Setting Up a Git Server Using Gitosis

Posted on In Linux, Tutorial

Update: Since gitosis is not maintained and supported, please check out gitolite for setting up a new git server. (see the comment from Sitaram Chamarty, the gitolite author, the author of gitolite.)


Gitosis is a piece of software writen by Tommi Virtanen for hosting git repositories. It manages multiple repositories under the same user account. It uses SSH public keys to identify users. Users do not need shell accounts on the git server. The operations are done under the shared account.

One benefit we get from using gitosis is that we can give different users write/read right on different repositories. Another benefit is easier user and repository management. The management is done by a special repository named gitosis-admin.git on the server.

Let’s look at how to set up a git server using gitosis. Here we want to set up a git server on example.org. Please refer to Managing Repositories on Git Server Using Gitosis and Howto for New Git Users for how to manage and use the repositories managed by gitosis.

Install git and gitosis on the server

First , log in the git server by “ssh username@example.org”. The username is the account name that can sudo or the user who knows root’s password on the git server.

Then install gitosis and git. On the Fedora system, the command is like this:

$ sudo yum install git gitosis

or

$ su -c 'yum install git gitosis'

The command may be different on the other platforms.

Create the server side git user and home

We need to create a Linux account for the shared account. It is usually git. But any account name can be used. The repositories are stored in git’s home directory.

Logon to the git server by ssh username@example.org. username is the account name that can sudo or the one that knows root’s password on the git server.

$ sudo useradd -m -d /home/git -u 1005 git

Here we assume git’s home directory is /home/git.

Setup gitosis administration repository

First create the administrator’s SSH public key if you haven’t got one. On the administrator’s local machine:

$ ssh-keygen -t rsa

Then copy it to the git server’s /tmp/ directory:

$ scp ~/.ssh/id_rsa.pub username@example.org:/tmp/id_rsa.pub

Logon to the git server with account that has privilege to sudo or su. Then:

$ sudo su - git
$ cd
$ gitosis-init < /tmp/id_rsa.pub

Now we have created the gitosis administration repository on git server. The default repository directory is ~/repositories/ under git’s home directory.

Then the administrator can clone the gitosis-admin repository on  its local machine:

$ git clone git@example.org:gitosis-admin.git

There are one configuration file and one directory in gitosis-admin:

gitosis.conf  keydir

gitosis.conf is the configuration file for gitosis. keydir is used to store the users’ public SSH keys. These files are used to manage repositories and users by the administrator. A git server has been set up by now. Management work can be done by editing the files in the gitosis-admin repository and pushing it to the git server.

Public access

We may want to  give everyone read-only access to a public project without using SSH keys. We can use git-daemon. It is a daemon tool independent of gitosis and it comes with git itself.

First log on the git server as privileged user, and then use this command to export all the repositories to public users.:

$ sudo -u git git-daemon --base-path=/home/git/repositories/ --export-all

Someone can then clone repository example.git like this:

$ git clone git://example.org/example.git

Note the difference of the repository address.

If we only want to export selected repositories, we should remove “–export-all” from the above command. Then if we want to export example.git to the others, we need to log on the git server (privileged account is needed), go to the repository’s directory (/home/git/repositories/example.git for this example),  and create a file named git-daemon-export-ok:

$ touch git-daemon-export-ok

This repository is exported to the public now, while the others are keep private (if not set to be public).

Eric Ma

Eric is a systems guy. Eric is interested in building high-performance and scalable distributed systems and related technologies. The views or opinions expressed here are solely Eric's own and do not necessarily represent those of any third parties.

Leave a Reply

Your email address will not be published. Required fields are marked *