There are so many Git hosting sites out there, including the popular GitHub, which acts as a hub for thousands of software projects. But for one reason or another, hosting your own git repository may be preferable. In this article, you’ll learn exactly how to do that on your own cloud VPS account.
- Improved security
- GitHub, and other services, provide good protective parameters but accidents can happen, and have happened in the past. In general, having any sensitive data on third-party servers should be avoided.
- More control
- Managing your git server means you can customize and optimize the hosting environment for your needs specifically. Many of the premium options you get on your own server for free will cost you extra on a hosted service.
- More options
- There’s no reason why you can’t do a combination of both. If someone on your teams want to host their part of the project on GitHub, or another service, they’re free to do that. Git is decentralized. You can have multiple remote repository locations.
As mentioned above, your self-hosted git installation is more secure than most services because your cloud VPS comes pre-loaded with significant SSH security measures.
Using SSH keys for interacting with Git means you don’t have to manage passwords. If you have a team member who wants to contribute to the project, you can simply upload their public key to the git server. When their work is done, or they are no longer contributing to the project, all you have to do is remove their key and they will no longer have access to the server.
You can also use HTTP to access remote repositories, but this will require more customization on your cloud VPS, and may introduce security risks. (If you’re interest in using HTTP instead of SSH, contact our managed hosting team and they will help you configure this kind of access.)
Here is the basic rundown of the git server process:
- Create a “git” user and group
- Upload a public SSH key to the “git” user which will allow you (or others) to log in as the “git” user
- Create a bare repository on the server
- Add the remote repository (the one just created on the server) to a local git project
- Push changes to the remote repository
Why create a “git” user? Can you just use “root”? The git user is required because we will be pushing content to our server using SSH. In order to log in with SSH, a user is required. You could use the
root user, but this poses a security hazard. It’s considered a best practice to limit access to your
root user account. By creating a specialized git user for this process, you could—in theory—open your project to more contributors without granting access to the root user account. The git user account only has access to its own files. This way, another contributor, logged in as git, cannot make changes to your server or engage in any unwanted activity.
It might seem like an unnecessary extra step, but rest assured it is very important to create this additional user account to manage Git remotely.
Before you create your first remote git repository, you need to decide what file path you will save your repositories to. You can save repositories to different file paths, but it’s generally easier to have all of them in one directory.
First things first, it’s time to create a “git” user account with which to do all your git-related work. Remember, you can title this user account anything you want. Naming the account “git” is merely a simple way to indicate what this user account was created to do.
Remember, as you are logging into your cloud VPS account, you are using the root user. If you are not using your root user, you will need to prepend these commands with “sudo.”
Create the git user with the
Answer the questions as you are prompted, or press Enter to skip over them. These questions are not required. For the password, you can put virtually anything, because you will not be using passwords to log into this user. Remember that password authentication is not allowed on your server by default.
Now that you have created the git user, you can assume the role by using the
You will now need to create a
.ssh directory in the “home” folder for the git user. In order to do that, you must make sure you are in the home directory, so run a
cd command to make sure:
Now, create the
Next, make the directory only accessible by the git user:
chmod 700 .ssh
Now you have an
.ssh directory to hold your “authorized_keys” file, which is used to authenticate login requests. It’s time to create that file now:
And, likewise, adjust the privileges to make the file accessible only to the git user:
chmod 600 .ssh/authorized_keys
Now, you have the directory and file necessary to set up the SSH logins.
But before we move on, make sure that the “git” group is allowed to authenticate this way.
You can do that by editing your SSH configuration and adding “git” to the acceptable groups listed in the configuration file.
When you hear about “uploading” or “managing” keys, you are basically
appending these keys to the
.ssh/authorized_keys file. You can put as many public keys as you need in this file, and there are a few different ways to get to them there.
One way is to simply copy and paste the key from your local computer to the server.
There is also an SSH command that will copy the key to the server for you:
ssh-copy-id -i ~/.ssh/key [email protected]<hostname, IP address, or domain name>
Once you’ve decided which directory will house your remote repositories, you can start creating repositories first as directories
ending with a
.git extension. The extension is important, as it distinguishes the directories containing git repositories from regular directories.
For example, to create a repository called “website,” create a directory like so:
Then, enter the directory with the
Once inside the directory, create a “bare” git repository:
git init --bare
Now, when you add
website.git as a remote repository (as you’ll see how below) git will be able to recognize it.
--bare git repository basically means you are telling git, “There is nothing in this repository yet, but I want this directory (
website.git) to function as a remote repository.
So far, you have created a git user account, a bare repository in the directory of your choice, and you have SSH key authentication set up for the git user.
Now, you just need to make your local git installation aware of the new repository:
git remote add origin [email protected]:/path/to/website.git
Let us break this command a little bit.
git remote add command initiates the addition of a repository. The “origin” part names the new repository. You can put any name you want, you don’t have to use “origin,” but it is merely a conventional naming scheme.
The rest of the command specifies the precise server file path to the bare git repository you created.
The final step is to push your project to the new repository. For example, if you are pushing the “master” branch, the command will look like this:
git push origin master
That’s it! You now know how to create your own git repository on a private server.
While you’re here, you may also be interested to know how you can “checkout” (or, basically copy) files from your repository to a specific directory on your server. This is a great way to publish files to a document root or specific directory on your website.