Git 倉庫 SSH、HTTP、Gitweb (Nginx) 亂燉

簡介:

自己搭建 Git 倉庫，實現 SSH 協議、配合 Nginx 實現 HTTP 協議拉取、推送代碼。

利用 Nginx 實現 Gitweb 在線瀏覽代碼，使用 Gitweb-theme 更新默認 Gitweb 樣式。

一、安裝 Git

shell > yum -y install git

shell > git --version  # yum 安裝的 git 版本比較低，所以我選擇源碼編譯的方式安裝
git version 1.7.1

shell > yum -y remove git

shell > yum -y install perl cpio autoconf tk zlib-devel libcurl-devel openssl-devel expat-devel gettext-devel perl-ExtUtils-MakeMaker

shell > cd /usr/local/src; wget https://www.kernel.org/pub/software/scm/git/git-2.10.0.tar.gz

shell > tar zxf git-2.10.0.tar.gz && cd git-2.10.0

shell > autoconf && ./configure && make && make install

shell > git --version
git version 2.10.0

二、Git SSH 協議

1、創建 Git 倉庫

shell > mkdir -p /data/git && cd /data/git

shell > git init --bare sample.git

2、客戶端 clone 倉庫

shell > git config --global color.ui true
shell > git config --global user.name 'wang'
shell > git config --global user.email 'wangxiaoqiang@bftv.com'

# 初始化 git 客戶端

shell > git clone root@192.168.1.22:/data/git/sample.git  # 輸入 1.22 的 root 密碼  
root@192.168.1.22's password: 

shell > cd sample
shell > cp /etc/passwd .
shell > git add passwd
shell > git commit -m 'add passwd'
shell > git push -u origin master

shell > git status
# On branch master
nothing to commit (working directory clean)

# 已經將新增的文件 passwd 提交到了遠程 git 倉庫的 master 分支

shell > rm -rf sample
shell > git clone root@192.168.1.22:/data/git/sample.git
root@192.168.1.22's password: 

shell > ls sample
passwd

# 這就實現了 SSH 本地用戶授權訪問 git 倉庫
# 如果 SSH 非標准端口時，需要這樣訪問：git clone ssh://root@192.168.1.22:16543/data/git/sample.git
# 現在你想把 git 倉庫 sample.git 授權別人訪問，怎么辦？
# 首先你得給每個人創建用戶，他們才能 clone 代碼，但是不能寫入。
# 其次你要把這些用戶加入到一個組，然后把 sample.git 屬組改為這個組，並且給這個組寫入權限。
# 或者創建一個公共用戶，修改 git 倉庫 sample.git 屬主為這個公共用戶，然后大家都使用這個用戶訪問代碼庫。

三、Git HTTP 協議

1、創建、配置 Git 倉庫

shell > useradd -r -s /sbin/nologin www-data  # 創建運行用戶

shell > mkdir -p /data/git && chown www-data.www-data /data/git && cd /data/git

shell > git init --bare sample.git && chown -R www-data.www-data sample.git

shell > cd sample.git && mv hooks/post-update.sample hooks/post-update

shell > git update-server-info

2、安裝、配置 Nginx ( 使其支持 CGI )

shell > cd /usr/local/src
shell > git clone https://github.com/lighttpd/spawn-fcgi.git
shell > cd spawn-fcgi && ./autogen.sh && ./configure && make && make install

shell > yum -y install fcgi-devel

shell > cd /usr/local/src
shell > git clone https://github.com/gnosek/fcgiwrap.git
shell > cd fcgiwrap && autoreconf -i && ./configure && make && make install

shell > vim /etc/init.d/fcgiwrap  # 配置啟動腳本

#! /bin/bash
### BEGIN INIT INFO
# Provides:          fcgiwrap
# Required-Start:    $remote_fs
# Required-Stop:     $remote_fs
# Should-Start:
# Should-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: FastCGI wrapper
# Description:       Simple server for running CGI applications over FastCGI
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
SPAWN_FCGI="/usr/local/bin/spawn-fcgi"
DAEMON="/usr/local/sbin/fcgiwrap"
NAME="fcgiwrap"

PIDFILE="/var/run/$NAME.pid"

FCGI_SOCKET="/var/run/$NAME.socket"
FCGI_USER="www-data"
FCGI_GROUP="www-data"
FORK_NUM=5
SCRIPTNAME=/etc/init.d/$NAME

case "$1" in
    start)
        echo -n "Starting $NAME... "

        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            echo " $NAME already running"
            exit 1
        fi

        $SPAWN_FCGI -u $FCGI_USER -g $FCGI_GROUP -s $FCGI_SOCKET -P $PIDFILE -F $FORK_NUM -f $DAEMON

        if [ "$?" != 0 ]; then
            echo " failed"
            exit 1
        else
            echo " done"
        fi
    ;;

    stop)
        echo -n "Stoping $NAME... "

        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            kill `pidof $NAME`
            if [ "$?" != 0 ]; then
                echo " failed. re-quit"
                exit 1
            else
                rm -f $pid
                echo " done"
            fi
        else
            echo "$NAME is not running."
            exit 1
        fi
    ;;

    status)
        PID=`pidof $NAME`
        if [ ! -z "$PID" ]; then
            echo "$NAME (pid $PID) is running..."
        else
            echo "$NAME is stopped"
            exit 0
        fi
    ;;

    restart)
        $SCRIPTNAME stop
        sleep 1
        $SCRIPTNAME start
    ;;

    *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|status}"
        exit 1
    ;;
esac

# 注意 spawn-fcgi 跟 fcgiwrap 腳本路徑及 FCGI_GROUP 跟 FCGI_GROUP
# 腳本啟動了 5 個 cgi 進程，按需調整

shell > chmod a+x /etc/init.d/fcgiwrap

shell > chkconfig --level 35 fcgiwrap on

shell > /etc/init.d/fcgiwrap start

shell > sh auto.sh install nginx  # 安裝 nginx

#!/bin/bash

install_nginx(){
  yum -y install gcc gcc-c++ wget make pcre-devel zlib-devel openssl-devel

  id www-data > /dev/null 2>&1 || useradd -r -s /sbin/nologin www-data

  cd /usr/local/src; wget -qc http://nginx.org/download/nginx-1.10.2.tar.gz || exit 9

  tar zxf nginx-1.10.2.tar.gz; cd nginx-1.10.2
  ./configure --prefix=/usr/local/nginx-1.10.2 \
              --with-http_dav_module \
              --with-http_ssl_module \
              --with-http_realip_module \
              --with-http_gzip_static_module \
              --with-http_stub_status_module \
              --with-http_degradation_module && make && make install
  mkdir /usr/local/nginx-1.10.2/conf/vhost; mkdir -p /data/logs/nginx
  echo "/usr/local/nginx-1.10.2/sbin/nginx" >> /etc/rc.local
}

[ $# -lt 2 ] && exit 9

if [ $1 == 'install' ];then
  case $2 in
    nginx)
      install_nginx ;;
    *)
      echo 'NULL' ;;
  esac
fi

# --with-http_dav_module  不添加該模塊無法 git push，請查找 Nginx WebDAV 模塊

shell > vim /usr/local/nginx-1.10.2/conf/vhost/git.server.conf

server {
    listen      80;
    server_name git.server.com;

    client_max_body_size 100m;

    auth_basic "Git User Authentication";
    auth_basic_user_file /usr/local/nginx-1.10.2/conf/pass.db;

    location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
        root /data/git;
    }    
    
    location ~ /.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
        root          /data/git;
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_connect_timeout 24h;
        fastcgi_read_timeout 24h;
        fastcgi_send_timeout 24h;
        fastcgi_param SCRIPT_FILENAME   /usr/local/libexec/git-core/git-http-backend;
        fastcgi_param PATH_INFO         $uri;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT  /data/git;
        fastcgi_param REMOTE_USER $remote_user;
        include fastcgi_params;
    }
}

# 自己按需修改 nginx.conf，user www-data www-data; 不要忘記加入 include vhost/*.conf;
# 注意 認證文件 pass.db 路徑
# 注意 git-http-backend 路徑
# 第一個 location 用於靜態文件直接讀取
# 第二個 location 用於將指定動作轉給 cgi 執行
# 根目錄指向 git 倉庫目錄

shell > /usr/local/nginx-1.10.2/sbin/nginx

shell > yum -y install httpd-tools  # 安裝 htpasswd 命令

shell > cd /usr/local/nginx-1.10.2/conf

shell > htpasswd -c pass.db wang  # 添加用戶時執行 htpasswd pass.db username

3、客戶端 clone

shell > git config --global color.ui true
shell > git config --global user.name 'wnag'
shell > git config --global user.email 'wangxiaoqiang@bftv.com'

# 初始化 git 客戶端

shell > git clone http://git.server.com/sample.git  # 輸入用戶名、密碼即可
正克隆到 'sample'...
Username for 'http://git.server.com': wang
Password for 'http://wang@git.server.com': 
warning: 您似乎克隆了一個空倉庫。

shell > cd sample.git
shell > cp /etc/passwd .
shell > git add passwd
shell > git commit -m 'add passwd'
shell > git push
Username for 'http://git.server.com': wang
Password for 'http://wang@git.server.com': 
對象計數中: 3, 完成.
Delta compression using up to 24 threads.
壓縮對象中: 100% (2/2), 完成.
寫入對象中: 100% (3/3), 826 bytes | 0 bytes/s, 完成.
Total 3 (delta 0), reused 0 (delta 0)
To http://git.server.com/sample.git
 * [new branch]      master -> master

