How to install and build Git Server using Gitosis in CentOS 6.3

How to install and build Git Server using Gitosis in CentOS 6.3

Git, as a distributed version control system, generally communicates with servers over the ssh protocol when using git. The main advantage of using ssh is that it is fast (data is compressed before transmission, faster than HTTP), secure, and easy to read and write.
 
There are two authentication methods for the client to access the server through ssh. One is the user name and password, and the other is the public/private key authentication method. it is convenient to use the public/private key. You do not need to enter the password for each login.

The public key of a trusted client will be set on the server side ~ /. In the ssh/authorized_keys file, for the format of this file, see the sshd user manual man sshd. authorized_keys has a powerful function that supports the command parameter, so that each time you use this public key for verification, execute the following command. in this way, you can perform some logic processing.

In general, the management of git databases requires permission control. How can we easily manage the permissions of databases? Authorized_keys is an idea. It specifies a specific command parameter. After verifying the user, it first executes the relevant logic to check whether the current user has a certain permission. As a result, gitosis is not so much a git permission management system as an authorized_keys File Manager.

Solution:

Environment deployment

Operating System: CentOS6.3 x64
Git: git-1.7.1
Gitosis: Gitosis
Gitweb: 1.7.1-3
OpenSSH Server: openssh-server-5.3p1
Apache: httpd-2.4.4
Python-setuptools: python-setuptools-0.6.10-3

Git server (centos6.3 x64): node2.example.com
Git client (centos6.3 x64): node1.example.com

Server Configuration:

1. Disable iptables and SELINUX

The Code is as follows:
# Service iptables stop
# Setenforce 0
# Vi/etc/sysconfig/selinux
---------------
SELINUX = disabled
---------------

Ii. Synchronization time

The Code is as follows:
# Ntpdate cn.pool.ntp.org

3. install apache

Transport: http://www.bitsCN.com/article/54969.htm

4. install OpenSSH

1. install OpenSSH in yum:

The Code is as follows:
# Yum install openssh-server-y

2. Modify the ssh Server Configuration:

The Code is as follows:
# Vi/etc/ssh/sshd_config
------------------------------
Port 22 # change to the login Port you want
PermitRootLogin no # prohibit root User Login
StrictModes yes # Check whether the key user and permissions are correct.
RSAAuthentication yes # enable RSA Authentication
PubkeyAuthentication yes # enable Public Key Authentication
PasswordAuthentication yes # enable password authentication. It is enabled by default.
ServerKeyBits 1024 # change the intensity of ServerKey to 1024 bits after modification
PermitEmptyPasswords no # change to this status after modification. Do not log on with a blank password.
------------------------------

3. Restart the service:

The Code is as follows:
#/Etc/init. d/sshd restart

5. Install Git

The Code is as follows:
# Yum install git-core-y

6. Install Gitosis

1. Install Gitosis dependent on the python-setuptools package

The Code is as follows:
# Yum install python-setuptools-y

2. Install Gitosis

The Code is as follows:
# Cd ~
# Mkdir src
# Cd src
# Git clone https://github.com/tv42/gitosis.git
# Cd gitosis
# Python setup. py install

3. Create a system user for gitosis

The Code is as follows:
# Useradd-m git
# Passwd git

4. Run gitosis

(1). Upload or copy the Public Key generated by the Administrator to the server. The public key must be created by using the ssh-keygen command under the git server administrator.

The Code is as follows:
# Su-git

Ensure that the repository content is displayed on the web page.

The Code is as follows:
# Chmod-R 755/home/git
# Ssh-keygen-t rsa
# Cp ~ /. Ssh/id_rsa.pub/tmp

(2) initialize gitosis

Go to the directory where the copied id_rsa.pub is located.

The Code is as follows:
# Cd/tmp
# Gitosis-init <id_rsa.pub

In this case, the gitosis repository and configuration directory are generated under the/home/git directory.

The Code is as follows:
# Cd/home/git
# Ll
----------------------------------------------------------------
Drwxr-xr-x 2 git 4096 Aug 12 gitosis
Drwxr-xr-x 4 git 4096 Aug 12 repositories
---------------------------------------------------------------

(3) switch back to the current (root) User

The Code is as follows:
# Exit

(4). Configure permissions

If you want someone to be able To clone the gitosis-admin.git, you need to do the following:

The Code is as follows:
# Chmod 755/home/git/repositories/gitosis-admin.git/hooks/post-update

So far, the installation of gitosis has been completed, and the related configuration can be operated by the Administrator, and then submitted to the server.

(5) Now you can try to log on to the server by using SSH as the owner of the public key that initializes Gitosis. It should be shown as follows:

The Code is as follows:
# Su-git
$ Ssh git@127.0.0.1.
------------------------------------------------
PTY allocation request failed on channel 0
ERROR: gitosis. serve. main: Need SSH_ORIGINAL_COMMAND in environment.
Connection to gitserver closed.
------------------------------------------------

Gitosis recognizes the user's identity, but does not run any Git command, so it cut off the connection. Now, run an actual Git command-clone the Gitosis Control Repository:
Clone git repository on your local computer

The Code is as follows:
# Cd/tmp
# Git clone git @ gitserver: gitosis-admin.git

This will get a working directory named gitosis-admin, which consists of two parts:
Red indicates the git repository configuration, and blue indicates the files saved in the actual repository.

