- From:
- "Omar Polo" <op@omarpolo.com>
- Subject:
- Re: gotwebd website support
- To:
- Stefan Sperling <stsp@stsp.name>
- Cc:
- gameoftrees@openbsd.org
- Date:
- Mon, 01 Dec 2025 23:17:39 +0100
Download raw body.
Thread
gotwebd website support
Download raw body.
gotwebd website support
Stefan Sperling <stsp@stsp.name> wrote:
> Add a new feature to gotwebd which allows serving static websites
> straight out of Git repositories.
>
> In the simplest case, declaring a website in gotwebd.conf works as follows:
>
> server "www.example.com" {
> # Serve the www.git repository as a web site when
> # the browser visits "www.example.com".
> website "/" {
> repository "www"
> }
> }
>
> See the docs added to gotwebd.conf.5 for details.
>
> A tricky part of this is requesting routing. We can now have URL paths
> which map to repositories and may require authentication, and URL paths
> which map to websites which never require authentication (similar to how
> static gotwebd assets are not protected by authentication). It took me
> some time to get this right. We must have good test coverage for this to
> avoid introducing authentication bypass bugs later.
>
> For now, I am adding some basic tests to the gotsysd regression test suite.
> The tests should be extended later to cover more cases. Adding more tests
> will be much easier gone gotsysd has learned to reconfigure gotwebd on the fly.
> Until gotsysd can reconfigure gotwebd, test cases which require a unique
> gotwebd.conf file need to be start in separate scripts.
>
> ok?
to start with, I think it's more than okay =)
it's quite a lot.
I'm jus leaving one tiny nitpick if you can fix it before merging this
in main, as i think it was an unwanted change :p
while playing with it i've found a minor logic error, which is innocuous
luckily, with `website "/"':
$ curl -sI http://localhost/ | grep Location
Location: http://localhost//index.html
in any case, let's get this in and improve in-tree, i think it's the
best way forward :)
ok op@
Thanks!
> [...]
> --- gotwebd/gotwebd.conf.5
> +++ gotwebd/gotwebd.conf.5
> @@ -1,4 +1,4 @@
> -.\"
> +\"
nit: lost the "." :p
> .\" Copyright (c) 2020 Tracey Emery <tracey@traceyemery.net>
> .\"
> .\" Permission to use, copy, modify, and distribute this software for any
> [..]
> @@ -463,6 +507,56 @@ parameter determines whether
> .Xr gotwebd 8
> will display the repository.
> .El
> +.It Ic website Ar url-path Brq ...
> +Show a web site when the browser visits the given
> +.Ar url-path .
> +The web site's content is composed of files in a Git repository.
> +.Pp
> +While the underlying repository is subject to authentication as usual,
> +web site content is always public, and cannot be hidden via the
> +.Ic hide repository
> +or
> +.Ic respect_exportok
> +directives.
I think we should 'fix' this and at least enable auth for the website.
I think it doesn't make much sense to protect the history but not the
resulting tree at the tip :p
gotwebd website support