diff options
| author | Charles Cabergs <me@cacharle.xyz> | 2020-11-05 19:31:38 +0100 |
|---|---|---|
| committer | Charles Cabergs <me@cacharle.xyz> | 2020-11-05 19:33:30 +0100 |
| commit | 4a890dad70bed4fa158f0607ee44fa5f02502b9c (patch) | |
| tree | 87fa2607f503f025193d13ff5b06736062e01d34 /blog/git_server.html | |
| parent | 383fe7e3f29f366b504b6a3d4a52fd81cb0869b2 (diff) | |
| download | cacharle.xyz-4a890dad70bed4fa158f0607ee44fa5f02502b9c.tar.gz cacharle.xyz-4a890dad70bed4fa158f0607ee44fa5f02502b9c.tar.bz2 cacharle.xyz-4a890dad70bed4fa158f0607ee44fa5f02502b9c.zip | |
Added chat to utils list
Diffstat (limited to 'blog/git_server.html')
| -rw-r--r-- | blog/git_server.html | 78 |
1 files changed, 39 insertions, 39 deletions
diff --git a/blog/git_server.html b/blog/git_server.html index 010e6de..5a9423c 100644 --- a/blog/git_server.html +++ b/blog/git_server.html @@ -14,21 +14,21 @@ <h1 id="how-to-make-your-own-git-serverwebsite">How to make your own git server/website</h1> <h2 id="basic-ssh-server">Basic ssh server</h2> <p>Every repository on the server will be owned by a git user.</p> -<div class="sourceCode" id="cb1"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true"></a><span class="ex">useradd</span> -m git</span></code></pre></div> +<div class="sourceCode" id="cb1"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true" tabindex="-1"></a><span class="ex">useradd</span> -m git</span></code></pre></div> <p>Create a new directory to store the repositories owned by the git user.</p> -<div class="sourceCode" id="cb2"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb2-1"><a href="#cb2-1" aria-hidden="true"></a><span class="fu">mkdir</span> /srv/git</span> -<span id="cb2-2"><a href="#cb2-2" aria-hidden="true"></a><span class="fu">chown</span> git:git /srv/git</span></code></pre></div> +<div class="sourceCode" id="cb2"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb2-1"><a href="#cb2-1" aria-hidden="true" tabindex="-1"></a><span class="fu">mkdir</span> /srv/git</span> +<span id="cb2-2"><a href="#cb2-2" aria-hidden="true" tabindex="-1"></a><span class="fu">chown</span> git:git /srv/git</span></code></pre></div> <p>Login as the git user so the new repositories will be owned by him.</p> -<div class="sourceCode" id="cb3"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true"></a><span class="fu">su</span> git</span> -<span id="cb3-2"><a href="#cb3-2" aria-hidden="true"></a><span class="bu">cd</span> /srv/git</span></code></pre></div> +<div class="sourceCode" id="cb3"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true" tabindex="-1"></a><span class="fu">su</span> git</span> +<span id="cb3-2"><a href="#cb3-2" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> /srv/git</span></code></pre></div> <h3 id="creating-a-repository">Creating a repository</h3> <p>They will be stored as bare, meaning we will only store the <code>.git</code> folder not the actual files (called the <em>workspace</em>) to save space.<br /> It’s a convention to to suffix a bare repository with the <code>.git</code> extension.</p> -<div class="sourceCode" id="cb4"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true"></a><span class="fu">mkdir</span> repo.git</span> -<span id="cb4-2"><a href="#cb4-2" aria-hidden="true"></a><span class="bu">cd</span> repo.git</span> -<span id="cb4-3"><a href="#cb4-3" aria-hidden="true"></a><span class="fu">git</span> init --bare</span></code></pre></div> +<div class="sourceCode" id="cb4"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="fu">mkdir</span> repo.git</span> +<span id="cb4-2"><a href="#cb4-2" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> repo.git</span> +<span id="cb4-3"><a href="#cb4-3" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> init --bare</span></code></pre></div> <p>Or clone a distant one:</p> -<div class="sourceCode" id="cb5"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true"></a><span class="fu">git</span> clone --bare <span class="op"><</span>location<span class="op">></span></span></code></pre></div> +<div class="sourceCode" id="cb5"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> clone --bare <span class="op"><</span>location<span class="op">></span></span></code></pre></div> <blockquote> <p>Look at the content of a bare repository and the <code>.git</code> directory in a regular one to convince yourself that they’re the same.