nginx configuration
# Let Nginx handle static files
# location ~ ^.*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx)) {
location ~ ^/[^/]*\.git/objects/([0-9a-f]+/[0-9a-f]+|pack/pack-[0-9a-f]+.(pack|idx)) {
	auth_basic				"strong authentication";
    auth_basic_user_file	/********/apps/etc/basic.auth.strong.passwords.txt;
    root /********/GITRepoUbuntu/;
}

# Pass Git Smart HTTP requests to git-http-backend. Require Auth for everything.
# see man git-http-backend for Apache configuration
#location ~ ^.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
location ~ ^/[^/]*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
	auth_basic									"strong authentication";
    auth_basic_user_file						/********/apps/etc/basic.auth.strong.passwords.txt;
	client_max_body_size						0;
	fastcgi_read_timeout						300;
	fastcgi_buffers								4 64K;
    include        								fastcgi_params;
    fastcgi_pass   								unix:/var/run/fastcgi.sock;
    fastcgi_param  			SCRIPT_FILENAME		/usr/lib/git-core/git-http-backend;
    fastcgi_param  			GIT_PROJECT_ROOT	/********/GITRepoUbuntu;
    fastcgi_param  			PATH_INFO			$uri;
    fastcgi_param  			REMOTE_USER			$remote_user;
    ### Uncomment below to export ALL repositories in GIT_PROJECT_ROOT path.
    fastcgi_param  			GIT_HTTP_EXPORT_ALL	"";
}

location /git/ {
	auth_basic				"strong authentication";
    auth_basic_user_file	/********/apps/etc/basic.auth.strong.passwords.txt;
	try_files $uri @gitweb;
}

location @gitweb {
    fastcgi_pass 			unix:/var/run/fastcgi.sock;
    fastcgi_param 			SCRIPT_FILENAME   /usr/share/gitweb/gitweb.cgi;
    fastcgi_param 			PATH_INFO         $uri;
    fastcgi_param 			GITWEB_CONFIG     /etc/gitweb.conf;
    include					fastcgi_params;
}

# sudo systemctl status nginx fcgiwrap.service fcgiwrap.socket
# sudo systemctl enable nginx fcgiwrap.service fcgiwrap.socket
# sudo systemctl stop nginx fcgiwrap.service fcgiwrap.socket
# sudo systemctl start fcgiwrap.socket fcgiwrap.service nginx

/etc/gitweb.conf                                                                                                                   
#see man gitweb
 
# path to git projects (.git)
$projectroot = "/********/GITRepoUbuntu/";
 
# directory to use for temp files
# $git_temp = "/tmp";
 
# html text to include at home page
# $home_text = "indextext.html";
 
# file with project list; by default, simply scan the projectroot dir.
# $projects_list = "/home/git/projects.list";
 
@stylesheets = ("gitweb.css");
$javascript = "gitweb.js";
$favicon = "git-favicon.png";
$logo = "git-logo.png";
 
# git-diff-tree(1) options to use for generated patches
@diff_opts = ('-C', '-C');
 
# enable nicer uris
# $feature{pathinfo}{default} = [1];
 
$site_name = "adrhc's projects";
$home_link = "https://adrhc.go.ro/git/";
$home_link_str = "adrhc's projects";
$mimetypes_file = "/********/apps/etc/nginx/mime.types";
$base_url = "https://adrhc.go.ro/git/";
@git_base_url_list = qw(https://adrhc.go.ro);
@extra_breadcrumbs = (
        [ "adrhc's blog" => "https://adrhc.go.ro/" ]
);

/etc/systemd/system/fcgiwrap.socket
[Unit]
Description=fcgiwrap Socket

[Socket]
SocketMode=0660
SocketUser****
SocketGroup*********
ListenStream=/var/run/fastcgi.sock

[Install]
WantedBy=sockets.target

/etc/systemd/system/fcgiwrap.service
[Unit]
Description=Simple CGI Server
After=nss-user-lookup.target

[Service]
# https://apuntesderootblog.wordpress.com/2015/06/01/how-to-run-gitweb-and-git-http-backend-with-nginx-in-fedora/
# sudo apt-get install fcgiwrap
# systemctl daemon-reload
# sudo systemctl enable fcgiwrap.socket fcgiwrap.service
ExecStartPre=/bin/mkdir -p /var/cache/cgit
ExecStartPre=/bin/chown ************ /var/cache/cgit
#ExecStartPre=/bin/rm -rf /var/cache/cgit/*
ExecStart=/usr/sbin/fcgiwrap
User****
Group*********

[Install]
Also=fcgiwrap.socket

example bare repository config
cat /********/GITRepoUbuntu/test/git/config
[core]
        repositoryformatversion = 0
        filemode = false
        bare = true
        sharedrepository = 1
[receive]
        denyNonFastforwards = true
[alias]
        st = status
        gr = log --full-history --all --graph --color --date-order --pretty=format:"%x1b[31m%h%x09%x1b[32m%d%x1b[0m%x20%s"
        ci = commit
        cim = commit -m
        ck = checkout
        ckm = checkout master
        ckd = checkout dev
        rs = reset
        mgnf = merge --no-ff
        mg = merge
        pom = push origin master
        pod = push origin development
        gom = pull origin master
        god = pull origin development
[gitg]
        mainline = refs/heads/master

# ERROR
	git clone https://adrhc.go.ro/exifweb.git
	edit some files then commit ...
	git push origin master
	Counting objects: 3, done.
	Delta compression using up to 4 threads.
	Compressing objects: 100% (3/3), done.
	Writing objects: 100% (3/3), 303 bytes | 0 bytes/s, done.
	Total 3 (delta 2), reused 0 (delta 0)
	remote: error: unable to create temporary file: Operation not permitted
	remote: fatal: failed to write object
	error: unpack failed: unpack-objects abnormal exit
	To https://adrhc.go.ro/exifweb.git
	 ! [remote rejected] master -> master (unpacker error)
	error: failed to push some refs to 'https://adrhc.go.ro/exifweb.git'
# SOLUTION
	Make sure the user and group (and SocketMode) set for fcgiwrap OS service are appropriate for the git repository (when using http/https push).