Building Your Own GIT Server – Part 1

Friday, February 3rd, 2012

Over the last 6 months I have been using subversion (Svn) to version control all of the code I work on. I chose it at the time as it was so simple to setup on windows. VisualSVN Server gave me an all in one application that runs on my SBS server, coupled with TortoiseSVN integration on my windows desktop and it was a simple, solid way of tracking my code.

Svn seemed to be lacking, it was slow and clumsy at times and I wanted something quicker and more manageable with granular control over access should I ever choose to open the server to the Internet for collaboration. I need something fast, decentralised to prevent data loss, cross platform for both the server and the clients and most importantly I need to keep better backups.

I have been hearing good things about Github and decided to check it out. While it is an awesome place to store your open source code for free, I needed a place to store my private code. Github charges for private repositories and I do not want to spend any money on this. As I quite like to have my code on my own servers I chose to use Git. Git satisfies all of my needs except granular security control, which is covered by an external package that will add the security functions I want/need.

The best part about Git is that it is decentralised, meaning that each working copy of code is actually a full-fledged repository with its own revision control and tracking, allowing you work literally anywhere and your code is fully tracked. I will use a central server to act as a central repository for others to clone from and most importantly as a backup should the worst happen.

In this tutorial I am going to show you how to get your own Git server set up and make sure all of your clients can connect with password-less logins using SSH public keys. This will be a very in-depth tutorial so go grab yourself a cuppa . I will cover each step in great, yet simple detail, so you can understand the process and gain some insight into the workings of a server rather than copying and pasting code and not knowing what you are doing it for.

As this tutorial is Debian specific you will need to translate the commands to your flavour of Linux.

Tools you will need: (I suggest downloading them all now so they are ready)

Server (I run mine through vmware)

• Ubuntu 11.04 32bit or 64bit

Linux (no need to download these, we will install them as we go)

• git-core – Essential core files for Git
• openssh – SSH Client
• openssh-server – SSH Server

Windows

• Putty – Implementation of telnet/SSH for windows
• Puttygen – Used to convert SSH keys to ppk files for Putty and TortoiseGit
• Msysgit – This is Git, for windows
• Tortoisegit – Integrates into windows explorer context menu
• WinSCP – For copying files to your server (it’s much easier with a gui)

Optional, but highly recommended

• A cup of tea.
• Several biscuits. No custard creams though.

Building the Server in 22 Simple steps and about 20 minutes The first thing you need to do is set up our base server to install Git onto. You will be using the Ubuntu Server addition. I have been a fan of Ubuntu for a long time and their server addition is excellent. This tutorial will work for any Debian OS but you will need to translate the commands to your own flavour of Linux if you decide to go with something different. If you already have your server up and running then you can skip this section and move onto Installing Git on the server.

Step 1

• Boot up your pc/server/virtual machine with the ISO file you downloaded earlier. I will not be covering how to burn the image to disc or flash drive. Make sure you have told the BIOS to boot from CD or USB. Now boot up your machine.

Step 2

• As soon as the disc boots up you will have to choose the language for the installer. Go ahead and select the language you want.

Step 3

• You will be presented with a few options but the one you need is Install Ubuntu Server. Go ahead and hit enter.

Step 4

• Choose your main language

Step 5

• Choose your region

Step 6

• Select No for Detect keyboard layout. You can choose yes and follow the on screen instructions to automatically detect your keyboard layout. If you do this then skip ahead to step 9.

Step 7

• Choose keyboard layout

Step 8

• Choose local keyboard layout

Step 9

• Enter the hostname for this server – A hostname is a name assigned to a device on a network and is used to identify it in various forms, like DNS for example. This will save you having to use the IP address all the time.

Step 10

• Select yes if the time zone is correct.

Step 11

• I choose to use the entire disk, but if you know what you are doing with Logical Volume Management and Encryption then carry on.

Step 12

• Select the hard disk you wish to format. You may have multiple drives if using a physical machine so make sure you select the correct drive.

