[ale] github

Boris Borisov bugyatl at gmail.com
Wed Jun 27 18:04:00 EDT 2018


Just that popped up in hackaday site.

https://hackaday.com/2018/06/27/keep-it-close-a-private-git-server-crash-course/

On Fri, Jun 8, 2018 at 7:33 AM, Solomon Peachy via Ale <ale at ale.org> wrote:

> On Thu, Jun 07, 2018 at 11:08:41PM -0400, Steve Litt via Ale wrote:
> > Did you set it up in your house or office, or on a remote commercial
> > ISP via VM or shared? I'd like to do this, but I have absolutely no
> > confidence in my security abilities.
>
> I have my nearly 5GB instance running natively on the same Fedora-based
> shell server that hosts the entirety of my online presence.  It's
> sitting in a closet at home, with Comcast Business providing the pipe,
> RAID1 storage, nightly backups, and a UPS keeping FPL's worst tendencies
> at bay.
>
> I've previously hosted gitolite instances on $5/mo VPS hosts too; it's
> fairly light with respect to resource usage.
>
> > Would you say that gitolite is, inherantly, more secure or less secure
> > than providing read-only access via git's provided server, and write
> > via ssh keys requiring passwords?
>
> That's basically how gitolite works, although you can overlay much finer
> grain control than raw ssh access would otherwise allow.  The gitolite
> instructions are comprehansive, and should be able to get you to
> whatever configuration you want.
>
> The way I have it configured, access to private repos, and write access
> to any repo, requires use of git-via-ssh, which in turn requires an ssh
> keypair.  That said, most of what I have hosted is public, with the
> standard 'git' daemon and cgit given permission (via gitolite) to expose
> read-only access without any authentication.
>
> Private repos are either for my personal use (eg I have a repo that
> consists entirely of documentation supplied to me under NDA, and another
> that hosts my gpg-encrypted password database) or for working trees for
> my commercial clients.
>
> I can go into more detail (and post snippets of my configuration) if
> you'd like.
>
> I keep meaning to set up something fancier or more integrated (eg
> gitlab, gogs, or pagure) but I can't justify it for my own needs.  BTW,
> I have plenty of resources here and can easlily host more stuff, but I
> can't claim to be any more inherently trustworthy/reputable than the
> likes of gitlab/whatever... and then there's the problem of Southern
> Florida's attractiveness to hurricanes.
>
>  - Solomon
> --
> Solomon Peachy                         pizza at shaftnet dot org
> Coconut Creek, FL                          ^^ (email/xmpp) ^^
> Quidquid latine dictum sit, altum videtur.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20180627/33e3e8df/attachment.html>


More information about the Ale mailing list