How do I Setup up a Multi-User Git Server

[tuaris]

I currently have the devel/git port installed and I am using it to host some Git repositories.

/etc/rc.conf:

git_daemon_enable="YES"
git_daemon_directory="/var/spool/git/repo"
git_daemon_flags="--syslog --base-path=/var/spool/git/repo --export-all --reuseaddr --detach

Now a few of the users on my server are interested in having their own personal Git repositories.

How do I provide this option and ensure the following:

• The repositories are private, only usable by the individual user.
• They use their FreeBSD username and password to connect to the Git daemon.
  
• They can not access my existing repositories under /var/spool/git/repo.
• Preferably the repositories are stored in the user's home directory under a sub-folder called "git'.

I looked into the port devel/gitolite, but that does not reuse existing system users.

 

[tobik@]

Git supports SSH, so one way would be to just use SSH. Users can create their own repositories in their home directories. Set the permissions to your repositories so that your users can't access them.

 

[junovitch@]

• The repositories are private, only usable by the individual user.
• Preferably the repositories are stored in the user's home directory under a sub-folder called "git'.

These two are easy. As said by tobik above, Git support SSH so it would be easy to have users with repositories in their home directories. Git doesn't handle file permissions and relies on normal UNIX DAC for that. The only thing tracked is whether files are executable or not to store them as 755 or 644 in the index. If you need tighter permissions, have home directories be 700 so users can't look in each others directories.

• They use their FreeBSD username and password to connect to the Git daemon.
  
• They can not access my existing repositories under /var/spool/git/repo.

This, however, conflicts with the purpose of Git daemon to provide unencrypted and unauthenticated read only access to Git repositories. If you want to use system users then you would be better off sticking to SSH only and allowing at least group read access for all users to the /var/spool/git/repo folder.

http://git-scm.com/book/en/v2/Git-on-the-Server-Git-Daemon

 

[nakal]

I use devel/gitolite for serving devel/git repositories. With this you get access similar to what is offered by https://github.com/, but with more features (fine-grained access control, hooks and much more).

 

[asteriskRoss]

Given your requirements, tobik's suggestion is the obvious one. No need for running a separate git daemon and your users have total control of their private repositories.

I've tried a few options for shared repositories, including using SSH with git-shell and writing my own scripts for various actions. My favourite, which I still use, has been devel/gitolite, which nakal suggested.