Commit graph

429 commits

Author SHA1 Message Date
Joey Hess
39d55a8541
back-compat warning for protocol=https 2019-03-22 12:22:34 -04:00
Joey Hess
7d37011a11
S3: Added protocol= initremote setting, to allow https to be used on a non-standard port
protocol=https implies port=443 and
port=443 implies protocol=https
-- this was necessary because the existing configs set port=443, but
with a protocol setting, users will naturally want to use it, and then
there's no need for them to supply the default https port. So we keep
back-compat, add a nicer way to enable https, and also add support for
non-standard https ports.
2019-03-22 12:17:05 -04:00
Joey Hess
ba6b396a97
improve docs 2019-03-22 09:59:56 -04:00
Joey Hess
5f17a9cc50
docs for importtree config 2019-03-04 15:39:19 -04:00
Joey Hess
7dd2672bd2
remove manual versioning mention from here
git-annex will tell the user if they need to manually enable versioning
2019-01-29 14:13:14 -04:00
basak
29b3d71122 Added a comment: Re: Archive not found 2018-12-18 23:54:27 +00:00
tim@5431dd39464df207b7d46d3cf1bc74c82123ac68
b9c41b11b9 Added a comment: Archive not found 2018-12-18 21:22:54 +00:00
anarcat
185565617e fix typo in manpage link 2018-12-11 21:14:56 +00:00
Joey Hess
ef53ad8b5b
response 2018-09-11 13:37:28 -04:00
Joey Hess
19e91d5ee3
Merge branch 'master' of ssh://git-annex.branchable.com 2018-09-06 14:37:42 -04:00
Joey Hess
b7daf2685f
support public versioned S3 access
Makes git annex whereis display the versionId urls.

And, when a s3 remote is enabled without creds, git-annex will use the
versionId urls to access its contents.

This commit was sponsored by Fernando Jimenez on Patreon.
2018-09-06 14:31:41 -04:00
anarcat
fc78b33389 add the rclone special remote explicitely because it is awesome 2018-09-06 00:58:24 +00:00
Joey Hess
7407a80c27
S3: Support AWS_SESSION_TOKEN
This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
2018-09-05 15:53:57 -04:00
Joey Hess
0ff5a41311
S3 versioning=yes config
Not yet used.

This commit was supported by the NSF-funded DataLad project.
2018-08-30 13:45:28 -04:00
andrew@d9c20810619d89ecb4d8ebe187df122112b82fd9
fb5b2f1b7f Added a comment: Not connect to remote as part of initremote? 2018-08-21 23:34:55 +00:00
Joey Hess
b8780da832
hint about when requesttyle=path is needed 2018-08-01 16:06:34 -04:00
lykos@d125a37d89b1cfac20829f12911656c40cb70018
8238e53527 Add note regarding python lib 2018-07-31 13:41:28 +00:00
Joey Hess
ba0745b5c2
S3: fix documentation of publicurl
5f0f063a7a documented it as being
configured automatically, but the code never did that. Rather than try
to hard-code whatever urls amazon  uses for its buckets, it seems better
to ask the user to find the url and set it.
2018-07-02 12:30:39 -04:00
Joey Hess
28720c795f
limit url downloads to whitelisted schemes
Security fix! Allowing any schemes, particularly file: and
possibly others like scp: allowed file exfiltration by anyone who had
write access to the git repository, since they could add an annexed file
using such an url, or using an url that redirected to such an url,
and wait for the victim to get it into their repository and send them a copy.

* Added annex.security.allowed-url-schemes setting, which defaults
  to only allowing http and https URLs. Note especially that file:/
  is no longer enabled by default.

* Removed annex.web-download-command, since its interface does not allow
  supporting annex.security.allowed-url-schemes across redirects.
  If you used this setting, you may want to instead use annex.web-options
  to pass options to curl.

With annex.web-download-command removed, nearly all url accesses in
git-annex are made via Utility.Url via http-client or curl. http-client
only supports http and https, so no problem there.
(Disabling one and not the other is not implemented.)

Used curl --proto to limit the allowed url schemes.

