Note that there are two, I repeat two methods to work with a GIT server: webdav and git-http-backend.
Webdav is nicer and cheaper but it has some drawbacks. No further details about it here.
In the following we will setup a version hosting and control system called git with git-http-backend and an authentication mechanism against an LDAP server. My internal domain name is ring.local and my external hostname is git.ring-of-fire.com
We will set up a gitweb to ease the supervision.
If everything's going well, entering https://git.ring-of-fire.com/web in a browser and having confirmed that you are a member of ring_developers_webadmin, you will have your gitweb console.
Then you enter https://git.ring-of-fire.com/git/YourMightyRepo in your GIT client and confirm yourself to be a valid member of the ring_developers LDAP group.
Successfully authorized... guess what. We happy Vincent?
What to do in a nutshell. (version numbers are valid only for April 2014)
1
apt-get install....
ii apache2 2.2.22-13+deb7u1 i386 Apache HTTP Server metapackage
ii apache2-mpm-worker 2.2.22-13+deb7u1 i386 Apache HTTP Server - high speed threaded model
ii apache2-utils 2.2.22-13+deb7u1 i386 utility programs for webservers
ii apache2.2-bin 2.2.22-13+deb7u1 i386 Apache HTTP Server common binary files
ii apache2.2-common 2.2.22-13+deb7u1 i386 Apache HTTP Server common files
ii git 1:1.7.10.4-1+wheezy1 i386 fast, scalable, distributed revision control system
ii git-core 1:1.7.10.4-1+wheezy1 all fast, scalable, distributed revision control system (obsolete)
ii git-man 1:1.7.10.4-1+wheezy1 all fast, scalable, distributed revision control system (manual pages)
ii gitweb 1:1.7.10.4-1+wheezy1 all fast, scalable, distributed revision control system (web interface)
2
root@git:/etc/apache2/sites-enabled# cat *
ServerName git.ring-of-fire.com # real FQDN, IMPORTART!! for git's sake
ServerAdmin webmaster@localhost
</VirtualHost>
<VirtualHost *:443>
</VirtualHost>
3
root@git:/etc# cat gitweb.conf
# path to git projects (<project>.git)
$projectroot = "/var/www/git";
....
This is the only parameter you need to change.
4
root@git:/etc/apache2/conf.d# cat git.conf
SetEnv GIT_PROJECT_ROOT /var/www/git # check
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git /usr/lib/git-core/git-http-backend/ # check twice if this dir exists
<Directory "/usr/lib/git-core">
Options +ExecCGI
Allow From All
</Directory>
AliasMatch ^/git/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/www/git/$1
AliasMatch ^/git/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/www/git/$1
ScriptAliasMatch \
"(?x)^/git/(.*/(HEAD | \
info/refs | \
objects/info/[^/]+ | \
git-(upload|receive)-pack))$" \
/usr/lib/git-core/git-http-backend/$1
<Location "/git/YourMightyREPO">
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative on
AuthName "Git Server"
AuthLDAPURL "ldap://YourLDAPServerIP:389/OU=YourADOU,DC=ring,DC=local?sAMAccountName?sub?(objectClass=*)" NONE
AuthLDAPBindDN "CN=Your auth user name,cn=Users,dc=ring,dc=local"
AuthLDAPBindPassword verysecretpassword
Require ldap-group CN=ring_developers,OU=your_groups_container_OU,DC=ring,DC=local
</Location>
5
root@git:/etc/apache2/conf.d# cat gitweb.conf
Alias /web "/usr/share/gitweb/" # Check if /usr/share/gitweb there exists. Note the string /web
<Directory "/usr/share/gitweb">
Options ExecCGI
AllowOverride None
AddHandler cgi-script .cgi
DirectoryIndex gitweb.cgi
Order deny,allow
Allow from all
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative on
AuthName "GITWEB for RING"
AuthLDAPURL "ldap://YourLDAPserverIP:389/OU=your_users_container_OU,DC=ring,DC=local?sAMAccountName?sub?(objectClass=*)" NONE
AuthLDAPBindDN "CN=Your LDAP bind user name,cn=Users,dc=ring,dc=local"
AuthLDAPBindPassword verysecretpassword
Require ldap-group CN=ring_developers_webadmin,OU=your_groups_container_OU,DC=ring,DC=local
6
Initialize, check and done.
root@git:/var/www/default# ls
index.html
root@git:# cd /var/www/git/
root@git:/var/www/git# ls
[nope]
mkdir YourMightyRepo && cd * && git --bare init
cd .. && chown www-data:www-data * -R
service apache2 restart
get-a-coffee
For further reference, find some more totally useless and misleading info here: http://git-scm.com/docs/git-http-backend