Peter Blair

Creating a team git repository

At work, we’re looking into using GIT to replace SVN for our team SCM.  I’m looking into “hosting” a repository on my workstation, and have outlined a few steps to make this as painless as possible.

Step 1: Create a local user “git”

This should be as easy as issuing “useradd git” as root, and setting all of the required permissions.  I’m going to assume that the home dir for git is “/home/git”, and all of my scripts will make the same assumption.

Step 2: Create script to restrict SSH access to just git

We’re going to handle permissions by sharing SSH keys.  But, in order to stop users from just SSHing into the machine, and messing with things, we’ll use this wonderful tiny script to handle this.  Install the script as described in the page, set the permissions, and we’re done.

Step 3: Import a test SSH key

From another computer, generate a public SSH key, and paste the public key into git’s .ssh directory, within the file “authorized_keys”.  Take note that we’ll restrict certain SSH actions:


command="/usr/bin/gitserve git rw",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAA...

Step 4: Create a utility script for creating new bare projects

We’re only concerned with handling new bare project at the moment, and not importing existing project.  So, we can use this little shell script to do the needful:

Now, on the server, create a new project:

git@slowpoke:~$ bin/create_new_project.sh foo
Initialized empty Git repository in /home/git/tmp/foo/.git/
[master (root-commit) 988e2da] initial project
0 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644 README
Cloning into bare repository /home/git/foo.git...
done.

And our project is now available for consumption.

Step 5: Clone from remote

On a remote machine (my laptop in this case) I’ll clone the new git project.  Note, I’ve already had my public ssh key for my laptop installed under my workstation’s “git” user’s .ssh/authorized_keys file, so no extra authentication should be required.


pblair@pblair-laptop:~$ rm -rf stuff/
pblair@pblair-laptop:~$ mkdir stuff && cd stuff
pblair@pblair-laptop:~/stuff$ git clone git@slowpoke.internal.WORK.com:foo.git
Initialized empty Git repository in /home/pblair/stuff/foo/.git/
user git authorized
remote: Counting objects: 3, done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.

pblair@pblair-laptop:~/stuff$ ls -F
foo/
pblair@pblair-laptop:~/stuff$ cd foo/
pblair@pblair-laptop:~/stuff/foo$ echo "indeed" >> README

pblair@pblair-laptop:~/stuff/foo$ git commit -m "indeed" -a
[master 2c0ca9f] indeed
1 files changed, 1 insertions(+), 0 deletions(-)
pblair@pblair-laptop:~/stuff/foo$ git push
user git authorized
Counting objects: 5, done.
Writing objects: 100% (3/3), 242 bytes, done.
Total 3 (delta 0), reused 0 (delta 0)
To git@slowpoke.internal.WORK.com:foo.git
988e2da..2c0ca9f master -> master

Tagged with:

Categorised as: Uncategorized

Comments are closed.

Get Adobe Flash playerPlugin by wpburn.com wordpress themes