diff options
Diffstat (limited to 'pages')
-rw-r--r-- | pages/posts/cgit-nginx-ubuntu/cgit-nginx-ubuntu.md | 96 | ||||
-rw-r--r-- | pages/posts/cgit-nginx-ubuntu/index.tsx | 12 | ||||
-rw-r--r-- | pages/posts/index.tsx | 2 | ||||
-rw-r--r-- | pages/posts/packaging-nebula-for-debian/index.tsx (renamed from pages/posts/nebula-on-debian/index.tsx) | 0 | ||||
-rw-r--r-- | pages/posts/packaging-nebula-for-debian/nebula.md (renamed from pages/posts/nebula-on-debian/nebula.md) | 67 | ||||
-rw-r--r-- | pages/posts/posts.md | 3 |
6 files changed, 147 insertions, 33 deletions
diff --git a/pages/posts/cgit-nginx-ubuntu/cgit-nginx-ubuntu.md b/pages/posts/cgit-nginx-ubuntu/cgit-nginx-ubuntu.md new file mode 100644 index 0000000..c225bd4 --- /dev/null +++ b/pages/posts/cgit-nginx-ubuntu/cgit-nginx-ubuntu.md @@ -0,0 +1,96 @@ +Installing cGit behind NGINX on Ubuntu +====================================== + +[cGit](https://git.zx2c4.com/cgit/about/) is a fast web interface based on the CGI specification. It is lightweight and doesn't require a database or web authentication system. + +It's easy to configure. For some reason, all the online guides for Ubuntu decided they needed to compile it from scratch and write their own start scripts in a mix of perl and bash. You don't need superhero sysadmin skills from the late 90s. All components are packaged with systemd units... there is a better way... + +### 1. Install `cgit` and `fcgiwrap`. + +`fcgiwrap` will create a socket NGINX can use to pass the CGI variables to cGit: +``` +sudo apt install fcgiwrap +sudo apt install cgit +``` + +### 2. Modify the `cgitrc` file under `/etc/cgitrc` to your liking: +``` +# See cgitrc(5) +# prepend this string to every url +virtual-root=/ +enable-index-links=1 +enable-commit-graph=1 + +root-title=My Git Repos +root-desc=I exclusivly write code in Smalltalk-71 +logo=/assets/my_custom_logo.png + +# Add site-specific configuration +# ... + +``` + +### 3. Optionally create an assets directory and add your custom logo / css: +``` +mkdir /var/www/html/assets +cp my_custom_logo.png /var/www/html/assets +``` + +### 4. Configure NGINX + +Add the site to NGINX. This launches the `cgit.cgi` executable passing it to the `fcgiwrap` socket: +```conf +echo >/etc/nginx/sites-available/cgit.conf <<EOF +server { + listen 80; + + server_name git.domain.com; + server_name www.git.domain.com; + + root /usr/share/cgit; + + # Maintainer overridden assets will live in /assets + # This allows you to change add a custom logo or modified CSS + # See cgitrc(5) + location ~* /assets { + root /var/www/html; + expires 30d; + } + + # Fallback to static assets included by cGit + location ~* ^.+\.(css|png|ico)$ { + root /usr/share/cgit; + expires 30d; + } + + try_files $uri @cgit; + + location @cgit { + fastcgi_param SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi; + fastcgi_param PATH_INFO $uri; + fastcgi_param QUERY_STRING $args; + fastcgi_param HTTP_HOST $server_name; + fastcgi_pass unix:/run/fcgiwrap.socket; + } + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log warn; +} +EOF +``` + +### 4. Enable the site: +```bash +ln -s /etc/nginx/sites-available/git.conf /etc/nginx/sites-enabled/cgit.conf +``` + +Note: all files in sites-enabled should be included in `nginx.conf`'s http section: +```conf +include /etc/nginx/sites-enabled/*; +``` + +### 5. Restart NGINX + +``` +sudo systemctl restart nginx +``` diff --git a/pages/posts/cgit-nginx-ubuntu/index.tsx b/pages/posts/cgit-nginx-ubuntu/index.tsx new file mode 100644 index 0000000..b510b3b --- /dev/null +++ b/pages/posts/cgit-nginx-ubuntu/index.tsx @@ -0,0 +1,12 @@ +// @ts-ignore +import md from './cgit-nginx-ubuntu.md'; +import MarkdownPage from '../../../templates/MarkdownPage'; + +export default function cGitNGINXUbuntu() { + return ( + <MarkdownPage + md={md} + path={'/posts/cgit-nginx-ubuntu'} + /> + ); +}
