Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 events occurring around a257fbd92e7e77a3.
|
2022-09-05
| ||
| 01:42 | Expanded the paragraph on WAL mode interactions in the container doc into a full section, placed higher up, immediately after the first use of Docker's "--volume" flag, to explain why we don't map just the repo DB file, but the whole directory it sits in. Even if we later convince ourselves WAL is safe under this scenario, it'll be conditional at best, so some remnant of this section must remain, no matter which way the experiments go. ... (check-in: 698587d41d user: wyoung tags: trunk) | |
|
2022-09-04
| ||
| 23:46 | Renamed Dockerfile.in back to Dockerfile so it can be used as-is on non-autosetup systems. Realized that we can pass the Fossil checkin hash prefix in as a build arg instead of regenerating the file on disk from auto.def. If you use the Dockerfile as-shipped, you get a "trunk" build, which risks a stale cache — it thinks it already has a tarball by that name and helpfully refuses to pull it again — but at least Windows users get *something* without hand-hacking the file. ... (check-in: b0c9c26a9c user: wyoung tags: trunk) | |
| 22:20 | Added a /jail/log directory to the container so someone can pass --errorlog and such to the Fossil instance and have a place to put it. It also acts as a mountpoint for appending to a log out on the host. ... (check-in: ed50ceee0d user: wyoung tags: trunk) | |
| 21:58 | /dev permissions were too tight in the container. They're still tighter than on a stock Ubuntu box, but they should suffice for Fossil's needs. ... (check-in: 8eeb95e127 user: wyoung tags: trunk) | |
| 12:55 | Restricted the container listeners to localhost in section 6 of the containers doc, and mentioned a few other items related to reverse proxying with nginx. ... (check-in: c9ab736f78 user: wyoung tags: trunk) | |
| 12:14 | Folded info from an exchange with the Podman devs into the container doc. ... (check-in: 80f4a1dd49 user: wyoung tags: trunk) | |
| 11:36 | Added section numbers to the containers doc (it was getting confusing) and added a few internal fragment IDs. ... (check-in: 4d51d52417 user: wyoung tags: trunk) | |
| 11:26 | Finished all the new topics planned for the new containers doc, adding sections on rootful Podman containers and on building via Docker but running via Podman, using Docker Hub as an intermediary to avoid building on the remote host. ... (check-in: 9c96e49995 user: wyoung tags: trunk) | |
| 09:27 | Sanitized a local port number out of previous ... (check-in: 3dfa458167 user: wyoung tags: trunk) | |
| 09:25 | Added my sad tale of failure and woe with systemd-nspawn to the container docs, both as a warning to those who follow, and as a cry for help to someone who can make this work. I can't be bothered to spend more time on it, but there's no point throwing the work away. ... (check-in: 1e8c665528 user: wyoung tags: trunk) | |
| 09:15 | Documented another cause to modify the "m" variable in the runc examples in the container docs. ... (check-in: bf5030883a user: wyoung tags: trunk) | |
| 08:09 | Added more jq filters to the runc examples to remove further problematic things left in the automatic conversion from the Docker container configuration file to the one we provide to runc. ... (check-in: 4e8c74797f user: wyoung tags: trunk) | |
| 07:15 | Worked through some difficulties here in applying the runc method on remote systems, then documented what I learned in the containers doc. ... (check-in: 56f4e2ce2f user: wyoung tags: trunk) | |
| 06:28 | Small fix to previous ... (check-in: d5695c8ef1 user: wyoung tags: trunk) | |
| 06:02 | Expanded the runc section of the container doc to cover "bundle" terminology and to show a method for rsyncing the bundle across to a remote host. Also explained why this is a bad idea unless you've got a rather constrained use case, lest people avoid using podman/docker in places where they could provide real value. ... (check-in: f9f13ce7a9 user: wyoung tags: trunk) | |
| 04:32 | Documented the runc and crun options for running a container, including the cryptic method for exporting an OCI bundle from Docker, allowing you to use both together: Docker Desktop on your big dev box in the office, then one of the two lightweight runtimes out in the cloud. ... (check-in: c9431ef4a3 user: wyoung tags: trunk) | |
