blob: cbc91b94c4473fa959ad8500626781f5c7b80ed4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
ServerName git.replicant.us
<VirtualHost *:80>
ServerName git.replicant.us
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REMOTE_ADDR} !=127.0.0.1
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin contact@replicant.us
ServerName git.replicant.us
DocumentRoot /var/www/git.replicant.us
RewriteEngine on
Alias /cgit.css /usr/share/cgit/cgit.css
Alias /cgit.png /usr/share/cgit/cgit.png
Alias /replicant_logo_white.png /var/www/git.replicant.us/htdocs/replicant_logo_white.png
Alias /replicant_favicon.ico /var/www/git.replicant.us/htdocs/replicant_favicon.ico
Alias /replicant_lineage.png /var/www/git.replicant.us/htdocs/replicant_lineage.png
AliasMatch ^/(.*).git/clone.bundle /srv/git/bundles/$1.git/clone.bundle
AliasMatch ^/(.*)/clone.bundle /srv/git/bundles/$1.git/clone.bundle
# The mirrors were moved to their own subdirectories but Replicant 6 still use
# the old URL
RedirectMatch "^/AOSP-mirror/(.*)" "/mirrors/AOSP/$1"
RedirectMatch "^/LineageOS-mirror/(.*)" "/mirrors/LineageOS/$1"
RedirectMatch "^/F-Droid-mirror/(.*)" "/mirrors/F-Droid/$1"
RedirectMatch "^/AOSP-mirror" "/mirrors/AOSP"
RedirectMatch "^/LineageOS-mirror" "/mirrors/LineageOS"
RedirectMatch "^/F-Droid-mirror" "/mirrors/F-Droid"
# Unlike Gitlab, this setup is case sensitive and there are differences between
# 4.2 and 6.0 in case
# Redirect /replicant/packages_apps_Settings.git /replicant/packages_apps_settings.git
# Redirect /replicant/packages_apps_Browser.git /replicant/packages_apps_browser.git
# Above was the previous way but that didn't work with Git protocol so we renamed the repos uppercase
# but then it broke http protocol so here we go again redirecting to uppercase:
Redirect /replicant/packages_apps_settings.git /replicant/packages_apps_Settings.git
Redirect /replicant/packages_apps_browser.git /replicant/packages_apps_Browser.git
# Other redirects
IncludeOptional git-redirects/aosp-mirror.conf
IncludeOptional git-redirects/contrib.conf
IncludeOptional git-redirects/infrastructure.conf
IncludeOptional git-redirects/replicant-4.2.conf
IncludeOptional git-redirects/replicant-6.0.conf
SetEnv GIT_PROJECT_ROOT /srv/git/git-data/repositories/
ScriptAliasMatch \
"(?x)^/(.*/(HEAD | \
info/refs | \
objects/(info/[^/]+ | \
[0-9a-f]{2}/[0-9a-f]{38} | \
pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
git-upload-pack))$" \
/usr/lib/git-core/git-http-backend/$1
ScriptAlias /contrib /usr/lib/cgit/cgit.cgi
ScriptAlias /infrastructure /usr/lib/cgit/cgit.cgi
ScriptAlias /mirrors /usr/lib/cgit/cgit.cgi
ScriptAlias /replicant /usr/lib/cgit/cgit.cgi
ScriptAlias /replicant-next /usr/lib/cgit/cgit.cgi
<Location /contrib>
SetEnv CGIT_CONFIG /etc/cgit.d/contrib.conf
</Location>
<Location /infrastructure>
SetEnv CGIT_CONFIG /etc/cgit.d/infrastructure.conf
</Location>
<Location /mirrors>
SetEnv CGIT_CONFIG /etc/cgit.d/mirrors.conf
</Location>
<Location /replicant>
SetEnv CGIT_CONFIG /etc/cgit.d/replicant.conf
</Location>
<Location /replicant-next>
SetEnv CGIT_CONFIG /etc/cgit.d/replicant-next.conf
</Location>
# <Location /test>
# SetEnv CGIT_CONFIG /etc/cgit.d/test.conf
# </Location>
<Directory /usr/lib/git-core/>
AllowOverride None
Options +ExecCgi -MultiViews +SymLinksIfOwnerMatch
Require all granted
</Directory>
<LocationMatch "^/.*/git-receive-pack$">
Order deny,allow
Deny from all
</LocationMatch>
<Directory /usr/local/lib/cgit/>
AllowOverride None
Options ExecCGI FollowSymlinks
Require all granted
</Directory>
Header always set Strict-Transport-Security "max-age=31536000;"
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/git.replicant.us/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/git.replicant.us/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/git.replicant.us/privkey.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
|