cookbook.html

<head>
    <title>gitolite cookbook</title>
<style>
    body        { background: #fff; text-color: #000; margin-left:  40px;   font-size:  0.9em;  font-family: sans-serif; max-width: 800px; }
    h1          { background: #ffb; text-color: #000; margin-left: -30px;   border-top:    5px  solid #ccc; }
    h2          { background: #ffb; text-color: #000; margin-left: -20px;   border-top:    3px  solid #ddd; }
    h3          { background: #ffb; text-color: #000; margin-left: -10px; }
    h4          { background: #ffb; text-color: #000; }
    code        { font-size:    1.1em;  background:  #ddf; text-color: #000; }
    pre         { margin-left:  2em;    background:  #ddf; text-color: #000; }
    pre code    { font-size:    1.1em;  background:  #ddf; text-color: #000; }
</style>
<style>
   body{counter-reset: section}
   h1{counter-reset: sub-section}
   h2{counter-reset: composite}
   h3{counter-reset: detail}

   h1:before {
     counter-increment: section;
     content: counter(section) ". ";
   }
   h2:before {
     counter-increment: sub-section;
     content: counter(section) "." counter(sub-section) ". ";
   }
   h3:before {
     counter-increment: composite;
     content: counter(section) "." counter(sub-section) "." counter(composite) ". ";
   }
   h4:before {
     counter-increment: detail;
     content: counter(section) "." counter(sub-section) "." counter(composite) "." counter(detail) ". ";
   }
</style>
</head>

<p style="text-align:center">
    <a href="master-toc.html">master TOC</a>
|
    <a href="index.html">main page</a>
|
    <a href="gitolite.html">single-page</a>
|
    <a href="index.html#license">license</a>
</p>
<p style="text-align:center">
<font color="gray">This is for gitolite "g3"; for older (v2.x) documentation click <a href="http://sitaramc.github.com/gitolite/g2/master-toc.html">here</a></font>
</p>
<h1>gitolite cookbook</h1>

<p>Documentation is meant to be as complete as possible, which means it attempts
to cover all situations and scenarios.  That makes it harder to read.</p>

<p>However, if you make some assumptions, remove the rationale, justification,
exceptions and special cases, etc., and generally just say <em>what</em> is to be
done rather than explain <em>why</em>, many tasks can be described very easily.</p>

<p>Maybe this will help.  If you run into problems, please check the main
documentation before asking for help.</p>

<hr />

<ul>
<li><a href="cookbook.html">gitolite cookbook</a>
<ul>
<li>administration
<ul>
<li>separating "key admin" from "repo admin"
</li>
</ul>
</li>
<li>access
<ul>
<li>looking up repo access from external tools
</li>
<li>providing access to external tools
</li>
</ul>
</li>
<li>hooks
<ul>
<li>adding you own update hooks
</li>
<li>adding other (non-update) hooks
</li>
<li>variation: managing the hooks from gitolite-admin
</li>
<li>variation: custom hooks only for some repos
</li>
</ul>
</li>
<li>moving stuff around
<ul>
<li>moving a gitolite install from one machine to another
</li>
</ul>
</li>
</ul>
</li>
</ul>

<hr />

<h2>administration</h2>

<h3>separating "key admin" from "repo admin"</h3>

<p>In gitolite, the person who controls the keys is the most powerful -- because
he can always add his own key in your name :-)</p>

<p>Traditionally, the same person also administers repos and permissions.  But
sometimes you want to separate them.  The following should work:</p>

<ul>
<li><p>put the following in conf/gitolite.conf:</p>

<pre><code>repo gitolite-admin
    RW+ = key-manager repo-manager


<pre><code>RW+ VREF/NAME/                    = key-manager
-   VREF/NAME/keydir/             = @all
-   VREF/NAME/conf/gitolite.conf  = @all
</code></pre>

include "actual.conf"
</code></pre></li>
<li><p>then let the repo-manager manage everything through "actual.conf".</p></li>
</ul>

<h2>access</h2>

<h3>looking up repo access from external tools</h3>

<p>There are two supported interfaces for this, one in perl and one in shell.
Other languages should probably use the shell mode.  (The shell mode has a
very convenient "batch" mode if you need to check many repos at once).</p>

<p><strong>Perl interface</strong>: A good intro to this, including a link to code, using
gitweb as an example can be found by looking for 'repo-specific authorisation
in gitweb' in the page on <a href="external.html">interfacing with external tools</a>.  Some
notes:</p>

<ul>
<li>be sure to read the comments in the code to learn exactly how to adapt it
to your needs
</li>
<li>in place of the <code>can_read</code> function in that code, you can of course use
<code>can_write</code>.  In fact, reading the comments in "Easy.pm" (look for it in
the source) shows you several other interesting tests you can make, like
<code>is_admin</code>, <code>in_group</code>, and <code>owns</code>.
</li>
</ul>

<p><strong>Shell interface</strong>: If you want to do this from shell, it's just even easier.
The same "Easy.pm" source contains comments that show shell equivalents for
each of the functions it exports, but here's a sample:</p>