The Code is as follows:
# Cd gitosis-admin
# Ll-
----------------------------------------------------------
Total 20
Drwxr-xr-x 4 git 4096 Aug 12.
Drwxr-xr-x 4 git 4096 Aug 12 ..
Drwxr-xr-x 8 git 4096 Aug 12. git
-Rwxr-xr-x 1 git 157 Aug 12 gitosis. conf
Drwxr-xr-x 2 git 4096 Aug 12 keydir
-----------------------------------------------------------

The above operations are equivalent to initializing the system git user and becoming the gitosis administrator, and using the Administrator permission to clone the gitosis-admin repository to the local machine.

5. Add the local user john and the repository test to gitosis, and work with the Administrator git to manage gitosis

1. User john adds and sends id_rsa.pub to git

The Code is as follows:
# Su-
# Useradd john & passwd john
# Su-john
# Ssh-keygen-t rsa
-----------------------------------------------------------
Generating public/private rsa key pair.
Enter file in which to save the key (/home/john/. ssh/id_rsa ):
Created directory '/home/john/. ssh '.
Enter passphrase (empty for no passphrase ):
Enter same passphrase again:
Your identification has been saved in/home/john/. ssh/id_rsa.
Your public key has been saved in/home/john/. ssh/id_rsa.pub.
-----------------------------------------------------------
# Cp/home/john/. ssh/id_rsa.pub/tmp

2. gitosis administrator git assigns john Permissions

The Code is as follows:
# Su-git
# Mkdir projects
# Cd ~ /Projects
# Git clone git@node2.example.com: gitosis-admin
# Cd gitosis-admin
# Cat gitosis. conf
------------------------------------------------
[Gitosis]
[Group gitosis-admin]
Writable = gitosis-admin
Members = git@node2.example.com
------------------------------------------------
# Ls keydir/
-------------------------
Git@node2.example.com.pub
-------------------------
# Cp/tmp/id_rsa.pub keydir/john. pub
# Vi gitosis. conf
------------------------------------
[Gitosis]
[Group gitosis-admin]
Writable = gitosis-admin
Members = git@node2.example.com
[Group test]
Writable = test
Members = git@node2.example.com john
------------------------------------
# Git add.
# Git commit-am "add member john and project foo"
# Git push

3. Add the project test in git.

The Code is as follows:
# Su-git
# Cd ~ /Projects
# Mkdir test
# Cd test
# Git init
# Echo "Hello World."> hello.txt
# Git add hello.txt
# Git commit-am 'first commit'
# Git remote add origin git@node2.example.com: test. git
# Git push origin master

4. User john clone testand modify hello.txt

The Code is as follows:
# Su-john
# Git clone git@node2.example.com: test. git
# Cd test
# Date> hello.txt
# Git commit-am 'add time to hello.txt '& git push

The entire process is divided:

1. By modifying gitosis-admin to manage gitosis user permissions, You need to clone the permission to the local device, modify the configuration file, and add push to push the result to remote permission modification.

2. Add a system user, generate the public key of the user, and copy it to the keydir to perform git and other operations.

3. log on to the user account to perform git-related operations. After modification, commit and push to the server to complete the repository permission configuration.

7. Install gitweb

1. First, we need the source code of Git, which includes GitWeb and can generate custom CGI scripts:

The Code is as follows:
# Git clone git: // git.kernel.org/pub/scm/git/git.git
# Cd git/
# Make GITWEB_PROJECTROOT = "/home/git/repositories" prefix =/usr gitweb
# Cp-rf gitweb/usr/local/apache2/htdocs/

Note: the location of the Git repository is indicated by specifying the GITWEB_PROJECTROOT variable.

2. Set Apache to run the script in CGI Mode and add a VirtualHost Configuration:

(1) load the apache vhost configuration file

The Code is as follows:
# Vi/usr/local/apache2/conf/httpd. conf

Search for the line containing httpd-vhosts and remove the line comment.
(2) load the cgid module to support the perl language.

The Code is as follows:
# Vi/usr/local/apache2/conf/httpd. conf

Search for the row containing mod_cgid.so and remove the comment of the row.
(3) Configure VirtualHost

The Code is as follows:
# Vi/usr/local/apache2/conf/extra/httpd-vhosts.conf

Add the following Configuration:

The Code is as follows:
------------------------------------------
<VirtualHost *: 80>
ServerName git.example.com
DocumentRoot/usr/local/apache2/htdocs/gitweb
<Directory/usr/local/apache2/htdocs/gitweb>
Options + ExecCGI
AllowOverride All
Order allow, deny
Allow from all
AddHandler cgi-script cgi pl
DirectoryIndex gitweb. cgi
</Directory>
</VirtualHost>
------------------------------------------

(4) install the Time/HiRes. pm perl Module
Can't locate Time/HiRes. pm in @ INC… is reported when the web page is opened for the first Time .... Error
Solution:

The Code is as follows:
# Yum install perl-devel perl-CPAN-y
# Perl-MCPAN-e shell
Cpan [2]> install Time: HiRes
Cpan [3]> exit

(5) restart the apache service

The Code is as follows:
#/Usr/local/apache2/bin/apachectl restart

(6) modify the HOST of the Local Machine and open the gitweb page.
Http://git.example.com

Success ....

Fedora downloads Git through Http Proxy

Install Git on Ubuntu Server

Create a Git repository on the server (Ubuntu)

Git simple tutorial in Linux (taking Android as an example)

Git authoritative guide PDF

This article permanently updates the link address: