利用Nginx搭建Http访问的Git服务器

发表于 | 分类于 |
字数统计: 1.3k 字 | 阅读时长 ≈ 7 分钟

  1. 安装nginx

    1.如果没有nginx的yum源文件,则编辑repo文件 

    1
    2
    3
    4
    5
    6
    7
    vi /etc/yum.repos.d/nginx.repo
    #内容如下
    [nginx]
    name=nginx repo
    baseurl=http://nginx.org/packages/centos/7/x86_64/
    gpgcheck=0
    enabled=1

    2.退出保存,使用yum安装nginx

    1
    yum install nginx -y

  2. 下载git并安装,不推荐使用yum安装git,版本过低,到github下载源代码安装

    1
    2
    3
    4
    5
    6
    7
    yum -y remove git
    yum -y install perl cpio autoconf tk zlib-devel libcurl-devel openssl-devel expat-devel gettext-devel perl-ExtUtils-MakeMaker automake gcc
    cd /usr/local/src;
    wget https://github.com/git/git/archive/v2.11.1.tar.gz
    tar zxf v2.11.1.tar.gz && cd git-2.11.1
    autoconf && ./configure && make && make install
    git --version

  1. 下载spawn-fcgi,fcgi-devel,fcgiwrap并安装

    1.到github下载源代码安装spawn-fcgi

    1
    2
    3
    cd /usr/local/src;
    git clone https://github.com/lighttpd/spawn-fcgi.git
    cd spawn-fcgi && ./autogen.sh && ./configure && make && make install

    2.安装fcgi-devel,注意:需要先安装epel源

    1
    2
    yum -y install epel-release
    yum -y install fcgi-devel

    3.安装fcgiwrap,git地址

    1
    2
    3
    cd /usr/local/src
    git clone https://github.com/gnosek/fcgiwrap.git
    cd fcgiwrap && autoreconf -i && ./configure  && make && make install

4.添加git的运行用户,Git仓库初始化 

1
2
3
4
5
useradd -r -s /sbin/nologin git
mkdir -p /data/git && cd /data/git
git init --bare repo.git && chown -R git:git /data/git
cd repo.git && mv hooks/post-update.sample hooks/post-update
git update-server-info

5.编写fcgiwrap启动脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
vi /etc/init.d/fcgiwrap

#脚本内容

#! /bin/bash
### BEGIN INIT INFO
# Provides:          fcgiwrap
# Required-Start:    $remote_fs
# Required-Stop:     $remote_fs
# Should-Start:
# Should-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: FastCGI wrapper
# Description:       Simple server for running CGI applications over FastCGI
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
SPAWN_FCGI="/usr/local/bin/spawn-fcgi"
DAEMON="/usr/local/sbin/fcgiwrap"
NAME="fcgiwrap"

PIDFILE="/var/run/$NAME.pid"

FCGI_SOCKET="/var/run/$NAME.socket"
FCGI_USER="git"
FCGI_GROUP="git"
FORK_NUM=15
SCRIPTNAME=/etc/init.d/$NAME

case "$1" in
    start)
        echo -n "Starting $NAME... "

        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            echo " $NAME already running"
            exit 1
        fi

        $SPAWN_FCGI -u $FCGI_USER -g $FCGI_GROUP -s $FCGI_SOCKET -P $PIDFILE -F $FORK_NUM -f $DAEMON

        if [ "$?" != 0 ]; then
            echo " failed"
            exit 1
        else
            echo " done"
        fi
    ;;

    stop)
        echo -n "Stoping $NAME... "

        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            kill `pidof $NAME`
            if [ "$?" != 0 ]; then
                echo " failed. re-quit"
                exit 1
            else
                rm -f $pid
                echo " done"
            fi
        else
            echo "$NAME is not running."
            exit 1
        fi
    ;;

    status)
        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            echo "$NAME (pid $PID) is running..."
        else
            echo "$NAME is stopped"
            exit 0
        fi
    ;;

    restart)
        $SCRIPTNAME stop
        sleep 1
        $SCRIPTNAME start
    ;;

    *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|status}"
        exit 1
    ;;
esac
注意其中的"FCGI_USER" 和 "FCGI_GROUP" 以及 "FORK_NUM",分别为fastcgi运行的用户,组以及进程数(按需调整),需要与nginx配置中的worker用户一样。
修改脚本权限,设置开机启动
1
2
3
4
5
6
7
8
9
10
11
chmod a+x /etc/init.d/fcgiwrap
chkconfig --level 35 fcgiwrap on
/etc/init.d/fcgiwrap start
```	

6.配置nginx,yum安装的nginx默认配置了WebDav模块,若没有,参考[官方文档](http://nginx.org/en/docs/ngx_core_module.html#load_module)

	1.创建授权文件夹,以及git的nginx的配置文件
```bash
mkdir -p /usr/local/nginx/config
vi /etc/nginx/conf.d/git.conf
nginx配置文件内容
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
	server {
    listen      80;
    server_name gitServer; #注意修改服务名
    root /usr/local/share/gitweb;

    client_max_body_size 100m;

    auth_basic "Git User Authentication";
    auth_basic_user_file /usr/local/nginx/config/pass.db;

    location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
        root /data/git;
    }    
    
    location ~ /.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
        root          /data/git;
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_connect_timeout 24h;
        fastcgi_read_timeout 24h;
        fastcgi_send_timeout 24h;
        fastcgi_param SCRIPT_FILENAME   /usr/local/libexec/git-core/git-http-backend;
        fastcgi_param PATH_INFO         $uri;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT  /data/git;
        fastcgi_param REMOTE_USER $remote_user;
        include fastcgi_params;
    }

    try_files $uri @gitweb;

    location @gitweb {
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_param GITWEB_CONFIG    /etc/git/gitweb.conf;
        fastcgi_param SCRIPT_FILENAME  /usr/local/share/gitweb/gitweb.cgi;
        fastcgi_param PATH_INFO        $uri;
        include fastcgi_params;
    }
}
2.修改/etc/nginx/nginx.conf中的worker进程所有者
1
2
user git;	#将原本的nginx用户改为git用户,确认能调用fastcgi
worker_processes 1;

7.安装http-tools并添加认证用户

1
2
3
4
5
yum -y install httpd-tools
cd /usr/local/nginx/config
htpasswd -c pass.db guestUser #确认密码,创建guestUser
htpasswd -b pass.db user1 passwd1 #向认证文件中追加用户user1
htpasswd -D pass.db user1 #从认证文件中删除指定的用户

8.配置gitweb

1
2
3
find /usr/local/share --name gitweb.cgi
cd /usr/local/share/gitweb && ll /usr/local/share/gitweb
vi /etc/git/gitweb.conf
配置内容
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# path to git projects (<project>.git)
$projectroot = "/data/git";

# directory to use for temp files
$git_temp = "/tmp";

# target of the home link on top of all pages
$home_link = $my_uri || "/";

# html text to include at home page
$home_text = "indextext.html";

# file with project list; by default, simply scan the projectroot dir.
$projects_list = $projectroot;

# javascript code for gitweb
$javascript = "static/gitweb.js";

# stylesheet to use
$stylesheet = "static/gitweb.css";

# logo to use
$logo = "static/git-logo.png";

# the 'favicon'
$favicon = "static/git-favicon.png";

9.重启nginx,fastccgi

1
2
3
/usr/sbin/nginx -t
systemctl reload nginx 
/etc/init.d/fcgiwrap start

10.问题

  1. 访问http://hostname/repo.git出现502错误,nginx错误日志中出现:connect() to unix:/var/run/fcgiwrap.socket failed (13: Permission denied) while connecting to upstream

    解决方法: 检查selinux是否开启,如果开启,请关闭或者配置策略使其能被访问.

  2. Can’t locate CPAN.pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendorperl /usr/share/perl5/vendorperl /usr/lib/perl5 /usr/share/perl5 .) BEGIN failed–compilation aborted.

    解决方法: yum -y install perl-CPAN

  3. Can’t locate CGI.pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendorperl /usr/share/perl5/vendorperl /usr/lib/perl5 /usr/share/perl5 .) BEGIN failed–compilation aborted.

    解决方法: yum -y install perl-CGI

  4. Can’t locate Time/HiRes.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/share/gitweb/gitweb.cgi line 20.

    解决方法: yum -y install perl-Time-HiRes

11.修改gitweb-theme样式

cd /usr/local/src
git clone https://github.com/kogakure/gitweb-theme.git
cd gitweb-theme #-t 指定gitweb根目录,一路y即可
./setup -vi -t /usr/local/share/gitweb --install
-------------本文结束感谢您的阅读-------------
分享不易,请我喝杯咖啡吧~~~