系统环境:Ubuntu12.04
服务器上安装git+gitolite+gitweb
root@server: 为搭建git服务器终端,假设ID为 192.168.199.117 或域名为: http://www.radisson.tech:8081 root@adminGit: 为管理员终端, 假设ID为 192.168.199.119 root@client: 为客户终端, 假设ID为 192.168.199.35
建立git以及adminGit账户:
git用户存放Gerrit Sever以及Gitolite相关文件:
root@server: apt-get install git root@server: apt-get install gitolite root@server: sudo adduser git
创建管理员SSH-KEY&安装:
假设管理员使用使用的是另外一台PC生成,生成SSH-KEY(adminGit.pub)并将adminGit.pub上传到远端GIT服务器:
root@adminGit: ssh-keygen -t rsa -C "xxx@163.com" //用户目录的.ssh文件夹生产id_rsa & id_rsa.pub,注意要指定邮箱 root@adminGit: mv id_rsa.pub adminGit.pub //更名id_rsa.pub为adminGit@pub root@adminGit: scp ./adminGit.pub adminGit@192.168.199.xxx:adminGit.pub //.ssh目录执行,将ssh-key上传到GIT服务器
root@adminGit: git config --global user.name "adminGit"
root@adminGit: git config --global user.email "adminGit@xxx.com"
通过SSH-KEY认证的用户,在用户目录的“~/.gitconfig”记录了配置信息。
GIT服务器端(git用户)安装管理员SSH-KEY:
root@server: cp -f /home/git/adminGit.pub ./ //管理员的ssh-key root@server: gl-setup ./adminGit.pub //gitolite安装管理员权限
//输出如下:
creating gitolite-admin...
Initialized empty Git repository in /home/git/repositories/gitolite-admin.git/
creating testing...
Initialized empty Git repository in /home/git/repositories/testing.git/
[master (root-commit) b2f63aa] start
2 files changed, 6 insertions(+)
create mode 100644 conf/gitolite.conf
create mode 100644 keydir/adminGit.pub
git HOME目录如下:
注意“.gitolite”&“repositories”目录,“.gitolite”是做GIT服务器权限配置(SSH-KEY/仓库/用户权限配置),一般不直接修改。
如果做权限配置,需要管理员adminGit用户先检出“/home/git/repositories/gitolite-admin.git”仓库,修改仓库的权限并提交后,git服务器端“/home/git/.gitolite”目录权限文件会跟随同步修改。
-rw------- 1 git git 590 Nov 22 22:26 .bash_history -rw-r--r-- 1 git git 220 Nov 20 19:31 .bash_logout -rw-r--r-- 1 git git 3486 Nov 20 19:31 .bashrc drwx------ 2 git git 4096 Nov 20 19:33 .cache/ drwx------ 8 git git 4096 Dec 4 01:17 .gitolite/ -rw-r--r-- 1 git git 4217 Dec 4 01:17 .gitolite.rc -rw-r--r-- 1 git git 675 Nov 20 19:31 .profile drwx------ 5 git git 4096 Dec 4 03:43 repositories/ drwx------ 2 git git 4096 Dec 4 03:43 .ssh/ -rw------- 1 git git 4976 Dec 4 04:06 .viminfo
权限修改Gitolite方式:
1、管理员客户端检出GIT服务器端管理权限代码,用于管理gitolite&添加用户:
root@adminGit: git clone git@192.168.199.117:gitolite-admin.git //检出
2、添加新用户:
管理员添加新用户步骤(test1用户):
//将新用户test1的公钥复制到管理员端检出库gitolite-admin/keydir目录 root@adminGit: git add keydir //执行 git add 命令,将公钥添加入版本库 root@adminGit: git status root@adminGit: git commit -m “add user: xxx” //执行 git commit,完成提交 root@adminGit git push //执行 git push,同步到服务器,才真正完成新用户的添加
此时GIT服务器端添加的内容如下:
root@server: vim /home/git/.ssh/authorized_keys
# gitolite start command="/usr/share/gitolite/gl-auth-command adminGit",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLVlymtEwqHEQ6g4f7BZYumnAknNsRp+j0yD6Z9cIrs14CDozZVB60PiZgrNP+copeqo9eE6zqUiAsnpESmm4DkvUPGDzIKU3j60kmPuB6rzaVoR3hguDKWp8lOzQ1wBSjOq+eK840TH1qVoutCQ2E2KeatmcK/xPpTf4q2PExjqRajpj98BZ4Qgw5YDi8uRXklbkqMv9V7uy3kTMow06VFtjZEuZpsaCaJKoQEMUhvqO2qoCkvWo43xqdS/mKCMqRlB0cFwWFyox/Er/IK/muovK5/V/gdRIQyjjf97bahNAOuRg6LHgVZlKCFkaVB9h024XHG+tDzjs/VVR3UkLZ adminGit@shkk command="/usr/share/gitolite/gl-auth-command test1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrwht4SPGcYv7nxioVDAaHnApSb1L5TNlXY9Nni+Hv9g0Bn095rRKMMHecr+IIuFQaOyuCjNdJysYDaClsPL3eA4DffZOIfanEX7ANA0CL3vPvu7Vl//vuc6waP3JXBxTspqVUIl63aShHK/FwALdIRplqKqJ4tZiayJ/ugMnwvmpqJCmK8+n1xodcHIWaEQHSB5S6yyxlV7FwDJQ7pAFIFVu6l5yLB1R9nCw0+iRBxoLK9S+BGd3nzEbvX6BRZakIfoSa77Z5zy4JpoHB+A34xXw/pQyoZI6zVy0J3lYT2E/PZ1ihoChxfNSj/UVmynovc7zwtGy3h0q3NIcdlnS9 test1@ubuntu # gitolite end
/home/git/.gitolite/keydir 增加了“test1.pub”文件
