针对Apache的gitolite存储库的GitSmartHTTP不允许我推送
[英]GitSmartHTTP for gitolite repositories over Apache does not allow me to push
问题描述
I am setting up a git-http-backend CGI script to handle my git.domain subdomain. 
我正在设置一个git-http-backend CGI脚本来处理我的git.domain子域。 The server is behind an ELB (elastic load balancer) on AWS cloud. 服务器位于AWS云上的ELB(弹性负载平衡器)后面。 My server config is as follows (my git hosting is handled by gitolite): 我的服务器配置如下(我的git托管由gitolite处理):
<VirtualHost *:80>
ServerName git.domain
ServerAdmin hjpotter92+git@domain
#SuexecUserGroup git git
DocumentRoot /opt/gitolite/repositories/
PerlLoadModule Apache::Authn::Redmine
SetEnv GIT_PROJECT_ROOT /opt/gitolite/repositories/
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER # Have also tried removing this variable
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAliasMatch \
"(?x)^/(.*/(HEAD | \
info/refs | \
objects/(info/[^/]+ | \
[0-9a-f]{2}/[0-9a-f]{38} | \
pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
git-(upload|receive)-pack))$" \
/opt/gitolite/git-core/git-http-backend/$1
<Directory "/opt/gitolite/git-core">
AllowOverride None
Options +ExecCGI -Includes
Require all granted
</Directory>
<Location />
# enabled in desparation...
# saw it somewhere in bugzilla powered mailing list
DAV On
Order allow,deny
Require all granted
AuthType Basic
AuthName "Git Repositories"
AuthUserFile /dev/null
Require valid-user
PerlAccessHandler Apache::Authn::Redmine::access_handler
PerlAuthenHandler Apache::Authn::Redmine::authen_handler
RedmineDSN "DBI:mysql:database=redmine;host=endpoint.rds.amazonaws.com"
RedmineDbUser "user"
RedmineDbPass "your"
RedmineGitSmartHttp yes
</Location>
LogLevel info
CustomLog /var/log/apache2/gitolite.access.log combined
ErrorLog /var/log/apache2/gitolite.error.log
</VirtualHost>
My apache server is run by the www-data:www-data user/group, and the gitolite is setup with the git:git user/group. 我的apache服务器由www-data:www-data user / group运行,gitolite是用git:git用户/组设置的。 To allow apache to read/write to the repositories, I have done: 为了允许apache读/写存储库,我做了:
# usermod -a -G git www-data
// and as a desparate measure, in frustration, the following:
# usermod -a -G www-data git
The PerlAccessHandler and user auth is working perfectly, because I am able to clone my repositories using valid set of credentials from the redmine setup. PerlAccessHandler和用户身份验证工作正常,因为我能够使用redmine设置中的有效凭据克隆我的存储库。
However, when I try to push; 但是,当我试图推; I get the following in the server logs: 我在服务器日志中获得以下内容:
10.0.225.176 [11/Feb/2017:07:46:26 +0530] "GET /xxx.git/info/refs?service=git-upload-pack HTTP/1.1" 401 726 "-" "git/2.11.0"
10.0.225.176 [11/Feb/2017:07:46:27 +0530] "GET /xxx.git/info/refs?service=git-upload-pack HTTP/1.1" 401 725 "-" "git/2.11.0"
10.0.225.176 [11/Feb/2017:07:46:27 +0530] "GET /xxx.git/info/refs?service=git-upload-pack HTTP/1.1" 200 848 "-" "git/2.11.0"
10.0.225.176 [11/Feb/2017:07:46:27 +0530] "POST /xxx.git/git-upload-pack HTTP/1.1" 200 130408 "-" "git/2.11.0"
and in the client side (the following appears after whatever connection timeout I have set in my load balancer, 30 sec to 10 min): 在客户端(在我的负载均衡器中设置的任何连接超时之后出现以下内容,30秒到10分钟):
Counting objects: 2, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (2/2), 930 bytes | 0 bytes/s, done.
Total 2 (delta 1), reused 0 (delta 0)
error: RPC failed; HTTP 504 curl 22 The requested URL returned error: 504 GATEWAY_TIMEOUT
fatal: The remote end hung up unexpectedly
fatal: The remote end hung up unexpectedly
More often than not, I also have POST to git-upload-pack of length 0 (for the same command of the same repository with the same commit) 通常情况下,我也会对长度为0的git-upload-pack进行POST (对于具有相同提交的相同存储库的相同命令)
10.0.225.222 [11/Feb/2017:07:50:55 +0530] "POST /pandorica.git/git-receive-pack HTTP/1.1" 200 0 "-" "git/2.11.0"
10.0.225.222 [11/Feb/2017:07:53:21 +0530] "POST /pandorica.git/git-receive-pack HTTP/1.1" 200 0 "-" "git/2.11.0"
and receive the following in my server error logs: 并在我的服务器错误日志中收到以下内容:
[core:error] [pid 1683] (70007)The timeout specified has expired: [client 10.0.225.176:2534] AH00574: ap_content_length_filter: apr_bucket_read() failed
[cgid:error] [pid 1683] (70007)The timeout specified has expired: [client 10.0.225.176:2534] AH02550: Failed to flush CGI output to client
I have even played with setuid and setuid for the git user, hoping that it might help me push to a repository; 我甚至为git用户玩过setuid和setuid,希望它可以帮助我推送到存储库; but to no avail! 但无济于事!
chmod u+s /opt/gitolite/repositories
chmod g+s /opt/gitolite/repositories
// and the same commands for `*.git` inside `repositories`
The git config from inside the /opt/gitolite/repositories/xyz.git/ : 来自/opt/gitolite/repositories/xyz.git/内的git配置:
http.postbuffer=200M
core.repositoryformatversion=0
core.filemode=true
core.bare=true
redminegitolite.projectid=xxx
http.receivepack=true
http.uploadpack=true
For references, I have already been through each of the following: 作为参考,我已经完成了以下各项:
- git-http-backend GIT-HTTP的后端
- Apache and git-http-backend Apache和git-http-backend
- How to set up git over http? 如何在http上设置git?
- Setting Up git-http-backend with apache 2.4 使用apache 2.4设置git-http-backend
- Setting up Git Server on Windows With git-http-backend.exe 在Windows上使用git-http-backend.exe设置Git服务器
How do I setup the Apache VHost such that it starts accepting git push . 如何设置Apache VHost以便它开始接受git push 。
1 个解决方案
解决方案1
1 2018-06-19 13:06:04
Took me a while. 花了我一会儿。 In my case it was permissions. 在我的情况下,它是权限。 I configured my docker engine process to run containers as non-root. 我将docker引擎进程配置为以非root身份运行容器。 --userns-remap --userns重新映射
I have 我有
#/etc/subuid
docker-user:100000:65536
#/etc/subgid
docker-runner:100000:65536
#/etc/passwd
docker-user:x:90:90::/home/docker-user:/sbin/nologin
dockremap:x:220:220::/home/dockremap:/bin/false
docker-root:x:100000:2::/home/docker-root:/sbin/nologin
docker-daemon:x:100001:2::/home/docker-daemon:/sbin/nologin
Just use this command: 只需使用此命令:
setfacl -RL -m g:100000:rwx -m g:100002:rwx /var/git
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.