diff options
Diffstat (limited to 'website')
-rw-r--r-- | website/doc.mdwn | 1 | ||||
-rw-r--r-- | website/local.css | 3 | ||||
-rw-r--r-- | website/mirrors.mdwn | 93 | ||||
-rw-r--r-- | website/sidebar.mdwn | 12 | ||||
-rw-r--r-- | website/trust-models.mdwn | 10 |
5 files changed, 36 insertions, 83 deletions
diff --git a/website/doc.mdwn b/website/doc.mdwn index 6bf319a..56498e8 100644 --- a/website/doc.mdwn +++ b/website/doc.mdwn @@ -27,3 +27,4 @@ Monkeysphere relies on: ## Other ## * [Similar Projects](/similar) (other attempts at a PKI for SSH) + * [Mirroring the website](/mirrors) diff --git a/website/local.css b/website/local.css index 3d00d71..29939b8 100644 --- a/website/local.css +++ b/website/local.css @@ -52,6 +52,7 @@ pre { border: 1px solid #aaa; padding: 3px 3px 3px 3px; margin-left: 2em; + overflow: auto; } table.sitenav { @@ -70,12 +71,14 @@ table.sitenav img.logo { table.sitenav a { font-weight: bold; margin-right: 1em; + font-variant: small-caps; } table.sitenav span.selflink { font-weight: bold; text-decoration: underline; margin-right: 1em; + font-variant: small-caps; } div.header { diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index 44f50d9..5fcc347 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -1,98 +1,47 @@ -[[meta title="Mirroring the web site"]] +[[meta title="Mirroring the Monkeysphere web site"]] -In keeping with the philosophy of distributed development, our web site is +# Mirroring the Monkeysphere web site # + +In keeping with the distributed philosophy of distributed development, our web site is stored in our git repositories and converted into html by [ikiwiki](http://ikiwiki.info/). We're mirrored on several servers. Rather than using ikiwiki's [pinger/pingee approach to distribution](http://ikiwiki.info/tips/distributed_wikis/), we've -opted for a method that uses ssh. +opted for a simpler rsync of the ikiwiki-produced html files. ## Initial steps to take on the mirror server ## -Add etch-backports to your /etc/apt/sources.list: - - deb http://www.backports.org/debian etch-backports main contrib non-free - -Add the following lines to your /etc/apt/preferences file: - - Package: ikiwiki - Pin: release a=etch-backports - Pin-Priority: 999 - - # needed by ikiwiki - Package: libcgi-formbuilder-perl - Pin: release a=etch-backports - Pin-Priority: 999 - - Package: git-core - Pin: release a=etch-backports - Pin-Priority: 999 - -Install git-core and ikiwiki +Create a new user. - aptitude update; aptitutde install git-core ikiwiki - -Create a new user. Change the new users shell to git-shell: - - adduser -s /usr/bin/git-shell <username> - -Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file - -Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: +Add web site configuration that the user has write access to. If you are +using Apache, include the following rewrite: RewriteEngine On RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] -Upload and edit ikiwiki.setup.sample from the docs directory - -As the new user, create a git repo - - mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; +Add `webmaster@george`'s public key to this user's +`~/.ssh/authorized_keys` file, restricting that user to rsync (modify +path to web directory as needed): + command="/usr/bin/rsync --server -vlogDtprz --delete . web/",no-pty,no-agent-forwarding,no-port-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0SCD6tAh7g1yyuelIm5zyh5OFX89NNbpNzyp+BxXNxMc/C1BS9SN5KlNDT30WdDbw3X0St0dBBC69TZWYbSUn4+/6BNmYpLH2orhedBv4w2jBLmtVEfnMWa3a11CnIagMEkEz7rBIWpl76WOqzoueQbAAa/7GziVmv+2qdjcDFxHluO+VL/+gEw8BqZc587oiDYkIw3oBnOLaxUWDtaMFKiL8sgdBmPxzc8PgHxL5ezVDJExw5krR4FK7hG7KpBOlSwKQPFy2pPhHSb1ZuFJmp2kr2wfJ0RO7By5s/GbrkJbnGoiJ5W0fUC9YoI82U3svC5saowvoSo19yToJW4QUw== webmaster@george -## Initial Admin steps to take to enable the configuration ## +## Admin steps to take to enable the configuration ## Add a new dns record for SERVERNAME.monkeysphere.info. -Test the ssh connection by logging in as webmaster@george.riseup.net - -Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git - - cd ~/monkeysphere.git - git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo - -Modify ~/monkeysphere.git/config, so the new repo stanza looks like this: - - [remote "SERVERNAME"] - url = USER@SERVERNAME.monkeysphere.info:monkeysphere.git - push = +refs/heads/master - skipDefaultUpdate = true - -Test: - - git push SERVERNAME - - -## Final steps to take on mirror server ## - -At this point, you should have a populated git repo in your -monkeyshere.git directory. - -Change the mode of monkeysphere.git/hooks/post-receive to 755 - - chmod 755 monkesphere.git/hooks/post-receive - -Edit the file so that it executes the post-receive hook ikiwiki generates (as -you specified in the ikiwiki.setup file) +If the mirror server is not participating in the monkeysphere, add the +server to webmaster's known host file. -Next, clone the repository: +Add the new server to `webmaster@george:~/mirrors` in the format: - clone monkeysphere.git monkeysphere + username@server:directory -And lastly, run ikiwiki manually to generate the post-receive hook: +Test by manually running the git post-receive hook as +`webmaster@george`: - ikiwiki --setup ikiwiki.setup + ~/monkeysphere.git/hooks/post-receive +Add a new `A` record into the `web.monkeysphere.info` round robin. diff --git a/website/sidebar.mdwn b/website/sidebar.mdwn index 33ab8ce..bc5dc69 100644 --- a/website/sidebar.mdwn +++ b/website/sidebar.mdwn @@ -3,11 +3,11 @@ <a class="logo" href="/"><img class="logo" src="/logo.png" alt="monkeysphere" width="343" height="85" /></a> </td><td> -[[WHY?|why]] -[[DOWNLOAD|download]] -[[DOCUMENTATION|doc]] -[[NEWS|news]] -[[COMMUNITY|community]] -[[BUGS|bugs]] +[[Why?|why]] +[[Download|download]] +[[Documentation|doc]] +[[News|news]] +[[Community|community]] +[[Bugs|bugs]] </td></tr></tbody></table> diff --git a/website/trust-models.mdwn b/website/trust-models.mdwn index 8fee5cb..789e3a3 100644 --- a/website/trust-models.mdwn +++ b/website/trust-models.mdwn @@ -6,11 +6,11 @@ Monkeysphere relies on GPG's definition of the OpenPGP web of trust, so it's important to understand how GPG calculates User ID validity for a key. -The basic question asked is: For a given User ID on a specific key, -given some set of valid certifications (signatures), and some explicit -statements about whose certifications you think are trustworthy -(ownertrust), should we consider this User ID to be legitimately -attached to this key (a "valid" User ID)? +The basic question that a trust model tries to answer is: For a given +User ID on a specific key, given some set of valid certifications +(signatures), and some explicit statements about whose certifications +you think are trustworthy (ownertrust), should we consider this User +ID to be legitimately attached to this key (a "valid" User ID)? It's worth noting that there are two integral parts in this calculation: |