Who am I?
nfocipher

Head Grunt, David “NfoCipher” Bunt - I'm a programmer..
Experience: With over 14 years professional experience both in corporate and small business environments. I'm a Linux junkie, have a healthy respect for macs, but cannot tolerate anything microsoft related. Been there, done that, never again.

search
calendar
« June 2012 »
Su Mo Tu We Th Fr Sa
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
Recently...
Categories
Links
Archives
Syndicate
Credits
LifeType IE7 XHTML CSS Firefox

« | »

Git server setup using gitosis for Centos 5.2

2009-03-15 @ 08:46 in Coding


This is a step by step HOWTO to host git repositories using gitosis on a Centos 5.2 box. I'm currently working on a ruby on rails project with Ryan. The need for a source management solution was apparent and I've been using subversion for while. Of course I could make a new subversion repo in no time, my server is already setup, backups being done, and it just works - but according to Linus I was ugly and stupid. Ryan wants me to use git and I really didn't want to be ugly and stupid.

I go about searching the web for a git server howto and found that git wasn't really meant to used in a server/client situation, but more of a peer to peer environment. Gitosis was written to emulate that server/client environment I'm after. I also didn't see anything useful on google that was CentOS specific with setting up gitosis.

Here's how I did it..

Step 1 - (On your server)

Install python-setuptools on your server, you'll need it to install gitosis.

As root:

yum -y install python-setuptools



Step 2 - (On your server)

Install git. You'll need the DAG RPM repository for this one.

As root:

- Red Hat Enterprise Linux 5 / i386:

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

- Red Hat Enterprise Linux 5 / x86_64:

rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

 

yum -y install git



Step 3 - (On your server)

Install gitosis.

As root:

git clone git://eagain.net/gitosis.git

(it should download stuff and create a gitosis directory)

cd gitosis

python setup.py install



Step 4 - (On your server)

Make a user called git.

adduser git

Give your new user git a password.

passwd git




Step 5 - (On your client)

The whole point of gitosis is to transfer files via ssh using a shared key process (ie: no password required to login to user git on your server). Now before you go and start doing it the manual way - don't. Gitosis must create and maintain the authorized_keys file.


As your normal user on your client/development box:

ssh-keygen -t rsa (take the defaults)

There is now a new file called id_rsa.pub in ~/.ssh/

 

Copy the id_rsa.pub file to the server:

scp ~/.ssh/id_rsa.pub git@someServer.com:/home/git/



Step 6 - (On your server)

I'm assuming you're still root on the server.

Change to the git user.


su git

cd /home/git

gitosis-init < id_rsa.pub


It should reply with Initialized empty Git repository in ./ - twice..

We can now remove id_rsa.pub as we don't need it anymore.


rm id_rsa.pub


Now we must set some directory and file permissions to let sshd see the new authorized_keys file.


chmod 755 /home/git

chmod 700 /home/git/.ssh

chmod 644 /home/git/.ssh/authorized_keys





Step 7 - (On your client)

We're pretty much done server side. Now we're going to configure the server via the client.

Although I assume this is obvious, you need to install git on your client machine.



git clone git@someServer.com:gitosis-admin.git

cd gitosis-admin



You should see a gitosis.conf file and keydir directory. Here's the thing, anything you need to configure on the server, you actually configure here and commit the changes to the server. Open up gitosis.conf in your favorite text editor

Make a new group name for your project. It really doesn't matter what you name this group. Add users to the member section who will need push access.

[group myTeam]

members = (copy and paste the user from the members = line in the [group gitosis-admin] section)

writable = myNewProject


Save the file. Why did we use that members=user@someServer.com? If you look in the keydir directory, you'll see your public key with the filename user@someServer.com.pub. These are your users (minus the .pub).



Step 8 - (On your client)

You've just made a configuration change. You want the server to allow user@someServer.com to have write access to a project called myNewProject. You must commit this change to the server.


git commit -a -m "Allow the machine I am on right now write access to myNewProject"

git push


Now it's time to make the directory that will contain your project files. Move up out of the gitosis-admin directory.


cd ..

mkdir myNewProject

cd myNewProject

git init

git remote add origin git@someServer.com:myNewProject.git


Add your files, move some files, create some files. Put some files in the myNewProject directory.

Now we can commit the initial push to the server.


git add .

git commit -a -m "This is my initial commit for myNewProject"

git push origin master:refs/heads/master


Git will do some neat things and push things to the server. Now to delete the directory you just created.. Yeah, I said it.


cd ..

rm -fr myNewProject


And now to pull myNewProject from the server using clone..


git clone git@someServer.com:myNewProject


Now you have a version of your code you can actually use, make changes and commit to the server using normal git commands.


As of now, you have a fully functioning git server with a project and a client that can make changes. But what about other people?



Step 9 - (On your client)

So your friend Bob wants to help you out with myNewProject. Have Bob generate his own id_rsa.pub and send it you. When you have it:


cd gitosis-admin


Assuming Bob's id_rsa.pub is in your home directory, move it to the key directory renaming it at the same time:


mv ~/id_rsa.pub keydir/bob.pub


Tell git about the new file:


git add keydir/bob.pub


Edit your gitosis.conf file again. Look for the members line in myNewProject and add Bob to it:


members = user@someServer.com bob


Now you could add bob to be in the gitosis-admin group if you wanted him to be able to do what you're doing now. How much do you trust Bob?


Save the file and quit. It's time to tell your server about Bob and send Bob's public key.


git commit -a -m "Added commit rights to Bob on myNewProject"

git push


The server will automatically add Bob's public key to authorized_keys. Do not attempt to add him manually.



