Configuración de git-http-backend con Nginx (devolviendo PROPFIND 405)

tag-icon tag-icon nginx git spawn-fcgi
Configuración de git-http-backend con Nginx (devolviendo PROPFIND 405)

Estoy intentando configurar git-http-backend sobre nginx y tengo algunos problemas.

El resultado real es que recibo un error 405 para la solicitud PROPFIND:

192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1" 200 0 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/HEAD HTTP/1.1" 200 23 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "PROPFIND /lw/bla.git/ HTTP/1.1" 405 172 "-" "git/2.3.0" "-"

Versiones:

  • Debian GNU/Linux 7.8 (silbido)
  • git versión 2.3.0
  • versión de nginx: nginx/1.6.2
  • fcgiwrap versión 1.0.3

Las partes de configuración:

configuración del sitio nginx

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

location / {
  root  /var/git;
}

location ~ /git(/.*) {
    gzip off;
    root /var/git;
    include fastcgi_params;

    fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
    fastcgi_param DOCUMENT_ROOT /usr/local/libexec/git-core;
    fastcgi_param SCRIPT_NAME git-http-backend;
    fastcgi_param GIT_HTTP_EXPORT_ALL "";
    fastcgi_param GIT_PROJECT_ROOT /var/git/;
    fastcgi_param PATH_INFO $uri;
    fastcgi_param REMOTE_USER $remote_user;
    fastcgi_pass unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
  }
}

conector fastcgi

foobar@dloc:/var/git/lw/bla.git$ ls -al /var/run/cgit-fastcgi/
total 0
drwxrwx---  2 www-data www-data  80 Feb 21 21:23 .
drwxr-xr-x 21 root     root     760 Feb 22 16:14 ..
-rw-r--r--  1 www-data www-data   0 Feb 21 21:23 cgit-fastcgi.pid
srwxr-xr-x  1 www-data www-data   0 Feb 20 22:01 cgit-fastcgi.socket

git-http-backend

foobar@dloc:/var/git/lw$ sudo ls -al /usr/local/libexec/git-core/git-http-backend 
-rwxr-xr-x 1 root staff 4447063 Feb 13 23:45 /usr/local/libexec/git-core/git-http-backend

repositorio git

foobar@dloc:~$ ls -al /var/git/lw/
drwxr-xr-x 7 www-data www-data 4096 Feb 22 00:36 bla.git

Fue creado por:

git --bare init bla.git && \
git config --local --add http.receivepack true && \
git update-server-info
chown -R www-data:www-data bla.git

Texto completo del push del cliente

* Couldn't find host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;    [email protected]
*    SSL certificate verify ok.
> GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 0
< Last-Modified: Sun, 22 Feb 2015 15:19:11 GMT
< Connection: keep-alive
< ETag: "54e9f36f-0"
< Accept-Ranges: bytes
< 
* Connection #0 to host git.dloc.com left intact
* Couldn't find host git.dloc.com in the .netrc file; using defaults
* Found bundle for host git.dloc.com: 0x1070d60
* Re-using existing connection! (#0) with host git.dloc.com
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
> GET /lw/bla.git/HEAD HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 23
< Last-Modified: Sat, 21 Feb 2015 22:25:43 GMT
< Connection: keep-alive
< ETag: "54e905e7-17"
< Accept-Ranges: bytes
< 
* Connection #0 to host git.dloc.com left intact
* Couldn't find host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;   [email protected]
*    SSL certificate verify ok.
> PROPFIND /lw/bla.git/ HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Depth: 0
Content-Type: text/xml
Content-Length: 168
Expect: 100-continue

* The requested URL returned error: 405 Not Allowed
* Closing connection 0
error: Cannot access URL https://git.dloc.com/lw/bla.git/, return code 22
fatal: git-http-push failed
error: failed to push some refs to 'https://git.dloc.com/lw/bla.git'

Creo que la solicitud no se atiende mediante el backend http inteligente. Pero no pude identificar el motivo.

¿Alguien que tenga idea de qué está mal en mi configuración?

gracias de antemano.

Respuesta1

Oh, lo siento, este fue mi error.

El problema con mi configuración fue que cloné el repositorio a través de https_://dlock.../lw/bla, lo cual funcionó correctamente debido a:

location / {
  root  /var/git;
}

Pero location ~ /git(/.*) {espera con seguridad: https_://dloc.../git/lw/bla atender solicitudes a través del backend http inteligente m(.

Si alguien se topa con el mismo problema, la siguiente configuración me funciona (con cgit):

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

   auth_basic "Login";
   auth_basic_user_file /etc/apache2/passwd/git.pwd;
   location ~ /\. { deny  all; }

   location ~ /git(.*) {
      include /etc/nginx/fastcgi_params;
      fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
      fastcgi_param GIT_HTTP_EXPORT_ALL "";
      fastcgi_param GIT_PROJECT_ROOT /var/git;
      fastcgi_param PATH_INFO $1;
      fastcgi_pass      unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
   }

   try_files $uri @cgit;

   # Serve static files
   location ~* ^.+\.(css|png|ico)$ {
      root /var/www/cgit;
      expires 30d;
   }

   location @cgit {
     include fastcgi_params;
     fastcgi_param       SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
     fastcgi_pass        unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
     fastcgi_param HTTP_HOST $server_name;
     fastcgi_param PATH_INFO $uri;
     fastcgi_param QUERY_INFO $uri;
  }
}

información relacionada