On Fri, Jun 02, 2023 at 12:17:59PM +0200, Johannes Thyssen Tishman wrote:
> Hi all,
> 
> I recently decided to give Game of Trees a try. So far I've enjoyed how
> easy it is to setup gotd on the server and the per-repo configurations.
> The man pages have been great to get me started. However coming from
> using git{daemon} I am still a little confused about a couple of things
> regarding got and gotd.
> 
> Regarding gotd:
> 
> Having all repos stored in /var/git, what are the correct permissions
> for these if I have multiple developers with read-write permissions
> working on them? Does gotd handle the permissions of these as specified
> in the /etc/gotd.conf and can I simply have them be owned by
> maindev:maindev for example? Or do I have to do 'chown -R :developers
> repo && chmod g+w repo' for all the repos that need write access by the
> developers group?

The standard approach for a "main-hub" style server is to have _gotd
own all repositories on disk and add your developers to gotd.conf.

There are cases where using a UID other than _gotd can be useful.
For example, I sometimes run gotd as my own user when I just want to
push changes repos on another system such as a VM and I don't have
Git installed in the VM. The same makes sense for single-user servers
where the user also runs scripts that synchronize repositories in
the background.

For now, I would recommend running -current for gotd servers.
OpenBSD 7.3 does not have gitwrapper(1) yet which makes deployment
of gotd a lot easier when used in parallel to Git.

> Regarding /etc/gotd.conf, is it in the developers plans to allow for
> per-directory/wildcard configurations. E.g:
> 
>     repository ".*" {
> 	path "/var/git/*"
> 	permit rw :devs
> 	permit ro anonymous
>     }

No, because then gitwrapper won't know which repositories are supposed
to be managed by gotd.

> I suppose this could simplify the creation of new repositories without
> having to edit the /etc/gotd.conf and maybe avoid a restart of the gotd
> daemon?

gotd uses the list of repositories in the configuration file to know
what it needs to unveil(). This is why a restart is needed when a new
repository is added.

Of course this could be changed to have gotd list a directory at startup
and unveil all the repositories within, but that seems more error prone
than an explicit listing and still wouldn't avoid the need to restart.
 
> Lastly, does gotd support hooks? For example to generate static files of
> the git repo after a push/send (post-receive hook). Is something like
> this planned or are there any current workarounds?

It does not support hooks and such and there are no plans to add support
for running arbitrary commands, again because that entire approach conflicts
with pledge and unveil. Instead we can implement specific event handlers
that could be enabled in the configuration file. For example, I would like
to have commit email be sent via SMTP to localhost port 25.

I would also like to be able to send a HTTP request that contains some
information about a new commit, in order to have commit notifications
appear on our IRC channel. That feature would essentially allow arbitrary
commands to be triggered on another server. This server would provide CGI
scripts that will then be called when a commit occurs.
 
> Regarding got:
> 
> Perhaps this questions arises since I'm used to a (not very experienced)
> workflow with git. I've noticed that in contrast to git, when I
> clone/init a repo with got{admin}, I get what would be the equivalent of
> a git clone/init --bare (as shown in the got(1) EXAMPLES). This is
> somehow confusing for me in two scenarios:

This approach is based on how SVN behaves. It has an 'svnadmin init' command.
 
> 1. When I create a new repository on my server with 'gotadmin init
> /path/to/repo', I need to populate it first with 'got import' before I
> can clone it from my local machine. That means that I need to have the
> files that I want to import available on the server, correct? In case I
> don't want to have these files on the server, I suppose I can then
> delete the directory after importing it and then clone it and checkout
> the worktree on my local machine. However I wonder if this is the
> intended workflow. Is there a way to just create a new repo on the
> server and populate it with files from a local machine?

You can use 'got send' or 'git push' to add files to an empty repository
that sits on the server.  Of course will need need to run 'got import'
anyway to populate a local repository with a commit that can be sent.

> 2. After cloning a repo on my local machine and doing a checkout I'm
> left with two different directories, one is the "bare" repo and the
> other one is the worktree. To keep everything in a single directory I
> found that I can do the following as a workaround:
> 
>     $ mkdir test && cd test
>     $ got clone ssh://user@example.com/test .got
>     $ got checkout -E .got .
> 
> However since the 'got checkout' already puts some files on the .got
> directory, I'm not sure this is a good practice. Is there a recommended
> workflow that clarifies this?

Don't do this. Just use seperate directories. You will only ever need to
store one copy of a given repository on a given machine. And you can check
out as many work trees from this repository as you like, even from the
same branch.