Git: Difference between revisions
imported>RichardJActon Add an example of setting a simple option in gitconfig with an attribute set in extraConfig |
m cleaner |
||
| (12 intermediate revisions by 6 users not shown) | |||
| Line 16: | Line 16: | ||
== Configuration == | == Configuration == | ||
Git can be configured using [[Home Manager]]: | Git can be configured using [[Home Manager]]: | ||
| Line 56: | Line 55: | ||
programs.git = { | programs.git = { | ||
enable = true; | enable = true; | ||
package = pkgs.git.override { withLibsecret = true; }; | |||
extraConfig = { | extraConfig = { | ||
credential.helper = " | credential.helper = "libsecret"; | ||
}; | }; | ||
}; | }; | ||
| Line 83: | Line 81: | ||
push = { autoSetupRemote = true; }; | push = { autoSetupRemote = true; }; | ||
}; | }; | ||
}; | |||
} | |||
</syntaxhighlight> | |||
=== Using your public SSH key as a signing key === | |||
You can naturally configure git to automatically sign your commits using your public SSH key like so:<syntaxhighlight lang="nix"> | |||
{ | |||
programs.git = { | |||
enable = true; | |||
signing = { | |||
key = "ssh-ed25519 AAAAAAAAAAAA...AA username@hostname"; | |||
signByDefault = true; | |||
}; | |||
extraConfig = { | |||
gpg = { | |||
format = "ssh"; | |||
}; | |||
}; | |||
}; | |||
} | |||
</syntaxhighlight>However, note that this will also require Home Manager to manage your SSH configuration:<syntaxhighlight lang="nix"> | |||
{ | |||
programs.ssh = { | |||
enable = true; | |||
addKeysToAgent = "yes"; | |||
}; | }; | ||
} | } | ||
| Line 105: | Line 128: | ||
worked well on a machine with about 6–8 GB of free RAM and two processor threads, and reduced the size of the <code>nixpkgs</code> checkout from ~1.3 GB to ~0.95 GB. | worked well on a machine with about 6–8 GB of free RAM and two processor threads, and reduced the size of the <code>nixpkgs</code> checkout from ~1.3 GB to ~0.95 GB. | ||
= Serve Git repos via SSH = | |||
This section implements [https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server Git on the Server - Setting Up the Server] on NixOS. | |||
See also: [[gitolite]]. | |||
== Configuration == | |||
<syntaxhighlight lang="nix"> | |||
{ config, pkgs, ... }: { | |||
users.users.git = { | |||
isSystemUser = true; | |||
group = "git"; | |||
home = "/var/lib/git-server"; | |||
createHome = true; | |||
shell = "${pkgs.git}/bin/git-shell"; | |||
openssh.authorizedKeys.keys = [ | |||
# FIXME: Add pubkeys of authorized users | |||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF38sHxXn/r7KzWL1BVCqcKqmZA/V76N/y5p52UQghw7 example" | |||
]; | |||
}; | |||
users.groups.git = {}; | |||
services.openssh = { | |||
enable = true; | |||
extraConfig = '' | |||
Match user git | |||
AllowTcpForwarding no | |||
AllowAgentForwarding no | |||
PasswordAuthentication no | |||
PermitTTY no | |||
X11Forwarding no | |||
''; | |||
}; | |||
} | |||
</syntaxhighlight> | |||
== Usage == | |||
1. Run this on the server to create repo <code>myproject</code> accessible by user <code>git</code> | |||
<syntaxhighlight lang="bash"> | |||
sudo -u git bash -c "git init --bare ~/myproject.git" | |||
</syntaxhighlight> | |||
(<code>~</code> here is the home of the user <code>git</code>, which is <code>/var/lib/git-server</code>) | |||
2. Push to the server repo from another system | |||
<syntaxhighlight lang="bash"> | |||
mkdir myproject | |||
cd myproject | |||
echo hello > a | |||
git init | |||
git add . | |||
git commit -m init | |||
git remote add origin git@myserver:myproject.git | |||
git push origin master | |||
</syntaxhighlight> | |||
3. Clone and edit the server repo from another system | |||
<syntaxhighlight lang="bash"> | |||
git clone git@myserver:myproject.git | |||
cd myproject | |||
cat a | |||
echo world >> a | |||
git commit -am hello | |||
git push origin master | |||
</syntaxhighlight> | |||
== Bisecting Nix regressions == | |||
see [[bisecting]] | |||
[[Category:Applications]] | [[Category:Applications]] | ||
[[Category:CLI Applications]] | |||
[[Category:Version control]] | |||