git push to nginx+git-http-backend : error: Cannot access URL http return code 22 fatal: git-http-push failed

Question

I was configuring my git repos to serve over http in Ubuntu 14.04 (using nginx/1.4.6+git-http-backend+fastcgi:fcgiwrap 1.1.0-2). But caught with the following error.

# git push origin master
Username for 'http://server.com': git
Password for 'http://git@gittest.cloudthis.com': 
error: Cannot access URL http://server.com/rahul.git/, return code 22
fatal: git-http-push failed

My nginx site's configuration is as follows.

server {

    listen          80;
    server_name     server.com;
    root            /var/www/git/repos;

include /etc/nginx/fcgiwrap.conf; # Added as a support for cgi

auth_basic          "Welcome to my GIT repos";  # Added for Basic Auth +1
auth_basic_user_file    /etc/apache2/.htpasswd;

    location ~ /git(/.*) {
#    location /repos/ {

#client_max_body_size                   0;
        include /etc/nginx/fastcgi_params;
        fastcgi_param   SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
        fastcgi_param   GIT_HTTP_EXPORT_ALL     true;
        fastcgi_param   GIT_PROJECT_ROOT        /var/www/git/repos;
        fastcgi_param   PATH_INFO               $uri;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param   REMOTE_USER             $remote_user;
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
    }
}

I have my repos root dir as /var/www/git/repos. Under which I have initialized my bare repositories like /var/www/git/repos/firstrepo.git/ using command git --bare init firstrepo.git

Git clone is working fine, but when I make changes and do git push origin master it gives error as

# touch newfile
# git add newfile
# git commit -m " commited "
[master 059714a]  commited
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 newfile
# git push origin master
Username for 'http://server.com': git
Password for 'http://git@server.com': 
error: Cannot access URL http://server.com/rahul.git/, return code 22
fatal: git-http-push failed

Anybody have any idea What I'm doing wrong. Have also tried editing the .git/config file as said here

, but it didn't helped. The error remains intact

In my access.log

114.143.99.83 - - [14/Aug/2014:15:49:33 +0000] "GET /rahul.git/info/refs?service=git-receive-pack HTTP/1.1" 401 203 "-" "git/1.9.1"
114.143.99.83 - - [14/Aug/2014:15:49:36 +0000] "GET /rahul.git/info/refs?service=git-receive-pack HTTP/1.1" 401 203 "-" "git/1.9.1"
114.143.99.83 - git [14/Aug/2014:15:49:36 +0000] "GET /rahul.git/info/refs?service=git-receive-pack HTTP/1.1" 200 59 "-" "git/1.9.1"
114.143.99.83 - git [14/Aug/2014:15:49:36 +0000] "GET /rahul.git/HEAD HTTP/1.1" 200 23 "-" "git/1.9.1"
114.143.99.83 - - [14/Aug/2014:15:49:37 +0000] "PROPFIND /rahul.git/ HTTP/1.1" 401 203 "-" "git/1.9.1"

In my error.log

2014/08/14 15:49:33 [error] 2872#0: *19 no user/password was provided for basic authentication, client: 114.143.99.83, server: server.com, request: "GET /rahul.git/info/refs?service=git-receive-pack HTTP/1.1", host: "server.com"
2014/08/14 15:49:36 [error] 2872#0: *20 no user/password was provided for basic authentication, client: 114.143.99.83, server: server.com, request: "GET /rahul.git/info/refs?service=git-receive-pack HTTP/1.1", host: "server.com"
2014/08/14 15:49:37 [error] 2872#0: *21 no user/password was provided for basic authentication, client: 114.143.99.83, server: server.com, request: "PROPFIND /rahul.git/ HTTP/1.1", host: "server.com"

Answer 1

As described by Marcs you could solve your authentication problem by enabling the receivepack option, but this disables the requirement for authentication. What you rather would want is to communicate to git-http-backend which user was successfully authenticated. This can be done by setting the REMOTE_USER FastCGI parameter to the $remote_user Nginx variable.

server {
    ...
    location ... {
        auth_basic "Restricted";
        auth_basic_user_file /path/to/.htpasswd;
        fastcgi_param REMOTE_USER $remote_user;
        ...
    }
}

Considering your current Nginx configuration, you might also run into a problem where the connection with fcgiwrap is prematurely closed, which has to do with that the order of FastCGI parameters matter. If /etc/nginx/fastcgi_params contains a definition for e.g. SCRIPT_FILENAME, it will not be overwritten with /usr/lib/git-core/git-http-backend when using fcgiwrap.

Answer 2

I got a similar setup as you have.

I think the problem is related the the receivepack option.

You should add this option to the config file of your bare repository

[http]
    receivepack = true

Or for a system-wide setting (as I did) insert the line above in: /etc/gitconfig

You can also use the config command like this for enabling a repository:

git config --local http.receivepack true

Or to do it systemwide:

git config --system http.receivepack true

Related to nginx you can also use the authentication in a location block instead of a server it makes the configuration more clean (IMO).