1

我在我的服务器上运行 gitweb 和 gitolite:http: //git.jshawl.com/

我在设置git-http-backend允许匿名克隆时遇到问题。

这是我的虚拟主机文件 ( /etc/apache2/extra/httpd-vhosts.conf) 的样子:

<VirtualHost *:80>
DocumentRoot "/Users/git/repositories"
ServerName git.jshawl.com
 <Directory "/Users/git/repositories">
    Options ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
    AllowOverride All
    order allow,deny
    Allow from all
    AddHandler cgi-script cgi
    DirectoryIndex gitweb.cgi
</Directory>

<LocationMatch "^/.*/git-receive-pack$">
    AuthType Basic
    AuthName "Git Access"
    Require group committers
</LocationMatch

SetEnv GIT_PROJECT_ROOT /Users/git/repositories
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAliasMatch \
    "(?x)^/(.*/(HEAD | \
        info/refs | \
            objects/(info/[^/]+ | \
                [0-9a-f]{2}/[0-9a-f]{38} | \
                    pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
            git-(upload|receive)-pack))$" \
    /usr/libexec/git-core/git-http-backend/$1

ScriptAlias / /Users/git/repositories/gitweb.cgi/

`

我按照这里的指示进行操作:http: //www.kernel.org/pub/software/scm/git/docs/git-http-backend.html,但一直面临着 502 错误。

我的 apache 错误日志说:[Fri Aug 24 19:29:32 2012] [error] [client 198.228.200.148] client denied by server configuration: /usr/libexec/git-core/git-http-backend

此外,添加所有这些已经取消了我的 gitweb 安装(以前位于http://git.jshawl.com

我究竟做错了什么?

4

1 回答 1

1

这是另一种方法,httpd.conf它适用于克隆/推送/拉取,但它不调用 gitweb.cgi

GitWeb 是用来浏览的,不是用来克隆的

(小摘录,删除 Auth 详细信息和 SSL 详细信息)

# GitHttp on @PORT_HTTP_HGIT@
Listen @PORT_HTTP_HGIT@
<VirtualHost @FQN@:@PORT_HTTP_HGIT@>
  ServerName @FQN@
  ServerAlias @HOSTNAME@
  SetEnv GIT_PROJECT_ROOT @H@/repositories
  SetEnv GIT_HTTP_EXPORT_ALL
  SetEnv GITOLITE_HTTP_HOME @H@
  ScriptAlias /hgit/ @H@/gitolite/bin/gitolite-shell/
  SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
  <FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
  </FilesMatch>
  <Location /hgit>
    AddHandler cgi-script cgi
  </Location>
</VirtualHost>

换句话说:

  • git-http-backend由变量引用 GIT_HTTP_BACKEND,但如果您使用 Gitolite V3,则不需要它
  • gitolite-shell当您/hgit/在克隆地址中使用时调用:theat GitoliteV3 脚本将检查您是否有权克隆 repo,如果是,将调用脚本后面的命令git-http-backend:' git-receive-pack'(用于推送)或' git-upload-pack'(用于克隆/pull/fetch),直接来自 git 源本身http-backend.c

所以:

git clone https://yourServer/hgit/yourRepo

将调用 gitolite,它将调用 ' git-receive-pack' 或 ' git-upload-pack'。
它将首先通过调用来分析http请求sub http_simulate_ssh_connection()

sub http_simulate_ssh_connection {
    # these patterns indicate normal git usage; see "services[]" in
    # http-backend.c for how I got that. Also note that "info" is overloaded;
    # git uses "info/refs...", while gitolite uses "info" or "info?...". So
    # there's a "/" after info in the list below
    if ( $ENV{PATH_INFO} =~ m(^/(.*)/(HEAD$|info/refs$|objects/|git-(?:upload|receive)-pack$)) ) {
        my $repo = $1;
        my $verb = ( $ENV{REQUEST_URI} =~ /git-receive-pack/ ) ? 'git-receive-pack' : 'git-upload-pack';
        $ENV{SSH_ORIGINAL_COMMAND} = "$verb '$repo'";
    } else {
        # this is one of our custom commands; could be anything really,
        # because of the adc feature
        my ($verb) = ( $ENV{PATH_INFO} =~ m(^/(\S+)) );
        my $args = $ENV{QUERY_STRING};
        $args =~ s/\+/ /g;
        $args =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg;
        $ENV{SSH_ORIGINAL_COMMAND} = $verb;
        $ENV{SSH_ORIGINAL_COMMAND} .= " $args" if $args;
        http_print_headers(); # in preparation for the eventual output!
    }
    $ENV{SSH_CONNECTION} = "$ENV{REMOTE_ADDR} $ENV{REMOTE_PORT} $ENV{SERVER_ADDR} $ENV{SERVER_PORT}";
}
于 2012-08-25T00:11:02.667 回答