How to configure GIT remotes with FTPS¶
This document explains how to configure an Redhat 8 Attune node to use FTP with Explicit for version control. This method is a way of using the FTP protocol but in a secure way. When FTP makes a TCP connection, it is encrypted end to end so the data can not be read in transit.
Install¶
Install openssl¶
Check to see if OpenSSL is installed on the Attune host:
1 | dnf list installed openssl |
If it is not installed, install it with:
1 | dnf install openssl |
Install GIT¶
Git only needs to be installed if it is not already, to check
if git is installed, run: dnf list installed git
To install git, run:
dnf install git
Install git ftp¶
GIT_FTP is required for the FTP Transfer. The project can be found here: https://github.com/git-ftp/git-ftp
To install git_ftp run:
1 2 3 | # as the attune user curl https://raw.githubusercontent.com/git-ftp/git-ftp/master/git-ftp > $HOME/bin/git-ftp chmod 755 $HOME/bin/git-ftp |
This downloads the script and makes it executable in the Attune users binary directory.
Install curl-devel package¶
The curl-devel package includes the header files and libraries necessary to develop applications that handle HTTP or FTP transactions using the cURL library.
To install the package, run:
1 | dnf install -y curl-devel |
Install openssl-devel package¶
To install the package, run:
1 2 | #as root dnf install -y openssl-devel |
Build curl v8¶
git_ftp utilised curl for the ftp transfer. curl Version 8 or greater needs to be installed but this is no always
available in RHEL8 repositories. It is important that this version of curl is installed in the users bin
directory so that replacing the system version does not cause anything to break.
Install Dev Tools:
1 | sudo yum groupinstall -y "development tools" |
Download curl version 8:
1 | curl --output bin/curl-8.5.0.tar.gz https://curl.se/download/curl-8.5.0.tar.gz |
Extract the file:
1 | tar -xvf curl-8.5.0.tar.gz |
Change into the directory:
1 | cd curl-8.5.0 |
Configure curl
1 | ./configure --with-openssl --prefix=$HOME |
Build curl
1 | make
|
Warning
Ensure that the install path is /home/attune/bin
Install curl
1 | make install |
Add the Attune users bin directory to the PATH.
1 2 3 4 5 6 | cat <<'EOF' >> ~/.bashrc # Add Path for GIT FTP export PATH="$HOME/bin:$PATH" EOF |
Source the bashrc file
1 | source ~/.bashrc |
Check that the version is v8
1 | curl --version |
Note
If the version is not v8, you need to check that /home/attune/bin
is in the $PATH
variable.
Configure the Repository¶
Configure the git ftp repository settings¶
In your project repository, run:
1 2 3 | git config git-ftp.user "<username>" git config git-ftp.url "<URL>" git config git-ftp.password "<password>" |
Warning
It is not secure to store the users password in plain text. git_ftp can use the -P flag to prompt the users password.
Note
The url must specify explicit TLS like ftpes://<hostname>:<port><path_to_file>.git
The path is the relative path from the FTP session root.
Run GIT INIT¶
Running git init in an existing repository is safe. It will not overwrite things that are already there. The primary reason for rerunning git init is to pick up newly added template..
For example:
1 | git ftp init -P --disable-epsv -v --insecure "ftpes://10.211.55.2:21/trace-configuration-script.git" |
-P asks the user to manually enter the password
–disable-epsv Disables Extended Passive Mode
– insecure Does not check the certificate
How to use Git FTP¶
To push a file¶
In your repository, run:
1 | git ftp push -P --disable-epsv -v --insecure |
Git FTP Reference¶
For a list of git-ftp reference, see: git_ftp reference guide
Troubleshooting¶
For troubleshooting instructions, see How to Troubleshoot Git FTP
Appendix¶
Prerequisites¶
The Prerequisites for FTPES are:
GIT installed.
GIT_FTP installed.
CURL version 8
OpenSSL is installed
Curl Devel