5 # usage: run it on some port, and then clone or fetch
6 # "git://<realhost>:<realport>/<real-git-url>[ <options>]"
7 # where <real-git-url> is http://<host>/... or git://<host>/...
8 # and <options> is zero or more (whitespace-separated) of
9 # [<some-option>] will be ignored if not recognised
10 # {<some-option>} error if not recognised
11 # options currently known:
12 # fetch=must fail if the fetch/clone from upstream fails
13 # fetch=no just use what is in the cache
14 # fetch=try use what is in the cache if the fetch/clone fails
15 # timeout=<seconds> length of time to allow for fetch/clone
17 # example inetd.conf line:
18 # 9419 stream tcp nowait git-cache /usr/bin/git-cache-proxy git-cache-proxy
21 # mkdir /var/cache/git-cache-proxy
22 # chown git-cache /var/cache/git-cache-proxy
25 # Copyright 2010 Tony Finch
26 # Copyright 2013 Ian Jackson
28 # git-cache-proxy is free software; you can redistribute it and/or
29 # modify them under the terms of the GNU General Public License as
30 # published by the Free Software Foundation; either version 3, or (at
31 # your option) any later version.
33 # git-cache-proxy is distributed in the hope that it will be useful,
34 # but WITHOUT ANY WARRANTY; without even the implied warranty of
35 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
36 # General Public License for more details.
38 # You should have received a copy of the GNU General Public License along
39 # with this program; if not, consult the Free Software Foundation's
40 # website at www.fsf.org, or the GNU Project website at www.gnu.org.
42 # (Some code taken from userv-utils's git-daemon.in and git-service.in
43 # which were written by Tony Finch <dot@dotat.at> and subsequently
44 # heavily modified by Ian Jackson <ijackson@chiark.greenend.org.uk>
45 # and were released under CC0 1.0. The whole program is now GPLv3+.)
53 use Fcntl qw(:flock SEEK_SET);
54 use File::Path qw(remove_tree);
56 our $us = 'git-cache-proxy';
59 our $housekeepingeverydays = 1;
60 our $treeexpiredays = 21;
61 our $fetchtimeout = 1800;
62 our $maxfetchtimeout = 3600;
63 our $cachedir = '/var/cache/git-cache-proxy';
64 our $housekeepingonly = 0;
66 #---------- error handling and logging ----------
68 # This is a bit fiddly, because we want to catch errors sent to stderr
69 # and dump them to syslog if we can, but only if we are running as an
72 our $log; # filehandle (ref), or "1" meaning syslog
76 return ('(local)') unless defined $sockaddr;
77 my ($port,$addr) = sockaddr_in $sockaddr;
78 $addr = inet_ntoa $addr;
79 return ("[$addr]:$port",$addr,$port);
82 our ($client) = ntoa getpeername STDIN;
83 our ($server) = ntoa getsockname STDIN;
87 openlog $us, qw(pid), 'daemon';
93 return if $pri eq 'debug' && !$debug;
94 if ($client eq '(local)') {
95 print STDERR "$us: $pri: $msg\n" or die $!;
99 my $mainmsg = sprintf "%s-%s: %s", $server, $client, $msg;
101 my $wholemsg = sprintf("%s [%d] %s: %s\n",
102 strftime("%Y-%m-%d %H:%M:%S Z", gmtime),
104 $pri eq 'err' ? 'error' : $pri,
106 print $log $wholemsg;
108 syslog $pri, "%s", "$pri $mainmsg";
112 if ($client ne '(local)') {
113 open STDERR, ">/dev/null" or exit 255;
114 open TEMPERR, "+>", undef or exit 255;
115 open STDERR, ">&TEMPERR" or exit 255;
