In this tutorial we will learn about,how to install own git server with ssh and http access by using gitolite and gitweb in CentOS.For user management in Git Server,we will use the Gitolite.For showing the repository list on web interface,we will use Gitweb. And Smart HTTP is configured in Apache, to access the Git server via HTTP.
Git Project URL : http://git-scm.com/
Description of our server
Arch: i686 / x86_64
Packages : Gitolite and Gitweb
Git server ip address : 192.168.169.95
Note:You can also use git server FQDN or hostname resolvable from your internal network or DNS.
Summary : Creating a private git server. And can be accesible through ssh and http both.Here Gitweb will be used for viewing repositories detail. Gitolite is used for Git server with user/group management.
Note: If you see # sign it means root is log in. If it is $ means it is user called git log in.
Follow the given below steps as it is :
First start working from your pc ,not from git server.
First start with creating RSA key in your system means your client machine (not git server).We will start working in Git Server after finishing steps in client PC.
Step A: login into your linux pc from where you want to manage git server remotely .(means here I am talking about your client system)
Now create the RSA key . It will create two files id_rsa and id_rsa.pub in your system’s $HOME/.ssh directory. Do not give passphrase password. Just hit enter when it ask for setting passphrase password
$ ssh-keygen -t rsa -C "Git-Admin"
Step B: Now scp the id_rsa.pub file into Git Server (Its our IP Address : 192.168.169.95)
$ scp ~/.ssh/id_rsa.pub root@ip-address-of-git-server:~
Login into the Git Server with user root.
Login into Git Server as a root user.
Step 1: Install git,http and perl dependency.
# yum -y install git httpd perl-Time-HiRes perl-Data-Dumper
Step 2: Create user git and change its gid and uid
# useradd git # usermod -u 600 git # groupmod -g 600 git
Step3: Rename the id_rsa.pub file which you did scp from your system.And move the rename files to /home/git and change its owner & group with git
# mv /root/id_rsa.pub /home/git/Git-Admin.pub ; chown git:git /home/git/Git-Admin.pub
Step 4: Login with user git directly from terminal.
Do not set password for user git. And git clone the gitolite from github.com
#su -l git $whoami (The command will show you log in with which user) $echo $HOME (The command will show what is your home directory) $ git clone git://github.com/sitaramc/gitolite
Step 4: Create bin directory in /home/git and setup the Git-Admin account.
Note: We renamed the id_rsa.pub file to Git-Admin.pub ,the reason is the Gitolite will provide same name of user in gitolite.conf file as the name of .pub file.
for eg. if I use only id_rsa.pub then “id_rsa” user will be created.Hence if you are adding any user in Git Server by using its ssh key, rename the user’s id_rsa.pub key with user-name.pub .
like joe’s rsa file should be change into joe.pub (id_rsa.pub –rename–> joe.pub)
$ mkdir -p /home/git/bin $ gitolite/install -ln $ gitolite setup -pk Git-Admin.pub
Step 5: Exit from user git login and again use the user root. Now check what are values defined for suexec bydefault. Use the command “suexec -V”
$exit (logout from git user) you should be now root if you are following the steps as it is.If no then no-problem login with root again :) # suexec -v
Given below is my server’s suexec details.
