Mind Chasers Inc.
Mind Chasers Inc.

Build an Apache HTTP Server from Source and Configure it to Work as a GIT HTTP Server

We show how to checkout, configure, build, and setup a local Apache HTTP Server on Ubuntu 18.04 along with configuring it to work as a smart HTTP Git server.


This brief article shows by example how to build the Apache HTTP Server from source on Ubuntu 18.04 and configure it as an HTTP GIT server to support operations like git clone and git push via HTTP. There are many, many options to choose from when setting up an Apache HTTP Server; however, creating a server on an internal LAN for the purpose of acting as a Git server is fairly straightforward.

Building the HTTP Server from the Apache SVN trunk is surprisingly simple, and the server configuration from source has a different, more straightforward approach than the Ubuntu package version, which splits the server configuration into multiple files, folders, and helpers. If you're new to Apache on Ubuntu, you may find you like working with the upstream version better.

Note that the steps shown below may be suitable for internal development on a private network, but additional research and care should be applied before hosting an HTTP (Git) server on a public port accessible via the Internet. Fortunately, Apache has great documentation, and many good references are provided at the end of this article.

Configure, Build, and Install Apache HTTP

Our first step is to use SVN to check out the 2.5.x development trunk version:

# install dependencies
$ sudo apt install libtool-bin autoconf

$ cd /build
$ svn checkout http://svn.apache.org/repos/asf/httpd/httpd/trunk httpd-trunk
 U   httpd-trunk
Checked out revision 1872609.

$ cd /build/httpd-trunk

# Build the APR from source along with httpd
$ svn co http://svn.apache.org/repos/asf/apr/apr/trunk srclib/apr

# configure doesn't exist after svn checkout
$ ./buildconf

found apr source: srclib/apr
rebuilding srclib/apr/configure
buildconf: checking installation...
buildconf: python version 3.6.9 (ok)
buildconf: autoconf version 2.69 (ok)
buildconf: libtool version 2.4.6 (ok)
buildconf: copying libtool helper files using /usr/bin/libtoolize
buildconf: creating include/arch/unix/apr_private.h.in ...
buildconf: creating configure ...
buildconf: generating 'make' outputs ...
buildconf: rebuilding rpm spec file
copying build files
rebuilding include/ap_config_auto.h.in
rebuilding configure
rebuilding rpm spec file
buildconf: Fixing timestamps for ap_expr sources to prevent regeneration

Our next step is to configure and build httpd. Note that we'll be installing the server into /opt/apache2/:

$ CFLAGS="-Og" ./configure --prefix=/opt/apache2 --enable-debugger-mode  --enable-rewrite --enable-log-debug

configure: summary of build options:

    Server Version: 2.5.1
    Install prefix: /opt/apache2
    C compiler:     gcc
    CFLAGS:         -Og -pthread  -O0 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Werror=declaration-after-statement -Wpointer-arith -Wformat -Wformat-security -Werror=format-security
    C preprocessor: gcc -E 
$ make

$ make install

Let's perform some introspection of our installation:

$ ls /opt/apache2
bin  build  cgi-bin  conf  error  htdocs  icons  include  lib  logs  man  manual  modules  state

$ ls /opt/apache2/bin/
ab         apr-2-config  checkgid     dbmmanage  envvars-std  firehose      htdbm     htpasswd  httxt2dbm   rotatelogs
apachectl  apxs          ctlogconfig  envvars    fcgistarter  htcacheclean  htdigest  httpd     logresolve

$ ldd /opt/apache2/bin/httpd 
	linux-vdso.so.1 (0x00007ffd013cd000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007fd29b4a3000)
	libapr-2.so.0 => /opt/apache2/lib/libapr-2.so.0 (0x00007fd29b239000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fd29b01a000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fd29ac29000)
	libcrypt.so.1 => /lib/x86_64-linux-gnu/libcrypt.so.1 (0x00007fd29a9f1000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fd29a7ed000)
	libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007fd29a5bb000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fd29b9d2000)

$ ls /opt/apache2/lib/
apr.exp  libapr-2.a  libapr-2.la  libapr-2.so  libapr-2.so.0  libapr-2.so.0.0.0  pkgconfig

