Setting up gitosis on Jaunty

While git is a completely distributed revision control system, sometimes
the lack of a central canonical repository can be annoying. For example,
you might want to make your repository published publically, so other
people can fork your code, or you might want all your developers to push
into (or have code pulled into) a central “golden” tree, that you then
use for automated building and continuous integration. This entry should
explain how to get this all working on Ubuntu 9.04 (Jaunty).

Gitosis is a very useful git repository manager, which adds support like
ACLs in pre-commits and gitweb and git-daemon management. While it’s
possible to set all these things up by hand, gitosis does everything for
you. It is nicely configured via git; to make configuration changes,
you push the config file changes into gitosis repository on the server.

Gitosis is available in Jaunty, but unfortunately there is a bug
in the version in Jaunty, which means it doesn’t work out of the box.
Fortunately there is a fixed version in jaunty-proposed that
fixes the main problem. This does mean that you need to add the
following to your sources.list:

deb http://gb.archive.ubuntu.com/ubuntu/ jaunty-proposed universe

Run apt-get update && apt-get install gitosis. You should
install 0.2+20080825-2ubuntu0.1 or later. There is another
small bug in the current version too, as a result of git removing the
git-$command scripts out of /usr/bin. Edit
/usr/share/python-support/gitosis/gitosis/templates/admin/hooks/post-update
and replace

git-update-server-info

with

git update-server-info

With these changes in place, we can now set up our gitosis
repository. On the server you are going to use to host your central
repositories, run:

sudo -H -u gitosis gitosis-init < id_rsa.pub

The id_rsa.pub file is a public ssh key. As I mentioned,
gitosis is managed over git, so you need an initial user to clone and
then push changes back into the gitosis repo, so make sure this key
belongs to a keypair you have available to the remote user you’re going
to configure gitosis.

Now, on your local computer, you can clone the gitosis-admin repo
using:

git clone gitosis@gitserver.example.com:gitosis-admin.git

If you look inside the gitosis-admin directory, you should
find a file called gitosis.conf and a directory called
keydir. The directory is where you can add ssh public keys for
your users. The file is the configuration file for gitosis.

[gitosis]
loglevel = INFO

[group gitosis-admin]
writable = gitosis-admin
members = david@david

[group developers]
members = david@david
writable = publicproject privateproject

[group contributors]
members = george@wilber
writable = publicproject

[repo publicproject]
daemon = yes
gitweb = yes

[repo privateproject]
daemon = no
gitweb = no

This sets up two repositories, called publicproject and
privateproject. It enables the public project to be available via the
git protocol and in gitweb if you have that installed. We also create
two groups, developers and contributors. David has access to both
projects, but George only has access to change the publicproject. David
can also modify the gitosis configuration. The users are the names of
ssh keys (the last part of the line in id_dsa.pub or id_rsa.pub).

Once you’ve changed this file, you can run git add
gitosis.conf
to add it to the commit, git commit -m "update
gitosis configuration
to commit it to your local repository, and
finally git push to push your commits back up into the central
repository. Gitosis should now update the configuration on the server to
match the config file.

One last thing to do is to enable git-daemon, so people can
anonymously clone your projects. Create /etc/event.d/git-daemon with the
following contents:

start on startup
stop on shutdown

exec /usr/bin/git daemon 
   --user=gitosis --group=gitosis 
   --user-path=public-git 
   --verbose 
   --syslog 
   --reuseaddr 
   --base-path=/srv/gitosis/repositories/
respawn

You can now start this using start git-daemon

So now, you need to start using your repository. You can either start
with an existing project or an empty directory. Start by running
git init and then git add $file to add each of the
files you want in your project, and finally git commit to
commit them to your local repository. The final task is to add a remote
repository and push your code into it.

git remote add origin gitosis@gitserver.example.com:privateproject.git
git push origin master:refs/heads/master

In future, you should be able to do git push to push your
changes back into the central repository. You can also clone a project
using git or ssh, providing you have access, using the following
commands. The first is for read-write access over ssh and the second
uses the git protocol for read-only access. The git protocol uses TCP
port 9418, so make sure that’s available externally, if you want the
world to be able to clone your repos.

git clone gitosis@gitserver.example.com:publicproject.git
git clone git://gitserver.example.com/publicproject.git

Setting up GitWeb is left as an exercise for the reader (and myself
because I am yet to attempt to set that up).

3 thoughts on “Setting up gitosis on Jaunty

  1. Rather than editing the post script why not create:
    /usr/local/bin/git-update-server-info, with contents like this:

    #!/bin/sh
    git update-server-info “$*”

    That means there’s one less thing to worry about.

  2. Sorry… I get:

    djc@srv:~$ sudo -H -u gitosis gitosis-init < id_rsa.pub
    bash: id_rsa.pub: No such file or directory

    I followed everything from the start… did I miss something?

  3. Nevermind, I worked out you have to generate your own keys:

    $ ssh-keygen -t rsa
    $ cd ~/.ssh

    then you can proceed with:

    $ sudo -H -u gitosis gitosis-init < id_rsa.pub

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.