apache ALL=(phd) SETENV: NOPASSWD: /usr/bin/git, /usr/bin/git-upload-pack, /usr/bin/git-receive-pack
git ALL=(phd) SETENV: NOPASSWD: /usr/bin/git, /usr/bin/git-upload-pack, /usr/bin/git-receive-pack
phd.service
# Systemd unit file for phd
[Unit]
Description=Phabricator Daemon
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/usr/share/nginx/phabricator/bin/phd start
ExecStop=/usr/share/nginx/phabricator/bin/phd stop
Restart=on-failure
User=phd
Group=phd
[Install]
WantedBy=multi-user.target
复制 <phabricator_root>/resources/sshd/phabricator-ssh-hook.sh
到 /usr/local/sbin/
并修改其中的配置。
修改 /etc/ssh/sshd_config
,向尾部添加下面的配置:
Match User git
AllowAgentForwarding no
AllowTcpForwarding no
PasswordAuthentication no
AuthorizedKeysFile none
AuthorizedKeysCommand /usr/local/sbin/phabricator-ssh-hook.sh
AuthorizedKeysCommandUser git