diff --git a/README.mkd b/README.mkd index 5a59bd1..fe85675 100644 --- a/README.mkd +++ b/README.mkd @@ -3,6 +3,10 @@ > [IMPORTANT: There is now an "upgrade" document in the "doc" directory; > please read if upgrading gitolite] +> [Update 2009-10-10: apart from all the nifty new features, there's now an +> "easy install" script in the src directory. Please see the INSTALL +> document in the doc directory for details] + ---- Gitolite is the bare essentials of gitosis, with a completely different diff --git a/doc/0-INSTALL.mkd b/doc/0-INSTALL.mkd index c54c7eb..d4f3b44 100644 --- a/doc/0-INSTALL.mkd +++ b/doc/0-INSTALL.mkd @@ -1,6 +1,52 @@ # installing gitolite -### pre-requisites +### easy install + +There is now an easy install script that makes installing very easy for the +common case. **This script is meant to be run on your workstation, not on the +server!** It will take care of all the server side work, *and* get you +"push-to-admin" too :-) In short, it does **everything**! + +Assumptions: + + * you have a server to host gitolite + * git is installed on that server (and so is perl) + * you have a userid on that server + * you have ssh-pubkey (password-less) login to that userid + * (if you have only password access, run `ssh-keygen -t rsa` to create a + new keypair if needed, then run `ssh-copy-id user@host`) + * you have a clone or an archive of gitolite somewhere on your workstation + +If so, just `cd` to that clone and run `src/00-easy-install.sh` and follow the +prompts! (Running it without any arguments shows you usage plus other useful +info). + +#### advantages over the older install methods + + * all ssh problems reduced to **just one pre-requisite**: enable ssh pubkey + (password-less) access to the server from your workstation first + * the script takes care of all the server side work + * when done: + * you get two different pubkeys (the original one for command line + access as before, plus a new one, created by the script, for gitolite + access) + * you can admin gitolite by commit+push a "gitolite-admin" repo, just + like gitosis (i.e., full "push to admin" power!) + +#### disadvantages + + * has been tested only with Linux. However, the script now makes a much + better "document" on what actually needs to be done, so people installing + on non-Linux machines can probably follow the steps in the script and + install if they wish. Sort of "simulate" it... :) + +### manual install + +If for some reason you cannot use the easy-install method, (for example, +you're on a non-Linux machine) read on. Unlike the easy install, all the +below stuff is meant to be run on the server. + +#### pre-requisites on the server If you managed to install git, you might already have what gitolite needs: @@ -13,7 +59,7 @@ A major objective is to allow use by people without root access, permissions to create other userids, etc. Even if you have root, please add a user just for gitolite and do all this from that user. -### getting a tar file from a clone +#### getting a tar file from a clone You can clone the repo from github, then execute a make command to extract a tar file of the branch you want. Please use the make command, not a plain @@ -24,7 +70,7 @@ tar file of the branch you want. Please use the make command, not a plain make master.tar # or maybe "make rebel.tar" or "make pu.tar" -### quick install from tar file +#### install from tar file * make a temp directory somewhere, cd to it, and unpack the tar file * run `src/install.pl` and follow the prompts diff --git a/src/00-easy-install.sh b/src/00-easy-install.sh new file mode 100755 index 0000000..54cb5a0 --- /dev/null +++ b/src/00-easy-install.sh @@ -0,0 +1,245 @@ +#!/bin/bash + +# easy install for gitolite + +# this is the client side piece. This gets run *before* the server side piece + +# run without any arguments for "usage" info + +# important setting: bail on any errors (else we have to check every single +# command!) +set -e + +die() { echo "$@"; echo "run $0 again without any arguments for help and tips"; exit 1; } +prompt() { + echo + echo + echo ------------------------------------------------------------------------ + echo "$1" + echo + read -p '...press enter to continue or Ctrl-C to bail out' +} +usage() { + cat </dev/null || + die "cant find at least some files in gitolite sources/config; aborting" + +# do we have pubkey auth on the server +ssh -o PasswordAuthentication=no $user@$host pwd >/dev/null || + die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something" + +# can the "gitolite-admin" repo be safely created in $HOME +[[ -d $HOME/gitolite-admin ]] && + die "please delete or move aside the \$HOME/gitolite-admin directory" + +# cool; now let's create a new key for you as a "gitolite user" (as opposed to +# a gitolite admin who needs to login to the server and get a command line) + +[[ -f $HOME/.ssh/$admin_name.pub ]] && die "pubkey $HOME/.ssh/$admin_name.pub exists; can't proceed" +prompt "the next command will create a new keypair for your gitolite access + + The pubkey will be $HOME/.ssh/$admin_name.pub. You will have to + choose a passphrase or hit enter for none. I recommend not having a + passphrase for now, and adding