{"id":22728497,"url":"https://github.com/6arms1leg/git-ssh-docker","last_synced_at":"2026-03-06T18:10:46.342Z","repository":{"id":253685468,"uuid":"359171771","full_name":"6arms1leg/git-ssh-docker","owner":"6arms1leg","description":"A simple Git-over-SSH server Docker image with UID/GID handling, based on Alpine Linux","archived":false,"fork":false,"pushed_at":"2022-02-02T23:20:51.000Z","size":369,"stargazers_count":5,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-13T21:51:37.587Z","etag":null,"topics":["docker","docker-compose","git","ssh"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/6arms1leg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-18T14:51:18.000Z","updated_at":"2025-03-21T13:43:45.000Z","dependencies_parsed_at":"2024-08-18T19:42:05.771Z","dependency_job_id":"082dd082-6861-49f9-8ae8-7b3dcc931ccd","html_url":"https://github.com/6arms1leg/git-ssh-docker","commit_stats":null,"previous_names":["6arms1leg/git-ssh-docker"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/6arms1leg/git-ssh-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6arms1leg%2Fgit-ssh-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6arms1leg%2Fgit-ssh-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6arms1leg%2Fgit-ssh-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6arms1leg%2Fgit-ssh-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/6arms1leg","download_url":"https://codeload.github.com/6arms1leg/git-ssh-docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/6arms1leg%2Fgit-ssh-docker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30189623,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-06T17:33:53.563Z","status":"ssl_error","status_checked_at":"2026-03-06T17:33:51.678Z","response_time":250,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-compose","git","ssh"],"created_at":"2024-12-10T17:16:21.636Z","updated_at":"2026-03-06T18:10:46.318Z","avatar_url":"https://github.com/6arms1leg.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Git-SSH (Docker)\n\nA simple Git-over-SSH server Docker image with UID/GID handling, based on\nAlpine Linux.\n\n*The [Quickstart section](#quickstart) shows the fastest way to set everything\nup without providing further details.*\n\nClients (users) can interact with the server using Git after adding their\npublic SSH key to the Git-SSH server for authentication.\nWithin the Docker container all Git repositries are managed by a single `git`\nuser, whos UID/GID is specified at container start.\nNormal (interactive shell) SSH access to the Docker host machine that runs the\ncontainer is needed to add a new user/client (add an SSH public key) and create\nor delete Git reposities.  \nThe UML deployment diagram in the figure below gives an overview.\n\n![UML deployment diagram](./uml-dd-deployment-overview.png \"UML deployment diagram\")\n \n\u003e Used terminology in this documentation:\n\u003e * Client - Client machine that connects to the host\n\u003e * Host - Host machine that runs the Docker container\n\n\u003e Used variables in this documentation:\n\u003e * `GITSSH_BASE_PATH` - Path to the directory that contains this project’s\n\u003e   files (especially `Dockerfile` + other build-related files and\n\u003e   `docker-compose.yml`)\n\u003e * `GITSSH_GID` - GID assigned to the `git` user within the Docker container,\n\u003e   e.g. `1000`.\n\u003e   The access permissions of the Docker volumes content will be set to this\n\u003e   GID.\n\u003e * `GITSSH_UID` - UID assigned to the `git` user within the Docker container,\n\u003e   e.g. `1000`.\n\u003e   The acces spermissions of the Docker volumes content will be set to this\n\u003e   UID.\n\u003e * `GITSSH_PORT` - Network port used for the Git SSH connection, e.g. `2222`\n\u003e * `REPO_NAME` - Name of the Git repository\n\u003e * `SERVER` - Network address (IP/domain name) of the host\n\u003e * `USER` - SSH user used to login to the host\n\u003e * `VERSION` - Version of this project, e.g. `1.0.0`.\n\u003e   Adheres to [Semantic Versioning](https://semver.org).\n\n## Quickstart\n\n**How to** set everything up the fastest way possible:\n\nStep 1 (on the host):\n\n```sh\n$ cd ${GITSSH_BASE_PATH}\n$ make build\n$ make prepare-deploy\n```\n\n... and adjust `docker-compose.yml`.\n\nStep 2 (on the client):\n\n```sh\n$ ssh-keygen -t ed25519\n$ scp ~/.ssh/id_ed25519.pub ${USER}@${SERVER}:${GITSSH_BASE_PATH}/git-ssh/keys/\n```\n\nStep 3 (on the host):\n\n```sh\n$ make deploy\n```\n\n## Applicability\n\nThe main use case for this project is to provide a very simple but secure^1\nsolution to host Git repositories on a network (e.g., LAN/WAN/internet), using\nSSH key authentication.\n\n^1: \"Secure\" here only means access restiction and encryption using SSH key\nauthentication.\n\n## Requirements\n\nFor basic usage (mandatory):\n* Docker\n\nFor easy handling (recommended):\n* Docker Compose\n* Make\n\n## Makefile\n\nMost of the instructions in this documentation can also be run with the\nprovided `Makefile` (which uses Docker Compose).