This is a quick howto guide on setting up a very minimal git repo for sharing code inside i2p using any modern linux distro. (What is git?)
Please note this is not a general git tutorial, you will need to know a little git.
Simple setup
Git proxy settings are easy, it's deep in the man pages but usually there's no need to set them it seems daunting.
For all this you'll need ssh, git, connect-proxy and i2pd (see here for i2pd)
For ubuntu xenial (root needed)
1 2 3 | |
Client side
(The following should be run as your regular user)
Create a shell script for proxying over i2p, 127.0.0.1:4447 is i2pd's socks proxy, it's enabled by default.
1 2 | |
Set your proxy settings to use that script for i2p
1 | |
Cloning a repo
Try cloning a repo from git.repo.i2p (this uses pull.git.repo.i2p)
1 | |
If all is well then you'll have a directory sha3 with that git repo in it.
If you just want to clone repos you're done (yey) however, if you want to set up a full git setup complete with daemon continue reading.
The Full Setup
Git is fully decentralized, anyone can host their own git repos and share them with others. Setting up a git daemon for the first time can feel daunting but don't worry, I'll go through every step.
SSH Keys
Generate an ssh keypair on your development machine, this will be used for pushing to your repository securely...
1 | |
This creates 2 files, the private key (~/.ssh/id_ed25519) and the public key (~/.ssh/id_ed25519.pub).
NEVER SHARE YOUR PRIVATE KEY.
Setting up the git daemon
(The following will require root)
We'll a user just for serving the git repo...
1 | |
Set up .ssh directory with correct permissions:
mkdir -p /srv/githome/.ssh
chown gitserv:gitserv /srv/githome/.ssh
chmod 700 /srv/githome/.ssh/
Now append your ssh public key (id_ed25519.pub) to /srv/githome/.ssh/authorized_keys, This will allow you to login with your ssh keys you just generated.
Set up the git directory ...
1 | |
Make sure permissions are okay ...
1 2 | |
Start the git daemon ...
1 | |
So what does that git daemon command do? Let's break it down...
-
--base-path=/srv/githome/gitIf you run git daemon with--base-path=/srv/githome/gitonexample.com, then if you later try to pullgit://example.com/hello.git, git daemon will interpret the path as/srv/githome/git/hello.git. -
--detachDetach from the shell and log to syslog. -
--export-allAllow pulling from all directories that look like Git repositories even if they are not explicitly exported using thegit-daemon-export-okfile -
--user=gitservrun asgitservuser. -
--reuseaddrAllows the server to restart without waiting for old connections to time out. -
/srv/githome/gitThe directory to serve in.
For autostarting git-daemon on boot, you can add that command to /etc/rc.local
Setting up i2pd
Add 2 entries to /etc/i2pd/tunnels.conf ...
[git-daemon]
type=server
host=127.0.0.1
port=9418
keys=server-privkey.dat
[ssh-daemon]
type=server
host=127.0.0.1
port=22
keys=server-privkey.dat
... and restart/reload i2pd
At the moment the easiest way i2p tunnel addresses can be found in the i2pd webui, the above config entries will share the same destination. In this example we'll just say that the address is address.b32.i2p, in reality it will be a lot longer.
Repositories
(the following should be run as your regular user)
To push an initial git repo you'll need to ammend ~/.ssh/config to use ~/i2p-socks-proxy to connect.
Put the following in ~/.ssh/config ...
Host address.b32.i2p
User gitserv
IdentityFile ~/.ssh/id_ed25519
ProxyCommand ~/i2p-socks-proxy address.b32.i2p 22
Make a test git repo, add a file to it and commit the initial git revision:
1 2 3 4 5 | |
Add a git remote repo and push to it
1 2 | |
It will (probably) take a few moments for it to connect so be patient.
Others can reach that repo by cloning it ...
1 | |
... or by adding you as a remote repo.
1 2 | |
Follow Ups
If you spot an error in these instructions let me know on twitter or via email