Git Over Http

How To use the http protocol to manage git traffic ?

Traditionally git used to work only over ssh or git protocols while there was only a dumb version of git over http which was slow and inefficient.
While this was ok for most of the time sometimes git needs to be able to work over http. 
Now starting from git 1.7 both git servers and clients have support for smart http which works over http(s) and is supposed to be as efficient as the ssh version.

the git-http-backend tool

This functionality is made available by a cgi script called git-http-backend provided with git-core.
So for git to work over http(s) there should be a web server already configured and as a result there won’t be any conflicts by both the web server and git trying acquire port 80.

Configuration

The following steps can be used to configure git to work over http(s) with Apache.

Apache Configuration

Make sure mod_cgi, mod_alias, and mod_env are enabled. to activate the WEBDAV module just use this command :

a2enmod dav_fs

1) Open the Apache config file
2) Append the following. Debian based system should have it under /etc/apache2/apache2.conf by default : SetEnv GIT_PROJECT_ROOT /home/user/git_pub SetEnv GIT_HTTP_EXPORT_ALL ScriptAlias /git/ /usr/lib/git-core/git-http-backend/

The GIT_PROJECT_ROOT should point to the root folder where git repositories would be hosted.

Set this away from the document root of the web server. What the above do is direct any requests with /git/ to the git-http-backend and tell the script that the root of git repositories is GIT_PROJECT_ROOT.
That is all that needs to be done that is specific to git over http(s). The manual for for the git-http-backend explains these steps pretty thoroughly. Now for some tit-bits that are not explained in the manual. Those who are experienced with Apache and Git would find the following very boring.
3) User Righs
For authentication for both read and write accesses append the following to the Apache config file /etc/apache2/apache2.conf :

$  <Location /git>

$  AuthType Basic

$  AuthName “Private Git Access”

$  AuthUserFile /etc/apache2/authusers
 
$  Require valid-user

$  </Location>

What the above do is make requests to /git only accessible to valid users and tell valid users are listed on the file /etc/apache2/authusers. Make sure the file authusers is accessible by Apache. If there is no AuthUserFile in your system the following command can be used to create the user list at /etc/apache2/authusers and add the user ‘username’ to it. The command will prompt for a password for the user :

$ htpasswd -c /etc/apache2/authusers username

4) Restart Apache

On debian most probably :

$ sudo /etc/init.d/apache2 restart

Git Over Http Example

1) Create an empy bare git repository under the specified GIT_PROJECT_ROOT (/home/user/git_pub in our example) :

$ cd to GIT_PROJECT_ROOT
$ mkdir project
$ cd project
$ git init –bare

2) Make the folder ‘project’ and it’s children owned by the user which the web server is run from. This should be done for push requests by clients to work or otherwise the web server won’t be able to merge files.
On debian based systems this user is usually www-data and is defined in a file called envvars under apache2 installation :

$ sudo chown -R www-data project/
$ sudo chgrp -R www-data project/

Now the bare git repository should be pull-able and pushable by authorized users.

3) Clone the git repository over http(s) from another location:

$ git clone http://username@host/git/project

4) Do the first commit:

$ cd project
$ touch readme
$ git add readme
$ git commit -m “first commit”
$ git push origin master