# From: https://gemini.nytpu.com/gemlog/2021-03-07.gmi
########
#
# you should have other ssl configuration elsewhere...
server {
	listen       443 ssl http2;
	server_name  git.nytpu.com;
	charset utf-8;

	# where cgit is installed to
	root   /usr/share/webapps/cgit;

	location / {
		# do this so when something like /favicon.ico is requested it directly
		# looks in root first, before passing it to the cgi script
		try_files $uri @cgit;
	}

	# pass to fcgiwrap, using cgit.cgi
	location @cgit {
		fastcgi_pass        unix:/run/fcgiwrap.sock;
		fastcgi_param       SCRIPT_FILENAME $document_root/cgit.cgi;
		fastcgi_param       PATH_INFO       $uri;
		fastcgi_param       QUERY_STRING    $query_string;
		fastcgi_param       HTTP_HOST       $server_name;
		fastcgi_param       REQUEST_METHOD  $request_method;
		fastcgi_param       SCRIPT_NAME     /;
		fastcgi_param       CONTENT_TYPE    $content_type;
		fastcgi_param       CONTENT_LENGTH  $content_length;
		fastcgi_param       HTTPS           $https if_not_empty;
		fastcgi_param       SERVER_PORT     $server_port;
		fastcgi_param       SERVER_NAME     $server_name;
		include             fastcgi_params;
	}

	# if any of the paths searched for by a “smart” git clone are reqested,
	# pass it to git-http-backend so the smart request can continue, instead
	# of it being detected as a failure and using cgit's /very slow/ dumb http.
	location "(?x)^/(.*/(HEAD | \
		info/refs | \
		objects/info/[^/]+ | \
		git-upload-pack))$"
	{
		fastcgi_pass        unix:/run/fcgiwrap.sock;
		fastcgi_param       SCRIPT_NAME     /usr/lib/git-core/git-http-backend;
		fastcgi_param       GIT_HTTP_EXPORT_ALL 1;
		fastcgi_param       GIT_PROJECT_ROOT /home/alex/pub;
		fastcgi_param       PATH_INFO       $1;
		fastcgi_param       REMOTE_USER     $remote_user;
		client_max_body_size                0;
		include             fastcgi_params;
	}
}