Postsai

Screenshot

Postsai in action

Features

• Queryable commit database
• Supports dynamic links (e. g. from continuous integration systems)
• Integrates with GitHub, Gitlab and Sourceforge
• Integrates with self hosted Git and CVS servers
• Database upgrade from Bonsai or ViewVC-query possible
• Mobile friendly view
• Multi repository support
• Git push accountability
• Optional support for Gravatar

Installation

• Install dependencies

apt-get install python-mysqldb

• Optionally install dependencies for CVS commit view

apt-get install cvs

• Configure Apache in /etc/apache/sites/enabled/* to execute cgi-scripts:

<Directory /var/www/html>
   AddHandler cgi-script .py
   Options +ExecCGI
</Directory>

• Enable cgi in Apache: a2enmod cgi and restart Apache
• Create an empty postsai database in MySQL.
• Unzip postsai to your web server directory
• Execute ./install.py and follow instructions

Integration

Postsai integrates with various hosted and local repositories:

GitHub, Gitlab and SourceForge

• Just add a Webhook to https://example.com/postsai/api.py and you are done.

Self hosted Git (including Gitolite)

• Use notify-webhook to setup a webhook with the following configuration
  meta.url=http://git.example.com:1234
  hooks.webhookurl=https://example.com/postsai/api.py
  hooks.webhook-contenttype=application/json
• Edit the database table "repositories" to configure links, if you are not using instaweb

Self hosted CVS

• Define a CVS Webhook notify-cvs-webhook in CVSROOT/loginfo with
  --url=https://example.com/postsai/api.py
• You might want to edit the database table "repositories" to configure an icon.

Global issue tracker

A global issue tracker is supported as fallback by adding the following configuration to config.py

ui = {
  "tracker" : "https://hiszilla.his.de/hiszilla/show_bug.cgi?id=$1",
}

Authentication

Access to Postsai installations may be regulated using webserver authentication mechanisms.

On the simple level, access to the complete installation may be limited. But Postsai is also able to pick up authentication information provided by Apache or nginx to allow access on a per repository level.

There are two functions, which may be defined in config.py for this purpose. The following example allows read access to all repositories (.*), but limits write access to the regular expression set by the webserver as environment variable AUTHENTICATE_POSTSAI_WRITE_PATTERN. This variable may be the result of a LDAP query performed by the webserver authorization module, for example.

def get_read_permission_pattern():
    """return a regular expression of repository names that may be read"""
    return ".*"


def get_write_permission_pattern():
    """return a regular expression of repository names that may be written to"""
    return os.environ.get("AUTHENTICATE_POSTSAI_WRITE_PATTERN", "^$")

For simplicity, it is also possible to do the authorization within those methods itself, for example by comparing REMOTE_USER to a hardcoded list.

Important: If you use HTTP Basic Authentication to grant read access by browsers, you will need to set "service_worker": False in config.py, section ui. (Chrome Bug, Firefox Bug).

Privacy

Hide email domain

By default the full email address of the author is displayed. This can be disabled:

ui = {
  "trim_email" : True
}

Profile icons

Postsai can display Gravatar icons next to author names.

ui = {
  "avatar" : "https://gravatar.com",
}

Please note that Gravatar is an external service that might log user activities.

Search criteria filter

Postsai can enforce filters on query parameters. For example it may be desirable to disallow queries on the changes of human beings but allow such queries for bot accounts.

This example limits queries on the who-column to the value "cvsscript".

filter = {
    "who" : "^cvsscript$"
}

Please note that it is relatively easy to postprocess query results. Therefore the effect of such filter is limited.