Has anyone successfully implemented Git over Tor?
I know hosting a repo server is a vastly different beast, but it may help to start somewhere
As far as I know, Gogs and Gitea are fully FOSS, server-side too (no proprietary "enterprise" versions), can be isolated pretty well, and don't look like they're stuck in 1995
But I don't know the internals well enough to see if an entire Hidden Service alternative to GitHub or GitLab can be done in these or something similar
Gitea is a fork of Gogs
@cypnk Apparently git has support for socks5 proxies since 2015, so it wouldn't be that difficult to do I think.
@schoentoon Ah, good point. I'm sure there are a bunch of edge cases to consider, but it may be a fun project to try
@cypnk Oh yeah probably. I have previously toyed around with usenet over tor, which was surprisingly easy to do, but had some tiny edge cases for sure (mostly in the clients)
@cypnk Note that things like gitlab/github aren't necessary if you just want a read-only git; a read only git can just be on a plain simple http server, so I assume trivial; not sure what the minimal writeable is; but you don't need all the multiple-project/auth system that the bigger systems give you
@cypnk You can even host GitLab behind to with no problem. Sure, you probably have a hard time to of source IP leaks for the hosting platform, but that can be solved with enforcing outgoing firewall rules and hosting the tor proxy on a separate machine/IP.
But there is no technical reason, why this wouldn't work. gitlab, gitea and gogs are all capable for socks4/5 proxying for outgoing connections and can set arbitrary base URLs.
I guess just someone has to bother to do it.
@cypnk Thinking of it, all you need is probably a docker-compose file (similar to mine here: https://git.shivering-isles.com/shivering-isles/infrastructure/-/blob/master/roles/gitlab/templates/docker-compose.yml), set the network to internal, setup a tor container that has a second network adapter that is not set to internal, and configure GitLab for a forward proxy and the right domain:
Similar things should be possible with Gitea and Gogs as well :)
@cypnk You can prefix your git command with "torsocks -i". I use it all the time and it works like a charm. Although only when the other side is _not_ a hidden service.
The original server operated by the Mastodon gGmbH non-profit