(which, group read access shouldn’t matter since the repo is world-readable)
nginx:
location ~ /.+/(info/refs|git-upload-pack) { include fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; fastcgi_param PATH_INFO $uri; fastcgi_param GIT_HTTP_EXPORT_ALL 1; fastcgi_param GIT_PROJECT_ROOT /var/git; fastcgi_param HOME /var/git; fastcgi_pass unix:/run/fcgiwrap.socket; }on the client:
$ git clone --depth 1 https://git.vlhl.dev/navi/enomicon.git Cloning into 'enomicon'... fatal: unable to access 'https://git.vlhl.dev/navi/enomicon.git/': The requested URL returned error: 500on the server:
$ tail /var/log/nginx/error.log 2024/10/02 15:48:09 [error] 1431006#1431006: *1824 FastCGI sent in stderr: "fatal: detected dubious ownership in repository at '/var/git/navi/enomicon.git' To add an exception for this directory, call: git config --global --add safe.directory /var/git/navi/enomicon.git" while reading response header from upstream, client: 37.135.86.107, server: git.vlhl.dev, request: "GET /navi/enomicon.git/info/refs?service=git-upload-pack HTTP/2.0", upstream: "fastcgi://unix:/run/fcgiwrap.socket:", host: "git.vlhl.dev"