Discover Top Posts Tagged with #gitolite

Scraping Github SSH keys

Did you know that you can download the SSH public keys for github.com users via the github API without even being logged in? It’s true! All you need is their github username!

This can come in really handy when you want to add a bunch of users to your private gitolite instance. All you have to do is go to https://api.github.com/users/NAME/keys. You can do that in your browser right now with your own github user name.

Gitolite stores keys in the gitolite-admin/keydir/ sub-directory. The name of the file corresponds to the username in the gitolite conf. So alice.pub is the ssh pubkey for a user named "alice" in gitolite-admin/conf/gitolite.conf. If you have multiple ssh keys for the same user, for example "alice", you can put additional keys in sub-directories like gitolite-admin/keydir/more-keys/alice.pub

So I automated that, by adding this script to my admin repo as gitolite-admin/github-fetch-keys.py, next to a file of github usernames separated by newlines in gitolite-admin/github-users. I recommend you commit both to your gitolite-admin repo.

The script automatically creates sub-directories in gitolite-admin/keydir/imported/ so the imported github keys don't clash with your manually added ones or each other. The keys are saved in gitolite-admin/keydir/imported/$ID/$USERNAME.pub. After running the script, you still need to git-add, commit, and push the new keys, but otherwise it's totally automated. Enjoy!

#!/usr/bin/python3.6 # Copyright 2019 Robert Pfeiffer # Download ssh keys from github into gitolite import requests import os with open("github-users") as usernames: os.makedirs("keydir/imported/", exist_ok=True) os.chdir("keydir/imported/") for line in usernames: split_line=line.split() if len(split_line)==1: github_name = local_name = split_line[0] elif len(split_line)==2: local_name, github_name = split_line else: print(f'cannot parse user line "{line}"') continue response=requests.get(f"https://api.github.com/users/{github_name}/keys") nkeys=len(response.json()) print (f"user {local_name} aka {github_name} has {nkeys} keys.") for key_dict in response.json(): key_id=key_dict["id"] os.makedirs(f"ID_{key_id}/", exist_ok=True) with open(f"ID_{key_id}/{local_name}.pub","w") as key_file: key_file.write(key_dict["key"]) print(f" + saved ID_{key_id}/{local_name}.pub")

#python #git #github #sysadmin #gitolite

在亚马逊AWS上建立Git服务器

本文可以算是前文用亚马逊的云(AWS)免费建立wordpress blog的一个延续，在上文的基础上我们可以建立一个属于自己的git服务器。这里介绍的方法会用到gitolite和gitlist，gitolite是一个git的用户管理层，方便的管理用户和git repository，而gitlist是一个方便从网页查看git reposito的工具。本文假设你对git有基本的了解，并且基于提到的前文已经假设好了环境

在EC2上安装配置gitolite (sudo su)

cd /tmp # 准备key文件,或者使用你现有的key文件 ssh-keygen -t rsa cp id_rsa.pub /tmp/your-name.pub # install packages 安装工具 sudo apt-get install git gitolite git-daemon-run # create git user 创建git用户 sudo adduser --system --shell /bin/bash --gecos 'git version control' --group --disabled-password --home /home/git git sudo su - git cd /home/git echo "PATH=$HOME/bin:$PATH" > .bashrc # gl-setup gitolite初始化 gl-setup /tmp/your-name.pub # 执行上面命令后gitolite会让选择熟悉的编辑器你修改配置文件，打开配置后座如下修改 $REPO_UMASK = 0022;

至此gitolite安装完毕，建议

配置你工作机上的~/.ssh/config文件

以方便连接 config文件如下

Host 你喜欢的名字，如gs Hostname 亚马逊PUBLIC DNS User git IdentityFile C:/Users/test/.ssh/id_rsa #你的私钥路径 #PreferredAuthentications publickey

在工作机上管理gitolite

这样你就可以在你的工作机上进行连接了，现在clone管理目录 git clone git@gs:gitolite-admin.git 编辑conf/gitolite.conf可以添加repository如

repo anothertest RW+ = @all

添加用户只需将的公钥添加到keydir就可以了，如果用户有多个公钥，如工作机一个，笔记本一个，可以在keydir下添加目录然后添加key如为tom添加 laptop/tom.pub和workspace/tom.pub即可修改完成之后commit并push回主机相应的repositoy和user了

在EC2上配置gitlist

用git来管理repository和user很方便，但如果你的老板要查看git上的提交就不那么方便了(:P),通过安装gitlist网页查看就会方便很多从gitlist.org 上下载最新版并完成配置

cd /tmp wget https://s3.amazonaws.com/gitlist/gitlist-0.4.0.tar.gz tar -zxf gitlist-0.4.0.tar.gz mv gitlist /sites/ cd /sites/gitlist mv config.ini-example config.ini edit config.ini repositories[] = '/data/git/repositories/' hidden[] = '/data/git/repositories/gitolite-admin.git' #建议添加，管理目录不必被网页查看 mkdir cache #必须手动添加 chown -Rh www-data:www-data /sites/gitlist

