Git Over HTTP (Git-Http-Backend)

I found really annoying that all Git guides I found talked about using Git over SSH, thats because I googled until I found that Git now comes with git-http-backend , which lets you to configure your webserver to serve git over HTTP/HTTPS.

Here is a little guide how to setup git-http-backend using apache. First of all we need to install git on our server:

1apt-get install git-core

Once git is installed we will found git-http-backend under /usr/lib/git-core/git-http-backend. Next step is to setup the Apache configuration:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<IfModule mod_ssl.c>
  <VirtualHost *:443>
      SSLEngine on

      SSLCertificateFile /etc/ssl/server.crt
      SSLCertificateKeyFile /etc/ssl/server.key
      SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

      ServerName git.example.com
      ErrorLog /var/log/apache2/git-error.log
      CustomLog /var/log/apache2/git-access.log combined

      # GIT Config
      SetEnv GIT_PROJECT_ROOT /opt/git/repositories
      SetEnv GIT_HTTP_EXPORT_ALL

      # Route Git-Http-Backend
      ScriptAlias / /usr/lib/git-core/git-http-backend/

      # Require Acces for all resources
      <Location />
          AuthType Basic
          AuthName "Private"
          Require valid-user
          AuthUserFile /opt/git/user.passwd
      </Location>
  </VirtualHost>
</IfModule>

Now we only need to create our repositories under /opt/git/repositories (The repositories must be owned by the apache user to work):

1cd /opt/git/repositories
2git --bare init test.git
3chown -R www-data:www-data /opt/git/repositories

And thats all, now we can checkout the repository using the url https://git.example.com/test.git :

1git clone https://[email protected]/test.git
2cd test
3mkdir testdir
4touch testdir/README
5git add .
6git commit -m 'test commit'
7git push origin master

This environment variable is useful for testing and debug the request to your repository:

1# Activates verbosity for HTTP Requests
2export GIT_CURL_VERBOSE=1

If you have a Self-Signed Certificate and you haven’t imported your Root CA to your computer (which is the better option), you will get an SSL error. To avoid this you can use following Environment variable (CAUTION: With this you will not detect Man-In-The-Middle Attacks!)

1# Do not verify Certificate
2export GIT_SSL_NO_VERIFY=true

SimpleXML vs XMLWriter vs DOM
Zend Framework 2: Authentication + Acl Using EventManager
comments powered by Disqus