GIT, SSH, AD

1. #!/bin/bash
2.  
3. REPONAME="$1"
4. REPOPATH="/home/repository/git"
5. GIT_DIR="$REPOPATH/$REPONAME"
6.  
7. mkdir "$GIT_DIR"
8.  
9. chown -R nobody:nogroup "$GIT_DIR"
10. chmod -R u=rwX,go=rX    "$GIT_DIR"
11.  
12. setfacl -R    -m u:www-data:rwx                       "$GIT_DIR"
13. setfacl -R -d -m u:www-data:rwx                       "$GIT_DIR"
14. setfacl -R    -m g:DOMAIN\\GIT_${REPONAME}_write:rwx "$GIT_DIR" \
15.     || echo "[ERROR]: Group GIT_${REPONAME}_write DOES NOT EXIST" >&2
16. setfacl -R -d -m g:DOMAIN\\GIT_${REPONAME}_write:rwx "$GIT_DIR"
17. setfacl -R    -m g:DOMAIN\\GIT_${REPONAME}_read:rX   "$GIT_DIR" \
18.     || echo "[ERROR]: Group GIT_${REPONAME}_read DOES NOT EXIST"  >&2
19. setfacl -R -d -m g:DOMAIN\\GIT_${REPONAME}_read:rX   "$GIT_DIR"
20.  
21. sudo -u www-data git --git-dir="$GIT_DIR" init --bare
22. sudo -u www-data git --git-dir="$GIT_DIR" update-server-info
23.  
24.  
25. ### Add hook for dumb HTTP to work along with SSH
26.  
27. cat > "$GIT_DIR/hooks/post-receive" <<EOF
28. #!/bin/sh
29.  
30. GIT_DIR=\$(git rev-parse --git-dir 2>/dev/null)
31. if [ -z "\$GIT_DIR" ]; then
32.     echo >&2 "fatal: post-receive: GIT_DIR not set"
33.     exit 1
34. fi
35.  
36. git update-server-info
37. EOF
38.  
39.  
40. ### Apache related crap
41.  
42. cat <<EOF > /etc/apache2/locations/git/$REPONAME.location
43. <Location /$REPONAME>
44.     DAV on
45.     #AuthType Basic
46.     AuthName "GIT $REPONAME"
47.  
48.     # READ
49.     <Limit GET>
50.         Require ldap-group CN=GIT_${REPONAME}_read,OU=GITAccessGroups,DC=elegion,DC=local
51.     </Limit>
52.     # WRITE
53.     <Limit GET PUT POST DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
54.         Require ldap-group CN=GIT_${REPONAME}_write,OU=GITAccessGroups,DC=elegion,DC=local
55.     </Limit>
56.  
57.     #Require ldap-group CN=GIT_${REPONAME}_write,OU=GITAccessGroups,DC=elegion,DC=local
58. </Location>
59. EOF
60.  
61. /etc/init.d/apache2 restart
62.