2009-09-06 10:04:41 +02:00
|
|
|
# paths and configuration variables for gitolite
|
2009-08-30 08:41:55 +02:00
|
|
|
|
|
|
|
# please read comments before editing
|
|
|
|
|
|
|
|
# this file is meant to be pulled into a perl program using "do" or "require".
|
|
|
|
|
|
|
|
# You do NOT need to know perl to edit the paths; it should be fairly
|
2009-10-11 05:01:59 +02:00
|
|
|
# self-explanatory and easy to maintain perl syntax :-)
|
2009-08-30 08:41:55 +02:00
|
|
|
|
2010-04-26 18:25:02 +02:00
|
|
|
# --------------------------------------
|
|
|
|
# Do not uncomment these values unless you know what you're doing
|
|
|
|
# $GL_PACKAGE_CONF = "";
|
|
|
|
# $GL_PACKAGE_HOOKS = "";
|
|
|
|
|
|
|
|
# --------------------------------------
|
2010-08-10 10:12:52 +02:00
|
|
|
# MIRRORING SUPPORT
|
|
|
|
|
|
|
|
# $GL_SLAVE_MODE = 0;
|
|
|
|
# $ENV{GL_SLAVES} = 'gitolite@server2 gitolite@server3';
|
|
|
|
# PLEASE USE SINGLE QUOTES ABOVE, NOT DOUBLE QUOTES
|
|
|
|
|
|
|
|
# see doc/mirroring.mkd for details
|
2010-04-26 18:25:02 +02:00
|
|
|
|
2009-08-30 08:41:55 +02:00
|
|
|
# --------------------------------------
|
|
|
|
|
|
|
|
# this is where the repos go. If you provide a relative path (not starting
|
|
|
|
# with "/"), it's relative to your $HOME. You may want to put in something
|
|
|
|
# like "/bigdisk" or whatever if your $HOME is too small for the repos, for
|
|
|
|
# example
|
2009-08-23 11:25:50 +02:00
|
|
|
|
2009-08-24 06:37:06 +02:00
|
|
|
$REPO_BASE="repositories";
|
|
|
|
|
2009-09-21 11:11:37 +02:00
|
|
|
# the default umask for repositories is 0077; change this if you run stuff
|
|
|
|
# like gitweb and find it can't read the repos. Please note the syntax; the
|
|
|
|
# leading 0 is required
|
|
|
|
|
|
|
|
$REPO_UMASK = 0077; # gets you 'rwx------'
|
|
|
|
# $REPO_UMASK = 0027; # gets you 'rwxr-x---'
|
|
|
|
# $REPO_UMASK = 0022; # gets you 'rwxr-xr-x'
|
|
|
|
|
2009-09-25 08:47:33 +02:00
|
|
|
# part of the setup of gitweb is a variable called $projects_list (please see
|
|
|
|
# gitweb documentation for more on this). Set this to the same value:
|
|
|
|
|
2009-10-23 06:53:06 +02:00
|
|
|
$PROJECTS_LIST = $ENV{HOME} . "/projects.list";
|
2009-09-25 08:47:33 +02:00
|
|
|
|
2009-08-30 08:41:55 +02:00
|
|
|
# --------------------------------------
|
|
|
|
|
|
|
|
# I see no reason anyone may want to change the gitolite admin directory, but
|
2009-09-01 16:22:06 +02:00
|
|
|
# feel free to do so. However, please note that it *must* be an *absolute*
|
|
|
|
# path (i.e., starting with a "/" character)
|
2009-08-30 08:41:55 +02:00
|
|
|
|
2009-08-26 02:47:27 +02:00
|
|
|
# gitolite admin directory, files, etc
|
2009-09-06 10:04:41 +02:00
|
|
|
|
