Commit graph

45 commits

Author SHA1 Message Date
Sitaram Chamarty 70359ce9ba (minor) doc fixes 2010-11-05 16:08:11 +05:30
Sitaram Chamarty db0485fa7e new method for passing usergroup info (warning: minor backward compat breakage)
The old method of passing in usergroup info had some problems, which are
now fixed.  It is also much easier to use now -- no more "wrapper"
script, plus it should work identially whether you use sshd or httpd.

See doc/big-config.mkd for details on the new method.

----

Notes on problems with the old method:

The old method for passing in usergroup info consisted of tacking them
on as extra arguments to gl-auth-command, after the username.

However, there are some problems with this method.

Some actions in gitolite look for permissions for users other than the
invoking user.  Determining permissions for gitweb and daemon is one.
An admin asking for "info" on some other user, is another.

However, the list of groups sent in via the command line
pertains only to the invoking user, so these actions don't work
correctly.  They may even pick up the wrong permissions.

What it all boils down to is that we need group information for any user
dynamically, instead of being passed a (static) list just for the
invoking user.
2010-10-07 20:20:39 +05:30
Sitaram Chamarty b851011ce5 new RC file variable $GL_SITE_INFO to show site-specific info 2010-10-04 14:33:30 +05:30
Sitaram Chamarty 6b9e75dfcb allow @all to also include gitweb and daemon
By default, @all does not include gitweb and daemon, but if that's what
you want, you can make it happen...  see GL_ALL_INCLUDES_SPECIAL
variable in conf/example.gitolite.rc
2010-08-24 21:38:46 +05:30
Sitaram Chamarty 3a8f32ac9b minor fixups to the "gitweb/daemon from setperms" code...
- fork was not printing a newline after the permissions
  - "add_del_line" to properly handle that damn projects.list file!
2010-08-20 23:09:11 +05:30
Sitaram Chamarty da210f21bd log elapsed time
I'm an idiot.  I say I won't do it, then I go and do it anyway.

Fortunately, in this case, the code and execution remain exactly the
same for people who do not set $GL_PERFLOGT in the rc file, so it's
tolerable.

<evil grin> People who want even more than this can contact Greg Lonnon
(see the mailing list archives at
http://groups.google.com/group/gitolite for an obfuscated but easy to
guess email address) ;-)
2010-08-17 22:35:16 +05:30
Sitaram Chamarty d1d2c3e054 git config settings in wild repos: part 1
- new GL_GITCONFIG_WILD to gate it
  - new sub to do all the hard work (refactored from a few lines in
    compile)
  - split the call from "compile" into two sets -- first for non-wild,
    then for wild

This ensures that after a "compile" (admin push) all git configs are
applied.

TODO: apply them when a new wild repo is created by a user, and then on
the "fork" (admin-defined command)
2010-08-11 22:38:15 +05:30
Sitaram Chamarty fda10c2805 mirroring support...
conf/example.gitolite.rc
  - "slave mode" flag to disable pushes and "list of slaves"

hooks/common/post-receive.mirrorpush
  - code to push to the mirror, creating the repo if needed

src/mirror-shell
  - shell for master pushing to a slave, because we don't actually want
    to go through gitolite itself, yet we have to take care of
    $REPO_BASE being wherever.  And of course we have to set
    GL_BYPASS_UPDATE_HOOK to 1 for the push to happen!

src/gl-mirror-sync
  - manually runnable program to sync from current server to another
2010-08-11 22:37:35 +05:30
Sitaram Chamarty 416d3398b3 (minor) update example RC file docs on GL_GITCONFIG_KEYS usage 2010-08-09 23:21:13 +05:30
Sitaram Chamarty 0d0e7e5d72 (really big config) 2 new rc variables
...to prevent auto-creation of repos from config, and to prevent
processing of ssh keys.  Also doc update
2010-07-23 20:21:52 +05:30
Jeff Mitchell 38403c354f Add GL_WILDREPOS_DEFPERMS
allows a default 'setperms' string to be set for new wildcard
repositories.

