1ServerName dummy
2PidFile httpd.pid
3DocumentRoot www
4LogFormat "%h %l %u %t \"%r\" %>s %b" common
5CustomLog access.log common
6ErrorLog error.log
7<IfModule !mod_log_config.c>
8 LoadModule log_config_module modules/mod_log_config.so
9</IfModule>
10<IfModule !mod_alias.c>
11 LoadModule alias_module modules/mod_alias.so
12</IfModule>
13<IfModule !mod_cgi.c>
14 LoadModule cgi_module modules/mod_cgi.so
15</IfModule>
16<IfModule !mod_env.c>
17 LoadModule env_module modules/mod_env.so
18</IfModule>
19<IfModule !mod_rewrite.c>
20 LoadModule rewrite_module modules/mod_rewrite.so
21</IFModule>
22<IfModule !mod_version.c>
23 LoadModule version_module modules/mod_version.so
24</IfModule>
25<IfModule !mod_headers.c>
26 LoadModule headers_module modules/mod_headers.so
27</IfModule>
28<IfModule !mod_setenvif.c>
29 LoadModule setenvif_module modules/mod_setenvif.so
30</IfModule>
31
32<IfVersion < 2.4>
33LockFile accept.lock
34</IfVersion>
35
36<IfVersion < 2.1>
37<IfModule !mod_auth.c>
38 LoadModule auth_module modules/mod_auth.so
39</IfModule>
40</IfVersion>
41
42<IfVersion >= 2.1>
43<IfModule !mod_auth_basic.c>
44 LoadModule auth_basic_module modules/mod_auth_basic.so
45</IfModule>
46<IfModule !mod_authn_file.c>
47 LoadModule authn_file_module modules/mod_authn_file.so
48</IfModule>
49<IfModule !mod_authz_user.c>
50 LoadModule authz_user_module modules/mod_authz_user.so
51</IfModule>
52<IfModule !mod_authz_host.c>
53 LoadModule authz_host_module modules/mod_authz_host.so
54</IfModule>
55</IfVersion>
56
57<IfVersion >= 2.4>
58<IfModule !mod_authn_core.c>
59 LoadModule authn_core_module modules/mod_authn_core.so
60</IfModule>
61<IfModule !mod_authz_core.c>
62 LoadModule authz_core_module modules/mod_authz_core.so
63</IfModule>
64<IfModule !mod_access_compat.c>
65 LoadModule access_compat_module modules/mod_access_compat.so
66</IfModule>
67<IfModule !mod_mpm_prefork.c>
68 LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
69</IfModule>
70<IfModule !mod_unixd.c>
71 LoadModule unixd_module modules/mod_unixd.so
72</IfModule>
73</IfVersion>
74
75PassEnv GIT_VALGRIND
76PassEnv GIT_VALGRIND_OPTIONS
77PassEnv GNUPGHOME
78PassEnv ASAN_OPTIONS
79PassEnv LSAN_OPTIONS
80PassEnv GIT_TRACE
81PassEnv GIT_CONFIG_NOSYSTEM
82PassEnv GIT_TEST_SIDEBAND_ALL
83
84SetEnvIf Git-Protocol ".*" GIT_PROTOCOL=$0
85
86Alias /dumb/ www/
87Alias /auth/dumb/ www/auth/dumb/
88
89<LocationMatch /smart/>
90 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
91 SetEnv GIT_HTTP_EXPORT_ALL
92</LocationMatch>
93<LocationMatch /smart_noexport/>
94 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
95</LocationMatch>
96<LocationMatch /smart_custom_env/>
97 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
98 SetEnv GIT_HTTP_EXPORT_ALL
99 SetEnv GIT_COMMITTER_NAME "Custom User"
100 SetEnv GIT_COMMITTER_EMAIL custom@example.com
101</LocationMatch>
102<LocationMatch /smart_namespace/>
103 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
104 SetEnv GIT_HTTP_EXPORT_ALL
105 SetEnv GIT_NAMESPACE ns
106</LocationMatch>
107<LocationMatch /smart_cookies/>
108 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
109 SetEnv GIT_HTTP_EXPORT_ALL
110 Header set Set-Cookie name=value
111</LocationMatch>
112<LocationMatch /smart_headers/>
113 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
114 SetEnv GIT_HTTP_EXPORT_ALL
115</LocationMatch>
116<LocationMatch /one_time_sed/>
117 SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
118 SetEnv GIT_HTTP_EXPORT_ALL
119</LocationMatch>
120ScriptAliasMatch /error_git_upload_pack/(.*)/git-upload-pack error.sh/
121ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1
122ScriptAlias /broken_smart/ broken-smart-http.sh/
123ScriptAlias /error_smart/ error-smart-http.sh/
124ScriptAlias /error/ error.sh/
125ScriptAliasMatch /one_time_sed/(.*) apply-one-time-sed.sh/$1
126<Directory ${GIT_EXEC_PATH}>
127 Options FollowSymlinks
128</Directory>
129<Files broken-smart-http.sh>
130 Options ExecCGI
131</Files>
132<Files error-smart-http.sh>
133 Options ExecCGI
134</Files>
