git gitolite

gitolite简介

1
2
gitolite是一款perl语言开发的git服务管理工具,通过公钥对用户进行认证,并能够通过配置文件对写操作进行基于分之和路径的精细授权
gitolite采用SSH协议并且使用SSH公钥认证

Git使用SSH协议:

1
2
3
4
5
SSH协议用于为Git提供远程读写操作,是远程写操作的标准服务,在智能HTTP协议出现之前,甚至是写操作的唯一标准服务.

SSH协议有两种方式来实现Git服务:
方式一: 使用标准的SSH账号访问版本库
方式二: 所有用户使用同一个专用的SSH账号访问版本库,访问时通过公钥认证的方式.通过在建立连接时所用的不同公钥来区分不同的用户身份.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
1.指定创建公钥/私钥:
ssh-keygen -f ~/.ssh/test

2.拷贝公钥到服务端:
ssh-copy-id -i ~/.ssh/test.pub user@server

3.连接测试:
ssh user@server 默认使用的是~/.ssh/id_rsa.pub公钥

4.通过创建主机别名,在连接主机时选择特定的公钥: ~/.ssh/config
host bj //定义的别名
user git //表示登录时使用的用户名
hostname bj.com //表示登录主机的主机名
port 22
identityfile ~/.ssh/beijing //认证时使用的公钥文件

5.测试
ssh bj
git clone bj:path/to/repos/myrepo.git

gitolite安装

1.创建用户(Server)

1
2
[root@localhost ~]# useradd git
[root@localhost ~]# echo 'y+{3InfLAz' | passwd --stdin git

2.下载gitolite

1
2
3
4
[root@localhost ~]# su - git
[git@localhost ~]$ git clone https://github.com/sitaramc/gitolite.git
[git@localhost ~]$ mkdir -p $HOME/bin
[git@localhost ~]$ gitolite/install -to $HOME/bin

3.创建密钥对(Client)

1
2
[root@localhost ~]# ssh-keygen
[root@localhost ~]# cp ~/.ssh/id_rsa.pub /tmp/admin.pub
1
2
3
4
5
6
[root@localhost ~]# su - git
[git@localhost ~]$ bin/gitolite setup -pk /tmp/admin.pub
Initialized empty Git repository in /home/git/repositories/gitolite-admin.git/
Initialized empty Git repository in /home/git/repositories/testing.git/
WARNING: /home/git/.ssh/authorized_keys missing; creating a new one
(this is normal on a brand new install)

4.克隆git管理

1
2
3
4
5
6
[root@localhost ~]# git clone git@192.168.10.75:gitolite-admin
Cloning into 'gitolite-admin'...
remote: Counting objects: 6, done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 6 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (6/6), done.

5.客户提供ssh public key

1
$ ssh-keygen -t rsa -f ~/.ssh/liupeng

6.让客户将生成的liupeng.pub放到gitolite-admin/keydir目录下

1
2
3
4
5
[root@localhost keydir]# pwd
/root/gitolite-admin/keydir

[root@localhost keydir]# ls -l liupeng.pub
-rw-r--r-- 1 root root 403 Nov 24 19:48 liupeng.pub

7.设置用户权限

1
2
3
4
5
6
7
8
[root@localhost conf]# pwd
/root/gitolite-admin/conf
[root@localhost conf]# vim gitolite.conf
repo gitolite-admin
RW+ = admin
repo devops
RW+ = liupeng
R = @all

8.将配置上传

1
2
3
4
5
6
7
8
9
[root@localhost gitolite-admin]# pwd
/root/gitolite-admin
[root@localhost gitolite-admin]# git config --global user.email "liu_p@jointwisdom.cn"
[root@localhost gitolite-admin]# git config --global user.name "liu_p"
[root@localhost gitolite-admin]# git config --global push.default simple

[root@localhost gitolite-admin]# git add .
[root@localhost gitolite-admin]# git commit -m "add repo devops"
[root@localhost gitolite-admin]# git push

