git-http-backend on CentOS 6.5

It is my aim of having a git-repository hosted on an own server running CentOS 6.5, serving the repositories via https using a self-signed certificate. SELinux is disabled.

This post is concerned with setting up the apache httpd 2.2 server which is shipped with CentOS 6.5 for serving the repositories. The basic steps are:

  1. Configure Apache httpd
  2. Create a bare repository accessible from the web

My environment

  • CentOS 6.5 server
  • latest git version (1.8.X) compiled and installed from source

My aim

I would like to access my repositories at the following URL using http authentification:



Steps to follow

These steps are influenced by these great posts (but – at least – updated for recent versions and CentOS 6.5):

Configure Apache httpd

First, determine a location where the git repositories should be located on the server. I will be using /var/www/html/

Thereafter, configure http(s) by creating a new configuration file stored at /etc/httpd/conf.d/, containing roughly the following:

DocumentRoot /var/www/html/
ErrorLog logs/
CustomLog logs/ common

ServerSignature Off

SetEnv GIT_PROJECT_ROOT /var/www/html/
ScriptAlias / /usr/libexec/git-core/git-http-backend/

SSLEngine on
SSLCertificateFile /etc/httpd/conf.d/
SSLCertificateKeyFile /etc/httpd/conf.d/

<Directory "/var/www/html/">
Options Indexes
AllowOverride None
Order allow,deny
Allow from all

<Directory "/usr/libexec/git-core">
Options Indexes
AllowOverride None
Order allow,deny
Allow from all

<Location />
AuthType Digest
AuthName ""
AuthUserFile /var/www/passwd/git_passwords
AuthGroupFile "/var/www/passwd/"
Require valid-user


I assume that you are at least a bit familiar with httpd configuration files. As such, you should be able to adjust the information for your needs appropriately.

Interesting configuration aspects are:

    1. If using only http (instead of https), configure the server to use port 80, and disable SSLEngine by SSLEngine Off
    2. Notice the ScriptAlias ScriptAlias / /usr/libexec/git-core/git-http-backend/ It is used to call the named binary for serving the content behind the URL.
    3. /usr/libexec/git-core does point to the install directory of git

Note also that the final slash (/) is very important as the string is used literally to substitute http requests.

Create a bare repository

As usual, create a new bare repository by creating the corresponding directory and using the familiar command

git init --bare shared=group <reponame>.git

Just to note that the access rights of the directory need to allow the apache process to write (update) contents of the repository. The shared=group part sets the sticky bit to propagate access rights to newly created folders.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: