Using Arch to access a remote archive

Non secured protocols

These protocols do not use a particular encryption mechanism, and should be used only

Plain HTTP

Plain HTTP can be used as a read-only protocol to access an archive. Typically, the same archive will be accessed in read-write mode by another protocol (file, ftp, ...) for a few developpers, and world-wide availlable through HTTP.

As an exercise, let's get Arch itself via HTTP: 

$ tla register-archive lord@emf.net--2004 http://regexps.srparish.net/\{archives}/lord@emf.net--2004
$ tla my-default-archive lord@emf.net--2004
$ tla get dists--devo--1.0

(Don't use my-default-archive if you already have your own archive of course. In that case, use -A archive-name for get to specify a different archive).

You can also access an authenticated HTTP archive with an URL like:

http://user:password@example.com/path/to/archive 

If you are using an HTTP proxy, just set the environment variable http_proxy to its full URL. Proxy authentication is not supported yet. (But you can add it with a patch that you can find in the archives of the mailing list.)

Now, modify a file, and try: 

$ tla commit -s "I shouldn't be allowed to do that"

You should get something like:

arch_commit: unable to acquire revision lock (401 Unauthorized)

Nothing surprising: you can't commit anything on a read-only archive.

Note: Because HTTP can't provide reasonable directory listings, archives that will be accessed via HTTP must be created with the -l or --listing option. That creates .listing files to overcome this limitation.

WebDAV

WebDAV is an extension to the HTTP protocol that allows write access to files on an HTTP server. Of course, the server must have support for the WebDAV extension; Apache 1.3.x and above can do this with the module mod_dav.

Then, you access your archive exactly as above, as if it was a plain HTTP archive. The difference is that you will also be able to use tla commit. It is likely that whoever has set up the server will require that you use an username and a password.

Plain FTP

Plain FTP can be used as a read/write protocol to access an archive, using ftp:// URLs.

Secure protocols

The protocols above do not encrypt the data as it is transferred over the Internet. While it does not matter much if you are just getting some public source code, it can be a problem in other cases, especially since your password might go over the network unencrypted. Secure protocols that solve this problem exist, and Arch can use some of them.

WebDAV over HTTPS

The WebDAV protocol can be used over HTTPS. However, for licensing reasons, tla does not support this. See this discussion for a more detailed explanation, a possible workaround, and the proper way to fix this issue.

SFTP

The SFTP subsystem of SSH 2 can be used. This currently is the preferred way to securely access a remote archive. Use sftp:// URLs, the sftp://user@host/path syntax is recognized. Both RSA and password authentications work, and prompting for passwords works correctly, though using ssh-agent is usualy preferable.

Q: (from AlanEzust) Does ssh 3.2.9.1 (non-commercial) work with arch? I am having troubles using it. I have ssh-agent set up and can use sftp from the command line, but I get the impression that the interface is slightly different, because when I try to "arch get" the project, I get the cryptic (can mean anything) ssh help message followed by "Error reading from server". I am a newbie at arch but very experienced with ssh/cvs. help?

Dedicated server

The fact that tla is able to access an archive located on a simple file server is something fantastic. It allows you to store your archive on many servers without having any root or even shell access. Most ISP offer you HTTP and FTP: This is all you need !!!

However, this also have several drawbacks :

The bad news is that there isn't any dedicated server implementation currently.

The good news is that there may be one soon ;-) See this discussion for details.

Remote access (last edited 2008-01-20 01:07:39 by 82)