Difference between revisions of "Gitosis"

From CBLFS
Jump to navigationJump to search
(Configuring Gitosis)
(Getting the Source)
 
(8 intermediate revisions by one other user not shown)
Line 10: Line 10:
  
 
Make sure that you have [[GIT]] installed and working then execute the following command:
 
Make sure that you have [[GIT]] installed and working then execute the following command:
 +
 +
{{Note|If the following site does not work, run: git clone https://github.com/tv42/gitosis.git}}
  
 
  git clone git://eagain.net/gitosis.git
 
  git clone git://eagain.net/gitosis.git
Line 31: Line 33:
  
 
  groupadd -g 55 git &&
 
  groupadd -g 55 git &&
  useradd -c 'GIT User' -d /home/git -g git -s /bin/false -u 55 git &&
+
  useradd -c 'GIT User' -d /srv/git -g git -s /bin/bash -u 55 git &&
  install -o git -g git -d git
+
  install -d -o git -g git -d /srv/git
 +
 
 +
For [[Gitosis]] to work properly a password will have to be set for the git user. Without this password logins may not be allowed even using public keys. You never need to remember the password again so I recommend making it completely random.
 +
 
 +
passwd git
  
 
== Non-Multilib ==
 
== Non-Multilib ==
Line 61: Line 67:
  
 
== Configuring Gitosis ==
 
== Configuring Gitosis ==
 +
 +
=== Initial Setup and [[Gitosis]] Admin ===
  
 
If you do not already have a ssh key for your user generate one now with:
 
If you do not already have a ssh key for your user generate one now with:
Line 74: Line 82:
 
The previous command authorized that public key to the [[Gitosis]] repository.
 
The previous command authorized that public key to the [[Gitosis]] repository.
  
On the machine with the [[Gitosis]] install make sure that the post-update hook is executeable in the [[Gitosis]] repository:
+
On the machine with the [[Gitosis]] install make sure that the post-update hook is executable in the [[Gitosis]] repository:
  
  chmod 755 /home/git/repositories/gitosis-admin.git/hooks/post-update
+
  chmod -v 755 /srv/git/repositories/gitosis-admin.git/hooks/post-update
  
 
From the machine that you created the ssh key on, create a clone of the gitosis repository:
 
From the machine that you created the ssh key on, create a clone of the gitosis repository:
Line 82: Line 90:
 
  git clone git@[YOUR_SERVER_HOSTNAME]:gitosis-admin.git
 
  git clone git@[YOUR_SERVER_HOSTNAME]:gitosis-admin.git
 
  cd gitosis-admin
 
  cd gitosis-admin
 +
 +
=== Setting up a Repository ===
 +
 +
The following configuration should serve as an example only.
 +
 +
From inside of the gitosis-admin directory that was checked out in the last step open the gitosis.conf file. You should see something along the lines of the following:
 +
 +
[gitosis]                 
 +
 +
gitweb = no
 +
daemon = no
 +
 +
[group gitosis-admin]
 +
writable = gitosis-admin
 +
members = jdoe                   
 +
 +
To add another repo we need to make an entry in this file so that it will be writable.
 +
 +
[group myteam]
 +
members = jdoe
 +
writable = testrepo
 +
 +
Save this addition to gitosis.conf, commit and push it:
 +
 +
git commit -a -m "Allow jdoe write access to testrepo."
 +
git push
 +
 +
Now that the user has access to the repo it's time to actually create it:
 +
 +
mkdir testrepo
 +
cd testrepo
 +
git init
 +
git remote add origin git@[YOUR_SERVER_HOSTNAME]:testrepo.git
 +
 +
# Add / Commit some files to the local repo
 +
# Don't forgot to commit the changes or you _WILL_ get an error
 +
 +
git push origin master:refs/heads/master
 +
 +
=== Adding Users ===
 +
 +
For people to access to the [[GIT]] repositories through [[Gitosis]] they have to have public keys of their own. They can generate one the same way that we did in the first step with the following:
 +
 +
ssh-keygen -t rsa
 +
 +
After they generate the key get them to send you the id_rsa.pub file, and only that file. Inside of the '''gitosis-admin''' directory you should see a directory named '''keydir'''. Copy the id_rsa.pub key provided to you by the user into that directory using a unique name, such as ''username@hostname'' or just ''username''. Add the keys to the repository, modify gitosis.conf so that the new keys can write to the appropriate repositories. Separate usernames with a space. Then commit all of the change to the '''gitosos-admin''' repository and push it back to the server.
 +
 +
Now the new users should be able to close the repository in the same manner that we accessed them above.
 +
 +
Reference: http://scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way
  
