nginx configuration
# Let Nginx handle static files
# location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx)) {
location ~ ^/[^/]*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx)) {
    auth_basic              "strong authentication";
    auth_basic_user_file    /********/apps/etc/basic.auth.strong.passwords.txt;
    root /********/GITRepoUbuntu/;
}

# Pass Git Smart HTTP requests to git-http-backend. Require Auth for everything.
# see man git-http-backend for Apache configuration
#location ~ ^.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
location ~ ^/[^/]*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
    auth_basic                                  "strong authentication";
    auth_basic_user_file                        /********/apps/etc/basic.auth.strong.passwords.txt;
    client_max_body_size                        0;
    fastcgi_read_timeout                        300;
    fastcgi_buffers                             4 64K;
    include                                     fastcgi_params;
    fastcgi_pass                                unix:/var/run/fastcgi.sock;
    fastcgi_param           SCRIPT_FILENAME     /usr/lib/git-core/git-http-backend;
    fastcgi_param           GIT_PROJECT_ROOT    /********/GITRepoUbuntu;
    fastcgi_param           PATH_INFO           $uri;
    fastcgi_param           REMOTE_USER         $remote_user;
    ### Uncomment below to export ALL repositories in GIT_PROJECT_ROOT path.
    fastcgi_param           GIT_HTTP_EXPORT_ALL "";
}

location /git/ {
    auth_basic              "strong authentication";
    auth_basic_user_file    /********/apps/etc/basic.auth.strong.passwords.txt;
    try_files $uri @gitweb;
}

location @gitweb {
    fastcgi_pass            unix:/var/run/fastcgi.sock;
    fastcgi_param           SCRIPT_FILENAME   /usr/share/gitweb/gitweb.cgi;
    fastcgi_param           PATH_INFO         $uri;
    fastcgi_param           GITWEB_CONFIG     /etc/gitweb.conf;
    include                 fastcgi_params;
}

# sudo systemctl status nginx fcgiwrap.service fcgiwrap.socket
# sudo systemctl enable nginx fcgiwrap.service fcgiwrap.socket
# sudo systemctl stop nginx fcgiwrap.service fcgiwrap.socket
# sudo systemctl start fcgiwrap.socket fcgiwrap.service nginx

/etc/gitweb.conf                                                                                                                   
#see man gitweb

# path to git projects (.git)
$projectroot = "/********/GITRepoUbuntu/";

# directory to use for temp files
# $git_temp = "/tmp";

# html text to include at home page
# $home_text = "indextext.html";

# file with project list; by default, simply scan the projectroot dir.
# $projects_list = "/home/git/projects.list";

@stylesheets = ("gitweb.css");
$javascript = "gitweb.js";
$favicon = "git-favicon.png";
$logo = "git-logo.png";

# git-diff-tree(1) options to use for generated patches
@diff_opts = ('-C', '-C');

# enable nicer uris
# $feature{pathinfo}{default} = [1];

$site_name = "adrhc's projects";
$home_link = "https://adrhc.go.ro/git/";
$home_link_str = "adrhc's projects";
$mimetypes_file = "/********/apps/etc/nginx/mime.types";
$base_url = "https://adrhc.go.ro/git/";
@git_base_url_list = qw(https://adrhc.go.ro);
@extra_breadcrumbs = (
        [ "adrhc's blog" => "https://adrhc.go.ro/" ]
);

/etc/systemd/system/fcgiwrap.socket
[Unit]
Description=fcgiwrap Socket

[Socket]
SocketMode=0660
SocketUser****
SocketGroup*********
ListenStream=/var/run/fastcgi.sock

[Install]
WantedBy=sockets.target

/etc/systemd/system/fcgiwrap.service
[Unit]
Description=Simple CGI Server
After=nss-user-lookup.target

[Service]
# https://apuntesderootblog.wordpress.com/2015/06/01/how-to-run-gitweb-and-git-http-backend-with-nginx-in-fedora/
# sudo apt-get install fcgiwrap
# systemctl daemon-reload
# sudo systemctl enable fcgiwrap.socket fcgiwrap.service
ExecStartPre=/bin/mkdir -p /var/cache/cgit
ExecStartPre=/bin/chown ************ /var/cache/cgit
#ExecStartPre=/bin/rm -rf /var/cache/cgit/*
ExecStart=/usr/sbin/fcgiwrap
User****
Group*********

[Install]
Also=fcgiwrap.socket

example bare repository config
cat /********/GITRepoUbuntu/test/git/config
[core]
        repositoryformatversion = 0
        filemode = false
        bare = true
        sharedrepository = 1
[receive]
        denyNonFastforwards = true
[alias]
        st = status
        gr = log --full-history --all --graph --color --date-order --pretty=format:"%x1b[31m%h%x09%x1b[32m%d%x1b[0m%x20%s"
        ci = commit
        cim = commit -m
        ck = checkout
        ckm = checkout master
        ckd = checkout dev
        rs = reset
        mgnf = merge --no-ff
        mg = merge
        pom = push origin master
        pod = push origin development
        gom = pull origin master
        god = pull origin development
[gitg]
        mainline = refs/heads/master

# ERROR
    git clone https://adrhc.go.ro/exifweb.git
    edit some files then commit ...
    git push origin master
    Counting objects: 3, done.
    Delta compression using up to 4 threads.
    Compressing objects: 100% (3/3), done.
    Writing objects: 100% (3/3), 303 bytes | 0 bytes/s, done.
    Total 3 (delta 2), reused 0 (delta 0)
    remote: error: unable to create temporary file: Operation not permitted
    remote: fatal: failed to write object
    error: unpack failed: unpack-objects abnormal exit
    To https://adrhc.go.ro/exifweb.git
     ! [remote rejected] master -> master (unpacker error)
    error: failed to push some refs to 'https://adrhc.go.ro/exifweb.git'
# SOLUTION
    Make sure the user and group (and SocketMode) set for fcgiwrap OS service are appropriate for the git repository (when using http/https push).