Sunday, June 18, 2017

Make your own git push repository

Git, the most popular source control system, is one of the important concept every programmer should know nowadays. In my initial career, I stated used Visual Source Safe, now it is outdated, later, I started using subversion, and currently I am learning git which sounds very promising and powerful for me. In this article, I am going to write something about your own git push server configuration so that you do not need the public git server anymore(also you can store you private projects which you do not like to make your source code publicly visible). Another advantage is automation, if you have dedicated git server and then running build service (Jenkins, e.g.), then we can automate the task of deployment using build automation tool.

But I wont explore everything here, I would only explore how can you create a push server, create a new project and commit and push this project to this newly created git push server. Normally, there are two server, one server to commit, which is located in the same machine. So, basically, all source control related operations are carried out from this local git server(commit, differences etc). So a local git server can perform all tasks a subversion server do, the only difference is the subversion server can be located externally. Now, git provides the facility of pushing the project which means, the tasks you have done so far is complete and wanted other users to get your changes. 

So far we became familiar with some theoretical background, which is necessary. Now, I am gonna start how we can carry out the processes to prepare a git server(local) and git push server(remote).

REMOTE SERVER

1) Prerequisites

The first and foremost thing to think before begin is the server which should be running and accessible from your development computer.  I prefer Ubuntu-Server which makes the tasks easy as compared to windows.

If git is not installed, please install it. 

sudo apt install git-core

2) Create user git

sudo useradd git

Create password for git:

passwd git


[Alternative way is to create user certificates so that user can directly connect to the git server without even needing passwords]

3) Create folder to store project repositories

Now, I define a folder where I want all git based projects. For that, I have created a folder /opt/git where all project repositories are stored.

su git
mkdir /opt/git


Important: change the owner of /opt/git to git, if this folder was created by other users.

sudo chown -R git:git /opt/git

4) Create repository
su git
cd /opt/git
sudo mkdir project.git
cd project.git
git init --bare


So far, we have created an empty repository where we can push our changes from our development computers.

Please not that, the location of this git repository is represented by:

git@server:/opt/git/project.git

So other users can simply clone this project using

clone git@server:/opt/git/project.git



LOCAL REPOSITORY

For any git project, git prepares local repository where it stores project commits. We can even compare changes, restore to previous versions. Everything we can do even without needing remote server. A developer can manage all changes locally even without letting other developers notice. The remote push server mentioned above is need to push your changes when everything from your side is ready and other developers can implement it.

This section focuses on how can we prepare git client so that we can go on developing.

1) Simple Method:

This is simple method:

cd /home/krishna/workspace
git clone git@server:/opt/git/project.git

It creates an empty project with git repositories prepared. Now we can carry out any changes in this project(create a new file), we can commit it, and then push it to our own server prepared above.

2) Lengthy Method:

This method is a bit lengthy, in case some people interested, they are free to do. We create the repository by ourselves and add remote server to push.

cd /home/krishna/workspace/project
git init
git add .
git commit -m "first commit" .

So far so good, everything is done locally. 

Now we define the remote server

git remote add origin git@server:/opt/git/project.git
git push origin master 


More Tasks:

1) Disable git to access remote  shell

We have a new git user created, and this users can also login to shells to access the remote computer which is undesirable. So, we now enable git use only push and pull using ssh connection which is obtained for enabling git-shell to the git user.
a) Add git-shell in /etc/shells
cat /etc/shells
If git-shell does not exist here, we have to insert git-shell location here
which git-shell
copy this location to the end of /etc/shells. The file should look something like this:

/bin/sh
/bin/dash
/bin/bash
/bin/rbash
/usr/bin/tmux
/usr/bin/screen
/usr/bin/git-shell

Now we enable only git-shell for git user :

sudo chsh git -s $(which git-shell)

Here chsh means change shell. 

That's it, now we can not be able to login to remote server using ssh as git user.

2) Enable password-less login for git users

It is not always appropriate to provide password to authenticate to git remote server, so we create certificates for users and the specified user can login without need of passwords.


Now lets create a private and a public key for myself.

















Tuesday, June 6, 2017

Users Management in Cassandra

In my previous article, I have introduced on how can we begin with installation and configuration, and this article more focused on further Cassandra management. I will also share my experiences regarding this.

Change Password of Super User

This article mainly focuses on users management. In previous chapter I have discussed up-to network connection, we just used the command

cqlsh [SERVER-ADDRESS]

Magically it got connected, I did not have any idea regarding users. Because of security, database comes with users with different roles and the defined user only has access the database. It was my fault that I could notice that at first, actually cassandra comes with default super user cassadra with password cassandra. The first step is to change the cassandra password as soon as possible.

root user: cassandra
default password:cassandra

So, first begin with changing password. I tried login without password, and executed the following command:

cqlsh [SERVER-ADDRESS]
alter user cassandra with password '**********';

I got error  saying "..CassandraRoleManager does not support PASSWORD", initially that sound weird, but later I noticed that we have to further modify configuration in conf/cassandra.yaml file.

Find the line with authenticator, and modify it to

authenticator: PasswordAuthenticator
authorizer: CassandraAuthorizer

Restart cassandra service to activate these configurations, now we need user name and password to connect to database. And, good news, is we can now alter password of default superuser (cassandra).

alter user cassandra with password '*****************';

Create Custom User

We have to first note that, there are two types of users in cassandra, supseruser and nonsuperuser. The difference is clear, superuser has some elevated roles compared to nonsuperuser. Superusers can create new users, delete users, change passwords of users, while normal users can only change their own password.

So, to create a custom user you have to be a superuser. First we login with superuser:

csqlsh [SERVER-ADDRESS] -u cassandra

Provide password for cassandra. Then, after successful login,  we provide the following command:

create user if not exists frietec with password '********' supseruser;

Thats it! Now, we created users and defined roles to access.