deac/gitolite
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

easy install: handle upgrades specially

Browse source 
- "it's an upgrade" is decided by presence of gitolite.conf (not a pubkey)
  - admin_name optional (and will be ignored if given) for upgrades

plus a lot of comments and some minor text changes
This commit is contained in:
Sitaram Chamarty 2009-11-05 22:16:18 +05:30 committed by Sitaram Chamarty
parent 31fd24a76c
commit 130478ed93
1 changed files with 119 additions and 96 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

163
src/00-easy-install.sh
View file

@ -15,10 +15,18 @@
# command!) # command!)
set -e set -e
# ----------------------------------------------------------------------
# temp files
# ----------------------------------------------------------------------
export tmpgli=tmp-gl-install export tmpgli=tmp-gl-install
trap "rm -rf $tmpgli" 0 trap "rm -rf $tmpgli" 0
mkdir -p $tmpgli mkdir -p $tmpgli
# ----------------------------------------------------------------------
# service functions
# ----------------------------------------------------------------------
die() { echo "$@"; echo; echo "run $0 again without any arguments for help and tips"; exit 1; } die() { echo "$@"; echo; echo "run $0 again without any arguments for help and tips"; exit 1; }
prompt() { prompt() {
# receives two arguments. A short piece of text to be displayed, without # receives two arguments. A short piece of text to be displayed, without
@ -38,15 +46,16 @@ prompt() {
} }
usage() { usage() {
cat <<EOFU cat <<EOFU
Usage: $0 [-q] user host port admin_name Usage: $0 [-q] user host [port] admin_name # install
$0 [-q] user host [port] # upgrade
- (optional) "-q" as first arg sets "quiet" mode: no verbose descriptions of - (optional) "-q" as first arg sets "quiet" mode: no verbose descriptions of
what is going on, no pauses unless absolutely necessary what is going on, no pauses unless absolutely necessary
- "user" is the username on the server where you will be installing gitolite - "user" is the username on the server where you will be installing gitolite
- "host" is that server's hostname (or IP address is also fine) - "host" is that server's hostname (or IP address)
- "port" is optional - "port" is the ssh server port on "host"; optional, defaults to 22
- "admin_name" is *your* name as you want it to appear in the eventual - "admin_name" is *your* name as it should appear in the eventual gitolite
gitolite config file config file (not needed/used for upgrades)
Example usage: $0 git my.git.server sitaram Example usage: $0 git my.git.server sitaram
@ -95,21 +104,21 @@ quiet=
# MANUAL: (info) we'll use "git" as the user, "server" as the host, and # MANUAL: (info) we'll use "git" as the user, "server" as the host, and
# "sitaram" as the admin_name in example commands shown below, if any # "sitaram" as the admin_name in example commands shown below, if any
[[ -z $3 ]] && usage [[ -z $2 ]] && usage
user=$1 user=$1
host=$2 host=$2
port=22
admin_name=$3 admin_name=$3
# but if the 3rd arg is a number, that's a port number, and the 4th arg is the # but if the 3rd arg is a number, that's a port number, and the 4th arg is the
# admin_name # admin_name
port=22 if [[ $3 =~ ^[0-9]+$ ]]
[[ $3 =~ ^[0-9]+$ ]] && { then
port=$3 port=$3
[[ -z $4 ]] && usage
admin_name=$4 admin_name=$4
} fi
[[ "$user" =~ [^a-zA-Z0-9._-] ]] && die "user '$user' invalid" [[ "$user" =~ [^a-zA-Z0-9._-] ]] && die "user '$user' invalid"
[[ "$admin_name" =~ [^a-zA-Z0-9._-] ]] && die "admin_name '$admin_name' invalid" [[ -n $admin_name ]] && [[ "$admin_name" =~ [^a-zA-Z0-9._-] ]] && die "admin_name '$admin_name' invalid"
# MANUAL: make sure you're in the gitolite directory, at the top level. # MANUAL: make sure you're in the gitolite directory, at the top level.
# The following files should all be visible: # The following files should all be visible:
@ -129,6 +138,10 @@ ls src/gl-auth-command \
ssh -p $port -o PasswordAuthentication=no $user@$host true || ssh -p $port -o PasswordAuthentication=no $user@$host true ||
die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something" die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something"
# ----------------------------------------------------------------------
# version info
# ----------------------------------------------------------------------
# MANUAL: if needed, make a note of the version you are upgrading from, and to # MANUAL: if needed, make a note of the version you are upgrading from, and to
# record which version is being sent across; we assume it's HEAD # record which version is being sent across; we assume it's HEAD
@ -148,12 +161,18 @@ prompt "$upgrade_details" \
nice to have those version numbers in case you need support. Try and nice to have those version numbers in case you need support. Try and