完成用户添加。
3、远程建仓gittest.git&配置test1用户权限:
root@adminGit: vim ./gitolite-admin/conf //管理员客户端,远程建仓,及仓库用户权限修改 repo gitolite-admin RW+ = adminGit repo repo/gittest RW+ = test1 repo testing RW+ = @all root@adminGit: git add ./conf/ root@adminGit: git commit -m "create remote repository & setting test1 user" root@adminGit: git push //输出信息如下: Counting objects: 7, done. Delta compression using up to 16 threads. Compressing objects: 100% (3/3), done. Writing objects: 100% (4/4), 391 bytes, done. Total 4 (delta 0), reused 0 (delta 0) remote: creating repo/gittest... remote: Initialized empty Git repository in /home/git/repositories/repo/gittest.git/ To git@192.168.199.117:gitolite-admin.git f9bbaa4..90ba89d master -> master
管理员提交后,GIT服务器端会在相应目录远程建仓(/home/git/repositories/repo/gittest.git/)& 添加test1用户对于gittest1.git仓库的权限。
4、用户test1客户端测试检出gittest.git仓库:
root@client: git clone git@192.168.199.117:repo/gittest.git //检出成功,输出如下: Cloning into 'gittest'... warning: You appear to have cloned an empty repository.
安装Gerrit:
root@server: java -jar gerrit-2.10.war init -d ./gerritSever/ *** Gerrit Code Review 2.10 *** Create '/home/git/gerritSever' [Y/n]? *** Git Repositories *** Location of Git repositories [git]: /home/git/repo *** SQL Database *** Database server type [h2]: *** Index *** Type [LUCENE/?]: *** User Authentication *** Authentication method [OPENID/?]: http Get username from custom HTTP header [y/N]? SSO logout URL : *** Review Labels *** Install Verified label [y/N]? *** Email Delivery *** SMTP server hostname [localhost]: SMTP server port [(default)]: SMTP encryption [NONE/?]: SMTP username : *** Container Process *** Run as [git]: Java runtime [/usr/lib/jvm/java-7-openjdk-i386/jre]: Copy gerrit-2.10.war to /home/git/./gerritSever/bin/gerrit.war [Y/n]? Copying gerrit-2.10.war to /home/git/./gerritSever/bin/gerrit.war *** SSH Daemon *** Listen on address [*]: Listen on port [29418]: Gerrit Code Review is not shipped with Bouncy Castle Crypto SSL v149 If available, Gerrit can take advantage of features in the library, but will also function without it. Download and install it now [Y/n]? Downloading http://www.bouncycastle.org/download/bcpkix-jdk15on-149.jar ... !! FAIL !! error: http://www.bouncycastle.org/download/bcpkix-jdk15on-149.jar: 302 Found Please download: http://www.bouncycastle.org/download/bcpkix-jdk15on-149.jar and save as: /home/git/./gerritSever/lib/bcpkix-jdk15on-149.jar Press enter to continue Continue without this library [Y/n]? Generating SSH host key ... rsa(simple)... done *** HTTP Daemon *** Behind reverse proxy [y/N]? y Proxy uses SSL (https://) [y/N]? n Subdirectory on proxy server [/]: Listen on address [*]: Listen on port [8081]: Canonical URL [http://ubuntu/]: http://192.168.199.117:8081/ #或者填写正确的外网域名:http://www.xxx.com:8081 *** Plugins *** Install plugin commit-message-length-validator version v2.10 [y/N]? Install plugin download-commands version v2.10 [y/N]? Install plugin replication version v2.10 [y/N]? Install plugin reviewnotes version v2.10 [y/N]? Install plugin singleusergroup version v2.10 [y/N]? Initialized /home/git/gerritSever Executing /home/git/./gerritSever/bin/gerrit.sh start Starting Gerrit Code Review: OK Waiting for server on 192.168.199.117:8081 ... OK Opening http://192.168.199.117:8081/#/admin/projects/ ...FAILED Open Gerrit with a JavaScript capable browser: http://192.168.199.117:8081/#/admin/projects/ git@ubuntu:~$
