Basics

git.typo3.org and gerrit.typo3.org both run on srv04.typo3.org

git is the user the git daemon runs as. It's home directory is at /var/git

gerrit is the user the gerrit software runs as. It's home directory is at /var/gerrit

Replication

Gerrit replicates to the git server via ssh, so /var/gerrit/.ssh and /var/git/.ssh are important. On forge the git user and it's home are important as well.

Permissions for replication are handled by two special permission groups "Forge Mirror" and "Git Mirror" (see etc/replication.config). Projects by default have proper permissions enabled. To disable replication for a (private) project one has to add a special Permission "Read Access/-1 no access" for both of these groups ("Forge Mirror" and "Git Mirror").

git.typo3.org

git-daemon

This is a read-only server offering the git protocol to access the repositores in /var/git/repositories. A repository must contain the git-daemon-export-ok file to be exported by the git daemon.

The configuration can be found in /etc/sv/git-daemon/run, the daemon logs to /var/log/git-daemon/current

The daemon is managed with sv, so use sv down git-daemon and svn up git-daemon to stop and start the service.

upload-archive is disabled and selectivly enabled in TYPO3v4/Core.git/config (to allow git archive --remote for the packaking team)

gitweb

The web interface to git is delivered with gitweb.

The gitweb configuration is in /etc/gitweb.conf
The apache configuration is in /etc/apache2/sites-available/git
Data in /var/git/www

The Apache logs to /var/log/apache2/git.typo3.org*.log

review.typo3.org

Gerrit is installed in /var/gerrit/review
The Apache configuration is in /etc/apache2/sites-available/review

The Apache logs to /var/log/apache2/review.typo3.org*.log

Gerrit pushes git changes to git.typo3.org and forge.typo3.org (in both cases using ssh to connect as the user git), the data ends up in /var/git/repositories. If you need to trigger sync manually, for example because some refs where updated manually, you can use gerrit ssh -p29418 XXXXX@review.typo3.org gerrit replicate PROJECT/PATH to trigger the sync.

Custom Gerrit Version

We are using a custom gerrit version, with some patches (CSS classes, not adding e-mail on cherry-pick, enabling anon access via http)
  • This version (and diffs to the original version) can be found at http://github.com/typo3/gerrit/
  • You can build the version by cloning it, and you need Maven 2. Then just run tools/release.sh and upload the resulting file.

Authentication against typo3.org

The Apache proxy serving gerrit authenticates against typo3.org using /var/gerrit/typo3org-authentication.php. This calls https://typo3.org/services/authenticate.php to authenticate the user.

Account/group sync with (forge.)typo3.org

Every 4 hours gerrit calls (/var/gerrit/sync-accounts.php && /var/gerrit/sync-groups.php && cd /var/gerrit/review && bin/gerrit.sh restart) via cron.

This syncs accounts from typo3.org (by using https://typo3.org/services/userinfo.php) and group memberships from Forge/redmine (by using http://forge.typo3.org/services/projects/[projectid], which only works for public forge projects)

git repository repacking

Every two weeks gerrit repacks the git repositories using /var/gerrit/repack-repositories.sh

srv04 system setup

Installed packages (not listing automated dependencies)

When installing packages pure recommendation dependencies have been unset in most cases. non-free was added to apt sources.

git-core
git-svn
git-daemon-run
git-doc
gitweb
apache2-mpm-worker
mysql-server
sun-java6-jre
php5-cli
php5-mysql
bzip2

From local package (downloaded from backports)

libapache2-mod-authnz-external_3.2.4-2~bpo50+1_amd64.deb

Created users

$ sudo adduser --home /var/git --shell /bin/bash --group git --system
Adding system user `git' (UID 104) ...
Adding new group `git' (GID 107) ...
Adding new user `git' (UID 104) with group `git' ...
Creating home directory `/var/git' ...
$ sudo adduser --home /var/gerrit --shell /bin/bash --group gerrit --system
Adding system user `gerrit' (UID 105) ...
Adding new group `gerrit' (GID 108) ...
Adding new user `gerrit' (UID 105) with group `gerrit' ...
Creating home directory `/var/gerrit' ...