Lampros - Weird Bricks

Setting up a private Git repository with Gogs

24 September, 2017 | CentOS

Sometimes you just don't want to use GitHub. Maybe it's the cost for setting up private repositories, or maybe you don't trust them enough. Whatever the reason might be, setting up a private repository is actually really easy.

In this post I demonstrate how I used Gogs to setup a private repository on a rather small 2GB VPS.

1. Add a git user that Gogs will run under:

useradd --create-home --shell=/sbin/nologin git

2. Install git as it is a dependency:

yum install git -y

3. Download the latest version of Gogs:

Note: the latest release can always be found here: https://github.com/gogits/gogs/releases

cd /tmp
curl -LO https://github.com/gogits/gogs/releases/download/v0.11.29/linux_amd64.tar.gz
tar -xzf linux_amd64.tar.gz

4. Move the `gogs` directory under `/home/git`:

mv gogs /home/git/

5. Copy the systemd unit file to `/usr/lib/systemd/system/`:

cp /home/git/gogs/scripts/systemd/gogs.service /usr/lib/systemd/system/

6. Edit that file and remove the dependencies on the bigger databases - `/usr/lib/systemd/system/gogs.service`:

Change the line:

ExecStart=/home/git/gogs/gogs web

to:

ExecStart=/home/git/gogs/gogs web -c /home/git/gogs/custom/conf/app.ini

7. Create a directory for the Gogs configurations and add the `app.ini` file there:

mkdir -pv /home/git/gogs/custom/conf
vi /home/git/gogs/custom/conf/app.ini

Use the following contents for the configuration file:

# source: https://gogs.io/docs/advanced/configuration_cheat_sheet
[default]
RUN_MODE = prod

[server]
# in the DOMAIN line replace with your FQDN or use the public IP of your server
DOMAIN = 69.87.216.153
PROTOCOL = https
CERT_FILE = /home/git/gogs/cert.pem
KEY_FILE = /home/git/gogs/key.pem
START_SSH_SERVER = true
SSH_LISTEN_PORT = 4000
SSH_PORT = 4000
SSH_ROOT_PATH = /home/git/.ssh

[database]
DB_TYPE = sqlite3
PATH = /home/git/gogs/data/gogs.db

[service]
# we also don't want users to see the registration button
SHOW_REGISTRATION_BUTTON = false
REQUIRE_SIGNIN_VIEW = true

8. Create an SSL cert using the built in `cert` option:

cd /home/git/gogs
./gogs cert --host `curl icanhazip.com -4`

9. Make sure that the permissions are correct for the `/home/git` directory:

chown -R git:git /home/git

10. Start the service and enable it so that it starts on reboots:

systemctl start gogs
systemctl enable gogs

11. Go to your IP address - for example: https://69.87.216.153:3000 - you should get the install page. Once you're there:

Under "Application General Settings" :

For example for my VPS where I'm setting this up, it will show the IP address like so:

69.87.216.153
https://69.87.216.153:3000/

Under "Optional Settings" find the "Server and Other Services Settings" make sure to tick "Enable Require Sign In to View Pages"

Finally expand the "Admin Account Settings" and add an administrator user. Use a very strong password.

Once you're done, click on the blue "Install Gogs" button - this should install Gogs and also sign you in as the user you just created.

12. Add a regular user:

Click on the blue button on the top right and click on "Admin Panel". Then on the left side click on "Users" and click on "Create New Account".

Use the form to add a regular user.

13. OK cool, how do I use this?

Login as a regular user and create a new repository. For example say you created the repository "yoyoyoyo-goat".

If you already have `git` installed, you can use it to clone the repository locally.

Add a configuration like this for your git user:

add the file ~/.gitconfig with contents:

[user]
name = First Last
email = someemail@somedomain.com
[http]
sslVerify=false

[credential]
# this sets a 2 hour cache for your password, so you don't have to retype it
# adjust as needed
helper=cache --timeout=7200

Then clone your repository:

git clone https://69.87.216.153:3000/lampros/yoyoyoyo-goat.git

You'll see prompts for your git username and password - those are the ones for the regular user you created earlier.

14. How do I backup the whole thing ? Easy - run as root:

cd /home/git/gogs
tar -czpvf /root/backup1.tgz .

Let's pretend an evil admin deleted the directory:

rm -rfv /home/git/gogs

Recreate it first:

mkdir -pv /home/git/gogs

Restore the backup

tar -xzf /root/backup1.tgz -C /home/git/gogs

Make sure the permissions are good:

chown -R git:git /home/git/gogs

Sources: