On Thu, Mar 4, 2010 at 4:57 PM, Huan Truong <hnt7...@truman.edu> wrote: > On Thu, 04 Mar 2010 16:08 -0600, "Ian Monroe" <ian.mon...@gmail.com> > wrote: >> On Thu, Mar 4, 2010 at 3:46 PM, Huan Truong <hnt7...@truman.edu> wrote: >> > Hi FSCKers, >> > >> > I have a working php system, nothing fancy, but once in a while I do >> > update it manually. The source is on Github. What I usually do when I >> > want to update the working system is to download the tarball from >> > Github, then untar -xzvf the tarball, then cp -R the untarred files to >> > the working production directory. It works but it's rather a boring job. >> > >> > Definitely I don't want the .git directory in my production directory to >> > serve the users -- so creating a .git repo right in the public_html web >> > directory is not really a good idea... >> >> I wouldn't worry about it. Usually the hidden .directories are ignored >> by web servers anyways, and even if they aren't, it doesn't really >> matter does it? > > I'm using nginx and it doesn't deny access to .directories, I have just > tried it. I don't know if .git directory has any sensitive information > or not... Actually I think I can deny access to .directories in the > nginx.conf file but it doesn't look very `nice'. If there is a way to > get rid of all those directories I always prefer doing it over having > .git in my production directory. >
There's nothing in the .git directory that wouldn't be in the public github already. Unless you have a private github and you keep your SQL password or something in there. :) Ian ----------------------------------------------------------------- To get off this list, send email to fsck-requ...@mtcs.truman.edu with Subject: unsubscribe -----------------------------------------------------------------
