5 files changed, 64 insertions(+), 23 deletions(-)

A cloneperf
M config.example.ini
M gitsrht-keys/main.go
M gitsrht-update-hook/post-update.go
M gitsrht-update-hook/update.go

@@ 0,0 1,16 @@
+#!/bin/sh
+ts=$(date +"%Y-%m-%d_%H:%M:%S")
+log=cloneperf-$ts.log
+host=${host:-git.sr.ht}
+printf 'cloneperf host=%s ts=%s notes=%s\n\n' "$host" "$ts" "$*" | tee -a $log
+
+printf '%s\n' "$ ssh git@$host" | tee -a $log
+/usr/bin/time -p ssh git@$host 2>&1 | tee -a $log
+
+printf '\n' | tee -a $log
+
+printf '%s\n' "$ git clone git@$host:~sircmpwn/scdoc" | tee -a $log
+/usr/bin/time -p git clone git@$host:~sircmpwn/scdoc /tmp/scdoc-$ts 2>&1 | tee -a $log
+rm -rf /tmp/scdoc-$ts
+
+printf "\nResults written to %s\n" "$log"

@@ 19,11 19,22 @@ owner-email=sir@cmpwn.com
 # The source code for your fork of sr.ht
 source-url=https://git.sr.ht/~sircmpwn/srht
 #
-# A secret key to encrypt session cookies with
-secret-key=CHANGEME
-#
-# The redis host url.
-redis-host=redis://localhost:6379/0
+# A key used for encrypting session cookies. Use `srht-keygen service` to
+# generate the service key. This must be shared between each node of the same
+# service (e.g. git1.sr.ht and git2.sr.ht), but different services may use
+# different keys. If you configure all of your services with the same
+# config.ini, you may use the same service-key for all of them.
+service-key=
+#
+# A secret key to encrypt internal messages with. Use `srht-keygen network` to
+# generate this key. It must be consistent between all services and nodes.
+network-key=
+#
+# The redis host URL. This is used for caching and temporary storage, and must
+# be shared between nodes (e.g. git1.sr.ht and git2.sr.ht), but need not be
+# shared between services. It may be shared between services, however, with no
+# ill effect, if this better suits your infrastructure.
+redis-host=
 
 [mail]
 #


@@ 38,10 49,12 @@ smtp-from=
 error-to=
 error-from=
 #
-# Your PGP key information (DO NOT mix up pub and priv here)
-# You must remove the password from your secret key, if present.
-# You can do this with gpg --edit-key [key-id], then use the passwd
-# command and do not enter a new password.
+# You should generate a PGP key to allow users to authenticate emails received
+# from your services. Use `gpg --edit-key [key id]` to remove the password from
+# your private key, then export it to a file and set pgp-privkey to the path to
+# that file. pgp-pubkey should be set to the path to your public key, and
+# pgp-key-id should be set to the key ID string. Outgoing emails are signed with
+# this PGP key.
 pgp-privkey=
 pgp-pubkey=
 pgp-key-id=


@@ 49,10 62,11 @@ pgp-key-id=
 [webhooks]
 #
 # base64-encoded Ed25519 key for signing webhook payloads. This should be
-# consistent for all *.sr.ht sites, as we'll use this key to verify signatures
-# from other sites in your network.
+# consistent between all services.
 #
-# Use the srht-webhook-keygen command to generate a key.
+# Use the `srht-keygen webhook` command to generate this key. Put the private
+# key here and distribute the public key to anyone who would want to verify
+# webhook payloads from your service.
 private-key=
 
 [git.sr.ht]

@@ 31,12 31,6 @@ func main() {
 	)
 	// TODO: update key last used timestamp on meta.sr.ht
 
-	redisHost, ok := config.Get("sr.ht", "redis-host")
-	if !ok {
-		redisHost = "localhost:6379"
-	}
-	redis := goredis.NewClient(&goredis.Options{Addr: redisHost})
-
 	logf, err := os.OpenFile(logFile,
 		os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
 	if err != nil {


@@ 55,9 49,18 @@ func main() {
 	}
 	if err != nil {
 		logger.Fatalf("Failed to load config file: %v", err)
-		os.Exit(0)
 	}
 
+	redisHost, ok := config.Get("sr.ht", "redis-host")
+	if !ok {
+		redisHost = "redis://localhost:6379"
+	}
+	ropts, err := goredis.ParseURL(redisHost)
+	if err != nil {
+		logger.Fatalf("Failed to parse redis host: %v", err)
+	}
+	redis := goredis.NewClient(ropts)
+
 	keyType, b64key, prefix, err = srhtkeys.ParseArgs(logger)
 	if err != nil {
 		os.Exit(0)

@@ 162,9 162,13 @@ func postUpdate() {
 
 	redisHost, ok := config.Get("sr.ht", "redis-host")
 	if !ok {
-		redisHost = "localhost:6379"
+		redisHost = "redis://localhost:6379"
 	}
-	redis := goredis.NewClient(&goredis.Options{Addr: redisHost})
+	ropts, err := goredis.ParseURL(redisHost)
+	if err != nil {
+		logger.Fatalf("Failed to parse redis host: %v", err)
+	}
+	redis := goredis.NewClient(ropts)
 	for i, refname := range refs {
 		var oldref, newref string
 		var oldobj, newobj object.Object

@@ 24,9 24,13 @@ func update() {
 
 	redisHost, ok := config.Get("sr.ht", "redis-host")
 	if !ok {
-		redisHost = "localhost:6379"
+		redisHost = "redis://localhost:6379"
 	}
-	redis := goredis.NewClient(&goredis.Options{Addr: redisHost})
+	ropts, err := goredis.ParseURL(redisHost)
+	if err != nil {
+		logger.Fatalf("Failed to parse redis host: %v", err)
+	}
+	redis := goredis.NewClient(ropts)
 	redis.Set(fmt.Sprintf("update.%s.%s", pushUuid, refname),
 		fmt.Sprintf("%s:%s", oldref, newref), 10*time.Minute)
 }