Nick Charlton

Configuring Gitosis on Debian

Gitosis is a tool for easing the hosting of Git repositories. For pushing to remote [servers], Git uses SSH. Which is great. But, what if you don’t want those users to have shell accounts, and you want to be able to control who has access to repositories? Well, that’s what Gitosis does.

Gitosis is in Debian’s package manager, but I wasn’t too keen on the Debian provided configuration, so here’s a few steps to sanitise it:

First, install it. You’ll obviously need the dependencies.

$ sudo apt-get install gitosis

Next, we’ll change a few settings. You might find the documentation useful for this, you’ll find that under: /usr/share/doc/gitosis.

Gitosis stores is config in a Git repository. This also means that it doesn’t have a configuration until you initialise it. Now, I’d rather use git as the user rather than gitosis. So first, create a new user:

$ sudo adduser \
    --system \
    --shell /bin/sh \
    --gecos 'Git' \
    --group \
    --disabled-password \
    --home /home/git \
    git

You can also remove the gitosis user: sudo userdel gitosis.

Next, you’ll need your public key somewhere. Then, setup the admin repository:

$ sudo -H -u git gitosis-init < <path to your public key>

Now, on your local machine, you can pull down the newly initialised Gitosis admin repository.

$ git clone git@server:gitosis-admin.git

The gitosis-admin directory contains the main config file (gitosis.conf) and the public keys of all of the users able to access repositories.

A few notes:

You’ll find Pro Git probably gives you a better explanation of some of the other features. But you should (after this) be able to setup Gitosis on Debian quite nicely.