How to Install HTTP Git Server with Nginx and SSL on Ubuntu 22.04
This tutorial exists for these OS versions
- Ubuntu 22.04 (Jammy Jellyfish)
- Ubuntu 20.04 (Focal Fossa)
- Ubuntu 18.04 (Bionic Beaver)
- Ubuntu 16.04 (Xenial Xerus)
On this page
Git is an open-source version control system that keeps track of your software changes at the source level. It is used by thousands of developers around the world to track and manages their code changes, revert it back to previous stages, and create an alternate version of files and directories.
HTTP Git Server is an open-source project that allows users to share the Git repositories over your Local Area Network (LAN). It is very simple, easy to set up, and helps developers to manage it from the command-line interface.
This tutorial will explain setting up an HTTP Git repository server with Nginx on Ubuntu 22.04.
Prerequisites
- A server running Ubuntu 22.04.
- A valid domain name is pointed to your server IP.
- A root password is configured on your server.
Install Nginx Web Server
In this post, we will use the Nginx server to serve the Git repository, So you will need to install the Nginx web server and other required packages to your server. You can install all of them using the following command:
apt-get install nginx git fcgiwrap apache2-utils unzip -y
After installing all the packages, you can proceed to create a Git repository.
Create a Git Repository
First, a directory to store the Git repository inside the Nginx web root:
mkdir /var/www/html/gitrepo
Next, navigate to the gitrepo and create another directory for the user:
cd /var/www/html/gitrepo
mkdir hitesh.git
Next, navigate to the user directory and initialize the Git repository using the following command:
cd hitesh.git
git --bare init
You will get the following output:
Initialized empty Git repository in /var/www/html/gitrepo/hitesh.git/
Next, update the Git server information with the following command:
git update-server-info
Next, change the ownership of gitrepo and set proper permission with the following command:
chown -R www-data:www-data /var/www/html/gitrepo
chmod -R 755 /var/www/html/gitrepo
Next, create a user called hitesh and set a password:
htpasswd -c /var/www/html/gitrepo/htpasswd hitesh
You can set the password as shown below:
New password: Re-type new password: Adding password for user hitesh
You can check your password using the following command:
cat /var/www/html/gitrepo/htpasswd
Sample output:
hitesh:$vcr2$AdyCEkaA$Fsq5nDbLhBDdafCQGBUsr2
Configure Nginx to Serve Git Repository
Next, create an Nginx virtual host configuration file to serve the Git repository over the internet.
nano /etc/nginx/conf.d/gitrepo.conf
Add the following configurations:
server { listen 80; root /var/www/html/gitrepo; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name git.example.com; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } location ~ (/.*) { client_max_body_size 0; auth_basic "Git Login"; auth_basic_user_file "/var/www/html/gitrepo/htpasswd"; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; fastcgi_param GIT_HTTP_EXPORT_ALL ""; fastcgi_param GIT_PROJECT_ROOT /var/www/html/gitrepo; fastcgi_param REMOTE_USER $remote_user; fastcgi_param PATH_INFO $1; fastcgi_pass unix:/var/run/fcgiwrap.socket; } }
Save and close the file when you are finished then verify the Nginx for any syntax error using the following command:
nginx -t
You will get the following output:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Finally, restart the Nginx service to apply the changes:
systemctl restart nginx
You can also check the Nginx status using the following command:
systemctl status nginx
You will get the following output:
? nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-11-05 08:00:04 UTC; 2s ago Docs: man:nginx(8) Process: 144985 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 144986 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Main PID: 144987 (nginx) Tasks: 2 (limit: 2341) Memory: 2.5M CPU: 42ms CGroup: /system.slice/nginx.service ??144987 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; ??144988 nginx: worker process Nove 5 08:00:04 ubuntu2204 systemd[1]: Starting A high performance web server and a reverse proxy server... Nove 5 08:00:04 ubuntu2204 systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invalid argument Nove 5 08:00:04 ubuntu2204 systemd[1]: Started A high performance web server and a reverse proxy server.
Secure Git HTTP Server with Let's Encrypt
Before starting, you will need to install the Certbot client in your system to install and manage the Let's Encrypt SSL. You can install it using the following command:
apt-get install certbot python3-certbot-nginx -y
Once the Certbot client is installed, run the following command to download and install Let's Encrypt SSL for your website:
certbot --nginx -d git.example.com
Provide your email address and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for git.example.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/git.conf
Select, whether or not to redirect HTTP traffic to HTTPS:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit enter to start the process. Once the installation is completed, you should see the following output:
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/git.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://git.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=git.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/git.example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/git.example.com/privkey.pem Your cert will expire on 2023-02-06. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
At this point, your Git HTTP server is secured with Let's Encrypt SSL.
Connect to Git Repository From the Client
At this point, the Git HTTP server is set up with Nginx and Let's Encrypt SSL. Now, it's time to connect it from the client machine and test it.
First, install the Git package on the client machine using the following command:
apt-get install git -y
Next, create a directory for your project with the following command:
mkdir project
Next, navigate to your project directory and initialize the Git using the command below:
cd project
git init
Next, configure Git using your email and username:
git config --global user.email "[email protected]"
git config --global user.name "hitesh"
Next, add your Git HTTP server using the following command:
git remote add origin https://[email protected]/hitesh.git
Next, create a directory called data and add a file inside it:
mkdir data
echo "This is my first application" > data/app
Next, add your created directory and file to the Git repository:
git add .
Next, commit the changes with the following command:
git commit -a -m "Add files and directories"
You will get the following output:
[master (root-commit) 0299d83] Add files and directories 1 file changed, 1 insertion(+) create mode 100644 data/app
Next, upload your file and directory to the HTTP Git server using the following command:
git push origin master
You will be asked to provide your password to access the Git server:
Password for 'https://[email protected]':
Once you are connected, you will get the following output:
Counting objects: 4, done. Writing objects: 100% (4/4), 281 bytes | 281.00 KiB/s, done. Total 4 (delta 0), reused 0 (delta 0) To https://git.example.com/hitesh.git * [new branch] master -> master
You can also download your repository from the Git server directly using the following command:
git clone https://[email protected]/hitesh.git
You will get the following output:
Cloning into 'hitesh'... Password for 'https://[email protected]': remote: Enumerating objects: 4, done. remote: Counting objects: 100% (4/4), done. remote: Total 4 (delta 0), reused 0 (delta 0), pack-reused 0 Unpacking objects: 100% (4/4), done.
Conclusion
Congratulations! you have successfully set up an HTTP Git server with Nginx on Ubuntu 22.04. Using the command line, you can now use the Git HTTP server in your local development environment to manage and track your project.