Recipe: `git clone` / `git fetch`

Goal: allow fetching code from a limited set of hosts.

HTTPS clone (GitHub example)

{
  "filesystem": {
    "allowWrite": ["."]
  }
}

Run:

greywall --settings ./greywall.json git clone https://github.com/OWNER/REPO.git

SSH traffic may go through SOCKS5 (ALL_PROXY) depending on your git/ssh configuration.

If it fails, use monitor/debug mode to see what was blocked:

greywall -m --settings ./greywall.json git clone [email protected]:OWNER/REPO.git