配置Gerrit服务器:/home/git/gerritSever/etc/gerrit.config
root@server: vim /home/git/gerritSever/etc/gerrit.config
[gerrit] basePath = /home/git/repo canonicalWebUrl = http://192.168.199.117:8081/ #外网域名 http://www.xxx.com:8081 [database] type = h2 database = db/ReviewDB [index] type = LUCENE [auth] type = HTTP [sendemail] smtpServer = localhost [container] user = git javaHome = /usr/lib/jvm/java-7-openjdk-i386/jre [sshd] listenAddress = *:29418 [httpd] listenUrl = proxy-http://*:8091/ [cache] directory = cache
此处注意:由于apache2监听的端口与反向代理链接的Gerrit端口是同一台服务器,所以端口不能设置为一致:
这里设置apache2监听的端口为:8081,转接到Gerrit的端口为8091,即所有http://192.168.199.117:8081/收到的信息,都会反向代理到GerritServer:http://127.0.0.1:8091/
反向代理Apache2配置:
1、配置监听端口:
root@server: vim /etc/apache2/ports.conf NameVirtualHost *:80 NameVirtualHost *:8081 Listen 80 Listen 8081
2、配置反向代理:
root@server: cd /etc/apache2/sites-available/ root@server: touch gitProxy //启用目录&建立软链接 root@server: cd /etc/apache2/sites-enabled/ root@server: sudo ln -s ../sites-available/gitProxy gitProxy
gitProxy配置如下:
<VirtualHost *:8081> #Apache2监听的端口 ServerName 192.168.199.117 #Apache2Sever IP ProxyRequests Off #正向代理为OFF,即为反向代理 ProxyVia Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> <Location "/login/"> AuthType Basic AuthName "Gerrit Code Review" Require valid-user AuthUserFile /home/git/gerritSever/passwords #web认证的用户名&密码 </Location> AllowEncodedSlashes On ProxyPass / http://127.0.0.1:8091/ nocanon #反向代理的GerritServer IP </VirtualHost>
3、需要WEB访问的话,使用htpasswd,htpasswd命令是Apache的Web服务器内置工具,用于创建和更新储存用户名、域和用户基本认证的密码文件。
root@server: cd /home/git/gerritSever root@server: touch passwords root@server: htpasswd -b passwords git 密码 //增加一个WEB认证的用户名和密码
4、配置“httpd.conf”
root@server: sudo vim /etc/apache2/httpd.conf //添加如下 ServerName localhost
5、开启反向代理
root@server$ cd /etc/apache2/mods-enabled
root@server$ sudo ln -s ../mods-available/proxy.load root@server$ sudo ln -s ../mods-available/proxy.conf root@server$ sudo ln -s ../mods-available/proxy_http.load root@server$ sudo ln -s ../mods-available/proxy_balancer.conf root@server$ sudo ln -s ../mods-available/proxy_balancer.load root@server$ sudo ln -s ../mods-available/rewrite.load root@server$ sudo ln -s ../mods-available/ssl.conf root@server$ sudo ln -s ../mods-available/ssl.load root@server$ sudo /etc/init.d/apache2 restart
6、验证反向代理,IE浏览器:http://192.168.199.117:8081/
这里要使用htpasswd认证的用户名和密码登陆。
安装GitWeb:
root@server: sudo apt-get install gitweb
//重启Aapache2&Gerrit服务器 root@server: sudo service apache2 root@server: /home/git/gerritSever/bin/gerrit.sh restart
REPO工具集安装:
$ git clone http://gerrit.googlesource.com/git-repo git-repo.git //或者 $ git clone http://review.mfunz.com/git-repo git-repo.git $ vim git-repo.git/repo REPO_URL = 'ssh://192.168.199.119:29418/git-repo' REPO_REV = 'master' $ cp -f ./git-repo.git/repo /bin //注意:repo的REPO_VER为git-repo仓库的分支 //git-repo建仓 ssh -p 29418 git@192.168.199.119 gerrit create-project -n git-repo rm -rf .git git init git add ./ git commit -m "git-repo" git push ssh://git@192.168.199.119:29418/git-repo HEAD:refs/heads/master git clone ssh://git@192.168.199.119:29418/git-repo git tag -a -m "master" master git push origin –tags
