Blog list

2015年6月26日 星期五

[記事] Enable git over http(nginx)


屬於阿宅世界的技術文章,想看的再點開,切莫自誤 !


1. install fcgilib
  requirement autoconf and automake
  cd /home/nginx/src
shell> wget "http://www.fastcgi.com/dist/fcgi.tar.gz"
shell> tar zxvf fcgi.tar.gz
shell> cd fcgi-<VERSION>
shell> ./configure
shell> make; make install

p.s the library will be installed in the /usr/local/lib and /usr/local/include

shell> vi /etc/ld.so.conf.d/fcgi.conf
/usr/local/lib
shell> ldconfig
shell> ldconfig -p | grep fcgi

2. install fcgiwrap
shell> cd /home/nginx/src
shell> git clone git://github.com/gnosek/fcgiwrap.git
shell> cd fcgiwrap
shell> autoreconf -i
shell> ./configure
shell> make;

p.s 如果看到 "undefined reference to `rpl_malloc'" 的錯誤訊息. 先export ac_cv_func_malloc_0_nonnull=yes 再重新configure 後再make 試試

shell> cp fcgiwrap /home/nginx/bin/

shell> vi /home/nginx/bin/start_fcgi_wrap.pl
#!/usr/bin/perl

use strict;
use warnings FATAL => qw( all );

use IO::Socket::UNIX;

my $bin_path = '/home/nginx/bin/fcgiwrap';
my $socket_path = $ARGV[0] || '/tmp/cgi.sock';
my $num_children = $ARGV[1] || 1;

close STDIN;
a
unlink $socket_path;
my $socket = IO::Socket::UNIX->new(
    Local => $socket_path,
    Listen => 100,
);

die "Cannot create socket at $socket_path: $!\n" unless $socket;

for (1 .. $num_children) {
    my $pid = fork;
    die "Cannot fork: $!" unless defined $pid;
    next if $pid;

    exec $bin_path;
    die "Failed to exec $bin_path: $!\n";
}

grant excution priv to user nginx
shell> vi setfacl -m u:nginx:rx /home/nginx/bin/start_fcgi_wrap.pl

shell> su nginx -c /home/nginx/bin/start_fcgi_wrap.pl -s /bin/bash

透過netstat -an | grep cgi 應該會看到一個unix socket

shell> ps -ef | grep fcgiwrap
nginx    16912     1  0 16:02 ?        00:00:00 /home/nginx/bin/fcgiwrap

讓git-http-backend 找得到 repositroy 的info
shell> cd <git-repos/<ur-project>
shell>   git update-server-info

本機測試
shell> git clone http://127.0.0.1/git/<ur-project>
如果可以 clone 出來就

設定透過 nginx 存取 git

修改 nginx 組態檔,增加 git 的 proxy 設定,其中 auth_basic_user_file 可透過 htpasswd -c /home/path/to/pwdfile username 方式
location ~ /git(/.*) {
auth_basic "Restricted";
auth_basic_user_file /home/path/to/pwdfile;

fastcgi_pass unix:/tmp/cgi.sock;
include fastcgi_params;

fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT /home/to/git/repos;
fastcgi_param PATH_INFO $1;
}


權限
修改 /home/to/git/repos/<proj>/config,加入 http 設定