1GIT-DAEMON(1) Git Manual GIT-DAEMON(1)
2
3
4
6 git-daemon - A really simple server for git repositories
7
9 git daemon [--verbose] [--syslog] [--export-all]
10 [--timeout=<n>] [--init-timeout=<n>] [--max-connections=<n>]
11 [--strict-paths] [--base-path=<path>] [--base-path-relaxed]
12 [--user-path | --user-path=<path>]
13 [--interpolated-path=<pathtemplate>]
14 [--reuseaddr] [--detach] [--pid-file=<file>]
15 [--enable=<service>] [--disable=<service>]
16 [--allow-override=<service>] [--forbid-override=<service>]
17 [--inetd | [--listen=<host_or_ipaddr>] [--port=<n>] [--user=<user> [--group=<group>]]
18 [<directory>...]
19
20
22 A really simple TCP git daemon that normally listens on port
23 "DEFAULT_GIT_PORT" aka 9418. It waits for a connection asking for a
24 service, and will serve that service if it is enabled.
25
26 It verifies that the directory has the magic file
27 "git-daemon-export-ok", and it will refuse to export any git directory
28 that hasn’t explicitly been marked for export this way (unless the
29 --export-all parameter is specified). If you pass some directory paths
30 as git daemon arguments, you can further restrict the offers to a
31 whitelist comprising of those.
32
33 By default, only upload-pack service is enabled, which serves git
34 fetch-pack and git ls-remote clients, which are invoked from git fetch,
35 git pull, and git clone.
36
37 This is ideally suited for read-only updates, i.e., pulling from git
38 repositories.
39
40 An upload-archive also exists to serve git archive.
41
43 --strict-paths
44 Match paths exactly (i.e. don’t allow "/foo/repo" when the real
45 path is "/foo/repo.git" or "/foo/repo/.git") and don’t do
46 user-relative paths. git daemon will refuse to start when this
47 option is enabled and no whitelist is specified.
48
49 --base-path=<path>
50 Remap all the path requests as relative to the given path. This is
51 sort of "GIT root" - if you run git daemon with
52 --base-path=/srv/git on example.com, then if you later try to pull
53 git://example.com/hello.git, git daemon will interpret the path as
54 /srv/git/hello.git.
55
56 --base-path-relaxed
57 If --base-path is enabled and repo lookup fails, with this option
58 git daemon will attempt to lookup without prefixing the base path.
59 This is useful for switching to --base-path usage, while still
60 allowing the old paths.
61
62 --interpolated-path=<pathtemplate>
63 To support virtual hosting, an interpolated path template can be
64 used to dynamically construct alternate paths. The template
65 supports %H for the target hostname as supplied by the client but
66 converted to all lowercase, %CH for the canonical hostname, %IP for
67 the server’s IP address, %P for the port number, and %D for the
68 absolute path of the named repository. After interpolation, the
69 path is validated against the directory whitelist.
70
71 --export-all
72 Allow pulling from all directories that look like GIT repositories
73 (have the objects and refs subdirectories), even if they do not
74 have the git-daemon-export-ok file.
75
76 --inetd
77 Have the server run as an inetd service. Implies --syslog.
78 Incompatible with --detach, --port, --listen, --user and --group
79 options.
80
81 --listen=<host_or_ipaddr>
82 Listen on a specific IP address or hostname. IP addresses can be
83 either an IPv4 address or an IPv6 address if supported. If IPv6 is
84 not supported, then --listen=hostname is also not supported and
85 --listen must be given an IPv4 address. Can be given more than
86 once. Incompatible with --inetd option.
87
88 --port=<n>
89 Listen on an alternative port. Incompatible with --inetd option.
90
91 --init-timeout=<n>
92 Timeout between the moment the connection is established and the
93 client request is received (typically a rather low value, since
94 that should be basically immediate).
95
96 --timeout=<n>
97 Timeout for specific client sub-requests. This includes the time it
98 takes for the server to process the sub-request and the time spent
99 waiting for the next client’s request.
100
101 --max-connections=<n>
102 Maximum number of concurrent clients, defaults to 32. Set it to
103 zero for no limit.
104
105 --syslog
106 Log to syslog instead of stderr. Note that this option does not
107 imply --verbose, thus by default only error conditions will be
108 logged.
109
110 --user-path, --user-path=<path>
111 Allow ~user notation to be used in requests. When specified with no
112 parameter, requests to git://host/~alice/foo is taken as a request
113 to access foo repository in the home directory of user alice. If
114 --user-path=path is specified, the same request is taken as a
115 request to access path/foo repository in the home directory of user
116 alice.
117
118 --verbose
119 Log details about the incoming connections and requested files.
120
121 --reuseaddr
122 Use SO_REUSEADDR when binding the listening socket. This allows the
123 server to restart without waiting for old connections to time out.
124
125 --detach
126 Detach from the shell. Implies --syslog.
127
128 --pid-file=<file>
129 Save the process id in file. Ignored when the daemon is run under
130 --inetd.
