darkness

Lets say you set up a tunnel with something like:

conn foo
    right=1.2.3.4
    rightsubnet=192.168.0.0/24
    left=5.6.7.8
    leftsubnet=192.168.1.0/24
    auto=start

You’re on the left, your firewall has the address 192.168.1.1 inside (eth0), 5.6.7.8 on the outside (eth1). Bring the tunnel up. Ping something on the 192.168.0.0/24 (right) network. It doesn’t work. Why? Because the tunnel is going out over eth1, so your pings are going out with a source IP of 5.6.7.8, not 192.168.1.1. Solution?

conn foo
    right=1.2.3.4
    rightsubnet=192.168.0.0/24
    left=5.6.7.8
    leftsubnet=192.168.1.0/24
    leftsourceip=192.168.1.1
    auto=start

That leftsourceip (rightsourceip exists also, of course) adds the correct src option to ip route add. Now you can ping 192.168.0.* and your packets get the correct source address.

So you want to host multiple projects using Monotone. Trouble is, it seems they recommend one database per project. That means one server process per project, and one port per project as well. Messy. There exists, however, contrib/usher.cc which claims to essentially dispatch to other Monotone servers based on the branch (I think?) being requested. You still have to start a bunch of servers, and they’re going to eat up ports, but those ports don’t have to be opened on your firewall at least, and you don’t have to remind each project what port they’re supposed to be using. Disclaimer: I haven’t actually tried usher. (Though I believe Monotone developers are talking about making usher a supported part of Monotone.

I rebuilt the Monotone SRPM from FC4 for CentOS 4. One problem: the init script doesn’t work:

Nov  4 15:19:08 zeus runuser: -bash: 3: Bad file descriptor
Nov  4 15:19:08 zeus monotone: monotone-server startup succeeded
Nov  4 15:19:08 zeus monotone:  succeeded

The fix? Take the daemon function from FC4’s /etc/init.d/functions and copy it into /etc/init.d/monotone right below the line that reads . /etc/rc.d/init.d/functions. Now worky.