[root@gitserver ~]# suexec -V -D AP_DOC_ROOT="/var/www" -D AP_GID_MIN=100 -D AP_HTTPD_USER="apache" -D AP_LOG_EXEC="/var/log/httpd/suexec.log" -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=500 -D AP_USERDIR_SUFFIX="public_html"
Step 6: Create a directory bin in /var/www (Why /var/www ? because I got the detail from suexec -V,see parameter AP_DOC_ROOT)
Below given command will create directory bin in /var/www with permission 0755 and owner &group is git
#install -d -m 0755 -o git -g git /var/www/bin
Step 7: Create a bash script with name gitolite-suexec-wrapper.sh in /var/www/bin/. Then save and exit.(I am using vi editor,you can choose your any other editor)
vi /var/www/bin/gitolite-suexec-wrapper.sh
#!/bin/bash
#
# Suexec wrapper for gitolite-shell
#
export GIT_PROJECT_ROOT="/home/git/repositories"
export GITOLITE_HTTP_HOME="/home/git"
exec ${GITOLITE_HTTP_HOME}/gitolite/src/gitolite-shell
Step 8: Set ownership and permission of /var/www/bin and gitolite-suexec-wrapper.sh
# chown -R git:git /var/www/bin # chmod 750 /var/www/bin/gitolite-suexec-wrapper.sh #chmod 755 /var/www/bin
Step 9: Now change the value of “UMASK 0077,” into “UMASK => 0027,”in file /home/git/.gitolite.rc
vi /home/git/.gitolite.rc UMASK => 0027,
Step 10: Install GitWeb
yum install gitweb
Step 11: By-Default the gitweb will be installed in /var/www/git directory.(It has gitweb.cgi file)
We will rename git directory as gitweb. And move the renamed directory inside /var/www/html
# mv /var/www/git /var/www/html/gitweb
Step 12: Change the ownership of /var/www/html/gitweb
# chown -R git:git /var/www/html/gitweb
Given below are the details of my server
[root@gitserver html]# chown -R git:git gitweb/ [root@gitserver html]# ls -ld gitweb/ drwxr-xr-x 2 git git 4096 Jun 1 12:36 gitweb/ [root@gitserver html]# ls -la gitweb/ total 252 drwxr-xr-x 2 git git 4096 Jun 1 12:36 . drwxr-xr-x 3 root root 4096 Jun 1 12:34 .. -rw-r--r-- 1 git git 115 Apr 24 2010 git-favicon.png -rw-r--r-- 1 git git 207 Apr 24 2010 git-logo.png -rwxr-xr-x 1 git git 204754 Jun 1 12:36 gitweb.cgi -rw-r--r-- 1 git git 8379 Apr 24 2010 gitweb.css -rw-r--r-- 1 git git 24142 Apr 24 2010 gitweb.js [root@gitserver html]#
Step 13: Edit the file /etc/gitweb.conf. and change the value of two variables
$projectroot and $projects_list as given below
vi /etc/gitweb.conf
our $projectroot = "/home/git/repositories/";
our $projects_list = "/home/git/projects.list";
Step 14: Edit the file /var/www/html/gitweb/gitweb.cgi and change the value of two variables
$projectroot and $projects_list as given below
vi /var/www/html/gitweb/gitweb.cgi
our $projectroot = "/home/git/repositories";
our $projects_list = "/home/git/projects.list";
Step 15: Create dummy folder git . And be carefull with permissions,owner and group
#install -d -m 0755 -o apache -g apache /var/www/git (This is dummy one)
Step 16: Open the /etc/httpd/conf/httpd.conf file and in last line paste the given below VirtualHost Configuration.
Note: If you have set the hostname and FQDN of git server then you can uncomment the ServerName,ServerAlias related lines and write the information which you have. If you do not have these info ,no problem paste the content as it is.
# You can comment out the below 3 lines and put correct value as per your server information # ServerName gitserver.example.com # ServerAlias gitserver ServerAdmin youremailid@example.com DocumentRoot /var/www/git Options None AllowOverride none Order allow,deny Allow from all SuexecUserGroup git git ScriptAlias /git/ /var/www/bin/gitolite-suexec-wrapper.sh/ ScriptAlias /gitmob/ /var/www/bin/gitolite-suexec-wrapper.sh/AuthType Basic AuthName "Git Access" Require valid-user AuthUserFile /etc/httpd/conf/git.passwd
Step 17: Edit the /etc/httpd/conf.d/git.conf file. After installation of GitWeb this git.conf file created itself. Here we are doing some changes as per our Git Server. Carefully see each line which I edited. Do not skip it is important part also.
vi /etc/httpd/conf.d/git.conf Alias /gitweb /var/www/html/gitwebOptions +ExecCGI AddHandler cgi-script .cgi DirectoryIndex gitweb.cgi AuthType Basic AuthName "Git Access" Require valid-user AuthUserFile /etc/httpd/conf/git.passwd
Step 18: Now we will create Basic apache auth username and password.
When you create a first time a user then only we use “-c” flag. -c means create new file. see man page of htpasswd.
