On an Arch Linux server running Nginx, I setup correctly cgit. I want to protect cgit with a basic authentication password, except for one directory /pub/
. As seen on the documentation, I thought about put on the server
context an authentication, and get an exception with the location
context for the /pub/
directory. I tried this link to get the path correctly.
Here the configuration file of nginx of the corresponding part.
server {
listen 80;
server_name git.nicosphere.net;
index cgit.cgi;
gzip off;
auth_basic "Restricted";
auth_basic_user_file /srv/gitosis/.htpasswd;
location / {
root /usr/share/webapps/cgit/;
}
location ^~ /pub/ {
auth_basic off;
}
if (!-f $request_filename) {
rewrite ^/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=$1&$2 last;
}
location ~ \.cgi$ {
gzip off;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index cgit.cgi;
fastcgi_param SCRIPT_FILENAME /usr/share/webapps/cgit/cgit.cgi;
fastcgi_param DOCUMENT_ROOT /usr/share/webapps/cgit/;
}
}
This ask me for authentication for whatever any url are. For some easier tests, I tried to leave root without authentication, and only /pub/
with authentication. In this case, it doesn't ask for password at all. So far, I managed to protect either everything or nothing.
Thanks for your help, and my apologies for my approximative English.
I think you want something like this: