Recent changes to this wiki:

*/debian/control: update maintainership to me
libpiny-perl.postinst: stop breaking shadow gid setups
pinyadmin: update help verbiage to zsh
pinyweb: delay STDERR redirect until we're properly ready for it
libpiny: repo: fix various syntax errors
libpiny: repo: local is only for shadow variables. ugh.
libpiny: repo: add hooks check and backwards-compatibly delete more configs on destroy()
pinyweb: newuser: remove google's broken captcha api
Piny::Repo: addgroup should use --system
Arrange for Tempfiles to be safely written in-dir
The default File::Temp DIR is not necessarily the same filesystem as the
destination, which makes atomic linking impossible.
pinyweb: scalarizing CGI params because perl
Because not everyone wants to Perl Jam.
pinyconfigs: Modernize the paths on the Makefile
pinyconfig: Modernizing configuration files.
libpiny: Piny::Repo: Restrict iwiwiki srcdirs
We would optimally like Ikiwiki source directories to be at least as
restrictive as the git repositories they came from. For now, maximal
restriction seems like a perfectly fine way to achieve this.
libpiny: Piny::Repo: chmod and chgrp snowflakes
The snowflakes directory has mutable files such as packed-refs that need
to be group writable.
libpiny: Piny::Repo: Symlink files out of root
Due to insecurities surrounding core.hooksPath and git's insistence upon
locking files it doesn't even intend to update, it's necessary to
symbolicly link several files into their own namespaces. We specifically
do this with HEAD and packed refs, but there might eventually be others
to worry about.
pinyshell: use zsh and restrict read builtin
Along with rbash careening towards crazytown, rksh has some problematic
behavior around HISTFILE creation that forces us to use zsh. We are
additionally disabling the "read" builtin for extra safety. Other
builtins should maybe also be disabled in the future. Migrate to new PAM and unixgroup modules
Apache 2.2->2.4 upgrade changed module names and configuration
directives for various PAM authentication features; with this patch we
can successfully autogenerate those.
Piny::Repo: Initial read-only repository support.
Not all systems want us to manage git repositories: we can still provide
ikiwiki/apache support for existing read-only repositories. This would
probably be better done with some sort of configuration variable, but a
simple access() W_OK writability check will have to do for now.
pinyweb: newuser.cgi: fix recaptcha logic
docs/install_notes.txt: add libcaptcha-recaptcha-perl
pinyweb/debian/control: add libcaptcha-recaptcha-perl
pinyweb: newuser.cgi: add recaptcha support
install notes: adding ksh to list of package dependencies
pinyadmin: bash -r -> ksh -r because the bash people apparently like to deprecate security features without bothering to tell anyone
install notes: the git binary should not be here
Default ikiwiki.setup: remove "Preferences" link. whoops, wrong object
libpiny.key should be owned by www-data, not shadow
libpiny: whoops, missed apachereload check on destroy_apache
libpiny: renaming reloadapache to apachereload
libpiny: add piny.reloadapache configuration variable
libpiny: further corrections to piny.gitpath
libpiny: making git path configurable (default: /srv/git)
ugh fine i guess my bugfix should actually fix a bug
When setting description with pinyconfig, we need to verify differently.
Completely untested support in pinyconfig for repo description.
pinyadmin: new lsusers command
Piny::Repo: do not rely on trailing slashes in user-configurable ikiwikisrcdir
docs: user facing infrastructure: updates
pinyconfig: FIXME for rebuild-on-unchanged-value
pinyconfig: explicitly declare short opts
Getopt::Long does not appear to auto_abbrev properly ;\
pinyconfig: actually check for --fast
pinyconfig: adding 'rebuild unless told not to' logic
Migrate Config::Simple over to Config::GitLike
Fixes problems parsing complex option statements, particularly
install notes: fix various small oversights
Piny::Config: add receive.denydeletes to list of tweakables
pinyadmin: pinyconfig: allow --user to actually set things
Adding check for UID 0 to pinyadmin commands so root can actually do things
install notes: libdigest-sha1-perl has been renamed to libdigest-sha-perl
doc: initial install notes
cgit: moving over to new static resources URL
pinyconfigs: apache2: move /srv/www to /srv/http and /srv/https
pinyadmin: newrepo: remove extraneous Piny::Repo ikiwiki_rebuild().
pinyadmin: newrepo: use full Piny::Repo rebuild();
This fixes a bug where apache_rebuild was skipped.
libpiny/debian/control: adding alternate package name for Digest::SHA1 in wheezy
pinyconfig: Get rid of redirect in default config
newpasshash: calling usermod with the correct flag might help
Initial shot at web-friendly (sadly PAM unfriendly...) password modification.
Piny::Repo: whoops, wrong reference name
Piny::Repo: Adding support for 0640+search
Repo: maybe i should learn to compile check before committing
Repo: Apache configs should really do things in the piny.ikiwiki=false case
Bringing Ikiwiki Username constraint in line with Reponame constraint (Debian Policy 5.6.1, 5.6.7)
pinyadmin: adding piny-ikiwiki-mass-rebuild
libpiny: Clarifying default ikiwiki setup file
libpiny: turn search on by default
Piny::Repo: Adding support for a global ikiwiki overrides file in /etc/ikiwiki/
Piny::Repo: fix cwd impermission problem by hardcoding a known-rx dir
Piny::Repo: Adding -H to sudo invocations to get rid of problems with unreadable homedirs.
cron: make pack-refs slightly friendlier to wacky non-piny setups.
cron: establish ownership of packed-refs
issue: invalid repository names: new
Shifting instances of SSLRequireSSL around so Piny can operate behind an SSL proxy
Add libcrypt-blowfish-perl to list of pinyweb Depends
adding rebuildrepo to sudoers.d
Bug: flooding home: new
Bug: lsaccess breaks in mixed repository management: new
Bug: disabled ikiwiki redirect: new
Disable htmlscrubber by default since most piny deployments are run by power users.
Switch umask back to 0022 because 0027 breaks everything and I don't remember why I ever set it that way.
Fix permissions on ikiwiki setup file
Adding --no-run-if-empty to attempt to chmod empty objects
Adding distinction between immutable and normal git file permissions
Bugfixes for core.sharedrepo
Fix wikilist.d removal
Using proper SSL settings and making a redirect for
Adding cgi support for source repos
newrepo.cgi: adding support for --enable/disable-ikiwiki
newrepo: migrating rebuild logic out of and making --enable/disable-ikiwiki work
Not the right place for this.
This reverts commit 6239ca4595858262ac42a5e743d76653c9e61c4a.
Piny::Repo->create: mostly fixing check for local remote
Hopefully better validation of local repos.
Real option parsing.
fixed previous commit