Project

General

Profile

Public accessible GIT (git-smart-http) repositories?

Added by Joern Koerner over 7 years ago

I have Redmine, SVN and Git SCM working
SVN and Git repositories are both served over https with smart-git-http(grack) and DAVSVN, users are authenticated against LDAP and it is working fine so far.

Environment:
  Redmine version                2.5.2.stable
  Ruby version                   1.9.3-p194 (2012-04-20) [x86_64-linux]
  Rails version                  3.2.19
  Environment                    production
  Database adapter               Mysql2
SCM:
  Subversion                     1.6.17
  Git                            1.7.10.4
  Filesystem                     
Redmine plugins:
  redmine_scm                    0.5.0b
  redmine_tweaks                 0.4.6
  • I can authenticate users for SVN repositories with URL scheme https://scm.server.de/svn/svnrepo
  • I can mark a SVN repository public and can access is anonymously via https. *
  • I can authenticate users for Git repositories with URL scheme https://scm.server.de/git/gitrepo
  • But when I mark the Git repository as public I will be asked for username/password.
git clone https://scm.server.de/git/gitrepo
Clone to 'gitrepo' ...
Username for 'https://scm.server.de/git/gitrepo':
Password for 'https://scm.server.de/git/gitrepo':
...

When I comment out the Auth block in the git location I can access it public but cannot authenticate (as expected)

Anyone any idea to resolve this ?

Thanks in advance...

    <Location /git>
        PassengerBaseURI /git
        PassengerAppRoot /var/www/grack

        #AuthUserFile /dev/null    
        #AuthType Basic
        #AuthName "Redmine git repositories" 
        #Require valid-user

        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler

        ## for mysql
        RedmineDSN "DBI:mysql:database=redmine_db;host=localhost" 
        RedmineDbUser "redmine_admin" 
        RedmineDbPass "password" 
    </Location>

Here is my apache config:

PerlLoadModule  Apache::Redmine
PerlLoadModule  Authen::Simple::LDAP
PerlLoadModule  IO::Socket::SSL

<VirtualHost _default_:443>
    SetEnv RAILS_ENV production

    ServerName  scm.server.de:443
    ServerAdmin webmaster@server.de

    RewriteEngine On

    # Rewrite index to check for static
    RewriteRule ^/$ /index.html [QSA]

    # Rewrite to check for Rails cached page
    RewriteRule ^([^.]+)$ $1.html [QSA]

    DocumentRoot /var/www/redmine/public

    <Location /svn>
        DAV svn
        LimitXMLRequestBody 0

        SVNPathAuthz off
        SVNParentPath "/srv/repos/svn" 

        AuthUserFile /dev/null    
        AuthType Basic
        AuthName "Redmine svn repositories" 
        Require valid-user

        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler

        ## for mysql
        RedmineDSN "DBI:mysql:database=redmine_db;host=localhost" 
        RedmineDbUser "redmine_admin" 
        RedmineDbPass "password" 

        #Cache the last 50 auth entries
    </Location>

    <Directory /var/www/redmine/public>
        RailsBaseURI /redmine/public
        PassengerResolveSymlinksInDocumentRoot on
        Options none
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    Alias /git /var/www/grack
    <Location /git>
        PassengerBaseURI /git
        PassengerAppRoot /var/www/grack

        AuthUserFile /dev/null    
        AuthType Basic
        AuthName "Redmine git repositories" 
        Require valid-user

        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler

        ## for mysql
        RedmineDSN "DBI:mysql:database=redmine_db;host=localhost" 
        RedmineDbUser "redmine_admin" 
        RedmineDbPass "password" 

    </Location>

    <Directory /var/www/grack/public>
        Options None
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/ssl_error.log

    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    SSLEngine on
    SSLProtocol all -SSLv2 -SSLv3
    SSLCompression off
    SSLCipherSuite "HIGH:!aNULL:!MD5:!3DES:!CAMELLIA:!AES128" 
    SSLHonorCipherOrder on

    SSLCertificateFile        /etc/ssl/certs/cert-server.de-6748221936279158.pem
    SSLCertificateKeyFile     /etc/ssl/private/server-server.de-key_nopass.pem
    SSLCertificateChainFile /etc/ssl/certs/keychain.pem

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>

Replies (2)

RE: Public accessible GIT (git-smart-http) repositories? - Added by Joern Koerner over 7 years ago

Finally I found the problem. It works fine when adding

RedmineGitSmartHttp yes
to the configuration.

    Alias /git /var/www/grack
    <Location /git>
        PassengerBaseURI /git
        PassengerAppRoot /var/www/grack

        AuthUserFile /dev/null    
        AuthType     Basic
        AuthName     "Redmine git repositories" 
        Require      valid-user

        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler

        ## for mysql
        RedmineDSN          "DBI:mysql:database=redmine_db;host=localhost" 
        RedmineDbUser       "redmine_admin" 
        RedmineDbPass       "password" 
        RedmineGitSmartHttp yes
    </Location>

RE: Public accessible GIT (git-smart-http) repositories? - Added by Mischa The Evil over 7 years ago

For anyone coming to this thread after a search: this is documented in source:/trunk/extra/svn/Redmine.pm itself and the HowTo_configure_Redmine_for_advanced_git_integration wiki page.

    (1-2/2)