From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/14010
Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail
From: vlse <vlse@veera.biz>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: Supporting git access via smart HTTPS protocol for musl-libc
Date: Tue, 26 Mar 2019 16:00:35 +0530
Message-ID: <20190326103032.GA1959@localhost>
References: <20190324103306.GB1830@localhost> <20190326003411.GC1872@localhost> <20190326010933.GC3713@localhost> <397c5906-090a-460e-7ea8-8f9248e0be59@adelielinux.org> <20190326013706.GV23599@brightrain.aerifal.cx> <20190326015434.GB8855@localhost> <20190326025937.GW23599@brightrain.aerifal.cx> <20190326111927.62882e67@inria.fr>
Reply-To: musl@lists.openwall.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226";
	logging-data="224291"; mail-complaints-to="usenet@blaine.gmane.org"
User-Agent: Mutt/1.4.2.3i
Cc: musl@lists.openwall.com
To: Jens Gustedt <jens.gustedt@inria.fr>
Original-X-From: musl-return-14026-gllmg-musl=m.gmane.org@lists.openwall.com Tue Mar 26 11:30:17 2019
Return-path: <musl-return-14026-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by blaine.gmane.org with smtp (Exim 4.89)
	(envelope-from <musl-return-14026-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1h8jLU-000wE3-Gv
	for gllmg-musl@m.gmane.org; Tue, 26 Mar 2019 11:30:16 +0100
Original-Received: (qmail 3786 invoked by uid 550); 26 Mar 2019 10:30:14 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Original-Received: (qmail 3764 invoked from network); 26 Mar 2019 10:30:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=veera.biz;
	 s=default; h=In-Reply-To:Content-Type:Mime-Version:References:Message-ID:
	Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
	List-Post:List-Owner:List-Archive;
	bh=nUhEHIWy9VBJyosiWfKElThXQ9TJkHdI5/iWOnq5oVQ=; b=aiNfmLbCS4ctaqfKfr9DarZgyZ
	Eq7MloSNbJP2niKqusWuhYv1oacpYi/wVxTkTMfE/KkccxDyVEv/P+dTpAqI4ls7K7uRmfunernj7
	t0qUiUyDj9Qsy/xgN0vbCG6ELbD8mUBnIdS8W+1K8zhZBgb4jEvX/VkFrD0ev7cFPUOUd9huggvjZ
	LOyJ0mx4oR7CdTH3dweytnU3MNHdC7yRlgAIutZ+IJcZxKfSc1EB5eYDLvzu5WLnO9G9rpncFG8m3
	qMkj7P7BjBIxDIO+KmfGQA9i8L2i9XR8KPrMpRSAcqWNnDeciA/YUcQ4C8Ad5bRFJbi4I9bFsWA24
	s5DiWyRA==;
Content-Disposition: inline
In-Reply-To: <20190326111927.62882e67@inria.fr>
X-OutGoing-Spam-Status: No, score=-0.2
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - in-pun-ln-srv139.advancedserverdns.com
X-AntiAbuse: Original Domain - lists.openwall.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - veera.biz
X-Get-Message-Sender-Via: in-pun-ln-srv139.advancedserverdns.com: authenticated_id: vlse@veera.biz
X-Authenticated-Sender: in-pun-ln-srv139.advancedserverdns.com: vlse@veera.biz
Xref: news.gmane.org gmane.linux.lib.musl.general:14010
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/14010>

On Tue, Mar 26, 2019 at 11:19:27AM +0100, Jens Gustedt wrote:
> Hello,
> 
> 
> On Mon, 25 Mar 2019 22:59:37 -0400 Rich Felker <dalias@libc.org> wrote:
> 
> 
> > > Nginx is bloat free I think. But perhaps not in comparison to
> > > thttpd. I will look how to support cgit http/s with thttpd using a
> > > hook.
> > > 
> > > At skarnet.org, the author is using busybox httpd with cgi support
> > > and cgit cgi hooks to give http/s git access.  
> > 
> > OK, that sounds promising. If it can be done with cgi, it should be
> > easy to setup, assuming the git client is forgiving of thttpd's
> > slightly non-conforming cgi behavior regarding headers.
> 
> 
> One thing you'd have to have in mind is to chose a server for which it
> is possible to update the certificate automatically. For some time I
> used mini_httpd, which is really minimal footprint, but I had to
> update the letsencrypt certificate every three month manually.
> 
> 
> Now I switched to nginx and here automatic update of the certificate
> works like a charm.
> 
The last time I enquired about Let's Encrypt certificates updating, I found
that it can be done with simple acme1 or acme2 clients including some based
on simple shell scripts and using automation like cron.

> 
> Jens
> 
> 
> -- 
> :: INRIA Nancy Grand Est ::: Camus ::::::: ICube/ICPS :::
> :: ::::::::::::::: office Strasbourg : +33 368854536   ::
> :: :::::::::::::::::::::: gsm France : +33 651400183   ::
> :: ::::::::::::::: gsm international : +49 15737185122 ::
> :: http://icube-icps.unistra.fr/index.php/Jens_Gustedt ::

Regards,
Veera