On 17-09-04 at 17:05, Alan McKinnon wrote:
> Hi,
> 
> I fear I have a severe case of too many trees in the way to see the forest.
> 
> I have a git server, it only runs git.
> All the sysadmins have full access using ssh://, their keys are in git's
> authorized_keys, the repos are owned git:git, MODE 770, etc etc, and it
> works like it should.
> 
> I want an app to have read-only access to some repos, i.e. clone and
> pull only. But they are not publicly accessible i.e. the app user must
> be pre-authorized by me and have a public key. And for the life of me I
> can't think how to do it!
You want to use the command= option in the .ssh/authorized_keys file for
the key to ensure that only `git-upload-pack <repo_path>' is run

> Google is only giving me results about what fancy buttons to click in
> GitHub and Gitlab... I know, my Google-fu sucks today.
You can look at [1] if you want a really minimal example of a git
permissions management system.

[1]: https://github.com/cbdevnet/fugit

-- 
Simon Thelen

Reply via email to