Skip to content
This repository

Git Authentication Server

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 bin
Octocat-spinner-32 lib
Octocat-spinner-32 public
Octocat-spinner-32 resources
Octocat-spinner-32 test
Octocat-spinner-32 views
Octocat-spinner-32 .gitignore
Octocat-spinner-32 Gemfile
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README.rdoc
Octocat-spinner-32 Rakefile
Octocat-spinner-32 USAGE
Octocat-spinner-32 config.ru
Octocat-spinner-32 gitauth.gemspec
README.rdoc

GitAuth - SSH-based authentication for Shared Git Repositories.

If you've heard of Gitosis before, GitAuth is like Gitosis but A) in Ruby, B) slightly simpler to get going and C) doesn't use a git repository to manage users.

At the moment configuration / adding users is done via a single command - gitauth. For usage, see below.

License

GitAuth is licensed under AGPL, with parts of the code being derived from Gitorius - gitorious.org

Installing GitAuth

Getting started is relatively simple. First of, you'll need to log onto the remote server / your git host. Next, you'll need to install the gem:

sudo gem install gitauth

Once that's done, the gitauth and gitauth-shell commands should be in your path.

Or, if you want to avoid the gems approach, you can use simply clone the repository as follows and use bundler to install its dependencies.

git clone git://github.com/brownbeagle/gitauth.git
cd gitauth
bundle install

With the gitauth executable being in the bin folder. Make sure that folder is in your path.

Next, you'll want to (in most cases anyway) use a specific git user to host repositories.

Using the example of ubuntu, we'll add a git user under which all actions will now take place (note, this is essentially the same as gitosis):

sudo adduser --disabled-password --shell /bin/bash --group --home /home/git --system --gecos 'gitauth user for version control' git

Now, whenever you run the gitauth executable, you'll do so as the user you just created above. For example purposes, I suggest using the following in order to run all commands as the 'git' user:

sudo -H -u git -i

And finally, to create a settings file and initialize .ssh and authorized_keys, perform the following:

gitauth install

Note that when it asks you for the gitauth shell path, the default will lock it to the current gitauth version SO if you want it to stay up to date between gem versions point it to the path for always-current executable (e.g. on Ubuntu 9.04 w/ apt-get ruby + gems, /var/lib/gems/1.8/bin/gitauth-shell)

Also, Note that if use the –admin option with path to a public key to the end of the install command, it will initialize a new admin user who can also login via SSH. e.g.

gitauth install --admin id_rsa.pub

Would initialize an admin user with the given public key.

Note that from now on, all gitauth keys should be run either logged in as git (via the admin user and ssh) or by being prefixed with asgit or “sudo -H -u git”

Web Interface

To start the web interface, just run:

gitauth web-app

The first time you boot the web app, you will be prompted to enter a username and a password. Please do so and then surf to your-server-ip:8998/

For people running passenger, you can simply point it at the public subdirectory and it will act as any normal passenger web app. It's worth noting that in this approach you need to run gitauth web-app at least once to setup a username and password.

Adding Users

Whenever you want to add a user, it's as simple as:

gitauth add-user user-name path-to-public-key

Note that if the –admin option is specified, the user will be able to log in to the shell via SSH and will also be able to access any repository.

Adding Repositories

Adding a repository is a two step process. First, you create it:

gitauth add-repo repo-name

If you wish to initialize the repository with a blank commit (so git clone works straight away), simply pass –make-empty / -m as an option. e.g.:

gitauth add-repo repo-name --make-empty

Then, for every user who needs access, you do:

gitauth permissions repo-name user-name --type=permission-type

Where permission type is read, write or all. If permission type isn't specified, it will default to all. If you wish to remove a user from a repository, you can simply pass use the type as none.

Managing Groups

To add a user to a group use the add-user-to-group.

gitauth add-user-to-group user-name group-name

To remove a user from a group use `rm-user-from-group`.

gitauth rm-user-from-group user-name group-name

Accessing repos:

Finally, once you've added users / repos, using them is as simple as doing the following on each users computer:

git clone git@your-remote-host:repo-name

Or

git clone git@your-remote-host:repo-name.git

Either form working just as well.

Note that for the first time you push, you will need to use the full form (as below) unless you've used the –make-empty / -m option when you created the repo.

git push origin master

As it starts as an empty repo.

Alternatively, if you get the error “fatal: no matching remote head” when you clone and it doesn't create a local copy, you'll instead have to do the following on your local PC (due to the way git handles remote repositories):

mkdir my-repo
cd my-repo
git init
touch README
git add .
git commit -m "Added blank readme"
git add remote origin git@your-server:my-repo.git
git push origin master
Something went wrong with that request. Please try again.