diff options
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/conf/etc/gitweb.conf | 16 | ||||
| -rw-r--r-- | tools/conf/srv/gitolite/.gitolite.rc | 200 | ||||
| -rwxr-xr-x | tools/conf/srv/gitolite/deployweb | 74 | ||||
| -rwxr-xr-x | tools/conf/srv/gitolite/hook-deployweb | 23 | ||||
| -rw-r--r-- | tools/gitolite.html | 342 | ||||
| -rw-r--r-- | tools/index.html | 21 | ||||
| -rw-r--r-- | tools/nginx.html | 2 | ||||
| -rw-r--r-- | tools/openssh.html | 63 |
8 files changed, 573 insertions, 168 deletions
diff --git a/tools/conf/etc/gitweb.conf b/tools/conf/etc/gitweb.conf new file mode 100644 index 0000000..b7bd004 --- /dev/null +++ b/tools/conf/etc/gitweb.conf @@ -0,0 +1,16 @@ +our $git_temp = "/srv/www/gitweb_tmp"; + +our $projects_list = "/srv/gitolite/projects.list"; +# The directories where your projects are. Must not end with a slash. +our $projectroot = "/srv/gitolite/repositories"; + +# Base URLs for links displayed in the web interface. +our @git_base_url_list = qw(git://core.privat-network.com http://git@core.private-network.com); + +our $projects_list_group_categories = 1; +# By default, gitweb will happily let people browse any repository +# they guess the name of. This may or may not be what you want. +# I prefer to set these, to allow exactly the repositories in +# projects.list to be browsed. +$export_ok = ""; +$strict_export = "true"; diff --git a/tools/conf/srv/gitolite/.gitolite.rc b/tools/conf/srv/gitolite/.gitolite.rc new file mode 100644 index 0000000..e568453 --- /dev/null +++ b/tools/conf/srv/gitolite/.gitolite.rc @@ -0,0 +1,200 @@ +# configuration variables for gitolite + +# This file is in perl syntax. But you do NOT need to know perl to edit it -- +# just mind the commas, use single quotes unless you know what you're doing, +# and make sure the brackets and braces stay matched up! + +# (Tip: perl allows a comma after the last item in a list also!) + +# HELP for commands can be had by running the command with "-h". + +# HELP for all the other FEATURES can be found in the documentation (look for +# "list of non-core programs shipped with gitolite" in the master index) or +# directly in the corresponding source file. + +%RC = ( + + # ------------------------------------------------------------------ + + # default umask gives you perms of '0700'; see the rc file docs for + # how/why you might change this + UMASK => 027, + + # look for "git-config" in the documentation + GIT_CONFIG_KEYS => '.*', + + # comment out if you don't need all the extra detail in the logfile + LOG_EXTRA => 1, + # logging options + # 1. leave this section as is for 'normal' gitolite logging (default) + # 2. uncomment this line to log ONLY to syslog: + # LOG_DEST => 'syslog', + # 3. uncomment this line to log to syslog and the normal gitolite log: + # LOG_DEST => 'syslog,normal', + # 4. prefixing "repo-log," to any of the above will **also** log just the + # update records to "gl-log" in the bare repo directory: + # LOG_DEST => 'repo-log,normal', + # LOG_DEST => 'repo-log,syslog', + # LOG_DEST => 'repo-log,syslog,normal', + + # roles. add more roles (like MANAGER, TESTER, ...) here. + # WARNING: if you make changes to this hash, you MUST run 'gitolite + # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' + ROLES => { + READERS => 1, + WRITERS => 1, + }, + + # enable caching (currently only Redis). PLEASE RTFM BEFORE USING!!! + # CACHE => 'Redis', + + # ------------------------------------------------------------------ + + # rc variables used by various