summaryrefslogtreecommitdiffstats
path: root/gitolite
diff options
context:
space:
mode:
authorMalfurious <m@lfurio.us>2023-09-13 04:18:16 -0400
committerMalfurious <m@lfurio.us>2023-09-15 10:53:24 -0400
commitc3e4b42c98dd433bbc2f90beeae102a4993c17e5 (patch)
tree1c75e73de075f3a1e791f053a2e5ddc877da07eb /gitolite
parent5cd2822ed607d1f20d1d114aebe511a4fe5f1825 (diff)
downloadsrcnode-c3e4b42c98dd433bbc2f90beeae102a4993c17e5.tar.gz
srcnode-c3e4b42c98dd433bbc2f90beeae102a4993c17e5.zip
gitolite: Consolidate config files into a single directory
The repository is being reworked to decouple its roles as normalmode source and gitolite-admin config. The gitolite-admin repository will be entirely separate. So there is no need to keep the conf or local directories around where they are at. Signed-off-by: Malfurious <m@lfurio.us>
Diffstat (limited to 'gitolite')
-rw-r--r--gitolite/dotfiles/.gitconfig6
-rw-r--r--gitolite/dotfiles/.gitolite.rc206
-rwxr-xr-xgitolite/dotfiles/local/triggers/push18
-rw-r--r--gitolite/gitolite.conf12
-rw-r--r--gitolite/sshd_config22
5 files changed, 264 insertions, 0 deletions
diff --git a/gitolite/dotfiles/.gitconfig b/gitolite/dotfiles/.gitconfig
new file mode 100644
index 0000000..a998fec
--- /dev/null
+++ b/gitolite/dotfiles/.gitconfig
@@ -0,0 +1,6 @@
+[init]
+ defaultBranch = master
+[user]
+ useConfigOnly = true
+ name = gitolite
+ email = gitolite
diff --git a/gitolite/dotfiles/.gitolite.rc b/gitolite/dotfiles/.gitolite.rc
new file mode 100644
index 0000000..25a5231
--- /dev/null
+++ b/gitolite/dotfiles/.gitolite.rc
@@ -0,0 +1,206 @@
+# configuration variables for gitolite
+
+# This file is in perl syntax. But you do NOT need to know perl to edit it --
+# just mind the commas, use single quotes unless you know what you're doing,
+# and make sure the brackets and braces stay matched up!
+
+# (Tip: perl allows a comma after the last item in a list also!)
+
+# HELP for commands can be had by running the command with "-h".
+
+# HELP for all the other FEATURES can be found in the documentation (look for
+# "list of non-core programs shipped with gitolite" in the master index) or
+# directly in the corresponding source file.
+
+%RC = (
+
+ # ------------------------------------------------------------------
+
+ # default umask gives you perms of '0700'; see the rc file docs for
+ # how/why you might change this
+ UMASK => 0022,
+
+ # look for "git-config" in the documentation
+ GIT_CONFIG_KEYS => 'gitweb.owner',
+
+ # comment out if you don't need all the extra detail in the logfile
+ LOG_EXTRA => 1,
+ # logging options
+ # 1. leave this section as is for 'normal' gitolite logging (default)
+ # 2. uncomment this line to log ONLY to syslog:
+ # LOG_DEST => 'syslog',
+ # 3. uncomment this line to log to syslog and the normal gitolite log:
+ # LOG_DEST => 'syslog,normal',
+ # 4. prefixing "repo-log," to any of the above will **also** log just the
+ # update records to "gl-log" in the bare repo directory:
+ # LOG_DEST => 'repo-log,normal',
+ # LOG_DEST => 'repo-log,syslog',
+ # LOG_DEST => 'repo-log,syslog,normal',
+ # syslog 'facility': defaults to 'local0', uncomment if needed. For example:
+ # LOG_FACILITY => 'local4',
+
+ # roles. add more roles (like MANAGER, TESTER, ...) here.
+ # WARNING: if you make changes to this hash, you MUST run 'gitolite
+ # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
+ ROLES => {
+ CONTRIBUTORS => 1,
+ MAINTAINERS => 1,
+ },
+
+ # enable caching (currently only Redis). PLEASE RTFM BEFORE USING!!!
+ # CACHE => 'Redis',
+
+ # ------------------------------------------------------------------
+
+ # rc variables used by various features
+
+ # the 'info' command prints this as additional info, if it is set
+ # SITE_INFO => 'Please see http://blahblah/gitolite for more help',
+
+ # the CpuTime feature uses these
+ # display user, system, and elapsed times to user after each git operation
+ # DISPLAY_CPU_TIME => 1,
+ # display a warning if total CPU times (u, s, cu, cs) crosses this limit
+ # CPU_TIME_WARN_LIMIT => 0.1,
+
+ # the Mirroring feature needs this
+ # HOSTNAME => "foo",
+
+ # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING!
+ # CACHE_TTL => 600,
+
+ # ------------------------------------------------------------------
+
+ # suggested locations for site-local gitolite code (see cust.html)
+
+ # this one is managed directly on the server
+ # LOCAL_CODE => "$ENV{HOME}/local",
+
+ # or you can use this, which lets you put everything in a subdirectory
+ # called "local" in your gitolite-admin repo. For a SECURITY WARNING
+ # on this, see http://gitolite.com/gitolite/non-core.html#pushcode
+ LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local",
+
+ # ------------------------------------------------------------------
+
+ # List of commands and features to enable
+
+ POST_GIT => [
+ 'push',
+ ],
+
+ ENABLE => [
+
+ # COMMANDS
+
+ # These are the commands enabled by default
+ 'help',
+ 'desc',
+ 'info',
+ 'perms',
+ #'writable',
+
+ # Uncomment or add new commands here.
