http://www.cinsk.org/wiki/Git_over_SSH_or_HTTP

Git over SSH or HTTP

From Wiki


Note that this article is just for my personal use.  (Gentoo)

As far as I know, there are three ways to provide the GIT repository.


Provides the repository using
git-daemon.  The drawback of this method is, it will uses its own TCP port (default
9418).  In some restricted NAT environment, it may not be usable.  Not my favorite.
Provides the repository using HTTP backend.  The good news is that you can use HTTP (or HTTPS) to provide GIT repository.  In some restricted NAT environment, this is the best solution.  And it's possible to provide read/write access and read-only access. 
The drawback of this method is, it requires HTTP server (e.g. Apache) and somewhat complicated web server configuration.  
Provides the repository using SSH backend.  The good news is that you don't need to setup any server.  The drawback of this method is, you cannot provide read-only (anonymous) access to the git repository.

For my personal purpose, I've provided both 2nd and 3rd interfaces in addition to read-only web front-end.

Git over SSH

Setup git repositories in /var/lib/git.  Note that /var/lib/git itself is not managed by git.

With the user account, git can be used via ssh like:

git clone USERID@www.example.org:/var/lib/git/PROJECT

There is no anonymous interface.

If the SSH server uses non-standard port (except 22), you may specify in your
$HOME/.ssh/config for the different port value.

Host www.example.org
Port XXX

Git Over HTTP

Set up 99_mod_git.config in /etc/apache2/modules.d/ as following:

SetEnv GIT_PROJECT_ROOT /var/lib/git
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER

ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
Alias /gitweb/ /var/www/localhost/gitweb/

<Directory /usr/libexec/git-core/>
Options ExecCGI FollowSymLinks Indexes
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>

<Directory /var/lib/git>
Options Indexes MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

<LocationMatch "^/git/.*/git-receive-pack$">
Order allow,deny
Allow from all
AuthType Basic
AuthName "Git http backend"
AuthUserFile /etc/apache2/passwd.git
Require valid-user
#<LimitExcept GET HEAD OPTIONS REPORT PROPFIND>
#</LimitExcept>
</LocationMatch>

<Directory /var/www/localhost/gitweb/>
AllowOverride All
Options ExecCGI FollowSymLinks
Order allow,deny
Allow from all
</Directory>

/etc/apach2/passwd.git itself can be managed by htpasswd.

With the user account, git can be used like:

$ git clone http://USERID@www.example.org/git/PROJECT
password: ********

(Anonymous access) Without the user account, git can be used like:

$ git clone http://www.example.org/git/PROJECT
password: ********

It's possible that first clone the repository in anonymous, then later push the changes into the repository with the user account.

$ git clone http//www.example.org/git/PROJECT
$ cd PROJECT
$ # git commit to the local repository.
$ git config remote.origin.url http://USERID@www.example.org/git/PROJECT $ git push

There is a read-only web front end in
http://www.example.org/gitweb/.  I read some article that it is possible to provide the consistent URL (e.g.
http://www.example.org/git/) for
git command-line interface and the web frontend.  But I failed.  Currently, CLI uses
http://www.example.org/git/PROJECT and front-end uses
http://www.example.org/gitweb/PROJECT/.