Private Git Server

This post will explore the how to add a Git server on an Alibaba Cloud, there are many ways to run a Git server including using third-party Git providers and hosting a private server. For existing Git accounts, follow a step-by-step guide on how to add the account:

GitLab source code repository - FAQs| Alibaba Cloud Documentation Center

There are a few options available, including GitLab, GitHub, CLI-Git, etc…, each with it’s unique benefits, for example GitLab/GitHub are feature rich (comes with UI, etc…).

Regardless of which Git server you want to host, you will still need an ECS instance that meets the minimum requirements of the type of Git server you want to run. Hosting a private  GitLab server, you will need at least 2 vCPU and 2 GB of memory.

Install Git

To run a less resource intensive server, consider using CLI-git. The following commands should be run on the machine you intend to create the server on. The below script will create a new user (git) and set the home directory is set to /home/git. All the repositories will be stored under this directory.

1
2
3
4
5
6
7
# Install Git package
sudo apt install git
apt-get install git

# Create a git user
useradd -r -m -U -d /home/git -s /bin/bash git

Set User Password (Optional)

To enable username/password to connect to the Git server, set a password. Without setting the password for the ‘git’ user, the login will only be possible using ssh keys.

1
2
# Set user password
passwd git

Setup SSH Keys

To avoid using username/password, we will setup a password-less ssh login. You will need to create a ‘.ssh’ directory on Git server and authorized_keys file on the server.

1
2
3
4
5
6
7
8
# On the Git server ...
$ sudo su - git

# Create directory under the git user
$ mkdir -p ~/.ssh && chmod 0700 ~/.ssh

# Create file to house ssh keys
$ touch ~/.ssh/authorized_keys && chmod 0600 ~/.ssh/authorized_keys

This will complete the basic Git server setup. You can create as many repositories under the ‘git’ user ‘/home/git’ directory. After initializing a bare repository, push an initial commit.

1
$ git init --bare ~/projectname.git

Git server setup showing the repository and 'git' user home directory

Connecting to Git

To connect a local client to git, install git on the local environment and generate ssh keys. Follow the instructions to generate rsa keys, the files should look something like the following:

1
2
# Generate ssh key
$ ssh-keygen -t rsa -b 4096 -C "your_email@domain.com"

rsa keys generated on the client, the key files are stored in the specified location or default directory.

Copy the contents from the ‘id_rsa.pub’ file to the Git server using a secured method such as SFTP or SCP. Place the key contents into  authorized_keys file (single line).

ssh generated files in Windows

Verify

Clone the repository from Git server, you should be prompted to supply user git password (if setup). Alternatively authorization occurs using .ssh is added in the section above.

1
2
# Clone the git repository
$ git clone git@ip:projectname.git

Backup

In the repository directory, run the following:

1
2
3
4
5
6
7
8
# created backup bundle
$ git bundle create ~/destination/bundle_name --all

# verify bundle
$ git bundle verify ~/git_bundle

# restore bundle (inside repository directory /home/git/repo_name)
$ git clone ~/git_bundle

Example of creating, verifying and restoring git backup bundle.

Repository Permissions

Before creating a new repository (‘git init’ command) switch to the git user. This will ensure that the repository has the correct permissions. Creating a new repository under a different user might result in error: Insufficient permission for adding an object to repository database .git/objects.

To check the permissions for a repository:

1
2
$ cd <git_repository>/objects
$ ls -al

source - Guide to add a GitLab server.
source - Creating and restoring bundle
source - Git push / pull error after git bare repository