summaryrefslogtreecommitdiffstats
path: root/roles/git/files/etc/nginx/sites-available
diff options
context:
space:
mode:
Diffstat (limited to 'roles/git/files/etc/nginx/sites-available')
-rw-r--r--roles/git/files/etc/nginx/sites-available/git74
-rw-r--r--roles/git/files/etc/nginx/sites-available/gitweb48
2 files changed, 44 insertions, 78 deletions
diff --git a/roles/git/files/etc/nginx/sites-available/git b/roles/git/files/etc/nginx/sites-available/git
index 9510620..75c1512 100644
--- a/roles/git/files/etc/nginx/sites-available/git
+++ b/roles/git/files/etc/nginx/sites-available/git
@@ -7,31 +7,38 @@ server {
access_log /var/log/nginx/git.access.log;
error_log /var/log/nginx/git.error.log info;
+ location ^~ /static/ {
+ alias /usr/share/cgit/;
+ expires 30d;
+ }
+
# Bypass the CGI to return static files stored on disk. Try first repo with
# a trailing '.git', then without.
- location ~* "^/((?U)[^/]+)(?:\.git)?/objects/([0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" {
+ location ~* "^/((?U)[^/]+)(?:\.git)?/objects/(?:[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" {
root /var/lib/gitolite/repositories;
try_files /$1.git/objects/$2 /$1/objects/$2 =404;
+ expires 30d;
+ # TODO honor git-daemon-export-ok
}
- # Disallow push over HTTP(S)
- location ~* ^/[^/]+/git-receive-pack$ {
- return 403;
- }
+ # disallow push over HTTP/HTTPS
+ location ~* "^/[^/]+/git-receive-pack$" { return 403; }
- location ~* ^/[^/]+/(:?HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$ {
- fastcgi_param PATH_INFO $uri;
- fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
- fastcgi_param GIT_HTTP_EXPORT_ALL 1;
- fastcgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories;
- include fastcgi/params;
- fastcgi_pass unix:/var/run/fcgiwrap.socket;
+ location ~* "^/[^/]+/(?:HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$" {
gzip off;
+ include uwsgi_params;
+ uwsgi_modifier1 9;
+ uwsgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories;
+ uwsgi_pass unix:/run/uwsgi/app/git-http-backend/socket;
}
- # Redirect to gitweb otherwise
- location ~ ^/([^/]+/?)?$ {
- return 302 $scheme://gitweb.fripost.org/$1;
+
+ # send all other URLs to cgit
+ location / {
+ gzip off;
+ include uwsgi_params;
+ uwsgi_modifier1 9;
+ uwsgi_pass unix:/run/uwsgi/app/cgit/socket;
}
}
@@ -49,30 +56,37 @@ server {
access_log /var/log/nginx/git.access.log;
error_log /var/log/nginx/git.error.log info;
+ location ^~ /static/ {
+ alias /usr/share/cgit/;
+ expires 30d;
+ }
+
# Bypass the CGI to return static files stored on disk. Try first repo with
# a trailing '.git', then without.
- location ~* "^/((?U)[^/]+)(?:\.git)?/objects/([0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" {
+ location ~* "^/((?U)[^/]+)(?:\.git)?/objects/(?:[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(?:pack|idx))$" {
root /var/lib/gitolite/repositories;
try_files /$1.git/objects/$2 /$1/objects/$2 =404;
+ expires 30d;
+ # TODO honor git-daemon-export-ok
}
- # Disallow push over HTTP(S)
- location ~* ^/[^/]+/git-receive-pack$ {
- return 403;
- }
+ # disallow push over HTTP/HTTPS
+ location ~* "^/[^/]+/git-receive-pack$" { return 403; }
- location ~* ^/[^/]+/(:?HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$ {
- fastcgi_param PATH_INFO $uri;
- fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
- fastcgi_param GIT_HTTP_EXPORT_ALL 1;
- fastcgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories;
- include fastcgi/params;
- fastcgi_pass unix:/var/run/fcgiwrap.socket;
+ location ~* "^/[^/]+/(?:HEAD|info/refs|objects/info/[^/]+|git-upload-pack)$" {
gzip off;
+ include uwsgi_params;
+ uwsgi_modifier1 9;
+ uwsgi_param GIT_PROJECT_ROOT /var/lib/gitolite/repositories;
+ uwsgi_pass unix:/run/uwsgi/app/git-http-backend/socket;
}
- # Redirect to gitweb otherwise
- location ~ ^/([^/]+/?)?$ {
- return 302 $scheme://gitweb.fripost.org/$1;
+
+ # send all other URLs to cgit
+ location / {
+ gzip off;
+ include uwsgi_params;
+ uwsgi_modifier1 9;
+ uwsgi_pass unix:/run/uwsgi/app/cgit/socket;
}
}
diff --git a/roles/git/files/etc/nginx/sites-available/gitweb b/roles/git/files/etc/nginx/sites-available/gitweb
deleted file mode 100644
index 3814145..0000000
--- a/roles/git/files/etc/nginx/sites-available/gitweb
+++ /dev/null
@@ -1,48 +0,0 @@
-server {
- listen 80;
- listen [::]:80;
-
- server_name gitweb.fripost.org;
-
- access_log /var/log/nginx/gitweb.access.log;
- error_log /var/log/nginx/gitweb.error.log info;
-
- location ^~ /static/ {
- alias /usr/share/gitweb/static/;
- }
-
- try_files $uri @fcgi;
- location @fcgi {
- root /var/lib/gitolite/repositories;
- include fastcgi/params;
- fastcgi_pass unix:/run/gitweb.socket;
- gzip off;
- }
-}
-
-
-server {
- listen 443;
- listen [::]:443;
-
- server_name gitweb.fripost.org;
-
- include ssl/config;
- ssl_certificate /etc/nginx/ssl/git.fripost.org.pem;
- ssl_certificate_key /etc/nginx/ssl/git.fripost.org.key;
-
- access_log /var/log/nginx/gitweb.access.log;
- error_log /var/log/nginx/gitweb.error.log info;
-
- location ^~ /static/ {
- alias /usr/share/gitweb/static/;
- }
-
- try_files $uri @fcgi;
- location @fcgi {
- root /var/lib/gitolite/repositories;
- include fastcgi/params;
- fastcgi_pass unix:/run/gitweb.socket;
- gzip off;
- }
-}