558 lines
20 KiB
HTML
558 lines
20 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en-us">
|
|
<head>
|
|
|
|
<meta charset="utf-8" />
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
|
|
|
|
|
|
|
|
<meta name="twitter:card" content="summary"/>
|
|
|
|
|
|
|
|
|
|
<meta name="twitter:title" content="Private Git repo"/>
|
|
<meta name="twitter:description" content=""/>
|
|
<meta name="twitter:site" content="@"/>
|
|
|
|
|
|
|
|
<meta property="og:title" content="Private Git repo · Sysadmining. All day. Every day." />
|
|
<meta property="og:site_name" content="Sysadmining. All day. Every day." />
|
|
<meta property="og:url" content="https://www.captainark.net/2016/01/31/private-git-repo/" />
|
|
|
|
|
|
|
|
<meta property="og:image" content="/images/cover.jpg"/>
|
|
|
|
|
|
|
|
|
|
<meta property="og:description" content="" />
|
|
<meta property="og:type" content="article" />
|
|
<meta property="article:published_time" content="2016-01-31T00:00:00+01:00" />
|
|
|
|
|
|
|
|
|
|
<title>Private Git repo · Sysadmining. All day. Every day.</title>
|
|
|
|
|
|
<meta name="description" content="I&rsquo;ve decided to migrate this blog to Pelican. I&rsquo;ve been playing around with it over the week-end, and it turns out to be way easier to manage than J" />
|
|
|
|
|
|
<meta name="HandheldFriendly" content="True" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
|
|
<link rel="apple-touch-icon" sizes="180x180" href="https://www.captainark.net/apple-touch-icon.png">
|
|
<link rel="icon" type="image/png" sizes="32x32" href="https://www.captainark.net/favicon-32x32.png">
|
|
<link rel="icon" type="image/png" sizes="16x16" href="https://www.captainark.net/favicon-16x16.png">
|
|
<link rel="manifest" href="https://www.captainark.net/site.webmanifest">
|
|
<link rel="mask-icon" href="https://www.captainark.net/safari-pinned-tab.svg" color="#5bbad5">
|
|
<meta name="msapplication-TileColor" content="#9f00a7">
|
|
<meta name="theme-color" content="#ffffff">
|
|
|
|
<link rel="stylesheet" type="text/css" href="https://www.captainark.net/css/screen.css" />
|
|
<link rel="stylesheet" type="text/css" href="https://www.captainark.net/css/nav.css" />
|
|
<link rel="stylesheet" type="text/css" href="https://fonts.googleapis.com/css?family=Merriweather:300,700,700italic,300italic|Open+Sans:700,400|Inconsolata:700,400" />
|
|
|
|
|
|
|
|
|
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.13.1/styles/solarized-light.min.css" integrity="sha384-bFKDPkG3geCujYJIbPornilfOgmYQoPS45Oh/8daqqo1SUwNY06OeHorpgnNvx82" crossorigin="anonymous">
|
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.13.1/highlight.min.js" integrity="sha384-BlPof9RtjBqeJFskKv3sK3dh4Wk70iKlpIe92FeVN+6qxaGUOUu+mZNpALZ+K7ya" crossorigin="anonymous"></script>
|
|
|
|
<script type="text/javascript" src="https://www.captainark.net/js/hjsload.js"></script>
|
|
|
|
|
|
|
|
|
|
<link href="https://www.captainark.net/index.xml" rel="alternate" type="application/rss+xml" title="Sysadmining. All day. Every day." />
|
|
|
|
|
|
|
|
<meta name="generator" content="Hugo 0.54.0" />
|
|
|
|
<link rel="canonical" href="https://www.captainark.net/2016/01/31/private-git-repo/" />
|
|
|
|
|
|
|
|
|
|
<script type="application/ld+json">
|
|
{
|
|
"@context": "https://schema.org",
|
|
"@type": "Article",
|
|
"publisher": {
|
|
"@type": "Organization",
|
|
"name": ,
|
|
"logo": https://www.captainark.net/images/logo.png
|
|
},
|
|
"author": {
|
|
"@type": "Person",
|
|
"name": ,
|
|
|
|
"image": {
|
|
"@type": "ImageObject",
|
|
"url": https://www.captainark.net/images/author.jpg,
|
|
"width": 250,
|
|
"height": 250
|
|
},
|
|
|
|
"url": https://www.captainark.net,
|
|
"sameAs": [
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
],
|
|
"description": Geek | Gamer | TV Shows Aficionado
|
|
|
|
},
|
|
"headline": Private Git repo,
|
|
"name": Private Git repo,
|
|
"wordCount": 1174,
|
|
"timeRequired": "PT6M",
|
|
"inLanguage": {
|
|
"@type": "Language",
|
|
"alternateName": en
|
|
},
|
|
