Toggle navigation
Photo Blog
首页
Blog
关于
作品
联系
Home
About
Contact
Sign in
windows下使用cygwin和gitolite安装git服务器
Posted by
Chris Chen
on February 12, 2017
> 使用了一段时间之后,感觉有条件最好还是直接在linux上面装。调试,日志可能会方便一点,最近ssh连接不上,看日志还需要另外装syslog-ng。同时也发现了gitlab,确实功能要强大很多,可以作为备选方案。gitolite好处是简单轻便一些 最近想要在window上搭建一个git的代码版本控制系统。同时需要有必要的权限控制,经过一番Google之后,选择使用cygwin+gitolite的方式 整个安装流程参考网上搜到的一篇文章 [How To Set Up A Git Server On Windows Using Cygwin And Gitolite](http://therightstuff.de/2010/03/28/How-To-Set-Up-A-Git-Server-On-Windows-Using-Cygwin-And-Gitolite.aspx) ####流程 1. 安装cygwin 2. 连接cgywin和windows系统安全 3. 设置ssh server 4. 打开ssh客户端访问 5. 验证密码访问 6. 创建gitolite管理员密钥 7. 安装gitolite 8. 管理gitolite 8. 配置客户端 ####安装cygwin Cygwin的安装程序比较简单,直接下载setup程序运行,选择需要安装的包就行了,除了默认选择的一系列包之外,需要额外选择下面这几个包 - Net | openssh - Devel | git - Editors | vim vim可有可无,只是为了后面编辑文件方便。也可换成别的文本编辑程序 ####连接cgywin和windows系统安全 为了后面设置使用ssh,需要首先配置cgywin集成windows系统安全,可以参阅cygwin文档中的[integrating with Windows Security](http://www.cygwin.com/cygwin-ug-net/ntsec.html#ntsec-nopasswd1) 1.以管理员方式打开安装好的cgywin 2.执行/bin/cyglsa-config ``` Warning: Registering the Cygwin LSA authentication package requires administrator privileges! You also have to reboot the machine to activate the change. Are you sure you want to continue? (yes/no) ``` 3.输入yes ``` Cygwin LSA authentication package registered. Activating Cygwin's LSA authentication package requires to reboot. ``` 4.重启机器 ####设置ssh server 1.以管理员方式打开安装好的cgywin 2.执行ssh-host-config ``` $ ssh-host-config *** Info: Generating /etc/ssh_host_key *** Info: Generating /etc/ssh_host_rsa_key *** Info: Generating /etc/ssh_host_dsa_key *** Info: Creating default /etc/ssh_config file *** Info: Creating default /etc/sshd_config file *** Info: Privilege separation is set to yes by default since OpenSSH 3.3. *** Info: However, this requires a non-privileged account called 'sshd'. *** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep. *** Query: Should privilege separation be used? (yes/no) ``` 3.输入yes ``` *** Info: Note that creating a new user requires that the current account have *** Info: Administrator privileges. Should this script attempt to create a *** Query: new local account 'sshd'? (yes/no) ``` 4.还是yes ``` *** Info: Updating /etc/sshd_config file *** Warning: The following functions require administrator privileges! *** Query: Do you want to install sshd as a service? *** Query: (Say "no" if it is already installed as a service) (yes/no) ``` 5.还是yes ``` *** Query: Enter the value of CYGWIN for the daemon: [] ``` 6.直接回车 ``` *** Info: On Windows Server 2003, Windows Vista, and above, the *** Info: SYSTEM account cannot setuid to other users -- a capability *** Info: sshd requires. You need to have or to create a privileged *** Info: account. This script will help you do so. *** Info: You appear to be running Windows 2003 Server or later. On 2003 *** Info: and later systems, it's not possible to use the LocalSystem *** Info: account for services that can change the user id without an *** Info: explicit password (such as passwordless logins [e.g. public key *** Info: authentication] via sshd). *** Info: If you want to enable that functionality, it's required to create *** Info: a new account with special privileges (unless a similar account *** Info: already exists). This account is then used to run these special *** Info: servers. *** Info: Note that creating a new user requires that the current account *** Info: have Administrator privileges itself. *** Info: No privileged account could be found. *** Info: This script plans to use 'cyg_server'. *** Info: 'cyg_server' will only be used by registered services. *** Query: Do you want to use a different name? (yes/no) ``` 7.输入 **no** ``` *** Query: Create new privileged user account 'cyg_server'? (yes/no) ``` 8.输入 yes ``` *** Info: Please enter a password for new user cyg_server. Please be sure *** Info: that this password matches the password rules given on your system. *** Info: Entering no password will exit the configuration. *** Query: Please enter the password: ``` 9.这里是给ssh服务账户添加一个密码,后面好像不太用得到 10.如果需要要打开防火墙的tcp 22端口,可以通过windows的防火墙设置,后者使用命令。(我好像并没有走这一步) ``` netsh advfirewall firewall add rule dir=in action=allow localport=22 protocol=tcp name="Cygwin SSHD" ``` 11.执行```sc start sshd``` ####打开ssh客户端访问 创建一个windows用户git用作后面git服务器使用,并且设置一个安全的密码。然后在cygwin命令行执行```mkpasswd -l -u git >> /etc/passwd``` ####验证ssh密码登录 **接下来的内容都需要在客户端机器上操作**,可以是mac,windows,linux等任何。需要安装好git客户端(windows同样需要安装cygwin) 1.执行ssh git@server_addr ``` git@git-server's password: ``` 2.输入git账户的密码,即应该登录成功 ####创建gitolite管理员密钥 1.执行```ssh-keygen -f ~/.ssh/gitolite-admin``` ####安装gitolite 1.拷贝管理员密钥到服务器上 ``` scp ~/.ssh/gitolite-admin.pub git@gitserver:yourname.pub ``` 2.确保~/.ssh/authorized_keys为空或者不存在。安装gitolite。可参照最新的[gitolite说明文件](https://github.com/sitaramc/gitolite#gitolite-readme) ``` git clone git://github.com/sitaramc/gitolite mkdir -p $HOME/bin gitolite/install -to $HOME/bin ``` 3.设置管理员用户 ``` $HOME/bin/gitolite setup -pk yourname.pub ``` ####管理gitolite 设置完管理员gitolite就算是安装好了,接下来关闭ssh连接。从客户端配置gitolite 1.拉取gitolite-admin ``` git clone git@host:gitolite-admin ``` 2.添加repo,用户和权限通过更新conf/gitolite.conf和keydirs/文件夹(用户密钥.pub直接放在keydirs里面)。然后直接git push到服务器即可。具体配置可参见 [这里](http://gitolite.com/gitolite/basic-admin.html) ``` 'conf/gitolite.conf' repo gitolite-admin RW+ = yourname repo testing RW+ = @all ``` ####配置客户端 根据操作系统下载相应的git版本并安装,[https://git-scm.com/downloads](https://git-scm.com/downloads) > windows安装时候需要选择一系列的选项,有一个关于文件换行格式的最好选成pull使用as it be, push使用unix style。其他的使用默认就行了 安装完成后需要使用ssh-keygen来生成密钥, mac可以直接用命令行,windows可以用gitbash ``` $ ssh-keygen -f "~/.ssh/YourName" Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): ``` YourName是起的一个用户名字 passphrase是给这个key添加保护密码,可以设置也可直接return跳过 这个命令会在~/.ssh/下面生成两个文件,YourName和YourName.pub, YourName.pub作为公钥用来创建相应用户 同时最好配置ssh的config来适应多key的情况,创建或者编辑~/.ssh/config文件 ``` HOST git-server-host IdentityFile ~/.ssh/YourName User YourName ``` git-server-host即是git服务器的地址
0
Comments
Add Comment
Log in
Nick Name
Comment:
Add Comment Log in