Read-only access is really simple and elegant.
Basically, you just need a standard Git repository (bare repository, or the .git in a non-bare one). Put it somewhere your webserver can access it. Then run `git update-server-info` in it, to update an index file used by Git. And you're done.
Git will use simple GET HTTP requests to access any file it may need.
Read-write access is much more tricky. It uses most of the methods provided by the Webdav standard (PROPFIND, PUT, MKCOL, LOCK, UNLOCK, etc). It requires locking support.
Now, while Webdav is really well documented, Git exact behavior and expectations are not. Git exact requirements are hard to find, and authentication principles are not easy to figure out.
So for anyone else who could need it, here is pcap of a simple git push, taken with Wireshark.