Setting up a GIT repository on DD-WRT with USB storage
I have an Asus WL-500G Premium v2 router that is underused 😉 I mainly used it for having my private network at work and to enable VPN access to it. I have been using GIT locally for version control on my projects. Yes I know I should put them on GitHub or similar repositories, but none all of then a open source.
The other day I was thinking (once in a while doesn’t hurt) and realized that I could use the USB ports on my router to store my coding projects. So, next you will find a howto install a GIT server on a DD-WRT based router. I don’t know if it is the more secure way of installing it, but at least it works and as my working place has a inbound firewall that only allows inbound connections though the VPN, then I don’t mind my colleagues access it and touch something.
The tutorial needs that you have SSH access to your router using SSH keys in order to install and modify some files. There are lot of tutorials on enabling it.
USB support on DD-WRT
Your router has to run a dd-wrt version that allows you to enable USB storage. The easiest way is to install the dd-wrt Mega version that has everything that dd-wrt supports by default. Otherwise you have to use
ipkg to install the requiered kernel modules for USB.
Before enabling USB storage, you need actual pendrive or hard disk you will be using. In my case, I used an 8Gb USB pendrive formatted as ext3.
# mkfs.ext3 /dev/sdb1
Plug the USB to the router and enable USB Storage. I have used dd-wrt web gui to enable it. I have only enabled the options I really needed.
Services --> USB Core USB Support .............. [enable] USB 1.1 (UHCI) ................ [disable] USB 1.1 (OHCI) ................ [disable] USB 2.0 Support ............... [enable] USB Printer Support ........... [disable] USB Storage Support ........... [enable] ext2/ext3 File Sytem Support .. [enable] FAT File System Support ....... [disable] Automatic Drive Mount ......... [enable] Run-on-mount Script Name ...... [empty] Disk Mount Point .............. [/opt]
Save and apply the new settings. Check that everything when fine.
$ ssh firstname.lastname@example.org
# ls /opt lost+found
Git package is not available on OpenWrt or DD-Wrt repositories. So we will be using Optware packages from NSLU2-Linux. Here you can find a list of other repositories, but Optware repository has GIT package.
Let’s create the Optware support.
# wget http://www.3iii.dk/linux/optware/optware-install-ddwrt.sh -O - | tr -d '\r' > /tmp/optware-install.sh # sh /tmp/optware-install.sh
# wget -O /tmp/prep_optware http://wd.mirmana.com/prep_optware # sh /tmp/prep_optware
Wait for a while. You should see a log similar to the one below. In my system the progress bars didn’t work. Sorry for not posting my output, but I forgot to copy it. This one is copied from dd-wrt wiki links.
Checking system config ... Using 192.168.1.1 as default gateway. Using the following nameserver(s): nameserver 192.168.1.30 Warning: local nameserver is different than gateway! Check config or enter: sed -i s/192.168.*/192.168.1.1/ /tmp/resolv.conf to correct this. Installing package uclibc-opt_0.9.28-13_mipsel.ipk ... Connecting to ipkg.nslu2-linux.org[126.96.36.199]:80 uclibc-opt_0.9.28-12 100% |***********************************************| 832 KB 00:00:00 ETA Updating /opt/etc/ld.so.cache /opt/sbin/ldconfig: can't create /opt/etc/ld.so.cache~ (No such file or directory) Installing package ipkg-opt_0.99.163-9_mipsel.ipk ... Connecting to ipkg.nslu2-linux.org[188.8.131.52]:80 ipkg-opt_0.99.163-9_ 100% |***********************************************| 75896 00:00:00 ETA Downloading http://ipkg.nslu2-linux.org/feeds/optware/ddwrt/cross/stable/Packages.gz Inflating http://ipkg.nslu2-linux.org/feeds/optware/ddwrt/cross/stable/Packages.gz Updated list of available packages in /opt/lib/ipkg/lists/optware Successfully terminated. Installing uclibc-opt (0.9.28-12) to /opt/... Downloading http://ipkg.nslu2-linux.org/feeds/optware/ddwrt/cross/stable/uclibc-opt_0.9.28-12_mipsel.ipk package uclibc-opt suggests installing ipkg-opt Configuring uclibc-opt Updating /opt/etc/ld.so.cache Successfully terminated. Installing ipkg-opt (0.99.163-9) to /opt/... Downloading http://ipkg.nslu2-linux.org/feeds/optware/ddwrt/cross/stable/ipkg-opt_0.99.163-9_mipsel.ipk Configuring ipkg-opt Successfully terminated.
Check that under
/opt you have
etc, … directories.
Once install Optware support, you will have access to
ipkg-opt command that will enable access to repositories and will install everything under
Now it’s time to install git package.
ipkg-opt has a similar syntax to
# /opt/bin/ipkg-opt install git
Wait for a while as it downloads not only the main package but its dependencies as well. After a while git will be installed. You can find the executables in
/opt/bin, if you want to check.
Configure GIT server environment
Once we have installed all the required programs, it is time to configure the system to be run as a server.
First of all we are creating a new user in DD-WRT. Several posts say it is not possible or it is not advisable. I don’t know it this will imply a security breach, but I’ve managed to create a new user.