Step 13

• Confirm and write the changes to disk. be warned, this is the actual part where the drive gets formatted so make sure you chose the right disk in the previous step. If not, then just go back and check.

Step 14

• Now sit back for a few minutes while the disk is formatted and the base system gets installed.

Step 15

• Enter your full name – I usually use a nickname here but you can type your full name in if you wish.

Step 16

• Enter your password twice to confirm it.

Step 18

• Choose whether you want to encrypt your home folders. For security it is usually a good idea.

Step 19

• Set up your proxy information. Usually you will not be behind a proxy so just hit enter without putting any information in. If you are behind a proxy then make sure you enter the correct details. The system will configure apt and install the software.

Step 20

• I choose to install all security updates automatically, saves me having to remember

Step 21

• In the initial software selection you only need SSH at the moment. Press the spacebar to tick the box next to OpenSSH Server, then press tab to jump down to continue and hit enter. The boot loader will now install. When asked, choose yes to install GRUB into the master boot record.

Step 22

• The Grub boot loader will continue to install and when it is finished you are all done. If you are on a physical machine then remember to take out the CD or flash drive and hit enter to reboot. VM’s need not take the drive out, the VM will sort it out for you.

Once the server reboots and you have logged back in you will need to update it so you have the current versions of all the installed software.

• sudo apt-get update && sudo apt-get upgrade -y

This command will update the system then grab all the available updates and install them. The -y tag just tells the terminal to say yes when asked if it is OK to go ahead and install the updates.

It is likely that the update came with a new kernel image so you will have to reboot and log back in.

• sudo reboot

Now you are logged back in you need to enable the root account. Once you are finished with the root account you will disable it again. Type the following to enable to root account and give it a password.

• sudo passwd root

You will be asked for your sudo password (that’s the password for your user account), then you will enter the new root password twice.

Now for the network, you are going to give the server a static IP address so it is easier to log into via SSH and Git later on.

• sudo nano /etc/network/interfaces

Enter your password if it asks. The interfaces file will look similar to this:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

The main network adapter is eth0, so that is the only one we be configuring. You need to make this file look like the following. Make sure you remember to use your own network information in place of what I have written.

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 10.100.1.4
netmask 255.255.255.0
network 10.100.1.0
broadcast 10.100.1.255
gateway 10.100.1.254

To save the file once you are finished press ctrl-x, type the letter y and hit enter. That basically tells nano that you want to quit and yes, save the changes. Networking will now need to be restarted for the changes to take effect.

• sudo /etc/init.d/networking restart

Once the network has restarted issue this command to check that the changes have taken effect. This is similar to ipconfig on a windows machine. It shows you the details for each network interface on your machine.

• ifconfig eth0

The 2nd line of the output should be something similar to the following:

• inet addr:10.100.1.10 Bcast:10.100.1.255 Mask:255.255.255.0

I have highlighted the information you need to check. Once you are satisfied with the result it is time to move on.

Installing Git on the Server

Now that your server is up and running you can install Git.

Type the following command to install Git

• sudo apt-get install git-core

That is it, Git is now installed, but you do need to get everything set up for use though, the repositories will be created a little later on.

I like to use a single user account on the server to access my repositories and authenticate each person/workstation using SSH keys. This way you have one account and multiple users who are all verified by their SSH public key.

Private and Public key pairs can sound a bit daunting at first but it is relatively simple to understand. Two keys will be generated, your public key and your private key. As you would imagine the public key is the one that gets put onto the server, the data is then encrypted with your public key and the only key that can decrypt it is your private key. Lets look at a simple example.

Bob and Alice need a way of sending data to each other that no one can decrypt even if the data is intercepted. Bob and Alice both have their own public and private keys, so they decide to share public keys with each other. Bob encrypts some data with Alice’s public key so that when she receives it she uses her private key to decrypt the message. Once she has her reply ready she will use Bob’s public key to encrypt it and send it on. Bob will then use his private key to decrypt it.

