Running my own git server

Note: This article is predominantly based on work by Hiltjo Posthuma who you should read because I would have spent far too much time failing to set things up if it wasn’t for their post. Not only have they written lots of very interesting posts, they write some really brilliant programs

Since I started university 3 years ago, I started using lots of services from lots of different companies. The “cloud” trend led me to believe that I wanted other people to look after my data for me. I was wrong. Since finding myself loving the ethos of OpenBSD, I found myself wanting to apply this ethos to the services I use as well. Not only is it important to me because of the security benefits, but also because I like the minimalist style OpenBSD portrays. This is the first in a mini-series documenting my move from bloated, hosted, sometimes proprietary services to minimal, well-written, free, self-hosted services.

Tools & applications

These are the programs I am going to be using to get my git server up and running:

Setting up httpd

Ensure you have the necessary flags enabled in your /etc/rc.conf.local:

slowcgi_flags=
httpd_flags=

or by the preferred method:

# rcctl enable slowcgi
# rcctl enable httpd

Next, edit the config file for httpd, /etc/httpd.conf:

# vi /etc/httpd.conf

Then add the server block for the cgit:

server "git.example.com" {
    listen on $ext_ip port 80

    # serve the cgit static files directly
    location "/cgit.*" {
        root "/cgit"
        no fastcgi
    }
    # cgit CGI
    root "/cgi-bin/cgit.cgi"
    fastcgi socket "/run/slowcgi.sock"
}

httpd should now be configured to serve cgit once it has been configured

Configuring cgit

When using the OpenBSD httpd(8), it will serve it’s content in a chrooted environment,which defaults to the home directory of the user it runs as, which is www in this case. This means that the chroot is limited to the directory /var/www and it’s contents.

In order to configure cgit, there must be a cgitrc file available to cgit. This is found at the location stored in $CGIT_CONFIG, which defaults to /conf/cgitrc. Because of the chroot, this file is actually stored at /var/www/conf/cgitrc. Open the file for editing:

# vi /var/www/conf/cgitrc

The following is an example of what a cgitrc file can include. Check the documentation for further configuration settings:

footer=/conf/cgit.footer

# Enable caching of up to 1000 output entries
cache-size=1000

cache-root=/cgit/cache

# Generate URLs for cloning using macro expansion
# The config below allows us to have an http, git and ssh clone URL
clone-url=http://git.example.com/$CGIT_REPO_URL git@git.example.com/$CGIT_REPO_URL git://git.example.com/$CGIT_REPO_URL

# Specify the CSS URL
css=/cgit.css

# Show owner on the index page
enable-index-owner=1

# Allow HTTP clones
enable-http-clone=1

# Show extra links on the index page
enable-index-links=1

# Enable ASCII art commit history graph on the log pages
enable-commit-graph=1

# Show the number of affected files per commit on the log pages
enable-log-filecount=1

# Show the number of added/removed lines per commit on the log pages
enable-log-linecount=1

# Sort branches by date
branch-sort=age

# Add a cgit favicon
favicon=/favicon.ico

# Enable statistics per week, month and quarter
max-stats=quarter

# Set the title for the index page
root-title=My git repositories

# Set a subheading for the index page
root-desc=My personal repos

# Allow download of tar.gz, tar.bz2 and zip files
snapshots=tar.gz

## List of common mimetypes
mimetype.gif=image/gif
mimetype.html=text/html
mimetype.jpg=image/jpeg
mimetype.jpeg=image/jpeg
mimetype.pdf=application/pdf
mimetype.png=image/png
mimetype.svg=image/svg+xml

## Search for these files in the root of the default branch of the repositories
## for coming up with the about page
readme=:README
readme=:README.md

virtual-root=/

scan-path=/repos

Make sure the file ownership is as follows:

/var/www/cache/cgit     www:www
/var/www/repos          git:git (www should be in group git)

Add an empty footer to suppress warnings:

printf '' > /var/www/conf/cgit.footer

Restart the server and everything should be working:

# rcctl restart httpd
# rcctl restart slowcgi

Now you should have a fully working instance of cgit

Thanks to Roman Zolotarev for the ssg tool used to generate this site, division by zero for some of the specific OpenBSD configuration for cgit and Jason Donenfeld for cgit