Setting Up Gitosis On Ubuntu

Want to support HowtoForge? Become a subscriber!
 
Submitted by jgoulah (Contact Author) (Forums) on Thu, 2009-11-05 12:05. :: Ubuntu

Setting Up Gitosis On Ubuntu

Overview

This article is part one of a two part series that covers setting up a hosting server using gitosis for your central repository, and in the next article, taking an existing SVN repository and running the appropriate scripts and commands necessary to migrate it into something git can work with.

So this article is how to setup and manage a git repository. There are some great services out there than can do this for you, but why pay money for something you can easily do for free? This article shows how to setup and manage a secure and private git repository that people can use as a central sharing point.

 

Setting Up Gitosis

Gitosis is a tool for hosting git repositories. Its common usage is for a central repository that other developers can push changes to for sharing.

First clone the gitosis repository and run the basic python install. You just need the python setuptools package

sudo apt-get install python-setuptools

And then you can easily install it:

git clone git://eagain.net/gitosis.git
cd gitosis
sudo python setup.py install

Next you need to create a user that will own the repositories you want to manage. You can put its home directory wherever you want, but in this example we'll put it in the standard /home location.

sudo adduser --system --shell /bin/sh --gecos 'git version control' --group --disabled-password --home /home/git git

Then you must create an ssh public key (or use your existing one) for your first repository user. We'll use an init command to copy it to server and load it. If you don't have a public key you can create one with ssh-keygen like so

ssh-keygen -t dsa

Then gitosis-init is for the first time only, loads up your users key, and goes like this:

sudo -H -u git gitosis-init < ~/.ssh/id_dsa.pub

Here it doesn't hurt to make sure your post-update hook has execute permissions.

sudo chmod 755 /home/git/repositories/gitosis-admin.git/hooks/post-update

Now you can clone the gitosis-admin repository, which is used to manage our repository permissions.

git clone git@YOUR_SERVER_HOSTNAME:gitosis-admin.git
cd gitosis-admin

Now you can see you have a gitosis.conf file and a keydir directory

$ ls -l
total 8
-rw-r--r-- 1 jgoulah mygroup 83 2009-10-31 20:44 gitosis.conf
drwxr-xr-x 2 jgoulah mygroup 4096 2009-10-31 20:44 keydir

The gitosis.conf file holds group and permission information for your repositories, and the keydir folder holds your public keys.

If I look in there I see my public key was imported from our earlier gitosis-init command:

$ ls -l keydir/
total 4
-rw-r--r-- 1 jgoulah mygroup 603 2009-10-31 20:44 jgoulah.pub

So open up gitosis.conf and you should already see you have an entry for the gitosis-admin repository that we just cloned. The gitosis-init command above setup the access for us. From now on we can just crack open gitosis.conf and edit the permissions, commit and push back to our central repository.

If I wanted to create a new project for a repository called pizza_maker it would look something like this.

[group myteam]
members = jgoulah
writable = pizza_maker

Don't forget the members section is the name of your public key file without the .pub at the end. If your key was named XYZ.pub then your member line would have XYC here.

git commit -a -m "Create new repo permissions for pizza_maker project"
git push

As a reminder the second part of this series will show an svn to git import. For now lets assume we are starting from scratch. We'd create our project like this:

cd && mkdir pizza_maker
cd pizza_maker
git init
git remote add origin git@YOUR_SERVER_HOSTNAME:pizza_maker.git
git add *
git commit -m "some stuff"
git push origin master:refs/heads/master

The only other thing to know is if you want to grant another user access to your repository. All you have to do is add their public key to the keydir folder, and then give the user permissions by modifying gitosis.conf.

cd gitosis-admin
cp ~/otherdude.pub keydir/

 
[group myteam]
- members = jgoulah
+ members = jgoulah otherdude
  writable = pizza_maker

If you need to, you can also grant public access over the git:// protocol like so:

sudo -u git git-daemon --base-path=/home/git/repositories/ --export-all

Then someone can clone like:

git clone git://YOUR_SERVER_HOSTNAME/pizza_maker.git

 

Conclusion

This article showed how to setup gitosis, how to initialize your gitosis-admin repository, which is a unique concept in itself to use a repository to manage repositories, and it works rather well. We also went over how to create our own new git repository, and how to manage the access permissions through gitosis.conf. Part two of this series will explain how to port from your current SVN setup to a Git setup. This article was a prerequisite if you want to host your own private repository when you're converting from SVN to Git, and thats what we'll look at next time.


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by isomorphisms (not registered) on Sun, 2012-10-28 20:33.
$ git clone git://eagain.net/gitosis.git
Cloning into 'gitosis'...
fatal: unable to connect to eagain.net:
eagain.net[0: 50.56.185.182]: errno=Connection refused

Submitted by Tiago (not registered) on Wed, 2009-12-02 13:51.
My gitosis is working all good with my user.
But I found some issues when trying to add my friend to it.
I did as told, and added his public key in the gitosis-admin, also added him to the group, and so on.
but when he tries to clone on repository:

git clone git@myserver:project.git

he is asked about the git password (the git user from @myserver)
Was this supposed to happen?
Should I give this user the git private key, or did i miss something in the configuration?

I would like to give him only permission over the project listed inside the gistosis.conf

Submitted by Anonymous (not registered) on Mon, 2010-01-11 22:08.
I'm getting this too, under Debian.  For some reason I cannot fathom, the /srv/gitosis/.ssh/authorized_keys file is not being updated.  In the interim, you can edit it manually with your friend's key.
Submitted by Sitaram Chamarty (not registered) on Sat, 2009-11-07 11:16.

From the gitolite README:

Gitolite allows a server to host many git repositories and provide access to many developers, without having to give them real userids on the server. The essential magic in doing this is ssh's pubkey access and the authorized_keys file, and the inspiration was an older program called gitosis.

Gitolite can restrict who can read from (clone/fetch) or write to (push) a repository. It can also restrict who can push to what branch or tag, which is very important in a corporate environment. Gitolite can be installed without requiring root permissions, and with no additional software than git itself and perl. It also has several other neat features described below and elsewhere in the doc/ directory.

URLs:

http://github.com/sitaramc/gitolite

http://github.com/sitaramc/gitolite/blob/pu/README.mkd

http://github.com/sitaramc/gitolite/blob/pu/doc/3-faq-tips-etc.mkd#diff  -- differences from gitosis (a list that now has about 10 entries)

Disclaimer: I am the author of gitolite.  This means I'm biased :-)

Submitted by Suno Ano (not registered) on Fri, 2009-11-06 22:15.