How to create a git server

Last modification on

I created this blog to remind me how to set up a git server in the future in case I forget it. If you find it useful, this site has gone beyond its purpose.

Note: for this tutorial, I'm using OpenBSD 7.4

Set up a domain name

First, I want my server to be git.example.org, so in /etc/httpd.conf I set:

server "git.jcrcx.xyz" {
	listen on * port 80
	root "/htdocs/git.jcrcx.xyz"
	location "/.well-known/acme-challenge/*" {
		root "/acme"
		request strip 2
	}
	location * {
		block return 302 "https://$HTTP_HOST$REQUEST_URI"
	}
}

Then, I set in /etc/acme-client.conf:

domain git.jcrcx.xyz {
	alternative names { secure.git.jcrcx.xyz }
	domain key "/etc/ssl/private/git.jcrcx.xyz.key"
	domain full chain certificate "/etc/ssl/git.jcrcx.xyz.fullchain.pem"
	sign with letsencrypt
}

Execute the command

acme-client -v git.example.org

After that, I update /etc/httpd.conf to have https access:

server "git.example.org" {
	listen on * tls port 443
	root "/htdocs/git.example.org"
	tls {
		certificate "/etc/ssl/git.example.org.fullchain.pem"
		key "/etc/ssl/private/git.example.org.key"
	}
	location "/pub/*" {
		directory auto index
	}
	location "/.well-known/acme-challenge/*" {
		root "/acme"
		request strip 2
	}
	location "/project/*" {
		authenticate "realm" with "/auth/htpasswd"
	}
}

Setting Up the Server

Once I have set the domain name, I ssh into my server and add the git user

# adduser git

Note that in OpenBSD it allows you to setup the git-shell to the git user

# su git
# cd
# mkdir .ssh && chmod 700 .ssh
# touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keys

Then, I append the SSH public key to the git user:

# cat /path/to/id_rsa.user.pub >> ~/.ssh/authorized_keys

Now, I can setup an empty repository.

# cd /srv/git
# mkdir project.git
# cd project.git
# git init --bare
Initialized empty Git repository in /srv/git/project.git/

Then, on my local computer, I run the following command. Notice that I have to change the port in function of how it is setup in /etc/ssh/sshd_conf

$ cd myproject
$ git init
$ git add .
$ git commit -m 'Initial commit'
$ git remote add origin "ssh://git@gitserver:<port>/srv/git/project.git
$ git push origin master

Finally, edit the authorized_keys file

no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty

For a clearer explanation go to LandChad.net, or to the official git page.

Set up a font-end

I use stagit