Git Server Frustration (Gitosis, Gitolite, etc)

2019-03-09 03:06发布

问题:

Please excuse the frustrating undertones as I have attempted to get this set up correctly multiple times to no avail (possibly and most likely due to my ignorance, but also likely due to the lack of thorough and concise documentation).

I am trying to set up a git server so that I can share code amongst a small team of developers. Each developer may connect from multiple client PC's. I come from MS in the past so I am a bit spoiled in regards to development toolset, but it would be awesome if I could get something similar to TFS.

When trying to set up either gitosis (I understand this is deprecated for the git community per https://serverfault.com/questions/225495/ubuntu-server-gitosis-user-naming-convention) or gitolite, it seems as though as soon as I set it up I have to be extremely careful because it seems everything is balancing on toothpicks.

My latest attempt to set up a git server included moving my public key (benny.pub) from my laptop to the server, setting everything using that public key and pulling down the config to set up a repo and permissions. I then realized I want to develop on another PC so I created a new key (benny@desktop.pub) and renamed benny.pub to benny@laptop.pub which screwed things up obviously. This is where I know I was dumb by changing the name.

My question after a long-winded description is this: how can I set up a sturdy self-hosted git server with the ability to have multiple developers log in from multiple machines while maintaining security, etc? There has to be a proven technique (gitolite describes maybe 4-5 different ways...also frustrating) to do this as I'm sure I'm not the only one trying to do this exact same thing. Maybe git isn't right for my team?

Any help is greatly appreciated!

回答1:

From my experience, all you need is a SSH server with a single git account/login that you are able to connect to using one of your public keys. Install gitolite using SSH (copies gitloite from your client to the server & does the basic setup) and have your developers send you their public keys. Add these keys to the gitolite-admin repository in your ~ and push.

Why does a developer need more than one keypair in the first place, even if multiple machines are used? Such cases will neither influence how SSH handles authentication nor how gitolite handles authorization: they're still SSH keys.

  • If a developer has to use several keypairs (one for git, another for some other server), let them handle the complexity and advise them to create an entry in ~/.ssh/config for each keypair/server combination they use.

  • If a developer has a different keypair on every machine used, gitolite groups can combine several public keys:

@agross = agross-1 agross-2


回答2:

A couple of pointers:

The section about git on the server on Scott Chacon's pro git book

Gitorious is FOSS



回答3:

I maintain a gitosis config at work, and when a developer has multiple ssh keys, all I have to do is put all these keys in the same keydir/user.pub file.

So concatenate all your keys into keydir/benny.pub and you shoud be all set.



回答4:

There are a few open source git hosting solutions with a web-based UI for creating repositories and adding users (like GitHub:FI)... though I don't know about restricting access:

  • Gitorious (Ruby)
  • InDefero (PHP)
  • Girocco (Perl, shell scripts)

HTH



回答5:

i am using debian with every developer having an account on the server. i use ssh with private key login. Finally a developer has to use a url like ssh://username@example.com/git-repo/repo.git to checkout or in any case interact with git on repo



回答6:

I think the problem is that you ssh client (windows or linux version) is not finding the key file. I had the same problem and solved this way:

  • In my notebook, generated the key file (rafael.nicoletti@mycorporation) in ~/.ssh folder (where ~ is home folder. windows version is %HOME% env)
  • I added a file name config in ~/.ssh with following content:

    IdentityFile ~/.ssh/rafael.nicoletti@corporation

In every location i want to access my git servers, i just copy those files in my %HOME% folder

You can also put the some things like this in config file:

IdentityFile /d/identity.key
IdentityFile /e/identity.key
IdentityFile /f/identity.key
IdentityFile /.../identity.key

So the config will look for keys in removable medias.