That is a simple example of public/private key pairs. What you will be using them for is password-less logins. You will generate your public/private keys and give the server your public key. The connection to the server is established and the server will present you with a list of public keys, if your private key matches one of the public keys on file then the connection between your computer and the server is allowed. This all happens extremely quickly and requires no input from you once you have your keys set up. I will go over this in detail to make it simple. Linux users will have it very easy, Windows users however have a little more work to do.

So lets get the user account created.

• sudo adduser –system –shell /bin/sh –gecos ‘GIT Version Control –group –disabled-password –home /git_repos git

Here you tell the server to add a new system user called git, with the /bin/sh shell, a description of GIT Version Control User with a group that will have the same name as the new user, a disabled password and the home folder will be /git_repos.

Now you need to get the foundations of SSH access sorted.

• sudo mkdir /git_repos/.ssh && touch authorized_keys

First you make a folder called .ssh, then create a file call authorized_keys (yup, American English). As you did this as a different user, you now need to correct the permissions on the files.

• sudo chown -R git:git /git_repos/.ssh
• sudo chmod 600 /git_repos/.ssh/*

What you did was change ownership of the .ssh folder and all sub folders back to the git user then changed the file permissions of the authorized_keys file to read-only, so no one can add keys to that file accept for you. You will need to add a key for each of the desktops/laptops you want to allow access to the Git repos.

Installing Git & Generate your SSH keys on your client machines.

Linux

Generating your SSH keys on Linux is simple. Just enter the following command

• ssh-keygen -t rsa

If this fails, you will need to install openssh.

• sudo apt-get install openssh && ssh-keygen -t rsa

Your keys will be stored in your home folder, inside a hidden folder called .ssh. Your public key will be in id_rsa.pub and your private key is in id_rsa.

Now install Git with the following command

• sudo apt-get install git-core

Could not have been simpler than that for Linux machines. You need to set up the global config for Git, namely your name and email address. This is used to sign off your commits.

• git config –global user.name “Your Name Here”
• git config –global user.email “you@youremail.com”

Windows

This involves a little more work to get your SSH keys as Windows does not come with SSH in any shape or form and you can’t just apt-get install it. You will have to install msysgit to get the command line interface you need to generate the keys. The advantage of doing it with msysgit is that it will also install Git. You should have downloaded this package already so lets get started.

Double click the .exe file called Git–1.7.*-preview********.exe and click run (if you get the security info box) and click next when the installer starts.

• Accept the license agreement.
• Select next to choose the default install location.
• Before clicking next you should tick the 2 unchecked boxes under Windows Explorer integration > Context menu entries so that these options are added to your right click menu should you decide to use them in the future.
• Now click next.
• Click next again.
• Keep the selection on Use Git Bash only and click next.
• Keep the selection on Checkout Windows-style, commit Unix-style line endings.
• Msysgit will now install, un-tick the View ReleaseNotes.rtf box (unless you want to read them) and click finish.

You will now have an icon on your desktop called Git Bash. Run the application and you get a Linux style terminal window. Enter the following command and follow the instructions.

• ssh-keygen -t rsa

Leave the default file save location and hit enter, then hit enter again 2 more times to save the public key without a pass-phrase. You can choose to use a pass-phrase if you wish, but this will no longer be password-less logins.

Your public and private keys will now be saved in C:/Users//.ssh if you are on Windows 7. Windows XP will be similar but your profile lives in Documents and Settings rather than Users.

Your public key is in a file called id_rsa.pub Your private key is in a file called is_rsa

Now that you have your private and public keys you will need to put the public key onto the server.

Install your SSH keys on the server

Linux

• scp ~/.ssh/id_rsa.pub root@10.100.1.10:/git_repos/.ssh/authorized_keys

You have to do this as root because you cannot use the git account until your SSH key is on the server.

Windows

Windows does not come with SCP, so you need a third party application to handle this for us. Luckily WinSCP is a GUI based explorer that will connect to the server similar to a FTP application.

