easy install: much more idempotent...

- example config file is now all comments (should have been that way anyway)
  - we detect if it is an upgrade and act accordingly (see below)

IMPORTANT: we assume that $admin_name remains the same in an upgrade -- that's
how we detect it is an upgrade!  Change that name or his pubkey, and you're
toast!
This commit is contained in:
Sitaram Chamarty 2009-10-14 11:10:06 +05:30
parent 2a63026954
commit 8e47e0117a
2 changed files with 82 additions and 47 deletions

View file

@ -29,20 +29,23 @@
# we need lists at all? (1) to be able to reuse the same set of usernames in # we need lists at all? (1) to be able to reuse the same set of usernames in
# the paras for different repos, (2) to keep the lines short, because lists # the paras for different repos, (2) to keep the lines short, because lists
# accumulate, like squid ACLs, so you can say: # accumulate, like squid ACLs, so you can say:
@cust_A = cust1 cust2
@cust_A = cust99 # @cust_A = cust1 cust2
# @cust_A = cust99
# and this is the same as listing all three on the same line # and this is the same as listing all three on the same line
# you can nest groups, but not recursively of course! # you can nest groups, but not recursively of course!
@interns = indy james
@staff = bob @interns
@staff = me alice # @interns = indy james
@secret_staff = bruce whitfield martin # @staff = bob @interns
@pubrepos = linux git # @staff = me alice
# @secret_staff = bruce whitfield martin
@privrepos = supersecretrepo anothersecretrepo # @pubrepos = linux git
# @privrepos = supersecretrepo anothersecretrepo
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
# REPOS, REFS, and PERMISSIONS # REPOS, REFS, and PERMISSIONS
@ -80,29 +83,33 @@
# anyone can play in the sandbox, including making non-fastforward commits # anyone can play in the sandbox, including making non-fastforward commits
# (that's what the "+" means) # (that's what the "+" means)
repo sandbox
RW+ = @all # repo sandbox
# RW+ = @all
# my repo and alice's repo have the same memberships and access, so we just # my repo and alice's repo have the same memberships and access, so we just
# put them both in the same stanza # put them both in the same stanza
repo myrepo alicerepo
RW+ = me alice # repo myrepo alicerepo
R = bob eve # RW+ = me alice
# R = bob eve
# this repo is visible to customers from company A but they can't write to it # this repo is visible to customers from company A but they can't write to it
repo cust_A_repo
R = @cust_A # repo cust_A_repo
RW = @staff # R = @cust_A
# RW = @staff
# idea for the tags syntax shamelessly copied from git.git # idea for the tags syntax shamelessly copied from git.git
# Documentation/howto/update-hook-example.txt :) # Documentation/howto/update-hook-example.txt :)
repo @privrepos thirdsecretrepo
RW+ pu = bruce # repo @privrepos thirdsecretrepo
RW master next = bruce # RW+ pu = bruce
RW refs/tags/v[0-9].* = bruce # RW master next = bruce
RW refs/tags/ss/ = @secret_staff # RW refs/tags/v[0-9].* = bruce
RW tmp/.* = @secret_staff # RW refs/tags/ss/ = @secret_staff
R = @secret_staff # RW tmp/.* = @secret_staff
# R = @secret_staff
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
# GITWEB AND DAEMON CONTROL # GITWEB AND DAEMON CONTROL

