How can I allow anonymous push to a git repository over http?

Question

I cannot find an example here: http://www.kernel.org/pub/software/scm/git/docs/git-http-backend.html

Is it possible?

Answer 1

Anonymous push and browsing with git-http-backend and gitweb

Note that DAV is significantly slower than the new "smart-http" support since git 1.6.6. The new method allows the entire pack to be transmitted at once, and not as individual files.

The setup below eliminates the need for custom config in each repo (http.receivepack), or the need for hard resets. Just make each new re[po with

git --bare init --shared

---

YOu can also use gitweb to provide browable URLs at the same location.

Note: Because access is controlled by apache you can add any Auth requirements (htaccess or ldap, etc) to the setup for each repository.

---

Just make a new git_support.conf file, and include it in apache (add include statement in httpd.conf)

#
#  Basic setup for git-http-backend
#

SetEnv GIT_PROJECT_ROOT /opt/git_repos
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER  #IMportant !!! This could be your problem if missing

<Directory /opt/git>  # both http_backend and gitweb should be somewhere under here
        AllowOverride None
        Options +ExecCGI -Includes  #Important! Lets apache execute the script!
        Order allow,deny
        Allow from all
</Directory>

# This pattern matches git operations and passes them to http-backend
ScriptAliasMatch \
        "(?x)^/git/(.*/(HEAD | \
                        info/refs | \
                        objects/(info/[^/]+ | \
                                 [0-9a-f]{2}/[0-9a-f]{38} | \
                                 pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
                        git-(upload|receive)-pack))$" \
        /opt/git/libexec/git-core/git-http-backend/$1

# Anything not matched above goes to displayable gitweb interface
ScriptAlias /git /opt/git/cgi-bin/gitweb.cgi/

The result is the ability to push/pull:

me@machine /tmp/eddies $ git pull
Already up-to-date.

me@machine /tmp/eddies $ touch changedFile

me@machine /tmp/eddies $ git add .

me@machine /tmp/eddies $ git commit -am"commiting change"
[master ca7f6ed] commiting change
 0 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 changedFile

me@machine /tmp/eddies $ git push origin master
Counting objects: 3, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 239 bytes, done.
Total 2 (delta 1), reused 0 (delta 0)
To http://mysecretdomain.com/git/eddies
   0f626a9..ca7f6ed  master -> master

And you can browse those changes online..

Source: http://repo.or.cz/w/alt-git.git?a=blob_plain;f=gitweb/README

Answer 2

Just don't put any AuthType in your Apache config (so no LocationMatch or Location elements).

If you don't have AuthType , that means your Apache will simply pass along your git request to the cgi program git-http-backend.
So no authentication will take place in that case: anonymous push will be possible.

Answer 3

Add this to your httpd.conf (Assuming /srv/git contains your repos)

<Directory "/usr/lib/git-core*">
    Order allow,deny
    Allow from all
</Directory>

SetEnv GIT_PROJECT_ROOT /srv/git
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git/ /usr/lib/git-core/git-http-backend/

Then make sure apache can write to your repository directory (from inside repo run this where http is your apache user)

chown -R http .

In the repository you have created on the server open up .git/config and add the following

[http]
    receivepack = true

and finally in the repository root run

git config --bool core.bare true

alternatively if you want a the files available on the server (for a web site or whatever) then disregard the above command and edit .git/config with this

[receive]
    denyCurrentBranch = false

and then run this on the server when you want to update the dir (there must be a better way so please let me know)

git reset --hard