配置项目:
环境搭建完成后,开始配置具体项目。
1、增加一个该项目的权限组,编辑该权限组的权限:
git clone ssh://git@192.168.199.119:29418/All-Projects //先拉一份All-Projects下来 mv All-Projects All-3553 //将All-Projects 改名为 All-3553 rm -rf .git //删除原来的.git仓库 ssh -p 29418 git@192.168.199.119 gerrit create-project -n All-3553 //新建远程仓库All-3553 //在All-3553根目录下: git init git add ./ git commit -m "init All-3553" git push ssh://git@192.168.199.119:29418/All-3553 HEAD:refs/heads/master //将本地内容推送到远程仓库All-3553
2、为各账号配置权限
其中,需要做代码审核的,必须提交到:refs/for/dev
例如:git push origin dev:refs/for/dev
3、创建manifests仓库,并建立dev分支
ssh -p 29418 git@192.168.199.119 gerrit create-project -n msd3553/manifests //新建manifests的目录,拷贝default.xml拷贝进来: git init git add ./ git commit -m "init manifests" git push ssh://git@192.168.199.119:29418/msd3553/manifests HEAD:refs/heads/master git clone ssh://git@192.168.199.119:29418/chakra3/manifests //克隆&建dev分支 git checkout -b dev vim default.xml //revision为master git add ./default.xml git push ssh://git@192.168.199.119:29418/chakra3/manifests HEAD:refs/heads/dev
4、根据清单文件批量建仓
#!/bin/bash SERVER_IP="192.168.199.119" SERVER_PORT="29418" REMOTE_FETCH="ssh://${SERVER_IP}:${SERVER_PORT}/" REMOTE_REVIEW="http://${SERVER_IP}" PROJECT_NAME="testGit" BRANCH="dev" SRC_SOURCE=`pwd` #根据目录下的.git创建project.list #删除目录下的.git&.gitignore #在空目录下创建.gitkeep,避免建仓时空目录不能提交 function createProjectList(){ find ./ -name ".git" > project.list sed -ri "s/^..(.*)..git$/\1/" project.list find ./ -name ".git" | xargs rm -rf {} find ./ -name ".gitignore" | xargs rm -rf {} touch .gitkeep find ./ -type d -empty | xargs -i cp ./.gitkeep {} rm -f ./.gitkeep } #创建manifests.xml清单文件 function createManifestsXml(){ echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > manifest.xml echo "<manifest>" >> manifest.xml echo " <remote fetch=\"${REMOTE_FETCH}\" name=\"origin\" review=\"${REMOTE_REVIEW}\"/>" >> manifest.xml echo " <default remote=\"origin\" revision=\"${BRANCH}\" sync-j=\"4\" sync-c=\"true\"/>" >> manifest.xml echo "" >> manifest.xml GIT_PROJECTS=`cat project.list | xargs` for git_path in ${GIT_PROJECTS} do if [ ${git_path} == "build" ] then echo " <project name=\"${PROJECT_NAME}/${git_path}\" path=\"${git_path}\" >" >> manifest.xml echo " <copyfile dest=\"Makefile\" src=\"core/root.mk\"/>" >> manifest.xml echo " </project>" >> manifest.xml elif [ ${git_path} == "vendor/intel/support" ] then echo " <project name=\"${PROJECT_NAME}/${git_path}\" path=\"${git_path}\" >" >> manifest.xml echo " <copyfile dest=\"device/intel/Android.mk\" src=\"x86_only_Android.mk\"/>" >> manifest.xml echo " <copyfile dest=\"platform/vendor/intel/Android.mk\" src=\"x86_only_Android.mk\"/>" >> manifest.xml echo " </project>" >> manifest.xml else echo " <project path=\"${git_path}\" name=\"${git_path}\" />" >> manifest.xml fi done echo "" >> manifest.xml echo "</manifest>" >> manifest.xml } #远程建仓并提交SRC function createRepo() { GIT_PROJECTS=`cat project.list | xargs` for repoName in ${GIT_PROJECTS} do #批量建仓 echo "Init Empty Repo:${PROJECT_NAME}/${repoName}" ssh -p $SERVER_PORT git@$SERVER_IP gerrit create-project -n ${PROJECT_NAME}/${repoName} done while read git_name do if [ -d ${SRC_SOURCE}/${git_name} ] then echo "${SRC_SOURCE}/${git_name}" cd ${SRC_SOURCE}/${git_name} git init git add ./ git commit -m "Init Repo" git push ssh://git@${SERVER_IP}:${SERVER_PORT}/${PROJECT_NAME}/${git_name} HEAD:refs/heads/master fi done < project.list } createProjectList createManifestsXml createRepo
