Private Git hosting using Gogs on Amazon Lightsail

There are many options for “private” Git hosting. I put “private” in quotes because private repos on Gitlab, Github, Bitbucket, etc. are still sitting on a server to which people I don’t know have access, so I considered other options.

I’ve been watching Gogs for a while and thought it would be fun to set up a server running Gogs for my private Git repos.

Gogs is “A painless self-hosted Git service” and is basically a Github clone. It’s written in Go, which means that it’s drop-dead simple to install just about anywhere. It’s just a single binary. This is way simpler than running something like Gitlab CE.

Here are my notes from setting up Gogs on Amazon Lightsail, proxied by nginx. This isn’t meant to be a tutorial or anything, it’s just a few quick notes about the process I went through to get things running.

Amazon Lightsail

I’m easily flumoxed by Amazon’s web services so I decided to give their Lightsail service a try. Lightsail is basically Amazon’s answer to the ease of running server instances on services like DigitalOcean. My first impressions are that it succeeds. A few clicks and I had a small Ubuntu 16.04 instance running.


To install gogs I did the following from a shell in the new Lightsail instance…

Installed git.

$ sudo apt-get update
$ sudo apt-get install git

Downloaded Gogs.

To keep things simple, I installed the gogs binary from the gogs install page. I simply copied the link to the amd64 version, downloaded and extracted it.

$ wget
$ tar xvf linux_amd64
$ cd gogs

Ran Gogs

$ ./gogs web

Then in a browser I went to http://[my-ip]:3000/ and couldn’t connect. I discovered that Lightsail’s default firewall only allows access on ports 80 and 443 so I added a rule for port 3000 and there was the installation page. Easy as that. I chose to run Gogs using SQLite as a database since it’s zero-config and plenty for my single-user needs. After finishing the initial configuration I set up Gogs as a service and started it after editing gogs.service with my settings (user/group/etc.)

$ sudo cp scripts/systemd/gogs.service /etc/systemd/system/
$ sudo vi /etc/systemd/system/gogs.service
$ sudo systemctl enable gogs.service

I then edited the Gogs config file in ~/gogs/custom/conf/app.ini with a few tweaked app settings such as disabling registrations, etc.

Then I started the service.

$ sudo systemctl start gogs.service


I wanted to run Gogs at port 80 rather than the default 3000 so I installed nginx as a proxy.

$ sudo apt-get -y install nginx
$ sudo vi /etc/nginx/sites-available/gogs
$ sudo ln -s /etc/nginx/sites-available/gogs /etc/nginx/sites-enabled/gogs
$ sudo service nginx restart

The nginx gogs config looks like this

server {
    listen 80;
    server_name [my-host-name];

    proxy_set_header X-Real-IP  $remote_addr; # pass on real client IP

    location / {
        proxy_pass http://localhost:3000;

That’s it. I now have a true all-to-myself private Gogs instance. In order to clone or push via SSH I added my public SSH key to my account in Gogs.

I’ll still need to configure an SSL cert from Let’s Encrypt but this got me going.