' Projects"
 }

    Another example, this time listening on a local port instead of - the implicit UNIX socket.

    + the implicit UNIX socket, and serving repositories + located outside the web server's chroot:

    listen on 127.0.0.1 port 9000
 listen on ::1 port 9000
 
 server "localhost" {
-	site_name "my public repos"
+	site_name	"my public repos"
+	repos_path	"/var/git"
 }

    @@ -242,7 +265,7 @@ server "localhost" {
    February 14, - 2025 OpenBSD 7.6
    + line">April 22, + 2025 OpenBSD 7.7 blob - /dev/null blob + 1533d4ae7d0064b07c5ebef2554084c377d4c227 (mode 644) --- /dev/null +++ gotsys.conf.5.html @@ -0,0 +1,271 @@ + + + + + + + GOTSYS.CONF(5) + + + +
    GOTSYS.CONF(5) + File Formats Manual + GOTSYS.CONF(5)
    +
    +
    +

    +

    gotsys.conf — + gotsys configuration file

    +
    +
    +

    +

    gotsys.conf provides system configuration + information to gotsysd(8).

    +

    gotsys.conf allows remote + administrators to configure aspects of Git repository services without + having shell access to the Git server's operating system. Remote + administrators merely need to be granted write access to a special-purpose + + hosted by gotd(8) in order to + configure Git repository services.

    +

    The file format is line-based, with one configuration directive + per line. Any lines beginning with a ‘#’ are treated as + comments and ignored.

    +
    +
    +

    +
    +

    The available global configuration directives are as follows:

    +
    +
    + name
    +
    Declare a group with the given name. Users can then + be granted membership of this group in order to manage repository access + rules on a per-group basis. +

    Group names may only contain alphabetic ASCII characters (a-z, + A-Z), non-leading digits (0-9), non-leading hyphens (-), non-leading + underscores (_), and non-leading periods (.).

    +

    The name “anonymous” is + reserved for use with the permit directive and + cannot be used with the group directive.

    +

    User and group names which are used for special purposes by + the OpenBSD system cannot be used in + gotsys.conf. The current list of reserved names + is “build”, “root”, “wheel”, + “daemon”, “kmem”, “sys”, + “tty”, “operator”, “bin”, + “wsrc”, “users”, “auth”, + “games”, “staff”, “wobj”, + “sshd”, “guest”, “utmp”, + “crontab”, “www”, “network”, + “authpf”, “dialer”, “nogroup”, + and “nobody”.

    +
    +
    + name
    +
    Declare a user which can then be granted access to specific repositories. +

    A user must be declared with a unique + name, followed by user-specific configuration + directives inside curly braces:

    +

    user name + {...}

    +

    User names may only contain alphabetic ASCII characters (a-z, + A-Z), non-leading digits (0-9), non-leading hyphens (-), non-leading + underscores (_), and non-leading periods (.).

    +

    The name “anonymous” is + reserved for use with the permit directive and + cannot be used with the user directive.

    +

    User and group names used for special purposes by the + OpenBSD system cannot be used in + gotsys.conf. The list of reserved user names is + the same as documented above for the group + directive.

    +

    When a user's declaration is removed from + gotsys.conf the server account password will be + locked, and any previously installed authorized keys will be removed, + rendering the account inaccessible. The account can be made accessible + again by restoring the user's gotsys.conf + entry.

    +

    The available user parameters are as + follows:

    +
    +
    + group
    +
    Make the user a member of the given group. This + directive may be specified multiple times to add the user to multiple + groups. All groups listed here must already have been declared with + the group directive.
    +
    + string
    +
    Set a password for the user. The string argument + must be an encrypted password string, as generated by OpenBSD's + encrypt(1) command. + If not specified, password-based authentication will be disabled for + this user.
    +
    + key type + key [comment]
    +
    Allow the user to authenticate with an SSH public key. +

    The list of arguments consist of the following + space-separated fields: the key type, the + base64-encoded key, and an optional + comment. These arguments will usually + correspond to the contents of an + id_ecdsa.pub, + id_ecdsa_sk.pub, + id_ed25519.pub, + id_ed25519_sk.pub, or + id_rsa.pub file provided by the user.