Also, fix a bug in the fork script where a failure in the git command
would still cause the rest of the script to attempt to run.
2010-06-22 17:20:23 +05:30
Sitaram Chamarty be3d00079a Revert "allow setperms to override config file permissions"
This reverts commit 9612e3a4cc, since it
is no longer needed as of the rule sequencing changes we just made.

Conflicts:

	src/gl-compile-conf
2010-05-18 16:40:15 +05:30
Sitaram Chamarty 35750c1abe (big-config) update doc and rc, allow skipping gitweb/daemon
skipping gitweb/daemon has an enormous impact on speed of an admin-push!
2010-05-16 12:51:03 +05:30
Sitaram Chamarty cf0e568c89 (big-config) the new "big-config" for large setups
If you have many thousands of repos and users, neatly organised into
groups, etc., the normal gitolite fails.  (It actually runs out of
memory very fast while doing the "compile" when you push the config, due
to the number of combinations of repo/user being stored in the hash!)

This commit series will stop doing that if you set $GL_BIG_CONFIG = 1 in
the rc file.

Some notes:

  - deny rules will still work but somewhat differently -- now they must
    be placed all together in one place to work like before.  Ask me for
    details if you need to know before I get done with the docs

  - I've tested most of the important features, but not every single
    nuance

  - the update hook may be a tad less efficient now; we can try and
    tweak it later if needed but it shouldn't really hurt anything
    significantly even now

  - docs have not been written yet
2010-05-14 20:43:13 +05:30
Sitaram Chamarty 9612e3a4cc allow setperms to override config file permissions 2010-05-14 11:32:35 +05:30
Sitaram Chamarty 3d9f230b41 Merge branch 'master' into pu (svnserve contrib code)
Conflicts:
	src/gl-auth-command
2010-05-10 08:12:09 +05:30
Vladimir Panteleev cf9bb98e87 tweaked and documented svnserve support 2010-05-10 07:01:50 +05:30
Sitaram Chamarty ffccd0a4d3 gl-system-install -- system-wide install program
(as if we didn't already have enough programs with the word "install" in
their names!)

Anyway, this does what an RPM or a DEB would do -- basically implement
the instructions in Appendix C of doc/0.

You can use this to do a system-wide install if your distro isn't as
smart, forward-looking, and uptodate as Fedora ;-)

Clone the repo somewhere, cd to it, and run, for example:

    sudo src/gl-system-install /usr/local/bin /var/gitolite/conf /var/gitolite/hooks

or something like that.  See doc/0 for details.  Run without arguments
for help.
2010-04-29 19:25:39 +05:30
Sitaram Chamarty 567e70ba40 (adc) admin-defined commands
This commit series allows an admin to designate a set of commands that
users can run.  For example, he can allow users to delete a repo that
they have created:

    ssh git@server rmrepo foo/me/bar

or fork (to use github's terminology) a repo they have "R" access to,
into a new one they have "C" access to:

    ssh git@server fork foo/someone-else/bar foo/me/bar

Please see documentation for details

----

(this commit)

  - (rc) new variable $GL_ADC_PATH; without this none of this is enabled
  - (pm) new helper routine "cli_repo_rights" to get rights/ownership
    from outside
  - (auth) call $GL_ADC_PATH/$cmd if it exists
2010-04-25 13:21:16 +05:30
Sitaram Chamarty 344fb0a2b7 allow user to define filenames that our hooks chain to
(although the defaults are still update.secondary and
post-update.secondary if you don't do anything)
2010-04-13 18:26:34 +05:30
Sitaram Chamarty 246165537d new server-side program "gl-tool", subcommand "shell-add"
Previous implementations of "give shell access to some gitolite users"
feature were crap.  There was no easy/elegant way to ensure that someone
who had repo admin access would not manage to get himself shell access.

Giving someone shell access requires that you should have shell access
in the first place, so the simplest way is to enable it from the server
side only.