# htpasswd -c /etc/httpd/conf/git.passwd admin
For new user addition or updating existing user’s password do not use -c flag
# htpasswd /etc/httpd/conf/git.passwd user1 # htpasswd /etc/httpd/conf/git.passwd testuser
Restart/Reload the apache whenever you setup a htpasswd user or passwd
chkconfig command to set apache service to run in runelevel 3 and 5 whenever system start.
#### On CentOS 6.x / RHEL 6.x /etc/init.d/httpd restart;chkconfig httpd on #### On CentOS 7.x / RHEL 7.x systemctl restart httpd ; systemctl enable httpd
All configuration is done. Now Git Server is ready to use.
How to see GitWeb webpage
Open the web browser and in URL type
(give username and password which you set at htpasswd command)
http://ip-address-of-git-server/gitweb/
How to clone the repository through HTTP in client machine
Use the command.
(give username and password which you set at htpasswd command)
$git clone http://ip-address-of-git-server-OR-FQDN/git/repo-name.git
See difference, when I am cloning the repo from Git Server I am using word git in between of URL.
But for git web ,I am using word “gitweb”
Note: If you want to learn why git and gitweb,open the git.conf and httpd.conf file.
In httpd.conf , “ScriptAlias /git/ /var/www/bin/gitolite-suexec-wrapper.sh/ ”
In git.conf “Alias /gitweb /var/www/html/gitweb ”
$ cd ~/Desktop $git clone http://ip-address-of-git-server-OR-FQDN/git/testing.git Now it will clone the testing repo in your Desktop or wherever directory from you run the git clone command
How to Manage user and group of Git Server
For managing Users/Groups in Git Server from your remote machine, you have to clone the gitolite-admin repo in your System. But it is the same system from which you scp the RSA key file.(Read Step A and Step B ,start of this post)
Here I will clone gitolite-admin in Desktop
$cd ~/Desktop $ git config --global user.name "Git-Admin" $ git config --global user.email "youremailid@example.com" $ git clone git@GitServerIP-or-FQDN:gitolite-admin.git
With the help of gitolite.conf file you can manage the Users and Group from your system.
But whenever you do any changes you have to do “git push”
Given below is reference from my system
sharad@mypc:~/Desktop/gitolite-admin/conf$ pwd
/home/sharad/Desktop/gitolite-admin/conf
sharad@sharad-sapplica:~/Desktop/gitolite-admin/conf$ cat gitolite.conf
repo gitolite-admin
RW+ = Git-Admin
repo testing
RW+ = @all
R = git daemon
sharad@mypc:~/Desktop/gitolite-admin/conf$
Here, meaning of –
R = Read
W = Write
Now push new changes of gitolite.conf into git server from your system
Use the given below command to push the changes into Git Server.
Go to gitolite-admin cloned directory and change to conf directory also. Edit the changes in gitolite.conf and push the code with given below command.
$ cd ~/Desktop/gitolite-admin/conf $ls -l gitolite.conf $git add gitolite.conf $git commit -m "first commit" $git push origin master
Note: git pull command is for pull the Version files/directory from Git Server.
How to create repository in Git Server
In this eg. we are creating repo called “test-repo”
Login in Git Server as root.And then change to git user.
# su -l git $ cd repositories $ mkdir linux.git $ cd linux.git $ git --bare init $ git update-server-info
Update the projects.list file
Now update the file projects.list file with new git repo name which you have just created as described in above section.
vi /home/git/projects.list testing.git linux.git
Once you updated the /home/git/projects.list file, it will help you to show repository on Gitweb.
See the below given screenshot –
(This post is last updated on 07-July -2015 )
* Added CentOS 7 in practical scenario .
* Added perl-Data-Dumper installation as dependency for gitolite.
Hi
After setup i am facing below problems
1.project.list automatically gets cleared (get set to default)
2. when i am cloning repository it says repository does not found. ( when i check the http error logs there is a error “Repository not exported ”
Can anyone help me to understand this
Thanks in advance
Hi Sharad,
I am trying to configure GIT on my CentOS 6.2. I followed your steps but was stuck in the beginning.
[git@Git-Server ~]$ gitolite setup -pk Git-Admin.pub
FATAL: ‘Git-Admin.pub’ does not seem to be a valid ssh pubkey file
I am getting above error when I ran gitolite setup -pk Git-Admin.pub
Thanks in advance.
