Commit graph

1185 commits

Author SHA1 Message Date
Joey Hess
542ae4a855 show version in upgrade alert 2013-11-24 13:28:34 -04:00
Joey Hess
6165284e39 add support for fully automatic upgrades
The Upgrader avoids checking for upgrades on startup when it was just
upgraded. This avoids an upgrade loop if something goes wrong. One example
of something going wrong would be if the upgrade info file and the
distribution file get out of sync (or the distribution file is cached in
a proxy), so it thinks it has upgraded to a new version, but has really
not.
2013-11-24 13:20:58 -04:00
Joey Hess
f04786f984 recusive rmdir 2013-11-24 12:56:49 -04:00
Joey Hess
b59998f73d better handling of upgrade directory 2013-11-24 12:49:03 -04:00
Joey Hess
4776e1d7b7 use manifest file instead of blindly removing the whole git-annex.linux directory
FIXME: dirContentsRecursive does not find empty directories
2013-11-24 01:41:13 -04:00
Joey Hess
fead2941cd linux upgrade code debugged and working 2013-11-24 00:26:20 -04:00
Joey Hess
fdc10b9436 completely untested linux upgrade code 2013-11-23 23:45:49 -04:00
Joey Hess
fda641d27b improve android upgrade interface
and refactor
2013-11-23 22:12:36 -04:00
Joey Hess
e563c7e6f4 fsck distribution key 2013-11-23 21:58:39 -04:00
Joey Hess
32acf908bb queue and start download of git-annex from web, using git-annex, when upgrade is started 2013-11-23 17:21:04 -04:00
Joey Hess
6802123f7d use global webapp redirects when shutting down 2013-11-23 16:21:09 -04:00
Joey Hess
b1a89c448a replace horrible old daemon restart code with new method 2013-11-23 15:50:17 -04:00
Joey Hess
183f7355cd global webapp redirects, to finish upgrades
When an automatic upgrade completes, or when the user clicks on the upgrade
button in one webapp, but also has it open in another browser window/tab,
we have a problem: The current web server is going to stop running in
minutes, but there is no way to send a redirect to the web browser to the
new url.

To solve this, used long polling, so the webapp is always listening for
urls it should redirect to. This allows globally redirecting every open
webapp. Works great! Tested with 2 web browsers with 2 tabs each.
May be useful for other purposes later too, dunno.

The overhead is 2 http requests per page load in the webapp. Due to yesod's
speed, this does not seem to noticibly delay it. Only 1 of the requests
could possibly block the page load, the other is async.
2013-11-23 14:47:38 -04:00
Joey Hess
d24f7f94fe better UI flow through upgrade process
Move button to enable automatic upgrades to an alert displayed after
successful upgrade. Unclutters the UI and makes psychological sense.
2013-11-23 13:27:52 -04:00
Joey Hess
6abaf19c41 restart on upgrade is working, including automatic restart
Made alerts be able to have multiple buttons, so the alerts about upgrading
can have a button that enables automatic upgrades.

Implemented automatic upgrading when the program file has changed.

Note that when an automatic upgrade happens, the webapp displays an alert
about it for a few minutes, and then closes. This still needs work.
2013-11-23 00:54:08 -04:00
Joey Hess
56e980215f got assistant upgrade detection to notice when I build a new version with cabal build! 2013-11-22 23:53:24 -04:00
Joey Hess
7cd9f909e4 restart on upgrade now fully working 2013-11-22 23:42:16 -04:00
Joey Hess
b9cdb55e0c assistant restart on upgrade 2013-11-22 23:12:06 -04:00
Joey Hess
766c31c95c watch git-annex program file to detect upgrades
Not yet wired up to restart the assistant on upgrade; that needs careful
sanity checking to wait until the upgrade is done before restarting.

Used the DirWatcher here, so it gets events for any changes to the
directory containing the program file. (But not subdirs.) This is necessary
in order to detect when the file is renamed as part of the upgrade, which
an inotify on a single file would not detect. (Also, I have DirWatcher code,
but not FileWatcher code.)

Note that upgrades that remove or rename a whole directory tree containing
the executable will *not* trigger this code. So eg, deleting and replacing
the whole standalone tarball dir tree won't work -- but untarring it
over top will. So should dpkg package upgrades.

Added programPath, using a new GHC feature to find the full path to the
executable. The fallback code for old GHC or unsupported OS is less good;
its worst failure mode would be either failing to find the program, and so
not checking for upgrades, or finding a git-annex that's in PATH, but is
not the one running.

