[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [O] Why no secure code retrieval

From: Ian Barton
Subject: Re: [O] Why no secure code retrieval
Date: Sat, 2 Jul 2016 17:51:30 +0100
User-agent: Mutt/1.5.24 (2015-08-30)

On Sat, Jul 02, 2016 at 04:18:42PM +0200, Bastien Guerry wrote:
> Hi Nicolas,
> Nicolas Goaziou <address@hidden> writes:
> > GPG signing tags is OK, but I wouldn't like to request every commit to
> > be signed.
> Agreed.
> >>> I know that https can be a bit tedious to setup so I am not asking for it
> >>> (though I do think it would be great if it was enabled on the site in some
> >>> fashion).
> >>
> >> HTTPS is not so tedious these days with Let's Encrypt.
> >>
> >> https://letsencrypt.org/
> >>
> >> We should set up HTTPS as well.
> >
> I'm considering paying for a digitalocean instance, with https via
> letsencrypt for both the website and git.
> I'm also considering switching from our current git setup to using
> Gogs (https://gogs.io): this would ease the process of adding new
> contributors, welcoming more org repositories, etc.
> The other solution would simply to use https://savannah.gnu.org.
> One remaining problem for both gogs and savannah is to ensure web
> references to commits are correctly redirected, which I think is
> one line of nginx configuration.
> I'm curious to know what people think about the switch to something
> like gogs*.
> Thanks,
> * gitlab seems too heavy, and I'm more experienced in maintaining
>   gogs instances than gitlab instances.
> --
>  Bastien
Not heard of Gogs before, although it looks nice. Another possiblity
would be gitolite with cgit. Gitolite is very flexible and as a
consequence can be hard to set up initially. The documentation is very
comprehensive. It supports mirroring of repos.

Best wishes,


reply via email to

[Prev in Thread] Current Thread [Next in Thread]