Archive for the ‘sudoer’ tag
There is a smart way to keep your web site up-to-date when you use a git repository to manage your HTML sources. You can use a post-receive hook to immediately send changes to your httpdocs folder whenever you push changes to the repository. Here are the actions to do.
- Grant write access to the httpdocs folder for the user/group git.
- Add a detached worktree to the git configuration.
- Add the checkout command to the post-receive hook.
1. Grant write access to the httpdocs folder for the user/group git
You need to enable the user that runs the post-receive hook to write to the webserver folder. The user typically is git or the group git. Edit the sudoer file using the visudo command to grant access to the aforementioned folder.
%git ALL=(ALL) NOPASSWD: /usr/bin/git
Read this documentation to understand the sudoer file and another helpful posting from Gilles on sudoer parameters. My best regards go out to Abhijit Menon-Sen who helped me to understand the sudoer commands.
2. Add a detached worktree to the git configuration.
Following the tutorial of Abhijit Menon-Sen on “using git to manager a web site” you need to change your configuration as follows.
$ git config core.worktree /var/www/www.domain.com/httpdocs/ $ git config core.bare false $ git config receive.denycurrentbranch ignore
3. Add the checkout command to the post-receive hook.
Finally add the command to the post-receive script that will update your web site httpdocs folder.
sudo git checkout -f
The git checkout command is run in the context of the root user. This context switch is allowed via the sudoer file edited earlier. The switch is neccessary to gain write access to the location of the detached worktree which is httpdocs.