Add my git user

I log in as root:

adduser-N -d /path/to/my/repository/repo -s /bin/bash -r MyGitUser

-N do not create a group with the same name as the user
-d home directory of the new account
-s login shell of the new account
-r create a system account

what’s happen in /etc/passwd

passwd MyGitUser

ok back again.

Now i’m able todo something like
git clone MyGitUser@myhost:project.git
or more complicated
git clone MyGitUser@myhost:/path/to/my/repository/repo/project.git


CGIT inside ispconfig 3

I got many git resources on my server, there must be a way to push it into the world wide web. CGI.GIT is one of them. Let’s try it out here inside of ispconfig 3.

Through the previous installation I have a lot of development tools on board.

Missing only:
yum install openssl-devel asciidoc xmlto

cd /usr/local/src
tar xf cgi-1.0.tar.xz
cd cgi-1.0
make get-git
make CGIT_SCRIPT_PATH=/usr/share/cgit prefix=/usr install install-man
install -m 0755 -d /usr/share/man/man5
install -m 0644 cgitrc.5 /usr/share/man/man5
install -m 0755 -d /usr/share/cgit
install -m 0755 cgit /usr/share/cgit/cgit.cgi
install -m 0755 -d /usr/share/cgit
install -m 0644 cgit.css /usr/share/cgit/cgit.css
install -m 0644 cgit.png /usr/share/cgit/cgit.png
install -m 0644 favicon.ico /usr/share/cgit/favicon.ico
install -m 0644 robots.txt /usr/share/cgit/robots.txt
install -m 0755 -d /usr/lib/cgit/filters
cp -r filters/* /usr/lib/cgit/filters

Aha, this files are installed. With yum history I removed the installed developer parts..

Create the cache
install -vd “/var/cache/cgit”

For better syntax highlight:
yum install highlight

create a new web site in ispconfig and check only cgi & active.
Option -> Apache directives:

<Directory /var/www/MyGitWebSide/web>
DirectoryIndex disabled
DirectoryIndex cgit.cgi
Options +ExecCGI
AddHandler cgi-script .cgi

Back in the console

cd /var/www/MyGitWebSide/web
cp /usr/share/cgit/* .
mkdir css
mv cgit.css cgit.png css
rm index.html

Clean up permissions:
chown -R webXXX:clientXXXX *

Directory looks like
cgit.cgi css favicon.ico robots.txt stats

vi /etc/cgitrc
# cgit config
# if you don’t want that webcrawler (like google) index your site
robots=noindex, nofollow
#syntax highlight
## and included like this:
## include=/etc/cgitrepos
repo.desc=Test Git
# if had another module – it would be added like so
# repo.url=OSGi-module
# repo.path=/home/git/repositories/OSGi-module.git
# repo.desc=the OSGi-module repository

cp /usr/lib/cgit/filters/ /usr/lib/cgit/filters/

Enable version 3 and add “–inline-css” at the end.

vi /usr/lib/cgit/filters/

# for version 3.
# Version 2 can be found (for example) on EPEL 5, while version 3 can be
# found (for example) on EPEL 6.
# This is for version 2
#exec highlight –force -f -I -X -S “$EXTENSION” 2>/dev/null

# This is for version 3
exec highlight –force -f -I –inline-css -O xhtml -S “$EXTENSION” 2>/dev/null

Now I’m able to browse my git on web.

Quick and dirty

Sometimes I felt like a normal person without any kind of bad conscience. It takes me two hours and the server was ready.
helped me out.

I was a fool, hammer down every ssl information with enter. This must be corrected:

cd /etc/postfix
Genenerate Postfix ssl key:
openssl req -x509 -newkey rsa:2048 -keyout smtpd.key -out smtpd.cert -days 3650 -nodes
chmod 600 smtp.*

change /etc/postfix/ (add some lines to get smtps, taken from my old host)
smtps inet n – n – – smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

cd /usr/local/ispconfig/interface/ssl
openssl genrsa -des3 -out ispserver.key 4096
openssl req -new -key ispserver.key -out ispserver.csr
openssl x509 -req -days 3650 -in ispserver.csr \
-signkey ispserver.key -out ispserver.crt
openssl rsa -in ispserver.key -out ispserver.key.insecure
mv ispserver.key
mv ispserver.key.insecure ispserver.key

vi /etc/httpd/conf.d/ssl.conf
replace follow line:
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key (one line !!!)

Standard SSL website share the same ssl-keys from ispconfig.

Uh done. I was near a seam outburst.

Time to left the old server…

It was in time to update my v-server. The given package could not be updated. I went to my provider and bought a new one. It came preinstalled with Ubuntu 14.04. A System with a lifecycle till april 2019. No. I take a look to the systems that can be installed and yeah.. centos 7 is there. Security lifecycle till 2024. Good. That’s the way …the story goes on…