mirrors/git-pages
1
0
Fork 0
mirror of https://codeberg.org/git-pages/git-pages.git synced 2026-05-14 11:11:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
7 Commits 3 Branches 13 Tags
b9a26e528f70ca0c2813ae3bd84f8f0862c78e4c
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Catherine b9a26e528f Put sources under src/.
2025-09-15 04:51:51 +00:00
src
Put sources under src/.
2025-09-15 04:51:51 +00:00
.gitignore
Put sources under src/.
2025-09-15 04:51:51 +00:00
go.mod
Reorganize, add README and LICENSE.
2025-09-05 08:56:35 +00:00
go.sum
Reorganize, add README and LICENSE.
2025-09-05 08:56:35 +00:00
LICENSE-0BSD.txt
Reorganize, add README and LICENSE.
2025-09-05 08:56:35 +00:00
README.md
Add authorization.
2025-09-15 04:13:07 +00:00

README.md

git-pages

This is a simple Go service implemented as a strawman proposal of how https://codeberg.page could work. It lacks any form of authentication and must not be used in production.

Features

  • In response to a PUT or POST request, performs a shallow in-memory clone of a git repository, checks out a tree to the filesystem, and atomically updates the version of content being served.
    • PUT method is a custom REST endpoint, POST method is a Forgejo webhook endpoint.
  • In response to a GET request, selects an appropriate tree and serves files from it. Supported URL patterns:
    • https://domain.tld/project/ (routed to project-specific tree)
    • https://domain.tld/ (routed to domain-specific tree by exclusion)

Usage

You will need Go 1.24 or newer. Run:

$ mkdir -p data
$ go run . data :3333

This starts an HTTP server on 0.0.0.0:3333 whose behavior is fully determined by the data directory. It will accept requests to any virtual host, but must first be provisioned. For example:

$ curl -v http://127.0.0.1:3333/ -X PUT -H 'Host: codeberg.page' --data https://codeberg.org/Codeberg/pages-server
*   Trying 127.0.0.1:3333...
* [snip]
< HTTP/1.1 201 Created
< Content-Location: /
< Date: Fri, 05 Sep 2025 07:19:34 GMT
< Content-Length: 41
< Content-Type: text/plain; charset=utf-8
<
915c874f8029dcb2056237440116e170de0b9489
* Connection #0 to host 127.0.0.1 left intact

The server will now respond to requests for this host:

$ curl http://127.0.0.1:3333/ -H 'Host: codeberg.page'
<!DOCTYPE html>
[snip]

Authorization

DNS is used for authorization of content updates for custom domain names. Whenever a PUT or POST request is received at hostname.tld that has an Authorization: Pages <token> header, the TXT record(s) at _git-pages-challenge.hostname.tld are compared with sha256("hostname.tld <token>"). If there is a match then updates from any clone URLs are allowed.

Architecture

Filesystem is used as the sole mechanism for state storage.

  • The data/tree/ directory contains working trees organized by commit hash (indiscriminately of the repository they belong to). Repositories themselves are never stored on disk; they are cloned in-memory and discarded immediately after their contents is extracted.
    • The presence of a working tree directory under the appropriate commit hash is considered an indicator of its completeness. Checkouts are first done into a temporary directory and then atomically moved into place.
    • Currently a working tree is never removed, but a practical system would need to have a way to discard orphaned ones.
  • The data/www/ directory contains symlinks to working trees organized by domain and project name (e.g. data/www/example.org/myproject, or data/www/example.org/.index).
    • The presence of a symlink at the appropriate location is considered an indicator of completeness as well. Updating to a new content version is done by creating a new symlink at a temporary location and then atomically moving it into place.
    • This structure is simple enough that it may be served by e.g. Nginx instead of the Go application.
  • openat2(RESOLVE_IN_ROOT) is used to confine GET requests strictly under the data/ directory.

This approach has the benefits of being easy to explore and debug, but places a lot of faith onto the filesystem implementation; partial data loss, write reordering, or incomplete journalling will result in confusing and persistent caching issues. This is probably fine, but needs to be understood.

The specific arrangement used is clearly not optimal; at a minimum it is likely worth it to deduplicate files under data/tree/ using hardlinks, or perhaps to put objects in a flat, content-addressed store with data/www/ linking to each individual file. The key practical constraint will likely be the need to attribute excessively large trees to repositories they were built from (and to perform GC), which suggests adding structure and not removing it.

License

0-clause BSD

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 1 MiB
Languages
Go 98.4%
Dockerfile 0.9%
Nix 0.7%