Minimal git Infrastructure: Difference between revisions

From Run Your Own
Jump to navigation Jump to search
Line 78: Line 78:


== PRO TIPS ==
== PRO TIPS ==
=== Post-receive hook ===
=== Post-receive Hook Goodness ===
Say that one of your repos is a static website, and that you would like to have this very website updated live as you push to your repos and served on your server from <code>/var/www/static-website</code>. You can tweak the default stagit post-receive git hook to do all this.
Say that one of your repos is a static website, and that you would like to have this very website updated live as you push to your repos and served on your server from <code>/var/www/www.lurk.org</code>. You can tweak the default stagit related post-receive git hook to do all this.


'''SKIPPED:''' From this point we assume that you have configured your HTTP server to serve static-website from <code>/var/www/static-website</code> and that of course this path exits.
'''SKIPPED:''' From this point we assume that you have configured your HTTP server to serve www.lurk.org from <code>/var/www/www.lurk.org</code> and that of course this path exits.


* As root:
* As root:
   
  setfacl -Rm g:gitusers:rwX /var/www/www.lurk.org/
setfacl -d -Rm g:gitusers:rwX /var/www/www.lurk.org/


As any user from the <code>gitusers</code> you can do the following:
As any user from the <code>gitusers</code> you can do the following:
* Clone the repos
cd /var/www/www.lurk.org/
git clone /var/www/git.lurk.org/repos/www.lurk.org.git .
* Go to your repos' hook folder
cd /var/www/git.lurk.org/repos/www.lurk.org.git/hooks
* Delete the current post-receive hook (currently a ''symlink'' to <code>update_single.sh</code>)
rm post-receive
* Copy the same script again
cp ../../../update_single.sh post-receive
* Edit <code>post-receive</code> and append the following:
<pre>
# HERE IS THE EXTRA BIT!
unset GIT_DIR
git -C /var/www/www.lurk.org pull
printf "done updating website\n"
</pre>

Revision as of 21:44, 1 August 2019

Goal: To run your own minimal git infrastructure exclusively for your shell users (sorry no guest, no wiki, no issue tracker, and send patches via email plz or GTFO), making use of ancient ACL magic, and providing a web interface with stagit for public repos browsing and anonymous read-only clone/pull. In this example we use LURK's domain name and server setup as an example.

Prerequisites

Installs

  • Install libgit2 headers and ACL tools, on Debian:
apt install libgit2-dev acl
  • Compile and install stagit, a static git page generator:
cd /usr/src
git clone git://git.codemadness.org/stagit
cd stagit
# Optional: edit stagit-index.c to customize some settings like the site header, etc.
make && make install

configs

We need two directories, one for serving the public static files, and one for keeping the bare git repositories.

  • create these directories for your repos and for stagit:
mkdir -p /var/www/git.lurk.org/repos
  • Get a style
cp /usr/src/stagit/style.css /var/www/git.lurk.org
# Optional: further stylify style.css
  • Get a logo
 wget https://things.bleu255.com/runyourown/images/d/d5/Runyourown.png -O /var/www/git.lurk.org/logo.png
addgroup gitusers
  • Give this group the permissions to modify each others files in the git folders:
setfacl -Rm g:gitusers:rwX /var/www/git.lurk.org/
setfacl -d -Rm g:gitusers:rwX /var/www/git.lurk.org/
  • Add the local users who should have access to full read-write access to the gitusers group:
adduser alice gitusers
adduser bob gitusers
# etc...
  • Create a new nginx site config for the static website in /etc/nginx/sites-enabled/sites-available/git.lurk.org:
server {
  listen 443;

  server_name git.lurk.org;

  root /var/www/git.lurk.org/;
  autoindex on;

  access_log /var/log/nginx/git.lurk.org-access.log;
  error_log /var/log/nginx/git.lurk.org-error.log;
}
  • Enable it and reload nginx:
ln -s /etc/nginx/sites-available/git.lurk.org /etc/nginx/sites-enabled/
service nginx reload

DONE! Now you should make some repos :)

Usage

Create a new repos on the git server

This can be done by any user in the group gitusers, no need to be root:

cd /var/www/git.lurk.org
./new_repos.sh name-of-the-repos "oneline about the repos"

Create local repos and set the git server as origin

On your machine and after the repos on the git server was created:

mkdir name-of-the-repos
cd name-of-the-repos
git init
# now add and git commit some files
git remote add origin server-name:/var/www/git.lurk.org/repos/name-of-the-repos.git
git push --set-upstream origin master

Clone existing repos to contribute

git clone server-name:/var/www/git.lurk.org/repos/name-of-the-repos.git

PRO TIPS

Post-receive Hook Goodness

Say that one of your repos is a static website, and that you would like to have this very website updated live as you push to your repos and served on your server from /var/www/www.lurk.org. You can tweak the default stagit related post-receive git hook to do all this.

SKIPPED: From this point we assume that you have configured your HTTP server to serve www.lurk.org from /var/www/www.lurk.org and that of course this path exits.

  • As root:
setfacl -Rm g:gitusers:rwX /var/www/www.lurk.org/
setfacl -d -Rm g:gitusers:rwX /var/www/www.lurk.org/

As any user from the gitusers you can do the following:

  • Clone the repos
cd /var/www/www.lurk.org/
git clone /var/www/git.lurk.org/repos/www.lurk.org.git .
  • Go to your repos' hook folder
cd /var/www/git.lurk.org/repos/www.lurk.org.git/hooks
  • Delete the current post-receive hook (currently a symlink to update_single.sh)
rm post-receive
  • Copy the same script again
cp ../../../update_single.sh post-receive
  • Edit post-receive and append the following:
# HERE IS THE EXTRA BIT!
unset GIT_DIR
git -C /var/www/www.lurk.org pull
printf "done updating website\n"