+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDuNResYJNUNlReRIxPMMnI3hAaW5dNs3E2qoeqHsU/nwnL+czVKOkHnG8gQaKSN7q0wVP3o3ozSsGHdYBJ0YrAYMccOPGkPJ6Aua/7LBkxTc1bVbGrPAEVDYfvNKTU0KjbOfUt6bAbtx1KzbzttBHRR14AxHSUH3ELja6a1foATQWyArLmykmo8aFp75n9+b8XVkmtVtSB0VFibMGwLekNgTD1zOZfzqjxD2EQop279Y8s9kfadpxznONLBNgNUZEzkk++MTh2a6OXW4WA2+dH8WaG2hwjghYbqSDlYe9yjyxhRS0ZtUuVlxlMlTsn0MIt/fYlYNSJts4I11ehBQFkzWUv/i/BgKFKX2M1A5fZTI9emlKJ/Iz3EyXNg1VNc/8iCVaWMpKUbT8Hao8qvwihoZegyVZRmCbUDyxVpjy2Qyl3/dl8mjsYbzYK6CyLo198rCeSrYlF7c81KikPmNuibzSL0UHvA94HK7hVWfu+iZKPZOYVdIle25+hZcL+s7GROy5iGWA9qwgaqXShbqhyyg/lXCY8MdyDBdomWrdk9SvQ0hbNLwSrNlcHAoO3H8/HRcoW4/faiFsm8SFF4RnsIYfVNKCUYlf4kspbHUxUWuEMtOxpo/uu3Zs7hI+TQL9FKwrLRgnu72sx0Y1o4PIGHUldSgzoYAxL+EaF3qgYhoOyiVFa5IRioaG9FRFJ1hboq+0XxQXYzJ8z9CrRa/Gxrp/Etqdevm8IjuOWelDAR4UPgeQsvjHvZVxLOGay8wBtA0/My9meouPDn7jzPjfFUcmdB99PM/PfrqJBC+WdldEfURrAeax6b2LidFl3bN4BLGwK0BlPybjgj7jm1THMnnM4F7BmhzA8MN1tmcEIiZSbW3lRjMxTikGkhvq1NbMp/k6ZmMkwJcwORSJRVdji3wYOuQxl2/u+Ey2NtBXyA5TomPvkWR/h9us+2/8WOxVlpjs6PtYEguehLbuqPWANM1FG9ngAMc1yGMp9YXPKQn+xVvOssOK6VoAu57q9zHJ5GQe8Pm6+2Qpq7hWRDkxIfnDGAeLDIlHa4JunX+okSCH14fx2PpwRfQ1UUhp5wnDtcAfkWGmq82HQknAigNWih5LqPthfjMuhUUcgYsciWYFKZbum4/yecfXUUx9SlcAwVrEZ+kwvNw1UsjrRtITsCBaBlSDpioyXYmJ6ldxUOKZiqAvAKeB0zRF3xpALWZuADh22BzWaNeLL8Gw5uR9TV7PGQ9wpd07SRsdabqLtYqg2P0/t+zPlKHNkL80vZjmuYJeHZ6Zmv3K4PsKEsHG3nXcA8PUI09IfvBbUnzlUb46V5K2O6E3iiSeQBRv7jWEkwGZy9/lBMUM7Qxw3a9Hv till@hoeppner.ws

+if [ ! -e /data/ssh/host_rsa_key ]; then

+ echo "Generating host keys"

+ ssh-keygen -t rsa -f /data/ssh/host_rsa_key

+ ssh-keygen -t dsa -f /data/ssh/host_dsa_key

+ ssh-keygen -t ecdsa -f /data/ssh/host_ecdsa_key

+ ssh-keygen -t ed25519 -f /data/ssh/host_ed25519_key

+fi

+# configuration variables for gitolite

+

+# This file is in perl syntax. But you do NOT need to know perl to edit it --

+# just mind the commas, use single quotes unless you know what you're doing,

+# and make sure the brackets and braces stay matched up!

