Coding on a Budget

Git server setup using gitosis for Centos 5.2

This is a step by step HOWTO to host git repositories using gitosis on a Centos 5.2 box. I'm currently working on a ruby on rails project with Ryan. The need for a source management solution was apparent and I've been using subversion for while. Of course I could make a new subversion repo in no time, my server is already setup, backups being done, and it just works - but according to Linus I was ugly and stupid. Ryan wants me to use git and I really didn't want to be ugly and stupid.

I go about searching the web for a git server howto and found that git wasn't really meant to used in a server/client situation, but more of a peer to peer environment. Gitosis was written to emulate that server/client environment I'm after. I also didn't see anything useful on google that was CentOS specific with setting up gitosis.

Here's how I did it..

 

Step 1 - (On your server)

Install python-setuptools on your server, you'll need it to install gitosis.

As root:

yum -y install python-setuptools

Step 2 - (On your server)

Install git. You'll need the DAG RPM repository for this one.

As root:

- Red Hat Enterprise Linux 5 / i386:

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

- Red Hat Enterprise Linux 5 / x86_64:

rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

 

yum -y install git

Step 3 - (On your server)

Install gitosis.

As root:

git clone git://eagain.net/gitosis.git

(it should download stuff and create a gitosis directory)

cd gitosis

python setup.py install

Step 4 - (On your server)

Make a user called git.

adduser git

Give your new user git a password.

passwd git

Step 5 - (On your client)

The whole point of gitosis is to transfer files via ssh using a shared key process (ie: no password required to login to user git on your server). Now before you go and start doing it the manual way - don't. Gitosis must create and maintain the authorized_keys file.

As your normal user on your client/development box:

ssh-keygen -t rsa (take the defaults)

There is now a new file called id_rsa.pub in ~/.ssh/

 

Copy the id_rsa.pub file to the server:

scp ~/.ssh/id_rsa.pub git@someServer.com:/home/git/

Step 6 - (On your server)

I'm assuming you're still root on the server.

Change to the git user.

su git

cd /home/git

gitosis-init < id_rsa.pub

It should reply with Initialized empty Git repository in ./ - twice..

We can now remove id_rsa.pub as we don't need it anymore.

rm id_rsa.pub

Now we must set some directory and file permissions to let sshd see the new authorized_keys file.

chmod 755 /home/git

chmod 700 /home/git/.ssh

chmod 644 /home/git/.ssh/authorized_keys

Step 7 - (On your client)

We're pretty much done server side. Now we're going to configure the server via the client.

Although I assume this is obvious, you need to install git on your client machine.

git clone git@someServer.com:gitosis-admin.git

cd gitosis-admin

You should see a gitosis.conf file and keydir directory. Here's the thing, anything you need to configure on the server, you actually configure here and commit the changes to the server. Open up gitosis.conf in your favorite text editor

Make a new group name for your project. It really doesn't matter what you name this group. Add users to the member section who will need push access.

[group myTeam]

members = (copy and paste the user from the members = line in the [group gitosis-admin] section)

writable = myNewProject

Save the file. Why did we use that members=user@someServer.com? If you look in the keydir directory, you'll see your public key with the filename user@someServer.com.pub. These are your users (minus the .pub).

Step 8 - (On your client)

You've just made a configuration change. You want the server to allow user@someServer.com to have write access to a project called myNewProject. You must commit this change to the server.

git commit -a -m "Allow the machine I am on right now write access to myNewProject"

git push

Now it's time to make the directory that will contain your project files. Move up out of the gitosis-admin directory.

cd ..

mkdir myNewProject

cd myNewProject

git init

git remote add origin git@someServer.com:myNewProject.git

Add your files, move some files, create some files. Put some files in the myNewProject directory.

Now we can commit the initial push to the server.

git add .

git commit -a -m "This is my initial commit for myNewProject"

git push origin master:refs/heads/master

Git will do some neat things and push things to the server. Now to delete the directory you just created.. Yeah, I said it.

cd ..

rm -fr myNewProject

And now to pull myNewProject from the server using clone..

git clone git@someServer.com:myNewProject

Now you have a version of your code you can actually use, make changes and commit to the server using normal git commands.

As of now, you have a fully functioning git server with a project and a client that can make changes. But what about other people?

Step 9 - (On your client)

So your friend Bob wants to help you out with myNewProject. Have Bob generate his own id_rsa.pub and send it you. When you have it:

cd gitosis-admin

Assuming Bob's id_rsa.pub is in your home directory, move it to the key directory renaming it at the same time:

mv ~/id_rsa.pub keydir/bob.pub

Tell git about the new file:

git add keydir/bob.pub

Edit your gitosis.conf file again. Look for the members line in myNewProject and add Bob to it:

members = user@someServer.com bob

Now you could add bob to be in the gitosis-admin group if you wanted him to be able to do what you're doing now. How much do you trust Bob?

