immerda.ch provides access to git repositories. Either single repositories on our general git-storage or your very own repository storage, that you can manage completely on your own.
To manage access and authorisation of a git repository storage, we use gitolite. So any information regarding how you can configure your different repositories can be found in gitolite's documentation.
To make your repositories browseable by web, we use cgit, which can be publically avaliable or protected by htpasswd.
What you can get
If you are a friend of us, you can get your own repository storage on our servers. Simply get in touch with us and we can create you either access to your own repositories on git.immerda.ch or your very own repository storage. While you can configure a lot on your own, there are a few decisions you need to make when ordering your own repository storage.
Should your repository storage:
be avaiable by other means than ssh?
Depending on the setup of your repository storage, you can access your git repositories by different means: ssh, git, http(s) . You can also configure the access to your repositories for these different protocols using the gitolite config file on a repository basis. But still you need to tell us by which protocols your repositories should (potentially be avaiable).
Access by http(s) will include the cgit webinterface to browse your repositories. But it can still be made non-public by allowing access only to these users, that can authenticated against ssh for your repository storage.
be publically available for anonymous pull?
If you do not want to have only private repositories for your own non-public project and share your work with the world, you might want to make them available for anonymous/unauthenticated pulls. This can happen over the git-protocol or http(s). Depending on which protocols you have choosen before, this will either be additionally only via authenticated https or if you want to share your work with the public by unauthenticated http(s).
be accessible with which domain name?
Which domain name will be used to access your repositories? This will be your domain to access your repositories, either by ssh, git or http(s) protocol.
use which login name?
You have to choose a login name for your repository storage. This will be the login name that you can use access your repositories by ssh. Also if you choose to make your repositories browseable by http(s), you will also be able to access them by http(s)://git-LOGINNAME.immerda.ch using the right certificate for the domain name.
As mentioned earlier: We use gitolite to manage access and authorisation to your repositories, so gitolite's documentation is a good starting point to learn how you can configure access to your different repositories.
daemon / git-protocol
If you want to make your repositories available by the git protocol, you will need to allow read-access for the daemon user:
repo some_repo RW = @developers R = daemon
You will then be able to clone these repositories by
If you want to make a repository browseable by cgit (and accessible via anonymous http(s)), you need - similar to the git-protocol - to allow the daemon user for this repository. Additionally you might want to set gitweb options that will be read by cgit and label your repository.
repo some_repo RW = @developers R = daemon config gitweb.owner = "Ada Lovelace" config gitweb.description = "My repository"
Repositories that are published in cgit are cloneable via anonymous http(s). So you will be able to clone any repository that is brwoseable in cgit with the following command:
git clone http://git.yourdomain.com/some_repo
If you have given yourself an htpasswd (see below) you will also be able to push changes to that repository over https. Either using https://git.yourdomain.com/some_repo or https://git-LOGINNAME.immerda.ch/some_repo
If you enabled http(s) as one of the protocols to access your git repositories, you can set a password for your username (in gitolite's config) using gitolite's htpasswd command:
ssh LOGINNAME@git.yourdomain.com htpasswd
This will set the login name for your gitolie user. And you will be able to push changes to your repositories by https using your gitlote-username and password.
https access to non browseable repositories
As mentioned earlier, you can also clone & fetch any published repositories using the smart-http protocol. However, you are also able to access any non-published repositories using the https-protocol using the htaccess authentication (see above) to authenticate yourself. For technical reasons, you need to prefix such non-public repositories with the following path _gl/. This means that your hidden_repo.git will be available using the following url:
https://git.yourdomain.com/_gl/hidden_repo.git # or https://git-LOGINNAME.immerda.ch/_gl/hidden_repo.git
This prefix is only required for repositories that are not browseable by cgit (a good example is often the gitolite-admin.git repository).