GitBucket is a free and open source alternative to Github or BitBucket. It is powered by Scala. It is very lightweight and responsive web application. GitBucket provides many features such as public or private git repository with both HTTP and ssh access. It provides GitLFS support, repository viewer with online file editor, issues, pull request and Wiki for repositories. It also provides an activity timeline and email notification, account and group management with LDAP integration and much more.
In this tutorial, we will install GitBucket on CentOS 7. We will also setup Apache as reverse proxy with SSL support.
GitBucket does not have any minimum hardware requirement, but for optimal performance of JAVA 8, you will need at least 1 GB RAM on your server. To follow this tutorial you will need a server with at least CentOS 7 installed. You will also need root access to the server, if you are logged in as non-root user, run
sudo -i to login in as root user. A domain pointing to your server is also required.
Install GitBucket Server
Before installing any package it is recommended to update the server and available packages. Run the following command for same.
yum -y update
GitBucket requires JDK or Java Development Kit 8. Install JDK 8 on 32 bit systems using the following command. If you do not have
wget installed, you can run
yum -y install wget command.
wget --no-cookies --no-check-certificate --header "Cookie:oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-i586.rpm"
yum -y localinstall jdk-8u121-linux-i586.rpm
Install JDK 8 on 64 bit systems using the following command.
wget --no-cookies --no-check-certificate --header "Cookie:oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-x64.rpm"
yum -y localinstall jdk-8u121-linux-x64.rpm
To see if Java is installed correctly, run the following command.
You will see output similar to shown below.
[root@liptan-pc ~]# java -version java version "1.8.0_121" Java(TM) SE Runtime Environment (build 1.8.0_121-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)
Now you will need to create a new user for GitBucket. All your repositories will be stored in the home directory of the GitBucket user. Run the following command to create a GutBucket user.
Now download the latest version of GitBucket
war file using the following command.
wget -O /home/gitbucket/gitbucket.war https://github.com/gitbucket/gitbucket/releases/download/4.9/gitbucket.war
You can always check for the latest release of GitBucket on the GitBucket release page.
Now change the ownership of the downloaded file using the following command.
chown -R gitbucket: /home/gitbucket
You can now directly start GitBucket using the following command.
java -jar gitbucket.war
If there is no firewall running, the application can be accessed on your favorite browser on the following link.
If a firewall is running, you need to run the following command to allow port
8080 to be connected from the internet.
firewall-cmd --permanent --add-port=8080/tcp
You can also unblock the ports for HTTP and HTTPS using the following commands.
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
Now reload your firewall using the following command.
You can stop the GitBucket server using Ctrl + C keys.
It is recommended that you create a systemd service for running GitBucket so that it can run in the background and can be automatically started on failures and boot time. Run the following command to create a systemd service file.
If you do not have
nano installed, you can run
yum -y install nano. Now paste the following text into the nano editor.
[Unit] Description=GitBucket service After=syslog.target After=network.target
[Service] User=gitbucket Type=simple ExecStart=/usr/bin/java -jar /home/gitbucket/gitbucket.war Restart=always StandardOutput=syslog StandardError=syslog SyslogIdentifier=gitbucket
Now you can start GitBucket server and configure it to automatically start at boot time using following commands.
systemctl start gitbucket
systemctl enable gitbucket
To check if GitBucket service is started correctly, you can run the following command to check the status of the GitBucket service.
systemctl status gitbucket
You should get output similar to shown below.
[root@liptan-pc gitbucket]# systemctl status gitbucket ● gitbucket.service - GitBucket service Loaded: loaded (/etc/systemd/system/gitbucket.service; enabled; vendor preset: disabled) Active: active (running) since Sun 2017-01-29 15:03:20 UTC; 1min 13s ago Main PID: 19354 (java) CGroup: /system.slice/gitbucket.service └─19354 /usr/bin/java -jar /home/gitbucket/gitbucket.war Hint: Some lines were ellipsized, use -l to show in full.
Configuring Apache as Reverse Proxy with Let's Encrypt SSL
Instead of using the application on Port 8080, you can use Apache to run on port 80 or 443 in the case of using SSL. This way the main application will run on port 8080, and Apache will work as a reverse proxy. Install Apache web server and mod_ssl using the following command.
yum -y install httpd mod_ssl
Now start Apache web server and enable it to automatically start at boot time using the following commands.
systemctl start httpd
systemctl enable httpd
Now we will need to generate SSL certificates from Let's Encrypt client. If you want to use commercial SSL certificates instead, you can purchase SSL certificates from HostPresto.
To install Let's Encrypt client also called Certbot, you will need to add the EPEL repository also. Run the following command for same.
yum -y install epel-release
yum -y update
Now install Certbot using the following command.
yum -y install python-certbot-apache
Once the installation finishes, run the following command to obtain the SSL certificates from Let's Encrypt. Make sure that your domain is pointed to the server, the Let's Encrypt will check the domain authority before providing the certificates.
certbot certonly --apache -d yourdomain.com
This command will run Let's Encrypt client to obtain the certificates only but not to install it.
--apache tells the client to use Apache web server for authentication of domain authority.
-d yourdomain.com tells the domain name for which the certificates needs to be obtained. It may ask you which SSL configuration to use during authentication, choose
ssl.conf. All the changes made to the file will be automatically restored. Finally provide your email address and accept the terms and condition. Once the certificates are generated, they are likely to be stored in the following directory.
yourdomain.com is your actual domain. In the directory, you will find
cert.pem which is your domains certificate and
privkey.pem which is your certificate's private key.
Let's Encrypt SSL expires in 90 days, so it is recommended to set an automatic renewal for your certificates. Run the following command to open your crontab file.
crontab -eEnter the following line into the crontab file.
30 1 * * 1 /usr/bin/certbot renew >> /var/log/le-renew.log
The above cron job will automatically run every Monday at 1:30 AM and if your certificates are due for expiry, it will automatically renew them.
As the SSL certificates are now generated, we can proceed further to configure httpd configuration file. Create a new virtual host file using the following command.
yourdomain.com with your actual domain. Now copy and paste the following lines into the file.
<VirtualHost *:80> ServerName yourdomain.com Redirect permanent / https://yourdomain.com/ TransferLog /var/log/httpd/yourdomain.com_access.log ErrorLog /var/log/httpd/yourdomain.com_error.log </VirtualHost>
<VirtualHost *:443> ServerName yourdomain.com ServerAdmin email@example.com SSLEngine On SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem ProxyPreserveHost On ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ TransferLog /var/log/httpd/yourdomain.com_ssl_access.log ErrorLog /var/log/httpd/yourdomain.com_ssl_error.log </VirtualHost>
In the above configuration change
yourdomain.com to your actual domain. Also, make sure that the path to your SSL certificate and private key are correct. Once done, you will have to restart your Apache server so that the changes made can take effect.
systemctl restart httpd
Now you will need to disable your SELinux because GitBucket does not work with SELinux policies. To temporary disable SELinux without restarting the server, run the following command.
To completely disable the SELinux you will need to edit:
If you don't have nano installed, you can install it using yum -y install nano Find the following line:
Change it to:
Now you will need to reboot your server so that the new configuration can take effect. Now you can start the GitBucket service if not started already using the following command.
systemctl start gitbucket
You can now browse the following URL in your favorite browser.
You will see the following screen.
You can now sign in to the dashboard by clicking on Sign in link. Use the username
root and password
Once you are logged in you will see your user screen.
In this tutorial, we have learned how to install GitBucket on CentOS 7 server. You can now create your own Git server and use it to increase your productivity.