From c4e10593e346b6e270e42d587096bc02beb2752e Mon Sep 17 00:00:00 2001 From: matrss Date: Thu, 3 Jul 2025 11:07:06 +0000 Subject: [PATCH 1/3] Added a comment --- ...comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment diff --git a/doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment b/doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment new file mode 100644 index 0000000000..187ed0fc5e --- /dev/null +++ b/doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="matrss" + avatar="http://cdn.libravatar.org/avatar/cd1c0b3be1af288012e49197918395f0" + subject="comment 2" + date="2025-07-03T11:07:06Z" + content=""" +Unfortunately I wasn't able to make use of the multiple repositories feature because Forgejo stores repositories in nested directories (`/`). Even if I was able to use that feature, using unix sockets would still feel cleaner and avoid some security concerns around running the p2phttp server with `--wideopen` (as-is it is accessible to all local users, with unix sockets permissions could be used to restrict it; but this is more of a theoretical concern, I am not aware of anyone running a Forgejo-aneksajo server on a host with untrusted users). + +According to it should be possible to use warp's runSettingsSocket with a unix socket, instead of runSettings. I am not familiar enough with Haskell or git-annex to judge if there are other obstacles though... +"""]] From e1587840aebe781048ecb0f50c76eb56c4615bed Mon Sep 17 00:00:00 2001 From: "Basile.Pinsard" Date: Thu, 3 Jul 2025 14:32:10 +0000 Subject: [PATCH 2/3] --- ...chunked_file__through_publicurl_fails.mdwn | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn diff --git a/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn b/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn new file mode 100644 index 0000000000..88ab4bb205 --- /dev/null +++ b/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn @@ -0,0 +1,33 @@ +### Please describe the problem. + +When running fsck (fast or slow) from an S3 remote that has anonymous access and git-annex publicurl set, it fails only on the files that get chunked into multiple parts because they exceed the configured chunk size for the remote. + + +### What steps will reproduce the problem? + +- create repo +- annex a file +- set AWS creds as env vars +- initremote S3 special remote with chunk size smaller than the file size and publicurl +- push data (authenticated) to the S3 remote, ensure it get chunked. +- unset AWS auth vars (and remote .git/annex/creds if necessary) +- fsck from remote should fail on chunked file + + +### What version of git-annex are you using? On what operating system? + +git-annex version: 10.20250417-gfd493804c004f7facb4b99d4bf21ed49a081c5cf + +### Please provide any additional information below. + +[[!format sh """ +# If you can, paste a complete transcript of the problem occurring here. +# If the problem is with the git-annex assistant, paste in .git/annex/daemon.log + + +# End of transcript or log. +"""]] + +### Have you had any luck using git-annex before? (Sometimes we get tired of reading bug reports all day and a lil' positive end note does wonders) + +Yes indeed! :D From fab100e0c9d39e6163348c2cc7a888d5c72e2ce4 Mon Sep 17 00:00:00 2001 From: "Basile.Pinsard" Date: Thu, 3 Jul 2025 14:37:14 +0000 Subject: [PATCH 3/3] --- .../S3_fsck_from_chunked_file__through_publicurl_fails.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn b/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn index 88ab4bb205..f0d972a4fb 100644 --- a/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn +++ b/doc/bugs/S3_fsck_from_chunked_file__through_publicurl_fails.mdwn @@ -10,7 +10,7 @@ When running fsck (fast or slow) from an S3 remote that has anonymous access and - set AWS creds as env vars - initremote S3 special remote with chunk size smaller than the file size and publicurl - push data (authenticated) to the S3 remote, ensure it get chunked. -- unset AWS auth vars (and remote .git/annex/creds if necessary) +- unset AWS auth vars (and remove .git/annex/creds if necessary) - fsck from remote should fail on chunked file