Note that this will cause git annex fsck --from web to mark files using
a disallowed url scheme as not being present in the web. That seems
acceptable; fsck --from web also does that when a web server is not available.

youtube-dl already disabled file: itself (probably for similar
reasons). The scheme check was also added to youtube-dl urls for
completeness, although that check won't catch any redirects it might
follow. But youtube-dl goes off and does its own thing with other
protocols anyway, so that's fine.

Special remotes that support other domain-specific url schemes are not
affected by this change. In the bittorrent remote, aria2c can still
download magnet: links. The download of the .torrent file is
otherwise now limited by annex.security.allowed-url-schemes.

This does not address any external special remotes that might download
an url themselves. Current thinking is all external special remotes will
need to be audited for this problem, although many of them will use
http libraries that only support http and not curl's menagarie.

The related problem of accessing private localhost and LAN urls is not
addressed by this commit.

This commit was sponsored by Brett Eisenberg on Patreon.
2018-06-16 11:57:50 -04:00
Joey Hess
c3c28f7617
add GETINFO to external protocol (for ronnypfa)
External special remotes can now add info to `git annex info $remote`, by
replying to the GETINFO message.

Had to generalize some helpers to allow consuming multiple messages from
the remote.

The code added to Remote/* here is AGPL licensed, thus changed the license
of the files.

This commit was sponsored by Jake Vosloo on Patreon.
2018-06-08 11:56:24 -04:00
Joey Hess
a0d0436185
response 2018-05-09 16:20:07 -04:00
iakornfeld@eaf45f0b645324dd9f1f57f226377caddf86a80e
dcc70dcb23 Added a comment: Git 2018-05-09 13:51:56 +00:00
Joey Hess
ae75eb06bc
exporttree support for adb special remote
This commit was sponsored by Michael Magin.
2018-03-27 16:28:41 -04:00
Joey Hess
2927618d35
Added adb special remote which allows exporting files to Android devices.
git annex testremote passes.

exportree not implemented yet, although the documentation talks about it,
since it will be the main way this remote will be used.

The adb push/pull progress is displayed for now; it would be better
to consume it and use it to update the git-annex progress bar.

This commit was sponsored by andrea rota.
2018-03-27 14:54:41 -04:00
Joey Hess
bed6773346
Support exporttree=yes for rsync special remotes.
Renaming is not supported; it might be possible to use --fuzzy to get rsync
to notice the file is being renamed, but that is a bit ..fuzzy.

On the other hand, interrupted transfers of an exported file are resumed,
since rsync is great at that. Had to adjust the exporttree docs, which
said interrupted transfers would restart.

Note that remove no longer makes the empty directory dummy, instead
sending the top-level empty directory. This works just as well and I
noticed the dummy was unncessary when refactoring it into removeGeneric.
Verified that behavior of remove is not changed, and git annex
testremote does pass.

This commit was sponsored by Brock Spratlen on Patreon.
2018-02-28 13:36:20 -04:00
xloem
7613a5e81c Added a comment: IPFS Deduplication 2017-10-07 19:46:12 +00:00
Joey Hess
9f4ffe65e9
implement removeExportDirectory
Not yet called by Command.Export.

WebDAV needs this to clean up empty collections. Also, example.sh turned
out to not be cleaning up directories when removing content
from them, so it made sense for it to use this.

Remote.Directory did not need it, and since its cleanup method for empty
directories is more efficient than what Command.Export will need to do
to find empty directories, it uses Nothing so that extra work can be
avoided.

This commit was sponsored by Thom May on Patreon.
2017-09-15 13:18:21 -04:00
Joey Hess
4d3a464e83
export to webdav
This basically works, but there's a bug when renaming a file that leaves
a .git-annex-temp-content-key file in the webdav store, that never gets
cleaned up.

Also, exporting files with spaces to box.com seems to fail; perhaps it
does not support it?

This commit was supported by the NSF-funded DataLad project.
2017-09-12 14:10:09 -04:00
Joey Hess
2bb96e9c32
very delayed response now that feature is added 2017-09-08 16:47:42 -04:00
Joey Hess
44cd5ae313
S3 export (untested)
It opens a http connection per file exported, but then so does git
annex copy --to s3.

