Google Git
Sign in
chromium / external / gitster / git-htmldocs / a47bf3c145d71ffd27b5fa0bb05493765225d757 / . / git-daemon.html
blob: aa810eeaf8635ee83957cea4112941b49e6c2175 [file] [log] [blame]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="generator" content="AsciiDoc 8.4.5" />
<title>git-daemon(1)</title>
<style type="text/css">
/* Debug borders */
p, li, dt, dd, div, pre, h1, h2, h3, h4, h5, h6 {
/*
border: 1px solid red;
*/
}
body {
margin: 1em 5% 1em 5%;
}
a {
color: blue;
text-decoration: underline;
}
a:visited {
color: fuchsia;
}
em {
font-style: italic;
color: navy;
}
strong {
font-weight: bold;
color: #083194;
}
tt {
color: navy;
}
h1, h2, h3, h4, h5, h6 {
color: #527bbd;
font-family: sans-serif;
margin-top: 1.2em;
margin-bottom: 0.5em;
line-height: 1.3;
}
h1, h2, h3 {
border-bottom: 2px solid silver;
}
h2 {
padding-top: 0.5em;
}
h3 {
float: left;
}
h3 + * {
clear: left;
}
div.sectionbody {
font-family: serif;
margin-left: 0;
}
hr {
border: 1px solid silver;
}
p {
margin-top: 0.5em;
margin-bottom: 0.5em;
}
ul, ol, li > p {
margin-top: 0;
}
pre {
padding: 0;
margin: 0;
}
span#author {
color: #527bbd;
font-family: sans-serif;
font-weight: bold;
font-size: 1.1em;
}
span#email {
}
span#revnumber, span#revdate, span#revremark {
font-family: sans-serif;
}
div#footer {
font-family: sans-serif;
font-size: small;
border-top: 2px solid silver;
padding-top: 0.5em;
margin-top: 4.0em;
}
div#footer-text {
float: left;
padding-bottom: 0.5em;
}
div#footer-badges {
float: right;
padding-bottom: 0.5em;
}
div#preamble {
margin-top: 1.5em;
margin-bottom: 1.5em;
}
div.tableblock, div.imageblock, div.exampleblock, div.verseblock,
div.quoteblock, div.literalblock, div.listingblock, div.sidebarblock,
div.admonitionblock {
margin-top: 1.5em;
margin-bottom: 1.5em;
}
div.admonitionblock {
margin-top: 2.5em;
margin-bottom: 2.5em;
}
div.content { /* Block element content. */
padding: 0;
}
/* Block element titles. */
div.title, caption.title {
color: #527bbd;
font-family: sans-serif;
font-weight: bold;
text-align: left;
margin-top: 1.0em;
margin-bottom: 0.5em;
}
div.title + * {
margin-top: 0;
}
td div.title:first-child {
margin-top: 0.0em;
}
div.content div.title:first-child {
margin-top: 0.0em;
}
div.content + div.title {
margin-top: 0.0em;
}
div.sidebarblock > div.content {
background: #ffffee;
border: 1px solid silver;
padding: 0.5em;
}
div.listingblock > div.content {
border: 1px solid silver;
background: #f4f4f4;
padding: 0.5em;
}
div.quoteblock {
padding-left: 2.0em;
margin-right: 10%;
}
div.quoteblock > div.attribution {
padding-top: 0.5em;
text-align: right;
}
div.verseblock {
padding-left: 2.0em;
margin-right: 10%;
}
div.verseblock > div.content {
white-space: pre;
}
div.verseblock > div.attribution {
padding-top: 0.75em;
text-align: left;
}
/* DEPRECATED: Pre version 8.2.7 verse style literal block. */
div.verseblock + div.attribution {
text-align: left;
}
div.admonitionblock .icon {
vertical-align: top;
font-size: 1.1em;
font-weight: bold;
text-decoration: underline;
color: #527bbd;
padding-right: 0.5em;
}
div.admonitionblock td.content {
padding-left: 0.5em;
border-left: 2px solid silver;
}
div.exampleblock > div.content {
border-left: 2px solid silver;
padding: 0.5em;
}
div.imageblock div.content { padding-left: 0; }
span.image img { border-style: none; }
a.image:visited { color: white; }
dl {
margin-top: 0.8em;
margin-bottom: 0.8em;
}
dt {
margin-top: 0.5em;
margin-bottom: 0;
font-style: normal;
color: navy;
}
dd > *:first-child {
margin-top: 0.1em;
}
ul, ol {
list-style-position: outside;
}
ol.arabic {
list-style-type: decimal;
}
ol.loweralpha {
list-style-type: lower-alpha;
}
ol.upperalpha {
list-style-type: upper-alpha;
}
ol.lowerroman {
list-style-type: lower-roman;
}
