Skip to content
Browse files

aa ha! easy install script!

src/ does *everything* needed, and it's mostly
  • Loading branch information...
1 parent 9d2c966 commit ccd8372bb30641cb63efbd5d2db495af92bcf266 Sitaram Chamarty committed Oct 10, 2009
Showing with 298 additions and 3 deletions.
  1. +4 −0 README.mkd
  2. +49 −3 doc/0-INSTALL.mkd
  3. +245 −0 src/
4 README.mkd
@@ -3,6 +3,10 @@
> [IMPORTANT: There is now an "upgrade" document in the "doc" directory;
> please read if upgrading gitolite]
+> [Update 2009-10-10: apart from all the nifty new features, there's now an
+> "easy install" script in the src directory. Please see the INSTALL
+> document in the doc directory for details]
Gitolite is the bare essentials of gitosis, with a completely different
52 doc/0-INSTALL.mkd
@@ -1,6 +1,52 @@
# installing gitolite
-### pre-requisites
+### easy install
+There is now an easy install script that makes installing very easy for the
+common case. **This script is meant to be run on your workstation, not on the
+server!** It will take care of all the server side work, *and* get you
+"push-to-admin" too :-) In short, it does **everything**!
+ * you have a server to host gitolite
+ * git is installed on that server (and so is perl)
+ * you have a userid on that server
+ * you have ssh-pubkey (password-less) login to that userid
+ * (if you have only password access, run `ssh-keygen -t rsa` to create a
+ new keypair if needed, then run `ssh-copy-id user@host`)
+ * you have a clone or an archive of gitolite somewhere on your workstation
+If so, just `cd` to that clone and run `src/` and follow the
+prompts! (Running it without any arguments shows you usage plus other useful
+#### advantages over the older install methods
+ * all ssh problems reduced to **just one pre-requisite**: enable ssh pubkey
+ (password-less) access to the server from your workstation first
+ * the script takes care of all the server side work
+ * when done:
+ * you get two different pubkeys (the original one for command line
+ access as before, plus a new one, created by the script, for gitolite
+ access)
+ * you can admin gitolite by commit+push a "gitolite-admin" repo, just
+ like gitosis (i.e., full "push to admin" power!)
+#### disadvantages
+ * has been tested only with Linux. However, the script now makes a much
+ better "document" on what actually needs to be done, so people installing
+ on non-Linux machines can probably follow the steps in the script and
+ install if they wish. Sort of "simulate" it... :)
+### manual install
+If for some reason you cannot use the easy-install method, (for example,
+you're on a non-Linux machine) read on. Unlike the easy install, all the
+below stuff is meant to be run on the server.
+#### pre-requisites on the server
If you managed to install git, you might already have what gitolite needs:
@@ -13,7 +59,7 @@ A major objective is to allow use by people without root access, permissions
to create other userids, etc. Even if you have root, please add a user just
for gitolite and do all this from that user.
-### getting a tar file from a clone
+#### getting a tar file from a clone
You can clone the repo from github, then execute a make command to extract a
tar file of the branch you want. Please use the make command, not a plain
@@ -24,7 +70,7 @@ tar file of the branch you want. Please use the make command, not a plain
make master.tar
# or maybe "make rebel.tar" or "make pu.tar"
-### quick install from tar file
+#### install from tar file
* make a temp directory somewhere, cd to it, and unpack the tar file
* run `src/` and follow the prompts
245 src/
@@ -0,0 +1,245 @@
+# easy install for gitolite
+# this is the client side piece. This gets run *before* the server side piece
+# run without any arguments for "usage" info
+# important setting: bail on any errors (else we have to check every single
+# command!)
