.gitignore | 4 ---- PUBKEY-PGP.asc | 43 ------------------------------------------- PUBKEY-SSH.pub | 2 +- PUBKEY-SSH.pub.asc | 13 +++++-------- VERSION.do | 2 -- clean.do | 2 -- doc/.gitignore | 1 - doc/.swgignore | 4 ++++ doc/Download | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/INSTALL | 20 ++++++++++++++++++++ doc/Integrity | 11 +++++++++++ doc/Passwords | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ doc/Storage | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ doc/TLS | 16 ++++++++++++++++ doc/Usage/Internal | 5 +++++ doc/Usage/Proxy | 28 ++++++++++++++++++++++++++++ doc/Usage/UCSPI | 25 +++++++++++++++++++++++++ doc/Usage/Upload | 17 +++++++++++++++++ doc/Usage/index | 4 ++++ doc/download.texi | 118 ----------------------------------------------------- doc/gocheese.info.do | 7 ------- doc/index | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/index.texi | 103 ----------------------------------------------------- doc/install.texi | 33 --------------------------------- doc/integrity.texi | 34 ---------------------------------- doc/internal.texi | 10 ---------- doc/mk-html | 18 ++++++++++++++++++ doc/mk-info | 4 ++++ doc/passwords.texi | 77 ----------------------------------------------------- doc/proxy.texi | 37 ------------------------------------- doc/storage.texi | 53 ----------------------------------------------------- doc/tls.texi | 21 --------------------- doc/ucspi.texi | 30 ------------------------------ doc/upload.texi | 23 ----------------------- doc/usage.texi | 7 ------- doc/www.do | 24 ------------------------ go.mod | 12 ++++++------ go.sum | 16 ++++++++-------- gocheese.do | 2 -- json.go | 2 +- main.go | 2 +- makedist | 86 +++++++++++++++++++++++------------------------------ refresh.go | 2 +- upload.go | 2 +- version | 3 +++ diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 64b6d0cbced04524c35dd102c01f6d8ca04221c1bbac212c0d50c3bdeb3b9419..0000000000000000000000000000000000000000 --- a/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -gocheese -gocheese.info -gocheese.html -VERSION diff --git a/PUBKEY-PGP.asc b/PUBKEY-PGP.asc deleted file mode 100644 index 9e988bba5a42929251198c179812aa21a3381aec0d6778624152a82429fda15f..0000000000000000000000000000000000000000 --- a/PUBKEY-PGP.asc +++ /dev/null @@ -1,43 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQENBF3tH7gBCADIBL5PAJeqyNNlQ9qt+RweybmZn+qhvZkk88ud1iy0Suo3D1L0 -VA6MGOzOWtPG69iXVTsTBfasmXmP36fXgXgqqBz5fJgeaRkXo37b1d/FZlITPzne -xpx6je2/sivNAGTHQJAvlfW5HeFkU16jb1lAoIMuLJ7UojkaJB8qahqO/L72+oAU -D7Srz4ts513wMFLiYh/H7EIUVwuRA/2N2DwKNhZeWFwAux/9tM2VegjnanSneT+J -ZMw2W1VDWYOtW33xMgDadq+ctKGe5jogt/o294T0q/scgEGHpqeyU1psSxX8+7gJ -EU45QRM7hjR3v/LK3Bnjap/DPWT8/V0bsjVLABEBAAG0K0dvQ2hlZXNlIHJlbGVh -c2VzIDxnb2NoZWVzZUBjeXBoZXJwdW5rcy5zdT6JAUwEEwEKADYWIQSbJ2QLp4Q3 -7G1KymzNXNAfVTQ9iAUCZpk2TgIbAwQLCQoHAiICAhUKBBYCAQACHgcCF4AACgkQ -zVzQH1U0PYiF/Qf/Z+km8i8nrSHPKTQcJRJ/VIrVhnUhmf81/p2taFIg7rUTL96a -qy5HIdWudIgYVahw66ArP/w+B8c4lJrqrnJ1tIBibQ4wfPkm/IGfCkbrakscedty -5Dx6vF4+L9gVsDk6jJXyb+FZmxi9KBaC26k8EDm+X0NilrLeuxk4jdC88BnBQ03Y -0VryvsVyI4lo6+g8WjllAhcI0g57O6cF6dofEyGrpq8ekjFdPTVn4t4m5n9OBrke -1d9NMiJNla8XhHCwSrkzWtDP1t+kh/r8A8PwR+gVBZ6MV2VquC+zIHQVOqTC1nBt -CVJ3wFGbPcsxtQMFkGQFXlln0vz6bspJbhH4BIh1BBAWCgAdFiEEEq0yaJxmDUJp -Z/11y4IFYyEHrYoFAmaZNqEACgkQy4IFYyEHrYpvzgD/RKNWSK/3zrSzBQG/VH/b -/LRXN7ZQdgS+qjr+RBCotKQBAL5AGOIqo2UA1I3KUSY6LrlqFWQCDXLJ4FQpo6JN -2O8ItCtHb0NoZWVzZSByZWxlYXNlcyA8Z29jaGVlc2VAY3lwaGVycHVua3MucnU+ -iQFXBBMBCgBBAhsDDAsKCQ0IDAcLAwQBAgcVCgkICwMCBRYCAQMAAh4BAheAFiEE -mydkC6eEN+xtSspszVzQH1U0PYgFAl3tH9wACgkQzVzQH1U0PYjyuwf+IRhSBBSb -Z2xh4+aOX6UbZtrlmfnFSSCMJiCUgE9QJBjZEbElSW96go8T9oMS9M7Mtf8BQOPJ -M3uS1atwAqTTxNxNF1pk3vuhiXKKz3D4SKz6nFz2c7jJNqJPNGadYIVwE2Sgx01S -n5cBqH7aNMW0is0HjNdXip9/vpzwG6bn1zJZWnKQyNmSucl0HHpIj7aZPr2VgdEK -4nuul8bDa08i28Zck9Z8VzQGat4oofTdH4xtoJELlEjf1LPpHiyegNxbhWoOxVDF -NkZYHIUWH11oGtQHMUFR44OLPllb0qhIcqVC7zKzbMWy8zOry/QUnkM4cFbY5qnx -Ol6T04c5eEOAOYh0BBARCgAdFiEEz2DomlkjHnbiY2QirhqBCeSYV+8FAl3tIBUA -CgkQrhqBCeSYV++ERQD4zNAKz+LLiErbWkeThTkDPJbjKQ9wAhi9/Y8zw47+ZAD/ -bFIc+Ae0Xrb5UmkGxS4MvDJCs1QPQp0Is9KnXGTdRl6JAbMEEAEKAB0WIQTv1d7k -1GmVJ61xttZ8A6WFjg/kqgUCXe5MbgAKCRB8A6WFjg/kqoMxC/9bKJPLTg3v4QEt -yk+Dv6KDwk+3s0pX6Ar9ns7yWrEYLTUbQbgf7MW+Cjsvl8/WfQrX/x6MKZDXi9sd -Fz5W6C/D+YdT9m6EoXyQi1Bal5a3276qJihrIovPQlgIm/6lvof4DV4NFDg+55fk -cDe3275jcKXrUHVGJWB0X4xbftdHRiNl5blls67xJrPhdSaPMGM/3ScNkGfvP5RP -9fW5QkmCCaHtgiSdj59gNltrYGOQRmSFj0+Qx4rAFh5XAQ2ks4Fwlifv3xTdmc+b -5JEJKb7c9c37VKI2V5CG4hnSnv2CQoOlHkzKyqNulKCWLvSIKEzb2n5TjxGzAQaa -J6gVPphk8uPIlpAiTJPmIflmlw0D6SeyXSjUf3uoN7r3HWeEI20CfHPoeJngRWm2 -PilG3HLMzvVU4hBwbH3l5LfryODFzNG3wph8XknAf4k9em/+L7ZlOHkVw/N/BPyS -51yoRK60k/L2Ij3/iURFV/O0N3Jebh/6hG4WPhW+hIldrMkQMryIdQQQFgoAHRYh -BBKtMmicZg1CaWf9dcuCBWMhB62KBQJi6jyNAAoJEMuCBWMhB62KMa8A/13CEKnt -j6s5kISblXXVBasMbCdAvpNT8Ber5AzFvEpuAP9vbBhgJv3jgW+DWjD6mXaZMIlk -N5hdDVrFig0Q3IOkAw== -=CJiq ------END PGP PUBLIC KEY BLOCK----- diff --git a/PUBKEY-SSH.pub b/PUBKEY-SSH.pub index 4ce178316a64f1a56ecc292040f8b5f76ed80eb3c386d72cf838151d814cb082..a47f6b8616f16b61d8300f94c360f9c61958dc604a3c740bcd1447f5d12d4f97 100644 --- a/PUBKEY-SSH.pub +++ b/PUBKEY-SSH.pub @@ -1 +1 @@ -gocheese@cypherpunks.su ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5FDzUDCGliwAWBHKB1eOEhPcRkoXNc7s9cXYz0F2Xz +gocheese@stargrave.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5FDzUDCGliwAWBHKB1eOEhPcRkoXNc7s9cXYz0F2Xz diff --git a/PUBKEY-SSH.pub.asc b/PUBKEY-SSH.pub.asc index f80515b806796e8d083238773aa2cc55dcb35d55d8516a2d9dcf43a89abaa12c..641e7ea4c1abe1cc74ffc336c51e75f03b39e86153eb8b2583f3f9a79ba3b39f 100644 --- a/PUBKEY-SSH.pub.asc +++ b/PUBKEY-SSH.pub.asc @@ -1,11 +1,8 @@ -----BEGIN PGP SIGNATURE----- -iQFMBAABCgA2FiEEmydkC6eEN+xtSspszVzQH1U0PYgFAmaZOXsYHGdvY2hlZXNl -QGN5cGhlcnB1bmtzLnN1AAoJEM1c0B9VND2IoQwIAL2JhsovOK2zpFg3GvvWFE89 -Wq6h9ohiRsVMw8AKG/BGN9W+NSHnL2jBF7/bAkIqTqdoYptQ6Ffgqh4cYqtyPfOq -BLNmORep5AmN2EAmuEBpS3bLLSALmLauJhIfFxED9JSnJU/dsybwtSNbZdKjwRtY -RvRUP/MsMZZZhixK8yPvzu9COJYMbVsullQB7PBBOvS0NCCCl74a+muGczscvYFq -AUjtKJTlPKSKV22xWZBb5gRjBL5k2Hj/ZTGF+cC8euyz4zhZP1v1fwT74C3VsCIr -In6IVnUVoz8Q0vUO8VLkYW+Y4pdiNyc3U0sXchArTMNJoZwNVAtcKcQek6AJ0PM= -=HrZs +iJEEABYKADkWIQTbL/jtRAp+lJhvt3bSI36ECQhstwUCab/QDhsUgAAAAAAEAA5t +YW51MiwyLjUrMS4xMiwyLDMACgkQ0iN+hAkIbLcgbwEAndnN3BH8nqPT1Crh8IGf +wWteLvrcCMv0R8PhfdJGkgcBAP+lR7SvfFve5n84HgSBQMK7ISVWmDdz0KA3nvOr +CXcM +=OQJ+ -----END PGP SIGNATURE----- diff --git a/VERSION.do b/VERSION.do deleted file mode 100644 index 4d0dc53bcbd13a10de2fc1a7664bc6343b763c82b7ed66b0cd904d4d4c986f1f..0000000000000000000000000000000000000000 --- a/VERSION.do +++ /dev/null @@ -1,2 +0,0 @@ -redo-ifchange main.go -perl -ne 'print "$1\n" if /Version.*"(.*)"$/' < main.go diff --git a/clean.do b/clean.do deleted file mode 100644 index c063da2c1998e9b9c8714a13e0cb3d2760561fea38ba54b33fd5072b1a2a5d99..0000000000000000000000000000000000000000 --- a/clean.do +++ /dev/null @@ -1,2 +0,0 @@ -redo-ifchange doc/clean -rm -f gocheese VERSION diff --git a/doc/.gitignore b/doc/.gitignore deleted file mode 100644 index 264b23f5d26f68f0bef01e6469f16e89d5556014f985ea7876649a041b519657..0000000000000000000000000000000000000000 --- a/doc/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/gocheese.info diff --git a/doc/.swgignore b/doc/.swgignore new file mode 100644 index 0000000000000000000000000000000000000000..17bbd533561c8f643b9931e70c02803d8175ec6efa9df2e58900069c277f5ff2 --- /dev/null +++ b/doc/.swgignore @@ -0,0 +1,4 @@ +^mk-info$ +^mk-html$ +^gocheese.info$ +^gocheese.html/ diff --git a/doc/Download b/doc/Download new file mode 100644 index 0000000000000000000000000000000000000000..565cec629fc5f47800ed417e1d5b6ae54095d5e423029b2b1abd1e220d92dcfa --- /dev/null +++ b/doc/Download @@ -0,0 +1,78 @@ +Look in .meta4 files for various other download links! +=> https://datatracker.ietf.org/doc/html/rfc5854 Metalink4 + +Release 4.3.0 | 2025-08-26 | 71 KiB + => download/gocheese-4.3.0.tar.zst tar + => download/gocheese-4.3.0.tar.zst.meta4 meta4 + +Release 4.2.0 | 2024-02-01 | 66 KiB + => download/gocheese-4.2.0.tar.zst tar + => download/gocheese-4.2.0.tar.zst.meta4 meta4 + +Release 4.1.0 | 2023-06-04 | 65 KiB + => download/gocheese-4.1.0.tar.zst tar + => download/gocheese-4.1.0.tar.zst.meta4 meta4 + +Release 4.0.0 | 2023-06-03 | 65 KiB + => download/gocheese-4.0.0.tar.zst tar + => download/gocheese-4.0.0.tar.zst.meta4 meta4 + +Release 3.7.1 | 2023-03-23 | 65 KiB + => download/gocheese-3.7.1.tar.zst tar + => download/gocheese-3.7.1.tar.zst.meta4 meta4 + +Release 3.7.0 | 2022-11-28 | 68 KiB + => download/gocheese-3.7.0.tar.zst tar + => download/gocheese-3.7.0.tar.zst.meta4 meta4 + +Release 3.6.0 | 2022-11-03 | 68 KiB + => download/gocheese-3.6.0.tar.zst tar + => download/gocheese-3.6.0.tar.zst.meta4 meta4 + +Release 3.5.0 | 2022-02-09 | 68 KiB + => download/gocheese-3.5.0.tar.zst tar + => download/gocheese-3.5.0.tar.zst.meta4 meta4 + +Release 3.4.0 | 2021-11-26 | 68 KiB + => download/gocheese-3.4.0.tar.zst tar + => download/gocheese-3.4.0.tar.zst.meta4 meta4 + +Release 3.3.0 | 2021-09-28 | 68 KiB + => download/gocheese-3.3.0.tar.zst tar + => download/gocheese-3.3.0.tar.zst.meta4 meta4 + +Release 3.2.0 | 2021-09-27 | 68 KiB + => download/gocheese-3.2.0.tar.zst tar + => download/gocheese-3.2.0.tar.zst.meta4 meta4 + +Release 3.1.0 | 2021-09-27 | 68 KiB + => download/gocheese-3.1.0.tar.zst tar + => download/gocheese-3.1.0.tar.zst.meta4 meta4 + +Release 3.0.0 | 2021-09-26 | 68 KiB + => download/gocheese-3.0.0.tar.zst tar + => download/gocheese-3.0.0.tar.zst.meta4 meta4 + +Release 2.6.0 | 2021-01-22 | 58 KiB + => download/gocheese-2.6.0.tar.zst tar + => download/gocheese-2.6.0.tar.zst.meta4 meta4 + +Release 2.5.0 | 2020-11-07 | 110 KiB + => download/gocheese-2.5.0.tar.xz tar + => download/gocheese-2.5.0.tar.xz.meta4 meta4 + +Release 2.4.1 | 2020-09-05 | 105 KiB + => download/gocheese-2.4.1.tar.xz tar + => download/gocheese-2.4.1.tar.xz.meta4 meta4 + +Release 2.4.0 | 2020-07-24 | 101 KiB + => download/gocheese-2.4.0.tar.xz tar + => download/gocheese-2.4.0.tar.xz.meta4 meta4 + +Release 2.3.0 | 2019-12-17 | 101 KiB + => download/gocheese-2.3.0.tar.xz tar + => download/gocheese-2.3.0.tar.xz.meta4 meta4 + +Release 2.2.0 | 2019-12-09 | 100 KiB + => download/gocheese-2.2.0.tar.xz tar + => download/gocheese-2.2.0.tar.xz.meta4 meta4 diff --git a/doc/INSTALL b/doc/INSTALL new file mode 100644 index 0000000000000000000000000000000000000000..d80638bca170d07093a1aef183deddcb80d38734840bc691b20d31b0f5423caa --- /dev/null +++ b/doc/INSTALL @@ -0,0 +1,20 @@ +Possibly gocheese package already exists for your distribution: +=> https://www.freshports.org/devel/gocheese/ FreeBSD ports + +Preferable way is to [Download] tarball with the signature from +website and, for example, run tests with benchmarks: + + $ v=5.0.0 + $ fetch http://www.gocheese.stargrave.org/download/gocheese-$v.tar.zst + $ fetch http://www.gocheese.stargrave.org/download/gocheese-$v.tar.zst.sig + [Integrity] check + $ zstd -d https://www.openssh.com/ OpenSSH .sig signature +=> PUBKEY-SSH.pub its public key +=> PUBKEY-SSH.pub.asc its LibrePGP signature +Its fingerprint: SHA256:Akj/MCtxCjPphrgWub2BeChqHDhLMABTYLL/MzqTN+s diff --git a/doc/Passwords b/doc/Passwords new file mode 100644 index 0000000000000000000000000000000000000000..06332ea72f7a620f5dd4fec70a4505b6112197262b0c09d0bc9ac1db4fb2f73b --- /dev/null +++ b/doc/Passwords @@ -0,0 +1,49 @@ +Password authentication is required for packages uploading. Passwords +are dynamically changed through the FIFO file. You have to create it +and use in -passwd option. Optionally, to list currently present logins +use another FIFO and -passwd-list option: + + $ mkfifo passwd passwd-list + $ gocheese -passwd passwd -passwd-list passwd-list ... + +Then you must feed it newline-separated records in following format: + + username:hashed-password[:ro] + +Where hashed-password is in one of following algorithms: + +* Argon2i (recommended one!) + => https://www.argon2i.com/ + To get Argon2i hashed-password you can use any of following tools: + => https://github.com/balakhonova/argon2i + => https://github.com/p-h-c/phc-winner-argon2 + Example user "foo" with password "bar" can have the following password + file entry: + + foo:$argon2i$v=19$m=32768,t=3,p=4$OGU5MTM3YjVlYzQwZjhkZA$rVn53v6Ckpf7WH0676ZQLr9Hbm6VH3YnL6I9ONJcIIU + +* SHA256. You can use your operating system tools: + + $ echo -n "password" | `command -v sha256 || echo sha256sum` + + Example user "foo" with password "bar" will have the following password + file entry: + + foo:$sha256$fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9 + +Optional ":ro" flag forbids user to upload packages, but allows read-only +access if -auth-required is enabled. + +To add or update password entry: + + $ echo foo:$sha256$... >passwd + $ cat passwords.txt >passwd + +To delete login entry use empty password: + + $ echo foo: >passwd + +You can also check you passwords file with: + + $ gocheese -passwd-check https://www.gnu.org/software/recutils/ recfile +It fully resembles structure of +=> https://packaging.python.org/specifications/core-metadata/ Core Metadata + +When you request for particular package version, then its tarball is +downloaded and verified against the stored checksum. But BLAKE2b-256 +is then forcefully used later. + +For example "public-package" has 0.1 version, downloaded a long time +ago with MD5 checksum. 