From 8e459dd374602510df33d52194fc53d8d15b7fdd Mon Sep 17 00:00:00 2001
From: Alex Kotov <kotovalexarian@gmail.com>
Date: Sat, 25 Jan 2020 10:27:55 +0500
Subject: [PATCH] Server git repos over HTTPS

---
 files/cgitrc                          |  2 +-
 files/git.crypto-libertarian.com.conf | 27 +++++++++++++++++++++++----
 2 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/files/cgitrc b/files/cgitrc
index ccb9857..c3d231e 100644
--- a/files/cgitrc
+++ b/files/cgitrc
@@ -16,7 +16,7 @@ about-filter=/usr/lib/cgit/filters/html-converters/md2html
 #cache-static-ttl=-1
 case-sensitive-sort=0
 #clone-prefix=none
-clone-url=git@git.crypto-libertarian.com:$CGIT_REPO_URL.git
+clone-url=https://git.crypto-libertarian.com/$CGIT_REPO_URL.git git@git.crypto-libertarian.com:$CGIT_REPO_URL.git
 #commit-filter=none
 #commit-sort=unset
 #css=/cgit.css
diff --git a/files/git.crypto-libertarian.com.conf b/files/git.crypto-libertarian.com.conf
index 75f795e..a03d02d 100644
--- a/files/git.crypto-libertarian.com.conf
+++ b/files/git.crypto-libertarian.com.conf
@@ -15,22 +15,41 @@ NameVirtualHost *:80
 
   ServerName git.crypto-libertarian.com
 
-  SSLEngine on
+  RewriteEngine on
+  SSLEngine     on
 
   SSLCertificateFile      /etc/letsencrypt/live/git.crypto-libertarian.com/cert.pem
   SSLCertificateKeyFile   /etc/letsencrypt/live/git.crypto-libertarian.com/privkey.pem
   SSLCertificateChainFile /etc/letsencrypt/live/git.crypto-libertarian.com/chain.pem
 
+  SetEnv GIT_PROJECT_ROOT /home/git
+  SetEnv GIT_HTTP_EXPORT_ALL
+
   Alias /cgit.css    /usr/share/cgit/cgit.css
   Alias /cgit.png    /usr/share/cgit/cgit.png
   Alias /favicon.ico /usr/share/cgit/favicon.ico
   Alias /robots.txt  /usr/share/cgit/robots.txt
 
+  ScriptAliasMatch                                         \
+    "(?x)^/(.*/(HEAD |                                     \
+            info/refs |                                    \
+            objects/(info/[^/]+ |                          \
+                     [0-9a-f]{2}/[0-9a-f]{38} |            \
+                     pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
+            git-(upload|receive)-pack))$"                  \
+    /usr/lib/git-core/git-http-backend/$1
+
   ScriptAlias / /usr/lib/cgit/cgit.cgi/
 
+  <Directory "/usr/lib/git-core/">
+    AllowOverride None
+    Options ExecCGI FollowSymlinks
+    Require all granted
+  </Directory>
+
   <Directory "/usr/lib/cgit/">
-     AllowOverride None
-     Options ExecCGI FollowSymlinks
-     Require all granted
+    AllowOverride None
+    Options ExecCGI FollowSymlinks
+    Require all granted
   </Directory>
 </VirtualHost>