IT-Knowledge-Base

This is an old revision of the document!


Setting up GIT Server over HTTPS

This article describes how to set up an Apache-2 server to forward GIT requests and establish a GIT communication over HTTPS.

First, set up an Apache-2 webserver

apt-get install apache2
apt-get install openssl
a2enmod ssl

At this point you have a simple Apache-2 configuration and can reach http://localhost or https://localhost on your machine. This is not enough, you should also create your own ssl certificate and be familiar how it works. Everything you need to achieve this, you can find in the following article.

Configure Apache with SSL

Install GIT and create the first repository

  apt-get install git
  mkdir /srv/git
  mkdir /srv/git/testgit
  cd /srv/git/testgit
  git --bare init
  mv ./hooks/post-update.sample ./hooks/post-update
  chmod +x ./hooks/post-update
  git update-server-info
  chown www-data:www-data -R /srv/git

After this operations, you have a bare GIT repository named “testgit”. Now its time to give apache notice of this new repository. To do this, add a new available-site to apache:

vim /etc/apache2/sites-available/git

Read about how to host multiple sites. http://www.debian-administration.org/articles/412

<VirtualHost *:443>
  Servername git.yourhostname.com
  DocumentRoot /srv/git
  <Directory "/srv/git">
    DAV On
    Options ExecCGI FollowSymLinks Indexes
    Deny from all
    AuthType Basic
    AuthName "git repository"
    AuthUserFile /etc/apache2/htpasswd.git
    AuthGroupFile /etc/apache2/htgroup.git
  </Directory>

  <Directory /srv/git/testgit>
    Allow from all
    Order allow,deny
    <Limit GET>
      Require group testgit-read
    </Limit>
    <Limit GET PUT POST DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
      Require group testgit-write
    </Limit>
  </Directory>
  SSLEngine on
  SSLCertificateFile    /etc/apache2/sslcert/server.cert.crt
  SSLCertificateKeyFile /etc/apache2/sslcert/server.cert.key
</VirtualHost>

Bevore enabling and restarting the server, create the authentication files used in this site on line 10, 11 and adjust the ssl settings line 25, 26: read this article on how to create this files http://httpd.apache.org/docs/current/programs/htpasswd.html

a2ensite git
a2enmod dav_fs
vim /etc/apache2/ports.conf
add line: NameVirtualHost *:443
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
    NameVirtualHost *:443

</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

/etc/init.d/apache2 restart
oder 
service apache2 restart
Now you can clone “testgit” on your clinet: Go to your Git-Bash and type
git config --global http.sslVerify false
git clone https://git.yourhostname.com/testgit

Error which can appear

https://git.yourhostname.com/info/refs 
not found: did you run git update-server-info on the server?

Check your hostname in vim /etc/apache2/sites-available/git

This website uses cookies for visitor traffic analysis. By using the website, you agree with storing the cookies on your computer.More information