<pre><code>if gitolite access -q reponame username W
then
    ...
</code></pre>

<p>You can even test for access to specific branches:</p>

<pre><code>if gitolite access -q reponame username W refs/heads/master
then
    ...
</code></pre>

<p>(note that you must use the full ref name; just 'master' won't do).</p>

<h3>providing access to external tools</h3>

<p>Giving external tools (like apache) access to gitolite repositories involves
making sure that the unix owner/group and permissions settings allow this.
This is all described in the UMASK section in the documentation on the <a href="rc.html">rc
file</a>, because that's the only setting that gitolite controls; every thing
else is pure Unix.</p>

<h2>hooks</h2>

<h3>adding you own update hooks</h3>

<p>You have some update hooks (for example crlf checking) that you want to
include in gitolite.  Assuming the hook itself is tested and works as a normal
<strong>git</strong> update hook does (i.e., conforms to what <code>man githooks</code> says an update
hook should do), here's how to do this.</p>

<ol>
<li><p>add this line in the rc file, within the $RC block, if it's not already
present:</p>

<pre><code>LOCAL_CODE =&gt; "$ENV{HOME}/local",
</code></pre></li>
<li><p>copy your update hook to a subdirectory called VREF under this directory,
giving it a suitable name (let's say "crlf"):</p>

<pre><code># log on to server
cd $HOME
mkdir -p local/VREF
cp your-crlf-update-hook local/VREF/crlf
chmod +x local/VREF/crlf
</code></pre></li>
<li><p>in your gitolite-admin clone, edit conf/gitolite.conf and
add lines like this:</p>

<pre><code>    -   VREF/crlf       =   @all
</code></pre>

<p>to each repo that should have that "update" hook.</p>

<p>Alternatively, you can simply add this at the end of the
gitolite.conf file:</p>

<pre><code>repo @all
    -   VREF/crlf       =   @all
</code></pre>

<p>Either way, add/commit/push the change to the gitolite-admin repo.</p></li>
</ol>

<h3>adding other (non-update) hooks</h3>

<p>Say you want other hooks, like a post-receive hook.  Here's how:</p>

<ol>
<li><p>add this line in the rc file, within the $RC block, if it's not already
present:</p>

<pre><code>LOCAL_CODE =&gt; "$ENV{HOME}/local",
</code></pre></li>
<li><p>put your hooks into that directory, in a sub-sub-directory called
"hooks/common":</p>

<pre><code># log on to server
cd $HOME
mkdir -p local/hooks/common
cp your-post-receive-hook local/hooks/common/post-receive
chmod +x local/hooks/common/post-receive
</code></pre></li>
<li><p>run <code>gitolite setup</code> to have the hooks propagate to existing repos (repos
created after this will get them anyway).</p></li>
</ol>

<h3>variation: managing the hooks from gitolite-admin</h3>

<p>If your gitolite admins already have shell access to the server, (i.e., you
don't distinguish between "someone who has shell on the server" and "someone
who only has push rights to the gitolite-admin repo"), you may like to put
these hooks also in the gitolite-admin repo for easier management.</p>

<p>You do almost the same thing, except for some changes:</p>

<ol>
<li><p>step 1 will change like so:</p>

<pre><code>LOCAL_CODE =&gt; "$ENV{HOME}/.gitolite/local",
</code></pre></li>
<li><p>step 2 will change in that you create these directories (local/VREF,
local/common/) in your gitolite-admin <em>clone</em>, not on the server.</p>

<p>After doing that, and copying the files there, you add, commit, and push.</p>

<p>Don't forget the 'chmod +x' !</p></li>
<li><p>Step 3 is the same for VREFs, but is not required for other hooks.</p></li>
</ol>

<h3>variation: custom hooks only for some repos</h3>

<p>If the hook is an update hook, you implement it as a VREF, and simply change
<code>repo @all</code> in step 3 in the update hook section above to <code>repo @repolist</code> or
whatever.</p>

<p>For the other hooks this is not possible.  You have to either install the
hooks <em>manually</em> on the repos you want them on, or -- better still -- you do
something like this:</p>

<ol>
<li><p>in the conf file, add a groupname for the set of repos you want:</p>

<pre><code>@foo = list of repos
</code></pre></li>
<li><p>write your hook code with this at the top:</p>

<pre><code># check if @foo is in the list of groups of which $GL_REPO is a member
gitolite list-memberships -r $GL_REPO | grep -x @foo &gt;/dev/null || exit 0
</code></pre></li>
<li><p>now add your hook as described in earlier steps</p></li>
</ol>

<h2>moving stuff around</h2>

<h3>moving a gitolite install from one machine to another</h3>

<p>Assuming you're not making a version change, this is what you need to do:</p>

<ul>
<li><p>clone the latest gitolite-admin repo to your workstation</p></li>
<li><p>install gitolite normally on the new machine, using the same public key
<em>and</em> name for the admin as on the old machine when running the <code>gitolite
setup -pk</code> command.</p></li>
<li><p>copy over your <code>~/.gitolite.rc</code> file from the old machine to the new</p></li>
<li><p>run <code>gitolite setup</code> (on the server)</p></li>
<li><p>go to the gitolite-admin clone you made in step 1, add or change the
remote to point to the new machine, and <code>git push -f</code></p></li>
</ul>