2009-08-26 02:47:27 +02:00
|
|
|
$GL_ADMINDIR=$ENV{HOME} . "/.gitolite";
|
2009-08-24 06:37:06 +02:00
|
|
|
|
|
|
|
# --------------------------------------
|
|
|
|
|
2009-09-06 10:04:41 +02:00
|
|
|
# templates for location of the log files and format of their names
|
|
|
|
|
|
|
|
# I prefer this template (note the %y and %m placeholders)
|
|
|
|
# it produces files like `~/.gitolite/logs/gitolite-2009-09.log`
|
|
|
|
|
|
|
|
$GL_LOGT="$GL_ADMINDIR/logs/gitolite-%y-%m.log";
|
|
|
|
|
|
|
|
# other choices are below, or you can make your own -- but PLEASE MAKE SURE
|
|
|
|
# the directory exists and is writable; gitolite won't do that for you (unless
|
|
|
|
# it is the default, which is "$GL_ADMINDIR/logs")
|
|
|
|
|
|
|
|
# $GL_LOGT="$GL_ADMINDIR/logs/gitolite-%y-%m-%d.log";
|
|
|
|
# $GL_LOGT="$GL_ADMINDIR/logs/gitolite-%y.log";
|
|
|
|
|
|
|
|
# --------------------------------------
|
|
|
|
|
2010-08-17 18:05:54 +02:00
|
|
|
# location of the performance log files
|
|
|
|
|
|
|
|
# uncomment and set this variable if you want performance logging
|
|
|
|
#
|
|
|
|
# perf log files are different from access log files; they store different
|
|
|
|
# information, are not meant to be as long-lived, and so on
|
|
|
|
|
|
|
|
# $GL_PERFLOGT="$GL_ADMINDIR/logs/perf-gitolite-%y-%m.log";
|
|
|
|
|
|
|
|
# --------------------------------------
|
|
|
|
|
2009-10-30 16:55:06 +01:00
|
|
|
# Please DO NOT change these three paths
|
2009-08-24 06:37:06 +02:00
|
|
|
|
2009-08-27 11:54:08 +02:00
|
|
|
$GL_CONF="$GL_ADMINDIR/conf/gitolite.conf";
|
2009-08-23 11:25:50 +02:00
|
|
|
$GL_KEYDIR="$GL_ADMINDIR/keydir";
|
2009-08-27 11:54:08 +02:00
|
|
|
$GL_CONF_COMPILED="$GL_ADMINDIR/conf/gitolite.conf-compiled.pm";
|
2009-08-23 11:25:50 +02:00
|
|
|
|
2009-08-30 10:12:53 +02:00
|
|
|
# --------------------------------------
|
2009-09-06 10:04:41 +02:00
|
|
|
|
2009-10-13 06:32:45 +02:00
|
|
|
# if git on your server is on a standard path (that is
|
|
|
|
# ssh git@server git --version
|
|
|
|
# works), leave this setting as is. Otherwise, choose one of the
|
|
|
|
# alternatives, or write your own
|
|
|
|
|
2009-10-13 06:46:23 +02:00
|
|
|
$GIT_PATH="";
|
|
|
|
# $GIT_PATH="/opt/bin/";
|
2009-10-13 06:32:45 +02:00
|
|
|
|
2010-01-14 10:44:40 +01:00
|
|
|
# --------------------------------------
|
|
|
|
|
2010-05-16 02:48:08 +02:00
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
# BIG CONFIG SETTINGS
|
|
|
|
|
|
|
|
# Please read doc/big-config.mkd for details
|
2010-02-05 11:30:47 +01:00
|
|
|
|
2010-05-16 02:48:08 +02:00
|
|
|
$GL_BIG_CONFIG = 0;
|
|
|
|
$GL_NO_DAEMON_NO_GITWEB = 0;
|
2010-07-23 13:33:21 +02:00
|
|
|
$GL_NO_CREATE_REPOS = 0;
|
|
|
|
$GL_NO_SETUP_AUTHKEYS = 0;
