Initializing git repo with httpd anon access

Another tutorial how to setup git repository with ssh read-write access and anonymous httpd access. But this time, I want to focus on getting it working on RHEL6 (Fedora should work too). There’s one trick I want to record on my blog ;-)

Fist of all, let’s configure httpd to serve user directories. My first thought was to create a file in /etc/httpd/conf.d, but this is not working since UserDir option is explicitely turned off. We need to edit

server# vim /etc/httpd/conf/httpd.conf

Search for UserDir string, somewhere on the line 370 you need to commend and (un)comment two UserDir lines and uncomment the very next section with access to /home/*/public_html directory.

<IfModule mod_userdir.c>
    #
    # UserDir is disabled by default since it can confirm the presence
    # of a username on the system (depending on home directory
    # permissions).
    #
    #UserDir disabled

    #
    # To enable requests to /~user/ to serve the user's public_html
    # directory, remove the "UserDir disabled" line above, and uncomment
    # the following line instead:
    # 
    UserDir public_html
</IfModule>

#
# Control access to UserDir directories.  The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory /home/*/public_html>
    AllowOverride FileInfo AuthConfig Limit
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    <Limit GET POST OPTIONS>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>

Now the trick. Create public_html directory in your home folder and check permissions are correct. On RHEL6, home folder has permissions of 700 by default. If you don’t change this, Apache will be giving you 403.

server# mkdir /home/lzap/public_html
server# chmod 755 /home/lzap/public_html
server# chmod 711 /home/lzap

We are done. Now, restart Apache with

server# service httpd restart

Creating empty git repository is a piece of cake. But we also want to make sure it always has correct permissions. There is a git hook for that. Do this:

server# cd /home/lzap/public_html
server# mkdir project.git
server# cd project.git
server# git init --bare
server# mv hooks/post-update.sample hooks/post-update
server# chmod a+x hooks/post-update
server# hooks/post-update

I usually create git symlink in the home folder just to make some paths shorter.

server# cd
server# ln -s public_html/ git

That’s it. We are done. To access your repository with read-write access just do this

client# git clone git+ssh://lzap@server/home/lzap/git/project.git

To get anonymous access via “dumb” http protocol use

client# git clone http://lzap@server/git/project.git

Okay. Now I can copy&paste from here next time.

26 July 2012 | linux | rhel | fedora | git
twitter.com linkedin.com
google.com/+ facebook.com
flickr.com youtube.com