+ # 'create',
+ # 'fork',
+ # 'mirror',
+ # 'readme',
+ # 'sskm',
+ 'D',
+
+ # These FEATURES are enabled by default.
+
+ # essential (unless you're using smart-http mode)
+ 'ssh-authkeys',
+
+ # creates git-config entries from gitolite.conf file entries like 'config foo.bar = baz'
+ 'git-config',
+
+ # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
+ #'daemon',
+
+ # creates projects.list file; if you don't use gitweb, comment this out
+ #'gitweb',
+
+ # These FEATURES are disabled by default; uncomment to enable. If you
+ # need to add new ones, ask on the mailing list :-)
+
+ # user-visible behaviour
+
+ # prevent wild repos auto-create on fetch/clone
+ # 'no-create-on-read',
+ # no auto-create at all (don't forget to enable the 'create' command!)
+ # 'no-auto-create',
+
+ # access a repo by another (possibly legacy) name
+ # 'Alias',
+
+ # give some users direct shell access. See documentation in
+ # sts.html for details on the following two choices.
+ # "Shell $ENV{HOME}/.gitolite.shell-users",
+ # 'Shell alice bob',
+
+ # set default roles from lines like 'option default.roles-1 = ...', etc.
+ # 'set-default-roles',
+
+ # show more detailed messages on deny
+ # 'expand-deny-messages',
+
+ # show a message of the day
+ # 'Motd',
+
+ # system admin stuff
+
+ # enable mirroring (don't forget to set the HOSTNAME too!)
+ # 'Mirroring',
+
+ # allow people to submit pub files with more than one key in them
+ # 'ssh-authkeys-split',
+
+ # selective read control hack
+ # 'partial-copy',
+
+ # manage local, gitolite-controlled, copies of read-only upstream repos
+ # 'upstream',
+
+ # updates 'description' file instead of 'gitweb.description' config item
+ 'cgit',
+
+ # allow repo-specific hooks to be added
+ # 'repo-specific-hooks',
+
+ # performance, logging, monitoring...
+
+ # be nice
+ # 'renice 10',
+
+ # log CPU times (user, system, cumulative user, cumulative system)
+ # 'CpuTime',
+
+ # syntactic_sugar for gitolite.conf and included files
+
+ # allow backslash-escaped continuation lines in gitolite.conf
+ # 'continuation-lines',
+
+ # create implicit user groups from directory names in keydir/
+ # 'keysubdirs-as-groups',
+
+ # allow simple line-oriented macros
+ # 'macros',
+
+ # Kindergarten mode
+
+ # disallow various things that sensible people shouldn't be doing anyway
+ # 'Kindergarten',
+ ],
+
+);
+
+# ------------------------------------------------------------------------------
+# per perl rules, this should be the last line in such a file:
+1;
+
+# Local variables:
+# mode: perl
+# End:
+# vim: set syn=perl:
diff --git a/gitolite/dotfiles/local/triggers/push b/gitolite/dotfiles/local/triggers/push
new file mode 100755
index 0000000..7a3cb56
--- /dev/null
+++ b/gitolite/dotfiles/local/triggers/push
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+[ "$4" = "W" ] || exit 0
+
+cd "$GL_REPO_BASE/$2.git"
+head=$(git symbolic-ref HEAD)
+
+if ! [ -f "$head" ]; then
+ set -- refs/heads/*
+ if [ "$#" -eq 1 ]; then
+ git symbolic-ref HEAD "$1"
+ echo "NOTICE: Default branch set to $1" >&2
+ else
+ echo "WARNING: The default branch is $head, but no such branch exists" >&2
+ fi
+fi
+
+git log -1 --all --date-order --format=%ci >agefile
diff --git a/gitolite/gitolite.conf b/gitolite/gitolite.conf
new file mode 100644
index 0000000..a1602d0
--- /dev/null
+++ b/gitolite/gitolite.conf
@@ -0,0 +1,12 @@
+@administrators = admin
+
+repo gitolite-admin
+ RW+ = @administrators
+
+repo CREATOR/..*
+ C = @all
+ RW+ = CREATOR MAINTAINERS
+ RW+ contrib/USER/ = CONTRIBUTORS
+ R = @all
+
+ config gitweb.owner = %GL_CREATOR
diff --git a/gitolite/sshd_config b/gitolite/sshd_config
new file mode 100644
index 0000000..efc0c52
--- /dev/null
+++ b/gitolite/sshd_config
@@ -0,0 +1,22 @@
+Port 22
+
+HostKey /hostkeys/etc/ssh/ssh_host_rsa_key
+HostKey /hostkeys/etc/ssh/ssh_host_ecdsa_key
+HostKey /hostkeys/etc/ssh/ssh_host_ed25519_key
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
+AuthorizedKeysFile .ssh/authorized_keys
+
+UsePAM yes
+PermitRootLogin no
+PasswordAuthentication no
+KbdInteractiveAuthentication no
+AllowAgentForwarding no
+AllowTcpForwarding no
+GatewayPorts no
+X11Forwarding no
+PermitTTY no
+PrintLastLog no
+PermitUserEnvironment no
+PermitTunnel no
cgit-1.2.3-r5 | srcnode v0.4.0