gitolite notes:

Overview:

Very interesting. Now that I’ve read through the book, I want to go through it a little more slowly to ensure I have everything. I can’t see us using the vrefs or hooks much - at least not until we get puppet rolling - but mirroring, particularly redirected mirroring, will be very nice.

Migration path at work is going to be a bit entertaining as well.

Objectives:

• Process to reliably set up gitolite with separate keys:

  • admins

  • middleware

  • My local repos

• Process to migrate my repos into gitolite

• Mirroring configuration

Notes:

• Can use ldap for group level access. See chapter 4, Getting user group information from ldap

• Installation:

  • Create git user, configure its environment - including ${HOME}/bin

  • git clone git://github.com/sitaramc/gitolite

  • gitolite/install --to ${HOME}/bin

  • Copy admin’s ssh key to system as ${user}.pub, then as git, execute: gitolite setup -pk ${key}

  • In my case, copy ~git/.ssh/authorized_keys to /etc/sshkeys, ensure proper group

  • From the host where the private key is:

    $ ssh git@vmsrv info
    X11 forwarding request failed on channel 0
    hello dkoleary, this is git@vmsrv running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1
    
     R W    gitolite-admin
     R W    testing
    

  • Clone the gitolite-admin repo, then configure additional users/repos as needed.

• Migrating existing repos to gitolite:

  • Copy bare repos to ~git/repositories/${repo}.git. The .git extension is a gitolite requirement

  • Update gitolite.conf (gitolite repo) with new repo names and who has access to them.

• Allowing users to create their own repos

  • Update ~git/.gitolite.rc,

    • add TRUSTED to ROLES list

    • Uncomment ‘D’ command in COMMANDS list

    • then execute, as user git, gitolite compile

  • Update gitolite.conf (gitolite repo) thusly:

    repo private/CREATOR/..*
        C       =   @all
        RW+     =   CREATOR
    
    repo public/CREATOR/..*
        C       =   @all
        RW+     =   CREATOR
        RW+     =   TRUSTED
        RW      =   WRITERS
        R       =   READERS
    

  • Users can create personal repos by:

    • mkdir ${repo} && cd ${repo}

    • git init

    • update as necessary

    • git push git@${srv}:private/${user}/${repo_name} master

    • git remote add origin git@${srv}:private/${user}/${repo_name}

    Public repos get generated the same way.

  • Users can delete automatically created repos by:

    • ssh git@${srv} D unlock private/${user}/${repo_name}

    • ssh git@${srv} D rm private/${user}/${repo_name}

    Two-stage command required in order to avoid accidental deletions.

  • Permissions, TRUSTED, WRITERS, and READERS, are set repo by repo by the users themselves. That’s the cool thing. Admin doesn’t need to be involved. Command is a bit complicated:

    ssh git@${srv} perms public/dkoleary/my-repo + ${PERM} ${user}
    ssh git@${srv} perms public/dkoleary/my-repo - ${PERM} ${user}
    

    for example:

    ssh git@vmsrv perms public/dkoleary/mine + READERS @all sssh git@vmsr perms public/dkoleary/ours + WRIERS bob

• Mirroring:

12/16/14: Mirroring, as depicted in the git book, does not work. Going to have to do some other research on that.

• logs maintained in ~git/.gitolite/logs

The crap below on mirroring flat out didn’t work. I was at least getting some error messages from gitolite when I followed the directions in http://gitolite.com/gitolite/mirroring.html. For god’s sake, remember how to fucking spell, you asshat!

Try those directions again tomorrow. As it stands,

• vmsrv is completely set up, no mirroring.

• mgmt has had all repos, git user, and gitolite removed.

Starting from scratch…

12/17/14:

OK: cleaned up both environments, reconfigured vmsrv gitolite from scratch. Verified all good there. Then simply installed gitolite on mgmt and followed the directions. So far, so good.

Added the mirroring options, this time spelling it correctly. The initial mirrored git push to vmsrv didn’t show any mirroring steps:

# git push
Counting objects: 7, done.
Delta compression using up to 12 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (4/4), 368 bytes, done.
Total 4 (delta 1), reused 0 (delta 0)
To git@vmsrv:gitolite-admin
   f0e4a38..3281b1a  master -> master

I then accessed git@vmsrv and executed a mirror push manually:

$ gitolite mirror push mgmt gitolite-admin
Everything up-to-date

Excellent!

Finally, checked out the git@mgmt:.gitolite/conf/gitolite.conf file and found it to be a mirror of the one I just sent. Now, I’m going to start playing with mirroring of the ll entries.

Now, trying the redirected pushes.

And, it works. Outflipping standing. So, the process documented at http://gitolite.com/gitolite/mirroring.html works. Short version:

1. Install gitolite on primary server. Configure/migrate in repos.

2. Install gitolite on slave server.

3. Uncomment/Update HOSTNAME parameter in ~git/.gitolite.rc file. HOSTNAME doesn’t have to be the host name but does have to be unique.

3. Configure ssh environment.

   • Create server keys for each server. Add them to the keydir directory in gitolite-admin on all master/slave servers. Entries in keydir must be server-${HOSTNAME} as defined above.

   • Create ssh host aliases:

     host ${HOSTNAME}
         hostname ${real_host_name}
         user git
         ForwardX11 no
     

   • Ensure following commands work as the git user. Commands need to work from both hosts to both hosts.

     ssh ${remote} info

4. Configure gitolite-admin repo mirroring.

5. Once all that’s done and functioning correctly, enable mirroring by uncommenting ‘Mirroring’ line in ~git/.gitolite.rc. Execute gitolite compile as git user after doing so. This is the step that the book misses.

6. Enable mirroring on any desired other repos.

Original_mirroring: didn’t work:

• Configure ssh environment

  • Update HOSTNAME parameter in ~git/.gitolite.rc file with desired host name, ${host}

  • Create new key files for each server named server-${host}.pub

  • Create/update /home/git/.ssh/config files aliasing ${host} if necessary, specifying correct user and identity file:

    host vmsrv
        hostname vmsrv
        user git
        identityfile /home/git/.ssh/server-vmsrv
    host mgmt
        hostname mgmt
        user git
        identityfile /home/git/.ssh/server-vmsrv
    

  • ${host} should match in all areas.

  • Verify ssh connectivity between all hosts:

    $ h
    vmsrv.olearycomputers.com
    $ whoami
    git
    $ ssh mgmt info
    hello server-vmsrv, this is git@mgmt running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1
    
     R W    testing
    $ ssh vmsrv info
    hello server-vmsrv, this is git@vmsrv running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1
    
         C  private/CREATOR/..*
         C  public/CREATOR/..*
     R W    testing
    
    $ h
    mgmt
    $ whoami
    git
    $ ssh mgmt info
    hello server-mgmt, this is git@mgmt running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1
    
     R W    testing
    $ ssh vmsrv info
    hello server-mgmt, this is git@vmsrv running gitolite3 v3.6.2-4-g2471e18 on git 1.7.1
    
         C  private/CREATOR/..*
         C  public/CREATOR/..*
     R W    testing
    

• Mirror the gitolite configuration repo. Adding options to the relevant repos:

  repo gitolite-admin
      RW+                  = dkoleary
      option mirror.master = vmsrv
      option mirror.slaves = mgmt
  
  repo kickstart
      RW+                  = dkoleary bob
      option mirror.master = vmsrv
      option mirror.slaves = mgmt
  

• Push a repo.

• And, it doesn’t work. I’ve reconfirmed all steps but the repos aren’t getting mirrored. not sure what’s going on.