+

+# (Tip: perl allows a comma after the last item in a list also!)

+

+# HELP for commands can be had by running the command with "-h".

+

+# HELP for all the other FEATURES can be found in the documentation (look for

+# "list of non-core programs shipped with gitolite" in the master index) or

+# directly in the corresponding source file.

+

+%RC = (

+ #GL_REPO_BASE => '/data/projects/',

+ #GL_ADMIN_BASE => '/data/',

+

+ # ------------------------------------------------------------------

+

+ # default umask gives you perms of '0700'; see the rc file docs for

+ # how/why you might change this

+ UMASK => 0002,

+

+ # look for "git-config" in the documentation

+ GIT_CONFIG_KEYS => 'hooks\.readme url.*insteadOf',

+

+ WRITER_CAN_UPDATE_DESC => 1,

+

+ # comment out if you don't need all the extra detail in the logfile

+ LOG_EXTRA => 1,

+ # logging options

+ # 1. leave this section as is for 'normal' gitolite logging (default)

+ # 2. uncomment this line to log ONLY to syslog:

+ # LOG_DEST => 'syslog',

+ # 3. uncomment this line to log to syslog and the normal gitolite log:

+ # LOG_DEST => 'syslog,normal',

+ # 4. prefixing "repo-log," to any of the above will **also** log just the

+ # update records to "gl-log" in the bare repo directory:

+ # LOG_DEST => 'repo-log,normal',

+ # LOG_DEST => 'repo-log,syslog',

+ # LOG_DEST => 'repo-log,syslog,normal',

+

+ # roles. add more roles (like MANAGER, TESTER, ...) here.

+ # WARNING: if you make changes to this hash, you MUST run 'gitolite

+ # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'

+ ROLES => {

+ READERS => 1,

+ WRITERS => 1,

+ },

+

+ # enable caching (currently only Redis). PLEASE RTFM BEFORE USING!!!

+ # CACHE => 'Redis',

+

+ # ------------------------------------------------------------------

+

+ # rc variables used by various features

+

+ # the 'info' command prints this as additional info, if it is set

+ # SITE_INFO => 'Please see http://blahblah/gitolite for more help',

+

+ # the CpuTime feature uses these

+ # display user, system, and elapsed times to user after each git operation

+ # DISPLAY_CPU_TIME => 1,

+ # display a warning if total CPU times (u, s, cu, cs) crosses this limit

+ # CPU_TIME_WARN_LIMIT => 0.1,

+

+ # the Mirroring feature needs this

+ # HOSTNAME => "foo",

+

+ # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING!

+ # CACHE_TTL => 600,

+

+ # ------------------------------------------------------------------

+

+ # suggested locations for site-local gitolite code (see cust.html)

+

+ # this one is managed directly on the server

+ # LOCAL_CODE => "$ENV{HOME}/local",

+

+ # or you can use this, which lets you put everything in a subdirectory

+ # called "local" in your gitolite-admin repo. For a SECURITY WARNING

+ # on this, see http://gitolite.com/gitolite/non-core.html#pushcode

+ # LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local",

+

+ # ------------------------------------------------------------------

+

+ # List of commands and features to enable

+

+ ENABLE => [

+

+ # COMMANDS

+

+ # These are the commands enabled by default

+ 'help',

+ 'desc',

+ 'info',

+ 'perms',

+ 'writable',

+

+ # Uncomment or add new commands here.

+ 'create',

+ # 'fork',

+ # 'mirror',

+ # 'readme',

+ # 'sskm',

+ 'D',

+

+ # These FEATURES are enabled by default.

+

+ # essential (unless you're using smart-http mode)

+ 'ssh-authkeys',

+

+ # creates git-config entries from gitolite.conf file entries like 'config foo.bar = baz'

+ 'git-config',

+

+ # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out

+ 'daemon',

+

+ # creates projects.list file; if you don't use gitweb, comment this out

+ 'gitweb',

+

+ # These FEATURES are disabled by default; uncomment to enable. If you

+ # need to add new ones, ask on the mailing list :-)

+

+ # user-visible behaviour

+

+ # prevent wild repos auto-create on fetch/clone

+ # 'no-create-on-read',

+ # no auto-create at all (don't forget to enable the 'create' command!)

