Git over SSH or HTTP

From Wiki

Jump to: navigation, search

Note that this article is just for my personal use. (Gentoo)

As far as I know, there are three ways to provide the GIT repository.

  • Provides the repository using git-daemon. The drawback of this method is, it will uses its own TCP port (default 9418). In some restricted NAT environment, it may not be usable. Not my favorite.
  • Provides the repository using HTTP backend. The good news is that you can use HTTP (or HTTPS) to provide GIT repository. In some restricted NAT environment, this is the best solution. And it's possible to provide read/write access and read-only access. The drawback of this method is, it requires HTTP server (e.g. Apache) and somewhat complicated web server configuration.
  • Provides the repository using SSH backend. The good news is that you don't need to setup any server. The drawback of this method is, you cannot provide read-only (anonymous) access to the git repository.

For my personal purpose, I've provided both 2nd and 3rd interfaces in addition to read-only web front-end.

Git over SSH

Setup git repositories in /var/lib/git. Note that /var/lib/git itself is not managed by git.

With the user account, git can be used via ssh like: 

git clone USERID@www.example.org:/var/lib/git/PROJECT

There is no anonymous interface.

If the SSH server uses non-standard port (except 22), you may specify in your $HOME/.ssh/config for the different port value. 

Host www.example.org
   Port XXX

Git Over HTTP

Set up 99_mod_git.config in /etc/apache2/modules.d/ as following: 

SetEnv GIT_PROJECT_ROOT /var/lib/git
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER

ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
Alias /gitweb/ /var/www/localhost/gitweb/

<Directory /usr/libexec/git-core/>
        Options ExecCGI FollowSymLinks Indexes
        AllowOverride AuthConfig
        Order allow,deny
        Allow from all
</Directory>

<Directory /var/lib/git>
        Options Indexes MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
</Directory>

<LocationMatch "^/git/.*/git-receive-pack$">
        Order allow,deny
        Allow from all
        AuthType Basic
        AuthName "Git http backend"
        AuthUserFile /etc/apache2/passwd.git
        Require valid-user          
        #<LimitExcept GET HEAD OPTIONS REPORT PROPFIND>
        #</LimitExcept>
</LocationMatch>

<Directory /var/www/localhost/gitweb/>
        AllowOverride All
        Options ExecCGI FollowSymLinks
        Order allow,deny
        Allow from all
</Directory>

/etc/apach2/passwd.git itself can be managed by htpasswd.

With the user account, git can be used like: 

$ git clone http://USERID@www.example.org/git/PROJECT
password: ********

(Anonymous access) Without the user account, git can be used like: 

$ git clone http://www.example.org/git/PROJECT
password: ********

It's possible that first clone the repository in anonymous, then later push the changes into the repository with the user account. 

$ git clone http//www.example.org/git/PROJECT
$ cd PROJECT
$ # git commit to the local repository.
$ git config remote.origin.url http://USERID@www.example.org/git/PROJECT
$ git push

There is a read-only web front end in http://www.example.org/gitweb/. I read some article that it is possible to provide the consistent URL (e.g. http://www.example.org/git/) for git command-line interface and the web frontend. But I failed. Currently, CLI uses http://www.example.org/git/PROJECT and front-end uses http://www.example.org/gitweb/PROJECT/.

Retrieved from "http://www.cinsk.org/wiki/Git_over_SSH_or_HTTP"
Personal tools