t/lib-httpd/apache.conf

   1 ServerName dummy
   2 PidFile httpd.pid
   3 DocumentRoot www
   4 LogFormat "%h %l %u %t \"%r\" %>s %b" common
   5 CustomLog access.log common
   6 ErrorLog error.log
   7 <IfModule !mod_log_config.c>
   8         LoadModule log_config_module modules/mod_log_config.so
   9 </IfModule>
  10 <IfModule !mod_alias.c>
  11         LoadModule alias_module modules/mod_alias.so
  12 </IfModule>
  13 <IfModule !mod_cgi.c>
  14         LoadModule cgi_module modules/mod_cgi.so
  15 </IfModule>
  16 <IfModule !mod_env.c>
  17         LoadModule env_module modules/mod_env.so
  18 </IfModule>
  19 <IfModule !mod_rewrite.c>
  20         LoadModule rewrite_module modules/mod_rewrite.so
  21 </IFModule>
  22 <IfModule !mod_version.c>
  23         LoadModule version_module modules/mod_version.so
  24 </IfModule>
  25 <IfModule !mod_headers.c>
  26         LoadModule headers_module modules/mod_headers.so
  27 </IfModule>
  28 <IfModule !mod_setenvif.c>
  29         LoadModule setenvif_module modules/mod_setenvif.so
  30 </IfModule>
  31
  32 <IfDefine HTTP2>
  33 LoadModule http2_module modules/mod_http2.so
  34 Protocols h2c
  35 </IfDefine>
  36
  37 <IfVersion < 2.4>
  38 LockFile accept.lock
  39 </IfVersion>
  40
  41 <IfVersion < 2.1>
  42 <IfModule !mod_auth.c>
  43         LoadModule auth_module modules/mod_auth.so
  44 </IfModule>
  45 </IfVersion>
  46
  47 <IfVersion >= 2.1>
  48 <IfModule !mod_auth_basic.c>
  49         LoadModule auth_basic_module modules/mod_auth_basic.so
  50 </IfModule>
  51 <IfModule !mod_authn_file.c>
  52         LoadModule authn_file_module modules/mod_authn_file.so
  53 </IfModule>
  54 <IfModule !mod_authz_user.c>
  55         LoadModule authz_user_module modules/mod_authz_user.so
  56 </IfModule>
  57 <IfModule !mod_authz_host.c>
  58         LoadModule authz_host_module modules/mod_authz_host.so
  59 </IfModule>
  60 </IfVersion>
  61
  62 <IfVersion >= 2.4>
  63 <IfModule !mod_authn_core.c>
  64         LoadModule authn_core_module modules/mod_authn_core.so
  65 </IfModule>
  66 <IfModule !mod_authz_core.c>
  67         LoadModule authz_core_module modules/mod_authz_core.so
  68 </IfModule>
  69 <IfModule !mod_access_compat.c>
  70         LoadModule access_compat_module modules/mod_access_compat.so
  71 </IfModule>
  72 <IfModule !mod_unixd.c>
  73         LoadModule unixd_module modules/mod_unixd.so
  74 </IfModule>
  75
  76 <IfDefine HTTP2>
  77 <IfModule !mod_mpm_event.c>
  78         LoadModule mpm_event_module modules/mod_mpm_event.so
  79 </IfModule>
  80 </IfDefine>
  81 <IfDefine !HTTP2>
  82 <IfModule !mod_mpm_prefork.c>
  83         LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
  84 </IfModule>
  85 </IfDefine>
  86 </IfVersion>
  87
  88 PassEnv GIT_VALGRIND
  89 PassEnv GIT_VALGRIND_OPTIONS
  90 PassEnv GNUPGHOME
  91 PassEnv ASAN_OPTIONS
  92 PassEnv LSAN_OPTIONS
  93 PassEnv GIT_TRACE
  94 PassEnv GIT_CONFIG_NOSYSTEM
  95 PassEnv GIT_TEST_SIDEBAND_ALL
  96 PassEnv LANG
  97 PassEnv LC_ALL
  98
  99 Alias /dumb/ www/
 100 Alias /auth/dumb/ www/auth/dumb/
 101
 102 <LocationMatch /smart/>
 103         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 104         SetEnv GIT_HTTP_EXPORT_ALL
 105 </LocationMatch>
 106 <LocationMatch /smart_noexport/>
 107         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 108 </LocationMatch>
 109 <LocationMatch /smart_custom_env/>
 110         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 111         SetEnv GIT_HTTP_EXPORT_ALL
 112         SetEnv GIT_COMMITTER_NAME "Custom User"
 113         SetEnv GIT_COMMITTER_EMAIL custom@example.com
 114 </LocationMatch>
 115 <LocationMatch /smart_namespace/>
 116         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 117         SetEnv GIT_HTTP_EXPORT_ALL
 118         SetEnv GIT_NAMESPACE ns
 119 </LocationMatch>
 120 <LocationMatch /smart_cookies/>
 121         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 122         SetEnv GIT_HTTP_EXPORT_ALL
 123         Header set Set-Cookie name=value
 124 </LocationMatch>
 125 <LocationMatch /smart_headers/>
 126         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 127         SetEnv GIT_HTTP_EXPORT_ALL
 128 </LocationMatch>
 129 <LocationMatch /one_time_perl/>
 130         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 131         SetEnv GIT_HTTP_EXPORT_ALL
 132 </LocationMatch>
 133 <LocationMatch /smart_v0/>
 134         SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
 135         SetEnv GIT_HTTP_EXPORT_ALL
 136         SetEnv GIT_PROTOCOL
 137 </LocationMatch>
 138 ScriptAlias /smart/incomplete_length/git-upload-pack incomplete-length-upload-pack-v2-http.sh/
 139 ScriptAlias /smart/incomplete_body/git-upload-pack incomplete-body-upload-pack-v2-http.sh/
 140 ScriptAlias /smart/no_report/git-receive-pack error-no-report.sh/
 141 ScriptAliasMatch /error_git_upload_pack/(.*)/git-upload-pack error.sh/
 142 ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1
 143 ScriptAlias /broken_smart/ broken-smart-http.sh/
 144 ScriptAlias /error_smart/ error-smart-http.sh/
 145 ScriptAlias /error/ error.sh/
 146 ScriptAliasMatch /one_time_perl/(.*) apply-one-time-perl.sh/$1
 147 <Directory ${GIT_EXEC_PATH}>
 148         Options FollowSymlinks
 149 </Directory>
 150 <Files incomplete-length-upload-pack-v2-http.sh>
 151         Options ExecCGI
 152 </Files>
 153 <Files incomplete-body-upload-pack-v2-http.sh>
 154         Options ExecCGI
 155 </Files>
 156 <Files error-no-report.sh>
 157         Options ExecCGI
 158 </Files>
 159 <Files broken-smart-http.sh>
 160         Options ExecCGI
 161 </Files>
 162 <Files error-smart-http.sh>
 163         Options ExecCGI
 164 </Files>
 165 <Files error.sh>
 166   Options ExecCGI
 167 </Files>
 168 <Files apply-one-time-perl.sh>
 169         Options ExecCGI
 170 </Files>
 171 <Files ${GIT_EXEC_PATH}/git-http-backend>
 172         Options ExecCGI
 173 </Files>
 174
 175 RewriteEngine on
 176 RewriteRule ^/dumb-redir/(.*)$ /dumb/$1 [R=301]
 177 RewriteRule ^/smart-redir-perm/(.*)$ /smart/$1 [R=301]
 178 RewriteRule ^/smart-redir-temp/(.*)$ /smart/$1 [R=302]
 179 RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301]
 180 RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
 181 RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
 182
 183 RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
 184 RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
 185
 186 # redir-to/502/x?y -> really-redir-to?path=502/x&qs=y which returns 502
 187 # redir-to/x?y -> really-redir-to?path=x&qs=y -> x?y
 188 RewriteCond %{QUERY_STRING} ^(.*)$
 189 RewriteRule ^/redir-to/(.*)$ /really-redir-to?path=$1&qs=%1 [R=302]
 190 RewriteCond %{QUERY_STRING} ^path=502/(.*)&qs=(.*)$
 191 RewriteRule ^/really-redir-to$ - [R=502,L]
 192 RewriteCond %{QUERY_STRING} ^path=(.*)&qs=(.*)$
 193 RewriteRule ^/really-redir-to$ /%1?%2 [R=302]
 194
 195 # The first rule issues a client-side redirect to something
 196 # that _doesn't_ look like a git repo. The second rule is a
 197 # server-side rewrite, so that it turns out the odd-looking
 198 # thing _is_ a git repo. The "[PT]" tells Apache to match
 199 # the usual ScriptAlias rules for /smart.
