6 git-daemon - A really simple server for git repositories
11 'git daemon' [--verbose] [--syslog] [--export-all]
12 [--timeout=n] [--init-timeout=n] [--strict-paths]
13 [--base-path=path] [--user-path | --user-path=path]
14 [--interpolated-path=pathtemplate]
15 [--reuseaddr] [--detach] [--pid-file=file]
16 [--enable=service] [--disable=service]
17 [--allow-override=service] [--forbid-override=service]
18 [--inetd | [--listen=host_or_ipaddr] [--port=n] [--user=user [--group=group]]
23 A really simple TCP git daemon that normally listens on port "DEFAULT_GIT_PORT"
24 aka 9418. It waits for a connection asking for a service, and will serve
25 that service if it is enabled.
27 It verifies that the directory has the magic file "git-daemon-export-ok", and
28 it will refuse to export any git directory that hasn't explicitly been marked
29 for export this way (unless the '--export-all' parameter is specified). If you
30 pass some directory paths as `git-daemon` arguments, you can further restrict
31 the offers to a whitelist comprising of those.
33 By default, only `upload-pack` service is enabled, which serves
34 `git-fetch-pack` and `git-ls-remote` clients, which are invoked
35 from `git-fetch`, `git-pull`, and `git-clone`.
37 This is ideally suited for read-only updates, i.e., pulling from
40 An `upload-archive` also exists to serve `git-archive`.
45 Match paths exactly (i.e. don't allow "/foo/repo" when the real path is
46 "/foo/repo.git" or "/foo/repo/.git") and don't do user-relative paths.
47 `git-daemon` will refuse to start when this option is enabled and no
48 whitelist is specified.
51 Remap all the path requests as relative to the given path.
52 This is sort of "GIT root" - if you run `git-daemon` with
53 '--base-path=/srv/git' on example.com, then if you later try to pull
54 'git://example.com/hello.git', `git-daemon` will interpret the path
55 as '/srv/git/hello.git'.
58 If --base-path is enabled and repo lookup fails, with this option
59 `git-daemon` will attempt to lookup without prefixing the base path.
60 This is useful for switching to --base-path usage, while still
61 allowing the old paths.
63 --interpolated-path=pathtemplate::
64 To support virtual hosting, an interpolated path template can be
65 used to dynamically construct alternate paths. The template
66 supports %H for the target hostname as supplied by the client but
67 converted to all lowercase, %CH for the canonical hostname,
68 %IP for the server's IP address, %P for the port number,
69 and %D for the absolute path of the named repository.
70 After interpolation, the path is validated against the directory
74 Allow pulling from all directories that look like GIT repositories
75 (have the 'objects' and 'refs' subdirectories), even if they
76 do not have the 'git-daemon-export-ok' file.
79 Have the server run as an inetd service. Implies --syslog.
80 Incompatible with --port, --listen, --user and --group options.
82 --listen=host_or_ipaddr::
83 Listen on an a specific IP address or hostname. IP addresses can
84 be either an IPv4 address or an IPV6 address if supported. If IPv6
85 is not supported, then --listen=hostname is also not supported and
86 --listen must be given an IPv4 address.
87 Incompatible with '--inetd' option.
90 Listen on an alternative port. Incompatible with '--inetd' option.
93 Timeout between the moment the connection is established and the
94 client request is received (typically a rather low value, since
95 that should be basically immediate).
98 Timeout for specific client sub-requests. This includes the time
99 it takes for the server to process the sub-request and time spent
100 waiting for next client's request.
103 Log to syslog instead of stderr. Note that this option does not imply
104 --verbose, thus by default only error conditions will be logged.
108 Allow ~user notation to be used in requests. When
109 specified with no parameter, requests to
110 git://host/~alice/foo is taken as a request to access
111 'foo' repository in the home directory of user `alice`.
112 If `--user-path=path` is specified, the same request is
113 taken as a request to access `path/foo` repository in
114 the home directory of user `alice`.
117 Log details about the incoming connections and requested files.
120 Use SO_REUSEADDR when binding the listening socket.
121 This allows the server to restart without waiting for
122 old connections to time out.
125 Detach from the shell. Implies --syslog.
128 Save the process id in 'file'. Ignored when the daemon
129 is run under `--inetd`.