0.1.1 version is downloaded more recently with +BLAKE2b-256 checksum, also storing that checksum for 0.1. 0.2 version is +downloaded tarball, having forced SHA256 and BLAKE2b-256 recalculated +checksums. + +"private-package" is private package, because it contains .internal +file. It can be uploaded and queries to it are not proxied to upstream +PyPI. You have to create it manually. + +Each packages release file has mtime set to its upload time. Package's +serial is a sum of mtime's of the directory and .metadata.rec (if it exists). diff --git a/doc/TLS b/doc/TLS new file mode 100644 index 0000000000000000000000000000000000000000..509b207913ab8cfe56070a5f8c14db817adb1f4b53a26f554e5fa2e414ae9615 --- /dev/null +++ b/doc/TLS @@ -0,0 +1,16 @@ +You can enable TLS support by specifying PEM-encoded X.509 certificate +and private key files. Go's TLS implementation supports TLS 1.3, HTTP/2 +negotiation, Keep-Alives, modern ciphersuites and ECC. + +For example generate some self-signed certificate using GnuTLS toolset: + + $ certtool --generate-privkey --ecc --outfile prv.pem + $ cert_template=$(mktemp) + $ echo cn=gocheese.host > $cert_template + $ certtool \ + --generate-self-signed \ + --load-privkey=prv.pem \ + --template $cert_template \ + --outfile=cert.pem + $ rm $cert_template + $ gocheese -tls-cert cert.pem -tls-key prv.pem [...] diff --git a/doc/Usage/Internal b/doc/Usage/Internal new file mode 100644 index 0000000000000000000000000000000000000000..209fc9bdd2175e5fd9ce93e14eb7379663fd40dfff97154948bd5973d7c1ef0b --- /dev/null +++ b/doc/Usage/Internal @@ -0,0 +1,5 @@ +Internal packages are never refreshed from the upstream and they can be +[Usage/Upload]ed. They are manually marked as internal/private: + + $ mkdir packages/myprivatepkg + $ touch packages/myprivatepkg/.internal diff --git a/doc/Usage/Proxy b/doc/Usage/Proxy new file mode 100644 index 0000000000000000000000000000000000000000..60fc45098faa4c5c28e4b126cce476786d301f29b5350cbe982872ae86c3ec75 --- /dev/null +++ b/doc/Usage/Proxy @@ -0,0 +1,28 @@ +By default GoCheese is configured to use PyPI: + -pypi https://pypi.org/simple/ + -pypi-json https://pypi.org/pypi/ +(if empty string, then do not try to update the metadata). + +It gives several HTTP endpoints to work with: + +* /simple/ (-refresh option) + Simple API entrypoint. Each access to it asks for upstream if any + state refresh is needed. Each refresh update the package's metadata + (if -pypi-json is enabled), available releases and their checksums. + +* /norefresh/ (-norefresh option) + Same as above, but does not refresh data from the upstream, completely + read only mode. + +* /pypi/ (-json option) + Read only (non refreshing) JSON API entrypoint, giving metadata for + the packages and releases. + +* / and /hr/* + Those URLs give human readable packages listing and package information. + +To use GoCheese as a proxy, just configure your pip.conf: + + [global] + index-url = http://gocheese.host:8080/simple/ + trusted-host = gocheese.host diff --git a/doc/Usage/UCSPI b/doc/Usage/UCSPI new file mode 100644 index 0000000000000000000000000000000000000000..b818f7a859822b28154df807818aa50e53e362455d1fcf6cccd31414b8952616 --- /dev/null +++ b/doc/Usage/UCSPI @@ -0,0 +1,25 @@ +You can use GoCheese as UCSPI-TCP service. For example running it also under: +=> http://cr.yp.to/daemontools.html daemontools + + # mkdir -p /var/service/.gocheese/log + # cd /var/service/.gocheese + + # cat > run < passwd ) & + umask 022 + mkdir -p packages + exec setuidgid gocheese tcpserver -DRH -l 0 ::0 8080 \ + gocheese -ucspi -passwd passwd /path/to/packages + EOF + + # cat > log/run < https://pypi.org/project/twine/ twine +can be easily used: + + $ twine upload + --repository-url http://gocheese.host:8080/simple/ \ + --username spam --password foo dist/tarball.tar.gz + +Also you can permanently configure it: + + [pypi] + repository: https://gocheese.host/simple/ + username: spam + password: foo + +All metadata information sent by twine is stored on the disk. +Package creation time will be server's current time. If twine +send package checksums, then they are checked against. diff --git a/doc/Usage/index b/doc/Usage/index new file mode 100644 index 0000000000000000000000000000000000000000..1336beac25adb26aa80f0f609077452a0425d5da102cb1c83e36e16859d46040 --- /dev/null +++ b/doc/Usage/index @@ -0,0 +1,4 @@ +[Usage/Proxy] +[Usage/Upload] +[Usage/Internal] +[Usage/UCSPI] diff --git a/doc/download.texi b/doc/download.texi deleted file mode 100644 index fd63f984679972fbb6d361d4f1a8c81e7d812b7a19bb38d64356768c47aca23d..0000000000000000000000000000000000000000 --- a/doc/download.texi +++ /dev/null @@ -1,118 +0,0 @@ -@multitable {XXXXX} {XXXX-XX-XX} {XXXX KiB} {meta4 tar pgp ssh} -@headitem Version @tab Date @tab Size @tab Tarball - -@item 4.3.0 @tab 2025-08-26 @tab 71 KiB @tab -@url{download/gocheese-4.3.0.tar.zst.meta4, meta4} -@url{download/gocheese-4.3.0.tar.zst, tar} -@url{download/gocheese-4.3.0.tar.zst.asc, pgp} -@url{download/gocheese-4.3.0.tar.zst.sig, ssh} - -@item 4.2.0 @tab 2024-02-01 @tab 66 KiB @tab -@url{download/gocheese-4.2.0.tar.zst.meta4, meta4} -@url{download/gocheese-4.2.0.tar.zst, tar} -@url{download/gocheese-4.2.0.tar.zst.asc, pgp} -@url{download/gocheese-4.2.0.tar.zst.sig, ssh} - -@item 4.1.0 @tab 2023-06-04 @tab 65 KiB @tab -@url{download/gocheese-4.1.0.tar.zst.meta4, meta4} -@url{download/gocheese-4.1.0.tar.zst, tar} -@url{download/gocheese-4.1.0.tar.zst.asc, pgp} -@url{download/gocheese-4.1.0.tar.zst.sig, ssh} - -@item 4.0.0 @tab 2023-06-03 @tab 65 KiB @tab -@url{download/gocheese-4.0.0.tar.zst.meta4, meta4} -@url{download/gocheese-4.0.0.tar.zst, tar} -@url{download/gocheese-4.0.0.tar.zst.asc, pgp} -@url{download/gocheese-4.0.0.tar.zst.sig, ssh} - -@item 3.7.1 @tab 2023-03-23 @tab 65 KiB @tab -@url{download/gocheese-3.7.1.tar.zst.meta4, meta4} -@url{download/gocheese-3.7.1.tar.zst, tar} -@url{download/gocheese-3.7.1.tar.zst.asc, pgp} -@url{download/gocheese-3.7.1.tar.zst.sig, ssh} - -@item 3.7.0 @tab 2022-11-28 @tab 68 KiB @tab -@url{download/gocheese-3.7.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.7.0.tar.zst, tar} -@url{download/gocheese-3.7.0.tar.zst.asc, pgp} -@url{download/gocheese-3.7.0.tar.zst.sig, ssh} - -@item 3.6.0 @tab 2022-11-03 @tab 68 KiB @tab -@url{download/gocheese-3.6.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.6.0.tar.zst, tar} -@url{download/gocheese-3.6.0.tar.zst.asc, pgp} -@url{download/gocheese-3.6.0.tar.zst.sig, ssh} - -@item 3.5.0 @tab 2022-02-09 @tab 68 KiB @tab -@url{download/gocheese-3.5.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.5.0.tar.zst, tar} -@url{download/gocheese-3.5.0.tar.zst.asc, pgp} -@url{download/gocheese-3.5.0.tar.zst.sig, ssh} - -@item 3.4.0 @tab 2021-11-26 @tab 68 KiB @tab -@url{download/gocheese-3.4.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.4.0.tar.zst, tar} -@url{download/gocheese-3.4.0.tar.zst.asc, pgp} -@url{download/gocheese-3.4.0.tar.zst.sig, ssh} - -@item 3.3.0 @tab 2021-09-28 @tab 68 KiB @tab -@url{download/gocheese-3.3.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.3.0.tar.zst, tar} -@url{download/gocheese-3.3.0.tar.zst.asc, pgp} -@url{download/gocheese-3.3.0.tar.zst.sig, ssh} - -@item 3.2.0 @tab 2021-09-27 @tab 68 KiB @tab -@url{download/gocheese-3.2.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.2.0.tar.zst, tar} -@url{download/gocheese-3.2.0.tar.zst.asc, pgp} -@url{download/gocheese-3.2.0.tar.zst.sig, ssh} - -@item 3.1.0 @tab 2021-09-27 @tab 68 KiB @tab -@url{download/gocheese-3.1.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.1.0.tar.zst, tar} -@url{download/gocheese-3.1.0.tar.zst.asc, pgp} -@url{download/gocheese-3.1.0.tar.zst.sig, ssh} - -@item 3.0.0 @tab 2021-09-26 @tab 68 KiB @tab -@url{download/gocheese-3.0.0.tar.zst.meta4, meta4} -@url{download/gocheese-3.0.0.tar.zst, tar} -@url{download/gocheese-3.0.0.tar.zst.asc, pgp} -@url{download/gocheese-3.0.0.tar.zst.sig, ssh} - -@item 2.6.0 @tab 2021-01-22 @tab 58 KiB @tab -@url{download/gocheese-2.6.0.tar.zst.meta4, meta4} -@url{download/gocheese-2.6.0.tar.zst, tar} -@url{download/gocheese-2.6.0.tar.zst.asc, pgp} -@url{download/gocheese-2.6.0.tar.zst.sig, ssh} - -@item 2.5.0 @tab 2020-11-07 @tab 110 KiB @tab -@url{download/gocheese-2.5.0.tar.xz.meta4, meta4} -@url{download/gocheese-2.5.0.tar.xz, tar} -@url{download/gocheese-2.5.0.tar.xz.asc, pgp} -@url{download/gocheese-2.5.0.tar.xz.sig, ssh} - -@item 2.4.1 @tab 2020-09-05 @tab 105 KiB @tab -@url{download/gocheese-2.4.1.tar.xz.meta4, meta4} -@url{download/gocheese-2.4.1.tar.xz, tar} -@url{download/gocheese-2.4.1.tar.xz.asc, pgp} -@url{download/gocheese-2.4.1.tar.xz.sig, ssh} - -@item 2.4.0 @tab 2020-07-24 @tab 101 KiB @tab -@url{download/gocheese-2.4.0.tar.xz.meta4, meta4} -@url{download/gocheese-2.4.0.tar.xz, tar} -@url{download/gocheese-2.4.0.tar.xz.asc, pgp} -@url{download/gocheese-2.4.0.tar.xz.sig, ssh} - -@item 2.3.0 @tab 2019-12-17 @tab 101 KiB @tab -@url{download/gocheese-2.3.0.tar.xz.meta4, meta4} -@url{download/gocheese-2.3.0.tar.xz, tar} -@url{download/gocheese-2.3.0.tar.xz.asc, pgp} -@url{download/gocheese-2.3.0.tar.xz.sig, ssh} - -@item 2.2.0 @tab 2019-12-09 @tab 100 KiB @tab -@url{download/gocheese-2.2.0.tar.xz.meta4, meta4} -@url{download/gocheese-2.2.0.tar.xz, tar} -@url{download/gocheese-2.2.0.tar.xz.asc, pgp} -@url{download/gocheese-2.2.0.tar.xz.sig, ssh} - -@end multitable diff --git a/doc/gocheese.info.do b/doc/gocheese.info.do deleted file mode 100644 index e79836553f559feb0db1a1f088e95c0049dace77845dc4f36a9951430286af79..0000000000000000000000000000000000000000 --- a/doc/gocheese.info.do +++ /dev/null @@ -1,7 +0,0 @@ -redo-ifchange *.texi ../VERSION -${MAKEINFO:-makeinfo} \ - -D "VERSION `cat ../VERSION`" \ - --set-customization-variable SECTION_NAME_IN_TITLE=1 \ - --set-customization-variable TREE_TRANSFORMATIONS=complete_tree_nodes_menus \ - --set-customization-variable ASCII_PUNCTUATION=1 \ - --output $3 index.texi diff --git a/doc/index b/doc/index new file mode 100644 index 0000000000000000000000000000000000000000..f5a1e9d3be17591693c0959122a40f03eb8bce1a893888854a78d51290221a63 --- /dev/null +++ b/doc/index @@ -0,0 +1,80 @@ +GoCheese is Python private package repository and caching proxy. + +It serves two purposes: + +* proxying and caching of missing packages from upstream + => https://pypi.org/ PyPI + conforming to + => https://www.python.org/dev/peps/pep-0503/ PEP-0503 (Simple Repository API) + => https://warehouse.pypa.io/api-reference/json.html JSON API +* hosting of private locally uploaded packages, conforming to + => https://warehouse.pypa.io/api-reference/legacy/ Warehouse Legacy API + +Why could you like it and how it can be better to fit your needs? + +* No database required. Only filesystem storage with few simple files + per package. Package deletion, renaming, making it uploadable + (private) is done with simple mkdir, touch, etc commands +* Just single statically compiled Go binary, UCSPI-TCP compatibility, + high performance (including HTTP/2, keepalives and TLS session + resumption) +* No configuration file, but several simple command line arguments +* Consistency (because of atomic synced operations) and integrity + (because of cryptographic checksums stored nearby) +* Package's metadata and created times storing for uploaded and proxied + packages + +Initially it was created as a fork of +=> https://github.com/c4s4/cheeseshop cheeseshop +but nearly all the code was rewritten. It is aimed to be replacement for +PyShop lacking huge quantity of features, reliability and consistency +guarantees, workability without deprecated XML-RPC API, and suffering +performance. + +* Supports proxying and caching of non-internal packages from the + upstream PyPI installation. + +* Supports uploading of internal packages through the standard Warehouse + API, including