Search code examples
gitrepositorygit-shell

git-shell - New repositories

I have a server with a dedicated git user and repositories
I'm trying to use the git-shell method to allow my devs to work on several projects.

I'm about to change the shell of my git user to git-shell
If I do that, I won't be able to connect with a standard shell anymore (that's the idea).

Question: So how will I create new repositories ?

Will I have each time to connect with a sudoer and create the repo then chown it ?

Solution

  • Will I have each time to connect with a sudoer and create the repo then chown it ?

    Yes, you can see an example in the article "Git Local Repository Setup Guide" by Rami Al-Ghanmi (alghanmi):

    Repository Setup & Essentials

    First, we create the git user and set the account up for SSH Public Key Authentication and no terminal login.
    That means, the git account can not login using a password (only via PKA) and has no regular shell access. Instead, it will be using a special git shell with a limited set of commands.

    #Create git user account
sudo adduser --shell $(which git-shell) --gecos 'git version control' --disabled-password git

#Add git user to the appropriate groups
sudo usermod -a -G www-data git
sudo usermod -a -G developers git

#Setup authorized_keys file for access
sudo mkdir -p /home/git/.ssh
sudo touch /home/git/.ssh/authorized_keys
sudo chmod 600 /home/git/.ssh/authorized_keys
sudo chmod 700 /home/git/.ssh

#Copy the git-shell-commands to get limited shell access
sudo cp -r /usr/share/doc/git/contrib/git-shell-commands /home/git/
sudo chmod 750 /home/git/git-shell-commands/*

#Fix permissions
sudo chown -R git:git /home/git/

    Add your SSH generated key to the authorized key list. You can repeat this step for all users you wish to give access to

    cat ~/.ssh/id_rsa.pub | sudo tee -a /home/git/.ssh/authorized_keys

    Allow the git user to access the system via SSH

    echo "AllowUsers git" | sudo tee -a /etc/ssh/sshd_config
sudo service ssh restart

    Create a location to store repositories

    sudo mkdir -p /home/repo
sudo chown -R git:www-data /home/repo

    Create a HelloWorld Repository

    #Create the directory (always end with .git)
sudo mkdir /home/repo/helloworld.git
cd /home/repo/helloworld.git
#Initialize a bare repository
sudo git --bare init

#Some meta-data
echo "Hello World Repository. Testing system configuration" | sudo tee /home/repo/helloworld.git/description
echo "[gitweb]" | sudo tee -a /home/repo/helloworld.git/config
echo -e "\towner = \\"Rami Al-Ghanmi\\"" | sudo tee -a /home/repo/helloworld.git/config

#Fix ownership of repository
sudo chown -R git:www-data /home/repo/helloworld.git

    Clone the repository, though empty, and add some code.
    Ignore the warning about cloning an empty repository.

    git clone git@$(hostname):/home/repo/helloworld.git
cd helloworld
wget https://raw.github.com/gist/3205222/HelloWorld.cpp
git add HelloWorld.cpp
git commit -m "Initial commit with HelloWorld in C++"
git push origin master