Gitosis Installation Script For Debian/Ubuntu
(Edit, note) : A popular alternative to Gitosis is gitolite,
which is easier to install and configure. As of writing this edit gitolite has already
become more popular than gitosis.
If you like programming, you might like version control as well, means you might like GIT and your own repository server at home to "sync" with your friends and fellows. That's what I wanted as well for my Ubuntu (10.4) system, and I have to admit: Setting up gitosis can take some time, and there are some nice "pitfallish" details on the path as well, so I condensed the various tutorials in the web into a shell script, which installs gitosis, gitweb, git-daemon and optionally viewgit. The mainly used howtos are straight from the ubuntu docs ( http://help.ubuntu.com/community/Git ). I hope is saves you some time.
Sequence:
- Extract the archive in your server home directory or /tmp/",
- Log into your server using SSH
- Run in the shell
./gitosis-setup/setup install - Optionally before
./gitosis-setup/setup --help - Follow the instructions. You need this only if you don't have a SSH key file, e.g. ~/.ssh/id_rsa, otherwise the script will run without asking questions
What happens then?
- The script checks if the actual user has a ~/.ssh/id_rsa key file, which is required for gitosis.
If not it generates one for you usind
ssh-keygen(encryption 4096 bits). You will have to enter a passphrase for this keyfile. - The script installs git gitosis apache2 libapache2-mod-php5 php-geshi gitweb using aptitude
- The gitosis setup generates a user "gitosis". The script renames this user to "git"
- The script initializes gitosis with your key file
- The script adds the git-daemon to the services and adds an allow rule for the git port in the firewall (ufw) configuration.
Result
- Your gitosis data are in /srv/gitosis.
- You have a new user "git" on your machine, this user cannot login to the shell, cannot login via password and is strictly bound to the gitosis system (see /srv/gitosis/.ssh/authorized_keys, there is for each registered user the command that is executed when someone connects via SSH).
- If you did not have it yet, you have now a running apache2 server with the document root
/var/www/. You can access gitweb usinghttp[s]://yourserver.whatever/gitweb, at least athttp://localhost/gitweb. Note: The script does not change your document root if already existing. Gitweb is a perl construction that is added to the apache2 using a location alias. - The account you installed gitosis with is not the "admin" account of gitosis.
Now you configure gitosis with your server account, add projects and users:
cd ~/
git clone git@localhost:gitosis-admin.git
cd ~/gitosis-admin
nano gitosis.conf
cp ~/a-friends-public-key-file.pub ~/gitosis-admin/keydir/
etc.
etc.Source code
#!/bin/bash
# locals
APTITUDE='/usr/bin/aptitude'
APTITUDE_INSTALL="$APTITUDE -q -y install"
TEMP_DIR='/tmp/setup-gitsvr'
GITHOST=localhost
ID_RSA_NAME="id_rsa"
LINE_INDENT=""
WWW_ROOT="/var/www"
APACHE_USER="www-data"
APACHE_GROUP="www-data"
# functions
function echo_error() { echo -e "\033[0;31m[FAILED] $@\033[0m"; }
function echo_ok() { echo -e "\033[0;32m[OK] $@\033[0m"; }
function echo_info() { echo -e "\033[0;33m$@\033[0m"; }
function echo_usage() {
echo "Usage:"
echo ""
echo " To install gitosis with doxygen and gitweb:"
echo " $(basename $0) install"
echo " This will install git, gitosis. It will configure your server, so that:"
echo ""
echo " - The repository is in /srv/gitosis (made by aptitude)."
echo " - The git user is 'git' (renamed from 'gitosis')."
echo " - The account you run it from is the gitosis admin (use 'sudo setup install'"
echo " and do not 'sudo su; setup install'."
echo " - If this account does not yet have an 'id_rsa' key file in ~/.ssh, we will"
echo " generate one during the setup process."
