On Fri, Jun 02, 2023 at 02:11:13PM +0200, Stefan Sperling wrote:
> On Fri, Jun 02, 2023 at 12:17:59PM +0200, Johannes Thyssen Tishman wrote:
> > Hi all,
> >
> > I recently decided to give Game of Trees a try. So far I've enjoyed how
> > easy it is to setup gotd on the server and the per-repo configurations.
> > The man pages have been great to get me started. However coming from
> > using git{daemon} I am still a little confused about a couple of things
> > regarding got and gotd.
> >
> > Regarding gotd:
> >
> > Having all repos stored in /var/git, what are the correct permissions
> > for these if I have multiple developers with read-write permissions
> > working on them? Does gotd handle the permissions of these as specified
> > in the /etc/gotd.conf and can I simply have them be owned by
> > maindev:maindev for example? Or do I have to do 'chown -R :developers
> > repo && chmod g+w repo' for all the repos that need write access by the
> > developers group?
>
> The standard approach for a "main-hub" style server is to have _gotd
> own all repositories on disk and add your developers to gotd.conf.

How would one create a new repository in this case? As root and then
chown _gotd:_gotd?

> There are cases where using a UID other than _gotd can be useful.
> For example, I sometimes run gotd as my own user when I just want to
> push changes repos on another system such as a VM and I don't have
> Git installed in the VM. The same makes sense for single-user servers
> where the user also runs scripts that synchronize repositories in
> the background.

Ah I see. My server is indeed a single-user server, however if I run
gotd as my user, would others still be able to contribute if given rw
permissions in /etc/gotd.conf?

> For now, I would recommend running -current for gotd servers.
> OpenBSD 7.3 does not have gitwrapper(1) yet which makes deployment
> of gotd a lot easier when used in parallel to Git.

Actually my plan is to completely replace git on the server. Would you
still recommend -current when not working in parallel to Git? Also out
of curiosity, why would someone want to work both with got and git at
the same time on a server?

> > Regarding /etc/gotd.conf, is it in the developers plans to allow for
> > per-directory/wildcard configurations. E.g:
> >
> >     repository ".*" {
> > 	path "/var/git/*"
> > 	permit rw :devs
> > 	permit ro anonymous
> >     }
>
> No, because then gitwrapper won't know which repositories are supposed
> to be managed by gotd.

So gitwrapper determines the repos that are to be managed by gotd by
parsing /etc/gotd.conf?

> > I suppose this could simplify the creation of new repositories without
> > having to edit the /etc/gotd.conf and maybe avoid a restart of the gotd
> > daemon?
>
> gotd uses the list of repositories in the configuration file to know
> what it needs to unveil(). This is why a restart is needed when a new
> repository is added.
>
> Of course this could be changed to have gotd list a directory at startup
> and unveil all the repositories within, but that seems more error prone
> than an explicit listing and still wouldn't avoid the need to restart.

Understood, thank you. Nothing a script can't automate anyways.

> > Lastly, does gotd support hooks? For example to generate static files of
> > the git repo after a push/send (post-receive hook). Is something like
> > this planned or are there any current workarounds?
>
> It does not support hooks and such and there are no plans to add support
> for running arbitrary commands, again because that entire approach conflicts
> with pledge and unveil. Instead we can implement specific event handlers
> that could be enabled in the configuration file. For example, I would like
> to have commit email be sent via SMTP to localhost port 25.
>
> I would also like to be able to send a HTTP request that contains some
> information about a new commit, in order to have commit notifications
> appear on our IRC channel. That feature would essentially allow arbitrary
> commands to be triggered on another server. This server would provide CGI
> scripts that will then be called when a commit occurs.

That sounds useful. I look forward to that :)

> > Regarding got:
> >
> > Perhaps this questions arises since I'm used to a (not very experienced)
> > workflow with git. I've noticed that in contrast to git, when I
> > clone/init a repo with got{admin}, I get what would be the equivalent of
> > a git clone/init --bare (as shown in the got(1) EXAMPLES). This is
> > somehow confusing for me in two scenarios:
>
> This approach is based on how SVN behaves. It has an 'svnadmin init' command.
>
> > 1. When I create a new repository on my server with 'gotadmin init
> > /path/to/repo', I need to populate it first with 'got import' before I
> > can clone it from my local machine. That means that I need to have the
> > files that I want to import available on the server, correct? In case I
> > don't want to have these files on the server, I suppose I can then
> > delete the directory after importing it and then clone it and checkout
> > the worktree on my local machine. However I wonder if this is the
> > intended workflow. Is there a way to just create a new repo on the
> > server and populate it with files from a local machine?
>
> You can use 'got send' or 'git push' to add files to an empty repository
> that sits on the server.  Of course will need need to run 'got import'
> anyway to populate a local repository with a commit that can be sent.

Awesome, this will do! Question though: I couldn't find how to configure
a remote repository for a local repository in the man pages aside from
manually adding it to got.conf. Is this the only way?

> > 2. After cloning a repo on my local machine and doing a checkout I'm
> > left with two different directories, one is the "bare" repo and the
> > other one is the worktree. To keep everything in a single directory I
> > found that I can do the following as a workaround:
> >
> >     $ mkdir test && cd test
> >     $ got clone ssh://user@example.com/test .got
> >     $ got checkout -E .got .
> >
> > However since the 'got checkout' already puts some files on the .got
> > directory, I'm not sure this is a good practice. Is there a recommended
> > workflow that clarifies this?
>
> Don't do this. Just use seperate directories. You will only ever need to
> store one copy of a given repository on a given machine. And you can check
> out as many work trees from this repository as you like, even from the
> same branch.

Understood. I can get used to that.

Thank you very much for your time Stefan.

--
Johannes Thyssen Tishman
https://thyssentishman.com