From 1e2ac9d1992335e672df8a27b71faa1cef3ce564 Mon Sep 17 00:00:00 2001
From: Kévin Le Gouguec <kevin.legouguec@gmail.com>
Date: Wed, 4 Aug 2021 21:40:19 +0200
Subject: Note down setup for Git services on VPS

Slightly redundant with guides/cloud/git.org; trying to simplify
things (e.g. let --shared=group handle the setgid shenanigans).
---
 guides/cloud/vps.org | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'guides/cloud')

diff --git a/guides/cloud/vps.org b/guides/cloud/vps.org
index f097ee8..1224a17 100644
--- a/guides/cloud/vps.org
+++ b/guides/cloud/vps.org
@@ -43,7 +43,8 @@ So instead, I'll
 sudo hostnamectl set-hostname $fqdn
 #+end_src
 
-* Web server
+* Services
+** Web server
 Run ~sudo apt install nginx~; then, in
 =/etc/nginx/sites-available/$FQDN=:
 #+begin_src conf
@@ -65,7 +66,7 @@ server {
 Use one =access_log= file per site, to simplify analytics.
 
 Run ~sudo systemctl restart nginx~.
-** fail2ban
+*** fail2ban
 With the following files in =$HOME=:
 #+begin_src conf
 # nginx-botsearch.local
@@ -99,3 +100,16 @@ sudo systemctl restart fail2ban
 Check how these rules fare against real bot searches with
 ~fail2ban-regex /var/log/nginx/access.log
 /etc/fail2ban/filter.d/nginx-botsearch.local~.
+** Git server
+*** SSH access
+#+begin_src sh
+$ sudo apt install git
+$ sudo tee -a /etc/shells <<< $(which git-shell)
+$ sudo adduser git --disabled-password --shell $(which git-shell)
+$ sudo mkdir /srv/git
+$ sudo chown git:git /srv/git
+# For every new repo:
+$ sudo -u git git init --bare --shared=group /srv/git/${repo}
+#+end_src
+
+*** TODO Web mirror
-- 
cgit v1.2.3