Nginx を使用した git-http-backend の設定 (PROPFIND 405 を返す)

tag-icon tag-icon nginx git spawn-fcgi
Nginx を使用した git-http-backend の設定 (PROPFIND 405 を返す)

nginx 経由で git-http-backend を設定しようとしているのですが、いくつか問題があります。

実際の結果は、PROPFIND リクエストに対して 405 エラーが発生することです。

192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1" 200 0 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/HEAD HTTP/1.1" 200 23 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "PROPFIND /lw/bla.git/ HTTP/1.1" 405 172 "-" "git/2.3.0" "-"

バージョン:

  • Debian GNU/Linux 7.8 (ウィージー)
  • git バージョン 2.3.0
  • nginx バージョン: nginx/1.6.2
  • fcgiwrap バージョン 1.0.3

構成部分:

nginx サイト構成

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

location / {
  root  /var/git;
}

location ~ /git(/.*) {
    gzip off;
    root /var/git;
    include fastcgi_params;

    fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
    fastcgi_param DOCUMENT_ROOT /usr/local/libexec/git-core;
    fastcgi_param SCRIPT_NAME git-http-backend;
    fastcgi_param GIT_HTTP_EXPORT_ALL "";
    fastcgi_param GIT_PROJECT_ROOT /var/git/;
    fastcgi_param PATH_INFO $uri;
    fastcgi_param REMOTE_USER $remote_user;
    fastcgi_pass unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
  }
}

fastcgiソケット

foobar@dloc:/var/git/lw/bla.git$ ls -al /var/run/cgit-fastcgi/
total 0
drwxrwx---  2 www-data www-data  80 Feb 21 21:23 .
drwxr-xr-x 21 root     root     760 Feb 22 16:14 ..
-rw-r--r--  1 www-data www-data   0 Feb 21 21:23 cgit-fastcgi.pid
srwxr-xr-x  1 www-data www-data   0 Feb 20 22:01 cgit-fastcgi.socket

git-http-バックエンド

foobar@dloc:/var/git/lw$ sudo ls -al /usr/local/libexec/git-core/git-http-backend 
-rwxr-xr-x 1 root staff 4447063 Feb 13 23:45 /usr/local/libexec/git-core/git-http-backend

Gitリポジトリ

foobar@dloc:~$ ls -al /var/git/lw/
drwxr-xr-x 7 www-data www-data 4096 Feb 22 00:36 bla.git

作成者:

git --bare init bla.git && \
git config --local --add http.receivepack true && \
git update-server-info
chown -R www-data:www-data bla.git

クライアントプッシュの完全な詳細

* Couldn't find host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;    [email protected]
*    SSL certificate verify ok.
> GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 0
< Last-Modified: Sun, 22 Feb 2015 15:19:11 GMT
< Connection: keep-alive
< ETag: "54e9f36f-0"
< Accept-Ranges: bytes
< 
* Connection #0 to host git.dloc.com left intact
* Couldn't find host git.dloc.com in the .netrc file; using defaults
* Found bundle for host git.dloc.com: 0x1070d60
* Re-using existing connection! (#0) with host git.dloc.com
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
> GET /lw/bla.git/HEAD HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 23
< Last-Modified: Sat, 21 Feb 2015 22:25:43 GMT
< Connection: keep-alive
< ETag: "54e905e7-17"
< Accept-Ranges: bytes
< 
* Connection #0 to host git.dloc.com left intact
* Couldn't find host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;   [email protected]
*    SSL certificate verify ok.
> PROPFIND /lw/bla.git/ HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Depth: 0
Content-Type: text/xml
Content-Length: 168
Expect: 100-continue

* The requested URL returned error: 405 Not Allowed
* Closing connection 0
error: Cannot access URL https://git.dloc.com/lw/bla.git/, return code 22
fatal: git-http-push failed
error: failed to push some refs to 'https://git.dloc.com/lw/bla.git'

リクエストはスマート http バックエンドを使用して処理されていないと思います。しかし、その理由は特定できませんでした。

私の設定の何が問題なのか分かる人はいますか?

前もって感謝します。

答え1

ああ、すみません、これは私の間違いでした。

私の設定の問題は、リポジトリを https_://dlock.../lw/bla 経由でクローンし、次の理由で正常に動作したことです。

location / {
  root  /var/git;
}

ただし、location ~ /git(/.*) {スマート HTTP バックエンド m( 経由でリクエストを処理するには、 https_://dloc.../git/lw/bla が確実に必要になります。

誰かが同じ問題に遭遇した場合、次の設定が私の場合は機能します(cgit を使用)。

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

   auth_basic "Login";
   auth_basic_user_file /etc/apache2/passwd/git.pwd;
   location ~ /\. { deny  all; }

   location ~ /git(.*) {
      include /etc/nginx/fastcgi_params;
      fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
      fastcgi_param GIT_HTTP_EXPORT_ALL "";
      fastcgi_param GIT_PROJECT_ROOT /var/git;
      fastcgi_param PATH_INFO $1;
      fastcgi_pass      unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
   }

   try_files $uri @cgit;

   # Serve static files
   location ~* ^.+\.(css|png|ico)$ {
      root /var/www/cgit;
      expires 30d;
   }

   location @cgit {
     include fastcgi_params;
     fastcgi_param       SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
     fastcgi_pass        unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
     fastcgi_param HTTP_HOST $server_name;
     fastcgi_param PATH_INFO $uri;
     fastcgi_param QUERY_INFO $uri;
  }
}

関連情報