This plugin aims to provide extensive features for managing Git repositories within OpenProject. Forked from jbox-web's version of the long-lived and often-forked redmine-git_hosting plugin (formerly redmine-gitosis).
As OpenProject has diverted quite a bit in terms of project management (e.g., Redmine allows multiple repositories per project), some features have been removed in the fork.
Disclaimer: This fork is still in progress. While some things work, it is by no means stable - Features may change anytime.
- Depends on Gitolite (v2/v3)
- Acts as a wrapper to the gitolite-admin to feed Gitolite with SSH keys, repository information
- Employs libgit2/rugged through gitolite-rugged.
- Employs grack through gitlab-grack.
SSH Public-Key Management (Gitolite)
✓ Multiple keys per user
Gitolite Repository Management
✓ Managing repositories with Gitolite upon creation, update/deletion (async w/ delayed_jobs)
✓ Members/Roles access written to Gitolite
✓ SSH-based access (through Gitolite)
✓ Post-Receive Hooks
✓ Repository Mirrors
✓ Deployment Credentials
✓ Git Config Keys
✓ Git Smart-HTTP (access through HTTP/HTTPS in OpenProject)
Planned/Forked, but non-functional/non-tested features
- Initialize Repositories with Readme
Stripped/Changed features from jbox-web's version
- Sidekiq (OpenProject uses delayed_jobs instead)
- SELinux (unfamiliar, can't provide a good fork)
- GitHub features (Issues), should be separate plugin
- Git access cache (belongs in the core)
- Repository Recycle bin after deletion (Just use your filesystem backups)
- Notifications/Mailing lists
0. (Preliminary) Setup Gitolite v2/v3
I'm assuming you have some basic knowledge of Gitolite and:
- have built libgit2/rugged WITH SSH Transport support (see libgit2/rugged#299). This requires
libssh2-devto be installed on your system. - are in possession of a SSH key pair set up for use with Gitolite.
- have successfully cloned the gitolite-admin.git repository from the user running OpenProject as follows:
git clone git@localhost:gitolite-admin /home/openproject/gitolite-admin.git
You must now add a few manual changes to the Gitolite setup for this plugin to work. These changes are crucial:
0.a. Add include 'openproject.conf' to Gitolite
OpenProject uses a separate Gitolite config file to declare repositories. This allows you to define your own stuff in <gitolite-admin.git>/conf/gitolite.conf and allows OpenProject to override its own configuration at all times.
Thus, you need to add the following line to conf/gitolite.conf under the gitolite-admin.git repository:
include 'openproject.conf'
The openproject.conf is created and updated from this plugin and contains all projects with Git repositories later defined within OpenProject. Thus, the <gitolite-admin.git>/conf/ folder will contain two files:
gitolite.conf: If you want to manually add projects outside the scope of OpenProject to Gitolite, define them here.openproject.conf: Contains all projects defined from OpenProject, is generated automatically. (Non-existent until this plugin creates it)
0.b. Change .gitolite.rc configuration
We need to adjust a few things in the <git home>/.gitolite.rc configuration file.
OpenProject identifies project identifiers in Gitolite through Git config keys, thus you need to alter the .gitolite.rc (In the git user's $HOME) to allow that:
a. As the git user, open $HOME/.gitolite.rc
b. Change the configuration GIT_CONFIG_KEYS to '.*',
c. Change the configuration for UMASK to 0007, to add group rwx permissions
d. Change local code directory LOCAL_CODE to "$ENV{HOME}/local" in Gitolite 3
e. Save the changes
0.c. Change Gitolite .profile file
As the git user, add this in <git home>/.profile
# set PATH so it includes user private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$PATH:$HOME/bin"
fi
0.d. Configure sudo
As root create the file /etc/sudoers.d/openproject and put this content in it:
Defaults:openproject !requiretty
openproject ALL=(git) NOPASSWD:ALL
where openproject is the user running OpenProject and git the user running Gitolite. Then chmod the file:
chmod 440 /etc/sudoers.d/openproject
0.e. Install Ruby interpreter for post-receive hooks
Our post-receive hook is triggered after each commit and is used to fetch changesets in OpenProject. As it is written in Ruby, you need to install Ruby on your server. Note that this does not conflict with RVM. Ruby 1.9.3 at least is required for the hooks as well as Ruby germ json.
sudo apt-get install ruby
Add a Gemfile.plugins to your OpenProject root with the following contents:
gem 'gitlab-grack', git: 'https://github.com/jbox-web/grack.git', require: 'grack', branch: 'fix_gemfile'
gem 'redcarpet', '> 3.3.2'
gem "openproject-gitolite", git: "https://github.com/oliverguenther/openproject-gitolite.git", branch: "release/6.1"
Ensure the user running OpenProject can read and write to the Gitolite repositories directory. This is required for two reasons:
- Read the Git tree for browsing the repository
- Remove deleted repositories (Gitolite doesn't remove them)
We have already changed the configuration file gitolite.rc to set future permissions on repositories to 0770.