This commit was sponsored by John Roepke.
2013-11-22 18:46:45 -04:00
Joey Hess
f8a3dd9c3d annex.autoupgrade added to webapp prefs page 2013-11-22 16:21:04 -04:00
Joey Hess
31d43c63a4 annex.autoupgrade setting 2013-11-22 16:04:20 -04:00
Joey Hess
4112b317a7 remove debug code 2013-11-22 15:11:43 -04:00
Joey Hess
0c68346f46 fix inverted priority 2013-11-22 15:10:56 -04:00
Joey Hess
3f85d851bb use .info, allow multiple info files in same directory 2013-11-22 14:59:01 -04:00
Joey Hess
e2f17e9da3 upgrade alerts
The webapp will check twice a day, when the network is connected, to see if
it can download a distributon upgrade file. If a newer version is found,
display an upgrade alert.

This will need the autobuilders to set UPGRADE_LOCATION to the url
it can be downloaded from when building git-annex. Only builds with that
set need automatic upgrade alerts.

Currently, the upgrade page just requests the user manually download
and upgrade it. But, all the info is provided to do automated upgrades
in the future.

Note that urls used will need to all be https.

This commit was sponsored by Dirk Kraft.
2013-11-21 17:49:56 -04:00
Joey Hess
94251de91e add readFileStrictAnyEncoding 2013-11-20 13:41:13 -04:00
Joey Hess
9c20185f55 webapp: Check annex.version. 2013-11-17 14:58:35 -04:00
Joey Hess
f35cc2d4ba Android: Adjust default .gitignore to ignore .thumbnails at any location in the tree, not just at its top. 2013-11-16 18:48:16 -04:00
Joey Hess
69d68f9d53 work around OSX mavericks' broken cpp 2013-11-14 13:49:11 -04:00
Joey Hess
58b72a30c2 log missing index at notice priority 2013-11-13 14:42:59 -04:00
Joey Hess
6a45f4cdaf inverted logic 2013-11-13 14:41:32 -04:00
Joey Hess
eab4470440 better handling of missing index file 2013-11-13 14:39:26 -04:00
Joey Hess
13108b7196 assistant: Notice on startup when the index file is corrupt, and auto-repair. 2013-11-13 14:27:17 -04:00
Joey Hess
b9b5e3370d build assistant and watcher on windows (doesn't work yet) 2013-11-12 17:22:34 -04:00
Joey Hess
9625147a8f allow to build when sandi is installed (don't use it yet) 2013-11-11 15:42:06 -04:00
Joey Hess
958312885f webapp: Improve UI around remote that have no annex.uuid set, either because setup of them is incomplete, or because the remote git repository is not a git-annex repository.
Complicated by such repositories potentially being repos that should have
an annex.uuid, but it failed to be gotten, perhaps due to the past ssh repo
setup bugs. This is handled now by an Upgrade Repository button.
2013-11-07 18:02:00 -04:00
Joey Hess
b7c15f3b60 webapp: Avoid encoding problems when displaying the daemon log file. 2013-11-07 15:29:20 -04:00
Joey Hess
4510819215 v5 for direct mode, with automatic upgrade
This includes storing the current state of the HEAD ref, which git annex
sync is going to need, but does not make sync use it.
2013-11-05 17:05:03 -04:00
Joey Hess
dfe3162bf5 fix editing unknown uuid
Before, assumed Nothing when getting remote meant it was the local repo,
and showed the edit form for that.
2013-11-05 12:38:54 -04:00
Joey Hess
6ab731f4b0 fix warning when building w/o CLIBS 2013-11-03 12:00:08 -04:00
Joey Hess
1f39aef893 Fix zombie process that occurred when switching between repository views in the webapp. 2013-11-02 22:25:08 -04:00
Joey Hess
7e7e765cba Improve local pairing behavior when two computers both try to start the pairing process separately.
I was able to reproduce something very like this bug by starting
pairing separately on both computers under poor network conditions (ie,
weak wifi on my front porch). Neither computer showed an alert for the
PairReq messages it was seeing (intermittently) from the other.

So, I've made a new PairReq message that has not been seen before
always make the alert pop up, even if the assistant thinks it is
in the middle of its own pairing process (or even another pairing
process with a different box on the LAN).

(This shouldn't cause a rogue PairAck to disrupt a pairing process part
way through.)
2013-11-02 15:10:29 -04:00
Joey Hess
b5ddb4f0e6 better control character sanity check
The msg contains a haskell-escaped string, so control characters in it can
also be escaped. So this didn't work before, really.

Got rid of the \n check, because current pairing messages actually do
contain a \n, after the ssh public key. Don't want to break
back-compatability.
2013-11-02 14:44:10 -04:00
Joey Hess
2eca7eb565 fix build w/o webapp (again) 2013-11-02 13:38:44 -04:00
Joey Hess
8820091b4c webapp: remind user when using repositories that lack consistency checks
When starting up the assistant, it'll remind about the current
repository, if it doesn't have checks. And when a removable drive
is plugged in, it will remind if a repository on it lacks checks.

