README.md 3.7 KB

Gitlin

Github向けプライバシーUI\ GitlinはGotHubのフォークです。

インストールする方法

従属ソフト

  • Go 1.20以上
  • nginx又はOpenBSDのrelayd
  • 良いOS (GNU/Linux、OpenBSD、NetBSD、OpenIndiana、又はFreeBSD)

インストールする方法

make

OpenBSD

nvim /etc/rc.d/gitlin
#!/bin/ksh

daemon="/usr/local/bin/gitlin serve"

. /etc/rc.d/rc.subr

rc_bg=YES
rc_reload=NO

rc_cmd $1
chmod +x /etc/rc.d/gitlin
rcctl enable gitlin
rcctl start gitlin

Crux

nvim /etc/rc.d/gitlin
#!/bin/sh
#
# /etc/rc.d/gitlin: start/stop the gitlin daemon
#

SSD=/sbin/start-stop-daemon
NAME=gitlin
PROG=/usr/bin/$NAME
PIOD=/run/$NAME.pid

case $1 in
start)
  $SSD --start --pidfile $PID --exec $PROG
  ;;
stop)
  $SSD --stop --retry 10 --pidfile $PID
  ;;
restart)
  $0 stop
  $0 start
  ;;
status)
  $SSD --status --pidfile $PID
  case $? in
  0) echo "$PROG は実行中。pid $(cat $PID)" ;;
  1) echo "$PROG は実行していませんが、pidファイルは「 $PID 」として存在しそう" ;;
  3) echo "$PROG は停止中" ;;
  4) echo "状況不明" ;;
  esac
  ;;
*)
  echo "usage: $0 [start|sto@|restart|status]"
  ;;
esac

# End of file

Devuan

nvim /etc/init.d/gitlin
#!/bin/sh
#
# chkconfig: 35 90 12
# description: Gitlin server
#

NAME=gitlin
DESC=gitlin
DAEMON=/usr/bin/$NAME

start () {
  echo "Gitlinサーバーは開始中:\n"
  /usr/bin/gitlin -s 9715 &>/dev/null &
  touch /var/lock/subsys/gitlin
  echo
}

stop () {
  echo "Gitlinサーバーは終了中:\n"
  pkill gitlin
  rm -f /var/lock/subsys/gitlin
  echo
}

case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  status)
    status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
    ;;
  restart|reload|condrestart)
    stop
    start
    ;;
  *)
    echo $"Usage: $0 {start|stop|restart|status}"
    exit 1
esac

ウェブサーバー

OpenBSD

nvim /etc/relayd.conf
# $OpenBSD: relayd.conf,v 1.5 2018/05/06 20:56:55 benno Exp $
#
relayd_address="0.0.0.0"

table <gitlin> { 127.0.0.1 }

http protocol reverse_proxy {
  tls keypair "DOMAIN"
  match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
  match request header append "X-Forwarded-Port" value "$REMOTE_PORT"

  match response header set "Referrer-Policy" value "same-origin"
  match response header set "X-Frame-Options" value "deny"
  match response header set "X-XSS-Protection" value "1; mode=block"
  match response header set "X-Content-Type-Options" value "nosniff"
  match response header set "Strict-Transport-Security" value "max-age=31536000; includeSubDomains; preload"
  match response header set "Cache-Control" value "max-age=86400"

  pass request quick header "Host" value "DOMAIN" forward to <gitlin>

  return error
  pass
}

relay www {
  listen on $relayd_address port 443 tls 
  protocol $relayd_address

  forward to <gitlin> check tcp port 9715
}

その他

server {
  server_name DOMAIN www.DOMAIN;

  access_log off;
  error_log off;

  if ($host = www.DOMAIN) {
    return 301 https://DOMAIN$request_uri;
  }

  location /static {
    try_files $uri $uri/ /static/$args;
  }

  location / {
    proxy_pass http://localhost:9715;
  }

  listen [::]:443 ssl ipv6only=on;
  listen 443 ssl;
  ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem;
  include /etc/letsencrypt/options-ssl-nginx.conf
}

server {
  if ($host = DOMAIN) {
    return 301 https://DOMAIN$request_uri;
  }

  if ($host = www.DOMAIN) {
    return 301 https://DOMAIN$request_uri;
  }

  listen 80;
  listen [::]:80;
  server_name DOMAIN www.DOMAIN;
  return 404;
}