2009-08-27 11:54:23 +02:00
|
|
|
# administering and running gitolite
|
|
|
|
|
2009-08-30 08:38:54 +02:00
|
|
|
*Note*: some of the paths in this document use variable names. Just refer to
|
|
|
|
`~/.gitolite.rc` for the correct values for *your* installation.
|
2009-08-29 07:21:48 +02:00
|
|
|
|
2009-11-13 00:33:09 +01:00
|
|
|
In this document:
|
|
|
|
|
|
|
|
* administer
|
|
|
|
* adding users and repos
|
|
|
|
* specifying gitweb and daemon access
|
|
|
|
* custom hooks
|
|
|
|
|
2009-08-27 11:54:23 +02:00
|
|
|
### administer
|
|
|
|
|
2009-09-16 06:46:11 +02:00
|
|
|
First of all, ***do NOT add new repos manually***, unless you know how to add
|
|
|
|
the required hook as well. Without the hook, branch-level access control will
|
|
|
|
not work for that repo, which sorta defeats the idea of using gitolite :-)
|
|
|
|
|
|
|
|
Please read on to see how to do this correctly.
|
|
|
|
|
|
|
|
#### adding users and repos
|
|
|
|
|
2009-08-27 11:54:23 +02:00
|
|
|
* ask each user who will get access to send you a public key. See other
|
2009-10-30 16:55:06 +01:00
|
|
|
sources (for example [here][genpub]) for how to do this
|
|
|
|
|
|
|
|
[genpub]: http://sitaramc.github.com/0-installing/2-access-gitolite.html#generating_a_public_key
|
2009-08-30 17:49:36 +02:00
|
|
|
|
2009-08-29 07:21:48 +02:00
|
|
|
* rename each public key according to the user's name, with a `.pub`
|
|
|
|
extension, like `sitaram.pub` or `john-smith.pub`. You can also use
|
|
|
|
periods and underscores
|
2009-08-30 17:49:36 +02:00
|
|
|
|
2009-10-11 05:01:59 +02:00
|
|
|
* copy all these `*.pub` files to `keydir` in your gitolite-admin repo clone
|
2009-08-30 17:49:36 +02:00
|
|
|
|
2009-10-11 05:01:59 +02:00
|
|
|
* edit the config file (`conf/gitolite.conf` in your admin repo clone). See
|
|
|
|
`conf/example.conf` in the gitolite source for details on what goes in
|
|
|
|
that file, syntax, etc. Just add new repos as needed, and add new users
|
|
|
|
and give them permissions as required. The users names should be exactly
|
|
|
|
the same as their keyfile names, but without the `.pub` extension
|
2009-09-16 06:46:11 +02:00
|
|
|
|
2009-10-11 05:01:59 +02:00
|
|
|
* when done, commit your changes and push
|
2009-09-16 06:46:11 +02:00
|
|
|
|
2009-09-25 08:47:33 +02:00
|
|
|
#### specifying gitweb and daemon access
|
|
|
|
|
|
|
|
This is a feature that I personally do not use (corporate environments don't
|
|
|
|
like unauthenticated access of any kind to any repo!), but someone wanted it,
|
|
|
|
so here goes.
|
|
|
|
|
2009-11-12 14:23:49 +01:00
|
|
|
To make a repo or repo group accessible via "git daemon", just give read
|
|
|
|
permission to the special user "daemon". See the [faq, tips, etc][ss]
|
|
|
|
document for easy ways to specify access for multiple repositories.
|
2009-10-30 16:55:06 +01:00
|
|
|
|
|
|
|
[ss]: http://github.com/sitaramc/gitolite/blob/pu/doc/3-faq-tips-etc.mkd#gwd
|
2009-09-25 08:47:33 +02:00
|
|
|
|
2009-11-12 14:23:49 +01:00
|
|
|
There's a special user called "gitweb" also, which works the same way.
|
|
|
|
However, setting a description for the project also enables gitweb permissions
|
|
|
|
so you may as well use that method and kill two birds with one stone, like so:
|
2009-09-25 08:47:33 +02:00
|
|
|
|
2009-11-12 14:23:49 +01:00
|
|
|
gitolite = "fast, secure, access control for git in a corporate environment"
|
|
|
|
|
|
|
|
Note that gitolite does **not** install or configure gitweb/daemon -- that is
|
|
|
|
a one-time setup you must do separately. All this does is:
|
|
|
|
|
|
|
|
* for daemon, create the file `git-daemon-export-ok` in the repository
|
2009-09-25 08:47:33 +02:00
|
|
|
* for gitweb, add the repo to the list of projects to be served by gitweb
|
|
|
|
(see the config file variable `$PROJECTS_LIST`, which should have the same
|
|
|
|
value you specified for `$projects_list` when setting up gitweb)
|
2009-11-12 14:23:49 +01:00
|
|
|
* put the description, if given, in `$repo/description`
|
2009-09-25 08:47:33 +02:00
|
|
|
|
2009-10-11 05:01:59 +02:00
|
|
|
The "compile" script will keep these files consistent with the config settings
|
2009-11-12 14:23:49 +01:00
|
|
|
-- this includes removing such settings/files if you remove "read" permissions
|
|
|
|
for the special usernames or remove the description line.
|
2009-11-13 00:33:09 +01:00
|
|
|
|
|
|
|
#### custom hooks
|
|
|
|
|
|
|
|
If you want to put in your own, custom, hooks every time a new repo is created
|
|
|
|
by gitolite, put a **tested** hook script in `src/hooks`. As distributed, the
|
|
|
|
only file there is the `update` hook, but everything (*everything*) in that
|
|
|
|
directory will get copied to the `hooks/` subdirectory of every *new* repo
|
|
|
|
created.
|
|
|
|
|
|
|
|
In order to push a new or updated hook script to *existing* repos as well,
|
|
|
|
just run easy install once again; it'll do it to existing repos also.
|
|
|
|
|
|
|
|
**VERY IMPORTANT SECURITY NOTE: the `update` hook in `src/hooks` is what
|
|
|
|
implements all the branch-level permissions in gitolite. If you fiddle with
|
|
|
|
the hooks directory, please make sure you do not mess with this file
|
|
|
|
accidentally, or all your fancy per-branch permissions will stop working.**
|