diff options
Diffstat (limited to 'tools/gitolite.html')
| -rw-r--r-- | tools/gitolite.html | 431 |
1 files changed, 431 insertions, 0 deletions
diff --git a/tools/gitolite.html b/tools/gitolite.html new file mode 100644 index 0000000..3765a4c --- /dev/null +++ b/tools/gitolite.html @@ -0,0 +1,431 @@ +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>1. Gitolite</title> + </head> + <body> + + <a href="index.html">Tools Index</a> + <h1>1. Gitolite</h1> + + <h2 id="install">1.1. Install Gitolite</h2> + + <p>Install <a href="../ports/gitolite/">Gitolite port</a> first;</p> + <pre> + $ prt-get depinst gitolite + </pre> + + <p>This setup is based on documentation from + <a href="https://wiki.archlinux.org/index.php/Gitolite">Arch Wiki</a>. Mount point;</p> + + <pre> + # mkdir -p /srv/gitolite + # mount /srv/gitolite + </pre> + + <p>Create user;</p> + + <pre> + # useradd -U -d /srv/gitolite gitolite + # passwd gitolite + # chown gitolite:gitolite /srv/gitolite + </pre> + + <p>Password is necessary so the user is not + locked and can login via ssh. This password + will not be used.</p> + + <h2 id="config">1.2. Configure Gitolite</h2> + + <p>You need to copy a public key, read <a href="openssh.html#ssh">ssh</a> + how to create one.</p> + + <pre> + $ sudo install -o gitolite -g gitolite /home/bob/.ssh/gitolite.pub /srv/gitolite/gitolite.pub + </pre> + + <pre> + # su - gitolite + $ gitolite setup -pk gitolite.pub + Initialized empty Git repository in /srv/gitolite/repositories/gitolite-admin.git/ + Initialized empty Git repository in /srv/gitolite/repositories/testing.git/ + WARNING: /srv/gitolite/.ssh missing; creating a new one + (this is normal on a brand new install) + WARNING: /srv/gitolite/.ssh/authorized_keys missing; creating a new one + (this is normal on a brand new install) + $ + </pre> + + <pre> + $ rm gitolite.pub + $ exit + </pre> + + <pre> + $ ssh -v -i ~/.ssh/gitulite_rsa gitolite@localhost -p 2222 + </pre> + + <h2 id="admin">1.3. Gitolite Administration</h2> + + <p>Read how to setup <a href="openssh.html#sshid">ssh identities</a>, + <a href="http://gitolite.com/gitolite/gitolite.html#basic-admin">gitolite documentation</a>. + Start by cloning gitolite-adimin;</p> + + <pre> + $ git clone gitolite:gitolite-admin + </pre> + + <h3>1.3.1. Recover Admin Account</h3> + + <p>First copy the key to remote server, in this example key is on + same server;</p> + + <pre> + # install -o gitolite -g gitolite /home/bob/.ssh/gitolite.pub /srv/gitolite/gitolite.pub + </pre> + + <p>Update gitolite key with new key;</p> + + <pre> + # su - gitolite + $ gitolite setup -pk gitolite.pub + </pre> + + <pre> + $ rm gitolite.pub + $ exit + </pre> + + <h3 id="adminusers">1.3.2. Users</h3> + + <p>Gitolite helps add and remove users from authorized_keys + by allowing add or remove keys from keydir directory in + clone.</p> + + <h4>Add User</h4> + + <pre> + $ mv bob.pub keydir/ + $ git add keydir + $ git commit -m "Added bob public key" + $ git push + </pre> + + <h4>Remove User</h4> + + <pre> + $ git rm keydir/bob.pub + $ git commit -m "Removed bob public key" + $ git push + </pre> + + <h3 id="adminrep">1.3.3. Repositories</h3> + + <h4>Add Repository</h4> + + <p>Add repository atom and user bob to devteam group, + edit conf/gitolite.conf;</p> + + <pre> + @dev = alice david + @interns = clair + @dev = bob + @teamleads = mike + @staff = @interns @dev @teamleads + + @proj-repos = sysdoc storm atom + + repo @floss + R = @all + + repo @proto + RW+ = @staff + + repo @proj-repos + RW+ = @teamleads + - master = @dev + - refs/tags/v[0-9] = @dev + RW+ develop/ = @dev + RW+ feature/ = @dev + RW+ hot-fix/ = @dev + RW = @dev + R = @managers + + repo atom sysdoc + option hook.post-receive = deployweb + + repo testing + RW+ = @staff + + repo gitolite-admin + RW+ = mike + </pre> + + <p>Commit and push;</p> + + <pre> + $ git add -u + $ git push + </pre> + + <p> + <h4>Rename Repository</h4> + + <p>Rename rep void to sysdoc, on remote host;</p> + + <pre> + # cd /srv/gitolite/repositories/ + # mv void.git sysdoc.git + </pre> + + <p>On workstation edit conf/gitolite.conf;</p> + + <pre> + repo sysdoc + RW+ = bob + </pre> + + <p>Commit and push;</p> + + <pre> + $ git add -u + $ git push + </pre> + + <h2 id="hooks">1.4. Gitolite Hooks</h2> + + <p>Example from + <a href="http://gitolite.com/gitolite/cookbook.html#v3.6-variation-repo-specific-hooks">Cookbook</a> + how to apply hooks only to certain repos. Uncomment or add + this line on /srv/gitolite/.gitolite.rc, within the %RC block;</p> + + <pre> + LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", + </pre> + + <p>Uncomment the 'repo-specific-hooks' line in the rc file + or add it to the ENABLE list if it doesn't exist.</p> + + <pre> + GIT_CONFIG_KEYS => '.*', + </pre> + + <pre> + # allow repo-specific hooks to be added + 'repo-specific-hooks', + </pre> + + <p>Put your hooks into your gitolite-admin clone, as follows:</p> + + <pre> + $ cd ~/gitolite-admin + $ mkdir -p local/hooks/repo-specific + </pre> + + <p>Create the same directory on remote as gitolite;</p> + + <pre> + # su - gitolite + $ mkdir local/hooks/repo-specific + </pre> + + <p>Now add your hooks to that directory, but instead of using the + git "standard" names (pre-receive, post-receive, post-update), + you use descriptive names (e.g. "deploy", "RSS-post", etc).</p> + + <h3 id="gtl-deploy">1.4.1. Deploy Hook</h3> + + <p>This manual create two users; one gitolite that handle git + central server and system www for web servers. To avoid permission + problems this example use gitolite hooks and cron. By using cron + we have permission to use chown, this way files end up with right + www user ownership and permissions.</p> + + <p>This hook allows to select wich branch is deployed and if exists, + calls a script inside project folder with user www. This allows to + do post deploy (checkout) tasks such as composer update.</p> + + <p>Create <a href="../conf/srv/gitoliteolite/deployweb">deployweb</a> + in gitolite-admin/local/hooks/repo-specific;</p> + + <pre> + $ vim ~/gitolite-admin/local/hooks/repo-specific/deployweb + </pre> + + <pre> + #!/bin/bash + + ###################################################################### + # + # Put this file in your gitolite-admin; + # ~/gitolite-admin/local/hooks/repo-specific/deployweb + # + while read oldrev newrev refname + do + BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname) + echo "Commit was for branch $BRANCH" + + if [[ "$BRANCH" == "master" ]];then + + # Get project name from current directory (without .git) + PROJECT=$(basename "$PWD") + PROJECT=${PROJECT%.git} + + echo "Project $PROJECT added to deploy list." + echo $PWD > /srv/gitolite/deploy/$PROJECT + fi + + done + </pre> + + <p>Create deploy directory on remote;</p> + + <pre> + # su - gitolite + $ mkdir deploy + </pre> + + <p>Add scripts to the repos you want them to be active in + your conf file. For example:</p> + + <pre> + repo atom @baz + option hook.post-receive = deployweb + </pre> + + <p>Add, commit, and push the admin repo;</p> + + <pre> + $ git add -u && git commit -m "deploy hook" + </pre> + + <p>On remote run;</p> + + <pre> + # su - gitolite + $ gitolite setup + </pre> + + <p>Create deploy script that cron will call + every minute, this script will check inside + /srv/gitolite/deploy folder for projects that have + been updated.</p> + + <p>Create <a href="../conf/srv/gitolite/deploy.sh">deploy.sh</a> in + /usr/share/gitolite;</p> + + <pre> + $ vim /usr/share/gitolite/deploy.sh + </pre> + + <pre> + #!/bin/sh + + ###################################################################### + # + # Put this file in; + # /usr/share/gitolite/deploy.sh + # + DIR_WWW=/srv/www/ + DEPLOY_BRANCH=master + TARGET_USER=www + + for DP_FILE in /srv/gitolite/deploy/* + do + + if [ ! -f "$DP_FILE" ]; then + # Nothing to do ;) + #echo "Deploy: invalid DP_FILE" + exit 1; + fi + + # Get project name + PROJECT=$(basename "$DP_FILE") + echo "Deploy: PROJECT=${PROJECT}" + + # Get git repository path and verify if exists + DIR_GIT=$(head -n 1 $DP_FILE) + if [ ! -d "$DIR_GIT" ]; then + echo "Deploy: invalid DIR_GIT: ${DIR_GIT}" + exit 2; + fi + echo "Deploy: DIR_GIT=${DIR_GIT}" + + # Get directory to deploy and verify if exists + GIT_WORK_TREE=${DIR_WWW}${PROJECT}/ + if [ ! -d "$GIT_WORK_TREE" ]; then + echo "Deploy: invalid GIT_WORK_TREE: ${GIT_WORK_TREE}" + echo "Deploy: creating directory: $GIT_WORK_TREE}" + mkdir -p $GIT_WORK_TREE + fi + echo "Deploy: GIT_WORK_TREE={$GIT_WORK_TREE}" + + # Deploy (checkout) + echo "Deploy: starting git checkout" + + git --git-dir=$DIR_GIT \ + --work-tree=$GIT_WORK_TREE \ + checkout -f $DEPLOY_BRANCH + + + # Fix ownership and permissions + echo "Deploy: fixing permissions" + + echo "Deploy: setting owner: chown -R ${TARGET_USER}" + chown -R ${TARGET_USER}:${TARGET_USER} $GIT_WORK_TREE + + echo "Deploy: setting directory permissions: chmod 755" + find $GIT_WORK_TREE -type d -print0 | xargs -0 chmod 755 + + echo "Deploy: setting file permissions: chmod 644" + find $GIT_WORK_TREE -type f -print0 | xargs -0 chmod 644 + + # Call project script + if [ -f "${GIT_WORK_TREE}/deploy.sh" ]; then + echo "Deploy: calling ${GIT_WORK_TREE}deploy.sh" + cd ${GIT_WORK_TREE} + sudo -u ${TARGET_USER} sh ${GIT_WORK_TREE}deploy.sh + fi + + # Done with project + echo "Deploy: removing deploy file="$DP_FILE + rm $DP_FILE + + exit 0; + done + </pre> + + <p>Add cron job to call deploy script every minute;</p> + + <pre> + # crontab -e + </pre> + + <pre> + # + # /etc/crontab: crond(8) configuration + # + + # this way it will log + # * * * * * /usr/share/gitolite/deploy.sh + # without log + * * * * * /usr/share/gitolite/deploy.sh > /dev/null 2>&1 + + @hourly ID=sys.hourly /usr/sbin/runjobs /etc/cron/hourly + @daily ID=sys.daily /usr/sbin/runjobs /etc/cron/daily + @weekly ID=sys.weekly /usr/sbin/runjobs /etc/cron/weekly + @monthly ID=sys.monthly /usr/sbin/runjobs /etc/cron/monthly + + # End of file + </pre> + + <a href="index.html">Tools Index</a> + <p>This is part of the c9-doc Manual. + Copyright (C) 2016 + Silvino Silva. + See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> + + </body> +</html> |