Setup privilege separation unless you are already inside a container. Create a dedicated user for running gollum
which git-shell #groupadd -g 32765 gollum useradd -u 32765 -m -g nogroup -s /usr/bin/git-shell gollum passwd --delete --unlock gollum #usermod -p '*' gollum
Define a shared UI user. Unless you go for Omniauth, setup the GIT profile that corresponds to the non-authenticated Gollum web UI. Try to use some mailing-list address and shared name. You will be able to setup binding to some Directory Server afterwards anyway.
chsh -s /bin/bash gollum su - gollum git config --global user.email "root@domain.tld" git config --global user.name "Gollum web UI" ^D chsh -s /usr/bin/git-shell gollum
Setup GIT access through SSH
mkdir ~gollum/.ssh/ vi ~gollum/.ssh/authorized_keys chmod 700 ~gollum/ chmod 700 ~gollum/.ssh/ chmod 600 ~gollum/.ssh/authorized_keys chown -R gollum:gollum ~gollum/
Create repositories as such
git init --bare /home/gollum/REPO.git
chown -R gollum:gollum /home/gollum/REPO.git
and validate remotely
git clone ssh://gollum@SERVER_ADDRESS:PORT/REPO.git cd REPO/ echo ok > ok git add ok git commit git push
ubuntu
apt -y install git ruby ruby-dev zlib1g-dbg zlib1g-dev libicu-dev make build-essential gem install bundle
slackware
slackpkg install ruby libyaml cmake pkg-config libarchive gcc-g++ sbopkg -i rubygem-bundler
and proceed
ruby -v #2.7.2p137 bundler -v #2.1.4 git clone https://github.com/gollum/gollum.git cd gollum/ bundle install bin/gollum -v #5.1.1 cp config.rb ~gollum/config.rb.dist chown gollum:gollum ~gollum/config.rb.dist
apt install build-essential git ruby ruby-dev libicu-dev zlib1g-dev gem install gollum rdiscount #gollum-auth which gollum gollum -v #4.1.4 / 5.1.1
as user
cd ~/
cp /var/lib/gems/2.5.0/gems/gollum-4.1.4/config.rb config.rb.dist
vi config.rb
wiki_options = {
:live_preview => false,
:allow_editing => false,
:allow_uploads => false,
:h1_title => true,
:universal_toc => true
}
Precious::App.set(:wiki_options, wiki_options)
Precious::App.set(:environment, :production)
Enable it at boot time
ls -lhF /bin/ksh ls -lhF /bin/ash ls -lhF /bin/dash vi /etc/rc.local echo gollum as gollum/REPO.git /usr/bin/chsh -s /bin/ksh gollum su - gollum -c "nohup /usr/bin/gollum --config config.rb --host 127.0.0.1 --bare /home/gollum/REPO.git/ >> /home/gollum/REPO.log 2>&1 &" /usr/bin/chsh -s /usr/bin/git-shell gollum chmod +x /etc/rc.local
Apply and check
cat ~gollum/REPO.log ps auxww | grep gollum lynx -dump localhost:4567 http://SERVER_ADDRESS:4567/
apt -y install cmake pkg-config libcurl3-dev libssl-dev gem install gollum-rugged_adapter --adapter rugged
Note. With sate-of-the-art markdown formatting with better tables, and with the rugged adapter,
Only listening to localhost to be reverse proxied locally,
--host 127.0.0.1
Show everything in Files UI view,
:show_all => true
Gollum via Rack https://github.com/gollum/gollum/wiki/Gollum-via-Rack
Optionally, add mediawiki formatting,
gem install wikicloth
gem install github-markdown
You can then omit --bare when launching Gollum, as it is only required by GRIT.
How to unlock account for public key ssh authorization, but not for password authorization? https://unix.stackexchange.com/questions/193066/how-to-unlock-account-for-public-key-ssh-authorization-but-not-for-password-aut
Installation https://github.com/gollum/gollum/wiki/Installation
A simple, Git-powered wiki with a sweet API and local frontend. https://github.com/gollum/gollum
gollum / gollum Wiki https://github.com/gollum/gollum/wiki
Git Tip of the Week: Gollum http://alblue.bandlem.com/2011/05/git-tip-of-week-gollum.html
Formats and extensions https://github.com/gollum/gollum/wiki/Formats-and-extensions
Authentication Middleware for Gollum Wiki https://github.com/bjoernalbers/gollum-auth
Installing Gollum on Ubuntu with authentication https://ronnieroller.com/Gollum
Gollum with HTTP authentication for multi-users on web. https://github.com/fruux/gollum-auth