+set -e
+die() { echo "$@"; echo "run $0 again without any arguments for help and tips"; exit 1; }
+prompt() {
+ echo
+ echo
+ echo ------------------------------------------------------------------------
+ echo "$1"
+ echo
+ read -p ' enter to continue or Ctrl-C to bail out'
+usage() {
+ cat <<EOFU
+Usage: $0 user host admin_name
+ - "user" is the username on the server where you will be installing gitolite
+ - "host" is that server's hostname (or IP address is also fine)
+ - "admin_name" is *your* name as you want it to appear in the eventual
+ gitolite config file
+Example usage: $0 git my.git.server sitaram
+ - a proper gitolite admin repo in $HOME/gitolite-admin
+ - "user" and "admin_name" must be simple names -- no special characters etc
+ please (only alphanumerics, dot, hyphen, underscore)
+ - traditionally, the "user" is "git", but it can be anything you want
+ - "admin_name" should be your name, for clarity, or whoever will be the
+ gitolite admin
+ - you must run this from the gitolite working tree top level directory.
+ This means you run this as "src/"
+ - you must already have pubkey based access to user@host. If you currently
+ only have password access, use "ssh-copy-id" or something. Somehow get to
+ the point where you can type "ssh user@host" and get a command line. Run
+ this program only after that is done
+ - if you get a "pubkey [...filename...] exists" error, it is either leftover
+ from a previous, failed, run, or a genuine file you need. Decide which it
+ is, and remove it and retry, or use a different "admin_name", respectively.
+ exit 1;
+[[ -z $1 ]] && usage
+[[ -z $3 ]] && usage
+[[ "$1" =~ [^a-zA-Z0-9._-] ]] && die "user '$1' invalid"
+[[ "$3" =~ [^a-zA-Z0-9._-] ]] && die "admin_name '$3' invalid"
+# ----------------------------------------------------------------------
+# basic sanity checks
+# ----------------------------------------------------------------------
+# are we in the right directory? We should have all the gitolite sources
+# here...
+ls src/gl-auth-command \
+ src/gl-compile-conf \
+ src/ \
+ src/ \
+ conf/example.conf \
+ conf/example.gitolite.rc >/dev/null ||
+ die "cant find at least some files in gitolite sources/config; aborting"
+# do we have pubkey auth on the server
+ssh -o PasswordAuthentication=no $user@$host pwd >/dev/null ||
+ die "pubkey access didn't work; please set it up using 'ssh-copy-id' or something"
+# can the "gitolite-admin" repo be safely created in $HOME
+[[ -d $HOME/gitolite-admin ]] &&
+ die "please delete or move aside the \$HOME/gitolite-admin directory"
+# cool; now let's create a new key for you as a "gitolite user" (as opposed to
+# a gitolite admin who needs to login to the server and get a command line)
+[[ -f $HOME/.ssh/$ ]] && die "pubkey $HOME/.ssh/$ exists; can't proceed"
+prompt "the next command will create a new keypair for your gitolite access
+ The pubkey will be $HOME/.ssh/$ You will have to
+ choose a passphrase or hit enter for none. I recommend not having a
+ passphrase for now, and adding one with 'ssh-keygen -p' *as soon as*
+ all the setup is done and you've successfully cloned and pushed the
+ gitolite-admin repo.
+ After that, I suggest you (1) install 'keychain' or something
+ similar, and (2) add the following command to your bashrc (since
+ this is a non-default key)
+ ssh-add \$HOME/.ssh/$admin_name
+ This makes using passphrases very convenient."
+ssh-keygen -t rsa -f $HOME/.ssh/$admin_name || die "ssh-keygen failed for some reason..."
+if [[ -n $SSH_AGENT_PID ]]
+ prompt "you're running ssh-agent. We'll try and do an ssh-add of the
+ private key we just created, otherwise this key won't get picked up. If
+ you specified a passphrase in the previous step, you'll get asked for one
+ now -- type in the same one."
+ ssh-add $HOME/.ssh/$admin_name
+# ok the gitolite key is done; create a stanza for it in ~/.ssh/config
+echo "
+host gitolite
+ hostname $host
+ user $user
+ identityfile ~/.ssh/$admin_name" > $HOME/.ssh/.gl-stanza
+if grep 'host *gitolite' $HOME/.ssh/config &>/dev/null
+ prompt "your \$HOME/.ssh/config already has settings for gitolite. I will
+ assume they're correct, but if they're not, please edit that file, delete
+ that paragraph (that line and the following few lines), and rerun.
