This is a draft of how I set up the private side of the dgit server and client
for raspbian. It may be incomplete. I have still to document the setup for the
public side of the dgit server.
I have acheived a succesful push of a patched xen package with this
configuration.
(replace raspbian and raspbian-related urls in these instructions with the name
and urls of your distro)
server push setup
add a user dgit
create /home/dgit/ssh-wrap with the following contents
#!/bin/sh
set -e
umask 002
srvdir=/home/dgit
dispatchdir=$srvdir/dispatch-dir
#dgitlive=$srvdir/dgit-live
PERLLIB="$dgitlive${PERLLIB+:}${PERLLIB}" \
#exec $dgitlive/infra/dgit-ssh-dispatch $dispatchdir
exec dgit-ssh-dispatch $dispatchdir
create /home/dgit/dispatch-dir/distro=raspbian
in that directory put
a subdirectory called repos with a subdirectory called _template containing a
bare git repo all owned by user dgit
a file called keyring.gpg containing the gpg keys with access to push to the
repo
(you can import keys to the keyring with gpg --no-default-keyring --keyring
dispatch-dir/distro\=raspbian/keyring.gpg --import )
a file called policy-hook containing a copy of
/usr/bin/dgit-repos-policy-trusting
a file called suites containing a list of allowed suites
in /home/dgit/.ssh/authorized-keys add lines like
command="/home/dgit/ssh-wrap" ssh-rsa <key> <comment>
The dgit server has a commit check, unfortunately I found that this commit
check seems to be too strict (see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851716 ). There is supposedly
a way to disable this through the policy hook but I couldn't make that work.
So as a temporary soloution I just commented out that block of code (it can be
found in /usr/bin/dgit-repos-server and starts with if (!($policy &
NOCOMMITCHECK)) { )
Client setup
#!/bin/sh
git config dgit-distro.raspbian.git-url https://dgit.raspbian.org/
git config dgit-distro.raspbian.git-url-suffix .git
git config dgit-distro.raspbian/push.git-url ""
git config dgit-distro.raspbian/push.git-host dgit.raspbian.org
git config dgit-distro.raspbian/push.git-user-force dgit
git config dgit-distro.raspbian/push.git-proto "git+ssh://"
git config dgit-distro.raspbian/push.git-path "/dgit/raspbian/repos"
git config dgit-distro.raspbian.git-check "true"
git config dgit-distro.raspbian.git-check-suffix "/info/refs"
git config dgit-distro.raspbian/push.git-check "ssh-cmd"
git config dgit-distro.raspbian/push.git-create "true"
git config dgit-distro.raspbian.upload-host raspbian
git config dgit-distro.raspbian.mirror http://archive.raspbian.org/raspbian
git config dgit-distro.raspbian.archive-query "aptget:"
git config dgit-suite.wheezy-staging.distro raspbian
git config dgit-suite.jessie-staging.distro raspbian
git config dgit-suite.stretch-staging.distro raspbian