ol.upperroman {
list-style-type: upper-roman;
}
div.compact ul, div.compact ol,
div.compact p, div.compact p,
div.compact div, div.compact div {
margin-top: 0.1em;
margin-bottom: 0.1em;
}
div.tableblock > table {
border: 3px solid #527bbd;
}
thead {
font-family: sans-serif;
font-weight: bold;
}
tfoot {
font-weight: bold;
}
td > div.verse {
white-space: pre;
}
p.table {
margin-top: 0;
}
/* Because the table frame attribute is overriden by CSS in most browsers. */
div.tableblock > table[frame="void"] {
border-style: none;
}
div.tableblock > table[frame="hsides"] {
border-left-style: none;
border-right-style: none;
}
div.tableblock > table[frame="vsides"] {
border-top-style: none;
border-bottom-style: none;
}
div.hdlist {
margin-top: 0.8em;
margin-bottom: 0.8em;
}
div.hdlist tr {
padding-bottom: 15px;
}
dt.hdlist1.strong, td.hdlist1.strong {
font-weight: bold;
}
td.hdlist1 {
vertical-align: top;
font-style: normal;
padding-right: 0.8em;
color: navy;
}
td.hdlist2 {
vertical-align: top;
}
div.hdlist.compact tr {
margin: 0;
padding-bottom: 0;
}
.comment {
background: yellow;
}
@media print {
div#footer-badges { display: none; }
}
div#toctitle {
color: #527bbd;
font-family: sans-serif;
font-size: 1.1em;
font-weight: bold;
margin-top: 1.0em;
margin-bottom: 0.1em;
}
div.toclevel1, div.toclevel2, div.toclevel3, div.toclevel4 {
margin-top: 0;
margin-bottom: 0;
}
div.toclevel2 {
margin-left: 2em;
font-size: 0.9em;
}
div.toclevel3 {
margin-left: 4em;
font-size: 0.9em;
}
div.toclevel4 {
margin-left: 6em;
font-size: 0.9em;
}
/* Overrides for manpage documents */
h1 {
padding-top: 0.5em;
padding-bottom: 0.5em;
border-top: 2px solid silver;
border-bottom: 2px solid silver;
}
h2 {
border-style: none;
}
div.sectionbody {
margin-left: 5%;
}
@media print {
div#toc { display: none; }
}
/* Workarounds for IE6's broken and incomplete CSS2. */
div.sidebar-content {
background: #ffffee;
border: 1px solid silver;
padding: 0.5em;
}
div.sidebar-title, div.image-title {
color: #527bbd;
font-family: sans-serif;
font-weight: bold;
margin-top: 0.0em;
margin-bottom: 0.5em;
}
div.listingblock div.content {
border: 1px solid silver;
background: #f4f4f4;
padding: 0.5em;
}
div.quoteblock-attribution {
padding-top: 0.5em;
text-align: right;
}
div.verseblock-content {
white-space: pre;
}
div.verseblock-attribution {
padding-top: 0.75em;
text-align: left;
}
div.exampleblock-content {
border-left: 2px solid silver;
padding-left: 0.5em;
}
/* IE6 sets dynamically generated links as visited. */
div#toc a:visited { color: blue; }
</style>
</head>
<body>
<div id="header">
<h1>
git-daemon(1) Manual Page
</h1>
<h2>NAME</h2>
<div class="sectionbody">
<p>git-daemon -
A really simple server for git repositories
</p>
</div>
</div>
<h2 id="_synopsis">SYNOPSIS</h2>
<div class="sectionbody">
<div class="verseblock">
<div class="verseblock-content"><em>git daemon</em> [--verbose] [--syslog] [--export-all]
[--timeout=&lt;n&gt;] [--init-timeout=&lt;n&gt;] [--max-connections=&lt;n&gt;]
[--strict-paths] [--base-path=&lt;path&gt;] [--base-path-relaxed]
[--user-path | --user-path=&lt;path&gt;]
[--interpolated-path=&lt;pathtemplate&gt;]
[--reuseaddr] [--detach] [--pid-file=&lt;file&gt;]
[--enable=&lt;service&gt;] [--disable=&lt;service&gt;]
[--allow-override=&lt;service&gt;] [--forbid-override=&lt;service&gt;]
[--inetd | [--listen=&lt;host_or_ipaddr&gt;] [--port=&lt;n&gt;] [--user=&lt;user&gt; [--group=&lt;group&gt;]]
[&lt;directory&gt;&#8230;]</div>
<div class="verseblock-attribution">
</div></div>
</div>
<h2 id="_description">DESCRIPTION</h2>
<div class="sectionbody">
<div class="paragraph"><p>A really simple TCP git daemon that normally listens on port "DEFAULT_GIT_PORT"
aka 9418. It waits for a connection asking for a service, and will serve
