Hello, I'm trying to host a git repository via smart http on apache 2.4. I'm also trying to make it viewable using gitweb. The goal is for all transactions to happen over https so I've got a letsencrypt certificate. Both reading and writing to the repo on the server should prompt for a password. I'd appreciate knowing where i'm missing something.
Another issue is if I go https://example.com/repos/myrepo.git I get a repository not found but if I go to https://example.com/myrepo.git that works, I'd like the former. Any suggestions appreciated. Thanks. Dave. # The git.example.com http virtual host <VirtualHost *:80> ServerAdmin webmas...@example.com ServerName git.example.com # share well-known for renewal via Let's Encrypt! Alias "/.well-known/acme-challenge/" "/usr/local/www/.well-known/" <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %(REQUEST_URI) !/\.well\-known/acme\-challenge/?.* RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] </IfModule> # Access to .well-known for acme-challenge keys <Directory "/usr/local/www/.well-known/"> Options None AllowOverride None Require all granted Header add Content-Type text/plain <LimitExcept GET POST HEAD> Require all denied </LimitExcept> </Directory> </VirtualHost> # The git.example.com https virtual host <VirtualHost *:443> ServerAdmin webmas...@example.com ServerName git.example.com SSLEngine on SSLCertificateFile "/usr/local/etc/ssl/acme/example.com/fullchain.pem" SSLCertificateKeyFile "/usr/local/etc/ssl/acme/private/example.com/privkey.pem" SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!3DES <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> # gitweb #RedirectMatch ^/$ /gitweb.cgi #SetEnv GITWEB_PROJECTROOT /usr/local/www/gitweb #Alias /gitweb.js /usr/local/www/gitweb/gitweb.js #Alias /gitweb.css /usr/local/www/gitweb/gitweb.css #Alias /git-logo.png /usr/local/www/gitweb/git-logo.png #Alias /git-favicon.png /usr/local/www/gitweb/git-favicon.png #ScriptAlias / "/usr/local/www/gitweb/" #<Directory "/usr/local/www/gitweb/"> #AllowOverride None #Options Indexes FollowSymLinks ExecCGI #AddHandler cgi-script .cgi #DirectoryIndex gitweb.cgi #AuthType Basic #AuthName "Authorization Required" #AuthUserFile /usr/local/www/git/htpasswd #Require valid-user #</Directory> <Location /> AuthType Basic AuthName "Authorization Required" AuthUserFile /usr/local/www/git/htpasswd Require valid-user </Location> SetEnv GIT_PROJECT_ROOT /usr/local/www/git SetEnv GIT_HTTP_EXPORT_ALL SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER ScriptAliasMatch \ "(?x)^/(.*/(HEAD | \ info/refs | \ objects/(info/[^/]+ | \ [0-9a-f]{2}/[0-9a-f]{38} | \ pack/pack-[0-9a-f]{40}\.(pack|idx)) | \ git-(upload|receive)-pack))$" \ "/usr/local/libexec/git-core/git-http-backend/$1" Alias /repos /usr/local/www/git/repos <Directory /usr/local/www/git/repos> Options none AllowOverride None AuthType Basic AuthName "Authorization Required" AuthUserFile /usr/local/www/git/htpasswd Require valid-user </Directory> <Directory /usr/local/libexec/git-core> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch -Includes require all granted AllowOverride None </Directory> CustomLog "/var/log/git-access.log" common ErrorLog "/var/log/git-error.log" </VirtualHost> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