To set the permissions of the existing repositories folder:
chmod -R 770 <git home>/repositories
Next, add OpenProject to the git group (assuming your Gitolite user is git and your OpenProject user is openproject) to allow OpenProject to access the repositories.
addgroup openproject git
Make sure you can access the repositories from openproject:
su - openproject
ls -l <git home>/repositories
Make sure you can ssh into Gitolite from the openproject user. If you run the following command, the output below (or similar for Gitolite 2) should appear. If it does not, this is a Gitolite configuration error.
openproject$ ssh -i <gitolite-admin SSH key> git@localhost info
hello openproject, this is git@dev running gitolite3 v3.x-x on git x.x.x
R W gitolite-admin
R W testing
4.a. OpenProject gzip/deflate (OpenProject 6.1.x)
We need to adjust Rack::Deflater in the <openproject home>/config/application.rb configuration file to prevent conflicts with SmartHTTP. Change the following lines (85-92):
config.middleware.insert_before Rack::ETag,
Rack::Deflater,
if: lambda { |_env, _code, headers, _body|
# Firefox fails to properly decode gzip attachments
# We thus avoid deflating if sending gzip already.
content_type = headers['Content-Type']
content_type != 'application/x-gzip'
}
with
config.middleware.insert_before Rack::ETag,
Rack::Deflater,
if: lambda { |_env, _code, headers, _body|
# Firefox fails to properly decode gzip attachments
# We thus avoid deflating if sending gzip already.
content_type = headers['Content-Type']
truncated_content_type = truncate(content_type, length: 18, omission: '')
content_type != 'application/x-gzip' && truncated_content_type != 'application/x-git-'
}
then restart the OpenProject server:
touch ~/openproject/tmp/restart.txt
4.b. Plugin settings
Run OpenProject, go to Administration > Plugins > gitolite (click on configure)
Alter you configuration for Gitolite (Gitolite path, gitolite-admin.git path, etc.) accordingly and click save. Do not forget to go through all tabs of the configuration.
Install Gitolite hooks (click on 'Install hooks !' on tab Hooks), required by Post-receive URLs and Repository mirrors. They will be installed in the path indicated by 'Gitolite non-core hooks directory' on tab Storage (local/ in Gitolite 3 as previously configured indicted in .gitolite.rc).
Set the proper permissions per role to gain access to the different features provided by gitolite.
This plugin optionally allows to use delayed_jobs to run interactions with gitolite-admin.git asynchronously.
If you activate that feature in the setting (c.f., 'Use delayed_job'): Start the worker using this command (change RAILS_ENV, if necessary) :
RAILS_ENV=production script/delayed_job start
See the documentation of delayed_job for further options.
Check that the output on the tab 'Config Test' looks good. Note that many of the settings are not yet functional, and some values on Config Test are thus irrelevant.
- Log in as admin, go to Administration > System settings > Repositories.
- Enable SCM Gitolite and disable Git (to manage all repositories through Gitolite).
- Configure Checkout instructions for Gitolite.
- Log in, go to My account (top right).
- Select 'Public keys' in the menu on the left.
- Add/Manage your public keys using the form.
- Create project.
- Go to repositories settings and select Gitolite + click create. This should automatically create the corresponding entry in the Gitolite configuration. A new submenu item will be displayed on the left to manage the Gitolite repository.
- Use Members to add a member to the project. If that user has a public key on record, the corresponding access rights will be written to Gitolite.
- Select 'Manage Gitolite repository' in the menu on the left, under 'Repository'.
- Add/manage deployment credentials.
- Add/manage post-receive URLs.
- Add/manage repository mirrors.
- Add/Manage Git config keys.
OpenProject gitolite is completely free and open source and released under the MIT License.
Copyright (c) 2014 Oliver Günther ([email protected])
This plugin bases on the Redmine Git Hosting plugin by Nicolas Rodriguez
Copyright (c) 2013-2014 Nicolas Rodriguez ([email protected]), JBox Web (http://www.jbox-web.com)
Copyright (c) 2011-2013 John Kubiatowicz ([email protected])
Copyright (c) 2010-2011 Eric Bishop ([email protected])
Copyright (c) 2009-2010 Jan Schulz-Hofen, Rocket Rentals GmbH (http://www.rocket-rentals.de)