1 f3a795ae 2021-08-03 op I've just finished to configure gitolite and cgit to manage some git repos of mine (and friends), so I'm posting here the setup before forgetting the details.
3 f3a795ae 2021-08-03 op The final result is a git server with both a web view, HTTP clone and ssh for you and your users.
5 f3a795ae 2021-08-03 op It requires more work than, say, gitea or gitlab, and has a few moving parts. Nevertheless, it's a modular solution (you can replace cgit with gitweb for instance) and it does not have obnoxious web guis to manage things. The whole gitolite config is itself a git repository, so you can use the tools you're familiar with (a bit of ssh, git and your preferred $EDITOR) to build and maintain your own git server.
9 f3a795ae 2021-08-03 op Install gitolite, it's easy, just follow the installation guide. I've done that on a new user called "git". This will create two repos in ~git/repositories: gitolite-admin and testing. With the default configuration testing will be read-write for all users (in the gitolite sense).
11 f3a795ae 2021-08-03 op => https://gitolite.com/gitolite/quick_install#distro-package-install Gitolite install guide
13 f3a795ae 2021-08-03 op You should import your own ssh public key. Try to clone the “gitolite-admin” repo with:
15 f3a795ae 2021-08-03 op > git clone git@your.own.host:gitolite-admin
17 f3a795ae 2021-08-03 op to test the setup and, eventually, add more users and repos.
21 f3a795ae 2021-08-03 op I'm using nginx plus fcgiwrap on a FreeBSD system, but other options are available. (For instance, if you're using OpenBSD than you have httpd and slowcgi already in base.)
23 f3a795ae 2021-08-03 op For reference, my configuration file is /usr/local/etc/cgit-op.conf and contains:
25 f3a795ae 2021-08-03 op ``` cgit configuration file
27 f3a795ae 2021-08-03 op logo=/logo.png
29 f3a795ae 2021-08-03 op head-include=/usr/local/lib/cgit/theme/head.html
31 f3a795ae 2021-08-03 op enable-http-clone=1
32 f3a795ae 2021-08-03 op enable-index-links=1
33 f3a795ae 2021-08-03 op remove-suffix=1
34 f3a795ae 2021-08-03 op enable-commit-graph=1
35 f3a795ae 2021-08-03 op enable-log-filecount=1
36 f3a795ae 2021-08-03 op enable-git-config=1
38 f3a795ae 2021-08-03 op source-filter=/usr/local/lib/cgit/filters/syntax-high.py
39 f3a795ae 2021-08-03 op about-filter=/usr/local/lib/cgit/filters/about-formatting.sh
41 f3a795ae 2021-08-03 op virtual-root=/
42 f3a795ae 2021-08-03 op enable-index-links=1
43 f3a795ae 2021-08-03 op enable-index-owner=0
44 f3a795ae 2021-08-03 op snapshots=tar.gz tar.bz2
45 f3a795ae 2021-08-03 op root-title=Stuff
46 f3a795ae 2021-08-03 op root-desc=some git repos of mine
49 f3a795ae 2021-08-03 op # path to the root about file
50 f3a795ae 2021-08-03 op #root-readme=/usr/local/lib/cgit/theme/about.html
52 f3a795ae 2021-08-03 op # search for these files in the root fo the default branch
53 f3a795ae 2021-08-03 op readme=:README.md
54 f3a795ae 2021-08-03 op readme=:readme.md
55 f3a795ae 2021-08-03 op readme=:README.mkd
56 f3a795ae 2021-08-03 op readme=:readme.mkd
57 f3a795ae 2021-08-03 op readme=:README.rst
58 f3a795ae 2021-08-03 op readme=:readme.rst
59 f3a795ae 2021-08-03 op readme=:README.html
60 f3a795ae 2021-08-03 op readme=:readme.html
61 f3a795ae 2021-08-03 op readme=:README.htm
62 f3a795ae 2021-08-03 op readme=:readme.htm
63 f3a795ae 2021-08-03 op readme=:README.txt
64 f3a795ae 2021-08-03 op readme=:readme.txt
65 f3a795ae 2021-08-03 op readme=:README
66 f3a795ae 2021-08-03 op readme=:readme
67 f3a795ae 2021-08-03 op readme=:INSTALL.md
68 f3a795ae 2021-08-03 op readme=:install.md
69 f3a795ae 2021-08-03 op readme=:INSTALL.mkd
70 f3a795ae 2021-08-03 op readme=:install.mkd
71 f3a795ae 2021-08-03 op readme=:INSTALL.rst
72 f3a795ae 2021-08-03 op readme=:install.rst
73 f3a795ae 2021-08-03 op readme=:INSTALL.html
74 f3a795ae 2021-08-03 op readme=:install.html
75 f3a795ae 2021-08-03 op readme=:INSTALL.htm
76 f3a795ae 2021-08-03 op readme=:install.htm
77 f3a795ae 2021-08-03 op readme=:INSTALL.txt
78 f3a795ae 2021-08-03 op readme=:install.txt
79 f3a795ae 2021-08-03 op readme=:INSTALL
80 f3a795ae 2021-08-03 op readme=:install
82 f3a795ae 2021-08-03 op scan-path=/home/git/repositories
85 f3a795ae 2021-08-03 op The important bits of all of these are only:
86 f3a795ae 2021-08-03 op ``` enable git configuration
87 f3a795ae 2021-08-03 op enable-git-config=1
92 f3a795ae 2021-08-03 op ``` set the parameter “scan-path” to repositories inside the git user home.