Save the file and quit. It's time to tell your server about Bob and send Bob's public key.

git commit -a -m "Added commit rights to Bob on myNewProject"

git push

The server will automatically add Bob's public key to authorized_keys. Do not attempt to add him manually.

Step 10 -

Do a little dance, you're done.

SSH without password HOWTO for CentOS 5.2

This one is short and sweet and is for CentOS 5.2 installs.

 

On the client machine generate a public key. Do this command as the user you normally run under:

ssh-keygen -t rsa (take the defaults)

There is now a new file called id_rsa.pub in ~/.ssh/

 

Copy the id_rsa.pub file to the server:

scp ~/.ssh/id_rsa.pub someUser@someServer.com:/home/someUser/

 

Log into the server:

ssh someUser@someServer.com

 

Append your client public key to authorized_keys:

cat ~/id_rsa.pub >> ~/.ssh/authorized_keys

 

Remove the client public key on the server, you don't need it anymore:

rm ~/id_rsa.pub

 

Set permissions on the server so sshd can see authorized_keys:

chmod 755 /home/someUser

chmod 700 /home/someUser/.ssh

chmod 644 /home/someUser/.ssh/authorized_keys

 

That's it, the next time you login to the server via the client it shouldn't ask for a password.

Come fly away with me..

 

For Christmas, my wife bought me a discovery flight package from Premiere Aviation.

My first thought was - we're in a recession, I'm thinking of ways to keep my business going and here is this teaser that will cost me thousands of dollars in the long run. I really didn't want to look at a gift that way, my wife was only trying to come up with something unique and special and she knew I always wanted to learn to fly. The gift certificate sat on my desk looking at me for 2 months before I did something about it. I made the call and setup an appointment.

I was paired up with flight instructor Brandon Reed and it didn't take long to realize this was one of those rare people who really enjoyed what they did for a living. Whenever I meet one of these rare people, their enthusiasm is infectious and it makes me more productive - at least for a short period of time. How many people do you know who actually likes going to work? On a side note, just to show how small the planet really is, notice Ed Murray on the same page. Ed was vice president at a company called Trillion Digital Communications where he hired me to do some Linux programming for them. Long story short, the company was eaten by it's "sister" company located out in Austin, Texas. It shouldn't have happened and a bunch of people, some of which I consider friends, lost their jobs.

Back to the original story. The discovery flight basically takes you up in a plane and lets you fly around for a bit. You can talk all day about flying, read all the articles, see all the pictures, but you don't know if you're going to like it until you actually do it. Very similar to swimming, how do you know you like to swim without getting in the water? Reading about swimming in a brochure is not going to give you the sensation of buoyancy. The aircraft assigned to me was a 2006 model Diamond DA-40 G-1000 with the glass cockpit.

We climb in, buckle up, start the preflight checklist, and Brandon talked about how you absolutely cannot stall this aircraft and how great it is to fly. However, when it came time to actually crank it up, it absolutely would not fire up. Apparently this particular model is subject to contact corrosion that will interfere with grounding system. So my first contact with a personal airplane was very much like my first contact with my car - I had to put it in the shop.

Nearby was our backup plane, a 2006 Cessna 172S G-1000 with the glass cockpit.

This plane is for the advanced students who want to be instrument rated licensed. I always considered myself an overachiever so switching to the more difficult plane was fine with me. However, my friend Ryan, had a good laugh as while my plane was new with a digital dash - his was old and half the indicators didn't work.

This plane did start and we proceeded to taxi on to the runway. The sensation of leaving the ground is very much like a commercial flight but much more amplified. You feel the air pressure change around the plane much like you feel the texture of the road via your tires. We performed a straight climb until we reached 1500 feet and then climbed once again to 3500 feet before doing any turns. Doing anything only requires the slightest of moves on the stick. Just like a slight move on a steering wheel while traveling at interstate speeds will perform a lane change, the slightest move on the stick will start a turn. Everything else is micro-moves to keep the plane in a straight line just like you must make constant corrections to keep your car in your lane on the interstate. My wife was in the back seat with the camera taking pictures the whole time. This is what Bessemer looks like at 3500 feet:

Some of my students should recognize the parking lot in the bottom center of this picture. Also displayed in the picture is one of my customer's real estate development park.

I had a blast.. More than a blast actually. Flying that plane around triggered one of those life altering moments. I had a silly grin on my face for hours after the fact and I really can't wait to go back up and do it all again. It really was one of the best days of my life and to top it off I was able to share it with my wife. Now my priorities are: How can I keep my business going? Oh yeah, how can I sneak in paying for a pilot license while doing that?