How to Set Up a Git Server on Linux

Setting up a Git server on a Linux system allows you to host and manage your repositories internally, giving you control over version management for projects. Here’s a guide for setting up a simple Git server using SSH for secure access.

Step 1: Set Up a Dedicated Git User #

1. Create a new user named git (or any name you prefer):

sudo adduser git

Follow the prompts to set up a password for the git user.

2. Set up SSH access (optional but recommended for secure remote access):

• Switch to the git user:

sudo su - git

• Create an .ssh directory:

mkdir -p ~/.ssh && chmod 700 ~/.ssh

• Add any authorized SSH keys to ~/.ssh/authorized_keys for users allowed to access the Git server:

vi ~/.ssh/authorized_keys

Paste the public keys of users who should have access to the server here, then save and close the file.

Step 2: Install Git #

Most Linux distributions have Git available in their default package repositories.

For Debian/Ubuntu:

sudo apt update && sudo apt install -y git

For CentOS/RHEL:

sudo dnf install -y git

Step 3: Create a Directory for Git Repositories #

1. Switch to the git user if not already done:

sudo su - git

2. Create a repositories directory:

mkdir ~/repositories

3. Navigate to the repositories directory:

cd ~/repositories

Step 4: Initialize a Bare Git Repository #

A bare repository is one that doesn’t have a working directory, making it ideal for use as a central repository.

1. Create a new bare repository:

git init --bare project-name.git

2. Restrict repository access (optional):

• Set permissions so only the git user can modify it:

chmod -R g+rwX project-name.git

Step 5: Configure SSH Access for Users #

1. Set up SSH access for developers: Each developer who needs access to the Git server should have their public SSH key in the git user’s authorized_keys file.
   • If you haven’t already, you can paste each developer’s public SSH key into ~/.ssh/authorized_keys for the git user:

vi ~/.ssh/authorized_keys

2. Change SSH access to restrict access: To restrict users to interact only with Git, you can use a forced command in authorized_keys.

For example, for each key in authorized_keys, prepend the following:

command="git-shell -c \"$SSH_ORIGINAL_COMMAND\"",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAA... user@example.com

Step 6: Clone the Repository from a Remote Machine #

1. Clone the repository by using SSH from a different machine. Replace your_server_ip with the IP address of your Git server:

git clone git@your_server_ip:repositories/project-name.git

2. Push and Pull Changes: You can now use Git commands such as git push, git pull, and git clone f from any client machine with access to the server via SSH.

Step 7: Set Up Permissions and Access Controls (Optional) #

• Enable group access by creating a group for users who need access and adding them to it.

sudo groupadd gitgroup
sudo usermod -aG gitgroup git

• Set up repository permissions so that only users in the gitgroup group can access the repository files:

sudo chown -R git:gitgroup ~/repositories
sudo chmod -R 770 ~/repositories

• Configure hooks (optional): Git hooks are scripts that run at certain points in Git’s execution. For example, you can set up post-receive hooks to trigger actions like notifying a CI/CD server.

Step 8: Additional Security Measures (Optional) #

1. Use Git over HTTPS: For teams that need web-based access, consider setting up a web interface like GitLab, Gitea, or Gitolite, which can offer additional access control and auditing features.
2. Set up Firewall Rules: Restrict access to only SSH if the Git server is dedicated to internal or secure use.

Author’s Final Word #

This guide should give you a straightforward, functional Git server hosted on Linux. With the setup complete, users can securely clone, pull, and push code to your new Git server!