Archive

Archives pour 05/2019

Gitolite setup and configuration

Gitolite: setup and basic configuration

Gitolite: setup and basic configuration

1 Presentation

Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many more powerful features. It is a simple and lightweight solution.

The key concepts are:

  • Works over ssh (and also http but it is more complicated).
  • Uses a configuration files to define repositories and set user rights on them (no access, read, write, creation…).
  • Only one ssh account will be used (the one of the « hosting » user – see below) to connect to the git server.

2 How it works

  • A « hosting » user (I will call it gitolite user) will be created during the installation process. It will own the repositories.
  • An admin account will be used to manage the users and the rights. This account can be on the git server or on a remote machine and can already exist.
  • Every user that is allow to access to the repository should provide a public ssh key:
    • The admin account will add this user to gitolite (see below for more details).
    • The users added don’t need to have any account on the git server.

3 Setup

3.1 Software Installation

sudo aptitude install gitolite3     
  • A path to the public key will be asked. You should provide a public key that will be used for the admin account. It can be an existing user on the git server machine or a remote one.
  • By default, everything will be create in /var/lib/gitolite3.
  • A user gitolite3 (the gitolite user) will be created.

If you want to use a different user (let’s say gitolite-user) and hence another home directory, you can do this:

sudo mv /var/lib/gitolite3 /home/gitolite-user
sudo usermod --home /home/gitolite-user gitolite3
sudo usermod -l gitolite-user gitolite3
sudo groupmod gitolite3 -n gitolite-user

3.2 Get the admin account

  • Log in as the admin user (the user corresponding to the public key you provided during the installation.
  • Run: git clone <gitolite-user>@<git-server>:gitolite-admin
  • In ~/gitolite-admin two sub-directories will be created:
    • conf/: there is a file named gitolite.conf where the users and the repositories will be set up.
    • keydir/: where the public keys of the users that will access to the repositories will be added.

4 Allowing users to access to the repositories

  • In ~/gitolite-admin/keydir, add the public key for the user you want to add. It should be named username>.pub. This username will be used for the access rights in the configuration file.
    • Note that you can add several keys for the same user, e.g. keydir/wks/<username>.pub, keydir/laptop/<username>.pub.
    • This user doesn’t need to have a real account on the git server.
  • Commit (and push the changes): git add -A ; git commit -m "Add user <username>" ; git push
  • By doing that, the public key <username.pub> will be automatically added by gitolite to the file ~.ssh/authorized_keys/ of the gitolite user (by default gitolite3). This file shouldn’t be changed manually!

5 Import an existing repository

Note that the directory that we want to import should be a git bare directory.

  • On the git server:
    • Log in as the gitolite user.
    • Copy the existing repository to ~/repositories. Make sure the owner is the gitolite user, e.g.: cp /path/original/repository.git ~/repositories/my_repository.git
    • In ~/repositories/my_repository.git, run:

      gitolite compile
      gitolite setup --hooks-only
      gitolite trigger POST_COMPILE
      
  • On the machine where the gitolite-admin user lives:
    • Add the new repository to ~/gitolite-admin/conf/gitolite.conf, for example:

      repo my_repository
        RW+       =   @all
      
    • Commit changes: git commit -m "Add repository my_repository" gitolite.conf ; git push

6 Create a new (empty) repository

  • Log in as the gitolite-admin user.
  • Add the new repository to ~/gitolite-admin/conf/gitolite.conf, for example:

    repo my_repository
      RW+       =   @all
    
  • Commit changes: git commit -m "Add my_repository repository" gitolite.conf ; git push.
  • This will automatically create a new repository (my_repository.git) in the directory ~/repositories of the gitolite account (on the git server).

7 Remove an existing repository

  • Log in as the gitolite-admin user.
  • Remove the repository in ~/gitolite-admin/conf/gitolite.conf.
  • Commit changes: git commit -m "Remove repository" gitolite.conf ; git push.
  • Go to the directory ~/repositories of the gitolite account (on the git server) and remove the directory.

8 Clone on a local machine

It consists in executing a git clone as usual. Note that the public key of the current user should have been previously added to the gitolite keydir/ directory (see this section).

git clone <gitolite-user>@<git-server>:<repository>

Please note that the repository name shouldn’t have a .git extension.

9 Setting email notifications

Original article

  • The first requirement is that your git server can send emails (you can install ssmtp or exim4 for example).
  • On the git server (in the git user directory), copy email hook files:

    cd ~/.gitolite/hooks/common
    cp /usr/share/doc/git/contrib/hooks/post-receive-email post-receive
    
  • Edit /etc/gitolite3/gitolite.rc and change this part:

    #GIT_CONFIG_KEYS => '', # ORIGINAL
    GIT_CONFIG_KEYS => '.*', # EDIT TO THIS
    

    See the specific variables documentation for more information.

  • On the machine where the gitolite-admin user lives:
    • Edit ~/gitolite-admin/conf/gitolite.conf and add email information, for example:

      repo my_repository
      ...
         config hooks.mailinglist = person@example.com
         config hooks.emailprefix = "[gitolite my_repository] "
      
    • Commit changes: git commit -m "Add repository my_repository" gitolite.conf ; git push
  • To test, as a normal user, do changes in a file of the my_repository directory, commit and push the modifications. An email should be sent to the « mailing-list »!
Categories: Informatique Tags: .: git