git-http-backend returns error 502
https://stackoverflow.com/questions/12117942
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFrage
I'm running gitweb and gitolite on my server: http://git.jshawl.com/
I'm having trouble setting up the git-http-backend to allow anonymous cloning.
Here's what my vhosts file (/etc/apache2/extra/httpd-vhosts.conf) looks like:
<VirtualHost *:80>
DocumentRoot "/Users/git/repositories"
ServerName git.jshawl.com
<Directory "/Users/git/repositories">
Options ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
AllowOverride All
order allow,deny
Allow from all
AddHandler cgi-script cgi
DirectoryIndex gitweb.cgi
</Directory>
<LocationMatch "^/.*/git-receive-pack$">
AuthType Basic
AuthName "Git Access"
Require group committers
</LocationMatch
SetEnv GIT_PROJECT_ROOT /Users/git/repositories
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAliasMatch \
"(?x)^/(.*/(HEAD | \
info/refs | \
objects/(info/[^/]+ | \
[0-9a-f]{2}/[0-9a-f]{38} | \
pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
git-(upload|receive)-pack))$" \
/usr/libexec/git-core/git-http-backend/$1
ScriptAlias / /Users/git/repositories/gitweb.cgi/
`
I followed the directions here: http://www.kernel.org/pub/software/scm/git/docs/git-http-backend.html, but am consistently confronted with that 502 error.
My apache error log says: [Fri Aug 24 19:29:32 2012] [error] [client 198.228.200.148] client denied by server configuration: /usr/libexec/git-core/git-http-backend
Also, adding all of this has taken down my gitweb installation (which used to be at http://git.jshawl.com)
What am I doing wrong?
Lösung
Here is another approach in this httpd.conf which works well for cloning/pushing/pulling, but it doesn't call gitweb.cgi:
GitWeb is for browsing, not for cloning
(small extract, removing Auth details, and SSL details)
# GitHttp on @PORT_HTTP_HGIT@
Listen @PORT_HTTP_HGIT@
<VirtualHost @FQN@:@PORT_HTTP_HGIT@>
ServerName @FQN@
ServerAlias @HOSTNAME@
SetEnv GIT_PROJECT_ROOT @H@/repositories
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GITOLITE_HTTP_HOME @H@
ScriptAlias /hgit/ @H@/gitolite/bin/gitolite-shell/
SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Location /hgit>
AddHandler cgi-script cgi
</Location>
</VirtualHost>
In other words:
git-http-backendis referenced by the variableGIT_HTTP_BACKEND, but you won't need it if you are using Gitolite V3.gitolite-shellis called when you are using/hgit/in your cloning address: theat GitoliteV3 script will check if you have the right to clone the repo, and if yes, will call the commands behind the scriptgit-http-backend: 'git-receive-pack' (for push) or 'git-upload-pack' (for clone/pull/fetch), straight from the git source itselfhttp-backend.c.
So:
git clone https://yourServer/hgit/yourRepo
Will call gitolite, which will call 'git-receive-pack' or 'git-upload-pack'.
It will first analyze the http request by calling sub http_simulate_ssh_connection()
sub http_simulate_ssh_connection {
# these patterns indicate normal git usage; see "services[]" in
# http-backend.c for how I got that. Also note that "info" is overloaded;
# git uses "info/refs...", while gitolite uses "info" or "info?...". So
# there's a "/" after info in the list below
if ( $ENV{PATH_INFO} =~ m(^/(.*)/(HEAD$|info/refs$|objects/|git-(?:upload|receive)-pack$)) ) {
my $repo = $1;
my $verb = ( $ENV{REQUEST_URI} =~ /git-receive-pack/ ) ? 'git-receive-pack' : 'git-upload-pack';
$ENV{SSH_ORIGINAL_COMMAND} = "$verb '$repo'";
} else {
# this is one of our custom commands; could be anything really,
# because of the adc feature
my ($verb) = ( $ENV{PATH_INFO} =~ m(^/(\S+)) );
my $args = $ENV{QUERY_STRING};
$args =~ s/\+/ /g;
$args =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg;
$ENV{SSH_ORIGINAL_COMMAND} = $verb;
$ENV{SSH_ORIGINAL_COMMAND} .= " $args" if $args;
http_print_headers(); # in preparation for the eventual output!
}
$ENV{SSH_CONNECTION} = "$ENV{REMOTE_ADDR} $ENV{REMOTE_PORT} $ENV{SERVER_ADDR} $ENV{SERVER_PORT}";
}
