Posts Tagged ‘git’

Over the last couple days I’ve briefly talked about revisioning configs and making your home directory portable. It seems to have stirred up a bit of discussion over at Matt Simmons Standalone Sysadmin, and Hugh Browns mentioned he uses mercurial for this task.. As I noted in the post about managing /etc with version control I do revision my home directory, or at least pieces of it. (more…)

Seems like we are on a bit of a roll with regard to the topic of versioning lately. Yesterday Legooolas commented about using version control for your home directory. I do and I’ll cover that in a different post but I use it for a different task. Now on to todays topic.
Do you keep track of configuration changes? You should. Maybe your using an advanced configuration management system like puppet. Even if you are you should keep your puppet configs versioned.
At any rate etckeeper is a great tool to version your configuration files stored in /etc. etckeeper hooks into your package manager and updates the repo each time changes are detected.
Its super easy to setup. In a debian based system just install via apt.

sudo aptitude install etckeeper

Once etckeeper is installed you need to initialize the git repository and do the initial check in.

sudo etckeeper init
sudo etckeeper commit

Some projects have production code that runs off of a git cloned repository. There may be a case in which you want to notify others when that clone pulls. It is a pretty easy feat with gits post-merge hook. The post-merge hook will run after a merge (think git pull). All you have to do it create a project/.git/hooks/post-merge shell script and chmod +x it. Next time you pull successfully that script will run. Here is an example.

#!/bin/bash
TEMPLOG=$(mktemp)
echo "Sending email notification of update"
git log --reverse --no-merges --stat @{1}.. < $TEMPLOG
sendEmail -u "Production code update notification" -t recipient@domain.com < $TEMPLOG
rm $TEMPLOG

I hope you are already using ssh keys, but just in case your not go ahead and generate one with ssh-keygen -t rsa (you should do this on your local box)
You may as well go ahead and copy your publick key to your git server now as well.

scp ~/.ssh/id_rsa.pub gitserver:/tmp/

Log into your gitosis server

ssh gitserver

* Make sure setuptools is installed

sudo aptitude install python-setuptools

git clone git://eagain.net/gitosis.git
cd gitosis
sudo python setup.py install

sudo adduser --system --shell /bin/bash --gecos 'git version control' --group --disabled-password --home /home/git git

sudo -H -u git gitosis-init < /tmp/id_rsa.pub

We need to fix up a few things that don’t seem to get proper permissions.

sudo -H -u git chmod 600 ~/.ssh/authorized_keys
sudo -H -u git chmod 755 ~/repositories/gitosis-admin.git/hooks/post-update
sudo rm /tmp/id_rsa.pub

Thats all for now on your git server. You manage gitosis with git of course and you can do that from your local machine or any machine that you have the match to the public key you installed with gitosis.

git clone git@gitserver:gitosis-admin.git
cd gitosis-admin

Creating new repositories

New repositories are created by authorizing a user to write and pushing to it.

[group someproject]
members = jack jill
writeable = someproject

This definition would create the group someproject and allow jack and jill write access to the repository someproject (which you would reference as someproject.git)

For a bit more explanation …

[group developers]
members = jack john frank
writable = project1 project2 project3

This definition would create the group developers, and allow jack, john, and frank write access to the repositories project1, project2, and project3

Once you have defined your repositories commit and push your changes to gitosis admin.

git commit -a -m "Created inital gitosis config"
git push

Now if you have an existing repository that you would like to add to your git server simply change into the repository and do

git remote add origin git@gitserver:repo.git
git push

That will push the current branch of the repo over to the repo you set up on your git server. So thats about it.

Anonymous access
To allow anonymous read access touch git-daemon-export-ok inside ~/repositories/repo.git of each repo you wish to allow anonymous access (read only) to.

Once you have done that launch git-daemon with base path /home/git/repositories.