set up cgit using uwsgi & nginx on gentoo

· ahwx's blog

# set up cgit using uwsgi & nginx on gentoo

i recommend mainly using the root user for this

this is partially copied from the wiki, but just my setup for when i reinstall :)

 1echo "www-servers/uwsgi cgi" >> /etc/portage/package.use/uwsgi
 2root # emerge -avq www-apps/cgit www-servers/nginx www-servers/uwsgi
 3root # useradd -m -s /bin/bash git
 4root # su - git
 5
 6git $ mkdir ~/repos
 7git $ chown git:nginx ~/repos
 8git $ chmod 750 ~/repos
 9
10root # nvim /etc/cgitrc

# my /etc/cgitrc, tweak what you want:

  1# Make cgit generate link using absolute URL
  2virtual-root=/
  3
  4# The maximum number of entries in the cgit cache. When set to "0",
  5# caching is disabled.
  6cache-size=0
  7
  8# Cache time to live
  9# All cache ttl values are in minutes. Negative ttl values indicate that a page
 10# type will never expire, and thus the first time a URL is accessed, the result
 11# will be cached indefinitely, even if the underlying git repository changes.
 12# Conversely, when a ttl value is zero, the cache is disabled for that
 13# particular page type, and the page type is never cached.
 14cache-dynamic-ttl=0
 15cache-repo-ttl=0
 16
 17# Specify some default clone urls using macro expansion
 18clone-url=https://git.ahwx.org/$CGIT_REPO_URL
 19
 20# Specify the css url
 21css=/cgit.css
 22
 23# Show owner on index page
 24enable-index-owner=0
 25
 26# Allow http transport git clone
 27enable-http-clone=1
 28
 29# Show extra links for each repository on the index page
 30enable-index-links=1
 31
 32# Remove .git suffix from project display
 33remove-suffix=1
 34
 35# Enable ASCII art commit history graph on the log pages
 36enable-commit-graph=1
 37
 38# Show number of affected files per commit on the log pages
 39enable-log-filecount=1
 40
 41# Show number of added/removed lines per commit on the log pages
 42enable-log-linecount=1
 43
 44# Sort branches by date
 45branch-sort=age
 46
 47# Add a cgit favicon
 48favicon=/favicon.ico
 49
 50# Use a custom logo
 51logo=/cgit.png
 52
 53# Enable statistics per week, month and quarter
 54max-stats=year
 55
 56# Set the title and heading of the repository index page
 57root-title=Ahwx Git Repositories
 58
 59# Set a subheading for the repository index page
 60root-desc=Ahwx development garbage & other nonsense
 61
 62# Allow download of tar.gz, tar.bz2 and zip-files
 63snapshots=tar.bz2
 64
 65# List of common mimetypes
 66# See https://www.sitepoint.com/mime-types-complete-list/
 67mimetype.html=text/html
 68mimetype.js=text/javascript
 69mimetype.css=text/css
 70mimetype.pl=text/x-script.perl
 71mimetype.pm=text/x-script.perl-module
 72mimetype.py=text/x-script.python
 73mimetype.png=image/png
 74mimetype.gif=image/gif
 75mimetype.jpg=image/jpeg
 76mimetype.jpeg=image/jpeg
 77
 78# Highlight source code with python pygments-based highligher
 79source-filter=/usr/lib64/cgit/filters/syntax-highlighting.py
 80
 81# Format markdown, restructuredtext, manpages, text files, and html files
 82# through the right converters
 83about-filter=/usr/local/lib/cgit/filters/about-formatting.sh
 84
 85# Search for these files in the root of the default branch of repositories
 86# for coming up with the about page:
 87readme=:README.md
 88readme=:readme.md
 89readme=:README.mkd
 90readme=:readme.mkd
 91readme=:README.rst
 92readme=:readme.rst
 93readme=:README.html
 94readme=:readme.html
 95readme=:README.htm
 96readme=:readme.htm
 97readme=:README.txt
 98readme=:readme.txt
 99readme=:README
100readme=:readme
101readme=:INSTALL.md
102readme=:install.md
103readme=:INSTALL.mkd
104readme=:install.mkd
105readme=:INSTALL.rst
106readme=:install.rst
107readme=:INSTALL.html
108readme=:install.html
109readme=:INSTALL.htm
110readme=:install.htm
111readme=:INSTALL.txt
112readme=:install.txt
113readme=:INSTALL
114readme=:install
115
116# Repositories.
117# There are 2 options, please choose one:
118#
119# Option 1 - separate entries for each repo
120#
121#repo.url=My-Repo
122#repo.path=/home/someuser/repos/My-Repo
123#repo.desc=Some description
124#repo.owner=author@some.email
125#repo.readme=info/web/about.html
126#
127# Option 2 - a list with all repos
128# (description, owner etc can be indicated inside repos)
129#
130enable-git-config=1
131scan-path=/home/git/repos
132

