source: branches/locker-dev/locker/deploy/bin/git @ 2440

Last change on this file since 2440 was 2314, checked in by geofft, 13 years ago
git: Don't export autoinstalls over git:// by default The "git-daemon-export-ok" flag file is used by both git-daemon and git-http-backend. Since we run a git-daemon out of ~/Scripts/git by default, using this flag file means that even if you change your autoinstall's .htaccess to deny public read, the repository is still publicly readable over git://. Fortunately, git-http-backend takes an environment variable as an alternative, which we can set in our wrapper script.
  • Property svn:executable set to *
File size: 2.0 KB
Line 
1#!/usr/bin/perl
2use strict;
3use FindBin qw($Bin);
4use lib $Bin;
5use onserver;
6
7setup();
8
9my $gitbase = "$scriptsdir/git";
10my $htpasswd = "$gitbase/$addrend.git/.htpasswd";
11
12open HTACCESS, ">.htaccess";
13print HTACCESS <<EOF;
14RewriteEngine On
15
16RewriteCond %{QUERY_STRING} =service=git-receive-pack [OR]
17RewriteCond %{REQUEST_URI} /git-receive-pack\$
18RewriteRule ^($addrend\\.git/.*)\$ /~$USER/$addrend/_git-auth.cgi/\$1
19<Files _git-auth.cgi>
20    AuthName "Git Access"
21    AuthType basic
22    AuthUserFile $htpasswd
23    Require user $admin_username
24
25    # Alternatively, replace "require user" with:
26    #Require group somegroup
27    #AuthGroupFile $gitbase/$addrend/.htgroup
28    # and set up .htgroup appropriately
29</Files>
30
31RewriteRule ^($addrend\\.git/.*)\$ /~$USER/$addrend/_git.cgi/\$1
32EOF
33close HTACCESS;
34chmod 0777, ".htaccess";
35
36open GIT_CGI, ">_git.cgi";
37print GIT_CGI <<EOF;
38#!/bin/sh
39case "\$PATH_INFO" in
40    .. | ../* | */.. | */../*)
41        echo "Content-type: text/plain"
42        echo "Status: 403 Forbidden"
43        echo ""
44        echo "Error: Illegally found '..' in PATH_INFO='\$PATH_INFO'"
45        echo "gitautoinstaller: \$HOME: found '..' in PATH_INFO='\$PATH_INFO'" >&2
46        exit 1;;
47    /$addrend.git/*)
48        # pass
49        ;;
50    *)
51        echo "Content-type: text/plain"
52        echo "Status: 403 Forbidden"
53        echo ""
54        echo "Error: PATH_INFO='\$PATH_INFO' must start with /$addrend.git/"
55        echo "gitautoinstaller: \$HOME: found bad start in PATH_INFO='\$PATH_INFO'" >&2
56        exit 1;;
57esac
58export GIT_PROJECT_ROOT="$gitbase"
59export PATH_TRANSLATED="\$GIT_PROJECT_ROOT\$PATH_INFO"
60export GIT_HTTP_EXPORT_ALL=1
61exec git http-backend
62EOF
63close GIT_CGI;
64chmod 0755, "_git.cgi";
65symlink "_git.cgi","_git-auth.cgi";
66
67chdir $gitbase;
68system qw{git init --bare}, "$addrend.git";
69chdir "$addrend.git";
70
71system qw{htpasswd -c}, $htpasswd, $admin_username;
72
73print "Your git repository is located in:\n";
74print "  $gitbase/$addrend.git/\n";
75print "To clone, run\n  git clone https://$USER.scripts.mit.edu/$addrend/$addrend.git\n\n";
76press_enter;
77
78exit 0;
Note: See TracBrowser for help on using the repository browser.