signatures, metadata and checksums. + +* Supports + => https://pythonwheels.com/ + => https://packaging.python.org/specifications/core-metadata/ + => https://www.python.org/dev/peps/pep-0566/ PEP-0566 compatible + conversion to JSON, multiple (MD5, SHA256, SHA512, BLAKE2b-256) + integrity checksums storing and verifying during uploading and proxying. + +* Supports Simple and JSON APIs, being able to replace PyPI for all + downstream clients. + +* Stores package's creation time with solicitude as mtime, giving it in + HTTP headers and JSON API. + +* TLS and HTTP/2 capable transport to the upstream, with enabled + keepalives and session resumption TLS tickets. Graceful HTTP server + shutdown. Can work as a service of + => https://cr.yp.to/ucspi-tcp.html UCSPI-TCP + +* Atomic and fsync-ed reliable and consistent updates to the filesystem. + +* Has ability to authenticate upstream PyPI by its X.509 certificate's + SPKI hash. + +* User authentication supports passwords either hashed with SHA256 or + strengthened with + => https://datatracker.ietf.org/doc/html/rfc9106 Argon2i + +Also it contains contrib/pyshop2packages.sh migration script for converting +=> https://pypi.org/project/pyshop/ Pyshop +database into GoCheese one, including private packages. + +GoCheese is +=> https://www.gnu.org/philosophy/pragmatic.html copylefted +=> https://www.gnu.org/philosophy/free-sw.html free software +licenced under +=> https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3 + +Please send questions, bug reports and patches to +=> mailto:gocheese@stargrave.org + + [INSTALL] [Usage/] [Passwords] [TLS] [Storage] diff --git a/doc/index.texi b/doc/index.texi deleted file mode 100644 index 36c0674ee0485d2c2f760442a45f527d48ccdbc2272996270c8bb9b4a9a4ae07..0000000000000000000000000000000000000000 --- a/doc/index.texi +++ /dev/null @@ -1,103 +0,0 @@ -\input texinfo -@settitle GoCheese - -@copying -Copyright @copyright{} 2019-2026 @email{stargrave@@stargrave.org, Sergey Matveev} -@end copying - -@node Top -@top GoCheese - -GoCheese is Python private package repository and caching proxy. - -It serves two purposes: - -@itemize -@item proxying and caching of missing packages from upstream - @url{https://pypi.org/, PyPI}, conforming to - @url{https://www.python.org/dev/peps/pep-0503/, PEP-0503} - (Simple Repository API) and - @url{https://warehouse.pypa.io/api-reference/json.html, JSON API} -@item hosting of private locally uploaded packages, conforming to - @url{https://warehouse.pypa.io/api-reference/legacy/, Warehouse Legacy API} -@end itemize - -Why could you like it and how it can be better to fit your needs? - -@itemize -@item No database required. Only filesystem storage with few simple - files per package. Package deletion, renaming, making it uploadable - (private) is done with simple @command{mkdir}, @command{touch}, etc - commands -@item Just single statically compiled Go binary, UCSPI-TCP compatibility, - high performance (including HTTP/2, keepalives and TLS session resumption) -@item No configuration file, but several simple command line arguments -@item Consistency (because of atomic synced operations) and integrity - (because of cryptographic checksums stored nearby) -@item Package's metadata and created times storing for uploaded and - proxied packages -@end itemize - -Initially it was created as a fork of -@url{https://github.com/c4s4/cheeseshop, cheeseshop}, -but nearly all the code was rewritten. It is aimed to be replacement for -@command{PyShop} lacking huge quantity of features, reliability and -consistency guarantees, workability without deprecated XML-RPC API, and -suffering performance. - -@itemize - -@item Supports proxying and caching of non-internal packages from the -upstream PyPI installation. - -@item Supports uploading of internal packages through the standard -Warehouse API, including signatures, metadata and checksums. - -@item Supports @url{https://pythonwheels.com/, wheels}, -@url{https://packaging.python.org/specifications/core-metadata/, Metadata} -with @url{https://www.python.org/dev/peps/pep-0566/, PEP-0566} compatible -conversion to JSON, multiple (MD5, SHA256, SHA512, BLAKE2b-256) integrity -checksums storing and verifying during uploading and proxying. - -@item Supports Simple and JSON APIs, being able to replace PyPI for all -downstream clients. - -@item Stores package's creation time with solicitude as @code{mtime}, -giving it in HTTP headers and JSON API. - -@item TLS and HTTP/2 capable transport to the upstream, with enabled -keepalives and session resumption TLS tickets. Graceful HTTP server -shutdown. Can work as a @url{https://cr.yp.to/ucspi-tcp.html, UCSPI-TCP} -service. - -@item Atomic and @code{fsync}ed reliable and consistent updates to the -filesystem. - -@item Has ability to authenticate upstream PyPI by its X.509 -certificate's SPKI hash. - -@item User authentication supports passwords either hashed with SHA256 -or strengthened with @url{https://datatracker.ietf.org/doc/html/rfc9106, Argon2i}. - -@end itemize - -Also it contains @file{contrib/pyshop2packages.sh} migration script for -converting @url{https://pypi.org/project/pyshop/, Pyshop} database into -GoCheese one, including private packages. - -GoCheese is -@url{https://www.gnu.org/philosophy/pragmatic.html, copylefted} -@url{https://www.gnu.org/philosophy/free-sw.html, free software} -licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3}. - -Please send questions, bug reports and patches to @url{mailto:gocheese@@cypherpunks.su}. - -@insertcopying - -@include install.texi -@include usage.texi -@include passwords.texi -@include tls.texi -@include storage.texi - -@bye diff --git a/doc/install.texi b/doc/install.texi deleted file mode 100644 index 23dbe1e3dd166a1543011e6a7f30ac0f20ebb9a5a747191c97444700f2faf9b9..0000000000000000000000000000000000000000 --- a/doc/install.texi +++ /dev/null @@ -1,33 +0,0 @@ -@node Install -@unnumbered Install - -Possibly @command{gocheese} package already exists for your distribution: -@itemize -@item @url{https://www.freshports.org/devel/gocheese/, FreeBSD ports} -@end itemize - -Preferable way is to download tarball with the signature from -website and, for example, run tests with benchmarks: - -@example -$ [fetch|wget] http://www.gocheese.cypherpunks.su/download/gocheese-@value{VERSION}.tar.zst -$ [fetch|wget] http://www.gocheese.cypherpunks.su/download/gocheese-@value{VERSION}.tar.zst.