Since that might be annoying, the reminders can be turned off.

This commit was sponsored by Nedialko Andreev.
2013-10-29 16:50:38 -04:00
Joey Hess
496c8b7abb add post-repair actions 2013-10-29 14:25:20 -04:00
Joey Hess
791c8535b5 fix stale git locks as part of repo repair 2013-10-29 13:52:19 -04:00
Joey Hess
fabb0c50b7 move code around and rename thread; no functional changes 2013-10-29 13:41:44 -04:00
Joey Hess
26d95e86d7 rename module 2013-10-28 11:33:14 -04:00
Joey Hess
c0eec83ee5 fix build w/o webapp 2013-10-28 11:24:25 -04:00
Joey Hess
a7821c0581 automatically launch git repository repair
Added a RemoteChecker thread, that waits for problems to be reported with
remotes, and checks if their git repository is in need of repair.

Currently, only failures to sync with the remote cause a problem to be
reported. This seems enough, but we'll see.

Plugging in a removable drive with a repository on it that is corrupted
does automatically repair the repository, as long as the corruption causes
git push or git pull to fail. Some types of corruption do not, eg
missing/corrupt objects for blobs that git push doesn't need to look at.

So, this is not really a replacement for scheduled git repository fscking.
But it does make the assistant more robust.

This commit is sponsored by Fernando Jimenez.
2013-10-27 16:42:13 -04:00
Joey Hess
7ed8e87a34 assistant: Support repairing git remotes that are locally accessible
(eg, on removable drives)

gcrypt remotes are not yet handled.

This commit was sponsored by Sören Brunk.
2013-10-27 15:38:59 -04:00
Joey Hess
b48aaa22d0 assistant: Automatically repair damanged git repository, if it can be done without losing data. 2013-10-26 17:16:29 -04:00
Joey Hess
a1b1b5ef52 moved code out of webapp
No code changes, aside from some changes to lifting in code that turned out
to be able to run in Assistant rather than Handler.
2013-10-26 16:58:16 -04:00
Joey Hess
cb440ab423 ssh 2013-10-26 14:07:36 -04:00
Joey Hess
0dfe604ddc webapp: When setting up a bare shared repository, enable non-fast-forward pushes. 2013-10-26 13:06:43 -04:00
Joey Hess
2233ddd5a2 assistant: When autostarted, wait 5 seconds before running the startup scan, to avoid contending with the user's desktop login process. 2013-10-26 12:42:58 -04:00
Joey Hess
338bb7d3b8 fix build fail with old yesod (or something)
Avoid MonadIO constraint by using liftAnnex to get to liftIO.
2013-10-24 12:59:20 -04:00
Joey Hess
0036139b33 wire git repair into webapp 2013-10-23 14:43:58 -04:00
Joey Hess
1eaec2f9aa UI tweaks 2013-10-22 16:30:23 -04:00
Joey Hess
d345e5b52f add git fsck to cronner, and UI for repository repair (not yet wired up) 2013-10-22 16:02:52 -04:00
Joey Hess
00932eda06 webapp: Fix bug when adding a remote and git-remote-gcrypt is not installed. 2013-10-22 13:32:10 -04:00
Joey Hess
b7800eab24 webapp: Move sidebar to the right hand side of the screen. 2013-10-21 18:05:52 -04:00
Joey Hess
4f871f89ba git-recover-repository 1/2 done 2013-10-20 17:50:51 -04:00
Joey Hess
4722dcc92b cleanup 2013-10-18 11:24:41 -04:00
Joey Hess
7a9daefea2 update for LsTree type change
in the config monitor, we want files relative to the top of the working directory
2013-10-17 14:51:39 -04:00
Joey Hess
e5e4b80b09 add support for weekly, monthly, and yearly schedules that run on no specific day 2013-10-15 13:27:21 -04:00
Joey Hess
4a374fa999 commit config changes immediately 2013-10-14 16:24:13 -04:00
Joey Hess
3989ad91e6 display of last fsck time 2013-10-14 16:05:10 -04:00
Joey Hess
5e891672e5 only sync with local repos that are currently available (and only fsck them too) 2013-10-14 15:36:47 -04:00
Joey Hess
4bb8720d85 switch to runFormPostNoToken to work around strange yesod bug 2013-10-14 12:18:04 -04:00
Joey Hess
25462f125d cronner: run jobs triggered by remotes becoming connected (untested) 2013-10-13 17:14:56 -04:00
Joey Hess
a1040a38c5 Merge branch 'master' into incrementalfsck 2013-10-13 15:05:44 -04:00
Joey Hess
ee2020bdc7 fix build w/o webdav 2013-10-13 14:19:58 -04:00
Joey Hess
42c4a86d16 UI for configuring fscks of remotes 2013-10-11 17:25:32 -04:00
Joey Hess
1ffb3bb0ba add remote fsck interface
Currently only implemented for local git remotes. May try to add support
to git-annex-shell for ssh remotes later. Could concevably also be
supported by some special remote, although that seems unlikely.

