legit
A git web frontend written in Go.
Pronounced however you like; I prefer channeling my inner beret-wearing Frenchman, and saying “Oui, il est le git!”
But yeah it’s pretty legit, no cap on god fr fr.
Features
- Fully customizable templates and stylesheets.
- Cloning over http(s).
- Less archaic HTML.
- Not CGI.
Installing
Clone it, ‘go build’ it.
Config
Configuration is done via environment variables:
Repository Settings:
- LEGIT_REPO_SCAN_PATH: where all your git repos live (or die). legit doesn’t traverse subdirs yet. (default: /var/www/git)
- LEGIT_REPO_README: comma-separated list of readme files to look for. (default: readme,README,readme.md,README.md,Readme.md)
- LEGIT_REPO_MAIN_BRANCH: comma-separated list of main branch names to look for. (default: master,main)
- LEGIT_REPO_IGNORE: comma-separated list of repos to ignore, relative to scanPath. (default: empty)
- LEGIT_REPO_UNLISTED: comma-separated list of repos to hide, relative to scanPath. (default: empty)
Meta Settings:
- LEGIT_META_TITLE: site title. (default: git repos)
- LEGIT_META_DESCRIPTION: site description. (default: empty)
- LEGIT_META_SYNTAX_HIGHLIGHT: syntax theme to render. If left blank or removed, the native theme will be used. If an invalid theme is set, it will default to “monokailight”. For more information about themes, please refer to chroma’s gallery 1. (default: monokailight)
Server Settings:
- LEGIT_SERVER_NAME: used for go-import meta tags and clone URLs. (default: localhost:5555)
- LEGIT_SERVER_HOST: host to bind to. (default: 0.0.0.0)
- LEGIT_SERVER_PORT: port to listen on. (default: 5555)
Example usage:
export LEGIT_REPO_SCAN_PATH="/home/git/repos"
export LEGIT_META_TITLE="My Git Server"
export LEGIT_SERVER_PORT=8080
export LEGIT_REPO_IGNORE="private-repo,secret-project"
./legit
NOTES
- Run legit behind a TLS terminating proxy like relayd(8) or nginx.
- Cloning only works in bare repos – this is a limitation inherent to git. You can still view non-bare repos just fine in legit.
- Pushing over https, while supported, is disabled because auth is a pain. Use ssh.