So now that we decided to do that, we may as well prepare for other,
future, commands by starting a server-side utility program with
sub-commands (the only current one being "shell-add")
2010-04-09 21:05:17 +05:30
Sitaram Chamarty 2456cc17c8 personal branches: de-emphasise old-style, document new-style
There are some disadvantages to the old-style personal branch scheme.
It only allows one specific pattern (of refname) to be used, forces that
pattern to be applicable to *all* repos in the entire config, and
requires editing the rc file (on the server) to be edited to achieve
this.

In other words, it's a very blunt instrument...

The new style depends on using lines like this within a specific repo
config:

        RW+ personal/USER/      =   @userlist

The important thing is that the "branch" name should contain `/USER/`
(including the slashes).  Access is still determined by the right hand
side of course.

This gives you the following advantages:

  - allow it only for repos that need it
  - allow different patterns to be used for different repos
  - allow *multiple* patterns; just add more than one such line
  - allow the pattern to have suffixes (eg: foo/USER/bar)
2010-03-16 18:27:26 +05:30
Eli Barzilay 4cf18d8339 make Emacs use perl mode 2010-02-27 12:31:44 +05:30
Sitaram Chamarty a6b7928bc1 example RC: GL_GITCONFIG_KEYS was not showing up in easy install diff 2010-02-08 06:02:36 +05:30
Sitaram Chamarty a472bf30df compile: tighten up the 'git config' feature
Gitolite allows you to set git repo options using the "config" keyword;
see conf/example.conf for details and syntax.

However, if you are in an installation where the repo admin does not
(and should not) have shell access to the server, then allowing him to
set arbitrary repo config options *may* be a security risk -- some
config settings may allow executing arbitrary commands.

This patch fixes it, introducing a new RC variable to control the
behaviour.  See conf/example.gitolite.rc for details
2010-02-07 13:23:07 +05:30
Sitaram Chamarty 388f4d873d (IMPORTANT; read this in full) no more "wildrepos"
The wildrepos branch has been merged into master, and deleted.  It will no
longer exist as a separate branch.  Instead, a new variable
called $GL_WILDREPOS has been added which acts as a switch; when
off (which is the default), many wildrepos features are disabled.
(the "C" permissions, and the getperms (etc.) commands mainly).

Important: if you are using wildrepos, please set "$GL_WILDREPOS = 1;" in
the RC file when you upgrade to this version (or just before you do the
upgrade).
2010-02-07 13:22:43 +05:30
Sitaram Chamarty 67c10a34fe auth: new subcommand "htpasswd"
great idea by Robin Smidsrød: since users are already capable of
authenticating themselves to gitolite via ssh keys, use that to let them
set or change their own HTTP passwords (ie, run the "htpasswd" command
with the correct parameters on behalf of the "git" user on the server)

code, rc para, and documentation.  In fact everything except... ahem...
testing ;-)

and while we're about it, we also reorganised the way these helper
commands (including the venerable "info" are called)
2010-02-04 11:55:24 +05:30
Sitaram Chamarty 98a4c79dce (read this in full) access control for non-git commands running over ssh
This is actually a pretty big deal, and I am seriously starting wonder
if calling this "gito*lite*" is justified anymore.

Anyway, in for a penny, in for a pound...

This patch implements a generic way to allow access control for external
commands, as long as they are invoked via ssh and present a server-side
command that contains enough information to make an access control
decision.

The first (and only, so far) such command implemented is rsync.

Please read the changes in this commit (at least the ones in conf/ and
doc/) carefully.
2010-02-01 11:49:21 +05:30
Sitaram Chamarty ecfd20e793 @SHELL is now $SHELL_USERS in the rc file (warning: backward compat breakage)
Stop conflating the privilege to push changes to the admin repo with the
privilege to get a shell on the server.