# htpasswd 創建新用戶，就可以協作了。

四、Gitweb 在線代碼預覽

# 按照我的方法安裝 Git ，Gitweb 已經集成了，我們要做的就是找到並配置 Gitweb 。

shell > /usr/local/share/gitweb  # Gitweb 路徑

shell > ls /usr/local/share/gitweb  # gitweb.cgi 腳本、static 這是個目錄，里面是靜態文件 css 、js 、logo 等
gitweb.cgi  static

shell > vim /etc/gitweb.conf  # 生成配置文件

# path to git projects (<project>.git)
$projectroot = "/data/git";

# directory to use for temp files
$git_temp = "/tmp";

# target of the home link on top of all pages
$home_link = $my_uri || "/";

# html text to include at home page
$home_text = "indextext.html";

# file with project list; by default, simply scan the projectroot dir.
$projects_list = $projectroot;

# javascript code for gitweb
$javascript = "static/gitweb.js";

# stylesheet to use
$stylesheet = "static/gitweb.css";

# logo to use
$logo = "static/git-logo.png";

# the 'favicon'
$favicon = "static/git-favicon.png";

# 注意 Git 倉庫路徑、靜態文件路徑

shell > /usr/local/share/gitweb/gitweb.cgi  # 手動執行開是否報錯，Status: 200 OK 正常，以下為報錯及解決方法
Status: 200 OK
Content-Type: text/html; charset=utf-8
.....

報錯 1：

Can't locate CPAN.pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendorperl /usr/share/perl5/vendorperl /usr/lib/perl5 /usr/share/perl5 .) BEGIN failed--compilation aborted.

解決方法:

shell > yum -y install perl-CPAN

報錯 2:

Can't locate CGI.pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendorperl /usr/share/perl5/vendorperl /usr/lib/perl5 /usr/share/perl5 .) BEGIN failed--compilation aborted.

解決方法:

shell > yum -y install perl-CGI

報錯 3:

Can't locate Time/HiRes.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/share/gitweb/gitweb.cgi line 20.

解決方法:

shell > yum -y install perl-Time-HiRes

shell > vim /usr/local/nginx-1.10.2/conf/vhost/git.server.conf  # 添加 Gitweb 配置

server {
    listen      80;
    server_name git.server.com;
    root        /usr/local/share/gitweb;

    client_max_body_size 100m;

    auth_basic "Git User Authentication";
    auth_basic_user_file /usr/local/nginx-1.10.2/conf/pass.db;

    location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx))$ {
        root /data/git;
    }

    location ~ /.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
        root          /data/git;
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_connect_timeout 24h;
        fastcgi_read_timeout 24h;
        fastcgi_send_timeout 24h;
        fastcgi_param SCRIPT_FILENAME     /usr/local/libexec/git-core/git-http-backend;
        fastcgi_param PATH_INFO           $uri;
        fastcgi_param GIT_HTTP_EXPORT_ALL "";
        fastcgi_param GIT_PROJECT_ROOT    /data/git;
        fastcgi_param REMOTE_USER $remote_user;
        include fastcgi_params;
    }

    try_files $uri @gitweb;

    location @gitweb {
        fastcgi_pass  unix:/var/run/fcgiwrap.socket;
        fastcgi_param GITWEB_CONFIG    /etc/gitweb.conf;
        fastcgi_param SCRIPT_FILENAME  /usr/local/share/gitweb/gitweb.cgi;
        fastcgi_param PATH_INFO        $uri;
        include fastcgi_params;
    }
}

# 全局中指定了 gitweb 根目錄，最后配置區域加入了 gitweb 的相關配置。
# 現在瀏覽器訪問 git.server.com 就可以預覽 Git 代碼庫及其中的代碼了。

五、Gitweb-theme 樣式

# 如果覺得 gitweb 默認樣式不好看，可以拿該樣式替換

shell > cd /usr/local/src
shell > git clone https://github.com/kogakure/gitweb-theme.git
shell > cd gitweb-theme
shell > ./setup -vi -t /usr/local/share/gitweb --install  # -t 指定 gitweb 根目錄，一路 y 即可

# 這時刷新瀏覽器，就會發現界面的變化

2016-12-14 git push 報錯：

error: RPC failed; HTTP 413 curl 22 The requested URL returned error: 413 Request Entity Too Large
fatal: The remote end hung up unexpectedly
fatal: The remote end hung up unexpectedly

解決方法：

shell > vim /usr/local/nginx-1.10.2/conf/vhost/git.server.conf  # 或者 nginx.conf 也可以

client_max_body_size 100m;