avp::ptr weblog

Everything that is in our mind.

Repository visualization

without comments

I came across gource, a nice open-source tool for visualizing repositories. It supports Git, Mercurial, Bazaar and SVN.

The following video shows one of our project repositories:

DrawingLife git repository visualization from avp::ptr on Vimeo.

Written by peter

February 23rd, 2011 at 10:00 am

Posted in Uncategorized

Tagged with , , ,

How to update your web site using git?

without comments

There is a smart way to keep your web site up-to-date when you use a git repository to manage your HTML sources. You can use a post-receive hook to immediately send changes to your httpdocs folder whenever you push changes to the repository. Here are the actions to do.

  1. Grant write access to the httpdocs folder for the user/group git.
  2. Add a detached worktree to the git configuration.
  3. Add the checkout command to the post-receive hook.

1. Grant write access to the httpdocs folder for the user/group git

You need to enable the user that runs the post-receive hook to write to the webserver folder. The user typically is git or the group git. Edit the sudoer file using the visudo command to grant access to the aforementioned folder.

%git ALL=(ALL) NOPASSWD: /usr/bin/git

Read this documentation to understand the sudoer file and another helpful posting from Gilles on sudoer parameters. My best regards go out to Abhijit Menon-Sen who helped me to understand the sudoer commands.

2. Add a detached worktree to the git configuration.

Following the tutorial of Abhijit Menon-Sen on “using git to manager a web site” you need to change your configuration as follows.

$ git config core.worktree /var/www/www.domain.com/httpdocs/
$ git config core.bare false
$ git config receive.denycurrentbranch ignore

3. Add the checkout command to the post-receive hook.

Finally add the command to the post-receive script that will update your web site httpdocs folder.

$ sudo git checkout -f

The git checkout command is run in the context of the root user. This context switch is allowed via the sudoer file edited earlier. The switch is necessary to gain write access to the location of the detached worktree which is httpdocs.

Written by tobi

October 2nd, 2010 at 2:22 pm

How to deactivate the server signature for Apache2?

without comments

Every time a url is requested that does not exist on a webserver an error page is displayed. By default, the page is trailed by the signature of the server. The signature includes information about the webserver version, the operating system, installed modules like PHP, Python, SSL and many more.

As everyone knows, there is no software out there without security problems. Those versions of the installed modules can be used to attack the server. Therefore, it is a good idea to reduce or deactivate the signature.

The apache configuration file apache2.conf contains two settings that allow modifications for this subject. The default settings are displayed here.

ServerSignature = Full
ServerTokens = Prod

The following screenshot shows what would be displayed with the setting:

ServerSignature = Prod

Apache configuration: ServerTokens = Prod
The apache documentation provides more information and examples on how to change the signature.

Another way to display the information attached to the server signature is to use a browser extension.

Written by tobi

September 29th, 2010 at 7:58 pm