Thursday, 15 April 2010

Git Authenticated push over apache -



Git Authenticated push over apache -

i have several git repositories. of them can accessed through apache server , r/w access given all. repository should have authenticated force it. have done this

<locationmatch "^/.*/git-receive-pack$"> authtype basic authname "git access" authbasicprovider file # password file created htpasswd authuserfile /sample/password require valid-user </locationmatch>

but asking username , password repositories. want enable few repositories.

some background

the thought when pushing via http[s], git performs requests this

http://user@server/git/foo.git/info/refs?service=git-receive-pack

the part of uri <location> or <locationmatch> directives consider when matching is

/git/foo.git/info/refs?service=git-receive-pack

it can broken downwards several parts:

the mutual prefix, including name of repository:

/git/foo.git

that's directly specify in repository's uri when telling git, when doing git clone http://user@server/git/foo.git.

the technical bits, telling server-side git want request:

/info/refs?service=git-receive-pack

this part added client-side git, , have no command on it.

how prepare problem @ hand

the .* bit in directive matches 0 or more characters, matches in git uris.

you need refine pattern somehow refer repos want force restriction applied to. , maintain in mind if you're using mutual prefix (like /git/ in examples above) have matched well.

now it's writing proper regular expression.

one approach specify them directly—using so-called alterations—like in

<locationmatch "^/git/(repo1|repo2|repo3)/.*/git-receive-pack$">

while move repos requiring protection under mutual directory, say, priv, , utilize like

<locationmatch "^/git/priv/.*/git-receive-pack$">

the latter approach not require updating apache's configuration , reloading when add together repository requiring authenticated pushes: drop in directory mapped /priv prefix.

of course, exact parts of uri specification depends on rest of configuration (like whether utilize ^/git/ prefix of not etc).

git apache

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)