Setting up Gollum


Setup privilege separation unless you are already inside a container. Create a dedicated user for running gollum

which git-shell
groupadd -g 32765 gollum
useradd -u 32765 -m -g gollum -s /usr/bin/git-shell gollum
usermod -p '*' gollum

Also define a shared UI user. Unless you go for Omniauth, setup the GIT profile that corresponds to the non-authenticated Gollum WUI. Try to use some mailing-list address and shared name. You will be able to setup binding to some Directory Server afterwards anyway.

chsh -s /bin/bash gollum
su - gollum
git config --global "root@domain.tld"
git config --global "Gollum WUI"
chsh -s /usr/bin/git-shell gollum

Create a repository in an accessible place for remote usage

mkdir /repo.git
git init --bare /repo.git

or eventually move those to there, while keeping/fixing user permissions

mv ~gollum/*.git/ /
chown -R gollum:gollum /*.git/

Setup GIT access through SSH

mkdir ~gollum/.ssh/
vi ~gollum/.ssh/authorized_keys
chmod 700 ~gollum/.ssh/
chmod 600 ~gollum/.ssh/authorized_keys
chown -R gollum:gollum ~gollum/

and validate remotely

git clone ssh://gollum@SERVER_ADDRESS:PORT/REPO.git


from source

#apt -y install git ruby ruby-dev zlib1g-dbg zlib1g-dev libicu-dev make build-essential
#gem install bundle

#slackpkg install rubygem-bundler-1.15.4-x86_64-1_slonly

ruby -v
bundler -v
git clone
cd gollum/
bundle install
bin/gollum -v


apt install build-essential git ruby ruby-dev libicu-dev zlib1g-dev
gem install gollum rdiscount
which gollum
gollum -v #Gollum 4.1.4


as user

cd ~gollum/
cp /var/lib/gems/2.5.0/gems/gollum-4.1.4/config.rb config.rb.dist
vi config.rb

wiki_options = {
  :live_preview => false,
  :allow_editing => false,
  :allow_uploads => false,
  :h1_title => true,
  :universal_toc => true
  :show_all => true

Precious::App.set(:wiki_options, wiki_options)
Precious::App.set(:environment, :production)

Ready to go

Enable it at boot time as user gollum,

vi /etc/rc.local

echo Starting Gollum.
/usr/bin/chsh -s /bin/ash gollum
#/usr/bin/chsh -s /bin/dash gollum
su - gollum -c "nohup gollum --config config.rb --bare /REPO.git/ > /home/gollum/REPO.log 2>&1 &"
/usr/bin/chsh -s /usr/bin/git-shell gollum

chmod +x /etc/rc.local

Apply and check,

ps auxww | grep gollum
tail -F ~gollum/*.log
lynx -dump localhost:4567

Additional notes

replacing the GRIT adapter

apt -y install cmake pkg-config libcurl3-dev libssl-dev
gem install gollum-rugged_adapter

--adapter rugged

Note. With sate-of-the-art markdown formatting with better tables, and with the rugged adapter,

proxy ready

Only listening to localhost to be reverse proxied locally,


more options

Show everything in Files UI view,

  :show_all => true

Gollum via Rack

more Features

Optionally, add mediawiki formatting,

gem install wikicloth

replacing rdiscount

gem install github-markdown

You can then omit --bare when launching Gollum, as it is only required by GRIT.



How to unlock account for public key ssh authorization, but not for password authorization?



A simple, Git-powered wiki with a sweet API and local frontend.

gollum / gollum Wiki

Git Tip of the Week: Gollum

Formats and extensions


Authentication Middleware for Gollum Wiki

Installing Gollum on Ubuntu with authentication

Gollum with HTTP authentication for multi-users on web.

Nethence | Pub | Lab | Pbraun | SNE Russia | xhtml