Search code examples
gitgitolite

How can I give read Access to everybody with gitolite

in my gitolite.conf i can set

repo    COOL_REPOSITORY
        RW+     =   me
        R       =   @all

This gives me writing access, and all other REGISTERED users have read access to my repository. Now my question is, can i give read access to everybody, not only to users which i have registered by storing their ssh-keys in my keydir?

Solution

  • You can call gitolite from an http VirtualHost configuration, like I do in my project.

    # GitHttp on @PORT_HTTP_HGIT@
Listen @PORT_HTTP_HGIT@
<VirtualHost @FQN@:@PORT_HTTP_HGIT@>
  ServerName @FQN@
  ServerAlias @HOSTNAME@
  SetEnv GIT_PROJECT_ROOT @H@/repositories
  SetEnv GIT_HTTP_EXPORT_ALL
  SetEnv GITOLITE_HTTP_HOME @H@
  ScriptAlias /hgit/ @H@/sbin/gitolite-shell/
  SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
  <Location /hgit>
    ...

    Gitolite doesn't require users to register ssh keys: it is only an authorization layer.

    But still calling gitolite through http ensure that you keep other Gitolite features active, like:

    • audit trail (in .gitolite/logs: you still know at least which IP address did clone/pull/push your repo)
    • control access (in case you need to remove the @all rule at any moment)

    Using directly git-daemon or a direct http access, without using Gitolite at all, would mean renouncing to any control access.