Git is a free distribution revision control initially created by Linus Torvalds for the Linux kernel development. Git is different from subversion in several was, a good solid reference for explanation can be found from a 2008 RailsConf talk on Git by Scott Chacon: (Link).

I will be using Gitosis for this setup, Gitosis is a tool written for Git that helps in the setup of secure access controlled repositories. It will manage multiple repositories under one user account on the host machine. Using SSH keys to identify users, your repositories will be securely accessed and controlled. One large advantage to Gitosis is that your users will not need shell accounts on the machine to access repositories, they will however speak to a singular account what will not allow arbitrary commands.

Git is very local in nature, with remote distributed features. One major thing to wrap your head around is that git resides on your machine and tracks files locally, so if you create a new file and want git to track that file you need to let git know through the add command. Git also has remote locations that give it the ability to push to a, you guessed it…, remote location. You can add many remotes, typically you will see the “origin” remote location in most projects, we will be using origin in this article.

Before you start with this, note that I will try to explain every step as best possible. Some of the other guides out there will lead you along without the explanation, do yourself a favor and avoid the temptation to try and do this quickly… understand as much of git as possible, it will save you time down the road.

Install Gitosis

first install git so that you can pull down gitosis, then navigate to your home and do the clone:

sudo apt-get install git-core
cd ~/
git clone git://eagain.net/gitosis.git

This will create a gitosis folder in your home directory, now to follow convention move the gitosis folder to the /usr/local:

sudo mv gitosis/ /usr/local

Now you need to navigate into the gitosis folder, install python, and run the setup.py file to complete the install:

cd /usr/local/gitosis
sudo apt-get install python-setuptools
sudo python setup.py install

Now we will create the git user, I specified its home directory to be /var/git so that the repositories are located where my other common files are (apache, mysql, etc):

sudo adduser
–system
–shell /bin/sh
–gecos ‘git version control’
–group
–disabled-password
–home /var/git
git

Now, since we are setting up access for just ourselves at first we need a public key from our machine. You should already be using key access for ssh, but if your not please head over to my ssh article and follow the steps to generate yourself a key. This key is for the client to access the server, some of the articles on setting this up are a little ambiguous about why the key needs to exist, for beginners this can be confusing. You need to upload your clients new key.pub file (which is probably named id_rsa.pub) to the server, put it some place like the /tmp directory.

Run this command to add your public key to the gitosis-admin project, that way you can check it out and configure git:

sudo -H -u git gitosis-init < /tmp/id_rsa.pub

Now for good measure, make sure the post-update hook is set to executable. This sometimes doesnt get set up correctly with older versions of the setuptools:

sudo chmod u+x /var/git/repositories/gitosis-admin.git/hooks/post-update

Now for configuring Git, and getting clients connected.

Git on the Client

Make sure you have git installed on your client:

sudo apt-get install git-core

Now navigate to a folder where  you will be checking out all of your repositories, and check out the gitosis-admin project:

cd /media/ARRAY/Dev
git clone git@<YOURSERVER>:gitosis-admin.git
cd gitosis-admin

The repository you just cloned contains all of the files needed to create repositories for your own projects. This project is also the gitosis configuration. You can modify how gitosis works by checking out this project, making changes then pushing it back to the server.

Adding Users

Users will all be using the git account (this is how gitosis works) to access your repositories. You need to add their public keys to the gitosis-admin project and modify the gitosis.conf. So collect the public keys from your contributors and place them in the gitosis-admin/keydir directory, then open up your gitosis.conf and modify it to add your new users.

When I started out I had access for a single user: storrgie@COLOSSUS, now I need to add my laptop… which is storrgie@ENYO and I also want to add a new group for my friends as we are working on a new project. Below shows you where I have added the new users and groups, compare this file with the default gitosis.conf file to see what I have changed:

[gitosis]

[group gitosis-admin]
writable = gitosis-admin web.andrewdunn
members = storrgie@COLOSSUS storrgie@ENYO

[group opensourcesoldiers]
members = storrgie@ENYO mka@samsara mrcakes@mrlaptop milman@rorlf

Now I dont have any repos for my friends to work on, so I have not set up the writable field for them. Now for this configuration gitosis will look in the keydir to find matching .pub key files for each of those names.