5、repo pull 远程代码:注意:参数--no-repo-verify为不验证签名
repo init -u ssh://git@192.168.199.119:29418/msd3553/manifests.git --no-repo-verify
检查manifests的revision为master,先检出master分支:
$ vim .repo/manifest.xml <?xml version="1.0" encoding="UTF-8"?> <manifest> <remote name="origin" fetch="ssh://192.168.199.119:29418/msd3553" review="http://192.168.199.119:8089/" /> <default revision="master" remote="origin" sync-j="4" sync-c="true" /> <project path="boot" name="boot" /> <project path="code" name="code" /> <project path="BUILD_RECORD" name="BUILD_RECORD" /> <project path="CUS_FILE" name="CUS_FILE" /> <project path="MSTAR_ORIGINAL" name="MSTAR_ORIGINAL" /> </manifest>
repo根据manifests同步代码,由于脚本批量建立了master分支,注意检查manifests的revision为master,否则repo sync会出错:
repo sync
6、根据manifests批量建立远程开发分支dev:
repo start dev --all //获取的远程master,在本地建立了dev分支 repo branch repo forall -p -c git push origin dev:dev //将本地仓库的dev分支提交为远程仓库的dev分支,一般要加上-p参数,打印出仓库的路径
7、介绍repo检出&检入:
1、要注意manifests文件:revision="master"/“dev”,需要检出的是哪一个分支,下面检出master:
repo init -u ssh://xxx@192.168.199.119:29418/msd3553/manifests.git --no-repo-verify repo sync //要在sync之前检查manifests repo start master --all //目前已获取到远程仓库分支为master,本地分支master的代码 repo branch
2、dev分支检出:
repo init -u ssh://xxx@192.168.199.119:29418/msd3553/manifests.git --no-repo-verify //注意:manifets需要修改检出账号 fetch="ssh://xxx@192.168.199.119:29418/msd3553" repo sync repo start dev --all //远程仓库分支为dev,本地分支为dev的代码 repo branch
3、检入:
$ git add ./xxx $ git commit -m "xxx" --no-verify $ git push origin dev:refs/for/dev
4、repo分支切换
$ cd .repo/manifests $ ls //查看xxx.xml文件 $ cd .. //回到上级目录 $ ln -s manifest.xml manifests/QK_CM298_EXER.xml //更换manifest.xml的软连接 $ cd .. $ repo sync //同步代码 $ repo start xxx--all//建立本地分支
$ repo checkout //切换分支
8、沙箱操作:
//创建sandbox分支 git push ssh://xxx@192.168.199.119:29418/msd3553/子仓库 HEAD:refs/heads/sandbox/个人账号/分支目录 //获取沙箱 git clone -b sandbox/个人账号/分支目录 ssh://xxx@192.168.199.119:29418/msd3553/字仓库
repo常用:
git status -->查看当前git仓的状态,是否有文件被更新、修改等 git log -->查看当前git仓的所有提交log repo sync . -->同步当前git仓,如果当前仓工作区的某个文件有未提交的修改,则以当 前文件为准,不会强制与服务器同步该文件。该命令与在工程根目录下执 行:repo sync + git仓路径 效果一样,注意 repo sync 后面带一个'.' git branch + 分支名称 -->新建一个本地分支 git branch -a -->查看所有分支,包括本地分支和远程分支,不加-a,只查看本地分支 git checkout + 本地分支名称 -->切换到某个本地分支上 git branch -D + 本地分支名称 -->删除某个本地分支 git add . -->提交当前git仓下的所有修改 git commit -am "修改记录" -->将修改提交至缓冲区,并为修改添加修改记录 repo upload . -->将修改提交至gerrit服务器评审
下载新分支
repo forall -c git checkout -b 本地分支名称(自定义) 服务器分支名称
切换到另一个分支
repo forall -c git checkout your_branch
注意事项:
1、因为第一个登陆gerrit的账号为管理员,所以必须要用git账号先登陆。登陆后,先把git的git.pub内容增加到ssh key中。在GitWeb登陆的个人账户中,要设置邮箱,WEB不能直接设置的话,要使用SSH终端进行设置。
如Git用户的邮箱设置:注意该邮箱要和用git建立该用户时登记的邮箱一致(可以查看该用户登陆目录的.gitconfig文件,不一致repo报错:“Enter passphrase for key '/home/kk/.ssh/id_rsa':”)
ssh -p 29418 192.168.199.119 gerrit set-account --add-email git@kitking.com git
2、多个客户端可以使用同一个“私钥”&“公钥”,即将公钥&私钥内容保持一致即可
使用时注意:私钥名字 “id_rsa”不能改变,公钥的名字可以改变。
3、终端登陆的名称&远端SSH名称要一致,否则报红色箭头错误。“Permission denied (publickey).”
