You could define a hook to your gitolite environment in order to update a non-bare pos (with the right ACL) from your bare repo managed by gitolite.

As long as you don't use the update hook (in Gitolite V3), you can define an post-receive hook in which you would do those tasks.

That being said, check also if the variable REPO_UMASK UMASK in your gitolite.rc has any bearing on this issue:

$UMASK, octal, default 0077

The default UMASK that gitolite uses makes all the repos and their contents have rwx------ permissions.
People who want to run gitweb realise that this will not do.
The correct way to deal with this is to change this variable to 0027 (which gets you rwxr-x---), then add the apache or httpd user running the webserver as a member of the 'gitolite' group.

Please note the syntax; the leading 0 is required. If you change it after the install is complete, you'll have to do some chmod's also to adjust permissions of files and directories that have already been created.

(Note: REPO_MASK got UMASK with GitoliteV3 or 'g3')