[ale] github

Solomon Peachy pizza at shaftnet.org
Fri Jun 8 07:33:39 EDT 2018


On Thu, Jun 07, 2018 at 11:08:41PM -0400, Steve Litt via Ale wrote:
> Did you set it up in your house or office, or on a remote commercial
> ISP via VM or shared? I'd like to do this, but I have absolutely no
> confidence in my security abilities.

I have my nearly 5GB instance running natively on the same Fedora-based 
shell server that hosts the entirety of my online presence.  It's 
sitting in a closet at home, with Comcast Business providing the pipe, 
RAID1 storage, nightly backups, and a UPS keeping FPL's worst tendencies 
at bay.

I've previously hosted gitolite instances on $5/mo VPS hosts too; it's 
fairly light with respect to resource usage.

> Would you say that gitolite is, inherantly, more secure or less secure
> than providing read-only access via git's provided server, and write
> via ssh keys requiring passwords?

That's basically how gitolite works, although you can overlay much finer 
grain control than raw ssh access would otherwise allow.  The gitolite 
instructions are comprehansive, and should be able to get you to 
whatever configuration you want.

The way I have it configured, access to private repos, and write access 
to any repo, requires use of git-via-ssh, which in turn requires an ssh 
keypair.  That said, most of what I have hosted is public, with the 
standard 'git' daemon and cgit given permission (via gitolite) to expose 
read-only access without any authentication.

Private repos are either for my personal use (eg I have a repo that 
consists entirely of documentation supplied to me under NDA, and another 
that hosts my gpg-encrypted password database) or for working trees for 
my commercial clients.

I can go into more detail (and post snippets of my configuration) if 
you'd like.

I keep meaning to set up something fancier or more integrated (eg 
gitlab, gogs, or pagure) but I can't justify it for my own needs.  BTW, 
I have plenty of resources here and can easlily host more stuff, but I 
can't claim to be any more inherently trustworthy/reputable than the 
likes of gitlab/whatever... and then there's the problem of Southern 
Florida's attractiveness to hurricanes.

 - Solomon
-- 
Solomon Peachy			       pizza at shaftnet dot org
Coconut Creek, FL                          ^^ (email/xmpp) ^^
Quidquid latine dictum sit, altum videtur.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://mail.ale.org/pipermail/ale/attachments/20180608/fb96def5/attachment.sig>


More information about the Ale mailing list