    +

    The supported key types are:

    +

    +
      +
    • sk-ecdsa-sha2-nistp256@openssh.com
      • +
    • ecdsa-sha2-nistp256
      • +
    • ecdsa-sha2-nistp384
      • +
    • ecdsa-sha2-nistp521
      • +
    • sk-ssh-ed25519@openssh.com
      • +
    • ssh-ed25519
      • +
    • ssh-rsa
      • +
    +

    The optional comment is not used for + anything, but may be convenient for the user to identify the + key.

    +

    The authorized + key directive may be specified multiple + times to allow the user to authenticate with any of the specified + keys.

    +

    Two-factor authentication + with FIDO keys can be enforced by only adding keys of type + + or + .

    +
    +
    +
    +
    +
    +
    +

    +

    Repositories declared in gotsys.conf will + be created on the server if they do not already exist. Each repository must + be given a unique name, followed by + repository-specific configuration directives inside curly braces:

    +

    repository name + {...}

    +

    Repository names may only contain alphabetic ASCII characters + (a-z, A-Z), non-leading digits (0-9), non-leading hyphens (-), non-leading + underscores (_), and non-leading periods (.).

    +

    For each repository, access rules must be configured using the + permit and deny + configuration directives. Multiple access rules can be specified, and the + last matching rule determines the action taken. If no rule matches, access + to the repository is denied.

    +

    The available repository configuration directives are as + follows:

    +
    + +
    Point the repository's symbolic HEAD reference at + the specified branch. If not specified, + HEAD will point at the branch + “main”, regardless of whether this branch actually exists in + the repository. +

    If HEAD points at a non-existent + branch then clients may fail to clone the repository because they rely + on HEAD to determine which branch to fetch by + default.

    +
    +
    + identity
    +
    Deny repository access to users with the username + identity. Group names may be matched by prepending a + colon (‘:’) to identity.
    +
    + mode identity
    +
    Permit repository access to users with the username + identity. The mode argument + must be set to either ro for read-only access, or + rw for read-write access. Group names may be + matched by prepending a colon (‘:’) to + identity. +

    The special user identity + “anonymous” can be used when public read-only access to + repositories over SSH is desired. The anonymous user has an empty + password, cannot use an SSH public key, and can only be granted + read-only access.

    +
    +
    +
    +
    +

    +
    +
    group developers
+group porters
+
+user flan_hacker {
+	password "$2b$08$CFWp/ZC.DQi34.iHBgRzBerTzEGB9WY9tDN1CLCbPUpGC.fmNi4Ea"
+	group developers
+}
+
+user flan_squee {
+	group porters
+	authorized key ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAQ2ZWscmMeCYLwm07gDSf0jApFJ58bMNxiErDqUrFz4
+}
+
+repository "src" {
+	permit rw :developers
+	permit ro anonymous
+}
+
+repository "openbsd/ports" {
+	permit rw :porters
+	permit ro anonymous
+	deny flan_hacker
+
+}
+
+repository "secret" {
+	permit rw flan_hacker
+	head "refs/heads/private"
+}
    +
    +
    +
    +

    +

    got(1), + gotsys(1), + gotd(8), + gotsysd(8)

    +
    +
    +

    +

    There is no way to rename or delete repositories via + gotsys.conf. Existing repositories that are no + longer mentioned in gotsys.conf will be + inaccessible, as if they had been declared without any access rules.

    +
    +
    +
    April 22, + 2025 OpenBSD 7.7
    + + blob - /dev/null blob + c9a90f7e25f17dd40dfeaae3616a67d26209819c (mode 644) --- /dev/null +++ gotsysctl.8.html @@ -0,0 +1,99 @@ + + + + + + + GOTSYSCTL(8) + + + +
    GOTSYSCTL(8) + System Manager's Manual + GOTSYSCTL(8)
    +
    +
    +

    +

    gotsysctl — + control the Game of Trees System + Daemon

    +
    +
    +

    + + + + + +
    gotsysctl[-hV] [-f + path] command + [arg ...]
    +
    +
    +

    +

    gotsysctl controls the + gotsysd(8) daemon.