\ No newline at end of file diff --git a/pages/posts/index.tsx b/pages/posts/index.tsx index 9cbc4bc..e139ef5 100644 --- a/pages/posts/index.tsx +++ b/pages/posts/index.tsx @@ -1,5 +1,3 @@ -import { Breadcrumbs, LinkCrumb } from '../../components/Breadcrumbs'; -import Link from 'next/link'; import DefaultPage from '../../templates/Default'; import Markdown from '../../components/Markdown'; //@ts-ignore diff --git a/pages/posts/nebula-on-debian/index.tsx b/pages/posts/packaging-nebula-for-debian/index.tsx index 9d3741d..9d3741d 100644 --- a/pages/posts/nebula-on-debian/index.tsx +++ b/pages/posts/packaging-nebula-for-debian/index.tsx diff --git a/pages/posts/nebula-on-debian/nebula.md b/pages/posts/packaging-nebula-for-debian/nebula.md index 9f62040..d1c178f 100644 --- a/pages/posts/nebula-on-debian/nebula.md +++ b/pages/posts/packaging-nebula-for-debian/nebula.md @@ -1,16 +1,23 @@ -Nebula on Debian +Packaging Nebula for Debian ================= > **Created:** 2021-07-18 **Last Updated:** 2021-07-19 + +I am close to concluding a multi-week endevor to package [Nebula](https://github.com/slackhq/nebula), a VPN-style network mesh networking overlay. If all goes well, it will be uploaded to `debian/experimental` within the next few days. This would also mean the package would be pulled into Ubuntu during the next merge window. + +### Timeline -I am close to concluding a multi-week endevor to package [Nebula](https://github.com/slackhq/nebula), a VPN-style network mesh networking overlay. If all goes well, it will be uploaded to `debian/unstable` within the next few days. This would also mean the package would be pulled into Ubuntu during the next merge window. - +Unfortunately, Debian does not adhere to a constant release cycle. This means the timeline is uncertain. It will likely be uploaded to `experimental` within a few days. [See the new queue.](https://ftp-master.debian.org/new.html) It will stay in experimental for the next three months or so until the next release occurs. (It is incompatible with the version of protobuf in unstable. This prevents it from moving into unstable until the next version release.) +``` +{upload queue} -> [experimental] -> [unstable (sid)] -> [testing] -> [next release] +``` + Preemptively, I'm going to write up a set of install instructions specific to debian derivatives and briefly a few of the decisions made during the packaging process. Installation ------------ -**Step one will currently fail. See [installing from unstable](#installing-from-unstable)** +**Step one will currently fail. See [installing from experimental](#installing-from-experimental)** For the sake of simplicity, I'm going to assume that you're setting up a network with two nodes -- one lighthouse node and a node on your laptop. Once you understand the process, it easily scales to as many nodes as you wish. Pick your favorite virtualization provider in order to set up the lighthouse. The lighthouse requires minimal resources because it functions as a mutually-reachable node which synchronizes the address mappings. You could use a home server provided that you have a static ip (unlikely) or setup dynamic DNS. The latter may introduce some instability. I'm also assuming both clients are debian derivatives and have access to `apt`. @@ -200,57 +207,57 @@ import ( [^7] Actually, it is packaged individually but not under the `golang-go` moniker. I initially compiled it by preloading the `PATH` with `go 1.16` to force `dh-golang` to use those build tools. Thus caused `dh-golang` to misbehave and not harden or strip the binaries. Since the changes required to adapt Nebula to `go 1.13` were minimal, I opted to create a patch. -### Installing from unstable - -This is a temporary aside. As mentioned above, the package is currently bouncing around Debian's packaging infrastructure. I'm assuming at the time of reading that it is in unstable. This is a rolling version of Debian which allows maintainers, developers, or the curious to test the newest version of software before it enters the next Debian release. - -If you are running `buster`, you cannot install it directly using `apt`. _If you would like to test the package while it is unstable,_ I will offer some instructions here. [All the usual disclamers apply.](https://wiki.debian.org/DontBreakDebian#Don.27t_make_a_FrankenDebian) This is faily safe since Nebula is a binary package (and doesn't have any runtime dependencies other than glibc). - -There is a remote chance it will segfault due to binary incompatabilities with the version of glibc. If so, run `sudo apt purge nebula` and try installing from source. Building it from sources would require you to pull in a pleathra of unstable build dependancies. Just be aware of that choose to attempt the install. - -#### 1. Add `unstable` to your `sources.list` file - +### Installing from experimental + +This is a temporary aside. As mentioned above, the package is currently bouncing around Debian's packaging infrastructure. I'm assuming at the time of reading that it is in experimental. This is an internal Debian repository which allows maintainers, developers, or the curious to test the newest version of software before it enters the next Debian unstable. + +If you are running `buster`, you cannot install it directly using `apt`. _If you would like to test the package while it is experimental,_ I will offer some instructions here. [All the usual disclaimers apply.](https://wiki.debian.org/DontBreakDebian#Don.27t_make_a_FrankenDebian) This is fairly safe since Nebula is a binary package (and doesn't have any runtime dependencies other than glibc). + +There is a remote chance it will segfault due to binary incompatibilities with the version of glibc. If so, run `sudo apt purge nebula` and try installing from source. Building it from sources would require you to pull in a plethora of experimental build dependencies. + +#### 1. Add `experimental` to your `sources.list` file + ```bash sudo sh -c " sudo cat >/etc/apt/sources.list.d/99-tmp-nebula-overrides.list <<EOF -# Temporary pull in packages from the unstable distribution - -deb https://deb.debian.org/debian unstable main +# Temporary pull in packages from the experimental distribution + +deb https://deb.debian.org/debian experimental main EOF " ``` -#### 2. Demote `unstable` in your `apt` preferences - +#### 2. Demote `experimental` in your `apt` preferences + ```bash sudo sh -c " sudo cat >/etc/apt/preferences.d/99-tmp-nebula-prefer-stable <<EOF Package: * -Pin: release o=Debian,a=unstable +Pin: release o=Debian,a=experimental Pin-Priority: -10 " ``` - + #### 3. Update - + ```bash sudo apt update ``` - + If they above steps succeed, you should see: ``` All packages are up to date. ``` - -#### 3. Force APT to install the package from `unstable` + +#### 3. Force APT to install the package from `experimental` ```bash -sudo apt install -t unstable nebula +sudo apt install -t experimental nebula ``` - + After installing, you can continue to [creating a certificate authority](#2-creating-a-certificate-authority). Just ensure to remove nebula when you're finished testing. - + #### 4. When you're done testing ``` sudo rm /etc/apt/sources.list.d/99-tmp-nebula-overrides.list \ - /etc/apt/preferences.d/99-tmp-nebula-prefer-stable + /etc/apt/preferences.d/99-tmp-nebula-prefer-stable sudo apt purge nebula -```
\ No newline at end of file +``` diff --git a/pages/posts/posts.md b/pages/posts/posts.md index df784a5..48fb17b 100644 --- a/pages/posts/posts.md +++ b/pages/posts/posts.md @@ -2,4 +2,5 @@ Eclectic thoughts, miscellany, and discursive drivel -- [Nebula on Debian](/posts/nebula-on-debian)
\ No newline at end of file +- [Packaging Nebula for Debian](/posts/packaging-nebula-for-debian) +- [Installing cGit behind NGINX on Ubuntu](/posts/cgit-nginx-ubuntu) |