GitLab

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

This wasn't matching up with what's suggested in doc/maintenance.
This patch resolves that inconsistency.
Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

This variable allows users to override the logging.conf used
for Python logging configuration. By default, this is set
to logging.conf, which is a production config. LOG_CONFIG
is treated relative to [options] aurwebdir.

This patch allows us to specify the logging config as opposed
to copying over logging.conf in our test docker and gitlab
test scripts, as well as ease-of-testing as a developer.
Signed-off-by: Kevin Morris <kevr@0cost.org>

This was left in when we removed logging.prod.conf in a
previous patch. `test-mysql-entrypoint.sh` takes care of
test logging for us now, so this section is unnecessary.

Closes #261

Signed-off-by: Kevin Morris <kevr@0cost.org>

This patch cleans up aurweb.templates and removes direct
module-level initialization of the environment.
Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

We heavily attempt to provide easy use of poetry virtualenvs
with aurweb in this revision of the INSTALL file. Added a
section about cron jobs and updated the nginx config example
with a lot more detail and locations for other parts of
the AUR infrastructure.
Signed-off-by: Kevin Morris <kevr@0cost.org>

This introduces examples of a gunicorn systemd service in
addition to git script wrappers that can be used for poetry
virtualenv-driven installations.
Signed-off-by: Kevin Morris <kevr@0cost.org>

No longer needed; logging.conf, which is the default config
used, is now setup for production INFO logging.
Signed-off-by: Kevin Morris <kevr@0cost.org>

We'll override logging.conf with logging.test.conf for debug logging
needed for tests now, so we can rely on the default logging.conf
for production use.
Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

- On non-localhost communication, this whitelists forwarded headers
  on all remote ips
- Add more headers
- Force https X-Forwarded-Proto
- Unset Forwarded header and rely on X-Forwarded-*
Signed-off-by: Kevin Morris <kevr@0cost.org>

When the Docker image is outdated, we need to fetch updated
archlinux-keyring keys to perform an -Syu without problems.
Signed-off-by: Kevin Morris <kevr@0cost.org>

Added the rest:
- aurweb-pkgmaint
- aurweb-usermaint
- aurweb-tuvotereminder
- aurweb-popupdate
Signed-off-by: Kevin Morris <kevr@0cost.org>

This patch brings in the use of .with_entities on our
RPC search query. This primarily fixes performance issues
we were seeing with large queries.

That being said, we do see a bit of a slowdown on
large record count rpc queries, but it's quite negligible
at this point.

We still do aim to perform better than the older PHP
implementation, so this is not a finishing patch by
any means.
Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Closes #255

Signed-off-by: Kevin Morris <kevr@0cost.org>

We were allowing erroneous URLs through, raising exceptions,
from e.g. `http://[localhost:8444/blah`. This patch catches
any ValueErrors raised during the parse process and returns
False, indicating that the validation failed.

This patch also adds testing specifically for `util.valid_homepage`.
We didn't have specific testing for this before; this will allow us
to catch regressions in this area.

Closes #250

Signed-off-by: Kevin Morris <kevr@0cost.org>

Without this rewriting, we've been running into conversing with
HTTP over HTTPS (400 Bad Request).

TODO: Refactor this entire nginx config to something a bit more
simple and clean.
Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>

Signed-off-by: Kevin Morris <kevr@0cost.org>