====== Setting up GIT Server over HTTPS ======

This article describes how to set up an Apache-2 server to forward GIT requests and establish a GIT communication over HTTPS.

===== First, set up an Apache-2 webserver =====

<sxh bash>
apt-get install apache2
apt-get install openssl
a2enmod ssl
</sxh>

At this point you have a simple Apache-2 configuration and can reach http://localhost or https://localhost on your machine. This is not enough, you should also create your own ssl certificate and be familiar how it works. Everything you need to achieve this, you can find in the following article. 

[[http://www.debian-administration.org/articles/349 | Configure Apache with SSL]]

===== Install GIT and create the first repository =====

<sxh bash>
  apt-get install git
  mkdir /srv/git
  mkdir /srv/git/testgit
  cd /srv/git/testgit
  git --bare init
  mv ./hooks/post-update.sample ./hooks/post-update
  chmod +x ./hooks/post-update
  git update-server-info
  chown www-data:www-data -R /srv/git
</sxh>

After this operations, you have a bare GIT repository named "testgit".
Now its time to give apache notice of this new repository. To do this, add a new available-site to apache:
<sxh bash>
vim /etc/apache2/sites-available/git
</sxh>

Read about how to host multiple sites.
[[http://www.debian-administration.org/articles/412]]

<sxh bash>
<VirtualHost *:443>
  Servername git.yourhostname.com
  DocumentRoot /srv/git
  <Directory "/srv/git">
    DAV On
    Options ExecCGI FollowSymLinks Indexes
    Deny from all
    AuthType Basic
    AuthName "git repository"
    AuthUserFile /etc/apache2/htpasswd.git
    AuthGroupFile /etc/apache2/htgroup.git
  </Directory>

  <Directory /srv/git/testgit>
    Allow from all
    Order allow,deny
    <Limit GET>
      Require group testgit-read
    </Limit>
    <Limit GET PUT POST DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
      Require group testgit-write
    </Limit>
  </Directory>
  SSLEngine on
  SSLCertificateFile    /etc/apache2/sslcert/server.cert.crt
  SSLCertificateKeyFile /etc/apache2/sslcert/server.cert.key
</VirtualHost>
</sxh>

Bevore enabling and restarting the server, create the authentication files used in this site on line 10, 11 and adjust the ssl settings line 25, 26: read this article on how to create this files [[http://httpd.apache.org/docs/current/programs/htpasswd.html]]

<sxh bash>
a2ensite git
a2enmod dav_fs
vim /etc/apache2/ports.conf
</sxh>
add line: NameVirtualHost *:443 
<sxh bash>
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
    NameVirtualHost *:443

</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>
</sxh>

<sxh bash>
/etc/init.d/apache2 restart
oder 
service apache2 restart
</sxh>
Now you can clone "testgit" on your clinet: Go to your Git-Bash and type
<sxh bash>
git config --global http.sslVerify false
git clone https://git.yourhostname.com/testgit
</sxh>
 
===== Error which can appear =====

<sxh bash>
https://git.yourhostname.com/info/refs 
not found: did you run git update-server-info on the server?
</sxh>

Check your hostname in vim /etc/apache2/sites-available/git

~~DISQUS~~