summaryrefslogtreecommitdiff
path: root/about/what-is.mdwn
diff options
context:
space:
mode:
authorDaniel Silverstone <dsilvers@digital-scurf.org>2017-02-12 16:11:18 +0000
committerDaniel Silverstone <dsilvers@digital-scurf.org>2017-02-12 16:11:18 +0000
commit9d3ff687e31cf84c97109e8e6fb8f1cd15e2715b (patch)
tree73575d49776a9601db3f7a7940343747c89864d1 /about/what-is.mdwn
parentb7283b5bcbedf0d97cd9ab467b37dc0fe41b20d8 (diff)
downloadgitano-wiki-9d3ff687e31cf84c97109e8e6fb8f1cd15e2715b.tar.bz2
Some tweaks
Diffstat (limited to 'about/what-is.mdwn')
-rw-r--r--about/what-is.mdwn32
1 files changed, 17 insertions, 15 deletions
diff --git a/about/what-is.mdwn b/about/what-is.mdwn
index a7795df..a03a5aa 100644
--- a/about/what-is.mdwn
+++ b/about/what-is.mdwn
@@ -14,7 +14,7 @@ accessible over the git, http and ssh transport protocols.
<!-- More in-depth description of features -->
-# Is a git server providing user separation with ssh keys or passwords
+# …is a git server providing user separation with ssh keys or passwords…
Git servers implement the `git-{receive,upload}-pack` commands
when accessed over ssh,
@@ -24,20 +24,22 @@ and the bespoke protocol of the git transport.
Gitano implements the ssh interface by generating a `.ssh/authorized_keys` file
for all the permitted ssh keys
-that runs a proxy command that determines which user the key belonged to
-and whether the user is permitted to run the requested command
-before running the git command.
+that specifies a proxy command that is told which user the key belonged to,
+and which determines if the user is permitted to run the requested command
+before running the appropriate git operation.
Gitano implements the http interface by providing `gitano-smart-http.cgi`
which the system administrator configures their web server to run,
-which authenticates the user based on a generated htpasswd file
-then determines whether the authenticated user is permitted to run the service
+and which authenticates the user based on a generated htpasswd file,
+then determines whether the authenticated user is permitted to run the service,
before handing it off to `git-http-backend`.
-Gitano implements the git interface by generating `git-daemon-export-ok` files
+Gitano supports the git interface by generating `git-daemon-export-ok` files
for every repository that the anonymous user is permitted to read.
+The protocol implementation is left to the `git-daemon` functionality
+which is built into `git`.
-# Access rules defined as customisable ACLs
+# …access rules defined as customisable ACLs…
All Gitano commands consult ACLs written in [lace][]
to determine whether the operation is permitted.
@@ -53,16 +55,16 @@ then the permission to grant permissions can also be delegated.
[lace]: https://www.gitano.org.uk/lace/
-# Maximally sandboxed hooks run in Lua
+# …maximally sandboxed hooks written in Lua…
In addition to installing hooks to provide ACL checking for git operations,
-these hooks will also run hooks written in Lua in a [supple][] sandbox,
-so it's safe to run semi-trusted code contributed by users
+these hooks will also run hook code, written in Lua, in a [supple][] sandbox,
+such that it is safe to run semi-trusted code contributed by users
for purposes such as notifying web services of a repository update.
[supple]: https://www.gitano.org.uk/supple/
-# Configuration stored in git for global and per-repository configuration
+# …configuration stored in git for global and per-repository configuration…
Gitano reads the majority of its configuration
from the master branch of the `gitano-admin.git` repository
@@ -84,11 +86,11 @@ are only loaded from the `gitano-admin.git` repository.
By putting the configuration of Gitano in repositories managed by Gitano
it is easy to make a backup of configuration with the data
-by mirroring the repository content,
-configuration gains the same traceability guarantees as git history
+by mirroring the repository content.
+Configuration gains the same traceability guarantees as git history
and can be access controlled with the same mechanism as the data.
-# Server side commands for easier administration
+# …server side commands for easier administration…
Management of git repositories isn't naturally part of the git protocol,
so commands for creating and deleting repositories need to be added