5 # usage: run it on some port, and then clone or fetch
6 # "git://<realhost>:<realport>/<real-git-url>[ <options>]"
7 # where <real-git-url> is http://<host>/... or git://<host>/...
8 # and <options> is zero or more (whitespace-separated) of
9 # [<some-option>] will be ignored if not recognised
10 # {<some-option>} error if not recognised
11 # options currently known:
12 # fetch=must fail if the fetch/clone from upstream fails
13 # fetch=no just use what is in the cache
14 # fetch=try use what is in the cache if the fetch/clone fails
15 # timeout=<seconds> length of time to allow for fetch/clone
17 # git-cache-proxy is free software; you can redistribute it and/or
18 # modify them under the terms of the GNU General Public License as
19 # published by the Free Software Foundation; either version 3, or (at
20 # your option) any later version.
22 # git-cache-proxy is distributed in the hope that it will be useful,
23 # but WITHOUT ANY WARRANTY; without even the implied warranty of
24 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
25 # General Public License for more details.
27 # You should have received a copy of the GNU General Public License along
28 # with this program; if not, consult the Free Software Foundation's
29 # website at www.fsf.org, or the GNU Project website at www.gnu.org.
31 # (Some code taken from userv-utils's git-daemon.in and git-service.in
32 # which were written by Tony Finch <dot@dotat.at> and subsequently
33 # heavily modified by Ian Jackson <ijackson@chiark.greenend.org.uk>
34 # and were released under CC0 1.0. The whole program is now GPLv3+.)
42 use Fcntl qw(:flock SEEK_SET);
43 use File::Path qw(remove_tree);
45 our $us = 'git-cache-proxy';
48 our $housekeepingeverydays = 1;
49 our $treeexpiredays = 21;
50 our $fetchtimeout = 1800;
51 our $maxfetchtimeout = 3600;
52 our $cachedir = '/var/cache/git-cache-proxy';
53 our $housekeepingonly = 0;
55 #---------- error handling and logging ----------
57 # This is a bit fiddly, because we want to catch errors sent to stderr
58 # and dump them to syslog if we can, but only if we are running as an
61 our $log; # filehandle (ref), or "1" meaning syslog
65 return ('(local)') unless defined $sockaddr;
66 my ($port,$addr) = sockaddr_in $sockaddr;
67 $addr = inet_ntoa $addr;
68 return ("[$addr]:$port",$addr,$port);
71 our ($client) = ntoa getpeername STDIN;
72 our ($server) = ntoa getsockname STDIN;
76 openlog $us, qw(pid), 'daemon';
82 return if $pri eq 'debug' && !$debug;
83 if ($client eq '(local)') {
84 print STDERR "$us: $pri: $msg\n" or die $!;
88 my $mainmsg = sprintf "%s-%s: %s", $server, $client, $msg;
90 my $wholemsg = sprintf("%s [%d] %s: %s\n",
91 strftime("%Y-%m-%d %H:%M:%S Z", gmtime),
93 $pri eq 'err' ? 'error' : $pri,
97 syslog $pri, "%s", "$pri $mainmsg";
101 if ($client ne '(local)') {
102 open STDERR, ">/dev/null" or exit 255;
103 open TEMPERR, "+>", undef or exit 255;
104 open STDERR, ">&TEMPERR" or exit 255;
108 if ($client ne '(local)') {
109 if ($?) { logm 'crit', "crashing ($?)"; }
110 seek TEMPERR, 0, SEEK_SET;
130 my $gitmsg = "ERR $us: $msg";
131 $gitmsg = substr($gitmsg,0,65535); # just in case
