Commit graph

250 commits

Author SHA1 Message Date
Joey Hess
e864c8d033 blind enabling gcrypt repos on rsync.net
This pulls off quite a nice trick: When given a path on rsync.net, it
determines if it is an encrypted git repository that the user has
the key to decrypt, and merges with it. This is works even when
the local repository had no idea that the gcrypt remote exists!

(As previously done with local drives.)

This commit sponsored by Pedro Côrte-Real
2013-09-27 16:21:56 -04:00
Joey Hess
b58bb4c8c1 refactor 2013-09-27 01:19:56 -04:00
Joey Hess
1f5611a1ca remove workaround for old yesod bug 2013-09-27 00:31:12 -04:00
Joey Hess
7665773593 refactor 2013-09-27 00:27:59 -04:00
Joey Hess
1550759220 enabling rsync.net gcrypt repos
Still need to detect when the user is trying to create a repo
that already exists, and jump to the enabling code.
2013-09-26 23:47:30 -04:00
Joey Hess
6b24730179 check if gcrypt is installed 2013-09-26 18:42:54 -04:00
Joey Hess
735ed3b822 prep for enabling remotre gcrypt repos in webapp 2013-09-26 17:26:13 -04:00
Joey Hess
588494cbce webapp: Support storing encrypted git repositories on rsync.net.
Does not yet support re-enabling such a repository though.

This commit was sponsored by Jan Pieper.
2013-09-26 16:43:00 -04:00
Joey Hess
109f2ccc8a refactor 2013-09-26 12:40:19 -04:00
Joey Hess
4c954661a1 git-annex-shell: Added support for operating inside gcrypt repositories.
* Note that the layout of gcrypt repositories has changed, and
  if you created one you must manually upgrade it.
  See http://git-annex.branchable.com/upgrades/gcrypt/
2013-09-24 17:25:47 -04:00
Joey Hess
a143ab4451 remove odd utf-8 whitespace
broke the EvilSplicer on C locale
2013-09-23 13:58:03 -04:00
Joey Hess
3bd05c27d2 work around evilsplicer bug
Really simple TH splices are printed in a way it doesn't parse.
2013-09-20 12:19:55 -04:00
Joey Hess
e8e209f4e5 better probing for gcrypt repositories using new --check option
Now can tell if a repo uses gcrypt or not, and whether it's decryptable
with the current gpg keys.

This closes the hole that undecryptable gcrypt repos could have before been
combined into the repo in encrypted mode.
2013-09-19 12:53:24 -04:00
Joey Hess
8062f6337f webapp: support adding existing gcrypt special remotes from removable drives
When adding a removable drive, it's now detected if the drive contains
a gcrypt special remote, and that's all handled nicely. This includes
fetching the git-annex branch from the gcrypt repo in order to find
out how to set up the special remote.

Note that gcrypt repos that are not git-annex special remotes are not
supported. It will attempt to detect such a gcrypt repo and refuse
to use it. (But this is hard to do any may fail; see
https://github.com/blake2-ppc/git-remote-gcrypt/issues/6)

The problem with supporting regular gcrypt repos is that we don't know
what the gcrypt.participants setting is intended to be for the repo.
So even if we can decrypt it, if we push changes to it they might not be
visible to other participants.

Anyway, encrypted sneakernet (or mailnet) is now fully possible with the
git-annex assistant! Assuming that the gpg key distribution is handled
somehow, which the assistant doesn't yet help with.

This commit was sponsored by Navishkar Rao.
2013-09-18 15:55:31 -04:00
Joey Hess
3d88559e58 webapp: Show encryption information when editing a remote. 2013-09-17 20:02:42 -04:00
Joey Hess
9de189e788 webapp gpg key generation
Now the webapp can generate a gpg key that is dedicated for use by
git-annex. Since the key is single use, much of the complexity of
generating gpg keys is avoided.

Note that the key has no password, because gpg-agent is not available
everywhere the assistant is installed. This is not a big security problem
because the key is going to live on the same disk as the git annex
repository, so an attacker with access to it can look directly in the
repository to see the same files that get stored in the encrypted
repository on the removable drive.

There is no provision yet for backing up keys.

