commit fbc81e37f9daae030827c578198ae65203caef8b Author: Jerry Aldrich Date: Mon Jan 20 14:12:34 2020 -0800 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a78191d --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +bootstrap/keys/sshd_host_keys/* +bootstrap/keys/git/* +bootstrap/repos/* diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6b3d0a7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,40 @@ +FROM alpine + +LABEL maintainer "jerryaldrichiii@gmail.com" + +RUN apk add --no-cache openssh gitolite git-daemon + +# Upstream maintainer won't accept patch to allow symlinks +# So...I do a bad thing... +RUN sed -i 's/\(find.*-type f\) -name/\1 -or -type l -name/' /usr/lib/gitolite/commands/compile-template-data + +# Create group so data can be shared +RUN addgroup --gid 1000 shared +RUN adduser git shared + +VOLUME ["/bootstrap"] +VOLUME ["/srv/git/repos"] + +# Configure SSHD +RUN mkdir -p /srv/sshd +COPY sshd_config /srv/sshd/sshd_config +RUN chown -R git:git /srv/sshd + +COPY entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + +EXPOSE 2222 9418 + +USER git + +RUN gitolite setup -a dummy +RUN mkdir /var/lib/git/.gitolite/keydir + +RUN rm -rf /var/lib/git/repositories/ +RUN ln -s /srv/git/repos/ /var/lib/git/repositories +RUN chown -h git:shared /var/lib/git/repositories + +RUN rm /var/lib/git/.gitolite.rc +COPY gitolite.rc /var/lib/git/.gitolite.rc + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..5312088 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# Gitolite via Docker diff --git a/bootstrap/configs/gitolite.conf b/bootstrap/configs/gitolite.conf new file mode 100644 index 0000000..7b75458 --- /dev/null +++ b/bootstrap/configs/gitolite.conf @@ -0,0 +1,3 @@ +repo testing + RW+ = @all + config cgit.desc = "A test description brought to you by k8s" diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..b92de9f --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +if [ ! -d /bootstrap/keys/git ]; then + echo "ERROR: Can't find SSH public keys (ending in '.pub') in /bootstrap/keys/git" + exit 1 +fi + +if [ ! -d /bootstrap/keys/sshd_host_keys/ ]; then + echo "ERROR: Can't find SSH host keys /bootstrap/keys/sshd_host_keys" + exit 1 +fi + +cp -R /bootstrap/keys/git/* /var/lib/git/.gitolite/keydir/ + +# NOTE: A symlink is not supported for gitolite.conf...see Dockerfile for hack +if [ -f /var/lib/git/.gitolite/conf/gitolite.conf ]; then + rm /var/lib/git/.gitolite/conf/gitolite.conf + ln -s /bootstrap/configs/gitolite.conf /var/lib/git/.gitolite/conf/gitolite.conf +fi + +echo "Configuring gitolite...ignore warnings about brand new install" +gitolite compile +gitolite setup --hooks-only >/dev/null +gitolite trigger POST_COMPILE >/dev/null + +mkdir /srv/sshd/host_keys +cp /bootstrap/keys/sshd_host_keys/ssh_host_rsa_key /srv/sshd/host_keys/ +cp /bootstrap/keys/sshd_host_keys/ssh_host_rsa_key.pub /srv/sshd/host_keys/ +chmod 400 /srv/sshd/host_keys/ssh_host_rsa_key + +echo "Starting git daemon in background" +git daemon --base-path=/srv/git/repos --detach + +echo "Starting SSHD in foreground" +/usr/sbin/sshd -f /srv/sshd/sshd_config -De diff --git a/gitolite.rc b/gitolite.rc new file mode 100644 index 0000000..c9c98f8 --- /dev/null +++ b/gitolite.rc @@ -0,0 +1,34 @@ +# https://gitolite.com/gitolite/rc + +%RC = ( + UMASK => 0027, + GIT_CONFIG_KEYS => 'cgit\..*', + LOG_EXTRA => 1, + + ROLES => { + READERS => 1, + WRITERS => 1, + }, + + ENABLE => [ + 'help', + 'desc', + 'info', + 'perms', + 'writable', + 'ssh-authkeys', + 'git-config', + 'daemon', + + # Comment out if not using cgit + 'cgit', + ], +); + +# This line is required per Perl +1; + +# Local variables: +# mode: perl +# End: +# vim: set syn=perl: diff --git a/sshd_config b/sshd_config new file mode 100644 index 0000000..75c9459 --- /dev/null +++ b/sshd_config @@ -0,0 +1,14 @@ +Port 2222 + +PermitRootLogin no +PubkeyAuthentication yes +PasswordAuthentication no +AllowAgentForwarding no +AllowTcpForwarding no +PermitTTY no +X11Forwarding no +PrintMotd no + +PidFile /srv/sshd/sshd.pid + +HostKey /srv/sshd/host_keys/ssh_host_rsa_key