| 02:35 | Added explicit instructions for patching the Dockerfile for the nojail/podman method and for mapping a single Fossil repo into the container rather than a directory. Also included my best current advice on using WAL mode in these contexts. ... (check-in: 87a23d2a7c user: wyoung tags: trunk) | |
| 02:15 | Removed a TODO-based section of the new containers doc that wasn't meant to be checked in yet. Made a few improvements to the new Podman material as well. ... (check-in: 5adf6c40d9 user: wyoung tags: trunk) | |
| 02:01 | Added the "Lightweight Alternatives to Docker" section to the new containers doc, currently limited to a tutorial on converting the stock Dockerfile to work under Podman in its default mode, creating a rootless container. This brings in the second container-related file at the root of the repo, the patch file for this, so we don't have to maintain two nearly-parallel Dockerfiles. As a bonus, it allows us to point to the patch from the prose, making explicit what we had to change. ... (check-in: f0399ea9ca user: wyoung tags: trunk) | |
| 01:53 | Moved the busybox-config file from tools/ into a new containers/ subdirectory. We were using that as a junk-drawer directory, for lack of a better place to put it. Now that we're about to have a second container-related file in the repo, that weak excuse is wearing thin. ... (check-in: b08e2bb747 user: wyoung tags: trunk) | |
| 01:39 | Referencing the new containers.md file from Dockerfile.in so we can remove a big redundant block comment from it. While in there, made a few style tweaks that will help the ongoing container document expansion. ... (check-in: be8f721d61 user: wyoung tags: trunk) | |
|
2022-09-03
| ||
| 23:34 | Extracted the Docker containers material from www/build.wiki and moved it into a new document dedicated to the topic, containers.md. It was already pushing the bounds of how much info we want to provide in a single section of that doc, and it's about to get bigger. As part of the conversion from wiki format to Markdown, did another edit pass on the doc, improving a few things along the way. Dropped the "docker-" prefix from all internal IDs, as we no longer need them to disambiguate references to other parts of the build doc. ... (check-in: 7129dc9868 user: wyoung tags: trunk) | |
|
2022-09-01
| ||
| 16:05 | Address builtin_deliver_multiple_js_files() endless loop reported in [forum:a9a60fab07|forum post a9a60fab07]. ... (check-in: 76c9bbb3bd user: stephan tags: trunk) | |
| 10:52 | Add aliases as a new command type and display these next to the corresponding main command in /help. Make sure that for the 'test-all-help' command and webpage each help string is output at most once. ... (check-in: db70849495 user: danield tags: trunk) | |
| 01:29 | Merge in trunk. Resolve a shadowed var in dispatch.c which led to an assigned-but-not-used warning. ... (Closed-Leaf check-in: a257fbd92e user: stephan tags: help-aliases-unique) | |
|
2022-08-30
| ||
| 12:50 | • Edit [b04740bd75600c30|b04740bd75]: Mark "Closed". ... (artifact: 54ece50e6c user: stephan) | |
| 01:49 | Embroidered the "make container-run" target to make it more convenient. ... (check-in: bc09e28a26 user: wyoung tags: trunk) | |
|
2022-08-29
| ||
| 18:21 | The container doc bit on raw sockets now covers the other three Busybox utilities we left out previously. Today's removal of ping and traceroute merely completes the set; it wasn't complete in itself. ... (check-in: b429bd71db user: wyoung tags: trunk) | |
| 18:07 | Clarified the points in §5.2.1 of the Docker container build doc regarding the reason why the server parent process runs as root. ... (check-in: c2eaa60da9 user: wyoung tags: trunk) | |
| 17:54 | Researched, tested, and documented the set of "docker create --cap-drop" options we can add to strip away unnecessary root privileges inside the container without harming normal operation. Belt-and-suspenders: if any bad actor ever got into the container with root privileges, this would help prevent them from affecting anything outside the container. Added that set to the "make container-run" target so they get applied by default in the easy case. ... (check-in: f715add938 user: wyoung tags: trunk) | |
| 17:32 | Removed ping and traceroute commands from the Docker container. They require raw sockets support, which means if anyone broke into the container and managed a root privilege escalation, they could do a wide array of bad things on any network the container is bound to. ... (check-in: f00a88f896 user: wyoung tags: trunk) | |
