123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233 |
- # paths and configuration variables for gitolite
- # please read comments before editing
- # this file is meant to be pulled into a perl program using "do" or "require".
- # You do NOT need to know perl to edit the paths; it should be fairly
- # self-explanatory and easy to maintain perl syntax :-)
- # --------------------------------------
- # Do not uncomment these values unless you know what you're doing
- # $GL_PACKAGE_CONF = "";
- # $GL_PACKAGE_HOOKS = "";
- # --------------------------------------
- # --------------------------------------
- # this is where the repos go. If you provide a relative path (not starting
- # with "/"), it's relative to your $HOME. You may want to put in something
- # like "/bigdisk" or whatever if your $HOME is too small for the repos, for
- # example
- $REPO_BASE="/srv/git/repositories/";
- # the default umask for repositories is 0077; change this if you run stuff
- # like gitweb and find it can't read the repos. Please note the syntax; the
- # leading 0 is required
- $REPO_UMASK = 0002;
- # $REPO_UMASK = 0027; # gets you 'rwxr-x---'
- # $REPO_UMASK = 0022; # gets you 'rwxr-xr-x'
- # part of the setup of gitweb is a variable called $projects_list (please see
- # gitweb documentation for more on this). Set this to the same value:
- $PROJECTS_LIST = $ENV{HOME} . "/projects.list";
- # --------------------------------------
- # I see no reason anyone may want to change the gitolite admin directory, but
- # feel free to do so. However, please note that it *must* be an *absolute*
- # path (i.e., starting with a "/" character)
- # gitolite admin directory, files, etc
- $GL_ADMINDIR="/etc/gitolite";
- # --------------------------------------
- # templates for location of the log files and format of their names
- # I prefer this template (note the %y and %m placeholders)
- # it produces files like `~/.gitolite/logs/gitolite-2009-09.log`
- $GL_LOGT="/var/log/gitolite/gitolite-%y-%m.log";
- # other choices are below, or you can make your own -- but PLEASE MAKE SURE
- # the directory exists and is writable; gitolite won't do that for you (unless
- # it is the default, which is "$GL_ADMINDIR/logs")
- # $GL_LOGT="$GL_ADMINDIR/logs/gitolite-%y-%m-%d.log";
- # $GL_LOGT="$GL_ADMINDIR/logs/gitolite-%y.log";
- # --------------------------------------
- # Please DO NOT change these three paths
- $GL_CONF="$GL_ADMINDIR/conf/gitolite.conf";
- $GL_KEYDIR="$GL_ADMINDIR/keydir";
- $GL_CONF_COMPILED="$GL_ADMINDIR/conf/gitolite.conf-compiled.pm";
- # --------------------------------------
- # if git on your server is on a standard path (that is
- # ssh git@server git --version
- # works), leave this setting as is. Otherwise, choose one of the
- # alternatives, or write your own
- $GIT_PATH="";
- # $GIT_PATH="/opt/bin/";
- # --------------------------------------
- # ----------------------------------------------------------------------
- # BIG CONFIG SETTINGS
- # Please read doc/big-config.mkd for details
- $GL_BIG_CONFIG = 1;
- $GL_NO_DAEMON_NO_GITWEB = 1;
- $GL_NO_CREATE_REPOS = 1;
- $GL_NO_SETUP_AUTHKEYS = 1;
- # ----------------------------------------------------------------------
- # SECURITY SENSITIVE SETTINGS
- #
- # Settings below this point may have security implications. That
- # usually means that I have not thought hard enough about all the
- # possible ways to crack security if these settings are enabled.
- # Please see details on each setting for specifics, if any.
- # ----------------------------------------------------------------------
- # --------------------------------------
- # ALLOW REPO ADMIN TO SET GITCONFIG KEYS
- #
- # Gitolite allows you to set git repo options using the "config" keyword; see
- # conf/example.conf for details and syntax.
- #
- # However, if you are in an installation where the repo admin does not (and
- # should not) have shell access to the server, then allowing him to set
- # arbitrary repo config options *may* be a security risk -- some config
- # settings may allow executing arbitrary commands.
- #
- # You have 3 choices. By default $GL_GITCONFIG_KEYS is left empty, which
- # completely disables this feature (meaning you cannot set git configs from
- # the repo config).
