使用Gitolite搭建Git服务器

背景

搭建Git服务器作为代码管理工具。

搭建

软件安装

基于:

  • CentOS 7
  • Git 1.8.3
    直接用yum安装,如果需要最新版本,请编译安装。
    1
    yum install git -y

添加用户

添加一个新用户来跑git服务。

1
2
3
4
5
6
adduser git
# or
useradd -s /sbin/nologin -g git git
# /etc/passwd can checkout the users and group
w git
groups git

初始化仓库

选择目录并初始化仓库:

1
2
3
cd path/git
git init --bare project.git
chown -R git project.git

禁用远程登陆

禁止用户通过git账户登陆。

1
2
3
vim /etc/passwd
# modify the bash
git:xxxxxxxxx:/home/git:/usr/bin/git-shell

配置客户端key

客户端生成rsa key:

1
2
ssh-keygen -t rsa
cat .ssh/id_rsa.pub

将生成的id_rsa.pub复制到服务器上,修改.ssh/authorized_keys文件。

DONE

现在即可在本地进行check out

1
git clone git@ip:/path/git/project.git

使用Gitolite

背景

这是Git服务器管理软件,还有很多选择,自己决定。这里使用Gitolite

GitLab : GitLab includes git repository management, code reviews, issue tracking, wikis and much more. GitLab comes with GitLab CI, an easy to use continuous integration and deployment tool.
SCM-Manager : The easiest way to share and manage your Git, Mercurial and Subversion repositories over http.
Gerrit Code Review + Gitblit : Gerrit provides web based code review and repository management for the Git version control system. Gitblit is an open-source, pure Java stack for managing, viewing, and serving Git repositories. It’s designed primarily as a tool for small workgroups who want to host centralized repositories.
Gitolite + Git - Smart HTTP : Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many more powerful features.
Gogs : Gogs (Go Git Service) is a painless self-hosted Git service.
Gitorious : Run Gitorious yourself — get started with free, open source Git hosting and collaboration today.
Tuleap OR Tuleap Github : Traditional development, Requirement Management, Agile Development, IT Service management… Tuleap makes software projects more productive, collaborative and industrialized.
Phabricator OR phacility/phabricator : Phabricator is a collection of open source web applications that help software companies build better software.
gitbucket/gitbucket : GitBucket is a GitHub clone powered by Scala which has easy installation and high extensibility.
GitList OR klaussilveira/gitlist : GitList allows you to browse repositories using your favorite browser, viewing files under different revisions, commit history and diffs. GitList is free and open source software, written in PHP, on top of Silex and the Twig template engine.
cgit : A hyperfast web frontend for git repositories written in C.
mensi/cydra : SEEMS DEAD. Cydra is a platform for project hosting written in Python. It has an extensible architecture to facilitate integration of 3rd party software such as version control systems and project management tools.
tv42/gitosis : SEEMS DEAD. Manage git repositories, provide access to them over SSH, with tight access control and not needing shell accounts.
jakubgarfield/Bonobo-Git-Server : Bonobo Git Server for Windows is a web application you can install on your IIS and easily manage and connect to your git repositories.

安装前

  1. 安装git
  2. 创建git用户组和git用户
  3. 创建管理员密钥
  4. 将公钥上传到git服务器中

其中,创建管理员密钥:

1
ssh-keygen -t rsa -C "git-admin"

并将git-admin.pub上传到服务器(可使用scp,如有问题,可能是firewall问题)。

安装

  1. 创建git用户下bin目录
  2. clone gitolite并安装
  3. 使用公钥初始化gitolite

Gitolite安装很简单,可以查看官方文档:

1
2
3
4
5
6
7
8
su git
mkdir -p ~/bin

git clone git://github.com/sitaramc/gitolite
gitolite/install --help
gitolite/install -ln ~/bin
# make sure you have the path in $HOME/bin
source .bash_profile

初始化gitolite:

1
gitolite setup -pk git-admin.pub

添加gitolite用户和仓库

不需要手动在git服务器中添加新用户或新仓库。因为gitolite的用户,仓库和权限规则是使用一个名为gitolite-admin的特殊仓库进行维护,需通过修改该仓库并合并push到服务器中。

1
git clone git@host:gitolite-admin

Clone后,看到两个目录confkeydirconf/gitolite.conf用于修改仓库及用户权限,keydir用于存放用户公钥。
新增hwangjr用户:

  1. 将其公钥(hwangjr.pub)添加到keydir目录
  2. 修改conf/gitolite.conf文件,新增仓库和用户权限:
    1
    2
    3
    4
    repo project
    RW+ = hwangjr

    # 或者使用其他权限:RW, R等

修改完上传服务器即可:

1
2
3
4
git add conf
git add keydir
git commit -m 'add repo project, add user hwangjr'
git push

PUSH成功之后,服务器会自动创建新的仓库并将用户密钥加入.ssh/authorized_keys文件中。

更多配置

gitolite权限管理很完备,在此给出一些配置方案:

1
2
3
4
5
6
7
repo project
RW+ = hwangjr
- master = hwangjr
- refs/tags/v[0-9] = hwangjr
RW = hwangjr
RW refs/tags/v[0-9] = hwangjr
R = hwangjr

上面配置即:

  • RW+ : 能够对仓库进行所有的操作。
    • master : 能够创建和推送任何名字不为master的分支,并能够添加任何不以v+数字开头的tag。
    • refs/tags/v[0-9] : 能够添加任何以v+数字开头的tag。
  • R : 能够进行clone和fetch操作。

还可以添加组进行管理(@all为特殊组,表示所有用户):

1
2
3
4
5
6
7
8
9
10
@staff      =   hwangjr hwangjr1 hwangjr2
@interns = hwangjr
@all-devs = @staff @interns

repo secret
RW = @staff

repo project
RW+ = @staff
RW = @interns

更多查看:gitolite all-in-one page

QUESTION

安装过程遇到cant locate Data/Dumper.pm

在安装过程中,可能会遇到错误:

1
2
3
4
5
gitolite/install -h
Can't locate Data/Dumper.pm in @INC (@INC contains: /home/git/gitolite/src/lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /home/git/gitolite/src/lib/Gitolite/Common.pm line 61.
BEGIN failed--compilation aborted at /home/git/gitolite/src/lib/Gitolite/Common.pm line 61.
Compilation failed in require at gitolite/install line 15.
BEGIN failed--compilation aborted at gitolite/install line 15.

这是因为缺少包:

1
yum install perl-Data-Dumper

Clone gitolite-admin时提示需要输入密码

在clone gitolite-admin时,会提示输入密码:

  1. 在服务端生成rsa key
  2. 在服务端进行clone

此时会出现此错误,使用其他机器即可(需要复制rsa key到其他机器)。

Ref

Fedora 20 安装gitolite
sitaramc/gitolite
install and setup
centos git服务器安装与gitolite用户权限管理 - 思迁