mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge branch 'master' into assistant

Browse source
This commit is contained in:
Joey Hess 2012-07-26 14:28:19 -04:00
commit 6de38a2ca8
45 changed files with 877 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

8
doc/design/assistant/blog/day_12__freebsd_redux/comment_1_5da32cf53f1de27bfe6cec2d294db3e1._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawkSq2FDpK2n66QRUxtqqdbyDuwgbQmUWus"
nickname="Jimmy"
subject="comment 1"
date="2012-06-19T06:53:26Z"
content="""
heh, yea, it's detecting changes on OSX ;)
"""]]

8
doc/design/assistant/blog/day_12__freebsd_redux/comment_2_696d6e22034acf5bb60d80124b72ef2f._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawkSq2FDpK2n66QRUxtqqdbyDuwgbQmUWus"
nickname="Jimmy"
subject="comment 1"
date="2012-06-19T07:01:26Z"
content="""
issues with the watch command on OSX, it seems that there is a race condition somewhere. I dumped a few iso's into an annex and it only annexed the smaller files (checksums) and the bigger ones (the iso's) just got made read only. also do you want these bugs to be logged here or in the bugs section?
"""]]

8
doc/design/assistant/blog/day_16__more_robust_syncing/comment_1_23e7a90429e4431f90787cd016ebe188._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawmBUR4O9mofxVbpb8JV9mEbVfIYv670uJo"
nickname="Justin"
subject="comment 1"
date="2012-06-27T12:46:31Z"
content="""
can X and Y be the names of the git-annex remotes?
"""]]

10
doc/design/assistant/blog/day_16__more_robust_syncing/comment_2_8e7e7cd27791bb47625e60a284e9c802._comment Normal file
View file

@ -0,0 +1,10 @@
[[!comment format=mdwn
username="http://joeyh.name/"
ip="4.153.2.189"
subject="comment 2"
date="2012-07-26T17:27:39Z"
content="""
That's a good question. Unfortunatly they cannot; X and Y need to be stable across repositories, and git remotes can have different names in different repositories.
Even using the description that git-annex stores for each repository for X and Y is problimatic, since that description can change, and so could be different in two repos that are each trying to resolve the same merge conflict.
"""]]

8
doc/design/assistant/blog/day_40__dbus/comment_4_3399ddad951c1a950281bb6941fc3f6f._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawkSq2FDpK2n66QRUxtqqdbyDuwgbQmUWus"
nickname="Jimmy"
subject="comment 2"
date="2012-07-19T18:43:30Z"
content="""
Joey, yes dbus is available from macports and homebrew, it's not installed by default (or as a dependancy) for most packages in macports.
"""]]

83
doc/design/assistant/blog/day_44__webapp_basics.mdwn Normal file
View file

@ -0,0 +1,83 @@
After an all-nighter, I have `git annex webapp` launching a WebApp!
It doesn't do anything useful yet, just uses Yesod to display a couple of
hyperlinked pages and a favicon, securely.
The binary size grew rather alarmingly, BTW. :) Indeed, it's been growing
for months..
-rwxr-xr-x 1 root root 9.4M Jul 21 16:59 git-annex-no-assistant-stripped
-rwxr-xr-x 1 joey joey 12M Jul 25 20:54 git-annex-no-webapp-stripped
-rwxr-xr-x 1 joey joey 17M Jul 25 20:52 git-annex-with-webapp-stripped
----
Along the way, some Not Invented Here occurred:
I didn't use the yesod scaffolded site, because it's a lot of what
seems mostly to be cruft in this use case. And because I don't like
code generated from templates that people are then expected to edit. Ugh.
That's my least favorite part of Yesod. This added some pain, since
I had to do everything the hard way.
I didn't use [wai-handler-launch](http://hackage.haskell.org/package/wai-handler-launch)
because:
* It seems broken on IPv6 capable machines (it always opens
`http://127.0.0.1:port/` even though it apparently doesn't always
listen there.. I think it was listening on my machine's ipv6 address
instead. I know, I know; I should file a bug about this..)
* It always uses port 4587, which is **insane**. What if you have two
webapps?
* It requires javascript in the web browser, which
is used to ping the server, and shut it down when the web browser closes
(which behavior is wrong for git-annex anyway, since the daemon should
stay running across browser closes).
* It opens the webapp on web server startup, which is wrong for git-annex;
instead the command `git annex webapp` will open the webapp,
after `git annex assistant` started the web server.
Instead, I rolled my own WAI webapp laucher, that binds to any free port
on localhost, It does use `xdg-open` to launch the web browser,
like wai-handler-launch (or just `open` on OS X).
Also, I wrote my own WAI logger, which logs using System.Log.Logger,
instead of to stdout, like `runDebug` does.
----
The webapp only listens for connections from localhost, but that's
not sufficient "security". Instead, I added a secret token to
every url in the webapp, that only `git annex webapp` knows about.
But, if that token is passed to `xdg-open` on its command line,
it will be briefly visible to local attackers in the parameters of
`xdg-open`.. And if the web browser's not already running, it'll run
with it as a parameter, and be *very* visible.
So instead, I used a nasty hack. On startup, the assistant
will create a html file, readably only by the user, that redirects
the user to the real site url. Then `git annex webapp` will run
xdg-open on that file.
----
Making Yesod check the `auth=` parameter (to verify that the secret token
is right) is when using Yesod started to pay off. Yesod has a simple
`isAuthorized` method that can be overridden to do your own authentication
like this.
But Yesod really started to shine when I went to add the `auth=` parameter
to every url in the webapp. There's a `joinPath` method can can be used
to override the default url builder. And every type-safe url in the
application goes through there, so it's perfect for this.
I just had to be careful to make it not add `auth=` to the url for the
favicon, which is included in the "Permission Denied" error page. That'd be
an amusing security hole..
----
Next up: Doing some AJAX to get a dynamic view of the state of the daemon,
including currently running transfers, in the webapp. AKA stuff I've never
done before, and that, unlike all this heavy Haskell Yesod, scares me. :)

