d113449e26
The SSL config enabled by setting LIB_HTTPD_SSL does not work with
Apache versions greater than 2.2, as more recent versions complain about
the SSLMutex directive. According to
https://httpd.apache.org/docs/current/upgrading.html:
Directives AcceptMutex, LockFile, RewriteLock, SSLMutex,
SSLStaplingMutex, and WatchdogMutexPath have been replaced with a
single Mutex directive. You will need to evaluate any use of these
removed directives in your 2.2 configuration to determine if they can
just be deleted or will need to be replaced using Mutex.
Deleting this line will just use the system default, which seems
sensible. The original came as part of faa4bc35a0 (http-push: add
regression tests, 2008-02-27), but no specific reason is given there (or
on the mailing list) for its presence.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
266 lines
7.3 KiB
ApacheConf
266 lines
7.3 KiB
ApacheConf
ServerName dummy
|
|
PidFile httpd.pid
|
|
DocumentRoot www
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
|
CustomLog access.log common
|
|
ErrorLog error.log
|
|
<IfModule !mod_log_config.c>
|
|
LoadModule log_config_module modules/mod_log_config.so
|
|
</IfModule>
|
|
<IfModule !mod_alias.c>
|
|
LoadModule alias_module modules/mod_alias.so
|
|
</IfModule>
|
|
<IfModule !mod_cgi.c>
|
|
LoadModule cgi_module modules/mod_cgi.so
|
|
</IfModule>
|
|
<IfModule !mod_env.c>
|
|
LoadModule env_module modules/mod_env.so
|
|
</IfModule>
|
|
<IfModule !mod_rewrite.c>
|
|
LoadModule rewrite_module modules/mod_rewrite.so
|
|
</IFModule>
|
|
<IfModule !mod_version.c>
|
|
LoadModule version_module modules/mod_version.so
|
|
</IfModule>
|
|
<IfModule !mod_headers.c>
|
|
LoadModule headers_module modules/mod_headers.so
|
|
</IfModule>
|
|
<IfModule !mod_setenvif.c>
|
|
LoadModule setenvif_module modules/mod_setenvif.so
|
|
</IfModule>
|
|
|
|
<IfDefine HTTP2>
|
|
LoadModule http2_module modules/mod_http2.so
|
|
Protocols h2c
|
|
</IfDefine>
|
|
|
|
<IfModule !mod_auth_basic.c>
|
|
LoadModule auth_basic_module modules/mod_auth_basic.so
|
|
</IfModule>
|
|
<IfModule !mod_authn_file.c>
|
|
LoadModule authn_file_module modules/mod_authn_file.so
|
|
</IfModule>
|
|
<IfModule !mod_authz_user.c>
|
|
LoadModule authz_user_module modules/mod_authz_user.so
|
|
</IfModule>
|
|
<IfModule !mod_authz_host.c>
|
|
LoadModule authz_host_module modules/mod_authz_host.so
|
|
</IfModule>
|
|
|
|
<IfModule !mod_authn_core.c>
|
|
LoadModule authn_core_module modules/mod_authn_core.so
|
|
</IfModule>
|
|
<IfModule !mod_authz_core.c>
|
|
LoadModule authz_core_module modules/mod_authz_core.so
|
|
</IfModule>
|
|
<IfModule !mod_access_compat.c>
|
|
LoadModule access_compat_module modules/mod_access_compat.so
|
|
</IfModule>
|
|
<IfModule !mod_unixd.c>
|
|
LoadModule unixd_module modules/mod_unixd.so
|
|
</IfModule>
|
|
|
|
<IfDefine HTTP2>
|
|
<IfModule !mod_mpm_event.c>
|
|
LoadModule mpm_event_module modules/mod_mpm_event.so
|
|
</IfModule>
|
|
</IfDefine>
|
|
<IfDefine !HTTP2>
|
|
<IfModule !mod_mpm_prefork.c>
|
|
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
|
</IfModule>
|
|
</IfDefine>
|
|
|
|
PassEnv GIT_VALGRIND
|
|
PassEnv GIT_VALGRIND_OPTIONS
|
|
PassEnv GNUPGHOME
|
|
PassEnv ASAN_OPTIONS
|
|
PassEnv LSAN_OPTIONS
|
|
PassEnv GIT_TRACE
|
|
PassEnv GIT_CONFIG_NOSYSTEM
|
|
PassEnv GIT_TEST_SIDEBAND_ALL
|
|
PassEnv LANG
|
|
PassEnv LC_ALL
|
|
|
|
Alias /dumb/ www/
|
|
Alias /auth/dumb/ www/auth/dumb/
|
|
|
|
<LocationMatch /smart/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
</LocationMatch>
|
|
<LocationMatch /smart_noexport/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
</LocationMatch>
|
|
<LocationMatch /smart_custom_env/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
SetEnv GIT_COMMITTER_NAME "Custom User"
|
|
SetEnv GIT_COMMITTER_EMAIL custom@example.com
|
|
</LocationMatch>
|
|
<LocationMatch /smart_namespace/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
SetEnv GIT_NAMESPACE ns
|
|
</LocationMatch>
|
|
<LocationMatch /smart_cookies/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
Header set Set-Cookie name=value
|
|
</LocationMatch>
|
|
<LocationMatch /smart_headers/>
|
|
<RequireAll>
|
|
Require expr %{HTTP:x-magic-one} == 'abra'
|
|
Require expr %{HTTP:x-magic-two} == 'cadabra'
|
|
</RequireAll>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
</LocationMatch>
|
|
<LocationMatch /one_time_perl/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
</LocationMatch>
|
|
<LocationMatch /smart_v0/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
SetEnv GIT_PROTOCOL
|
|
