Configuração do git-http-backend com Nginx (retornando PROPFIND 405)

1

Estou tentando configurar o git-http-backend sobre o nginx e ter alguns problemas.

O resultado real é que estou recebendo um erro 405 para a solicitação PROPFIND:

192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1" 200 0 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/HEAD HTTP/1.1" 200 23 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "PROPFIND /lw/bla.git/ HTTP/1.1" 405 172 "-" "git/2.3.0" "-"

Versões:

  • Debian GNU / Linux 7.8 (wheezy)
  • git versão 2.3.0
  • versão nginx: nginx / 1.6.2
  • fcgiwrap versão 1.0.3

As partes da configuração:

configuração do site nginx

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

location / {
  root  /var/git;
}

location ~ /git(/.*) {
    gzip off;
    root /var/git;
    include fastcgi_params;

    fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
    fastcgi_param DOCUMENT_ROOT /usr/local/libexec/git-core;
    fastcgi_param SCRIPT_NAME git-http-backend;
    fastcgi_param GIT_HTTP_EXPORT_ALL "";
    fastcgi_param GIT_PROJECT_ROOT /var/git/;
    fastcgi_param PATH_INFO $uri;
    fastcgi_param REMOTE_USER $remote_user;
    fastcgi_pass unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
  }
}

soquete fastcgi

foobar@dloc:/var/git/lw/bla.git$ ls -al /var/run/cgit-fastcgi/
total 0
drwxrwx---  2 www-data www-data  80 Feb 21 21:23 .
drwxr-xr-x 21 root     root     760 Feb 22 16:14 ..
-rw-r--r--  1 www-data www-data   0 Feb 21 21:23 cgit-fastcgi.pid
srwxr-xr-x  1 www-data www-data   0 Feb 20 22:01 cgit-fastcgi.socket

git-http-backend

foobar@dloc:/var/git/lw$ sudo ls -al /usr/local/libexec/git-core/git-http-backend 
-rwxr-xr-x 1 root staff 4447063 Feb 13 23:45 /usr/local/libexec/git-core/git-http-backend

repositório Git

foobar@dloc:~$ ls -al /var/git/lw/
drwxr-xr-x 7 www-data www-data 4096 Feb 22 00:36 bla.git

Foi criado por:

git --bare init bla.git && \
git config --local --add http.receivepack true && \
git update-server-info
chown -R www-data:www-data bla.git

Full verbose de push do cliente

* Couldn't find host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;    [email protected]
*    SSL certificate verify ok.
> GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 0
< Last-Modified: Sun, 22 Feb 2015 15:19:11 GMT
< Connection: keep-alive
< ETag: "54e9f36f-0"
< Accept-Ranges: bytes
< 
* Connection #0 to host git.dloc.com left intact
* Couldn't find host git.dloc.com in the .netrc file; using defaults
* Found bundle for host git.dloc.com: 0x1070d60
* Re-using existing connection! (#0) with host git.dloc.com
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
> GET /lw/bla.git/HEAD HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 23
< Last-Modified: Sat, 21 Feb 2015 22:25:43 GMT
< Connection: keep-alive
< ETag: "54e905e7-17"
< Accept-Ranges: bytes
< 
* Connection #0 to host git.dloc.com left intact
* Couldn't find host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;   [email protected]
*    SSL certificate verify ok.
> PROPFIND /lw/bla.git/ HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Depth: 0
Content-Type: text/xml
Content-Length: 168
Expect: 100-continue

* The requested URL returned error: 405 Not Allowed
* Closing connection 0
error: Cannot access URL https://git.dloc.com/lw/bla.git/, return code 22
fatal: git-http-push failed
error: failed to push some refs to 'https://git.dloc.com/lw/bla.git'

Acho que a solicitação não é exibida usando o http-backend inteligente. Mas não consegui identificar o motivo.

Alguém que tem uma pista do que está errado com minha configuração?

obrigado antecipadamente.

    
por snafu 22.02.2015 / 17:33

1 resposta

1

Oh desculpe, esse foi meu erro.

O problema com minha configuração foi que eu clonei o repositório via https_: //dlock.../lw/bla que funcionou com sucesso, por causa de:

location / {
  root  /var/git;
}

Mas location ~ /git(/.*) { espera com certeza: https_: //dloc.../git/lw/bla para atender a solicitações via backend m em http inteligente (.

Se alguém se depara com o mesmo problema, a seguinte configuração está funcionando para mim (com cgit):

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

   auth_basic "Login";
   auth_basic_user_file /etc/apache2/passwd/git.pwd;
   location ~ /\. { deny  all; }

   location ~ /git(.*) {
      include /etc/nginx/fastcgi_params;
      fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
      fastcgi_param GIT_HTTP_EXPORT_ALL "";
      fastcgi_param GIT_PROJECT_ROOT /var/git;
      fastcgi_param PATH_INFO $1;
      fastcgi_pass      unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
   }

   try_files $uri @cgit;

   # Serve static files
   location ~* ^.+\.(css|png|ico)$ {
      root /var/www/cgit;
      expires 30d;
   }

   location @cgit {
     include fastcgi_params;
     fastcgi_param       SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
     fastcgi_pass        unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
     fastcgi_param HTTP_HOST $server_name;
     fastcgi_param PATH_INFO $uri;
     fastcgi_param QUERY_INFO $uri;
  }
}
    
por 23.02.2015 / 01:05