immerda:GitRepositories: Unterschied zwischen den Versionen

Aus immerda
Zur Navigation springen Zur Suche springen
Zeile 1: Zeile 1:
 +
<div style="width:50%;float:right;margin:10px 0px 0px 0px; border:2px solid blue; background-color: #dfefdf; padding:0.3em 1em 0.7em 2em;">
 +
<h2>git @ immerda - Quickbox</h2>
 +
<h3>Repository URLs</h3>
 +
<br/>
 +
{| border="0"
 +
|-
 +
| '''SSH'''
 +
| ssh://NAME@git.yourdomain.com:your/repository.git
 +
| ssh://git-NAME.immerda.ch:your/repository.git
 +
|-
 +
| '''cgit'''
 +
| http://git.your.domain.com/
 +
| https://git-NAME.immerda.ch/
 +
|-
 +
| '''GIT'''
 +
| git://git.your.domain.com/your/repository.git
 +
| git://git-NAME.immerda.ch/your/repository.git
 +
|-
 +
| '''HTTP'''
 +
| http://git.your.domain.com/your/repository.git
 +
| https://git-NAME.immerda.ch/your/repository.git
 +
|-
 +
| '''HTTPs'''<br/>private repositories
 +
| https://git-NAME.immerda.ch/_gl/your/repository.git
 +
|-
 +
|
 +
|}
 +
</div>
 
= Git Repositories =
 
= Git Repositories =
  
 
immerda.ch provides access to git repositories. Either single repositories on our [https://git.immerda.ch general git-storage] or your very own repository storage, that you can manage completely on your own.
 
immerda.ch provides access to git repositories. Either single repositories on our [https://git.immerda.ch general git-storage] or your very own repository storage, that you can manage completely on your own.
 
 
__TOC__
 
__TOC__
  
 
== General Information ==
 
== General Information ==
  
To manage access and authorisation of a git repository storage, we use [http://gitolite.com/gitolite/ gitolite]. So any information regarding how you can configure your different repositories can be found in [http://gitolite.com/gitolite/admin.html gitolite's documentation].
+
To manage access and authorization of a git repository storage, we use [http://gitolite.com/gitolite/ gitolite]. So any information regarding how you can configure your different repositories can be found in [http://gitolite.com/gitolite/admin.html gitolite's documentation].
  
To make your repositories browseable by web, we use [http://hjemli.net/git/cgit/ cgit], which can be publically avaliable or protected by htpasswd.
+
To make it possible to browse your repositories on the web, we use [http://hjemli.net/git/cgit/ cgit], which can be publicly available or protected by htpasswd.
  
 
== What you can get ==
 
== What you can get ==
  
If you are a friend of us, you can get your own repository storage on our servers. Simply [https://www.immerda.ch/about/contact.html get in touch with us] and we can create you either access to your own repositories on [https://git.immerda.ch git.immerda.ch] or your very own repository storage. While you can configure a lot on your own, there are a few decisions you need to make when ordering your own repository storage.
+
If you are a friend of us, you can get your own repository storage on our servers. Simply [https://www.immerda.ch/about/contact.html get in touch with us] and we can create you either access to your own repositories on [https://git.immerda.ch git.immerda.ch] or your very own repository storage, where you can manage your own access and give access to your friends without involving us. While you can configure a lot on your own, there are a few decisions you need to make before ordering your own repository storage.
  
 
Should your repository storage:
 
Should your repository storage:
Zeile 19: Zeile 46:
 
  be avaiable by other means than ssh?
 
  be avaiable by other means than ssh?
  
Depending on the setup of your repository storage, you can access your git repositories by different means: ssh, git, http(s) . You can also configure the access to your repositories for these different protocols using the gitolite config file on a repository basis. But still you need to tell us by which protocols your repositories should (potentially be avaiable).
+
Depending on the setup of your repository storage, you can access your git repositories by different means: ssh, git, http(s) . You can also configure the access to your repositories for these different protocols using the gitolite config file on a repository basis. But still you need to tell us by which protocols your repositories should (potentially be available).
  
 
Access by http(s) will include the cgit webinterface to browse your repositories. But it can still be made non-public by allowing access only to these users, that can authenticated against ssh for your repository storage.
 
Access by http(s) will include the cgit webinterface to browse your repositories. But it can still be made non-public by allowing access only to these users, that can authenticated against ssh for your repository storage.
  
  be publically available for anonymous pull?
+
  be publicly available for anonymous pull?
  
If you do not want to have only private repositories for your own non-public project and share your work with the world, you might want to make them available for anonymous/unauthenticated pulls. This can happen over the git-protocol or http(s). Depending on which protocols you have choosen before, this will either be additionally only via authenticated https or if you want to share your work with the public by unauthenticated http(s).
+
If you do not want to have only private repositories for your own non-public project and share your work (for example on free software projects) with the world, you might want to make them available for anonymous/unauthenticated pulls. This can happen over the git-protocol or http(s). Depending on which protocols you have chosen before, this will either be additionally only over authenticated https or if you want to share your work with the public by unauthenticated http(s).
  
 
  be accessible with which domain name?
 
  be accessible with which domain name?
Zeile 33: Zeile 60:
 
  use which login name?
 
  use which login name?
  
You have to choose a login name for your repository storage. This will be the login name that you can use access your repositories by ssh. Also if you choose to make your repositories browseable by http(s), you will also be able to access them by http(s)://git-LOGINNAME.immerda.ch using the right certificate for the domain name.
+
You have to choose a login name for your repository storage. This will be the login name that you can use access your repositories by ssh. Also if you choose to make it possible to browse your repositories by http(s), you will also be able to access them by ''http(s)://git-LOGINNAME.immerda.ch'' using a correct certificate for the domain name.
  
 
== Configuration ==
 
== Configuration ==
  
As mentioned earlier: We use gitolite to manage access and authorisation to your repositories, so [http://gitolite.com/gitolite/admin.html gitolite's documentation] is a good starting point to learn how you can configure access to your different repositories.
+
As mentioned earlier: We use gitolite to manage access and authorization to your repositories, so [http://gitolite.com/gitolite/admin.html gitolite's documentation] is a good starting point to learn how you can configure access to your different repositories.
 +
 
 +
=== SSH ===
 +
 
 +
All repository storages are available over the ssh protocol using public-ssh keys to authenticate you as an user. For more information we refer to [http://gitolite.com/gitolite/admin.html gitolite's documentation].
 +
 
 +
Access URL for your repository will look like:
 +
 
 +
  ssh://LOGINNAME@git.yourdomain.com
  
 
=== daemon / git-protocol ===
 
=== daemon / git-protocol ===
Zeile 55: Zeile 90:
 
=== http(s)-protocol ===
 
=== http(s)-protocol ===
  
If you want to make a repository browseable by cgit (and accessible via anonymous http(s)), you need - similar to the git-protocol - to give read access to the daemon user for this repository. Additionally you might want to set gitweb options that will be read by cgit and label your repository.
+
If you want to make a repository appear in the webinterface cgit (and accessible via anonymous http(s)), you need to - similar to the git-protocol - give read access to the daemon user for this repository. Additionally you might want to set gitweb options for the git config that will be read by cgit and for example label your repository in the webinterface.
  
 
<pre>
 
<pre>
Zeile 65: Zeile 100:
 
</pre>
 
</pre>
  
Repositories that are published in cgit are cloneable via anonymous http(s). So you will be able to clone any repository that is brwoseable in cgit with the following command:
+
Repositories that are published in a public cgit can be cloned using anonymous http(s). So you will be able to clone any repository that is avaiable in cgit with the following command:
  
 
  git clone http://git.yourdomain.com/some_repo
 
  git clone http://git.yourdomain.com/some_repo
  
If you have given yourself an htpasswd (see below) you will also be able to push changes to that repository over https. Either using https://git.yourdomain.com/some_repo or https://git-LOGINNAME.immerda.ch/some_repo
+
If you have given your user an htpasswd (see below on how to do that), you will also be able to push changes to that repository over https. Either using
 +
 
 +
  https://git.yourdomain.com/some_repo
 +
or
 +
  https://git-LOGINNAME.immerda.ch/some_repo
  
 
=== htaccess ===
 
=== htaccess ===
Zeile 77: Zeile 116:
 
  ssh LOGINNAME@git.yourdomain.com htpasswd
 
  ssh LOGINNAME@git.yourdomain.com htpasswd
  
This will set the login name for your gitolie user. And you will be able to push changes to your repositories by https using your gitlote-username and password.
+
This will set the login name for your gitolite user. And you will be able to push changes to your repositories by https using your gitolite-username and the set password.
 
 
  
=== https access to non browseable repositories ===
+
=== https access to non public repositories ===
  
As mentioned earlier, you can also clone & fetch any published repositories using the smart-http protocol. However, you are also able to access any non-published repositories using the https-protocol using the htaccess authentication (see above) to authenticate yourself. For technical reasons, you need to prefix such non-public repositories with the following path '''_gl/'''. This means that your '''hidden_repo.git''' will be available using the following url:
+
As mentioned earlier, you can also clone & fetch any published repositories using the smart-http protocol. However, you are also able to access any non-published repositories using the https-protocol using the configured htpasswd authentication (see above) to authenticate yourself. For technical reasons, you need to prefix such non-public repositories with the following path '''_gl/'''. This means that your '''hidden_repo.git''' will be available using the following url:
  
  https://git.yourdomain.com/_gl/hidden_repo.git # or
+
  https://git.yourdomain.com/_gl/hidden_repo.git # or with the correct certificate
 
  https://git-LOGINNAME.immerda.ch/_gl/hidden_repo.git
 
  https://git-LOGINNAME.immerda.ch/_gl/hidden_repo.git
  
This prefix is only required for repositories that are not browseable by cgit (a good example is often the '''gitolite-admin.git''' repository).
+
This prefix is only required for repositories that are not published in cgit. A good example is for example the '''gitolite-admin.git''' repository, which you might not want to publish in cgit, but still push changed to it over https.