features + + # the 'info' command prints this as additional info, if it is set + # SITE_INFO => 'Please see http://blahblah/gitolite for more help', + + # the CpuTime feature uses these + # display user, system, and elapsed times to user after each git operation + # DISPLAY_CPU_TIME => 1, + # display a warning if total CPU times (u, s, cu, cs) crosses this limit + # CPU_TIME_WARN_LIMIT => 0.1, + + # the Mirroring feature needs this + # HOSTNAME => "foo", + + # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING! + # CACHE_TTL => 600, + + # ------------------------------------------------------------------ + + # suggested locations for site-local gitolite code (see cust.html) + + # this one is managed directly on the server + # LOCAL_CODE => "$ENV{HOME}/local", + + # or you can use this, which lets you put everything in a subdirectory + # called "local" in your gitolite-admin repo. For a SECURITY WARNING + # on this, see http://gitolite.com/gitolite/non-core.html#pushcode + LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", + + # ------------------------------------------------------------------ + + # List of commands and features to enable + + ENABLE => [ + + # COMMANDS + + # These are the commands enabled by default + 'help', + 'desc', + 'info', + 'perms', + 'writable', + + # Uncomment or add new commands here. + # 'create', + # 'fork', + # 'mirror', + # 'readme', + # 'sskm', + # 'D', + + # These FEATURES are enabled by default. + + # essential (unless you're using smart-http mode) + 'ssh-authkeys', + + # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' + 'git-config', + + # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out + 'daemon', + + # creates projects.list file; if you don't use gitweb, comment this out + 'gitweb', + + # These FEATURES are disabled by default; uncomment to enable. If you + # need to add new ones, ask on the mailing list :-) + + # user-visible behaviour + + # prevent wild repos auto-create on fetch/clone + # 'no-create-on-read', + # no auto-create at all (don't forget to enable the 'create' command!) + # 'no-auto-create', + + # access a repo by another (possibly legacy) name + # 'Alias', + + # give some users direct shell access. See documentation in + # sts.html for details on the following two choices. + # "Shell $ENV{HOME}/.gitolite.shell-users", + # 'Shell alice bob', + + # set default roles from lines like 'option default.roles-1 = ...', etc. + # 'set-default-roles', + + # show more detailed messages on deny + # 'expand-deny-messages', + + # show a message of the day + # 'Motd', + + # system admin stuff + + # enable mirroring (don't forget to set the HOSTNAME too!) + # 'Mirroring', + + # allow people to submit pub files with more than one key in them + # 'ssh-authkeys-split', + + # selective read control hack + # 'partial-copy', + + # manage local, gitolite-controlled, copies of read-only upstream repos + # 'upstream', + + # updates 'description' file instead of 'gitweb.description' config item + # 'cgit', + + # allow repo-specific hooks to be added + 'repo-specific-hooks', + + # performance, logging, monitoring... + + # be nice + # 'renice 10', + + # log CPU times (user, system, cumulative user, cumulative system) + # 'CpuTime', + + # syntactic_sugar for gitolite.conf and included files + + # allow backslash-escaped continuation lines in gitolite.conf + # 'continuation-lines', + + # create implicit user groups from directory names in keydir/ + # 'keysubdirs-as-groups', + + # allow simple line-oriented macros + # 'macros', + + # Kindergarten mode + + # disallow various things that sensible people shouldn't be doing anyway + # 'Kindergarten', + ], + +); + +# ------------------------------------------------------------------------------ +# per perl rules, this should be the last line in such a file: +1; + +# Local variables: +# mode: perl +# End: +# vim: set syn=perl: diff --git a/tools/conf/srv/gitolite/deployweb b/tools/conf/srv/gitolite/deployweb new file mode 100755 index 0000000..ca4dce8 --- /dev/null +++ b/tools/conf/srv/gitolite/deployweb @@ -0,0 +1,74 @@ +#!/bin/sh + +###################################################################### +# +# Put this file in; +# /usr/share/gitolite/hooks/deployweb +# +DIR_WWW=/srv/www/ +DEPLOY_BRANCH=master +TARGET_USER=www + +for DP_FILE in /srv/gitolite/deploy/* +do + + if [ ! -f "$DP_FILE" ]; then + # Nothing to do ;) + #echo "Deploy: invalid DP_FILE" + exit 1; + fi + + # Get project name + PROJECT=$(basename "$DP_FILE") + echo "Deploy: PROJECT=${PROJECT}" + + # Get git repository path and verify if exists + DIR_GIT=$(head -n 1 $DP_FILE) + if [ ! -d "$DIR_GIT" ]; then + echo "Deploy: invalid DIR_GIT: ${DIR_GIT}" + exit 2; + fi + echo "Deploy: DIR_GIT=${DIR_GIT}" + + # Get directory to deploy and verify if exists + GIT_WORK_TREE=${DIR_WWW}${PROJECT}/ + if [ ! -d "$GIT_WORK_TREE" ]; then + echo "Deploy: invalid GIT_WORK_TREE: ${GIT_WORK_TREE}" + echo "Deploy: creating directory: $GIT_WORK_TREE}" + mkdir -p $GIT_WORK_TREE + fi + echo "Deploy: GIT_WORK_TREE={$GIT_WORK_TREE}" + + # Deploy (checkout) + echo "Deploy: starting git checkout" + + git --git-dir=$DIR_GIT \ + --work-tree=$GIT_WORK_TREE \ + checkout -f $DEPLOY_BRANCH + + + # Fix ownership and permissions + echo "Deploy: fixing permissions" + + echo "Deploy: setting owner: chown -R ${TARGET_USER}" + chown -R ${TARGET_USER}:${TARGET_USER} $GIT_WORK_TREE + + echo "Deploy: setting directory permissions: chmod 755" + find $GIT_WORK_TREE -type d -print0 | xargs -0 chmod 755 + + echo "Deploy: setting file permissions: chmod 644" + find $GIT_WORK_TREE -type f -print0 | xargs -0 chmod 644 + + # Call project script + if [ -f "${GIT_WORK_TREE}/deploy.sh" ]; then + echo "Deploy: calling ${GIT_WORK_TREE}deploy.sh" + cd ${GIT_WORK_TREE} + sudo -u ${TARGET_USER} sh ${GIT_WORK_TREE}deploy.sh + fi + + # Done with project + echo "Deploy: removing deploy file="$DP_FILE + rm $DP_FILE + + exit 0; +done diff --git a/tools/conf/srv/gitolite/hook-deployweb b/tools/conf/srv/gitolite/hook-deployweb new file mode 100755 index 0000000..a311c00 --- /dev/null +++ b/tools/conf/srv/gitolite/hook-deployweb @@ -0,0 +1,23 @@ +#!/bin/bash + +###################################################################### +# +# Put this file in your gitolite-admin; +# ~/gitolite-admin/local/hooks/repo-specific/hook-deployweb +# +while read oldrev newrev refname +do + BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname) + echo "Commit was for branch $BRANCH" + + if [[ "$BRANCH" == "master" ]];then + + # Get project name from current directory (without .git) + PROJECT=$(basename "$PWD") + PROJECT=${PROJECT%.git} + + echo "Project $PROJECT added to deploy list." + echo $PWD > /srv/gitolite/deploy/$PROJECT + fi + +done diff --git a/tools/gitolite.html b/tools/gitolite.html index 58d6d96..2ff5a85 100644 --- a/tools/gitolite.html +++ b/tools/gitolite.html @@ -23,7 +23,7 @@ <pre> # mkdir -p /srv/gitolite - # useradd -U -d /srv/gitolite gitolite + # useradd -r -s /bin/bash -m -d /srv/gitolite gitolite # chown gitolite:gitolite /srv/gitolite </pre> @@ -38,10 +38,20 @@ <p>Copy public key that will be used for authenticating gitolite administrator, read <a href="openssh.html#ssh">ssh</a> how to - create one.