132 printf "%04x%s", length($gitmsg)+4, $gitmsg;
137 #---------- argument parsing ----------
141 last unless $ARGV[0] =~ m/^-/;
149 } elsif (s/^-L(.*)$//) {
151 open STDERR, ">>", $logfile or fail "open $logfile: $!";
153 } elsif (s/^-d(.*)$//) {
155 } elsif (s/^--( max-fetch-timeout
158 | housekeeping-interval-days
162 die $vn unless defined ${ $::{$vn} };
165 fail "bad usage: unknown option `$_'";
170 !@ARGV or fail "bad usage: no non-option arguments permitted";
172 #---------- utility functions ----------
175 my ($fh, $fn, $flockmode) = @_;
176 my $what = $fn.(($flockmode & ~LOCK_NB) == LOCK_SH ? " (shared)" : "");
179 open $fh, '+>', $fn or fail "open/create $fn for lock: $!";
180 logm 'debug', "lock $what: acquiring";
181 if (!flock $fh, $flockmode) {
182 if ($flockmode & LOCK_NB && $! == EWOULDBLOCK) {
185 fail "lock $what: $!";
187 stat $fh or fail "stat opened $fn: $!";
188 my $fh_ino = ((stat _)[1]);
190 $! == ENOENT or fail "stat $fn: $!";
193 my $fn_ino = ((stat _)[1]);
194 if ($fn_ino == $fh_ino) {
195 logm 'debug', "lock $what: acquired";
198 logm 'debug', "lock $what: deleted, need to loop again";
206 while ($length > length $buffer) {
207 my $ret = sysread STDIN, $buffer, $length, length $buffer;
208 fail "expected $length bytes, got ".length $buffer
209 if defined $ret and $ret == 0;
210 fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN;
215 #---------- main program ----------
217 chdir $cachedir or fail "chdir $cachedir: $!";
219 our ($service,$specpath,$spechost,$subdir);
220 our ($tmpd,$gitd,$lock);
225 logm 'info', "service `$specpath': $msg";
229 $SIG{ALRM} = sub { fail "timeout" };
232 my $hex_len = xread 4;
233 fail "Bad hex in packet length" unless $hex_len =~ m|^[0-9a-fA-F]{4}$|;
234 my $line = xread -4 + hex $hex_len;
235 unless (($service,$specpath,$spechost) = $line =~
236 m|^(git-[a-z-]+) /*([!-~ ]+)\0host=([!-~]+)\0$|) {
237 $line =~ s|[^ -~]+| |g;
238 gitfail "unknown/unsupported instruction `$line'"
243 $service eq 'git-upload-pack'
244 or gitfail "unknown/unsupported service `$service'";
246 $fetch = 2; # 0:don't; 1:try; 2:force
249 while ($url =~ s#\s+(\[)([^][{}]+)\]$## ||
250 $url =~ s#\s+(\{)([^][{}]+)\}$##) {
252 my $must = $1 eq '{';
253 if (m/^fetch=try$/) {
255 } elsif (m/^fetch=no$/) {
257 } elsif (m/^fetch=must$/) {
258 $fetch = 2; # the default
259 } elsif (m/^timeout=(\d+)$/ && $1 >= 1) {
260 $fetchtimeout = $1 <= $maxfetchtimeout ? $1 : $maxfetchtimeout;
262 gitfail "unknown/unsupported option `$_'";
266 $url =~ m{^(?:https?|git)://[-.0-9a-z]+/}
267 or gitfail "unknown/unsupported url scheme or format `$url'";
270 $subdir =~ s|\\|\\\\|g;
271 $subdir =~ s|,|\\,|g;
274 $tmpd= "$subdir\\.tmp";
275 $gitd= "$subdir\\.git";
276 $lock = "$subdir\\.lock";
282 lockfile \*LOCK, $lock, LOCK_EX;
284 my $exists = lstat $gitd;
285 $exists or $!==ENOENT or fail "lstat $gitd: $!";
294 system qw(rm -rf --), $tmpd;
295 @cmd = (qw(git clone -q --mirror), $url, $tmpd);
298 @cmd = (qw(git remote update --prune));
301 my $cmd = "@cmd[0..1]";
303 my $child = open FETCHERR, "-|";
304 defined $child or fail "fork: $!";
307 chdir $gitd or fail "chdir $gitd: $!";
