How to set up a Git server with HTTP access on Linux - linux

I need to create a Git repository on a Linux machine and then make it accessible via HTTP. Also need full access with one user and read-only to anon-users.
I've created local repositories before but I don't know how to create this (e.g.: inside /var/www or /opt/git/...)
I tried doing this:
-sudo Clone a GitHub repository into /var/www/repos/repo.git
-cd /var/www/repos/repo.git
-sudo git --bare update-server-info
-sudo mv hooks/post-update.sample hooks/post-update
-sudo service apache2 restart
Then I tried to access this repository from another machine:
-With browser : (http protocol)192.168.1.49/repo.git <-- WORKS
-With terminal: git clone --bare (http protocol)192.168.1.49/repo.git <--DOESN'T WORK
The terminal says:
Cloning into bare repository repo.git...
fatal: (http protocol)192.168.1.49/repo.git/info/refs?service=git-upload-pack not found: did you run git update-server-info on the server?
I think maybe it's a permissions problem. How I need to manage permissions inside /var/www?
EDIT: Already fixed, just needed:
-put the repository into /var/www/repos/ named repo.git
-change the permissions of the www folder with sudo chown -R www-data:www-data /var/www
-enable webdav with sudo a2enmod dav_fs
-config file into /etc/apache2/conf.d called git.conf
-create the file with users with sudo htpasswd -c /etc/apache2/passwd.git user
-rename the pot-update file and make it executable with sudo mv /var/www/repos/repo.git/hooks/post-update.sample /var/www/repos/repo.git/hooks/post-update && sudo chmod a+x /var/www/repos/repo.git/hooks/post-update
-update server and restart apache with sudo git update-server-info && sudo service apache2 restart
And, to fix the problem with pushing:
Edit the file .git/config into your repository folder (client machine) and put the username and password on the url:
url = (http protocol)user:password#url/repos/repo.git
So, now only I need is to set the read-only for anon-users.

Already fixed, just needed:
-put the repository into /var/www/repos/ named repo.git
-change the permissions of the www folder with sudo chown -R www-data:www-data /var/www
-enable webdav with sudo a2enmod dav_fs
-config file into /etc/apache2/conf.d called git.conf
-create the file with users with sudo htpasswd -c /etc/apache2/passwd.git user
-rename the pot-update file and make it executable with sudo mv /var/www/repos/repo.git/hooks/post-update.sample
/var/www/repos/repo.git/hooks/post-update && sudo chmod a+x
/var/www/repos/repo.git/hooks/post-update
-update server and restart apache with sudo git update-server-info && sudo service apache2 restart
And, to fix the problem with pushing:
Edit the file .git/config into your repository folder (client machine)
and put the username and password on the url: url = (http
protocol)user:password#url/repos/repo.git
So, now only I need is to set the read-only for anon-users.

Related

AWS Wordpress Configuration for Apache & EC2 User Access

I have for some time been manually switching my www/html directory user ownership on my EC2 Instance between apache and EC2-user for some time to allow me switch between installing and updating wordpress plugins or using Coda 2 to upload and update files via FTP.
I have finally reached a point of frustration and am wondering what is the best way to set up my ownership settings on the server to cater for both users having access without having to constantly change the settings.
Here are the commands I use to switch between users:
sudo chown -R apache:apache /var/www/html
sudo chown -R ec2-user /var/www/html
Can someone please advise the safest configurations to avoid constantly switching for the foreseeable future?
add your user to the same user group of apache.
sudo usermod -a -G apache ec2-user
then exit your account then change ownership that include ec2-user in the path
sudo chown -R ec2-user:apache /var/www

Can git store or control directory user, group or permissions

I have developed a few git repositories for a web application. As part of the deployment process, a few of the folders need to be writable by Apache for file uploads. Does git have any control over this for either the user or group, or the respective permissions?
git can only set this for the entire repository, not for a subdirectory. Run in the root of your repo:
sudo chgrp -R apache .
sudo chmod -R ug+rwX *
git config core.sharedRepository group

