Essence: There is a machine with multiple users. You need to create a GIT repository for these users who would be on the same machine (even on the same disk).
The option to use the local protocol does not suit, because I see two similar development options:
- if you solve RWC * all users to the repository, then users can change the repository itself (I do not mean by Push, but direct access);
- If you create a separate user and only he had the right RWC repository, then he would also need to give the rights to RWC Home-Series, and this is also fraught.
If I’m wrong here – please fix it 🙂
SSH access to the repository seems to me the most protected in this regard, because And the user from the server, and local users cannot harm anyone. However, I do not know if it is possible to organize access to the local folder via SSH. In Google, did not find anything on this issue.
* RWC – read-write-modification
Answer 1, Authority 100%
In addition to the already listed huge programs Gitea and Gogs , it is worth mentioning and minimalistic gitolite (in contrast to those mentioned, it is opacited in many distributions, for example , Debian GNU / Linux under the name gitolite3 ).
But for “internal crashing”, if you do not need to distinguish access to storage facilities, you can do and in general without installing additional programs (the OpenSSH server should be considered as the default one).
Create a user. For example,
TIG(Home Catalog – Default –
/ Home / Tig, Password for your taste):
$ sudo adduser tig
This is for the distribution Debian GNU / Linux and “heirs.” In your distribution, the user creation procedure may differ. See Distribution documentation.
On behalf of this user, create Bare storage :
$ sudo -u tig git init --bare / home / tig / repo1
~ / .sshdirectory for this user and file
authorized_keysin it (with appropriate access rights and accessories):
$ sudo -u tig mkdir /home/tig/.ssh $ sudo -u tig touch /home/tig/.ssh/authorized_keys $ sudo chmod -r go = /home/tig/.sssh
Add a new developer key to the created file, only at the beginning of the line with the key insert such a text:
command = "read cro & lt; & lt; (echo \" $ ssh_original_command \ "); case $ c in git-upload -Pack | Git-Receive-Pack) EVAL $ C $ R ;; *) EXIT 1 ;; ESAC "
At the end of this line, there must be a space that the full key of the key looked like this (the key and the contents of the key I replaced with dots for visibility):
command = "..." ssh-rsa ...
In the form of a single-handler (do not forget to substitute the actual path and file name with the added public key):
$ (printf 'command = "read cro & lt; & lt; (echo \\" $ ssh_original_command \\ "); Case $ C in Git-Upload-Pack | Git-Receive-Pack) EVAL $ C $ R ;; *) EXIT 1 ;; ESAC ""; CAT file.s.pboblich. Welcome) | Sudo tee -a /home/tig/.ssh/authorized_keys
What is this
Command =? And this is this Street magic of the OpenSSh program . See the documentation for details.
Actually, now everything. You can clone the created repository, perform Push and Pull (on behalf of the user who owns the secret part of the key):
$ git clone tig @ localhost: repo1
It is clear that if the command is performed on another computer, instead of
Localhost you have to substitute the name / IP address of that computer, where you created the user
To create a new storage, repeat the step two, specifying a new catalog name.
To add a new key, repeat step four.
Answer 2, Authority 100%
Look at gitea or GOGS . Minimum effort and you will have a server that will solve 99% of tasks for a small company. These servers can be deployed even on a local machine or on the next Raspberry PI. On Linux server, everything rises quickly and easily (especially in Docter). Gives good administration and management opportunities.
But if you really want, you can turn off the full Gitlab. But this is a bust.