方案一：基于 debian

需要的组件： - nginx - git - fcgiwrap

另外，还写了一个 rooter 的程序，主要是执行类似 systemd 的工作，对里面的服务进行管理，不然 fcgiwrap 起不来。 这里有一个文档，用来部署 fcgiwrap 服务，不过没有用它。https://www.server-world.info/en/note?os=CentOS_Stream_9&p=nginx&f=6

Dockerfile

FROM debian:12.7
USER root
ENV DEBIAN_FRONTEND noninteractive
RUN sed -i 's#http://security.debian.org#http://mirrors.aliyun.com#g' /etc/apt/sources.list.d/debian.sources
RUN sed -i 's#http://deb.debian.org#http://mirrors.aliyun.com#g' /etc/apt/sources.list.d/debian.sources

RUN apt update 
RUN apt install -y git nginx vim
RUN apt install -y fcgiwrap # dnf --enablerepo=epel -y install fcgiwrap
RUN apt install -y openssh-server
RUN apt install openssh-client
RUN mkdir /run/sshd && chmod 755 /run/sshd
RUN adduser git

COPY ./git-server.conf /etc/nginx/conf.d/
COPY ./nginx.conf /etc/nginx/nginx.conf
COPY ./docker-entrypoint.sh /docker-entrypoint.sh
COPY ./debian12/rooter /usr/sbin/
COPY ./rooter.d /etc/rooter.d

ENTRYPOINT ["/docker-entrypoint.sh"]

git-server.conf

server {
    listen 80;
    server_name _;

    auth_basic "for nginx auth";
    auth_basic_user_file /etc/nginx/auth/passwd.auth;

    #access_log /var/log/nginx/git.example.com.log;
    #error_log /var/log/nginx/git.example.com_error.log info;

    location ~ (\.tar.gz|\.tar|\.zip|\.deb) {
        root /home/git;
    }

    # Redirect all non-HTTPS traffic to the HTTPS variant
    #return 301 https://$host$request_uri;
    location / {
        # Set chunks to unlimited, as the body's can be huge
        client_max_body_size            0;

        include     fastcgi_params;
        fastcgi_param   SCRIPT_FILENAME     /usr/lib/git-core/git-http-backend;
        fastcgi_param   GIT_HTTP_EXPORT_ALL "";
        fastcgi_param   GIT_PROJECT_ROOT    /home/git;
        fastcgi_param   PATH_INFO       $uri;

        # Forward REMOTE_USER as we want to know when we are authenticated
        fastcgi_param   REMOTE_USER     $remote_user;
        fastcgi_pass    unix:/var/run/fcgiwrap.socket;
    }
}