contrib: Add gitweb example configurations

Move the example code from doc/3 to contrib/gitweb/ and modify it
to work with both wildcard and non-wildcard setups.

Signed-off-by: Teemu Matilainen <teemu.matilainen@reaktor.fi>

contrib/gitweb/gitweb.conf

@@ -0,0 +1,40 @@
+# --------------------------------------------
+# Per-repo authorization based on gitolite ACL
+# Include this in gitweb.conf
+# See doc/3-faq-tips-etc.mkd for more info
+
+# HOME of the gitolite user
+my $gl_home = "/home/git";
+
+# environment variables needed by gitolite.pm
+$ENV{GL_RC} = "$gl_home/.gitolite.rc";
+$ENV{GL_USER} = $cgi->remote_user;
+
+# variables from the RC file
+our ($REPO_BASE, $GL_ADMINDIR);
+
+# set HOME temporarily for RC parsing
+my $orig_home = $ENV{HOME};
+$ENV{HOME} = $gl_home;
+do $ENV{GL_RC}
+    or die_error(500, "Failed to parse $ENV{GL_RC}: "  . ($! or $@));
+$ENV{HOME} = $orig_home;
+
+# set project root etc. absolute paths
+$ENV{GL_REPO_BASE_ABS} = ( $REPO_BASE =~ m(^/) ? $REPO_BASE : "$gl_home/$REPO_BASE" );
+$projects_list = $projectroot = $ENV{GL_REPO_BASE_ABS};
+
+# load gitolite helper routines
+require "$GL_ADMINDIR/src/gitolite.pm"
+    or die_error(500, "Failed to parse gitolite.pm: " . ($! or $@));
+
+$export_auth_hook = sub {
+    my $repo = shift;
+    # gitweb passes us the full repo path; so we strip the beginning
+    # and the end, to get the repo name as it is specified in gitolite conf
+    return unless $repo =~ s/^\Q$projectroot\E\/?(.+)\.git$/$1/;
+
+    # check for (at least) "R" permission
+    my ($perm, $creator) = &repo_rights($repo);
+    return ($perm =~ /R/);
+};

doc/3-faq-tips-etc.mkd

@@ -588,51 +588,12 @@ the users *manage their own HTTP passwords*.  Here's how:
   * tell your users to type in `ssh git@server htpasswd` to set or change
     their HTTP passwords
 
-Here's the rest of how it hangs together.
+Of course some other authentication method can be used (e.g. `mod_ldap`) as
+long as the usernames match.
 
 Gitweb allows you to specify a subroutine to decide on access.  We use that
-feature and tie it to gitolite.  Sample code (untested by me, but others do
+feature and tie it to gitolite.  Configuration example can be found in
-use it, munged from something I saw [here][leho]) is given below.
+`contrib/gitweb/`.
-
-Note the **utter simplicity** of the actual check (just 1 line!).  This is an
-unexpected piece of luck coming from the decision to keep the config parse
-separate from the actual access control.  The config parser puts a pure perl
-hash in that file named below as `$gl_conf_compiled`, so all the parsing is
-already done and we just use it!
-
-    # completely untested... but the basic idea should work fine
-
-    # change these as needed
-    # projectroot should be the same as gitolite's REPO_BASE, but converted to
-    # an absolute path
-    $projectroot = '/home/git/repositories/';
-    my $gl_conf_compiled = '/home/git/.gitolite/conf/gitolite.conf-compiled.pm';
-
-    # I am told this gives us the HTTP auth username
-    my $username = $cgi->remote_user;
-
-    # ----------
-
-    # parse the config file; updates %repos hash
-    our %repos;
-    die "parse $gl_conf_compiled failed: " . ($! or $@) unless do $gl_conf_compiled;
-
-    # this is gitweb's mechanism; it calls whatever sub is pointed at by this
-    # variable to decide access yes/no.  Gitweb calls it with one argument
-    # containing the full path of the repo being accessed
-    $export_auth_hook = sub {
-        my $reponame = shift;
-        # take the full path provided, strip the beginning...
-        $reponame =~ s/\Q$projectroot\E\/?//;
-        # ...and the end, to get the repo name as it is specified in gitolite conf
-        $reponame =~ s/\.git$//;
-
-        return exists $repos{$reponame}{R}{$username}
-            || exists $repos{$reponame}{R}{'@all'};
-    };
-
-
-[leho]: http://leho.kraav.com/news/2009/10/27/using-apache-authentication-with-gitweb-gitosis-repository-access-control/
 
 ### advanced features