    +

    gotsysctl connects to the + gotsysd(8) unix socket, + sends a command, and displays the response from + gotsysd(8). Access to the + gotsysd(8) unix socket is + restricted to specific user accounts, see + gotsysd.conf(5).

    +

    The options for gotsysctl are as + follows:

    +
    +
    +
    Display usage information and exit immediately.
    +
    + path
    +
    Set the path to the unix socket which + gotsysd(8) is listening + on. If not specified, the path + /var/run/gotsysd.sock will be used.
    +
    , + --version
    +
    Display program version and exit immediately.
    +
    +

    The commands for gotsysctl are as + follows:

    +
    +
    +
    Display information about a running gotsysd(8) instance.
    +
    +
    +
    +

    +

    gotsys.conf(5), gotsysd.conf(5), gotsysd(8)

    +
    +
    +

    +

    Stefan Sperling + <stsp@openbsd.org>

    +
    +
    +
    April 22, + 2025 OpenBSD 7.7
    + + blob - /dev/null blob + 58d5196966920f2cf37b9acc646db59272109f54 (mode 644) --- /dev/null +++ gotsysd.8.html @@ -0,0 +1,142 @@ + + + + + + + GOTSYSD(8) + + + +
    GOTSYSD(8) + System Manager's Manual + GOTSYSD(8)
    +
    +
    +

    +

    gotsysd — + Game of Trees System Daemon

    +
    +
    +

    + + + + + +
    gotsysd[-dnv] [-f + config-file]
    +
    +
    +

    +

    gotsysd manages the system configuration + of a Git repository server running gotd(8).

    +

    gotsysd allows remote + administrators to configure aspects of Git repository services without + having shell access to the Git server's operating system. Remote + administrators merely need to be granted write access to a special-purpose + + called gotsys.git in order to configure Git + repository services.

    +

    Tasks carried out by gotsysd include the + creation of Git repositores to be served by gotd(8), and the creation of user accounts which use the + gotsh(1) shell to access + gotd(8). The desired system + configuration is described by the file + gotsys.conf(5) in the + system repository.

    +

    The gotsysd configuration file format is + described in gotsysd.conf(5). gotsysd can be run without a + configuration file, using default settings.

    +

    gotsysd listens on a + unix(4) socket for + notifications issued by gotd(8), and for commands issued via + gotsysctl(8). + gotd(8) notifications are + sent when a remote administrator modifies the file + gotsys.conf(5) in the + system repository.

    +

    Only the users root and _gotd are granted access to the + gotsysd unix socket by default. Alternative access + rules can be configured in gotsysd.conf(5).

    +

    The options for gotsysd are as + follows:

    +
    +
    +
    Do not daemonize. Send log output to stderr.
    +
    + config-file
    +
    Set the path to the configuration file. If not specified, the file + /etc/gotsysd.conf will be used. This file is not + required to exist.
    +
    +
    Configtest mode. Only check the configuration file for validity.
    +
    +
    Verbose mode. Verbosity increases if this option is used multiple + times.
    +
    +
    +
    +

    +
    +
    /etc/gotsysd.conf
    +
    Default location of the configuration file.
    +
    /git
    +
    Default directory containing Git repositories managed by + gotsysd. This path can be configured in + gotsysd.conf(5).
    +
    /var/db/gotsysd
    +
    The directory where gotsysd stores persistent + state. Files in this directory are opened with exclusive locks, ensuring + that only one instance of gotsysd runs on a given + OpenBSD system.
    +
    /var/run/gotsysd.sock
    +
    Default location of the unix socket which gotsysd + is listening on. This path can be configured in + gotsysd.conf(5).
    +
    +
    +
    +

