CGIT Gitolite Patch

This patch is completely rewritten in November 2015 discarding all previous versions.

When publishing software projects, we currently use the git versioning system. I did not like the default Gitweb frontend so I decided to use the cgit instead.

Since there are many different software projects stored on one site, there should be some reasonable access control system to prevent unauthorized pushes and pulls. We are using Gitolite for that purpose.

Unfortunately none of the web frontends did not behave well in a multiuser environment. Typical result was that repositories were if not world readable then shown in a repository listing. There are ways to limit access by utilizing file system privileges. But this looks awful since we are already using Gitolite.

To overcome that issue I created a quick patch to support Gitolite repository authorization in cgit.

My version added project-filter configuration option that refers to a worker script written in Lua. It will not perform authentication by itself, but gets authenticated user name from REMOTE_USER environment variable instead.

When building repository list, filter script will be called with a repository name currently being processed. Script must return either 1 to allow or 0 to deny access. Repository paths that got access denied will be excluded from listing therefore hiding them and effectively banning any further access.

Populating the REMOTE_USER variable can be done via HTTP Authentication (e.g. Basic). Please be reminded that HTTP Basic Authentication is insecure and should only be used over SSL channel. Since authentication is done by web server, any method works as long as the username will  be stored in a REMOTE_USER variable.

This solution can be used with any available authorization system, but we are currently relying on Gitolite. Note, that Gitolite requires HOME environment variable to be set to a directory where Gitolite configuration resides.

Further technical information is located in a sample filter script and configuration manual under project-filter configuration option.

Previous versions of the patch relied heavily on Gitolite configuration file format. It had limited support and was error prone. Therefore I decided to completely rewrite it using Lua scripting engine that was already available in cgit. This way it is effectively decoupled from Gitolite logic and can be used for any external authorization method. Previous patch is therefore considered deprecated and is entirely removed from this repository.

Artifacts

  • Zoltan Galgavolgyi

    Great! I just hit this problem and was wondering how to secure cgit. Your module might save me some work, thanks!

  • someone

    May you update the patch to the current version of cgit? As I read the mailing list of cgit you seemed to propose this patch to be included in cgit main repository, right? Any feedback on this yet, was 2012. What about another try. Your solution seems pretty good to me.

    • Thank you for the positive feedback. Merged upstream changes and published a new maintenance release v0.1.3.

      Regarding merging changes back to upstream, I have posted patches to development mailing list in January 2016, but due to no feedback and seemingly lack of interest I have more or less given up.

      • someone

        Thanks for the merge.

        Sad to hear, maybe I can push on another place. Stay encouraged! 😉

  • Rico Backasch (darth-ocir)

    This is exactly what i try to do. So thank you very much for this. Will you port it to the current cgit version 1.0? if not I will try to port myself. They changed some things with the scan_path functions…..