Set up git server

Time:2022-1-13

remarks:

This article refers to teacher Liao Xuefeng’s blogGit tutorial。 Learn and record according to his blog. Thank him for his selfless sharing. You are also welcome to check the original text.

Knowledge points

  • apt-get install gitInstall GIT and create usersadduser username
  • Under the new user’s home directory.shh/authorized_keysStore and manage the private key of users connected to git remote warehouse.
  • git init --bare reponame.gitCreate an empty remote warehouse, and set the owner of the directory and subdirectory where the remote warehouse is located as a new user,chown -R username:usernameGroup sample.git/
  • modify/etc/passwdFiles, disabling usersshellTerminal login.

Set up git server

Git remote warehouse is essentially no different from local warehouse, but it can provide permanent online services

The following demonstration is inUbuntuSet up git server on

  • Install git:
$ sudo apt-get install git
  • Create a git user to run git services
$ sudo adduser git

usepasswd gitChange the password for git users.

  • Create certificate login

Create certificate login, and in usegithuborgiteeWhen uploading the public key to the remote server, the GIT server needs to collect the public key (created by the user) of the client to log inid_rsa.pub),

Collect the public key of all users who need to log in, that is, the user’s passwordid_rsa.pubFile. Import public key into/home/git/.ssh/authorized_keysIn the file, one line at a time.

The default is to create a new git user home directory. There is no.sshHide directory. You can manually create directories and files.

Create a new user. The files generated by default under the home directory are created by/etc/skelThe contents of the directory are determined (self verifiable).

meanwhileUbuntuCreate a new user in the home directorydesktopAnd other directories need to log in with new usersubuntuAfter the desktop, directories such as desktop, pictures, documents, downloads, music, etc. will be generated.

  • Initialize git warehouse:

Select a directory as the GIT repository, assuming/srv/sample.git, in/srcEnter the command under the directory

$ sudo git init --bare sample.git
[sudo] git password:
Initialize an empty git repository at / SRV / sample git/

Git will create an empty warehouse with no workspace, which is only used for sharing, so users should not log in to the server directly to modify the workspace.

Server git warehouse.gitending.

  • Change the owner of the directory togit
$ sudo chown -R git:git sample.git/
  • Disable git usersshellland

For security reasons, newgitUser not allowed to log inshell。 By editing/etc/passwdFile settings.

openpasswdThe file is found as follows:

git:x:1001:1002:,,,:/home/git:/bin/bash

Change it to

git:x:1001:1002:,,,:/home/git:/usr/bin/git-shell

Login with git at this time will not be allowed

$ su git
password:
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.

suCommand is used to switch login users

sudoUsed to obtain root administrator privileges and execute commands

su [username]Switch to the specified user without changing the environment variables

su - [username] Switch and change the environment variable to the specified user (common)

Git users can pass through normallysshUse git, but cannot log inshell, becausegitUser specifiedgit-shellAutomatically exit every time you log in.

  • Clone remote warehouse.

You can pass nowgit cloneRemote warehouse/srv/sample.git/Clone it.

You can set a server name to access the clone remote repository. If willgitseverSet to the local hosts, and the IP is the address of the GIT server.

$ git clone [email protected]:/srv/sample.git
Cloning into 'sample'...
The authenticity of host 'gitsever (192.168.104.237)' can't be established.
ECDSA key fingerprint is SHA256:SYG7vL********************y597FA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitsever,192.168.104.237' (ECDSA) to the list of known hosts.
warning: You appear to have cloned an empty repository.

You will be prompted to clone an empty git warehouse and view the contents of the warehouse.

$ cd sample/

/sample (master)$ ls -al
total 4
drwxr-xr-x 1 win7hostsver 197121 0 May  4 14:29 .
drwxr-xr-x 1 win7hostsver 197121 0 May  4 14:29 ..
drwxr-xr-x 1 win7hostsver 197121 0 May  4 14:29 .git

After that, you can use this remote library for git operation, synchronization, etc.

Public key management

As mentioned above, a simple git server has been built. Then you can add other warehouses and public keys of other users for management.

  • Public key path location:/home/git/.ssh/authorized_keys

However, for git servers used and managed by large or multiple people, you can useGitosisManage public keys.

Authority management of GIT server warehouse

Git itself is for hostinglinuxCode, so it pays attention to the spirit of open source and does not support permission control.

However, GIT provides relevant hooks, which can be used to write a series of scripts to control the submission to the warehouse, so as to realize the control authority.GitoliteIt is a tool to provide management permission. You can have an in-depth understanding if necessary