So, the time has come to clean up repositories for our projects.
For quite some time we’ve been thinking about migration from subversion to git, and today the first step was made – new repository server was deployed on a KVM based virtual machine (Proxmox). So, straight to the juice :
Puppet config repository was updated to contain obects that in essence perform following :
to install fresh Git repository :
mkdir <newrepo>
cd <newrepo>
git –bare init
git –bare update-server-info
this creates a fresh repository that can be served by HTTP with LDAP users through :
ScriptAlias /git/repo> /usr/lib/git-core/git-http-backend
<Location /git/repo>
SetEnv GIT_PROJECT_ROOT <newrepo>
SetEnv GIT_HTTP_EXPORT_ALL
Order deny,allow
Deny from All
Allow from x.x.x.x/24
AuthType Basic
AuthName „SVN Repository /git/repo”
AuthBasicProvider ldap
AuthLDAPURL ldap://ldap.company.tld:389/ou=people,dc=company,dc=tld?uid
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=<group>,ou=groups,dc=company,dc=tld
Satisfy any
</Location>
As you can see, the configuration allows use of the repository via git-http-backend for either hosts from authorized networks (usefull for passwordless deployment of the code to production servers inside corporate VPN) or for LDAP authenticated users which are members of <group> (LDAP schema came with GOsa2).
Administration by .
No i przyszedł czas by odpalić sobie bloga, zapewne będzie to jeden z bardziej zapominanych i nie używanych blogów w sieci, ale co tam