Only use a proxy for certain git urls/domains?
Is it possible to configure git to use a proxy only for specific domains?
I'd like to use our corporate proxy to access Github but leave it off for accessing our own internal git repos.
I'm using bower and it needs to require items both within our firewall and on github so I can't do this as a per project setting. It needs to be some kind of global configuration option. Any thoughts?
To add another possibility, you can define a proxy through the git config http.proxy.
git config --global http.proxy http://mydomain\\myusername:mypassword@myproxyserver:proxyport
But what is really neat is, starting git1.8.5 (October 2013), you can set http settings per url.
The "http.*" variables can now be specified per URL that the configuration applies.
For example,
[http]
sslVerify = true
[http "https://weak.example.com/"]
sslVerify = false
would flip
http.sslVerifyoff only when talking to that specified site.
See commit d4770964d5:
$ git config --bool --get-urlmatch http.sslVerify https://good.example.com
true
$ git config --bool --get-urlmatch http.sslVerify https://weak.example.com
false
With only
<section>specified, you can get a list of all variables in the section with their values that apply to the given URL. E.g
$ git config --get-urlmatch http https://weak.example.com
http.sslverify false
All the details are in commit 6a56993b:
http.<url>.*::
Any of the http.* options above can be applied selectively to some urls.
For a config key to match a URL, each element of the config key is compared to that of the URL, in the following order:
-
Scheme (e.g.,
httpsinhttps://example.com/). -
Host/domain name (e.g.,
example.cominhttps://example.com/). -
Port number (e.g.,
8080inhttp://example.com:8080/). -
Path (e.g.,
repo.gitinhttps://example.com/repo.git). -
User name (e.g.,
userinhttps://[email protected]/repo.git)
The list above is ordered by decreasing precedence; a URL that matches a config key's path is preferred to one that matches its user name.
For example, if the URL ishttps://[email protected]/foo/bara config key match ofhttps://example.com/foowill be preferred over a config key match ofhttps://[email protected].All URLs are normalized before attempting any matching (the password part, if embedded in the URL, is always ignored for matching purposes) so that equivalent urls that are simply spelled differently will match properly.
Environment variable settings always override any matches.
The urls that are matched against are those given directly to Git commands.
This means any URLs +visited as a result of a redirection do not participate in matching.
I usually use the environment variables:
http_proxy=http://username:password@proxydomain:porthttps_proxy=http://username:password@proxydomain:port
That is picked up by git when accessing GitHub repo.
Note:
- both
http_proxyandhttps_proxymust use thehttp://url of the proxy (nohttps://). - always use the fqn (full qualified name) of
proxydomain(don't rely on its short name)
But for internal repo, all I have to do is define and export one more environment variable:
-
no_proxy=.my.company,localhost,127.0.0.1,::1, for accessing any repo with an address likemyrepo.my.companyor localhost.
You can define NO_PROXY or no_proxy, it doesn't matter.
But just in case, I always set HTTP_PROXY, HTTPS_PROXY, http_proxy, https_proxy, NO_PROXY and no_proxy.