Minimal git Infrastructure
Jump to navigation
Jump to search
Goal: To run your own minimal git infrastructure exclusively for your shell users (sorry no guest, no wiki, no issue tracker, and send patches via email plz or GTFO), making use of ancient ACL magic, and providing a web interface with stagit
for public repos browsing and anonymous read-only clone/pull. In this example we use LURK's domain name and server setup as an example.
Prerequisites
Installs
- Install
libgit2
headers and ACL tools, on Debian:
apt install libgit2-dev acl
- Compile and install
stagit
, a staticgit
page generator:
cd /usr/src git clone git://git.codemadness.org/stagit cd stagit make && make install
configs
We need two directories, one for serving the public static files, and one for keeping the bare git
repositories.
- create these directories for your repos and for
stagit
:
mkdir -p /var/www/git.lurk.org/repos
- Copy the following handy shell scripts and put them in
/var/www/git.lurk.org/
:new_repos.sh
: https://git.bleu255.com/stagit/file/scripts/new_repos.sh.htmlreset_all.sh
: https://git.bleu255.com/stagit/file/scripts/reset_all.sh.htmlupdate_all.sh
: https://git.bleu255.com/stagit/file/scripts/update_all.sh.htmlupdate_single.sh
: https://git.bleu255.com/stagit/file/scripts/update_single.sh.html
- dont' forget to
chmod +x
them :) - Edit
new_repos.sh
,update_all.sh
, andupdate_single.sh
to update hardcoded paths and others! - Create a group for the users who will be allowed to create and contribute to any of the hosted repos:
addgroup gitusers
- Give this group the permissions to modify each others files in the git folders:
setfacl -Rm g:gitusers:rwX /var/www/git.lurk.org/ setfacl -d -Rm g:gitusers:rwX /var/www/git.lurk.org/
- Add the local users who should have access to full read-write access to the
gitusers
group:
adduser alice gitusers adduser bob gitusers # etc...
- Create a new nginx site config for the static website in
/etc/nginx/sites-enabled/sites-available/git.lurk.org
:
server {
listen 443;
server_name git.lurk.org;
root /var/www/git.lurk.org/;
autoindex on;
access_log /var/log/nginx/git.lurk.org-access.log;
error_log /var/log/nginx/git.lurk.org-error.log;
}
- Enable it and reload nginx: