Git with Ldap on Ubuntu with Apache -


i'm new git , trying installation of git, gitolite, , gitweb working ldap. far, have gitweb working ldap. i've reviewed many posts , guides posted around web, have not found solution yet. on ubuntu 12.04.2 server apache 2.2.22. i'm not expert in of these technologies, if i'm missing obvious please let me know. :)

my site file contains:

<virtualhost *:80>     serveradmin admin     servername myserver      rewriteengine on     rewritecond %{https} off     rewriterule (.*) https://%{http_host}%{request_uri}     documentroot /home/git/myserver/http/      <directory /home/git/myserver/http/>     </directory>     errorlog /home/git/myserver/logs/error.log    customlog /home/git/myserver/logs/access.log combined      # possible values include: debug, info, notice, warn, error, crit,     # alert, emerg.     loglevel debug      assignuserid git git   </virtualhost>  <virtualhost myserver:443>         serveradmin me     servername myserver      documentroot /usr/share/gitweb/     <directory /usr/share/gitweb/>             authbasicprovider ldap             authtype basic             authname "git server"             authldapurl "ldaps://myldap:636/dc=xx,dc=com?samaccountname?sub?(objectclass=user)" none             authldapbinddn "cn=user,ou=service accounts,dc=xx,dc=com"             authldapbindpassword "password"             ### if need them member of domain, use this:             #require ldap-attribute objectclass=user              ### group based authentication. users should part of group exactly, , not nested inside other groups             require ldap-group cn=xx,ou=groups,dc=nov,dc=com             require ldap-group cn=yy,ou=security mail enabled,ou=groups,dc=xx,dc=com     </directory>     errorlog /home/git/myserver/logs/error.log    customlog /home/git/myserver/logs/access.log combined      # possible values include: debug, info, notice, warn, error, crit,     # alert, emerg.     loglevel debug      assignuserid git git      sslengine on     sslcertificatefile /etc/ssl/apache/myserver.cer     sslcertificatekeyfile /etc/ssl/apache/myserver.key   </virtualhost>

my gitweb.conf file:

# path git projects (<project>.git) $projectroot = "/var/lib/gitolite/repositories";  # directory use temp files $git_temp = "/tmp";  $site_name = "git";  # target of home link on top of pages #$home_link = $my_uri || "/";  # html text include @ home page #$home_text = "indextext.html";  # file project list; default, scan projectroot dir. $projects_list = "/var/lib/gitolite/projects.list";  @git_base_url_list = qw(ssh://gitolite@myip);  # stylesheet use #@stylesheets = ("static/gitweb.css");  # javascript code gitweb #$javascript = "static/gitweb.js";  # logo use #$logo = "static/git-logo.png";  # 'favicon' #$favicon = "static/git-favicon.png";  # git-diff-tree(1) options use generated patches #@diff_opts = ("-m"); @diff_opts = ();  $feature{'highlight'}{'default'} = [1];

and conf.d/gitweb file:

alias /gitweb /usr/share/gitweb  <directory /usr/share/gitweb>   options followsymlinks +execcgi   addhandler cgi-script .cgi </directory>

any thoughts or suggestions appreciated.

thanks!

git ldap (git itself, not gitweb) precisely in project:
see httpd.conf

i define first couple of ldap aliases (you can authenticate against several ldap if want):

<authnprovideralias ldap myldap>   authldapbinddn cn=manager,dc=example,dc=com   authldapbindpassword secret   authldapurl ldap://localhost:@port_ldap_test@/dc=example,dc=com?uid?sub?(objectclass=*) </authnprovideralias>  # ldap_start <authnprovideralias ldap companyldap>   authldapbinddn "@ldap_binddn@"   authldapbindpassword @ldap_password@   authldapurl @ldap_url@ </authnprovideralias> # ldap_end

(all @xxx@ see template placeholders replace actual values later)

then define virtualhost (on different port 1 used gitweb):

(extract):

# githttp on @port_http_hgit@ listen @port_http_hgit@ <virtualhost @fqn@:@port_http_hgit@>     servername @fqn@     serveralias @hostname@      sslcertificatefile "@h@/apache/crt"     sslcertificatekeyfile "@h@/apache/key"     sslengine on      setenv git_project_root @h@/repositories     setenv git_http_export_all     setenv gitolite_http_home @h@     scriptalias /hgit/ @h@/sbin/gitolite-shell/     setenv git_http_backend "@h@/usr/local/apps/git/libexec/git-core/git-http-backend"     <filesmatch "\.(cgi|shtml|phtml|php)$">       ssloptions +stdenvvars     </filesmatch>     <location /hgit>         ssloptions +stdenvvars         options execcgi +followsymlinks +symlinksifownermatch         #allowoverride         order allow,deny         allow         authname "ldap authentication smart http git repositories"         authtype basic         authbasicprovider myldap companyldap         authzldapauthoritative off         require valid-user         addhandler cgi-script cgi     </location>  </virtualhost>

here calling gitolite, if call directly git-http-backend (which script git itself, nothing gitolite), give unrestricted access git repo, through http(s) ldap authentication

scriptalias /hgit/ @h@/usr/local/apps/git/libexec/git-core/git-http-backend

Comments

Post a Comment

Popular posts from this blog

basic authentication with http post params android -

i doing basic authentication passing username , password , using basicnamevaluepair sending post params response service. my method: public stringbuilder callservicehttppost(string username, string password, string type) { // create new httpclient , post header httpclient httpclient = new defaulthttpclient(); httppost httppost = new httppost(webservice + type); httpresponse response = null; stringbuilder total = new stringbuilder(); try { url url = new url(webservice + type); /*string base64encodedcredentials = base64.encodetostring((username + ":" + password).getbytes(), base64.url_safe | base64.no_wrap);*/ string base64encodedcredentials = "basic " + base64.encodetostring( (username + ":" + password).getbytes(), base64.no_wrap); httppost.setheader("auth...
Read more

vb.net - Virtual Keyboard commands -

i wondering difference between virtual these keyboard commands is: keyeventf_extendedkey , keyeventf_keyup is. everywhere have looked gives me description based off integers , not want know each of them does. you've tagged question vb.net, these have nothing @ vb.net. they're constants defined in windows header files, use win32 api functions. as far difference, can't tell looking @ values. individual values not particularly important, that's why named identifiers used. what's important used , documentation functions tells mean. the first one, keyeventf_extendedkey , used keybdinput structure (which used along e.g. sendinput function) pass information synthesized keyboard input. if flag used, means scan code should interpreted extended key. technically, means scan code preceded prefix byte value 224 (&he0 in hexadecimal notation). the second one, keyeventf_keyup , 1 of flags available use structure. means key being released (going up)...
Read more

c++ - End of file on pipe magic during open -

i have c++ application in starting process(wireshark) following. if (fp == null){ fp = popen(processpath, "r"); //processpath process want start if (!fp){ throw std::invalid_argument("cannot start process"); } fprintf(fp, d_msg);//d_msg input want provide process } else if(fp != null){ fprintf(fp, d_msg); } the problem when execute c++ application, start wireshark error end of file on pipe magic during open what should avoid that? also tried using mkfifo create named pipe , execute it. used this: if (fp == null){ system("mkfifo /tmp/mine.pcap"); fp = popen("wireshark -k -i /tmp/mine.pcap", "r"); if (!fp){ dout << "cannot start wireshark"<<std::endl; throw std::invalid_argument("cannot start wireshark"); } input = fopen("/tmp/mine.pcap", "wb"); fprintf(input , d_msg); fclose(input)...
Read more