From c4e10593e346b6e270e42d587096bc02beb2752e Mon Sep 17 00:00:00 2001 From: matrss Date: Thu, 3 Jul 2025 11:07:06 +0000 Subject: [PATCH] Added a comment --- ...comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment diff --git a/doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment b/doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment new file mode 100644 index 0000000000..187ed0fc5e --- /dev/null +++ b/doc/todo/p2phttp__58___listen_on_unix_domain_sockets/comment_2_e075c37cbeab627a6a96dcfb1525e21d._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="matrss" + avatar="http://cdn.libravatar.org/avatar/cd1c0b3be1af288012e49197918395f0" + subject="comment 2" + date="2025-07-03T11:07:06Z" + content=""" +Unfortunately I wasn't able to make use of the multiple repositories feature because Forgejo stores repositories in nested directories (`/`). Even if I was able to use that feature, using unix sockets would still feel cleaner and avoid some security concerns around running the p2phttp server with `--wideopen` (as-is it is accessible to all local users, with unix sockets permissions could be used to restrict it; but this is more of a theoretical concern, I am not aware of anyone running a Forgejo-aneksajo server on a host with untrusted users). + +According to it should be possible to use warp's runSettingsSocket with a unix socket, instead of runSettings. I am not familiar enough with Haskell or git-annex to judge if there are other obstacles though... +"""]]