Hello Chris,
I have to again setup a new Git Server. It has been a long time when I setup Git Server and wrote this post.
I will surely come back to answer your question after practically rechecking everything.
Regards
Sharad
Seems like htpasswd user and gitolite user need to match… it doesn’t seem to be using htpasswd for URL auth and then SSH key for git auth… that’s why you get errors like “fatal: remote error: FATAL: R any reponame admin DENIED by fallthru”
So problem here is you can manage gitolite-admin and push up new config and keys but how does that update AuthUserFile to match?
When I try to clone my newly created repo I got this error:
git clone http://192.168.0.11/git/mobilka.git
Cloning into ‘mobilka’…
fatal: remote error: FATAL: R any mobilka user1 DENIED by fallthru
(or you mis-spelled the reponame)
I’ve created it according to your tutorial
The default testing.git repo works fine.
PS. I also needed to disable SELinux otherwise I received 404 – No projects found message
Hello Michal,
In this same post read the section, How to Manage user and group of Git Server . You have to add repo name and user/group access in gitolite.conf .
Let me know if still facing the issue,we will resolve it.
Regards
Sharad
Thanks for the tutorial, I am having difficulties completing this correctly.
Not sure what I missed while following the steps, however I get authentication errors when trying to clone test project. I am sure the user/pass is correct as I am able to view gitweb with same user/pass.
[root@nsrv3 ~]# git clone http://admin@192.168.1.7/git/testing.git
Initialized empty Git repository in /root/testing/.git/
Password:
error: The requested URL returned error: 403 Forbidden while accessing http://admin@192.168.1.7/git/testing.git/info/refs
fatal: HTTP request failed
[root@nsrv3 ~]#
Use this syntax first: git clone http://ip-address-of-git-server-OR-FQDN/git/repo-name.git
check the apache log and selinux . can you paste the apache error log ,if issue is not resolved
check all the steps once again.
From the git server
[root@nsrv4 httpd]# ls
access_log error_log suexec.log
[root@nsrv4 httpd]# cat access_log
192.168.1.23 – – [07/Jan/2014:14:22:23 -0500] “GET /git/test.git/info/refs?service=git-upload-pack HTTP/1.1” 403 301 “-” “git/1.7.1”
192.168.1.23 – – [07/Jan/2014:14:22:23 -0500] “GET /git/test.git/info/refs HTTP/1.1” 403 301 “-” “git/1.7.1”
192.168.1.18 – user1 [07/Jan/2014:14:24:17 -0500] “GET /gitweb/ HTTP/1.1” 200 2268 “http://nsrv4/gitweb/” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0”
192.168.1.18 – user1 [07/Jan/2014:14:24:26 -0500] “GET /gitweb/?p=testing.git;a=summary HTTP/1.1” 200 3119 “http://nsrv4/gitweb/” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0”
[root@nsrv4 httpd]# cat error_log
[Tue Jan 07 14:21:40 2014] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Jan 07 14:21:40 2014] [notice] Digest: generating secret for digest authentication …
[Tue Jan 07 14:21:40 2014] [notice] Digest: done
[Tue Jan 07 14:21:40 2014] [notice] Apache/2.2.15 (Unix) DAV/2 configured — resuming normal operations
[Tue Jan 07 14:22:23 2014] [error] [client 192.168.1.23] (13)Permission denied: access to /git/test.git/info/refs denied
[Tue Jan 07 14:22:23 2014] [error] [client 192.168.1.23] (13)Permission denied: access to /git/test.git/info/refs denied
[Tue Jan 07 14:24:26 2014] [error] [client 192.168.1.18] fatal: bad revision ‘HEAD’, referer: http://nsrv4/gitweb/
[root@nsrv4 httpd]# cat suexec.log
[2014-01-07 14:24:17]: uid: (600/git) gid: (600/git) cmd: gitweb.cgi
[2014-01-07 14:24:26]: uid: (600/git) gid: (600/git) cmd: gitweb.cgi
[root@nsrv4 httpd]#
From Client
[root@nsrv3 ~]# git clone http://192.168.1.7/git/test.git
Initialized empty Git repository in /root/test/.git/
error: The requested URL returned error: 403 Forbidden while accessing http://192.168.1.7/git/test.git/info/refs
fatal: HTTP request failed
Thanks for the super quick responses you are awesome!!
check ownership of test.git directory. as per tutorial owner must be git user and group also git. check all directory inside test.git
I was testing with 2 centos 6.4 vms, I created 2 new fedora core 20 vms and was able to complete the tutorial as described. I may retest with centos as I may have missed a step or overlooked something. Thank you for putting this together, many thanks.
