setup http/https git server on nginx via git-http-backend

Precondition

sudo apt-get install nginx fcgiwrap git apache2-utils

Set up https server

First, please setup your https server by your self.
You can refer to my guide

git-http-backend

git-http-backend is a Server side implementation of Git over HTTP.
/usr/lib/git-core/git-http-backend

Set Up Password Authentication file for your git server

We can get a password with MD5-based password algorithm, Apache variant via openssl passwd command.
You can add a username to the file using this command. We are using sammy as our username, but you can use whatever name you'd like:
sudo sh -c "echo -n 'sammy:' >> .gitpasswd"
Next, add an encrypted password entry for the username by typing:
sudo sh -c "openssl passwd -apr1 >> .gitpasswd"
You can repeat this process for additional usernames. You can see how the usernames and encrypted passwords are stored within the file by typing:
cat .gitpasswd
Output
sammy:$apr1$wI1/T0nB$jEKuTJHkTOOWkopnXqC1d1
Or We can use The htpasswd utility, found in the apache2-utils package, serves this function well.
Let's add a new user kimmy via htpasswd, below is command line.
htpasswd -c .gitpasswd kimmy 
cat .gitpasswd 
sammy:$apr1$wI1/T0nB$jEKuTJHkTOOWkopnXqC1d1 
kimmy:$apr1$sBPFn6ek$L8Ta2LkiuXzi7bQZUqUlq0

http/https nginx conf

cat /etc/nginx/sites-enabled/git.errong.win.conf
server {
    listen  80;
    listen [::]:80;
    server_name git.errong.win;
    auth_basic "Restricted";
    auth_basic_user_file /home/errong_leng/.gitpasswd;
    location ~ (/.*) {
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        include       fastcgi_params;
        fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT    /home/errong_leng/www/git;
        fastcgi_param REMOTE_USER         $remote_user;
        fastcgi_param PATH_INFO           $uri;
    }
}
cat /etc/nginx/sites-enabled/git.errong.win-ssl.conf
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name git.errong.win;
    ssl_certificate /etc/letsencrypt/git.errong.win/fullchain.cer;
    ssl_certificate_key /etc/letsencrypt/git.errong.win/git.errong.win.key;
    auth_basic "Restricted";
    auth_basic_user_file /home/errong_leng/.gitpasswd;
    location ~ (/.*) {
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        include       fastcgi_params;
        fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT    /home/errong_leng/www/git;
        fastcgi_param REMOTE_USER         $remote_user;
        fastcgi_param PATH_INFO           $uri;
    }
}
OK, nginx server config is done, just reload it.(sudo nginx -s reload)
Now it is time to set up git repository under the root(/home/errong_leng/www/git)

Set up git repository

$ cd www/git/ 
$ mkdir helloworld.git 
$ cd helloworld.git/ 
$ git --bare init 
Initialized empty Git repository in /home/errong_leng/www/git/helloworld.git/ 
$ cp hooks/post-update.sample hooks/post-update 
$ chmod a+x hooks/post-update 
$ chmod a+w . -R
Now, We can git clone and push to the respository on remote machine via http/https protocol.

git clone helloworld.git

git clone https://git.errong.win/helloworld.git
Cloning into 'helloworld'...
Username for 'https://git.errong.win': lenger
Password for 'https://lenger@git.errong.win':
warning: You appear to have cloned an empty repository.
Checking connectivity... done.

git push helloworld.git

git push origin master
Username for 'https://git.errong.win': lenger
Password for 'https://lenger@git.errong.win':
Counting objects: 3, done.
Writing objects: 100% (3/3), 205 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To https://git.errong.win/helloworld.git
  • [new branch] master -> master

Comments

Post a Comment

Popular posts from this blog

react-native run-android : do not build/update modified code(App.js)

Solution react-native bundle --platform android --dev false --entry-file index.js --bundle-output android/app/src/main/assets/index.android.bundle --assets-dest android/app/src/main/res c:\Users\lenger\Desktop\webrowser>react-native bundle --platform android --dev false --entry-file index.js --bundle-output android/app/src/main/assets/index.android.bundle --assets-dest android/app/src/main/res Scanning folders for symlinks in c:\Users\lenger\Desktop\webrowser\node_modules (43ms) Scanning folders for symlinks in c:\Users\lenger\Desktop\webrowser\node_modules (38ms) Loading dependency graph, done. bundle: start bundle: finish bundle: Writing bundle output to: android/app/src/main/assets/index.android.bundle bundle: Done writing bundle output Run react-native run-android again, you will find your modification work.
Read more

react-native run-android : sun.security.provider.cert path.SunCertPathBuilderException : unable to find valid certification path to req uested target

Image
F:\webrowser>react-native run-android Scanning folders for symlinks in F:\webrowser\node_modules (73ms) Starting JS server... Building and installing the app on the device (cd android && gradlew.bat install Debug)... Downloading https://services.gradle.org/distributions/gradle-4.1-all.zip Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.val idator.ValidatorException: PKIX path building failed: sun.security.provider.cert path.SunCertPathBuilderException: unable to find valid certification path to req uested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker. java:1514) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.jav a:216) at s
Read more

How to fix error : no module named sendgrid when try to use sendgrid python lib in PHP.

Image
"no module named sendgrid" error reported with below codes: <?php system("/usr/bin/python sendmail.py 2>&1"); system("/usr/bin/python --version 2>&1", $ret); ?> sendmail.py import sendgrid import os from sendgrid.helpers.mail import * sg = sendgrid.SendGridAPIClient( apikey = os.environ.get( ' SENDGRID_API_KEY ' )) from_email = Email( " test@example.com " ) to_email = Email( " test@example.com " ) subject = " Sending with SendGrid is Fun " content = Content( " text/plain " , " and easy to do anywhere, even with Python " ) mail = Mail(from_email, subject, to_email, content) response = sg.client.mail.send.post( request_body = mail.get()) print (response.status_code) print (response.body) print (response.headers) ....
Read more