From 6576cb269138c36728bb75d3b7242e34aee8a07d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 18:20:40 -0400 Subject: re-wording intro paragraphs, to make them shorter and sweeter. --- website/index.mdwn | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) (limited to 'website') diff --git a/website/index.mdwn b/website/index.mdwn index 5b757fa..81da609 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -1,15 +1,17 @@ [[!template id="nav"]] -The Monkeysphere project's goal is to extend the web of trust model -and other features of OpenPGP to other areas of the Internet to help -us securely identify each other while we work online. - -Specifically, monkeysphere is a framework to leverage the OpenPGP web -of trust for OpenSSH authentication. In other words, it allows you to -use your OpenPGP keys when using secure shell to both identify -yourself and the servers you administer or connect to. OpenPGP keys -are tracked via GnuPG, and managed in the `known_hosts` and -`authorized_keys` files used by OpenSSH for connection authentication. +The Monkeysphere project's goal is to extend OpenPGP's web of trust to +many areas of the Internet to help us securely identify each other +while we work online. + +Specifically, monkeysphere currently offers a framework to leverage +the OpenPGP web of trust for OpenSSH authentication. + +In other words, it allows you to use your OpenPGP keys when using +secure shell to both identify yourself and the servers you administer +or connect to. OpenPGP keys are tracked via GnuPG, and managed in the +`known_hosts` and `authorized_keys` files used by OpenSSH for +connection authentication. ## Conceptual overview ## -- cgit v1.2.3 From 5475afc7f89d75e9b17394f1dec530acfed29bcc Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 18:41:29 -0400 Subject: comment on passphrase-less key bug. --- .../bugs/handle-passphrase-locked-secret-keys.mdwn | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'website') diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn index bc2a64c..f66bd41 100644 --- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn +++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn @@ -1,4 +1,4 @@ -[[meta title="MonkeySphere needs to be able to cleanly export passphrase-locked secret keys from the GPG keyring"]] +[[meta title="MonkeySphere can't deal with passphrase-locked primary keys]] At the moment, the only tool we have to export passphrase-locked secret keys from the GPG keyring is `gpg` itself (and `gpg2`, which @@ -100,6 +100,18 @@ Other alternatives? Can this bug be closed? dkg [reported in a comment for a related bug](/bugs/install-seckey2sshagent-in-usr-bin/): - Version 0.11-1 now has the monkeysphere subkey-to-ssh-agent - subcommand, which works cleanly in the presence of a - functionally-patched GnuTLS. + Version 0.11-1 now has the monkeysphere subkey-to-ssh-agent + subcommand, which works cleanly in the presence of a + functionally-patched GnuTLS. + +-------- + +Even with the patched GnuTLS, monkeysphere currently can't currently +deal with passphrase-locked primary keys. I've changed the title of +this bug, but i'd like to keep it open until we are able to deal with +that. The other comments here seem still quite relevant to that +need. + +I've changed the title of this bug to reflect the narrowed scope. + + --dkg -- cgit v1.2.3 From dafe14353c11938dd6a7f0fc33cfe150dd8157d9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 18:46:36 -0400 Subject: closing test server request, since no one has stepped up to volunteer to maintain account generation, etc. --- website/bugs/setup-test-server-for-public.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'website') diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn index c926dc6..4c76be1 100644 --- a/website/bugs/setup-test-server-for-public.mdwn +++ b/website/bugs/setup-test-server-for-public.mdwn @@ -75,3 +75,10 @@ and I'm not really willing to maintain it myself, but if someone else wants to handle that, that would be fine with me. -- jgr + +--- + +i'm not really willing to maintain anything extra either, so i'm +[closing this ticket as completed](/bugs/done). + +--dkg -- cgit v1.2.3 From e987c4c4cd94fea8b44b39f800ecd2a94712f7d0 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 18:51:49 -0400 Subject: fixing typo --- website/bugs/handle-passphrase-locked-secret-keys.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'website') diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn index f66bd41..b58650e 100644 --- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn +++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn @@ -1,4 +1,4 @@ -[[meta title="MonkeySphere can't deal with passphrase-locked primary keys]] +[[meta title="MonkeySphere can't deal with passphrase-locked primary keys"]] At the moment, the only tool we have to export passphrase-locked secret keys from the GPG keyring is `gpg` itself (and `gpg2`, which -- cgit v1.2.3 From 5863b0ab999a356b149edd57e80283c79b8e53d6 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 18:53:27 -0400 Subject: fixing broken link syntax --- website/bugs/setup-test-server-for-public.