Translate 4.5 & 4.6

book/04-git-server/sections/git-daemon.asc

@@ -1,32 +1,32 @@
-=== Git Daemon
+=== Git 守护进程
 
 (((serving repositories, git protocol)))
-Next we'll set up a daemon serving repositories over the ``Git'' protocol. This is common choice for fast, unauthenticated access to your Git data. Remember that since it's not an authenticated service, anything you serve over this protocol is public within it's network.
+接下来我们要配置一个守护进程来提供基于 ``Git'' 协议的仓库服务。这是快速、非授权地访问 Git 数据的普遍方式。记住，因为它无需授权，所以你以这种协议提供的所有数据都公开暴露在它所处的网络中。
 
-If you're running this on a server outside your firewall, it should only be used for projects that are publicly visible to the world.
-If the server you're running it on is inside your firewall, you might use it for projects that a large number of people or computers (continuous integration or build servers) have read-only access to, when you don't want to have to add an SSH key for each.
+如果提供此项服务的服务器在防火墙之外，它应该只用于一些全世界范围公开的项目。
+如果提供此项服务的服务器在防火墙之内，它可以用于一些被数量众多的用户或计算机（持续集成或构建服务器）只读访问的项目，这样就无需为用户逐一添加 SSH 公钥。
 
-In any case, the Git protocol is relatively easy to set up.
-Basically, you need to run this command in a daemonized manner:(((git commands, daemon)))
+在任何情况下，Git 协议都是相对比较容易配置的。
+基本上，只要以守护进程的形式运行该命令即可：(((git commands, daemon)))
 
 [source,console]
 ----
 git daemon --reuseaddr --base-path=/opt/git/ /opt/git/
 ----
 
-`--reuseaddr` allows the server to restart without waiting for old connections to time out, the `--base-path` option allows people to clone projects without specifying the entire path, and the path at the end tells the Git daemon where to look for repositories to export.
-If you're running a firewall, you'll also need to punch a hole in it at port 9418 on the box you're setting this up on.
+这里的 `--reuseadd` 选项表示在重启服务前，不等之前的连接超时就立即重启。而 `--base-path` 选项则允许克隆项目时不必给出完整路径。最后面的路径告诉 Git 守护进程允许开放给用户访问的仓库目录。
+假如有防火墙，则需要为该主机的 9418 端口设置为允许通信。
 
-You can daemonize this process a number of ways, depending on the operating system you're running.
-On an Ubuntu machine, you can use an Upstart script.
-So, in the following file
+以守护进程的形式运行该进程的方法有许多，具体方法取决操作系统。
+在 Ubuntu 主机上，可以使用 Upstart 脚本完成。
+因而，在下列文件中：
 
 [source,console]
 ----
 /etc/event.d/local-git-daemon
 ----
 
-you put this script:
+加入下列内容：
 
 [source,console]
 ----
@@ -40,25 +40,25 @@ exec /usr/bin/git daemon \
 respawn
 ----
 
-For security reasons, it is strongly encouraged to have this daemon run as a user with read-only permissions to the repositories – you can easily do this by creating a new user 'git-ro' and running the daemon as them.
-For the sake of simplicity we'll simply run it as the same 'git' user that Gitosis is running as.
+出于安全考虑，强烈建议使用一个对仓库仅有只读权限的用户来运行该守护进程——只需新建一个 'git-ro' 用户，并用它的身份来启动进程。
+这里为了简化，我们还是直接使用之前 Gitosis 运行的用户 'git'。
 
-When you restart your machine, your Git daemon will start automatically and respawn if it goes down.
-To get it running without having to reboot, you can run this:
+当服务器重启，Git 守护进程会自动启动；万一进程意外退出，它也会自动重启。
+设置完成之后，可以通过运行下列命令来启动守护进程，无需重启：
 
 [source,console]
 ----
 initctl start local-git-daemon
 ----
 
-On other systems, you may want to use `xinetd`, a script in your `sysvinit` system, or something else – as long as you get that command daemonized and watched somehow.
+在其它操作系统上，可以使用 `xinetd` , 或一个 `sysvinit` 系统中的脚本，或其它别的什么——只要能让那个进程以守护进程运行并可监控。
 
-Next, you have to tell Git which repositories to allow unauthenticated Git server-based access to. You can do this in each repository by creating a file name `git-daemon-export-ok`.
+接下来，我们要告诉 Git 哪些仓库是可以允许通过 Git 协议进行无需授权地访问。只需在每一个仓库中逐一创建 `git-daemon-export-ok` 文件。
 
 [source,console]
 ----
 $ cd /path/to/project.git
 $ touch git-daemon-export-ok
 ----
 
-The presence of that file tells Git that it's OK to serve this project without authentication.
+该文件的存在告诉 Git 可以提供对该项目的访问，而无需授权。

book/04-git-server/sections/smart-http.asc

@@ -1,22 +1,22 @@
-=== Smart HTTP
+=== 智能 HTTP
 
 (((serving repositories, HTTP)))
-We now have authenticated access though SSH and unauthenticated access through `git://`, but there is also a protocol that can do both at the same time.
-Setting up Smart HTTP is basically just enabling a CGI script that is provided with Git called `git-http-backend` on the server.((git commands, "http-backend"))
-This CGI will read the path and headers sent by a `git fetch` or `git push` to an HTTP URL and determine if the client can communicate over HTTP (which is true for any client since version 1.6.6).
-If the CGI sees that the client is smart, it will communicate smartly with it, otherwise it will fall back to the dumb behavior (so it is backward compatible for reads with older clients).
+我们现在有需要授权的 SSH 访问方式和无需授权的 `git://` 访问方式，然而还有一种协议可以同时接受这两种方式。
+配置智能 HTTP 基本上只是在服务器上启用一个 Git 提供的 CGI 脚本，它的文件名为 `git-http-backend`。((git commands, "http-backend"))
+这个 CGI 会读取 `git fetch` 或 `git push` 发送到特定 HTTP URL 的路径和报文头，然后判断客户端是否支持通过 HTTP 通讯（1.6.6后的版本都应该支持）。
+如果 CGI 发觉客户端支持智能 HTTP，它会智能地跟客户端通讯，否则它会回落到傻瓜模式（可见它是向后兼容的）。
 
