A Git server hosts a project’s repository, which contains source code and other core files. While for the most part you can rely on world famous Git hosting services like GitHub, in some cases it is better to host your personal Git server for more privacy, customization and security.
Let’s see how to set up a private Git server on Linux.
Prerequisites for setting up a Git server
Before you start setting up your private Git server, you must have access to a spare machine or be subscribed to cloud providers. This is important because you will configure the standby machine to act as a Git server which you will connect to from your local machine and perform Git operations.
Although there are no well-defined system requirements, one gigabyte of RAM should suffice for the Git server to be functional. Also, make sure you have a Linux distribution running on the machine.
Step 1: Download and install Git on the Linux server
Needless to say, you first need to install Git on your Linux server. Launch a terminal and use your Linux distribution’s package manager to install Git:
On Debian/Ubuntu derivatives:
sudo apt install git
On Arch-based distributions:
sudo pacman -S git
sudo dnf install git
Once Git is installed on your system, proceed to the following steps to configure your Linux system to host your Git repositories as a Git server.
Step 2: Set up a Git user account
Connect to your Linux server via SSH, RDP or any other remote access protocol. Or, if you’re using a spare computer as your server, turn it on and create a new user account to manage your repositories.
sudo useradd git
Once the new user is added, switch to it using the known ordered:
Creation of a dedicated space git The user account is a security protocol that ensures that clients connecting to your Git server will have limited visibility and access to machine resources. This allows you to securely collaborate in group projects where multiple team members will access your server.
Step 3: Create the .ssh directory and add authorized keys
To create a .ssh is needed to store the public keys and other essential data that will determine who will have access to this Git server. To get started, login to the git user account you created earlier, create the .ssh directory, and limit access to the git user only:
chmod 700 .ssh/
Secure directory access permissions using chmod to ensure that no one but you can make changes to it. Move into the .ssh directory and create a new “authorized_keys” file using the to touch ordered.
ssh-keygen -t rsa
You will need to update this file with the public SSH keys of the clients you want to give access to the Git server. Suspend the SSH session and open the .ssh/id_rsa.pub file on your local computer using a text editor or the cat command. This file contains your encrypted public key which, when written to the authorized_keys file, will give you access to the Git server without a password.
Copy the public key and initiate a new SSH connection to the Git server. Move into the .ssh directory, open the authorized_keys file with a text editor and paste the public key. Save changes and exit.
From then on, you should be able to connect to the server without a password. Repeat this step for each machine that will connect to the server.
Step 4: Create a directory to store all your repositories
Navigate to the Linux server and create a directory or use a built-in one as the root directory. Keep in mind that this is the directory where all your repositories will be stored. This is a good practice for a better organization of projects.
After creating the directory, continue to the last step of this guide to complete the Git server setup.
Step 5: Start development by adding a new project
You are now almost done setting up the Git server. Now all you have to do is start development by initializing the repositories and adding the remote origin to your local machine. Move to the parent directory using the CD order and create a .git project directory:
Now initialize a bare git repository:
Once the repository is initialized, it’s time to add the remote origin on your local machine:
git remote add origin name git:new_project.git
That’s all you had to do on the server side. Now any authenticated client can perform regular Git operations such as push, pull, merge, clone, etc. To start new projects, you will need to repeat this step each time you create a new project.
Test its functionality by performing a git push:
git add testfile
git commit -m "test file"
git push name master
git clone [email protected]:new_project.git
Your file will be successfully pushed to the remote origin. To check if the push operation worked, you can clone the repository and you should find the test file in the repository.
Security tips for your Git server
With the Git server up and running, you should pay close attention to its security stature as it is your personal server and it is your sole responsibility to maintain it and protect it from external threats. Some of the best security practices to adopt are:
- Disable Password Login
- Change the default shell to git-shell. This prevents the logged in user from issuing a non-git command
- Use custom port for SSH
- Disable root user login
- Back up data regularly
There are many such security configurations and measures that you can implement on your Linux server to protect it from attackers and prevent unauthorized access.