Added git server article draft

1 files changed, 135 insertions, 0 deletions

diff --git a/blog/git_server.html b/blog/git_server.html
new file mode 100644
index 0000000..49a9566
--- /dev/null
+++ b/blog/git_server.html
@@ -0,0 +1,135 @@
+<!DOCTYPE html>
+
+<html>
+    <head>
+        <title>cacharle</title>
+        <link rel="stylesheet" type="text/css" href="../style.css"/>
+        <meta charset="utf-8"/>
+	<link rel="icon" type="image/png" href="../favicon.png" />
+    </head>
+
+    <body>
+        <div id="page-wrapper">
+        <!--BLOG-->
+<h1 id="how-to-make-your-own-git-serverwebsite">How to make your own git server/website</h1>
+<h2 id="server-setup">Server setup</h2>
+<p>We’re going to create a <code>git</code> user and group, will be used for accessing our git repositories without needing to be root.</p>
+<div class="sourceCode" id="cb1"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true"></a><span class="ex">useradd</span> -m git</span>
+<span id="cb1-2"><a href="#cb1-2" aria-hidden="true"></a><span class="fu">mkdir</span> /srv/git</span>
+<span id="cb1-3"><a href="#cb1-3" aria-hidden="true"></a><span class="fu">chown</span> git:git /srv/git</span></code></pre></div>
+<p>The repositories will be stored as bare, this mean that we will only store the <code>.git</code> folder to save space.</p>
+<blockquote>
+<p>To create a bare repo: <code>git init --bare</code></p>
+</blockquote>
+<blockquote>
+<p>To clone a repo as bare: <code>git clone bare &lt;location&gt;</code></p>
+</blockquote>
+<p>You can either add a password for the git user or put your ssh public key in <code>/home/git/.ssh/authentication_keys</code> and disable password authentication for ssh.</p>
+<p>You can now clone from your server with <code>git clone git@&lt;hostname&gt;:/srv/git/&lt;reponame&gt;</code></p>
+<h2 id="better-server-interaction-with-git-shell">Better server interaction with git-shell</h2>
+<p>Permit the git user to have a regular shell can be a security issue, we would like that to restrict him to a few action, like creating/deleting a repository, importing a repository, listing the repo currently stored</p>
+<p>Make the git-shell a valid shell <code>echo $(which git-shell) &gt;&gt; /etc/shells</code></p>
+<p>Change the shell of the git user <code>chsh -s $(which git-shell) git</code></p>
+<p>If you try to ssh as the git user, you will be greeted with something along the line of:</p>
+<pre><code>fatal: Interactive git shell is not enabled.
+hint: ~/git-shell-commands should exist and have read and execute access.
+Connection to &lt;host&gt; closed.</code></pre>
+<p>As suggested by the hint we have to create the directory <code>/home/git/git-shell-commands</code> and put the commands (executable) that the git user is allowed to execute in.</p>
+<p>Here is a script to create a repo:</p>
+<div class="sourceCode" id="cb3"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true"></a><span class="co">#!/bin/sh</span></span>
+<span id="cb3-2"><a href="#cb3-2" aria-hidden="true"></a><span class="bu">[</span> <span class="va">$#</span> <span class="ot">-ne</span> 1<span class="bu"> ]</span> <span class="kw">&amp;&amp;</span> <span class="bu">echo</span> <span class="st">&quot;Usage: </span><span class="va">$0</span><span class="st"> name&quot;</span> <span class="kw">&amp;&amp;</span> <span class="bu">exit</span> 1</span>
+<span id="cb3-3"><a href="#cb3-3" aria-hidden="true"></a><span class="va">repo_path=</span><span class="st">&quot;/srv/git/</span><span class="va">$1</span><span class="st">.git&quot;</span></span>
+<span id="cb3-4"><a href="#cb3-4" aria-hidden="true"></a><span class="bu">[</span> <span class="ot">-d</span> <span class="st">&quot;</span><span class="va">$repo_path</span><span class="st">&quot;</span><span class="bu"> ]</span> <span class="kw">&amp;&amp;</span> <span class="bu">echo</span> <span class="st">&quot;</span><span class="va">$0</span><span class="st">: Error: </span><span class="va">$repo_path</span><span class="st"> already exist&quot;</span> <span class="kw">&amp;&amp;</span> <span class="bu">exit</span> 2</span>
