Pro Git - Chapter 4
Chapter 4
Git on the Server
The preferred method for collaborating with someone is to set up an intermediate repository that you both have access to, and push to and pull from that.We’ll refer to this repository as a “Git server”A remote repository is generally a bare repository — a Git repository that has no working directory.
The Protocols
Git can use four major network protocols to transfer data: Local, Secure Shell (SSH), Git, and HTTP.To clone a repository like this or to add one as a remote to an existing project, use the path to the repository as the URL.
$ git clone /opt/git/project.gitOr you can do this:
$ git clone file:///opt/git/project.gitThe SSH Protocol
To clone a Git repository over SSH,$ git clone ssh://user@server:project.gitGit assumes SSH if you aren’t explicit:
$ git clone user@server:project.git Git assumes the user you’re currently logged in as if not specify a user.
The Git Protocol
This is a special daemon that comes packaged with Git; it listens on a dedicated port (9418) that provides a service similar to the SSH protocol, but with absolutely no authentication. In order for a repository to be served over the Git protocol, you must create thegit-export-daemon-ok fileThe HTTP/S Protocol
Basically, all you have to do is put the bare Git repository under your HTTP document root and set up a specificpost-update hook. At that point, anyone who can access the web server under which you put the repository can also clone your repository.Other people can clone via something like
$ git clone http://example.com/gitproject.gitGetting Git on a Server
In order to initially set up any Git server, you have to export an existing repository into a new bare repository — a repository that doesn’t contain a working directory.In order to clone your repository to create a new bare repository, you run the clone command with the
--bare option. Git will automatically add group write permissions to a repository properly if you run the
git init command with the --shared option.$ git init --bare --shared Generating Your SSH Public Key
By default, a user’s SSH keys are stored in that user’s~/.ssh directory.You’re looking for a pair of files named something and something.pub, where the something is usually
id_dsa or id_rsa. The .pub file is your public key, and the other file is your private key. If you don’t have these files (or you don’t even have a .ssh directory), you can create them by running a program called ssh-keygen:$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/schacon/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/schacon/.ssh/id_rsa.
Your public key has been saved in /Users/schacon/.ssh/id_rsa.pub.Now, each user that does this has to send their public key to you or whoever is administrating the Git server. All they have to do is copy the contents of the
.pub file and e-mail it. Setting Up the Server
First, you create a ‘git’ user and a.ssh directory for that user.$ sudo adduser git
$ su git
$ cd
$ mkdir .sshNext, you need to add some developer SSH public keys to the
authorized_keys file for that user. You just append them to your
authorized_keys file:$ cat /tmp/id_rsa.john.pub >> ~/.ssh/authorized_keys
$ cat /tmp/id_rsa.josie.pub >> ~/.ssh/authorized_keys
$ cat /tmp/id_rsa.jessica.pub >> ~/.ssh/authorized_keysNow, you can set up an empty repository without a working directory:
$ cd /opt/git
$ mkdir project.git
$ cd project.git
$ git --bare initNote that someone must shell onto the machine and create a bare repository every time you want to add a project.
You can easily restrict the ‘git’ user to only doing Git activities with a limited shell tool called
git-shell that comes with Git.To do so, you’ll likely have to edit your
/etc/passwd file:git:x:1000:1000::/home/git:/usr/bin/git-shellNow, the ‘git’ user can only use the SSH connection to push and pull Git repositories and can’t shell onto the machine.
Public Access
To run a static web server with its document root where your Git repositories are, and then enable that
post-update hook:$ cd project.git
$ mv hooks/post-update.sample hooks/post-update
$ chmod a+x hooks/post-updateWhat does this
post-update hook do?$ cat .git/hooks/post-update
#!/bin/sh
exec git-update-server-infoThis means that when you push to the server via SSH, Git will run this command to update the files needed for HTTP fetching.
留言