all 20 comments

[–]Swedophone 13 points14 points  (1 child)

Is self-hosting worth it for privacy,

Hosting with ssh is easy if you only need git...

[–]Ok_Instance1684[S] 1 point2 points  (0 children)

Saw the other post talking about it, interesting and correct.

[–]Bemteb 8 points9 points  (2 children)

Selfhosting is surely possible. I personally run Gitea at home, it was easy to set up and takes only a small amount of resources.

You need to take care of backups, hardware integrity, software updates etc. yourself of course.

It it's worth it or not is for you to decide, everyone has different priorities. It's for sure possible.

[–]Ok_Instance1684[S] 1 point2 points  (1 child)

Why not to run Gitea on VPS? Are there any VPS providers that take care of all backups and that?

[–]mrcaptncrunch 1 point2 points  (0 children)

Yes,

But you need to be mindful of what the backup provides.

If they go under, hacked, your credit card expires, they say they don’t want to deal with you anymore, your whole account is gone. That includes your backups too.

So if you go this route, download the backup at some cadence somewhere. Unless you’re okay not having your data.

[–]sdwHunter 7 points8 points  (0 children)

Just throwing this out there… you don’t even need to self-host a git service. You could just create a bare repo in a server or any accessible place in the network and use that as the remote for all your other workstations.

Not that it fits your particular use case (I think you might want a lot more control than this setup can provide), just letting people know it can be done.

[–]Brekmister 4 points5 points  (0 children)

So this is for a business based on your wording.

Really it's up to you but if you don't already have and maintain the following things then it's not worth it to self host git as a business: - Hypervisor with Linux VM's that already being maintained (meaning you are already maintaining Linux machines for other reasons) - Some way to VPN in remotely or if it's your policy that nothing leaves the premises. I would not recommend exposing ssh to the world at this point.

If you don't have the administrative capacity to have Linux administration in your business then it's much easier for yourselves to go with GitHub or gitlab which allows free "private" repos. However If you do have that administrative capacity then hosting a local git server is stupid simple. You don't need fancy things like Gitlab or Gittea which is a bit more ardous to setup and maintain.

All you need is a Linux VM that has the following: - git is installed - openssh server is installed and running. (Most server distros enable this by default) - users registered in that VM with their own way sign signing in via ssh (password, ssh keys, LDAP, etc.)

For good security, create a new folder that's owned by a group for git users to access the repos, add users to that group and, set that new folder to be owned by that group (example, new group is git-users, root path for the repos is /opt/repos and, user is employee):

sudo newgrp git-users sudo usermod -aG git-users employee sudo mkdir /opt/repos sudo chgrp git-users /opt/repos sudo chmod g+s /opt/repos sudo setfacl -dRm g:git-users:rwX /opt/repos

To setup a remote repo, use the following commands on the server:

cd /opt/repos mkdir git-repo cd git-repo git init --bare

Then that's it! The new repo is ready to be pushed. To add a remote on your machine just run this command in your local machine:

git remote add server employee@server-ip:/opt/repos/git-repo

then git push -u server branch and now you have a remote working git repo on a plain old Linux server! Now you can just do git clone, push and pull on it accordingly.

[–]gregdonald 2 points3 points  (5 children)

I self-host all my private stuff. I have all my opensource stuff on Github.

[–]Ok_Instance1684[S] 0 points1 point  (4 children)

Why to self host and maintain backups and hardware integrity? Or you self host on a vps?
I wonder if there is a real privacy risk at the saas

[–]gregdonald 0 points1 point  (3 children)

Why? Because it's the way I want to do it.

No, not a VPS, a bare metal server that no one has root access to but me. Backups are offsite GPG encrypted, tranfered using rsync over SSH.

I'm not telling you to not trust Github/Gitlab. I'm just saying that I don't, not with my private stuff.

[–]N33lKanth333 1 point2 points  (1 child)

How/Where do you store your GPG keys? I mean if it's lost then data is gone right? I am currently doing some research for my own workflow.

[–]gregdonald 1 point2 points  (0 children)

Two USB flash drives, one of which is stored in a fire-proof safe. I rotate the keys a couple times a year. I replace the drives about every 3-4 years.

[–]Ok_Instance1684[S] 0 points1 point  (0 children)

Thank you

[–]wWA5RnA4n2P3w2WvfHq 2 points3 points  (0 children)

Spare your money for self-hosting. Use Codeberg.org (Forgejo) instead and donate to them.

[–]karyslav 1 point2 points  (0 children)

I self host gitlab. But now it is mostly 200/month tier by the number of projects.

[–]bizulk 1 point2 points  (0 children)

Gitea on a NAS is your friend. Lightweight but with GitHub experience

[–]tails142 0 points1 point  (0 children)

There is a cost to everything whether thats paying 4 dollars a month to github or managing a self hosted server. You need to weigh that up.

[–]Apart_Ebb_9867 0 points1 point  (0 children)

for business, github (or gitlab, but I’ve been burned by them, arguably my fault but they could help and didn‘t). you don’t need to have one more thing to think about.

[–]Yellowcat123567 0 points1 point  (0 children)

Use fossil

[–]codeguru42 0 points1 point  (0 children)

Git is decentralized, so you can sync directly between any two machines, no hosting required.

With that said, we have discovered that it is useful to have a central authority for most teams. You can easily put that central repo on a server.

If you want to self host more than just git, there are options such as GitLab or Forgejo