From 09bcff080cb789dbf041651ffd16b6616e99b976 Mon Sep 17 00:00:00 2001
From: Yuqian Yang <crupest@crupest.life>
Date: Thu, 6 Mar 2025 23:01:01 +0800
Subject: feat(git): add private repo support.

---
 services/docker/git-server/git-auth.conf         | 4 ++--
 services/docker/git-server/git-lighttpd.conf     | 9 +++++----
 services/docker/git-server/hooks/update          | 2 +-
 services/docker/git-server/lighttpd-wrapper.bash | 2 +-
 4 files changed, 9 insertions(+), 8 deletions(-)

(limited to 'services/docker/git-server')

diff --git a/services/docker/git-server/git-auth.conf b/services/docker/git-server/git-auth.conf
index 1acb316..d643659 100644
--- a/services/docker/git-server/git-auth.conf
+++ b/services/docker/git-server/git-auth.conf
@@ -1,3 +1,3 @@
-auth.backend = "htpasswd" 
-auth.backend.htpasswd.userfile = "/git/private/user-info" 
+auth.backend = "htpasswd"
+auth.backend.htpasswd.userfile = "/git/user-info"
 auth.require = ( "" => ("method" => "basic", "realm" => "Git Access", "require" => "valid-user") )
diff --git a/services/docker/git-server/git-lighttpd.conf b/services/docker/git-server/git-lighttpd.conf
index 567303a..d284ee1 100644
--- a/services/docker/git-server/git-lighttpd.conf
+++ b/services/docker/git-server/git-lighttpd.conf
@@ -10,9 +10,10 @@ $HTTP["url"] =^ "/git" {
     mimetype.assign = ( ".css" => "text/css" )
 
     $HTTP["url"] =^ "/git/private" {
-        url.access-deny = ("")
+        include "git-auth.conf"
     }
-    else $HTTP["url"] =~ "^/git/.*/(HEAD|info/refs|objects/info/[^/]+|git-(upload|receive)-pack)$" {
+
+    $HTTP["url"] =~ "^/git/.*/(HEAD|info/refs|objects/info/[^/]+|git-(upload|receive)-pack)$" {
         $HTTP["querystring"] =~ "service=git-receive-pack" {
             include "git-auth.conf"
         }
@@ -21,14 +22,14 @@ $HTTP["url"] =^ "/git" {
         }
         alias.url += ( "/git" => "/usr/lib/git-core/git-http-backend" )
         setenv.add-environment = (
-            "GIT_PROJECT_ROOT" => "/git",
+            "GIT_PROJECT_ROOT" => "/git/repos",
             "GIT_HTTP_EXPORT_ALL" => ""
         )
         cgi.assign = ("" => "")
     }
     else $HTTP["url"] =~ "^/git/.*/((objects/[0-9a-f]{2}/[0-9a-f]{38})|(pack/pack-[0-9a-f]{40}.(pack|idx)))$" {
         alias.url += (
-            "/git" => "/git",
+            "/git" => "/git/repos",
         )
     }
     else $HTTP["url"] =^ "/git/static" {
diff --git a/services/docker/git-server/hooks/update b/services/docker/git-server/hooks/update
index 4cfcacc..d6bfc1a 100755
--- a/services/docker/git-server/hooks/update
+++ b/services/docker/git-server/hooks/update
@@ -26,7 +26,7 @@ if [[ -f "$protected_file" ]]; then
   done <"$protected_file"
 fi
 
-global_hook="/git/private/git/hooks/update"
+global_hook="/git/hooks/update"
 local_hook="$GIT_DIR/hooks/update"
 
 if [[ -x "$global_hook" ]]; then
diff --git a/services/docker/git-server/lighttpd-wrapper.bash b/services/docker/git-server/lighttpd-wrapper.bash
index 06dc78f..a33015a 100755
--- a/services/docker/git-server/lighttpd-wrapper.bash
+++ b/services/docker/git-server/lighttpd-wrapper.bash
@@ -2,7 +2,7 @@
 
 set -e
 
-touch -a /git/private/user-info
+touch -a /git/user-info
 
 exec 3>&1
 exec lighttpd -D -f /app/git-lighttpd.conf
-- 
cgit v1.2.3