web-dev-qa-db-ja.com

Nginxを使用したgit-http-backendの構成(PROPFIND 405を返す)

Nginxでgit-http-backendを設定しようとしていますが、問題が発生しています。

実際の結果は、PROPFINDリクエストに対して405エラーが発生することです。

192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1" 200 0 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "GET /lw/bla.git/HEAD HTTP/1.1" 200 23 "-" "git/2.3.0" "-"
192.168.1.45 - - [22/Feb/2015:16:50:46 +0100] "PROPFIND /lw/bla.git/ HTTP/1.1" 405 172 "-" "git/2.3.0" "-"

バージョン:

  • Debian GNU/Linux 7.8(wheezy)
  • gitバージョン2.3.0
  • nginxバージョン:nginx/1.6.2
  • fcgiwrapバージョン1.0.3

構成パーツ:

nginxサイト構成

server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

location / {
  root  /var/git;
}

location ~ /git(/.*) {
    gzip off;
    root /var/git;
    include fastcgi_params;

    fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
    fastcgi_param DOCUMENT_ROOT /usr/local/libexec/git-core;
    fastcgi_param SCRIPT_NAME git-http-backend;
    fastcgi_param GIT_HTTP_EXPORT_ALL "";
    fastcgi_param GIT_PROJECT_ROOT /var/git/;
    fastcgi_param PATH_INFO $uri;
    fastcgi_param REMOTE_USER $remote_user;
    fastcgi_pass unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
  }
}

fastcgiソケット

foobar@dloc:/var/git/lw/bla.git$ ls -al /var/run/cgit-fastcgi/
total 0
drwxrwx---  2 www-data www-data  80 Feb 21 21:23 .
drwxr-xr-x 21 root     root     760 Feb 22 16:14 ..
-rw-r--r--  1 www-data www-data   0 Feb 21 21:23 cgit-fastcgi.pid
srwxr-xr-x  1 www-data www-data   0 Feb 20 22:01 cgit-fastcgi.socket

git-http-バックエンド

foobar@dloc:/var/git/lw$ Sudo ls -al /usr/local/libexec/git-core/git-http-backend 
-rwxr-xr-x 1 root staff 4447063 Feb 13 23:45 /usr/local/libexec/git-core/git-http-backend

Gitリポジトリ

foobar@dloc:~$ ls -al /var/git/lw/
drwxr-xr-x 7 www-data www-data 4096 Feb 22 00:36 bla.git

それはによって作成されました:

git --bare init bla.git && \
git config --local --add http.receivepack true && \
git update-server-info
chown -R www-data:www-data bla.git

クライアントプッシュの完全な詳細

* Couldn't find Host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;    [email protected]
*    SSL certificate verify ok.
> GET /lw/bla.git/info/refs?service=git-receive-pack HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 0
< Last-Modified: Sun, 22 Feb 2015 15:19:11 GMT
< Connection: keep-alive
< ETag: "54e9f36f-0"
< Accept-Ranges: bytes
< 
* Connection #0 to Host git.dloc.com left intact
* Couldn't find Host git.dloc.com in the .netrc file; using defaults
* Found bundle for Host git.dloc.com: 0x1070d60
* Re-using existing connection! (#0) with Host git.dloc.com
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
> GET /lw/bla.git/HEAD HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Sun, 22 Feb 2015 16:07:58 GMT
< Content-Type: application/octet-stream
< Content-Length: 23
< Last-Modified: Sat, 21 Feb 2015 22:25:43 GMT
< Connection: keep-alive
< ETag: "54e905e7-17"
< Accept-Ranges: bytes
< 
* Connection #0 to Host git.dloc.com left intact
* Couldn't find Host git.dloc.com in the .netrc file; using defaults
*   Trying 192.168.1.45...
* Connected to git.dloc.com (192.168.1.45) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
   CApath: none
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*    subject: CN=*.dloc.de
*    start date: 2014-11-03 18:44:22 GMT
*    expire date: 2015-05-02 18:44:22 GMT
*    subjectAltName: git.dloc.com matched
*    issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing Authority;   [email protected]
*    SSL certificate verify ok.
> PROPFIND /lw/bla.git/ HTTP/1.1
User-Agent: git/2.3.0
Host: git.dloc.com
Accept: */*
Depth: 0
Content-Type: text/xml
Content-Length: 168
Expect: 100-continue

* The requested URL returned error: 405 Not Allowed
* Closing connection 0
error: Cannot access URL https://git.dloc.com/lw/bla.git/, return code 22
fatal: git-http-Push failed
error: failed to Push some refs to 'https://git.dloc.com/lw/bla.git'

スマートhttp-backendを使用してリクエストが処理されないと思います。しかし、その理由は特定できませんでした。

私の構成の何が問題なのか手がかりを持っている人はいますか?

前もって感謝します。

2
snafu

すみません、これは私の間違いでした。

私の構成の問題は、https_:// dlock .../lw/blaを介してリポジトリのクローンを作成したことでした。これは、次の理由で正常に機能しました。

_location / {
  root  /var/git;
}
_

しかし、location ~ /git(/.*) {は確かに次のことを期待しています:https_:// dloc .../git/lw/blaはスマートhttpバックエンドm(を介してリクエストを処理します。

誰かが同じ問題に遭遇した場合、次の構成が(cgitを使用して)機能しています:

_server {
   listen 443;
   server_name git.dloc.com;
   access_log /var/log/nginx/git.dloc.access.log main;
   error_log /var/log/nginx/git.dloc.error.log;

   ssl                 on;
   ssl_certificate     /etc/ssl/dloc/dloc.crt;
   ssl_certificate_key /etc/ssl/dloc/dloc.key;

   auth_basic "Login";
   auth_basic_user_file /etc/Apache2/passwd/git.pwd;
   location ~ /\. { deny  all; }

   location ~ /git(.*) {
      include /etc/nginx/fastcgi_params;
      fastcgi_param SCRIPT_FILENAME /usr/local/libexec/git-core/git-http-backend;
      fastcgi_param GIT_HTTP_EXPORT_ALL "";
      fastcgi_param GIT_PROJECT_ROOT /var/git;
      fastcgi_param PATH_INFO $1;
      fastcgi_pass      unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
   }

   try_files $uri @cgit;

   # Serve static files
   location ~* ^.+\.(css|png|ico)$ {
      root /var/www/cgit;
      expires 30d;
   }

   location @cgit {
     include fastcgi_params;
     fastcgi_param       SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
     fastcgi_pass        unix:/var/run/cgit-fastcgi/cgit-fastcgi.socket;
     fastcgi_param HTTP_Host $server_name;
     fastcgi_param PATH_INFO $uri;
     fastcgi_param QUERY_INFO $uri;
  }
}
_
2
snafu