</p> + create one, key don't need to have password. + If the server is on remote a remote + machine you can use scp to copy the public key;</p> <pre> - $ sudo install -o gitolite -g gitolite /home/bob/.ssh/gitolite.pub /srv/gitolite/gitolite.pub + $ scp /home/bob/.ssh/gitolite.pub admin@core.privat-network.net:/home/admin/ + bob@core.privat-network.net's password: + gitolite.pub 100% 390 0.4KB/s 00:00 + </pre> + + <p>Then on remote machine;</p> + + <pre> + # cp /home/admin/gitolite.pub /srv/gitolite.pub </pre> <pre> @@ -62,7 +72,7 @@ </pre> <pre> - $ ssh -v -i ~/.ssh/gitulite_rsa gitolite@localhost -p 2222 + $ ssh -v -i ~/.ssh/gitolite gitolite@localhost -p 2222 </pre> <h2 id="admin">3. Gitolite Administration</h2> @@ -72,7 +82,7 @@ Start by cloning gitolite-adimin;</p> <pre> - $ git clone gitolite:gitolite-admin + $ git clone git-admin:gitolite-admin </pre> <h3>3.1. Recover Admin Account</h3> @@ -127,13 +137,15 @@ edit conf/gitolite.conf;</p> <pre> + @guests = gitweb + @interns = clair bob @dev = alice david - @interns = clair - @dev = bob @teamleads = mike @staff = @interns @dev @teamleads - @proj-repos = sysdoc storm atom + + repo gitolite-admin + RW+ = gitolite repo @floss R = @all @@ -141,24 +153,23 @@ repo @proto RW+ = @staff - repo @proj-repos + repo @project RW+ = @teamleads - master = @dev - refs/tags/v[0-9] = @dev RW+ develop/ = @dev - RW+ feature/ = @dev - RW+ hot-fix/ = @dev + RW+ feature/ = @dev @interns + RW+ hot-fix/ = @dev @interns RW = @dev - R = @managers + R = @interns @guests - repo atom sysdoc - option hook.post-receive = deployweb + @project = c9-doc c9-ports + + repo c9-doc c9-ports + option hook.post-receive = hook-deployweb repo testing RW+ = @staff - - repo gitolite-admin - RW+ = mike </pre> <p>Commit and push;</p> @@ -174,13 +185,13 @@ <pre> # cd /srv/gitolite/repositories/ - # mv void.git sysdoc.git + # mv void.git c9-doc.git </pre> <p>On workstation edit conf/gitolite.conf;</p> <pre> - repo sysdoc + repo c9-doc RW+ = bob </pre> @@ -196,7 +207,8 @@ <p>Example from <a href="http://gitolite.com/gitolite/cookbook.html#v3.6-variation-repo-specific-hooks">Cookbook</a> how to apply hooks only to certain repos. Uncomment or add - this line on /srv/gitolite/.gitolite.rc, within the %RC block;</p> + this line on <a href="conf/srv/gitolite/.gitolite.rc">/srv/gitolite/.gitolite.rc</a>, + within the %RC block;</p> <pre> LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", @@ -206,32 +218,29 @@ or add it to the ENABLE list if it doesn't exist.</p> <pre> - GIT_CONFIG_KEYS => '.*', - </pre> - - <pre> # allow repo-specific hooks to be added 'repo-specific-hooks', </pre> - <p>Put your hooks into your gitolite-admin clone, as follows:</p> + <p>Create directory on gitolite-admin clone;</p> <pre> $ cd ~/gitolite-admin $ mkdir -p local/hooks/repo-specific </pre> - <p>Create the same directory on remote as gitolite;</p> + <p>Now add your hooks to that directory, but instead of using the + git "standard" names (pre-receive, post-receive, post-update), + you use descriptive names (e.g. "deploy", "RSS-post", etc).</p> + + <p>On remote run;</p> <pre> # su - gitolite - $ mkdir local/hooks/repo-specific + $ mkdir .gitolite/local/hooks/repo-specific + $ gitolite setup </pre> - <p>Now add your hooks to that directory, but instead of using the - git "standard" names (pre-receive, post-receive, post-update), - you use descriptive names (e.g. "deploy", "RSS-post", etc).