Decided not to munge exported filenames for IA. Too large a chance of
the munging having confusing results. Instead, export of files not
supported by IA, eg with spaces in their name, will fail.

This commit was supported by the NSF-funded DataLad project.
2017-09-08 15:46:24 -04:00
Joey Hess
a1b195d84c
External special remote protocol extended to support export.
Also updated example.sh to support export.

This commit was supported by the NSF-funded DataLad project.
2017-09-08 14:24:05 -04:00
Joey Hess
28e2cad849
implement exporttree=yes configuration
* Only export to remotes that were initialized to support it.
* Prevent storing key/value on export remotes.
* Prevent enabling exporttree=yes and encryption in the same remote.

SetupStage Enable was changed to take the old RemoteConfig.
This allowed only setting exporttree when initially setting up a
remote, and not configuring it later after stuff might already be stored
in the remote.

Went with =yes rather than =true for consistency with other parts of
git-annex. Changed docs accordingly.

This commit was supported by the NSF-funded DataLad project.
2017-09-04 13:09:38 -04:00
Joey Hess
8f35c6584d
documentation for export
This commit was sponsored by Ole-Morten Duesund on Patreon.
2017-08-29 13:25:48 -04:00
Joey Hess
fdbfe88168
fix external script for filenames with spaces from protocol
Fix the external special remotes git-annex-remote-ipfs,
git-annex-remote-torrent and the example.sh template to correctly support
filenames with spaces.

This commit was sponsored by John Peloquin on Patreon.
2017-08-17 16:20:09 -04:00
fiatjaf
64ab727a10 Added a comment 2017-07-10 13:08:53 +00:00
http://xgm.de/oid/
61f362b4ff 2017-02-14 18:14:24 +00:00
Edward Betts
0750913136
correct spelling mistakes 2017-02-12 17:30:23 -04:00
victorsavu3@d059e0a74888923e70a555ce8ab75e8ba00b6eb7
72311753b3 Added a comment: RequestTimeoutException when uploading to glacier 2017-02-09 20:45:42 +00:00
mca@8789632e0b00e8efb984c948c13d9de28665f534
f1dd43d1b5 Added a comment: https-only access, type=S3 port=443 2017-01-05 13:10:44 +00:00
Joey Hess
794babf35a
add back share_with_a_friend_walkthrough, adapted for tor pairing
and some other xmpp to tor related changes
2016-12-24 15:46:02 -04:00
Joey Hess
ab66bbfeb6
Merge branch 'master' into no-xmpp 2016-12-24 15:01:55 -04:00
Joey Hess
1d82cf39ca
response 2016-12-13 12:48:11 -04:00
Joey Hess
46cbd65808
add page for tor special remote 2016-12-07 15:44:52 -04:00
davidriod@e75b369a4b1cced29c14354bce7493c61f00b1c7
d1ad4f1c00 Added a comment: Sharing rsync special remote between repository 2016-11-24 19:23:43 +00:00
David_K
057ee30429 removed 2016-11-16 01:28:32 +00:00
David_K
08ca407e67 Added a comment 2016-11-16 01:28:14 +00:00
David_K
6c1f0c6b02 Added a comment 2016-11-16 01:28:04 +00:00
Joey Hess
d58148031b
remove xmpp support
I've long considered the XMPP support in git-annex a wart.
It's nice to remove it.

(This also removes the NetMessager, which was only used for XMPP, and the
daemonstatus's desynced list (likewise).)

Existing XMPP remotes should be ignored by git-annex.

This commit was sponsored by Brock Spratlen on Patreon.
2016-11-14 14:53:08 -04:00
Joey Hess
2f15753cd3
response 2016-11-07 13:41:21 -04:00
Joey Hess
5343544822
S3: Support the special case endpoint needed for the cn-north-1 region.
* S3: Support the special case endpoint needed for the cn-north-1 region.
* Webapp: Don't list the Frankfurt region, as this (and some other new
  regions) need V4 authorization which the aws library does not yet use.

This commit was sponsored by Nick Daly on Patreon.
2016-11-07 11:49:34 -04:00