135<Files error.sh>
136 Options ExecCGI
137</Files>
138<Files apply-one-time-sed.sh>
139 Options ExecCGI
140</Files>
141<Files ${GIT_EXEC_PATH}/git-http-backend>
142 Options ExecCGI
143</Files>
144
145RewriteEngine on
146RewriteRule ^/dumb-redir/(.*)$ /dumb/$1 [R=301]
147RewriteRule ^/smart-redir-perm/(.*)$ /smart/$1 [R=301]
148RewriteRule ^/smart-redir-temp/(.*)$ /smart/$1 [R=302]
149RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301]
150RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
151RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
152
153RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
154RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
155
156# redir-to/502/x?y -> really-redir-to?path=502/x&qs=y which returns 502
157# redir-to/x?y -> really-redir-to?path=x&qs=y -> x?y
158RewriteCond %{QUERY_STRING} ^(.*)$
159RewriteRule ^/redir-to/(.*)$ /really-redir-to?path=$1&qs=%1 [R=302]
160RewriteCond %{QUERY_STRING} ^path=502/(.*)&qs=(.*)$
161RewriteRule ^/really-redir-to$ - [R=502,L]
162RewriteCond %{QUERY_STRING} ^path=(.*)&qs=(.*)$
163RewriteRule ^/really-redir-to$ /%1?%2 [R=302]
164
165# The first rule issues a client-side redirect to something
166# that _doesn't_ look like a git repo. The second rule is a
167# server-side rewrite, so that it turns out the odd-looking
168# thing _is_ a git repo. The "[PT]" tells Apache to match
169# the usual ScriptAlias rules for /smart.
170RewriteRule ^/insane-redir/(.*)$ /intern-redir/$1/foo [R=301]
171RewriteRule ^/intern-redir/(.*)/foo$ /smart/$1 [PT]
172
173# Serve info/refs internally without redirecting, but
174# issue a redirect for any object requests.
175RewriteRule ^/redir-objects/(.*/info/refs)$ /dumb/$1 [PT]
176RewriteRule ^/redir-objects/(.*/objects/.*)$ /dumb/$1 [R=301]
177
178# Apache 2.2 does not understand <RequireAll>, so we use RewriteCond.
179# And as RewriteCond does not allow testing for non-matches, we match
180# the desired case first (one has abra, two has cadabra), and let it
181# pass by marking the RewriteRule as [L], "last rule, do not process
182# any other matching RewriteRules after this"), and then have another
183# RewriteRule that matches all other cases and lets them fail via '[F]',
184# "fail the request".
185RewriteCond %{HTTP:x-magic-one} =abra
186RewriteCond %{HTTP:x-magic-two} =cadabra
187RewriteRule ^/smart_headers/.* - [L]
188RewriteRule ^/smart_headers/.* - [F]
189
190<IfDefine SSL>
191LoadModule ssl_module modules/mod_ssl.so
192
193SSLCertificateFile httpd.pem
194SSLCertificateKeyFile httpd.pem
195SSLRandomSeed startup file:/dev/urandom 512
196SSLRandomSeed connect file:/dev/urandom 512
197SSLSessionCache none
198SSLMutex file:ssl_mutex
199SSLEngine On
200</IfDefine>
201
202<Location /auth/>
203 AuthType Basic
204 AuthName "git-auth"
205 AuthUserFile passwd
206 Require valid-user
207</Location>
208
209<LocationMatch "^/auth-push/.*/git-receive-pack$">
210 AuthType Basic
211 AuthName "git-auth"
212 AuthUserFile passwd
213 Require valid-user
214</LocationMatch>
215
216<LocationMatch "^/auth-fetch/.*/git-upload-pack$">
217 AuthType Basic
218 AuthName "git-auth"
219 AuthUserFile passwd
220 Require valid-user
221</LocationMatch>
222
223RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
224RewriteCond %{REQUEST_URI} /git-receive-pack$
225RewriteRule ^/half-auth-complete/ - [E=AUTHREQUIRED:yes]
226
227<Location /half-auth-complete/>
228 Order Deny,Allow
229 Deny from env=AUTHREQUIRED
230
231 AuthType Basic
232 AuthName "Git Access"
233 AuthUserFile passwd
234 Require valid-user
235 Satisfy Any
236</Location>
237
238<IfDefine DAV>
239 LoadModule dav_module modules/mod_dav.so
240 LoadModule dav_fs_module modules/mod_dav_fs.so
241
242 DAVLockDB DAVLock
243 <Location /dumb/>
244 Dav on
245 </Location>
246 <Location /auth/dumb>
247 Dav on
248 </Location>
249</IfDefine>
250
251<IfDefine SVN>
252 LoadModule dav_svn_module modules/mod_dav_svn.so
253
254 <Location /${LIB_HTTPD_SVN}>
255 DAV svn
256 SVNPath "${LIB_HTTPD_SVNPATH}"
257 </Location>
258</IfDefine>