Browse Source

Initial commit

Piotr Orzechowski 1 year ago
commit
bf5b1c395a

+ 4
- 0
.dockerignore View File

@@ -0,0 +1,4 @@
1
+build.sh
2
+.git
3
+hooks
4
+README.md

+ 53
- 0
Dockerfile View File

@@ -0,0 +1,53 @@
1
+ARG golang_version
2
+ARG alpine_version
3
+FROM "golang:${golang_version}-alpine${alpine_version}" as builder
4
+
5
+RUN set -eu && apk --no-cache add \
6
+               gcc \
7
+               git \
8
+               make \
9
+               musl-dev
10
+
11
+ENV GOPATH="/go"
12
+ENV SRC_DIR="${GOPATH}/src/code.gitea.io/gitea"
13
+WORKDIR "$SRC_DIR"
14
+
15
+ARG gitea_repo_url
16
+ARG gitea_version
17
+RUN set -eu && git clone --branch "v${gitea_version}" --depth 1 "$gitea_repo_url" "$SRC_DIR"
18
+
19
+ARG gitea_build_tags
20
+RUN set -eu && TAGS="$gitea_build_tags" make generate build
21
+
22
+ARG alpine_version
23
+FROM "alpine:${alpine_version}"
24
+
25
+LABEL maintainer="Piotr Orzechowski [orzechowski.tech]"
26
+
27
+RUN set -eu && apk --no-cache add \
28
+               bash \
29
+               ca-certificates \
30
+               curl \
31
+               git \
32
+               linux-pam \
33
+               openssh \
34
+               s6 \
35
+               sqlite \
36
+               su-exec \
37
+               tzdata
38
+RUN set -eu && addgroup -S -g 1000 git \
39
+            && adduser -S -D -G git -u 1000 -s '/bin/bash' -H -h '/data/git' git
40
+RUN set -eu && echo "root:$(head -c 32 /dev/urandom | base64)" | chpasswd \
41
+            && echo "git:$(head -c 32 /dev/urandom | base64)" | chpasswd
42
+
43
+COPY --from=builder "/go/src/code.gitea.io/gitea/gitea" "/usr/local/bin/gitea"
44
+COPY files /
45
+
46
+VOLUME ["/data"]
47
+
48
+ENV GITEA_CUSTOM="/data/gitea"
49
+ENV GODEBUG="netdns=go"
50
+
51
+ENTRYPOINT ["/usr/local/bin/entrypoint"]
52
+
53
+EXPOSE 22 3000

+ 1
- 0
README.md View File

@@ -0,0 +1 @@
1
+Custom [Gitea](https://gitea.io) Docker image.

+ 19
- 0
build.sh View File

@@ -0,0 +1,19 @@
1
+#!/bin/sh
2
+
3
+set -eu
4
+
5
+gitea_version='1.2.2'
6
+gitea_build_tags='bindata sqlite'
7
+gitea_repo_url='https://github.com/go-gitea/gitea.git'
8
+golang_version='1.9'
9
+alpine_version='3.6'
10
+image_name='orzech/gitea'
11
+
12
+docker build \
13
+  --build-arg gitea_version="$gitea_version" \
14
+  --build-arg gitea_build_tags="$gitea_build_tags" \
15
+  --build-arg gitea_repo_url="$gitea_repo_url" \
16
+  --build-arg golang_version="$golang_version" \
17
+  --build-arg alpine_version="$alpine_version" \
18
+  -t "${IMAGE_NAME:-${image_name}}" \
19
+  .

+ 47
- 0
files/etc/gitea/default.ini View File

@@ -0,0 +1,47 @@
1
+RUN_MODE = prod
2
+
3
+[repository]
4
+ROOT = /data/git/repositories
5
+PREFERRED_LICENSES = GPL-3.0,AGPL-3.0,LGPL-3.0
6
+
7
+[repository.upload]
8
+TEMP_PATH = /data/gitea/uploads
9
+
10
+[ui]
11
+SHOW_USER_EMAIL = false
12
+
13
+[server]
14
+APP_DATA_PATH = /data/gitea
15
+LANDING_PAGE = explore
16
+
17
+[ssh.minimum_key_sizes]
18
+ED25519 = 256
19
+ECDSA = -1
20
+RSA = -1
21
+DSA = -1
22
+
23
+[database]
24
+DB_TYPE = sqlite3
25
+PATH = /data/gitea/gitea.db
26
+
27
+[indexer]
28
+ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
29
+
30
+[service]
31
+DEFAULT_KEEP_EMAIL_PRIVATE = true
32
+
33
+[session]
34
+PROVIDER_CONFIG = /data/gitea/sessions
35
+
36
+[picture]
37
+AVATAR_UPLOAD_PATH = /data/gitea/avatars
38
+
39
+[attachment]
40
+PATH = /data/gitea/attachments
41
+
42
+[log]
43
+ROOT_PATH = /data/gitea/log
44
+LEVEL = Warn
45
+
46
+[other]
47
+SHOW_FOOTER_VERSION = false

