gittlz

command module
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2022 License: Unlicense Imports: 1 Imported by: 0

README

Gittlz

GitHub go.mod Go version GitHub Workflow Status GitHub Docker Image Version (latest semver) Docker Image Size (latest semver)

A Git server for the laziest of us. Write and test your Git utilities without any hassle.

Do you need Gittlz?

If all you need is a no-auth Git remote (not necessarily a server), consider trying Git's Local protocol first.

Gittlz is meant to work in place of a live Git host for development purposes, and not to act as a production server in any form. If that's what you were looking for, try Gitea, Gogs, OneDev, or Soft Serve, among the many projects floating around.

This will likely be repeated several times throughout this documentation: Do not use Gittlz as a production Git server.

Usage

Gittlz requires no configuration by default - just point a Git client at it and get started:

docker run --rm -it --name=gittlz -p 6177:6177 -p 9418:9418 karashiiro/gittlz:latest

If you want to use a persistent directory for repositories, mount it to /srv/git:

docker run --rm -it --name=gittlz -v /path/to/repos:/srv/git:rw -p 6177:6177 -p 9418:9418 karashiiro/gittlz:latest

Repositories should be bare repositories on the server. The Gittlz CLI abstracts away this setup process:

CGO_ENABLED=0 go install github.com/karashiiro/gittlz:v0.3.0
gittlz create-repo repo

Then, you can clone repositories from a Git client outside the container:

git clone git://localhost/repo.git

And that's it! Enjoy your Gittlz.

The Gittlz Docker image makes this setup process nearly as simple as it can be. The image is based on Alpine Linux, but it includes a full Git installation, which can be used to manually perform operations inside the container. sh is available as a basic shell for manual repository setup, if needed.

Authentication

Gittlz comes preconfigured with no authentication whatsoever. All of the optional authentication methods provided are intentionally insecure - Gittlz favors convenience over security where possible.

Do not use Gittlz as a production Git server.

The following forms of authentication are configurable:

  • SSH password authentication
  • SSH key authentication
  • HTTP URL authentication
  • HTTP basic authentication

This covers the majority of authentication schemes used by Git hosting providers.

SSH password authentication

Start the server with a command override, replacing the port mapping and password options as needed:

docker run --rm -it -p 6177:6177 -p 22:22 karashiiro/gittlz:latest gittlz serve --protocol=ssh --password=password

Then, clone repositories by providing the password interactively:

git clone ssh://localhost/repo.git
# Cloning into 'repo'...
# you@localhost's password: password

It is not possible to use this authentication method non-interactively.

SSH key authentication

Note that Gittlz will not validate the SSH key used to access the server. This is intentional, as key configuration has little to do with a Git server's public interface. That said, if your use case requires SSH key auth failures, open an issue describing your intended workflow.

Start the server with a command override, replacing the port mapping as needed:

docker run --rm -it -p 6177:6177 -p 22:22 karashiiro/gittlz:latest gittlz serve --protocol=ssh

Then, clone repositories with a Git client:

git clone ssh://localhost/repo.git

You may also want to override your Git client's SSH command to avoid host key verification errors. This is done by setting the GIT_SSH_COMMAND environment variable, which is shell-specific. In sh-like shells, this can simply be prepended to the command:

GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" git clone ssh://localhost/repo.git
HTTP URL authentication

See HTTP basic authentication. The same setup applies, but the username and password can be embedded in the URL:

git clone http://gitt:lz@localhost/repo.git

This authentication scheme is both insecure and deprecated by many clients. Some Git clients will even silently strip the credentials out of the URL. cURL automatically converts it into an Authorization header.

Be prepared to debug issues yourself.

HTTP basic authentication

Start the server with a command override, replacing the port mapping, username, and password options as needed:

docker run --rm -it -p 6177:6177 -p 80:80 karashiiro/gittlz:latest gittlz serve --protocol=http --username=gitt --password=lz

Then, make sure to base64-encode the username and password somewhere locally. Most operating systems and shells have a means of doing this. In Powershell, for example:

$gittlzAuth = "gitt:lz"
$B64gittlzAuth = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($gittlzAuth))

Finally, add the http.extraHeader option to all of your Git commands:

git -c http.extraHeader="Authorization: Basic $B64gittlzAuth" clone http://localhost/repo.git

Containerless

The Gittlz container attempts to abstract configuration as much as possible, without sacrificing maintainability or debuggability. However, Gittlz is also just a CLI application, and can be built and run in other environments.

Building Gittlz from sources is simple, just disable cgo (optional) and build it like any other Go application. In sh-like shells, this is done as follows:

CGO_ENABLED=0 go build

Gittlz has runtime dependencies on the standard git toolkit and git-http-backend. git-http-backend is a CGI script sometimes offered as part of a separate git-daemon package. For Windows users, Git for Windows includes everything needed in a single installer.

Refer to the --help commands such as gittlz --help and gittlz serve --help for configuration options.

Architecture

Git's server functionality is mostly usable out of the box, and the official handbook even dedicates an entire chapter to describing how to configure and use it. However, that's more configuration than anyone should want to do if they only want a disposable Git server, and don't care about security at all.

With this being the case, Gittlz is just a very thin wrapper around Git itself, with the exception of the handling for the SSH protocol. Each protocol has a different strategy used to wrap it.

Protocol Strategy
Git git daemon is launched as a subprocess. That's it.
HTTP net/http/cgi (yes, that's part of the Go standard library) is used to interface with git-http-backend. Gittlz adds some authentication middleware to simulate a typical managed Git provider.
SSH charmbracelet/wish is used to set up a simple SSH server in front of Git. Gittlz's implementation is almost an exact copy of Wish's Git example.

The serve command is used to select which protocol is used at runtime.

Finally, a control API is put on top for simpler repository creation within the container.

Documentation

Overview

Copyright © 2022 NAME HERE <EMAIL ADDRESS>

Source Files

View all Source files

Directories

Path Synopsis
pkg
api
protocol

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.