vincent/aptly
1
0
Fork 0
mirror of https://github.com/aptly-dev/aptly.git synced 2026-05-06 22:18:28 +00:00
Code Issues Projects Releases Wiki Activity
1,585 Commits 11 Branches 27 Tags
ee21b69402d8d2ebb3c19b38387e237fc8e1aa4b
Commit Graph

1585 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrey Smirnov 564ebf3130 Merge pull request #493 from apachelogger/api-over-socket 
support serving the API over unix domain socket
 2017-02-28 23:41:09 +03:00
Harald Sitter dbee214259 support serving the API over unix domain socket 
`unix://$PATH` as listen argument will bind aptly to a unix domain socket
rather than TCP.

This allows binding the API to a UDS rather than a port.
Since aptly has no concept of authentication or any amount of high level
API hardening one needs to bottle it up in some other manner. Binding
to a localhost port is often a step in the right direction, ultimately is
still a scary insecure setup as any user on that host getting compromised
would mean that the entire archive is compromised as well.
UDS on the other hand are basically files and have their access managed
by regular file permission. As such, binding to a socket is in fact
the least insecure way to listen as you'd have to explicitly open up the
socket permissions to an access qualified group. In the most conservative
scenario that means no one but the aptly user can talk to the API, in a
more practical setup apache might get access as well and proxy the UDS
with authentication or limited to GET operations.

Using UDS allows reducing the attack surface of the API server while
preserving all the flexibility.
 2017-02-28 09:58:39 +01:00
Andrey Smirnov 6267c5cb25 Merge pull request #490 from smira/contents-low-footprint 
Use temporary LevelDB to store contents index
 2017-02-27 17:26:11 +03:00
Andrey Smirnov 4c06e26d85 Throttle compaction on temporary DB 2017-02-23 01:01:17 +03:00
Andrey Smirnov f2dc4eeec9 Generating contents indexes via temporary LevelDB 2017-02-21 19:09:51 +03:00
Andrey Smirnov f86e6ebf1f Merge pull request #491 from charz/master 
Fix URL path for Swift.
 2017-02-17 00:37:47 +03:00
Charles Hsu 0d208c93bc Merge branch 'master' of https://github.com/smira/aptly 2017-02-16 23:14:02 +08:00
Charles Hsu 485f311498 Fix URL path for Swift. 2017-02-16 23:09:18 +08:00
Andrey Smirnov 46b0d637e2 Merge pull request #484 from jola5/master 
Abort serve command if rootDir is inaccessible
 2017-02-15 23:54:42 +03:00
jola5 5a71847b7f Simplify test implementation 2017-02-15 20:18:47 +01:00
jola5 38a9917815 Handle dependencies in gomfile 2017-02-15 20:18:47 +01:00
jola5 4456f8da57 Refactor 2017-02-15 20:18:47 +01:00
jola5 970b1a424a Fix bugged implementation 2017-02-15 20:18:47 +01:00
jola5 edffa24658 Test startup checks for serve command 2017-02-15 20:18:47 +01:00
jola5 3040e7360a Fix golang.org/x/sys/unix dependency issue 2017-02-15 20:18:47 +01:00
jola5 b948180b4e Abort serve command if rootDir is inaccesible 2017-02-15 20:18:47 +01:00
Andrey Smirnov f58d2627c1 Add temporary DB and prefix methods to Storage 2017-02-14 02:26:32 +03:00
Andrey Smirnov ab0d77f6f9 Merge pull request #488 from smira/empty-filters 
Allow filter to be empty for `aptly * search` commands
 2017-02-14 01:43:46 +03:00
Andrey Smirnov 33d6cd8c0a Allow filter to be empty for aptly * search commands 
Empty filter implies "select all packages".
 2017-02-10 23:07:06 +03:00
Andrey Smirnov 4eef4f1803 Merge pull request #481 from smira/data-tar-gz-as-tar 
Add workaround for reading data.tar.gz as data.tar
 2017-01-24 20:19:50 +03:00
Andrey Smirnov c75d4c749c Add workaround for reading data.tar.gz as data.tar 
It seems that in the wild there are .deb package which have
`data.tar.gz` which is actually `.tar` archive.

Add magic detection based on signature.
 2017-01-24 19:30:53 +03:00
Andrey Smirnov c8a1b9a1f0 Merge pull request #482 from smira/fix-travis 
Fixing Travis build
 2017-01-24 19:27:58 +03:00
Andrey Smirnov d8d8973ad5 Fixing Travis build 2017-01-24 18:56:01 +03:00
Andrey Smirnov d1ded5c224 Merge pull request #480 from smira/man-generator 
Add `make` automation to re-generate man page [ci skip]
 2017-01-20 23:55:22 +03:00
Andrey Smirnov 155a801bc1 Add make automation to re-generate man page [ci skip] 
This also updates man page with latest changes
 2017-01-20 23:53:00 +03:00
Andrey Smirnov 6212b39264 Merge pull request #475 from jola5/master 
Support a vertical graph layout in addition to the existing horizontal
 2017-01-20 23:41:56 +03:00
jolo 92116072c2 Fix and enable broken graph layout tests 2017-01-20 02:19:45 +01:00
jolo b0ab39e07f Manually undo unintended changes 2017-01-20 02:19:44 +01:00
jola5 4bf27d1dae Merge branch 'master' into master 2017-01-19 23:07:49 +01:00
Andrey Smirnov 207ebffbb8 Merge pull request #472 from sliverc/print_sources 
Print sources details of snapshots and published repositories
 2017-01-19 01:05:53 +03:00
Andrey Smirnov b0dd83335f Merge branch 'master' into print_sources 2017-01-19 00:50:13 +03:00
Andrey Smirnov 8df6457931 Merge pull request #478 from smira/476-sorted-paths 
Sort paths when generating checksums for `Release`/`InRelease`
 2017-01-19 00:28:42 +03:00
Andrey Smirnov 7d2a396b27 Merge pull request #474 from apachelogger/support-graph.dot 
Allow requesting the unrendered dot graph from the graph endpoint
 2017-01-18 23:53:42 +03:00
Andrey Smirnov d5df049630 Sort paths when generating checksums for Release/InRelease 2017-01-18 23:50:22 +03:00
jolo 7c62a706c4 Disable tests failing due to inappropriate test data 2017-01-17 01:04:07 +01:00
jolo 96948d6f18 Basic test of graph layout 2017-01-17 00:46:51 +01:00
jolo 43e6498713 Add me to authors 2017-01-16 22:39:47 +01:00
jolo 91561b40f6 Change 'vertical' argument to a more generic 'layout', fix api 2017-01-16 22:13:13 +01:00
jolo 0e8ea6363a Support vertical graph layouts 2017-01-14 02:18:56 +01:00
Harald Sitter 345fa02fdc Allow requesting the unrendered dot graph from the graph endpoint 
When api/graph.{dot,gv} is requested the raw string for dot gets returned.
This allows client-side rendering rather than server-side. It also makes
the optional dependency on graphivz for dot unnecessary to use the graph
endpoint.
 2017-01-13 12:57:42 +01:00
Oliver Sauder 064adbae57 generate aptly.1 man page with patched ronn 2017-01-12 13:23:21 +01:00
Oliver Sauder ab458f4dfc Updated aptly man page and authors 2017-01-10 11:14:09 +01:00
Oliver Sauder 0fdee9cbf6 Added publish show command 2017-01-10 10:59:07 +01:00
Oliver Sauder 50e3e93166 print snapshot sources in snapshot show command 2017-01-09 17:29:01 +01:00
Andrey Smirnov 570835227b Merge pull request #470 from smira/templates 
Add PR and issue templates
 2016-12-30 17:07:54 +03:00
Andrey Smirnov 781c22e256 Add PR and issue templates 2016-12-30 00:11:45 +03:00
Andrey Smirnov babccfa21f Merge pull request #469 from smira/code-of-conduct 
Add Contributor Covenant Code of Conduct [ci skip]
 2016-12-29 00:03:35 +03:00
Andrey Smirnov 891113717e Add Contributor Covenant Code of Conduct [ci skip] 2016-12-29 00:01:17 +03:00
Andrey Smirnov bfb9045fa9 Merge pull request #465 from SHyx0rmZ/allow-empty-repo-edits-in-api 
Allow comment and defaults to be empty when editing a repo through the API
 2016-12-08 18:26:45 +03:00
Patrick Pokatilo 1c6b174b8a Make comment and defaults nullable in repo edit 2016-12-08 15:45:19 +01:00