centos 5 + nginx + git-http-backend

I've a CentOS 5 server at domain.fr. I'm trying to set a subdomain so that I can use it with git, "git.domain.fr".

My repositories are in /home/git (example /home/git/repos.git).
I've installed git-http-backend and nginx.
I've set a repository like this: cd /home/git/repos.git && git --bare init.
I've set my git.conf (included in nginx.conf) as below.

However, on my client shell, I get the fatal error "repository not found":

$ git clone http://git.domain.fr/repos.git

Does anyone know what I should do? It seems so simple, I'm getting frustrated because I'm sure it's nothing...

server {

    listen          80;
    server_name     git.domain.fr;
    root            /home/git;

    location ~ /(/.*) {

        include /etc/nginx/fastcgi_params;
        fastcgi_param   SCRIPT_FILENAME /usr/bin/git-http-backend;
        fastcgi_param   GIT_HTTP_EXPORT_ALL     true;
        fastcgi_param   GIT_PROJECT_ROOT        /home/git;
        fastcgi_param   PATH_INFO               $1;
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
    }
}

EDIT #1

I've updated the file as this:

server  {

    listen          80;
    server_name     git.domain.fr;
    root            /home/git;

    access_log /var/log/httpd/git.access.log;
    error_log /var/log/httpd/git.error.log;

    location / {

        include /etc/nginx/fastcgi_params;

        fastcgi_param   SCRIPT_FILENAME /usr/bin/git-http-backend;
        fastcgi_param   GIT_HTTP_EXPORT_ALL     true;
        fastcgi_param   GIT_PROJECT_ROOT        /home/git;
        fastcgi_param   PATH_INFO               $uri;

        fastcgi_pass unix:/usr/local/src/fcgiwrap/systemd/fcgiwrap.socket;
    }
}

I also checked the socket location and gave it to nginx:nginx, but I'm now getting an "Error 500".

$ git clone git.domain.fr/repos.git
Cloning into 'repos'...
fatal: unable to access 'git.domain.fr/repos.git/': The requested URL returned error: 500

fcgi wrap is running:

$ netstat -anp | grep cgi
unix  2      [ ACC ]     STREAM     LISTENING     1510861 24878/fcgiwrap      /usr/local/src/fcgiwrap/systemd/fcgiwrap.socket

It has the correct permissions:

$ ls -lia /usr/local/src/fcgiwrap/systemd/fcgiwrap.socket
3067341 srwxrwxrwx 1 nginx nginx 0 févr. 22 23:51 /usr/local/src/fcgiwrap/systemd/fcgiwrap.socket

git.error.log is empty, but git.access.log contains:

1**.***.***.*** - - [23/Feb/2014:13:02:17 +0100] "GET /repos.git/info/refs?service=git-upload-pack HTTP/1.1" 500 5 "-" "git/1.8.4"

EDIT #2

Problem almost solved : I just restarted my server for some reasons, then git pull worked.

Now, I am getting a 403 error when I push.

Push :

$ GIT_CURL_VERBOSE=1 git push origin master
* Adding handle: conn: 0x7fe329811800
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fe329811800) send_pipe: 1, recv_pipe: 0
* About to connect() to git.domain.fr port 80 (#0)
*   Trying 108.162.199.22...
* Connected to git.domain.fr (108.162.199.22) port 80 (#0)
> GET /repos.git/info/refs?service=git-receive-pack HTTP/1.1
User-Agent: git/1.8.4
Host: git.domain.fr
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 403 Forbidden
* Server cloudflare-nginx is not blacklisted
< Server: cloudflare-nginx
< Date: Sun, 23 Feb 2014 18:20:59 GMT
< Content-Type: application/octet-stream
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: __cfduid=dc7d61cac342494e2b1307f88f8bf440f1393179659791; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.domain.fr; HttpOnly
< Expires: Fri, 01 Jan 1980 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, max-age=0, must-revalidate
< Expires: Fri, 01 Jan 1980 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, max-age=0, must-revalidate
< CF-RAY: 1015eee9b29a091a-CDG
< 
* Connection #0 to host git.domain.fr left intact
fatal: unable to access 'http://git.domain.fr/repos.git/': The requested URL returned error: 403

