5 # usage: run it on some port, and then clone or fetch
6 # "git://<realhost>:<realport>/<real-git-url>[ <options>]"
7 # where <real-git-url> is http://<host>/... or git://<host>/...
8 # and <options> is zero or more (whitespace-separated) of
9 # [<some-option>] will be ignored if not recognised
10 # {<some-option>} error if not recognised
11 # options currently known:
12 # fetch=must fail if the fetch/clone from upstream fails
13 # fetch=no just use what is in the cache
14 # fetch=try use what is in the cache if the fetch/clone fails
15 # timeout=<seconds> length of time to allow for fetch/clone
17 # git-cache-proxy is free software; you can redistribute it and/or
18 # modify them under the terms of the GNU General Public License as
19 # published by the Free Software Foundation; either version 3, or (at
20 # your option) any later version.
22 # git-cache-proxy is distributed in the hope that it will be useful,
23 # but WITHOUT ANY WARRANTY; without even the implied warranty of
24 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
25 # General Public License for more details.
27 # You should have received a copy of the GNU General Public License along
28 # with this program; if not, consult the Free Software Foundation's
29 # website at www.fsf.org, or the GNU Project website at www.gnu.org.
31 # (Some code taken from userv-utils's git-daemon.in and git-service.in
32 # which were written by Tony Finch <dot@dotat.at> and subsequently
33 # heavily modified by Ian Jackson <ijackson@chiark.greenend.org.uk>
34 # and were released under CC0 1.0. The whole program is now GPLv3+.)
42 use Fcntl qw(:flock SEEK_SET);
43 use File::Path qw(remove_tree);
45 our $us = 'git-cache-proxy';
47 #---------- error handling and logging ----------
49 # This is a bit fiddly, because we want to catch errors sent to stderr
50 # and dump them to syslog if we can, but only if we are running as an
53 our $log; # filehandle (ref), or "1" meaning syslog
57 return ('(local)') unless defined $sockaddr;
58 my ($port,$addr) = sockaddr_in $sockaddr;
59 $addr = inet_ntoa $addr;
60 return ("[$addr]:$port",$addr,$port);
63 our ($client) = ntoa getpeername STDIN;
64 our ($server) = ntoa getsockname STDIN;
68 openlog $us, qw(pid), 'daemon';
74 if ($client eq '(local)') {
75 print STDERR "$us: $pri: $msg\n" or die $!;
79 my $mainmsg = sprintf "%s-%s: %s", $server, $client, $msg;
81 my $wholemsg = sprintf("%s [%d] %s: %s\n",
82 strftime("%Y-%m-%d %H:%M:%S Z", gmtime),
88 syslog $pri, $mainmsg;
92 if ($client ne '(local)') {
93 open STDERR, ">/dev/null" or exit 255;
94 open TEMPERR, "+>", undef or exit 255;
95 open STDERR, ">&TEMPERR" or exit 255;
99 if ($client ne '(local)') {
100 if ($?) { logm 'crit', "crashing ($?)"; }
101 seek TEMPERR, 0, SEEK_SET;
121 my $gitmsg = "ERR $us: $msg";
122 $gitmsg = substr($gitmsg,0,65535); # just in case
123 printf "%04x%s", length($gitmsg)+4, $gitmsg;
128 #---------- argument parsing ----------
130 our $housekeepingthreshdays = 1;
131 our $treeexpiredays = 21;
132 our $fetchtimeout = 1800;
133 our $maxfetchtimeout = 3600;
134 our $cachedir = '/var/cache/git-cache-proxy';
138 last unless $ARGV[0] =~ m/^-/;
144 open STDERR, ">>", $logfile or fail "open $logfile: $!";
146 } elsif (s/^-d(.*)$//) {
148 } elsif (s/^--(maxfetchtimeout|fetchtimeout)=(\d+)$//) {
151 fail "bad usage: unknown option `$_'";
156 !@ARGV or fail "bad usage: no non-option arguments permitted";
158 #---------- utility functions ----------
163 while ($length > length $buffer) {
164 my $ret = sysread STDIN, $buffer, $length, length $buffer;
165 fail "expected $length bytes, got ".length $buffer
166 if defined $ret and $ret == 0;
167 fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN;
172 #---------- main program ----------
174 chdir $cachedir or fail "chdir $cachedir: $!";
176 our ($service,$specpath,$spechost,$subdir);
177 our ($tmpd,$gitd,$lock);
182 logm 'info', "service `$specpath': $msg";
186 $SIG{ALRM} = sub { fail "timeout" };
189 my $hex_len = xread 4;
190 fail "Bad hex in packet length" unless $hex_len =~ m|^[0-9a-fA-F]{4}$|;
191 my $line = xread -4 + hex $hex_len;