    +

    got(1), + gotsh(1), + gotsys(1), + gotsys.conf(5), + gotsysd.conf(5), + gotd(8), + gotsysctl(8)

    +
    +
    +

    +

    Stefan Sperling + <stsp@openbsd.org>

    +
    +
    +
    April 22, + 2025 OpenBSD 7.7
    + + blob - /dev/null blob + e22dbbebf09658a95b99c06fbd6de581aaf4f8d4 (mode 644) --- /dev/null +++ gotsysd.conf.5.html @@ -0,0 +1,139 @@ + + + + + + + GOTSYSD.CONF(5) + + + +
    GOTSYSD.CONF(5) + File Formats Manual + GOTSYSD.CONF(5)
    +
    +
    +

    +

    gotsysd.conf — + gotsysd configuration file

    +
    +
    +

    +

    gotsysd.conf is the run-time configuration + file for gotsysd(8).

    +

    nhe file format is line-based, with one configuration directive + per line. Comments can be put anywhere in the file using a hash mark + (‘#’), and extend to the end of the current line. Arguments + names not beginning with a letter, digit or underscore, as well as reserved + words (such as listen, + repository or + user), must be quoted. Arguments containing + whitespace should be surrounded by double quotes (").

    +

    Macros can be defined that are later expanded in context. Macro + names must start with a letter, digit, or underscore, and may contain any of + those characters, but may not be reserved words. Macros are not expanded + inside quotes. For example:

    +
    +
    path = "/var/run/gotsysd.sock"
+listen on $path
    +
    +
    +
    +

    +
    +

    The available global configuration directives are as follows:

    +
    +
    + user user
    +
    The name of the gotd(8) + user account. Defauls to “_gotd”. + gotsysd(8) will switch + to this user account as needed.
    +
    path
    +
    Set the path to the unix socket which gotsysd(8) should listen on. If not specified, the path + /var/run/gotsysd.sock will be used.
    +
    + identity
    +
    Permit gotsysd(8) unix + socket access to users with the username identity. + Group names may be matched by prepending a colon (‘:’) to + identity. Numeric IDs are also accepted. +

    Multiple permit rules can be + specified.

    +

    If no permit rule is specified, the + users root and _gotd are granted access by default.

    +
    +
    + directory path
    +
    Set the path to the repository directory within which Git repositories + will be created and managed by gotsysd(8). This repository directory must be owned by and be + exclusively accessible to the gotd(8) user. +

    If not specified, the path /git will + be used.

    +
    +
    start end
    +
    Set the start and end (inclusive) of the range from which + gotsysd(8) will allocate + user and group IDs when creating user accounts specified in + gotsys.conf(5). The + start of this range must be greater than 1000 and + must be smaller than the end. +

    The default range is 5000 to 5999.

    +
    +
    + user
    +
    Set the user which will run + gotsysd(8). Initially, + gotsysd(8) requires root + privileges. Afterwards, gotsysd(8) partly drops privileges to its own + user and to the gotd(8) user. If not specified, the user _gotsysd will be + used. Numeric user IDs are also accepted.
    +
    +
    +
    +

    +

    The following example shows default settings:

    +
    +
    user _gotsysd
+gotd user _gotd
+listen on "/var/run/gotsysd.sock"
+repository directory "/git"
+uid range 5000 5999
    +
    +
    +
    +

    +

    got(1), + gotd(8), + gotsysd(8)

    +
    +
    +
    April 22, + 2025 OpenBSD 7.7
    + + blob - 00a4a0957eadf47f6a8a7abe9c37189abb8aa0bd blob + b2fb5d89179d7cdd96f0184f420e363c893418b7 --- manual.html +++ manual.html @@ -22,6 +22,8 @@ Manual pages installed by the got package
  • got.conf — Game of Trees configuration file
  • got-worktree — Got work tree format
  • git-repository — Git repository format +
  • got — manage gotsys.conf +
  • got — gotsys configuration file Manual pages installed by the gotwebd package: +Manual pages installed by the gotsysd package: + Manual pages installed by the gitwrapper package: