Secure git hosting with gitosis

I hope you are already using ssh keys, but just in case your not go ahead and generate one with ssh-keygen -t rsa (you should do this on your local box)
You may as well go ahead and copy your publick key to your git server now as well.

scp ~/.ssh/id_rsa.pub gitserver:/tmp/

Log into your gitosis server

ssh gitserver

* Make sure setuptools is installed

sudo aptitude install python-setuptools

git clone git://eagain.net/gitosis.git
cd gitosis
sudo python setup.py install

sudo adduser –system –shell /bin/bash –gecos ‘git version control’ –group –disabled-password –home /home/git git

sudo -H -u git gitosis-init < /tmp/id_rsa.pub [/code] We need to fix up a few things that don't seem to get proper permissions. [code='bash'] sudo -H -u git chmod 600 ~/.ssh/authorized_keys sudo -H -u git chmod 755 ~/repositories/gitosis-admin.git/hooks/post-update sudo rm /tmp/id_rsa.pub [/code] Thats all for now on your git server. You manage gitosis with git of course and you can do that from your local machine or any machine that you have the match to the public key you installed with gitosis. [code='bash'] git clone [email protected]:gitosis-admin.git cd gitosis-admin [/code] Creating new repositories New repositories are created by authorizing a user to write and pushing to it. [code='bash'] [group someproject] members = jack jill writeable = someproject [/code] This definition would create the group someproject and allow jack and jill write access to the repository someproject (which you would reference as someproject.git) For a bit more explanation ... [code='bash'] [group developers] members = jack john frank writable = project1 project2 project3 [/code] This definition would create the group developers, and allow jack, john, and frank write access to the repositories project1, project2, and project3 Once you have defined your repositories commit and push your changes to gitosis admin. [code='bash'] git commit -a -m "Created inital gitosis config" git push [/code] Now if you have an existing repository that you would like to add to your git server simply change into the repository and do [code='bash'] git remote add origin [email protected]:repo.git git push [/code] That will push the current branch of the repo over to the repo you set up on your git server. So thats about it. Anonymous access To allow anonymous read access touch git-daemon-export-ok inside ~/repositories/repo.git of each repo you wish to allow anonymous access (read only) to. Once you have done that launch git-daemon with base path /home/git/repositories.

One Comment

  • Great article on how to set up a Git server. Gitosis is a good way to avoid the headache of having to manage a bunch of SSH accounts on your box.

    At my company, ProjectLocker, we offer secure Git hosting with integration to Trac for as low as $2.50/month. You can upload your public keys, create your Git project, and manage users via a UI, then just push code up to it. Trac gets you the ability to browse the repository and log bugs. If you want a canonical repository to allow collaboration, using a hosted solution can save lots of time.

Leave a Reply

Your email is never shared.Required fields are marked *

To submit your comment, click the image below where it asks you to...
Clickcha - The One-Click Captcha