echo ""
echo " After the setup you can directly edit the gitosis config using:"
echo ""
echo " $ cd ~/ "
echo -e " $ \033[0;31mgit clone git@localhost:gitosis-admin.git\033[0m"
echo " $ cd gitosis-admin"
echo " $ [vim/nano] gitosis.conf"
echo " $ cp <path to new user key file>.pub ~/gitosis-admin/keydir/<name of the user>.pub"
echo -e " $ \033[0;31mgit commit -am 'Added <name of the user>, did something in the config'"
echo -e " $ \033[0;31mgit push origin master\033[0m"
echo ""
echo ""
echo ""
echo " To uninstall gitosis and gitweb:"
echo " $(basename $0) uninstall --really"
echo " This will remove gitosis and gitweb. Other the other packages have to be removed"
echo " manually using aptutude remove."
echo ""
echo " To install gitweb:"
echo " $(basename $0) install-gitweb"
echo ""
echo " To uninstall gitweb"
echo " $(basename $0) uninstall-gitweb"
echo ""
echo " To install viewgit:"
echo " $(basename $0) install-viewgit"
echo ""
echo " To uninstall viewgit:"
echo " $(basename $0) uninstall-viewgit"
echo ""
exit
}
# uninstall process
if [ "$1" = "uninstall" ]; then
if [ "$2" != "--really" ]; then
echo_error 'You must say "setup uninstall --really"'
echo ""
echo_usage
fi
sudo echo ""
echo_info "----------------------------------------------------------------------"
echo_info "UNINSTALL"
echo_info "----------------------------------------------------------------------"
echo_info "remove git-demon ..."
if [ -f /etc/init.d/git-daemon ]; then
echo_info "Stopping service git-daemon"
sudo service git-daemon stop
echo_info "Removing git port (9418) from firewall rules (ufw)"
sudo ufw delete allow in 9418/tcp
echo_info "Removing /etc/init.d/git-daemon"
sudo update-rc.d -f git-daemon remove
sudo rm /etc/init.d/git-daemon
fi
echo_info "remove gitosis ..."
sudo $APTITUDE -q -y remove gitosis gitweb
echo_info "purge gitosis ..."
sudo $APTITUDE -q -y purge gitosis gitweb
echo_info "remove repository ..."
sudo rm -rf /srv/gitosis &> /dev/null
echo_info "Ensure user/group gitosis is gone ..."
sudo groupdel git &> /dev/null
sudo userdel git &> /dev/null
echo_ok "uninstalled"
exit
elif [ "$1" = "install" ]; then
# mark sudo
sudo echo ""
# initial checks
if [ -d /srv/gitosis ]; then
echo_error "gitosis already setup (in /srv/gitosis/)."
exit;
fi
if [ `dirname $TEMP_DIR` != "/tmp" ]; then
echo_error "temp dir is not a subdir of /tmp/"
exit;
fi
if [ ! -f ~/.ssh/$ID_RSA_NAME ]; then
echo_info "----------------------------------------------------------------------"
echo_info "You don't have a personal user key file yet, we generate one now ..."
if [ ! -d ~/.ssh ]; then
mkdir ~/.ssh
chmod 700 ~/.ssh
echo_info "Created ~/.ssh with 700"
fi
echo_info "Keygen - now enter a passphrase for your private id key file ..."
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo_info "~/.ssh/id_rsa set to mod 600"
echo_info "Now we register you at the local machine for ssh keyfile login"
echo_info " (ssh-copy-id $USER@$GITHOST), you may need to enter your normal login password"
echo_info ' +++ IF IT SAYS NOW "The authenticity of host ... cant be established", JUST SAY "yes" +++'
echo ""
ssh-copy-id $USER@$GITHOST
echo_info "OK, let's go on with the normal gitosis installation ..."