\nRun `cd ${GITSSH_BASE_PATH} \u0026\u0026 make help` to see the list of available targets.\n\n\u003e The Makefile uses Docker Compose, see the prerequisite in \"How to run the\n\u003e container with Docker Compose (on the host)\" in the [Run section](#run).\n\n## Build\n\n**How to** build the Docker image (on the host):\n\n```sh\n$ cd ${GITSSH_BASE_PATH}\n$ sudo docker build -t git-ssh:${VERSION} .\n$ sudo docker image tag git-ssh:${VERSION} git-ssh:latest\n```\n\n## Arguments\n\n* Exposed port: `22`\n* Volumes:\n    * `/git/keys-host`: Volume to store the SSHD host keys\n    * `/git/keys`: Volume to store the users’ public keys\n    * `/git/repos`: Volume to store the Git repositories\n* Environment variables:\n    * `PUID`: UID that is assigned to the `git` user inside the Docker container\n    * `PGID`: GID that is assigned to the `git` user inside the Docker container\n\n## Run\n\n**How to** run the Docker container (on the host):\n\n```sh\n$ cd ${GITSSH_BASE_PATH}\n$ mkdir -p ./git-ssh/keys-host/ ./git-ssh/keys/ ./git-ssh/repos/\n$ sudo docker run \\\n  -d \\\n  -p ${GITSSH_PORT}:22 \\\n  -v ${GITSSH_BASE_PATH}/git-ssh/keys-host/:/git/keys-host/ \\\n  -v ${GITSSH_BASE_PATH}/git-ssh/keys/:/git/keys/ \\\n  -v ${GITSSH_BASE_PATH}/git-ssh/repos/:/git/repos/ \\\n  -e PUID=${GITSSH_UID} \\\n  -e PGID=${GITSSH_GID} \\\n  --name=\"git-ssh\" \\\n  git-ssh:latest\n```\n\n**How to** run the container with Docker Compose (on the host):\n\nPrerequisite:\nCopy `docker-compose.yml.template` to `docker-compose.yml` and adjust it.\n\n\u003e Instead of modifying `docker-compose.yml` after copying it, one can create an\n\u003e `.env` file that provides the necessary variables:\n\u003e\n\u003e ```sh\n\u003e GITSSH_PORT=\n\u003e GITSSH_BASE_PATH=\n\u003e GITSSH_UID=\n\u003e GITSSH_GID=\n\u003e ```\n\n```sh\n$ cd ${GITSSH_BASE_PATH}\n$ mkdir -p ./git-ssh/keys-host/ ./git-ssh/keys/ ./git-ssh/repos/\n$ sudo docker-compose up -d\n```\n\n## SSH keys\n\n\u003e Based on [this reference](https://www.ssh.com/ssh/keygen/).\n\n**How to** generate an SSH private/public key pair (on the client):\n\n\u003e This generates stronger keys than the default, RSA.\n\n```sh\n$ ssh-keygen -t ecdsa -b 521\n```\n\n\u003e Or if supported by the client:\n\u003e `ssh-keygen -t ed25519`\n\n**How to** add a client’s SSH public key to the Git-SSH server:\n\nUpload the key to the host’s volume mount point (on the client):\n\n```sh\n$ scp ~/.ssh/id_ecdsa.pub ${USER}@${SERVER}:${GITSSH_BASE_PATH}/git-ssh/keys/\n```\n\nRestart the Docker container (on the host):\n\n```sh\n$ sudo docker restart git-ssh\n```\n\n\u003e Or with Docker Compose:\n\u003e `sudo docker-compose down -t 1 \u0026\u0026 sudo docker-compose up -d`\n\n## Basic usage\n\n**How to**\n* check that the Docker container works and\n* list all repositories\n(on the client):\n\n\u003e The client’s SSH public key must have been uploaded to the host already.\n\n```sh\n$ ssh -p ${GITSSH_PORT} git@${SERVER}\n\n~~~ Welcome to Git-SSH server! ~~~\n[...]\nYou have successfully authenticated but\ninteractive shell access is not provided.\n[...]\n```\n\n**How to** create a new (bare) repository (on the host):\n\n```sh\n$ sudo docker exec -u git git-ssh git init --bare ./repos/${REPO_NAME}.git\n```\n\n\u003e Or with Docker Compose:\n\u003e `sudo docker-compose exec -u git git-ssh git init --bare ./repos/${REPO_NAME}.git`\n\n**How to** clone a repository (on the client):\n\n```sh\n$ git clone ssh://git@${SERVER}:${GITSSH_PORT}/git/repos/${REPO_NAME}.git\n```\n\n**How to** push a (non-bare) repository that (yet) only exists locally (on the\nclient):\n\nPrerequisite: Create a new (bare) repository (on the host).\n\n\u003e See \"How to create a new (bare) repository (on the host)\".\n\n```sh\n$ git remote add origin \\\n  ssh://git@${SERVER}:${GITSSH_PORT}/git/repos/${REPO_NAME}.git\n$ git push -u origin master\n```\n\n\u003e Replace `git remote add [...]` with `git remote set-url [...]` if `origin`\n\u003e already exists.\n\n\u003e Repeat the `git push [...]` command for all tracking branches ...\n\n**How to** upload an existing bare repository (on the client):\n\n```sh\n$ scp -r /path/to/${REPO_NAME}.git \\\n  ${USER}@${SERVER}:${GITSSH_BASE_PATH}/git-ssh/repos/\n```\n\n\u003e Make sure that uploaded bare repositories have the correct access permissions\n\u003e set (see \"How to fix Git repository access permission issues (on the host)\"\n\u003e in the [Troubleshooting section](#troubleschooting)).\n\n## Troubleshooting\n\n**How to** fix Git repository access permission issues (on the host):\n\n```sh\n$ sudo docker exec git-ssh sh ./fix-repos.sh\n```\n\n\u003e Or with Docker Compose:\n\u003e `sudo docker-compose exec git-ssh sh ./fix-repos.sh`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F6arms1leg%2Fgit-ssh-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F6arms1leg%2Fgit-ssh-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F6arms1leg%2Fgit-ssh-docker/lists"}