4871.1.1
by Neil Martinsen-Burrell
Put in place a structure for the admin-guide |
1 |
Other Setups |
2 |
============ |
|
3 |
||
4 |
Dumb servers |
|
5 |
------------ |
|
6 |
||
4871.6.1
by Neil Martinsen-Burrell
introduction and setup recipes for various types of access |
7 |
Bazaar can also serve branches over protocols that know nothing about Bazaar's |
8 |
specific needs. These are called "dumb servers" to distinguish them from |
|
5439.3.1
by John C Barstow
Make it clearer that we support HTTPS |
9 |
Bazaar's native protocol. Currently HTTP, HTTPS, FTP, SFTP and HTTP+WebDAV can |
10 |
be used to read branches remotely. FTP, SFTP and HTTP+WebDAV can be used for |
|
4871.6.1
by Neil Martinsen-Burrell
introduction and setup recipes for various types of access |
11 |
writing as well. To use any of these protocols, it is just necessary to |
12 |
provide access to the server's filesystem under ``/srv/bzr``. |
|
13 |
||
14 |
For example, for Apache to provide read-only access to the branches |
|
15 |
in ``/srv/bzr`` the configuration may look like this:: |
|
16 |
||
17 |
Alias /code /srv/bzr |
|
18 |
<Directory /srv/bzr> |
|
19 |
Options Indexes |
|
20 |
# ... |
|
21 |
</Directory> |
|
22 |
||
23 |
and users could use the URL ``http://server.example.com/code/projectx/trunk`` |
|
24 |
to refer to the trunk branch. |
|
25 |
||
4871.6.2
by Neil Martinsen-Burrell
tweaks based on JAMs review |
26 |
Note that SFTP access is often available whenever there is SSH access and it |
4871.6.1
by Neil Martinsen-Burrell
introduction and setup recipes for various types of access |
27 |
may be a good choice when Bazaar cannot be installed on the server to allow |
28 |
``bzr+ssh://`` access. Dumb servers are slower by their very nature than the |
|
29 |
native protocol, but they can be a good choice in situations where the |
|
30 |
software and protocols that can be used on the server or the network is |
|
31 |
limited. |
|
32 |
||
4871.1.1
by Neil Martinsen-Burrell
Put in place a structure for the admin-guide |
33 |
Smart server over HTTP(S) |
34 |
------------------------- |
|
35 |
||
5439.3.1
by John C Barstow
Make it clearer that we support HTTPS |
36 |
Bazaar can use its native protocol with HTTP or HTTPS requests. Since HTTP is |
37 |
a network protocol that is available on many networks, this can be a good |
|
38 |
option where SSH access is not possible. Another benefit of this setup is that |
|
39 |
all of the authentication and access control methods available to the HTTP |
|
40 |
server (basic, LDAP, ActiveDirectory, etc.) are then available to control |
|
41 |
access to Bazaar branches. More information about setting up this type of |
|
42 |
access using Apache and FastCGI or mod_python or WSGI is in the `smart server |
|
43 |
section of the User's Guide <../user-guide/http_smart_server.html>`_. |
|
4871.6.1
by Neil Martinsen-Burrell
introduction and setup recipes for various types of access |
44 |
|
4871.1.1
by Neil Martinsen-Burrell
Put in place a structure for the admin-guide |
45 |
Direct Smart Server Access |
46 |
-------------------------- |
|
47 |
||
4871.6.2
by Neil Martinsen-Burrell
tweaks based on JAMs review |
48 |
The built-in server that is used by ``bzr+ssh://`` access can also be used as a |
49 |
persistent server on a dedicated port. Bazaar's official port is 4155, |
|
4871.6.1
by Neil Martinsen-Burrell
introduction and setup recipes for various types of access |
50 |
although the port used can be configured. Further information on running the |
51 |
Bazaar smart server from inetd, or directly from the shell is in the `User's |
|
4871.6.2
by Neil Martinsen-Burrell
tweaks based on JAMs review |
52 |
Guide <../user-guide/server.html#inetd>`_. The dedicated Bazaar server does |
53 |
not currently perform any authentication, so this server by default provides |
|
54 |
read-only access. It can be run with the ``--allow-writes`` option, but the |
|
55 |
smart server does not do any additional access control so this may allow |
|
56 |
undesired people to make changes to branches. (Which of course can be |
|
57 |
reverted.) If the user that runs the server has write access to the branches |
|
58 |
on the filesystem, then anyone with access to port 4155 on the server can make |
|
59 |
changes to the branches stored there. |
|
4871.1.1
by Neil Martinsen-Burrell
Put in place a structure for the admin-guide |
60 |