On Sun, 16 Jun 2024 03:41:57 -0500 "David C. Rankin" <drankinatty@gmail.com> wrote:
All,
After recent git update, read only repos hosted on a local Apache server could no longer pull over https. (gitweb remained fine) Repositories closed read/write over ssh were fine.
On the server the repositories under /srv/git were owned david:david (me). However, after the git change, git refused to serve over https unless the directories under /srv/git were owned by http.
Fine, change made - but now repos cloned read/write over ssh fail because the directory under /srv/git is no longer owned by me.
How do you make git repositories hosted on my local server allow clone/pull over https AND allow me to still close read/write over ssh?
Catch 22,
unless /srv/git/xxx.git is http:http, https fails
unless /srv/git/xxx.git is david:http, ssh fails
Anybody else caught be this?
The server is configured per https://wiki.archlinux.org/title/Git_server and the scm-git.com links.
The "Note: Make sure that Apache can read and write to your repositories." seems incomplete. It's not just "read and write" it is "must own" for https and "can't own" for ssh? How to solve?
What about: create a dedicated "git" user, and run apache as user git? After all when new files are to be created they will have owner=running program, which could be a CGI program launched from apache, or a git program launched from SSH. If these are two different users it'll likely become a mess.