7 Apr 2012

Git "Server" on OS X Lion

My most popular post ever is the SVN on OS X Lion Server post. This is great, and with a few tweaks for 10.7.3 that method is still the best one around.

However I'm going to be working with a team that uses git for version control in the near future so I thought I would take the opportunity to learn all about it. I read and watched tonnes on the subject and really love the distributed nature of git. It reminds me of how bit coin works. More importantly will allow me to check in commits on the train.

Still to work efficiently in a team of git developers, or even just to have an online backup of a personal git repository it can be really useful to have a git "server". This is going to be a "pro" level tutorial which makes heavy use of SSH and terminal to get the job done. This won't be a tutorial for everyone, I'm just going to aim to write a neat guide about how to avoid some common pitfalls when configuring gitolite on OS X Lion Server. On the other hand, don't be afraid to give it a go, e-mail if you get stuck.

After reading the requirements for the impressive looking gitorious I settled on setting up gitolite with a more standard ssh managed workflow. "gitolite" is a perl app which operates over ssh. Each user authenticates with a separate private key and, due to clever editing of the ssh authorized_keys file, uses the knowledge of which key you used to control repo access. With gitolite, only the server admin needs to know the gory details of how everything works, and your workgroup members can follow simple instructions to set up a public key and send it to you with a few copy paste terminal commands. If you're interested these would be:

client:~ user$ ssh-keygen
*hit return a few times to accept default options
client:~ user$ cp ./.ssh/id_rsa.pub ./Desktop/2

The user now has a file on the desktop that they can email to you.

So on to configuring the server. First things first you need to have git installed on your server. You can either install the Xcode command line developer tools or, like I did, go for the git installer from the official git website. The package installs git to /usr/local/git/bin. To save yourself a long journey investigating setting PATHs for non interactive shells do yourself a favour and symlink those executables somewhere sensible.

server:~ admin$ sudo ln -s /usr/local/git/bin/* /usr/bin/

Once installed we need to set up a git user on our server. I opted to make the git user a local user, but a network account will work too. The user needs to be added to the server's Remote Login Group in the local directory so that it has permission to SSH in. You can either do this from workgroup manager by showing System Records in the View menu or you can remote desktop into the server and go to System Preferences > Sharing > Remote Login.

Then sshd needs configuring to accept public keys. I recommend configuring to ONLY accept public keys (or keys and kerberos) as it is much more secure. Follow my previous article on the subject.

Now we need to become the git user and download gitolite. You can either remote desktop to the server as admin and fire up terminal or SSH into the server with an admin user if you have that working. Use the following command to switch to the git user:

server:~ git$ sudo su - git

Then, following the instructions at the gitolite github:

server:~ git$ git clone git://github.com/sitaramc/gitolite
server:~ git$ cd gitolite
server:~ git$ git checkout g3

This clones a git repo and checks it out to the current directory. As gitolite is written in perl we are ready to go. To install, type

server:~ git$ ./gitolite/install

The last thing to do before we can start following the documentation for configuring g3 on the gitolite website is to send the public key we are going to use for gitolite to the server and configure it as the admin's key. I chose to generate one using the interactive ssh-keygen in terminal. I've found that gitolite will complain that the key must only be one line long when generated this way. I assumed this was due to line ending encoding. I opened it up in vim and it showed one line, but opening in TextMate showed two. I deleted the extra line and saved the key. This fixed the issue for me.

This then needs to be copied over to a world readable directory on the server. gitolite's documentation suggests /tmp. I used scp to get the file over.

workstation:~ admin$ scp ./admin.pub [email protected]:/tmp/admin.pub

Then on the server, as the git user

server:~ git$ gitolite setup -pk /tmp/admin.pub

Then on your workstation:

workstation:~ admin$ git clone [email protected]:gitolite-admin.git

This will also work in your favourite graphical git client. (I've taken to GitBox, Thanks Dan Benjamin and John Siracusa)
Fingers crossed you now have the admin repository for gitolite checked out on your computer. If not then good luck as info for g3 seems to be scarce at the minute. Please feel free to email or tweet @osxserverblog if you find any extra info or if you get stuck.