blog dds: 2013.06.19 – How to Create Your Own Git Server

2014年2月8日 | By News | Filed in: News.

http://ift.tt/1b9yrNE

Comments: "blog dds: 2013.06.19 – How to Create Your Own Git Server"

URL: http://ift.tt/1b9yrNE

Although I’m a happy (also paying) user of GitHub’s offerings,
there are times when I prefer to host a private repository
on a server I control.
Setting up your own Git server can be useful
if you’re isolated from the public internet,
if you’re subject to inflexible regulations,
or if you simply want features different from those offered by GitHub
(and other similar providers).
Setting up a Git server on a Unix (Linux, Mac OS X, *BSD, Solaris, AIX)
machine isn’t difficult,
but there are many details to observe.
Here is a complete guide.

Through the following steps you can setup and use your own
Git server at a server, say myhost.example.com.
Some of the steps,
like email notifications, users with a restricted shell, and
access control for a particular group,
are optional depending on your requirements and the situation at hand.
For many of the commands you will need administrator (root) privileges,
so prefix them with sudo or (heaven forbid) run them
from within a root shell.

  • Create a group for those who will have read/write access to the repository.
    Depending on your operating system you can do this using the
    groupadd command, using vigr to edit
    the group file, or editing directly the file /etc/group.
    In the end you want to have a line like the following in the
    /etc/group file.

    repogroup:*:10005:marry,john,violet
    

    where
    repogroup is the name of the group that will get access to the
    specific repository,
    10005 is a unique group identification number,
    and marry,john,violet are the user identifiers of people
    that will get access to the repository.

  • Decide the directory where the git repositories will be located.
    This can be under your home directory (e.g. /home/yourname/gitroot)
    or in a dedicated directory
    (e.g. /var/gitroot).
  • Configure permissions so that git users can access that directory


    chmod g+rx /path-to/gitroot
    chown :grouprepo /path-to/gitroot

  • Create the new Git repository, say newrepo.


    cd /path-to/gitroot
    git init –bare newrepo.git

  • Setup the directory’s permissions to allow and propagate group access,
    and configure Git accordingly.


    cd newrepo.git
    chown -R :grouprepo .
    git config core.sharedRepository group
    find . -type d -print0 | xargs -0 chmod 2770
    find . -type f -print0 | xargs -0 chmod g=u

  • Configure commit email notifications, so that developers will receive an
    email with a summary of the changes when these are pushed to the repository.


    echo One-line project description >description
    git config –local hooks.mailinglist email-a@example.com,email-b@example.com,…
    git config –local hooks.emailprefix [DI-PR] 
    git config –local hooks.showrev "git show -C %s; echo"
    git config –local hooks.emailmaxlines 100

  • Setup a so-called hook to create these email notifications.


    cd hooks
    cp post-receive.sample post-receive
    chmod +x post-receive

  • Remove the comment character #
    from the last line of the post-receive script,
    so that it will be as follows.


    /path-to-hooks/post-receive-email

  • Prime your repository with a file.
    This is needed in order to avoid confusing your other users
    with a strange error message on their first commit.


    cd to-your-personal-working-directory
    git clone myhost.example.com:/path-to/gitroot/newrepo.git
    echo "Short project description" >README.txt
    git add README.txt
    git commit -a -m "Add README file"
    git push origin master # This first time only "origin master" args needed

  • Create accounts for the repository’s other users.
    Depending on your system you can do this with a command like
    useradd or
    adduser.
  • Set the users to access your host with a public/private key pair.
    This involves the following steps.

    • Users who already have such a key pair,
      just need to send you their public key.
    • Users who don’t have a key pair,
      must generate one using the command ssh-keygen
      (accepting the default responses),
      and send you the file .ssh/id_rsa.pub.
    • You must then install that key under their account
      by copying the public key they sent you into your clipboard,
      and running the following command sequence.


      sudo su – username
      mkdir -p .ssh
      cat >>.ssh/authorized_keys <<EOF
      paste-key-as-one-line
      EOF
      exit

  • Change user accounts to use a restricted shell.
    If you want the users you added to use your system only for Git,
    and not for general-purpose Unix processing,
    then set up their accounts to use Git’s restricted shell.
    Git provides such a restricted shell crafted exactly for the purpose
    of running only its server-end part.
    It is usually installed in
    /usr/libexec/git-core/git-shell
    or
    /usr/local/libexec/git-core/git-shell.
    Therefore, for each user you want to offer restricted access run a command
    like the following.


    sudo chsh -s /usr/libexec/git-core/git-shell username

  • Ask your users to clone the repository using a command like the following.


    git clone myhost.example.com:/path-to/gitroot/newrepo.git

You’re done!
Read and post comments   


Tags: ,

发表评论

电子邮件地址不会被公开。 必填项已用*标注