Differences

This shows you the differences between two versions of the page.

--- tech:devops:git [2018/06/08 14:15]
admin
+++ tech:devops:git [2019/06/08 13:19] (current)
rk4n3
@@ Line 37: / Line 37: @@
 ------
 ====== GitLab ======
+==== Import Project into Gitlab ====
 <code>
 git clone --mirror https://github.com/you/prj
@@ Line 84: / Line 85: @@
   * Install from repository: <code>apt install git-lfs</code>
   * Each user will need to do: ''git lfs install''
+===== Git Service over HTTP/HTTPS =====
+==== ... for Apache ====
+First //(as root)//:<code>
+mkdir -p /var/www/git
+chown msamud1:apache /var/www/git
+chmod 2750 /var/www/git
+chcon -t httpd_sys_content_t /var/www/git
+</code>
+Then, create auth file with something like:  ''htpasswd -c /var/www/git/.htpasswd git'' //... prompted for password//
+=== For anonymous read/write ... ===
+In ''/etc/httpd/conf.d/git.conf'':<code>
+# Git-smart HTTP/HTTPS back-end
+SetEnv GIT_PROJECT_ROOT /var/www/git
+SetEnv GIT_HTTP_EXPORT_ALL
+ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
+<Directory "/usr/libexec/git-core">
+	Options +ExecCGI
+	Require all granted
+</Directory>
+<LocationMatch "^/git/.*/git-receive-pack$">
+	Order allow,deny
+	Allow from all
+</LocationMatch>
+</code>
+=== ... or, for anonymous read and authenticated write ... ===
+In ''/etc/httpd/conf.d/git.conf'':<code>
+# Git-smart HTTP/HTTPS back-end
+SetEnv GIT_PROJECT_ROOT /var/www/git
+SetEnv GIT_HTTP_EXPORT_ALL
+ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
+<Directory "/usr/libexec/git-core">
+	Options +ExecCGI
+	Require all granted
+</Directory>
+<LocationMatch "^/git/.*/git-receive-pack$">
+	Order allow,deny
+	AuthType Basic
+	AuthName "Git Access"
+	AuthUserFile /var/www/git/.htpasswd
+	Require valid-user
+#	Require group committers
+</LocationMatch>
+</code>
+=== ... or, for authenticated read/write ... ===
+In ''/etc/httpd/conf.d/git.conf'':<code>
+# Git-smart HTTP/HTTPS back-end
+SetEnv GIT_PROJECT_ROOT /var/www/git
+SetEnv GIT_HTTP_EXPORT_ALL
+ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
+<Directory "/usr/libexec/git-core">
+	Options +ExecCGI
+	Order deny,allow
+	AuthType Basic
+	AuthName "Private Git Access"
+	AuthUserFile /var/www/git/.htpasswd
+	Require valid-user
+</Directory>
+</code>
+=== ... or, for LDAP authentication ... ===
+Ensure ''mod_ldap'' is installed, then in ''/etc/httpd/conf.d/git.conf'':
+<code>
+<Directory "/usr/libexec/git-core">
+	Options +ExecCGI
+	Order deny,allow
+	AuthType Basic
+	AuthName "Private Git Access"
+	AuthBasicProvider ldap
+	AuthLDAPURL "ldap://cosmos.samudio.net/dc=samudio,dc=net?uid?sub?"
+	Require valid-user
+</Directory>
+</code>
+=== ... Active Directory AuthLDAPURL ... ===
+<code>AuthLDAPURL "ldap://ad-ldap-prod.uhc.com/dc=ms,dc=ds,dc=uhc,dc=com?sAMAccountName?sub?(objectCategory=person)(objectClass=user)"</code>
+=== ... add specific location auth ... ===
+<code>
+<LocationMatch "^/git/yourrepo.*">
+... add same LDAP constructs, except for ...
+	Require ldap-attribute sAMAccountName="yourlogin"
+</LocationMatch>
+</code>
  \\
 // Links: [[tech:start|Tech Info]] ... [[tech:devops:start|Devops Info]] // \\

Albert Lea Data Wiki

User Tools

Site Tools

Differences

Page Tools