192 unless (($service,$specpath,$spechost) = $line =~
193 m|^(git-[a-z-]+) /*([!-~ ]+)\0host=([!-~]+)\0$|) {
194 $line =~ s|[^ -~]+| |g;
195 gitfail "unknown/unsupported instruction `$line'"
200 $service eq 'git-upload-pack'
201 or gitfail "unknown/unsupported service `$service'";
203 $fetch = 2; # 0:don't; 1:try; 2:force
206 while ($url =~ s#\s+(\[)([^][{}]+)\]$## ||
207 $url =~ s#\s+(\{)([^][{}]+)\}$##) {
209 my $must = $1 eq '{';
210 if (m/^fetch=try$/) {
212 } elsif (m/^fetch=no$/) {
214 } elsif (m/^fetch=must$/) {
215 $fetch = 2; # the default
216 } elsif (m/^timeout=(\d+)$/) {
217 $fetchtimeout = $1 <= $maxfetchtimeout ? $1 : $maxfetchtimeout;
219 gitfail "unknown/unsupported option `$_'";
223 $url =~ m{^(?:https?|git)://[-.0-9a-z]+/}
224 or gitfail "unknown/unsupported url scheme or format `$url'";
227 $subdir =~ s|\\|\\\\|g;
228 $subdir =~ s|,|\\,|g;
231 $tmpd= "$subdir\\.tmp";
232 $gitd= "$subdir\\.git";
233 $lock = "$subdir\\.lock";
239 open LOCK, "+>", $lock or fail "open/create $lock: $!";
240 flock LOCK, LOCK_EX or fail "lock exclusive $lock: $!";
242 my $exists = lstat $gitd;
243 $exists or $!==ENOENT or fail "lstat $gitd: $!";
252 system qw(rm -rf --), $tmpd;
253 @cmd = (qw(git clone -q --mirror), $url, $tmpd);
256 @cmd = (qw(git remote update --prune));
259 my $cmd = "@cmd[0..1]";
261 my $child = open FETCHERR, "-|";
262 defined $child or fail "fork: $!";
265 chdir $gitd or fail "chdir $gitd: $!";
267 setpgrp or fail "setpgrp: $!";
268 open STDERR, ">&STDOUT" or fail "redirect stderr: $!";
269 exec @cmd or fail "exec $cmd[0]: $!";
275 local $SIG{ALRM} = sub {
276 servinfo "fetch/clone timeout";
277 $timedout=1; kill 9, -$child;
279 alarm($fetchtimeout);
280 $!=0; { local $/=undef; $fetcherr = <FETCHERR>; }
281 !FETCHERR->error or fail "read pipe from fetch/clone: $!";
285 kill -9, $child or fail "kill fetch/clone: $!";
286 $!=0; $?=0; if (!close FETCHERR) {
287 fail "reap fetch/clone: $!" if $!;
289 !($? & 255) ? "$cmd died with error exit code ".($? >> 8) :
290 $? != 9 ? "$cmd died due to fatal signa, status $?" :
291 $timedout ? "$cmd timed out (${fetchtimeout}s)" :
292 "$cmd died due to unexpected SIGKILL";
293 if (length $fetcherr) {
294 $fetchfail .= "\n$fetcherr";
295 $fetchfail =~ s/\n$//;
296 $fetchfail =~ s{\n}{ // }g;
301 servinfo "fetch/clone failed: $fetchfail";
306 rename $tmpd, $gitd or fail "rename fresh $tmpd to $gitd: $!";
310 $fetchfail = 'not attempted';
314 gitfail "no cached data, and not cloned: $fetchfail";
318 flock LOCK, LOCK_UN or fail "unlock $lock: $!";
319 flock LOCK, LOCK_SH or fail "lock shared $lock: $!";
320 # actually, just relocking as shared would have the same semantics
321 # but it's best to be explicit
326 $!==ENOENT or fail "chdir $gitd: $!";
328 # Well, err, someone must have taken the lock in between
329 # and garbage collected it. How annoying.
333 sub housekeeping () {
334 foreach $lock (<[a-z]*\\.lock>) {
336 $! == ENOENT or fail "housekeeping: $lock: lstat: $!";
339 if (-M _ <= $treeexpiredays) {
340 logm 'debug', "housekeeping: $lock: not too old";
343 my $subdir = $lock; $subdir =~ s/\\.lock$//;
345 foreach my $suffix (qw(tmp git)) {
346 my $dir = "${subdir}\\.$suffix";
348 remove_tree($dir, { safe=>1, error=>\$errs });
350 foreach my $err (@$errs) {
351 logm 'warning', "problem deleting: $err[0]: $err[1]";
357 sub housekeepingcheck ($$) {
358 my ($dofork, $force) = @_;
359 open HLOCK, "+>", "Housekeeping.lock"
360 or fail "open/create Housekeeping.lock: $!";
362 if (flock HLOCK, LOCK_EX|LOCK_NB) {
363 logm 'debug', "housekeeping lock taken, not running";
369 logm 'info', "housekeeping forced";
370 } elsif (!lstat "Housekeeping.stamp") {
371 $! == ENOENT or fail "lstat Housekeeping.stamp: $!";
372 logm 'info', "housekeeping stamp missing, will run";
373 } elsif (-M _ <= $housekeepingthreshdays) {
374 logm 'debug', "housekeeping done recently";
380 defined $child or fail "fork for housekeeping: $!";
393 servinfo "servicing";
394 exec qw(git-upload-pack --strict --timeout=1000 .)
395 or fail "exec git-upload-pack: $!";
398 sub daemonservice () {
400 while (!clonefetch()) { }