创建site的nginx配置/etc/nginx/sites-available/gitlist

server { listen 80; server_name gitlist; keepalive_timeout 70; access_log /var/log/nginx/gitlist-access.log; error_log /var/log/nginx/gitlist-error.log; root /sites/gitlist; index index.php; location ~ /include { deny all; return 403; } location ~ ^/api/(tickets|tasks)(.*)$ { try_files $uri $uri/ /api/http.php; } location ~ ^/scp/ajax.php/(.*)$ { try_files $uri $uri/ /scp/ajax.php; } location / { index index.php; try_files $uri $uri/ /index.php?$args; } location ~ .php$ { fastcgi_split_path_info ^(.+.php)(/.+)$; include fastcgi_params; fastcgi_pass unix:/var/run/php5-admin.sock; #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } }

如果你此处用的fastcgi_pass是之前用过的那不需要额外的设置，如果没有那需要建立

cd /etc/php5/fpm/pool.d/ cp www.conf gitlist.conf edit gitlist.conf name ->gitlist listen ->nginx config 中的

然后重启php5-fpm 和nginx访问你的地址就可以见到gitlist页面了如果你在第一步设置配置是没有问题，那网页应该就可以正常显示了，如果那时设置的不对那么编辑 /home/git/.gitolite.rc找到$REPO_UMASK改成0022然后手动设置已有的文件权限 chmod -R 755 /home/git应该就可以了

参考

setup git server on ec2

run gitweb on gitolite

gitlist issue

public repository in gitolite with umask

gitweb gitolite nginx

gitlist

#aws #git #gitlist #gitolite

The problem with having a SSO domain of your own is you want to use it for EVERYTHING

i did something productive today

#kerberos #gitolite #linux #i get that most of you are here for shitposting but behold #compyutuers™

Git and Gitolite on FreeBSD 11

I have a gorgeous big black box full of hard drives, with lots of unused disk space and a Xeon processor that is dying from boredom.

Time to start using it for something more useful than just hosting my media files for my Sonos system and Plex Media Server. Moving all my local git repositories from my desktop to a home server, and taking advantage of the ZFS file system for storage redundancy and FreeBSD jails for extra security (using ezjail) seems like a good place to start.

Preparations

I already set up a jail, named testjail, which will be hosting git using ezjail-admin. Read Managing Jails with ezjail.

I already set up a zfs pool named tank/git and mounted it to /usr/jails/testjail/usr/local/git. Read The Z File System (ZFS).

I already set up SSH communication using public/private keys and verified that the user joachim can connect to testjail from my desktop. Read OpenSSH

It turns out preparing for the installation was the hard part, the rest of the installation should be smooth.

Install Git from ports

[21:24:08] root@testjail:~# cd /usr/ports/devel/git

[21:24:18] root@testjail:/usr/ports/devel/git# make install

When I'm given the oportunity to make configuration changes, I uncheck GITWEB because I'm not planning on using it. Also, CVS support, I will not be needing it. If you know what you're doing, you can probably trim more fat.

Configuration options for other dependencies, I just leave the default values and press OK.

Install Gitolite from ports

Which gitolite port I should use was confusing at first, but /usr/ports/devel/gitolite2 installs the older v2.3.1 and /usr/ports/devel/gitolite installs the newer v3.6.6.

[21:33:04] root@testjail:cd /usr/ports/devel/gitolite#

[21:33:16] root@testjail:/usr/ports/devel/gitolite# make install

Setting up Gitolite

After I set up SSH in my preparations I already had my public key on the server, in /tmp/joachim.pub

[21:34:08] root@testjail:/usr/ports/devel/gitolite# su - git

$ gitolite setup -pk /tmp/joachim.pub

Hmm... the output looks OK to me. And if I list the files in /usr/local/git I can see that the directory is no longer empty.

Testing from my desktop

Next, I'll try to clone the gitolite-admin.git from testjail to my desktop baphomet.

[01:13:41] joachim@baphomet:~% git clone git@testjail:gitolite-admin.git

Next steps

This is where you start reading basic-administration on gitolites official web and I create my first remote git repository on my new server and start doing some creative programming.

#git #gitolite #freebsd

Update: I just found out about the (relatively) new kid on the "self-hosted Git hosting" block; Gogs. I'll try it out soon and report my findings. I've just migrated my personal set of private git repositories from an old installation of GitLab to gitolite. GitLab is quite a resource-intensive program

#Gitlab #Git #Gitolite #Devops

Gitolite Essentials Sitaram Chamarty eBook - click to read

#gitolite

Migrate from Subversion to git, clone all branches and push through gitolite?

I’ve been working on moving our 9 projects in one SVN repo over to 9 separate git repos, managed on a server by gitolite then shutting down SVN. Seven of them were easy as they had no branches or tags so on my workstation I was able to do a simple:

git svn clone --stdlayout --no-metadata -A svnauthors.txt svn+ssh://user@host/var/subversion/project tempProject

Then pushed from my workstation to…

View On WordPress

#branches #clone #git #gitolite #push