It is my aim of having a git-repository hosted on an own server running CentOS 6.5, serving the repositories via https using a self-signed certificate. SELinux is disabled.
This post is concerned with setting up the apache httpd 2.2 server which is shipped with CentOS 6.5 for serving the repositories. The basic steps are:
- Configure Apache httpd
- Create a bare repository accessible from the web
- CentOS 6.5 server
- latest git version (1.8.X) compiled and installed from source
I would like to access my repositories at the following URL using http authentification:
Steps to follow
These steps are influenced by these great posts (but – at least – updated for recent versions and CentOS 6.5):
Configure Apache httpd
First, determine a location where the git repositories should be located on the server. I will be using /var/www/html/git.mydomain.com/.
Thereafter, configure http(s) by creating a new configuration file stored at /etc/httpd/conf.d/, containing roughly the following:
<VirtualHost git.mydomain.com:443> ServerAdmin firstname.lastname@example.org DocumentRoot /var/www/html/git.mydomain.com ServerName git.mydomain.com ErrorLog logs/git.mydomain.com-error_log CustomLog logs/git.mydomain.com-access_log common ServerSignature Off SetEnv GIT_PROJECT_ROOT /var/www/html/git.mydomain.com SetEnv GIT_HTTP_EXPORT_ALL SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER ScriptAlias / /usr/libexec/git-core/git-http-backend/ SSLEngine on SSLCertificateFile /etc/httpd/conf.d/git.mydomain.com.crt SSLCertificateKeyFile /etc/httpd/conf.d/git.mydomain.com.key <Directory "/var/www/html/git.mydomain.com"> Options Indexes AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/usr/libexec/git-core"> Options Indexes AllowOverride None Order allow,deny Allow from all </Directory> <Location /> AuthType Digest AuthName "git.mydomain.com" AuthUserFile /var/www/passwd/git_passwords AuthGroupFile "/var/www/passwd/git.group" Require valid-user </Location> </VirtualHost>
I assume that you are at least a bit familiar with httpd configuration files. As such, you should be able to adjust the information for your needs appropriately.
Interesting configuration aspects are:
- If using only http (instead of https), configure the server to use port 80, and disable SSLEngine by
- Notice the ScriptAlias
ScriptAlias / /usr/libexec/git-core/git-http-backend/It is used to call the named binary for serving the content behind the URL.
/usr/libexec/git-coredoes point to the install directory of git
Note also that the final slash (/) is very important as the string is used literally to substitute http requests.
Create a bare repository
As usual, create a new bare repository by creating the corresponding directory and using the familiar command
git init --bare shared=group <reponame>.git
Just to note that the access rights of the directory need to allow the apache process to write (update) contents of the repository. The shared=group part sets the sticky bit to propagate access rights to newly created folders.