2

I am creating git repositories on my server. My requirement is that I have to create multiple git repositories on server and i have to secure them with username and password.

As there are multiple git repositories getting created i am putting .htpasswd and .htaceess in every git repository folders to secure them.

Below is the whole flow which i am doing.

a) Created the git repository with git -bare.
b) created the .htpasswd and .htaccess in that folder for authentication c) I am now able to clone that repo any where with the username and password.

but when i try to push from the cloned repo it throwing me an error: error: Cannot access URL http://192.168.1.2/projects/gitcreation/gitrepos/6/project6/, return code 22 fatal: git-http-push failed

Any help will be highly appreciated.

Jiva
  • 49
  • 5

1 Answers1

0

I initially suggested to delete the push/pull call to gitolite (see below), but the OP wishes to keep the direct calls.

Jiva suspects that git-http-backend is not called on pushed (which wouldn't work well indeed) Check for instance this config or this one.

Another check would be the .gitconfig of the bare repo (http.receivepack)

As this thread illustrates, the issue can be a credential one (incorrect password, or password with a special character in it, incorrectly interpreted)

Original answer.

Instead of relying on .htaccess/.htpasswd for every git repo, it is best to call gitolite, an authorization layer in perl (very easy to install) which can, based on the authentication done by Apache, grant access to a repo.

See "What is gitolite" for more.

See my httd.conf for example (ignore the @xxx@, they are template placeholders, to be replaced by actual values later)

<VirtualHost @FQN@:@PORT_HTTP_HGIT@>
    ServerName @FQN@
    ServerAlias @HOSTNAME@
    SetEnv GIT_PROJECT_ROOT @H@/repositories
    SetEnv GIT_HTTP_EXPORT_ALL
    SetEnv GITOLITE_HTTP_HOME @H@
    ScriptAlias /hgit/ @H@/sbin/gitolite-shell/
    SetEnv GIT_HTTP_BACKEND "@H@/usr/local/apps/git/libexec/git-core/git-http-backend"
    <Location /hgit>

Here, for any /hgit url (/projects for you), /home/git/sbin/gitolite-shell is called.
If gitolite grants the user access to a repo, it will call GIT_HTTP_BACKEND, which is where git/libexec/git-core/git-http-backend resides.

Gitolite allows you to set many access rules per repo, even per branch or per file!

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Vonc - The only last problem is facing is that we are not able to push to the code to git i.e out git-http-backend is not getting called or somewhat is missing. Else every thing is taken care of. Also gitolite provides a web interface. So that is showstopper for us. – Jiva Jun 05 '15 at 08:42
  • @Jiva gitolite does not provide a web interface, so it should remain a valid option. – VonC Jun 05 '15 at 09:15
  • ok thats fine but we will now have to change all our implementation to implement that. We are only stuck at last point that our git-http-backend is not getting called. – Jiva Jun 05 '15 at 11:53
  • I am getting the error while pushing error: Cannot access URL http://192.168.1.2/projects/data/git/myrepo.git/, return code 22 fatal: git-http-push failed can you please help out on this ? – Jiva Jun 07 '15 at 17:16