Version vom 12. April 2013, 11:38 Uhr

git @ immerda - Quickbox

Repository URLs


SSH ssh://NAME@git.yourdomain.com:your/repository.git ssh://git-NAME.immerda.ch:your/repository.git
cgit http://git.your.domain.com/ https://git-NAME.immerda.ch/
GIT git://git.your.domain.com/your/repository.git git://git-NAME.immerda.ch/your/repository.git
HTTP http://git.your.domain.com/your/repository.git https://git-NAME.immerda.ch/your/repository.git
HTTPs
private repositories
https://git-NAME.immerda.ch/_gl/your/repository.git

Git Repositories

immerda.ch provides access to git repositories. Either single repositories on our general git-storage or your very own repository storage, that you can manage completely on your own.

General Information

To manage access and authorization of a git repository storage, we use gitolite. So any information regarding how you can configure your different repositories can be found in gitolite's documentation.

To make it possible to browse your repositories on the web, we use cgit, which can be publicly available or protected by htpasswd.

What you can get

If you are a friend of us, you can get your own repository storage on our servers. Simply get in touch with us and we can create you either access to your own repositories on git.immerda.ch or your very own repository storage, where you can manage your own access and give access to your friends without involving us. While you can configure a lot on your own, there are a few decisions you need to make before ordering your own repository storage.

Should your repository storage:

be avaiable by other means than ssh?

Depending on the setup of your repository storage, you can access your git repositories by different means: ssh, git, http(s) . You can also configure the access to your repositories for these different protocols using the gitolite config file on a repository basis. But still you need to tell us by which protocols your repositories should (potentially be available).

Access by http(s) will include the cgit webinterface to browse your repositories. But it can still be made non-public by allowing access only to these users, that can authenticated against ssh for your repository storage.

be publicly available for anonymous pull?

If you do not want to have only private repositories for your own non-public project and share your work (for example on free software projects) with the world, you might want to make them available for anonymous/unauthenticated pulls. This can happen over the git-protocol or http(s). Depending on which protocols you have chosen before, this will either be additionally only over authenticated https or if you want to share your work with the public by unauthenticated http(s).

be accessible with which domain name?

Which domain name will be used to access your repositories? This will be your domain to access your repositories, either by ssh, git or http(s) protocol.

use which login name?

You have to choose a login name for your repository storage. This will be the login name that you can use access your repositories by ssh. Also if you choose to make it possible to browse your repositories by http(s), you will also be able to access them by http(s)://git-LOGINNAME.immerda.ch using a correct certificate for the domain name.

Configuration

As mentioned earlier: We use gitolite to manage access and authorization to your repositories, so gitolite's documentation is a good starting point to learn how you can configure access to your different repositories.

SSH

All repository storages are available over the ssh protocol using public-ssh keys to authenticate you as an user. For more information we refer to gitolite's documentation.

Access URL for your repository will look like:

 ssh://LOGINNAME@git.yourdomain.com

daemon / git-protocol

If you want to make your repositories available by the git protocol, you will need to allow read-access for the daemon user:

repo	some_repo
	RW	= @developers
	R	= daemon

You will then be able to clone these repositories by

 git://git.yourdomain.com/some_repo.git

http(s)-protocol

If you want to make a repository appear in the webinterface cgit (and accessible via anonymous http(s)), you need to - similar to the git-protocol - give read access to the daemon user for this repository. Additionally you might want to set gitweb options for the git config that will be read by cgit and for example label your repository in the webinterface.

repo	some_repo
	RW	= @developers
	R	= daemon
  config gitweb.owner       = "Ada Lovelace"
  config gitweb.description = "My repository"

Repositories that are published in a public cgit can be cloned using anonymous http(s). So you will be able to clone any repository that is avaiable in cgit with the following command:

git clone http://git.yourdomain.com/some_repo

If you have given your user an htpasswd (see below on how to do that), you will also be able to push changes to that repository over https. Either using

 https://git.yourdomain.com/some_repo

or

 https://git-LOGINNAME.immerda.ch/some_repo

htaccess

If you enabled http(s) as one of the protocols to access your git repositories, you can set a password for your username (in gitolite's config) using gitolite's htpasswd command:

ssh LOGINNAME@git.yourdomain.com htpasswd

This will set the login name for your gitolite user. And you will be able to push changes to your repositories by https using your gitolite-username and the set password.

https access to non public repositories

As mentioned earlier, you can also clone & fetch any published repositories using the smart-http protocol. However, you are also able to access any non-published repositories using the https-protocol using the configured htpasswd authentication (see above) to authenticate yourself. For technical reasons, you need to prefix such non-public repositories with the following path _gl/. This means that your hidden_repo.git will be available using the following url:

https://git.yourdomain.com/_gl/hidden_repo.git # or with the correct certificate
https://git-LOGINNAME.immerda.ch/_gl/hidden_repo.git

This prefix is only required for repositories that are not published in cgit. A good example is for example the gitolite-admin.git repository, which you might not want to publish in cgit, but still push changed to it over https.