Only use a proxy for certain git urls/domains?
To add another possibility, you can define a proxy through the git config http.proxy.
git config --global http.proxy http://mydomain\\myusername:mypassword@myproxyserver:proxyport
But what is really neat is, starting git1.8.5 (October 2013), you can set http settings per url.
The "http.*" variables can now be specified per URL that the configuration applies.
For example,
[http]
sslVerify = true
[http "https://weak.example.com/"]
sslVerify = false
would flip
http.sslVerifyoff only when talking to that specified site.
See commit d4770964d5:
$ git config --bool --get-urlmatch http.sslVerify https://good.example.com
true
$ git config --bool --get-urlmatch http.sslVerify https://weak.example.com
false
With only
<section>specified, you can get a list of all variables in the section with their values that apply to the given URL. E.g
$ git config --get-urlmatch http https://weak.example.com
http.sslverify false
All the details are in commit 6a56993b:
http.<url>.*::
Any of the http.* options above can be applied selectively to some urls.
For a config key to match a URL, each element of the config key is compared to that of the URL, in the following order:
- Scheme (e.g.,
httpsinhttps://example.com/). - Host/domain name (e.g.,
example.cominhttps://example.com/). - Port number (e.g.,
8080inhttp://example.com:8080/). - Path (e.g.,
repo.gitinhttps://example.com/repo.git). - User name (e.g.,
userinhttps://[email protected]/repo.git)
The list above is ordered by decreasing precedence; a URL that matches a config key's path is preferred to one that matches its user name.
For example, if the URL ishttps://[email protected]/foo/bara config key match ofhttps://example.com/foowill be preferred over a config key match ofhttps://[email protected].All URLs are normalized before attempting any matching (the password part, if embedded in the URL, is always ignored for matching purposes) so that equivalent urls that are simply spelled differently will match properly.
Environment variable settings always override any matches.
The urls that are matched against are those given directly to Git commands.
This means any URLs +visited as a result of a redirection do not participate in matching.
As some have mentioned here, you can do this by specifying a URL along with the proxy settings, but Here's the use case that fixed this for me. Thanks to VonC above!
Notice below that I'm specifying the root of the Git server. The full path to the git repo you've cloned isn't required. You can use a single entry to take care of the entire server.
Add the following to your .gitconfig file. On my windows system, I'm using %userprofile%\.gitconfig
[http]
proxy = http://my.proxy.net:8080
[https]
proxy = http://my.proxy.net:8443
[http "http://my.internalgitserver.com/"]
proxy = ""
You can adjust various configuration options for each remote specifically. Let's say we have 2 remotes, named origin and upstream respectively. You adjust the proxy for each doing the following:
git config --path remote.origin.proxy http://user:pass@proxy_for_origin:8080
git config --path remote.upstream.proxy http://user:pass@proxy_for_upstream:8080
This will change the sections of each remote inside your local repository configuration (.git/config).
You can also adjust the global configuration options if you wish. Since it doesn't make sense to reference a remote name in the global config file ($HOME/.gitconfig), you can use url-matching (IIRC, supported since Git 1.8.5). Example:
[http "https://example.com/repo1.git"]
proxy = http://user:pass@proxy1:8080
[http "https://example.com/repo2.git"]
proxy = http://user:pass@proxy2:8080
If you want to see what's been set:
git config --path --get-urlmatch https://example.com/repo1.git
git config --path --get-urlmatch https://example.com/repo2.git
I usually use the environment variables:
http_proxy=http://username:password@proxydomain:porthttps_proxy=http://username:password@proxydomain:port
That is picked up by git when accessing GitHub repo.
Note:
- both
http_proxyandhttps_proxymust use thehttp://url of the proxy (nohttps://). - always use the fqn (full qualified name) of
proxydomain(don't rely on its short name)
But for internal repo, all I have to do is define and export one more environment variable:
no_proxy=.my.company,localhost,127.0.0.1,::1, for accessing any repo with an address likemyrepo.my.companyor localhost.
You can define NO_PROXY or no_proxy, it doesn't matter.
But just in case, I always set HTTP_PROXY, HTTPS_PROXY, http_proxy, https_proxy, NO_PROXY and no_proxy.