apache2-git-subfolder.conf

LoadModule mpm_event_module modules/mod_mpm_event.so                           

<IfModule !proxy_module>
    LoadModule proxy_module modules/mod_proxy.so
</IfModule>

<IfModule !proxy_connect_module >
    LoadModule proxy_connect_module modules/mod_proxy_connect.so
</IfModule>


<IfModule !proxy_http_module >
    LoadModule proxy_http_module modules/mod_proxy_http.so
</IfModule>

<IfModule !ssl_module>
    LoadModule ssl_module modules/mod_ssl.so
</IfModule>


<IfModule !alias_module>
    LoadModule alias_module modules/mod_alias.so
</IfModule>

<IfModule !rewrite_module>
    LoadModule rewrite_module modules/mod_rewrite.so
</IfModule>


<IfModule !env_module>
    LoadModule env_module modules/mod_env.so
</IfModule>


<IfModule !authnz_fcgi_module>
    LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
</IfModule>


LoadModule log_config_module modules/mod_log_config.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule userdir_module modules/mod_userdir.so


<IfModule !mpm_prefork_module>                                                                 
        LoadModule cgid_module modules/mod_cgid.so                                            
</IfModule>                                                                                    
<IfModule mpm_prefork_module>                                                                  
        LoadModule cgi_module modules/mod_cgi.so                                              
</IfModule> 

<IfModule cgid_module>                                                     
    #                                                                      
    # ScriptSock: On threaded servers, designate the path to the UNIX      
    # socket used to communicate with the CGI daemon of mod_cgid.          
    #                                                                
    Scriptsock cgisock                                              
</IfModule>                                                          
               

User www-data
Group www-data

#LogLevel debug

ErrorLog /dev/stderr
TransferLog /dev/stdout


Listen 443


<VirtualHost *:443>

    RewriteEngine On

    ServerAlias $GIT_SERVER_NAME

    <Directory /usr/bin>
        Options +ExecCGI
        Allow From All
        Require all granted
    </Directory>

    <Directory /git-hooks>
        Options +ExecCGI
        Allow From All
        Require all granted
    </Directory>


    <Directory /git-repo>
        Allow From All
        Require all granted
    </Directory>


    SetEnv GIT_PROJECT_ROOT /git-repo/
    SetEnv GIT_HTTP_EXPORT_ALL
    SetEnv GIT_PATH /usr/libexec/git-core/git2
    SetEnv GIT_FILTER_PATH ".gitfilterspec"
    SetEnv GIT_HTTP_PATH /usr/libexec/git-core/git-http-backend

    ScriptAliasMatch "(?x)^/(.*/(HEAD | \
                    info/refs | \
                    objects/(info/[^/]+ | \
                             [0-9a-f]{2}/[0-9a-f]{38} | \
                             pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
                             git-(upload|receive)-pack))$" /git-hooks/git-http-hook.py/$1


    SSLEngine on
    SSLCertificateFile /usr/local/apache2/conf/apache-selfsigned.crt
    SSLCertificateKeyFile /usr/local/apache2/conf/apache-selfsigned.key


    SSLProxyEngine on
    SSLProxyVerify none 
    SSLProxyCheckPeerCN off    
    SSLProxyCheckPeerName off    
    SSLProxyCheckPeerExpire off
    ProxyRequests off
    ProxyRemote "*" "http://mitm-proxy:8080"



    <Location />


        # Add referer hack (if the site uses referrer as security)
        Header add referer "https://github.com"
        RequestHeader set referer "https://github.com"

        Header add Origin "https://github.com"
        RequestHeader set Origin "https://github.com"

        #ProxyVia Full
        #ProxyPreserveHost On
        ProxyPass https://github.com/ retry=0
        ProxyPassReverse https://github.com/

        ProxyPassReverseCookieDomain github.com $GIT_SERVER_NAME
    </Location>


    # <Location /401-error-git.txt>
    #     ProxyPass !
    #     ForceType "text/plain; charset=UTF-8"
    #     Header unset Origin
    #     Header unset referer
    #     Header unset Last-Modified
    #     Header unset Accept-Ranges
    #     Header unset ETag

    # </Location>

    RewriteEngine On
    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

    RewriteRule .* - [e=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # we want git CLI to go through git-http-backend
    <LocationMatch "(.*)/(.*)info/refs(.*)">

        ProxyPass !


        #AuthType Basic
        #AuthName "Github"
        #AuthUserFile /Users/yaronshani/Downloads/github-reverse/.htpasswd
        #AuthBasicProvider FooAuthn
        #Require valid-user

        #ErrorDocument 401 /401-error-git.txt

    </LocationMatch>

    <LocationMatch "(.*)/(.*)git-upload-pack(.*)">
        ProxyPass !
    </LocationMatch>
    <LocationMatch "(.*)/(.*)git-receive-pack(.*)">
        ProxyPass !
    </LocationMatch>
</VirtualHost>