server { listen [::]:80; server_name git.midipix.org; return 301 https://$server_name$request_uri; } server { listen [::]:443; server_name git.midipix.org; root /srv/www/htdocs; # legacy (bookmarked) /cgit.git addresses location /cgit.cgi { rewrite ^/cgit.cgi(/.*)$ $1 last; } # git-http-backend: initial clone GET request location ~ ^(/namespace)?/(.+?)/info(/.*)?$ { try_files $uri @git_http_backend; } # git-http-backend: clone POST request location ~ ^(/namespace)?/(.+?)/git-upload-pack { try_files $uri @git_http_backend; } # otherwise, cgit location / { try_files $uri @cgit; } location @git_http_backend { include uwsgi_params; uwsgi_modifier1 9; uwsgi_pass unix:/run/uwsgi/git.socket; uwsgi_param HTTP_HOST $server_name; uwsgi_param GIT_PROJECT_ROOT /srv/git; uwsgi_param PATH_INFO $uri; uwsgi_param GIT_HTTP_EXPORT_ALL ""; } location @cgit { include uwsgi_params; uwsgi_modifier1 9; uwsgi_pass unix:/run/uwsgi/cgit.socket; uwsgi_param HTTP_HOST $server_name; uwsgi_param CGIT_CONFIG /etc/cgit.d/cgitrc.midipix.org; uwsgi_param SCRIPT_FILENAME $document_root/cgit.cgi; uwsgi_param PATH_INFO $uri; uwsgi_param QUERY_STRING $args; } ssl_certificate /srv/webroot/midipix.org/ssl/fullchain.pem; ssl_certificate_key /srv/webroot/midipix.org/ssl/privkey.pem; ssl_trusted_certificate /srv/webroot/midipix.org/ssl/chain.pem; include conf.d/ssl_params; }