We’re a small development studio that’s evaluating using Cloudflare Access for our self-hosted services – issue trackers, source control, etc.
We have git working but it’s not possible to pull any LFS content. The urls are redirected to the Cloudflare login and outputs many errors, similar to this:
fatal: unable to update url base from redirection:
asked for: https://www.repourl.com/repo.git/info/refs?service=git-upload-pack
redirect: https://org.cloudflareaccess.com/cdn-cgi/access/login/www.repourl.com? ...
Is there a recommended way to handle this with little to no input required by our developers?
My current idea is to create and run a batch script periodically to call
cloudflared login and export the access token to an environment variable.
We add the environment variable to
http.extraheaders when cloning a repository:
git clone -c http.extraheader="cf-access-token: $TOKEN" https://www.repourl.com
This should work as long as the token is kept updated.
Is there a better way to do this?