|author||Richard Maw <email@example.com>||2017-02-12 15:37:44 +0000|
|committer||Richard Maw <firstname.lastname@example.org>||2017-02-12 15:37:44 +0000|
Describe config in repositories
Diffstat (limited to 'about/what-is.mdwn')
1 files changed, 26 insertions, 0 deletions
diff --git a/about/what-is.mdwn b/about/what-is.mdwn
index 52a3b83..b10ab4d 100644
@@ -63,3 +63,29 @@ so it's safe to run semi-trusted code contributed by users
for purposes such as notifying web services of a repository update.
+# Configuration stored in git for global and per-repository configuration
+Gitano reads the majority of its configuration
+from the master branch of the `gitano-admin.git` repository
+in the set of repositories it manages access to.
+For operations performed on a specific repository
+it reads configuration from that repository's `refs/gitano/admin` branch.
+ACLs stored in `gitano-admin.git` are supplemented from `refs/gitano/admin`
+so users may add their own access restrictions.
+Any hooks defined in `gitano-admin.git` (i.e. a global hook) get called
+with a per-repo hook as a parameter if defined in `refs/gitano/admin`,
+so the global hook may decide whether to suppress or call the per-repo hook.
+If a global hook is not defined then per-repo hooks are called if defined.
+Users, their ssh keys, groups and GPG keys
+are only loaded from the `gitano-admin.git` repository.
+By putting the configuration of Gitano in repositories managed by Gitano
+it is easy to make a backup of configuration with the data
+by mirroring the repository content,
+configuration gains the same traceability guarantees as git history
+and can be access controlled with the same mechanism as the data.