Sat 29th May 2021 By David T. Sadler.
I've always liked the idea of self hosting some of my git repositories. After a bit of research I found that it involves.
Since its an Ubuntu server installing git is as simple as.
$ sudo apt install git-core
The git user will serve two purposes.
$ sudo adduser --system --shell /usr/bin/git-shell --group --disabled-password --home /home/git git
On my local machine git will use ssh to connect to the remote server as the git user. In order to do this I will need to copy my public ssh key to the git user account.
The below commands create the required .ssh directory and authorized_keys file with the correct permissions.
$ sudo mkdir /home/git/.ssh
$ sudo chown git:git /home/git/.ssh
$ sudo chmod 700 /home/git/.ssh
$ sudo touch /home/git/.ssh/authorized_keys
$ sudo chown git:git /home/git/.ssh/authorized_keys
$ sudo chmod 600 /home/git/.ssh/authorized_keys
Now I can copy the public ssh key of anyone who needs access to the repositories. There are a few ways of doing this and I tend to just edit the authorized_keys file and manually copy and paste the keys into it.
$ sudo vim /home/git/.ssh/authorized_keys
Note that to prevent ssh port forwarding via the git user account I prepend the no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty options to the key.
$ sudo cat /home/git/.ssh/authorized_keys
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCB007n/ww+ouN4gSLKssMxXnBOvf9LGt4LojG6rs6h
PB09j9R/T17/x4lhJA0F3FR1rP6kYBRsWj2aThGw6HXLm9/5zytK6Ztg3RPKK+4kYjh6541N
YsnEAZuXz0jTTyAUfrtU3Z5E003C4oxOj6H0rfIF1kKI9MAQLMdpGW1GYEIgS9EzSdfd8AcC
IicTDWbqLAcU4UpkaX8KyGlLwsNuuGztobF8m72ALC/nLF6JLtPofwFBlgc+myivO7TCUSBd
LQlgMVOFq1I2uPWQOkOWQAHukEOmfjy2jctxSDBQ220ymjaNsHT4kgtZg2AYYgPqdAv8JggJ
ICUvax2T9va5 gsg-keypair
On my local machine I can test ssh access.
$ ssh git.davidtsadler.com
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.
The message that comes back indicates that ssh is working and that the git-shell is been used.
An empty repository is setup by running git init with the --bare option. I also ensure that the git user owns the repository and that main will be the default branch when its checked out.
$ sudo git init --bare /home/git/test.git/
$ sudo chown -R git:git /home/git/test.git/
$ sudo git --git-dir=/home/git/test.git/ symbolic-ref HEAD refs/heads/main
Back on my local machine I can create a test project and push it to the remote server.
$ mkdir test
$ cd test
$ git init
$ touch readme
$ git add .
$ git commit -m 'Initial commit'
$ git remote add origin git@git.davidtsadler.com:test.git
$ git push origin main
I can also test that I can clone the repository.
rm -rf test
git clone git@git.davidtsadler.com:test.git
I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.
Email david@davidtsadler.comCopyright © 2021 David T. Sadler.
Return to Homepage.