</p> </blockquote> @@ -38,26 +38,26 @@ It’s a convention to to suffix a bare repository with the <code>.git</code> ex Follow the steps and it will create <code>id_rsa</code> (private key) and <code>id_rsa.pub</code> (public key) in <code>~/.ssh</code>.<br /> On your server you append your <strong>public</strong> key to <code>/home/git/.ssh/authorized_keys</code></p> <p>At this point you should be able to login as the git user via ssh</p> -<div class="sourceCode" id="cb6"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb6-1"><a href="#cb6-1" aria-hidden="true"></a><span class="fu">ssh</span> git@<span class="op"><</span>host<span class="op">></span></span></code></pre></div> +<div class="sourceCode" id="cb6"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb6-1"><a href="#cb6-1" aria-hidden="true" tabindex="-1"></a><span class="fu">ssh</span> git@<span class="op"><</span>host<span class="op">></span></span></code></pre></div> <p>You can clone from your server.</p> -<div class="sourceCode" id="cb7"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true"></a><span class="fu">git</span> clone git@<span class="op"><</span>hostname<span class="op">></span>:/srv/git/<span class="op"><</span>reponame<span class="op">></span>.git</span></code></pre></div> +<div class="sourceCode" id="cb7"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> clone git@<span class="op"><</span>hostname<span class="op">></span>:/srv/git/<span class="op"><</span>reponame<span class="op">></span>.git</span></code></pre></div> <h2 id="better-server-interaction-with-git-shell">Better server interaction with git-shell</h2> <p>Permitting the git user to have a regular shell can be too permissive, we would like to restrict him to a few repository actions, like creation/deletion, importing (clone), listing.</p> -<div class="sourceCode" id="cb8"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true"></a><span class="bu">echo</span> <span class="va">$(</span><span class="fu">which</span> git-shell<span class="va">)</span> <span class="op">>></span> /etc/shells<span class="kw">`</span> # <span class="ex">Register</span> the git-shell as a valid shell</span> -<span id="cb8-2"><a href="#cb8-2" aria-hidden="true"></a><span class="fu">chsh</span> -s <span class="va">$(</span><span class="fu">which</span> git-shell<span class="va">)</span> git # Change the shell of the git user</span></code></pre></div> +<div class="sourceCode" id="cb8"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true" tabindex="-1"></a><span class="bu">echo</span> <span class="va">$(</span><span class="fu">which</span> git-shell<span class="va">)</span> <span class="op">>></span> /etc/shells<span class="kw">`</span> # <span class="ex">Register</span> the git-shell as a valid shell</span> +<span id="cb8-2"><a href="#cb8-2" aria-hidden="true" tabindex="-1"></a><span class="fu">chsh</span> -s <span class="va">$(</span><span class="fu">which</span> git-shell<span class="va">)</span> git # Change the shell of the git user</span></code></pre></div> <p>If you try to ssh as the git user, you will be greeted with something along the line of:</p> <pre><code>fatal: Interactive git shell is not enabled. hint: ~/git-shell-commands should exist and have read and execute access. Connection to <host> closed.</code></pre> <p>As suggested by the hint we have to create the directory <code>/home/git/git-shell-commands</code> and put the commands (executable) available to the git user.</p> -<div class="sourceCode" id="cb10"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb10-1"><a href="#cb10-1" aria-hidden="true"></a><span class="co">#!