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'website') diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn index 4c76be1..5b05759 100644 --- a/website/bugs/setup-test-server-for-public.mdwn +++ b/website/bugs/setup-test-server-for-public.mdwn @@ -79,6 +79,6 @@ wants to handle that, that would be fine with me. --- i'm not really willing to maintain anything extra either, so i'm -[closing this ticket as completed](/bugs/done). +closing this ticket as [[bugs/done]]. --dkg -- cgit v1.2.3 From 1af50725c81108849fc677a412f3b5ee131fc935 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 20:12:06 -0400 Subject: preparing for 0.12-1 release. --- debian/changelog | 2 +- website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn | 4 ++++ website/news/release-0.12-1.mdwn | 9 +++++++++ 3 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 website/news/release-0.12-1.mdwn (limited to 'website') diff --git a/debian/changelog b/debian/changelog index 8d33273..85cb655 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -monkeysphere (0.12-1) UNRELEASED; urgency=low +monkeysphere (0.12-1) experimental; urgency=low [ Jameson Graef Rollins ] * Improved output handling. New LOG_LEVEL variable. diff --git a/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn b/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn index 4070d0a..b814d35 100644 --- a/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn +++ b/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn @@ -245,3 +245,7 @@ I'll leave the bug open for a bit until it get more tested and 0.12 gets pushed out. -- BJ + +--- + +I think this is [[/bugs/done]] as of version 0.12-1. diff --git a/website/news/release-0.12-1.mdwn b/website/news/release-0.12-1.mdwn new file mode 100644 index 0000000..ed1ecbb --- /dev/null +++ b/website/news/release-0.12-1.mdwn @@ -0,0 +1,9 @@ +[[meta title="MonkeySphere 0.12-1 released!"]] + +# MonkeySphere 0.12-1 released! # + +MonkeySphere 0.12-1 has been released. This release includes +documentation updates, and a re-organized logging subsystem with +various levels of verbosity, modeled after LogLevel in OpenSSH. + +[[download]] it now! -- cgit v1.2.3 From d4dc8a9e491063144a8f4f845f5d05140ce19ed6 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 20:19:13 -0400 Subject: updating documentation about the archive, including other developer signatures on the archive signing key. --- website/archive-key.mdwn | 25 +++++++++++++++++++------ website/news/apt-repo-moved.mdwn | 7 +++++++ 2 files changed, 26 insertions(+), 6 deletions(-) (limited to 'website') diff --git a/website/archive-key.mdwn b/website/archive-key.mdwn index 898c7e5..ea44457 100644 --- a/website/archive-key.mdwn +++ b/website/archive-key.mdwn @@ -70,8 +70,21 @@ ly087Guvw8G8TdQcubteFYQDIxIc2atZkjEn3oCjtZgk8mdDlCjLQYgHV1/o+eWd S31RCBx16I7tJya0fwJJRC7qZWf7hrPdi7eqcecqyr26X5upV+Irjv5qYu/6HAGb 59W6n+8KTfMxEMaBQI6qZXxhaBr3HzEaSrz7jtkl+xxym2TGkbarXcm7e7MP66Hu GD5UCC3svhAAxKXf4K/8v7WhwBpekF9mXtgpq72Du2JG9q+OAWhxzZXbZku+RY7T -a83wKc1TaPvzK2WZlhNGjcCYSUXcfQOSn5noVTUukW3DNEKP5BmwkvVd -=Xex0 +a83wKc1TaPvzK2WZlhNGjcCYSUXcfQOSn5noVTUukW3DNEKP5BmwkvVdiEYEEBEC +AAYFAki9wXQACgkQ9n4qXRzy1ioXYwCgmzCV+o+Ai0gNx0pt9shofcjfJoAAoInV +mhn36lBeDh/E6cigrUlkdDGWiQIcBBABAgAGBQJIvdcSAAoJEO00zqvie6q8sB4Q +AKDLTKqtiONf4FkMCZFcMxQyiALcy76zTW9L2oK90zKRhKSt5RPnVmDVyiinBcRJ +h0lEkpxoqSrs+0XvASWC3RzWLEbW6XXsuHO1RXFsC3FNbe0HkHenirenFkitPMDX +Q5gHmCJ6yiq2ssuzXAG9vZ4HjkUINBgkeMASiTRC7o0we7jFSRzOTCs4WWdsavrx +7bhCadeC35ISldTSo6nOP3laPctPcLD83cJszzQyHr/LjF6KYr6n85NAwIt/oxHh +EUxmezx+lMwWHdr9TQzXzU8cxLSBZ+c+PuZ/NuHz9fOv87eaFDNEqKli9zhzh4eA +EMeiWKQXHYlmEUUWnZoea46jdjBrvHphogqlCjzMDHtg/pWOsYrGeXjjZ352SGN4 +vyinkdxwUppGQATz55WyiWIzCY1Kt7lqaQHfAM1NgVdoCQ0stlulIO4LVepHRiAY +HO4EPeQO6pVGGHWCzJyEcMcaBsYGpr9DndSNd66O+Gyeq8QobKnvTH25kwVt/8t1 +9nS+7NLwBrqXCISeDrOQYq5XeCdvpAuJy4CEN5muQWRdUPekE2dh7qcVUdROepq0 +1wMemkmgTLlA0Md7ZdZqsllKhVQ7/HOFzshEaj/VcFrQshuIAjDZFN/OrGLX/NcL +tcaBmD9lZSQ3CyxnBUTeMdJCOLOK050jNvsEsM89FL+g +=bJWl -----END PGP PUBLIC KEY BLOCK----- @@ -94,17 +107,17 @@ tag `$TAG` on architecture `$ARCH`, do: git clone git://git.monkeysphere.info/monkeysphere cd monkeysphere - git tag -v $TAG - git checkout $TAG + git tag -v "$TAG" + git checkout "$TAG" debuild -uc -us cd repo - reprepro -C monkeysphere include experimental ../$TAG_$ARCH.changes + reprepro -C monkeysphere include experimental "../$TAG_$ARCH.changes" When you get a binary package built from a separate architecture `$NEWARCH` that you want to include with the archive, do: cd repo - reprepro -C monkeysphere includedeb experimental ../$TAG_$NEWARCH.deb + reprepro -C monkeysphere includedeb experimental "../$TAG_$NEWARCH.deb" To publish the archive, make sure you have access to `archivemaster@george.riseup.net`, and then do: diff --git a/website/news/apt-repo-moved.mdwn b/website/news/apt-repo-moved.mdwn index 8f0bf81..501cc23 100644 --- a/website/news/apt-repo-moved.mdwn +++ b/website/news/apt-repo-moved.mdwn @@ -5,4 +5,11 @@ The monkeysphere APT repository has been moved from `http://archive.monkeysphere.info/debian`. You'll probably want to update your `sources.list` to match the [official lines](/download). +The monkeysphere APT repository is also using [a new archive signing +key](/archive-key): + + pub 4096R/EB8AF314 2008-09-02 [expires: 2009-09-02] + Key fingerprint = 2E8D D26C 53F1 197D DF40 3E61 18E6 67F1 EB8A F314 + uid [ full ] Monkeysphere Archive Signing Key (http://archive.monkeysphere.info/debian) + Apologies for any confusion or hassle this causes! -- cgit v1.2.3 From f4e9793240c11fbbd699b697370281f20bd7a89d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 21:23:27 -0400 Subject: more work on the text of the web site homepage. --- website/index.mdwn | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'website') diff --git a/website/index.mdwn b/website/index.mdwn index 81da609..a3329d4 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -1,17 +1,20 @@ [[!template id="nav"]] +[[toc ]] + The Monkeysphere project's goal is to extend OpenPGP's web of trust to -many areas of the Internet to help us securely identify each other +new areas of the Internet to help us securely identify each other while we work online. Specifically, monkeysphere currently offers a framework to leverage the OpenPGP web of trust for OpenSSH authentication. -In other words, it allows you to use your OpenPGP keys when using -secure shell to both identify yourself and the servers you administer -or connect to. OpenPGP keys are tracked via GnuPG, and managed in the -`known_hosts` and `authorized_keys` files used by OpenSSH for -connection authentication. +In other words, it allows you to use secure shell as you normally do, +but to identify yourself and the servers you administer or connect to +with your OpenPGP keys. OpenPGP keys are tracked via GnuPG, and +monkeysphere manages the `known_hosts` and `authorized_keys` files +used by OpenSSH for authentication, checking them for cryptographic +validity. ## Conceptual overview ## -- cgit v1.2.3 From 80a6f581f1b6953e6b41d35c3b7f8b0bc26be6dd Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 22:05:31 -0400 Subject: trying out sidebar plugin to deal with navigation. --- website/sidebar.mdwn | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 website/sidebar.mdwn (limited to 'website') diff --git a/website/sidebar.mdwn b/website/sidebar.mdwn new file mode 100644 index 0000000..33ab8ce --- /dev/null +++ b/website/sidebar.mdwn @@ -0,0 +1,13 @@ + +
+ + + +[[WHY?|why]] +[[DOWNLOAD|download]] +[[DOCUMENTATION|doc]] +[[NEWS|news]] +[[COMMUNITY|community]] +[[BUGS|bugs]] + +
-- cgit v1.2.3 From dac4a100bd330b38ce100d93633810d527de9629 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 22:08:39 -0400 Subject: trying to override sidebar formatting. --- website/local.css | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'website') diff --git a/website/local.css b/website/local.css index b9d7287..42058e2 100644 --- a/website/local.css +++ b/website/local.css @@ -77,3 +77,12 @@ div.header { div.actions { text-align: right; } + +#sidebar { + line-height: ; + width: ; + float: ; + margin-left: ; + margin-bottom: ; + padding: ; +} -- cgit v1.2.3 From 0c76e8d30fd00999694b66458a92ac7863285d51 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 22:11:18 -0400 Subject: trying to override sidebar formatting. --- website/local.css | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'website') diff --git a/website/local.css b/website/local.css index 42058e2..b9af347 100644 --- a/website/local.css +++ b/website/local.css @@ -79,10 +79,9 @@ div.actions { } #sidebar { - line-height: ; - width: ; - float: ; - margin-left: ; - margin-bottom: ; - padding: ; + line-height: normal; + width: 100%; + float: none; + margin: 0; + padding: 0; } -- cgit v1.2.3 From d7243d30672fdfade1231e45b6413e6bbf9a7866 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 22:13:36 -0400 Subject: more games with the stylesheet. --- ikiwiki/templates/page.tmpl | 125 -------------------------------------------- website/local.css | 2 + 2 files changed, 2 insertions(+), 125 deletions(-) delete mode 100644 ikiwiki/templates/page.tmpl (limited to 'website') diff --git a/ikiwiki/templates/page.tmpl b/ikiwiki/templates/page.tmpl deleted file mode 100644 index 556eefe..0000000 --- a/ikiwiki/templates/page.tmpl +++ /dev/null @@ -1,125 +0,0 @@ - - - - -<TMPL_VAR TITLE> - - - - - - - - - - - - - - - -
-Include nav here -
- - - - - -
- -
- - - - - diff --git a/website/local.css b/website/local.css index b9af347..9e141a2 100644 --- a/website/local.css +++ b/website/local.css @@ -72,10 +72,12 @@ table.sitenav span.selflink { div.header { text-align: right; + display: none; } div.actions { text-align: right; + display: none; } #sidebar { -- cgit v1.2.3 From 7d376d98350736d3a3b1d5ec44c0095c179cdc88 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 22:20:17 -0400 Subject: we do not need the nav template any more, since we are using the sidebar plugin. --- website/templates/nav.mdwn | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 website/templates/nav.mdwn (limited to 'website') diff --git a/website/templates/nav.mdwn b/website/templates/nav.mdwn deleted file mode 100644 index 33ab8ce..0000000 --- a/website/templates/nav.mdwn +++ /dev/null @@ -1,13 +0,0 @@ - -
- - - -[[WHY?|why]] -[[DOWNLOAD|download]] -[[DOCUMENTATION|doc]] -[[NEWS|news]] -[[COMMUNITY|community]] -[[BUGS|bugs]] - -
-- cgit v1.2.3 From 78f843279c93b2683c17d15b834107c9f79b3050 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 22:23:22 -0400 Subject: getting rid of nav template, relying on sidebar instead. --- website/archive-key.mdwn | 1 - website/bugs.mdwn | 3 +-- website/bugs/done.mdwn | 2 +- website/community.mdwn | 2 -- website/doc.mdwn | 1 - website/download.mdwn | 2 +- website/index.mdwn | 2 -- website/news.mdwn | 1 - website/similar.mdwn | 1 - website/why.mdwn | 2 -- 10 files changed, 3 insertions(+), 14 deletions(-) (limited to 'website') diff --git a/website/archive-key.mdwn b/website/archive-key.mdwn index ea44457..45ac86e 100644 --- a/website/archive-key.mdwn +++ b/website/archive-key.mdwn @@ -1,5 +1,4 @@ [[meta title="Monkeysphere archive signing key"]] -[[!template id="nav"]] [[toc ]] ## Verifying the key ## diff --git a/website/bugs.mdwn b/website/bugs.mdwn index 06a4d3a..30bccd1 100644 --- a/website/bugs.mdwn +++ b/website/bugs.mdwn @@ -1,5 +1,4 @@ -[[!template id="nav"]] -[[meta title="Bugs"]] +[[meta title="Open Bugs"]] This is Monkeysphere's bug list. You can also browse our [completed bugs](done). If you don't have commit access to the public repo, we'd appreciate diff --git a/website/bugs/done.mdwn b/website/bugs/done.mdwn index 282e804..dc331f9 100644 --- a/website/bugs/done.mdwn +++ b/website/bugs/done.mdwn @@ -1,4 +1,4 @@ -[[!template id="nav"]] +[[meta title="Completed Bugs"]] Recently fixed [[bugs]]. diff --git a/website/community.mdwn b/website/community.mdwn index b06637b..c603349 100644 --- a/website/community.mdwn +++ b/website/community.mdwn @@ -1,5 +1,3 @@ -[[!template id="nav"]] - [[meta title="Community"]] ## Mailing list ## diff --git a/website/doc.mdwn b/website/doc.mdwn index 634afd9..997c34d 100644 --- a/website/doc.mdwn +++ b/website/doc.mdwn @@ -1,4 +1,3 @@ -[[!template id="nav"]] [[meta title="Documentation"]] ## Dependencies ## diff --git a/website/download.mdwn b/website/download.mdwn index ad14bce..9db7c94 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -1,4 +1,4 @@ -[[!template id="nav"]] +[[meta title="Download"]] ## Downloading and Installing ## diff --git a/website/index.mdwn b/website/index.mdwn index a3329d4..7c9030a 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -1,5 +1,3 @@ -[[!template id="nav"]] - [[toc ]] The Monkeysphere project's goal is to extend OpenPGP's web of trust to diff --git a/website/news.mdwn b/website/news.mdwn index 7380eff..359e02b 100644 --- a/website/news.mdwn +++ b/website/news.mdwn @@ -1,4 +1,3 @@ -[[!template id="nav"]] [[meta title="News"]] Here are the latest announcements about the Monkeysphere. diff --git a/website/similar.mdwn b/website/similar.mdwn index ae3f728..271d5ea 100644 --- a/website/similar.mdwn +++ b/website/similar.mdwn @@ -1,4 +1,3 @@ -[[!template id="nav"]] [[meta title="Similar Projects"]] The monkeysphere isn't the only project intending to implement a PKI diff --git a/website/why.mdwn b/website/why.mdwn index 5dc0e05..b9f4117 100644 --- a/website/why.mdwn +++ b/website/why.mdwn @@ -1,5 +1,3 @@ -[[!template id="nav"]] - [[meta title="Why should you be interested in the MonkeySphere?"]] [[toc ]] -- cgit v1.2.3 From ab37fbfe43cac698ba76233920c394a23677d186 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 2 Sep 2008 23:01:47 -0400 Subject: added a note about the public nature of contacting developers on the project. --- website/community.mdwn | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'website') diff --git a/website/community.mdwn b/website/community.mdwn index c603349..79e6da7 100644 --- a/website/community.mdwn +++ b/website/community.mdwn @@ -39,10 +39,11 @@ offering: Micah Anderson: git clone git://labs.riseup.net/~micah/monkeysphere - ## Contact ## Please feel free to contact any of the Monkeysphere developers or post to the mailing list with questions, comments, bug reports, requests, -etc. +etc. If you contact a developer individually, please indicate if +there is any part of your note that can be made public (we might want +to post it to the web here). -- cgit v1.2.3 From d6c52a691b1245978ca0fea53af50ed8dd0200de Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 2 Sep 2008 20:24:30 -0700 Subject: tweaks to the webpage to improve look and layout slight. --- website/index.mdwn | 51 +++-------------------------------------- website/local.css | 66 +++++++++++++++++++++++++++--------------------------- website/why.mdwn | 42 +++++++++++++++++++++++++++++++++- 3 files changed, 77 insertions(+), 82 deletions(-) (limited to 'website') diff --git a/website/index.mdwn b/website/index.mdwn index 7c9030a..a7d074e 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -1,5 +1,3 @@ -[[toc ]] - The Monkeysphere project's goal is to extend OpenPGP's web of trust to new areas of the Internet to help us securely identify each other while we work online. @@ -14,7 +12,7 @@ monkeysphere manages the `known_hosts` and `authorized_keys` files used by OpenSSH for authentication, checking them for cryptographic validity. -## Conceptual overview ## +## Overview ## Everyone who has used secure shell is familiar with the prompt given the first time you log in to a new server, asking if you want to trust @@ -53,8 +51,6 @@ invites broader participation in the [OpenPGP](http://en.wikipedia.org/wiki/Openpgp) [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). -## Technical details ## - Under the Monkeysphere, both parties to an OpenSSH connection (client and server) explicitly designate who they trust to certify the identity of the other party. These trust designations are explicitly @@ -65,51 +61,10 @@ No modification is made to the SSH protocol on the wire (it continues to use raw RSA public keys), and no modification is needed to the OpenSSH software. -To emphasize: *no modifications to SSH are required to use the -Monkeysphere*. OpenSSH can be used as is; completely unpatched and +To emphasize: ***no modifications to SSH are required to use the +Monkeysphere***. OpenSSH can be used as is; completely unpatched and "out of the box". -## Philosophy ## - -Humans (and -[monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html)) -have the innate capacity to keep track of the identities of only a -finite number of people. After our social sphere exceeds several dozen -or several hundred (depending on the individual), our ability to -remember and distinguish people begins to break down. In other words, -at a certain point, we can't know for sure that the person we ran into -in the produce aisle really is the same person who we met at the party -last week. - -For most of us, this limitation has not posed much of a problem in our -daily, off-line lives. With the Internet, however, we have an ability -to interact with vastly larger numbers of people than we had -before. In addition, on the Internet we lose many of our tricks for -remembering and identifying people (physical characteristics, sound of -the voice, etc.). - -Fortunately, with online communications we have easy access to tools -that can help us navigate these problems. -[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a cryptographic -protocol commonly used for sending signed and encrypted email -messages) is one such tool. In its simplest form, it allows us to -sign our communication in such a way that the recipient can verify the -sender. - -OpenPGP goes beyond this simple use to implement a feature known as -the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web -of trust allows people who have never met in person to communicate -with a reasonable degree of certainty that they are who they say they -are. It works like this: Person A trusts Person B. Person B verifies -Person C's identity. Then, Person A can verify Person C's identity -because of their trust of Person B. - -The Monkeyshpere's broader goals are to extend the