Please read doc/6 carefully before upgrading to this version.  Also
please ensure that the gitolite key is *not* your only means to get a
command line on the server
2010-01-14 19:35:46 +05:30
Sitaram Chamarty 92d5062ad0 doc/src: major doc/help text revamp
also removed some dead code from compile (pre PTA days)
2009-10-31 00:21:37 +05:30
Sitaram Chamarty 8eefc036e0 rc, pta-hook/doc: don't assume $HOME of 'git' user is /home/git
(Thanks to Jerome Arbez-Gindre)
2009-10-23 10:23:06 +05:30
Sitaram Chamarty b3cab456d5 easy-install: committed before testing? tsk tsk tsk! 2009-10-13 10:16:27 +05:30
Sitaram Chamarty 59e15e62a1 support git installed outside default $PATH
(also some minor fixes to doc/3)
2009-10-13 10:03:12 +05:30
Sitaram Chamarty d78bbe8c3e lots of doc changes reflecting "push to admin" is default now :)
- added comments to easy install to help do it manually
  - README: some stuff moved to tips doc, brief summary of extras
    (over gitosis) added
  - INSTALL: major revamp, easy install and manual install,
    much shorter and much more readable!

plus other docs changed as needed, and updated the tips doc to roll in
some details from "update.mkd" in the "ml" branch
2009-10-11 14:19:00 +05:30
Sitaram Chamarty 2f2af033f5 pta-hook.sh: collect delegated config fragments
collect the delegated config fragments from correspondingly named branches of
the gitolite-admin repo, and put them all in conf/fragments/

also deprecate changes to conf and keydir locations from now on
2009-10-04 10:10:40 +05:30
Sitaram Chamarty 70d26d810b compile, all docs/confs: specify gitweb/daemon access + bonus
bonus: documented the "bits and pieces" thing properly; should have done this
long ago, but it came to the forefront now thanks to this item
2009-09-25 13:50:59 +05:30
Sitaram Chamarty 2285e75c22 example rc: say that $PERSONAL must start with "refs/" 2009-09-21 19:36:39 +05:30
Sitaram Chamarty df3dd0de48 compile, rc, doc/3: allow custom umask 2009-09-21 14:49:27 +05:30
Sitaram Chamarty 804c70f570 almost all src/conf: logging totally redone, upgrade doc added
- logs go into $GL_ADMINDIR/logs by default, named by year-month
  - logfile name template (including dir prefix) now in $GL_LOGT
  - two new env vars passed down: GL_TS and GL_LOG (timestamp, logfilename)
  - log messages timestamps more compact, fields tab-delimited
  - old and new SHAs cut to 14 characters
2009-09-06 18:07:38 +05:30
Sitaram Chamarty 4fa1ca6652 minor doc updates re directories etc 2009-09-01 20:33:24 +05:30
Sitaram Chamarty dd13de2d14 update hook/conf: $PERSONAL branch prefix
wicked cool to get it in one line of code!
2009-08-31 08:19:24 +05:30
Sitaram Chamarty 08305aa482 install streamlining:
- install.sh is now install.pl (had to happen sooner or later!)
  - now handles updates more gracefully, doesn't overwrite important stuff :)
  - makes the install sequence much easier to understand
    (just run it and follow the prompts!)

  - made ~/.gitolite.rc much clearer to edit
2009-08-30 13:28:08 +05:30
Sitaram Chamarty 3522087591 compile: REPO_BASE need not be under $HOME
In the "create new repos" loop, we need an absolute value for REPO_BASE, in
order to be able to chdir back and forth.  But (taking the "normal user with
no privileges" assumption too far!) we assumed REPO_BASE would be within
$HOME, and relative to it.  So it fails when someone wants the repo_base
elsewhere.

Now we don't prefix $HOME if REPO_BASE is already absolute (begins with a "/")

bug reported by evocallaghan
2009-08-29 11:41:12 +05:30
Sitaram Chamarty 4e74652b38 source code changes after splitting into src/doc/conf 2009-08-28 09:50:27 +05:30
Sitaram Chamarty f0099a125e reduce clutter by making src, doc, conf subdirectories 2009-08-27 14:00:00 +05:30
Renamed from example.gitolite.rc (Browse further)