gitapachegitweb

Git controlled access to repository


I have a git repository in Apache server. How can allow my developers to have full access i.e read and write access to the repository. I am working on windows platform.


Solution

  • The idea is to call git directly from the httpd Apache config file using the git-http-backend exe.
    This is part of the smart http protocol, that I mention in this answer.

    Env GIT_PROJECT_ROOT C:/GIT/Apache/repositories
    SetEnv GIT_HTTP_EXPORT_ALL
    SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER
    ScriptAliasMatch \
        "(?x)^/(.*/(HEAD | \
                        info/refs | \
                        objects/(info/[^/]+ | \
                                 [0-9a-f]{2}/[0-9a-f]{38} | \
                                 pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
                        git-(upload|receive)-pack))$" \
                        "C:/Program Files/git/libexec/git-core/git-http-backend.exe/$1"
    

    That script (which is in any Git distribution) will be able to get a git query over http and return the result.

    You can find a complete example in "Setting up Git Server on Windows With git-http-backend.exe"


    For a finer-grained access level control, you can add an authorization layer like gitolite in your httpd.conf (gitolite will then call hit-http-backend if it authorizes the git query).
    I use it in cunjunction with an LDAP (for the authentication part), but you don't have to use an LDAP, just make sure your Apache config is set up to authenticate users first, in order for gitolite to have an user id to work with (allow or deny).