即下面橙色标记处需要一致。
jiangzhaowei@ubuntu:~/ss$ repo init -u ssh://jiangzhaowei@192.168.199.119:29418/chakra3/manifests.git --no-repo-verify
4、代码的权限配置
41 git clone ssh://git@192.168.199.119:29418/All-Projects 43 mv All-Projects All-3553 45 cd All-3553/ 51 rm -rf .git/ 54 ssh -p 29418 git@192.168.199.119 gerrit create-project -n All-3553 56 git init 57 git add ./ 58 git commit -m "init 3553" 59 git push ssh://git@192.168.199.119:29418/All-3553 HEAD:refs/heads/master
5、查看配置参数:记录在 /etc/gitconfig以及~/.gitconfig以及.git/config文件都可以看到配置的定义。
命令行查看如下:
$ git config --list //配置信息如下: user.name=jiangzhaowei user.email=jiangzhaowei@kitking.com color.ui=auto core.repositoryformatversion=0 core.filemode=true remote.origin.url=ssh://192.168.199.119:29418/msd3553/code remote.origin.review=http://192.168.199.119:8089/ remote.origin.projectname=code remote.origin.fetch=+refs/heads/*:refs/remotes/origin/* branch.dev.remote=origin branch.dev.merge=dev
$ git remote -v
6、提交空格符的处理
$ git commit -m "modify file" ERROR: Your commit has trailing white space, please fix it. You can use the follow command to do the check. git diff --cached --check --no-ext-diff $ find ./ -regex ".*\.c|.*\.h" | xargs sed -ri 's/ +$//g' //迭代目录的源文件、头文件,处理空格结尾的行
7、文件权限检查
repo forall -c git config core.fileMode false git config --global core.fileMode false
安装相关软件
$
sudo
apt-get dist-upgrade
$
sudo
apt-get
install
mysql-client-5.5 mysql-server-5.5 git-core apache2.2-bin apache2.2-common apache2-utils
|
配置Mysql
$
sudo
apt-get
install
mysql-client-5.5 mysql-server-5.5
1.创建数据库表和帐户,必须执行下面命令进去mysql
#mysql -u root -p
2.在mysql中建立一个以项目名称命名的用户密码为secret(以project为例)
mysql>CREATE USER
'project'
@
'localhost'
IDENTIFIED BY
'secret'
;
注意:可能会有这个错误的:
mysql> CREATE USER
'project'
@
'localhost'
IDENTIFIED BY
'secret'
;
ERROR 1227 (42000): Access denied; you need (at least one of) the CREATE USER privilege(s)
for
this operation
是因为直接mysql登陆进去的,请用mysql -u root -p 登录!!!
3.在mysql中建立一个名为reviewdb_[项目名]库
mysql>CREATE DATABASE reviewdb_project;
4.将所有权限给刚才建立的新的库
mysql>GRANT ALL ON reviewdb_project.* TO
'project'
@
'localhost'
;
5.刷新权限表
mysql>FLUSH PRIVILEGES;
|
安装Gerrit
.创建一个以项目名称命名的新用户,以project为例(自己可以根据实际的项目名来命名)
$
sudo
adduser project
以新用户身份操作
$
sudo
su
- project
2.创建安装目录,以项目名命令。(建议直接拷贝使用其它项目的gerrit安装目录)
$
mkdir
-p review_site_project
3.下载gerrit
http:
//code
.google.com
/p/gerrit/
4.安装并配置初始化gerrit
java -jar gerrit-2.9.1.war init -d review_site_project/
Create
'/home/gerrit2/review-site'
[Y
/n
]?
