Make smart http git protocol work without authentication

Ask to authenticate only when trying to push to repository. All other operations do not require authentication anymore. Http protocol is still not fully usable, because of the git (git) and fcgiwrap (http) are running under different user. `GIT_HTTP_EXPORT_ALL` was removed to forbid export of private repositories via http protocol.
author: Dmitry Ilvokhin <d@ilvokhin.com> 2025-07-26 20:03:08 +0100
committer: Dmitry Ilvokhin <d@ilvokhin.com> 2025-07-26 20:32:40 +0100
commit: 1152d4b300cd5ff03c5642fce71bda53b5baaa6d (patch)
tree: e6449147596e02f2f0d1480297e03256a9b2bda7 /roles/gitserver/tasks
parent: 21b3c4ee59935aaa6bc23a50492af4ec3e37771c (diff)
download: infra-1152d4b300cd5ff03c5642fce71bda53b5baaa6d.tar.gz
infra-1152d4b300cd5ff03c5642fce71bda53b5baaa6d.tar.bz2
infra-1152d4b300cd5ff03c5642fce71bda53b5baaa6d.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/roles/gitserver/tasks/main.yml b/roles/gitserver/tasks/main.yml
index c007c6e..9ec412f 100644
--- a/roles/gitserver/tasks/main.yml
+++ b/roles/gitserver/tasks/main.yml
@@ -65,6 +65,14 @@
     group: git
     mode: u+rwx,g+r,o+r
 
+- name: Configure git system-wide
+  ansible.builtin.copy:
+    src: files/gitconfig
+    dest: /etc/gitconfig
+    owner: git
+    group: git
+    mode: u+rwx,g+r,o+r
+
 - name: Configure git-daemon systemd service
   ansible.builtin.copy:
     src: files/git-daemon.service
author	Dmitry Ilvokhin <d@ilvokhin.com>	2025-07-26 20:03:08 +0100
committer	Dmitry Ilvokhin <d@ilvokhin.com>	2025-07-26 20:32:40 +0100
commit	1152d4b300cd5ff03c5642fce71bda53b5baaa6d (patch)
tree	e6449147596e02f2f0d1480297e03256a9b2bda7 /roles/gitserver/tasks
parent	21b3c4ee59935aaa6bc23a50492af4ec3e37771c (diff)
download	infra-1152d4b300cd5ff03c5642fce71bda53b5baaa6d.tar.gz infra-1152d4b300cd5ff03c5642fce71bda53b5baaa6d.tar.bz2 infra-1152d4b300cd5ff03c5642fce71bda53b5baaa6d.zip