-
nginx 配置git server http clone服务,并通过反向代理访问
要做一个通过踏板机的ip进行git代码的上传与下载,所以思路不是踏板机上安装nginx反向代理,并且linux服务器也需要提供http方式的访问git,ssh方向不知道怎么进行反向代理。linux服务器也需要使用nginx进行http的设置,使用httpd设置的不好使。
一在服务器上安装git
安装git及相关依赖
yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel perl-devel yum install git- 1
- 2
- 3
创建用户git
adduser git #添加用户git passwd git #更改git的密码- 1
- 2
- 3
为安全考虑需要禁止该用户shell登陆
vi /etc/passwd #找到git的行,将/bin/bash更换为/usr/bin/git-shell #git:x:1000:1000::/home/git:/bin/bash git:x:1000:1000::/home/git:/usr/bin/git-shell #查找git-shell目录 [root@localhost bin]# find / -name git-shell /usr/bin/git-shell /usr/libexec/git-core/git-shell- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
用户证书登录
cd /home/git/ mkdir .ssh chmod 755 .ssh touch .ssh/authorized_keys chmod 644 .ssh/authorized_keys- 1
- 2
- 3
- 4
- 5
- 6
然后将所有登陆用户的公钥保存在 authorized_keys 中。
就是通过ssh_gen 生成自己的密钥COPY到authorized_keys 中一行一个。初始化仓库 /home/git/test.git
cd /home/git git init --bare test.git #初始化仓库 chown -R git:git test.git #更改所属用户- 1
- 2
- 3
- 4
Client端获取仓库
git clone git@ip地址:/home/git/test.git- 1
- 2
至此可以通过ssh的方式下载代码库了。
HTTP方式设置
一、配置 EPEL源
sudo yum install -y epel-release sudo yum -y update- 1
- 2
二、安装Nginx
sudo yum install -y nginx- 1
安装成功后,默认的网站目录为: /usr/share/nginx/html
默认的配置文件为:/etc/nginx/nginx.conf
自定义配置文件目录为: /etc/nginx/conf.d/
三、开启端口80和443
如果你的服务器打开了防火墙,你需要运行下面的命令,打开80和443端口。
sudo firewall-cmd --permanent --zone=public --add-service=http sudo firewall-cmd --permanent --zone=public --add-service=https sudo firewall-cmd --reload- 1
- 2
- 3
四、安装fcgiwrap
git clone https://github.com/gnosek/fcgiwrap.git yum install fcgi-devel autoconf automake libtool cd fcgiwrap && autoreconf -i && ./configure && make && make install vim /etc/init.d/fcgiwrap #! /bin/sh # chkconfig: 2345 55 25 DESC="fcgiwrap daemon" DEAMON=/usr/bin/spawn-fcgi PIDFILE=/var/run/spawn-fcgi.pid FCGI_SOCKET=/var/run/fcgiwrap.socket FCGI_PROGRAM=/usr/local/sbin/fcgiwrap FCGI_USER=git FCGI_GROUP=git FCGI_EXTRA_OPTIONS="-M 0770" OPTIONS="-u $FCGI_USER -g $FCGI_GROUP -s $FCGI_SOCKET -S $FCGI_EXTRA_OPTIONS -F 1 -P $PIDFILE -- $FCGI_PROGRAM" do_start() { $DEAMON $OPTIONS || echo -n "$DESC already running" } do_stop() { kill -INT `cat $PIDFILE` || echo -n "$DESC not running" } case "$1" in start) echo -n "Starting $DESC: $NAME" do_start echo "." ;; stop) echo -n "Stopping $DESC: $NAME" do_stop echo "." ;; restart) echo -n "Restarting $DESC: $NAME" do_stop do_start echo "." ;; *) echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2 exit 3 ;; esac exit 0 chmod +x /etc/init.d/fcgiwrap chkconfig fcgiwrap on- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
添加 git server 的 nginx 配置
vim /etc/nginx/nginx.conf- 1
# For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user root; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; server { listen 80; listen [::]:80; server_name localhost; access_log /var/log/nginx/dev.access.log; error_log /var/log/nginx/dev.error.log; #root /usr/share/nginx/html; location /{ root /home/git/; } auth_basic "git"; auth_basic_user_file /usr/local/nginx/conf/pass.db; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } location ~ /git(/.*) { gzip off; root /usr/lib/git-core; fastcgi_pass unix:/var/run/fcgiwrap.socket; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend; fastcgi_param DOCUMENT_ROOT /usr/libexec/git-core/; fastcgi_param SCRIPT_NAME git-http-backend; fastcgi_param GIT_HTTP_EXPORT_ALL ""; fastcgi_param GIT_PROJECT_ROOT /home/git/; fastcgi_param PATH_INFO $1; #fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; } } # Settings for a TLS enabled server. # # server { # listen 443 ssl http2; # listen [::]:443 ssl http2; # server_name _; # root /usr/share/nginx/html; # # ssl_certificate "/etc/pki/nginx/server.crt"; # ssl_certificate_key "/etc/pki/nginx/private/server.key"; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 10m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # # error_page 404 /404.html; # location = /40x.html { # } # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } # } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
systemctl start nginx systemctl status nginx.service- 1
- 2
五,安装spawn-fcgi
yum install spawn-fcgi /etc/init.d/fcgiwrap start- 1
- 2
六、receivepack
cd /home/git/test.git/ git config http.receivepack true vim /etc/selinux/config selinux=disabled #重启系统 reboot- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
七,设置密码
yum -y install httpd-tools mkdir /usr/local/nginx/conf/ cd /usr/local/nginx/conf/ htpasswd -c pass.db git #输入密码- 1
- 2
- 3
- 4
- 5
- 6
- 7
八,设置iptables
iptables -P INPUT ACCEPT iptables -F service iptables save iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -I INPUT -s 127.0.0.1 -j ACCEPT iptables -P INPUT DROP service iptables save- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
九,下载代码
在安装有nginx的windows踏板机上下载代码
git clone http://localhost/git/test.git- 1
以上方式在阿里云和虚拟机上都测试通过。
十,windows nginx配置
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream github { server linux_server_ip;#要连接的代码服务器地址 keepalive 16; } server { listen 80; server_name localhost; charset utf-8; #access_log logs/host.access.log main; #location / { # root html; # index index.html index.htm; # } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } location /{ client_max_body_size 1024m; proxy_set_header Host linux_server_ip;#要连接的代码服务器地址 #proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_hide_header Strict-Transport-Security; proxy_pass http://github; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
-
相关阅读:
移动Web:Less 预处理及Koala工具
2 蓝桥杯打题记录
以php为后端,vue为前端的租房微信小程序
Drupal view实现排序:未来升序,过去降序
Windows家庭版开启远程桌面的方法
j2catche缓存整合框架
Linux的进程调度实现
YoloV8改进策略:FastVit与YoloV8完美融合,重参数重构YoloV8网络(全网首发)
企业选型OA系统 ,如何选择合适的?
微信小程序开发知识点
- 原文地址:https://blog.csdn.net/yang1994/article/details/128066840
