{"id":15677758,"url":"https://github.com/leonklingele/git-simpleserver","last_synced_at":"2025-05-07T01:25:06.129Z","repository":{"id":85253912,"uuid":"81508129","full_name":"leonklingele/git-simpleserver","owner":"leonklingele","description":"Manage your own Git server from the command line","archived":false,"fork":false,"pushed_at":"2018-05-18T15:18:46.000Z","size":67,"stargazers_count":14,"open_issues_count":0,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-31T05:02:19.637Z","etag":null,"topics":["git-server","lightweight","secure-by-default","self-hosted","simple","ssh"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leonklingele.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-02-10T00:15:24.000Z","updated_at":"2024-11-11T11:31:45.000Z","dependencies_parsed_at":"2023-03-13T20:04:16.820Z","dependency_job_id":null,"html_url":"https://github.com/leonklingele/git-simpleserver","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonklingele%2Fgit-simpleserver","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonklingele%2Fgit-simpleserver/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonklingele%2Fgit-simpleserver/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonklingele%2Fgit-simpleserver/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leonklingele","download_url":"https://codeload.github.com/leonklingele/git-simpleserver/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252794694,"owners_count":21805232,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["git-server","lightweight","secure-by-default","self-hosted","simple","ssh"],"created_at":"2024-10-03T16:11:17.635Z","updated_at":"2025-05-07T01:25:06.111Z","avatar_url":"https://github.com/leonklingele.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Git Simple Server — Securely manage your own Git server\n\n[![Build Status](https://travis-ci.org/leonklingele/git-simpleserver.svg?branch=master)](https://travis-ci.org/leonklingele/git-simpleserver)\n\nGit Simple Server (abbreviated \"git ss\") makes it easy to manage your Git repos on your own server from the command line. It's super lightweight, secure and only requires a shell, `git` and `ssh`.\nIt has an integrated user management, making it simple to manage read and write permissions on a per-user, per-repo basis.\n\n![demo](https://www.leonklingele.de/git-simpleserver/demo.gif?20170213)\n\n### Create a new repo on your server..\n\n```sh\n$ git ss repo create server-config-nginx\nRepo 'server-config-nginx' was created successfully. Track it as remote 'origin' via:\n $ git remote add origin git@leonklingele.de:leon/server-config-nginx\n $ git remote set-url origin git@leonklingele.de:leon/server-config-nginx\n```\n\n### ..and optionally grant other users access to it\n\n```sh\n$ git ss repo access server-config-nginx -rw alice\n$ git ss repo access server-config-nginx -r bob\n\n# Oops, \"alice\" only needs read access, but \"bob\" should no longer have access at all\n$ git ss repo access server-config-nginx -r alice\n$ git ss repo access server-config-nginx -rm bob\n```\n\n### List repos\n\n#### List your own repos\n\n```sh\n$ git ss repo list\nserver-config-nginx\nmy-secrets\nthis-one-awesome-project\n```\n\n#### List all users who can access a certain repo\n\n```sh\n$ git ss repo info server-config-nginx\nUsers with read access:\n  leon\n  alice\nUsers with write access:\n  leon\n```\n\n### Create / modify users (admin only)\n\n#### List all users (admin only)\n\n```sh\n$ git ss user list\nalice\nbob\nleon\n```\n\n#### Create a new user (admin only)\n\n```sh\n$ git ss user create charlie\nPlease paste the SSH public key for user 'charlie'. Confirm by pressing the 'Enter' key.\n\u003e ssh-rsa ..\nUser 'charlie' was created successfully\n```\n\n#### Delete a user (admin only)\n\n```sh\n$ git ss user delete charlie\nDo you really want to delete user 'charlie'? Please answer with YES or NO\n\u003e YES\nUser 'charlie' was deleted successfully\n```\n\n#### List all repos a user has access to (admin only)\n\n```sh\n$ git ss user info leon\nUser 'leon' has read access to:\n  leon/server-config-nginx\n  leon/my-secrets\n  leon/this-one-awesome-project\n  alice/golang-is-awesome-notes\n  alice/homework\nUser 'leon' has write access to:\n  leon/server-config-nginx\n  leon/my-secrets\n  leon/this-one-awesome-project\n```\n\n# Installation\n\nFirst, install the dependencies (most likely you already have them):\n\n```sh\napt-get install --no-install-recommends git sudo ssh sed grep make\n```\n\nThis app consists of a server and a client part.\nOn your server, run:\n\n```sh\n$ $EDITOR /etc/ssh/sshd_config\n# Set `PermitUserEnvironment yes`\n# Add these lines to the very end of the file (important):\nMatch User git\n\tPasswordAuthentication no\n\tPubkeyAuthentication yes\n\tAcceptEnv GIT_SS_REMOTE_VERSION\n\tAllowAgentForwarding no\n\tAllowTcpForwarding no\n\tBanner none\n\tPermitTTY no\n\tX11Forwarding no\n# Nothing else should be below the \"Match User git\" block\n$ /etc/init.d/ssh reload\n$ cd /usr/local/etc # other users must have read (no write!) access to that folder!\n$ git clone https://github.com/leonklingele/git-simpleserver\n$ cd git-simpleserver/server\n# Choose a username you want to store your repos under, e.g. leon\n$ GIT_USER=\"your-user\" make install\n# There's one last step:\n$ $EDITOR /home/git/.ssh/authorized_keys\n# Set \"your-ssh-public-key\" to your ssh public key, e.g. ssh-rsa AAAAB3N.. you@your-machine\n# Full line example: environment=\"GIT_USER=leon\",environment=\"GIT_ADMIN=true\" ssh-rsa AAAAB3N.. you@your-machine\n# Save. Enjoy. Now install the client.\n```\n\nOn your client, run:\n\n```sh\n$ git clone https://github.com/leonklingele/git-simpleserver\n$ cd git-simpleserver/client\n$ make install\n$ $EDITOR $HOME/.git-simpleserver/config.yaml\n# Set 'ssh_server' to point to your server\n# Don't modify 'ssh_user'\n```\n\n# Code review: How to manage pull requests\n\nLooking for a way to manage pull requests for your repositories? git-simpleserver loves [git-appraise](https://github.com/google/git-appraise). It's awesome!\n\n# How it works\n\nNormally when logging in into a remote server via `ssh`, you'll get an interactive shell (most likely a `bash`). That's where you type in your fancy commands. Linux lets you define a custom shell to use (see `man chsh`). Instead of `bash`, you can for example define any script (`bash`, `sh`, `python`, ..) as your shell. Upon successful login, this script is executed and can control which commands you are allowed to run and which not.\nIf `git-simpleserver` is set up on your server and you successfully authenticated as user `git` using your ssh key, a [special shell](./server/shell) is launched. This shell only allows you to run a small number of commands, dedicated to managing your Git repos and Git users.\nNow you're logged in as user `git`, but how does `git-simpleserver`'s user management work then? Well, that's another cool feature of OpenSSH: For each public key in `authorized_keys` you can define custom env vars which get set when this public key is used to log in. `git-simpleserver` connects a `GIT_USER` environment variable to each public key. Think of `GIT_USER` as a virtual user name, similar, but still different to the ssh user (`git`). Using `GIT_USER` we know who has logged in and can restrict read and write permissions.\nNo one can access your repos, unless you explicitly granted permissions to that person via `git ss user add` or the `.ssh/authorized_keys` file.\n\n# Contact\n\nWant to share something confidentially? Use my Git email address and this PGP key:\n```pgp\nPGP Key ID: 31EEC211 / 0x0C8AF48831EEC211\nPGP Key fingerprint: B231 B273 70B7 A050 1CBD  992B 0C8A F488 31EE C211\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleonklingele%2Fgit-simpleserver","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleonklingele%2Fgit-simpleserver","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleonklingele%2Fgit-simpleserver/lists"}