+ # 'no-auto-create',

+

+ # access a repo by another (possibly legacy) name

+ # 'Alias',

+

+ # give some users direct shell access. See documentation in

+ # sts.html for details on the following two choices.

+ # "Shell $ENV{HOME}/.gitolite.shell-users",

+ # 'Shell alice bob',

+

+ # set default roles from lines like 'option default.roles-1 = ...', etc.

+ # 'set-default-roles',

+

+ # show more detailed messages on deny

+ # 'expand-deny-messages',

+

+ # show a message of the day

+ # 'Motd',

+

+ # system admin stuff

+

+ # enable mirroring (don't forget to set the HOSTNAME too!)

+ # 'Mirroring',

+

+ # allow people to submit pub files with more than one key in them

+ # 'ssh-authkeys-split',

+

+ # selective read control hack

+ # 'partial-copy',

+

+ # manage local, gitolite-controlled, copies of read-only upstream repos

+ 'upstream',

+

+ # updates 'description' file instead of 'gitweb.description' config item

+ 'cgit',

+

+ # allow repo-specific hooks to be added

+ # 'repo-specific-hooks',

+

+ # performance, logging, monitoring...

+

+ # be nice

+ # 'renice 10',

+

+ # log CPU times (user, system, cumulative user, cumulative system)

+ # 'CpuTime',

+

+ # syntactic_sugar for gitolite.conf and included files

+

+ # allow backslash-escaped continuation lines in gitolite.conf

+ # 'continuation-lines',

+

+ # create implicit user groups from directory names in keydir/

+ # 'keysubdirs-as-groups',

+

+ # allow simple line-oriented macros

+ # 'macros',

+

+ # Kindergarten mode

+

+ # disallow various things that sensible people shouldn't be doing anyway

+ # 'Kindergarten',

+ ],

+

+);

+

+# ------------------------------------------------------------------------------

+# per perl rules, this should be the last line in such a file:

+1;

+

+# Local variables:

+# mode: perl

+# End:

+# vim: set syn=perl:

+# Package generated configuration file

+# See the sshd_config(5) manpage for details

+

+# What ports, IPs and protocols we listen for

+Port 22

+# Use these options to restrict which interfaces/protocols sshd will bind to

+#ListenAddress ::

+#ListenAddress 0.0.0.0

+Protocol 2

+# HostKeys for protocol version 2

+HostKey /data/ssh/host_rsa_key

+HostKey /data/ssh/host_dsa_key

+HostKey /data/ssh/host_ecdsa_key

+HostKey /data/ssh/host_ed25519_key

+#Privilege Separation is turned on for security

+UsePrivilegeSeparation yes

+

+# Logging

+SyslogFacility AUTH

+LogLevel VERBOSE

+

+# Authentication:

+LoginGraceTime 120

+PermitRootLogin no

+StrictModes yes

+

+PubkeyAuthentication yes

+AuthorizedKeysFile /data/git/.ssh/authorized_keys

+

+# Don't read the user's ~/.rhosts and ~/.shosts files

+IgnoreRhosts yes

+# similar for protocol version 2

+HostbasedAuthentication no

+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication

+#IgnoreUserKnownHosts yes

+

+# To enable empty passwords, change to yes (NOT RECOMMENDED)

+PermitEmptyPasswords no

+

+# Change to yes to enable challenge-response passwords (beware issues with

+# some PAM modules and threads)

+ChallengeResponseAuthentication no

+

+# Change to no to disable tunnelled clear text passwords

+PasswordAuthentication no

+

+X11Forwarding no

+PrintMotd no

+TCPKeepAlive yes

+#UseLogin no

+

+# Allow client to pass locale environment variables

+AcceptEnv LANG LC_*

+

+# Subsystem sftp /usr/lib/openssh/sftp-server