</p> - <h3 id="gtl-deploy">4.1. Deploy Hook</h3> <p>This manual create two users; one gitolite that handle git @@ -244,12 +253,8 @@ calls a script inside project folder with user www. This allows to do post deploy (checkout) tasks such as composer update.</p> - <p>Create <a href="../conf/srv/gitoliteolite/deployweb">deployweb</a> - in gitolite-admin/local/hooks/repo-specific;</p> - - <pre> - $ vim ~/gitolite-admin/local/hooks/repo-specific/deployweb - </pre> + <p>Create + <a href="conf/srv/gitolite/hook-deployweb">gitolite-admin/local/hooks/repo-specific/hook-deployweb</a>;</p> <pre> #!/bin/bash @@ -257,7 +262,7 @@ ###################################################################### # # Put this file in your gitolite-admin; - # ~/gitolite-admin/local/hooks/repo-specific/deployweb + # ~/gitolite-admin/local/hooks/repo-specific/hook-deployweb # while read oldrev newrev refname do @@ -277,19 +282,12 @@ done </pre> - <p>Create deploy directory on remote;</p> - - <pre> - # su - gitolite - $ mkdir deploy - </pre> - <p>Add scripts to the repos you want them to be active in your conf file. For example:</p> <pre> - repo atom @baz - option hook.post-receive = deployweb + repo c9-doc + option hook.post-receive = hook-deployweb </pre> <p>Add, commit, and push the admin repo;</p> @@ -298,6 +296,13 @@ $ git add -u && git commit -m "deploy hook" </pre> + <p>Create deploy directory on remote;</p> + + <pre> + # su - gitolite + $ mkdir deploy + </pre> + <p>On remote run;</p> <pre> @@ -310,112 +315,205 @@ /srv/gitolite/deploy folder for projects that have been updated.</p> - <p>Create <a href="../conf/srv/gitolite/deploy.sh">deploy.sh</a> in - /usr/share/gitolite;</p> + <p>Create <a href="conf/srv/gitolite/deployweb">/usr/share/gitolite/hooks/deployweb</a>;</p> <pre> - $ vim /usr/share/gitolite/deploy.sh + #!/bin/sh + + ###################################################################### + # + # Put this file in; + # /usr/share/gitolite/hooks/deployweb + # + DIR_WWW=/srv/www/ + DEPLOY_BRANCH=master + TARGET_USER=www + + for DP_FILE in /srv/gitolite/deploy/* + do + + if [ ! -f "$DP_FILE" ]; then + # Nothing to do ;) + #echo "Deploy: invalid DP_FILE" + exit 1; + fi + + # Get project name + PROJECT=$(basename "$DP_FILE") + echo "Deploy: PROJECT=${PROJECT}" + + # Get git repository path and verify if exists + DIR_GIT=$(head -n 1 $DP_FILE) + if [ ! -d "$DIR_GIT" ]; then + echo "Deploy: invalid DIR_GIT: ${DIR_GIT}" + exit 2; + fi + echo "Deploy: DIR_GIT=${DIR_GIT}" + + # Get directory to deploy and verify if exists + GIT_WORK_TREE=${DIR_WWW}${PROJECT}/ + if [ ! -d "$GIT_WORK_TREE" ]; then + echo "Deploy: invalid GIT_WORK_TREE: ${GIT_WORK_TREE}" + echo "Deploy: creating directory: $GIT_WORK_TREE}" + mkdir -p $GIT_WORK_TREE + fi + echo "Deploy: GIT_WORK_TREE={$GIT_WORK_TREE}" + + # Deploy (checkout) + echo "Deploy: starting git checkout" + + git --git-dir=$DIR_GIT \ + --work-tree=$GIT_WORK_TREE \ + checkout -f $DEPLOY_BRANCH + + + # Fix ownership and permissions + echo "Deploy: fixing permissions" + + echo "Deploy: setting owner: chown -R ${TARGET_USER}" + chown -R ${TARGET_USER}:${TARGET_USER} $GIT_WORK_TREE + + echo "Deploy: setting directory permissions: chmod 755" + find $GIT_WORK_TREE -type d -print0 | xargs -0 chmod 755 + + echo "Deploy: setting file permissions: chmod 644" + find $GIT_WORK_TREE -type f -print0 | xargs -0 chmod 644 + + # Call project script + if [ -f "${GIT_WORK_TREE}/deploy.sh" ]; then + echo "Deploy: calling ${GIT_WORK_TREE}deploy.sh" + cd ${GIT_WORK_TREE} + sudo -u ${TARGET_USER} sh ${GIT_WORK_TREE}deploy.sh + fi + + # Done with project + echo "Deploy: removing deploy file="$DP_FILE + rm $DP_FILE + + exit 0; + done </pre> + <p>Add cron job to call deploy script every minute;</p> + <pre> - #!