schnell18/gitolite_cgit_ldap_nginx_integration.txt

## gitolite_cgit_ldap_nginx_integration.txt
ldap_server auth1 {
    url "ldap://vmcentos64:389/ou=Users,ou=Accounts,dc=acme,dc=com?cn?sub?(objectClass=*)";
    binddn "cn=manager,dc=acme,dc=com";
    binddn_passwd password;
    group_attribute cn;
    group_attribute_is_dn on;
    require valid_user;
}

#
# The git server
#
server {
    listen       80;
    server_name  git.home.net;

    #auth_basic "Git Repository Authentication";
    #auth_basic_user_file /opt/git/htpasswd;

    auth_ldap "Git Repository Authentication";
    auth_ldap_servers auth1;

    access_log  /var/log/nginx/git.access.log  main;

    rewrite ^/$ /cgit;

    location / {
        root   /var/www;
        index  index.html index.htm;
    }

    location /cgit-css {
        root   /var/www;
        index  index.html index.htm;
    }

    location /cgit {
        fastcgi_split_path_info ^(/cgit\.cgi)(.*)$;
        fastcgi_param SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param QUERY_STRING $query_string;
        #fastcgi_pass unix:/var/run/fcgiwrap.sock;
        fastcgi_pass 127.0.0.1:8999;
    }

    # enable git smart http transport via gitolite
    location /git {
        gzip off;

        include	fastcgi_params;
        fastcgi_split_path_info ^(/git)(.*)$;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param REMOTE_USER $remote_user;
        fastcgi_param GIT_PROJECT_ROOT /opt/repositories;
        fastcgi_param GITOLITE_HTTP_HOME /home/git;
        fastcgi_param SCRIPT_FILENAME /opt/git/bin/gitolite-shell;
        fastcgi_param QUERY_STRING $query_string;
        #fastcgi_pass unix:/var/run/fcgiwrap.sock;
        fastcgi_pass 127.0.0.1:8999;
    }

    error_page  404              /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}
	ldap_server auth1 {
	url "ldap://vmcentos64:389/ou=Users,ou=Accounts,dc=acme,dc=com?cn?sub?(objectClass=*)";
	binddn "cn=manager,dc=acme,dc=com";
	binddn_passwd password;
	group_attribute cn;
	group_attribute_is_dn on;
	require valid_user;
	}

	#
	# The git server
	#
	server {
	listen 80;
	server_name git.home.net;

	#auth_basic "Git Repository Authentication";
	#auth_basic_user_file /opt/git/htpasswd;

	auth_ldap "Git Repository Authentication";
	auth_ldap_servers auth1;

	access_log /var/log/nginx/git.access.log main;

	rewrite ^/$ /cgit;

	location / {
	root /var/www;
	index index.html index.htm;
	}

	location /cgit-css {
	root /var/www;
	index index.html index.htm;
	}

	location /cgit {
	fastcgi_split_path_info ^(/cgit\.cgi)(.*)$;
	fastcgi_param SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
	fastcgi_param PATH_INFO $fastcgi_path_info;
	fastcgi_param QUERY_STRING $query_string;
	#fastcgi_pass unix:/var/run/fcgiwrap.sock;
	fastcgi_pass 127.0.0.1:8999;
	}

	# enable git smart http transport via gitolite
	location /git {
	gzip off;

	include fastcgi_params;
	fastcgi_split_path_info ^(/git)(.*)$;
	fastcgi_param PATH_INFO $fastcgi_path_info;
	fastcgi_param REMOTE_USER $remote_user;
	fastcgi_param GIT_PROJECT_ROOT /opt/repositories;
	fastcgi_param GITOLITE_HTTP_HOME /home/git;
	fastcgi_param SCRIPT_FILENAME /opt/git/bin/gitolite-shell;
	fastcgi_param QUERY_STRING $query_string;
	#fastcgi_pass unix:/var/run/fcgiwrap.sock;
	fastcgi_pass 127.0.0.1:8999;
	}

	error_page 404 /404.html;
	location = /404.html {
	root /usr/share/nginx/html;
	}

	# redirect server error pages to the static page /50x.html
	#
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/html;
	}
	}