Install WinSCP from the downloaded file you grabbed earlier and accept all the default options. Keep the Launch WinSCP box ticked and click finish. Once it opens you will have this window in front of you. The hostname will be the IP address of the server or the friendly name you gave the server earlier on, and use the root account for user and password. Now click on Login. Once you are logged in you will need to navigate to the /git_repos/.ssh folder in the right hand pane. Right click on the authorized_keys file and select Edit.

Find the public key you generated earlier and copy and paste the text as is into the authorized_keys file. Save the file and close it, WinSCP will automatically upload the changed file onto the server. Close the connection.

You are done with the root account on the server so you can now disable it. On the server type the following:

• sudo passwd -l root

Creating repositories on the server and your local machines.

You now need to create your repositories on the server. I find it best to section off the repositories I use. For example, any work I do for Soddengecko.com will reside in a folder called soddengecko.com etc etc and the repositories will be stored here.

• soddengecko.com
• — themes
• —— blank_theme.git “master”.

The Commit dialogue box will open. At the top is the box for your commit message. Describe what you have done, for example, added README file then click on the Sign button. This will sign your commit with the username and email address you set earlier. Make sure you have files that have been altered (no alterations and the commit will not allow you to OK it) and click the OK button at the bottom. Your first commit has now been done, now to push to the remote server.

Right click again and select Git push from the menu. The Push dialogue box is now open and you need to set a remote machine first. Click on Manage about half way down on the right hand side. Type in a name for this remote, I suggest using origin again as this is where you will keep the original working copy. Type in the URL like this

• ssh://git@10.100.1.10/git_repos/projects/myproject.git

You now need to load in your putty key (it is your private key in putty format) but your private key is not readable by TortoiseGit yet. Find and run the PuttyGen download you grabbed earlier on and run it. It is a self executing file so nothing is installed and the app should open right up. At the top click on Conversions then Import key. Navigate to your .ssh folder in your user folder and load the id_rsa file, your private key. In the Key comment line add something that will remind you which key this is, I chose to go with Gecko Desktop so I know it is myself and it was done on my desktop computer. Click on the Save private key button and save the file in your .shh folder. Name the file private_key.ppk

Go back to the TortoiseGit window and click the browse button next to Putty Key and find the file you just created. Click the Add/Save button and click OK at the bottom.

You should now be back to the Push dialogue and Origin will be selected in the box to the left of Manage. make sure the option Autoload Putty Key is selected and click the OK button. TortoiseGit will now push the files/folders/changes to the server. Click Close to dismiss the TortoiseGit box.

That is it for getting set up and committing your first project. I have shown you how to:

• Build your own Ubuntu server.
• Install Git as a central repository.
• Create repositories on the server.
• Install Git on your client machines.
• Initialise your project folder, add files and commit them.
• Push your project to the server.

Cloning (downloading) an existing repository

Let’s say you have set up a new laptop to code on and you do not have any projects on there. You are going to want to clone a repository so you can continue work on your project. Cloning a Git repository downloads all the project files to your designated folder. Cloning an existing project will also automatically add the remote server so you do not have to add it when you decide to push your code back to the server.

Linux

Open up your terminal and navigate to your projects folder (or another suitable folder). Make sure you know the URL of your remote repository and type

• git clone ssh://git@10.100.1.10/git_repos/projects/myprojct.git

Git will now connect to the server and download (clone) that repository onto your shiny new laptop.

GitHub, for example, has plenty of open source projects you could clone and work on. When on GitHub’s website you would grab the repository URL and clone that like you did above.

Windows

Right click in your projects folder and select the option Git Clone… and the Clone dialogue box will open. In the URL box you type

• ssh://git@10.100.1.10/git_repos/projects/myprojct.git

Now select the location you would like to download the project too. This will be filled in already but you can choose a different location for it. Make sure the Load Putty Key box is ticked and browse to your .ssh folder and load the private_key.ppk file you created earlier. Now just click on the OK button.

Cloning from GitHub and the rest of the web is the same as the above, just get the URL to the repository and clone it.

In the next tutorial I will go over the other Git commands that you will find handy. Stay tuned.