mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
Add basic Git authentication/authorization scripts
This adds two scripts to be used together with Git over SSH: * git-auth.py is supposed to be used as AuthorizedKeysCommand. It checks whether the public key belongs to any AUR user and invokes git-serve.py, passing the name of the corresponding user as a command line argument, if any. * git-serve.py is a wrapper around git-shell(1) that checks whether the user passed as command line argument has access to the Git repository that a push operation writes to. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer
parent
253e76d8cc
commit
ad17b9e2b4
3 changed files with 156 additions and 0 deletions
|
|
@ -26,3 +26,14 @@ max_rpc_results = 5000
|
|||
aur_request_ml = aur-requests@archlinux.org
|
||||
request_idle_time = 1209600
|
||||
auto_orphan_age = 15552000
|
||||
|
||||
[auth]
|
||||
key-prefixes = ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519
|
||||
username-regex = [a-zA-Z0-9]+[.\-_]?[a-zA-Z0-9]+$
|
||||
git-serve-cmd = /srv/http/aur/scripts/git-integration/git-serve.py
|
||||
ssh-options = no-port-forwarding,no-X11-forwarding,no-pty
|
||||
|
||||
[serve]
|
||||
repo-base = /pub/git/
|
||||
repo-regex = [a-z0-9][a-z0-9.+_-]*$
|
||||
git-shell-cmd = /usr/bin/git-shell
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue