0

在运行 Nginx 的 Arch Linux 服务器上,我正确设置了 cgit。我想用一个基本的身份验证密码来保护 cgit,除了一个目录/pub/。如文档中所见,我考虑在上下文中添加身份验证,并在目录的上下文中server获取异常。我尝试了此链接以正确获取路径。location/pub/

这里是对应部分的nginx的配置文件。

server {
    listen       80;
    server_name  git.nicosphere.net;
    index cgit.cgi;
    gzip off;

    auth_basic "Restricted";
    auth_basic_user_file /srv/gitosis/.htpasswd;

    location / {
        root /usr/share/webapps/cgit/;
    }

    location ^~ /pub/  {
        auth_basic off;
    }

    if (!-f $request_filename) {
       rewrite ^/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=$1&$2 last;
    }

    location ~ \.cgi$ {
        gzip off;
        include fastcgi_params;
        fastcgi_pass    127.0.0.1:9001;
        fastcgi_index   cgit.cgi;
        fastcgi_param   SCRIPT_FILENAME /usr/share/webapps/cgit/cgit.cgi;
        fastcgi_param   DOCUMENT_ROOT /usr/share/webapps/cgit/;
    }
}

这要求我对任何 url 进行身份验证。对于一些更简单的测试,我尝试在没有身份验证的情况下离开 root,并且只/pub/进行身份验证。在这种情况下,它根本不要求输入密码。到目前为止,我设法保护了一切或什么都没有。

感谢您的帮助,并为我的近似英语道歉。

4

1 回答 1

1

我想你想要这样的东西:

server {
    listen       80;
    server_name  git.nicosphere.net;
    index cgit.cgi;
    gzip off;

    root /usr/share/webapps/cgit;

    # $document_root is now set properly, and you don't need to override it
    include fastcgi_params;
    fastcgi_param   SCRIPT_FILENAME $document_root/cgit.cgi;

    location / {
        try_files $uri @cgit;
    }

    # Require auth for requests sent to cgit that originated in location /    
    location @cgit {
        auth_basic "Restricted";
        auth_basic_user_file /srv/gitosis/.htpasswd;

        gzip off;
        # rewrites in nginx don't match the query string
        rewrite ^/([^/]+/.*)?$ /cgit.cgi?url=$1 break;
        fastcgi_pass    127.0.0.1:9001;
    }

    location ^~ /pub/  {
        gzip off;
        rewrite ^/([^/]+/.*)?$ /cgit.cgi?url=$1 break;
        fastcgi_pass    127.0.0.1:9001;
    }
}
于 2012-05-08T13:10:50.430 回答