use of OpenPGP from -email communications to other activities, such as: - - * conclusively identifying the remote server in a remote login session - * granting access to servers to people we've never directly met - ## Links ## * [OpenSSH](http://openssh.com/) diff --git a/website/local.css b/website/local.css index 9e141a2..69defae 100644 --- a/website/local.css +++ b/website/local.css @@ -1,29 +1,28 @@ h2 { --moz-border-radius-topleft:4px; --moz-border-radius-topright:4px; -background-color:#B67B4E; -color:black; -display:block; -font-weight:bold; -padding:0 0 0 10px; + -moz-border-radius: 4px; + background-color: #B67B4E; + color: black; + display: block; + font-weight: bold; + padding: 0 0 0 10px; } body { -color:#3F403F; -font-family:"Liberation Sans",sans-serif; -font-size:0.95em; + color: #3F403F; + font-family: "Liberation Sans",sans-serif; + font-size: 0.95em; } *|*:visited -color:#f6a464; + color: #f6a464; } *|*:-moz-any-link { -text-decoration:none; + text-decoration: none; } :-moz-any-link { -cursor:pointer; + cursor: pointer; } a:link { @@ -40,23 +39,23 @@ a:hover { } pre { - background: #ddd; - border: 1px solid #aaa; - padding: 3px 3px 3px 3px; - margin-left: 2em; + background: #ddd; + border: 1px solid #aaa; + padding: 3px 3px 3px 3px; + margin-left: 2em; } table.sitenav { - border-bottom: 2px solid black; - padding: 0px; - width: 100%; - font-size: larger; + border-bottom: 2px solid black; + padding: 0px; + width: 100%; + font-size: larger; } table.sitenav img.logo { - margin: 0px; - padding: 0px; - vertical-align: bottom; + margin: 0px; + padding: 0px; + vertical-align: bottom; } table.sitenav a { @@ -71,19 +70,20 @@ table.sitenav span.selflink { } div.header { - text-align: right; - display: none; + text-align: right; + display: none; } div.actions { - text-align: right; - display: none; + text-align: right; + display: none; } #sidebar { - line-height: normal; - width: 100%; - float: none; - margin: 0; - padding: 0; + line-height: normal; + width: 100%; + float: none; + margin: 0; + padding: 0; } + diff --git a/website/why.mdwn b/website/why.mdwn index b9f4117..3366439 100644 --- a/website/why.mdwn +++ b/website/why.mdwn @@ -31,7 +31,7 @@ ever connected to? [Get started with the monkeysphere as a user!](/getting-started-user) -## As an system administrator ## +## As a system administrator ## As a system administrator, have you ever tried to re-key an SSH server? How did you communicate the key change to your users? How @@ -135,3 +135,43 @@ than the current infrastructure allows, and is more meaningful to actual humans using these tools than some message like "Certified by GloboTrust". +## Philosophy ## + +Humans (and +[monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html)) +have the innate capacity to keep track of the identities of only a +finite number of people. After our social sphere exceeds several dozen +or several hundred (depending on the individual), our ability to +remember and distinguish people begins to break down. In other words, +at a certain point, we can't know for sure that the person we ran into +in the produce aisle really is the same person who we met at the party +last week. + +For most of us, this limitation has not posed much of a problem in our +daily, off-line lives. With the Internet, however, we have an ability +to interact with vastly larger numbers of people than we had +before. In addition, on the Internet we lose many of our tricks for +remembering and identifying people (physical characteristics, sound of +the voice, etc.). + +Fortunately, with online communications we have easy access to tools +that can help us navigate these problems. +[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a cryptographic +protocol commonly used for sending signed and encrypted email +messages) is one such tool. In its simplest form, it allows us to +sign our communication in such a way that the recipient can verify the +sender. + +OpenPGP goes beyond this simple use to implement a feature known as +the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web +of trust allows people who have never met in person to communicate +with a reasonable degree of certainty that they are who they say they +are. It works like this: Person A trusts Person B. Person B verifies +Person C's identity. Then, Person A can verify Person C's identity +because of their trust of Person B. + +The Monkeyshpere's broader goals are to extend the use of OpenPGP from +email communications to other activities, such as: + + * conclusively identifying the remote server in a remote login session + * granting access to servers to people we've never directly met -- cgit v1.2.3 From 0adb6964e3876fdc79a2b43db1c9073c696d952a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 3 Sep 2008 00:37:40 -0400 Subject: setting off file names in documentation. --- website/download.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'website') diff --git a/website/download.mdwn b/website/download.mdwn index 9db7c94..cc83adf 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -6,7 +6,7 @@ If you are running a Debian system, you can install Monkeysphere by following these directions: You can add this repo to your system by putting the following lines in -/etc/apt/sources.list.d/monkeysphere.list: +`/etc/apt/sources.list.d/monkeysphere.list`: deb http://archive.monkeysphere.info/debian experimental monkeysphere deb-src http://archive.monkeysphere.info/debian experimental monkeysphere -- cgit v1.2.3 From 623aef0f5ac9e56d9654d96bdeb3b096592f611e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 3 Sep 2008 11:39:28 -0400 Subject: added ridiculously scant first draft of document about gpg trust model. --- website/trust-models.mdwn | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 website/trust-models.mdwn (limited to 'website') diff --git