Setting Up Your Secure Git Server Using Gitosis

This tutorial describes how to setup a git server if you have a similar setup like mine. I have a live server running linux and I use windows & linux for development. I’ll keep it as brief as possible and let you figure out the rest. If a part isn’t clear, just ask. Here is a brief overview of what we’ll do.

  • Setup Gitosis on your linux server.
  • Setup a git client for your windows box
  • Clone Your Repository on your Windows Box
  • Commit, Push and Pull
  • Deploy Online

Setup Gitosis

Tutorial for Setting Up Gitosis
Tutorial for Setting Up Gitosis on Ubuntu

Setup Git on Windows

  • Download and install Git from msysgit

    Be sure to download the full version if you’ll like to use the Git GUI eg. Git-

  • Startup Git Bash
  • Run

    # ssh-keygen -t rsa
    Do not add a passphrase.

  • Upload your public key to your gitosis-admin

Clone Your Repository

Now that you have git installed, you will need to download your working copy of the project. Your working copy [WC] is what you will be working on so I suggest that you create it in a folder in your webroot. The following steps will help you achieve that.
 Using Git GUI
  • Enter Source Location


  • Target Directory


    Using Git Bash

  • # cd /install-dir
  • # git clone git@YOUR_SERVER:YOUR_PROJECT.git

Committing & Pushing Changes

Now that you have your working repository and you have made modifications to the project, its time to commit (update repository with changes) and push (upload to central repository).
Using Git GUI
  • Start Git GUI
  • Click Open Existing Repository and select your repository. Alternatively, you can select your repository from the list under Open Recent Repository. You can also create a Desktop shortcut to your repository from Git GUI. Once you have opened your repository, click on the Repository menu and click on Create Desktop Icon
  • Click on Rescan. This should show all the modified files in your repository.
  • Select all the files in the Unstaged Changes list and click on the Commit menu and then Stage to Commit.
  • Enter you Commit Message. For tips on how to write good commit messages goto
  • Click on Sign Off
  • Click on Commit
  • Click
    on Push 

Deploying Online

  • Clone your application in your webserver root.
  • To update your online copy after making updating the central repository, just
    # git pull


General, Linux

Installing FFMPEG the Easy Way on OpenSuSE 11.1

Installing ffmpeg was formerly a pain for me. Why? I downloaded all dependencies manually and there are a ton of them. I recently stumbled on a repository, Packman that has ffmpeg and its dependencies in stock. This made installation a pain-free experience.

Packman Repository also offers One-Click Install which is supported from OpenSuSE 10.3. As the name suggests, one-click [and a few accept or next buttons] and you are done.

One-Click Install

  1. Enable all repositories currently in your YaST Software Repositories. This is important for YaST to automatically get all dependencies.
  2. Goto Packman Repository
  3. Search for ffmpeg
  4. Click on One-click Install
  5. Follow the Wizard and that’s ALL

Repository Installation

  1. Enable all repositories currently in your YaST Software Repositories. This is important for YaST to automatically get all dependencies.
  2. Add Packman Repository to your Software Repositories. You can get a link to it from here
  3. Goto Software Management
  4. Search ffmpeg, and mark it for installation.
  5. Click on finish and it would be install for you.

General, Linux

GoDaddy Wildcard SSL & Apache2 on SuSE 11.2


To setup Apache2 with an SSL certificate you’ll need the following:

  • A key – Require to generate a CSR
  • Certificate Signing Request – Require by GoDaddy to generate a certificate
  • Your Certificate
  • GoDaddy’s certificate bundle

To Generate a Triple-DES Encrypted Key Pair and a Certificate Signing Request (CSR)

In a command prompt, enter the following, pressing Enter after each line:

  1. cd /usr/bin/ (/your path to openssl/)
    Enter a passphrase when prompted to. Be sure not to forget otherwise you’ll have to start all over again.
  2. openssl genrsa -des3 -out .key 2048
  3. openssl req -new -key .key -out .csr

Fill in the following

  • Enter Country Name (2 letter code): NG
  • State or Province Name: Lagos
  • Organization Name: Organic Ltd.
  • Common Name
  • Email Address


Do not enter a challenge password. Why? This would cause an error when you submit your CSR to GoDaddy.

Now that you have your key and CSR you can generate your SSL Certificate. Copy the contents of your CSR and follow the steps outlined here.

Download your SSL Certificate for Apache and copy them to your server and follow the instructions here
Download your SSL Certificate for Apache and copy them to your server and follow the instructions below:

To Install SSL and Intermediate Certificates

Copy your SSL certificate file and the certificate bundle file to your Apache server. You should already have a key file on the server from when you generated your certificate request. You should copy the files to their respective folders found in Apache’s configuration folder /etc/apache2/




Install Certificate From YaST

  • Startup yast from the terminal. I recommend this because once you select the certificate key you’ll have to enter the pass-phrase. If you use the GUI tool then it would freeze un
  • Goto Network Services -> HTTP Server
  • Create A new vHost for your domain and select the server key and certificate
  • Edit configuration file and add the following below the SSLCertificateKeyFile

SSLCertificateChainFile /etc/apache2/ssl.crt/gd_bundle.crt

Restart Apache.

Install Certificate From Terminal

Modify you apache configuration host/vhost file. You’ll need to tell apache where your certificate key is and your certificate

<VirtualHost *:443>

DocumentRoot /srv/www/htdocs/




AllowOverride All

Order allow,deny

Allow from all


<IfDefine SSL>

SSLCertificateFile /etc/apache2/ssl.crt/

SSLCertificateKeyFile /etc/apache2/ssl.key/

SSLCertificateChainFile /etc/apache2/ssl.crt/gd_bundle.crt

SSLEngine on



By-pass pass-phrase dialog on Startup

After restarting apache, you’ll notice a prompt for a your pass-phrase. If you used the GUI tool, the YaST process may freeze as a result.

  1. Remove the encryption from the RSA private key (while keeping a backup copy of the original file):
    # cp server.key
    # openssl rsa -in -out server.key
  2. Make sure the server.key file is only readable by root:
    # chmod 400 server.key

Save your configuration file and restart Apache.

Force SSL/https using .htaccess and mod_rewrite

In certain scenarios you may want to force a secure connection to your web server. You can achieve this easily and flexibly with .htaccess and mod_rewrite.

  1. Make sure your Host’s AllowOverride is set to All in your vhost configuration file.
  2. Make sure mod_rewrite is enabled. You can do that using the following command

    # a2enmod rewrite

  3. Create a .htaccess file in your web-root folder /srv/www/htdocs/ and add the following content

    RewriteEngine On
    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$$1 [R,L]


Note that this also works on OpenSuSE 11.1