Post by ZF on Dec 22, 2015 5:56:57 GMT -5
Setting up Git Server
1 ) Install gitosis on the "server"
git clone github.com/res0nat0r/gitosis
cd gitosis
python setup.py install
sudo adduser --system --shell /bin/sh --gecos 'git version control' --group --disabled-password --home /home/git git
2 ) Generate an SSH key for the git administrator.
To generate an SSH key:
cd <git-administrator>
ssh-keygen -t rsa
The public key will be in $HOME/.ssh/id_rsa.pub.
Copy this file to /tmp on your gitosis server
3 ) Add <git-administrator>'s ssh key to gitosis.
sudo -H -u git gitosis-init < /tmp/id_rsa.pub
4 ) At the git-administrator machine:
git clone git@YOUR_SERVER_HOSTNAME:gitosis-admin.git
cd gitosis-admin
You will now have a gitosis.conf file and keydir/ directory:
From this point on, you don’t need to be on your server.
All configuration takes place locally and you push the changes to your server when you’re ready for them to take effect.
Creating new repositories
Open up gitosis.conf and notice the default configuration:
[gitosis]
[group gitosis-admin]
writable = gitosis-admin
members = yourusername
Your “members” line will hold your key filename (without the .pub extension) that is in keydir/.
In my example, it is “jdoe”, but for you it’ll probably be a combination of your username and hostname.
To create a new repo, we just authorize writing to it and push from an authorized client. To do so, add this to gitosis.conf:
[group myteam]
members = jdoe
writable = free_monkey
This defines a new group called “myteam”, which is an arbitrary string.
“jdoe” is a member of myteam, note that his correspondent jdoe.pub is in keydir.
jdoe will have write access to the “free_monkey” repo.
Save this addition to gitosis.conf, commit and push it:
git commit -a -m "Allow jdoe write access to free_monkey"
git push
Now the user “jdoe” has access to write to the repo named “free_monkey”, but we still haven’t created a repo yet.
What we will do is create a new repo locally, and then push it:
At the team member machine, e.g jdoe
mkdir free_monkey
cd free_monkey
git init
git remote add origin git@YOUR_SERVER_HOSTNAME:free_monkey.git
# do some work, git add and commit files
git push origin master:refs/heads/master
The repository “free_monkey” will be created on the server (in /home/git/repositories) and you’re ready to start using it like any ol’ git repo.
Adding users
The next natural thing to do is to grant some lucky few commit access to the FreeMonkey project. This is a simple two step process.
First, gather their public SSH keys, which I’ll call “alice.pub” and “bob.pub”, and drop them into keydir/ of your local gitosis-admin repository. Second, edit gitosis.conf and add them to the “members” list.
At the server
cd gitosis-admin
cp ~/alice.pub keydir/
cp ~/bob.pub keydir/
git add keydir/alice.pub keydir/bob.pub
Note that the key filename must have a “.pub” extension.
gitosis.conf changes:
[group myteam]
- members = jdoe
+ members = jdoe alice bob
writable = free_monkey
Commit and push:
git commit -a -m "Granted Alice and Bob commit rights to FreeMonkey"
git push
To test, at the client end:
git clone git@YOUR_SERVER_HOSTNAME:free_monkey.git
Alice and Bob will also have commit rights.
Public access
If you are running a public project, you will have your users with commit rights, and then you’ll have everyone else.
How do we give everyone else read-only access without fiddling w/ SSH keys?
We just use git-daemon. This is independent of gitosis and it comes with git itself.
sudo -u git git-daemon --base-path=/home/git/repositories/ --export-all
This will make all the repositories you manage with gitosis read-only for the public.
Someone can then clone FreeMonkey like so:
git clone git://YOUR_SERVER_HOSTNAME/free_monkey.git
To export only some repositories and not others, you need to touch git-daemon-export-ok inside the root directory
(e.g. /home/git/repositories/free_monkey.git) of each repo that you want public.
Then remove “–export-all” from the git-daemon command above.
SOURCE:
scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way/
shapeshed.com/setting_up_git_for_multiple_developers/
1 ) Install gitosis on the "server"
git clone github.com/res0nat0r/gitosis
cd gitosis
python setup.py install
sudo adduser --system --shell /bin/sh --gecos 'git version control' --group --disabled-password --home /home/git git
2 ) Generate an SSH key for the git administrator.
To generate an SSH key:
cd <git-administrator>
ssh-keygen -t rsa
The public key will be in $HOME/.ssh/id_rsa.pub.
Copy this file to /tmp on your gitosis server
3 ) Add <git-administrator>'s ssh key to gitosis.
sudo -H -u git gitosis-init < /tmp/id_rsa.pub
4 ) At the git-administrator machine:
git clone git@YOUR_SERVER_HOSTNAME:gitosis-admin.git
cd gitosis-admin
You will now have a gitosis.conf file and keydir/ directory:
From this point on, you don’t need to be on your server.
All configuration takes place locally and you push the changes to your server when you’re ready for them to take effect.
Creating new repositories
Open up gitosis.conf and notice the default configuration:
[gitosis]
[group gitosis-admin]
writable = gitosis-admin
members = yourusername
Your “members” line will hold your key filename (without the .pub extension) that is in keydir/.
In my example, it is “jdoe”, but for you it’ll probably be a combination of your username and hostname.
To create a new repo, we just authorize writing to it and push from an authorized client. To do so, add this to gitosis.conf:
[group myteam]
members = jdoe
writable = free_monkey
This defines a new group called “myteam”, which is an arbitrary string.
“jdoe” is a member of myteam, note that his correspondent jdoe.pub is in keydir.
jdoe will have write access to the “free_monkey” repo.
Save this addition to gitosis.conf, commit and push it:
git commit -a -m "Allow jdoe write access to free_monkey"
git push
Now the user “jdoe” has access to write to the repo named “free_monkey”, but we still haven’t created a repo yet.
What we will do is create a new repo locally, and then push it:
At the team member machine, e.g jdoe
mkdir free_monkey
cd free_monkey
git init
git remote add origin git@YOUR_SERVER_HOSTNAME:free_monkey.git
# do some work, git add and commit files
git push origin master:refs/heads/master
The repository “free_monkey” will be created on the server (in /home/git/repositories) and you’re ready to start using it like any ol’ git repo.
Adding users
The next natural thing to do is to grant some lucky few commit access to the FreeMonkey project. This is a simple two step process.
First, gather their public SSH keys, which I’ll call “alice.pub” and “bob.pub”, and drop them into keydir/ of your local gitosis-admin repository. Second, edit gitosis.conf and add them to the “members” list.
At the server
cd gitosis-admin
cp ~/alice.pub keydir/
cp ~/bob.pub keydir/
git add keydir/alice.pub keydir/bob.pub
Note that the key filename must have a “.pub” extension.
gitosis.conf changes:
[group myteam]
- members = jdoe
+ members = jdoe alice bob
writable = free_monkey
Commit and push:
git commit -a -m "Granted Alice and Bob commit rights to FreeMonkey"
git push
To test, at the client end:
git clone git@YOUR_SERVER_HOSTNAME:free_monkey.git
Alice and Bob will also have commit rights.
Public access
If you are running a public project, you will have your users with commit rights, and then you’ll have everyone else.
How do we give everyone else read-only access without fiddling w/ SSH keys?
We just use git-daemon. This is independent of gitosis and it comes with git itself.
sudo -u git git-daemon --base-path=/home/git/repositories/ --export-all
This will make all the repositories you manage with gitosis read-only for the public.
Someone can then clone FreeMonkey like so:
git clone git://YOUR_SERVER_HOSTNAME/free_monkey.git
To export only some repositories and not others, you need to touch git-daemon-export-ok inside the root directory
(e.g. /home/git/repositories/free_monkey.git) of each repo that you want public.
Then remove “–export-all” from the git-daemon command above.
SOURCE:
scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way/
shapeshed.com/setting_up_git_for_multiple_developers/