Hello Konstantin, Thank you for your reply.
In answer to your last question I am seeing information in the access log indicating atempts to push files but they're getting either 401 or 404 messages. I have temporarily commented out the require valid-user directive and restarted apache. I am getting the same error. If you've got a working git/gitweb configuration can I get a look at it? I'd like to compare your working setup to my non-working one. Thanks. Dave. On 11/8/19, Konstantin Kolinko <knst.koli...@gmail.com> wrote: > пт, 8 нояб. 2019 г. в 21:16, David Mehler <dave.meh...@gmail.com>: > >> 'm trying to run git on FreeBSD with Apache 2.4 as the web server. My >> issue is I can pull/clone from the repo via remote: >> >> git clone https://git.example.com/myrepo.git > > 1. Looking at you 'ScriptAlias' directive, I think that for your > configuration the correct URL for your repository is actually > > https://git.example.com/git/myrepo.git > > You also have gitweb configured at > > https://git.example.com/gitweb/myrepo.git > >> DocumentRoot /usr/local/www/git/repos > > 2. With your DocumentRoot directive you directly expose your Git > repository files as a static website at the root URL of your site. > That is the reason why > > git clone https://git.example.com/myrepo.git > > works, but Git uses an old dump version of protocol for that access, > directly reading files one-by-one from the repository. Such access is > read-only and does not use the "smart" protocol supported by > git-http-backend executable. > > A correct configuration would be to point DocumentRoot to some empty > directory, explicitly configured to serve as a root of your web server > (e.g. with a simple index.html). > > [...] > >> <Directory "/usr/local/www/git/repos"> >> Options +ExecCGI >> SSLRequireSSL >> AllowOverride None >> >> AuthType Basic >> AuthName "Private Git Access" >> AuthUserFile "/usr/local/etc/apache24/git-auth-file" >> AuthGroupFile "/usr/local/etc/apache24/git-htgroup-file" >> Require valid-user >> <If "%{QUERY_STRING} =~ m#service=git-receive-pack# || %{REQUEST_URI} >> =~ m#/git-receive-pack$#"> >> Require group gitwrite >> </If> >> </Directory> > > 3. I think that "Require" cannot be used twice in the same section > like you are using it above. From the docs the first 'Require' wins, > the second one is ignored. > > I think that the first 'Require' can be moved into an "<Else>" section, > > http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#require > http://httpd.apache.org/docs/2.4/mod/core.html#else > > 4. Personally, I prefer to use <LocationMatch> instead of <Directory>. > > In you case I think that will be > > <LocationMatch "^/git/"> > > >> ScriptAlias /git /usr/local/libexec/git-core/git-http-backend >> <Directory "/usr/local/libexec/git-core"> >> SetEnv GIT_PROJECT_ROOT /usr/local/www/git/repos >> SetEnv GIT_HTTP_EXPORT_ALL >> # For anonymous write >> #SetEnv REMOTE_USER anonymousweb >> Options +ExecCGI >> SSLRequireSSL >> >> AuthType Basic >> AuthName "Private Git Access" >> AuthUserFile "/usr/local/etc/apache24/git-auth-file" >> AuthGroupFile "/usr/local/etc/apache24/git-htgroup-file" >> Require valid-user >> <If "%{QUERY_STRING} =~ m#service=git-receive-pack# || %{REQUEST_URI} >> =~ m#/git-receive-pack$#"> >> Require group gitwrite >> </If> >> </Directory> > > 5. The "Require" directive is used twice here as well. > > >> I am not getting anything in the apache log files. > > 6. There is nothing in your access log file? > >> CustomLog /var/log/git-httpd-access.log combined > > Best regards, > Konstantin Kolinko > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
