mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
0a3aa40f20
This was completely bugged out. This commit fixes git, provides
two separate cgit servers for the different URL bases and also
supplies a smartgit service for $AURWEB_URL/repo.git interaction.
Docker image needs to be rebuilt with this change:
$ docker build -t aurweb:latest .
Signed-off-by: Kevin Morris <kevr@0cost.org>
153 lines
4.5 KiB
Bash
Executable file
153 lines
4.5 KiB
Bash
Executable file
#!/bin/bash
|
|
set -eou pipefail
|
|
|
|
# Setup a config for our mysql db.
|
|
cp -vf conf/config.dev conf/config
|
|
sed -i "s;YOUR_AUR_ROOT;$(pwd);g" conf/config
|
|
sed -ri 's/^(host) = .+/\1 = mariadb/' conf/config
|
|
sed -ri 's/^(user) = .+/\1 = aur/' conf/config
|
|
sed -ri 's/^;?(password) = .+/\1 = aur/' conf/config
|
|
|
|
# Setup http(s) stuff.
|
|
sed -ri "s|^(aur_location) = .+|\1 = https://localhost:8444|" conf/config
|
|
sed -ri 's/^(disable_http_login) = .+/\1 = 1/' conf/config
|
|
|
|
cp -vf /cache/localhost.cert.pem /etc/ssl/certs/localhost.cert.pem
|
|
cp -vf /cache/localhost.key.pem /etc/ssl/private/localhost.key.pem
|
|
|
|
cat > /etc/nginx/nginx.conf << EOF
|
|
daemon off;
|
|
user root;
|
|
worker_processes auto;
|
|
pid /var/run/nginx.pid;
|
|
include /etc/nginx/modules-enabled/*.conf;
|
|
|
|
events {
|
|
worker_connections 256;
|
|
}
|
|
|
|
http {
|
|
sendfile on;
|
|
tcp_nopush on;
|
|
types_hash_max_size 4096;
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
access_log /var/log/nginx/access.log;
|
|
error_log /var/log/nginx/error.log;
|
|
|
|
gzip on;
|
|
|
|
upstream hypercorn {
|
|
server fastapi:8000;
|
|
}
|
|
|
|
upstream cgit-php {
|
|
server cgit-php:3000;
|
|
}
|
|
|
|
upstream cgit-fastapi {
|
|
server cgit-fastapi:3000;
|
|
}
|
|
|
|
upstream smartgit {
|
|
server unix:/var/run/smartgit/smartgit.sock;
|
|
}
|
|
|
|
server {
|
|
listen 8443 ssl http2;
|
|
server_name localhost default_server;
|
|
|
|
ssl_certificate /etc/ssl/certs/localhost.cert.pem;
|
|
ssl_certificate_key /etc/ssl/private/localhost.key.pem;
|
|
|
|
root /aurweb/web/html;
|
|
index index.php;
|
|
|
|
location ~ "^/([a-z0-9][a-z0-9.+_-]*?)(\.git)?/(git-(receive|upload)-pack|HEAD|info/refs|objects/(info/(http-)?alternates|packs)|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))$" {
|
|
include uwsgi_params;
|
|
uwsgi_pass smartgit;
|
|
uwsgi_modifier1 9;
|
|
uwsgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
|
|
uwsgi_param PATH_INFO /aur.git/\$3;
|
|
uwsgi_param GIT_HTTP_EXPORT_ALL "";
|
|
uwsgi_param GIT_NAMESPACE \$1;
|
|
uwsgi_param GIT_PROJECT_ROOT /aurweb;
|
|
}
|
|
|
|
location ~ ^/cgit {
|
|
include uwsgi_params;
|
|
rewrite ^/cgit/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=\$1&\$2 last;
|
|
uwsgi_modifier1 9;
|
|
uwsgi_param CGIT_CONFIG /etc/cgitrc;
|
|
uwsgi_pass uwsgi://cgit-php;
|
|
}
|
|
|
|
location ~ ^/[^/]+\.php($|/) {
|
|
fastcgi_pass php-fpm:9000;
|
|
fastcgi_index index.php;
|
|
fastcgi_split_path_info ^(/[^/]+\.php)(/.*)\$;
|
|
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
|
|
fastcgi_param PATH_INFO \$fastcgi_path_info;
|
|
include fastcgi_params;
|
|
}
|
|
|
|
location ~ .* {
|
|
rewrite ^/(.*)$ /index.php/\$1 last;
|
|
}
|
|
|
|
}
|
|
|
|
server {
|
|
listen 8444 ssl http2;
|
|
server_name localhost default_server;
|
|
|
|
ssl_certificate /etc/ssl/certs/localhost.cert.pem;
|
|
ssl_certificate_key /etc/ssl/private/localhost.key.pem;
|
|
|
|
root /aurweb/web/html;
|
|
|
|
location / {
|
|
try_files \$uri @proxy_to_app;
|
|
}
|
|
|
|
location ~ "^/([a-z0-9][a-z0-9.+_-]*?)(\.git)?/(git-(receive|upload)-pack|HEAD|info/refs|objects/(info/(http-)?alternates|packs)|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))$" {
|
|
include uwsgi_params;
|
|
uwsgi_pass smartgit;
|
|
uwsgi_modifier1 9;
|
|
uwsgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
|
|
uwsgi_param PATH_INFO /aur.git/\$3;
|
|
uwsgi_param GIT_HTTP_EXPORT_ALL "";
|
|
uwsgi_param GIT_NAMESPACE \$1;
|
|
uwsgi_param GIT_PROJECT_ROOT /aurweb;
|
|
}
|
|
|
|
location ~ ^/cgit {
|
|
include uwsgi_params;
|
|
rewrite ^/cgit/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=\$1&\$2 last;
|
|
uwsgi_modifier1 9;
|
|
uwsgi_param CGIT_CONFIG /etc/cgitrc;
|
|
uwsgi_pass uwsgi://cgit-fastapi;
|
|
}
|
|
|
|
location @proxy_to_app {
|
|
proxy_set_header Host \$http_host;
|
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
proxy_pass https://hypercorn;
|
|
}
|
|
}
|
|
|
|
map \$http_upgrade \$connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
}
|
|
EOF
|
|
|
|
exec "$@"
|