Website Demo

One of gotsysd(8)'s features is its ability to let users manage their repositories directly from gotsys.conf(5). For example, all server configurations will initially contain the following snippet:

    repository gotsys {
      permit rw flan_hacker
    }
    

This declares a repository named gotsys and allows flan_hacker to read and write to it. That is, the flan_hacker user is allowed to clone and send new changes to the repository.

The gotsys repository is special, as it lets users manage their repository space by committing changes to it. However, it is declared as any other repository. For example, the following snippet creates three new repositories:

    repository "vmm_clock" {
      permit rw flan_hacker
      head master
    }
    repository "virtio_vmmci" {
      permit rw flan_hacker
      permit ro anonymous
      head master
    }
    repository "private_repo" {
      permit rw flan_hacker
    }
    

Just like with the gotsys repository, three new repositories are declared that can be read and written to by the flan_hacker user. The repository virtio_vmmci also allows the anonymous user to clone it, but not to send new changes to it, as it is declared with the ro mode (read-only). Repositories that are readable by the anonymous user will include a clone url in the summary of the repository when browsing it with a web browser.

The head directive is used for both public repositories to point the repository's symbolic HEAD reference at the master branch, which would otherwise point to the default main branch.

It is worth noting that there is currently no way to rename or delete repositories via gotsys.conf(5). However, existing repositories that are no longer mentioned in the configuration will be inaccessible, as if they had been declared without any access rules.

A good way to personalize a repository space is by assigning it a custom domain. This can be done as follows:

1. Create a DNS A-record using the registrar of your choice, and point it at the IP address of your virtual machine. You can find this IP in the welcome E-Mail you received when first booking your subscription.

2. Contact an administrator and let them know about the custom domain you'd like to use. You will receive a confirmation informing you that the domain has been configured.

3. Lastly, configure a web server in gotsys.conf(5) using the custom domain. For example, the following snippet configures one for no.vmmbugs.net:

       web server no.vmmbugs.net {
         site owner "Vmm Hacker"
       }
       

The Game of Trees Hub configures all web servers with authentication enabled by default. This requires visitors to log in before accessing repositories or a website. To allow anyone to authenticate, the anonymous user can be used:

    web server no.vmmbugs.net {
      site owner "Vmm Hacker"
      permit anonymous
    }
    

This will present all visitors with a login screen and instructions on how to authenticate over ssh when visiting no.vmmbugs.net.

In order to allow only specific users to authenticate, those users must first be declared with the user directive:

    user flan_hacker {
      authorized key ssh-ed25519 <base64-encoded key> flan_hacker@gothub.org
    }
    web server no.vmmbugs.net {
      site owner "Vmm Hacker"
      permit flan_hacker
    }
    

In this case, visitors won't be presented with instructions on how to authenticate, as it is expected from the permitted user to know how to do so.

The permit and deny directives can be set for all repositories on a web server, like in the example above, or per-repository using the repository directive within the web server block.

As a nice bonus, enabling authentication gives repositories and websites an added layer of protection against scraping bots.

When first configuring a web server, the repository index will be empty by default. This is because web servers on the Game of Trees Hub are initially configured to hide all repositories, preventing the accidental leakage of private repositories. This behaviour can be configured by using repository-specific parameters.

Repository-specific parameters can be set by using the repository directive inside a web server block. For example, the following snippet configures all repositories to be hidden by default, and selectively unhides two repositories.

    web server no.vmmbugs.net {
      site owner "Vmm Hacker"
      permit anonymous
      hide repositories on
      repository "vmm_clock" {
        hide repository off
      }
      repository "virtio_vmmci" {
        hide repository off
      }
    }
    

Alternatively, repositories can be made visible by default and private repositories can be hidden as needed.

    web server no.vmmbugs.net {
      site owner "Vmm Hacker"
      permit anonymous
      hide repositories off
      repository "private_repo" {
        hide repository on
      }
    }
    

Invalid configurations will be automatically rejected by the server when sending changes to it. To avoid this, configurations can be validated before committing any changes with the following gotsys(1) command:

    $ gotsys check -f /path/to/gotsys.conf
    

This will report any errors in the configuration. Once there are no more errors, the command will output configuration OK, at which point changes can be safely sent to the server.