that service if it is enabled.</p></div>
<div class="paragraph"><p>It verifies that the directory has the magic file "git-daemon-export-ok", and
it will refuse to export any git directory that hasn&#8217;t explicitly been marked
for export this way (unless the <em>--export-all</em> parameter is specified). If you
pass some directory paths as <em>git daemon</em> arguments, you can further restrict
the offers to a whitelist comprising of those.</p></div>
<div class="paragraph"><p>By default, only <tt>upload-pack</tt> service is enabled, which serves
<em>git fetch-pack</em> and <em>git ls-remote</em> clients, which are invoked
from <em>git fetch</em>, <em>git pull</em>, and <em>git clone</em>.</p></div>
<div class="paragraph"><p>This is ideally suited for read-only updates, i.e., pulling from
git repositories.</p></div>
<div class="paragraph"><p>An <tt>upload-archive</tt> also exists to serve <em>git archive</em>.</p></div>
</div>
<h2 id="_options">OPTIONS</h2>
<div class="sectionbody">
<div class="dlist"><dl>
<dt class="hdlist1">
--strict-paths
</dt>
<dd>
<p>
Match paths exactly (i.e. don&#8217;t allow "/foo/repo" when the real path is
"/foo/repo.git" or "/foo/repo/.git") and don&#8217;t do user-relative paths.
<em>git daemon</em> will refuse to start when this option is enabled and no
whitelist is specified.
</p>
</dd>
<dt class="hdlist1">
--base-path=&lt;path&gt;
</dt>
<dd>
<p>
Remap all the path requests as relative to the given path.
This is sort of "GIT root" - if you run <em>git daemon</em> with
<em>--base-path=/srv/git</em> on example.com, then if you later try to pull
<em>git://example.com/hello.git</em>, <em>git daemon</em> will interpret the path
as <em>/srv/git/hello.git</em>.
</p>
</dd>
<dt class="hdlist1">
--base-path-relaxed
</dt>
<dd>
<p>
If --base-path is enabled and repo lookup fails, with this option
<em>git daemon</em> will attempt to lookup without prefixing the base path.
This is useful for switching to --base-path usage, while still
allowing the old paths.
</p>
</dd>
<dt class="hdlist1">
--interpolated-path=&lt;pathtemplate&gt;
</dt>
<dd>
<p>
To support virtual hosting, an interpolated path template can be
used to dynamically construct alternate paths. The template
supports %H for the target hostname as supplied by the client but
converted to all lowercase, %CH for the canonical hostname,
%IP for the server&#8217;s IP address, %P for the port number,
and %D for the absolute path of the named repository.
After interpolation, the path is validated against the directory
whitelist.
</p>
</dd>
<dt class="hdlist1">
--export-all
</dt>
<dd>
<p>
Allow pulling from all directories that look like GIT repositories
(have the <em>objects</em> and <em>refs</em> subdirectories), even if they
do not have the <em>git-daemon-export-ok</em> file.
</p>
</dd>
<dt class="hdlist1">
--inetd
</dt>
<dd>
<p>
Have the server run as an inetd service. Implies --syslog.
Incompatible with --detach, --port, --listen, --user and --group
options.
</p>
</dd>
<dt class="hdlist1">
--listen=&lt;host_or_ipaddr&gt;
</dt>
<dd>
<p>
Listen on a specific IP address or hostname. IP addresses can
be either an IPv4 address or an IPv6 address if supported. If IPv6
is not supported, then --listen=hostname is also not supported and
--listen must be given an IPv4 address.
Can be given more than once.
Incompatible with <em>--inetd</em> option.
</p>
</dd>
<dt class="hdlist1">
--port=&lt;n&gt;
</dt>
<dd>
<p>
Listen on an alternative port. Incompatible with <em>--inetd</em> option.
</p>
</dd>
<dt class="hdlist1">
--init-timeout=&lt;n&gt;
</dt>
<dd>
<p>
Timeout between the moment the connection is established and the
client request is received (typically a rather low value, since
that should be basically immediate).