@{asc,sig@} -[verify signature] -$ zstd -d < gocheese-@value{VERSION}.tar.zst | tar xf - -$ cd gocheese-@value{VERSION} -$ go build -mod=vendor -@end example - -@include download.texi -@include integrity.texi - -You can obtain development source code with -@command{git clone git://git.cypherpunks.su/gocheese.git}. -You can also use -@code{anongit@@master.git.stargrave.org:cypherpunks.su/gocheese.git}, -@code{anongit@@slave.git.stargrave.org:cypherpunks.su/gocheese.git}, -@code{anongit@@master.git.cypherpunks.su:cypherpunks.su/gocheese.git}, -@code{anongit@@slave.git.cypherpunks.su:cypherpunks.su/gocheese.git}, -@url{git://git.stargrave.org/gocheese.git}, -@url{git://y.git.stargrave.org/gocheese.git}, -@url{git://y.git.cypherpunks.su/gocheese.git} URLs instead. diff --git a/doc/integrity.texi b/doc/integrity.texi deleted file mode 100644 index a4c4ef08f0cf18ee57a8813a7fe42e14aaea62d2e4644c3ec13798476ada4c91..0000000000000000000000000000000000000000 --- a/doc/integrity.texi +++ /dev/null @@ -1,34 +0,0 @@ -You @strong{have to} verify downloaded tarballs authenticity to be sure -that you retrieved trusted and untampered software. There are two options: - -@table @asis - -@item @url{https://www.openpgp.org/, OpenPGP} @file{.asc} signature - Use @url{https://www.gnupg.org/, GNU Privacy Guard} free software - implementation. - For the very first time it is necessary to get signing public key and - import it. It is provided @url{PUBKEY-PGP.asc, here}, but you should - check alternate resources. - -@verbatim -pub rsa2048/0xCD5CD01F55343D88 2019-12-08 - 9B27 640B A784 37EC 6D4A CA6C CD5C D01F 5534 3D88 -uid GoCheese releases -@end verbatim - -@example -$ gpg --auto-key-locate dane --locate-keys gocheese@@cypherpunks.su -$ gpg --auto-key-locate wkd --locate-keys gocheese@@cypherpunks.su -@end example - -@item @url{https://www.openssh.com/, OpenSSH} @file{.sig} signature - @url{PUBKEY-SSH.pub, Public key} and its OpenPGP - @url{PUBKEY-SSH.pub.asc, signature} made with the key above. - Its fingerprint: @code{SHA256:Akj/MCtxCjPphrgWub2BeChqHDhLMABTYLL/MzqTN+s}. - -@example -$ ssh-keygen -Y verify -f PUBKEY-SSH.pub -I gocheese@@cypherpunks.su -n file \ - -s gocheese-@value{VERSION}.tar.zst.sig < gocheese-@value{VERSION}.tar.zst -@end example - -@end table diff --git a/doc/internal.texi b/doc/internal.texi deleted file mode 100644 index 5563d4c3c9c4eb8623c9be9336780c6c1b85ad5ff54dae5e0d40ed8cb213df27..0000000000000000000000000000000000000000 --- a/doc/internal.texi +++ /dev/null @@ -1,10 +0,0 @@ -@node Internal -@section Internal - -Internal packages are never refreshed from the upstream and they can be -@ref{Uploading, updated}. They are manually marked as internal/private: - -@example -$ mkdir packages/myprivatepkg -$ touch packages/myprivatepkg/.internal -@end example diff --git a/doc/mk-html b/doc/mk-html new file mode 100755 index 0000000000000000000000000000000000000000..2b3a357c67c38238bdc97b0ab2100bf31a805bc90c01f58aec3504216bca0ec6 --- /dev/null +++ b/doc/mk-html @@ -0,0 +1,18 @@ +#!/bin/sh -e + +html=gocheese.html +rm -f $html/*.html +SWG_DO_SRC=0 SWG_DO_BACKS=0 swg htmls $html +perl -i -npe 's#^.*$#<title>GoCheese#' $html/index.html +ln -f ../PUBKEY-* $html/ +( + cd $html/download + export ATOM_ID="f9e3d8b1-9da7-4ec0-adf9-82aef5bfcc29" + export NAME=GoCheese + export BASE_URL=http://www.gocheese.stargrave.org/download + export AUTHOR_EMAIL=gocheese@stargrave.org + ~/work/releases-feed/releases.atom.zsh +) +perl -i -npe 'print "\n" if /^<\/head>/' $html/Download.html +find $html -type d -exec chmod 755 {} + +find $html -type f -exec chmod 644 {} + diff --git a/doc/mk-info b/doc/mk-info new file mode 100755 index 0000000000000000000000000000000000000000..cb4b0b510c0a9993617868094c3ed170410def28291712e6325bd97c969a719f --- /dev/null +++ b/doc/mk-info @@ -0,0 +1,4 @@ +#!/bin/sh +# http://www.git.stargrave.org/?p=swg.git;a=blob;f=README + +SWG_DO_SRC=0 SWG_DO_BACKS=0 exec swg info >gocheese.info diff --git a/doc/passwords.texi b/doc/passwords.texi deleted file mode 100644 index be2f8ff7197502842d35c5b33e59b7e37a4e0eff34ec647e4200dbf7f0ee8bda..0000000000000000000000000000000000000000 --- a/doc/passwords.texi +++ /dev/null @@ -1,77 +0,0 @@ -@node Passwords -@unnumbered Password authentication - -Password authentication is required for packages uploading. Passwords -are dynamically changed through the FIFO file. You have to create it and -use in @option{-passwd} option. Optionally, to list currently present -logins use another FIFO and @option{-passwd-list} option: - -@example -$ mkfifo passwd passwd-list -$ gocheese -passwd passwd -passwd-list passwd-list ... -@end example - -Then you must feed it newline-separated records in following format: - -@example -username:hashed-password[:ro] -@end example - -Where @code{hashed-password} is in one of following algorithms: - -@table @asis - -@item @url{https://www.argon2i.com/, Argon2i} (recommended one!) - To get Argon2i hashed-password you can use any of following tools: - - @itemize - @item @code{go install @url{https://github.com/balakhonova/argon2i, - github.com/balakhonova/argon2i@@latest}} (Go) - @item @url{https://github.com/p-h-c/phc-winner-argon2} (C) - @end itemize - - Example user @code{foo} with password @code{bar} can have the - following password file entry: - -@verbatim -foo:$argon2i$v=19$m=32768,t=3,p=4$OGU5MTM3YjVlYzQwZjhkZA$rVn53v6Ckpf7WH0676ZQLr9Hbm6VH3YnL6I9ONJcIIU -@end verbatim - -@item SHA256 - You can use your operating system tools: - -@example -$ echo -n "password" | `command -v sha256 || echo sha256sum` -@end example - - Example user @code{foo} with password @code{bar} will have the - following password file entry: - -@verbatim -foo:$sha256$fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9 -@end verbatim - -@end table - -Optional @code{:ro} flag forbids user to upload packages, but allows -read-only access if @option{-auth-required} is enabled. - -To add or update password entry: - -@example -$ echo foo:$sha256$... > passwd -$ cat passwords.txt > passwd -@end example - -To delete login entry use empty password: - -@example -$ echo foo: > passwd -@end example - -You can also check you passwords file with: - -@example -$ gocheese -passwd-check < passwords.txt -$ echo $? -@end example diff --git a/doc/proxy.texi b/doc/proxy.texi deleted file mode 100644 index e603bd4ed9aabce387ffeca28328539615116004bcf591361e5bf74fb7026cf7..0000000000000000000000000000000000000000 --- a/doc/proxy.texi +++ /dev/null @@ -1,37 +0,0 @@ -@node Proxying -@section Proxying - -By default GoCheese is configured to use PyPI: -@option{-pypi https://pypi.org/simple/}, -@option{-pypi-json https://pypi.org/pypi/} (if empty string, then do not -try to update the metadata). - -It gives several HTTP endpoints to work with: - -@table @asis - -@item @code{/simple/} (@option{-refresh} option) -Simple API entrypoint. Each access to it asks for upstream if any state -refresh is needed. Each refresh update the package's metadata (if -@option{-pypi-json} is enabled), available releases and their checksums. - -@item @code{/norefresh/} (@option{-norefresh} option) -Same as above, but does not refresh data from the upstream, completely -read only mode. - -@item @code{/pypi/} (@option{-json} option) -Read only (non refreshing) JSON API entrypoint, giving metadata for the -packages and releases. - -@item @code{/} and @code{/hr/*} -Those URLs give human readable packages listing and package information. - -@end table - -To use GoCheese as a proxy, just configure your @file{pip.conf}: - -@example -[global] -index-url = http://gocheese.host:8080/simple/ -trusted-host = gocheese.host -@end example diff --git a/doc/storage.texi b/doc/storage.texi deleted file mode 100644 index a143bdb919443f151ff4943b918ea443b0d3f607715ad784604dd85b9ab7d374..0000000000000000000000000000000000000000 --- a/doc/storage.texi +++ /dev/null @@ -1,53 +0,0 @@ -@node Storage -@unnumbered Storage format - -Root directory has the following hierarchy: - -@verbatim -root - +-- public-package - | +- .metadata.rec - | +- public-package-0.1.tar.gz.md5 - | +- public-package-0.1.tar.gz.blake2b_256 - | +- public-package-0.1.1.tar.gz.blake2b_256 - | +- public-package-0.2.tar.gz - | +- public-package-0.2.tar.gz.sha256 - | +- public-package-0.2.tar.gz.blake2b_256 - +-- private-package - | +- .internal - | +- .metadata.rec - | +- private-package-0.1.tar.gz - | +- private-package-0.1.tar.gz.sha256 - | +- private-package-0.1.tar.gz.blake2b_256 - |... -@end verbatim - -Each directory is a normalized package name. When you try to list non -existent directory contents (you are downloading package you have not -seen before), then GoCheese will download information about package's -versions with checksums and write them in corresponding -@file{.sha256}, @file{.blake2b_256}, @file{.sha512}, @file{.md5} files. -However no package package tarball is downloaded. - -If JSON API is enabled, then metadata is also downloaded and stored in -@file{.metadata.rec} @url{https://www.gnu.org/software/recutils/, recfile}. -It fully resembles structure of -@url{https://packaging.python.org/specifications/core-metadata/, Core Metadata}. - -When you request for particular package version, then its tarball is -downloaded and verified against the stored checksum. But SHA256 is then -forcefully used later. - -For example @file{public-package} has @code{0.1} version, downloaded a -long time ago with MD5 checksum. @code{0.1.1} version is downloaded more -recently with BLAKE2b-256 checksum, also storing that checksum for -@code{0.1}. @code{0.2} version is downloaded tarball, having forced -SHA256 and BLAKE2b-256 recalculated checksums. - -@file{private-package} is private package, because it contains -@file{.internal} file. It can be uploaded and queries to it are not -proxied to upstream PyPI. You have to create it manually. - -Each packages release file has @code{mtime} set to its upload time. -Package's serial is a sum of @code{mtime}s of the directory and -@file{.metadata.rec} (if it exists). diff --git a/doc/tls.texi b/doc/tls.texi deleted file mode 100644 index 224c9b07017aa1465b20ccdc856f427594775280e490f7a46c018fdbeaf16dd5..0000000000000000000000000000000000000000 --- a/doc/tls.texi +++ /dev/null @@ -1,21 +0,0 @@ -@node TLS -@unnumbered TLS support - -You can enable TLS support by specifying PEM-encoded X.509 certificate -and private key files. Go's TLS implementation supports TLS 1.3, HTTP/2 -negotiation, Keep-Alives, modern ciphersuites and ECC. - -For example generate some self-signed certificate using GnuTLS toolset: - -@example -$ certtool --generate-privkey --ecc --outfile prv.pem -$ cert_template=`mktemp` -$ echo cn=gocheese.host > $cert_template -$ certtool \ - --generate-self-signed \ - --load-privkey=prv.pem \ - --template $cert_template \ - --outfile=cert.pem -$ rm $cert_template -$ gocheese -tls-cert cert.pem -tls-key prv.pem [...] -@end example diff --git a/doc/ucspi.texi b/doc/ucspi.texi deleted file mode 100644 index 3462f5eab5ebb62871be182dc2c018e91a4aa60f977c503e6396c13ce8303dac..0000000000000000000000000000000000000000 --- a/doc/ucspi.texi +++ /dev/null @@ -1,30 +0,0 @@ -@node UCSPI-TCP -@section UCSPI-TCP - -You can use GoCheese as UCSPI-TCP service. For example running it also -under @url{http://cr.yp.to/daemontools.html, daemontools}: - -@example -# mkdir -p /var/service/.gocheese/log -# cd /var/service/.gocheese - -# cat > run < passwd ) & -umask 022 -mkdir -p packages -exec setuidgid gocheese tcpserver -DRH -l 0 ::0 8080 \ - gocheese -ucspi -passwd passwd /path/to/packages -EOF - -# cat > log/run <\n" if /^<\/head>/' $html/Install.html -find $html -type d -exec chmod 755 {} + -find $html -type f -exec chmod 644 {} + diff --git a/go.mod b/go.mod index b71988c0ff7c83a64c15f8e81064d58135cd62c1d5d1932994db2964f44b0ac5..206ccdae71dc10da4a43e320e33bfb842152e071be262befae6268193cb483dd 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,11 @@ -module go.cypherpunks.su/gocheese/v5 +module go.stargrave.org/gocheese/v5 -go 1.24 +go 1.24.0 require ( - go.cypherpunks.su/recfile/v3 v3.0.0 - golang.org/x/crypto v0.41.0 - golang.org/x/net v0.42.0 + go.stargrave.org/recfile/v4 v4.0.0 + golang.org/x/crypto v0.48.0 + golang.org/x/net v0.49.0 ) -require golang.org/x/sys v0.35.0 // indirect +require golang.org/x/sys v0.41.0 // indirect diff --git a/go.sum b/go.sum index 566b48393ff6ec894fe90144ed2017301c9a32b4a9f278a762bcd396ef54c661..60c154cf541b64f2150e18e403f04f29a0be3f847f0f2c5ec03dce52c3b251d7 100644 --- a/go.sum +++ b/go.sum @@ -1,8 +1,8 @@ -go.cypherpunks.su/recfile/v3 v3.0.0 h1:cHuH9GK153v+XJogb4XxuDMaC+RGmn4G2G5MLJ3SIpc= -go.cypherpunks.su/recfile/v3 v3.0.0/go.mod h1:JAkipcy9IUNuYMR+vfNqf/f6KydLdhw1TBaOnNjdHv4= -golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= -golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= -golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= -golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= -golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= -golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +go.stargrave.org/recfile/v4 v4.0.0 h1:v9kZnW/e64oPfOqArGMNZacuT57lDibd24xhEiBDQ/c= +go.stargrave.org/recfile/v4 v4.0.0/go.mod h1:IGi8kMociIlDoR8iOssyUG/uix+wmsqvBuiDeQXsIuE= +golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= +golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= +golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o= +golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= +golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= +golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= diff --git a/gocheese.do b/gocheese.do deleted file mode 100644 index c6fe336164ab569a38d3598786e371e0cf6c53402d45dd15e4e4dd99dabfcb4f..0000000000000000000000000000000000000000 --- a/gocheese.do +++ /dev/null @@ -1,2 +0,0 @@ -redo-ifchange *.go -${GO:-go} build -o $3 diff --git a/json.go b/json.go index 72db2958c3354e9434d8068982e891e1cd9d8e49bbf3b3ec00709c7393fdc16b..38c85b76c0f676bc3d9b41939d710717a5dd4e7a330a2f52036f98f2c0abd1e1 100644 --- a/json.go +++ b/json.go @@ -24,7 +24,7 @@ "os" "path/filepath" "strings" - "go.cypherpunks.su/recfile/v3" + "go.stargrave.org/recfile/v4" ) func getMD(pkgName, version string) (*PkgMeta, []*PkgReleaseInfo, error) { diff --git a/main.go b/main.go index 69f279500503396c1cb2de0610f30c290d04eaa75b4d7083b55a1d15126c02be..3023f1937242127726f24f769f0fc9afcd8494565b3b7aabd17c3b54c0e19bad 100644 --- a/main.go +++ b/main.go @@ -42,7 +42,7 @@ "golang.org/x/net/netutil" ) const ( - Version = "4.3.0" + Version = "5.0.0" UserAgent = "GoCheese/" + Version ) diff --git a/makedist b/makedist index 40ebd0b46c0a1387b648d285017f8145fc4a4deba488256628df04f6a9480cbb..60fda2441f1264a1ccb2397a244b573da3338a3fa3120cd5fa708d661372a184 100755 --- a/makedist +++ b/makedist @@ -8,66 +8,54 @@ git clone . $tmp/gocheese-$release cd $tmp/gocheese-$release git checkout v$release - -redo-ifchange VERSION - +./version >VERSION go mod vendor - -cat >doc/download.texi <$texi <gocheese-"$release".tar -zstd -22 --ultra -v gocheese-"$release".tar -tarball=gocheese-"$release".tar.zst -ssh-keygen -Y sign -f ~/.ssh/sign/gocheese@cypherpunks.su -n file $tarball -gpg --armor --detach-sign --sign --local-user CD5CD01F55343D88 $tarball -meta4ra-create -fn "$tarball" -mtime "$tarball" \ - -sig-pgp "$tarball".asc -sig-ssh "$tarball".sig \ - http://www.gocheese.cypherpunks.su/download/"$tarball" \ - http://y.www.gocheese.cypherpunks.su/download/"$tarball" <"$tarball" >"$tarball".meta4 +detpax gocheese-$release >gocheese-$release.tar +zstd -22 --ultra -v gocheese-$release.tar +tarball=gocheese-$release.tar.zst +ssh-keygen -Y sign -f ~/.ssh/sign/gocheese@stargrave.org -n file $tarball +meta4ra-create -fn $tarball -mtime $tarball -sig-ssh $tarball.sig \ + "1|ru|http://www.gocheese.stargrave.org/download/$tarball" \ + "2|ru|http://msk.www.gocheese.stargrave.org/download/$tarball" \ + "2|ru|http://spb.www.gocheese.stargrave.org/download/$tarball" \ + "3|ru|https://www.gocheese.stargrave.org/download/$tarball" \ + "4|ru|https://msk.www.gocheese.stargrave.org/download/$tarball" \ + "4|ru|https://spb.www.gocheese.stargrave.org/download/$tarball" \ + "5|ru|http://y.www.gocheese.stargrave.org/download/$tarball" \ + "5|ru|http://[322:3bd:cc26:9545:b00b:8841:126e:8b7e]/download/$tarball" \ + "6|ru|sftp://anonwww@msk.www.stargrave.org/gocheese.stargrave.org/download/$tarball" \ + "6|ru|sftp://anonwww@spb.www.stargrave.org/gocheese.stargrave.org/download/$tarball" \ + <$tarball >$tarball.meta4 +meta4ra-create -add $tarball.meta4 -fn $tarball.sig -hashers "" \ + "1|ru|http://www.gocheese.stargrave.org/download/$tarball.sig" \ + "2|ru|http://msk.www.gocheese.stargrave.org/download/$tarball.sig" \ + "2|ru|http://spb.www.gocheese.stargrave.org/download/$tarball.sig" \ + "3|ru|https://www.gocheese.stargrave.org/download/$tarball.sig" \ + "4|ru|https://msk.www.gocheese.stargrave.org/download/$tarball.sig" \ + "4|ru|https://spb.www.gocheese.stargrave.org/download/$tarball.sig" \ + "5|ru|http://y.www.gocheese.stargrave.org/download/$tarball.sig" \ + "5|ru|http://[322:3bd:cc26:9545:b00b:8841:126e:8b7e]/download/$tarball.sig" \ + "6|ru|sftp://anonwww@msk.www.stargrave.org/gocheese.stargrave.org/download/$tarball.sig" \ + "6|ru|sftp://anonwww@spb.www.stargrave.org/gocheese.stargrave.org/download/$tarball.sig" \ + <$tarball.sig >$tarball.meta4_ +mv $tarball.meta4_ $tarball.meta4 size=$(( $(stat -f %z $tarball) / 1024 )) release_date=$(date "+%Y-%m-%d") cat < download/gocheese-$release.tar.zst tar + => download/gocheese-$release.tar.zst.meta4 meta4 EOF -mv $tmp/$tarball $tmp/"$tarball".asc $tmp/"$tarball".sig $tmp/"$tarball".meta4 $cur/doc/gocheese.html/download +mv $tmp/$tarball $tmp/$tarball.sig $tmp/$tarball.meta4 $cur/doc/gocheese.html/download diff --git a/refresh.go b/refresh.go index 7968fe47a77a029f47a8de8546734ef28f96e82521241473b0aa93ee414a75ee..24d5793ed60296fef5e8294631e0b46ff23571badb22a16f59aa7f1b086e8f2e 100644 --- a/refresh.go +++ b/refresh.go @@ -36,7 +36,7 @@ "regexp" "strings" "time" - "go.cypherpunks.su/recfile/v3" + "go.stargrave.org/recfile/v4" "golang.org/x/crypto/blake2b" ) diff --git a/upload.go b/upload.go index cf8182318076e6b8ed2647cee577696aa2bd9d1956a674f8f4e6a2509158edec..a0e15ba05da306a01ab74c200103a61b20702761fc9c2f6b69862e9086c287ad 100644 --- a/upload.go +++ b/upload.go @@ -31,7 +31,7 @@ "regexp" "strings" "time" - "go.cypherpunks.su/recfile/v3" + "go.stargrave.org/recfile/v4" ) var NormalizationRe = regexp.MustCompilePOSIX("[-_.]+") diff --git a/version b/version new file mode 100755 index 0000000000000000000000000000000000000000..0f3a47422e0d26073394ee0775fcaf8ecb8c2b11ecdee789f712811d21ab2a75 --- /dev/null +++ b/version @@ -0,0 +1,3 @@ +#!/bin/sh -e + +exec perl -ne 'print "$1\n" if /Version.*"(.*)"$/'