Thanks Marius, I can access gitorious directly via port 80, but only because I've opened this port for testing. Normally it's closed at firewall as we only allow cert auth'd traffic for server via port 443. I (and others in team) work from office and home, so we need secure remote access.
I've tried changing the client/host urls in gitorious.yml to have / gitorious appended, but when doing 'git push origin master' I get error 'nodename nor servname provided, or not known'. Also I've previously tried using the static ip of the server, but this didn't fix problem. And I've just added git user to digest auth file without password for testing. I assume gitorious_auth.log replying with error: and: 'Executing read/write command for "git": "git-receive-pack 'myproject/myrepository.git'" shows that the right user (git, which is admin) is found by gitorious via its db? But as you saw from previous post, after this the log shows: Access denied or bad repository path for "git": "git-receive- pack 'myproject/myrepository.git' If permissions for this user are right, then is this really just a repo address issue caused by me using suburi branch with config option: # URL root context of the application, eg "/gitorious" gitorious_url_root: /gitorious The error must be something very simple because everything else works. On Apr 12, 5:31 pm, Marius Mårnes Mathiesen <[email protected]> wrote: > On Mon, Apr 11, 2011 at 3:39 PM, git_usr <[email protected]> wrote: > > I think I understand what you mean, but problem is apache and > > gitorious are using port:80. > > Pound listens on 443 and once it auth's client certs it lets traffic > > through to port 80. > > So you should be able to access port 80 (Apache directly) to bypass the > authentication? If the firewall has port 80 open and you don't want users to > be able to access Gitorious over port 80 you could restrict the access to > 127.0.0.1 only. > > > I'm confused, becuase I thought $ git push origin master goes over > > ssh, which bypasses pound to the internal gitorious server? > > When a user attempts to push, Gitorious needs to know whether that user > should be allowed to do so, which means checking the database. Since loading > the entire Rails environment is a quite heavy operation, we "ask" Gitorious > through its web interface, which is already loaded, if the user should be > allowed to push. Which is why we need to know the IP address and port to > connect to in order to query for permissions. > > Cheers, > - Marius -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected]