 
[[Category:Source Code Management]]
 
[[Category:Source Code Management]]

Latest revision as of 20:40, 26 January 2014

Download Source: See Below

Introduction to Gitosis

gitosis aims to make hosting git repos easier and safer. It manages multiple repositories under one user account, using SSH keys to identify users. End users do not need shell accounts on the server, they will talk to one shared account that will not let them run arbitrary commands.

Project Homepage: Unknown

Getting the Source

Make sure that you have GIT installed and working then execute the following command:

Caution.png

Note

If the following site does not work, run: git clone https://github.com/tv42/gitosis.git
git clone git://eagain.net/gitosis.git

You may wish to create a tarball of the checked out code for future reference.

tar cvjf gitosis-$(date '+%Y%m%d').tar.bz2 gitosis

Dependencies

Required

Recommended

  • Sudo (For Configuration, su can be used instead)

Git User/Group

groupadd -g 55 git &&
useradd -c 'GIT User' -d /srv/git -g git -s /bin/bash -u 55 git &&
install -d -o git -g git -d /srv/git

For Gitosis to work properly a password will have to be set for the git user. Without this password logins may not be allowed even using public keys. You never need to remember the password again so I recommend making it completely random.

passwd git

Non-Multilib

Install the package

python setup.py install

Multilib

32Bit

Install the package

USE_ARCH=32 python setup.py install

N32

Install the package

USE_ARCH=n32 python setup.py install

64Bit

Install the package

USE_ARCH=64 python setup.py install

Configuring Gitosis

Initial Setup and Gitosis Admin

If you do not already have a ssh key for your user generate one now with:

ssh-keygen -t rsa

Two files will be generated in your ~/.ssh directory, id_rsa and id_rsa.pub. Copy id_rsa.pub to the machine with the Gitosis install. Any directory that the git user has access too works. Then execute the following command:

sudo -H -u git gitosis-init < /path/to/id_rsa.pub

Note: -H makes sudo switch the user's home directory. -u git says to switch to the git user.

The previous command authorized that public key to the Gitosis repository.

On the machine with the Gitosis install make sure that the post-update hook is executable in the Gitosis repository:

chmod -v 755 /srv/git/repositories/gitosis-admin.git/hooks/post-update

From the machine that you created the ssh key on, create a clone of the gitosis repository:

git clone git@[YOUR_SERVER_HOSTNAME]:gitosis-admin.git
cd gitosis-admin

Setting up a Repository

The following configuration should serve as an example only.

From inside of the gitosis-admin directory that was checked out in the last step open the gitosis.conf file. You should see something along the lines of the following:

[gitosis]                  

gitweb = no
daemon = no

[group gitosis-admin]
writable = gitosis-admin
members = jdoe                     

To add another repo we need to make an entry in this file so that it will be writable.

[group myteam]
members = jdoe
writable = testrepo

Save this addition to gitosis.conf, commit and push it:

git commit -a -m "Allow jdoe write access to testrepo."
git push

Now that the user has access to the repo it's time to actually create it:

mkdir testrepo
cd testrepo
git init 
git remote add origin git@[YOUR_SERVER_HOSTNAME]:testrepo.git

# Add / Commit some files to the local repo
# Don't forgot to commit the changes or you _WILL_ get an error

git push origin master:refs/heads/master

Adding Users

For people to access to the GIT repositories through Gitosis they have to have public keys of their own. They can generate one the same way that we did in the first step with the following:

ssh-keygen -t rsa

After they generate the key get them to send you the id_rsa.pub file, and only that file. Inside of the gitosis-admin directory you should see a directory named keydir. Copy the id_rsa.pub key provided to you by the user into that directory using a unique name, such as username@hostname or just username. Add the keys to the repository, modify gitosis.conf so that the new keys can write to the appropriate repositories. Separate usernames with a space. Then commit all of the change to the gitosos-admin repository and push it back to the server.

Now the new users should be able to close the repository in the same manner that we accessed them above.

Reference: http://scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way

Retrieved from "?title=Gitosis&oldid=21599"