git need ssh and openssh-server
sudo apt-get autoremove ssh-import-id ssh openssh-client openssh-server --purge
sudo apt-get install ssh-import-id ssh openssh-client openssh-server -f
在开发人数2-4人的情况下,不考虑使用git branch的时候,可以在VPS上搭建一个简单的GIT服务器,可以用于托管自己的代码,同时在部署时如果使用了capistrano也是需要与git打交道的。除非你决定了开源,那github绝对是一个很好的选择。好吧,闲话不多说,开始部署我们的git服务器吧。
首先在自己的电脑上生成SSH公钥,只需要一个命令就可以了。
$ ssh-keygen
这样,就在电脑下生成了一个.ssh的文件夹,里面有两个文件,分别是:id_rsa(密钥)和id_rsa.pub(公钥)。通过口令可以察看公钥的内容:
$ cat ~/.ssh/id_rsa.pub
服务器上需要用到公钥里面的内容,可以发送给服务器管理者。
首先,创建一个 'git' 用户并为其创建一个 .ssh 目录。
$ sudo adduser git
$ su git
$ cd
$ mkdir .ssh
$ cd .ssh
$ touch authorized_keys
接下来,把开发者的 SSH 公钥添加到这个用户的 authorized_keys 文件中。
scp ~/.ssh/id_rsa.pub git@your.server.com:~/.ssh/ //scp将公钥复制到服务器中
ssh git@your.server.com
cd ~/.ssh
cat id_rsa.pub >> authorized_keys //追加到authorized_keys
现在可以使用 –bare 选项运行 git init 来设定一个空仓库,这会初始化一个不包含工作目录的仓库。
$ cd ~/
$ mkdir project.git
$ cd project.git
$ git --bare init
这时,开发人员就可以把它加为远程仓库,推送一个分支,从而把第一个版本的工程上传到仓库里了。
# 在一个工程师的电脑上
$ cd myproject
$ git init
$ git add .
$ git commit -m 'initial commit'
$ git remote add origin git@gitserver:project.git
$ git push origin master
这样,你的项目就推送到VPS上面了。 如果另一个小组成员一同编辑项目,只需要把他的公钥加进去后,把项目复制下来:
$ git clone git@gitserver:project.git
就可以一同操作了,但注意每次push项目之前,应该先git pull。
作为一个额外的防范措施,你可以用 Git 自带的 git-shell 简单工具来把 git 用户的活动限制在仅与 Git 相关。把它设为 git 用户登入的 shell,那么该用户就不能拥有主机正常的 shell 访问权。为了实现这一点,需要指明用户的登入shell 是 git-shell ,而不是 bash 或者 csh。你可能得编辑 /etc/passwd 文件。
$ sudo vim /etc/passwd
在文件末尾,你应该能找到类似这样的行:
git:x:1000:1000::/home/git:/bin/sh
把 bin/sh 改为 /usr/bin/git-shell (或者用 which git-shell 查看它的位置)。该行修改后的样子如下:
git:x:1000:1000::/home/git:/usr/bin/git-shell
现在 git 用户只能用 SSH 连接来推送和获取 Git 仓库,而不能直接使用主机 shell。如果你需要添加公钥的时候就需要用root用户进行操作了。
Git does not require a special “server” to run. For example, if you are on a local network, you can just put the repository on a shared network drive. Git does not handle the security. You configure the read/write access on the folder. I’m not an expert in system administration so I’m going to suggest some options and provide links that I found helpful:
- Ssh is you friend for security. If you do not want to provide shell access to everyone, you can setup one git user and use ssh keys to provide access. If you go that route, take a look at gitosis, which is a bunch of python scripts that automates part of administering that kind of setup. Gitosis gives you a git repository to configure access and projects. It’s very nice.
- Another option is through http. You need webdav for that.
- Git daemon comes with git and is perfect if you only need to quickly give public read access.
- There are couple of git hosting site that are popping up. Check out repo.or.cz and Github (invitation only for now but has a sexy look).
What's needed:
-
Have an Apache web-server
On Debian: $ apt-get install apache2 To get apache2 by default started, edit /etc/default/apache2 and set NO_START=0
-
can edit the configuration of it.
This could be found under /etc/httpd, or refer to your Apache documentation.
On Debian: this means being able to edit files under /etc/apache2
-
can restart it.
'apachectl --graceful' might do. If it doesn't, just stop and restart apache. Be warning that active connections to your server might be aborted by this.
