DEV Community

Cover image for Private Github with gogs and raspberry pi

Private Github with gogs and raspberry pi

Bojana Dejanović on August 18, 2018

If you are by any means involved in any part of the software development process, chances are you have heard or used (or both) git, and for sure - ...
Collapse
 
johnbwoodruff profile image
John Woodruff • Edited

Cool project if you want to do something with a raspberry pi. For myself, I use GitLab which let's you have unlimited private repos, any number of contributors. (as opposed to the 5 collaborator limit of bitbucket) Lots of other cool stuff too like GitLab CI built in.

Collapse
 
bojana_dev profile image
Bojana Dejanović

Yes, I guess I was more keen to put RPi to some good use, and stumbled on the idea to set up private repos, while started working on some side project that I didn’t wanted to be public on github.

Collapse
 
johnbwoodruff profile image
John Woodruff

Definitely, I'm often looking for something fun to experiment with on my pi. :) Great article, very cool.

Thread Thread
 
bojana_dev profile image
Bojana Dejanović

Me too, but no free time :)
Thanks :)

Collapse
 
wegesdal profile image
wegesdal

On my raspberry pi with Stretch there was a difference when editing the ssh configuration file:

nano /etc/ssh/sshd.config

should be

nano /etc/ssh/sshd_config

Just thought I'd share in case someone else has the same issue.

Collapse
 
bojana_dev profile image
Bojana Dejanović

You are right, I have corrected the path in article. Thanks!

Collapse
 
sproggit profile image
sproggit

This is a really excellent guide; thank you for taking the trouble to create and post it.

However, I won't (unfortunately) be following it... I was reading through and I got to the part where you talk about the need to change the default port of SSH, because Gogs wants to run its own SSH service on port 22...

This is is a really, really, really bad idea.

TCP ports below 1023 are known as "well known ports" and are configured consistently across virtually all devices and systems that support the TCP/IP protocol stack. Having any third party package seek to over-ride a default port in this way is dangerous and should tell us all something about the authors of this software.

I am not claiming or suggesting that Gogs is in any way malicious. However, when a piece of (user-space) software asks you to compromise the integrity and security of a system so that it can be installed and run, you should be asking yourself why it is doing this?

Were the Gogs developers just lazy? Did they not want to use a custom port for their SSH access? If so, that's bad practice right there.

Did they not realize that this is poor practice? If so, how many other poor security decisions have they made?

I don't want my comments to be seen as critical of the article [which is clear and very well written] or the operational functionality of Gogs [on which I have no information to base a view], but I hope this comment will encourage readers to think about the software installation / configuration process a bit more carefully...

Each time you are asked to make a non-default configuration setting on your computer, you are taking a risk. Eventually, you may become so accustomed to this that you stop seeing non-default settings like this as a risk, and implement a requested change that has far more serious consequences... So it helps to have an understanding of the risks and consequences.

Be aware. Be safe.

Collapse
 
cipi1965 profile image
Matteo Piccina

Mm, check Gitea instead of Gogs, it is a community driven fork, data compatible, of Gogs

Collapse
 
bojana_dev profile image
Bojana Dejanović

Will do. ;) What benefits over Gogs you think it has?

Collapse
 
cipi1965 profile image
Matteo Piccina
Collapse
 
gaxx0r profile image
gaxx0r • Edited

I love this setup. Backup is really not a problem. I'm using duplicati for scheduled encrypted daily backups and uploading for all my sensitive stuff to my separate Gmail account. There are also many different tools available for backups - rsync, rclone just to name a few. I really like the idea of setting things up myself - you learn way more about how this stuff works. Thank you!