Thanks Getz Ricks,
The tutorial is already tested in live server many times.Yet,I appreciate kindly notify me if you find any issue so that I could update this tutorial or write new one.
Regards
Sharad
You are the man. Fantastic tutorial of an expert who knows the background. The only tutorial that really works. Thank you very much.
Thankyou Ingo
Another error:
git clone http://192.168.91.194/git/testing.git
Initialized empty Git repository in /root/Desktop/testing/.git/
error: The requested URL returned error: 401 Authorization Required while accessing http://192.168.91.194/git/testing.git/info/refs
fatal: HTTP request failed
found the answer …
The version of git that comes in the cent base repository, requires that the username be explicitly stated.
Sorry about last post it supposed to be nite-shift
I get this error:
/etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: Warning: DocumentRoot [/var/www/git] does not exist
[ OK ]
Follow step 15 and Hit the command ls -ld /var/www/git (does this folder exist) and check your httpd.conf file carefully again,it is in Step 16
Yep stupid me missed a step, thanks…
Hello there.
Your instructions here are fantastic, but I’m hoping you can help me with a problem I’m having. I’ve followed your steps to the letter on two other servers hoping that’d work for them but I’m having a problem. I followed these steps along on a Fedora 19 (x64) server and a Red Hat 6.4 (x64) server. The steps appear to go fine, but after everything, I get a ‘404 – No projects found’ message on both servers. If you have any recommendations as to how I can debug this further, I’d REALLY appreciate it. Ask for whatever details you want and I will share them to try to get my problem fixed. Feel free to e-mail me directly if you’d like. This is, to say the least, driving me bananas!!
Thanks in advance!!
Hey there!! Turns out the ONLY thing that prevented this from working was SELinux. As soon as I turned it off, I was good to go! And this was true on both servers. Thank you SO much for the great article!!
Great! Good to know you solved it.
More important thing is,you also successfully done practical in fedora which will help New bie that the steps are same in Fedora also
Hi Sharad, Charles,
I have the same problem – install seems to have gone OK, but I’m looking at “404 – No Projects found” in the GitWeb interface – but can see both gitolite-admin.git & testing.git in the /home/git/repositories directory. Running RedHat x64 – but I don’t have SELinux installed. Scratching my head – any help greatly appreciated.
Thanks in advance!
Hello Paul,
This problem is generally coming from Gitweb. I also found the 404 error comes when Gitweb releases the new version and some parameters get change.But After doing a few Gitweb settings changes the Project can be seen. Recently I installed a new Git Server in CentOS 6.5 and used yum for Gitweb.I found only a few settings I have not done in gitweb and it works for me.
I will write new post in this weekend.Whereas share the details which CentOS,Git and Gitweb version you have,it helps me to troubleshoot with specific specs.
Hi Sharad
I have the same issue after following your guide. 404 – No projects found. What gitweb settings did you change to make it work? Any assistance is greatly appreciated.
Hello Dillon,
I think I should re-practical it. Seems some changes has happened.
I will update the new post soon.
Regards
Sharad
Hello Paul,
I am out of city right now.I was just thinking about your issue. Check the /home/git/projects.list file. This file must have projects name entry.
check if the file exist and have above given repo name inside file. It shows the name of projects which we wants to display
Hey Sharad,
many thanks for the response and also the article – it was very useful for someone coming in with almost zero Git experience. I’ve decided to drop GitWeb from my setup & used GitList instead… http://gitlist.org/ …which was much easier to install. Not sure on the feature set differences between the two, but GitList suits my needs …and looks a little prettier 🙂
Thanks again.
Paul
Welcome Paul,if need any support contact to me through “Contact” page of blog