9.客户端设置别名

1
2
3
4
5
6
$vim ~/.ssh/config
host devops
user git
hostname 124.27.242.3
port 520
identityfile ~/.ssh/liupeng

10.客户端克隆

1
2
3
4
5
6
7
8
9
$git clone git@devops:devops.git

$git config --global user.email "liu_p@jointwisdom.cn"
$git config --global user.name "liu_p"
$git config --global push.default simple

$git add .
$git commit -m "update"
$git push

添加新用户(在gitserver上):

1.生成ssh-key

1
2
[root@localhost ~]# ssh-keygen -t rsa -C "test" -f ~/.ssh/test
[root@localhost ~]# cp ~/.ssh/genghongyu.pub gitolite-admin/keydir/genghongyu.pub

2.修改gitolite配置文件

1
2
3
4
5
6
7
8
9
[root@localhost ~]# vim gitolite-admin/conf/gitolite.conf
@devssp = test
repo test
RW+ = @devssp
R = @all
[root@localhost ~]# cd gitolite-admin/
[root@localhost gitolite-admin]# git add .
[root@localhost gitolite-admin]# git commit -m "add genghongyu to devssp"
[root@localhost gitolite-admin]# git push

3.客户端将私钥(test)保存到本地,同时修改”.ssh/config”配置文件

1
2
3
4
5
6
7
8
$ ls -l ~/.ssh/genghongyu
-rw-r--r-- 1 admin 197121 1675 11月 25 14:50 /c/Users/admin/.ssh/genghongyu
$ cat ~/.ssh/config
host test
user git
hostname 192.168.10.75
port 22
identityfile ~/.ssh/test

4.客户端克隆

1
$git clone git@test:test.git

apt-get install gitolite3

1
2
3
4
opsys@ubuntu:~$ sudo apt-get -y install openssh-server openssh-client
opsys@ubuntu:~$ sudo apt-get -y install git
opsys@ubuntu:~$ sudo adduser --system --shell /bin/sh --group --disabled-password --home /home/git git
opsys@ubuntu:~$ sudo apt-get -y install gitolite3
1
2
3
4
5
6
7
8
opsys@ubuntu:~$ ssh-keygen
opsys@ubuntu:~$ vim .ssh/config
host gitserver
user git
hostname 192.168.10.19
port 22
identityfile ~/.ssh/id_rsa
opsys@ubuntu:~$ cp .ssh/id_rsa.pub /tmp/opsys.pub
1
2
3
4
5
6
7
8
9
10
11
12
opsys@ubuntu:~$ sudo su -
root@ubuntu:~# su - git
$ gitolite setup -pk /tmp/opsys.pub
Initialized empty Git repository in /home/git/repositories/gitolite-admin.git/
Initialized empty Git repository in /home/git/repositories/testing.git/
WARNING: /home/git/.ssh missing; creating a new one
(this is normal on a brand new install)
WARNING: /home/git/.ssh/authorized_keys missing; creating a new one
(this is normal on a brand new install)
$ exit
root@ubuntu:~# exit
logout
1
2
3
4
5
6
7
8
9
10
11
opsys@ubuntu:~$ git clone git@gitserver:gitolite-admin.git
Cloning into 'gitolite-admin'...
The authenticity of host '192.168.10.19 (192.168.10.19)' can't be established.
ECDSA key fingerprint is SHA256:HgWObuliUUy72v/lIm9ZF4KviIDzEkABmsanW+H9dJU.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.10.19' (ECDSA) to the list of known hosts.
remote: Counting objects: 6, done.
remote: Compressing objects: 100% (4/4), done.
Receiving objects: 100% (6/6), 737 bytes | 0 bytes/s, done.
remote: Total 6 (delta 0), reused 0 (delta 0)
Checking connectivity... done.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
opsys@ubuntu:~$ cd gitolite-admin/
opsys@ubuntu:~/gitolite-admin$ cat conf/gitolite.conf
@devops = penn admin
repo gitolite-admin
RW+ = opsys penn
repo devops
RW = @devops
opsys@ubuntu:~/gitolite-admin$ ls keydir/
admin.pub opsys.pub penn.pub
opsys@ubuntu:~/gitolite-admin$ git config --global user.email "smallasa@sina.com"
opsys@ubuntu:~/gitolite-admin$ git config --global user.name "penn"
opsys@ubuntu:~/gitolite-admin$ git config --global push.default simple
opsys@ubuntu:~/gitolite-admin$ git add conf keydir
opsys@ubuntu:~/gitolite-admin$ git commit -m "create new repo: devops"
opsys@ubuntu:~/gitolite-admin$ git push
1
2
客户端直接下载文件:
git clone git@gitserver:devops.git

