First, update your package list and install Git:
sudo apt update
sudo apt install git -y
For security purposes, it's best to create a dedicated git user:
sudo adduser git
# Switch to git user
su - git
# Create .ssh directory and set permissions
mkdir ~/.ssh
chmod 700 ~/.ssh
# Create authorized_keys file
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
Have users send you their public SSH keys (usually id_rsa.pub) and add them to the authorized_keys file on the server.
# As git user
cd ~
mkdir project.git
cd project.git
git init --bare
Users can now clone the repository:
git clone git@your-server-ip:/home/git/project.git
For additional security, restrict the git user to only Git operations:
# Edit /etc/passwd
sudo nano /etc/passwd
Find the line for the git user and change the shell from /bin/bash to /usr/bin/git-shell:
git:x:1001:1001:,,,:/home/git:/usr/bin/git-shell
sudo apt install gitweb -y
Configure GitWeb by editing /etc/gitweb.conf:
$projectroot = "/home/git";
$git_temp = "/tmp";
Restart Apache to apply changes:
sudo systemctl restart apache2
sudo apt install git-daemon-run -y
Edit /etc/sv/git-daemon/run:
#!/bin/sh
exec 2>&1
echo 'git-daemon starting.'
exec chpst -ugitdaemon \
"$(git --exec-path)"/git-daemon --verbose --reuseaddr \
--base-path=/home/git /home/git
Enable and start the service:
sudo ln -s /etc/sv/git-daemon /etc/service/git-daemon
sudo apt install gitolite3 -y
Set up Gitolite:
sudo su - git
gl-setup /tmp/admin.pub # Use admin's public key
Allow SSH traffic (port 22) and optionally GitWeb (port 80):
sudo ufw allow 22
sudo ufw allow 80
sudo ufw enable
git init --bare in the git user's home directory/home/git/.ssh/authorized_keyssudo apt update && sudo apt upgrade gitThis setup provides a secure, functional Git server on Ubuntu that can be accessed via SSH. For larger teams or more complex requirements, consider GitLab or Gitea for a more feature-rich solution.