slaprunner: users can clone git repos from runner

software/slaprunner/README.txt

@@ -103,6 +103,17 @@ Example :
 	<parameter id="custom-frontend-basic-auth">true</parameter>
 	</instance>
 
+Git repositories :
+------------------
+
+It is easy to give access to your git repository/ies to everyone, or to clone it on your own computer. For this, there are 2 urls to remember:
+  - For read only, you can clone : https://[IPV6]:PORT/git-public/YourRepo.git/
+  - For read and write access, using your runner account : https://[IPV6]:PORT/git/YourRepo.git/
+
+To create the repo, go in the folder srv/runner/project and initiate a new git repo (git init/clone --bare XXX).
+
+For the moment, the PORT is the port of monitoring, which is 9685.
+
 Things to notice for the nex developer :
 ----------------------------------------
 

software/slaprunner/common.cfg

@@ -86,6 +86,14 @@ md5sum = 67d2ce92b4ad6dca6eaf69eeb2c2734c
 filename = nginx_conf.in
 mode = 0644
 
+[template_httpd_conf]
+recipe = hexagonit.recipe.download
+url = ${:_profile_base_location_}/httpd_conf.in
+download-only = true
+#md5sum = 67d2ce92b4ad6dca6eaf69eeb2c2734c
+filename = httpd_conf.in
+mode = 0644
+
 [template_launcher]
 recipe = slapos.recipe.download
 url = ${:_profile_base_location_}/launcher.in

software/slaprunner/httpd_conf.in

+PidFile "{{ parameters.path_pid }}"
+ServerName example.com
+ServerAdmin someone@email
+
+<IfDefine !MonitorPort>
+  Listen [{{ parameters.global_ip }}]:{{ parameters.monitor_port }}
+  Define MonitorPort
+</IfDefine>
+
+LoadModule unixd_module modules/mod_unixd.so
+LoadModule access_compat_module modules/mod_access_compat.so
+LoadModule auth_basic_module modules/mod_auth_basic.so
+LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_user_module modules/mod_authz_user.so
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule authn_core_module modules/mod_authn_core.so
+LoadModule authn_file_module modules/mod_authn_file.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule cgid_module modules/mod_cgid.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule alias_module modules/mod_alias.so
+LoadModule env_module modules/mod_env.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule log_config_module modules/mod_log_config.so
+
+ErrorLog "{{ parameters.path_error_log }}"
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+CustomLog "{{ parameters.path_access_log }}" common
+
+# SSL Configuration
+Define SSLConfigured
+SSLCertificateFile {{ parameters.cert_file }}
+SSLCertificateKeyFile {{ parameters.key_file }}
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+SSLRandomSeed startup /dev/urandom 256
+SSLRandomSeed connect builtin
+SSLProtocol -ALL +SSLv3 +TLSv1
+SSLHonorCipherOrder On
+SSLCipherSuite RC4-SHA:HIGH:!ADH
+SSLEngine   On
+
+ScriptSock {{ parameters.path_pid }}
+
+SetEnv GIT_PROJECT_ROOT {{ parameters.project_folder }}
+SetEnv GIT_HTTP_EXPORT_ALL
+ScriptAlias /git/ {{ parameters.git_http_backend }}/
+ScriptAlias /git-public/ {{ parameters.git_http_backend }}/
+
+RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
+RewriteCond %{REQUEST_URI} /git-receive-pack$
+RewriteRule ^/git/ - [E=AUTHREQUIRED:yes]
+RewriteRule ^/git-public/ - [E=AUTHREQUIRED:yes]
+
+<LocationMatch "^/git-public/">
+        Order Deny,Allow
+        Deny from env=AUTHREQUIRED
+
+        AuthType Basic
+        AuthName "Git Access"
+        AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
+        Require valid-user
+        Satisfy any
+</LocationMatch>
+
+<LocationMatch "^/git/">
+        Order Deny,Allow
+        Deny from env=AUTHREQUIRED
+
+        AuthType Basic
+        AuthName "Git Access"
+        AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
+        Require valid-user
+</LocationMatch>
+
+include {{ parameters.cgi_httpd_conf }} 

software/slaprunner/instance-runner-export.cfg.in

 [buildout]
 extends = template-runner.cfg
           ${pbsready-export:output}
-          ${monitor-template:output}
 
 parts +=
   nginx_conf

software/slaprunner/instance-runner-import.cfg.in

 [buildout]
 extends = template-runner.cfg
           ${pbsready-import:output}
-          ${monitor-template:output}
 
 parts +=
   nginx_conf

software/slaprunner/instance-runner.cfg

@@ -111,7 +111,7 @@ promises = $${:etc}/promise/
 test = $${:etc}/test/
 nginx-data = $${directory:srv}/nginx
 ca-dir = $${:srv}/ssl
-project = $${:srv}/runner/project/
+project = $${:srv}/runner/project
 
 [runnerdirectory]
 recipe = slapos.cookbook:mkdirectory
@@ -276,6 +276,37 @@ mode = 700
 context =
     section param_nginx_frontend nginx-frontend
 
+[httpd-parameters]
+path_pid = $${directory:run}/httpd.pid
+path_error_log = $${directory:log}/httpd-error.log
+path_access_log = $${directory:log}/httpd-access.log
+key_file = $${ca-httpd:key-file}
+cert_file = $${ca-httpd:cert-file}
+global_ip = $${slap-network-information:global-ipv6}
+global_port = $${slaprunner:runner_port}
+monitor_port = $${monitor-parameters:port}
+monitor_index = $${deploy-index:rendered}
+working_directory = $${slaprunner:working-directory}
+dav_lock = $${directory:var}/DavLock
+etc_dir = $${directory:etc}
+document_root = $${directory:www}
+project_folder = $${directory:project}
+git_http_backend = ${git:location}/libexec/git-core/git-http-backend
+cgi_httpd_conf = $${cgi-httpd-configuration-file:output}
+
+[httpd-conf]
+recipe = slapos.recipe.template:jinja2
+template = ${template_httpd_conf:location}/${template_httpd_conf:filename}
+rendered = $${directory:etc}/httpd.conf
+context = 
+    section parameters httpd-parameters
+
+[cgi-httpd-wrapper]
+recipe = slapos.cookbook:wrapper                                                    
+apache-executable = ${apache:location}/bin/httpd                                    
+wrapper-path = $${ca-httpd:executable}  
+command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
+
 #--------------------
 #--
 #-- WSGI