Ubuntu Server 16.04

Install

// 安装需要的软件
root@ubuntu# apt install nginx gitweb git-core fcgiwrap libcgi-pm-perl  
// 创建用于Git仓库的用户
root@ubuntu# adduser \  
--system \ 
--shell /bin/bash \ 
--gecos 'git version control' \ 
--group \ 
--disabled-password \ 
--home /home/git \ 
git  
// 将Git仓库用户加入SSH组
root@ubuntu# adduser git ssh  

Configure GitoLite

// 切换到Git仓库用户
root@ubuntu# su - git  
// 进入Git仓库主目录
git@ubuntu:~$ cd /home/git  
// Clone GitoLite
git@ubuntu:~$ git clone git://github.com/sitaramc/gitolite  
// 创建GitoLite执行文件存放目录
git@ubuntu:~$ mkdir $HOME/bin  
// 初始化安装GitoLite
git@ubuntu:~$ gitolite/install -ln  

在本地计算机上创建一个SSH密钥,将.pub上传至Git服务器/home/git目录下,并重命名为git.pub.

// 将上传的SSH公钥注册为GitoLite管理员公钥
git@ubuntu:~$ bin/gitolite setup -pk git.pub  
Initialized empty Git repository in /home/git/repositories/gitolite-admin.git/  
Initialized empty Git repository in /home/git/repositories/testing.git/  
WARNING: /home/git/.ssh missing; creating a new one  
WARNING: /home/git/.ssh/authorized_keys missing; creating a new one  
// 注册完后删除无用的公钥
git@ubuntu:~$ rm git.pub  

Clone GitoLite管理仓库到本地计算机.

$git clone git@gitserver:gitolite-admin.git

Configure GitWeb

使用在线工具Htpasswd Generator,创建一个用户名与密码以便通过Web访问GitWeb时进行授权验证.将Htpasswd Generator生成的用户名密码保存到新文件access_list中,并上传到Git服务器的/etc/nginx/目录之中.

## 创建编辑Nginx的配置文件用于GitWeb
root@ubuntu# vim /etc/nginx/sites-enabled/gitweb.conf  
  • gitweb.conf
server {  
    listen      80;
    server_name git.server.com;
    access_log /var/log/nginx/git.server.com.access.log;
    rewrite     ^   https://$server_name$request_uri? permanent;
}

server {  
    listen       443;
    server_name  git.server.com;
    root /usr/share/gitweb;
    access_log /var/log/nginx/git.server.com.access.log;

    ssl                  on;
    ssl_certificate      /etc/ssl/certs/certforyoursite.crt;
    ssl_certificate_key  /etc/ssl/private/sitekey.pem;
    ssl_session_timeout 5m;
    ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers          HIGH:!ADH:!MD5;
    ssl_prefer_server_ciphers on;

    auth_basic           "Git Server";
    auth_basic_user_file /etc/nginx/access_list;

    location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
        root /home/git/repositories/;
    }

    location ~ ^.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
        root /home/git/repositories;

        fastcgi_pass unix:/var/run/fcgiwrap.socket;
        fastcgi_param SCRIPT_FILENAME   /usr/lib/git-core/git-http-backend;
        fastcgi_param PATH_INFO         $uri;
        fastcgi_param GIT_PROJECT_ROOT  /home/git/repositories;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param REMOTE_USER $remote_user;
        include fastcgi_params;
    }

    try_files $uri @gitweb;
    location @gitweb {
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
        fastcgi_param SCRIPT_FILENAME   /usr/share/gitweb/gitweb.cgi;
        fastcgi_param PATH_INFO         $uri;
        fastcgi_param GITWEB_CONFIG     /etc/gitweb.conf;
        include fastcgi_params;
   }
}

重启Nginx与FCGiwrap.

root@ubuntu# service nginx restart  
root@ubuntu# service fcgiwrap restart  

Use

要创建一个新的Git仓库,可以在本机的gitolite-admin/conf/gitolite.conf写入新仓库名称并赋予权限,如新建仓库emacs.d:

repo gitolite-admin  
    RW+     =   git

repo testing  
    RW+    =   git

repo emacs.d  
    RW+   =    git

然后将其Clone到本地:

$ git clone git@server.com:emacs.d.git

更复杂的权限细粒度控制见GitoLite的官网手册.