131
132 --user=<user>, --group=<group>
133 Change daemon’s uid and gid before entering the service loop. When
134 only --user is given without --group, the primary group ID for the
135 user is used. The values of the option are given to getpwnam(3) and
136 getgrnam(3) and numeric IDs are not supported.
137
138 Giving these options is an error when used with --inetd; use the
139 facility of inet daemon to achieve the same before spawning git
140 daemon if needed.
141
142 --enable=<service>, --disable=<service>
143 Enable/disable the service site-wide per default. Note that a
144 service disabled site-wide can still be enabled per repository if
145 it is marked overridable and the repository enables the service
146 with a configuration item.
147
148 --allow-override=<service>, --forbid-override=<service>
149 Allow/forbid overriding the site-wide default with per repository
150 configuration. By default, all the services are overridable.
151
152 <directory>
153 A directory to add to the whitelist of allowed directories. Unless
154 --strict-paths is specified this will also include subdirectories
155 of each named directory.
156
158 These services can be globally enabled/disabled using the command line
159 options of this command. If a finer-grained control is desired (e.g. to
160 allow git archive to be run against only in a few selected repositories
161 the daemon serves), the per-repository configuration file can be used
162 to enable or disable them.
163
164 upload-pack
165 This serves git fetch-pack and git ls-remote clients. It is enabled
166 by default, but a repository can disable it by setting
167 daemon.uploadpack configuration item to false.
168
169 upload-archive
170 This serves git archive --remote. It is disabled by default, but a
171 repository can enable it by setting daemon.uploadarch configuration
172 item to true.
173
174 receive-pack
175 This serves git send-pack clients, allowing anonymous push. It is
176 disabled by default, as there is no authentication in the protocol
177 (in other words, anybody can push anything into the repository,
178 including removal of refs). This is solely meant for a closed LAN
179 setting where everybody is friendly. This service can be enabled by
180 daemon.receivepack configuration item to true.
181
183 We assume the following in /etc/services
184
185 $ grep 9418 /etc/services
186 git 9418/tcp # Git Version Control System
187
188
189 git daemon as inetd server
190 To set up git daemon as an inetd service that handles any
191 repository under the whitelisted set of directories, /pub/foo and
192 /pub/bar, place an entry like the following into /etc/inetd all on
193 one line:
194
195 git stream tcp nowait nobody /usr/bin/git
196 git daemon --inetd --verbose --export-all
197 /pub/foo /pub/bar
198
199
200 git daemon as inetd server for virtual hosts
201 To set up git daemon as an inetd service that handles repositories
202 for different virtual hosts, www.example.com and www.example.org,
203 place an entry like the following into /etc/inetd all on one line:
204
205 git stream tcp nowait nobody /usr/bin/git
206 git daemon --inetd --verbose --export-all
207 --interpolated-path=/pub/%H%D
208 /pub/www.example.org/software
209 /pub/www.example.com/software
210 /software
211
212 In this example, the root-level directory /pub will contain a
213 subdirectory for each virtual host name supported. Further, both
214 hosts advertise repositories simply as
215 git://www.example.com/software/repo.git. For pre-1.4.0 clients, a
216 symlink from /software into the appropriate default repository
217 could be made as well.
218
219 git daemon as regular daemon for virtual hosts
220 To set up git daemon as a regular, non-inetd service that handles
221 repositories for multiple virtual hosts based on their IP
222 addresses, start the daemon like this:
223
224 git daemon --verbose --export-all
225 --interpolated-path=/pub/%IP/%D
226 /pub/192.168.1.200/software
227 /pub/10.10.220.23/software
228
229 In this example, the root-level directory /pub will contain a
230 subdirectory for each virtual host IP address supported.
231 Repositories can still be accessed by hostname though, assuming
232 they correspond to these IP addresses.
233
234 selectively enable/disable services per repository
235 To enable git archive --remote and disable git fetch against a
236 repository, have the following in the configuration file in the
237 repository (that is the file config next to HEAD, refs and
238 objects).
239
240 [daemon]
241 uploadpack = false
242 uploadarch = true
243
244
246 git daemon will set REMOTE_ADDR to the IP address of the client that
247 connected to it, if the IP address is available. REMOTE_ADDR will be
248 available in the environment of hooks called when services are
249 performed.
250
252 Written by Linus Torvalds <torvalds@osdl.org[1]>, YOSHIFUJI Hideaki
253 <yoshfuji@linux-ipv6.org[2]> and the git-list <git@vger.kernel.org[3]>
254
256 Documentation by Junio C Hamano and the git-list
257 <git@vger.kernel.org[3]>.
258
260 Part of the git(1) suite
261
263 1. torvalds@osdl.org
264 mailto:torvalds@osdl.org
265
266 2. yoshfuji@linux-ipv6.org
267 mailto:yoshfuji@linux-ipv6.org
268
269 3. git@vger.kernel.org
270 mailto:git@vger.kernel.org
271
272
273
274Git 1.7.4.4 04/11/2011 GIT-DAEMON(1)