How to Install HTTP Git Server with Nginx and SSL on Ubuntu 22.04

Git is an open-source version control system that keeps track of your software changes at the source level. It is used by thousands of developers around the world to track and manages their code changes, revert it back to previous stages, and create an alternate version of files and directories.

HTTP Git Server is an open-source project that allows users to share the Git repositories over your Local Area Network (LAN). It is very simple, easy to set up, and helps developers to manage it from the command-line interface.

This tutorial will explain setting up an HTTP Git repository server with Nginx on Ubuntu 22.04.

Prerequisites

  • A server running Ubuntu 22.04.
  • A valid domain name is pointed to your server IP.
  • A root password is configured on your server.

Install Nginx Web Server

In this post, we will use the Nginx server to serve the Git repository, So you will need to install the Nginx web server and other required packages to your server. You can install all of them using the following command:

apt-get install nginx git fcgiwrap apache2-utils unzip -y

After installing all the packages, you can proceed to create a Git repository.

Create a Git Repository

First, a directory to store the Git repository inside the Nginx web root:

mkdir /var/www/html/gitrepo

Next, navigate to the gitrepo and create another directory for the user:

cd /var/www/html/gitrepo
mkdir hitesh.git

Next, navigate to the user directory and initialize the Git repository using the following command:

cd hitesh.git
git --bare init

You will get the following output:

Initialized empty Git repository in /var/www/html/gitrepo/hitesh.git/

Next, update the Git server information with the following command:

git update-server-info

Next, change the ownership of gitrepo and set proper permission with the following command:

chown -R www-data:www-data /var/www/html/gitrepo
chmod -R 755 /var/www/html/gitrepo

Next, create a user called hitesh and set a password:

htpasswd -c /var/www/html/gitrepo/htpasswd hitesh

You can set the password as shown below:

New password: 
Re-type new password: 
Adding password for user hitesh

You can check your password using the following command:

cat /var/www/html/gitrepo/htpasswd

Sample output:

hitesh:$vcr2$AdyCEkaA$Fsq5nDbLhBDdafCQGBUsr2

Configure Nginx to Serve Git Repository

Next, create an Nginx virtual host configuration file to serve the Git repository over the internet.

nano /etc/nginx/conf.d/gitrepo.conf

Add the following configurations:

server {
        listen 80;

        root /var/www/html/gitrepo;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name git.example.com;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

location ~ (/.*) {
    client_max_body_size 0; 
    auth_basic "Git Login"; 
    auth_basic_user_file "/var/www/html/gitrepo/htpasswd";
    include /etc/nginx/fastcgi_params; 
    fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; 
    fastcgi_param GIT_HTTP_EXPORT_ALL "";
    fastcgi_param GIT_PROJECT_ROOT /var/www/html/gitrepo;
    fastcgi_param REMOTE_USER $remote_user;
    fastcgi_param PATH_INFO $1; 
    fastcgi_pass  unix:/var/run/fcgiwrap.socket;
}

}

Save and close the file when you are finished then verify the Nginx for any syntax error using the following command:

nginx -t

You will get the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Finally, restart the Nginx service to apply the changes:

systemctl restart nginx

You can also check the Nginx status using the following command:

systemctl status nginx

You will get the following output:

? nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2022-11-05 08:00:04 UTC; 2s ago
       Docs: man:nginx(8)
    Process: 144985 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 144986 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 144987 (nginx)
      Tasks: 2 (limit: 2341)
     Memory: 2.5M
        CPU: 42ms
     CGroup: /system.slice/nginx.service
             ??144987 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             ??144988 nginx: worker process

Nove 5 08:00:04 ubuntu2204 systemd[1]: Starting A high performance web server and a reverse proxy server...
Nove 5 08:00:04 ubuntu2204 systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invalid argument
Nove 5 08:00:04 ubuntu2204 systemd[1]: Started A high performance web server and a reverse proxy server.

Secure Git HTTP Server with Let's Encrypt

Before starting, you will need to install the Certbot client in your system to install and manage the Let's Encrypt SSL. You can install it using the following command:

apt-get install certbot python3-certbot-nginx -y

Once the Certbot client is installed, run the following command to download and install Let's Encrypt SSL for your website:

certbot --nginx -d git.example.com

Provide your email address and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for git.example.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/git.conf

Select, whether or not to redirect HTTP traffic to HTTPS:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit enter to start the process. Once the installation is completed, you should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/git.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://git.example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=git.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/git.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/git.example.com/privkey.pem
   Your cert will expire on 2023-02-06. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

At this point, your Git HTTP server is secured with Let's Encrypt SSL.

Connect to Git Repository From the Client

At this point, the Git HTTP server is set up with Nginx and Let's Encrypt SSL. Now, it's time to connect it from the client machine and test it.

First, install the Git package on the client machine using the following command:

apt-get install git -y

Next, create a directory for your project with the following command:

mkdir project

Next, navigate to your project directory and initialize the Git using the command below:

cd project
git init

Next, configure Git using your email and username:

git config --global user.email "[email protected]"
git config --global user.name "hitesh"

Next, add your Git HTTP server using the following command:

git remote add origin https://[email protected]/hitesh.git

Next, create a directory called data and add a file inside it:

mkdir data
echo "This is my first application" > data/app

Next, add your created directory and file to the Git repository:

git add .

Next, commit the changes with the following command:

git commit -a -m "Add files and directories"

You will get the following output:

[master (root-commit) 0299d83] Add files and directories
 1 file changed, 1 insertion(+)
 create mode 100644 data/app

Next, upload your file and directory to the HTTP Git server using the following command:

git push origin master

You will be asked to provide your password to access the Git server:

Password for 'https://[email protected]': 

Once you are connected, you will get the following output:

Counting objects: 4, done.
Writing objects: 100% (4/4), 281 bytes | 281.00 KiB/s, done.
Total 4 (delta 0), reused 0 (delta 0)
To https://git.example.com/hitesh.git
 * [new branch]      master -> master

You can also download your repository from the Git server directly using the following command:

git clone https://[email protected]/hitesh.git

You will get the following output:

Cloning into 'hitesh'...
Password for 'https://[email protected]': 
remote: Enumerating objects: 4, done.
remote: Counting objects: 100% (4/4), done.
remote: Total 4 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (4/4), done.

Conclusion

Congratulations! you have successfully set up an HTTP Git server with Nginx on Ubuntu 22.04. Using the command line, you can now use the Git HTTP server in your local development environment to manage and track your project.

Share this page:

0 Comment(s)