Simple git setup

SSH access

ppezzino@luna:~$ sudo adduser git
[sudo] password for ppezzino: 
Adding user `git' ...
Adding new group `git' (1001) ...
Adding new user `git' (1001) with group `git' ...
Creating home directory `/home/git' ...
....
ppezzino@luna:~$ su git
Password: 
git@luna:/home/ppezzino$ cd /home/
git/      ppezzino/ 
git@luna:/home/ppezzino$ cd /home/git/

On your host:

ppezzino@atlantide:~$ scp .ssh/id_rsa.pub git@192.168.0.52:/home/git
git@192.168.0.52's password: 
id_rsa.pub                                                                            100%  400    29.2KB/s   00:00    

Manually add the key on the server:

git@luna:~$ ls
id_rsa.pub
git@luna:~$ mkdir .ssh
git@luna:~$ cat id_rsa.pub >> ~/.ssh/authorized_keys

Test

Create an empty bare repo on the server:

git@luna:~$ mkdir test
git@luna:~$ cd test 
git@luna:~/test$ git --bare init project.git
Initialized empty Git repository in /home/git/test/project.git/

Create and push a project on the host:

ppezzino@atlantide:~/git-tests$ git init project
Initialized empty Git repository in /home/ppezzino/git-tests/project/.git/
ppezzino@atlantide:~/git-tests$ cd project/
ppezzino@atlantide:~/git-tests/project$ vi hello.txt
ppezzino@atlantide:~/git-tests/project$ git add hello.txt 
ppezzino@atlantide:~/git-tests/project$ git commit -m "added hello.txt"
[master (root-commit) 87a66dc] added hello.txt
 1 file changed, 1 insertion(+)
 create mode 100644 hello.txt
ppezzino@atlantide:~/git-tests/project$ git remote add origin git@192.168.0.52:/home/git/test/project.git
ppezzino@atlantide:~/git-tests/project$ git push origin master
Counting objects: 3, done.
Writing objects: 100% (3/3), 218 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To 192.168.0.52:/home/git/test/project.git
 * [new branch]      master -> master

Final setup

Remove complete bash access for user git:

ppezzino@atlantide:~$sudo vi /etc/passwd
git:x:1001:1001:git,,,:/home/git:/bin/bash -> git:x:1001:1001:git,,,:/home/git:/usr/bin/git-shell

Gitolite

Reenable temporarly bash access for user git:

ppezzino@atlantide:~$sudo vi /etc/passwd
git:x:1001:1001:git,,,:/home/git:/usr/bin/git-shell -> git:x:1001:1001:git,,,:/home/git:/bin/bash
ppezzino@luna:~$ sudo su - git
git@luna:~$ git clone https://github.com/sitaramc/gitolite
Cloning into 'gitolite'...
remote: Counting objects: 9513, done.
remote: Total 9513 (delta 0), reused 0 (delta 0), pack-reused 9513
Receiving objects: 100% (9513/9513), 3.00 MiB | 2.87 MiB/s, done.
Resolving deltas: 100% (5891/5891), done.
Checking connectivity... done.
git@luna:~$ mkdir bin
git@luna:~$ gitolite/install -ln /home/git/bin

// on your local host:
ppezzino@atlantide:~$ scp .ssh/id_rsa.pub git@192.168.0.52:/home/git/ppezzino.pub
id_rsa.pub                                                        100%  400   193.9KB/s   00:00    

// back on servegit@luna:~$ /home/git/bin/gitolite setup -pk ppezzino.pub 
Initialized empty Git repository in /home/git/repositories/gitolite-admin.git/
Initialized empty Git repository in /home/git/repositories/testing.git/
WARNING: keydir/ppezzino.pub duplicates a non-gitolite key, sshd will ignore it

Here we get an error, because in the previous chapter we already added the same key for direct git access. Usually the online guides suggest to simply create another key. Since we installed gitolite in order to manage users access, I think that it is better to remove the previous key from the .ssh/authorized_keys file and re-run the setup -pk command.

Start using it!

First you need to clone the admin repo on your local host, to avoid working directly on the server.

ppezzino@atlantide:~$ git clone git@192.168.0.52:gitolite-admin
Cloning into 'gitolite-admin'...
remote: Counting objects: 6, done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 6 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (6/6), done.

Add users:
Run git clone git@server:gitolite-admin.

Obtain pubkeys from each user; email, USB, DHL, pigeon post, owl mail, any method you like.

Rename each received file to the name of the user, add a “.pub” at the end, copy it into keydir/ in the gitolite-admin repo you cloned.

Run git add keydir, then git commit, then git push.

Editing the conf/gitolite.conf file you can add repos and set users permissions.

Note: after any change you have to commit it and pushing it to the remote repo.
Note2: remember to disable again full bash access for the user git

Moving server


Nothing in any of the gitolite install/setup/etc will ever touch the data in any repository except the gitolite-admin repo. The only thing it will normally touch is the update hook. So one fool-proof way of “moving” servers is this:

Clone the latest gitolite-admin repo from the old server to your workstation. Make sure you have an admin key that has RW+ rights to the gitolite-admin repo; you will need this later.

Install gitolite on the new server, using the same key for the admin as for the old server.

Copy the rc file from the old server, overwriting this one.

Disable* the old server so people won’t push to it.

Copy all the repos over from the old server. Make sure the files end up with the right ownership and permissions; if not, chown/chmod them.

The gitolite-admin repo already exists on the new server (it’s just a bare bones conf file). Do NOT overwrite it. (Not because it contains anything useful, but because the next step will then fail!)

Go to the clone you made in step 1, add a new remote (or change an existing one) to point to the new server, then git push -f to it.

Run gitolite setup on the server.

*Temporarily disabling the access can be done in different ways:
– with gitolite writable (Run gitolite writable -h for more info.)
– insert exit 1; at the top of ~/.gitolite.rc on the old server:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.