git gitlab

gitlab install

1. gitlab base install

1
2
3
4
5
[root@gitserver ~]#  yum -y install curl policycoreutils openssh-server openssh-clients
[root@gitserver ~]# yum -y install postfix
[root@gitserver ~]# systemctl enable sshd
[root@gitserver ~]# systemctl enable postfix
[root@gitserver ~]# systemctl start postfix

2. gitlab install

1
2
[root@gitserver ~]# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
[root@gitserver ~]# yum install gitlab-ce

3. gitlab configuration

1
[root@gitserver ~]# gitlab-ctl reconfigure

4. gitlab stop/start

1
2
3
4
5
6
7
8
[root@gitserver ~]# gitlab-ctl stop
ok: down: gitlab-workhorse: 1s, normally up
ok: down: logrotate: 0s, normally up
ok: down: nginx: 1s, normally up
ok: down: postgresql: 0s, normally up
ok: down: redis: 1s, normally up
ok: down: sidekiq: 0s, normally up
ok: down: unicorn: 1s, normally up
1
2
3
4
5
6
7
8
[root@gitserver ~]# gitlab-ctl start
ok: run: gitlab-workhorse: (pid 12049) 1s
ok: run: logrotate: (pid 12054) 0s
ok: run: nginx: (pid 12060) 0s
ok: run: postgresql: (pid 12062) 1s
ok: run: redis: (pid 12070) 0s
ok: run: sidekiq: (pid 12074) 1s
ok: run: unicorn: (pid 12077) 0s

git init

git init

1
2
3
4
git config --global user.email "smallasa@sina.com"
git config --global user.name "penn"
git config --global push.default simple
git config --global http.postBuffer 24288000

git errors

1
2
3
4
5
6
7
8
9
10
$ git push --set-upstream origin relase
Counting objects: 2707, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2693/2693), done.
Writing objects: 100% (2707/2707), 36.23 MiB | 6.32 MiB/s, done.
Total 2707 (delta 340), reused 0 (delta 0)
error: RPC failed; HTTP 413 curl 22 The requested URL returned error: 413 Request Entity Too Large
fatal: The remote end hung up unexpectedly
fatal: The remote end hung up unexpectedly
Everything up-to-date

hexo install

1.git install

1
penn@smallasa:~$ sudo apt-get install git

2.nodejs install

1
2
penn@smallasa:~$ wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.32.1/install.sh | bash
penn@smallasa:~$ NVMW_NODEJS_ORG_MIRROR=https://npm.taobao.org/mirrors/node nvm install v6.9.1

3.hexo install

1
2
3
4
5
6
penn@smallasa:~$ npm --registry=http://r.cnpmjs.org install -g hexo-cli
penn@smallasa:~$ npm --registry=http://r.cnpmjs.org install hexo-server --save
penn@smallasa:~$ npm --registry=http://r.cnpmjs.org install hexo-deployer-git --save
penn@smallasa:~$ npm --registry=http://r.cnpmjs.org install hexo-asset-image --save
or:
penn@smallasa:~$ npm install https://github.com/CodeFalling/hexo-asset-image --save

4.hexo setup

1
2
3
4
penn@smallasa:~$ hexo init blog
penn@smallasa:~$ cd blog/
penn@smallasa:~/blog$ npm install
penn@smallasa:~/blog$ npm install hexo-deployer-git --save
1
2
3
4
5
6
7
8
9
10
penn@smallasa:~/blog$ ls -1
_config.yml //Site configuration file
db.json
hs
node_modules
package.json //Application data.The EJS, Stylus and Markdown renderers are installed by default
public
scaffolds //When you create a new post, Hexo bases the new file on the scaffold.
source //This is where you put your site’s content.
themes //Hexo generates a static website by combining the site contents with the theme.