/bin/sh</span></span> -<span id="cb10-2"><a href="#cb10-2" aria-hidden="true"></a><span class="bu">[</span> <span class="va">$#</span> <span class="ot">-ne</span> 1<span class="bu"> ]</span> <span class="kw">&&</span></span> -<span id="cb10-3"><a href="#cb10-3" aria-hidden="true"></a> <span class="bu">echo</span> <span class="st">"Usage: </span><span class="va">$0</span><span class="st"> repository"</span> <span class="kw">&&</span> <span class="bu">exit</span> 1</span> -<span id="cb10-4"><a href="#cb10-4" aria-hidden="true"></a><span class="va">repo_path=</span><span class="st">"/srv/git/</span><span class="va">$1</span><span class="st">.git"</span></span> -<span id="cb10-5"><a href="#cb10-5" aria-hidden="true"></a><span class="bu">[</span> <span class="ot">-d</span> <span class="st">"</span><span class="va">$repo_path</span><span class="st">"</span><span class="bu"> ]</span> <span class="kw">&&</span></span> -<span id="cb10-6"><a href="#cb10-6" aria-hidden="true"></a> <span class="bu">echo</span> <span class="st">"</span><span class="va">$0</span><span class="st">: Error: </span><span class="va">$repo_path</span><span class="st"> already exist"</span> <span class="kw">&&</span> <span class="bu">exit</span> 2</span> -<span id="cb10-7"><a href="#cb10-7" aria-hidden="true"></a><span class="fu">mkdir</span> <span class="st">"</span><span class="va">$repo_path</span><span class="st">"</span></span> -<span id="cb10-8"><a href="#cb10-8" aria-hidden="true"></a><span class="fu">git</span> -C <span class="st">"</span><span class="va">$repo_path</span><span class="st">"</span> init --bare</span></code></pre></div> +<div class="sourceCode" id="cb10"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb10-1"><a href="#cb10-1" aria-hidden="true" tabindex="-1"></a><span class="co">#!/bin/sh</span></span> +<span id="cb10-2"><a href="#cb10-2" aria-hidden="true" tabindex="-1"></a><span class="bu">[</span> <span class="va">$#</span> <span class="ot">-ne</span> 1<span class="bu"> ]</span> <span class="kw">&&</span></span> +<span id="cb10-3"><a href="#cb10-3" aria-hidden="true" tabindex="-1"></a> <span class="bu">echo</span> <span class="st">"Usage: </span><span class="va">$0</span><span class="st"> repository"</span> <span class="kw">&&</span> <span class="bu">exit</span> 1</span> +<span id="cb10-4"><a href="#cb10-4" aria-hidden="true" tabindex="-1"></a><span class="va">repo_path=</span><span class="st">"/srv/git/</span><span class="va">$1</span><span class="st">.git"</span></span> +<span id="cb10-5"><a href="#cb10-5" aria-hidden="true" tabindex="-1"></a><span class="bu">[</span> <span class="ot">-d</span> <span class="st">"</span><span class="va">$repo_path</span><span class="st">"</span><span class="bu"> ]</span> <span class="kw">&&</span></span> +<span id="cb10-6"><a href="#cb10-6" aria-hidden="true" tabindex="-1"></a> <span class="bu">echo</span> <span class="st">"</span><span class="va">$0</span><span class="st">: Error: </span><span class="va">$repo_path</span><span class="st"> already exist"</span> <span class="kw">&&</span> <span class="bu">exit</span> 2</span> +<span id="cb10-7"><a href="#cb10-7" aria-hidden="true" tabindex="-1"></a><span class="fu">mkdir</span> <span class="st">"</span><span class="va">$repo_path</span><span class="st">"</span></span> +<span id="cb10-8"><a href="#cb10-8" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> -C <span class="st">"</span><span class="va">$repo_path</span><span class="st">"</span> init --bare</span></code></pre></div> <p>This script create a new repository in <code>/srv/git</code>.<br /> Put it under <code>git-shell-commands/create</code> and make it executable then try to ssh as the git user once again.<br /> You will be prompted with <code>git></code>, you can only execute the <code>create <repository></code> and <code>exit</code> command.</p> @@ -68,7 +68,7 @@ If you add a <code>help</code> script, it will be ran at the beginning of the co <h2 id="allow-anyone-to-clone-with-git-daemon">Allow anyone to clone with git-daemon</h2> <p>Cloning with ssh is fine but only the people with ssh access can do it, we would like anyone to clone.