blob: db6de03ab8f803d5c9e97d5e86863d30da1c0be9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
# https://gitolite.com/gitolite/index.html
# https://github.com/sitaramc/gitolite
FROM debian
ENV DEBIAN_FRONTEND=noninteractive
# Install SSH and gitolite packages
RUN apt update \
&& apt full-upgrade --yes \
&& apt install --yes openssh-server gitolite3 \
&& apt clean
# Create git user
RUN useradd \
--uid 2000 \
--home-dir /git \
--skel /dev/null \
--create-home \
git
# Install files
COPY --chown=git:git dotfiles /git/
COPY sshd_config /etc/ssh/
COPY gitolite.conf entrypoint.sh initialize.sh /app/
# Setup SSH keys
# We manually generate and store host keys in a separate volume, so that
# rebuilding the image doesn't break user trust. A key pair is generated for
# the root user for gitolite file initialization, so we don't need a file
# supplied by the user every time they update the image.
RUN mkdir -p /hostkeys/etc/ssh /run/sshd \
&& ssh-keygen -A -f /hostkeys \
&& ssh-keygen -f /root/.ssh/id_rsa -N "" \
&& cp /root/.ssh/id_rsa* /app
# Patch `gitolite setup` script
# The acting gitolite.conf file is managed by the gitolite-admin repository. In
# order to install our default version of the file, we need to patch its contents
# into the Setup.pm file in the gitolite installation. This helps maintain
# separation of srcnode and gitolite-admin version control.
RUN grep -B1000000 __DATA__ /usr/share/gitolite3/lib/Gitolite/Setup.pm >/app/Setup.pm \
&& cat /app/gitolite.conf >>/app/Setup.pm \
&& cp /app/Setup.pm /usr/share/gitolite3/lib/Gitolite/Setup.pm
# Initialize gitolite files
RUN su git -c "gitolite setup -pk /app/id_rsa.pub" \
&& chmod -R 755 /git/repositories
EXPOSE 22
CMD ["/app/entrypoint.sh"]
|