- $GL_GITCONFIG_KEYS = "";
- # The second choice is to give it a space separated list of settings you
- # consider safe. (These are actually treated as a set of regular expression
- # patterns, and any one of them must match). For example:
- # $GL_GITCONFIG_KEYS = "core\.logAllRefUpdates core\..*compression";
- # allows repo admins to set one of those 3 config keys (yes, that second
- # pattern matches two settings from "man git-config", if you look)
- #
- # The third choice (which you may have guessed already if you're familiar with
- # regular expressions) is to allow anything and everything:
- # $GL_GITCONFIG_KEYS = ".*";
- # --------------------------------------
- # EXTERNAL COMMAND HELPER -- HTPASSWD
- # security note: runs an external command (htpasswd) with specific arguments,
- # including a user-chosen "password".
- # if you want to enable the "htpasswd" command, give this the absolute path to
- # whatever file apache (etc) expect to find the passwords in.
- $HTPASSWD_FILE = "";
- # Look in doc/3 ("easier to link gitweb authorisation with gitolite" section)
- # for more details on using this feature.
- # --------------------------------------
- # EXTERNAL COMMAND HELPER -- RSYNC
- # security note: runs an external command (rsync) with specific arguments, all
- # presumably filled in correctly by the client-side rsync.
- # base path of all the files that are accessible via rsync. Must be an
- # absolute path. Leave it undefined or set to the empty string to disable the
- # rsync helper.
- $RSYNC_BASE = "";
- # $RSYNC_BASE = "/home/git/up-down";
- # $RSYNC_BASE = "/tmp/up-down";
- # --------------------------------------
- # EXTERNAL COMMAND HELPER -- SVNSERVE
- # security note: runs an external command (svnserve) with specific arguments,
- # as specified below. %u is substituted with the username.
- # This setting allows launching svnserve when requested by the ssh client.
- # This allows using the same SSH setup (hostname/username/public key) for both
- # SVN and git access. Leave it undefined or set to the empty string to disable
- # svnserve access.
- $SVNSERVE = "";
- # $SVNSERVE = "/usr/bin/svnserve -r /var/svn/ -t --tunnel-user=%u";
- # --------------------------------------
- # ALLOW REPO CONFIG TO USE WILDCARDS
- # security note: this used to in a separate "wildrepos" branch. You can
- # create repositories based on wild cards, give "ownership" to the specific
- # user who created it, allow him/her to hand out R and RW permissions to other
- # users to collaborate, etc. This is powerful stuff, and I've made it as
- # secure as I can, but it hasn't had the kind of rigorous line-by-line
- # analysis that the old "master" branch had.
- # This has now been rolled into master, with all the functionality gated by
- # this variable. Set this to 1 if you want to enable the wildrepos features.
- # Please see doc/4-wildcard-repositories.mkd for details.
- $GL_WILDREPOS = 0;
- # --------------------------------------
- # DEFAULT WILDCARD PERMISSIONS
- # If set, this value will be used as the default user-level permission rule of
- # new wildcard repositories. The user can change this value with the setperms command
- # as desired after repository creation; it is only a default. Note that @all can be
- # used here but is special; no other groups can be used in user-level permissions.
- # $GL_WILDREPOS_DEFPERMS = 'R = @all';
- # --------------------------------------
- # HOOK CHAINING
- # by default, the update hook in every repo chains to "update.secondary".
- # Similarly, the post-update hook in the admin repo chains to
- # "post-update.secondary". If you're fine with the defaults, there's no need
- # to do anything here. However, if you want to use different names or paths,
- # change these variables
- # $UPDATE_CHAINS_TO = "hooks/update.secondary";
- # $ADMIN_POST_UPDATE_CHAINS_TO = "hooks/post-update.secondary";
- # --------------------------------------
- # ADMIN DEFINED COMMANDS
- # WARNING: Use this feature only if (a) you really really know what you're
- # doing or (b) you really don't care too much about security. Please read
- # doc/admin-defined-commands.mkd for details.
- # $GL_ADC_PATH = "";
- # --------------------------------------
- # per perl rules, this should be the last line in such a file:
- 1;
- # Local variables:
- # mode: perl
- # End:
- # vim: set syn=perl:
|