Difference between revisions of "Gitosis"
Line 31: | Line 31: | ||
groupadd -g 55 git && | groupadd -g 55 git && | ||
− | useradd -c 'GIT User' -d / | + | useradd -c 'GIT User' -d /srv/git -g git -s /bin/bash -u 55 git && |
− | install -o git -g git -d / | + | install -o git -g git -d /srv/git |
For [[Gitosis]] to work properly a password will have to be set for the git user. Without this password logins may not be allowed even using public keys. You never need to remember the password again so I recommend making it completely random. | For [[Gitosis]] to work properly a password will have to be set for the git user. Without this password logins may not be allowed even using public keys. You never need to remember the password again so I recommend making it completely random. | ||
Line 82: | Line 82: | ||
On the machine with the [[Gitosis]] install make sure that the post-update hook is executable in the [[Gitosis]] repository: | On the machine with the [[Gitosis]] install make sure that the post-update hook is executable in the [[Gitosis]] repository: | ||
− | chmod -v 755 / | + | chmod -v 755 /srv/git/repositories/gitosis-admin.git/hooks/post-update |
From the machine that you created the ssh key on, create a clone of the gitosis repository: | From the machine that you created the ssh key on, create a clone of the gitosis repository: | ||
Line 96: | Line 96: | ||
[gitosis] | [gitosis] | ||
+ | |||
+ | gitweb = no | ||
+ | daemon = no | ||
[group gitosis-admin] | [group gitosis-admin] |
Revision as of 12:16, 14 March 2009
Download Source: | See Below |
---|
Contents
Introduction to Gitosis
gitosis aims to make hosting git repos easier and safer. It manages multiple repositories under one user account, using SSH keys to identify users. End users do not need shell accounts on the server, they will talk to one shared account that will not let them run arbitrary commands.
Project Homepage: Unknown
Getting the Source
Make sure that you have GIT installed and working then execute the following command:
git clone git://eagain.net/gitosis.git
You may wish to create a tarball of the checked out code for future reference.
tar cvjf gitosis-$(date '+%Y%m%d').tar.bz2 gitosis
Dependencies
Required
Recommended
- Sudo (For Configuration, su can be used instead)
Git User/Group
groupadd -g 55 git && useradd -c 'GIT User' -d /srv/git -g git -s /bin/bash -u 55 git && install -o git -g git -d /srv/git
For Gitosis to work properly a password will have to be set for the git user. Without this password logins may not be allowed even using public keys. You never need to remember the password again so I recommend making it completely random.
passwd git
Non-Multilib
Install the package
python setup.py install
Multilib
32Bit
Install the package
USE_ARCH=32 python setup.py install
N32
Install the package
USE_ARCH=n32 python setup.py install
64Bit
Install the package
USE_ARCH=64 python setup.py install
Configuring Gitosis
Initial Setup and Gitosis Admin
If you do not already have a ssh key for your user generate one now with:
ssh-keygen -t rsa
Two files will be generated in your ~/.ssh directory, id_rsa and id_rsa.pub. Copy id_rsa.pub to the machine with the Gitosis install. Any directory that the git user has access too works. Then execute the following command:
sudo -H -u git gitosis-init < /path/to/id_rsa.pub
Note: -H makes sudo switch the user's home directory. -u git says to switch to the git user.
The previous command authorized that public key to the Gitosis repository.
On the machine with the Gitosis install make sure that the post-update hook is executable in the Gitosis repository:
chmod -v 755 /srv/git/repositories/gitosis-admin.git/hooks/post-update
From the machine that you created the ssh key on, create a clone of the gitosis repository:
git clone git@[YOUR_SERVER_HOSTNAME]:gitosis-admin.git cd gitosis-admin
Setting up a Repository
The following configuration should serve as an example only.
From inside of the gitosis-admin directory that was checked out in the last step open the gitosis.conf file. You should see something along the lines of the following:
[gitosis] gitweb = no daemon = no [group gitosis-admin] writable = gitosis-admin members = jdoe
To add another repo we need to make an entry in this file so that it will be writable.
[group myteam] members = jdoe writable = testrepo
Save this addition to gitosis.conf, commit and push it:
git commit -a -m "Allow jdoe write access to testrepo." git push
Now that the user has access to the repo it's time to actually create it:
mkdir testrepo cd testrepo git init git remote add origin git@[YOUR_SERVER_HOSTNAME]:testrepo.git # Add / Commit some files to the local repo # Don't forgot to commit the changes or you _WILL_ get an error git push origin master:refs/heads/master
Adding Users
For people to access to the GIT repositories through Gitosis they have to have public keys of their own. They can generate one the same way that we did in the first step with the following:
ssh-keygen -t rsa
After they generate the key get them to send you the id_rsa.pub file, and only that file. Inside of the gitosis-admin directory you should see a directory named keydir. Copy the id_rsa.pub key provided to you by the user into that directory using a unique name, such as username@hostname or just username. Add the keys to the repository, modify gitosis.conf so that the new keys can write to the appropriate repositories. Separate usernames with a space. Then commit all of the change to the gitosos-admin repository and push it back to the server.
Now the new users should be able to close the repository in the same manner that we accessed them above.
Reference: http://scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way