gitolite notes:¶
Overview:¶
Very interesting. Now that I’ve read through the book, I want to go through it a little more slowly to ensure I have everything. I can’t see us using the vrefs or hooks much - at least not until we get puppet rolling - but mirroring, particularly redirected mirroring, will be very nice.
Migration path at work is going to be a bit entertaining as well.
Objectives:¶
Process to reliably set up gitolite with separate keys:
admins
middleware
My local repos
Process to migrate my repos into gitolite
Mirroring configuration
Notes:¶
Can use ldap for group level access. See chapter 4, Getting user group information from ldap
Installation:
Create git user, configure its environment - including ${HOME}/bin
git clone git://github.com/sitaramc/gitolite
gitolite/install --to ${HOME}/bin
Copy admin’s ssh key to system as ${user}.pub, then as git, execute:
gitolite setup -pk ${key}
In my case, copy ~git/.ssh/authorized_keys to /etc/sshkeys, ensure proper group
From the host where the private key is:
$ ssh git@vmsrv info X11 forwarding request failed on channel 0 hello dkoleary, this is git@vmsrv running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1 R W gitolite-admin R W testing
Clone the gitolite-admin repo, then configure additional users/repos as needed.
Migrating existing repos to gitolite:
Copy bare repos to ~git/repositories/${repo}.git. The .git extension is a gitolite requirement
Update gitolite.conf (gitolite repo) with new repo names and who has access to them.
Allowing users to create their own repos
Update ~git/.gitolite.rc,
add TRUSTED to ROLES list
Uncomment ‘D’ command in COMMANDS list
then execute, as user git,
gitolite compile
Update gitolite.conf (gitolite repo) thusly:
repo private/CREATOR/..* C = @all RW+ = CREATOR repo public/CREATOR/..* C = @all RW+ = CREATOR RW+ = TRUSTED RW = WRITERS R = READERS
Users can create personal repos by:
mkdir ${repo} && cd ${repo}
git init
update as necessary
git push git@${srv}:private/${user}/${repo_name} master
git remote add origin git@${srv}:private/${user}/${repo_name}
Public repos get generated the same way.
Users can delete automatically created repos by:
ssh git@${srv} D unlock private/${user}/${repo_name}
ssh git@${srv} D rm private/${user}/${repo_name}
Two-stage command required in order to avoid accidental deletions.
Permissions, TRUSTED, WRITERS, and READERS, are set repo by repo by the users themselves. That’s the cool thing. Admin doesn’t need to be involved. Command is a bit complicated:
ssh git@${srv} perms public/dkoleary/my-repo + ${PERM} ${user} ssh git@${srv} perms public/dkoleary/my-repo - ${PERM} ${user}
for example:
Mirroring:
12/16/14: Mirroring, as depicted in the git book, does not work. Going to have to do some other research on that.
logs maintained in ~git/.gitolite/logs
The crap below on mirroring flat out didn’t work. I was at least getting some error messages from gitolite when I followed the directions in http://gitolite.com/gitolite/mirroring.html. For god’s sake, remember how to fucking spell, you asshat!
Try those directions again tomorrow. As it stands,
vmsrv is completely set up, no mirroring.
mgmt has had all repos, git user, and gitolite removed.
Starting from scratch…
12/17/14:
OK: cleaned up both environments, reconfigured vmsrv gitolite from scratch. Verified all good there. Then simply installed gitolite on mgmt and followed the directions. So far, so good.
Added the mirroring options, this time spelling it correctly. The initial mirrored git push to vmsrv didn’t show any mirroring steps:
# git push
Counting objects: 7, done.
Delta compression using up to 12 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (4/4), 368 bytes, done.
Total 4 (delta 1), reused 0 (delta 0)
To git@vmsrv:gitolite-admin
f0e4a38..3281b1a master -> master
I then accessed git@vmsrv and executed a mirror push manually:
$ gitolite mirror push mgmt gitolite-admin
Everything up-to-date
Excellent!
Finally, checked out the git@mgmt:.gitolite/conf/gitolite.conf file and found it to be a mirror of the one I just sent. Now, I’m going to start playing with mirroring of the ll entries.
Now, trying the redirected pushes.
And, it works. Outflipping standing. So, the process documented at http://gitolite.com/gitolite/mirroring.html works. Short version:
Install gitolite on primary server. Configure/migrate in repos.
Install gitolite on slave server.
Uncomment/Update HOSTNAME parameter in ~git/.gitolite.rc file. HOSTNAME doesn’t have to be the host name but does have to be unique.
Configure ssh environment.
Create server keys for each server. Add them to the keydir directory in gitolite-admin on all master/slave servers. Entries in keydir must be server-${HOSTNAME} as defined above.
Create ssh host aliases:
host ${HOSTNAME} hostname ${real_host_name} user git ForwardX11 no
Ensure following commands work as the git user. Commands need to work from both hosts to both hosts.
ssh ${remote} info
Configure gitolite-admin repo mirroring.
Once all that’s done and functioning correctly, enable mirroring by uncommenting ‘Mirroring’ line in ~git/.gitolite.rc. Execute
gitolite compile
as git user after doing so. This is the step that the book misses.Enable mirroring on any desired other repos.
Original_mirroring: didn’t work:¶
Configure ssh environment
Update HOSTNAME parameter in ~git/.gitolite.rc file with desired host name, ${host}
Create new key files for each server named server-${host}.pub
Create/update /home/git/.ssh/config files aliasing ${host} if necessary, specifying correct user and identity file:
host vmsrv hostname vmsrv user git identityfile /home/git/.ssh/server-vmsrv host mgmt hostname mgmt user git identityfile /home/git/.ssh/server-vmsrv${host} should match in all areas.
Verify ssh connectivity between all hosts:
$ h vmsrv.olearycomputers.com $ whoami git $ ssh mgmt info hello server-vmsrv, this is git@mgmt running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1 R W testing $ ssh vmsrv info hello server-vmsrv, this is git@vmsrv running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1 C private/CREATOR/..* C public/CREATOR/..* R W testing $ h mgmt $ whoami git $ ssh mgmt info hello server-mgmt, this is git@mgmt running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1 R W testing $ ssh vmsrv info hello server-mgmt, this is git@vmsrv running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1 C private/CREATOR/..* C public/CREATOR/..* R W testingMirror the gitolite configuration repo. Adding options to the relevant repos:
repo gitolite-admin RW+ = dkoleary option mirror.master = vmsrv option mirror.slaves = mgmt repo kickstart RW+ = dkoleary bob option mirror.master = vmsrv option mirror.slaves = mgmtPush a repo.
And, it doesn’t work. I’ve reconfirmed all steps but the repos aren’t getting mirrored. not sure what’s going on.