install from a clone" install from a clone"
# MANUAL: create a new key for you as a "gitolite user" (as opposed to you as # ----------------------------------------------------------------------
# the "gitolite admin" who needs to login to the server and get a command # new keypair, ssh-config para; only on "install" (not upgrade)
# line). For example, "ssh-keygen -t rsa ~/.ssh/sitaram"; this would create # ----------------------------------------------------------------------
# two files in ~/.ssh (sitaram and sitaram.pub)
prompt "setting up keypair..." \ [[ -n $admin_name ]] && {
# MANUAL: create a new key for you as a "gitolite user" (as opposed to you
# as the "gitolite admin" who needs to login to the server and get a
# command line). For example, "ssh-keygen -t rsa ~/.ssh/sitaram"; this
# would create two files in ~/.ssh (sitaram and sitaram.pub)
prompt "setting up keypair..." \
"the next command will create a new keypair for your gitolite access "the next command will create a new keypair for your gitolite access
The pubkey will be $HOME/.ssh/$admin_name.pub. You will have to choose a The pubkey will be $HOME/.ssh/$admin_name.pub. You will have to choose a
@ -170,26 +189,27 @@ prompt "setting up keypair..." \
This makes using passphrases very convenient." This makes using passphrases very convenient."
if [[ -f $HOME/.ssh/$admin_name.pub ]] if [[ -f $HOME/.ssh/$admin_name.pub ]]
then then
prompt " ...reusing $HOME/.ssh/$admin_name.pub..." \ prompt " ...reusing $HOME/.ssh/$admin_name.pub..." \
"Hmmm... pubkey $HOME/.ssh/$admin_name.pub exists; should I just re-use it? "Hmmm... pubkey $HOME/.ssh/$admin_name.pub exists; should I just re-use it?
Be sure you remember the passphrase, if you gave one when you created it!" Be sure you remember the passphrase, if you gave one when you created it!"
else else
ssh-keygen -t rsa -f $HOME/.ssh/$admin_name || die "ssh-keygen failed for some reason..." ssh-keygen -t rsa -f $HOME/.ssh/$admin_name || die "ssh-keygen failed for some reason..."
fi fi
# MANUAL: copy the pubkey created to the server, say to /tmp. This would be # MANUAL: copy the pubkey created to the server, say to /tmp. This would
# "scp ~/.ssh/sitaram.pub git@server:/tmp" (the script does this at a later # be "scp ~/.ssh/sitaram.pub git@server:/tmp" (the script does this at a
# stage, you do it now for convenience). Note: only the pubkey (sitaram.pub). # later stage, you do it now for convenience). Note: only the pubkey
# Do NOT copy the ~/.ssh/sitaram file -- that is a private key! # (sitaram.pub). Do NOT copy the ~/.ssh/sitaram file -- that is a private
# key!
# MANUAL: if you're running ssh-agent (see if you have an environment variable # MANUAL: if you're running ssh-agent (see if you have an environment
# called SSH_AGENT_PID in your "env"), you should add this new key. The # variable called SSH_AGENT_PID in your "env"), you should add this new
# command is "ssh-add ~/.ssh/sitaram" # key. The command is "ssh-add ~/.ssh/sitaram"
if ssh-add -l &>/dev/null if ssh-add -l &>/dev/null
then then
prompt " ...adding key to agent..." \ prompt " ...adding key to agent..." \
"you're running ssh-agent. We'll try and do an ssh-add of the "you're running ssh-agent. We'll try and do an ssh-add of the
private key we just created, otherwise this key won't get picked up. If private key we just created, otherwise this key won't get picked up. If
@ -197,29 +217,29 @@ then
now -- type in the same one." now -- type in the same one."
ssh-add $HOME/.ssh/$admin_name ssh-add $HOME/.ssh/$admin_name
fi fi
# MANUAL: you now need to add some lines to the end of your ~/.ssh/config # MANUAL: you now need to add some lines to the end of your ~/.ssh/config
# file. If the file doesn't exist, create it. Make sure the file is "chmod # file. If the file doesn't exist, create it. Make sure the file is
# 644". # "chmod 644".
# The lines to be included look like this: # The lines to be included look like this:
# host gitolite # host gitolite
# user git # user git
# hostname server # hostname server
# port 22 # port 22
# identityfile ~/.ssh/sitaram # identityfile ~/.ssh/sitaram
echo " echo "
host gitolite host gitolite
user $user user $user
hostname $host hostname $host
port $port port $port
identityfile ~/.ssh/$admin_name" > $tmpgli/.gl-stanza identityfile ~/.ssh/$admin_name" > $tmpgli/.gl-stanza
if grep 'host *gitolite' $HOME/.ssh/config &>/dev/null if grep 'host *gitolite' $HOME/.ssh/config &>/dev/null
then then
prompt "found gitolite para in ~/.ssh/config; assuming it is correct..." \ prompt "found gitolite para in ~/.ssh/config; assuming it is correct..." \
"your \$HOME/.ssh/config already has settings for gitolite. I will "your \$HOME/.ssh/config already has settings for gitolite. I will
assume they're correct, but if they're not, please edit that file, delete assume they're correct, but if they're not, please edit that file, delete
@ -227,21 +247,22 @@ then
In case you want to check right now (from another terminal) if they're In case you want to check right now (from another terminal) if they're
correct, here's what they are *supposed* to look like: correct, here's what they are *supposed* to look like:
$(cat $tmpgli/.gl-stanza)" $(cat $tmpgli/.gl-stanza)"
else else
prompt "creating gitolite para in ~/.ssh/config..." \ prompt "creating gitolite para in ~/.ssh/config..." \
"creating settings for your gitolite access in $HOME/.ssh/config; "creating settings for your gitolite access in $HOME/.ssh/config;
these are the lines that will be appended to your ~/.ssh/config: these are the lines that will be appended to your ~/.ssh/config:
$(cat $tmpgli/.gl-stanza)" $(cat $tmpgli/.gl-stanza)"
cat $tmpgli/.gl-stanza >> $HOME/.ssh/config cat $tmpgli/.gl-stanza >> $HOME/.ssh/config
# if the file didn't exist at all, it might have the wrong permissions # if the file didn't exist at all, it might have the wrong permissions
chmod 644 $HOME/.ssh/config chmod 644 $HOME/.ssh/config
fi fi
}
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# client side stuff almost done; server side now # server side
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# MANUAL: copy the gitolite directories "src", "conf", and "doc" to the # MANUAL: copy the gitolite directories "src", "conf", and "doc" to the
@ -323,42 +344,44 @@ prompt "installing/upgrading..." \
GL_ADMINDIR=$(ssh -p $port $user@$host "perl -e 'do \".gitolite.rc\"; print \$GL_ADMINDIR'") GL_ADMINDIR=$(ssh -p $port $user@$host "perl -e 'do \".gitolite.rc\"; print \$GL_ADMINDIR'")
REPO_BASE=$( ssh -p $port $user@$host "perl -e 'do \".gitolite.rc\"; print \$REPO_BASE'") REPO_BASE=$( ssh -p $port $user@$host "perl -e 'do \".gitolite.rc\"; print \$REPO_BASE'")
# determine if this is an upgrade; we decide based on whether a file called
# $GL_ADMINDIR/conf/gitolite.conf exists on the remote side. We can't do this
# till we know the correct value for GL_ADMINDIR
upgrade=0
if ssh -p $port $user@$host cat $GL_ADMINDIR/conf/gitolite.conf &> /dev/null
then
upgrade=1
[[ -n $admin_name ]] && echo "looks like an upgrade... not using new key '$admin_name' after all!"
else
[[ -z $admin_name ]] && die "this doesn't look like an upgrade... I need a name for the admin"
fi
# MANUAL: still in the "gitolite-install" directory? Good. Run # MANUAL: still in the "gitolite-install" directory? Good. Run
# "src/install.pl" # "src/install.pl"
ssh -p $port $user@$host "cd gitolite-install; src/install.pl $quiet" ssh -p $port $user@$host "cd gitolite-install; src/install.pl $quiet"
# MANUAL: if you're upgrading, just go to your clone of the admin repo, make a # MANUAL: if you're upgrading, run "src/gl-compile-conf" and you're done! --
# dummy change, and push. (This assumes that you didn't change the # ignore the rest of this file for the purposes of an upgrade
# admin_name, pubkeys, userids, ports, or whatever, and you ran easy install
# only to upgrade the software). And then you are **done** -- ignore the rest
# of this file for the purposes of an upgrade
# determine if this is an upgrade; we decide based on whether a pubkey called [[ $upgrade == 1 ]] && {
# $admin_name.pub exists in $GL_ADMINDIR/keydir on the remote side # just compile it, in case the config file's internal format has changed
upgrade=0 # and the hooks expect something different
if ssh -p $port $user@$host cat $GL_ADMINDIR/keydir/$admin_name.pub &> /dev/null ssh -p $port $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf $quiet"
then
prompt "done! prompt "" "done!
If you forgot the help message you saw when you first ran this, there's a If you forgot the help message you saw when you first ran this, there's a
somewhat generic version of it at the end of this file. Try: somewhat generic version of it at the end of this file. Try:
tail -30 $0 tail -30 $0
" \ "
"this looks like an upgrade, based on the fact that a file called
$admin_name.pub already exists in $GL_ADMINDIR/keydir on the server.
Please go to your clone of the admin repo, make a dummy change (like maybe
add a blank line to something), commit, and push. You're done!
(This assumes that you didn't change the admin_name, pubkeys, userids,
ports, or whatever, and you ran easy install only to upgrade the
software)."
exit 0 exit 0
}
fi # ----------------------------------------------------------------------
# from here on it's install only
# ----------------------------------------------------------------------
# MANUAL: setup the initial config file. Edit $GL_ADMINDIR/conf/gitolite.conf # MANUAL: setup the initial config file. Edit $GL_ADMINDIR/conf/gitolite.conf
# and add at least the following lines to it: # and add at least the following lines to it: