easy install: much more idempotent...
- example config file is now all comments (should have been that way anyway) - we detect if it is an upgrade and act accordingly (see below) IMPORTANT: we assume that $admin_name remains the same in an upgrade -- that's how we detect it is an upgrade! Change that name or his pubkey, and you're toast!
This commit is contained in:
parent
2a63026954
commit
8e47e0117a
|
@ -29,20 +29,23 @@
|
||||||
# we need lists at all? (1) to be able to reuse the same set of usernames in
|
# we need lists at all? (1) to be able to reuse the same set of usernames in
|
||||||
# the paras for different repos, (2) to keep the lines short, because lists
|
# the paras for different repos, (2) to keep the lines short, because lists
|
||||||
# accumulate, like squid ACLs, so you can say:
|
# accumulate, like squid ACLs, so you can say:
|
||||||
@cust_A = cust1 cust2
|
|
||||||
@cust_A = cust99
|
# @cust_A = cust1 cust2
|
||||||
|
# @cust_A = cust99
|
||||||
|
|
||||||
# and this is the same as listing all three on the same line
|
# and this is the same as listing all three on the same line
|
||||||
|
|
||||||
# you can nest groups, but not recursively of course!
|
# you can nest groups, but not recursively of course!
|
||||||
@interns = indy james
|
|
||||||
@staff = bob @interns
|
|
||||||
|
|
||||||
@staff = me alice
|
# @interns = indy james
|
||||||
@secret_staff = bruce whitfield martin
|
# @staff = bob @interns
|
||||||
|
|
||||||
@pubrepos = linux git
|
# @staff = me alice
|
||||||
|
# @secret_staff = bruce whitfield martin
|
||||||
|
|
||||||
@privrepos = supersecretrepo anothersecretrepo
|
# @pubrepos = linux git
|
||||||
|
|
||||||
|
# @privrepos = supersecretrepo anothersecretrepo
|
||||||
|
|
||||||
# ----------------------------------------------------------------------------
|
# ----------------------------------------------------------------------------
|
||||||
# REPOS, REFS, and PERMISSIONS
|
# REPOS, REFS, and PERMISSIONS
|
||||||
|
@ -80,29 +83,33 @@
|
||||||
|
|
||||||
# anyone can play in the sandbox, including making non-fastforward commits
|
# anyone can play in the sandbox, including making non-fastforward commits
|
||||||
# (that's what the "+" means)
|
# (that's what the "+" means)
|
||||||
repo sandbox
|
|
||||||
RW+ = @all
|
# repo sandbox
|
||||||
|
# RW+ = @all
|
||||||
|
|
||||||
# my repo and alice's repo have the same memberships and access, so we just
|
# my repo and alice's repo have the same memberships and access, so we just
|
||||||
# put them both in the same stanza
|
# put them both in the same stanza
|
||||||
repo myrepo alicerepo
|
|
||||||
RW+ = me alice
|
# repo myrepo alicerepo
|
||||||
R = bob eve
|
# RW+ = me alice
|
||||||
|
# R = bob eve
|
||||||
|
|
||||||
# this repo is visible to customers from company A but they can't write to it
|
# this repo is visible to customers from company A but they can't write to it
|
||||||
repo cust_A_repo
|
|
||||||
R = @cust_A
|
# repo cust_A_repo
|
||||||
RW = @staff
|
# R = @cust_A
|
||||||
|
# RW = @staff
|
||||||
|
|
||||||
# idea for the tags syntax shamelessly copied from git.git
|
# idea for the tags syntax shamelessly copied from git.git
|
||||||
# Documentation/howto/update-hook-example.txt :)
|
# Documentation/howto/update-hook-example.txt :)
|
||||||
repo @privrepos thirdsecretrepo
|
|
||||||
RW+ pu = bruce
|
# repo @privrepos thirdsecretrepo
|
||||||
RW master next = bruce
|
# RW+ pu = bruce
|
||||||
RW refs/tags/v[0-9].* = bruce
|
# RW master next = bruce
|
||||||
RW refs/tags/ss/ = @secret_staff
|
# RW refs/tags/v[0-9].* = bruce
|
||||||
RW tmp/.* = @secret_staff
|
# RW refs/tags/ss/ = @secret_staff
|
||||||
R = @secret_staff
|
# RW tmp/.* = @secret_staff
|
||||||
|
# R = @secret_staff
|
||||||
|
|
||||||
# ----------------------------------------------------------------------------
|
# ----------------------------------------------------------------------------
|
||||||
# GITWEB AND DAEMON CONTROL
|
# GITWEB AND DAEMON CONTROL
|
||||||
|
|
|
@ -113,12 +113,6 @@ ls src/gl-auth-command \
|
||||||
ssh -p $port -o PasswordAuthentication=no $user@$host true ||
|
ssh -p $port -o PasswordAuthentication=no $user@$host true ||
|
||||||
die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something"
|
die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something"
|
||||||
|
|
||||||
# MANUAL: make sure there's no "gitolite-admin" directory in $HOME (actually
|
|
||||||
# for the manual flow this doesn't matter so much!)
|
|
||||||
|
|
||||||
[[ -d $HOME/gitolite-admin ]] &&
|
|
||||||
die "please delete or move aside the \$HOME/gitolite-admin directory"
|
|
||||||
|
|
||||||
# MANUAL: create a new key for you as a "gitolite user" (as opposed to you as
|
# MANUAL: create a new key for you as a "gitolite user" (as opposed to you as
|
||||||
# the "gitolite admin" who needs to login to the server and get a command
|
# the "gitolite admin" who needs to login to the server and get a command
|
||||||
# line). For example, "ssh-keygen -t rsa ~/.ssh/sitaram"; this would create
|
# line). For example, "ssh-keygen -t rsa ~/.ssh/sitaram"; this would create
|
||||||
|
@ -241,20 +235,30 @@ if scp -P $port $user@$host:.gitolite.rc .
|
||||||
then
|
then
|
||||||
prompt "Oh hey... you already had a '.gitolite.rc' file on the server.
|
prompt "Oh hey... you already had a '.gitolite.rc' file on the server.
|
||||||
Let's see if we can use that instead of the default one..."
|
Let's see if we can use that instead of the default one..."
|
||||||
sort < .gitolite.rc | perl -ne 'print "$1\n" if /^(\$\w+) *=/' > glrc.old
|
sort < .gitolite.rc | perl -ne 'print "$1\n" if /^\s*(\$\w+) *=/' > glrc.old
|
||||||
sort < conf/example.gitolite.rc | perl -ne 'print "$1\n" if /^(\$\w+) *=/' > glrc.new
|
sort < conf/example.gitolite.rc | perl -ne 'print "$1\n" if /^\s*(\$\w+) *=/' > glrc.new
|
||||||
if diff -u glrc.old glrc.new
|
if diff -u glrc.old glrc.new
|
||||||
then
|
then
|
||||||
${VISUAL:-${EDITOR:-vi}} .gitolite.rc
|
${VISUAL:-${EDITOR:-vi}} .gitolite.rc
|
||||||
else
|
else
|
||||||
prompt " looks like you're upgrading! I'm going to run your editor
|
prompt " looks like you're upgrading, and there are some new rc
|
||||||
with *both* the old and the new files (in that order), so you can add
|
variables that this version is expecting that your old rc file doesn't
|
||||||
in the lines pertaining to the variables shown with a '+' sign in the
|
have.
|
||||||
above diff. This is necessary; please dont skip this
|
|
||||||
|
I'm going to run your editor with two filenames. The first is the
|
||||||
|
example file from this gitolite version. It will have a block (code
|
||||||
|
and comments) for each of the variables shown above with a '+' sign.
|
||||||
|
|
||||||
|
The second is your current rc file, the destination. Copy those lines
|
||||||
|
into this file, preferably *with* the surrounding comments (for
|
||||||
|
clarity) and save it.
|
||||||
|
|
||||||
|
This is necessary; please dont skip this!
|
||||||
|
|
||||||
[It's upto you to figure out how your editor handles 2 filename
|
[It's upto you to figure out how your editor handles 2 filename
|
||||||
arguments, switch between them, copy lines, etc ;-)]"
|
arguments, switch between them, copy lines, etc ;-)]"
|
||||||
${VISUAL:-${EDITOR:-vi}} .gitolite.rc conf/example.gitolite.rc
|
|
||||||
|
${VISUAL:-${EDITOR:-vi}} conf/example.gitolite.rc .gitolite.rc
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
cp conf/example.gitolite.rc .gitolite.rc
|
cp conf/example.gitolite.rc .gitolite.rc
|
||||||
|
@ -277,6 +281,31 @@ REPO_BASE=$( ssh -p $port $user@$host "perl -e 'do \".gitolite.rc\"; print \$RE
|
||||||
|
|
||||||
ssh -p $port $user@$host "cd gitolite-install; src/install.pl"
|
ssh -p $port $user@$host "cd gitolite-install; src/install.pl"
|
||||||
|
|
||||||
|
# MANUAL: if you're upgrading, just go to your clone of the admin repo, make a
|
||||||
|
# dummy change, and push. (This assumes that you didn't change the
|
||||||
|
# admin_name, pubkeys, userids, ports, or whatever, and you ran easy install
|
||||||
|
# only to upgrade the software). And then you are **done** -- ignore the rest
|
||||||
|
# of this file for the purposes of an upgrade
|
||||||
|
|
||||||
|
# determine if this is an upgrade; we decide based on whether a pubkey called
|
||||||
|
# $admin_name.pub exists in $GL_ADMINDIR/keydir on the remote side
|
||||||
|
upgrade=0
|
||||||
|
if ssh -p $port $user@$host cat $GL_ADMINDIR/keydir/$admin_name.pub &> /dev/null
|
||||||
|
then
|
||||||
|
prompt "this looks like an upgrade, based on the fact that a file called
|
||||||
|
$admin_name.pub already exists in $GL_ADMINDIR/keydir on the server.