one with 'ssh-keygen -p' *as soon as* + all the setup is done and you've successfully cloned and pushed the + gitolite-admin repo. + + After that, I suggest you (1) install 'keychain' or something + similar, and (2) add the following command to your bashrc (since + this is a non-default key) + + ssh-add \$HOME/.ssh/$admin_name + + This makes using passphrases very convenient." + +ssh-keygen -t rsa -f $HOME/.ssh/$admin_name || die "ssh-keygen failed for some reason..." + +if [[ -n $SSH_AGENT_PID ]] +then + prompt "you're running ssh-agent. We'll try and do an ssh-add of the + private key we just created, otherwise this key won't get picked up. If + you specified a passphrase in the previous step, you'll get asked for one + now -- type in the same one." + + ssh-add $HOME/.ssh/$admin_name +fi + +# ok the gitolite key is done; create a stanza for it in ~/.ssh/config +echo " +host gitolite + hostname $host + user $user + identityfile ~/.ssh/$admin_name" > $HOME/.ssh/.gl-stanza + +if grep 'host *gitolite' $HOME/.ssh/config &>/dev/null +then + prompt "your \$HOME/.ssh/config already has settings for gitolite. I will + assume they're correct, but if they're not, please edit that file, delete + that paragraph (that line and the following few lines), and rerun. + + In case you want to check right now (from another terminal) if they're + correct, here's what they are *supposed* to look like: +$(cat ~/.ssh/.gl-stanza)" + +else + prompt "creating settings for your gitolite access in $HOME/.ssh/config; + these are the lines that will be appended to your ~/.ssh/config: +$(cat ~/.ssh/.gl-stanza)" + + cat $HOME/.ssh/.gl-stanza >> $HOME/.ssh/config + # if the file didn't exist at all, it might have the wrong permissions + chmod 644 $HOME/.ssh/config +fi +rm $HOME/.ssh/.gl-stanza + +# ---------------------------------------------------------------------- +# client side stuff almost done; server side now +# ---------------------------------------------------------------------- + +# setup the gitolite sources and conf on the server +ssh $user@$host mkdir -p gitolite-install +rsync -a src conf doc $user@$host:gitolite-install/ + +# give the user an opportunity to change the rc +cp conf/example.gitolite.rc .gitolite.rc + # hey here it means "release candidate" ;-) + +prompt "the gitolite rc file needs to be edited by hand. The defaults +are sensible, so if you wish, you can just exit the editor. + +Otherwise, make any changes you wish and save it. Read the comments to +understand what is what -- the rc file's documentation is inline. + +Please remember this file will actually be copied to the server, and +that all the paths etc. represent paths on the server!" + +${VISUAL:-${EDITOR:-vi}} .gitolite.rc + +# copy the rc across +scp .gitolite.rc $user@$host: + +prompt "ignore any 'please edit this file' or 'run this command' type +lines in the next set of command outputs coming up. They're only +relevant for a manual install, not this one..." + +# extract the GL_ADMINDIR and REPO_BASE locations +GL_ADMINDIR=$(ssh $user@$host "perl -e 'do \".gitolite.rc\"; print \$GL_ADMINDIR'") +REPO_BASE=$( ssh $user@$host "perl -e 'do \".gitolite.rc\"; print \$REPO_BASE'") + +# run the install script on the server +ssh $user@$host "cd gitolite-install; src/install.pl" + +# setup the initial config file +echo "#gitolite conf +#please see conf/example.conf for details on syntax and features + +repo gitolite-admin + RW+ = $admin_name + +repo testing + RW+ = @all + +" > gitolite.conf + +# send the config and the key to the remote +scp gitolite.conf $user@$host:$GL_ADMINDIR/conf/ + +scp $HOME/.ssh/$admin_name.pub $user@$host:$GL_ADMINDIR/keydir + +# run the compile script on the server +ssh $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf" + +# ---------------------------------------------------------------------- +# hey lets go the whole hog on this; setup push-to-admin! +# ---------------------------------------------------------------------- + +# setup the initial commit for the admin repo +echo "cd $REPO_BASE/gitolite-admin.git +GIT_WORK_TREE=$GL_ADMINDIR git add conf/gitolite.conf keydir +GIT_WORK_TREE=$GL_ADMINDIR git commit -am start +" | ssh $user@$host + +ssh $user@$host "cd gitolite-install; src/install.pl" + +prompt "now we will clone the gitolite-admin repo to your workstation +and see if it all hangs together. We'll do this in your \$HOME for now, +and you can move it elsewhere later if you wish to." + +cd $HOME +git clone gitolite:gitolite-admin.git + +echo +echo +echo ------------------------------------------------------------------------ +echo "Cool -- we're done. Now you can edit the config file (currently +in ~/gitolite-admin/conf/gitolite.conf) to add more repos, users, etc. +When done, 'git add' the changed files, 'git commit' and 'git push'. + +Read the comments in conf/example.conf for information about the config +file format -- like the rc file, this also has inline documentation. + +Your URL for cloning any repo on this server will be + + gitolite:reponame.git + +However, any other users you set up will have to use + + $user@$host:reponame.git + +unless they also create similar settings in their '.ssh/config' file."