You are previewing Gitolite Essentials.
O'Reilly logo
Gitolite Essentials

Book Description

Sophisticated access control for your Git server is now in reach with this fantastic introduction to Gitolite. In easy to follow chapters it takes you through the steps to managing users and repositories securely and efficiently.

In Detail

If you're responsible for securing a Git server where lots of developers work with lots of repositories, you have a problem on your hands. You probably want to implement security restrictions and authorization for certain repositories. You will love the simplicity and power of Gitolite's access control language and model. Gitolite allows you to set up Git hosting on a central server with very fine-grained access control and many powerful features.

You'll start with a brief introduction to Gitolite. The very first chapter tells you how to create a test setup so you can play with Gitolite—something that is very important when learning about a powerful tool with lots of features. You'll go from there, at an easy pace, through the most important aspects of Gitolite.

Basic access control is easy and obvious. With this book, you will learn how to restrict access to critical files, allowing users to create their own repositories and manage their own access control, but within the limits you set. You will also learn how to extend Gitolite to do very useful things with very little code, and how to fall back on a mirror in case disaster strikes your main server. All this and more is packed within this concise and practical book with easy-to-follow, real-world examples.

What You Will Learn

  • Secure a Git server that has many repositories and many users accessing it
  • Manage the growth of the server, both in the number of users and the number of repositories, with minimal hassle
  • Allow web-based access to specific repositories only for convenience and security
  • Provide your users with the features they need to be productive with Git, while preventing them from accidentally introducing inconsistencies and errors into the repositories
  • Permit users to create their own repositories and manage their own access control list, but within the limits you set
  • Customize Gitolite for your site's unique needs and constraints quickly and easily
  • Ensure your developers always have a backup option by setting up Gitolite mirroring
  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at If you purchased this book elsewhere, you can visit and register to have the files e-mailed directly to you.

    Table of Contents

    1. Gitolite Essentials
      1. Table of Contents
      2. Gitolite Essentials
      3. Credits
      4. About the Author
      5. Acknowledgments
      6. About the Reviewers
        1. Support files, eBooks, discount offers and more
          1. Why Subscribe?
          2. Free Access for Packt account holders
      8. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Errata
          2. Piracy
          3. Questions
      9. 1. Getting Started with Gitolite
        1. Common Access Control needs
        2. Access Control example with Gitolite
        3. Sampling of Gitolite's power features
          1. Creating groups
          2. Personal branches
          3. Personal repositories
        4. Gitolite and the Git control flow
        5. Trying out Gitolite
          1. Preparing for the setup
          2. Installing and setting up a test instance
          3. Playing with Gitolite
        6. Summary
      10. 2. Installing Gitolite
        1. Gitolite users and the hosting user
          1. Distinguishing users from each other
        2. Preparing the server
        3. Getting the Gitolite source
        4. Installing the code
        5. Setting up Gitolite
          1. Creating an ssh key pair
          2. Running the setup command
          3. Checking over your new Gitolite server
          4. Adding a user
          5. Adding a repository
        6. Summary
      11. 3. Your Users and Gitolite
        1. Accessing Git repositories
          1. Git servers, SSH, and HTTP
        2. Accessing Gitolite repositories
          1. SSH key pairs
          2. Repository naming
        3. Getting information from Gitolite
        4. Gitolite commands
        5. Getting help for commands
        6. Troubleshooting SSH issues
          1. Authorization, not authentication
          2. Duplicate public keys
          3. Diagnosing public key problems
          4. SSH best practice
        7. Summary
      12. 4. Adding and Removing Users
        1. Adding users
          1. Behind the scenes
        2. Users with multiple key pairs
        3. Giving some users a shell
        4. Managing keys outside Gitolite
        5. Getting user group information from LDAP
        6. Removing users
        7. Summary
      13. 5. Managing Repositories
        1. Adding repositories
        2. Adding existing repositories
        3. Common problems and troubleshooting
          1. Ownership and permissions
          2. Converting a non-bare repository to a bare repository
          3. Gitolite and the update hook
        4. Summary
      14. 6. Getting Started with Access Control
        1. Basic access control examples
          1. Basic branch level access control
        2. Lexical syntax of the conf file
        3. The syntax of access control rules
        4. Branch level access control and refexes
          1. Using deny rules
          2. The permission field
        5. Defining user and repo groups
          1. Working with large groups
          2. The special @all group
        6. The include statement
        7. Rule accumulation and delegation
        8. Summary
      15. 7. Advanced Access Control and Configuration
        1. Making changes to the rc file
        2. Giving users their own branches
        3. Types of write operations
        4. Allowing Gitweb and Git-daemon access
          1. Locating the projects list file
          2. Unix permissions and the umask
        5. Specifying Git config values and Gitolite options
          1. Deleting a git-config key
          2. Substituting the repository name
          3. Overriding config values
          4. Gitolite options
        6. Applying deny rules to read access
        7. Understanding VREFs
        8. Summary
      16. 8. Allowing Users to Create Repos
        1. Putting repositories in Sub-directories
        2. Repository wildcards
          1. Creating a wildcard repository
          2. Giving access to other users
          3. Generalizing the ruleset
        3. Explaining wild repos to your users
        4. Managing with just wild repos
        5. Deleting wild repositories
        6. Summary
      17. 9. Customizing Gitolite
        1. Core and non-core Gitolite
        2. Types of non-core code and examples
          1. Commands
          2. Syntactic sugar
          3. Triggers
          4. Virtual refs
        3. Writing your own non-core code
        4. Summary
      18. 10. Understanding VREFs
        1. Migrating update hooks
        2. Passing arguments to the VREF code
        3. Using the permission field
          1. Maintaining the update hook function
        4. Default is success
        5. Example VREFs and their usage
        6. Writing your own VREF
        7. Summary
      19. 11. Mirroring
        1. Terminology and basic concepts
          1. Repository level mirroring
          2. The gitolite-admin repository
        2. Setting up mirroring
          1. Example setup
          2. Bootstrapping the mirroring process
          3. Mirroring other repositories
        3. Local repositories and hostname substitution
        4. Redirecting pushes
        5. Manual synchronization
        6. Switching to a different master
        7. Summary
      20. Index