Running a Git repository on Ubuntu using Gitosis

20I’ve been using Git for a couple of small projects that I’ve been hosting on github.com but version control for my bigger ‘secret’ projects still runs on a windows machine with visual svn server.

Now that I’m starting to use Mono for a couple of projects so I’m playing with linux more. Last week I decided to try to try out gitosis on an ubuntu server. I found out it’s pretty easy to use when you know your way around git but for a noob like me some things weren’t immediately clear. Eventually I solved most problems I ran into, so I decided to write up the steps I took to install gitosis on ubuntu 10.04

I got most of my information from this a blogpost by Gary Dolley, I’ll probably point to this it a few times but this post is from 2007. Things have become a bit easier by now.

If you’re not used to git and gitosis there are two things that might be a bit unclear when you start. So we’ll tackle them first.

First of all there’s authentication. If you’ve used github you should be familliar using public/private key-pairs for authentication but for those who havn’t here’s the short version;

Instead of using passwords gitosis wants you to store a key-pair in the home directory of every computer you use git on. You can then tell gitosis the public key and it uses public/private key magic to authenticate you whenever you push or pull changes. It sounds complicated but its easier to use than the traditional username/password hassle and it’s more secure too.

The other weird thing gitosis does that’s actually very practical when you get the hang of it is that it uses a git repository to store all configuration. This makes management very easy. Want to add a repository? Just pull from gitosis admin on your local workstation, change some config files, commit your changes and push them back. Easy as that.

Enough talking, lets get started.

Installing Gitosis

First we need to get git onto your ubuntu server machine (if you’re using a different flavour of linux things might be different for you. I’ll try to point out possible differences). In the original description you had to pull it from a repository somewhere and then install everything yourself but as there’s a gitosis package available we’ll just use that

sudo apt-get install gitosis

This will install gitosis and create a gitosis user. Next we need to create the admin repository where gitosis  stores it’s configuration. To do this we also need to have a public key for the first user we want to give access to the repository. I like to be able to administrate my gitosis server from the command line of the server itself so unlike Gary’s post who uses a keypair from a client machine I’ll just create a key-pair for the user on the machine gitosis runs on. I’ll show how to add more users on different machines later.

ssh-keygen -t rsa

 

this should do the trick. It will create a private/public key pair in the .ssh directory of your home dir. It will also ask you for a key phrase to encrypt your keys. You can keep this blank but it’s a good idea to enter something here.

 

Now we can run

 

sudo -H -u gitosis gitosis-init < ~/ssh/id_rsa.pub

 

to create the admin repository. Note that the aptitude package has added the ‘gitosis’ user we’re using here. Many descriptions on how to use gitosis run gitosis as ‘git’ so some of the commands look different.

 

git clone gitosis@{your-servername}:gitosis-admin.git

will clone the admin repository to your home dir where you can edit things.

Adding a (remote) user

You can take a deep breath now, after all this hard work we can move on to the fun (and useful) stuff. Adding users and repositories. Lets get started by adding a user on a remote workstation with rights to the admin repo.

First we need a public/private key pair for the user on your workstation. If you’ve been using github for version control you probably already have a key-pair set up. If not you can create a keypair with

ssk-keygen -t rsa

If you’re using windows you can run this command from the git-bash shell. Be sure to enter a passphrase.

After this you can copy your public key to your server.

scp ~/.ssh/id_rsa.pub {server-admin-user}@{your-servername}:~/

Copy it to the keyfile directory in the gitosis admin repo and rename it to {username}.pub where username is the name you want to use for this user in your gitosis.conf file.

Next edit your gitosis.conf file it should look a bit like

[gitosis]

[group gitosis-admin]
writable = gitosis-admin
members = {your-user-name@your-server}

 

You can add the user you just added to members, just use a space to separate user names.

 

members = {your-user-name@your-server} {your-workstation-user-name}

You update gitosis by pushing these changes back to the repo, git add, git commit and git push work just like you’re used to. Now you should be able to clone the admin repo on your workstation too.

 

git clone gitosis@{your-server-name}:gitosis-admin.git

Git should ask you for your passphrase. If it asks you for your password instead you did something wrong adding the public key. A common mistake is forgetting the .pub at the end of your key file. If it asks for a passphrase but then still won’t let you in you probably mistyped something in your gitosis.conf file.

 

Next we’ll get gitosis to do some real work by storing something more than just the admin repository.

 

Adding a repository

Adding a repository is easy now. First we add a group to your gitosis.conf file. If you followed all the steps until now you can do this from your workstation.

[group {project-name}]
writable = {project-name}
members = {member1} {member2} ...

Push these changes back to the remote repository and gitosis will update.

Now you can create a project directory somewhere on your workstation. Git init, add files, git add and git commit. You can let git know about the remote repository like this

git remote add origin gitosis@{servername}:{repositoryname}.git

and then you can just push and pull from your new repository.

That’s all for now. I hope this will help you. Please let me know if I made any mistakes so I can fix them for the next reader.