|
||||||
|
|
||||||
|
Please go to your clone of the admin repo, make a dummy change (like maybe
|
||||||
|
add a blank line to something), commit, and push. You're done!
|
||||||
|
|
||||||
|
(This assumes that you didn't change the admin_name, pubkeys, userids,
|
||||||
|
ports, or whatever, and you ran easy install only to upgrade the
|
||||||
|
software)."
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
# MANUAL: setup the initial config file. Edit $GL_ADMINDIR/conf/gitolite.conf
|
# MANUAL: setup the initial config file. Edit $GL_ADMINDIR/conf/gitolite.conf
|
||||||
# and add at least the following lines to it:
|
# and add at least the following lines to it:
|
||||||
|
|
||||||
|
@ -296,20 +325,18 @@ repo testing
|
||||||
|
|
||||||
# send the config and the key to the remote
|
# send the config and the key to the remote
|
||||||
scp -P $port gitolite.conf $user@$host:$GL_ADMINDIR/conf/
|
scp -P $port gitolite.conf $user@$host:$GL_ADMINDIR/conf/
|
||||||
|
|
||||||
scp -P $port $HOME/.ssh/$admin_name.pub $user@$host:$GL_ADMINDIR/keydir
|
scp -P $port $HOME/.ssh/$admin_name.pub $user@$host:$GL_ADMINDIR/keydir
|
||||||
|
|
||||||
# MANUAL: cd to $GL_ADMINDIR and run "src/gl-compile-conf"
|
# MANUAL: cd to $GL_ADMINDIR and run "src/gl-compile-conf"
|
||||||
|
|
||||||
ssh -p $port $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf"
|
ssh -p $port $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf"
|
||||||
|
|
||||||
# ----------------------------------------------------------------------
|
# ----------------------------------------------------------------------
|
||||||
# hey lets go the whole hog on this; setup push-to-admin!
|
# hey lets go the whole hog on this; setup push-to-admin!
|
||||||
# ----------------------------------------------------------------------
|
# ----------------------------------------------------------------------
|
||||||
|
|
||||||
# MANUAL: make the first commit in the admin repo. This is a little more
|
# MANUAL: you have to now make the first commit in the admin repo. This is
|
||||||
# complex, so read carefully and substitute the correct paths. What you have
|
# a little more complex, so read carefully and substitute the correct paths.
|
||||||
# to do is:
|
# What you have to do is:
|
||||||
|
|
||||||
# cd $REPO_BASE/gitolite-admin.git
|
# cd $REPO_BASE/gitolite-admin.git
|
||||||
# GIT_WORK_TREE=$GL_ADMINDIR git add conf/gitolite.conf keydir
|
# GIT_WORK_TREE=$GL_ADMINDIR git add conf/gitolite.conf keydir
|
||||||
|
@ -329,13 +356,14 @@ GIT_WORK_TREE=$GL_ADMINDIR git commit -am start --allow-empty
|
||||||
|
|
||||||
ssh -p $port $user@$host "cd gitolite-install; src/install.pl"
|
ssh -p $port $user@$host "cd gitolite-install; src/install.pl"
|
||||||
|
|
||||||
|
# MANUAL: you're done! Log out of the server, come back to your workstation,
|
||||||
|
# and clone the admin repo using "git clone gitolite:gitolite-admin.git", or
|
||||||
|
# pull once again if you already have a clone
|
||||||
|
|
||||||
prompt "now we will clone the gitolite-admin repo to your workstation
|
prompt "now we will clone the gitolite-admin repo to your workstation
|
||||||
and see if it all hangs together. We'll do this in your \$HOME for now,
|
and see if it all hangs together. We'll do this in your \$HOME for now,
|
||||||
and you can move it elsewhere later if you wish to."
|
and you can move it elsewhere later if you wish to."
|
||||||
|
|
||||||
# MANUAL: you're done! Log out of the server, come back to your workstation,
|
|
||||||
# and clone the admin repo using "git clone gitolite:gitolite-admin.git"!
|
|
||||||
|
|
||||||
cd $HOME
|
cd $HOME
|
||||||
git clone gitolite:gitolite-admin.git
|
git clone gitolite:gitolite-admin.git
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue