The examples in the documentation are all for Apache. Let's
at least cover the basics: an anonymous server, an
authenticated server, and a "half auth" server with
anonymous read and authenticated write.

Signed-off-by: Jeff King <>
I am by no means a lighttpd expert, so there may be better ways to do
some of these. But I did test that they all work as expected.

I was tempted for a moment to provide a mechanism for the t55* tests to
use either lighttpd _or_ apache, so that these could get some automated
testing. But I don't relish the thought of trying to keep both configs
synchronized as people update one or the other.

There are also some advanced setups in the apache part of the doc that I
didn't translate here (e.g., dumb-http fallback, and static serving of
dumb-http files). Mostly because I don't think they are that commonly
used these days, and I do not know enough about lighttpd configuration
to translate them easily. If somebody wants to make a patch on top, they

 Documentation/git-http-backend.txt | 55 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/Documentation/git-http-backend.txt 
index f43980f..cad18ce 100644
--- a/Documentation/git-http-backend.txt
+++ b/Documentation/git-http-backend.txt
@@ -167,6 +167,61 @@ ScriptAlias /git/ /var/www/cgi-bin/gitweb.cgi/
 ScriptAlias /git/ /var/www/cgi-bin/gitweb.cgi/
+       Ensure that `mod_cgi`, `mod_alias, `mod_auth`, `mod_setenv` are
+       loaded, then set `GIT_PROJECT_ROOT` appropriately and redirect
+       all requests to the CGI:
+alias.url += ( "/git" => "/usr/lib/git-core/git-http-backend" )
+$HTTP["url"] =~ "^/git" {
+       cgi.assign = ("" => "")
+       setenv.add-environment = (
+               "GIT_PROJECT_ROOT" => "/var/www/git",
+               "GIT_HTTP_EXPORT_ALL" => ""
+       )
+To enable anonymous read access but authenticated write access:
+$HTTP["querystring"] =~ "service=git-receive-pack" {
+       include "git-auth.conf"
+$HTTP["url"] =~ "^/git/.*/git-receive-pack$" {
+       include "git-auth.conf"
+where `git-auth.conf` looks something like:
+auth.require = (
+       "/" => (
+               "method" => "basic",
+               "realm" => "Git Access",
+               "require" => "valid-user"
+              )
+# ...and set up auth.backend here
+Note that unlike the similar setup with Apache, we can easily match the
+query string for receive-pack, catching the initial request from the
+client. This means that the server administrator does not have to worry
+about configuring `http.receivepack` for the repositories (the default
+value, which enables it only in the case of authentication, is
+To require authentication for both reads and writes:
+$HTTP["url"] =~ "^/git/private" {
+       include "git-auth.conf"
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to
More majordomo info at

Reply via email to