# HOWTO: GIT hosting = nginx + cgit + gitosis + ssh



## graudeejs (Nov 7, 2010)

It's a long time since I've wrote anything useful here.
Today I will uncover how to make public git hosting with www/nginx, devel/cgit, devel/py-gitosis.

It took me quite some time to figure out nginx rules for cgit 

Step 1: install software
`# portmaster www/nginx devel/cgit devel/git devel/py-gitosis www/fcgiwrap`
We need www/fcgiwrap because nginx doesn't support cgi, but it does support fastcgi

Step 2: configure gitosis
HINT: by default gitosis will use /usr/local/git/ directory. If you want to change that:
`# pw usermod git -h /srv/git`
I will use /srv/git/ to store gitosis data.

Since we'll need ssh key let's generate one
`# ssh-keygen`
and save it to ssh-key (private) and ssh-key.pub (public)
Make sure you can copy keys securely. You will need pub key on server, and private key on your desktop pc (or whatever you use)

Now become git user and initialize gitosis (git's home must be writeable by git)

```
# su -l git -c tcsh
$ gitosis-init < /path/to/id_rsa.pub
$ chmod 750 /src/git/repositories/gitosis-admin.git/hooks/post-update
$ exit
```

Step 2: Configure /etc/rc.conf
This part is trivial

```
fcgiwrap_enable="YES"
fcgiwrap_user="www"
nginx_enable="YES"
sshd_enable="YES"
```

Don't forget to configure your ssh to 
use public/private key authorization

Step 3: Configure nginx
to your /usr/local/etc/nginx/nginx.conf add host config

```
server {
                listen          80;
                server_name     git.example.lv;
                access_log  /var/log/git.example.access.log;
                root   /usr/local/www/cgit;

                if (!-f $request_filename) {
                        rewrite ^/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=$1&$2 last;
                }

                location ~ .*\.cgi$ {
                        fastcgi_pass    unix:/var/run/fcgiwrap/fcgiwrap.sock;
                        fastcgi_param   SCRIPT_FILENAME $document_root/cgit.cgi;
                        fastcgi_param   CGIT_CONFIG             /srv/www/example.lv/git/config.cgit.rc;
                        include                 fastcgi_params;
                }
        }
```
This is by far best, that I managed to make

here /srv/www/example.lv/git/config.cgit.rc is path to cgit configuration file. Currently I haven't managed to configure nginx to make this parameter variable depending on URL. That's why I use http://aldis.git.bsdroot.lv instead of http://git.bsdroot.lv/aldis
If I want multiple users that has it own "directory" in git, I need to add another subdomain name, like http://killasmurf86.git.bsdroot.lv

_TODO: test gitweb, perhaps it's better. I haven't used it yet_

P.S.
This is just part of nginx.conf.... rest, is up to you... this is what you need to get cgit work in nginx 

Step 4: Configure cgit
cgitrc configuration is described here:
http://hjemli.net/git/cgit/tree/cgitrc.5.txt
I'll give you example config:

```
# usr/local/share/doc/cgit/cgitrc.5.txt
#virtual-root=/aldis
virtual-root=/
enable-index-links=1
#enable-log-filecount=1
#enable-log-linecount=1
snapshots=tar.gz tar.bz2
root-title=Public git repositories of Aldis Berjoza
root-desc=
local-time=1
#max-stats=year

#scan-path=/srv/git/repositories/aldis/

section=Assembler

repo.url=asm4BSD
repo.path=/srv/git/repositories/aldis/asm4BSD.git
repo.desc=asm stuff for FreeBSD, OpenBSD, NetBSD and DragonflyBSD
repo.owner=aldis@bsdroot.lv
#repo.readme=README
repo.clone-url=http://aldis.git.bsdroot.lv/asm4BSD/

repo.url=tractor
repo.path=/srv/git/repositories/aldis/tractor.git
repo.desc=Assembler source code of my unfinished sumo robot 'tractor'. Source for Atmega-8 chip
#repo.owner=aldis@bsdroot.lv
#repo.readme=README
repo.clone-url=http://aldis.git.bsdroot.lv/tractor/
```
This is part of my cgit config on my server....
You should place this file wherever you set *CGIT_CONFIG* environment variable to point to. In case if this example it should be /srv/www/example.lv/git/config.cgit.rc


The problem here is that if you make new git repository, you need to configure this cgit config in order for new repo to be visible to public (I will test gitweb... it it changes things, I will post alternative config)

Step 5: make new repos, manage users etc....
Now since you're admin of your git repos... you need to clone gitosis-admin.git repository

```
desktop $ git clone git@git.example.com:gitosis-admin.git
```
now in this repository you see:
gitosis.conf, where you configure gitosis and keydir/ - directory where you add public ssh keys
more info at http://wiki.dreamhost.com/Gitosis

What if ssh is running different port?
Git has problem... you can't specify port from which to clone using ssh, however...
you can edit ~/.ssh/config and set port there
for example

```
Host git.example.com
    [red]port 12345[/red]
    IdentityFile ~/.ssh/git.key
    Compression yes
```
Now you can pull, push, clone with ssh using ssh port 12345 

NOTE: make sure /srv/git/repositories/* are www group readable (with gitosis-admin.git execption

References
http://wiki.dreamhost.com/Gitosis
http://hjemli.net/git/cgit/tree/cgitrc.5.txt

P.S.
This is very short description on how to setup git hosting
I didn't go into details of managing repositories, you'll have to figure that out yourself (that's so easy, that I just don't want to waste time, writing)
Read references, they will help 



[red]Update[/red]
added clarification where to place cgit.rc


----------



## graudeejs (Nov 7, 2010)

reserverd


----------



## Belial (Jul 14, 2017)

I recently used this HOWTO to install a similar setup, but using devel/gitolite 3.6.7 instead of gitosis.

I had to make the following changes to make www/fcgiwrap and www/nginx play nice together.

/etc/rc.conf

```
nginx_enable="YES"
fcgiwrap_enable="YES"
fcgiwrap_user="www"
fcgiwrap_socket_owner="www"
```

and in /usr/local/etc/nginx/nginx.conf

```
user  www;
```


----------



## debguy (Jun 26, 2018)

is ngix payware?  it appears to be.

i don't see the point here.  many have set up git servers without using pay ware.  and payware has zero to do with setting up git server or client.

it appears to be an advertisement for ngix ?


----------



## drhowarddrfine (Jun 26, 2018)

debguy. That's www/nginx


----------

