Thomas Koch <thomas@xxxxxxx> writes: > Am Tuesday 25 November 2008 19:38:02 schrieb Daniel Barkalow: > > On Mon, 24 Nov 2008, Gary Yang wrote: > > > Do I have to create two git servers? One is for public to download the > > > released code. For example: gitpub.mycompany.com:/pub/linux/kernel. > > > > The public can't generally use this URL, because it's an ssh URL, and they > > won't be able to connect with ssh. They can only really use > > git://gitpub.mycompany.com/pub/linux/kernel or something similar. > > > > The normal pattern is to have R/W access with ssh and anonymous read > > access via git://...; you can then have multiple repositories on the same > > host, with the git server only serving the public one. All of them will be > > accessible to the ssh methods (restricted by the user's UNIX permissions > > on the files in those directories). To control access via SSH protocol (which can be used both for fetching and for pushing), you can either configure accounts and user/groups permissions on repository directories, or you can use external tool like ssh_acl or Gitosis. To control access via HTTP you can employ authorization and authentication from your web server; for push this would be matter of setting up WebDAV. To control access via anonymous git:// protocol, you can use whitelist and blacklist mechanism built in git-daemon; by default only repositories with git-daemon-export-ok in them (in .git) are exported, if I understand correctly. Additionally, if protocol is authenticated you can use hooks mechanism like example contrib/hooks/update-paranoid to restrict access (and with finer granularity too). > Do you now of a way to show public repos with gitweb to the public and > private repos to the staff with the same gitweb installation? You can quite simply restrict access to some directories/repositories, or the fact that they are listed in list of all projects for _all_ clients quite easily (see description of GITWEB_EXPORT_OK in gitweb/README and gitweb/INSTALL). If you have something more fancy, check out newest gitweb and take a look at gitweb/INSTALL: you can now, thanks to commit dd7f5f1 by Alexander Gavrilov, see http://permalink.gmane.org/gmane.comp.version-control.git/99962 HTH -- Jakub Narebski Poland ShadeHawk on #git -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