/bin/sh + # crontab -e + </pre> - ###################################################################### - # - # Put this file in; - # /usr/share/gitolite/deploy.sh - # - DIR_WWW=/srv/www/ - DEPLOY_BRANCH=master - TARGET_USER=www + <pre> + # + # /etc/crontab: crond(8) configuration + # - for DP_FILE in /srv/gitolite/deploy/* - do + # this way it will log + # * * * * * /usr/share/gitolite/hooks/deployweb + # without log + * * * * * /usr/share/gitolite/hooks/deployweb > /dev/null 2>&1 - if [ ! -f "$DP_FILE" ]; then - # Nothing to do ;) - #echo "Deploy: invalid DP_FILE" - exit 1; - fi + @hourly ID=sys.hourly /usr/sbin/runjobs /etc/cron/hourly + @daily ID=sys.daily /usr/sbin/runjobs /etc/cron/daily + @weekly ID=sys.weekly /usr/sbin/runjobs /etc/cron/weekly + @monthly ID=sys.monthly /usr/sbin/runjobs /etc/cron/monthly - # Get project name - PROJECT=$(basename "$DP_FILE") - echo "Deploy: PROJECT=${PROJECT}" + # End of file + </pre> - # Get git repository path and verify if exists - DIR_GIT=$(head -n 1 $DP_FILE) - if [ ! -d "$DIR_GIT" ]; then - echo "Deploy: invalid DIR_GIT: ${DIR_GIT}" - exit 2; - fi - echo "Deploy: DIR_GIT=${DIR_GIT}" + <h2 id="gitweb">5. Gitweb</h2> - # Get directory to deploy and verify if exists - GIT_WORK_TREE=${DIR_WWW}${PROJECT}/ - if [ ! -d "$GIT_WORK_TREE" ]; then - echo "Deploy: invalid GIT_WORK_TREE: ${GIT_WORK_TREE}" - echo "Deploy: creating directory: $GIT_WORK_TREE}" - mkdir -p $GIT_WORK_TREE - fi - echo "Deploy: GIT_WORK_TREE={$GIT_WORK_TREE}" + <pre> + $ prt-get depinst p5-cgi p5-cgi-session libcgi fcgiwrap spawn-fcgi + </pre> - # Deploy (checkout) - echo "Deploy: starting git checkout" + <h3>5.1. Configure gitweb</h3> - git --git-dir=$DIR_GIT \ - --work-tree=$GIT_WORK_TREE \ - checkout -f $DEPLOY_BRANCH + <p>Edit /etc/gitweb.conf</p> + <pre> + our $git_temp = "/srv/www/gitweb_tmp"; - # Fix ownership and permissions - echo "Deploy: fixing permissions" + our $projects_list = "/srv/gitolite/projects.list"; + # The directories where your projects are. Must not end with a slash. + our $projectroot = "/srv/gitolite/repositories"; - echo "Deploy: setting owner: chown -R ${TARGET_USER}" - chown -R ${TARGET_USER}:${TARGET_USER} $GIT_WORK_TREE + # Base URLs for links displayed in the web interface. + our @git_base_url_list = qw(git://core.privat-network.com http://git@core.private-network.com); - echo "Deploy: setting directory permissions: chmod 755" - find $GIT_WORK_TREE -type d -print0 | xargs -0 chmod 755 + our $projects_list_group_categories = 1; + </pre> - echo "Deploy: setting file permissions: chmod 644" - find $GIT_WORK_TREE -type f -print0 | xargs -0 chmod 644 + <h3>5.2. Configure nginx</h3> - # Call project script - if [ -f "${GIT_WORK_TREE}/deploy.sh" ]; then - echo "Deploy: calling ${GIT_WORK_TREE}deploy.sh" - cd ${GIT_WORK_TREE} - sudo -u ${TARGET_USER} sh ${GIT_WORK_TREE}deploy.sh - fi + <p>Edit /etc/rc.d/fcgiwrap to run as www user;</p> - # Done with project - echo "Deploy: removing deploy file="$DP_FILE - rm $DP_FILE + <pre> + USER=nginx + GROUP=nginx + </pre> - exit 0; - done + <pre> + # usermod -G www,gitolite nginx </pre> - <p>Add cron job to call deploy script every minute;</p> + <p>Create