# /home/git/uwsgi.cgit.ini

 1[uwsgi]
 2; enables logging via the system-default syslog program
 3; (for example, syslog-ng)
 4logger = syslog
 5
 6; recommended for all your apps, unless you're using emperor
 7; https://stackoverflow.com/a/35080578
 8master = true
 9
10; can be nginx or of other web-server
11; CAN NOT BE ROOT !!
12uid = nginx
13gid = nginx
14
15; please tune according to your needs
16processes = 1
17threads = 4
18
19; cgit requires cgi
20plugins = cgi
21
22; location where all uwsgi plugins were installed
23plugins-dir = /usr/lib64/uwsgi/
24
25; modifier for uwsgi packets to fit into cgi standard
26; https://uwsgi-docs.readthedocs.io/en/latest/Protocol.html
27http-modifier1 = 9
28
29; name can be any
30socket = /run/uwsgi_cgit/uwsgi_cgit.sock
31chmod-socket = 600
32pidfile = /run/uwsgi_cgit/uwsgi_cgit.pid
33
34; can be any address:port on localhost
35; useful for debugging - just curl that address
36; http = 127.0.0.7:7777
37
38; location where the cgi binary was installed
39; MUST BE CHANGED accordingly in case of installing another cgit version
40chdir = /usr/share/webapps/cgit/1.2.3-r201/hostroot/cgi-bin
41
42; cgi binary name
43cgi = cgit.cgi
44
45; this is an alternative to nginx rewrite rule
46; "rewrite ^/subdirectory/(.*)$ /subdirectory/$1?url=/$1 break;"
47route-uri = ^/(.*) rewrite:/$1

1root # ln -s /etc/init.d/uwsgi /etc/init.d/uwsgi.cgit

 1# Distributed under the terms of the GNU General Public License v2
 2
 3# Additional options you might want to pass to uWSGI
 4#
 5UWSGI_EXTRA_OPTIONS="--ini /home/git/uwsgi.cgit.ini"
 6
 7# The application will run as nginx:nginx even without these,
 8# because uid and gid are set to nginx in /home/someuser/uwsgi.cgit.ini,
 9# but these are necessary for changing permissions of the directory
10# /run/uwsgi_cgit (and permitting the application to create a socket there)
11#
12UWSGI_USER=nginx
13UWSGI_GROUP=nginx

# nginx

for nginx, just make a server and make sure it looks something like this and add some ssl certs

 1server {
 2    listen 80;
 3    server_name git.ahwx.org ;
 4
 5    root /home/git/;
 6    try_files $uri @cgit;
 7
 8    location ~* ^.+(cgit.(css|png)|favicon.ico) {
 9        root /usr/share/webapps/cgit/1.2.3-r201/htdocs/;
10        expires 30d;
11    }
12
13    location / {
14        uwsgi_pass uwsgi_cgit;
15        include uwsgi_params;
16        uwsgi_param PATH_INFO $1;
17        uwsgi_modifier1 9;
18        uwsgi_param GIT_HTTP_EXPORT_ALL "";
19        uwsgi_param GIT_PROJECT_ROOT /home/git;
20    }
21}

# start it

1rc-service uwsgi.cgit start
2rc-service nginx restart
3rc-update add uwsgi.cgit default
4rc-update add nginx default

# make sure to: