[Savannah-cvs] /srv/bzr/administration r247: More work on identifying scripts to add to the repo

[Sylvain Beucler]

------------------------------------------------------------
revno: 247
committer: Sylvain Beucler <b...@beuc.net>
branch nick: infra
timestamp: Sat 2010-12-18 23:22:32 +0100
message:
  More work on identifying scripts to add to the repo
modified:
  backup/dl-confidential.sh
  backup/dl.sh
  download.txt
  vcs-noshell.txt

=== modified file 'backup/dl-confidential.sh'
--- a/backup/dl-confidential.sh 2010-12-18 19:56:20 +0000
+++ b/backup/dl-confidential.sh 2010-12-18 22:22:32 +0000
@@ -6,4 +6,5 @@
   --include '/root/' \
   --include '/root/.ssh/' \
   --include '/root/.ssh/authorized_keys' \
+  --include '/root/mirrors-contacts.txt' \
   --exclude '*'

=== modified file 'backup/dl.sh'
--- a/backup/dl.sh      2010-12-18 20:48:33 +0000
+++ b/backup/dl.sh      2010-12-18 22:22:32 +0000
@@ -13,7 +13,7 @@
 # reproduce the Savannah configuration.  Backup confidential files
 # (such as 'authorized_files') using 'dl-confidential.sh'.
 
-rsync -avHS r...@colonialone.fsf.org:/ colonialone.fsf.org/ \
+rsync -avHS --delete-excluded r...@colonialone.fsf.org:/ colonialone.fsf.org/ \
   \
   --exclude '*~' \
   \
@@ -49,7 +49,31 @@
   \
   --exclude '*'
 
-rsync -avHS r...@cvs.sv.gnu.org:/ vcs-noshell.in.sv.gnu.org/ \
+rsync -avHS --delete-excluded r...@savannah.gnu.org:/ frontend.in.sv.gnu.org/ \
+  \
+  --exclude '*~' \
+  \
+  --include '/etc/' \
+  --include '/etc/cron.daily/' \
+  --include '/etc/cron.daily/sv_list_groups' \
+  --include '/etc/cron.d/sv_export' \
+  \
+  --include '/etc/' \
+  --include '/etc/savane/' \
+  --include '/etc/savane/.savane.conf.php' \
+  --include '/etc/savane/savane.conf.pl' \
+  \
+  --include '/etc/' \
+  --include '/etc/apache2/' \
+  --include '/etc/apache2/sites-availables/***' \
+  --include '/etc/apache2/conf.d/' \
+  --include '/etc/apache2/conf.d/detect_bot.conf' \
+  \
+  --exclude '*'
+
+rsync -avHS --delete-excluded r...@cvs.sv.gnu.org:/ vcs-noshell.in.sv.gnu.org/ 
\
+  \
+  --exclude '*~' \
   \
   --include '/etc/' \
   --include '/etc/init.d/' \
@@ -58,30 +82,112 @@
   --include '/etc/libnss-mysql.cfg' \
   --include '/etc/libnss-mysql-root.cfg' \
   \
+  --include '/etc/' \
+  --include '/etc/cron.hourly/' \
+  --include '/etc/cron.hourly/bzr_commit_mail_notification' \
+  --include '/etc/cron.d/' \
+  --include '/etc/cron.d/rsync_external_cvs_repositories' \
+  --include '/etc/cron.d/sv' \
+  --include '/etc/cron.d/cvs2git' \
+  --include '/etc/cron.d/truncate-gitcvs-db-log' \
+  \
+  --include '/etc/' \
+  --include '/etc/apache2/' \
+  --include '/etc/apache2/sites-available/***' \
+  --include '/etc/apache2/conf.d/' \
+  --include '/etc/apache2/conf.d/detect_bot.conf' \
+  --include '/etc/apache2/conf.d/rlimit' \
+  --include '/etc/apache2/conf.d/status' \
+  \
+  --include '/var/' \
+  --include '/var/www/' \
+  --exclude '/var/www/*/webalizer/*' \
+  --include '/var/www/bzr/***' \
+  --include '/var/www/cvs/***' \
+  --include '/var/www/git/***' \
+  --include '/var/www/hg/***' \
+  --include '/var/www/svn/***' \
+  --include '/var/www/off-site/' \
+  --include '/var/www/off-site/README' \
+  --include '/var/www/off-site/hgweb/***' \
+  --include '/var/www/off-site/viewvc/' \
+  --include '/var/www/off-site/viewvc/viewvc.conf' \
+  --include '/var/www/off-site/viewvc/templates/' \
+  --include '/var/www/off-site/viewvc/templates/include/' \
+  --include '/var/www/off-site/viewvc/templates/include/header.ezt' \
+  \
+  --include '/etc/' \
+  --include '/etc/gitweb.conf' \
+  --include '/etc/cgitrc' \
+  --include '/etc/mercurial/***' \
+  \
   --exclude '*'
 # Mangle passwords (TODO: split them in separate file)
 sed -i -e 's/^password.*/password XXXXX/' \
   vcs-noshell.in.sv.gnu.org/etc/libnss-mysql.cfg \
   vcs-noshell.in.sv.gnu.org/etc/libnss-mysql-root.cfg
-
-rsync -avHS r...@savannah.gnu.org:/ frontend.in.sv.gnu.org/ \
+# TODO: document hgweb/viewvc/cgit/etc. configurations instead of
+# copying them.
+
+
+rsync -avHS --delete-excluded r...@dl.sv.gnu.org:/ sftp.in.sv.gnu.org/ \
   \
   --exclude '*~' \
   \
   --include '/etc/' \
-  --include '/etc/cron.daily/' \
-  --include '/etc/cron.daily/sv_list_groups' \
-  --include '/etc/cron.daily/sv' \
+  --include '/etc/cron.d/' \
+  --include '/etc/cron.d/download-tidyperms' \
+  --include '/etc/cron.d/download-timestamp' \
+  --include '/etc/cron.d/sv' \
   \
   --include '/etc/' \
   --include '/etc/apache2/' \
-  --include '/etc/apache2/sites-availables/***' \
+  --include '/etc/apache2/sites-available/***' \
   --include '/etc/apache2/conf.d/' \
-  --include '/etc/apache2/conf.d/detect_bot.conf' \
-  \
-  --include '/etc/' \
-  --include '/etc/savane/' \
-  --include '/etc/savane/.savane.conf.php' \
-  --include '/etc/savane/savane.conf.pl' \
+  --include '/etc/apache2/conf.d/sv_dotsig' \
+  \
+  --include '/var/' \
+  --include '/var/www/' \
+  --exclude '/var/www/*/webalizer/*' \
+  --exclude '/var/www/arch/google*' \
+  --include '/var/www/arch/***' \
+  --include '/var/www/download/***' \
+  --include '/var/www/audio-video/***' \
+  \
+  --include '/srv/' \
+  --include '/srv/download/' \
+  --include '/srv/download/00_MIRRORS.*' \
+  \
+  --exclude '*'
+
+rsync -avHS --delete-excluded r...@internal.in.sv.gnu.org:/ 
internal.in.sv.gnu.org/ \
+  \
+  --exclude '*~' \
+  \
+  --include '/etc/' \
+  --include '/etc/mysql/' \
+  --include '/etc/mysql/my.cnf' \
+  --include '/etc/exim4/update-exim4.conf.conf' \
+  --include '/etc/munin/munin.conf' \
+  \
+  --include '/etc/' \
+  --include '/etc/cron.d/' \
+  --include '/etc/cron.d/sv' \
+  \
+  --exclude '*'
+
+
+rsync -avHS --delete-excluded r...@builder.in.sv.gnu.org:/ 
builder.in.sv.gnu.org/ \
+  \
+  --exclude '*~' \
+  \
+  --include '/usr/' \
+  --include '/usr/src/' \
+  --include '/usr/src/patched/' \
+  --include '/usr/src/patched/README' \
+  --include '/usr/src/patched/cvs-patches/***' \
+  --include '/usr/src/patched/webalizer.changelog' \
+  --include '/usr/src/patched/debs/' \
+  --include '/usr/src/patched/debs/README' \
   \
   --exclude '*'

=== modified file 'download.txt'
--- a/download.txt      2009-03-17 20:19:04 +0000
+++ b/download.txt      2010-12-18 22:22:32 +0000
@@ -14,6 +14,19 @@
 session    optional     pam_umask.so umask=002
 EOF
 
+cat <<'EOF' > /etc/membersh-conf.pl
+$allowed_paths = 
"(/srv/download|/releases|/srv/arch|/archives|/srv/audio-video)";
+$use_scp = '1';
+$regexp_scp = "^scp .*(-t|-f) (-- )?$allowed_paths";
+
+$use_sftp = '1';
+$bin_sftp = '/usr/lib/openssh/sftp-server';
+$regexp_sftp = '/usr/lib/openssh/sftp-server';
+
+$use_rsync = '1';
+$regexp_rsync = '^rsync --server ';
+$regexp_dir_rsync = "^$allowed_paths";
+EOF
 
 aptitude --without-recommends install apache2-mpm-worker
 sed -i 's|NO_START=1|NO_START=0|' /etc/default/apache2

=== modified file 'vcs-noshell.txt'
--- a/vcs-noshell.txt   2010-12-18 20:48:33 +0000
+++ b/vcs-noshell.txt   2010-12-18 22:22:32 +0000
@@ -14,6 +14,24 @@
 #r...@vcs-noshell:/etc/ssh# getent shadow > /var/lib/extrausers/shadow
 
 
+cat <<'EOF' > /etc/membersh-conf.pl
+$use_cvs = "1";
+$use_svn = "1";
+our @prepend_args_svn = ('-r', '/srv/svn');
+$use_git = "1";
+
+# Enable read-only rsync access
+$allowed_paths = "(/srv/cvs|/sources|/web)";
+$use_rsync = '1';
+$regexp_rsync = '^rsync --server --sender ';
+$regexp_dir_rsync = "^$allowed_paths";
+
+$use_hg = '1';
+
+$use_bzr = '1';
+EOF
+
+
 # Details for each VCS:
 # -> cvs.txt
 # -> git.txt


_______________________________________________
Savannah-cvs mailing list
Savannah-cvs@gnu.org
http://lists.gnu.org/mailman/listinfo/savannah-cvs