+ In case you want to check right now (from another terminal) if they're
+ correct, here's what they are *supposed* to look like:
+$(cat ~/.ssh/.gl-stanza)"
+ prompt "creating settings for your gitolite access in $HOME/.ssh/config;
+ these are the lines that will be appended to your ~/.ssh/config:
+$(cat ~/.ssh/.gl-stanza)"
+ cat $HOME/.ssh/.gl-stanza >> $HOME/.ssh/config
+ # if the file didn't exist at all, it might have the wrong permissions
+ chmod 644 $HOME/.ssh/config
+rm $HOME/.ssh/.gl-stanza
+# ----------------------------------------------------------------------
+# client side stuff almost done; server side now
+# ----------------------------------------------------------------------
+# setup the gitolite sources and conf on the server
+ssh $user@$host mkdir -p gitolite-install
+rsync -a src conf doc $user@$host:gitolite-install/
+# give the user an opportunity to change the rc
+cp conf/example.gitolite.rc .gitolite.rc
+ # hey here it means "release candidate" ;-)
+prompt "the gitolite rc file needs to be edited by hand. The defaults
+are sensible, so if you wish, you can just exit the editor.
+Otherwise, make any changes you wish and save it. Read the comments to
+understand what is what -- the rc file's documentation is inline.
+Please remember this file will actually be copied to the server, and
+that all the paths etc. represent paths on the server!"
+${VISUAL:-${EDITOR:-vi}} .gitolite.rc
+# copy the rc across
+scp .gitolite.rc $user@$host:
+prompt "ignore any 'please edit this file' or 'run this command' type
+lines in the next set of command outputs coming up. They're only
+relevant for a manual install, not this one..."
+# extract the GL_ADMINDIR and REPO_BASE locations
+GL_ADMINDIR=$(ssh $user@$host "perl -e 'do \".gitolite.rc\"; print \$GL_ADMINDIR'")
+REPO_BASE=$( ssh $user@$host "perl -e 'do \".gitolite.rc\"; print \$REPO_BASE'")
+# run the install script on the server
+ssh $user@$host "cd gitolite-install; src/"
+# setup the initial config file
+echo "#gitolite conf
+#please see conf/example.conf for details on syntax and features
+repo gitolite-admin
+ RW+ = $admin_name
+repo testing
+ RW+ = @all
+" > gitolite.conf
+# send the config and the key to the remote
+scp gitolite.conf $user@$host:$GL_ADMINDIR/conf/
+scp $HOME/.ssh/$ $user@$host:$GL_ADMINDIR/keydir
+# run the compile script on the server
+ssh $user@$host "cd $GL_ADMINDIR; src/gl-compile-conf"
+# ----------------------------------------------------------------------
+# hey lets go the whole hog on this; setup push-to-admin!
+# ----------------------------------------------------------------------
+# setup the initial commit for the admin repo
+echo "cd $REPO_BASE/gitolite-admin.git
+GIT_WORK_TREE=$GL_ADMINDIR git add conf/gitolite.conf keydir
+GIT_WORK_TREE=$GL_ADMINDIR git commit -am start
+" | ssh $user@$host
+ssh $user@$host "cd gitolite-install; src/"
+prompt "now we will clone the gitolite-admin repo to your workstation
+and see if it all hangs together. We'll do this in your \$HOME for now,
+and you can move it elsewhere later if you wish to."
+cd $HOME
+git clone gitolite:gitolite-admin.git
+echo ------------------------------------------------------------------------
+echo "Cool -- we're done. Now you can edit the config file (currently
+in ~/gitolite-admin/conf/gitolite.conf) to add more repos, users, etc.
+When done, 'git add' the changed files, 'git commit' and 'git push'.
+Read the comments in conf/example.conf for information about the config
+file format -- like the rc file, this also has inline documentation.
+Your URL for cloning any repo on this server will be
+ gitolite:reponame.git
+However, any other users you set up will have to use
+ $user@$host:reponame.git
+unless they also create similar settings in their '.ssh/config' file."

0 comments on commit ccd8372

Please sign in to comment.
Something went wrong with that request. Please try again.