Step 10 -

Do a little dance, you're done.


Posted by nfocipher | Trackback (0) | Permalink

Comments

thank you [Reply]

ive been looking for a centos guide for this for ages cheers your worked a charm

Posted by seanl @ 18:18, 2009-05-13

gitosis + CentOS [Reply]

Thanks a lot, this post is so usefull!

Posted by ring0 @ 15:22, 2009-06-10

Awesome! [Reply]

I tried another tutorial that sucked.
This was perfect.

I did do a little dance. Then I did a lot of dance.

Woot!
Thanks Dude!

Posted by ablemike @ 14:43, 2009-07-30

[Reply]

I started working on some scripts to automate dealing with gitosis a bit more. If you are interested I would greatly welcome any feedback. Please have a look at http://www.christoph-jahn.com/?p=650 for more details.

Regards,
Christoph

Posted by Christoph Jahn @ 23:41, 2009-08-06

[Reply]

I think it's the best guide I've seen to gitosis for someone who doesn't really want to spend much time digging through docs, thanks!

Posted by Tomé Duarte @ 21:27, 2009-09-22

gitolite is probably better for pretty much any purpose now [Reply]

http://github.com/sitaramc/gitolite

I'm the author, so please forgive the bias :-)

However, gitolite now does *everything* that gitosis does, plus has almost a dozen extra features. Most importantly, it has a much (*much*) saner config file format, a much easier install (just get pubkey access to your server working, and then run one command right from a clone!) and the only dependencies are bash and perl.

I'm often on #git on freenode, and within the constraints of living in India (UTC+0530) I try to help as much as I can. Email to sitaramc@gmail.com is also fine.

Posted by Sitaram @ 18:45, 2009-11-15

gitolite is probably better for pretty much any usecase of using gitosis now [Reply]

Hello,

[tried to post this before but it seems to have gotten lost...]

[I'm the author of gitolite, so please consider that I'm biased ;-)]

http://github.com/sitaramc/gitolite is inspired by gitosis, but rewritten from scratch. Lots of extra features, (I mean almost a dozen!) compared to gitosis. Much saner config file format, and much more powerful for people with large configs. Only needs bash and perl on server. (Even the bash part if someone helps me test like on "ksh" etc, it is fairly easy to make more generic)

Install goes like this:

1. find a server/userid to host gitolite for you. Say it's called git@server.

2. get yourself pubkey access to that user from your workstation. That is, make "ssh git@server" work without asking for a password. The usual command in Linux to achieve this is "ssh-copy-id"

-- all this is pure ssh, no git/gitolite involved yet --

3. clone gitolite on your workstation

4. from the clone, run "src/gl-easy-install git server myname".

Done.

Posted by Sitaram @ 19:04, 2009-11-15

... [Reply]

I really enjoyed reading this blogpost, keep up making such interesting stuff.

Posted by cullytook @ 19:03, 2009-11-28

[Reply]

This was exactly what I needed, thanks!

Posted by Colin @ 17:21, 2010-05-20

[Reply]

Very well explained

Thanks

Posted by Carpii @ 02:17, 2010-05-29

Daaaaaaaannnnce :))) [Reply]

Thank you sooo much man!!!!!
I´d flatter u if you´d have a button!

all the best,
jakob

Posted by jakob @ 04:17, 2010-07-31

note about puttygen tool [Reply]

AWESOME tutorial THANKS! this got me running. I did have some difficulty with the tool--- hopefully this will help someone else. when generating keys the puttygen tool creates an email freindly output when you choose to save the keys-- don't load that file-- you need to copy from the top window (the "public key for pastin into OpenSSH authorized_keys file" section) and create your own separate file that you then load into git as outlined above.

Posted by Will Fleming @ 11:45, 2010-10-30

[Reply]

Works great on centos-5.5 - thanks !!!

One nit, you need to add a "-m" option to the adduser commands so adduser makes the home directories.

Thanks again !!!!

Posted by Vince @ 02:01, 2010-12-03

Configuring Gitosis [Reply]

It took me a while to get everything to work right, because Gitosis couldn't find the admin repository. Basically "git@git.server.com:gitosis-admin.git" doesn't work, I need to use "git@git.server.com:/home/git/repositories/gitosis-admin.git" to make things function.

Is there an easy way to tell the server to ignore the "/home/git/repositories/" part? I don't want to have to type that every time ...

Posted by Eric @ 13:49, 2011-05-12

[Reply]

This is great! Very well written, I set up Gitosis in no time.

Posted by Alex @ 14:17, 2011-07-17

git is asking for password! [Reply]

When I try to clone, git is asking for password

Posted by redhat1981 @ 03:45, 2011-11-09

Not asking for Password [Reply]

Hi,

Was my mistake, It is not asking for Password. Actually it does not work on Password, It works on keys.

Thank you!
I have Done with it!
Cheers!!!!!

Posted by redhat1981 @ 05:37, 2011-11-09

Re: Git is asking for password [Reply]

Git is asking for password

Posted by Prem @ 04:28, 2012-02-22

Facing issue [Reply]

Hi,

git clone git://eagain.net/gitosis.git

is not working for me.
When i typed this command on centos 5, i got below error-

[root@localhost ~]# git clone git://eagain.net/gitosis.git
Cloning into 'gitosis'...
fatal: unable to connect to eagain.net:
eagain.net[0: 208.78.102.120]: errno=Connection timed out

I also tried on Suse 11.4 but getting same error.

Need help.

Posted by Sonal @ 01:26, 2012-03-29