 200 RewriteRule ^/insane-redir/(.*)$ /intern-redir/$1/foo [R=301]
 201 RewriteRule ^/intern-redir/(.*)/foo$ /smart/$1 [PT]
 202
 203 # Serve info/refs internally without redirecting, but
 204 # issue a redirect for any object requests.
 205 RewriteRule ^/redir-objects/(.*/info/refs)$ /dumb/$1 [PT]
 206 RewriteRule ^/redir-objects/(.*/objects/.*)$ /dumb/$1 [R=301]
 207
 208 # Apache 2.2 does not understand <RequireAll>, so we use RewriteCond.
 209 # And as RewriteCond does not allow testing for non-matches, we match
 210 # the desired case first (one has abra, two has cadabra), and let it
 211 # pass by marking the RewriteRule as [L], "last rule, do not process
 212 # any other matching RewriteRules after this"), and then have another
 213 # RewriteRule that matches all other cases and lets them fail via '[F]',
 214 # "fail the request".
 215 RewriteCond %{HTTP:x-magic-one} =abra
 216 RewriteCond %{HTTP:x-magic-two} =cadabra
 217 RewriteRule ^/smart_headers/.* - [L]
 218 RewriteRule ^/smart_headers/.* - [F]
 219
 220 <IfDefine SSL>
 221 LoadModule ssl_module modules/mod_ssl.so
 222
 223 SSLCertificateFile httpd.pem
 224 SSLCertificateKeyFile httpd.pem
 225 SSLRandomSeed startup file:/dev/urandom 512
 226 SSLRandomSeed connect file:/dev/urandom 512
 227 SSLSessionCache none
 228 SSLMutex file:ssl_mutex
 229 SSLEngine On
 230 </IfDefine>
 231
 232 <Location /auth/>
 233         AuthType Basic
 234         AuthName "git-auth"
 235         AuthUserFile passwd
 236         Require valid-user
 237 </Location>
 238
 239 <LocationMatch "^/auth-push/.*/git-receive-pack$">
 240         AuthType Basic
 241         AuthName "git-auth"
 242         AuthUserFile passwd
 243         Require valid-user
 244 </LocationMatch>
 245
 246 <LocationMatch "^/auth-fetch/.*/git-upload-pack$">
 247         AuthType Basic
 248         AuthName "git-auth"
 249         AuthUserFile passwd
 250         Require valid-user
 251 </LocationMatch>
 252
 253 RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
 254 RewriteCond %{REQUEST_URI} /git-receive-pack$
 255 RewriteRule ^/half-auth-complete/ - [E=AUTHREQUIRED:yes]
 256
 257 <Location /half-auth-complete/>
 258   Order Deny,Allow
 259   Deny from env=AUTHREQUIRED
 260
 261   AuthType Basic
 262   AuthName "Git Access"
 263   AuthUserFile passwd
 264   Require valid-user
 265   Satisfy Any
 266 </Location>
 267
 268 <IfDefine DAV>
 269         LoadModule dav_module modules/mod_dav.so
 270         LoadModule dav_fs_module modules/mod_dav_fs.so
 271
 272         DAVLockDB DAVLock
 273         <Location /dumb/>
 274                 Dav on
 275         </Location>
 276         <Location /auth/dumb>
 277                 Dav on
 278         </Location>
 279 </IfDefine>
 280
 281 <IfDefine SVN>
 282         LoadModule dav_svn_module modules/mod_dav_svn.so
 283
 284         <Location /${LIB_HTTPD_SVN}>
 285                 DAV svn
 286                 SVNPath "${LIB_HTTPD_SVNPATH}"
 287         </Location>
 288 </IfDefine>