</LocationMatch>
|
|
ScriptAlias /smart/incomplete_length/git-upload-pack incomplete-length-upload-pack-v2-http.sh/
|
|
ScriptAlias /smart/incomplete_body/git-upload-pack incomplete-body-upload-pack-v2-http.sh/
|
|
ScriptAlias /smart/no_report/git-receive-pack error-no-report.sh/
|
|
ScriptAliasMatch /error_git_upload_pack/(.*)/git-upload-pack error.sh/
|
|
ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1
|
|
ScriptAlias /broken_smart/ broken-smart-http.sh/
|
|
ScriptAlias /error_smart/ error-smart-http.sh/
|
|
ScriptAlias /error/ error.sh/
|
|
ScriptAliasMatch /one_time_perl/(.*) apply-one-time-perl.sh/$1
|
|
<Directory ${GIT_EXEC_PATH}>
|
|
Options FollowSymlinks
|
|
</Directory>
|
|
<Files incomplete-length-upload-pack-v2-http.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files incomplete-body-upload-pack-v2-http.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files error-no-report.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files broken-smart-http.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files error-smart-http.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files error.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files apply-one-time-perl.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files ${GIT_EXEC_PATH}/git-http-backend>
|
|
Options ExecCGI
|
|
</Files>
|
|
|
|
RewriteEngine on
|
|
RewriteRule ^/dumb-redir/(.*)$ /dumb/$1 [R=301]
|
|
RewriteRule ^/smart-redir-perm/(.*)$ /smart/$1 [R=301]
|
|
RewriteRule ^/smart-redir-temp/(.*)$ /smart/$1 [R=302]
|
|
RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301]
|
|
RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
|
|
RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
|
|
|
|
RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
|
|
RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
|
|
|
|
# redir-to/502/x?y -> really-redir-to?path=502/x&qs=y which returns 502
|
|
# redir-to/x?y -> really-redir-to?path=x&qs=y -> x?y
|
|
RewriteCond %{QUERY_STRING} ^(.*)$
|
|
RewriteRule ^/redir-to/(.*)$ /really-redir-to?path=$1&qs=%1 [R=302]
|
|
RewriteCond %{QUERY_STRING} ^path=502/(.*)&qs=(.*)$
|
|
RewriteRule ^/really-redir-to$ - [R=502,L]
|
|
RewriteCond %{QUERY_STRING} ^path=(.*)&qs=(.*)$
|
|
RewriteRule ^/really-redir-to$ /%1?%2 [R=302]
|
|
|
|
# The first rule issues a client-side redirect to something
|
|
# that _doesn't_ look like a git repo. The second rule is a
|
|
# server-side rewrite, so that it turns out the odd-looking
|
|
# thing _is_ a git repo. The "[PT]" tells Apache to match
|
|
# the usual ScriptAlias rules for /smart.
|
|
RewriteRule ^/insane-redir/(.*)$ /intern-redir/$1/foo [R=301]
|
|
RewriteRule ^/intern-redir/(.*)/foo$ /smart/$1 [PT]
|
|
|
|
# Serve info/refs internally without redirecting, but
|
|
# issue a redirect for any object requests.
|
|
RewriteRule ^/redir-objects/(.*/info/refs)$ /dumb/$1 [PT]
|
|
RewriteRule ^/redir-objects/(.*/objects/.*)$ /dumb/$1 [R=301]
|
|
|
|
<IfDefine SSL>
|
|
LoadModule ssl_module modules/mod_ssl.so
|
|
|
|
SSLCertificateFile httpd.pem
|
|
SSLCertificateKeyFile httpd.pem
|
|
SSLRandomSeed startup file:/dev/urandom 512
|
|
SSLRandomSeed connect file:/dev/urandom 512
|
|
SSLSessionCache none
|
|
SSLEngine On
|
|
</IfDefine>
|
|
|
|
<Location /auth/>
|
|
AuthType Basic
|
|
AuthName "git-auth"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
</Location>
|
|
|
|
<LocationMatch "^/auth-push/.*/git-receive-pack$">
|
|
AuthType Basic
|
|
AuthName "git-auth"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
</LocationMatch>
|
|
|
|
<LocationMatch "^/auth-fetch/.*/git-upload-pack$">
|
|
AuthType Basic
|
|
AuthName "git-auth"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
</LocationMatch>
|
|
|
|
RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
|
|
RewriteCond %{REQUEST_URI} /git-receive-pack$
|
|
RewriteRule ^/half-auth-complete/ - [E=AUTHREQUIRED:yes]
|
|
|
|
<Location /half-auth-complete/>
|
|
Order Deny,Allow
|
|
Deny from env=AUTHREQUIRED
|
|
|
|
AuthType Basic
|
|
AuthName "Git Access"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
Satisfy Any
|
|
</Location>
|
|
|
|
<IfDefine DAV>
|
|
LoadModule dav_module modules/mod_dav.so
|
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
|
|
|
DAVLockDB DAVLock
|
|
<Location /dumb/>
|
|
Dav on
|
|
</Location>
|
|
<Location /auth/dumb>
|
|
Dav on
|
|
</Location>
|
|
</IfDefine>
|
|
|
|
<IfDefine SVN>
|
|
LoadModule dav_svn_module modules/mod_dav_svn.so
|
|
|
|
<Location /${LIB_HTTPD_SVN}>
|
|
DAV svn
|
|
SVNPath "${LIB_HTTPD_SVNPATH}"
|
|
</Location>
|
|
</IfDefine>
|