Skip to content

Latest commit

 

History

History
138 lines (130 loc) · 5.04 KB

README.md

File metadata and controls

138 lines (130 loc) · 5.04 KB
Raw

How to set up a private Git server on Debian 8.0 (jessie) - raspberry pi (including gitweb)

Just a few notes with the exact commands to set up your own private git server on Debian 8.0 jessie (for me on a raspberry pi 1). I did this instructions because I felt the need to do as no 100% ACCURATE and correct information for this can be found online.

  • It will use SSH keys for authentication.
  • this is a virgin system so I will show you my exact steps:

my hostname is raspberry, my FQDN is raspberry.skynet

apt-get update
apt-get upgrade
apt-get install apache2 openssh-server git gitweb vim -y

activate cgi in order gitweb will work (cgi is disabled by default in apache2 on debian)

a2enmod cgi

enable apache2 for using gitweb

systemctl enable apache2

create local git user (remember the git password as we will need it later):

adduser git
passwd git

login as git

su - git

create dir / files for the authorized_keys client authentication we will use later

mkdir ~/.ssh && chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys && chmod 600 .ssh/authorized_keys

create location to store all our future repositories

mkdir ~/repos/

create our first repository called my_first_repo(change accordingly) and initalize as a git repos

mkdir ~/repos/my_first_repo
cd $_
git --bare init
git update-server-info
logout

configure gitweb to use our new base repositories path, as root open the file /etc/gitweb.conf , find the line that starts with $projectroot = edit it to point it to our git user's repos path so it looks like: $projectroot = "/home/git/repos"; save and close the file, next start apache2:

systemctl start apache2

Now on any client in the same network browse to the following url to browse gitweb which should give you an overview with the my_first_repo listing (or whatever you called your first repos). use any modern web browser http://raspberry.skynet/gitweb

Now for any client in the same network on the commandline to access our git server we will use SSH keys for authentication. You can do this without setting a SSH key password which will make your git server access very convenient, but using a password is recommended as it adds another layer of security. Use the following command replacing [email protected] with your email (this has to be done locally on your client):

ssh-keygen -C "[email protected]"

Finally add our newly generated SSH key for authentication to the git user on the git server. This will be used for authentication, (do this next command locally on your client to transfer automatically to your server):

cat ~/.ssh/id_rsa.pub | ssh [email protected] "cat >> ~/.ssh/authorized_keys"

Now on any client in the same network to clone the new remote repos do (enter the git password you defined in a former step):

git clone ssh://[email protected]/home/git/repos/my_first_repo
cd my_first_repo
touch HELLO_WORLD.TXT
git add HELLO_WORLD.TXT
git commit -a -m "adding first file to the project"
git push origin

Finally refresh http://raspberry.skynet/gitweb to test if the new file HELLO_WORLD.TXT has been uploaded correctly!

Summary

In summary now if you want to create a new repository on your git server, log in on the git server as user git, then if your new repo is called tha_new_repoz_proj do:

mkdir ~/repos/tha_new_repoz_proj
cd $_
git --bare init
git update-server-info
logout

On any client in this network you then can clone this new repository using:

git clone ssh://[email protected]/home/git/repos/tha_new_repoz_proj

If you have some new clients you want to add to your Git server you need to enable SSH key authentication for them:

ssh-keygen -C "[email protected]"
cat ~/.ssh/id_rsa.pub | ssh [email protected] "cat >> ~/.ssh/authorized_keys"

Update: protect your local gitweb web site with basic user authentication

open the gitweb apache2 config after we made a backup of it first:

cp /etc/apache2/conf-available/gitweb.conf /etc/apache2/conf-available/gitweb.conf.BAK
vi /etc/apache2/conf-available/gitweb.conf

edit the file so in the end it will look like:

<IfModule mod_alias.c>
  <IfModule mod_cgi.c>
    Define ENABLE_GITWEB
  </IfModule>
  <IfModule mod_cgid.c>
    Define ENABLE_GITWEB
  </IfModule>
</IfModule>

<IfDefine ENABLE_GITWEB>
  Alias /gitweb /usr/share/gitweb

  <Directory /usr/share/gitweb>
    AuthType Basic
    AuthName "Gitweb protected web site"
    AuthBasicProvider file
    AuthUserFile /usr/share/gitweb/.htpasswd
    Require valid-user
    Options +FollowSymLinks +ExecCGI
    AddHandler cgi-script .cgi
  </Directory>
</IfDefine>

Now add a new authorization user, we will use git for our purpose (you can use any username you would like):

htpasswd -c /usr/share/gitweb/.htpasswd git

Finally restart apache2, then browse to gitweb using your browser, you will then be greeted by our new password prompt

service apache2 restart