Gitosis is a wonderful little system to manage Git repositories, providing access over SSH, with tight access control and using only one shell account.
The installation instructions provided with the README.rst, and the Hosting Git article by Garry Dolley provide you most of what you need to install it. But they cover the most basic installation where everything is in your system
My setup is not standard at all, so the process needs to be tweaked a bit.
Although not mentioned, Gitosis requires a recent version of Python (at least more recent than my system 2.3.4) and
setuptools (also missing from my system).
I choose to compile all the dependencies. To isolate this as much as possible, I created an account
gitdeps to hold all the stuff I need to run Gitosis.
I logged in as
gitdeps and did:
# make sure other users can use this commands chmod 711 $HOME mkdir src && cd src # Install Python wget http://www.python.org/ftp/python/2.5.2/Python-2.5.2.tgz tar zxf Python-2.5.2.tgz cd Python-2.5.2 ./configure --prefix=$HOME make make install cd .. export PATH=$HOME/bin:$PATH # Install setuptools wget http://peak.telecommunity.com/dist/ez_setup.py python ez_setup.py # Install Git wget http://kernel.org/pub/software/scm/git/git-18.104.22.168.tar.gz tar zxf git-22.214.171.124.tar.gz cd git-126.96.36.199 ./configure --prefix=$HOME make make install cd .. # Install Gitosis git clone git://eagain.net/gitosis.git cd gitosis python setup.py install
You should have all the software needed to run Gitosis now.
The rest of the installation is pretty simple. You need a couple of things:
- choose a directory to hold all the files: we will assume
/home/gitbut you can use whatever you want;
- a user account for the system: usually this user is
git. You can have several Gitosis installations in the same server, each one using a different user;
- the SSH public key of the user that will be the initial administrator of Gitosis.
To create the
git user, you should use the proper tool for your operating system. The
README.rst provides the command to run on a Debian-like system. I'm using CentOS so the command is this:
# As root useradd \ -s /bin/sh \ -c 'git version control' \ -r \ -d /home/git \ git mkdir -p /home/git chown git:git /home/git
After this, you just need to initialize the Gitosis system. Do:
# As root PATH=/home/gitdeps/bin:$PATH export PATH sudo -H -u git gitosis-init < /path/to/gitosis_admin_ssh_public_key.pub
You should see two lines of output:
Initialized empty Git repository in /home/git/repositories/gitosis-admin.git/ Reinitialized existing Git repository in /home/git/repositories/gitosis-admin.git/
On a standard system, that would be it. But we have all the binaries in a non-standard directory,
/home/gitdeps/bin. To make sure that they are found, we need to tweak the SSH instalation.
First, you need to create a SSH environment file with the proper PATH to use:
# as root echo "PATH=/home/gitdeps/bin:/bin:/usr/bin:/usr/local/bin" > ~git/.ssh/environment chown git:git ~git/.ssh/environment chmod 400 ~git/.ssh/environment
Then you need to make sure that your sshd is configured to read the file. Edit the
/etc/ssh/sshd_config file. There are two settings you must check:
PermitUserEnvironment: must be
UseLogin: must be
yes, proceed with caution. You might break ssh service for other users. One alternative (left as an exercise to the reader) is to use a separate sshd just for the
Restart your sshd. And we are done.
To manage Gitosis, you clone the
gitosis-admin.git repository. Inside your local copy, you'll find a
gitosis.conf and a
keydir/ directory with the public keys of all the users, in the format
# on your laptop/desktop git clone [email protected]:gitosis-admin.git cd gitosis-admin ls -la * -rw-rw-r-- 1 melo staff 91 Sep 20 15:44 gitosis.conf keydir: total 8 -rw-rw-r-- 1 melo staff 666 Sep 20 15:44 [email protected]
Have the appropriate amount of fun.