That'll only work here if there are reforms to the pardon power while we're at it. Any convictions a Democratic administration manages to obtain will be pardoned the next time a Republican gets in.
Yeah, but ooh boy is a private gitlab server complicated. Omnibus installation helps manage that, but if you outgrow it you're in for a complicated time.
Also gitlab has cves like every other week... You're going to be on that upgrade train, unless you keep access locked down (no internet access!!) and accept the admittedly lower risk of a vulnerable gitlab server on your LAN/VPN network.
Even if gitlab is updated fully, you're fighting bot crawlers 24/7.
I started developing it as a slim wrapper around Git to support my own needs. At the same time, it is essential to have rich features like pull requests/code review, so I started focusing on designing a tool that strikes an appropriate balance between being minimalistic and functional. One thing that I focus on is allowing users to disable any feature they don't need.
Unfortunately I don't think there's really an answer to that conundrum that doesn't involve just spinning up your own git server and accepting all the operational overhead that comes with it.
Hmm all that operational overhead... Of an ssh server? If you literally just want a place to push some code, then that really isn't that hard.
Lots and lots of programmers have very little understanding and especially operation knowledge of how to host a public service. You can be an extreme graphics programmer and not know the web stack at all.
And no, its not that hard once you learn. Except, now its a never ending chore when it was an appliance. Instead of a car you have a project car.
> Lots and lots of programmers have very little understanding and especially operation knowledge of how to host a public service. You can be an extreme graphics programmer and not know the web stack at all.
Can confirm.
Also, not everyone who wants to share content publicly has a domain name with which to do so, or the kind of Internet connection that allows running a server. If you include "hosting" by using a hosting provider... it's perfectly possible (raises hand) to not even have any experience with that after decades of writing code and being on the Internet. (Unless you count things like, well, GitHub and its services, anyway.)
I think both of you are misunderstanding what I proposed. You just need a single VM with an ssh server. Literally no web service needed, if all you want to do is host some code remotely.
I didn't misunderstand. Sshd is a web service. Most folks don't already know how and don't want to set up a machine that is always on, that will restart on power loss, that will have a static IP or dynDNS, with a domain name and proper routing and open ports and certs and enough bandwidth and that's before you even worry about actual security and not just what is needed to work.... It's actually a big annoyance if you don't do it all the time.
The rest of the owl: go to provider, set up VM (20 questions) log into root. SSH for login. set up firewalls. create non-root user. useradd or adduser? depends if you want a home dir I guess. debug why you can't ssh in. Finally get in. sudo apt update. sudo apt install git (or is it named something else?). install failtoban. install fw.
If it's your ssh server and it's single user you don't need to use the "git@" part at all.
Just store the repo and access it with your account.
The whole git@ thing is because most "forge" software is built around a single dedicated user doing everything, rather than taking advantage of the OS users, permissions and acl system.
For a single user it's pointless. For anyone who knows how to setup filesystem permissions it's not necessary.
There isn't much advantage that can be taken from O/S users and perms anyway, at least as far as git is concerned. When using a shared-filesystem repository over SSH (or NFS etc.), the actually usable access levels are: full, including the abilities to rewrite history, forge commits from other users, and corrupt/erase the repo; read-only; and none.
Git was build to be decentralized with everyone having its own copy. If it's an organization someone trusted will hold the key to the canonical version. If you need to discuss and review patches, you use a communication medium (email, forums, IRC, shared folder,...)
Git was built to be decentralized but it ended up basically displacing all other version control systems, including centralized ones. There are still some holdouts on SVN and even CVS, and there are niche professional fields where other systems are preferred due to tighter integration with the rest of their tools and/or better binary file support, but, for most people, Git is now synonymous with version control.
but if you're just looking for a generic place to put your code projects that aren't necessarily intended for public release and support (ie. random automation scripts, scraps of concepts that never really got off the ground, things not super cleaned up), they're not really for that - private repositories are discouraged according to their FAQ and are very limited (up to 100mb).
Until the AI scrapers[1] come for you at 5k requests per second and you're doing operations in hard-mode.
1. Most forges have http pages for discoverability. I suppose one could hypothetically setup an ssh-only forge and statically generate a html site periodically, but this is already advanced ops for the average Github user
This isn't a real thing and if it ever becomes a thing you can sue them for DDOS and send Sam Altman to jail. AI scraping is in the realm of 1-5 requests per second, not 5000.
How is it not a feature from a development standpoint? Colloquially any bit of intended functionality qualifies as a "feature" and certainly any functionality you conditionally enable/disable would be controlled by a "feature flag" regardless.
reply