How to Set Up a Private Git Server on Linux

A Git server hosts the repository of a project, which contains the source code and other core files. While, for the most part, you can rely on globally known Git hosting services like GitHub, in some cases, it is better to host your personal Git server for added privacy, customizability, and security.

Let’s learn how you can set up a private Git server on Linux.

Prerequisites to Setting Up a Git Server

Before you start setting up your private Git server, you must have access to a spare machine or should be subscribed to cloud providers. This is important as you’ll set up the spare machine to act as a Git server to which you’ll connect from your local machine and perform Git operations.

While there are no well-defined system requirements, one gigabyte of RAM should be enough for the Git server to be functional. Furthermore, make sure you have a Linux distribution up and running on the machine.

Step 1: Download and Install Git on the Linux Server

Needless to say, you need to have Git installed on your Linux server as a preliminary step. Fire up a terminal and use the package manager of your Linux distribution to install Git:

On Debian/Ubuntu derivatives:

sudo apt install git

On Arch-based distributions:

sudo pacman -S git

On CentOS/RHEL/Fedora:

sudo dnf install git

Once Git is installed on your system, proceed to the next steps to configure your Linux system to host your Git repositories as a Git server.

Step 2: Set Up a Git User Account

Connect to your Linux server via SSH, RDP, or any other remote access protocol. Or, if you are using a spare computer as the server, switch it on and create a new user account to handle your repositories.

ssh username@address
sudo useradd git

After the new user is added, switch to it using the su command:

su git

Creating a dedicated git user account is a safety protocol that ensures clients connecting to your Git server will have limited visibility and access to the resources on the machine. This allows you to safely collaborate in group projects where multiple team members will be accessing your server.

Step 3: Create the .ssh Directory and Add Authorized Keys

Creating a .ssh directory is necessary to store public keys and other essential data that’ll dictate who gets access to this Git server. To begin with, log in to the git user account you created previously, create the .ssh directory, and restrict access to only the git user:

ssh git@address
mkdir .ssh
chmod 700 .ssh/
touch .ssh/authorized_keys

Secure the directory access permissions using the chmod command to ensure that no one except you can make changes to it. Move into the .ssh directory and create a new file “authorized_keys” using the touch command.

cd .ssh
ssh-keygen -t rsa

You will have to update this file with the SSH public keys of clients to whom you want to give access to the Git server. Suspend the SSH session and open the .ssh/ file in your local machine using a text editor or the cat command. This file contains your public encrypted key, which, when written into the authorized_keys file, will grant you access to the Git server without a password.

cd .ssh
vi authorized_keys

Copy the public key and spin up a fresh SSH connection to the Git server. Move into the .ssh directory, open the authorized_keys file with a text editor and paste the public key. Save changes and exit.

From then on, you should be able to connect to the server without any password. Repeat this step for each machine that’ll be connecting to the server.

Step 4: Create a Directory to Store All Your Repositories

Access the Linux server and create a directory or use an inbuilt one as the root directory. Keep in mind that this is the directory under which all your repositories will be stored. This is a good practice for the sake of neater organization of projects.

mkdir directory_name

After creating the directory, move on to the final step in this guide to finish setting up the Git server.

Step 5: Kick Off Development by Adding a New Project

You’re now practically done with setting up the Git server. Now you just need to kick off development by initializing repositories and adding the remote origin to your local machine. Move into the parent directory using the cd command and create a .git project directory:

cd parent_directory
mkdir new_project.git

Now, initialize a bare git repository:

git init 

With the repository initialized, it’s time to add the remote origin on your local machine:

git remote add origin name git@address:new_project.git

That’s all you needed to do on the server side of things. Now any authenticated client can carry out regular Git operations like push, pull, merge, clone, and more. To start new projects you will have to repeat this step each time you create a new project.

Test out its functionality by performing a git push:

touch testfile
git add testfile
git commit -m "test file"
git push name master
git clone git@address:new_project.git

Your file will be successfully pushed to the remote origin. To cross-check whether the push operation worked, you can clone the repository, and you should find the test file in the repository.

Security Tips for Your Git Server

With the Git server up and running, you must pay close attention to its security stature as it’s your personal server and it is your sole responsibility to maintain and protect it from external threats. Some of the best security practices to adopt are:

  • Disable password login
  • Change default shell to git-shell. This restricts the logged-in user from issuing any non-git command
  • Use a custom port for SSH
  • Disable root user login
  • Backup data regularly

There are many such security configurations and safety measures that you can implement on your Linux server to protect it from attackers and prevent unauthorized access.

Read the full article here

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button