1GIT-DAEMON(1) Git Manual GIT-DAEMON(1)
2
3
4
6 git-daemon - A really simple server for git repositories
7
9 git-daemon [--verbose] [--syslog] [--export-all]
10 [--timeout=n] [--init-timeout=n] [--strict-paths]
11 [--base-path=path] [--user-path | --user-path=path]
12 [--interpolated-path=pathtemplate]
13 [--reuseaddr] [--detach] [--pid-file=file]
14 [--enable=service] [--disable=service]
15 [--allow-override=service] [--forbid-override=service]
16 [--inetd | [--listen=host_or_ipaddr] [--port=n] [--user=user [--group=group]]
17 [directory...]
18
20 A really simple TCP git daemon that normally listens on port
21 "DEFAULT_GIT_PORT" aka 9418. It waits for a connection asking for a
22 service, and will serve that service if it is enabled.
23
24 It verifies that the directory has the magic file
25 "git-daemon-export-ok", and it will refuse to export any git directory
26 that hasn´t explicitly been marked for export this way (unless the
27 --export-all parameter is specified). If you pass some directory paths
28 as git-daemon arguments, you can further restrict the offers to a
29 whitelist comprising of those.
30
31 By default, only upload-pack service is enabled, which serves
32 git-fetch-pack and git-peek-remote clients that are invoked from
33 git-fetch, git-ls-remote, and git-clone.
34
35 This is ideally suited for read-only updates, i.e., pulling from git
36 repositories.
37
38 An upload-archive also exists to serve git-archive.
39
41 --strict-paths
42 Match paths exactly (i.e. don´t allow "/foo/repo" when the real
43 path is "/foo/repo.git" or "/foo/repo/.git") and don´t do
44 user-relative paths. git-daemon will refuse to start when this
45 option is enabled and no whitelist is specified.
46
47 --base-path
48 Remap all the path requests as relative to the given path. This is
49 sort of "GIT root" - if you run git-daemon with
50 --base-path=/srv/git on example.com, then if you later try to pull
51 git://example.com/hello.git, git-daemon will interpret the path as
52 /srv/git/hello.git.
53
54 --base-path-relaxed
55 If --base-path is enabled and repo lookup fails, with this option
56 git-daemon will attempt to lookup without prefixing the base path.
57 This is useful for switching to --base-path usage, while still
58 allowing the old paths.
59
60 --interpolated-path=pathtemplate
61 To support virtual hosting, an interpolated path template can be
62 used to dynamically construct alternate paths. The template
63 supports %H for the target hostname as supplied by the client but
64 converted to all lowercase, %CH for the canonical hostname, %IP for
65 the server´s IP address, %P for the port number, and %D for the
66 absolute path of the named repository. After interpolation, the
67 path is validated against the directory whitelist.
68
69 --export-all
70 Allow pulling from all directories that look like GIT repositories
71 (have the objects and refs subdirectories), even if they do not
72 have the git-daemon-export-ok file.
73
74 --inetd
75 Have the server run as an inetd service. Implies --syslog.
76 Incompatible with --port, --listen, --user and --group options.
77
78 --listen=host_or_ipaddr
79 Listen on an a specific IP address or hostname. IP addresses can be
80 either an IPv4 address or an IPV6 address if supported. If IPv6 is
81 not supported, then --listen=hostname is also not supported and
82 --listen must be given an IPv4 address. Incompatible with --inetd
83 option.
84
85 --port=n
86 Listen on an alternative port. Incompatible with --inetd option.
87
88 --init-timeout
89 Timeout between the moment the connection is established and the
90 client request is received (typically a rather low value, since
91 that should be basically immediate).
92
93 --timeout
94 Timeout for specific client sub-requests. This includes the time it
95 takes for the server to process the sub-request and time spent
96 waiting for next client´s request.
97
98 --syslog
99 Log to syslog instead of stderr. Note that this option does not
100 imply --verbose, thus by default only error conditions will be
101 logged.
102
103 --user-path, --user-path=path
104 Allow user notation to be used in requests. When specified with no
105 parameter, requests to git://host/alice/foo is taken as a request
106 to access foo repository in the home directory of user alice. If
107 --user-path=path is specified, the same request is taken as a
108 request to access path/foo repository in the home directory of user
109 alice.
110
111 --verbose
112 Log details about the incoming connections and requested files.
113
114 --reuseaddr
115 Use SO_REUSEADDR when binding the listening socket. This allows the
116 server to restart without waiting for old connections to time out.
117
118 --detach
119 Detach from the shell. Implies --syslog.
120
121 --pid-file=file
122 Save the process id in file. Ignored when the daemon is run under
123 --inetd.