a/website/trust-models.mdwn b/website/trust-models.mdwn new file mode 100644 index 0000000..60aa680 --- /dev/null +++ b/website/trust-models.mdwn @@ -0,0 +1,21 @@ +[[meta title +You can see your trust database parameters like this: + + gpg --with-colons --list-key bogusgarbagehere 2>/dev/null | head -n1 + +for me, it looks like this: + + tru::1:1220401097:1220465006:3:1:5 + +These colon-delimited records say (in order): + + * `tru`: this is a trust database record + * ``: the trust database is not stale (might be 'o' for old, or 't' for "built with different trust model and not yet updated") + * `1`: uses new "PGP" trust model: this is just the old trust model plus trust signatures. I'll go into trust signatures later. + * `1220401097`: seconds since the epoch that i created the trust db. + * `1220465006`: seconds after the epoch that the trustdb will need to be rechecked (usually due to the closest pending expiration, etc) + * `3`: Either 3 certifications from keys with marginal ownertrust are needed for full User ID+Key validity + * `1`: Or 1 certification from a key with full ownertrust is needed for full User ID+Key validity + * `5`: max_cert_depth (not sure exactly how this is used) + + -- cgit v1.2.3 From 39ad3cccd2307fe3c43892376ab1a4e57b53b6d6 Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Wed, 3 Sep 2008 12:27:18 -0400 Subject: adding sample ikiwiki setup file and mirrors web page. --- doc/ikiwiki.setup.sample | 29 ++++++++++++++++++++++++ website/mirrors.mdwn | 57 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 doc/ikiwiki.setup.sample create mode 100644 website/mirrors.mdwn (limited to 'website') diff --git a/doc/ikiwiki.setup.sample b/doc/ikiwiki.setup.sample new file mode 100644 index 0000000..97e77c8 --- /dev/null +++ b/doc/ikiwiki.setup.sample @@ -0,0 +1,29 @@ +use IkiWiki::Setup::Standard { + wikiname => "Monkeysphere", + adminemail => 'webmaster@monkeysphere.info', + + srcdir => "/path/to/cloned/monkeysphere/repo/website", + destdir => "/path/to/web/dir", + + url => "http://monkeysphere.info", + + rcs => "git", + + wrappers => [ + { + wrapper => "/path/to/post-receive/hook", + wrappermode => "0755", + } + ], + + rss => 1, + atom => 1, + verbose => 0, + syslog => 0, + + add_plugins => [qw{goodstuff favicon toc sidebar}], + + + tagbase => "tags", + +} diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn new file mode 100644 index 0000000..8445a26 --- /dev/null +++ b/website/mirrors.mdwn @@ -0,0 +1,57 @@ +[[meta title="Mirroring the web site"]] + +In keeping with the philosophy of distributed development, our web site is +stored in our git repositories and converted into html by +[ikiwiki](http://ikiwiki.info/). + +We're mirrored on several servers. Rather than using ikiwiki's [pinger/pingee +approach to distribution](http://ikiwiki.info/tips/distributed_wikis/), we've +opted for a method that uses ssh. + +The steps for creating a new mirror are: + + * Add etch-backports to your /etc/apt/sources.list: + deb http://www.backports.org/debian etch-backports main contrib non-free + * Add the following lines to your /etc/apt/preferences file: + Package: ikiwiki + Pin: release a=etch-backports + Pin-Priority: 999 + + # needed by ikiwiki + Package: libcgi-formbuilder-perl + Pin: release a=etch-backports + Pin-Priority: 999 + + Package: git-core + Pin: release a=etch-backports + Pin-Priority: 999 + * Install git-core and ikiwiki + aptitude update; aptitutde install git-core ikiwiki + * Create a new user. Change the new users shell to git-shell: + adduser -s /usr/bin/git-shell + * Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file + * Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: + RewriteEngine On + RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] + RewriteCond %{HTTP_HOST} !^$ + RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] + * Upload and edit ikiwiki.setup.sample from the docs directory + * As the new user, create two new git repos + mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ + git clone monkeysphere.git # this will create a second git repo called monkeysphere + * Change the mode of monkeysphere.git/hooks/post-receive to 755 + chmod 755 monkesphere.git/hooks/post-receive + * Edit the file so that it executes the post-receive hook ikiwiki generates (as you specified in the ikiwiki.setup file) + +The steps to be taken on the mirror site should now be complete. The following steps should be taken by a Monkeysphere admin user: + + * Add a new dns record for SERVERNAME.monkeysphere.info. + * Test the ssh connection by logging in as webmaster@george.riseup.net + * Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git + cd ~/monkeysphere.git + git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo + * Test: + git pusch SERVERNAME + + + -- cgit v1.2.3 From 7c8b46d6ddce871b4c4520fc6910f4553af008ec Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Wed, 3 Sep 2008 12:29:52 -0400 Subject: fixing formatting and typo (pusch -> push). --- website/mirrors.mdwn | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'website') diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index 8445a26..342abfa 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -26,21 +26,32 @@ The steps for creating a new mirror are: Pin: release a=etch-backports Pin-Priority: 999 * Install git-core and ikiwiki + aptitude update; aptitutde install git-core ikiwiki + * Create a new user. Change the new users shell to git-shell: + adduser -s /usr/bin/git-shell + * Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file + * Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: + RewriteEngine On RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] + * Upload and edit ikiwiki.setup.sample from the docs directory * As the new user, create two new git repos + mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ git clone