link from gitweb to web server folder;</p> <pre> - # crontab -e + # ln -s /usr/share/gitweb /srv/www </pre> + <p>Add this to default or main + <a href="nginx.html#virtual-host">nginx virtual host</a>;</p> + <pre> - # - # /etc/crontab: crond(8) configuration - # + location /gitweb/gitweb.cgi { + alias /srv/www/gitweb; + include fastcgi_params; + gzip off; + fastcgi_param SCRIPT_FILENAME /srv/www/gitweb/gitweb.cgi; + fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; + fastcgi_pass unix:/var/run/fcgiwrap.sock; + } - # this way it will log - # * * * * * /usr/share/gitolite/deploy.sh - # without log - * * * * * /usr/share/gitolite/deploy.sh > /dev/null 2>&1 + location /gitweb { + alias /srv/www/gitweb; + index gitweb.cgi; + } + </pre> - @hourly ID=sys.hourly /usr/sbin/runjobs /etc/cron/hourly - @daily ID=sys.daily /usr/sbin/runjobs /etc/cron/daily - @weekly ID=sys.weekly /usr/sbin/runjobs /etc/cron/weekly - @monthly ID=sys.monthly /usr/sbin/runjobs /etc/cron/monthly + <h3>5.3. Configure gitolite</h3> - # End of file + <p>Edit + <a href="conf/srv/gitolite/.gitolite.rc">/srv/gitolite/.gitolite.rc</a>, + change UMASK and GIT_CONFIG_KEYS to;</p> + + <pre> + # default umask gives you perms of '0700'; see the rc file docs for + # how/why you might change this + UMASK => 027, + + # look for "git-config" in the documentation + GIT_CONFIG_KEYS => '.*', + </pre> + + <p>Fix permissions;</p> + + <pre> + $ sudo chown -R gitolite:gitolite /srv/gitolite + $ sudo chmod g+rx /srv/gitolite/projects.list + $ sudo chmod -R 755 /srv/gitolite/repositories/ + </pre> + + <p>Edit gitolite-admin/conf/gitolite.conf;</p> + + <pre> + repo c9-doc + config gitweb.owner = c9 team + config gitweb.description = c9 documentation + config gitweb.category = c9 + + repo c9-ports + config gitweb.owner = c9 team + config gitweb.description = c9 ports + config gitweb.category = c9 </pre> <a href="index.html">Tools Index</a> diff --git a/tools/index.html b/tools/index.html index 1b63a92..71fc2e4 100644 --- a/tools/index.html +++ b/tools/index.html @@ -133,12 +133,23 @@ <li><a href="openssh.html#reverse">3. Reverse connection</a></li> </ul> </li> + <li><a href="nginx.html">Nginx</a> + <ul> + <li><a href="nginx.html#install">1. Install Nginx</a></li> + <li><a href="nginx.html#certs">2. Certificates</a></li> + <li><a href="nginx.html#nginxconf">3. Nginx Configuration</a></li> + <li><a href="nginx.html#server">4. Server with PHP</a></li> + <li><a href="nginx.html#userdir">5. User Directory</a></li> + <li><a href="nginx.html#logs">6. Logs</a></li> + </ul> + </li> <li><a href="gitolite.html">Gitolite</a> <ul> <li><a href="gitolite.html#install">1. Install Gitolite</a></li> <li><a href="gitolite.html#config">2. Configure Gitolite</a></li> <li><a href="gitolite.html#admin">3. Gitolite Administration</a></li> <li><a href="gitolite.html#hooks">4. Gitolite Hooks</a></li> + <li><a href="gitolite.html#gitweb">5. Gitweb</a></li> </ul> </li> <li><a href="postgresql.html">Postgresql</a> @@ -152,16 +163,6 @@ <li><a href="postgresql.html#psql">7. Psql</a></li> </ul> </li> - <li><a href="nginx.html">Nginx</a> - <ul> - <li><a href="nginx.html#install">1. Install Nginx</a></li> - <li><a href="nginx.html#certs">2. Certificates</a></li> - <li><a href="nginx.html#nginxconf">3. Nginx Configuration</a></li> - <li><a href="nginx.html#server">4. Server with PHP</a></li> - <li><a href="nginx.html#userdir">5. User Directory</a></li> - <li><a href="nginx.html#logs">6. Logs</a></li> - </ul> - </li> </ul> <a