124
125 --user=user, --group=group
126 Change daemon´s uid and gid before entering the service loop. When
127 only --user is given without --group, the primary group ID for the
128 user is used. The values of the option are given to getpwnam(3) and
129 getgrnam(3) and numeric IDs are not supported.
130
131 Giving these options is an error when used with --inetd; use the
132 facility of inet daemon to achieve the same before spawning
133 git-daemon if needed.
134
135 --enable=service, --disable=service
136 Enable/disable the service site-wide per default. Note that a
137 service disabled site-wide can still be enabled per repository if
138 it is marked overridable and the repository enables the service
139 with an configuration item.
140
141 --allow-override=service, --forbid-override=service
142 Allow/forbid overriding the site-wide default with per repository
143 configuration. By default, all the services are overridable.
144
145 <directory>
146 A directory to add to the whitelist of allowed directories. Unless
147 --strict-paths is specified this will also include subdirectories
148 of each named directory.
149
151 These services can be globally enabled/disabled using the command line
152 options of this command. If a finer-grained control is desired (e.g. to
153 allow git-archive to be run against only in a few selected repositories
154 the daemon serves), the per-repository configuration file can be used
155 to enable or disable them.
156
157 upload-pack
158 This serves git-fetch-pack and git-peek-remote clients. It is
159 enabled by default, but a repository can disable it by setting
160 daemon.uploadpack configuration item to false.
161
162 upload-archive
163 This serves git-archive --remote. It is disabled by default, but a
164 repository can enable it by setting daemon.uploadarchive
165 configuration item to true.
166
167 receive-pack
168 This serves git-send-pack clients, allowing anonymous push. It is
169 disabled by default, as there is no authentication in the protocol
170 (in other words, anybody can push anything into the repository,
171 including removal of refs). This is solely meant for a closed LAN
172 setting where everybody is friendly. This service can be enabled by
173 daemon.receivepack configuration item to true.
174
176 We assume the following in /etc/services
177
178
179 $ grep 9418 /etc/services
180 git 9418/tcp # Git Version Control System
181
182
183 git-daemon as inetd server
184 To set up git-daemon as an inetd service that handles any
185 repository under the whitelisted set of directories, /pub/foo and
186 /pub/bar, place an entry like the following into /etc/inetd all on
187 one line:
188
189
190
191 git stream tcp nowait nobody /usr/bin/git-daemon
192 git-daemon --inetd --verbose --export-all
193 /pub/foo /pub/bar
194
195
196 git-daemon as inetd server for virtual hosts
197 To set up git-daemon as an inetd service that handles repositories
198 for different virtual hosts, www.example.com and www.example.org,
199 place an entry like the following into /etc/inetd all on one line:
200
201
202
203 git stream tcp nowait nobody /usr/bin/git-daemon
204 git-daemon --inetd --verbose --export-all
205 --interpolated-path=/pub/%H%D
206 /pub/www.example.org/software
207 /pub/www.example.com/software
208 /software
209
210 In this example, the root-level directory /pub will contain a
211 subdirectory for each virtual host name supported. Further, both
212 hosts advertise repositories simply as
213 git://www.example.com/software/repo.git. For pre-1.4.0 clients, a
214 symlink from /software into the appropriate default repository
215 could be made as well.
216
217 git-daemon as regular daemon for virtual hosts
218 To set up git-daemon as a regular, non-inetd service that handles
219 repositories for multiple virtual hosts based on their IP
220 addresses, start the daemon like this:
221
222
223
224 git-daemon --verbose --export-all
225 --interpolated-path=/pub/%IP/%D
226 /pub/192.168.1.200/software
227 /pub/10.10.220.23/software
228
229 In this example, the root-level directory /pub will contain a
230 subdirectory for each virtual host IP address supported.
231 Repositories can still be accessed by hostname though, assuming
232 they correspond to these IP addresses.
233
234 selectively enable/disable services per repository
235 To enable git-archive --remote and disable git-fetch against a
236 repository, have the following in the configuration file in the
237 repository (that is the file config next to HEAD, refs and
238 objects).
239
240
241
242 [daemon]
243 uploadpack = false
244 uploadarchive = true
245
246
248 Written by Linus Torvalds <torvalds@osdl.org>, YOSHIFUJI Hideaki
249 <yoshfuji@linux-ipv6.org> and the git-list <git@vger.kernel.org>
250
252 Documentation by Junio C Hamano and the git-list <git@vger.kernel.org>.
253
255 Part of the git(7) suite
256
257
258
259
260Git 1.5.3.3 10/09/2007 GIT-DAEMON(1)