Emerge git with the required USE flags:
emerge -aq dev-vcs/git curl gpg iconv nls pcre perl safe-directory webdav cgi cvs highlight keyring tkConfigure Apache vhosts (NO AUTH):
<VirtualHost *:443>
SSLEngine on
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/localhost/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SSLCertificateFile /path/to/cert.crt
SSLCertificateKeyFile /path/to/key.key
ServerName git.example.com
DocumentRoot /usr/share/gitweb
Options ExecCGI FollowSymLinks SymLinksIfOwnerMatch
<Location />
SSLRequireSSL
Require all allowed
RewriteOptions inherit
AllowOverride All
</Location>
<Directory /usr/share/gitweb>
Require all granted
RewriteOptions inherit
AllowOverride All
Options ExecCGI FollowSymLinks SymLinksIfOwnerMatch
<Files gitweb.cgi>
SetHandler cgi-script
</Files>
</Directory>
DirectoryIndex gitweb.cgi
SetEnv GITWEB_CONFIG /etc/gitweb.conf
<IfModule headers_module>
RequestHeader set X-HTTPS 1
</IfModule>
</VirtualHost>
Basic /etc/gitweb.conf$projectroot = '/path/to/gitroot';
@git_base_url_list = ( 'git@example.com', );
$site_name = "Smack my git up!";
$default_projects_order = "age";
$projects_list_group_categories = 1;
$feature{'blame'}{'default'} = [1];
$feature{'highlight'}{'default'} = [1];Adjust git-daemon
Gitweb allows browsing repositories via HTTP, but if you will be pulling from your repositories using the git:// protocol, you'll also want to run git-daemon. On Gentoo, this is really easy, just edit /etc/conf.d/git-daemon as you see fit. eg:
GITDAEMON_OPTS="--syslog --enable=receive-pack --export-all"
This exports all repositories within the git root. It also allows pushing file to the server.
You will also need to ensure that any clients to connect to port tcp/9418 (default)
Setup the git user
useradd -m git -d /path/to/githome -s /usr/bin/git-shell
mkdir /path/to/githome/.ssh
cat /home/A_USER/.ssh/id_rsa.pub > /path/to/githome/.ssh/authorized_keys
chmod 700 /path/to/githome/.ssh
chmod 600 /path/to/githome/.ssh/authorized_keys
setfacl -PRdm u:apache:rwx /path/to/githome
Create an Empty Repository
su -s /bin/bash git
cd
mkdir name.git
cd name.git
git init --bare
echo "This is a test" > description
git remote add origin git@example.com:name.git
Set Configuration Options
Execute the following on a client (optional)
To see available options execute: git help --config
git config --global init.defaultBranch master
git config --global core.editor vim
git config --global alias.st status
git config --global alias.co checkout
git config --global alias.br branch
git config --global alias.up rebase
git config --global alias.ci commit
git config --global user.name "A_USER"
git config --global user.email A_USER@example.com
git config --global color.ui true
git config --global --add --bool push.autoSetupRemote true
Clone Repo
cd to local git
git clone git@example.com:name.git
cd name
touch README.md
git add README.md
git ci -m "Initial Setup"
git push
git br branch_name
git co branch_name
mkdir testdir
touch testdir/testfile
git add .
git ci -m "init"
git push # Pushes to your upstream branch
git push origin branch_name:master # Pushes to the master branch
Web Authentication
Note: I did not have any success using dbmmanage. Use htdbm instead.
Create the database file and add a user:
Do not store this in the root of web eg: /var/www/locahost/htdocs, but make sure apache can get to the file.
htdbm -cm -TGDBM <path/to/dbm_file> <user>
-c - create db
-m - use MD5 hashing
-T - set the format of the db file
Set the permission for apache:
chown apache: <path/to/dbm_file>
chmod 640 <path/to/dbm_file>
Add code to vhosts:
You can apply this to files, directories etc. Here I've done it for the whole subdomain. Replace the 3 highlighted italic lines above with the code below, excluding the start/end tags.
<Location />
AuthName "Private"
AuthType Basic
AuthBasicProvider dbm
AuthDBMType GDBM
AuthDBMUserFile "/path/to/dbm_file"
Require valid-user
Require all denied
RewriteOptions inherit
AllowOverride All
</Location>Reload apache and browse to protected area and you should be prompted to authenticate.
A good explanation can be found here for the web config.