On Debian: $ /etc/init.d/apache2 restart or $ /etc/init.d/apache2 force-reload (which seems to do the same) This adds symlinks from the /etc/apache2/mods-enabled to /etc/apache2/mods-available.
-
have permissions to chown a directory
-
have Git installed on the client, and
-
either have Git installed on the server or have a webdav client on the client.
In effect, this means you're going to be root, or that you're using a preconfigured WebDAV server.
At the time of writing, git-http-push cannot remotely create a Git repository. So we have to do that at the server side with Git. Another option is to generate an empty bare repository at the client and copy it to the server with a WebDAV client (which is the only option if Git is not installed on the server).
Create the directory under the DocumentRoot of the directories served by Apache. As an example we take /usr/local/apache2, but try "grep DocumentRoot /where/ever/httpd.conf" to find your root:
$ cd /usr/local/apache/htdocs
$ mkdir my-new-repo.git
On Debian:
$ cd /var/www
$ mkdir my-new-repo.git
Initialize a bare repository
$ cd my-new-repo.git
$ git --bare init
Change the ownership to your web-server's credentials. Use "grep ^User httpd.conf" and "grep ^Group httpd.conf" to find out:
$ chown -R www.www .
On Debian:
$ chown -R www-data.www-data .
If you do not know which user Apache runs as, you can alternatively do a "chmod -R a+w .", inspect the files which are created later on, and set the permissions appropriately.
Restart apache2, and check whether http://server/my-new-repo.git gives a directory listing. If not, check whether apache started up successfully.
http://blog.csdn.net/klinghr/article/details/5378271
First make sure the dav_module is loaded. For this, insert in httpd.conf:
LoadModule dav_module libexec/httpd/libdav.so
AddModule mod_dav.c
Also make sure that this line exists which is the file used for locking DAV operations:
DAVLockDB "/usr/local/apache2/temp/DAV.lock"
On Debian these steps can be performed with:
Enable the dav and dav_fs modules of apache:
$ a2enmod dav_fs # sudo a2enmod dav_fs
(just to be sure. dav_fs might be unneeded, I don't know)
$ a2enmod dav # sudo a2enmod dav
The DAV lock is located in /etc/apache2/mods-available/dav_fs.conf:
DAVLockDB /var/lock/apache2/DAVLock
Of course, it can point somewhere else, but the string is actually just a prefix in some Apache configurations, and therefore the directory has to be writable by the user Apache runs as.
Then, add something like this to your httpd.conf
<Location /my-new-repo.git> DAV on AuthType Basic AuthName "Git" AuthUserFile /usr/local/apache2/conf/passwd.git Require valid-user
On Debian: Create (or add to) /etc/apache2/conf.d/git.conf :
<Location /my-new-repo.git>
DAV on
AuthType Basic
AuthName "Git"
AuthUserFile /etc/apache2/passwd.git
Require valid-user
</Location>
<VirtualHost *:8081>
DocumentRoot /var/www/
<Location guanxi_cms.git>
DAV on
AuthType Basic
AuthName "Git"
AuthUserFile /etc/apache2/passwd.git
Require valid-user
</Location>
</VirtualHost>
Debian automatically reads all files under /etc/apache2/conf.d.
The password file can be somewhere else, but it has to be readable by Apache and preferably not readable by the world.
Create this file by $ htpasswd -c /usr/local/apache2/conf/passwd.git
**On Debian**:
$ htpasswd -c /etc/apache2/passwd.git <user>
# htpasswd -c /etc/apache2/passwd.git jhjguxin
You will be asked a password, and the file is created. Subsequent calls to htpasswd should omit the '-c' option, since you want to append to the existing file.
You need to restart Apache.
Now go to http://@/my-new-repo.git in your browser to check whether it asks for a password and accepts the right password.
On Debian:
To test the WebDAV part, do:
$ apt-get install litmus $ litmus http:///my-new-repo.git
Most tests should pass.
A command line tool to test WebDAV is cadaver. If you prefer GUIs, for example, konqueror can open WebDAV URLs as "webdav://..." or "webdavs://...".
If you're into Windows, from XP onwards Internet Explorer supports WebDAV. For this, do Internet Explorer -> Open Location -> http:///my-new-repo.git [x] Open as webfolder -> login .
useradd -m -d /home/git -u 1005 git
#/etc/ssh/sshd_config: AllowUsers admin bob
http://www.fclose.com/b/linux/366/set-up-git-server-through-ssh-connection/
https://help.ubuntu.com/community/Git http://blog.longwin.com.tw/2011/03/build-git-env-share-over-ssh-2011/