Gitolite

  • Description: Git user access control
  • Package: gitolite-git
  • Config repo: gitolite-admin.git
  • Config path:
  • User and group: git:git
  • Upstream docs: Github

Preliminaries

NEVER USE MIRRORS - That feature uses post-receive which we use for deploy.

Things to do,

  • make user git's $HOME at /var/git
  • update !hooks to new directory locations
  • update symlinks in /etc/lighttpd
  • patch awbot

Stuff to watch out for in the future,

  • some repos may get commits from programs on the server
    can set them to read only for everyone
  • decide on a channel dedicated for dev work
    update /etc/awbot.conf

Install and Set-up

  1. install gitolite-git
  2. sudo chown git:git /var/git ; sudo usermod -d /var/git git
  3. sudo -u git gitolite setup -pk /home/fsckdaemon/fsckd.pub
  4. sudo -u git mkdir /var/git/worktrees
  5. on my machine, create git@archwomen profile in ssh config and git clone git@host:gitolite-admin
    which came out to be git clone awgit:gitolite-admin

After that, add new users and new repos.

The admin key (in ~/.ssh) is not used to authenticate anyone. If necessary, a new one can be added using gitolite setup -pk id_rsa.pub. One copy is put in /var/git/.ssh/authorized_keys and the other in gitolite-admin.

Updating

  1. install latest gitolite-git
  2. cd /var/git
  3. sudo -u git gitolite setup

To check, from your own machine run ssh git@archwomen.org help.

SSH Config

Those with shell access need to make a second profile in ~/.ssh/config.

Host gitolite.archwomen.org
HostName archwomen.org
User git
IdentityFile /path/to/private/key

gitolite.archwomen.org is fake. When trying to connect to that, SSH will instead connect to the address in HostName. IdentityFile is if the key file is located somewhere other than the usual.

Example: git clone gitolite.archwomen.org:gitolite-admin

List Repositories

  ssh git@archwomen.org info

aw-tech/gitolite.txt · Last modified: 2014/11/12 19:49 by meskarune