Only use a proxy for certain git urls/domains?

Is it possible to configure git to use a proxy only for specific domains?

I'd like to use our corporate proxy to access Github but leave it off for accessing our own internal git repos.

I'm using bower and it needs to require items both within our firewall and on github so I can't do this as a per project setting. It needs to be some kind of global configuration option. Any thoughts?


To add another possibility, you can define a proxy through the git config http.proxy.

git config --global http.proxy http://mydomain\\myusername:mypassword@myproxyserver:proxyport

But what is really neat is, starting git1.8.5 (October 2013), you can set http settings per url.

The "http.*" variables can now be specified per URL that the configuration applies.
For example,

[http]
   sslVerify = true
[http "https://weak.example.com/"]
   sslVerify = false

would flip http.sslVerify off only when talking to that specified site.


See commit d4770964d5:

$ git config --bool --get-urlmatch http.sslVerify https://good.example.com
true
$ git config --bool --get-urlmatch http.sslVerify https://weak.example.com
false

With only <section> specified, you can get a list of all variables in the section with their values that apply to the given URL. E.g

$ git config --get-urlmatch http https://weak.example.com
http.sslverify false

All the details are in commit 6a56993b:

http.<url>.*::

Any of the http.* options above can be applied selectively to some urls.
For a config key to match a URL, each element of the config key is compared to that of the URL, in the following order:

  • Scheme (e.g., https in https://example.com/).
  • Host/domain name (e.g., example.com in https://example.com/).
  • Port number (e.g., 8080 in http://example.com:8080/).
  • Path (e.g., repo.git in https://example.com/repo.git).
  • User name (e.g., user in https://[email protected]/repo.git)

The list above is ordered by decreasing precedence; a URL that matches a config key's path is preferred to one that matches its user name.
For example, if the URL is https://[email protected]/foo/bar a config key match of https://example.com/foo will be preferred over a config key match of https://[email protected].

All URLs are normalized before attempting any matching (the password part, if embedded in the URL, is always ignored for matching purposes) so that equivalent urls that are simply spelled differently will match properly.

Environment variable settings always override any matches.
The urls that are matched against are those given directly to Git commands.
This means any URLs +visited as a result of a redirection do not participate in matching.


I usually use the environment variables:

  • http_proxy=http://username:password@proxydomain:port
  • https_proxy=http://username:password@proxydomain:port

That is picked up by git when accessing GitHub repo.

Note:

  • both http_proxy and https_proxy must use the http:// url of the proxy (no https://).
  • always use the fqn (full qualified name) of proxydomain (don't rely on its short name)

But for internal repo, all I have to do is define and export one more environment variable:

  • no_proxy=.my.company,localhost,127.0.0.1,::1, for accessing any repo with an address like myrepo.my.company or localhost.

You can define NO_PROXY or no_proxy, it doesn't matter.

But just in case, I always set HTTP_PROXY, HTTPS_PROXY, http_proxy, https_proxy, NO_PROXY and no_proxy.