Debian 8 - Create A Private Centralized Git Server
Install Git
sudo apt-get update sudo apt-get install git -y
Creating Our Users and Repos
Any user that is going to be allowed to use our repositories needs to be a user in our system. The easiest way to add a user is with this command:
sudo useradd [username]
Our repositories need to be accessible by all of the users we just set up, hence we probably want to create a group and add all of our users to that group.
groupadd [git group name]
Now we need to add all of our git users to that group
useradd [existing username] [git group name]
I recommend creating a directory at the top level in which we are going to stick all of our repositories. However, you may desire to stick all the repos in the home directory of one of the users.
mkdir /repos
Now create all of your bare repositories
cd /repos git init --bare [a repo name] git init --bare [a repo name] git init --bare [a repo name] git init --bare [a repo name]
Now ensure that everyone in our group has full access to them:
sudo chmod -R 770 /repos sudo chown -R $USER:[git group name] 770 /repos
Alternative - One SSH User
Often people will use a single SSH user (usually "git"), and create/register a SSH keypair per member of your team. Thus, if you ever want to remove a user from having access, you just remove their public key from the server. However, this will prevent you from being able to create some repositories that only a subset of your team can access.
Configure The Firewall
We're going to be committing and receiving files through SSH, which ensures that we go through authentication. Thus we can configure our server so that is the only port allowed to connect. This will stop others being able to view our repos using the native git protocol on port 9418 that has absolutely no authentication.
sudo apt-get install ufw -y sudo ufw allow 22/tcp sudo ufw default deny sudo ufw enable
Now when you want to create a repo, just create a directory and run.
First published: 16th August 2018