$ /opt/apache2/bin/apachectl -V
Server version: Apache/2.5.1-dev (Unix)
Server built:   Jan 10 2020 20:19:38
Server's Module Magic Number: 20190312:6
Server loaded:  APR 2.0.0-dev, PCRE 8.39 2016-06-14
Compiled using: APR 2.0.0-dev, PCRE 8.39 2016-06-14
Architecture:   64-bit
Server MPM:     event
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D HTTPD_ROOT="/opt/apache2"
 -D SUEXEC_BIN="/opt/apache2/bin/suexec"
 -D DEFAULT_PIDLOG="httpd.pid"
 -D DEFAULT_SCOREBOARD="apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

Next we make a couple of tweaks to the configuration file (/opt/apache2/conf/httpd.conf) so we don't have to run as root:

Listen 8001

ServerName <hostname>:8001

Let's give it a quick try - httpd should serve up /opt/apache2/htdocs/index.html as shown below:

$ sudo /opt/apache2/bin/apachectl -k start

$ ps -e | grep httpd
14056 ?        00:00:00 httpd

$ wget localhost:8001
HTTP request sent, awaiting response... 200 OK
Length: 45 [text/html]
Saving to: ‘index.html’

$ more index.html
<html><body><h1>It works!</h1></body></html>

Configure Apache to work with Git

For this step, we'll follow the guidance provided by the Pro Git ebook to set up a Smart HTTP server that supports authentication and operations like git push. From our reference: "The idea is that Git comes with a CGI called git-http-backend that when invoked will do all the negotiation to send and receive data over HTTP."

Make sure mod_cgi, mod_alias and mod_env modules are being loaded:

LoadModule cgid_module modules/mod_cgid.so
LoadModule alias_module modules/mod_alias.so
LoadModule env_module modules/mod_env.so

Below, we modify httpd.conf to configure the ScriptAlias directive to assoiate the URL path /opt with our Ubuntu Git CGI. We also set two environment variables to be passed to the git-http-backend CGI.

ScriptAlias /git/ /usr/lib/git-core/git-http-backend/
SetEnv GIT_PROJECT_ROOT /opt/depot

Below we continue to follow the aforementioned Pro Git refernece and setup basic authentication using .htpasswd with the following additions to our httpd.conf conf file.

<Files "git-http-backend">
    AuthType Basic
    AuthName "Git Access"
    AuthUserFile /opt/depot/.htpasswd
    Require expr !(%{QUERY_STRING} -strmatch '*service=git-receive-pack*' || %{REQUEST_URI} =~ m#/git-receive-pack$#)
    Require valid-user

Our last step before trying to clone, modify, commit, and push via HTTP is to set up our username and password:

$ htpasswd -c /opt/depot/.htpasswd  <username>

Now we should be able to interact with our Git repo (server) using HTTP:

$ git clone http://<hostname>:8001/git/privateisland.git
Cloning into 'privateisland'...

Terms and Acronyms

  • APXS: Apache Extension Tool is a "is a tool for building and installing extension modules for the Apache HTTP server".
  • APR: Apache Portable Runtime "create and maintain software libraries that provide a predictable and consistent interface to underlying platform-specific implementations"
  • CGI: Common Gateway Interface
  • DSO: Dynamic Shared Objects: Modules are ""compiled as DSOs that exist separately from the main httpd binary file"
  • MPM: Multi-Processing Modules "implement the basic behavior of the server. A single MPM must be active in order for the server to function."
  • PCRE: Perl-Compatible Regular Expressions Library
  • Virtual Host is the practice of running more than one web site on a single PC / machine.


Didn't find an answer to your question? Post your issue below or in our new FORUM, and we'll try our best to help you find a solution.

And please note that we update our site daily with new content related to our open source approach to network security and system design. If you would like to be notified about these changes, then please follow us on Twitter and join our mailing list.

Related articles on this site:

subscribe to mailing list:

Please help us improve this article by adding your comment or question:

your email address will be kept private
authenticate with a 3rd party for enhanced features, such as image upload
previous month
next month