|
2010-02-05 11:30:47 +01:00
|
|
|
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
# SECURITY SENSITIVE SETTINGS
|
|
|
|
#
|
|
|
|
# Settings below this point may have security implications. That
|
|
|
|
# usually means that I have not thought hard enough about all the
|
|
|
|
# possible ways to crack security if these settings are enabled.
|
|
|
|
|
|
|
|
# Please see details on each setting for specifics, if any.
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
2010-02-07 08:39:16 +01:00
|
|
|
# --------------------------------------
|
|
|
|
# ALLOW REPO ADMIN TO SET GITCONFIG KEYS
|
|
|
|
#
|
|
|
|
# Gitolite allows you to set git repo options using the "config" keyword; see
|
|
|
|
# conf/example.conf for details and syntax.
|
|
|
|
#
|
|
|
|
# However, if you are in an installation where the repo admin does not (and
|
|
|
|
# should not) have shell access to the server, then allowing him to set
|
|
|
|
# arbitrary repo config options *may* be a security risk -- some config
|
|
|
|
# settings may allow executing arbitrary commands.
|
|
|
|
#
|
2010-02-08 01:32:36 +01:00
|
|
|
# You have 3 choices. By default $GL_GITCONFIG_KEYS is left empty, which
|
2010-02-07 08:39:16 +01:00
|
|
|
# completely disables this feature (meaning you cannot set git configs from
|
|
|
|
# the repo config).
|
2010-05-14 07:22:58 +02:00
|
|
|
|
2010-02-08 01:32:36 +01:00
|
|
|
$GL_GITCONFIG_KEYS = "";
|
2010-05-14 07:22:58 +02:00
|
|
|
|
2010-02-07 08:39:16 +01:00
|
|
|
# The second choice is to give it a space separated list of settings you
|
|
|
|
# consider safe. (These are actually treated as a set of regular expression
|
|
|
|
# patterns, and any one of them must match). For example:
|
|
|
|
# $GL_GITCONFIG_KEYS = "core\.logAllRefUpdates core\..*compression";
|
|
|
|
# allows repo admins to set one of those 3 config keys (yes, that second
|
|
|
|
# pattern matches two settings from "man git-config", if you look)
|
|
|
|
#
|
|
|
|
# The third choice (which you may have guessed already if you're familiar with
|
|
|
|
# regular expressions) is to allow anything and everything:
|
|
|
|
# $GL_GITCONFIG_KEYS = ".*";
|
|
|
|
|
2010-06-25 16:39:38 +02:00
|
|
|
# NOTE that due to some quoting and interpolation issues I have not been able
|
|
|
|
# to look at, a literal "." needs to be specified in this string as \\. (two
|
|
|
|
# backslashes and a dot). So this is how you'd allow any keys in the "foo"
|
|
|
|
# category:
|
|
|
|
# $GL_GITCONFIG_KEYS = "foo\\..*";
|
|
|
|
|
2010-06-25 20:06:15 +02:00
|
|
|
# --------------------------------------
|
|
|
|
# ALLOW GITCONFIG KEYS EVEN FOR WILD REPOS
|
|
|
|
#
|
|
|
|
# This is an efficiency issue more than a security issue, since this requires
|
|
|
|
# trawling through all of $REPO_BASE looking for stuff :)
|
|
|
|
|
|
|
|
# $GL_GITCONFIG_WILD = 0;
|
|
|
|
|
2010-02-05 11:30:47 +01:00
|
|
|
# --------------------------------------
|
|
|
|
# EXTERNAL COMMAND HELPER -- HTPASSWD
|
|
|
|
|
|
|
|
# security note: runs an external command (htpasswd) with specific arguments,
|
|
|
|
# including a user-chosen "password".
|
|
|
|
|
2010-02-01 11:07:35 +01:00
|
|
|
# if you want to enable the "htpasswd" command, give this the absolute path to
|
|
|
|
# whatever file apache (etc) expect to find the passwords in.
|
|
|
|
|
|
|
|
$HTPASSWD_FILE = "";
|
|
|
|
|
|
|
|
# Look in doc/3 ("easier to link gitweb authorisation with gitolite" section)
|
|
|
|
# for more details on using this feature.
|
|
|
|
|
|
|
|
# --------------------------------------
|
2010-01-31 15:54:36 +01:00
|
|
|
# EXTERNAL COMMAND HELPER -- RSYNC
|
2010-02-05 11:30:47 +01:00
|
|
|
|
|
|
|
# security note: runs an external command (rsync) with specific arguments, all
|
|
|
|
# presumably filled in correctly by the client-side rsync.
|
|
|
|
|
2010-01-31 15:54:36 +01:00
|
|
|
# base path of all the files that are accessible via rsync. Must be an
|
|
|
|
# absolute path. Leave it undefined or set to the empty string to disable the
|
|
|
|
# rsync helper.
|
2010-05-14 07:22:58 +02:00
|
|
|
|
2010-01-31 15:54:36 +01:00
|
|
|
$RSYNC_BASE = "";
