diff options
| author | Malfurious <m@lfurio.us> | 2023-09-15 10:59:09 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2023-09-15 10:59:09 -0400 |
| commit | a6f2c9e34b7a0bdaff2a44b54ca7999728f36773 (patch) | |
| tree | 73b2ff4824313805629ee98efd1844fd7b636da1 /gitolite/Dockerfile | |
| parent | 5cd2822ed607d1f20d1d114aebe511a4fe5f1825 (diff) | |
| parent | c1db5d6e6557ac5f3b9d408eb2de888bf096a370 (diff) | |
| download | srcnode-a6f2c9e34b7a0bdaff2a44b54ca7999728f36773.tar.gz srcnode-a6f2c9e34b7a0bdaff2a44b54ca7999728f36773.zip | |
Merge branch 'gitolite-debian-refactor'
Refactor the gitolite docker image to build from Debian, but also clean
up a lot of the original build process.
The move off of archlinux is done since it is a sub-optimal pick for a
docker base. However, I'm specifically moving off it because archlinux
does not allow for the use of normalmode on i386 machines. Most offical
bases do, and debian seems to be a good fit for running gitolite.
Previously, this git repository was serving double duty as the code
repository for normalmode, as well as the site gitolite-admin
repository. This is no longer going to be the case - gitolite-admin is
now completely separate. Not only does this allow me to clean up the
folder structure, but going forward, the out-of-the-box experience of a
new install will be 'more correct' for what normalmode intends. IE: Our
config files will more often already be installed by default, instead of
requiring user-intervention on the gitolite-admin side of things.
The docker-compose.yml file is left behind. I'll update it after cgit
gets a similar treatment.
* gitolite-debian-refactor:
gitolite: Add admin initialization script
gitolite: Allow users to delete remote HEAD branches
gitolite: Remove hard-coded admin username
gitolite: Correct site-local code location
gitolite: Refactor Dockerfile for debian base
gitolite: Consolidate config files into a single directory
Diffstat (limited to 'gitolite/Dockerfile')
| -rw-r--r-- | gitolite/Dockerfile | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/gitolite/Dockerfile b/gitolite/Dockerfile new file mode 100644 index 0000000..5d34312 --- /dev/null +++ b/gitolite/Dockerfile @@ -0,0 +1,51 @@ +# https://gitolite.com/gitolite/index.html +# https://github.com/sitaramc/gitolite + +FROM debian + +ENV DEBIAN_FRONTEND=noninteractive + +# Install SSH and gitolite packages +RUN apt update \ + && apt full-upgrade --yes \ + && apt install --yes openssh-server gitolite3 \ + && apt clean + +# Create git user +RUN useradd \ + --uid 2000 \ + --home-dir /git \ + --skel /dev/null \ + --create-home \ + git + +# Install files +COPY --chown=git:git dotfiles /git/ +COPY sshd_config /etc/ssh/ +COPY gitolite.conf entrypoint.sh initialize.sh /app/ + +# Setup SSH keys +# We manually generate and store host keys in a separate volume, so that +# rebuilding the image doesn't break user trust. A key pair is generated for +# the root user for gitolite file initialization, so we don't need a file +# supplied by the user every time they update the image. +RUN mkdir -p /hostkeys/etc/ssh /run/sshd \ + && ssh-keygen -A -f /hostkeys \ + && ssh-keygen -f /root/.ssh/id_rsa -N "" \ + && cp /root/.ssh/id_rsa* /app + +# Patch `gitolite setup` script +# The acting gitolite.conf file is managed by the gitolite-admin repository. In +# order to install our default version of the file, we need to patch its contents +# into the Setup.pm file in the gitolite installation. This helps maintain +# separation of normalmode and gitolite-admin version control. +RUN grep -B1000000 __DATA__ /usr/share/gitolite3/lib/Gitolite/Setup.pm >/app/Setup.pm \ + && cat /app/gitolite.conf >>/app/Setup.pm \ + && cp /app/Setup.pm /usr/share/gitolite3/lib/Gitolite/Setup.pm + +# Initialize gitolite files +RUN su git -c "gitolite setup -pk /app/id_rsa.pub" \ + && chmod -R 755 /git/repositories + +EXPOSE 22 +CMD ["/app/entrypoint.sh"] |