echo_info "----------------------------------------------------------------------"
fi
if [ ! -f ~/.ssh/$ID_RSA_NAME.pub ]; then
echo_error "Public key file not there"
exit
fi
# aptitude
echo_info "Installing with aptitude: git gitosis"
sudo $APTITUDE_INSTALL git gitosis
# Change user to "git" as clone "git@myhost" is shorter and seems reasonable
sudo killall -u gitosis
sudo id gitosis
sudo usermod -l git gitosis
sudo groupmod -n git gitosis
sudo id git
sudo chown -R git:git /srv/gitosis
# initialize gitosis
echo_info "Initializing git (/srv/gitosis)"
sudo -H -u git gitosis-init < ~/.ssh/$ID_RSA_NAME.pub
# setup git daemon
if [ ! -f /etc/init.d/git-daemon ]; then
echo_info "Copying git-daemon to /etc/init.d/git-daemon"
sudo cp "$(dirname $0)/git-daemon" /etc/init.d/
sudo chmod +x /etc/init.d/git-daemon
sudo update-rc.d git-daemon defaults
echo_info "Allowing git port (9418) in firewall (ufw)"
sudo ufw allow in 9418/tcp
echo_info "Starting service git-daemon"
sudo service git-daemon start
fi
echo ""
echo_info "----------------------------------------------------------------------"
echo_info "Now you can clone the gitosis config using: "
echo_ok " $ git clone git@$GITHOST:gitosis-admin.git"
elif [ "$1" = "install-gitweb" ]; then
# mark sudo
sudo echo ""
echo_info "Installing with aptitude: apache2 libapache2-mod-php5 php-geshi"
sudo $APTITUDE_INSTALL apache2 libapache2-mod-php5 php-geshi gitweb
sudo adduser $APACHE_USER git
elif [ "$1" = "uninstall-gitweb" ]; then
sudo $APTITUDE remove php-geshi gitweb
elif [ "$1" = "install-viewgit" ]; then
sudo echo ""
if [ ! -d $WWW_ROOT ]; then
echo_error "Web root directory not there ($WWW_ROOT)"
exit
fi
if [ -d $WWW_ROOT/viewgit ]; then
echo_error "Already installed in ($WWW_ROOT/viewgit)"
exit
fi
pushd &> /dev/null
cd $WWW_ROOT
echo_info "Getting web interface, will be then in $WWW_ROOT/viewgit"
sudo git clone git://repo.or.cz/viewgit.git
echo_info "Changing viewgit's user/group to $APACHE_USER:$APACHE_GROUP"
sudo chown -R $APACHE_USER:$APACHE_GROUP viewgit
echo_info "Preparing config file ($WWW_ROOT/viewgit/inc/localconfig.php)"
cd $WWW_ROOT/viewgit/inc
sudo cp config.php localconfig.php
sudo chown $APACHE_USER:$APACHE_GROUP localconfig.php
popd &> /dev/null
echo_info "Adding apache user to gitosis group"
sudo adduser $APACHE_USER git
echo_ok "You can now edit the config file $WWW_ROOT/viewgit/inc/localconfig.php"
elif [ "$1" = "uninstall-viewgit" ]; then
sudo echo ""
if [ ! -d $WWW_ROOT/viewgit ]; then
echo_error "Not yet installed in ($WWW_ROOT/viewgit)"
exit
fi
pushd &> /dev/null
sudo rm -rf $WWW_ROOT/viewgit &>/dev/null
sudo adduser $APACHE_USER git
popd &> /dev/null
else
echo ""
echo_usage
exit
fiDaemon script
This script is one to one the daemon on the Ubuntu gitosis manual page.
# Based on http://pastie.org/227647 (credits to the author)
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
NAME=git-daemon
PIDFILE=/var/run/$NAME.pid
DESC="the git daemon"
DAEMON=/usr/lib/git-core/git-daemon
DAEMON_OPTS="--base-path=/srv/gitosis/repositories --export-all --verbose --syslog --detach --pid-file=$PIDFILE --user=gitosis --group=nogroup"
test -x $DAEMON || exit 0
[ -r /etc/default/git-daemon ] && . /etc/default/git-daemon
. /lib/lsb/init-functions
start_git() {
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--startas $DAEMON -- $DAEMON_OPTS
}
stop_git() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE
rm -f $PIDFILE
}
status_git() {
start-stop-daemon --stop --test --quiet --pidfile $PIDFILE >/dev/null 2>&1
}
case "$1" in
start)
log_begin_msg "Starting $DESC"
start_git
log_end_msg 0
;;
stop)
log_begin_msg "Stopping $DESC"
stop_git
log_end_msg 0
;;
status)
log_begin_msg "Testing $DESC: "
if status_git
then
log_success_msg "Running"
exit 0
else
log_failure_msg "Not running"
exit 1
fi
;;
restart|force-reload)
log_begin_msg "Restarting $DESC"
stop_git
sleep 1
start_git
log_end_msg 0
;;
*)
echo "Usage: $0 {start|stop|restart|force-reload|status}" >&2
exit 1
;;
esac
exit 0