|
2010-05-14 07:22:58 +02:00
|
|
|
|
2010-01-31 15:54:36 +01:00
|
|
|
# $RSYNC_BASE = "/home/git/up-down";
|
|
|
|
# $RSYNC_BASE = "/tmp/up-down";
|
|
|
|
|
2010-05-09 17:04:55 +02:00
|
|
|
# --------------------------------------
|
|
|
|
# EXTERNAL COMMAND HELPER -- SVNSERVE
|
|
|
|
|
|
|
|
# security note: runs an external command (svnserve) with specific arguments,
|
|
|
|
# as specified below. %u is substituted with the username.
|
|
|
|
|
|
|
|
# This setting allows launching svnserve when requested by the ssh client.
|
|
|
|
# This allows using the same SSH setup (hostname/username/public key) for both
|
|
|
|
# SVN and git access. Leave it undefined or set to the empty string to disable
|
|
|
|
# svnserve access.
|
|
|
|
|
|
|
|
$SVNSERVE = "";
|
|
|
|
# $SVNSERVE = "/usr/bin/svnserve -r /var/svn/ -t --tunnel-user=%u";
|
|
|
|
|
2010-02-05 11:30:47 +01:00
|
|
|
# --------------------------------------
|
|
|
|
# ALLOW REPO CONFIG TO USE WILDCARDS
|
|
|
|
|
|
|
|
# security note: this used to in a separate "wildrepos" branch. You can
|
|
|
|
# create repositories based on wild cards, give "ownership" to the specific
|
|
|
|
# user who created it, allow him/her to hand out R and RW permissions to other
|
|
|
|
# users to collaborate, etc. This is powerful stuff, and I've made it as
|
|
|
|
# secure as I can, but it hasn't had the kind of rigorous line-by-line
|
|
|
|
# analysis that the old "master" branch had.
|
|
|
|
|
|
|
|
# This has now been rolled into master, with all the functionality gated by
|
|
|
|
# this variable. Set this to 1 if you want to enable the wildrepos features.
|
|
|
|
# Please see doc/4-wildcard-repositories.mkd for details.
|
2010-05-14 07:22:58 +02:00
|
|
|
|
2010-02-08 01:32:36 +01:00
|
|
|
$GL_WILDREPOS = 0;
|
2010-02-05 11:30:47 +01:00
|
|
|
|
2010-06-22 13:30:48 +02:00
|
|
|
# --------------------------------------
|
|
|
|
# DEFAULT WILDCARD PERMISSIONS
|
|
|
|
|
|
|
|
# If set, this value will be used as the default user-level permission rule of
|
|
|
|
# new wildcard repositories. The user can change this value with the setperms command
|
|
|
|
# as desired after repository creation; it is only a default. Note that @all can be
|
|
|
|
# used here but is special; no other groups can be used in user-level permissions.
|
|
|
|
|
|
|
|
# $GL_WILDREPOS_DEFPERMS = 'R = @all';
|
|
|
|
|
2010-04-13 14:56:34 +02:00
|
|
|
# --------------------------------------
|
|
|
|
# HOOK CHAINING
|
|
|
|
|
|
|
|
# by default, the update hook in every repo chains to "update.secondary".
|
|
|
|
# Similarly, the post-update hook in the admin repo chains to
|
|
|
|
# "post-update.secondary". If you're fine with the defaults, there's no need
|
|
|
|
# to do anything here. However, if you want to use different names or paths,
|
|
|
|
# change these variables
|
|
|
|
|
|
|
|
# $UPDATE_CHAINS_TO = "hooks/update.secondary";
|
|
|
|
# $ADMIN_POST_UPDATE_CHAINS_TO = "hooks/post-update.secondary";
|
|
|
|
|
2010-04-24 14:46:13 +02:00
|
|
|
# --------------------------------------
|
|
|
|
# ADMIN DEFINED COMMANDS
|
|
|
|
|
|
|
|
# WARNING: Use this feature only if (a) you really really know what you're
|
|
|
|
# doing or (b) you really don't care too much about security. Please read
|
|
|
|
# doc/admin-defined-commands.mkd for details.
|
|
|
|
|
|
|
|
# $GL_ADC_PATH = "";
|
|
|
|
|
2009-08-24 06:37:06 +02:00
|
|
|
# --------------------------------------
|
2009-08-30 08:41:55 +02:00
|
|
|
# per perl rules, this should be the last line in such a file:
|
2009-08-23 11:25:50 +02:00
|
|
|
1;
|
2009-09-06 10:04:41 +02:00
|
|
|
|
2010-02-26 21:11:36 +01:00
|
|
|
# Local variables:
|
|
|
|
# mode: perl
|
|
|
|
# End:
|
2009-09-06 10:04:41 +02:00
|
|
|
# vim: set syn=perl:
|