git-restrict

simple utility for git repo permission management
git clone https://git.parazyd.org/git-restrict
Log | Files | Refs | README | LICENSE

README.md (1185B)


      1 git-restrict
      2 ============
      3 
      4 ![Build Status](https://github.com/parazyd/git-restrict/actions/workflows/c-cpp.yml/badge.svg)
      5 
      6 A minimal utility that allows repository permission management based on
      7 ssh keys when used with the command directive in ssh's authorized_keys
      8 file.
      9 
     10 If used, it will only allow `git-upload-pack` and `git-receive-pack` as
     11 the commands allowed to be ran by a specific user/SSH key.
     12 
     13 git-restrict is C99 portable and compiled as a static binary so it's
     14 easy to use it in chroot environments. This is obviously intentional.
     15 
     16 
     17 Basic usage
     18 -----------
     19 
     20 Set up SSH and a `git` user on a host machine that will serve the git
     21 repositories. Ideally the repos should be stored in the user's `$HOME`.
     22 
     23 After this, compile and install git-restrict and use something like
     24 the following to set repo permissions for specific SSH keys:
     25 
     26 ```
     27 $ cat ~/.ssh/authorized_keys
     28 command="/usr/bin/git-restrict repo0 repo1 repo2" ssh-ed25519 AAA...1 user0@machine
     29 command="/usr/bin/git-restrict repo3 repo0" ssh-ed25519 AAA.Z user1@machine
     30 ```
     31 
     32 It is also useful to see the `contrib` directory to see an automation
     33 example.
     34 
     35 
     36 License
     37 -------
     38 
     39 GNU Affero General Public License version 3.