</p>
</dd>
<dt class="hdlist1">
--timeout=&lt;n&gt;
</dt>
<dd>
<p>
Timeout for specific client sub-requests. This includes the time
it takes for the server to process the sub-request and the time spent
waiting for the next client&#8217;s request.
</p>
</dd>
<dt class="hdlist1">
--max-connections=&lt;n&gt;
</dt>
<dd>
<p>
Maximum number of concurrent clients, defaults to 32. Set it to
zero for no limit.
</p>
</dd>
<dt class="hdlist1">
--syslog
</dt>
<dd>
<p>
Log to syslog instead of stderr. Note that this option does not imply
--verbose, thus by default only error conditions will be logged.
</p>
</dd>
<dt class="hdlist1">
--user-path
</dt>
<dt class="hdlist1">
--user-path=&lt;path&gt;
</dt>
<dd>
<p>
Allow &#126;user notation to be used in requests. When
specified with no parameter, requests to
git://host/&#126;alice/foo is taken as a request to access
<em>foo</em> repository in the home directory of user <tt>alice</tt>.
If <tt>--user-path=path</tt> is specified, the same request is
taken as a request to access <tt>path/foo</tt> repository in
the home directory of user <tt>alice</tt>.
</p>
</dd>
<dt class="hdlist1">
--verbose
</dt>
<dd>
<p>
Log details about the incoming connections and requested files.
</p>
</dd>
<dt class="hdlist1">
--reuseaddr
</dt>
<dd>
<p>
Use SO_REUSEADDR when binding the listening socket.
This allows the server to restart without waiting for
old connections to time out.
</p>
</dd>
<dt class="hdlist1">
--detach
</dt>
<dd>
<p>
Detach from the shell. Implies --syslog.
</p>
</dd>
<dt class="hdlist1">
--pid-file=&lt;file&gt;
</dt>
<dd>
<p>
Save the process id in <em>file</em>. Ignored when the daemon
is run under <tt>--inetd</tt>.
</p>
</dd>
<dt class="hdlist1">
--user=&lt;user&gt;
</dt>
<dt class="hdlist1">
--group=&lt;group&gt;
</dt>
<dd>
<p>
Change daemon&#8217;s uid and gid before entering the service loop.
When only <tt>--user</tt> is given without <tt>--group</tt>, the
primary group ID for the user is used. The values of
the option are given to <tt>getpwnam(3)</tt> and <tt>getgrnam(3)</tt>
and numeric IDs are not supported.
</p>
<div class="paragraph"><p>Giving these options is an error when used with <tt>--inetd</tt>; use
the facility of inet daemon to achieve the same before spawning
<em>git daemon</em> if needed.</p></div>
</dd>
<dt class="hdlist1">
--enable=&lt;service&gt;
</dt>
<dt class="hdlist1">
--disable=&lt;service&gt;
</dt>
<dd>
<p>
Enable/disable the service site-wide per default. Note
that a service disabled site-wide can still be enabled
per repository if it is marked overridable and the
repository enables the service with a configuration
item.
</p>
</dd>
<dt class="hdlist1">
--allow-override=&lt;service&gt;
</dt>
<dt class="hdlist1">
--forbid-override=&lt;service&gt;
</dt>
<dd>
<p>
Allow/forbid overriding the site-wide default with per
repository configuration. By default, all the services
are overridable.
</p>
</dd>
<dt class="hdlist1">
&lt;directory&gt;
</dt>
<dd>
<p>
A directory to add to the whitelist of allowed directories. Unless
--strict-paths is specified this will also include subdirectories
of each named directory.
</p>
</dd>
</dl></div>
</div>
<h2 id="_services">SERVICES</h2>
<div class="sectionbody">
<div class="paragraph"><p>These services can be globally enabled/disabled using the
command line options of this command. If a finer-grained
control is desired (e.g. to allow <em>git archive</em> to be run
against only in a few selected repositories the daemon serves),
the per-repository configuration file can be used to enable or
disable them.</p></div>
<div class="dlist"><dl>
<dt class="hdlist1">
upload-pack
</dt>
<dd>
<p>
This serves <em>git fetch-pack</em> and <em>git ls-remote</em>
clients. It is enabled by default, but a repository can
disable it by setting <tt>daemon.uploadpack</tt> configuration
item to <tt>false</tt>.
</p>
</dd>
<dt class="hdlist1">
upload-archive
</dt>
<dd>
<p>
This serves <em>git archive --remote</em>. It is disabled by
default, but a repository can enable it by setting
<tt>daemon.uploadarch</tt> configuration item to <tt>true</tt>.