*** Git Repositories
***
Location of Git repositories [git]:
*** SQL Database
***
Database server
type
[H2/?]:
*** User Authentication
***
Authentication method [OPENID/?]: HTTP
//
注意这个不要按回车跳过去了,否则不是HTTP认证,是需要用google的OPENID
Get username from custom HTTP header [y
/N
]? :
SSO
logout
URL :
*** Email Delivery
***
SMTP server
hostname
[localhost]: smtp.company.com
//
自己改成自己的邮箱smtp
SMTP server port [(default)]:
SMTP encryption [NONE/?]:
SMTP username [?]: yourname@company.com
//
自己改成自己的邮箱
yourname@xxxxx.com's password :
confirm password :
*** Container Process
***
Run as [project]:
Java runtime [
/usr/lib/jvm/java-6-sun-1
.6.0.24
/jre
]:
Copy gerrit.war to
/home/gerrit2/review-site/bin/gerrit
.war [Y
/n
]?
Copying gerrit.war to
/home/gerrit2/review-site/bin/gerrit
.war
*** SSH Daemon
***
Listen on address [*]:
Listen on port [29418]:
//
如果同一个用户下建多个gerrit,请不用都公用29418这个端口号
Gerrit Code Review is not shipped with Bouncy Castle Crypto v144
If available, Gerrit can take advantage of features
in
the library, but will also
function
without it.
Download and
install
it now [Y
/n
]?
Downloading http:
//www
.bouncycastle.org
/download/bcprov-jdk16-144
.jar ... OK
Checksum bcprov-jdk16-144.jar OK
Generating SSH host key ... rsa... dsa...
done
*** HTTP Daemon
***
Behind reverse proxy [y
/N
]? y
Proxy uses SSL (https:
//
) [y
/N
]? n
Subdirectory on proxy server [/]:
Listen on address [*]:
Listen on port [8081]:
//
切记,此端口号一定不要和apache2占用相同的端口号,
//
否则就会Starting Gerrit Code Review:Failed
Canonical URL [http:
//
*/]:http:
//1
.2.3.4:8080/
//
填自己的ip和端口号,勿完全抄
Initialized
/home/gerrit2/review-site
Executing
/home/gerrit2/review-site/bin/gerrit
.sh start
Starting Gerrit Code Review: OK
|
其他参考:
- 搭建最好在一个独立的用户上面,创建一个名为Gerrit的用户进行环境变量的配置;
- 安装Oracle JDK,如果已经安装请跳过,如果没有请自行安装,如果系统中已经安装OpenJDK请使用sudo update-alternatives --config 进行切换;
- 在Gerrit用户先面配置JAVA_HOME、 JRE_HOME、CLASSPATH、PATH的相关变量;
- 从官网下载:http://code.google.com/p/gerrit/
- 安装:java -jar gerrit_xxx.war init -d review_site
- 安装过程中这里的鉴权方式要用HTTP:Authentication method [OPENID/?]: HTTP //注意这个不要按回车跳过去了,否则不是HTTP认证,是需要用google的OPENID
- 代理 Behind reverse proxy [y/N]? y //使用反向代理的话必须选择y来配置,默认是N
- subdirectory on proxy server [/]: //可以选择直接跳过,那样你的gerrit最后的URL是http://10.1.42.85
- 建立一个代码存放的目录 mkdir /home/gerrit/GerritResource
到上面位置Gerrit的安装已经完成。然后进行Gerrit配置文件的修改:
- vim review_site/etc/gerrit.config
[gerrit]
basePath =
/home/gerrit/GerritResource
-->上面创建空目录
canonicalWebUrl = http:
//1
.2.3.4:8081/
[database]
type
= H2
database = db
/ReviewDB
[auth]
type
= HTTP
[sendemail]
enable
=
true
smtpServer =
smtpUser =
smtpPass =
from =
[container]
user = gerrit
javaHome =
/opt/jdk1
.7.0_38
/jre
[sshd]
listenAddress = *:29418
[httpd]
listenUrl = proxy-http:
//1
.2.3.4:8081/
[cache]
directory = cache
|
配置Apache
$
sudo
apt-get
install
apache2.2-bin apache2.2-common apache2-utils apache2-mpm-worker
1.创建编辑apache配置文件,添加如下内容(下面以Ubuntu系统为例请注意不同操作系统apache配置文件的区别)也可配置 apache2.conf httpd.conf,我们这里配置的是
/etc/apache2/sites-available/gerrit
$
sudo
vi
/etc/apache2/sites-available/gerrit
NameVirtualHost 1.2.3.4:80
//
填自己的ip和端口号,勿完全抄
//
填自己的ip和端口号,勿完全抄
ServerName 1.2.3.4
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
Order deny,allow
Allow from all
<</code>/Proxy
>
/login/
>
AuthType Basic
AuthName
"Gerrit Code Review"
Require valid-user
AuthUserFile
/etc/apache2/passwords
//
指定http登录认证的的paassword文件所在位置,放哪都行,根据后来
//sudo
htpasswd -cb
/etc/apache2/passwords
gerrit1 gerrit1
<</code>/Location
>
AllowEncodedSlashes On
ProxyPass / http:
//127
.0.0.1:8081/
ProxyPassReverse / http:
//127
.0.0.1:8081/
<</code>/VirtualHost
>
保存退出
$
cd
/etc/apache2/sites-enabled/
$
sudo
ln
..