133 Change daemon's uid and gid before entering the service loop.
134 When only `--user` is given without `--group`, the
135 primary group ID for the user is used. The values of
136 the option are given to `getpwnam(3)` and `getgrnam(3)`
137 and numeric IDs are not supported.
139 Giving these options is an error when used with `--inetd`; use
140 the facility of inet daemon to achieve the same before spawning
141 `git-daemon` if needed.
145 Enable/disable the service site-wide per default. Note
146 that a service disabled site-wide can still be enabled
147 per repository if it is marked overridable and the
148 repository enables the service with an configuration
151 --allow-override=service::
152 --forbid-override=service::
153 Allow/forbid overriding the site-wide default with per
154 repository configuration. By default, all the services
158 A directory to add to the whitelist of allowed directories. Unless
159 --strict-paths is specified this will also include subdirectories
160 of each named directory.
165 These services can be globally enabled/disabled using the
166 command line options of this command. If a finer-grained
167 control is desired (e.g. to allow `git-archive` to be run
168 against only in a few selected repositories the daemon serves),
169 the per-repository configuration file can be used to enable or
173 This serves `git-fetch-pack` and `git-ls-remote`
174 clients. It is enabled by default, but a repository can
175 disable it by setting `daemon.uploadpack` configuration
179 This serves `git-archive --remote`. It is disabled by
180 default, but a repository can enable it by setting
181 `daemon.uploadarch` configuration item to `true`.
184 This serves `git-send-pack` clients, allowing anonymous
185 push. It is disabled by default, as there is _no_
186 authentication in the protocol (in other words, anybody
187 can push anything into the repository, including removal
188 of refs). This is solely meant for a closed LAN setting
189 where everybody is friendly. This service can be
190 enabled by `daemon.receivepack` configuration item to
195 We assume the following in /etc/services::
198 $ grep 9418 /etc/services
199 git 9418/tcp # Git Version Control System
202 `git-daemon` as inetd server::
203 To set up `git-daemon` as an inetd service that handles any
204 repository under the whitelisted set of directories, /pub/foo
205 and /pub/bar, place an entry like the following into
206 /etc/inetd all on one line:
208 ------------------------------------------------
209 git stream tcp nowait nobody /usr/bin/git
210 git daemon --inetd --verbose --export-all
212 ------------------------------------------------
215 `git-daemon` as inetd server for virtual hosts::
216 To set up `git-daemon` as an inetd service that handles
217 repositories for different virtual hosts, `www.example.com`
218 and `www.example.org`, place an entry like the following into
219 `/etc/inetd` all on one line:
221 ------------------------------------------------
222 git stream tcp nowait nobody /usr/bin/git
223 git daemon --inetd --verbose --export-all
224 --interpolated-path=/pub/%H%D
225 /pub/www.example.org/software
226 /pub/www.example.com/software
228 ------------------------------------------------
230 In this example, the root-level directory `/pub` will contain
231 a subdirectory for each virtual host name supported.
232 Further, both hosts advertise repositories simply as
233 `git://www.example.com/software/repo.git`. For pre-1.4.0
234 clients, a symlink from `/software` into the appropriate
235 default repository could be made as well.
238 `git-daemon` as regular daemon for virtual hosts::
239 To set up `git-daemon` as a regular, non-inetd service that
240 handles repositories for multiple virtual hosts based on
241 their IP addresses, start the daemon like this:
243 ------------------------------------------------
244 git daemon --verbose --export-all
245 --interpolated-path=/pub/%IP/%D
246 /pub/192.168.1.200/software
247 /pub/10.10.220.23/software
248 ------------------------------------------------
250 In this example, the root-level directory `/pub` will contain
251 a subdirectory for each virtual host IP address supported.
252 Repositories can still be accessed by hostname though, assuming
253 they correspond to these IP addresses.
255 selectively enable/disable services per repository::
256 To enable `git-archive --remote` and disable `git-fetch` against
257 a repository, have the following in the configuration file in the
258 repository (that is the file 'config' next to 'HEAD', 'refs' and
261 ----------------------------------------------------------------
265 ----------------------------------------------------------------
270 Written by Linus Torvalds <torvalds@osdl.org>, YOSHIFUJI Hideaki
271 <yoshfuji@linux-ipv6.org> and the git-list <git@vger.kernel.org>
275 Documentation by Junio C Hamano and the git-list <git@vger.kernel.org>.
279 Part of the linkgit:git[1] suite