What is gitosis?
gitosis is a wrapper around git that makes it easier share repositories, especially as it relates to managing access rights.
Why Should I Care?
The benefit that made me check it out is that I don't have to create an account on my dev machine for every single developer to whom I'd like to give access to some of my git repos.
Assumptions
- You installed git and python from MacPorts.
- You have enabled "Remote Login" in the "Sharing" Preferences pane.
- You have a public key (typically generated via ssh-keygen); see the man pages for more details.
Installation
Preliminary Steps
- Create a git user
- Add git to the list of users who can ssh in
- Configure git's .bashrc (NOT .bash_profile) so port-installed apps are on the PATH. Mine looks like
export PATH=/opt/local/bin:/opt/local/sbin:/opt/local/Library/Frameworks/Python.framework/Versions/Current/bin/:$PATH
export MANPATH=/opt/local/share/man:$MANPATH
Installing gitosis
- cd /tmp
- mkdir src
- cd src
- git clone git://eagain.net/gitosis.git
- cd gitosis
- python setup.py install
- sudo chmod 755 /Users/git/repositories/gitosis-admin.git/hooks/post-update
Configuration
Setting up Admin Access
Add yourself as an admin (member of the gitosis-admin group) by executing sudo -H -u git gitosis-init < ~/.ssh/id_dsa.pub. This will use your public key as input into gitosis-init and set you up as an admin.
Cloning the Admin Repo
Try git clone git@`$HOST`:gitosis-admin.git. It should work. If it doesn't, and complains about the other end unexpectedly hanging up, the $PATH for git is probably misconfigured. Make sure you configured .bashrc, because .bash_profile won't stick around.
Configuring a New Repo
You make configuration changes to gitosis by editing your local clone of gitosis-admin and FIXME kbd pushing them back. Let's add a new repo.
- Open up gitosis.conf in your editor of choice
- Add an entry like the one below
- Save
- git push
[group fabfour]
members = john paul george ringo
writable = the_monkeys_are_hacks
Breaking It Down
[group fabfour]
We're defining a new group, named fabfour.
members = john paul george ringo
Adding john, paul, george, ringo as members of the fabfour group.
writable = the_monkeys_are_hacks
Listing the_monkeys_are_hacks as the only writable repo for the fabfour group. In case you're saying "Wait, I don't have a the_monkeys_are_hacks repo!" don't worry, that's coming next. You have to do all of this before you try to push anything to gitosis.
Populating Your New Repo
-
- If the repo doesn't exist, create it
-
- mkdir the_monkeys_are_hacks
- cd the_monkeys_are_hacks
- git init
- Do Work Here and Commit It
-
Add your new gitosis-managed repo as a remote; inside your repo, execute git remote add origin git@`$HOST`:the_monkeys_are_hacks.git
-
Push to it; inside your repo, execute git push origin master:refs/heads/master
If the last step fails with an inscrutable error, there's a good chance you forgot to chmod the post-update hook.
Actually Letting John and the Gang Access the Repo
Before john, paul, george, or ringo can actually get into the server, you need to add their public keys under gitosis-admin/keydir. I'm going to wave my hands concerning how you get the public keys, but they need to be added to gitosis-admin/keydir and they need to be named using the convention username.pub, so we'd have:
- cd gitosis-admin
- cp /tmp/john.pub keydir/
- cp /tmp/paul.pub keydir/
- cp /tmp/george.pub keydir/
- cp /tmp/ringo.pub keydir/
- git add keydir/john.pub keydir/paul.pub keydir/george.pub keydir/ringo.pub
- git ci -m "Adding the keys for the Fab Four"
- git push
Want More?
- Check out this extremely detailed (non-Mac-specific) guide.
Back to flipping out...
