X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/595d517e5293855690fdc65255648c32970dd31d..9416b3013a959ef51f12829023d12986a234e029:/doc/install/install-arv-git-httpd.html.textile.liquid
diff --git a/doc/install/install-arv-git-httpd.html.textile.liquid b/doc/install/install-arv-git-httpd.html.textile.liquid
index cd14ed340b..5e373c38b8 100644
--- a/doc/install/install-arv-git-httpd.html.textile.liquid
+++ b/doc/install/install-arv-git-httpd.html.textile.liquid
@@ -34,23 +34,10 @@ DNS and network configuration should be set up so port 443 reaches your HTTPS pr
h2. Generate an API token
-On the API server, if you are using RVM:
-
-
-gitserver:~$ cd /var/www/arvados-api/current
-gitserver:/var/www/arvados-api/current$ sudo -u www-data RAILS_ENV=production `which rvm-exec` default bundle exec ./script/create_superuser_token.rb
-zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
-
-
-
-If you are not using RVM:
-
-
-gitserver:~$ cd /var/www/arvados-api/current
-gitserver:/var/www/arvados-api/current$ sudo -u www-data RAILS_ENV=production bundle exec ./script/create_superuser_token.rb
-zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
-
-
+{% assign railshost = "gitserver" %}
+{% assign railscmd = "bundle exec ./script/create_superuser_token.rb" %}
+{% assign railsout = "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz" %}
+Use the following command to generate an API token. {% include 'install_rails_command' %}
Copy that token; you'll need it in a minute.
@@ -70,6 +57,8 @@ On Red Hat-based systems:
+{% include 'install_git' %}
+
h2. Create a "git" user and a storage directory
Gitolite and some additional scripts will be installed in @/var/lib/arvados/git@, which means hosted repository data will be stored in @/var/lib/arvados/git/repositories@. If you choose to install gitolite in a different location, make sure to update the @git_repositories_dir@ entry in your API server's @application.yml@ file accordingly: for example, if you install gitolite at @/data/gitolite@ then your @git_repositories_dir@ will be @/data/gitolite/repositories@.
@@ -100,14 +89,14 @@ git@gitserver:~$ rm .ssh/authorized_keys
h2. Install gitolite
-Check "https://github.com/sitaramc/gitolite/tags":https://github.com/sitaramc/gitolite/tags for the latest stable version. This guide was tested with @v3.6.3@. _Versions below 3.0 are missing some features needed by Arvados, and should not be used._
+Check "https://github.com/sitaramc/gitolite/tags":https://github.com/sitaramc/gitolite/tags for the latest stable version. This guide was tested with @v3.6.4@. _Versions below 3.0 are missing some features needed by Arvados, and should not be used._
Download and install the version you selected.
git@gitserver:~$ echo 'PATH=$HOME/bin:$PATH' >.profile
git@gitserver:~$ source .profile
-git@gitserver:~$ git clone --branch v3.6.3 git://github.com/sitaramc/gitolite
+git@gitserver:~$ git clone --branch v3.6.4 https://github.com/sitaramc/gitolite
...
Note: checking out '5d24ae666bfd2fa9093d67c840eb8d686992083f'.
...
@@ -165,6 +154,13 @@ Add the following lines inside the section that begins @%RC = (@:
+Inside that section, adjust the 'UMASK' setting to @022@, to ensure the API server has permission to read repositories:
+
+
+ UMASK => 022,
+
+
+
Uncomment the 'Alias' line in the section that begins @ENABLE => [@:
@@ -213,7 +209,7 @@ h3. Configure the API server to advertise the correct SSH URLs
In your API server's @application.yml@ file, add the following entry:
-git_repo_ssh_base: git@git.uuid_prefix.your.domain:
+git_repo_ssh_base: "git@git.uuid_prefix.your.domain:"
@@ -259,19 +255,13 @@ fatal: No REQUEST_METHOD from server
h3. Enable arvados-git-httpd
-On Debian-based systems, install runit:
-
-
-~$ sudo apt-get install runit
-
-
-
-On Red Hat-based systems, "install runit from source":http://smarden.org/runit/install.html or use an alternative daemon supervisor.
+Install runit to supervise the arvados-git-httpd daemon. {% include 'install_runit' %}
Configure runit to run arvados-git-httpd, making sure to update the API host to match your site:
-~$ cd /etc/sv
+~$ sudo mkdir -p /etc/sv
+~$ cd /etc/sv
/etc/sv$ sudo mkdir arvados-git-httpd; cd arvados-git-httpd
/etc/sv/arvados-git-httpd$ sudo mkdir log
/etc/sv/arvados-git-httpd$ sudo sh -c 'cat >log/run' <<'EOF'
@@ -284,10 +274,12 @@ EOF
#!/bin/sh
export ARVADOS_API_HOST=uuid_prefix.your.domain
export GITOLITE_HTTP_HOME=/var/lib/arvados/git
+export GL_BYPASS_ACCESS_CHECKS=1
export PATH="$PATH:/var/lib/arvados/git/bin"
-exec chpst -u git:git arvados-git-httpd -address=:9001 -git-command="$(which git)" -repo-root=/var/lib/arvados/git/repositories 2>&1
+exec chpst -u git:git arvados-git-httpd -address=:9001 -git-command=/var/lib/arvados/git/gitolite/src/gitolite-shell -repo-root=/var/lib/arvados/git/repositories 2>&1
EOF
/etc/sv/arvados-git-httpd$ sudo chmod +x run log/run
+/etc/sv/arvados-git-httpd$ sudo ln -s "$(pwd)" /etc/service/
@@ -297,8 +289,9 @@ If you are using a different daemon supervisor, or if you want to test the daemo
sudo -u git \
ARVADOS_API_HOST=uuid_prefix.your.domain \
GITOLITE_HTTP_HOME=/var/lib/arvados/git \
+ GL_BYPASS_ACCESS_CHECKS=1 \
PATH="$PATH:/var/lib/arvados/git/bin" \
- arvados-git-httpd -address=:9001 -git-command="$(which git)" -repo-root=/var/lib/arvados/git/repositories 2>&1
+ arvados-git-httpd -address=:9001 -git-command=/var/lib/arvados/git/gitolite/src/gitolite-shell -repo-root=/var/lib/arvados/git/repositories 2>&1
@@ -325,6 +318,9 @@ server {
ssl_certificate /YOUR/PATH/TO/cert.pem;
ssl_certificate_key /YOUR/PATH/TO/cert.key;
+ # The server needs to accept potentially large refpacks from push clients.
+ client_max_body_size 50m;
+
location / {
proxy_pass http://arvados-git-httpd;
}
@@ -337,7 +333,7 @@ h3. Configure the API server to advertise the correct HTTPS URLs
In your API server's @application.yml@ file, add the following entry:
-git_repo_http_base: https://git.uuid_prefix.your.domain/
+git_repo_https_base: https://git.uuid_prefix.your.domain/