This commit sponsored by Robert Beaty.
2013-09-17 15:36:15 -04:00
Joey Hess
1ba7737335 fix modals 2013-09-16 16:46:00 -04:00
Joey Hess
490aa67d10 check if git-remote-gcrypt is installed 2013-09-16 16:35:27 -04:00
Joey Hess
b37aad6c06 webapp: Initial support for setting up encrypted removable drives.
No support yet for generating new gpg keys.
No support yet for adding existing encrypted repos from removable drives.
2013-09-16 16:07:27 -04:00
Joey Hess
f53526501d commit immediately when adding removable drive repo
I noticed that adding a removable drive repo, then trying to add the same
drive again resulted in the question about whether repos should be
combined. This was because the uuid.log was not updated. Which happened
because the new uuid did not get committed on the removable drive.
This fixes that.
2013-09-16 14:56:19 -04:00
Joey Hess
0962c43bf7 fix build 2013-07-23 13:40:27 -04:00
Joey Hess
5c82c99c76 webapp: When creating a repository on a removable drive, set core.fsyncobjectfiles, to help prevent data loss when the drive is yanked. 2013-07-23 13:38:05 -04:00
Joey Hess
9fc1448947 webapp: Differentiate between creating a new S3/Glacier/WebDav remote, and initializing an existing remote. When creating a new remote, avoid conflicts with other existing (or deleted) remotes with the same name. 2013-07-20 18:15:16 -04:00
Joey Hess
57f5c9f41a webapp: Fix authorized_keys line added when setting up a rsync remote on a server that also supports git-annex, to not force running git-annex-shell. 2013-07-08 12:51:07 -04:00
Joey Hess
d84a000e92 detect system with no dot in FQDN, where git commit will fail, and workaround
Sigh, git is so *fragile*. Or rather, across the set of systems that use
git-annex, where are no many horribly broken systems..
2013-07-05 12:24:28 -04:00
Joey Hess
1b395dcb76 webapp: Fix ssh setup with nonstandard port, broken in last release. 2013-07-02 15:46:02 -04:00
Joey Hess
ff4f008591 clean up build warnings with yesod 1.2, while still building with 1.1 2013-06-27 01:15:28 -04:00
Joey Hess
10072157cb webapp: Fix bug when setting up a remote ssh repo repeatedly on the same server.
The ssh setup first runs ssh to the real hostname, to probe if a ssh key is
needed. If one is, it generates a mangled hostname that uses a key. This
mangled hostname was being used to ssh into the server to set up the key.
But if the server already had the key set up, and it was locked down, the
setup would fail. This changes it to use the real hostname when sshing in
to set up the key, which avoids the problem.

Note that it will redundantly set up the key on the ssh server. But it's
the same key; the ssh key generation code uses the key if it already
exists.
2013-06-25 14:46:20 -04:00
Joey Hess
9b61d6a82b fix warning building w/o xmpp 2013-06-20 22:25:45 -04:00
Joey Hess
e8827c29c6 Make field readonly, not disabled
Working on Windows horriblness all day sure did nice things to my mood,
didn't it?
2013-06-18 17:08:37 -04:00
Joey Hess
f651b87bbd revert broken change that prevented saving changes to local repo
People who get annoyed at not being able to edit "here" can send me a
patch, I don't have time for this nonsense.
2013-06-18 17:02:58 -04:00
Joey Hess
fa1c1e0f65 annex.debug can now be set to enable debug logging by default. The webapp's debugging check box does this. 2013-06-17 20:41:27 -04:00
Joey Hess
c9f3082b99 disable text field for repository name for current repository 2013-06-13 13:38:46 -04:00
Joey Hess
0b11c71740 Android: Add .thumbnails to .gitignore when setting up a camera repository. 2013-06-10 17:10:12 -04:00
Joey Hess
b42fe2283a remove unnecessary haskell extensions 2013-06-04 21:13:20 -04:00
Joey Hess
1198b5444d now builds with both yesod 1.2 and 1.1 2013-06-03 18:14:22 -04:00
Joey Hess
31753bad46 add liftH shim between yesod versions, to avoid needing zillions of ifdefs 2013-06-03 13:51:54 -04:00
Joey Hess
79fd677805 WIP yesod 1.2 2013-06-03 11:25:23 -04:00
Joey Hess
d8d46c3ba3 when xmpp connection fails, show the host(s) it tried to connect to 2013-05-27 14:36:20 -04:00
Joey Hess
5a678244e2 avoid duplicate srv lookup when testing xmpp 2013-05-27 13:48:24 -04:00
Joey Hess
92910f5107 fix build 2013-05-12 19:13:38 -04:00
Joey Hess
1e2ddcb68a use setCurrentDirectory
On POSIX, this just calls changeWorkingDirectory.
2013-05-11 19:14:30 -04:00
Joey Hess
d63a0a77f2 fix build w/o DAV 2013-05-08 12:20:10 -04:00
Joey Hess
69bd8d0462 fix android build 2013-05-06 16:45:49 -04:00
Joey Hess
ad6fee422a fix warning 2013-05-04 16:36:51 -04:00
Joey Hess
001d82f953 fix warning 2013-05-04 16:35:54 -04:00
Joey Hess
d35132810a Got removable media mount detection working on Android.
Bionic has an amusing stub for `getmntent` that prints out
"FIX ME! implement getmntent()"

But, `/proc/mounts` is there, so I just parse it.
2013-05-04 16:19:25 -04:00
Joey Hess
d994f35937 disable hostname validation and canonicalization on android 2013-05-04 14:26:49 -04:00
Joey Hess
33334bfe2e added special camera repository to start screen for android 2013-05-03 15:21:31 -04:00
Joey Hess
e92f04f9cc build fix for -XMPP 2013-05-02 13:04:49 -04:00