The procedure consists on manually modify
/etc/group files to include the new user and group configuration. However, any change you make on these files is lost on next reboot unless you have JFFS2 enabled, which wasn’t my case.
The solution I found was to generate a startup script that creates the user and group on every boot.
First thing to do is to create the startup script. I placed it under
/opt/usr/bin and it will execute all the
*.startup files under
/opt/etc/config. It’s up to you to modify locations for the ones you’d like.
# mkdir -p /opt/usr/bin # cd /opt/usr/bin # cat > startup-scripts #!/bin/sh for I in `/bin/ls /opt/etc/config/*.startup`;do sh $I & done # chmod +x startup-scripts
It is important to set the system to use this new script on each boot. There are several ways of setting startup scripts on DD-WRT. I have chosen the NVRAM procedure as I think it is the easier and can be done through the web gui.
Administration --> Commands Commands ....... /opt/usr/bin/startup-scripts Save Startup
You can set as many startup scripts as you want, but the script we have created will search for all the ones we would like to set automatically.
Now it is time to create the scripts to run on startup. I have create only one that its called
# mkdir -p /opt/etc/config # cd /opt/etc/config # cat > useradd.startup #!/bin/sh echo 'git:x:120:' >> /tmp/etc/group echo 'git:x:120:120:git version control,,,:/opt/home/git:/opt/bin/git-shell' >> /tmp/etc/passwd # chmod +x useradd.startup
On next reboot, the user
git will be automatically add.
Note: I have found that it is possible to add startup scripts in
/opt/etc/init.d in the same way as a desktop Linux distribution (S* and K*).
# mkdir -p /opt/etc/init.d
# cd /opt/etc/init.d
# cat > S01adduser
echo 'git:x:120:' >> /tmp/etc/group echo 'git:x:120:120:git version control,,,:/opt/home/git:/opt/bin/git-shell' >> /tmp/etc/passwd # chmod +x S01adduser
You can also install
adduser package to easy the procedure, but I haven’t check if it always assign the same user and group id.
In order to continue doing things without having to reboot, we have to run the just generated script to add the users.
Now it is time to create the
home directory for the
# mkdir -p /opt/home/git # cd /opt/home/git # mkdir .ssh # touch .ssh/authorized_keys # mkdir git-shell-commands # mkdir repositories # cd .. # chown -R git:git git
As you can see we have change the newly created directories and files to user
git. Remember that, as when ever doing something under
git user home directory, we should set the correct ownership.
The function of the different directories is explained next:
By using git-shell command as the shell,
gitis not able to access a complete shell but only the commands we set under the directory
git-shell-commands. For the moment
git-shell-commandsis left blank, but you can copy the examples files from your desktop git installation located at
/usr/share/doc/git/contrib/git-shell-commands/, where you also have more information about
repositoriesis the place where the different project will be stored. You can also create them directly in the home directory.
.sshwill hold the file
authorized_keysof the users you want to grant access to the git repository
Configure GIT server
Add a new user
We have to add his public key to the
authorized_keys file on the server.
On your laptop execute the following to generate the private and public key.
$ cd ~ $ ssh-keygen -t rsa $ cd .ssh $ ls -l total 20 -rw------- 1 user group 1675 2009-03-10 14:18 id_rsa -rw-r--r-- 1 user group 392 2009-03-10 14:18 id_rsa.pub -rw-r--r-- 1 user group 8642 2009-03-10 12:10 known_hosts $ cat id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCB007n/ww+ouN4gSLKssMxXnBOvf9LGt4L ojG6rs6hPB09j9R/T17/x4lhJA0F3FR1rP6kYBRsWj2aThGw6HXLm9/5zytK6Ztg3RPKK+4k Yjh6541NYsnEAZuXz0jTTyAUfrtU3Z5E003C4oxOj6H0rfIF1kKI9MAQLMdpGW1GYEIgS9Ez Sdfd8AcCIicTDWbqLAcU4UpkaX8KyGlLwsNuuGztobF8m72ALC/nLF6JLtPofwFBlgc+myiv O7TCUSBdLQlgMVOFq1I2uPWQOkOWQAHukEOmfjy2jctxSDBQ220ymjaNsHT4kgtZg2AYYgPq dAv8JggJICUvax2T9va5
Copy the key to the router.
$ scp ~/.ssh/id_rsa.pub email@example.com:/opt/home/git/.ssh # cd /opt/home/git/.ssh # cat id_rsa.pub >> authorized_keys # rm -rf id_rsa.pub
And a new user has access granted to the server. For each new user follow the same steps.
Create a new repository
On the router run
# cd /opt/home/git/repositories # mkdir project.git # cd project.git # git --bare init # cd .. # chown -R git:git project.git
Now on your laptop you can push the first version of their project into that repository by adding it as a remote and pushing up a branch.
$ cd myproject $ git init $ git add . $ touch README $ git add README $ git commit -m 'initial commit' $ git remote add origin firstname.lastname@example.org:repositories/project.git $ git push origin master
At this point, the others can clone it down and push changes back up just as easily:
$ git clone git@gitserver:/opt/git/project.git $ vim README $ git commit -am 'fix for the README file' $ git push origin master
And we are done!!! Hope I haven’t forgotten any step. If you have any trouble, just leave a message and I will try to help you out.
As always, thanks to all the people that create good references helping out others.