blob: 0ada83f15710984516f12b063b5ccb0501832b84 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title type="text">The Home of David T. Sadler - All Posts About Git</title>
<id>https://davidtsadler.com/posts/git/atom.xml</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/git/"/>
<link rel="self" type="application/atom+xml" href="https://davidtsadler.com/posts/git/atom.xml"/>
<updated>2021-06-13T12:00:00Z</updated>
<entry>
<title type="text">Backing Up a Git Repository</title>
<id>https://davidtsadler.com/posts/git/2021-06-13/backing-up-a-git-repository/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/git/2021-06-13/backing-up-a-git-repository/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-06-13T12:00:00Z</published>
<updated>2021-06-13T12:00:00Z</updated>
<content type="html"><h1>Backing Up a Git Repository</h1><blockquote>Sun 13th June 2021 By David T. Sadler.</blockquote><p>Below is a quick and dirty way in which I backup all my repositories that are hosted at git.davidtsadler.com.</p><pre><code class="shell">#!/bin/sh
DATE_PREFIX=$(date +%Y%m%d)
BACKUP_DIRECTORY=/tmp
BACKUP_FILE=&quot;${BACKUP_DIRECTORY}/${DATE_PREFIX}-repositories.tar.gz&quot;
BACKUP_FILES=&quot;${BACKUP_DIRECTORY}/*-repositories.tar.gz&quot;
REPOSITORIES=/home/git/*.git
tar -czf $BACKUP_FILE $REPOSITORIES
find $BACKUP_FILES -mtime +3 -delete
exit 0</code></pre><p>All it does it tar and gzip any .git directories found under /home/git. It also removes any backups that are more than three days old.</p><p>This script has been saved as /usr/bin/backup_repositories and is ran daily via cron.</p><pre><code class="cron">0 3 * * * /usr/bin/backup_repositories &gt; /dev/null 2&gt;&amp;1</code></pre><p>It is important to know that this backup strategy is far from ideal for repositories that are heavily used as you run the high risk of trying to backup a repository as users are pushing to it. As git updates a repository in two phases this will lead to a backup that may not contain all the data and so won't be suitable for restoring. However its fine for my purposes since I'm the only user and it's unlikely that I will be making changes during the time the backup is running.</p><h3>Links</h3><a href="/posts/git/2021-05-29/setting-up-a-self-host-git-server/">2021-05-29 - Setting up a Self Hosted Git Server</a><a href="/posts/git/">Git - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Setting up a Self Hosted Git Server</title>
<id>https://davidtsadler.com/posts/git/2021-05-29/setting-up-a-self-host-git-server/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/git/2021-05-29/setting-up-a-self-host-git-server/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-05-29T12:00:00Z</published>
<updated>2021-05-29T12:00:00Z</updated>
<content type="html"><h1>Setting up a Self Hosted Git Server</h1><blockquote>Sat 29th May 2021 By David T. Sadler.</blockquote><p>I've always liked the idea of self hosting some of my git repositories. After a bit of research I found that it involves.</p><ul><li>Installing git.</li><li>Creating a git user.</li><li>Setting up ssh so that I can log into the sever securely as the git user.</li><li>Creating a test repository on the server.</li><li>Creating a test project on my local machine.</li><li>Pushing the test project to the git sever.</li></ul><h2>Installing Git</h2><p>Since its an Ubuntu server installing git is as simple as.</p><pre><code class="shell">$ sudo apt install git-core</code></pre><h2>Creating a User</h2><p>The git user will serve two purposes.</p><ul><li>The repositories will be stored in the user's home directory.</li><li>The user account will contain the public ssh keys of remote users that can access the repositories.</li></ul><pre><code class="shell">$ sudo adduser --system --shell /usr/bin/git-shell --group --disabled-password --home /home/git git</code></pre><ul><li>--system Creates a system user user. Not strictly required but since this is not a normal user account I prefer to use this option.</li><li>--shell /usr/bin/git-shell Restrict the git user to only git related activities. This also prevents remote users from obtaining a shell by logging in via ssh. Note that git-shell does not prevent normal git operations, such as pull and push, from working over ssh.</li><li>--group Creates a group that is the same name as the user.</li><li>--disabled-password Prevent logging in with a password. The use of ssh keys is still allowed.</li><li>--home /home/git The home directory for the user.</li></ul><h2>Setting up SSH</h2><p>On my local machine git will use ssh to connect to the remote server as the git user. In order to do this I will need to copy my public ssh key to the git user account.</p><p>The below commands create the required .ssh directory and authorized_keys file with the correct permissions.</p><pre><code class="shell">$ sudo mkdir /home/git/.ssh
$ sudo chown git:git /home/git/.ssh
$ sudo chmod 700 /home/git/.ssh
$ sudo touch /home/git/.ssh/authorized_keys
$ sudo chown git:git /home/git/.ssh/authorized_keys
$ sudo chmod 600 /home/git/.ssh/authorized_keys</code></pre><p>Now I can copy the public ssh key of anyone who needs access to the repositories. There are a few ways of doing this and I tend to just edit the authorized_keys file and manually copy and paste the keys into it. </p><pre><code class="shell">$ sudo vim /home/git/.ssh/authorized_keys</code></pre><p>Note that to prevent ssh port forwarding via the git user account I prepend the no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty options to the key.</p><pre><code class="shell">$ sudo cat /home/git/.ssh/authorized_keys
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCB007n/ww+ouN4gSLKssMxXnBOvf9LGt4LojG6rs6h
PB09j9R/T17/x4lhJA0F3FR1rP6kYBRsWj2aThGw6HXLm9/5zytK6Ztg3RPKK+4kYjh6541N
YsnEAZuXz0jTTyAUfrtU3Z5E003C4oxOj6H0rfIF1kKI9MAQLMdpGW1GYEIgS9EzSdfd8AcC
IicTDWbqLAcU4UpkaX8KyGlLwsNuuGztobF8m72ALC/nLF6JLtPofwFBlgc+myivO7TCUSBd
LQlgMVOFq1I2uPWQOkOWQAHukEOmfjy2jctxSDBQ220ymjaNsHT4kgtZg2AYYgPqdAv8JggJ
ICUvax2T9va5 gsg-keypair</code></pre><p>On my local machine I can test ssh access.</p><pre><code class="shell">$ ssh git.davidtsadler.com
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.</code></pre><p>The message that comes back indicates that ssh is working and that the git-shell is been used.</p><h2>Creating a Test Repository</h2><p>An empty repository is setup by running git init with the --bare option. I also ensure that the git user owns the repository and that main will be the default branch when its checked out.</p><pre><code class="shell">$ sudo git init --bare /home/git/test.git/
$ sudo chown -R git:git /home/git/test.git/
$ sudo git --git-dir=/home/git/test.git/ symbolic-ref HEAD refs/heads/main</code></pre><h2>Creating a Test Project</h2><p>Back on my local machine I can create a test project and push it to the remote server.</p><pre><code class="shell">$ mkdir test
$ cd test
$ git init
$ touch readme
$ git add .
$ git commit -m 'Initial commit'
$ git remote add origin git@git.davidtsadler.com:test.git
$ git push origin main</code></pre><p>I can also test that I can clone the repository.</p><pre><code class="shell">rm -rf test
git clone git@git.davidtsadler.com:test.git</code></pre><h3>Links</h3><a href="/posts/git/">Git - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry>
</feed>
|