monkeysphere.git # this will create a second git repo called monkeysphere + * Change the mode of monkeysphere.git/hooks/post-receive to 755 + chmod 755 monkesphere.git/hooks/post-receive + * Edit the file so that it executes the post-receive hook ikiwiki generates (as you specified in the ikiwiki.setup file) The steps to be taken on the mirror site should now be complete. The following steps should be taken by a Monkeysphere admin user: @@ -48,10 +59,13 @@ The steps to be taken on the mirror site should now be complete. The following s * Add a new dns record for SERVERNAME.monkeysphere.info. * Test the ssh connection by logging in as webmaster@george.riseup.net * Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git + cd ~/monkeysphere.git git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo + * Test: - git pusch SERVERNAME + + git push SERVERNAME -- cgit v1.2.3 From ba9b78b4e18080750af55fec681257018787bcb4 Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Wed, 3 Sep 2008 12:33:42 -0400 Subject: more attempts at getting the formatting right. --- website/mirrors.mdwn | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) (limited to 'website') diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index 342abfa..6b97c76 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -26,45 +26,34 @@ The steps for creating a new mirror are: Pin: release a=etch-backports Pin-Priority: 999 * Install git-core and ikiwiki - aptitude update; aptitutde install git-core ikiwiki - * Create a new user. Change the new users shell to git-shell: - adduser -s /usr/bin/git-shell - * Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file - * Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: - RewriteEngine On RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] - * Upload and edit ikiwiki.setup.sample from the docs directory * As the new user, create two new git repos - mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ git clone monkeysphere.git # this will create a second git repo called monkeysphere - * Change the mode of monkeysphere.git/hooks/post-receive to 755 - chmod 755 monkesphere.git/hooks/post-receive + * Edit the file so that it executes the post-receive hook ikiwiki + generates (as you specified in the ikiwiki.setup file) - * Edit the file so that it executes the post-receive hook ikiwiki generates (as you specified in the ikiwiki.setup file) - -The steps to be taken on the mirror site should now be complete. The following steps should be taken by a Monkeysphere admin user: +The steps to be taken on the mirror site should now be complete. The +following steps should be taken by a Monkeysphere admin user: * Add a new dns record for SERVERNAME.monkeysphere.info. * Test the ssh connection by logging in as webmaster@george.riseup.net - * Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git - + * Add the new server as a remote on + webmaster@george.riseup.net:monkeysphere.git cd ~/monkeysphere.git git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo - * Test: - git push SERVERNAME -- cgit v1.2.3 From 15643356d597a9bfda21e62cce25abf3b0be47fb Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Wed, 3 Sep 2008 12:35:52 -0400 Subject: more fun with formatting - now using 4 spaces for code block rather than two tabs. --- website/mirrors.mdwn | 52 ++++++++++++++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) (limited to 'website') diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index 6b97c76..a39eaab 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -11,36 +11,36 @@ opted for a method that uses ssh. The steps for creating a new mirror are: * Add etch-backports to your /etc/apt/sources.list: - deb http://www.backports.org/debian etch-backports main contrib non-free + deb http://www.backports.org/debian etch-backports main contrib non-free * Add the following lines to your /etc/apt/preferences file: - Package: ikiwiki - Pin: release a=etch-backports - Pin-Priority: 999 - - # needed by ikiwiki - Package: libcgi-formbuilder-perl - Pin: release a=etch-backports - Pin-Priority: 999 - - Package: git-core - Pin: release a=etch-backports - Pin-Priority: 999 + Package: ikiwiki + Pin: release a=etch-backports + Pin-Priority: 999 + + # needed by ikiwiki + Package: libcgi-formbuilder-perl + Pin: release a=etch-backports + Pin-Priority: 999 + + Package: git-core + Pin: release a=etch-backports + Pin-Priority: 999 * Install git-core and ikiwiki - aptitude update; aptitutde install git-core ikiwiki + aptitude update; aptitutde install git-core ikiwiki * Create a new user. Change the new users shell to git-shell: - adduser -s /usr/bin/git-shell + adduser -s /usr/bin/git-shell * Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file * Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: - RewriteEngine On - RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] - RewriteCond %{HTTP_HOST} !^$ - RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] + RewriteEngine On + RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] + RewriteCond %{HTTP_HOST} !