summaryrefslogtreecommitdiff
path: root/etc/httpd/conf.d/git-http-p.conf
diff options
context:
space:
mode:
Diffstat (limited to 'etc/httpd/conf.d/git-http-p.conf')
-rw-r--r--etc/httpd/conf.d/git-http-p.conf35
1 files changed, 35 insertions, 0 deletions
diff --git a/etc/httpd/conf.d/git-http-p.conf b/etc/httpd/conf.d/git-http-p.conf
new file mode 100644
index 0000000..b30ad47
--- /dev/null
+++ b/etc/httpd/conf.d/git-http-p.conf
@@ -0,0 +1,35 @@
+#
+#
+# Git Smart HTTP Support
+# git push ONLY
+
+SetEnv GIT_PROJECT_ROOT /srv/git
+SetEnv GIT_HTTP_EXPORT_ALL 1
+
+# Expose git-receive-pack and info/refs.
+ScriptAliasMatch "^(/.+/(git-receive-pack|info/refs))$" \
+ /usr/libexec/git-core/git-http-backend$1
+
+# Authenticate against git push.
+<LocationMatch "^/.+/(git-receive-pack)$">
+ AuthType Basic
+ AuthName "Git Push Access"
+ AuthUserFile ${GIT_HTTP_AUTH_FILE}
+ Require valid-user
+</LocationMatch>
+
+# Deny info/refs push unless it's for git push.
+<LocationMatch "^/.+/info/refs$">
+ AuthType Basic
+ AuthName "Git Push Access"
+ AuthUserFile ${GIT_HTTP_AUTH_FILE}
+ <RequireAll>
+ Require expr %{QUERY_STRING} == "service=git-receive-pack"
+ Require valid-user
+ </RequireAll>
+</LocationMatch>
+
+# Explicitly deny git clone/fetch just in case.
+<LocationMatch "^/.+/git-upload-pack$">
+ Require all denied
+</LocationMatch>