119 if ($client ne '(local)') {
120 if ($?) { logm 'crit', "crashing ($?)"; }
121 seek TEMPERR, 0, SEEK_SET;
141 my $gitmsg = "ERR $us: $msg";
142 $gitmsg = substr($gitmsg,0,65535); # just in case
143 printf "%04x%s", length($gitmsg)+4, $gitmsg;
148 #---------- argument parsing ----------
152 last unless $ARGV[0] =~ m/^-/;
160 } elsif (s/^-L(.*)$//) {
162 open STDERR, ">>", $logfile or fail "open $logfile: $!";
164 } elsif (s/^-d(.*)$//) {
166 } elsif (s/^--( max-fetch-timeout
169 | housekeeping-interval-days
173 die $vn unless defined ${ $::{$vn} };
176 fail "bad usage: unknown option `$_'";
181 !@ARGV or fail "bad usage: no non-option arguments permitted";
183 #---------- utility functions ----------
186 my ($fh, $fn, $flockmode) = @_;
187 my $what = $fn.(($flockmode & ~LOCK_NB) == LOCK_SH ? " (shared)" : "");
190 open $fh, '+>', $fn or fail "open/create $fn for lock: $!";
191 logm 'debug', "lock $what: acquiring";
192 if (!flock $fh, $flockmode) {
193 if ($flockmode & LOCK_NB && $! == EWOULDBLOCK) {
196 fail "lock $what: $!";
198 stat $fh or fail "stat opened $fn: $!";
199 my $fh_ino = ((stat _)[1]);
201 $! == ENOENT or fail "stat $fn: $!";
204 my $fn_ino = ((stat _)[1]);
205 if ($fn_ino == $fh_ino) {
206 logm 'debug', "lock $what: acquired";
209 logm 'debug', "lock $what: deleted, need to loop again";
217 while ($length > length $buffer) {
218 my $ret = sysread STDIN, $buffer, $length, length $buffer;
219 fail "expected $length bytes, got ".length $buffer
220 if defined $ret and $ret == 0;
221 fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN;
226 #---------- main program ----------
228 chdir $cachedir or fail "chdir $cachedir: $!";
230 our ($service,$specpath,$spechost,$subdir);
231 our ($tmpd,$gitd,$lock);
236 logm 'info', "service `$specpath': $msg";
240 $SIG{ALRM} = sub { fail "timeout" };
243 my $hex_len = xread 4;
244 fail "Bad hex in packet length" unless $hex_len =~ m|^[0-9a-fA-F]{4}$|;
245 my $line = xread -4 + hex $hex_len;
246 unless (($service,$specpath,$spechost) = $line =~
247 m|^(git-[a-z-]+) /*([!-~ ]+)\0host=([!-~]+)\0$|) {
248 $line =~ s|[^ -~]+| |g;
249 gitfail "unknown/unsupported instruction `$line'"
254 $service eq 'git-upload-pack'
255 or gitfail "unknown/unsupported service `$service'";
257 $fetch = 2; # 0:don't; 1:try; 2:force
260 while ($url =~ s#\s+(\[)([^][{}]+)\]$## ||
261 $url =~ s#\s+(\{)([^][{}]+)\}$##) {
263 my $must = $1 eq '{';
264 if (m/^fetch=try$/) {
266 } elsif (m/^fetch=no$/) {
268 } elsif (m/^fetch=must$/) {
269 $fetch = 2; # the default
270 } elsif (m/^timeout=(\d+)$/ && $1 >= 1) {
271 $fetchtimeout = $1 <= $maxfetchtimeout ? $1 : $maxfetchtimeout;
273 gitfail "unknown/unsupported option `$_'";
277 $url =~ m{^(?:https?|git)://[-.0-9a-z]+/}
278 or gitfail "unknown/unsupported url scheme or format `$url'";
281 $subdir =~ s|\\|\\\\|g;
282 $subdir =~ s|,|\\,|g;
285 $tmpd= "$subdir\\.tmp";
286 $gitd= "$subdir\\.git";
287 $lock = "$subdir\\.lock";
293 lockfile \*LOCK, $lock, LOCK_EX;
295 my $exists = lstat $gitd;
296 $exists or $!==ENOENT or fail "lstat $gitd: $!";
305 system qw(rm -rf --), $tmpd;
306 @cmd = (qw(git clone -q --mirror), $url, $tmpd);
309 @cmd = (qw(git remote update --prune));
312 my $cmd = "@cmd[0..1]";
314 my $child = open FETCHERR, "-|";