Pull :

$ GIT_CURL_VERBOSE=1 git pull origin master
* Adding handle: conn: 0x7fb11b811800
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fb11b811800) send_pipe: 1, recv_pipe: 0
* About to connect() to git.domain.fr port 80 (#0)
*   Trying 108.162.198.22...
* Connected to git.domain.fr (108.162.198.22) port 80 (#0)
> GET /repos.git/info/refs?service=git-upload-pack HTTP/1.1
User-Agent: git/1.8.4
Host: git.domain.fr
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
* Server cloudflare-nginx is not blacklisted
< Server: cloudflare-nginx
< Date: Sun, 23 Feb 2014 18:25:33 GMT
< Content-Type: application/x-git-upload-pack-advertisement
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: __cfduid=d75ab90529a399f012383cdee482bc7ed1393179933224; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.domain.fr; HttpOnly
< Expires: Fri, 01 Jan 1980 00:00:00 GMT
< Pragma: no-cache
< Cache-Control: no-cache, max-age=0, must-revalidate
< CF-RAY: 1015f596a8700914-CDG
< 
* Connection #0 to host git.domain.fr left intact
From http://git.domain.fr/repos
 * branch            master     -> FETCH_HEAD
Already up-to-date.

Log (error.log is empty) :

$ tail -f /var/log/httpd/git.access.log 
1**.***.***.*** - - [23/Feb/2014:19:20:59 +0100] "GET /repos.git/info/refs?service=git-receive-pack HTTP/1.1" 403 5 "-" "git/1.8.4"
1**.***.***.*** - - [23/Feb/2014:19:25:33 +0100] "GET /repos.git/info/refs?service=git-upload-pack HTTP/1.1" 200 294 "-" "git/1.8.4"

I checked the rights and owners. What can I do ? Any idea ?

EDIT #3

SUCCESS !

Git push gets a 403 errors when you use it without authentication. I just had to set nginx so that it asks for a user/password :

server  {

    listen          80;
        server_name     git.domain.fr;
        root            /home/git;

        access_log /var/log/httpd/git.access.log;
        error_log /var/log/httpd/git.error.log;

        auth_basic          "Accès restreint";
        auth_basic_user_file    /home/domain.fr/git_access;

        location / {

                include /etc/nginx/fastcgi_params;

                fastcgi_param   SCRIPT_FILENAME         /usr/bin/git-http-backend;
                fastcgi_param   GIT_HTTP_EXPORT_ALL     true;
                fastcgi_param   GIT_PROJECT_ROOT        /home/git;
                fastcgi_param   PATH_INFO               $uri;
                fastcgi_param   REMOTE_USER         $remote_user;

                fastcgi_pass unix:/usr/local/src/fcgiwrap/systemd/fcgiwrap.socket;
        }
}

You should also check that your repository belongs to git:git :

chmod -R g+ws repos.git
chgrp -R git repos.git

Everything's fine now.

Thanks for your help !

Charaf

Posted 2014-02-21T16:10:31.990

Reputation: 31

I just learned that the last two chmod and chgrp commands are very important. – Derek Mahar – 2016-10-31T16:14:56.053

In case you're curious, http://stackoverflow.com/a/40313590/107158 illustrates how to configure git-http-backend to enable anonymous read access but authenticated write access.

– Derek Mahar – 2016-10-31T15:40:19.257

Also I've changed PATH_INFO – Alexey Ten – 2014-02-22T08:25:52.420

Post updated. It's almost ok. It's now only about an error 500. – Charaf – 2014-02-23T12:12:14.000

Edit #2. Almost done, but error 403 as I push. – Charaf – 2014-02-23T18:28:16.340

I guess, you should properly setup git-http-backend, but I can't help you with that. Sorry – Alexey Ten – 2014-02-23T18:41:54.700

I solved it, finally =) – Charaf – 2014-02-23T19:47:14.140