| 16:01 | Polishing pass on §5.2 of the container build doc, "Why Chroot?" ... (check-in: e98603144b user: wyoung tags: trunk) | |
| 14:27 | Add a missing closing LI tag for the /tkthistory page. ... (check-in: 2d0b2bda87 user: george tags: deltify-tkt-blobs) | |
| 14:03 | Minor optimization within <code>getAllTicketFields()</code> function. ... (check-in: c3e7ed3089 user: george tags: deltify-tkt-blobs) | |
|
2022-08-28
| ||
| 17:58 | Clarified the parent process user ID vs the child process in the explanation of how the chroot feature interacts with the custom user feature of the Docker container. ... (check-in: f9ddd38ecc user: wyoung tags: trunk) | |
| 17:52 | Made a better distinction between bind mounts and Docker volumes in the new Docker section of the build doc. ... (check-in: 958a6af94b user: wyoung tags: trunk) | |
|
2022-08-25
| ||
| 12:39 | • Changes to wiki page "To Do List" ... (artifact: 9d9aa4ba2a user: stephan) | |
|
2022-08-24
| ||
| 07:42 | • Edit [b04740bd75600c30|b04740bd75]: Move to branch mistake. Edit check-in comment. ... (artifact: ce0e3724a3 user: stephan) | |
| 06:52 | Add a slight drop shadow to the /chat message widgets. Edit: we already had a drop shadow, just placed on a different sub-element. ... (Closed-Leaf check-in: b04740bd75 user: stephan tags: mistake) | |
|
2022-08-23
| ||
| 11:14 | Correct a NULL being passed to strcmp() which caused any submit of JS script code in the skin editor to segfault. Reported in [forum:9d9f0580fd | forum post 9d9f0580fd]. ... (check-in: a88478391e user: stephan tags: trunk) | |
|
2022-08-22
| ||
| 18:27 | Make it possible to store similar ticket change artifacts as deltas. This might be useful when a certain column of the <var>TICKET</var> table holds a lengthy text that may undergo frequent modifications. This is an opt-in feature. It is activated only when <var>TICKET</var> table contains a phony <code>INTEGER</code> column <code>"baseline for $name"</code> where <code>$name</code> stands for the name of the actual column provisioned for the aforementioned frequently changing text. ... (check-in: 0f4a0fe82a user: george tags: deltify-tkt-blobs) | |
|
2022-08-19
| ||
| 04:42 | Fix the logic to cancel default actions and further event bubbling to take effect for all handled keys. ... (check-in: 9cfd4e2b23 user: florian tags: timeline-keyboard-navigation) | |
|
2022-08-18
| ||
| 13:21 | Add the "Timeline" submenu link on the setup_edit page, for ordinary users. Change the "Access Log" link on that same page so that it is only present for ordinary users - not special users like "reader" or "developer". ... (check-in: 6f70a236ce user: drh tags: trunk) | |
|
2022-08-17
| ||
| 05:30 | Removed a digression in the gitusers doc about Fossil's new clone-and-open mechanisms. That got moved to the ckout-workflows doc quite some time back, and we already point to it from that same section. There's no reason for the redundancy. Also cleaned up some grammar and typos while in there. ... (check-in: f43eaf01e3 user: wyoung tags: trunk) | |
|
2022-08-16
| ||
| 20:54 | • Edit [8849abb733c619b8|8849abb733]: Edit check-in comment. ... (artifact: b548aee2eb user: wyoung) | |
| 11:05 | Changed the "fossil server --user" flag's argument back to "admin" from "fossil" for the container: I was confusing the Unix user name with the default Fossil repo user name. The new "adduser fossil" stuff doesn't help here; we still want it to be called "admin". ... (check-in: 72d820f320 user: wyoung tags: trunk) | |
| 11:04 | ARM build fixes for the container: * QEMU couldn't cope with "make -j" on the BusyBox step (too many processes) so I changed it to -j11 * Made the new executable compression step conditional, since there is no upx package in Alpine for either ARM flavor. There's [https://github.com/upx/upx/issues/441 | a long bug thread] for it on GitHub, which doesn't look to be getting resolved any time soon. ... (check-in: 8849abb733 user: wyoung tags: trunk) | |
| 09:39 | Minor fixes to the Docker container build process ... (check-in: 454397b0cd user: wyoung tags: trunk) | |
| 07:14 | URL fix necessitated from the Dockerfile.in rename ... (check-in: 2f67bf941a user: wyoung tags: trunk) | |
| 07:03 | Carved the Docker container image size down still further by stripping out all but two of the stock skins (d* so we get default and darkmode) and packing Fossil and BusyBox with UPX. ... (check-in: e20d044cc0 user: wyoung tags: trunk) | |