centos7基于nginx的http协议的git服务器

使用Gitlab有点配置太麻烦,用github或gitee,领导要求内网或私有服务器,也麻烦.所以干脆自己动手吧. 相对来说比使用gitlab部署要简单(非docker模式),将就看吧

nginx的安装就略过啦.
要注意的是编译安装nginx,一定要加上--with-http_dav_module不添加该模块无法 git push
我们从git安装开始.

安装git

centos默认带的是1.7x的,也可以用.我不小心把它删了

yum -y remove git

然后下载了最新的,现在最新的已经到了2.14.2了...

yum -y install perl cpio autoconf tk zlib-devel libcurl-devel openssl-devel expat-devel gettext-devel perl-ExtUtils-MakeMaker

cd /usr/local/src; wget https://www.kernel.org/pub/software/scm/git/git-2.9.5.tar.gz

tar zxf git-2.9.5.tar.gz && cd git-2.9.5

autoconf && ./configure

make prefix=/usr/local/git all
make prefix=/usr/local/git install

添加到环境变量

vim /etc/profile  

添加这一条

export PATH="/usr/local/git/bin:$PATH" 

立即生效

source /etc/profile

查看git版本

git --version

git version 2.9.5

好了,我们做个小动作
将git设置为默认路径，不然后面克隆时会报错

ln -s /usr/local/git/bin/git-upload-pack /usr/bin/git-upload-pack 
ln -s /usr/local/git/bin/git-receive-pack /usr/bin/git-receive-pack 

Git SSH协议

1.创建 Git 仓库

mkdir -p /gitServer && cd /gitServer

git init --bare lxm.git

2.本地使用git客户端连接

git clone git@xxxx.xxxx.xxxx:gitServer/lxm.git

输入git用户密码,你应该就能克隆一个空的仓库下来了
这就实现了SSH本地用户授权访问git仓库
当然,你也可以提交数据.但是每次都用root,好2B是不是,而且还用的是ssh协议,写起来就头疼.我们要http或https...

继续...

配置http协议的仓库

1.修改lxm仓库配置

cd memory.git && mv hooks/post-update.sample hooks/post-update

git update-server-info

2.安装nginx的扩展,使它支持cgi

cd /usr/local/src
git clone https://github.com/lighttpd/spawn-fcgi.git
cd spawn-fcgi && ./autogen.sh && ./configure && make && make install

安装

yum -y install fcgi-devel

安装fcgi的管理工具

cd /usr/local/src
git clone https://github.com/gnosek/fcgiwrap.git
cd fcgiwrap && autoreconf -i && ./configure && make && make install

配置启动脚本

vim /etc/init.d/fcgiwrap

写入以下内容

#! /bin/bash
### BEGIN INIT INFO
# Provides:          fcgiwrap
# Required-Start:    $remote_fs
# Required-Stop:     $remote_fs
# Should-Start:
# Should-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: FastCGI wrapper
# Description:       Simple server for running CGI applications over FastCGI
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
SPAWN_FCGI="/usr/local/bin/spawn-fcgi"
DAEMON="/usr/local/sbin/fcgiwrap"
NAME="fcgiwrap"

PIDFILE="/var/run/$NAME.pid"

FCGI_SOCKET="/var/run/$NAME.socket"
FCGI_USER="git"
FCGI_GROUP="git"
FORK_NUM=5
SCRIPTNAME=/etc/init.d/$NAME

case "$1" in
    start)
        echo -n "Starting $NAME... "

        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            echo " $NAME already running"
            exit 1
        fi

        $SPAWN_FCGI -u $FCGI_USER -g $FCGI_GROUP -s $FCGI_SOCKET -P $PIDFILE -F $FORK_NUM -f $DAEMON

        if [ "$?" != 0 ]; then
            echo " failed"
            exit 1
        else
            echo " done"
        fi
    ;;

    stop)
        echo -n "Stoping $NAME... "