Cronner user this when available, and when not falls back to
fsck --fast --from remote

git annex fsck --from does not itself use this interface.
To do so, I would need to pass --fast and all other options that influence
fsck on to the git annex fsck that it runs inside the remote. And that
seems like a lot of work for a result that would be no better than
cd remote; git annex fsck
This may need to be revisited if git-annex-shell gets support, since it
may be the case that the user cannot ssh to the server to run git-annex
fsck there, but can run git-annex-shell there.

This commit was sponsored by Damien Diederen.
2013-10-11 16:03:18 -04:00
Joey Hess
88ec6eff15 add/remove/edit schedule UI working
Once I built the basic widget, it turned out to be rather easy to replicate
it once per scheduled activity and wire it all up to a fully working UI.

This does abuse yesod's form handling a bit, but I think it's ok.
And it would be nice to have it all ajax-y, so that saving one modified
form won't lose any modifications to other forms. But for now, a nice
simple 115 line of code implementation is a win.

This late night hack session commit was sponsored by Andrea Rota.
2013-10-11 03:04:11 -04:00
Joey Hess
aa5b2f1c3c basic fsck form UI 2013-10-11 00:46:04 -04:00
Joey Hess
e9745f2da2 add config page for fsck, and alert with button when a fsck is running 2013-10-10 18:05:53 -04:00
Joey Hess
18f4d1b400 queue downloads of keys that fsck finds with bad content 2013-10-10 17:27:00 -04:00
Joey Hess
82083658cf stop fsck when scheduled activity is removed 2013-10-10 16:22:55 -04:00
Joey Hess
6a331d1261 got delay calculation backwards 2013-10-10 12:55:30 -04:00
Joey Hess
5b70eac659 fix option name 2013-10-10 12:49:54 -04:00
Joey Hess
c80bc53960 cronner builds, should work (untested)
I probably need to improve handling of the PleaseTerminate exception to
kill the fsck process. Also, if fsck finds bad files, something needs
to requeue downloads of them. Otherwise, this should work, but is probably
quite buggy since I have only tested the pure code over the past 2 days.
2013-10-08 18:13:08 -04:00
Joey Hess
af5e1d0494 half way complete cronner thread to run scheduled activities 2013-10-08 11:48:28 -04:00
Joey Hess
45aed381df import: Skip .git directories. 2013-10-07 13:03:05 -04:00
Joey Hess
635c9a1549 assistant: Detect stale git lock files at startup time, and remove them.
Extends the index.lock handling to other git lock files. I surveyed
all lock files used by git, and found more than I expected. All are
handled the same in git; it leaves them open while doing the operation,
possibly writing the new file content to the lock file, and then closes
them when done.

The gc.pid file is excluded because it won't affect the normal operation
of the assistant, and waiting for a gc to finish on startup wouldn't be
good.

All threads except the webapp thread wait on the new startup sanity checker
thread to complete, so they won't try to do things with git that fail
due to stale lock files. The webapp thread mostly avoids doing that kind of
thing itself. A few configurators might fail on lock files, but only if the
user is explicitly trying to run them. The webapp needs to start
immediately when the user has opened it, even if there are stale lock
files.

Arranging for the threads to wait on the startup sanity checker was a bit
of a bear. Have to get all the NotificationHandles set up before the
startup sanity checker runs, or they won't see its signal. Perhaps
the NotificationBroadcaster is not the best interface to have used for
this. Oh well, it works.

This commit was sponsored by Michael Jakl
2013-10-05 17:04:21 -04:00
Joey Hess
93dbb7842e watcher: Detect at startup time when there is a stale .git/lock, and remove it so it does not interfere with the automatic commits of changed files. 2013-10-03 16:57:21 -04:00
Joey Hess
3ac9c4e672 hlint 2013-10-02 22:59:07 -04:00
Joey Hess
a5e1f2efc0 blind enabling of existing ssh and ssh gcrypt repos 2013-10-02 15:54:32 -04:00
Joey Hess
dfdaa649d0 hlint 2013-10-02 01:06:59 -04:00
Joey Hess
028b0d8961 hlint 2013-10-02 00:42:27 -04:00
Joey Hess
b24b5ca089 hlint 2013-10-02 00:33:40 -04:00
Joey Hess
245d5590c9 fix use of mangled ssh hostname
However, this is not working for gcrypt repos with a mangled hostname.
Problem is that the locked down key is installed before the repo is
initialized, so git-annex-shell refuses to allow the gcrypt special remote
to do its setup.
2013-10-01 16:16:38 -04:00
Joey Hess
5f9f7024e9 enabling ssh gcrypt now works 2013-10-01 16:08:01 -04:00
Joey Hess
0ddf4d3148 Merge branch 'master' of ssh://git-annex.branchable.com into sshgcrypt 2013-10-01 14:40:20 -04:00
Joey Hess
61e06c972f webapp can now set up gcrypt repos on ssh servers 2013-10-01 13:43:35 -04:00
Joey Hess
d83a244986 UI for making encrypted ssh remotes with gcrypt
Improved probing the remote server, so it gathers a list of the
capabilities it has. From that list, we can determine which types
of remotes are supported, and display an appropriate UI.

The new buttons for making gcrypt repos don't work yet, but the old buttons
for unencrypted git repo and encrypted rsync repo have been adapted to the
new data types and are working.

This commit was sponsored by David Schmitt.
2013-09-29 15:14:09 -04:00
Joey Hess
44e1524be5 webapp: Fixed a bug where when a new remote is added, one file may fail to sync to or from it
This happened because the transferrer process did not know about the new
remote. remoteFromUUID crashed, which crashed the transferrer. When it was
restarted, the new one knew about the new remote so all further files would
transfer, but the one file would temporarily not be, until transfers retried.

Fixed by making remoteFromUUID not crash, and try reloading the remote list
if it does not know about a remote.

Note that this means that remoteFromUUID does not only return Nothing anymore
when the UUID is the UUID of the local repository. So had to change some code
that dependend on that assumption.
2013-09-29 14:51:49 -04:00
Joey Hess
12f6b9693a Send a git-annex user-agent when downloading urls.
Overridable with --user-agent option.

Not yet done for S3 or WebDAV due to limitations of libraries used --
nether allows a user-agent header to be specified.

This commit sponsored by Michael Zehrer.
2013-09-28 14:35:21 -04:00
Joey Hess
e864c8d033 blind enabling gcrypt repos on rsync.net
This pulls off quite a nice trick: When given a path on rsync.net, it
determines if it is an encrypted git repository that the user has
the key to decrypt, and merges with it. This is works even when
the local repository had no idea that the gcrypt remote exists!

(As previously done with local drives.)

This commit sponsored by Pedro Côrte-Real
2013-09-27 16:21:56 -04:00
Joey Hess
b58bb4c8c1 refactor 2013-09-27 01:19:56 -04:00
Joey Hess
5bd5e604ad remove another sum type that was only needed to work around a bug in old yesod
And the bug is only a warning message at compile time..
2013-09-27 00:35:37 -04:00
Joey Hess
1f5611a1ca remove workaround for old yesod bug 2013-09-27 00:31:12 -04:00
Joey Hess
7665773593 refactor 2013-09-27 00:27:59 -04:00
Joey Hess
1550759220 enabling rsync.net gcrypt repos
Still need to detect when the user is trying to create a repo
that already exists, and jump to the enabling code.
2013-09-26 23:47:30 -04:00
Joey Hess
6b24730179 check if gcrypt is installed 2013-09-26 18:42:54 -04:00
Joey Hess
735ed3b822 prep for enabling remotre gcrypt repos in webapp 2013-09-26 17:26:13 -04:00
Joey Hess
588494cbce webapp: Support storing encrypted git repositories on rsync.net.
Does not yet support re-enabling such a repository though.

This commit was sponsored by Jan Pieper.
2013-09-26 16:43:00 -04:00
Joey Hess
109f2ccc8a refactor 2013-09-26 12:40:19 -04:00
Joey Hess
98fc7e8a19 add, import, assistant: Better preserve the mtime of symlinks, when when adding content that gets deduplicated.
Note that this turned out to remove a syscall, not add any expense.
Otherwise, I would not have done it.
2013-09-25 16:07:11 -04:00
Joey Hess
4dc4a9a385 assistant: Clear the list of failed transfers when doing a full transfer scan. This prevents repeated retries to download files that are not available, or are not referenced by the current git tree.
This is motivated by a user report that the assistant was repeatedly
retrying transfers of files that had been deleted (in direct mode, so
removing the only copy).

Note that the glacier code retries failed transfers after a while to retry
downloads that have aged long enough to be available. This is ok; if we're
doing a full transfer scan we'll retry on every file that is still in the
git tree.

Also note that this makes the assistant less likely to get every file
referenced by old revs of the git tree. Not something the assistant tries
to ensure anyway, so I feel this is acceptable.
2013-09-25 11:46:17 -04:00
Joey Hess
4c954661a1 git-annex-shell: Added support for operating inside gcrypt repositories.
* Note that the layout of gcrypt repositories has changed, and
  if you created one you must manually upgrade it.
  See http://git-annex.branchable.com/upgrades/gcrypt/
2013-09-24 17:25:47 -04:00
Joey Hess
a143ab4451 remove odd utf-8 whitespace
broke the EvilSplicer on C locale
2013-09-23 13:58:03 -04:00
Joey Hess
3bd05c27d2 work around evilsplicer bug
Really simple TH splices are printed in a way it doesn't parse.
2013-09-20 12:19:55 -04:00
Joey Hess
e8e209f4e5 better probing for gcrypt repositories using new --check option
Now can tell if a repo uses gcrypt or not, and whether it's decryptable
with the current gpg keys.

This closes the hole that undecryptable gcrypt repos could have before been
combined into the repo in encrypted mode.
2013-09-19 12:53:24 -04:00
Joey Hess
8062f6337f webapp: support adding existing gcrypt special remotes from removable drives
When adding a removable drive, it's now detected if the drive contains
a gcrypt special remote, and that's all handled nicely. This includes
fetching the git-annex branch from the gcrypt repo in order to find
out how to set up the special remote.

Note that gcrypt repos that are not git-annex special remotes are not
supported. It will attempt to detect such a gcrypt repo and refuse
to use it. (But this is hard to do any may fail; see
https://github.com/blake2-ppc/git-remote-gcrypt/issues/6)

The problem with supporting regular gcrypt repos is that we don't know
what the gcrypt.participants setting is intended to be for the repo.
So even if we can decrypt it, if we push changes to it they might not be
visible to other participants.

Anyway, encrypted sneakernet (or mailnet) is now fully possible with the
git-annex assistant! Assuming that the gpg key distribution is handled
somehow, which the assistant doesn't yet help with.

This commit was sponsored by Navishkar Rao.
2013-09-18 15:55:31 -04:00
Joey Hess
3d88559e58 webapp: Show encryption information when editing a remote. 2013-09-17 20:02:42 -04:00
Joey Hess
9de189e788 webapp gpg key generation
Now the webapp can generate a gpg key that is dedicated for use by
git-annex. Since the key is single use, much of the complexity of
generating gpg keys is avoided.

Note that the key has no password, because gpg-agent is not available
everywhere the assistant is installed. This is not a big security problem
because the key is going to live on the same disk as the git annex
repository, so an attacker with access to it can look directly in the
repository to see the same files that get stored in the encrypted
repository on the removable drive.

There is no provision yet for backing up keys.

This commit sponsored by Robert Beaty.
2013-09-17 15:36:15 -04:00
Joey Hess
1ba7737335 fix modals 2013-09-16 16:46:00 -04:00
Joey Hess
490aa67d10 check if git-remote-gcrypt is installed 2013-09-16 16:35:27 -04:00
Joey Hess
b37aad6c06 webapp: Initial support for setting up encrypted removable drives.
No support yet for generating new gpg keys.
No support yet for adding existing encrypted repos from removable drives.
2013-09-16 16:07:27 -04:00
Joey Hess
f53526501d commit immediately when adding removable drive repo
I noticed that adding a removable drive repo, then trying to add the same
drive again resulted in the question about whether repos should be
combined. This was because the uuid.log was not updated. Which happened
because the new uuid did not get committed on the removable drive.
This fixes that.
2013-09-16 14:56:19 -04:00
Joey Hess
5fe49b98f8 Support hot-swapping of removable drives containing gcrypt repositories.
To support this, a core.gcrypt-id is stored by git-annex inside the git
config of a local gcrypt repository, when setting it up.

That is compared with the remote's cached gcrypt-id. When different, a
drive has been changed. git-annex then looks up the remote config for
the uuid mapped from the core.gcrypt-id, and tweaks the configuration
appropriately. When there is no known config for the uuid, it will refuse to
use the remote.
2013-09-12 15:54:35 -04:00
Joey Hess
b64f5baf2d sync: support gcrypt 2013-09-09 10:02:15 -04:00
Joey Hess
7c1a9cdeb9 partially complete gcrypt remote (local send done; rest not)
This is a git-remote-gcrypt encrypted special remote. Only sending files
in to the remote works, and only for local repositories.

Most of the work so far has involved making initremote work. A particular
problem is that remote setup in this case needs to generate its own uuid,
derivied from the gcrypt-id. That required some larger changes in the code
to support.

For ssh remotes, this will probably just reuse Remote.Rsync's code, so
should be easy enough. And for downloading from a web remote, I will need
to factor out the part of Remote.Git that does that.

One particular thing that will need work is supporting hot-swapping a local
gcrypt remote. I think it needs to store the gcrypt-id in the git config of the
local remote, so that it can check it every time, and compare with the
cached annex-uuid for the remote. If there is a mismatch, it can change
both the cached annex-uuid and the gcrypt-id. That should work, and I laid
some groundwork for it by already reading the remote's config when it's
local. (Also needed for other reasons.)

This commit was sponsored by Daniel Callahan.
2013-09-07 18:38:00 -04:00
Joey Hess
9dc2373977 only retry every 60 seconds
Retying every second is a bit much, especially given the current leak
https://github.com/audreyt/network-multicast/issues/4
2013-08-24 14:37:34 -04:00
Joey Hess
8587485994 clarify notifyNetMessagerRestart 2013-08-24 13:49:04 -04:00
Joey Hess
b191d5c595 gitignore support for the assistant and watcher
Requires git 1.8.4 or newer. When it's installed, a background
git check-ignore process is run, and used to efficiently check ignores
whenever a new file is added.

Thanks to Adam Spiers, for getting the necessary support into git for this.

A complication is what to do about files that are gitignored but have
been checked into git anyway. git commands assume the ignore has been
overridden in this case, and not need any more overriding to commit a
changed version.

However, for the assistant to do the same, it would have to run git ls-files
to check if the ignored file is in git. This is somewhat expensive. Or it
could use the running git-cat-file process to query the file that way,
but that requires transferring the whole file content over a pipe, so it
can be quite expensive too, for files that are not git-annex
symlinks.

Now imagine if the user knows that a file or directory tree will be getting
frequent changes, and doesn't want the assistant to sync it, so gitignores
it. The assistant could overload the system with repeated ls-files checks!

So, I've decided that the assistant will not automatically commit changes
to files that are gitignored. This is a tradeoff. Hopefully it won't be a
problem to adjust .gitignore settings to not ignore files you want the
assistant to autocommit, or to manually git annex add files that are listed
in .gitignore.

(This could be revisited if git-annex gets access to an interface to check
the content of the index w/o forking a git command. This could be libgit2,
or perhaps a separate git cat-file --batch-check process, so it wouldn't
need to ship over the whole file content.)

This commit was sponsored by Francois Marier. Thanks!
2013-08-02 20:37:03 -04:00
Joey Hess
672cfc3923 better git version checking 2013-08-02 18:32:26 -04:00
Joey Hess
eba74e3940 fix build with old yesod 2013-08-02 12:32:16 -04:00
Joey Hess
d1ed337035 webapp: Improve handling of remotes whose setup has stalled.
This includes recovery from the ssh-agent problem that led to many reporting
http://git-annex.branchable.com/bugs/Internal_Server_Error:_Unknown_UUID/
(Including fixing up .ssh/config to set IdentitiesOnly.)

Remotes that have no known uuid are now displayed in the webapp as
"unfinished". There's a link to check their status, and if the remote
has been set annex-ignore, a retry button can be used to unset that and
try again to set up the remote.

As this bug has shown, the process of adding a ssh remote has some failure
modes that are not really ideal. It would certianly be better if, when
setting up a ssh remote it would detect if it's failed to get the UUID,
and handle that in the remote setup process, rather than waiting until
later and handling it this way.

However, that's hard to do, particularly for local pairing, since the
PairListener runs as a background thread. The best it could do is pop up an
alert if there's a problem. This solution is not much different.

Also, this solution handles cases where the user has gotten their repo into
a mess manually and let's the assistant help with cleaning it up.

This commit was sponsored by Chia Shee Liang. Thanks!
2013-07-31 16:36:29 -04:00
Joey Hess
ab62ae357a hide NoUUID remotes from repolist
A ssh remote will breifly have NoUUID when it's just being set up and
git-annex-shell has not yet been queried for the UUID. So it doesn't make
sense to display any kind of error message in this case. The UI doesn't
work when there's NoUUID, and it can even crash the ajax long polling code.
So hiding NoUUID repositories is the right thing to do.

I've tested and the automatic refresh of the repolist causes the remote
to show up as soon as a UUID is recorded, when doing local pairing, and
when adding a ssh remote.
2013-07-31 14:31:05 -04:00
Joey Hess
cbfdf3ab21 set IdentitiesOnly
When setting up a dedicated ssh key to access the annex on a host,
set IdentitiesOnly to prevent the ssh-agent from forcing use of a different
ssh key.

That behavior could result in unncessary password prompts. I remember
getting a message or two from people who got deluged with password
prompts and I couldn't at the time see why.

Also, it would prevent git-annex-shell from being run on the remote host,
when git-annex was installed there by unpacking the standalone tarball,
since the authorized_keys line for the dedicated ssh key, which sets
up calling git-annex-shell when it's not in path, wouldn't be used.

This fixes
http://git-annex.branchable.com/bugs/Internal_Server_Error:_Unknown_UUID
but I've not closed that bug yet since I should still:

1. Investigate why the ssh remote got set up despite being so broken.
2. Make the webapp not handle the NoUUID state in such an ugly way.
3. Possibly add code to fix up systems that encountered the problem.
   Although since it requires changes to .ssh/config this may be one for
   the release notes.

Thanks to TJ for pointing me in the right direction to understand what
was happening here.
2013-07-31 13:30:49 -04:00
Joey Hess
869c638b82 assistant: Fix bug that caused it to stall when adding a very large number of files at once (around 5 thousand).
This bug was introduced in 82a6db8fe8,
which improved handling of adding very large numbers of files by ensuring
that a minimum number of max size commits (5000 files each) were done.

I accidentially made it wait for another change to appear after such a max
size commit, even if a lot of queued changes were already accumulated.
That resulted in a stall when it got to the end. Now fixed to not wait
any longer than necessary to ensure the watcher has had time to wake back
up after the max size commit.

This commit was sponsored by Michael Linksvayer. Thanks!
2013-07-27 17:42:18 -04:00
Joey Hess
2d7b4517ab got hdevtools working again
Fix comment to not make cpp unhappy
2013-07-27 13:00:49 -04:00
Joey Hess
ec4d974dcf assistant: Fix deadlock that could occur when adding a lot of files at once in indirect mode.
This is a laziness problem. Despite the bang pattern on newfiles, the list
was not being fully evaluated before cleanup was called. Moving cleanup out
to after the list is actually used fixes this.

More evidence that I should be using ResourceT or pipes, if any was needed.
2013-07-26 18:42:22 -04:00
Joey Hess
97f3aecb17 assistant: Fix NetWatcher to not sync with remotes that have remote.<name>.annex-sync set to false.
This affected both the hourly NetWatcherFallback thread and the syncing
when network connection is detected.

It was a reversion of sorts, introduced in
8861e270be, when annex-ignore was changed to
not control git syncing. I forgot to make it check annex-sync at that
point.
2013-07-26 16:54:20 -04:00
Joey Hess
6967f539d0 add status tag to all presence messages
Necessary for push messages to not override the previously sent tag.
2013-07-25 14:58:30 -04:00
Joey Hess
54e0bd55b4 fun with exec 2013-07-23 17:31:51 -04:00
Joey Hess
0962c43bf7 fix build 2013-07-23 13:40:27 -04:00
Joey Hess
5c82c99c76 webapp: When creating a repository on a removable drive, set core.fsyncobjectfiles, to help prevent data loss when the drive is yanked. 2013-07-23 13:38:05 -04:00
Joey Hess
381637e4c8 Add status message to XMPP presence tag, to identify to others that the client is a git-annex client.
I only added this to the presense messages that are really intended for
presence. The ones used for tunneling git etc don't have the tag, because
that would waste bandwidth.
2013-07-23 12:41:41 -04:00
Joey Hess
780efc775c When an XMPP server has SRV records, try them, but don't then fall back to the regular host if they all fail.
gmail.com has some XMPP SRV records, but does not itself respond to XMPP
traffic, although it does accept connections on port 5222. So if a user
entered the wrong password, it would try all the SRVs and fall back to
trying gmail, and hang at that point.

This seems the right thing to do, not just a workaround.
2013-07-20 21:18:55 -04:00
Joey Hess
9fc1448947 webapp: Differentiate between creating a new S3/Glacier/WebDav remote, and initializing an existing remote. When creating a new remote, avoid conflicts with other existing (or deleted) remotes with the same name. 2013-07-20 18:15:16 -04:00
Joey Hess
dba1e29949 webapp: Better display of added files. 2013-07-10 15:37:40 -04:00
Joey Hess
00e6663128 linux standalone auto-install icons 2013-07-09 20:50:41 -04:00
Joey Hess
19b8bcbe30 Install XDG desktop icon files.
The icon files will be installed when running make install or cabal
install. Did not try to run update-icon-caches, since I think it's debian
specific, and dh_icons will take care of that for the Debian package.

Using the favicon as a 16x16 icon. At 24x24 the svg displays pretty well,
although the dotted lines are rather faint. The svg is ok at all higher
resolutions.

The standalone linux build auto-installs the desktop and autostart files
when run. I have not made it auto-install the icon file too, because
a) that would take more work to include them in the tarball and find them
b) it would need to be an install to ~/.icons/, and I don't know if that
   really works!
2013-07-09 19:56:30 -04:00
Joey Hess
b6d857da08 fix build 2013-07-08 12:53:08 -04:00
Joey Hess
57f5c9f41a webapp: Fix authorized_keys line added when setting up a rsync remote on a server that also supports git-annex, to not force running git-annex-shell. 2013-07-08 12:51:07 -04:00