On Saturday 07 July 2007 10:53:49 seth vidal wrote: > yes, it includes those. I don't think we should be running cgis of any > sort. They eat ram and expose us to more risk, don't they? There is some exposure yes. Something we have to evaluate. Being able to have people easily host/share source control is a nice thing to have. Just ask some people at Red Hat how "fun" it has been to deal with people.redhat.com and it's ancient OS with no on the box tools. > > > 4. essentially this box will be for rsync/scp/sftp of files to a place > > > where everyone can get to. Is there any other package that should be on > > > here? > > > > git would be nice, with the git server setup so that people can easily > > sync up a git repo to there or push via ssh to there and other people can > > get to it with git:// > > > > Hg is harder and maybe not possible. > > Isn't the above what rsync is for? For getting content onto the system that's one rather inefficient way for scms. Since git/hg can both work over ssh, it's /far/ more efficient and easy to just push via ssh to a directory in your webspace. For other users to then get access to the files, rsync does not work. You'll want http access, and really preferably git:// access for the git stuff. > I guess I'm inclined to not have any > scm - this is just a big box which serves files, statically, and does > not open us up to that many attack vectors. More and more the stuff I find myself chucking at public web space is not patches, but clones of distributed scm repos with my changes applied so that the upstream can just pull from my repo instead of doing a patch dance. If we're going to provide a service, lets try to make it as useful as possible. Note that none of the above should require the ability to actually log into the box, just access it remotely. -- Jesse Keating Release Engineer: Fedora
Attachment:
pgpFzohuzf5li.pgp
Description: PGP signature
