我在 Ubuntu 14.04 上有一个功能正常的设置,通过 apt 安装了 Lighttpd 1.4.33,它传递给 git-http-backend 用于 git http pull/push。这是通过 ldap 进行身份验证的。对 ldap 组查找的新要求意味着我需要更新 lighttpd 以支持它。
由于 lighttpd 在 trusty/universe 上只能达到 1.4.33,因此旧版本被删除,因此下载了 Lighttpd 1.4.51 的副本并从源代码中遵守:
./configure --with-openssl --with-openssl-libs=/usr/bin/openssl --with-ldap
在设置了几个缓存文件夹并设置权限后,lighttpd 启动并似乎正在处理请求。当从客户端执行 git 拉取时,日志显示请求将其发送到 git-http-backend 但是在进行身份验证后,客户端会在 git pull 上看到:
fatal: repository 'https://git.company.co.uk/repos/project_portal.git/' not found
git 存储库所在的文件夹的权限看起来正确,并且 lighttpd 以与工作设置中的同一用户身份运行。
我的猜测是lighttpd.conf中的setenv.add-environment配置项没有被git-http-backend传递/拾取,所以它不知道物理文件在哪里。
我也尝试编译不同的版本 lighttpd,但是它们都有相同的问题,可能我缺少编译选项。
相关部分来自下面的 lighttpd.conf
。server.modules = (
"mod_auth",
"mod_access",
"mod_accesslog",
"mod_alias",
"mod_compress",
"mod_redirect",
"mod_rewrite",
"mod_webdav",
"mod_fastcgi",
"mod_cgi",
"mod_setenv",
"mod_proxy",
"mod_authn_ldap",
"mod_openssl"
)
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
debug.log-request-handling = "enable"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/git.company.co.uk.pem"
ssl.ca-file = "/etc/lighttpd/ssl/xxxIntermediateCertificate.crt"
$HTTP["host"] == "git.company.co.uk" {
ssl.pemfile = "/etc/lighttpd/ssl/git.company.co.uk.pem"
alias.url = ( "/repos" => "/usr/lib/git-core/git-http-backend" )
$HTTP["url"] =~ "^/repos" {
cgi.assign = ("" => "")
setenv.add-environment = (
"GIT_PROJECT_ROOT" => "/var/www/repositories",
"GIT_HTTP_EXPORT_ALL" => ""
)
auth.require = ( "" => (
"method" => "basic",
"realm" => "repos",
"require" => "valid-user"
))
auth.backend = "ldap"
auth.backend.ldap.hostname = "172.xxx"
auth.backend.ldap.base-dn = "OU=ITS,xxx"
auth.backend.ldap.filter = "(CN=$)"
auth.backend.ldap.bind-dn = "CN=xxx"
auth.backend.ldap.bind-pw = "xxx"
auth.backend.ldap.allow-empty-pw = "disable"
}
}
}
光特普德 -V
lighttpd/1.4.51 (ssl) - a light and fast webserver
Event Handlers:
+ select (generic)
+ poll (Unix)
+ epoll (Linux)
- /dev/poll (Solaris)
- eventports (Solaris)
- kqueue (FreeBSD)
- libev (generic)
Network handler:
+ linux-sendfile
- freebsd-sendfile
- darwin-sendfile
- solaris-sendfilev
+ writev
+ write
- mmap support
Features:
+ IPv6 support
+ zlib support
+ bzip2 support
+ crypt support
+ SSL support
+ PCRE support
- MySQL support
- PgSQL support
- DBI support
- Kerberos support
+ LDAP support
- PAM support
- memcached support
- FAM support
- LUA support
- xml support
- SQLite support
- GDBM support
错误.log
2018-10-22 07:21:55: (response.c.422) -- splitting Request-URI
2018-10-22 07:21:55: (response.c.423) Request-URI : /repos/project_portal.git/info/refs?service=git- upload-pack
2018-10-22 07:21:55: (response.c.424) URI-scheme : https
2018-10-22 07:21:55: (response.c.425) URI-authority : git.company.co.uk
2018-10-22 07:21:55: (response.c.426) URI-path (raw) : /repos/project_portal.git/info/refs
2018-10-22 07:21:55: (response.c.427) URI-path (clean): /repos/project_portal.git/info/refs
2018-10-22 07:21:55: (response.c.428) URI-query : service=git-upload-pack
2018-10-22 07:21:55: (mod_access.c.156) -- mod_access_uri_handler called
2018-10-22 07:21:55: (response.c.573) -- before doc_root
2018-10-22 07:21:55: (response.c.574) Doc-Root : /var/www
2018-10-22 07:21:55: (response.c.575) Rel-Path : /repos/project_portal.git/info/refs
2018-10-22 07:21:55: (response.c.576) Path :
2018-10-22 07:21:55: (response.c.628) -- after doc_root
2018-10-22 07:21:55: (response.c.629) Doc-Root : /var/www
2018-10-22 07:21:55: (response.c.630) Rel-Path : /repos/project_portal.git/info/refs
2018-10-22 07:21:55: (response.c.631) Path : /var/www/repos/project_portal.git/info/refs
2018-10-22 07:21:55: (response.c.655) -- logical -> physical
2018-10-22 07:21:55: (response.c.656) Doc-Root : /var/www
2018-10-22 07:21:55: (response.c.657) Basedir : /usr/lib/git-core/git-http-backend
2018-10-22 07:21:55: (response.c.658) Rel-Path : /repos/project_portal.git/info/refs
2018-10-22 07:21:55: (response.c.659) Path : /usr/lib/git-core/git-http-backend/project_portal.gi t/info/refs
2018-10-22 07:21:55: (response.c.671) -- handling physical path
2018-10-22 07:21:55: (response.c.672) Path : /usr/lib/git-core/git-http-backend/project_portal.gi t/info/refs
2018-10-22 07:21:55: (response.c.679) -- handling subrequest
2018-10-22 07:21:55: (response.c.680) Path : /usr/lib/git-core/git-http-backend
2018-10-22 07:21:55: (response.c.681) URI : /repos
2018-10-22 07:21:55: (response.c.682) Pathinfo : /project_portal.git/info/refs
2018-10-22 07:21:55: (mod_access.c.156) -- mod_access_uri_handler called
2018-10-22 07:21:55: (mod_compress.c.854) -- handling file as static file
欢迎任何建议,谢谢。
检查/var/log/lighttpd/error.log 中的 lighttpd 错误日志。
检查服务器上 git-http-backend 的路径。 它可能是/usr/lib/git-core/git-http-backend,也可能是/usr/libexec/git-core/git-http-backend。
尝试为"GIT_HTTP_EXPORT_ALL"=>"1"设置值,否则 git 不会导出存储库。 如果您查看 lighttpd 损坏日志(CGI 输出((如果已配置(,或者如果您在前台启动 lighttpd (-D( 并查看来自 git-http-后端的跟踪,则可以看到这一点。