This proxy provides read-only Git access over HTTP by denying git-receive-pack requests.
By default, the proxy listens on 0.0.0.0:8080. Use the -listen [host]:port
argument
to specify a different listening port.
The proxy needs to filter HTTPS traffic and therefore needs to supply TLS certificates for the requested domain that is trusted by the client. It can issue certificates on demand using a CA certificate, or load pre-generated certificates from file.
Specify the paths to the CA certificate and private key using -ca-cert
and -ca-key
.
The private key must not be password protected. The CA certificate should be trusted
by the client.
Specify a directory that contains pre-generated server certificates and private keys
with -certs-dir
. Each server's certificate/key should be located inside a directory
with the corresponding domain name, e.g. ${certs-dir}/example.com/cert.pem
and
${certs-dir}/example.com/key.pem
.