mirror of https://github.com/go-gitea/gitea
- VOLUME for ‘/data’ - Usage of S6 as PID 1 Process - Usage of ‘socat’ so linked container (like databases) are binded to localhost - OpenSSH, Socat Link and Gogs are supervised using S6 - Size of container reduced to ~75Mopull/197/head
parent
e0a099ec11
commit
e63e0b3105
@ -0,0 +1,2 @@ |
|||||||
|
#!/bin/sh |
||||||
|
exec /bin/true |
@ -0,0 +1,28 @@ |
|||||||
|
#!/bin/sh |
||||||
|
USER=git |
||||||
|
USERNAME=$USER |
||||||
|
|
||||||
|
if ! test -d /data/gogs; then |
||||||
|
mkdir -p /data/gogs/data /data/gogs/conf /data/gogs/log /data/git |
||||||
|
fi |
||||||
|
|
||||||
|
if ! test -d ~git/.ssh; then |
||||||
|
mkdir ~git/.ssh |
||||||
|
chmod 700 ~git/.ssh |
||||||
|
fi |
||||||
|
|
||||||
|
if ! test -f ~git/.ssh/environment; then |
||||||
|
echo "GOGS_CUSTOM=/data/gogs" > ~git/.ssh/environment |
||||||
|
chown git:git ~git/.ssh/environment |
||||||
|
chown 600 ~git/.ssh/environment |
||||||
|
fi |
||||||
|
|
||||||
|
ln -sf /data/gogs/log /app/gogs/log |
||||||
|
ln -sf /data/gogs/data /app/gogs/data |
||||||
|
ln -sf /data/gogs/conf /app/gogs/conf |
||||||
|
|
||||||
|
chown -R git:git /data /app/gogs ~git/ |
||||||
|
|
||||||
|
export USER |
||||||
|
export USERNAME |
||||||
|
exec gosu $USER /app/gogs/gogs web |
@ -0,0 +1,15 @@ |
|||||||
|
#!/bin/sh |
||||||
|
|
||||||
|
if ! test -d /data/ssh |
||||||
|
then |
||||||
|
mkdir -p /data/ssh |
||||||
|
ssh-keygen -q -f /data/ssh/ssh_host_key -N '' -t rsa1 |
||||||
|
ssh-keygen -q -f /data/ssh/ssh_host_rsa_key -N '' -t rsa |
||||||
|
ssh-keygen -q -f /data/ssh/ssh_host_dsa_key -N '' -t dsa |
||||||
|
ssh-keygen -q -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa |
||||||
|
ssh-keygen -q -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519 |
||||||
|
chown -R root:root /data/ssh/* |
||||||
|
chmod 600 /data/ssh/* |
||||||
|
fi |
||||||
|
|
||||||
|
exec gosu root /usr/sbin/sshd -D -f /etc/ssh/sshd_config |
@ -0,0 +1,17 @@ |
|||||||
|
Port 22 |
||||||
|
AddressFamily any |
||||||
|
ListenAddress 0.0.0.0 |
||||||
|
ListenAddress :: |
||||||
|
Protocol 2 |
||||||
|
LogLevel INFO |
||||||
|
HostKey /data/ssh/ssh_host_key |
||||||
|
HostKey /data/ssh/ssh_host_rsa_key |
||||||
|
HostKey /data/ssh/ssh_host_dsa_key |
||||||
|
HostKey /data/ssh/ssh_host_ecdsa_key |
||||||
|
HostKey /data/ssh/ssh_host_ed25519_key |
||||||
|
PermitRootLogin no |
||||||
|
AuthorizedKeysFile .ssh/authorized_keys |
||||||
|
PasswordAuthentication no |
||||||
|
UsePrivilegeSeparation no |
||||||
|
PermitUserEnvironment yes |
||||||
|
AllowUsers git |
@ -1,43 +1,12 @@ |
|||||||
#!/bin/bash - |
#!/bin/sh |
||||||
# |
|
||||||
|
# Bind linked docker container to localhost socket using socat |
||||||
if ! test -d /data/gogs |
env | sed -En 's|(.*)_PORT_([0-9]*)_TCP=tcp://(.*):(.*)|\1_\2 socat -ls TCP4-LISTEN:\2,fork,reuseaddr TCP4:\3:\4|p' | \ |
||||||
then |
while read NAME CMD; do |
||||||
mkdir -p /var/run/sshd |
mkdir -p /app/gogs/docker/s6/$NAME |
||||||
mkdir -p /data/gogs/data /data/gogs/conf /data/gogs/log /data/git |
echo -e "#!/bin/sh\nexec $CMD" > /app/gogs/docker/s6/$NAME/run |
||||||
fi |
chmod +x /app/gogs/docker/s6/$NAME/run |
||||||
|
done |
||||||
if ! test -d /data/ssh |
|
||||||
then |
# Exec S6 as process manager for gogs and dropbear ssh |
||||||
mkdir /data/ssh |
exec /usr/bin/s6-svscan /app/gogs/docker/s6/ |
||||||
ssh-keygen -q -f /data/ssh/ssh_host_key -N '' -t rsa1 |
|
||||||
ssh-keygen -q -f /data/ssh/ssh_host_rsa_key -N '' -t rsa |
|
||||||
ssh-keygen -q -f /data/ssh/ssh_host_dsa_key -N '' -t dsa |
|
||||||
ssh-keygen -q -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa |
|
||||||
ssh-keygen -q -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519 |
|
||||||
chown -R root:root /data/ssh/* |
|
||||||
chmod 600 /data/ssh/* |
|
||||||
fi |
|
||||||
|
|
||||||
service ssh start |
|
||||||
|
|
||||||
ln -sf /data/gogs/log ./log |
|
||||||
ln -sf /data/gogs/data ./data |
|
||||||
ln -sf /data/git /home/git |
|
||||||
|
|
||||||
|
|
||||||
if ! test -d ~git/.ssh |
|
||||||
then |
|
||||||
mkdir ~git/.ssh |
|
||||||
chmod 700 ~git/.ssh |
|
||||||
fi |
|
||||||
|
|
||||||
if ! test -f ~git/.ssh/environment |
|
||||||
then |
|
||||||
echo "GOGS_CUSTOM=/data/gogs" > ~git/.ssh/environment |
|
||||||
chown git:git ~git/.ssh/environment |
|
||||||
chown 600 ~git/.ssh/environment |
|
||||||
fi |
|
||||||
|
|
||||||
chown -R git:git /data . |
|
||||||
exec su git -c "./gogs web" |
|
||||||
|
Loading…
Reference in new issue