Skip to content

Instantly share code, notes, and snippets.

@massar
Created March 6, 2014 21:14
Show Gist options
  • Save massar/9399764 to your computer and use it in GitHub Desktop.
Save massar/9399764 to your computer and use it in GitHub Desktop.
Example nginx + git HTTP Smart mode (git-http-backend) + HTTP Authentication + HTTPS redirect
# Example nginx + git HTTP Smart mode (git-http-backend) + HTTP Authentication + HTTPS redirect
# [email protected] - http://jeroen.massar.ch
server {
listen 192.0.1.1:80;
listen [2001:db8::1]:80;
# Redirect all non-HTTPS traffic to the HTTPS variant
return 301 https://$host$request_uri;
}
server {
listen 192.0.1.1:443;
listen [2001:db8::1]:443;
root /www/empty/;
index index.html;
server_name git.example.com;
access_log /var/log/nginx/access.log;
#error_page 404 /404.html;
# ... ssl params ...
auth_basic "Restricted";
auth_basic_user_file /www/htpasswd;
location ~ /git(/.*) {
# Set chunks to unlimited, as the body's can be huge
client_max_body_size 0;
fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
include fastcgi_params;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT /git;
fastcgi_param PATH_INFO $1;
# Forward REMOTE_USER as we want to know when we are authenticated
fastcgi_param REMOTE_USER $remote_user;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
}
@TTimo
Copy link

TTimo commented Jan 29, 2015

could never get this to work. looks like the git repositories would need to be under /www/empty/git/, but even then it's returning 502 errors through fcgiwrap

@bakytn
Copy link

bakytn commented Feb 26, 2015

This saved my day.

@jcadam
Copy link

jcadam commented Mar 24, 2015

Always hit error '1 upstream prematurely closed FastCGI stdout while reading response header from upstream' on this. git over http still cannot work for me...

@Jameron
Copy link

Jameron commented Oct 4, 2016

Has anyone got this working on nginx/1.10.1?

@amejiasp
Copy link

Nice. It works for me....

@sivacool
Copy link

sivacool commented Feb 8, 2017

please guys anyone help me because i need to Using SSH over the HTTPS port for cloning

@ietuday
Copy link

ietuday commented Apr 19, 2017

Hi Guys,

I was running four node servers using

Configuring multiple applications on same port using nginx reverse proxy based on request urls

its working but the bundles files cannot loaded. I am stuck. Please Help

on Browser Console

Failed to load resource: the server responded with a status of 404 (Not Found)
http://localhost/inline.bundle.js Failed to load resource: the server responded with a status of 404 (Not Found)
http://localhost/scripts.bundle.js Failed to load resource: the server responded with a status of 404 (Not Found)
http://localhost/vendor.bundle.js Failed to load resource: the server responded with a status of 404 (Not Found)
http://localhost/main.bundle.js Failed to load resource: the server responded with a status of 404 (Not Found)
http://localhost/styles.bundle.css Failed to load resource: the server responded with a status of 404 (Not Found)

@ClearPathDigital
Copy link

👍

@IgorDePaula
Copy link

@massar
Copy link
Author

massar commented Jul 8, 2021

@igor

How to authenticate using auth server? Something like this https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/

That could do the trick, don't forget to remove the auth_basic + auh_basic_user_file directives in that case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment