source: darkpeak-services/ @ 05c259bf

Last change on this file since 05c259bf was 05c259bf, checked in by Mat Booth <mat.booth@…>, 3 years ago

git: allow anonymous cloning of public repos over http

cgit now has this facility, we probably don't to also configure the
standalone git daemon

the urls for anonymous cloning over http are shown in the cgit ui

  • Property mode set to 100644
File size: 1.2 KB
1- Create users and groups as part of each web service's role rather than having php-fpm role create them indirectly.
2- Shorten the merry dance of simlinks involved in the location of mediawiki's LocalSettings.php file (which involves allowing the execution of php code in several directories that might otherwise be sensible to keep out of php-fpm's path, like /etc/mediawiki)
3- Have each role create its own webroot directory, or at least pass owner, group and mode as variables to the nginx role's "configure-nginx-website.yml" playbook. This would avoid having to fix webroot permissions for roles that use php-fpm(e.g. ttrss, mediawiki).
4- Move mastodon's webroot from /home/mastodon/live to /var/www/mastodon for consistency.
5- Fix the "include" deprecation warnings.
6- Ensure all users of LDAP are talking over TLS and actually verify certs
7- Replace the "darkpeak" LDAP user with a proper system user for services such as SSSD to bind with
8- We'll probably end up with random logos and other kinds of branding in a bunch of places -- this should be consolidated somehow (maybe submodule the design repo?)
9- Finish implementing git hosting:
10  - Static site hosting
11  - Fix cgit to show all public user repos (project list munging)
Note: See TracBrowser for help on using the repository browser.