doc: lint markdown files

Only way to have a unified markdown syntax is to enforce the wanted
syntax by linting the files. Don't rely on the many markdown syntaxes,
be consistent.
This commit is contained in:
Ben Grande 2024-07-04 17:10:11 +02:00
parent 88d9ba525c
commit 383c840f2f
No known key found for this signature in database
GPG key ID: 00C64E14F51F9E56
68 changed files with 1297 additions and 815 deletions

View file

@ -4,15 +4,15 @@ Git operations through Qrexec in Qubes OS.
## Table of Contents
* [Description](#description)
* [Alternatives comparison](#alternatives-comparison)
* [Security](#security)
* [Installation](#installation)
* [Access control](#access-control)
* [Usage](#usage)
* [Initialize the server repository](#initialize-the-server-repository)
* [Prepare the client](#prepare-the-client)
* [Credits](#credits)
* [Description](#description)
* [Alternatives comparison](#alternatives-comparison)
* [Security](#security)
* [Installation](#installation)
* [Access control](#access-control)
* [Usage](#usage)
* [Initialize the server repository](#initialize-the-server-repository)
* [Prepare the client](#prepare-the-client)
* [Credits](#credits)
## Description
@ -26,9 +26,9 @@ and Init. This is an implementation of split-git.
The following alternatives will be compared against each other and this
implementation:
- [Rudd-O/git-remote-qubes](https://github.com/Rudd-O/git-remote-qubes)
- [QubesOS-contrib/qubes-app-split-git](https://github.com/QubesOS-contrib/qubes-app-split-git)
- [qubes-os.org/doc/development-workflow/#git-connection-between-vms](https://www.qubes-os.org/doc/development-workflow/#git-connection-between-vms)
* [Rudd-O/git-remote-qubes](https://github.com/Rudd-O/git-remote-qubes)
* [QubesOS-contrib/qubes-app-split-git](https://github.com/QubesOS-contrib/qubes-app-split-git)
* [qubes-os.org/doc/development-workflow/#git-connection-between-vms](https://www.qubes-os.org/doc/development-workflow/#git-connection-between-vms)
| | sys-git | git-remote-qubes | qubes-app-split-git | git-connection-between-vms |
| :--- | :---: | :---: | :---: | :---: |
@ -76,23 +76,28 @@ trust the origin, don't use it.
## Installation
- Top
* Top:
```sh
sudo qubesctl top.enable sys-git
sudo qubesctl --targets=tpl-sys-git,sys-git state.apply
sudo qubesctl top.disable sys-git
```
- State
* State:
<!-- pkg:begin:post-install -->
```sh
sudo qubesctl state.apply sys-git.create
sudo qubesctl --skip-dom0 --targets=tpl-sys-git state.apply sys-git.install
sudo qubesctl --skip-dom0 --targets=sys-git state.apply sys-git.configure
```
<!-- pkg:end:post-install -->
Installation on the client template:
```sh
sudo qubesctl --skip-dom0 --targets=tpl-dev state.apply sys-git.install-client
```
@ -104,12 +109,13 @@ it to `Fetch` from, `Push` to and `Init` on `sys-git`.
__Recommended usage__:
- __Init__: Argument useful when allowing a qube to always create a
repository on the server.
- __Fetch__: Fetch can be allowed by less trusted qubes.
- __Push__: Push should only be made by trusted qubes.
* __Init__: Argument useful when allowing a qube to always create a
* repository on the server.
* __Fetch__: Fetch can be allowed by less trusted qubes.
* __Push__: Push should only be made by trusted qubes.
Allow qube `dev` to `Fetch` from `sys-git`, but ask to `Push` and `Init`:
```qrexecpolicy
qusal.GitFetch * dev @default allow target=sys-git
qusal.GitPush * dev @default ask target=sys-git default_target=sys-git
@ -121,6 +127,7 @@ qusal.GitInit * dev @anyvm deny
Allow qube `untrusted` to `Fetch` `repo` if using target name `sys-git` but
deny `Push` and `Init` to any other qube:
```qrexecpolicy
qusal.GitFetch +repo untrusted sys-git ask target=sys-git default_target=sys-git
qusal.GitFetch * untrusted @anyvm deny
@ -129,6 +136,7 @@ qusal.GitInit * untrusted @anyvm deny
```
Deny `Fetch`, `Push` and `Init` from any qube to any other qube:
```qrexecpolicy
qusal.GitFetch * @anyvm @anyvm deny
qusal.GitPush * @anyvm @anyvm deny
@ -141,19 +149,22 @@ qusal.GitInit * @anyvm @anyvm deny
There are a few constraints regarding repositories:
- Must be created under `/home/user/src` in `sys-git`;
- Names must have only letters, numbers, hyphen, underscore and dot. Must not
begin or end with dot, hyphen and underscore.
* Must be created under `/home/user/src` in `sys-git`;
* Names must have only letters, numbers, hyphen, underscore and dot. Must
not begin or end with dot, hyphen and underscore.
In `sys-git`, create bare repositories under `/home/user/src`.
From the `server`:
```sh
git init --bare ~/src/X.git
```
You must use the `.git` prefix to indicate a bare repository.
Or from the `client`, if the `qusal.GitInit` policy allows:
```sh
cd ~/path/to/repo
git init-qrexec
@ -167,22 +178,26 @@ token and the `<REPO>` field is the name of the repository that exists on
`sys-git` under `/home/user/src`.
Clone an existing repository:
```sh
git clone qrexec://@default/qubes-doc
```
Or Initialize a new repository:
```sh
git init qubes-doc
cd qubes-doc
```
Add a remote using the Qrexec protocol:
```sh
git remote add sg qrexec://@default/qubes-doc
```
Test fetching from the newly added remote:
```sh
git fetch sg
```
@ -190,15 +205,17 @@ git fetch sg
Make changes to the git repository as you normally would on any system.
Push to the server and set it as the default upstream:
```sh
git push -u sg main
```
Following pushes will be simpler:
```sh
git push
```
## Credits
- [Unman](https://github.com/unman/shaker/tree/main/git)
* [Unman](https://github.com/unman/shaker/tree/main/git)