309 setpgrp or fail "setpgrp: $!";
310 open STDERR, ">&STDOUT" or fail "redirect stderr: $!";
311 exec @cmd or fail "exec $cmd[0]: $!";
317 local $SIG{ALRM} = sub {
318 servinfo "fetch/clone timeout";
319 $timedout=1; kill 9, -$child;
321 alarm($fetchtimeout);
322 $!=0; { local $/=undef; $fetcherr = <FETCHERR>; }
323 !FETCHERR->error or fail "read pipe from fetch/clone: $!";
327 kill -9, $child or fail "kill fetch/clone: $!";
328 $!=0; $?=0; if (!close FETCHERR) {
329 fail "reap fetch/clone: $!" if $!;
331 !($? & 255) ? "$cmd died with error exit code ".($? >> 8) :
332 $? != 9 ? "$cmd died due to fatal signa, status $?" :
333 $timedout ? "$cmd timed out (${fetchtimeout}s)" :
334 "$cmd died due to unexpected SIGKILL";
335 if (length $fetcherr) {
336 $fetchfail .= "\n$fetcherr";
337 $fetchfail =~ s/\n$//;
338 $fetchfail =~ s{\n}{ // }g;
343 servinfo "fetch/clone failed: $fetchfail";
348 rename $tmpd, $gitd or fail "rename fresh $tmpd to $gitd: $!";
352 $fetchfail = 'not attempted';
356 gitfail "no cached data, and not cloned: $fetchfail";
360 lockfile \*LOCK, $lock, LOCK_SH; # NB releases and relocks
365 $!==ENOENT or fail "chdir $gitd: $!";
367 # Well, err, someone must have taken the lock in between
368 # and garbage collected it. How annoying.
372 sub hkfail ($) { my ($msg) = @_; fail "housekeeping: $msg"; }
374 sub housekeeping () {
375 logm 'info', "housekeeping started";
376 foreach $lock (<[a-z]*\\.lock>) {
377 my $subdir = $lock; $subdir =~ s/\\.lock$//;
379 $! == ENOENT or hkfail "$lock: lstat: $!";
382 if (-M _ <= $treeexpiredays) {
383 logm 'debug', "housekeeping: subdirs $subdir: touched recently";
386 if (!lockfile \*LOCK, $lock, LOCK_EX|LOCK_NB) {
387 logm 'info', "housekeeping: subdirs $subdir: lock busy, skipping";
390 logm 'info', "housekeeping: subdirs $subdir: cleaning";
392 foreach my $suffix (qw(tmp git)) {
393 my $dir = "${subdir}\\.$suffix";
395 remove_tree($dir, { safe=>1, error=>\$errs });
398 logm 'warning', "housekeeping: $dir: problems with".
399 "deletion prevent cleanup:";
400 foreach my $err (@$errs) {
401 logm 'info', "problem deleting: $err->[0]: $err->[1]";
406 unlink $lock or hkfail "remove $lock: $!";
409 open HS, ">", "Housekeeping.stamp" or hkfail "touch Housekeeping.stamp: $!";
410 close HS or hkfail "close Housekeeping.stamp: $!";
411 logm 'info', "housekeeping finished";
414 sub housekeepingcheck ($$) {
415 my ($dofork, $force) = @_;
417 if (!lockfile \*HLOCK, "Housekeeping.lock", LOCK_EX|LOCK_NB) {
418 logm 'debug', "housekeeping lock taken, not running";
424 logm 'info', "housekeeping forced";
425 } elsif (!lstat "Housekeeping.stamp") {
426 $! == ENOENT or fail "lstat Housekeeping.stamp: $!";
427 logm 'info', "housekeeping not done yet, will run";
428 } elsif (-M _ <= $housekeepingeverydays) {
429 logm 'debug', "housekeeping done recently";
435 defined $child or hkfail "fork: $!";
449 exec qw(git-upload-pack --strict --timeout=1000 .)
450 or fail "exec git-upload-pack: $!";
453 sub daemonservice () {
455 while (!clonefetch()) { }
456 housekeepingcheck(1,0);
460 if ($housekeepingonly) {
461 housekeepingcheck(0, $housekeepingonly>=2);