Say you want to manage your own private Git repositories for a Project/Team/Company.
What are your options?
GitHub is very convenient, as is Bitbucket, or even your own installation of GitLab.
But, there is a place for simpler ways to administer your own private Git repositories, and keep your sources totally under your control.
—You lil’ control freak. ;)
Gitolite is small, simple and powerful.
User access control and repo creation are dead easy and just a git commit & git push away!
This guide will show you how to setup your own private Git infrastructure with Gitolite for easy repository and user management.
Read on!
Inventory
What do you need for this guide?
- A public server somewhere. If you don’t, you can get a VPS (Virtual Private Server) from Linode, DigitalOcean or similar providers.
- An account with access to
sudo.
Let’s assume a ~/.ssh/config with content like this:
Host git-server
# This is the IP for your VPS
HostName 123.123.123.123
Port 22
# This is the remote user
User yolo
Installation
First, let’s login on the remote machine; the one you want to setup Gitolite on.
Open a terminal and SSH into it:
ssh git-server
Then install git:
sudo apt install git
Now, add the user that will be in charge of managing the repos and enforce the access control rules, then disable its password access for security reasons:
sudo adduser git
sudo passwd -l git
On your local machine, open a new terminal and copy your public key to the remote machine:
scp ~/.ssh/id_rsa.pub git-server:
If successfully, you’ll have the id_rsa.pub file available on the remote machine in the$HOME directory for the remote yolo user.
It’s time to create the $HOME directory for the git user; then we’ll move theid_rsa.pub file to /home/git/.ssh/yolo.pub and adjust some permissions and directory ownership:
sudo mkdir -p /home/git/.ssh
sudo mv ~/id_rsa.pub /home/git/.ssh/yolo.pub
sudo chmod 700 /home/git/.ssh
sudo chown -R git:git /home/git/
Let’s impersonate the git user, then clone and install Gitolite:
sudo su git -l
git clone https://github.com/sitaramc/gitolite ~/gitolite
mkdir ~/bin
~/gitolite/install -to ~/bin
Exit the git user shell and re-login to make the commands we just installed in~/bin available to us.
Then setup Gitolite with yolo.pub as the admin key:
exit
sudo su git -l
gitolite setup -pk ~/.ssh/yolo.pub
exit
exit
Exit the remote machine —you’ll need to type exit twice, because you are two levels deep ( yolo => git ).
- DEBIAN NOTE
If the scripts in ~/bin aren't picked up automatically, you might need to create a ~/.bash_profile file and modify the $PATH by appending ~/bin to it like this:
export PATH=$PATH:~/bin
Ubuntu picks the scripts in ~/bin just fine.
Now let’s clone the gitolite-admin master repo:
git clone git@git-server:gitolite-admin ~/gitolite-admin
You are now able to create new repositories and give access to users using their public SSH keys!
Repositories and user management
Get the public keys from users that want Git access and put them in ~/gitolite-admin/keydir.
Name them accordingly (e.g. tom.pub and jerry.pub) since those names are the ones you are going to use to configure user access control.
New repository and user access
To create a new repository called yolo-project, give yourself permission to do_anything,_ then give read-write access to tom and jerry , open the~/gitolite-admin/conf/gitolite.conf file and put these lines in:
repo yolo-project
RW+ = yolo
RW = tom jerry
After that you’ll need to commit and push those changes to the remote gitolite-admin repo:
cd ~/gitolite-admin
git add .
git commit -m "Add new repo, add new keys, give access"
git push
That’s it, Gitolite will take care of creating the new repository, then gate access to it according to your specified rules.
Cloning the new repo
It’s as easy as:
git clone git@git-server:yolo-project
Now you can add content to it and use git as usual.
Upload an existing repository
What if you have an existing Git project and, want to upload that instead?
That’s also easy, cd into your existing repository and:
git remote add origin git@git-server:yolo-project
Test it out with:
git remote -v
Finally, push your commits and setup tracking for the master branch:
git push --set-upstream origin master
Congrats, we are finished! :D
Now you have a complete infrastructure for private Git repositories, and an easy way to manage them and their users.
It’s just a simple git commit & git push away!
Access control rules info
If you want to know which repos you have access to, try with this:
ssh git@git-server info
Top comments (0)