315 defined $child or fail "fork: $!";
318 chdir $gitd or fail "chdir $gitd: $!";
320 setpgrp or fail "setpgrp: $!";
321 open STDERR, ">&STDOUT" or fail "redirect stderr: $!";
322 exec @cmd or fail "exec $cmd[0]: $!";
328 local $SIG{ALRM} = sub {
329 servinfo "fetch/clone timeout";
330 $timedout=1; kill 9, -$child;
332 alarm($fetchtimeout);
333 $!=0; { local $/=undef; $fetcherr = <FETCHERR>; }
334 !FETCHERR->error or fail "read pipe from fetch/clone: $!";
338 kill -9, $child or fail "kill fetch/clone: $!";
339 $!=0; $?=0; if (!close FETCHERR) {
340 fail "reap fetch/clone: $!" if $!;
342 !($? & 255) ? "$cmd died with error exit code ".($? >> 8) :
343 $? != 9 ? "$cmd died due to fatal signa, status $?" :
344 $timedout ? "$cmd timed out (${fetchtimeout}s)" :
345 "$cmd died due to unexpected SIGKILL";
346 if (length $fetcherr) {
347 $fetchfail .= "\n$fetcherr";
348 $fetchfail =~ s/\n$//;
349 $fetchfail =~ s{\n}{ // }g;
354 servinfo "fetch/clone failed: $fetchfail";
359 rename $tmpd, $gitd or fail "rename fresh $tmpd to $gitd: $!";
363 $fetchfail = 'not attempted';
367 gitfail "no cached data, and not cloned: $fetchfail";
371 lockfile \*LOCK, $lock, LOCK_SH; # NB releases and relocks
376 $!==ENOENT or fail "stat $gitd: $!";
378 # Well, err, someone must have taken the lock in between
379 # and garbage collected it. How annoying.
383 sub hkfail ($) { my ($msg) = @_; fail "housekeeping: $msg"; }
385 sub housekeeping () {
386 logm 'info', "housekeeping started";
387 foreach $lock (<[a-z]*\\.lock>) {
388 my $subdir = $lock; $subdir =~ s/\\.lock$//;
390 $! == ENOENT or hkfail "$lock: lstat: $!";
393 if (-M _ <= $treeexpiredays) {
394 logm 'debug', "housekeeping: subdirs $subdir: touched recently";
397 if (!lockfile \*LOCK, $lock, LOCK_EX|LOCK_NB) {
398 logm 'info', "housekeeping: subdirs $subdir: lock busy, skipping";
401 logm 'info', "housekeeping: subdirs $subdir: cleaning";
403 foreach my $suffix (qw(tmp git)) {
404 my $dir = "${subdir}\\.$suffix";
406 remove_tree($dir, { safe=>1, error=>\$errs });
409 logm 'warning', "housekeeping: $dir: problems with".
410 "deletion prevent cleanup:";
411 foreach my $err (@$errs) {
412 logm 'info', "problem deleting: $err->[0]: $err->[1]";
417 unlink $lock or hkfail "remove $lock: $!";
420 open HS, ">", "Housekeeping.stamp" or hkfail "touch Housekeeping.stamp: $!";
421 close HS or hkfail "close Housekeeping.stamp: $!";
422 logm 'info', "housekeeping finished";
425 sub housekeepingcheck ($$) {
426 my ($dofork, $force) = @_;
428 if (!lockfile \*HLOCK, "Housekeeping.lock", LOCK_EX|LOCK_NB) {
429 logm 'debug', "housekeeping lock taken, not running";
435 logm 'info', "housekeeping forced";
436 } elsif (!lstat "Housekeeping.stamp") {
437 $! == ENOENT or fail "lstat Housekeeping.stamp: $!";
438 logm 'info', "housekeeping not done yet, will run";
439 } elsif (-M _ <= $housekeepingeverydays) {
440 logm 'debug', "housekeeping done recently";
446 defined $child or hkfail "fork: $!";
461 chdir $gitd or fail "chdir $gitd: $!";
463 exec qw(git-upload-pack --strict --timeout=1000 .)
464 or fail "exec git-upload-pack: $!";
467 sub daemonservice () {
469 while (!clonefetch()) { }
470 housekeepingcheck(1,0);
474 if ($housekeepingonly) {
475 housekeepingcheck(0, $housekeepingonly>=2);