Lets add the files we want to commit:

git add keyfiles/storrgie@ENYO.pub mka@samsara.pub mrcakes@mrlaptop.pub milman@rorlf.pub
git add gitosis.conf
git commit
git push

Now my friends have access to my server, but I need to set up a repository for them to work on. I’ll show you how I added my personal website as a repository instead though.

Creating New Repositories

To create a new repository we must first add some information to the gitosis-admin project. You already have the projected checked out locally so you can make your changes and push  Below shows you where I have added my website as a git project, compare this file with the default gitosis.conf file to see what I have changed:

[gitosis]

[group gitosis-admin]
writable = gitosis-admin web.andrewdunn
members = storrgie@COLOSSUS storrgie@ENYO

[repo web.andrewdunn]
gitweb = no
description = Andrew Dunn website
owner = Andrew Dunn
daemon = no

So I have added a repo, with a name. I have specified that there is no gitweb access and no daemon access. The description and owner fields are used by gitweb, I have included them in case I want to enable gitweb at a later point. Notice also that I have added web.andrewdunn to the writable list under gitosis-admin.

Now that we have changed the gitosis.conf file lets go ahead and push it up to the repository. You need to add the file to the changes you want to commit, then do a commit to get everything ready, then perform a push:

git add gitosis.conf
git commit
git push

Notice the git add, you have to let git know what changes you are adding to the commit. If you are lazy like me, you can just do a “git add .” and it will add all the changes from the tracked files. If you create a new file, you have to do a git add to let git know its tracking that file.

Now lets go to the folder you want to push as a repository and get everything straitened out there. You will need to first initialize the folder as a git repository, then add the files you want git to track. In this case I am going to to add all of the files, you can track individual files if you want to add them individually.

cd web.andrewdunn
git init
git add .
git remote add origin git@<YOURSERVER>:web.andrewdunn.git

Now we have done several things, we have initialzed the project and added all the files in the web.andrewdunn directory to be tracked. We have also added a remote location named origin, you can check these by running the “git remote show” command.

Now we want to commit and push the project, and specify that this is the master for the repository:

git commit
git push origin master

Now you should see the project get compressed and pushed to your remote source control server.

Public Access

So if you are running a public project, you have users who are key authenticated to commit to your project but need anonymous clone access, git-daemon will handle the need. Git-daemon comes with git itself, not with gitosis. Go inside each of the repositories that you want to give public access to and create a new file:

cd publicproject
touch git-daemon-export-ok
sudo -u git daemon –detach –verbose –base-path=/var/git/repositories

Alternatively you can export all of your projects with this command:

sudo -u git git-daemon –base-path=/var/git/repositories/ –export-all

Non-standard SSH port access

If you are running your ssh daemon on a non-standard port, using the syntax: git@<YOURSERVER>:<PORT>:repository.git will cause problems. To avoid this you need to add a host to your /etc/ssh/ssh_config file:

Host <YOURSERVER>
Port <PORT>
IdentityFile ~/.ssh/id_rsa
Protocol 2

Conclusion

I initially struggled with this setup, however after learning a little more by trolling their IRC and reading some of their documentaiton git turned out to be very interesting. Expect this setup to take a couple minutes, its not going to be like a deploy-able deb file or something you install from the repositories with minimal configuration effort. The time it really takes to get gitosis running is rather slim once you understand what your doing.

Good luck with your projects!

Resources

Gittutorial(7) Manual Page (Kernel.org)

Git for Computer Scientists (eagain.net) — The original author of gitosis

Hosting Git repositories, The Easy (and Secure) way (scie.nti.st)

This entry was posted on Friday, May 1st, 2009 at 5:18 pm and is filed under Development Environments, Networking. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.