5.hexo start

1
2
3
penn@smallasa:~/blog$ hexo generate
penn@smallasa:~/blog$ hexo server -i 0.0.0.0 -p 4000
penn@smallasa:~/blog$ hexo server -s -i 0.0.0.0 -p 4000

拓展:

1
hexo server -s 启动静态模式,在静态模式中,只有public文件夹下的文件才会被放到服务器上,并且文件监听功能关闭.你可以在运行 hexo g 命令后运行该命令,通常用于生产系统中。
1
2
3
4
penn@smallasa:~/blog$ hexo new draft xixi
INFO Created: ~/blog/source/_drafts/xixi.md
penn@smallasa:~/blog$ hexo publish post xixi
INFO Published: ~/blog/source/_posts/xixi.md

1.hexo初始化

1
2
3
4
penn@smallasa:~$ hexo init blog
penn@smallasa:~$ cd blog/
penn@smallasa:~/blog$ npm install
penn@smallasa:~/blog$ npm install hexo-deployer-git --save //一定要在执行一次,否则上传git失败

2.修改_config.yaml文件

1
2
3
4
5
6
# Deployment
## Docs: https://hexo.io/docs/deployment.html
deploy:
type: git
repo: git@github.com:smallasa/smallasa.github.io.git
message: "{{ now('YYYY-MM-DD HH:mm:ss') }}"

3.常用命令

1
2
3
penn@smallasa:~/smallasa$ hexo clean
penn@smallasa:~/smallasa$ hexo generate
penn@smallasa:~/smallasa$ hexo deploy

4.客户端生成key

1
penn@smallasa:~$ ssh-keygen -t rsa -C "smallasa@sina.com"

5.查看公钥key,并复制

1
2
penn@smallasa:~$ cat /home/penn/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQgp76U/ftMfAAauoBC98fS9aj+/sMBMvXiqYVU4GJVukEXs9Cf5fkr9E9c39Rj2ZmBfWVftaOHbXuqT1rytH0qWXav4Qj7fIQ6B+y5M9FV6+RFClgqXBhJcg5K9rirjCzwFC2Lf60TEPTHFr/nebc8i6X6E5qSFtyOG5YYocXUKLsJp3LZZ9CF2f2JiT298/OW7kZgGdFBQ397kBc9+aCAPCCyOr9UMpU3GzMFALf3HOgQvQXncFRvSxTyEX/Er5KORqQp/Se5gDsH/QqJlcy7Fgp3GBMEUCdwrxBxcTrlKQePQn0VxSM5bFgCxGxwHH5bVddaV1DnUCaZHccZj7R smallasa@sina.com

6.登录github,切换到对应的repo(没有就创建一个新的),选择setting=>deploy keys=> add key

7.客户端设置

1
2
3
penn@smallasa:~$ git config --global user.name "penn"
penn@smallasa:~$ git config --global user.email "smallasa@sina.com"
penn@smallasa:~$ git config --global core.longpaths true

8.客户端测试

1
2
3
4
5
6
penn@smallasa:~$ ssh -T git@github.com
The authenticity of host 'github.com (192.30.253.112)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'github.com,192.30.253.112' (RSA) to the list of known hosts.
Hi smallasa/smallasa.github.io! You've successfully authenticated, but GitHub does not provide shell access.

Error: git clone 时显示Filename too long的解决办法:

1
git config --global core.longpaths true