        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            kill `pidof $NAME`
            if [ "$?" != 0 ]; then
                echo " failed. re-quit"
                exit 1
            else
                rm -f $pid
                echo " done"
            fi
        else
            echo "$NAME is not running."
            exit 1
        fi
    ;;

    status)
        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            echo "$NAME (pid $PID) is running..."
        else
            echo "$NAME is stopped"
            exit 0
        fi
    ;;

    restart)
        $SCRIPTNAME stop
        sleep 1
        $SCRIPTNAME start
    ;;

    *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|status}"
        exit 1
    ;;
esac

注意spawn-fcgi跟fcgiwrap脚本路径及FCGI_GROUP跟FCGI_GROUP
脚本启动了5个cgi进程，按需调整
用户组我这儿直接使用的是nginx的www用户组,如果你的nginx用的别的组跑的,这儿改改

让它可执行

chmod a+x /etc/init.d/fcgiwrap

chkconfig --level 35 fcgiwrap on

/etc/init.d/fcgiwrap start

3.安装httpd工具包

yum -y install httpd-tools

主要是方便使用htpasswd
如果你不愿安装它就用以下的方法创建密码也可以

vi ~/httppasswd.pl

//写入下面四行代码
#!/usr/bin/perl
use strict;
my $pw=$ARGV[0] ;
print crypt($pw,$pw)."\n";

//添加可执行
chmod +x ~/httppasswd.pl

//使用方法
~/httppasswd.pl admin            
adpexzg3FUZAkvim  //密码admin转换

echo "user:adpexzg3FUZAkvim" > /www/gitpass.db

好了,我们继续刚才的htpasswd

htpasswd -c /www/gitpass.db user

创建一个账号并要求你输入密码,我这儿就memory,密码就123456
然后创建一个nginx站点

server {
    listen      80;
    server_name xxxx.xxxx.xxxx.xxxx;

    client_max_body_size 100m;

    auth_basic "Git User Authentication";
    auth_basic_user_file /www/gitpass.db;

    location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
        root /gitServer;
    }    
    
    location ~ /.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
        root          /gitServer;
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_connect_timeout 24h;
        fastcgi_read_timeout 24h;
        fastcgi_send_timeout 24h;
        fastcgi_param SCRIPT_FILENAME   /usr/local/git/libexec/git-core/git-http-backend;
        fastcgi_param PATH_INFO         $uri;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT  /gitServer;
        fastcgi_param REMOTE_USER $remote_user;
        include fastcgi_params;
    }
}

这样简单的配置后,你应该就可以使用 git clone http://xxxx.xxxx.xxx.xxx/lxm.git 来克隆仓库了
注意认证文件gitpass.db路径
注意git-http-backend路径 , 到git的安装目录下去找
第一个location用于静态文件直接读取
第二个location用于将指定动作转给cgi执行
根目录指向git仓库目录

配置http在线浏览 Gitweb

这个Gitweb其实我们在编译安装git的时候他也给我们安装了,在git的安装目录下有个share,里面有惊喜
不废话了,直接继续

vim /etc/gitweb.conf 

写入

# path to git projects (<project>.git)
$projectroot = "/gitServer";

# directory to use for temp files
$git_temp = "/tmp";

# target of the home link on top of all pages
$home_link = $my_uri || "/";

# html text to include at home page
$home_text = "indextext.html";

# file with project list; by default, simply scan the projectroot dir.
$projects_list = $projectroot;

# javascript code for gitweb
$javascript = "static/gitweb.js";

# stylesheet to use
$stylesheet = "static/gitweb.css";

# logo to use
$logo = "static/git-logo.png";

# the 'favicon'
$favicon = "static/git-favicon.png";

手动执行一下看报错不

/usr/local/git/share/gitweb/gitweb.cgi

当然报错啦...是不是,因为你有一堆东西没装.

yum -y install perl-CPAN perl-CGI perl-Time-HiRes

这三货安装了应该就不会报错了
然后我们把刚才的nginx站点的配置再改改

server {
    listen      80;
    server_name xxxx.xxxx.xxxx.xxxx;
    root        /usr/local/git/share/gitweb;

    client_max_body_size 100m;

    auth_basic "Git User Authentication";
    auth_basic_user_file /www/gitpass.db;
location ~ \.(cgi|pl).*$ {  

            gzip off;  

            fastcgi_pass unix:/var/run/fcgiwrap.socket;  

            fastcgi_param  SCRIPT_FILENAME    /var/www/git/gitweb.cgi;    

            fastcgi_param  SCRIPT_NAME        gitweb.cgi;    

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;  

            include fastcgi_params;  

      }  

    location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
        root /www/git;
    }

    location ~ /.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
        root          /www/git;
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_connect_timeout 24h;
        fastcgi_read_timeout 24h;
        fastcgi_send_timeout 24h;
        fastcgi_param SCRIPT_FILENAME     /usr/local/git/libexec/git-core/git-http-backend;
        fastcgi_param PATH_INFO           $uri;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT    /gitServer;
        fastcgi_param REMOTE_USER $remote_user;
        include fastcgi_params;
    }

    try_files $uri @gitweb;

    location @gitweb {
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_param GITWEB_CONFIG    /etc/gitweb.conf;
        fastcgi_param SCRIPT_FILENAME  /var/www/git/gitweb.cgi;
        fastcgi_param PATH_INFO        $uri;
        include fastcgi_params;
    }
}

好了,记得nginx reload一下呀.然后你就可以用浏览器浏览代码仓库了
大概样子应该如下

收工. 别问我为什么浏览器打开提示你输入账号密码,你说咧..你说咧 nginx的这货你当它是吃的呀auth_basic_user_file

Gitweb-theme样式

如果觉得 gitweb 默认样式不好看，可以拿该样式替换

cd /usr/local/src
git clone https://github.com/kogakure/gitweb-theme.git
cd gitweb-theme
./setup -vi -t /var/www/git  --install  # -t 指定 gitweb 根目录，一路 y 即可

清空下缓存吧

备注一些git的常规配置

配置git的最低速度和最低速度时间：
git config --global http.lowSpeedLimit 0
git config --global http.lowSpeedTime 999999
git config --global http.postBuffer 5242880000

快速添加仓库的shell脚本

#!/bin/bash
read -p "请输入仓库名称:" name
if [ ! -n "$name" ];then
  echo "不能为空"
else
  cd /www/git
  git init --bare $name.git
  chown -Rf www:www $name.git
  cd $name.git && mv hooks/post-update.sample hooks/post-update
  echo $name > description
  git update-server-info

  echo "git remote add origin http://xx.xx.xx/$name.git"
  echo "git push -u origin master"
fi

一般性错误

错误1.push502
push的时候如何提示502,但是网站确正常访问.请检查你的git目录是不是git权限

报错 2：

Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendorperl /usr/share/perl5/vendorperl /usr/lib/perl5 /usr/share/perl5 .) BEGIN failed--compilation aborted.

解决方法:

yum -y install perl-CPAN

报错 3:

Can't locate CGI.pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendorperl /usr/share/perl5/vendorperl /usr/lib/perl5 /usr/share/perl5 .) BEGIN failed--compilation aborted.

解决方法:

yum -y install perl-CGI

报错 4:

Can't locate Time/HiRes.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/share/gitweb/gitweb.cgi line 20.

解决方法:

yum -y install perl-Time-HiRes

报错 5:

error: RPC failed; HTTP 413 curl 22 The requested URL returned error: 413 Request Entity Too Large

解决方法:nginx站点配置文件中添加或修改client_max_body_size的值

client_max_body_size 100m;

 

转载于:https://my.oschina.net/u/2270256/blog/1922546