Services - gitolite

Installing a gitolite server

Gitolite provides a traditional source control management server for git, with multiple users and access rights management. gitolite can be installed with the following command:

sudo apt install gitolite3

Gitolite configuration

Configuration of the gitolite server is a little different that most other servers on Unix-like systems, in that gitolite stores its configuration in a git repository rather than in files in /etc/. The first step to configuring a new installation is therefore to allow access to the configuration repository.

First of all, let’s create a user for gitolite to use for the service:

sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git

Now we want to let gitolite know about the repository administrator’s public SSH key. This assumes that the current user is the repository administrator. If you have not yet configured an SSH key, refer to openssh-keys in this manual.

cp ~/.ssh/id_rsa.pub /tmp/$(whoami).pub

Let’s switch to the git user and import the administrator’s key into gitolite.

sudo su - git
gl-setup /tmp/*.pub

Gitolite will allow you to make initial changes to its configuration file during the setup process. You can now clone and modify the gitolite configuration repository from your administrator user (the user whose public SSH key you imported). Switch back to that user, then clone the configuration repository:

exit
git clone git@$IP_ADDRESS:gitolite-admin.git
cd gitolite-admin

The gitolite-admin contains two subdirectories, “conf” and “keydir”. The configuration files are in the conf dir, and the keydir directory contains the list of user’s public SSH keys.

Managing gitolite users and repositories

Adding a new user to gitolite is simple: just obtain their public SSH key and add it to the keydir directory as $DESIRED_USER_NAME.pub. Note that the gitolite usernames don’t have to match the system usernames - they are only used in the gitolite configuration file to manage access control. Similarly, users are deleted by deleting their public key files. After each change, do not forget to commit the changes to git, and push the changes back to the server with

git commit -a
git push origin master

Repositories are managed by editing the conf/gitolite.conf file. The syntax is space separated, and simply specifies the list of repositories followed by some access rules. The following is a default example

repo    gitolite-admin
        RW+     =   admin
        R       =   alice

repo    project1
        RW+     =   alice
        RW      =   bob
        R       =   denise

Using your server

Once a user’s public key has been imported by the gitolite admin and authorization granted to the user to one or more repositories, the user can access repositories with the following command:

git clone git@$SERVER_IP:$PROJECT_NAME.git

To add the server as a new remote for an existing git repository:

git remote add gitolite git@$SERVER_IP:$PROJECT_NAME.git

References

2 Likes

Btw, if you don’t need user access control it’s also possible to set up a bare Git server directly; see https://git-scm.com/book/en/v1/Git-on-the-Server