From 8984b8989993b3b3835b0a5366b48db6c0d9a44d Mon Sep 17 00:00:00 2001
From: Dmitry Ilvokhin <d@ilvokhin.com>
Date: Sun, 27 Jul 2025 11:36:28 +0100
Subject: Remove support for git push via HTTP

It was not working properly anyway, because of the permissions problem,
but intoroduced unnecessary complexity in configuration files.

All others (non-write) git operation should continue to work via HTTP.
---
 roles/gitserver/tasks/main.yml | 25 -------------------------
 1 file changed, 25 deletions(-)

(limited to 'roles/gitserver/tasks/main.yml')

diff --git a/roles/gitserver/tasks/main.yml b/roles/gitserver/tasks/main.yml
index 9ec412f..cdb7765 100644
--- a/roles/gitserver/tasks/main.yml
+++ b/roles/gitserver/tasks/main.yml
@@ -88,29 +88,6 @@
     state: started
     daemon_reload: true
 
-- name: Setup auth directory for git
-  ansible.builtin.file:
-    path: /etc/nginx/auth/git
-    state: directory
-    owner: root
-    group: root
-    mode: u+rw,g+r,o+r
-
-# Alternative approach is to use community.general.htpasswd module to manage
-# .htpasswd file. Unfortunetly, there are couple of drawbacks:
-# * Target systems should have passlib Python library installed.
-# * Passwords might leak in the Ansible debug output, or even non-debug
-#   without no_log.
-# Seems like managing good old file is more convenient at the moment.
-
-- name: Copy git .htpasswd file to manage HTTP passwords
-  ansible.builtin.copy:
-    src: files/htpasswd
-    dest: /etc/nginx/auth/git/.htpasswd
-    owner: root
-    group: root
-    mode: u+rw,g+rw,o+r
-
 - name: Copy git.conf to handle git HTTP requests
   ansible.builtin.copy:
     src: files/git.conf
@@ -149,5 +126,3 @@
     owner: git
     group: git
     mode: u+rwx,g-rwx,o-rwx
-
-# TODO: figure out proper permissions to fix HTTP protocol push.
-- 
cgit v1.2.3-70-g09d2