- how to create a new git repository
sudo apt install git
sudo mkdir /mnt/git
sudo chown mslee:mslee /mnt/git
git init --bare --shared /mnt/git/<git-name>.git- how to clone the created git on a client PC via ssh
git clone mslee@<git-server-IP>:/mnt/git/<git-name>.git- how to support http for accessing git
sudo apt install gitweb apache2 libapache2-mod-fcgid libcgi-session-perl
sudo a2enmod env alias fcgid
sudo service apache2 restart
sudo adduser www-data mslee
sudo chmod 775 /mnt/git
sudo vi /etc/gitweb.conf
+$projectroot = "/mnt/git";
htpasswd -c /mnt/git/.htpasswd <user-name>
htpasswd /mnt/git/.htpasswd <another-user-name>- how to configure apache2 for gitweb
sudo vi /etc/apache2/ports.conf
sudo vi /etc/apache2/sites-available/git.kairoson.org
sudo a2ensite git.kairoson.org
sudo a2dismod mpm_event
sudo a2enmod mpm_prefork
sudo a2enmod cgi
sudo service apache2 restartcat /etc/apache2/ports.conf
Listen 80
Listen 8080
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>cat /etc/apache2/sites-available/git.kairoson.org
<VirtualHost *:8080>
ServerName localhost
DocumentRoot /usr/share/gitweb
ErrorLog ${APACHE_LOG_DIR}/error-gitweb.log
CustomLog ${APACHE_LOG_DIR}/access-gitweb.log combined
<Directory /usr/share/gitweb>
Options +FollowSymLinks +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex gitweb.cgi
</Directory>
ScriptAliasMatch "(?x)^/(.*/(HEAD | \
info/refs | \
objects/(info/[^/]+ | \
[0-9a-f]{2}/[0-9a-f]{38} | \
pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
git-(upload|receive)-pack))$" /usr/lib/git-core/git-http-backend/$1
SetEnv GIT_PROJECT_ROOT /mnt/git
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER
<Location />
AllowOverride All
Options All
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /mnt/git/.htpasswd
Require valid-user
</Location>
</VirtualHost>- how to clone the created git on a client PC via http
git clone http://mslee@<git-server-IP>:8080/test.git
vi ~/.netrc
chmod 600 ~/.netrccat ~/.netrc
machine <IP or hostname>
login mslee
password <passwd for htaccess>- how to support https for accessing git
openssl genrsa -out ca-private.pem 2048
chmod 600 ca-private.pem
openssl rsa -in ca-private.pem -out ca-public.pem -outform PEM -pubout
openssl req -new -key ca-private.pem -out rootca.csr
openssl x509 -req -days 3650 -extensions v3_ca -in rootca.csr \
-signkey ca-private.pem -out rootca.crt
openssl x509 -text -in rootca.crt
openssl genrsa -out git-private.pem 2048
chmod 600 git-private.pem
openssl rsa -in git-private.pem -out git-public.pem -outform PEM -pubout
openssl req -new -key git-private.pem -out git.csr
openssl x509 -req -days 3650 -extensions v3_ca -in git.csr \
-signkey git-private.pem -out git.crt
openssl x509 -text -in git.crt
sudo mkdir /etc/apache2/ssl
sudo chmod 700 /etc/apache2/ssl
sudo mv * /etc/apache2/ssl/
sudo chmod 600 /etc/apache2/ssl/*
sudo cp /etc/apache2/site-available/default-ssl.conf \
/etc/apache2/site-available/git.kairoson.org-ssl.conf
sudo a2enmod ssl
sudo a2ensite git.kairoson.org-ssl.conf
sudo service apache2 restartcat git.kairoson.org-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:8443>
ServerAdmin sang0627@gmail.com
ServerName localhost
DocumentRoot /usr/share/gitweb
ErrorLog ${APACHE_LOG_DIR}/error-gitweb-ssl.log
CustomLog ${APACHE_LOG_DIR}/access-gitweb-ssl.log combined
<Directory /usr/share/gitweb>
Options +FollowSymLinks +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex gitweb.cgi
</Directory>
ScriptAliasMatch "(?x)^/(.*/(HEAD | \
info/refs | \
objects/(info/[^/]+ | \
[0-9a-f]{2}/[0-9a-f]{38} | \
pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
git-(upload|receive)-pack))$" /usr/lib/git-core/git-http-backend/$1
SetEnv GIT_PROJECT_ROOT /mnt/git
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER
<Location />
AllowOverride All
Options All
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /mnt/git/.htpasswd
Require valid-user
</Location>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/git.crt
SSLCertificateKeyFile /etc/apache2/ssl/git-private.pem
SSLCACertificateFile /etc/apache2/ssl/rootca.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>- how to turn off server certificate verification
git config --global http.sslVerify false
# or
export GIT_SSL_NO_VERIFY=1how to add server certificate to curl’s certificate bundle file, but this seems to require domain name.
openssl s_client -connect <git-server-IP>:8443 |tee certlog
openssl x509 -inform PEM -in certlog -text -out certdata
sudo cp /etc/ssl/certs/ca-certificates.crt \
/etc/ssl/certs/ca-certificates.crt.backup
sudo cat certdata >> /etc/ssl/certs/ca-certificates.crt
git clone https://<git-server-IP>:8443/test.githow to find curl’s certificate bundle file
curl -v https://google.comreference
https://hiseon.me/linux/ubuntu/ubuntu-git-server/
https://hiseon.me/server/apache-ssl-setting/
https://www.lesstif.com/gitbook/git-https-repository-ssl-14090808.html
https://www.lesstif.com/gitbook/https-ssl-curl-web-browser-16744456.html