2009-08-23 07:59:07 +02:00
|
|
|
# example conf file for gitosis-lite
|
|
|
|
|
2009-08-24 06:37:33 +02:00
|
|
|
# overall syntax:
|
|
|
|
# - everything in this is space-separated; no commas, semicolons, etc
|
|
|
|
# - comments in the normal shell-ish style; no surprises there
|
|
|
|
# - there are no continuation lines of any kind
|
2009-08-23 10:14:46 +02:00
|
|
|
|
2009-08-23 07:59:07 +02:00
|
|
|
# objectives, over and above gitosis:
|
|
|
|
# - simpler syntax
|
|
|
|
# - no gitweb/daemon control
|
|
|
|
# - allows ff/non-ff control
|
|
|
|
# - allows branch level control
|
|
|
|
|
|
|
|
# ----------------------------------------------------------------------------
|
2009-08-24 06:37:33 +02:00
|
|
|
# USERS and GROUPS
|
|
|
|
|
|
|
|
# syntax:
|
2009-08-23 07:59:07 +02:00
|
|
|
# @groupname = username [...]
|
2009-08-24 06:37:33 +02:00
|
|
|
|
|
|
|
# usernames and groupnames should be as simple as possible; there's no
|
|
|
|
# explicit list of allowed characters for now but that's a TODO item.
|
|
|
|
|
|
|
|
# too many users in one group? just add more such lines
|
2009-08-23 07:59:07 +02:00
|
|
|
# (they accumulate, like squid ACLs)
|
|
|
|
|
2009-08-24 06:37:33 +02:00
|
|
|
@cust_A = cust1 cust2
|
|
|
|
@cust_A = cust99
|
2009-08-23 10:14:46 +02:00
|
|
|
@interns = indy james
|
2009-08-23 07:59:07 +02:00
|
|
|
@staff = me alice
|
2009-08-24 06:37:33 +02:00
|
|
|
|
|
|
|
# you can nest groups, but not recursively of course!
|
2009-08-23 10:14:46 +02:00
|
|
|
@staff = bob @interns
|
2009-08-23 07:59:07 +02:00
|
|
|
@secret_staff = bruce whitfield martin
|
|
|
|
|
|
|
|
# ----------------------------------------------------------------------------
|
2009-08-24 06:37:33 +02:00
|
|
|
# REPOS, REFS, and PERMISSIONS
|
|
|
|
|
|
|
|
# syntax:
|
|
|
|
# repo [one or more reponames]
|
|
|
|
# (R|RW|RW+) [zero or more refnames] = [one or more users]
|
|
|
|
|
|
|
|
# notes:
|
2009-08-23 07:59:07 +02:00
|
|
|
|
|
|
|
# - RW+ means non-ff push is allowed
|
2009-08-24 06:37:33 +02:00
|
|
|
# - you can't write just "W" or "+"; it has to be R, or RW, or RW+
|
|
|
|
|
|
|
|
# - if no ref name appears, the rule applies to all refs in that repo
|
2009-08-23 07:59:07 +02:00
|
|
|
# - ref names are perl regex patterns
|
|
|
|
# - prefixed by "refs/heads/" if it doesn't start with "refs/"
|
|
|
|
# (i.e., tags have to be explicitly named as refs/tags/pattern)
|
|
|
|
|
2009-08-24 06:37:33 +02:00
|
|
|
# - the list of users can inlude any group name defined earlier
|
2009-08-23 07:59:07 +02:00
|
|
|
# - "@all" is a special, predefined, groupname
|
|
|
|
|
2009-08-24 06:37:33 +02:00
|
|
|
# anyone can play in the sandbox, including making non-fastforward commits
|
|
|
|
# (that's what the "+" means)
|
2009-08-23 07:59:07 +02:00
|
|
|
repo sandbox
|
|
|
|
RW+ = @all
|
|
|
|
|
|
|
|
# my repo and alice's repo have the same memberships and access, so we just
|
2009-08-24 06:37:33 +02:00
|
|
|
# put them both in the same stanza
|
2009-08-23 07:59:07 +02:00
|
|
|
repo myrepo alicerepo
|
2009-08-23 10:14:46 +02:00
|
|
|
RW+ = me alice
|
|
|
|
R = bob eve
|
2009-08-23 07:59:07 +02:00
|
|
|
|
2009-08-24 06:37:33 +02:00
|
|
|
# this repo is visible to customers from company A but they can't write to it
|
|
|
|
repo cust_A_repo
|
|
|
|
R = @cust_A
|
|
|
|
RW = @staff
|
2009-08-23 07:59:07 +02:00
|
|
|
|
|
|
|
# idea for the tags syntax shamelessly copied from git.git
|
|
|
|
# Documentation/howto/update-hook-example.txt :)
|
|
|
|
repo secret
|
|
|
|
RW+ pu = bruce
|
|
|
|
RW master next = bruce
|
|
|
|
RW refs/tags/v[0-9].* = bruce
|
2009-08-24 06:37:33 +02:00
|
|
|
RW refs/tags/ = @secret_staff
|
2009-08-23 07:59:07 +02:00
|
|
|
RW tmp/.* = @secret_staff
|
|
|
|
R = @secret_staff
|