8
doc/design/assistant/cloud/comment_3_faafd1266301997b1822d215ec8e8d8c._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawn7Oyqusvn0oONFtVhCx5gRAcvPjyRMcBI"
nickname="Michaël"
subject="is ftp an option?"
date="2012-05-30T10:44:12Z"
content="""
for people only having ftp-access to there storage.
"""]]

10
doc/design/assistant/comment_10_f2233fad55c20686cf299bf6788f1f23._comment Normal file
View file

@ -0,0 +1,10 @@
[[!comment format=mdwn
username="http://www.klomp.eu/"
ip="95.91.241.82"
subject="Watch also possible with git?"
date="2012-06-15T17:25:30Z"
content="""
Hi,
it seems that you put a lot of efforts in handling race conditions. Thats great. I wonder if the watch can also be used with git (i.e. changes are commited into git and not as annex)? I know that other projects follow this idea but why using different tools if the git-annex assistant could handle both...
"""]]

10
doc/design/assistant/comment_9_d052e2142da8b4838fb1edf791ea23ae._comment Normal file
View file

@ -0,0 +1,10 @@
[[!comment format=mdwn
username="http://wiggy.net/"
nickname="Wichert"
subject="macports"
date="2012-06-12T13:00:34Z"
content="""
The average OSX user has a) no idea what macports is, and b) will not be able to install it. Anything that requires a user to do anything with a commandline (or really anything other than using a GUI installer) is effectively a dealbreaker. For our use cases OSX is definitely a requirement, but it must only use standard OSX installation methods in order to be usable. Being in the appstore would be ideal, but standard dmg/pkg installers are still common enough that they are also acceptable.
FWIW this is the same reason many git GUIs were not usable for our OSX users: they required separate installation of the git commandline tools.
"""]]

8
doc/design/assistant/inotify/comment_5_0cdd3046d90ad2012025d846ece0731e._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawkSq2FDpK2n66QRUxtqqdbyDuwgbQmUWus"
nickname="Jimmy"
subject="comment 5"
date="2012-06-17T21:42:59Z"
content="""
okay, I've gotten gitbuilder to poll the git repo every minute for changes, gitbuilder doesn't build every commit. It doesn't work like that, it checks out the master and builds that. If there is a failure it automatically bisects to find out where the problem first got introduced. Hope the change to the builder helps!
"""]]

9
doc/design/assistant/inotify/comment_6_e197d5d0d853572ec1f2e5985762e60d._comment Normal file
View file

@ -0,0 +1,9 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawnV2c63kDc6X21a1H81me1mIenUCScd2Gs"
nickname="Emanuele"
subject="watch branch?"
date="2012-06-01T19:19:17Z"
content="""
Hello there? Where can I find more info about this git watch branch?
Keep up the good work!
"""]]

8
doc/design/assistant/syncing/comment_2_eb992b5b2c7a5ce23443e2a6007e5ff9._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawnBl7cA6wLDxVNUyLIHvAyCkf8ir3alYpk"
nickname="Tyson"
subject="Bridging LANs"
date="2012-07-10T10:20:59Z"
content="""
Why rely on the cloud when you can instead use XMPP and jingle to perform NAT traversal for you? AFAIKT, it also means that traffic won't leave your router if the two endpoints are behind the same router.
"""]]

80
doc/design/assistant/syncing/comment_3_e1b5e8a24556de16d1cacd27ee0c1bd1._comment Normal file
View file

