Public and private code in a single Git repository

With a single git repository, no. What you can do is use git submodules, which allow you to "combine" repositories. Keep your public code on github, create another, privately hosted, git repository for your private code which references the public code as a submodule. Changes made within the public submodule can be pushed up to github, and changes on github can be pulled back down, but changes outside the submodule won't be exposed to the public community. Although the code trees will be merged into a single root you will have to manage commits, pushes, and pulls independently between the separate modules, which many people find cumbersome and problematic, so you should do some experimentation with the workflow before distributing widely.