X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=gocheese.texi;h=1e9682e832e94201ec01bdb6910a30db0bad0b1e;hb=9b894ff2421ac5c8bd6b8c21b365617356e8762d;hp=83723947f8361999ae121bc8499e039309ad6ed8;hpb=348eb9427e27321ed8b82dd5e8c80b17e9108425;p=gocheese.git diff --git a/gocheese.texi b/gocheese.texi index 8372394..1e9682e 100644 --- a/gocheese.texi +++ b/gocheese.texi @@ -3,11 +3,11 @@ @settitle GoCheese @copying -Copyright @copyright{} 2019 @email{stargrave@@stargrave.org, Sergey Matveev} +Copyright @copyright{} 2019-2021 @email{stargrave@@stargrave.org, Sergey Matveev} @end copying @node Top -@top +@top GoCheese GoCheese is Python private package repository and caching proxy. @@ -45,6 +45,7 @@ but nearly all the code was rewritten. It has huge differences: @item Integrity check of proxied packages: MD5, SHA256, SHA512, BLAKE2b-256 @item SHA256 checksums for stored packages @item Verifying of SHA256 checksum for uploaded packages +@item Ability to authenticate upstream PyPI by its X.509 certificate's SPKI hash @item Storing of uploaded GPG signatures @item Secure Argon2i (or SHA256) stored passwords hashing @item No YAML configuration, just command-line arguments @@ -53,13 +54,14 @@ but nearly all the code was rewritten. It has huge differences: @item Atomic packages store on filesystem @end itemize -Also it contains @file{pyshop2packages.sh} migration script for +Also it contains @file{contrib/pyshop2packages.sh} migration script for converting @url{https://pypi.org/project/pyshop/, Pyshop} database into GoCheese one, including private packages. -GoCheese is free software, licenced under -@url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3}: -see the file COPYING for copying conditions. +GoCheese is +@url{https://www.gnu.org/philosophy/pragmatic.html, copylefted} +@url{https://www.gnu.org/philosophy/free-sw.html, free software} +licenced under @url{https://www.gnu.org/licenses/gpl-3.0.html, GNU GPLv3}. Please send questions, bug reports and patches to @url{gocheese@@cypherpunks.ru}. @@ -119,6 +121,9 @@ Pay attention that you have to manually create corresponding private package directory! You are not allowed to upload anything explicitly flagged as internal package. +It is advisable to run GoCheese under some kind of +@url{http://cr.yp.to/daemontools.html, daemontools}. + @node Passwords @unnumbered Password authentication @@ -139,8 +144,8 @@ Supported hashing algorithms are: @item @url{https://www.argon2i.com/, Argon2i} (recommended one!) To get Argon2i hashed-password you can use any of following tools: @itemize - @item @url{https://github.com/balakhonova/argon2i, - go get github.com/balakhonova/argon2i} (Go) + @item go get @url{https://github.com/balakhonova/argon2i, + github.com/balakhonova/argon2i} (Go) @item @url{https://github.com/p-h-c/phc-winner-argon2} (C) @end itemize Example user @code{foo} with password @code{bar} can have the @@ -175,6 +180,7 @@ You can refresh passwords by sending @code{SIGHUP} signal to the working daemon: @example $ pkill -HUP gocheese $ kill -HUP `pidof gocheese` +$ svc -h /var/service/gocheese @end example Before refreshing it's recommended to check @option{-passwd} file with