</p>
</dd>
<dt class="hdlist1">
receive-pack
</dt>
<dd>
<p>
This serves <em>git send-pack</em> clients, allowing anonymous
push. It is disabled by default, as there is <em>no</em>
authentication in the protocol (in other words, anybody
can push anything into the repository, including removal
of refs). This is solely meant for a closed LAN setting
where everybody is friendly. This service can be
enabled by <tt>daemon.receivepack</tt> configuration item to
<tt>true</tt>.
</p>
</dd>
</dl></div>
</div>
<h2 id="_examples">EXAMPLES</h2>
<div class="sectionbody">
<div class="dlist"><dl>
<dt class="hdlist1">
We assume the following in /etc/services
</dt>
<dd>
<div class="listingblock">
<div class="content">
<pre><tt>$ grep 9418 /etc/services
git 9418/tcp # Git Version Control System</tt></pre>
</div></div>
</dd>
<dt class="hdlist1">
<em>git daemon</em> as inetd server
</dt>
<dd>
<p>
To set up <em>git daemon</em> as an inetd service that handles any
repository under the whitelisted set of directories, /pub/foo
and /pub/bar, place an entry like the following into
/etc/inetd all on one line:
</p>
<div class="listingblock">
<div class="content">
<pre><tt> git stream tcp nowait nobody /usr/bin/git
git daemon --inetd --verbose --export-all
/pub/foo /pub/bar</tt></pre>
</div></div>
</dd>
<dt class="hdlist1">
<em>git daemon</em> as inetd server for virtual hosts
</dt>
<dd>
<p>
To set up <em>git daemon</em> as an inetd service that handles
repositories for different virtual hosts, <tt>www.example.com</tt>
and <tt>www.example.org</tt>, place an entry like the following into
<tt>/etc/inetd</tt> all on one line:
</p>
<div class="listingblock">
<div class="content">
<pre><tt> git stream tcp nowait nobody /usr/bin/git
git daemon --inetd --verbose --export-all
--interpolated-path=/pub/%H%D
/pub/www.example.org/software
/pub/www.example.com/software
/software</tt></pre>
</div></div>
<div class="paragraph"><p>In this example, the root-level directory <tt>/pub</tt> will contain
a subdirectory for each virtual host name supported.
Further, both hosts advertise repositories simply as
<tt>git://www.example.com/software/repo.git</tt>. For pre-1.4.0
clients, a symlink from <tt>/software</tt> into the appropriate
default repository could be made as well.</p></div>
</dd>
<dt class="hdlist1">
<em>git daemon</em> as regular daemon for virtual hosts
</dt>
<dd>
<p>
To set up <em>git daemon</em> as a regular, non-inetd service that
handles repositories for multiple virtual hosts based on
their IP addresses, start the daemon like this:
</p>
<div class="listingblock">
<div class="content">
<pre><tt> git daemon --verbose --export-all
--interpolated-path=/pub/%IP/%D
/pub/192.168.1.200/software
/pub/10.10.220.23/software</tt></pre>
</div></div>
<div class="paragraph"><p>In this example, the root-level directory <tt>/pub</tt> will contain
a subdirectory for each virtual host IP address supported.
Repositories can still be accessed by hostname though, assuming
they correspond to these IP addresses.</p></div>
</dd>
<dt class="hdlist1">
selectively enable/disable services per repository
</dt>
<dd>
<p>
To enable <em>git archive --remote</em> and disable <em>git fetch</em> against
a repository, have the following in the configuration file in the
repository (that is the file <em>config</em> next to <em>HEAD</em>, <em>refs</em> and
<em>objects</em>).
</p>
<div class="listingblock">
<div class="content">
<pre><tt> [daemon]
uploadpack = false
uploadarch = true</tt></pre>
</div></div>
</dd>
</dl></div>
</div>
<h2 id="_environment">ENVIRONMENT</h2>
<div class="sectionbody">
<div class="paragraph"><p><em>git daemon</em> will set REMOTE_ADDR to the IP address of the client
that connected to it, if the IP address is available. REMOTE_ADDR will
be available in the environment of hooks called when
services are performed.</p></div>
</div>
<h2 id="_git">GIT</h2>
<div class="sectionbody">
<div class="paragraph"><p>Part of the <a href="git.html">git(1)</a> suite</p></div>
</div>
<div id="footer">
<div id="footer-text">
Last updated 2011-03-15 23:30:13 UTC
</div>
</div>
</body>
</html>