|
Size: 3895
Comment:
|
Size: 4980
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
'''Sourcehut''' is a software system providing [[Git|git]] and [[Mercurial|mercurial]] version control hosts, a bug tracker, and a simple web UI. |
|
| Line 11: | Line 13: |
| Upstream only officially supports [[Linux/Alpine|Alpine Linux 3.15 through 3.17]]. To enable the package repository, add the following line to `/etc/apk/repositories`. It '''must''' be the '''first''' repository checked. {{{ https://mirror.sr.ht/alpine/v3.17/sr.ht }}} The community package repository must be enabled. See [[Linux/Alpine/Apk|here]] for more details. Install the packager's key and update the package index. {{{ wget -q -O /etc/apk/keys/[email protected] https://mirror.sr.ht/alpine/[email protected] apk update }}} Sourcehut is a modular ecosystem, with `meta.sr.ht` being the only mandatory package (as it handles authentication and authorization). For example, to run the [[Git|git]] and [[Mercurial|mercurial]] services, use `git.sr.ht` and `hg.sr.ht`, respectively. Installation and configuration of these modular services is detailed in a corresponding section under Administration. Install the `meta.sr.ht` package. Start and enable three services: `meta.sr.ht`, `meta.sr.ht-api`, and `meta.sr.ht-webhooks`. Finally enable the `metasrht-daily` cronjob and set it to run daily. |
Upstream only officially supports [[Linux/Alpine|Alpine Linux]] on AMD64 (a.k.a. x86_64) hardware. The software is made available through [[Linux/Alpine/Apk#Repositories|custom package repositories]]. Enable the community repository and `https://mirror.sr.ht/alpine/v3.17/sr.ht` (matching the Alpine Linux version of the host). Also install the [[Linux/Alpine/Apk#Signing_Keys|packaging key]] from `https://mirror.sr.ht/alpine/[email protected]`. |
| Line 36: | Line 19: |
| Eli Schwartz maintains a set of packages for [[Linux/Arch|Arch Linux]]. Add the mirror to `/etc/pacman.conf`: {{{ [sr.ht] Server = https://mirror.sr.ht/archlinux/sr.ht }}} Then install the packagers' keys: {{{ sudo pacman-key --recv-keys C0AAFC1676BD998617C94C42DC59670F1EB0A189 sudo pacman-key --lsign-key C0AAFC1676BD998617C94C42DC59670F1EB0A189 }}} === Development Setup === TODO: copy from [[https://emersion.fr/blog/2021/setting-up-sr.ht-for-local-development/]] |
Eli Schwartz maintains a set of packages for [[Linux/Arch|Arch Linux]]. Add `https://mirror.sr.ht/archlinux/sr.ht` as a [[Linux/Arch/Pacman#Repositories|custom repository]] and [[Linux/Arch/Pacman#Signing_Keys|import Eli's key]] (at time of writing: `C0AAFC1676BD998617C94C42DC59670F1EB0A189`). |
| Line 62: | Line 25: |
| == Configuration == | == Setup and Configuration == |
| Line 64: | Line 27: |
| Several Sourcehut services depend on additional local services. | Sourcehut is a modular system, with `meta.sr.ht` being the only mandatory package. Start and enable three services: `meta.sr.ht`, `meta.sr.ht-api`, and `meta.sr.ht-webhooks`. Finally enable the `metasrht-daily` cronjob and set it to run daily. |
| Line 70: | Line 35: |
| Sourcehut depends on a reverse proxy to dispatch between services. Furthermore, HTTP(S) cloning is not supported for git repositories, so an external web server is required. See [[Sourcehut/WebServer#Configuration|Web Server]] for configuration information. |
A reverse proxy is needed to dispatch between services; to serve static content; and to serve the HTTP [[Git|git]] frontend. See [[Sourcehut/WebServer|Web Server]] for configuration information. |
| Line 78: | Line 41: |
| See [[Sourcehut/Mail#Configuration|Mail]] for configuration information. | Several of the modular services have a direct dependency on a mail server; chiefly the mailing lists (`lists.sr.ht`) and the issue tracker (`todo.sr.ht`). The core system is also tightly integrated on email for critical reports. |
| Line 80: | Line 43: |
| To test the configuration, add an SSH key to the admin user. An automatic notification email will be generated by that trigger. | See [[Sourcehut/Mail|Mail]] for configuration information. A test email can be sent from `https://meta.example.com/privacy`. |
| Line 86: | Line 51: |
| [[Redis]] will work out of the box. Configure Sourcehut with the database URI. | The pools of web workers are managed through [[Redis]] queues. The connection string needs to be set in several parts of the configuration file. |
| Line 90: | Line 55: |
| ... | |
| Line 93: | Line 57: |
| [git.sr.ht] ... |
[meta.sr.ht] |
| Line 97: | Line 60: |
| [meta.sr.ht] ... webhooks=redis://localhost:6379/1 [todo.sr.ht] ... |
[git.sr.ht] |
| Line 106: | Line 64: |
| Note that each service ''can'' use an independent database if desired. | ''(And so on.)'' Note that each service ''can'' use an independent database if desired. |
| Line 112: | Line 70: |
| Each services is backed by a [[PostgreSQL]] database. The connection string needs to be set in several parts of the configuration file. {{{ [git.sr.ht] connection-string=postgresql://postgres@localhost:5432/git.sr.ht?sslmode=disable migrate-on-upgrade=yes [meta.sr.ht] connection-string=postgresql://postgres@localhost:5432/meta.sr.ht?sslmode=disable migrate-on-upgrade=yes }}} Note that each service ''can'' use an independent database instance if desired. |