-Let's walk though a very basic setup. We'll set this up with Apache as the CGI server. If you don't have Apache setup, you can do so on a Linux box with something like this:(((Apache)))
+让我们一步一步地来看一个非常简单的配置。我们会用 Apache 搭建 CGI 服务器。如果 Apache 还没有配置好，在 Linux 主机上可以使用类似于下列的命令：(((Apache)))
 
 [source,console]
 ----
 $ sudo apt-get install apache2 apache2-utils
 $ a2enmod cgi alias env
 ----
 
-This also enables the `mod_cgi`, `mod_alias`, and `mod_env` modules, which are all needed for this to work properly.
+上面的命令同时也启用了 `mod_cgi`, `mod_alias`, 以及 `mod_env` 模块，这些都是接下来会用到的。
 
-Next we need to add some things to the Apache configuration to run the `git http-backend` as the handler for anything coming into the `/git` path of your web server.
+接下来我们需要修改 Apache 的配置，将对该 web 服务器上 `/git` 路径的所有访问的 handler 配置为 `git http-backend`。
 
 [source,console]
 ----
@@ -25,9 +25,9 @@ SetEnv GIT_HTTP_EXPORT_ALL
 ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
 ----
 
-If you leave out `GIT_HTTP_EXPORT_ALL` environment variable, then Git will only serve to unauthenticated clients the repositories with the `git-daemon-export-ok` file in them, just like the Git daemon did.
+如果省略 `GIT_HTTP_EXPORT_ALL` 不写，那么 Git 将向未经授权的客户端仅提供带有 `git-daemon-export-ok` 文件的仓库，正如 Git 守护进程一样。
 
-Then you'll have to tell Apache to allow requests to that path with something like this:
+然后需要配置 Apache 允许到该路径的访问请求：
 
 [source,console]
 ----
@@ -39,7 +39,7 @@ Then you'll have to tell Apache to allow requests to that path with something li
 </Directory>
 ----
 
-Finally you'll want to make writes be authenticated somehow, possibly with an Auth block like this:
+最后是配置某种写入授权，或许可以采用如下的 Auth 块：
 
 [source,console]
 ----
@@ -51,18 +51,18 @@ Finally you'll want to make writes be authenticated somehow, possibly with an Au
 </LocationMatch>
 ----
 
-That will require you to create a `.htaccess` file containing the passwords of all the valid users. Here is an example of adding a ``schacon'' user to the file:
+上面代码需要一个 `.htaccess` ，它将包括所有有效用户的密码。下面是一个添加 ``schacon'' 用户到该文件的示例：
 
 [source,console]
 ----
 $ htdigest -c /opt/git/.htpasswd "Git Access" schacon
 ----
 
-There are tons of ways to have Apache authenticate users, you'll have to choose and implement one of them. This is just the simplest example we could come up with. You'll also almost certainly want to set this up over SSL so all this data is encrypted.
+Apache 验证用户的方法有成千上万种，请从中选择一种并实施。以上的代码示例仅是我们能想到的最简单的例子。同时你也非常可能会想要配置好 SSL，这样所有的数据传输就是加密的。
 
-We don't want to go too far down the rabbit hole of Apache configuration specifics, since you could well be using a different server or have different authenication needs. The idea is that Git comes with a CGI called `git http-backend` that when invoked will do all the negotiation to send and receive data over HTTP. It does not implement any authentication itself, but that can easily be controlled at the layer of the web server that invokes it. You can do this with nearly any CGI-capable web server, so go with the one that you know best.
+本书并不打算更深入地掉到 Apache 配置文件的巨坑当中，因为你很可能会使用不同的服务器或者有不一样的用户验证需求。总的思路是 Git 自带一个叫 `git http-backend` 的 CGI，当其被调用时它会协调通过 HTTP 的数据传输。它本身并没有实现任何的用户身份验证，但是用户身份验证可以在调用它的 Web 服务器层面进行轻松地控制。几乎所有支持 CGI 的 Web 服务器上都可以使用这个 CGI，所以请尽情选用你最顺手的那个 Web 服务器。
 
 [NOTE]
 ====
-For more information on configuring authentication in Apache, check out the Apache docs here: http://httpd.apache.org/docs/current/howto/auth.html[]
+关于配置 Apache 身份验证的更多信息，请参见 Apache 文档：http://httpd.apache.org/docs/current/howto/auth.html[]
 ====

status.json

@@ -35,14 +35,14 @@
     "04-git-server": {
       "1-git-server.asc": 100,
       "sections/generating-ssh-key.asc": 100,
-      "sections/git-daemon.asc": 0,
+      "sections/git-daemon.asc": 100,
       "sections/git-on-a-server.asc": 100,
       "sections/gitlab.asc": 0,
       "sections/gitweb.asc": 0,
       "sections/hosted.asc": 0,
       "sections/protocols.asc": 100,
-      "sections/setting-up-server.asc": 0,
-      "sections/smart-http.asc": 0
+      "sections/setting-up-server.asc": 100,
+      "sections/smart-http.asc": 100
     },
     "05-distributed-git": {
       "1-distributed-git.asc": 0,