+ 14
- 0
files/etc/nsswitch.conf View File

@@ -0,0 +1,14 @@
1
+passwd:    compat
2
+group:     compat
3
+shadow:    compat
4
+gshadow:   files
5
+
6
+hosts:     files dns
7
+networks:  files
8
+
9
+protocols: db files
10
+services:  db files
11
+ethers:    db files
12
+rpc:       db files
13
+
14
+netgroup:  nis

+ 1
- 0
files/etc/profile.d/gitea View File

@@ -0,0 +1 @@
1
+export GITEA_CUSTOM='/data/gitea'

+ 2
- 0
files/etc/s6/.s6-svscan/finish View File

@@ -0,0 +1,2 @@
1
+#!/bin/sh
2
+exit 0

+ 2
- 0
files/etc/s6/gitea/finish View File

@@ -0,0 +1,2 @@
1
+#!/bin/sh
2
+exit 0

+ 27
- 0
files/etc/s6/gitea/run View File

@@ -0,0 +1,27 @@
1
+#!/bin/sh
2
+
3
+set -eu
4
+
5
+umask 077
6
+
7
+# setup
8
+
9
+for directory in '/data/git' "$GITEA_CUSTOM" "${GITEA_CUSTOM}/conf" '/var/run/gitea'; do
10
+  if [ ! -d "$directory" ]; then
11
+    /bin/echo "Creating ${directory} directory"
12
+    /bin/mkdir "$directory"
13
+    /bin/chown git:git "$directory"
14
+  fi
15
+done
16
+
17
+if [ ! -f "${GITEA_CUSTOM}/conf/app.ini" ]; then
18
+  /bin/echo 'Copying default app.ini'
19
+  /bin/cp '/etc/gitea/default.ini' "${GITEA_CUSTOM}/conf/app.ini"
20
+  /bin/chown git:git "${GITEA_CUSTOM}/conf/app.ini"
21
+fi
22
+
23
+# run
24
+
25
+export USER='git'
26
+
27
+exec /sbin/su-exec git /usr/local/bin/gitea web --pid '/var/run/gitea/gitea.pid'

+ 2
- 0
files/etc/s6/openssh/finish View File

@@ -0,0 +1,2 @@
1
+#!/bin/sh
2
+exit 0

+ 20
- 0
files/etc/s6/openssh/run View File

@@ -0,0 +1,20 @@
1
+#!/bin/sh
2
+
3
+set -eu
4
+
5
+# setup
6
+
7
+if [ ! -d '/data/ssh' ]; then
8
+  /bin/echo 'Creating /data/ssh directory'
9
+  /bin/mkdir -m 0700 '/data/ssh'
10
+fi
11
+
12
+if [ ! -f '/data/ssh/ssh_host_ed25519_key' ]; then
13
+  /bin/echo 'Generating server key'
14
+  /usr/bin/ssh-keygen -t ed25519 -f '/data/ssh/ssh_host_ed25519_key' -N '' > /dev/null
15
+  /bin/chmod 0600 '/data/ssh/ssh_host_ed25519_key'
16
+fi
17
+
18
+# run
19
+
20
+exec /usr/sbin/sshd -D

+ 2
- 0
files/etc/s6/syslogd/finish View File

@@ -0,0 +1,2 @@
1
+#!/bin/sh
2
+exit 0

+ 7
- 0
files/etc/s6/syslogd/run View File

@@ -0,0 +1,7 @@
1
+#!/bin/sh
2
+
3
+set -eu
4
+
5
+# run
6
+
7
+exec /sbin/syslogd -nS -O -

+ 39
- 0
files/etc/ssh/sshd_config View File

@@ -0,0 +1,39 @@
1
+Port 22
2
+AddressFamily any
3
+ListenAddress 0.0.0.0
4
+ListenAddress ::
5
+
6
+Protocol 2
7
+
8
+HostKey /data/ssh/ssh_host_ed25519_key
9
+
10
+LogLevel INFO
11
+
12
+PermitRootLogin no
13
+StrictModes yes
14
+MaxAuthTries 3
15
+MaxSessions 5
16
+
17
+PubkeyAuthentication yes
18
+AuthorizedKeysFile %h/.ssh/authorized_keys
19
+
20
+HostbasedAuthentication no
21
+IgnoreUserKnownHosts yes
22
+IgnoreRhosts yes
23
+
24
+PasswordAuthentication no
25
+ChallengeResponseAuthentication no
26
+
27
+AllowAgentForwarding no
28
+AllowTcpForwarding no
29
+GatewayPorts no
30
+X11Forwarding no
31
+PrintMotd no
32
+PermitUserEnvironment no
33
+UseDNS no
34
+
35
+AllowUsers git
36
+
37
+Banner none
38
+
39
+Subsystem sftp /usr/lib/ssh/sftp-server

+ 9
- 0
files/usr/local/bin/entrypoint View File

@@ -0,0 +1,9 @@
1
+#!/bin/sh
2
+
3
+set -eu
4
+
5
+if [ $# -eq 0 ]; then
6
+  exec /bin/s6-svscan /etc/s6
7
+else
8
+  exec /sbin/su-exec "$@"
9
+fi

+ 5
- 0
hooks/build View File

@@ -0,0 +1,5 @@
1
+#!/bin/sh
2
+
3
+set -eu
4
+
5
+exec ./build.sh

Loading…
Cancel
Save