/sites-available/gerrit
.
2.创建
passwd
文件,添加gerrit登录用户,-c参数为创建,仅限第一次添加用户时使用
$
sudo
htpasswd -cb
/etc/apache2/passwords
scm scm
3.继续配置apache2
$
sudo
vi
/etc/apache2/http
.conf
//
在文件中加入以下内容
ServerName localhost
$
cd
/etc/apache2/mods-enabled
$
sudo
ln
-s
/etc/apache2/mods-available/proxy
.conf proxy.conf
$
sudo
ln
-s
/etc/apache2/mods-available/proxy
.load proxy.load
$
sudo
ln
-s
/etc/apache2/mods-available/proxy_http
.load proxy_http.load
/etc/apache2
$
sudo
vi
ports.conf
NameVirtualHost *:80
Listen 80
Listen 8080
//
不要给gerrit!
Listen 8000
//
不要给gerrit!
添加apache2的tcp端口号,切记不要把gerrit的,即Listen on port [8081]: 不要输入上面配置给apache2的端口号,新手切记!!!
否则gerrit 起不来的
搭建多个gerrit 时Listen on port [8081]:可以用8082 8083 8084 等
|
其他参考:
创建httpd.conf文件(当然,需要root权限的),录入以下内容:
ServerName localhost
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
Order deny,allow
Allow from all
<</code>/Proxy
>
/login/
>
AuthType Basic
AuthName
"Gerrit Code Review"
AuthBasicProvider
file
AuthUserFile
/home/username/review_site/etc/passwords
Require valid-user
<</code>/Location
>
ProxyPass / http:
//1
.2.3.4:8081/
<</code>/VirtualHost
>
|
这个配置文件的意思是,当访问任意(*)时,进行代理,代理到/login/目录,并根据AuthUserFile请求用户名及密码,最终代理为http://1.2.3.4:8081/
这里有两个重点需要说一下:
- 关于review_site/etc/passwords
- 打开终端,进入review_site/etc目录下,执行:
- $: touch passwords
- $: htpasswd passwords gerrit
- 会请求你输入此用户(gerrit)的密码,确认无误后将相关信息写入passwords文件中。这个用户名及密码就是你稍后访问本地搭建的gerrit服务器所需要的。
- ProxyPass / http://10.1.42.85:8081/
- 自此应与gerrit.config中字段[httpd]的配置对应相同。
配置完后,保存该文件。打开apache2.conf
Include httpd.conf
通过ln -s 命令将proxy.conf proxy.load proxy_http.load从available中link到enable中即可。
启动服务
1.启动apache
sudo
/etc/init
.d
/apache2
restart
2.启动gerrit服务
$review_site_project
/bin/gerrit
.sh start
|
登录Gerrit
在浏览器地址栏中输入http:
//1
.2.3.4:8080/
在显示的登录框中输入用户名/密码,
即之前配置passwords
$
sudo
htpasswd -cb
/etc/apache2/passwords
gerrit1 gerrit1
Note: 请注意第一个登入的用户,Gerrit会自动将其定义为管理员
|
Gerrit 配置及建库流程
建库
1.创建只用于权限管理的库,可以使用如下命令(请注意端口号以实际为准)
ssh
-p 29418 scm@1.2.3.4 gerrit create-project -p All-Projects -n project --empty-commit --permissions-only
2.创建代码库,以manifest为例命令如下:
ssh
-p 29418 scm@1.2.3.4 gerrit create-project -p project -n project
/manifest
--empty-commit
批量建库,可以通过整理库列表,使用如下脚本来完成
for
i
in
`
cat
project-list`;
do
ssh
-p 29418 scm@1.2.3.4 gerrit create-project -p project -n projec
|
411
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
