diff options
| -rw-r--r-- | src/cgit/Dockerfile | 4 | ||||
| -rw-r--r-- | src/cgit/VERSION | 2 | ||||
| -rwxr-xr-x | src/cgit/bin/entrypoint.sh | 11 | ||||
| -rw-r--r-- | src/gitolite/Dockerfile | 13 | ||||
| -rw-r--r-- | src/gitolite/VERSION | 1 | ||||
| -rwxr-xr-x | src/gitolite/bin/entrypoint.sh | 66 | ||||
| -rw-r--r-- | src/gitolite/etc/environment | 3 |
7 files changed, 95 insertions, 5 deletions
diff --git a/src/cgit/Dockerfile b/src/cgit/Dockerfile index 45b5521..9c3b8e5 100644 --- a/src/cgit/Dockerfile +++ b/src/cgit/Dockerfile @@ -2,7 +2,9 @@ FROM registry.gitlab.com/grumps/grumpy-containers/base:v0.0.2 SHELL ["/bin/bash", "-c"] RUN APT_OPTS="--no-install-recommends --install-suggests --yes" install_deb cgit uwsgi nginx-light \ && mkdir -p /run/uwsgi \ - && chown www-data:www-data /run/uwsgi + && chown www-data:www-data /run/uwsgi \ + && addgroup --gid 998 git \ + && usermod -a -G git www-data COPY etc/uwsgi/cgit.ini /etc/uwsgi/cgit.ini COPY bin/entrypoint.sh /usr/bin/entrypoint.sh ENTRYPOINT ["/usr/bin/entrypoint.sh"] diff --git a/src/cgit/VERSION b/src/cgit/VERSION index a00f35a..45c7a58 100644 --- a/src/cgit/VERSION +++ b/src/cgit/VERSION @@ -1 +1 @@ -v0.0.1-alpha +v0.0.1 diff --git a/src/cgit/bin/entrypoint.sh b/src/cgit/bin/entrypoint.sh index bdd6edc..a402e55 100755 --- a/src/cgit/bin/entrypoint.sh +++ b/src/cgit/bin/entrypoint.sh @@ -13,6 +13,9 @@ server { expires 30d; } location / { + try_files \$uri @cgit; + } + location @cgit { gzip off; include uwsgi_params; uwsgi_modifier1 9; @@ -38,8 +41,10 @@ enable-commit-graph=1 enable-log-filecount=1 enable-log-linecount=1 -css=cgit.css -logo=cgit.png +css=/cgit.css +logo=/cgit.png +virtual-root=/ +robots=nofollow project-list=/var/lib/git/projects.list @@ -47,5 +52,5 @@ scan-path=/var/lib/git/repositories EOF -uwsgi --daemonize true --ini /etc/uwsgi/cgit.ini > /dev/stdout 2> /dev/stderr < /dev/null & +uwsgi --daemonize --ini /etc/uwsgi/cgit.ini > /dev/stdout 2> /dev/stderr < /dev/null & nginx -c /etc/nginx/nginx.conf -g "daemon off;" diff --git a/src/gitolite/Dockerfile b/src/gitolite/Dockerfile new file mode 100644 index 0000000..213ddf3 --- /dev/null +++ b/src/gitolite/Dockerfile @@ -0,0 +1,13 @@ +FROM registry.gitlab.com/grumps/grumpy-containers/base:v0.0.2 +SHELL ["/bin/bash", "-c"] +RUN install_deb gitolite3 + +RUN addgroup --gid 998 git \ + && useradd --no-create-home \ + --home-dir /var/lib/git \ + --uid 998 \ + --gid 998 \ + git +RUN mkdir -p /run/sshd +COPY bin/entrypoint.sh /usr/bin/entrypoint.sh +ENTRYPOINT ["/usr/bin/entrypoint.sh"] diff --git a/src/gitolite/VERSION b/src/gitolite/VERSION new file mode 100644 index 0000000..45c7a58 --- /dev/null +++ b/src/gitolite/VERSION @@ -0,0 +1 @@ +v0.0.1 diff --git a/src/gitolite/bin/entrypoint.sh b/src/gitolite/bin/entrypoint.sh new file mode 100755 index 0000000..ac240d0 --- /dev/null +++ b/src/gitolite/bin/entrypoint.sh @@ -0,0 +1,66 @@ +#!/usr/bin/env bash +: ' +The MIT License (MIT) + +Copyright (c) 2016 Jonathan Giannuzzi + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +' +# https://github.com/jgiannuzzi/docker-gitolite/blob/master/LICENSE + +# if command is sshd, set it up correctly +if [ "${1}" = 'sshd' ]; then + set -- /usr/sbin/sshd -D + + # Setup SSH HostKeys if needed + for algorithm in rsa dsa ecdsa ed25519 + do + keyfile=/etc/ssh/keys/ssh_host_${algorithm}_key + [ -f $keyfile ] || ssh-keygen -q -N '' -f $keyfile -t $algorithm + grep -q "HostKey $keyfile" /etc/ssh/sshd_config || echo "HostKey $keyfile" >> /etc/ssh/sshd_config + done + # Disable unwanted authentications + # perl -i -pe 's/^#?((?!Kerberos|GSSAPI)\w*Authentication)\s.*/\1 no/; s/^(PubkeyAuthentication) no/\1 yes/' /etc/ssh/sshd_config + # Disable sftp subsystem + perl -i -pe 's/^(Subsystem\ssftp\s)/#\1/' /etc/ssh/sshd_config + perl -i -pe 's/^(AcceptEnv\s)/#\1/' /etc/ssh/sshd_config +fi + +# Fix permissions at every startup +chown -R git:git ~git + +# Setup gitolite admin +if [ ! -f ~git/.ssh/authorized_keys ]; then + if [ -n "$SSH_KEY" ]; then + [ -n "$SSH_KEY_NAME" ] || SSH_KEY_NAME=admin + echo "$SSH_KEY" > "/tmp/$SSH_KEY_NAME.pub" + su - git -c "gitolite setup -pk \"/tmp/$SSH_KEY_NAME.pub\"" + rm "/tmp/$SSH_KEY_NAME.pub" + else + echo "You need to specify SSH_KEY on first run to setup gitolite" + echo "You can also use SSH_KEY_NAME to specify the key name (optional)" + echo 'Example: docker run -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" jgiannuzzi/gitolite' + exit 1 + fi +# Check setup at every startup +else + su - git -c "gitolite setup" +fi + +exec "$@" diff --git a/src/gitolite/etc/environment b/src/gitolite/etc/environment new file mode 100644 index 0000000..dd0e7ad --- /dev/null +++ b/src/gitolite/etc/environment @@ -0,0 +1,3 @@ +LANGUAGE=en_US.UTF-8 +LANG=en_US.UTF-8 +LC_ALL=en_US.UTF-8 |