nginx 和 git-http-backend 403 推送
[英]nginx and git-http-backend 403 on push
问题描述
I am trying to setup a git server with stagit for the front end, git-http-backend for the back and using nginx between everything.
我正在尝试设置一个 git 服务器,前端使用stagit , git-http-backend使用git-http-backend并在所有内容之间使用nginx 。 I've found a config that works on my server in this answer (and by works, I mean nginx will serve html to any connection through a web browser, but lets me clone a repository if I use git clone https://git.website.com/test.git .我在这个答案中找到了一个在我的服务器上工作的配置(通过工作,我的意思是 nginx 将通过网络浏览器为任何连接提供 html,但是如果我使用git clone https://git.website.com/test.git 。
The problem I'm having, is that when I push this repository (whether that be from the server itself, or from my local computer) with an origin of https://git.website.com/test.git I receive a 403 error and I'm not sure why.我遇到的问题是,当我以https://git.website.com/test.git的来源推送此存储库(无论是来自服务器本身还是来自我的本地计算机)时,我收到 403错误,我不知道为什么。 Any ideas?有任何想法吗?
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/private/ssl-private.key;
root /srv/git;
index index.html index.htm index.nginx-debian.html;
access_log /var/log/nginx/git.access.log;
error_log /var/log/nginx/git.error.log;
gzip off;
location / {
try_files $uri $uri/ =404;
}
# static repo files for cloning over https
location ~ ^.*/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
root /srv/git;
}
# requests that need to go to git-http-backend
location ~ ^.*/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
root /srv/git;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
fastcgi_param PATH_INFO $uri;
fastcgi_param GIT_PROJECT_ROOT $document_root;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param REMOTE_USER $remote_user;
include fastcgi_params;
}
}
I only started trying to use git-http-backend about two hours ago with multiple configs.大约两个小时前,我才开始尝试使用git-http-backend和多个配置。 It seems very difficult to get http to serve webpages normally but also allow for git to clone/push.让 http 正常为网页提供服务似乎非常困难,但也允许 git 克隆/推送。 Using a config as found here resulted in empty 200 OK responses...使用此处找到的配置导致空的 200 OK 响应...
1 个解决方案
解决方案1
0 已采纳
After much trial and error I've taken the config from this answer and modified it to give me the following location rules:经过多次反复试验,我从这个答案中获取了配置并对其进行了修改,以提供以下位置规则:
location / {
if ($arg_service = git-receive-pack) {
rewrite (/.*) /git_write/$1 last;
}
if ($uri ~ ^/.*/git-receive-pack$) {
rewrite (/.*) /git_write/$1 last;
}
if ($arg_service = git-upload-pack) {
rewrite (/.*) /git_read/$1 last;
}
if ($uri ~ ^/.*/git-upload-pack$) {
rewrite (/.*) /git_read/$1 last;
}
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /git_read/(.*) {
include git-http-backend.conf;
}
# require auth to upload
location ~ /git_write/(.*) {
auth_basic "Pushing to Git repositories is restricted";
auth_basic_user_file /etc/nginx/htpasswd;
include git-http-backend.conf;
}
Where /etc/nginx/git-http-backend.conf reads:其中/etc/nginx/git-http-backend.conf读取:
fastcgi_pass unix:/var/run/fcgiwrap.socket;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT /srv/git;
fastcgi_param PATH_INFO $1;
fastcgi_param REMOTE_USER $remote_user;
Problem solved.问题解决了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.