href="../index.html">Documentation Index</a> diff --git a/tools/nginx.html b/tools/nginx.html index 0ded2b6..5a2e00c 100644 --- a/tools/nginx.html +++ b/tools/nginx.html @@ -257,7 +257,7 @@ /etc/php/conf.d/pdo_pgsql.ini </pre> - <h3>4.2. Setup Virtual Host</h3> + <h3 id="virtual-host">4.2. Setup Virtual Host</h3> <p>Server (virtual host) with pmwiki and flyspray, check <a href="conf/etc/nginx/sites/">/etc/nginx/sites</a> diff --git a/tools/openssh.html b/tools/openssh.html index d0a549c..12e5827 100644 --- a/tools/openssh.html +++ b/tools/openssh.html @@ -196,31 +196,28 @@ <h3 id="sshpubkey">2.1. Install Public Keys</h3> - <p>Send gitolite.pub public key to server. In this example - bob (administrator of gitolite) is on same host, - first copy is public key to admin home directory;</p> + <p>Example how to give ssh access to bob user to admin account + using public key authentication. Is necessary to make user public + key available in the server, this can be done by several ways, in + this example the public key will be copied using scp;</p> <pre> - # install -o admin -g admin /home/bob/.ssh/gitolite.pub /home/admin/.ssh/gitolite.pub - </pre> - - <p>If the server is on remote a remote machine;</p> - - <pre> - $ scp /home/bob/.ssh/gitolite.pub admin@core.privat-network.net:/home/admin/.ssh/ + $ scp /home/bob/.ssh/id_rsa.pub admin@core.privat-network.net:/home/admin/.ssh/ bob@core.privat-network.net's password: - gitolite.pub 100% 390 0.4KB/s 00:00 + id_rsa.pub 100% 390 0.4KB/s 00:00 </pre> - <p>In case of bob public key for normal ssh login, admin can - add his public key to authorized keys;</p> + <p>Login on remote as admin and add bob public key to authorized keys;</p> <pre> - $ cat bob_rsa.pub >> ~/.ssh/authorized_keys + $ cat ~/.ssh/bob_rsa.pub >> ~/.ssh/authorized_keys </pre> + <p>Now bob can login as admin on remote server using publik key + athentication;</p> + <pre> - $ ssh -P 2222 bob@remote.org + $ ssh -P 2222 admin@remote.org </pre> <h3 id="sshid">2.2. Configure Identities</h3> @@ -230,53 +227,49 @@ -i flag. Create or edit ~/.ssh/config</p> <pre> - Host admin + Host core Hostname core.privat-network.net IdentityFile ~/.ssh/id_rsa Port 2222 User admin - Host gitolite - Hostname core.privat-network.net - IdentityFile ~/.ssh/gitolite - Port 2222 - User gitolite - - Host box + Host git Hostname core.privat-network.net IdentityFile ~/.ssh/id_rsa Port 2222 - User bob + User gitolite - Host devbox + Host git-admin Hostname core.privat-network.net - IdentityFile ~/.ssh/id_rsa + IdentityFile ~/.ssh/gitolite Port 2222 User gitolite </pre> - <p>Now you can just type;</p> + <p>Now you can just type ssh core to connect core.privat-network.net on + port 2222 with ~/.ssh/id_rsa as identity, or to connect to git server as + gitolite admin;</p> <pre> - $ ssh box + $ ssh git-admin </pre> - <p>On remote start <a href"../systools/tmux.html">tmux</a> - and detach from the session with ctrl + b d</p> - - <p>Create alias on ~/.profile;</p> + <p>To take advantage of tmux first login on remote and start + <a href"../systools/tmux.html">tmux</a>, detach from the session + with ctrl + b d. On change ~/.profile and add alias;</p> <pre> - alias boxtmux="ssh servername -t tmux a" + alias core-server="ssh core -t tmux a" </pre> <p>Source it and attach to remote;</p> <pre> - $ boxtmux + $ source ~/.profile + $ core-server </pre> - <p>Logout just detach from session with ctrl + b d </p> + <p>To logout just detach from tmux session with ctrl + b d </p> <h2 id="reverse">3. Reverse connection</h2> |