This page looks best with JavaScript enabled

Gitolite Server on FreeBSD

 ·  🎃 kr0m

Gitolite is a control layer over Git, which allows us certain functionalities such as using a single real user on the server, providing access to multiple virtual users, and controlling access to repositories in a detailed way through ssh keys.

We install the software with:

pkg install gitolite

We add the user with which the service will run:

adduser

Username: gitolite
Full name: gitolite
Uid (Leave empty for default):
Login group [gitolite]:
Login group is gitolite. Invite gitolite into other groups? []:
Login class [default]:
Shell (sh csh tcsh bash rbash git-shell nologin) [sh]:
Home directory [/home/gitolite]:
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]: no
Lock out the account after creation? [no]:
Username   : gitolite
Password   : <disabled>
Full Name  : gitolite
Uid        : 1002
Class      :
Groups     : gitolite
Home       : /home/gitolite
Home Mode  :
Shell      : /bin/sh
Locked     : no
OK? (yes/no): yes
adduser: INFO: Successfully added (gitolite) to the user database.
Add another user? (yes/no): no
Goodbye!

All the configuration of the repositories is managed through a main repository called gitolite-admin, from which we can create repositories, manage permissions and ssh keys. To be able to clone it for the first time, we must import a key to give it permissions on the repo.

We import the pubkey of the user who will clone:

su -l gitolite
gitolite setup -pk /tmp/kr0m.pub

From the PC where the private key associated with kr0m.pub is located, we clone the configuration repository:

git clone gitolite@IP_GITOLITE_SERVER:gitolite-admin.git

From the gitolite-admin repository, we can create the repositories we need or allow more users to manage gitolite. An example of a repository could be this:

vi gitolite-admin/conf/gitolite.conf

repo    REPONAME
    RW+     =   kr0m

Kr0m’s key must be in the keydir directory:

ls -la gitolite-admin/keydir/kr0m.pub

-rw-r--r-- 1 kr0m kr0m 395 Jun 25 2019 keydir/kr0m.pub

With this, kr0m will be able to do whatever he wants in the indicated repository.

We upload the changes:

cd gitolite-admin
git add conf/gitolite.conf
git add keydir/kr0m.pub
git commit -m “Assigned permissions to kr0m on the REPONAME repo”
git push

Now kr0m will be able to use the REPONAME repository:

git clone gitolite@IP_GITOLITE_SERVER:REPONAME.git

If we want to migrate a repository to GitOlite, it’s as simple as creating the repository using the gitolite-admin configuration and pushing it:

vi gitolite-admin/conf/gitolite.conf

repo REPO_NAME
    RW+     =   kr0m
git add conf/gitolite.conf
git commit -m "New REPO_NAME repository to be migrated"
git push

Then changing to the directory where the repository to be migrated was cloned and changing the origin-URL:

git remote set-url origin gitolite@datadyne.alfaexploit.com :REPO_NAME.git
git push

If you liked the article, you can treat me to a RedBull here