gitosis setup step-by-step

GIT This is the first post of the git series - small useful tips for the everyday git.

This tutorial is about Gitosis setup. From the project’s readme:

Gitosis aims to make hosting git repos easier and safer. It manages multiple repositories under one user account, using SSH keys to identify users. End users do not need shell accounts on the server, they will talk to one shared account that will not let them run arbitrary commands.

For this recipe, we will use some conventions:

  • user@local$ for commands that should be run at your local machine.
  • user@srv$ for commands that should be run at your server.
  • git@srv$ for commands that should be run with the git user (we’ll create this later, delete this user or use another name if you already has it on your server).
  • all root access will be done through sudo.
  • lines ending with \ must be typed in one line

We will need a linux server; my setup will be based on a ubuntu system, but you can use almost any *nix flavor.

You will need to have an ssh server installed as pre-requisite - run sudo apt-get install ssh to install it. (thanks DJC)

  1. Install Compilation Tools & required libs for git

    user@srv:~$ sudo apt-get install build-essential libssl-dev \
    zlib1g-dev libcurl4-openssl-dev libexpat-dev
  2. Download & uncompress Git sources

    user@srv:~$ wget http://kernel.org/pub/software/scm/git/git-
    user@srv:~$ tar -jxvf git-
  3. Build & install git

    user@srv:~$ cd git-
    user@srv:~/git-$ make prefix=/usr/local NO_TCLTK=1 all
    user@srv:~/git-$ sudo make prefix=/usr/local NO_TCLTK=1 install
    user@srv:~/git-$ cd 
  4. Install required python libs

    user@srv:~$ sudo apt-get install python-setuptools
  5. Download & install gitosis

    user@srv:~$ git clone git://eagain.net/gitosis.git
    user@srv:~$ cd gitosis
    user@srv:~/gitosis$ sudo python setup.py install
  6. Create our git user

    user@srv:~$ sudo useradd -s /bin/bash -U -d /var/lib/git -m -r git
  7. Generate the gitosis-admin ssh key (if you don’t have one already)

    user@local:~$ ssh-keygen -t rsa -C user

    press enter for the default location, then provide it with a passphrase

    copy the generated public key to server

    user@local:~$ scp ~/.ssh/id_rsa.pub user@srv:/tmp/user.pub
  8. Log in as the newly created git user

    user@srv:~$ sudo su - git
  9. Initialize gitosis

    git@srv:~$ gitosis-init < /tmp/user.pub
    Initialized empty Git repository in /var/lib/git/repositories/gitosis-admin.git/
    Reinitialized existing Git repository in /var/lib/git/repositories/gitosis-admin.git/
  10. Adjust some permissions on admin repository

    git@srv:~$ chmod +x ~/repositories/gitosis-admin.git/hooks/post-update
  11. Clone the gitosis-admin repository

    user@local:~$ git clone git@srv:gitosis-admin.git
    Initialized empty Git repository in /home/user/gitosis-admin/.git/
    remote: Counting objects: 5, done.
    remote: Compressing objects: 100% (4/4), done.
    remote: Total 5 (delta 0), reused 5 (delta 0)
    Receiving objects: 100% (5/5), done.
  12. VoilĂ ! Your gitosis setup is working! Let’s take a look at gitosis’s structure:

  13. To finish our recipe, lets add a new user & a new repository
    Let’s call our new user john
    Get john’s ssh public key and put it inside keydir/john.pub
    Add to gitosis.conf:

    [group new-repo]
    writable = new-repo
    members = user john
  14. As gitosis is managed by git itself, let’s commit our changes:

    user@local:~/gitosis-admin$ git status
    # On branch master
    # Changed but not updated:
    #   (use "git add <file>..." to update what will be committed)
    #   (use "git checkout -- <file>..." to discard changes in working directory)
    # modified:   gitosis.conf
    # Untracked files:
    #   (use "git add <file>..." to include in what will be committed)
    # keydir/john.pub
    no changes added to commit (use "git add" and/or "git commit -a")
    user@local:~/gitosis-admin$ git add keydir/john.pub gitosis.conf
    user@local:~/gitosis-admin$ git commit -m "added new-repo + john keys"
    [master ad62139] added new-repo + john keys
     2 files changed, 4 insertions(+), 0 deletions(-)
     create mode 100644 keydir/john.pub
    user@local:~/gitosis-admin$ git push origin master
    Counting objects: 8, done.
    Compressing objects: 100% (5/5), done.
    Writing objects: 100% (5/5), 1.02 KiB, done.
    Total 5 (delta 0), reused 0 (delta 0)
    To git@srv:gitosis-admin.git
       bdc4dbc..ad62139  master -> master
  15. Finally, let john push his work to the shiny new repository:

    john@local2:~/new-repo$ git remote add origin git@srv:new-repo.git
    john@local2:~/new-repo$ git push origin master
    Counting objects: 3, done.
    Delta compression using up to 2 threads.
    Compressing objects: 100% (2/2), done.
    Writing objects: 100% (3/3), 241 bytes, done.
    Total 3 (delta 0), reused 0 (delta 0)
    To git@srv:new-repo.git
      * [new branch]      master -> master
  16. C’est fini! A complete setup running. Enjoy!
    If you have any questions / corrections, please comment!