@ -0,0 +1,80 @@
[[!comment format=mdwn
username="https://www.google.com/accounts/o8/id?id=AItOawkSq2FDpK2n66QRUxtqqdbyDuwgbQmUWus"
nickname="Jimmy"
subject="comment 1"
date="2012-07-03T08:26:43Z"
content="""
On \"git syncing\" point number 9, on OSX you could potentially do this on a semi-regular basis
<pre>
system_profiler SPNetworkVolumeDataType
Volumes:
net:
Type: autofs
Mount Point: /net
Mounted From: map -hosts
Automounted: Yes
home:
Type: autofs
Mount Point: /home
Mounted From: map auto_home
Automounted: Yes
</pre>
and
<pre>
x00:~ jtang$ system_profiler SPUSBDataType
USB:
USB High-Speed Bus:
Host Controller Location: Built-in USB
Host Controller Driver: AppleUSBEHCI
PCI Device ID: 0x0aa9
PCI Revision ID: 0x00b1
PCI Vendor ID: 0x10de
Bus Number: 0x26
Hub:
Product ID: 0x2504
Vendor ID: 0x0424 (SMSC)
Version: 0.01
Speed: Up to 480 Mb/sec
Location ID: 0x26200000 / 3
Current Available (mA): 500
Current Required (mA): 2
USB to ATA/ATAPI Bridge:
Capacity: 750.16 GB (750,156,374,016 bytes)
Removable Media: Yes
Detachable Drive: Yes
BSD Name: disk1
Product ID: 0x2338
Vendor ID: 0x152d (JMicron Technology Corp.)
Version: 1.00
Serial Number: 313541813001
Speed: Up to 480 Mb/sec
Manufacturer: JMicron
Location ID: 0x26240000 / 5
Current Available (mA): 500
Current Required (mA): 2
Partition Map Type: MBR (Master Boot Record)
S.M.A.R.T. status: Not Supported
Volumes:
Porta-Disk:
Capacity: 750.16 GB (750,156,341,760 bytes)
Available: 668.42 GB (668,424,208,384 bytes)
Writable: Yes
File System: ExFAT
....
</pre>
I think its possible to programatically get this information either from the CLI (it dumps out XML output if required) or some development library. There is also DBUS in macports, but I have never had much interaction with it, so I don't know if its good or bad on OSX.
"""]]

20
doc/design/assistant/webapp.mdwn
View file

@ -7,6 +7,9 @@ The webapp is a web server that displays a shiny interface.
token. This guards against other users on the same system. **done**
(I would like to avoid passwords or other authentication methods,
it's your local system.)
* Don't pass the url with secret token directly to the web browser,
as that exposes it to `ps`. Instead, write a html file only the user can read,
that redirects to the webapp. **done**
* Alternative for Linux at least would be to write a small program using
GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
needing authentication.
@ -28,11 +31,12 @@ The webapp is a web server that displays a shiny interface.
## implementation
Hope to use Yesod.
TODO: Ensure that Yesod will work on arm. Necessary for later Android port.
Will its template haskell cause a problem? Does new GHC support TH on ARM?
Will it use too much memory or be too slow?
Hopefully Yesod comes with some good UI widgets. Otherwise, need to use
Jquery or similar.
* use `addStaticContent` to make /favicon.ico work. Return `Right (route, query)`
and I think the route can be `favicon_ico`.
* perhaps define a custom `errorHandler`, which could avoid the potential
of leaking auth tokens on error pages
* possibly lose the ugly auth= token past the first page,
and use a client-side session. It could be encrypted using the token
as the `encryptKey`. Note: Would need to set the session duration
to infinite (how?)
* look up "server-sent events" sent using `sendWaiResponse`

10
doc/design/assistant/webapp/comment_2_3cf0cf460c7869d0cc22940fcc84aec4._comment Normal file
View file

@ -0,0 +1,10 @@
[[!comment format=mdwn
username="yatesa"
ip="171.25.193.21"
subject="Secret URL token"
date="2012-06-19T03:41:16Z"
content="""
> Instruct the user's web browser to open an url that contains a secret token. This guards against other users on the same system.
How will you implement that? Running \"sensible-browser URL\" would be the obvious way, but the secret URL would show up in a well timed ps listing. (And depending on the browser, ps may show the URL the entire time it's running.)
"""]]

8
doc/design/assistant/webapp/comment_3_428e153135f7a64215730719207d82c4._comment Normal file
View file

@ -0,0 +1,8 @@
[[!comment format=mdwn
username="jtang"
ip="79.97.135.214"
subject="comment 3"
date="2012-07-26T17:35:18Z"
content="""
Using twitter-bootstrap for the webapp - this might be a wishlist item, but would it be possible to ensure that the webapp's css uses twitter-bootstrap classes. It would make theming much easier in the long run and it would give you a nice modern look with a low amount of effort.
"""]]