Difference between revisions of "Git Hosting"

From CSCWiki
Jump to navigation Jump to search
Line 19: Line 19:
 
(for syscom only)
 
(for syscom only)
 
<br>
 
<br>
If you need to keep the ability to push/pull from the filesystem, in addition to Gitea, you will need to make sure that the repo directory is owned by a group in which you are a member, and is group-writable.
+
If you need to keep the ability to push/pull from the filesystem, in addition to Gitea, you will need to take the following steps.
For example, let's say we want to make sure that everyone in the syscom group can push to a repo called 'keyring'.
+
In this example, we are migrating a repo called 'public/repo.git', which is a folder under /srv/git on caffeine (which is a symlink to /users/git).
 
The way we're doing this right now is kind of hacky, but it works:
 
The way we're doing this right now is kind of hacky, but it works:
 
<ol>
 
<ol>
<li>Change the name of the repo folder, e.g. <code>mv /srv/git/keyring.git /srv/git/keyring.git.bak</code></li>
+
<li>Clone the original repo locally: <code>git clone /srv/git/public/repo.git</code></li>
<li>Create a new repo with the name 'keyring' from the Gitea web UI. This should create a bare repository at <code>/srv/git/keyring.git</code>.</li>
+
<li>Delete the old repo (from phosphoric-acid, which has no_root_squash): <code>rm -rf /srv/git/public/repo.git</code></li>
 +
<li>Create a new repo with the name 'repo' from the Gitea web UI. This should create a bare repository at <code>/srv/git/public/repo.git</code>. (Make sure you choose the 'public' org from the dropdown.)</li>
 
<li>
 
<li>
Clone the keyring.git.bak repo to somewhere else (e.g. your homedir), add the Gitea URL as another remote, and push to the Gitea remote. e.g.
+
Push the original repo to the new remote:
 
<pre>
 
<pre>
cd ~
+
cd repo
git clone /srv/git/keyring.git.bak
+
git remote add gitea https://git.csclub.uwaterloo.ca/public/repo.git
cd keyring.git.bak
 
git remote add gitea https://git.csclub.uwaterloo.ca/public/keyring.git
 
 
git push gitea master
 
git push gitea master
 
</pre>
 
</pre>
 
</li>
 
</li>
 
<li>
 
<li>
Remove the new repo directory and replace it with the old one:
+
Change file permissions:
 
<pre>
 
<pre>
rm -rf /srv/git/keyring.git
+
chown -R git:git /srv/git/public/repo.git
mv /srv/git/keyring.git.bak /srv/git/keyring.git
+
chmod -R g+w /srv/git/public/repo.git
</pre>
 
(It appears that it is necessary to push to Gitea at least once for later changes to show up.)
 
</li>
 
<li>
 
Change file permissions if necessary:
 
<pre>
 
chown -R git:syscom /srv/git/keyring.git
 
chmod g+w /srv/git/keyring.git
 
 
</pre>
 
</pre>
 
You will need to do this from phosphoric-acid (due to NFS root squashing).
 
You will need to do this from phosphoric-acid (due to NFS root squashing).
 
</li>
 
</li>
 
</ol>
 
</ol>
After the steps above, you *should* be able to push to the keyring repo in three ways: Gitea via HTTPS, Gitea via SSH, and via the raw filesystem (i.e. <code>git clone /srv/git/keyring.git</code>). Furthermore, everyone in syscom should be able to push to it via the filesystem.
+
Note that the repo folder SHOULD be owned by git:git. Anything else will likely break Gitea. (If a user pushes something to the folder and their umask doesn't allow group members to read, for example, then Gitea will be unable to read the repo.)
 +
<br>
 +
This means that only trusted users should be in the git group - ideally, only syscom members.

Revision as of 11:57, 28 August 2021

We have a gitea instance running off of caffeine. You can sign in via LDAP to the web interface. Projects used by CSC as a whole are owned by the public organization.

Usage

"It's basically GitHub"

- raymo

SSH keys

It is recommended to setup SSH keys so that you do not have to enter your password each time you push to a repo. Once you have uploaded your public key, add the following to your ~/.ssh/config:

Host csclub.uwaterloo.ca
        HostName csclub.uwaterloo.ca
        IdentityFile ~/.ssh/id_rsa
        User git

(Replace ~/.ssh/id_rsa by the location of your private SSH key.) Now you should be able to clone, push and pull over SSH.

Pushing and pulling from the filesystem

(for syscom only)
If you need to keep the ability to push/pull from the filesystem, in addition to Gitea, you will need to take the following steps. In this example, we are migrating a repo called 'public/repo.git', which is a folder under /srv/git on caffeine (which is a symlink to /users/git). The way we're doing this right now is kind of hacky, but it works:

  1. Clone the original repo locally: git clone /srv/git/public/repo.git
  2. Delete the old repo (from phosphoric-acid, which has no_root_squash): rm -rf /srv/git/public/repo.git
  3. Create a new repo with the name 'repo' from the Gitea web UI. This should create a bare repository at /srv/git/public/repo.git. (Make sure you choose the 'public' org from the dropdown.)
  4. Push the original repo to the new remote:
    cd repo
    git remote add gitea https://git.csclub.uwaterloo.ca/public/repo.git
    git push gitea master
    
  5. Change file permissions:
    chown -R git:git /srv/git/public/repo.git
    chmod -R g+w /srv/git/public/repo.git
    

    You will need to do this from phosphoric-acid (due to NFS root squashing).

Note that the repo folder SHOULD be owned by git:git. Anything else will likely break Gitea. (If a user pushes something to the folder and their umask doesn't allow group members to read, for example, then Gitea will be unable to read the repo.)
This means that only trusted users should be in the git group - ideally, only syscom members.