"url": https://www.captainark.net/2016/01/31/private-git-repo/,
|
|
"datePublished": 2016-01-31T00:00Z,
|
|
"dateModified": 2016-01-31T00:00Z,
|
|
|
|
|
|
"description": ,
|
|
"mainEntityOfPage": {
|
|
"@type": "WebPage",
|
|
"@id": https://www.captainark.net/2016/01/31/private-git-repo/
|
|
}
|
|
}
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<script type="text/javascript" src="https://www.captainark.net/js/stats.js"></script>
|
|
|
|
|
|
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/fork-awesome@1.1.7/css/fork-awesome.min.css" integrity="sha256-gsmEoJAws/Kd3CjuOQzLie5Q3yshhvmo7YNtBG7aaEY=" crossorigin="anonymous">
|
|
|
|
|
|
</head>
|
|
<body class="nav-closed">
|
|
|
|
<div class="nav">
|
|
<h3 class="nav-title">Menu</h3>
|
|
<a href="#" class="nav-close">
|
|
<span class="hidden">Close</span>
|
|
</a>
|
|
<ul>
|
|
|
|
|
|
|
|
<h3>This site</h3>
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://www.captainark.net/">Home</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://www.captainark.net/about">About</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://www.captainark.net/resume">Resume</a>
|
|
</li>
|
|
|
|
<h3>Other services</h3>
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://git.captainark.net">Gitea</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://pics.captainark.net">Pics</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://paste.captainark.net">Privatebin</a>
|
|
</li>
|
|
|
|
|
|
<li class="nav-opened" role="presentation">
|
|
<a href="https://chat.captainark.net">Rocket.Chat</a>
|
|
</li>
|
|
|
|
|
|
</ul>
|
|
|
|
|
|
<a class="subscribe-button icon-feed" href="https://www.captainark.net/index.xml">Subscribe</a>
|
|
|
|
</div>
|
|
<span class="nav-cover"></span>
|
|
|
|
|
|
<div class="site-wrapper">
|
|
|
|
|
|
|
|
<header class="main-header post-head no-cover">
|
|
<nav class="main-nav clearfix">
|
|
|
|
|
|
|
|
<a class="blog-logo" href="https://www.captainark.net/"><img src="https://www.captainark.net/images/logo.png" alt="Home" /></a>
|
|
|
|
|
|
<a class="menu-button" href="#"><span class="burger">☰</span><span class="word">Menu</span></a>
|
|
|
|
</nav>
|
|
</header>
|
|
|
|
|
|
|
|
<main class="content" role="main">
|
|
|
|
|
|
|
|
|
|
<article class="post post">
|
|
|
|
<header class="post-header">
|
|
<h1 class="post-title">Private Git repo</h1>
|
|
<small></small>
|
|
|
|
<section class="post-meta">
|
|
|
|
<time class="post-date" datetime="2016-01-31T00:00:00+01:00">
|
|
31 January 2016
|
|
</time>
|
|
|
|
|
|
</section>
|
|
</header>
|
|
|
|
<section class="post-content">
|
|
|
|
|
|
<p>I’ve decided to migrate this blog to <a href="http://blog.getpelican.com/">Pelican</a>. I’ve been playing around with it over the week-end, and it turns out to be way easier to manage than <a href="https://jekyllrb.com/">Jekyll</a>. Themes are much easier to install and configure, so it ends up looking better as well !</p>
|
|
|
|
<p>Since I’m basically recreating this blog from scratch, I’ve decided to delete the old git repo that was hosting it and to create a new one.</p>
|
|
|
|
<p>Setting up your own private git repo is pretty easy to achieve and is already well-documented on the <a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server">Git</a> website.</p>
|
|
|
|
<p>Every time I want to create a new repo, I’ve had time to forget how to do it and I end up looking for that page, so I figured I’d write a few lines on the subject.</p>
|
|
|
|
<p>In this tutorial, I’ll configure a git repo on a distant server running Debian 8 (Jessie). This repo will be remotely accessible using SSH. Two users will be able to connect to it : me and the www-data user on my webserver.</p>
|
|
|
|
<h2 id="ssh-keys">SSH Keys</h2>
|
|
|
|
<p>If you don’t have one already, you’ll need a ssh-key to connect to the git repo.</p>
|
|
|
|
<p>On your computer, in a shell, as your usual user :</p>
|
|
|
|
<pre><code class="language-bash">ssh-keygen -t rsa -b 3072
|
|
Generating public/private rsa key pair.
|
|
Enter file in which to save the key (/home/user/.ssh/id_rsa):
|
|
Enter passphrase (empty for no passphrase):
|
|
Enter same passphrase again:
|
|
Your identification has been saved in /home/user/.ssh/id_rsa.
|
|
Your public key has been saved in /home/user/id_rsa.pub.
|
|
The key fingerprint is:
|
|
[Redacted]
|
|
</code></pre>
|
|
|
|
<p>For security reasons, configuring a passphrase is recommended. On Mac OS X and most desktop environnements on Linux, you can store this passphrase for the duration of your session using the <code>ssh-add</code> command, so you won’t have to type it every time you want to connect to a host.</p>
|
|
|
|
<p>On the server, we also have to create a ssh-key for the user that is running our webserver (you’ll need to have sudo installed) :</p>
|
|
|
|
<pre><code class="language-bash">sudo -H -u www-data ssh-keygen -t rsa -b 3072
|
|
Generating public/private rsa key pair.
|
|
Enter file in which to save the key (/var/www/.ssh/id_rsa):
|
|
Enter passphrase (empty for no passphrase):
|
|
Enter same passphrase again:
|
|
Your identification has been saved in /var/www/.ssh/id_rsa.
|
|
Your public key has been saved in /var/www/.ssh/id_rsa.pub.
|
|
The key fingerprint is:
|
|
[Redacted]
|
|
</code></pre>
|
|
|
|
<p>If you decide to configure a passphrase for that ssh-key, you’ll have to type it every time you’ll want to pull from your repo.</p>
|
|
|
|
<h2 id="server-management">Server management</h2>
|
|
|
|
<p>All of the commands in this section have to be run as root.</p>
|
|
|
|
<p>First thing first, we have to install the git package on the server that will be hosting our git repos :</p>
|
|
|
|
<pre><code class="language-bash">apt update && apt install git -y
|
|
</code></pre>
|
|
|
|
<p>Then, we have to create a user named git :</p>
|
|
|
|
<pre><code class="language-bash">useradd -s /usr/bin/git-shell -m -r git
|
|
</code></pre>
|
|
|
|
<p>This will create a system user (UID < 1000) with a /home/git home directory. If you want to host your git repos somewhere else on your filesystem, you should add a <code>-d /home/directory/for/git</code> in the previous command.</p>
|
|
|
|
<p>This user will use the git-shell shell. This limits remote connection to that user to git commands (like the rssh shell can limit remote connection to a user to scp or rsync commands).</p>
|
|
|
|
<p>We have to configure our system to allow the use of this shell :</p>
|
|
|
|
<pre><code class="language-bash">echo '/usr/bin/git-shell' >> /etc/shells
|
|
</code></pre>
|
|
|
|
<p>From this point, you should have to following output if you try to SSH to your server with that user :</p>
|
|
|
|
<pre><code class="language-bash">ssh git@git.captainark.net
|
|
fatal: Interactive git shell is not enabled.
|
|
hint: ~/git-shell-commands should exist and have read and execute access.
|
|
Connection to git@git.captainark.net closed.
|
|
</code></pre>
|
|
|
|
<p>We now need to create the .ssh/authorized_keys file for the git user with the correct permissions :</p>
|
|
|
|
<pre><code class="language-bash">sudo -H -u git mkdir /home/git/.ssh && chmod 700 /home/git/.ssh
|
|
sudo -H -u git touch /home/git/.ssh/authorized_keys && chmod 600 /home/git/.ssh/authorized_keys
|
|
</code></pre>
|
|
|
|
<p>You can now copy/paste the content of the two <code>$HOME/.ssh/id_rsa.pub</code> files we’ve created earlier using the <code>ssh-keygen</code> command in <code>/home/git/.ssh/authorized_keys</code>.</p>
|
|
|
|
<p>The last thing we have to do is to create our first git repo. In this example, my project will be called ‘captainarkdotnet’ as it will be hosting this blog :</p>
|
|
|
|
<pre><code class="language-bash">sudo -H -u git mkdir /home/git/captainarkdotnet.git
|
|
cd /home/git/captainarkdotnet.git
|
|
sudo -H -u git git init --bare
|
|
</code></pre>
|
|
|
|
<p>The last command should give you the following output :</p>
|
|
|
|
<pre><code class="language-bash">Initialized empty Git repository in /home/git/captainarkdotnet.git/.git/
|
|
</code></pre>
|
|
|
|
<p>We’re done with the server configuration. Let’s now actually push stuff to our repo !</p>
|
|
|
|
<h3 id="initial-push">Initial push</h3>
|
|
|
|
<p>The files for my blog are store in the ~/Documents/projects/captainarkdotnet on my computer. Before doing anything else, we first have to make sure that we currently are in that folder :</p>
|
|
|
|
<pre><code class="language-bash">cd ~/Documents/projects/captainarkdotnet
|
|
</code></pre>
|
|
|
|
<p>Let’s now push the content of that folder to our repo :</p>
|
|
|
|
<pre><code class="language-bash">git init
|
|
git add .
|
|
git commit -m 'initial commit'
|
|
git remote add origin git@git.captainark.net:captainarkdotnet.git
|
|
git push origin master
|
|
</code></pre>
|
|
|
|
<p>Please note that you’ll need to edit <strong>git.captainark.net</strong> to the FQDN or IP of your git server, and <strong>captainarkdotnet.git</strong> to the name of the git project on your server.</p>
|
|
|
|
<p>If everything went well, the last command should give you the following output :</p>
|
|
|
|
<pre><code class="language-bash">Counting objects: 69, done.
|
|
Delta compression using up to 4 threads.
|
|
Compressing objects: 100% (64/64), done.
|
|
Writing objects: 100% (69/69), 1.01 MiB | 0 bytes/s, done.
|
|
Total 69 (delta 15), reused 0 (delta 0)
|
|
To git@git.captainark.net:captainarkdotnet.git
|
|
* [new branch] master -> master
|
|
</code></pre>
|
|
|
|
<p>That’s it, we’ve now pushed our first commit to our server !</p>
|
|
|
|
<h2 id="first-pull">First pull</h2>
|
|
|
|
<p>Alright, time to pull the files we’ve just pushed on our webserver. I personally store my web content in <code>/var/www</code> ; if you don’t, you’ll have to adjust the path accordingly :</p>
|
|
|
|
<pre><code class="language-bash">cd /var/www
|
|
sudo -H -u www-data git clone git@git.captainark.net:captainarkdotnet.git
|
|
</code></pre>
|
|
|
|
<p>SSH will ask you to type ‘yes’ since it’s the first time the www-data user connects to the server. If everything goes well, you should have the following output :</p>
|
|
|
|
<pre><code class="language-bash">Cloning into 'captainarkdotnet'...
|
|
remote: Counting objects: 70, done.
|
|
remote: Compressing objects: 100% (65/65), done.
|
|
remote: Total 70 (delta 16), reused 0 (delta 0)
|
|
Receiving objects: 100% (70/70), 1.01 MiB | 0 bytes/s, done.
|
|
Resolving deltas: 100% (16/16), done.
|
|
Checking connectivity... done.
|
|
</code></pre>
|
|
|
|
<h2 id="conclusion">Conclusion</h2>
|
|
|
|
<p>That’s it ! We now have a working private git repo ! I won’t go into details into the git commands in this tutorial, but here’s a quick overwiew of the ones I use the most :</p>
|
|
|
|
<ul>
|
|
<li><code>git add .</code> recursively adds all files from the directory to the repo ;</li>
|
|
<li><code>git commit -a -m 'This is a comment'</code> commits the current state of your local repo with the ‘This is a comment’ comment ;</li>
|
|
<li><code>git push</code> pushes your commits to the distant repo ;</li>
|
|
<li><code>git pull</code> pulls the latest version of the distant repo locally ;</li>
|
|
<li><code>git branch -av</code> shows all available branches for the repo ;</li>
|
|
<li><code>git checkout -b testing remotes/origin/testing</code> create a local ‘testing’ branch based on the remote ‘remotes/origin/testing’ branch ;</li>
|
|
<li>once a branch has been copied locally, you can switch to it with the <code>git checkout {branch}</code> command.</li>
|
|
</ul>
|
|
|
|
<p>For more information on git a command, use <code>man git-{command}</code> !</p>
|
|
|
|
<p>If you’ve found this tutorial in any way helpful, please feel free to leave a comment !</p>
|
|
|
|
</section>
|
|
|
|
|
|
<footer class="post-footer">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<figure class="author-image">
|
|
<a class="img" href="https://www.captainark.net/" style="background-image: url(/images/author.jpg)"><span class="hidden">Antoine Joubert's Picture</span></a>
|
|
</figure>
|
|
|
|
|
|
<section class="author">
|
|
<h4><a href="https://www.captainark.net/">Antoine Joubert</a></h4>
|
|
|
|
<p>Geek | Gamer | TV Shows Aficionado</p>
|
|
|
|
<div class="author-meta">
|
|
<span class="author-location icon-location">Angers, France</span>
|
|
<span class="author-link icon-link"><a href="https://www.captainark.net">https://www.captainark.net</a></span>
|
|
</div>
|
|
</section>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<!-- isso -->
|
|
<script data-isso="https://www.captainark.net/comments/" src="https://www.captainark.net/comments/js/embed.min.js"></script>
|
|
<noscript>Please enable JavaScript to view comments</noscript>
|
|
<section id="isso-thread"></section>
|
|
<!-- end isso -->
|
|
|
|
|
|
|
|
|
|
</footer>
|
|
</article>
|
|
|
|
</main>
|
|
|
|
|
|
<aside class="read-next">
|
|
|
|
<a class="read-next-story" style="no-cover" href="https://www.captainark.net/2016/01/31/debian-updates-with-ansible/">
|
|
<section class="post">
|
|
<h2>Debian updates with Ansible</h2>
|
|
|
|
</section>
|
|
</a>
|
|
|
|
|
|
<a class="read-next-story prev" style="no-cover" href="https://www.captainark.net/2015/05/25/flexget-init-script/">
|
|
<section class="post">
|
|
<h2>Flexget init script</h2>
|
|
</section>
|
|
</a>
|
|
|
|
</aside>
|
|
|
|
|
|
|
|
|
|
<center>
|
|
<a class="fa-icons" href="mailto:contact@captainark.net">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-envelope fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
<a class="fa-icons" href="https://twitter.com/captainark">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-twitter fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
<a class="fa-icons" href="https://social.captainark.net/users/captainark">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-mastodon-alt fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
<a class="fa-icons" href="https://github.com/captainark">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-github fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
<a class="fa-icons" href="https://www.last.fm/user/captainark">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-lastfm fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
<a class="fa-icons" href="https://steamcommunity.com/id/captainark">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-steam fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
<a class="fa-icons" href="https://www.twitch.tv/captainark">
|
|
<span class="fa-stack fa-lg">
|
|
<i class="fa fa-circle fa-stack-2x"></i>
|
|
<i class="fa fa-twitch fa-stack-1x fa-inverse"></i>
|
|
</span>
|
|
</a>
|
|
</center>
|
|
|
|
|
|
<footer class="site-footer clearfix">
|
|
<section class="copyright"><a href="">Sysadmining. All day. Every day.</a> © 2015 - 2019</section>
|
|
|
|
<section class="poweredby">Proudly generated by <a class="icon-hugo" href="http://gohugo.io">HUGO</a>, with <a class="icon-theme" href="https://github.com/vjeantet/hugo-theme-casper">Casper</a> theme</section>
|
|
|
|
</footer>
|
|
</div>
|
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js" integrity="sha384-CgeP3wqr9h5YanePjYLENwCTSSEz42NJkbFpAFgHWQz7u3Zk8D00752ScNpXqGjS" crossorigin="anonymous"></script>
|
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/fitvids/1.1.0/jquery.fitvids.min.js" integrity="sha384-2/VQUb0aZHixKnNLh7pD38DZk+acGpEw5LeHieWVDPR0h/H326kp/1qnRPDYmFXM" crossorigin="anonymous"></script>
|
|
<script type="text/javascript" src="https://www.captainark.net/js/index.js"></script>
|
|
</body>
|
|
</html>
|
|
|