+<span id="cb3-5"><a href="#cb3-5" aria-hidden="true"></a><span class="fu">mkdir</span> <span class="st">&quot;</span><span class="va">$repo_path</span><span class="st">&quot;</span></span>
+<span id="cb3-6"><a href="#cb3-6" aria-hidden="true"></a><span class="fu">git</span> -C <span class="st">&quot;</span><span class="va">$repo_path</span><span class="st">&quot;</span> init --bare</span></code></pre></div>
+<p>Put it under <code>git-shell-commands/create</code> and make it executable then try to ssh as the git user once again.</p>
+<p>You should have a prompt like <code>git&gt;</code>, you can call the <code>create</code> command with a repo name as the first argument and it should create a new repository for you.</p>
+<h2 id="allow-anyone-to-clone-with-git-daemon">Allow anyone to clone with git-daemon</h2>
+<p>The git daemon will allow annone to clone your repos with something like <code>git clone git://&lt;host&gt;/&lt;repo&gt;</code></p>
+<p><code>git daemon --reuseaddr --base-path=/srv/git/ /srv/git/</code> and that’s it</p>
+<p>You should make it a service in your service supervisor, example with systemctl:</p>
+<pre><code>[Unit]
+Description=Start Git Daemon
+[Service]
+ExecStart=/usr/bin/git daemon --reuseaddr --base-path=/srv/git/ /srv/git/
+Restart=always
+RestartSec=500ms
+StandardOutput=syslog
+StandardError=syslog
+SyslogIdentifier=git-daemon
+User=git
+Group=git
+[Install]
+WantedBy=multi-user.target</code></pre>
+<p>Put it in <code>/etc/systemctl/system/git-daemon.service</code> and run <code>systemctl enable git-daemon</code> then <code>systemctl start git-daemon</code>.</p>
+<h3 id="publicprivate-repo">Public/private repo</h3>
+<p>You may want to introduce a distiction of which repo is public and which is private</p>
+<p>A simple way to do this is by creating a <code>public</code> directory in <code>/srv/git</code> which will contain symbolic link to the repo in <code>/srv/git</code></p>
+<pre><code>/srv/git
+|- foo.git
+|- bar.git
+|- qux.git
+|- public
+    |- foo.git -&gt; /srv/git/foo.git
+    |- bar.git -&gt; /srv/git/bar.git</code></pre>
+<p>You can change the git daemon to only serve the public repositories <code>git daemon --reuseaddr --base-path=/srv/git/public /srv/git/public</code></p>
+<h2 id="generate-a-static-website">Generate a static website</h2>
+<p>Here we will create a site that look’s like <a href="https://git.suckless.org">this</a> with <a href="https://nginx.org">nginx</a>, <a href="https://git.codemadness.org/stagit/">stagit</a> and a few scripts.</p>
+<p>If you don’t like the minimalistic appearence of the site, <a href="https://git.wiki.kernel.org/index.php/Interfaces,_frontends,_and_tools#Web_Interfaces">here</a> is a list of alternative.</p>
+<p>Install nginx (on Debian based distro): <code>apt install nginx</code></p>
+<p>Create a basic configuration file for your site:</p>
+<pre><code>server {
+    root /var/www/git;
+    index index.html index.htm;
+
+    server_name git.&lt;hostname&gt; www.git.&lt;hostname&gt;;
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}</code></pre>
+<p>It’s a convention to put it in a <code>git.</code> subdomain. <code>systemctl enable nginx &amp;&amp; systemctl start nginx</code></p>
+<p>Install stagit:</p>
+<pre><code>git clone git://git.codemadness.org/stagit
+cd stagit
+make
+make install</code></pre>
+<p>To generate a static page for a repo <code>stagit /path/to/repo</code>. To generate an index for multiple repositories <code>stagit-index repo1 repo2 repo3 &gt; index.html</code></p>
+<p>Here is a script to generate a site for all repo in <code>/srv/git/public</code></p>
+<div class="sourceCode" id="cb8"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true"></a><span class="co">#!/bin/sh</span></span>
+<span id="cb8-2"><a href="#cb8-2" aria-hidden="true"></a></span>
+<span id="cb8-3"><a href="#cb8-3" aria-hidden="true"></a><span class="va">repos=$(</span><span class="fu">find</span> /srv/git/public/ -type l<span class="va">)</span></span>
+<span id="cb8-4"><a href="#cb8-4" aria-hidden="true"></a><span class="va">current=$(</span><span class="bu">pwd</span><span class="va">)</span></span>
+<span id="cb8-5"><a href="#cb8-5" aria-hidden="true"></a></span>
+<span id="cb8-6"><a href="#cb8-6" aria-hidden="true"></a><span class="kw">for</span> <span class="ex">repo</span> in <span class="va">$repos</span><span class="kw">;</span> <span class="kw">do</span></span>
+<span id="cb8-7"><a href="#cb8-7" aria-hidden="true"></a>    <span class="va">repo_name=$(</span><span class="fu">basename</span> <span class="st">&quot;</span><span class="va">$repo</span><span class="st">&quot;</span> <span class="kw">|</span> <span class="fu">sed</span> <span class="st">&#39;s/\.git//&#39;</span><span class="va">)</span></span>
+<span id="cb8-8"><a href="#cb8-8" aria-hidden="true"></a>    <span class="va">repo_static_path=</span><span class="st">&quot;/var/www/git/</span><span class="va">$repo_name</span><span class="st">&quot;</span></span>
+<span id="cb8-9"><a href="#cb8-9" aria-hidden="true"></a>    <span class="fu">mkdir</span> -p <span class="st">&quot;</span><span class="va">$repo_static_path</span><span class="st">&quot;</span></span>
+<span id="cb8-10"><a href="#cb8-10" aria-hidden="true"></a>    <span class="bu">cd</span> <span class="st">&quot;</span><span class="va">$repo_static_path</span><span class="st">&quot;</span> <span class="kw">||</span> <span class="bu">exit</span> 1</span>
+<span id="cb8-11"><a href="#cb8-11" aria-hidden="true"></a>    <span class="bu">echo</span> <span class="st">&quot;git://cacharle.xyz/</span><span class="va">$repo_name</span><span class="st">&quot;</span> <span class="op">&gt;</span> <span class="st">&quot;</span><span class="va">$repo</span><span class="st">/url&quot;</span></span>
+<span id="cb8-12"><a href="#cb8-12" aria-hidden="true"></a>    <span class="ex">stagit</span> <span class="st">&quot;</span><span class="va">$repo</span><span class="st">&quot;</span></span>
+<span id="cb8-13"><a href="#cb8-13" aria-hidden="true"></a>    <span class="fu">ln</span> -sf <span class="st">&quot;</span><span class="va">$repo_static_path</span><span class="st">/log.html&quot;</span> <span class="st">&quot;</span><span class="va">$repo_static_path</span><span class="st">/index.html&quot;</span></span>
+<span id="cb8-14"><a href="#cb8-14" aria-hidden="true"></a>    <span class="bu">echo</span> <span class="st">&quot;Generated </span><span class="va">$repo_static_path</span><span class="st">&quot;</span></span>
+<span id="cb8-15"><a href="#cb8-15" aria-hidden="true"></a><span class="kw">done</span></span>
+<span id="cb8-16"><a href="#cb8-16" aria-hidden="true"></a></span>
+<span id="cb8-17"><a href="#cb8-17" aria-hidden="true"></a><span class="bu">echo</span> <span class="st">&quot;Creating index&quot;</span></span>
+<span id="cb8-18"><a href="#cb8-18" aria-hidden="true"></a><span class="ex">stagit-index</span> <span class="va">$repos</span> <span class="op">&gt;</span> /var/www/git/index.html</span>
+<span id="cb8-19"><a href="#cb8-19" aria-hidden="true"></a></span>
+<span id="cb8-20"><a href="#cb8-20" aria-hidden="true"></a><span class="bu">cd</span> <span class="st">&quot;</span><span class="va">$current</span><span class="st">&quot;</span> <span class="kw">||</span> <span class="bu">exit</span> 1</span>
+<span id="cb8-21"><a href="#cb8-21" aria-hidden="true"></a><span class="fu">chown</span> -R git:git /srv/git</span></code></pre></div>
+<p>There is more smart ways to handle this to rebuild the webpages each time someone pushes to the repo with <a href="https://git.codemadness.org/stagit/file/README.html#l92">git hooks</a>.</p>
+<h2 id="sources">Sources</h2>
+<ul>
+<li><a href="https://www.youtube.com/watch?v=ju9loeXNVW0">Setting up *Your Own* Git Server</a></li>
+<li><a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server">Git book - setting up the server</a></li>
+<li><a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Git-Daemon">Git book - git daemon</a></li>
+<li><a href="https://git.codemadness.org/stagit/">stagit - Static website generator for git repository</a></li>
+<li><a href="https://git-scm.com/docs/git-shell.html">git-shell man</a></li>
+</ul>
+        </div>
+
+        <footer>
+            <!--TODO-->
+        <footer>
+    </body>
+</html>