make, scripts: Don't unconditionally clone with proactiveAuth=basic

Don't unconditionally add proactiveAuth=basic to Git's config during
clone, but only if cloning happens after authentication.

This saves unauthenticated users funny password prompts. On the other
hand, this makes a server setting persistent which could be changed
on the server.

  URL =~ /api/  (or so) => 401, followed by Basic Auth
  URL !=~ /api/ (or so) => Redirect or free access, depending on resource

Currently all resources, including API, are accessible by either
basic auth or a Cookie, but basic auth needs to be present in the
first request, which throws off some clients (notably Git without
proactiveAuth=basic).

Signed-off-by: Jan Lindemann <jan@janware.com>

make/projects-dir-minimal.mk

@@ -47,6 +47,8 @@ endif
 
 ifneq ($(JANWARE_USER),)
   CLONE_FROM_USER           ?= $(JANWARE_USER)
+  GIT_GLOBAL_OPTS           += -c https.proactiveAuth=basic
+  export GIT_GLOBAL_OPTS
 else
   CLONE_FROM_USER           ?= janware
 endif
@@ -61,8 +63,10 @@ include $(PROJECTS_DIR_INCLUDE_MK)
 $(PROJECTS_DIR_INCLUDE_MK): | $(JWBDIR)
 
 $(JWBDIR):
-	git -c http.proactiveAuth=basic clone $(addprefix -b ,$(JW_BUILD_BRANCH)) $(JWBDIR_GIT_REMOTE) $(JWBDIR)
+	git $(GIT_GLOBAL_OPTS) clone $(addprefix -b ,$(JW_BUILD_BRANCH)) $(JWBDIR_GIT_REMOTE) $(JWBDIR)
+ifneq ($(findstring proactiveAuth,$(GIT_GLOBAL_OPTS)),)
 	git -C $(JWBDIR) config set http.proactiveAuth basic
+endif
 	make $(MAKECMDGOALS)
 
 all: link-makefile.done