This is a step by step HOWTO to host git repositories using gitosis on a Centos 5.2 box.
Step 1 – (On your server)
Install python-setuptools on your server, you’ll need it to install gitosis.
yum -y install python-setuptools
Step 2 – (On your server)
Install git. You’ll need the DAG RPM repository for this one.
- Red Hat Enterprise Linux 5 / i386:
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
- Red Hat Enterprise Linux 5 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
yum -y install git
Step 3 – (On your server)
git clone git://eagain.net/gitosis.git
(it should download stuff and create a gitosis directory)
python setup.py install
Step 4 – (On your server)
Make a user called git.
Give your new user git a password.
Step 5 – (On your client)
The whole point of gitosis is to transfer files via ssh using a shared key process (ie: no password required to login to user git on your server). Now before you go and start doing it the manual way – don’t. Gitosis must create and maintain the authorized_keys file.
As your normal user on your client/development box:
ssh-keygen -t rsa (take the defaults)
There is now a new file called id_rsa.pub in ~/.ssh/
Copy the id_rsa.pub file to the server:
scp ~/.ssh/id_rsa.pub git@someServer.com:/home/git/
Step 6 – (On your server)
I’m assuming you’re still root on the server.
Change to the git user.
gitosis-init < id_rsa.pub
It should reply with Initialized empty Git repository in ./ – twice..
We can now remove id_rsa.pub as we don't need it anymore.
Now we must set some directory and file permissions to let sshd see the new authorized_keys file.
chmod 755 /home/git
chmod 700 /home/git/.ssh
chmod 644 /home/git/.ssh/authorized_keys
Step 7 – (On your client)
We're pretty much done server side. Now we're going to configure the server via the client.
Although I assume this is obvious, you need to install git on your client machine.
git clone git@someServer.com:gitosis-admin.git
You should see a gitosis.conf file and keydir directory. Here's the thing, anything you need to configure on the server, you actually configure here and commit the changes to the server. Open up gitosis.conf in your favorite text editor
Make a new group name for your project. It really doesn't matter what you name this group. Add users to the member section who will need push access.
members = (copy and paste the user from the members = line in the [group gitosis-admin] section)
writable = myNewProject
Save the file. Why did we use that members=user@someServer.com? If you look in the keydir directory, you'll see your public key with the filename user@someServer.com.pub. These are your users (minus the .pub).
Step 8 – (On your client)
You've just made a configuration change. You want the server to allow user@someServer.com to have write access to a project called myNewProject. You must commit this change to the server.
git commit -a -m "Allow the machine I am on right now write access to myNewProject"
Now it's time to make the directory that will contain your project files. Move up out of the gitosis-admin directory.
git remote add origin git@someServer.com:myNewProject.git
Add your files, move some files, create some files. Put some files in the myNewProject directory.
Now we can commit the initial push to the server.
git add .
git commit -a -m "This is my initial commit for myNewProject"
git push origin master:refs/heads/master
Git will do some neat things and push things to the server. Now to delete the directory you just created.. Yeah, I said it.
rm -fr myNewProject
And now to pull myNewProject from the server using clone..
git clone git@someServer.com:myNewProject
Now you have a version of your code you can actually use, make changes and commit to the server using normal git commands.
As of now, you have a fully functioning git server with a project and a client that can make changes. But what about other people?
Step 9 – (On your client)
So your friend Bob wants to help you out with myNewProject. Have Bob generate his own id_rsa.pub and send it you. When you have it:
Assuming Bob's id_rsa.pub is in your home directory, move it to the key directory renaming it at the same time:
mv ~/id_rsa.pub keydir/bob.pub
Tell git about the new file:
git add keydir/bob.pub
Edit your gitosis.conf file again. Look for the members line in myNewProject and add Bob to it:
members = user@someServer.com bob
Now you could add bob to be in the gitosis-admin group if you wanted him to be able to do what you're doing now. How much do you trust Bob?
Save the file and quit. It's time to tell your server about Bob and send Bob's public key.
git commit -a -m "Added commit rights to Bob on myNewProject"
The server will automatically add Bob's public key to authorized_keys. Do not attempt to add him manually.
Step 10 -
Do a little dance, you're done.