<br /> git-daemon does precisely that, after running it you will be able to run <code>git clone git://<host>/<repository></code></p> -<div class="sourceCode" id="cb11"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb11-1"><a href="#cb11-1" aria-hidden="true"></a><span class="fu">git</span> daemon --reuseaddr --base-path=/srv/git/ /srv/git/</span></code></pre></div> +<div class="sourceCode" id="cb11"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb11-1"><a href="#cb11-1" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> daemon --reuseaddr --base-path=/srv/git/ /srv/git/</span></code></pre></div> <p>Follow the instruction of <a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Git-Daemon">this</a> tutorial if you want to know how to make it a service</p> <h3 id="publicprivate-repository">Public/private repository</h3> <p>You may want to introduce a public/private distinction for your repositories.<br /> @@ -118,24 +118,24 @@ make install</code></pre> <p>Git hooks are scripts located in <code><repository>/.git/hooks</code> that will be run on a certain action.<br /> The hook we’re interested in is <code>post-receive</code>, it will be ran after someone pushes to the repository.<br /> We can use it to regenerate the repository’s pages and the website’s index.</p> -<div class="sourceCode" id="cb15"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb15-1"><a href="#cb15-1" aria-hidden="true"></a><span class="co">#!/bin/sh</span></span> -<span id="cb15-2"><a href="#cb15-2" aria-hidden="true"></a></span> -<span id="cb15-3"><a href="#cb15-3" aria-hidden="true"></a><span class="co"># Insert repo_name variable here</span></span> -<span id="cb15-4"><a href="#cb15-4" aria-hidden="true"></a><span class="co"># <REPO_NAME> -- replace with repo_name=name</span></span> -<span id="cb15-5"><a href="#cb15-5" aria-hidden="true"></a></span> -<span id="cb15-6"><a href="#cb15-6" aria-hidden="true"></a><span class="bu">[</span> <span class="ot">-z</span> <span class="st">"</span><span class="va">$repo_name</span><span class="st">"</span><span class="bu"> ]</span> <span class="kw">&&</span> <span class="bu">exit</span> 1</span> -<span id="cb15-7"><a href="#cb15-7" aria-hidden="true"></a><span class="bu">[</span> <span class="ot">!</span> <span class="ot">-d</span> <span class="st">"/srv/git/public/</span><span class="va">$repo_name</span><span class="st">.git"</span><span class="bu"> ]</span> <span class="kw">&&</span> <span class="bu">exit</span></span> -<span id="cb15-8"><a href="#cb15-8" aria-hidden="true"></a></span> -<span id="cb15-9"><a href="#cb15-9" aria-hidden="true"></a><span class="va">repo_web_path=</span><span class="st">"/var/www/git/</span><span class="va">$repo_name</span><span class="st">"</span></span> -<span id="cb15-10"><a href="#cb15-10" aria-hidden="true"></a><span class="fu">mkdir</span> -p <span class="st">"</span><span class="va">$repo_web_path</span><span class="st">"</span></span> -<span id="cb15-11"><a href="#cb15-11" aria-hidden="true"></a><span class="bu">cd</span> <span class="st">"</span><span class="va">$repo_web_path</span><span class="st">"</span> <span class="kw">||</span> <span class="bu">exit</span> 1</span> -<span id="cb15-12"><a href="#cb15-12" aria-hidden="true"></a><span class="ex">stagit</span> <span class="st">"/srv/git/</span><span class="va">$repo_name</span><span class="st">.git"</span></span> -<span id="cb15-13"><a href="#cb15-13" aria-hidden="true"></a><span class="ex">stagit-index</span> /srv/git/public/* <span class="op">></span> /var/www/git/index.html</span></code></pre></div> +<div class="sourceCode" id="cb15"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb15-1"><a href="#cb15-1" aria-hidden="true" tabindex="-1"></a><span class="co">#!/bin/sh</span></span> +<span id="cb15-2"><a href="#cb15-2" aria-hidden="true" tabindex="-1"></a></span> +<span id="cb15-3"><a href="#cb15-3" aria-hidden="true" tabindex="-1"></a><span class="co"># Insert repo_name variable here</span></span> +<span id="cb15-4"><a href="#cb15-4" aria-hidden="true" tabindex="-1"></a><span class="co"># <REPO_NAME> -- replace with repo_name=name</span></span> +<span id="cb15-5"><a href="#cb15-5" aria-hidden="true" tabindex="-1"></a></span> +<span id="cb15-6"><a href="#cb15-6" aria-hidden="true" tabindex="-1"></a><span class="bu">[</span> <span class="ot">-z</span> <span class="st">"</span><span class="va">$repo_name</span><span class="st">"</span><span class="bu"> ]</span> <span class="kw">&&</span> <span class="bu">exit</span> 1</span> +<span id="cb15-7"><a href="#cb15-7" aria-hidden="true" tabindex="-1"></a><span class="bu">[</span> <span class="ot">!</span> <span class="ot">-d</span> <span class="st">"/srv/git/public/</span><span class="va">$repo_name</span><span class="st">.git"</span><span class="bu"> ]</span> <span class="kw">&&</span> <span class="bu">exit</span></span> +<span id="cb15-8"><a href="#cb15-8" aria-hidden="true" tabindex="-1"></a></span> +<span id="cb15-9"><a href="#cb15-9" aria-hidden="true" tabindex="-1"></a><span class="va">repo_web_path=</span><span class="st">"/var/www/git/</span><span class="va">$repo_name</span><span class="st">"</span></span> +<span id="cb15-10"><a href="#cb15-10" aria-hidden="true" tabindex="-1"></a><span class="fu">mkdir</span> -p <span class="st">"</span><span class="va">$repo_web_path</span><span class="st">"</span></span> +<span id="cb15-11"><a href="#cb15-11" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> <span class="st">"</span><span class="va">$repo_web_path</span><span class="st">"</span> <span class="kw">||</span> <span class="bu">exit</span> 1</span> +<span id="cb15-12"><a href="#cb15-12" aria-hidden="true" tabindex="-1"></a><span class="ex">stagit</span> <span class="st">"/srv/git/</span><span class="va">$repo_name</span><span class="st">.git"</span></span> +<span id="cb15-13"><a href="#cb15-13" aria-hidden="true" tabindex="-1"></a><span class="ex">stagit-index</span> /srv/git/public/* <span class="op">></span> /var/www/git/index.html</span></code></pre></div> <p>This is a template for the <code>post-receive</code> hook. Every time you publish a repository you can change his <code>post-receive</code> hook.</p> -<div class="sourceCode" id="cb16"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb16-1"><a href="#cb16-1" aria-hidden="true"></a><span class="va">post_receive_path=</span><span class="st">"<repository>/hooks/post-receive"</span></span> -<span id="cb16-2"><a href="#cb16-2" aria-hidden="true"></a><span class="fu">sed</span> <span class="st">'/REPO_NAME/ c repo_name='"</span><span class="va">$repo</span><span class="st">"</span> <span class="op"><</span> post-receive.template <span class="op">></span> <span class="st">"</span><span class="va">$post_receive_path</span><span class="st">"</span></span> -<span id="cb16-3"><a href="#cb16-3" aria-hidden="true"></a><span class="fu">chmod</span> +x <span class="st">"</span><span class="va">$post_receive_path</span><span class="st">"</span></span> -<span id="cb16-4"><a href="#cb16-4" aria-hidden="true"></a><span class="st">"</span><span class="va">$post_receive_path</span><span class="st">"</span></span></code></pre></div> +<div class="sourceCode" id="cb16"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb16-1"><a href="#cb16-1" aria-hidden="true" tabindex="-1"></a><span class="va">post_receive_path=</span><span class="st">"<repository>/hooks/post-receive"</span></span> +<span id="cb16-2"><a href="#cb16-2" aria-hidden="true" tabindex="-1"></a><span class="fu">sed</span> <span class="st">'/REPO_NAME/ c repo_name='"</span><span class="va">$repo</span><span class="st">"</span> <span class="op"><</span> post-receive.template <span class="op">></span> <span class="st">"</span><span class="va">$post_receive_path</span><span class="st">"</span></span> +<span id="cb16-3"><a href="#cb16-3" aria-hidden="true" tabindex="-1"></a><span class="fu">chmod</span> +x <span class="st">"</span><span class="va">$post_receive_path</span><span class="st">"</span></span> +<span id="cb16-4"><a href="#cb16-4" aria-hidden="true" tabindex="-1"></a><span class="st">"</span><span class="va">$post_receive_path</span><span class="st">"</span></span></code></pre></div> <blockquote> <p>Add this code to your <code>publish</code> script</p> </blockquote> |