summaryrefslogtreecommitdiff
path: root/about/what-is.mdwn
diff options
context:
space:
mode:
authorRichard Maw <richard.maw@gmail.com>2017-02-12 15:37:44 +0000
committerRichard Maw <richard.maw@gmail.com>2017-02-12 15:37:44 +0000
commit4b06d4bfd392090452b5da9f0764b0bbfcd8f0b9 (patch)
treea8bff75c3e84ac25dac16de646979e513c4e0a40 /about/what-is.mdwn
parentbe3ceb4be20806044f1478c7cac1d6214e4eeaec (diff)
downloadgitano-wiki-4b06d4bfd392090452b5da9f0764b0bbfcd8f0b9.tar.bz2
Describe config in repositories
Diffstat (limited to 'about/what-is.mdwn')
-rw-r--r--about/what-is.mdwn26
1 files changed, 26 insertions, 0 deletions
diff --git a/about/what-is.mdwn b/about/what-is.mdwn
index 52a3b83..b10ab4d 100644
--- a/about/what-is.mdwn
+++ b/about/what-is.mdwn
@@ -63,3 +63,29 @@ so it's safe to run semi-trusted code contributed by users
for purposes such as notifying web services of a repository update.
[supple]: https://www.gitano.org.uk/supple/
+
+# Configuration stored in git for global and per-repository configuration
+
+Gitano reads the majority of its configuration
+from the master branch of the `gitano-admin.git` repository
+in the set of repositories it manages access to.
+
+For operations performed on a specific repository
+it reads configuration from that repository's `refs/gitano/admin` branch.
+
+ACLs stored in `gitano-admin.git` are supplemented from `refs/gitano/admin`
+so users may add their own access restrictions.
+
+Any hooks defined in `gitano-admin.git` (i.e. a global hook) get called
+with a per-repo hook as a parameter if defined in `refs/gitano/admin`,
+so the global hook may decide whether to suppress or call the per-repo hook.
+If a global hook is not defined then per-repo hooks are called if defined.
+
+Users, their ssh keys, groups and GPG keys
+are only loaded from the `gitano-admin.git` repository.
+
+By putting the configuration of Gitano in repositories managed by Gitano
+it is easy to make a backup of configuration with the data
+by mirroring the repository content,
+configuration gains the same traceability guarantees as git history
+and can be access controlled with the same mechanism as the data.