From d1e992fd5302e0514206b46c864cb15d44bd22f2 Mon Sep 17 00:00:00 2001 From: Silvino Silva Date: Fri, 13 Apr 2018 21:27:44 +0100 Subject: gitolite revision --- tools/gitolite.html | 52 +++++++++++++++++++++++++++------------------------- tools/index.html | 1 + 2 files changed, 28 insertions(+), 25 deletions(-) (limited to 'tools') diff --git a/tools/gitolite.html b/tools/gitolite.html index e7b7067..52d8cbd 100644 --- a/tools/gitolite.html +++ b/tools/gitolite.html @@ -23,7 +23,16 @@ 
         # useradd -r -s /bin/bash -U -m -d /srv/gitolite gitolite
+
+ +

Permissions for /srv/gitolite/repositories directories should be + 0750/drwxr-x---.

+ + 
         # chown gitolite:gitolite /srv/gitolite
+        $ chmod -R o-rx /srv/gitolite/repositories
+        $ chmod -R g+rx /srv/gitolite/repositories
+        $ chmod -R o+r /srv/gitolite/projects.list

Password is necessary so the user is not @@ -33,7 +42,6 @@ 

         # passwd gitolite
-

Copy public key that will be used for authenticating gitolite administrator, read ssh how to @@ -734,26 +742,19 @@ our $projects_list_group_categories = 1; -

5.2. Configure nginx

+

5.2. Configure fcgiwrap

-

Edit /etc/rc.d/fcgiwrap to run as www user member of www group;

+

Edit /etc/rc.d/fcgiwrap to run as www user member of gitolite group;

         USER=www
-        GROUP=www
+        GROUP=gitolite
-

Permissions for /srv/gitolite/repositories directories should be - 0750/drwxr-x---.

- - 
-        $ chown gitolite:www /srv/gitolite
-        $ chown -R gitolite:www /srv/gitolite/projects.list
-        $ chown -R gitolite:www /srv/gitolite/repositories
-
+

5.3. Configure nginx

A link from gitweb don't work under grsecurity since user www can't - follow simlink to root. Make a copy, later deploy via gitolite hook.

+ follow simlink to root. Making a copy allows to later deploy via gitolite hook.

Link;

@@ -761,6 +762,7 @@

Copy;

+ 
         # cp -r /usr/share/gitweb /srv/www
@@ -769,7 +771,7 @@ nginx virtual host;

-	location /gitweb/gitweb.cgi {
+	location /git/gitweb.cgi {
             alias /srv/www/gitweb;
 	    include fastcgi_params;
 	    gzip off;
@@ -778,13 +780,13 @@
 	    fastcgi_pass    unix:/var/run/fcgiwrap.sock;
 	}
 
-	location /gitweb {
+	location /git {
 	    alias /srv/www/gitweb;
 	    index gitweb.cgi;
 	}
-

5.3. Configure gitolite

+

5.4. Configure gitolite

Edit /srv/gitolite/.gitolite.rc, @@ -799,14 +801,6 @@ GIT_CONFIG_KEYS => '.*', -

Fix permissions;

- - 
-        $ sudo chown -R gitolite:gitolite /srv/gitolite
-        $ sudo chmod g+rx /srv/gitolite/projects.list
-        $ sudo chmod -R 755 /srv/gitolite/repositories/
-
-

Edit gitolite-admin/conf/gitolite.conf;

@@ -821,12 +815,20 @@
             config gitweb.category      =   Projects
+

6. Git-daemon

+ +

Configure to run as user;

+ + 
+        USER=www
+        GROUP=gitolite
+
+ Tools Index

This is part of the c9-doc Manual. Copyright (C) 2018 c9 team. See the file Gnu Free Documentation License for copying conditions.

- diff --git a/tools/index.html b/tools/index.html index 2b6a4d4..5ecc70b 100644 --- a/tools/index.html +++ b/tools/index.html @@ -149,6 +149,7 @@
  • 3. Gitolite Administration
  • 4. Gitolite Hooks
  • 5. Gitweb
    • +
  • 6. Git-daemon
  • Postgresql -- cgit 1.4.1-2-gfad0