View file

@ -113,12 +113,6 @@ ls src/gl-auth-command \
ssh -p $port -o PasswordAuthentication=no $user@$host true || ssh -p $port -o PasswordAuthentication=no $user@$host true ||
die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something" die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something"
# MANUAL: make sure there's no "gitolite-admin" directory in $HOME (actually
# for the manual flow this doesn't matter so much!)
[[ -d $HOME/gitolite-admin ]] &&
die "please delete or move aside the \$HOME/gitolite-admin directory"
# MANUAL: create a new key for you as a "gitolite user" (as opposed to you as # MANUAL: create a new key for you as a "gitolite user" (as opposed to you as
# the "gitolite admin" who needs to login to the server and get a command # the "gitolite admin" who needs to login to the server and get a command
# line). For example, "ssh-keygen -t rsa ~/.ssh/sitaram"; this would create # line). For example, "ssh-keygen -t rsa ~/.ssh/sitaram"; this would create
@ -241,20 +235,30 @@ if scp -P $port $user@$host:.gitolite.rc .
then then
prompt "Oh hey... you already had a '.gitolite.rc' file on the server. prompt "Oh hey... you already had a '.gitolite.rc' file on the server.
Let's see if we can use that instead of the default one..." Let's see if we can use that instead of the default one..."
sort < .gitolite.rc | perl -ne 'print "$1\n" if /^(\$\w+) *=/' > glrc.old sort < .gitolite.rc | perl -ne 'print "$1\n" if /^\s*(\$\w+) *=/' > glrc.old
sort < conf/example.gitolite.rc | perl -ne 'print "$1\n" if /^(\$\w+) *=/' > glrc.new sort < conf/example.gitolite.rc | perl -ne 'print "$1\n" if /^\s*(\$\w+) *=/' > glrc.new
if diff -u glrc.old glrc.new if diff -u glrc.old glrc.new
then then
${VISUAL:-${EDITOR:-vi}} .gitolite.rc ${VISUAL:-${EDITOR:-vi}} .gitolite.rc
else else
prompt " looks like you're upgrading! I'm going to run your editor prompt " looks like you're upgrading, and there are some new rc
with *both* the old and the new files (in that order), so you can add variables that this version is expecting that your old rc file doesn't
in the lines pertaining to the variables shown with a '+' sign in the have.
above diff. This is necessary; please dont skip this
I'm going to run your editor with two filenames. The first is the
example file from this gitolite version. It will have a block (code
and comments) for each of the variables shown above with a '+' sign.
The second is your current rc file, the destination. Copy those lines
into this file, preferably *with* the surrounding comments (for
clarity) and save it.
This is necessary; please dont skip this!
[It's upto you to figure out how your editor handles 2 filename [It's upto you to figure out how your editor handles 2 filename
arguments, switch between them, copy lines, etc ;-)]" arguments, switch between them, copy lines, etc ;-)]"
${VISUAL:-${EDITOR:-vi}} .gitolite.rc conf/example.gitolite.rc
${VISUAL:-${EDITOR:-vi}} conf/example.gitolite.rc .gitolite.rc
fi fi
else else
cp conf/example.gitolite.rc .gitolite.rc cp conf/example.gitolite.rc .gitolite.rc
@ -277,6 +281,31 @@ REPO_BASE=$( ssh -p $port $user@$host "perl -e 'do \".gitolite.rc\"; print \$RE
ssh -p $port $user@$host "cd gitolite-install; src/install.pl" ssh -p $port $user@$host "cd gitolite-install; src/install.pl"
# MANUAL: if you're upgrading, just go to your clone of the admin repo, make a
# dummy change, and push. (This assumes that you didn't change the
# admin_name, pubkeys, userids, ports, or whatever, and you ran easy install
# only to upgrade the software). And then you are **done** -- ignore the rest
# of this file for the purposes of an upgrade
# determine if this is an upgrade; we decide based on whether a pubkey called
# $admin_name.pub exists in $GL_ADMINDIR/keydir on the remote side
upgrade=0
if ssh -p $port $user@$host cat $GL_ADMINDIR/keydir/$admin_name.pub &> /dev/null
then
prompt "this looks like an upgrade, based on the fact that a file called
$admin_name.pub already exists in $GL_ADMINDIR/keydir on the server.
Please go to your clone of the admin repo, make a dummy change (like maybe
add a blank line to something), commit, and push. You're done!
(This assumes that you didn't change the admin_name, pubkeys, userids,
ports, or whatever, and you ran easy install only to upgrade the
software)."
exit 0
fi
# MANUAL: setup the initial config file. Edit $GL_ADMINDIR/conf/gitolite.conf # MANUAL: setup the initial config file. Edit $GL_ADMINDIR/conf/gitolite.conf
# and add at least the following lines to it: # and add at least the following lines to it:
@ -296,20 +325,18 @@ repo testing
# send the config and the key to the remote # send the config and the key to the remote
scp -P $port gitolite.conf $user@$host:$GL_ADMINDIR/conf/ scp -P $port gitolite.conf $user@$host:$GL_ADMINDIR/conf/
scp -P $port $HOME/.ssh/$admin_name.pub $user@$host:$GL_ADMINDIR/keydir scp -P $port $HOME/.ssh/$admin_name.pub $user@$host:$GL_ADMINDIR/keydir
# MANUAL: cd to $GL_ADMINDIR and run "src/gl-compile-conf" # MANUAL: cd to $GL_ADMINDIR and run "src/gl-compile-conf"
ssh -p $port $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf" ssh -p $port $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf"
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# hey lets go the whole hog on this; setup push-to-admin! # hey lets go the whole hog on this; setup push-to-admin!
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# MANUAL: make the first commit in the admin repo. This is a little more # MANUAL: you have to now make the first commit in the admin repo. This is
# complex, so read carefully and substitute the correct paths. What you have # a little more complex, so read carefully and substitute the correct paths.
# to do is: # What you have to do is:
# cd $REPO_BASE/gitolite-admin.git # cd $REPO_BASE/gitolite-admin.git
# GIT_WORK_TREE=$GL_ADMINDIR git add conf/gitolite.conf keydir # GIT_WORK_TREE=$GL_ADMINDIR git add conf/gitolite.conf keydir
@ -329,13 +356,14 @@ GIT_WORK_TREE=$GL_ADMINDIR git commit -am start --allow-empty
ssh -p $port $user@$host "cd gitolite-install; src/install.pl" ssh -p $port $user@$host "cd gitolite-install; src/install.pl"
# MANUAL: you're done! Log out of the server, come back to your workstation,
# and clone the admin repo using "git clone gitolite:gitolite-admin.git", or
# pull once again if you already have a clone
prompt "now we will clone the gitolite-admin repo to your workstation prompt "now we will clone the gitolite-admin repo to your workstation
and see if it all hangs together. We'll do this in your \$HOME for now, and see if it all hangs together. We'll do this in your \$HOME for now,
and you can move it elsewhere later if you wish to." and you can move it elsewhere later if you wish to."
# MANUAL: you're done! Log out of the server, come back to your workstation,
# and clone the admin repo using "git clone gitolite:gitolite-admin.git"!
cd $HOME cd $HOME
git clone gitolite:gitolite-admin.git git clone gitolite:gitolite-admin.git