Private/Local Git instance
-
Has anyone ever set up a local git repository? Specifically, one that can be connected to not only locally, but remotely as well. I'm thinking of using a Raspberry Pi 4 with a connected 500gb SSD (that should be plenty pig enough I think). I don't want to use GitHub because they've been hacked a couple of times (unless someone here thinks it's secure enough). I'm concerned with the amount of hassle required to install git locally, so I'm hesitant.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013Forgive me, but if your concern is security how is it more secure running an internet facing server locally versus using github? Do you really think your own unmonitored network is more secure than git's? Are you that confident in your server, your firewall and the software itself? I don't mean to criticize, I just feel like I'm missing something. Maybe you plan on using VPN?
Real programmers use butterflies
-
Forgive me, but if your concern is security how is it more secure running an internet facing server locally versus using github? Do you really think your own unmonitored network is more secure than git's? Are you that confident in your server, your firewall and the software itself? I don't mean to criticize, I just feel like I'm missing something. Maybe you plan on using VPN?
Real programmers use butterflies
Maybe it is less likely a single individual computer/server might be less a target than something like github ?
I'd rather be phishing!
-
Maybe it is less likely a single individual computer/server might be less a target than something like github ?
I'd rather be phishing!
-
Maybe it is less likely a single individual computer/server might be less a target than something like github ?
I'd rather be phishing!
That's true, but it amounts to "security by obscurity", which is a thing precisely because it is Bad(TM) Github is serious bait though, so I understand, it's just that localizing it doesn't necessarily make you more safe - in fact, it will be less safe if someone *does* hack it, because then they're on your network. Playing the odds with someone not finding out almost universally underestimates malicious actors, who use crawlers, hacked DNS servers, and scanners (all usually distributed) and the like to find vulnerable targets. That's part of why I said security by obscurity is Bad(TM) I'm not a security expert, but I *may* have had more experience with it because of my background than some people here, and so I'm offering this FWIW. Anyone who has been in a network security role, by all means weigh in here.
Real programmers use butterflies
-
Maybe... before he announced it on the internet! Now all the hackers are sitting here waiting for it to go live :suss:
You're kidding maybe, but you raise an important point. The more people use it, the more people know about it, the more it gets out there, the higher your odds of being hacked.
Real programmers use butterflies
-
Has anyone ever set up a local git repository? Specifically, one that can be connected to not only locally, but remotely as well. I'm thinking of using a Raspberry Pi 4 with a connected 500gb SSD (that should be plenty pig enough I think). I don't want to use GitHub because they've been hacked a couple of times (unless someone here thinks it's secure enough). I'm concerned with the amount of hassle required to install git locally, so I'm hesitant.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013It might be worthwhile to invest in something like - they used to call it a steelhead server? - something that can take incoming VPN connections. Expose your services through that, since it dramatically decreases your vulnerable surface area of your network. Basically to even get a port list you have to pass challenge response auth on a hardened system.
Real programmers use butterflies
-
Has anyone ever set up a local git repository? Specifically, one that can be connected to not only locally, but remotely as well. I'm thinking of using a Raspberry Pi 4 with a connected 500gb SSD (that should be plenty pig enough I think). I don't want to use GitHub because they've been hacked a couple of times (unless someone here thinks it's secure enough). I'm concerned with the amount of hassle required to install git locally, so I'm hesitant.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013I can recommend Gitea, see: best-git-web-interfaces[^] It is lightweight enough to run on Raspberry Pi.
-
Maybe it is less likely a single individual computer/server might be less a target than something like github ?
I'd rather be phishing!
If it's connected to the internet via one of the 4 billion IPv4 addresses it's got a great big target on it, and is being constantly scanned by malware bots looking for known vulnerabilities that they can pwn.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius
-
I can recommend Gitea, see: best-git-web-interfaces[^] It is lightweight enough to run on Raspberry Pi.
-
Has anyone ever set up a local git repository? Specifically, one that can be connected to not only locally, but remotely as well. I'm thinking of using a Raspberry Pi 4 with a connected 500gb SSD (that should be plenty pig enough I think). I don't want to use GitHub because they've been hacked a couple of times (unless someone here thinks it's secure enough). I'm concerned with the amount of hassle required to install git locally, so I'm hesitant.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013I store all my source code at VisualStudio.com[^]. I've stuck with using TFS-VC because when I created my (free) account eons ago, Git wasn't an option. Today, you can choose to use Git instead of TFS-VC. I think this will meet your needs. You can also optionally allow others to collaborate on specific projects as long as they have a Microsoft identity. /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
-
Maybe it is less likely a single individual computer/server might be less a target than something like github ?
I'd rather be phishing!
Three-four guys from work (counting me), max. The reason I don't want to use GitHub is because they're a big target, and the code is somewhat sensitive in nature (not classified, but I don't necessarily want to have it stolen, either.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013