Add git.sr.ht docs

1 files changed, 85 insertions, 0 deletions

diff --git a/git.sr.ht/installation.md b/git.sr.ht/installation.md
new file mode 100644
index 0000000..f72c1ab
--- /dev/null
+++ b/git.sr.ht/installation.md
@@ -0,0 +1,85 @@
+git.sr.ht is the git repository hosting service for the sr.ht network.
+
+# Installation
+
+git.sr.ht is a standard sr.ht web service and can be installed through the
+[standard procedure](/installation.md). However, there are several additional
+steps required.
+
+## Repository storage
+
+You will need to set up a directory for repositories to be stored in - we
+suggest `/var/lib/git/`. Also configure a `git` user and assign ownership over
+`/var/lib/git/` to this user. The git.sr.ht package will automatically prepare
+these for you. If you do not use the package, you must create the user yourself
+and ensure that the git.sr.ht web application runs as this user.
+
+## cgit
+
+Presently git.sr.ht's repository viewer is designed as a proxy to
+[cgit](https://git.zx2c4.com/cgit/). This is eventually going to change, but
+for the time being you must install and configure cgit on your server. Set your
+cgitrc file to the following configuration:
+
+    virtual-root=/
+    enable-index-owner=0
+    embedded=1
+    noheader=1
+    source-filter=/usr/lib/cgit/filters/syntax-highlighting.py
+    clone-url=__CLONE_URL__
+    snapshots=tar.xz
+    scan-path=/var/lib/git/
+    readme=:README
+    readme=:readme
+
+Then configure nginx to serve cgit to localhost with something like this:
+
+	server {
+		listen 80;
+		server_name cgit.local;
+		root /usr/share/webapps/cgit;
+		try_files $uri @cgit;
+
+		location @cgit {
+			include             fastcgi_params;
+			fastcgi_param       SCRIPT_FILENAME $document_root/cgit.cgi;
+			fastcgi_param       PATH_INFO       $uri;
+			fastcgi_param       QUERY_STRING    $args;
+			fastcgi_param       HTTP_HOST       $server_name;
+			fastcgi_pass        unix:/run/fcgiwrap.sock;
+		}
+	}
+
+Update your git.sr.ht configuration accordingly:
+
+    [cgit]
+    remote=http://cgit.local
+    repos=/var/lib/git/
+
+## SSH dispatch
+
+It is necessary to configure git.sr.ht's SSH dispatcher as the system-wide SSH
+authorization hook. In `/etc/ssh/sshd_config`, configure git-srht-dispatch like
+so:
+
+    AuthorizedKeysCommand=/usr/bin/git-srht-dispatch "%u" "%h" "%t" "%k"
+    AuthorizedKeysUser=root
+
+sshd will invoke our dispatcher whenever a connection is made to the server to
+obtain a list of authorized keys for the connecting user. The default behavior
+is to read the `.ssh/authorized_keys` file from that user's HOME directory, but
+the dispatcher can also "dispatch" to other authentication tools for other
+users. This is used to authorize and perform git operations via the
+`git-srht-keys` and `git-srht-shell`. See the `[dispatch]` section of your
+git.sr.ht configuration for details on how this works and how to configure it
+for additional services (e.g. man.sr.ht).
+
+Authorization logs are written to `/var/log/git-srht-dispatch` and
+`git-srht-shell`.
+
+## Cronjobs
+
+You must also configure `git-srht-periodic` to run periodically with your
+favorite cron daemon. We recommend the following crontab:
+
+    */20 * * * * git-srht-periodic