^$ + RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] * Upload and edit ikiwiki.setup.sample from the docs directory * As the new user, create two new git repos - mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ - git clone monkeysphere.git # this will create a second git repo called monkeysphere + mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ + git clone monkeysphere.git # this will create a second git repo called monkeysphere * Change the mode of monkeysphere.git/hooks/post-receive to 755 - chmod 755 monkesphere.git/hooks/post-receive + chmod 755 monkesphere.git/hooks/post-receive * Edit the file so that it executes the post-receive hook ikiwiki generates (as you specified in the ikiwiki.setup file) @@ -51,10 +51,10 @@ following steps should be taken by a Monkeysphere admin user: * Test the ssh connection by logging in as webmaster@george.riseup.net * Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git - cd ~/monkeysphere.git - git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo + cd ~/monkeysphere.git + git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo * Test: - git push SERVERNAME + git push SERVERNAME - + -- cgit v1.2.3 From acf06410a88737dbf7bd1966f7c754da08acfea5 Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Wed, 3 Sep 2008 12:37:42 -0400 Subject: this time with extra line breaks. --- website/mirrors.mdwn | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'website') diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index a39eaab..83bb045 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -11,8 +11,11 @@ opted for a method that uses ssh. The steps for creating a new mirror are: * Add etch-backports to your /etc/apt/sources.list: + deb http://www.backports.org/debian etch-backports main contrib non-free + * Add the following lines to your /etc/apt/preferences file: + Package: ikiwiki Pin: release a=etch-backports Pin-Priority: 999 @@ -25,22 +28,35 @@ The steps for creating a new mirror are: Package: git-core Pin: release a=etch-backports Pin-Priority: 999 + * Install git-core and ikiwiki + aptitude update; aptitutde install git-core ikiwiki + * Create a new user. Change the new users shell to git-shell: + adduser -s /usr/bin/git-shell + * Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file + * Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: + RewriteEngine On RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] + * Upload and edit ikiwiki.setup.sample from the docs directory + * As the new user, create two new git repos + mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ git clone monkeysphere.git # this will create a second git repo called monkeysphere + * Change the mode of monkeysphere.git/hooks/post-receive to 755 + chmod 755 monkesphere.git/hooks/post-receive + * Edit the file so that it executes the post-receive hook ikiwiki generates (as you specified in the ikiwiki.setup file) @@ -48,12 +64,17 @@ The steps to be taken on the mirror site should now be complete. The following steps should be taken by a Monkeysphere admin user: * Add a new dns record for SERVERNAME.monkeysphere.info. + * Test the ssh connection by logging in as webmaster@george.riseup.net + * Add the new server as a remote on - webmaster@george.riseup.net:monkeysphere.git + webmaster@george.riseup.net:monkeysphere.git + cd ~/monkeysphere.git git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo + * Test: + git push SERVERNAME -- cgit v1.2.3 From 52d692d728d7d56ec0f17e0a9afbb6579a7eece9 Mon Sep 17 00:00:00 2001 From: Jamie McClelland Date: Wed, 3 Sep 2008 12:47:16 -0400 Subject: combining code blocks with lists seems to not be possible[0]. Removing lists. 0. http://osdir.com/ml/text.markdown.general/2007-10/msg00006.html --- website/mirrors.mdwn | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) (limited to 'website') diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn index 83bb045..feee9bd 100644 --- a/website/mirrors.mdwn +++ b/website/mirrors.mdwn @@ -10,11 +10,13 @@ opted for a method that uses ssh. The steps for creating a new mirror are: - * Add etch-backports to your /etc/apt/sources.list: +## Steps to take on the mirror server ## + +Add etch-backports to your /etc/apt/sources.list: deb http://www.backports.org/debian etch-backports main contrib non-free - * Add the following lines to your /etc/apt/preferences file: +Add the following lines to your /etc/apt/preferences file: Package: ikiwiki Pin: release a=etch-backports @@ -29,51 +31,49 @@ The steps for creating a new mirror are: Pin: release a=etch-backports Pin-Priority: 999 - * Install git-core and ikiwiki +Install git-core and ikiwiki aptitude update; aptitutde install git-core ikiwiki - * Create a new user. Change the new users shell to git-shell: +Create a new user. Change the new users shell to git-shell: adduser -s /usr/bin/git-shell - * Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file +Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file - * Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: +Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite: RewriteEngine On RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R] - * Upload and edit ikiwiki.setup.sample from the docs directory +Upload and edit ikiwiki.setup.sample from the docs directory - * As the new user, create two new git repos +As the new user, create two new git repos mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../ git clone monkeysphere.git # this will create a second git repo called monkeysphere - * Change the mode of monkeysphere.git/hooks/post-receive to 755 +Change the mode of monkeysphere.git/hooks/post-receive to 755 chmod 755 monkesphere.git/hooks/post-receive - * Edit the file so that it executes the post-receive hook ikiwiki - generates (as you specified in the ikiwiki.setup file) +Edit the file so that it executes the post-receive hook ikiwiki generates (as +you specified in the ikiwiki.setup file) -The steps to be taken on the mirror site should now be complete. The -following steps should be taken by a Monkeysphere admin user: +## Admin steps to take to enable the configuration ## - * Add a new dns record for SERVERNAME.monkeysphere.info. +Add a new dns record for SERVERNAME.monkeysphere.info. - * Test the ssh connection by logging in as webmaster@george.riseup.net +Test the ssh connection by logging in as webmaster@george.riseup.net - * Add the new server as a remote on - webmaster@george.riseup.net:monkeysphere.git +Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git cd ~/monkeysphere.git git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo - * Test: +Test: git push SERVERNAME -- cgit v1.2.3