aboutsummaryrefslogtreecommitdiff
path: root/research/git.mdwn
blob: 20e1868d0a39f8a1bf24e34ab7dd95748ad29c6e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
[[!meta title="Git"]]

Git research and development.

Barebones shared git repositories
---------------------------------

No gitolite, gitosis, gitlab or whatever involded. Only OpenSSH and git is needed.

### Basic config

If needed, create a host instance for your git server at your `~/.ssh/config`:

    Host git.project.org gitserver
      HostName git.project.org

Now make sure you can log into the server using key-based auth.

### Server config

    sudo apt install git
    sudo adduser git --home /var/git
    sudo mkdir              /var/git/repositories
    sudo chown git.         /var/git/repositories
    sudo chmod 775          /var/git/repositories
    sudo usermod -a -G git `whoami` # add yourself into the git group

### Creating a repository

At your computer:

    repo="name-your-project-here"
    mkdir $repo
    cd $repo
    git init
    git remote add origin ssh://gitserver/var/git/repositories/$repo.git

Then do your regular stuff: create files, commit stuff, etc:

    touch test
    git add .
    git commit -m "Initial import"

### Copy a bare git repo to the server

    cd ..
    git clone --bare $repo $repo.git
    scp -r $repo.git gitserver:/var/git/repositories/$repo.git

### Making the repository shareable

In the server:

    sudo chgrp -R git /var/git/repositories/$repo.git
    sudo chmod 775    /var/git/repositories/$repo.git

    find /var/git/repositories/$repo.git/ -type f -exec sudo chmod 664 {} \;
    find /var/git/repositories/$repo.git/ -type d -exec sudo chmod 775 {} \;

Now make sure that the repository configuration has the following option at the `core` section:

    sharedRepository = group

You can edit `/var/git/repositories/$repo.git/config` to add this config or just run
the following commands:

    git -C /var/git/repositories/$repo.git config core.sharedRepository group

### Daily workflow

From now on, you can work at your computer's local `$repo` as usual:

    cd $repo
    git pull
    touch another-test
    git add .
    git commit -m "Adds another-test"
    git push # this sends changes back to your git server

### Adding more users into the game

You can add existing users to edit the repository given that:

* They have accounts in the system.
* They are added into the `git` group.

If they also use key-based auth they can seamlessly contribute to your repository
as if you were using a more complex repository manager like gitolite or a service
like gitlab.

You can even try to implement some more complex access control by using different
groups for each project so you're not bound to the `git` group.

### References

- [How to make bare git repository group-writable after pushing?](http://stackoverflow.com/questions/15881104/how-to-make-bare-git-repository-group-writable-after-pushing).
- [Create Git bare / shared remote repository](http://pietervogelaar.nl/create-git-bare-shared-remote-repository/).
- [How to clone and share a Git repository over SSH](http://linuxaria.com/pills/how-to-clone-and-share-a-git-repository-over-ssh?lang=en)
- [Git - Getting Git on a Server](https://git-scm.com/book/en/v2/Git-on-the-Server-Getting-Git-on-a-Server).
- [Git - Setting Up the Server](https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server).

Further development
-------------------

* [gitly self-hosted](https://gitly.io).
* [Git Large File Storage - Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server like GitHub.com or GitHub Enterprise.](https://git-lfs.github.com/)  / [#792075 - ITP: git-lfs -- Git Large File Support. An open source Git extension for versioning large files - Debian Bug report logs](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792075).
* signed commits:
  * check using gpgv?
  * [Validating other keys on your public keyring](https://www.gnupg.org/gph/en/manual/x334.html)
  * https://git-annex.branchable.com/tips/using_signed_git_commits/
  * http://stackoverflow.com/questions/17371955/verifying-signed-git-commits
  * https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
  * https://mikegerwitz.com/papers/git-horror-story.html
* Push-to-deploy plugin:
  * http://superuser.com/questions/230694/how-can-i-push-a-git-repository-to-a-folder-over-ssh
  * https://devcenter.heroku.com/articles/git
  * https://github.com/blog/1957-git-2-3-has-been-released (push-to-deploy)
  * https://github.com/git/git/blob/v2.3.0/Documentation/config.txt#L2155
  * http://stackoverflow.com/questions/1764380/push-to-a-non-bare-git-repository
  * http://bitflop.com/tutorials/git-bare-vs-non-bare-repositories.html
* Write a "git" interceptor:
  * Check proper user/email config.
  * Automatically set git-flow when initializing a repository.
  * Automatically set git-hooks integration.
  * Implement global hooks.
  * Check remote configuration.
  * Check hook tampering before doing anything in the repository, like removing hook permissions, see [discussion](https://stackoverflow.com/questions/35997624/how-to-disable-git-hooks-for-security-reason#35998287).
  * That can disable/mitigate hooks by changing permission and ownership on `~/.git/hooks`.