Installing gitolite on a Centos server
Killed a couple of days to install Gitolite. It seems like a bunch of instructions on the Internet, and the process is globally not complicated. But in no article is there a complete order of commands that need to be done in order for the whole business to work without problems.
It is understood that the reader understands what git and gitolite is and is able to work with them, only installation is considered.
In the code you need to replace your values:
server_name_or_ip - Server name or IP address
username - The name of the user who will become the gitolite administrator.
Operating systems: server - Centos 6.6, computer from which I work - OS X 10.10.2
')
On the server, create a user git and give it a password:
On the local machine, create a key for the current user:
For greater safety, replace the 2048 with 4096.
And we send the key to the server (the variant was tested only on the mac - but, it seems, the Linux syntax is no different):
Let 's set the server rights for the .ssh folder and the key file (without this, key authorization will not work):
Go to the server in the file / etc / ssh / sshd_config (not to be confused with ssh_config) and uncomment the lines:
Restart the sshd daemon on the server :
We check ssh access from a local machine without a password:
On the server :
Then go to the server in the file /home/git/.ssh/authorized_keys and delete the first key that was not created gitolite - this is important, otherwise it will not work (one of the options can also just use 2 different keys - the main thing is to understand that if there is a key that authorizes via SSH, then gitolite will not work with it).
Check the operation of the keys ( on the server ):
Path to the gitolite administration repository:
For the sake of security, we close access to the git user via ssh. We leave only the opportunity to work with git. To do this, go to the / etc / passwd file and change the line from the git user from / bin / bash to / usr / bin / git-shell
Delete ( on the server ) user git:
Delete all files from its folder and the home directory itself. I have this / home / git /.
We are trying to do it all over again.
It is understood that the reader understands what git and gitolite is and is able to work with them, only installation is considered.
In the code you need to replace your values:
server_name_or_ip - Server name or IP address
username - The name of the user who will become the gitolite administrator.
Operating systems: server - Centos 6.6, computer from which I work - OS X 10.10.2
')
Key Access Setup
On the server, create a user git and give it a password:
useradd git passwd git On the local machine, create a key for the current user:
ssh-keygen -t rsa -b 2048
For greater safety, replace the 2048 with 4096.
And we send the key to the server (the variant was tested only on the mac - but, it seems, the Linux syntax is no different):
cat ~/.ssh/id_rsa.pub | ssh git@server_name_or_ip "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"
Let 's set the server rights for the .ssh folder and the key file (without this, key authorization will not work):
chmod 700 /home/git/.ssh/ chmod 600 /home/git/.ssh/authorized_keys
Go to the server in the file / etc / ssh / sshd_config (not to be confused with ssh_config) and uncomment the lines:
RSAAutentification yes PubkeyAutentification yes AuthorizedKeysFile .ssh/authorized_keys
Restart the sshd daemon on the server :
service sshd restart
We check ssh access from a local machine without a password:
ssh -i ~/.ssh/id_dsa git@server_name_or_ip
Install gitolite
On the server :
su git cd ~ git clone git://github.com/sitaramc/gitolite mkdir -p ~/bin gitolite/install -to ~/bin gl-setup -q ~/username.pub
Then go to the server in the file /home/git/.ssh/authorized_keys and delete the first key that was not created gitolite - this is important, otherwise it will not work (one of the options can also just use 2 different keys - the main thing is to understand that if there is a key that authorizes via SSH, then gitolite will not work with it).
Check the operation of the keys ( on the server ):
/home/git/gitolite/src/gitolite sshkeys-lint
Path to the gitolite administration repository:
git@server_name_or_ip:gitolite-admin
For the sake of security, we close access to the git user via ssh. We leave only the opportunity to work with git. To do this, go to the / etc / passwd file and change the line from the git user from / bin / bash to / usr / bin / git-shell
If something went wrong
Delete ( on the server ) user git:
userdel git
Delete all files from its folder and the home directory itself. I have this / home / git /.
We are trying to do it all over again.
Source: https://habr.com/ru/post/253413/
All Articles