Nginx Configuration Versioning Strategy

currently a project my team inherited has a complete mess on the nginx configuration across 10+ environments, we would like to implement a versioning strategy however im not sure how people "normally" achieve this. you make the whole nginx conf folder a git repo and ignore what you do not want to version? or have a separate folder with the config file repo and deploy the files with a script?
We manage it via separate Git repository exclusive only for nginx configuration. Yes, it includes everything inside /etc/nginx/ directory.
But it's not synced directly on server, instead a bash script is used to pull changes, update configuration, and reload nginx configuration.
Script example:
# Pull changes
git pull
# Sync changes excluding .git directory
rsync -qauh ./* "/etc/nginx" --exclude=".git"
# Set proper permissions
chmod -R 644 /etc/nginx
find /etc/nginx -type d -exec chmod 700 {} \;
# If you store SSL certs under `/etc/nginx/ssl`
# Set proper permission for SSL certs
chmod -R 600 /etc/nginx/ssl
chmod -R 400 /etc/nginx/ssl/*
# Reload nginx config
# but only if configtest is passed
nginx -t && service nginx reload

Rsync mkdir permission denied

I am trying to use "Rsync" to copy my spark directory to all the slave machines by this command:
rsync -avL --progress /path/to/spark-0.9.0-incubating ubuntu#<Public_ip_of_slave>:/usr/local`
I am following the instructions on this site:
http://docs.sigmoidanalytics.com/index.php/Setup_hadoop_2.0.0-cdh4.2.0_and_spark_0.9.0_on_ubuntu_aws_cluster"
but I am facing an error which is permission denied to make the folders in the destination.
Can anyone help me?
The ubuntu user (which you are using for scp) does not have the appropriate directory permissions on /usr/local at the remote server.
Misconfiguration can result in security issues so changing the directory permission of /usr/local is not recommended. If you wish to do so run:
ssh ubuntu#remote-server 'sudo chown root:ubuntu /usr/local'
where remote-server is the hostname or IP of the remote server and assuming that ubuntu is an administrator. You may also allow all others to write to the directory:
ssh ubuntu#remote-server 'sudo chmod o+w /usr/local'
but this is more dangerous than the previous option.
Alternatively, you may copy it into your home directory first then issue a sudo command to move the files into /usr/local:
rsync -avL --progress /path/to/spark-0.9.0-incubating ubuntu#remote-server:~
ssh ubuntu#remote-server 'sudo mv ~/spark-0.9.0-incubating /usr/local'
~ will be expanded to the home directory of the user, which in this case is likely to be /home/ubuntu/.
Do remember to change the permissions of /usr/local/spark-0.9.0-incubating as appropriate to allow access to authorized users using the chmod command.

How to fix permission denied for .git/ directory when performing git push?

I have set up a git repository on my server. Created a new user 'git'. My repos are located in /srv/git/example.git. I was able to git remote add origin git#domain/srv/git/example.git then I added and committed my changes.
However when I tried git push origin master it failed on:
fatal: unable to create temporary file: permission denied' and 'fatal: sha1 file write error: invalid argument'
On the server I ran:
sudo chown -R git:git /srv/git/`
This fixed my problem but I am wondering if this was the correct thing to do?
On the server I ran sudo chown -R git:git /srv/git/ - this fixed my problem but I am wondering if this was the correct thing to do?
Absolutely. The problem previously was that the git user, who you're logging in as via SSH, could not write to the repository.
Depending on your needs, you may consider different combinations of users and SSH keys, or one of the many additional programs (gitolite etc) that can be used to more finely control access.
First, fix file permissions in your remote .git dir e.g.
sudo chmod -R ug+w /var/www/.git
sudo chown -R git:git /var/www/.git
or root:root if you want to assign members of root group for push access.
Then git repository on the destination host needs to be set as shared, so the following command on remote needs to be run:
git config core.sharedRepository group

Resources