|
| Line 114: | Line 85: |
| === SSH === | |
| Line 116: | Line 86: |
| See [[Sourcehut/SSH#Setup|SSH]] for setup information. | === Git === Install `git.sr.ht`. Start and enable three services: `git.sr.ht`, `git.sr.ht-api`, and `git.sr.ht-webhooks`. A [[Protocols/CGI#FastCGI|FastCGI]] server needs to be setup to handle the HTTP-based [[Git|git]] requests. Similarly, an [[Encryption/SSH|SSH]] server is needed for SSH-based requests. See [[Sourcehut/SSH#Setup|here]] for details on configuring the latter. Finally enable the `gitsrht-periodic` cronjob and set it to run regularly. Also see [[Sourcehut/WebServer#Git|here]] to update the web server with content relating to the git service. === Issue Tracker === Install `todo.sr.ht`. Start and enable three services: `todo.sr.ht`, `todo.sr.ht-api`, `todo.sr.ht-lmtp`, and `todo.sr.ht-webhooks`. Configure the mail server to route issue tracker mail to the [[Email/LMTP|LMTP]] server. See [[Sourcehut/Mail#LMTP_Servers|here]] for details. Also see [[Sourcehut/WebServer#Todo|here]] to update the web server with content relating to the issue tracker. |
| Line 160: | Line 148: |
| ---- == See also == [[https://man.sr.ht/installation.md|Upstream guidance for installing and hosting]] |
Sourcehut
Sourcehut is a software system providing git and mercurial version control hosts, a bug tracker, and a simple web UI.
Contents
Installation
Upstream only officially supports Alpine Linux on AMD64 (a.k.a. x86_64) hardware. The software is made available through custom package repositories. Enable the community repository and https://mirror.sr.ht/alpine/v3.17/sr.ht (matching the Alpine Linux version of the host). Also install the packaging key from https://mirror.sr.ht/alpine/[email protected].
Community Packages
Eli Schwartz maintains a set of packages for Arch Linux. Add https://mirror.sr.ht/archlinux/sr.ht as a custom repository and import Eli's key (at time of writing: C0AAFC1676BD998617C94C42DC59670F1EB0A189).
Setup and Configuration
Sourcehut is a modular system, with meta.sr.ht being the only mandatory package.
Start and enable three services: meta.sr.ht, meta.sr.ht-api, and meta.sr.ht-webhooks. Finally enable the metasrht-daily cronjob and set it to run daily.
Web Server
A reverse proxy is needed to dispatch between services; to serve static content; and to serve the HTTP git frontend. See Web Server for configuration information.
Mail Server
Several of the modular services have a direct dependency on a mail server; chiefly the mailing lists (lists.sr.ht) and the issue tracker (todo.sr.ht). The core system is also tightly integrated on email for critical reports.
See Mail for configuration information.
A test email can be sent from https://meta.example.com/privacy.
Redis
The pools of web workers are managed through Redis queues. The connection string needs to be set in several parts of the configuration file.
[sr.ht] redis-host=redis://localhost [meta.sr.ht] webhooks=redis://localhost:6379/1 [git.sr.ht] webhooks=redis://localhost:6379/1
(And so on.) Note that each service can use an independent database if desired.
PostgreSQL
Each services is backed by a PostgreSQL database. The connection string needs to be set in several parts of the configuration file.
[git.sr.ht] connection-string=postgresql://postgres@localhost:5432/git.sr.ht?sslmode=disable migrate-on-upgrade=yes [meta.sr.ht] connection-string=postgresql://postgres@localhost:5432/meta.sr.ht?sslmode=disable migrate-on-upgrade=yes
Note that each service can use an independent database instance if desired.
Git
Install git.sr.ht. Start and enable three services: git.sr.ht, git.sr.ht-api, and git.sr.ht-webhooks.
A FastCGI server needs to be setup to handle the HTTP-based git requests. Similarly, an SSH server is needed for SSH-based requests. See here for details on configuring the latter.
Finally enable the gitsrht-periodic cronjob and set it to run regularly.
Also see here to update the web server with content relating to the git service.
Issue Tracker
Install todo.sr.ht. Start and enable three services: todo.sr.ht, todo.sr.ht-api, todo.sr.ht-lmtp, and todo.sr.ht-webhooks.
Configure the mail server to route issue tracker mail to the LMTP server. See here for details.
Also see here to update the web server with content relating to the issue tracker.
Administration
Users
To create an admin user, try:
metasrht-manageuser -t admin -e <email> <username>
Note that admin users will permanently see a 'PRODUCTION ENVIRONMENT' banner on all pages.
With an existing admin user, users can be managed in the web UI.
Individual users then need to upload their own SSH and PGP keys, also through the web UI.
Git
Mercurial
Bug Tracker
Page Hosting
Mail Lists
Automated Builds
Anecdotally the build service is the most unreliable component of the Sourcehut ecosystem.
The master server runs the builds.sr.ht package and service. Each runner corresponds to a builds.sr.ht-worker service, which depends on the builds.sr.ht-worker and builds.sr.ht-images packages.
Upstream's production architecture thoroughly encapsulates the runners.
See also
Upstream guidance for installing and hosting