Keyless public read-only access on gitolite


I was wondering if it was possible to configure gitolite to let anybody clone a repository without having to do the whole public key song and dance.

Obviously I don't want people to be able to change the repo without a key first.

Best Answer

  • There are two options for public Git access:

    1. Git protocol, handled by git daemon:

      git daemon --base-path /srv/git

      If you run git daemon with --base-path /srv/git on, then if you later try to pull git://, git daemon will interpret the path as /srv/git/hello.git.

      For multiple "vhosts", --interpolated-path /srv/git/%H/%D would map the same to /srv/git/

      The --user-path option gives "userdir"-like translation of git:// to /home/user/hello.git.

      You can run git daemon from xinetd, or as a background daemon using the --detach option (sudo -u nobody git daemon --detach <other options>).

    2. Smart HTTP, which requires a web server: instructions on Pro Git

      This is a bit more complicated to set up, but crosses proxies and firewalls more easily (which may be an advantage in certain environments).

      It is possible to push over HTTP too – make sure you don't accidentally enable that.

  • Related Question