93 f3a795ae 2021-08-03 op scan-path=/home/git/repositories
96 f3a795ae 2021-08-03 op The first let us configure per-repo cgit options via the standard git config file, while the second lets cgit discovers the repos by searching in that path.
98 f3a795ae 2021-08-03 op If you're curious, I used ‘head-include’ to add some meta tags and modified the default CSS to render the pages *decently* on mobile screens. More work is needed.
100 f3a795ae 2021-08-03 op ### Note about permissions
102 f3a795ae 2021-08-03 op You are probably running cgit with the www user and gitolite with the git user, so you have a permission problem. While you can do fancy stuff with mount_nullfs, ‘mount --bind’ and whatnot or by changing the default path for the repositories, I didn't want to.
104 f3a795ae 2021-08-03 op I'm still not sure if this is the best way to handle things, but I made fcgiwrap use the `git` user with
106 f3a795ae 2021-08-03 op ```set fcgiwrap user to git
107 f3a795ae 2021-08-03 op fcgiwrap_user="git"
110 f3a795ae 2021-08-03 op in `/etc/rc.conf` plus a manual `chown(8)` on the socket. Now cgit and gitolite are run by the same user. Problem solved.
112 f3a795ae 2021-08-03 op ## hide some repositories!
114 f3a795ae 2021-08-03 op This was the basic setup to have cgit display the repositories managed by gitolite, as well as having both public HTTP and authenticated ssh clone. Pretty neat.
116 f3a795ae 2021-08-03 op But, you have no way (still) to hide some repositories. For instance, the ‘gitolite-admin’ repository is public readable (not writable). It may be fine for you, but I wanted a way to have *private* repositories, while still having the repos managed by gitolite.
118 f3a795ae 2021-08-03 op If you set ‘enable-git-config’ in cgit configuration file, now you can control some cgit per-repo options via `~git/repositories/$REPO/config`. You can create a section that looks like this:
125 f3a795ae 2021-08-03 op to make cgit ignore that repo. Check the documentation of cgit for the list of parameters you can set.
127 f3a795ae 2021-08-03 op But it's tedious and needs manual work per-repo. That's something that needs to be automatized.
129 f3a795ae 2021-08-03 op Fortunately, gitolite lets us set git configurations via the gitolite.conf file. You first need to set ‘GIT_CONFIG_KEYS’ to ‘.*’` in ~git/.gitolite.rc. (‘.*’ is the broader, probably ‘cgit.*’ is enough, haven't tested tho).
131 f3a795ae 2021-08-03 op Now, in your `gitolite.conf` you can
134 f3a795ae 2021-08-03 op repo gitolite-admin
135 f3a795ae 2021-08-03 op config cgit.ignore=1
138 f3a795ae 2021-08-03 op and BOOM, it's hidden and unreachable via cgit (both via web and http clone).
140 f3a795ae 2021-08-03 op But (there are too many “but” in this section, hu?) we can do even better:
143 f3a795ae 2021-08-03 op @hiddenrepos = gitolite-admin
144 f3a795ae 2021-08-03 op @hiddenrepos = private-stuff
145 f3a795ae 2021-08-03 op @hiddenrepos = next-gen-revolutionary-stuff
147 f3a795ae 2021-08-03 op repo @hiddenrepos
148 f3a795ae 2021-08-03 op config cgit.ignore=1
151 f3a795ae 2021-08-03 op to bulk-hide repositories.