Git Repositories

docker-compose example file master
authorCyrille Pontvieux <cyrille@enialis.net>
Fri, 10 Mar 2017 15:48:11 +0000 (16:48 +0100)
committerCyrille Pontvieux <cyrille@enialis.net>
Fri, 10 Mar 2017 15:48:11 +0000 (16:48 +0100)
compose/git.Dockerfile [new file with mode: 0644]
compose/sshd_config [new file with mode: 0644]
compose/supervisord.conf [new file with mode: 0644]
docker-compose.yml [new file with mode: 0644]

diff --git a/compose/git.Dockerfile b/compose/git.Dockerfile
new file mode 100644 (file)
index 0000000..9340300
--- /dev/null
@@ -0,0 +1,30 @@
+# vim: syn=dockerfile
+FROM debian:8
+RUN apt-get update && apt-get -y install git ssh sudo wget make php5-fpm fcgiwrap nginx supervisor
+VOLUME /home/git/repos
+EXPOSE 9418 22 80
+ARG WEB_TITLE="Git Repositories"
+ARG ADMIN_USER=admin
+ARG ADMIN_PASSWORD=admin
+COPY ./ /root/simple-git-host
+RUN cd /root/simple-git-host && \
+    mkdir -p /etc/ssh && \
+    cp compose/sshd_config /etc/ssh/sshd_config && \
+    cp compose/supervisord.conf /etc/supervisord.conf && \
+    mkdir -p /var/www/html /var/www/logs /var/run/sshd && \
+    ./configure --webuser=www-data --prefix=/var/www/html --logsdir=/var/www/logs --webtitle="$WEB_TITLE" && \
+    make clean all install && \
+    chown -R git: /home/git && \
+    sed -r 's|localhost|_|; s|/var/run/php-fpm.sock|/var/run/php5-fpm.sock|; s|libexec|lib|;' gen/nginx.conf > /etc/nginx/sites-available/git.conf && \
+    rm /etc/nginx/sites-enabled/default && \
+    ln -s /etc/nginx/sites-available/git.conf /etc/nginx/sites-enabled/
+RUN gitpass=$(printf "$ADMIN_PASSWORD"|md5sum|cut -d" " -f1) && \
+    echo '#!/bin/sh' > /usr/local/bin/gitrepo-sanity-check && \
+    echo 'set -e' >> /usr/local/bin/gitrepo-sanity-check && \
+    echo 'chown -R git:git /home/git/repos' >> /usr/local/bin/gitrepo-sanity-check && \
+    echo "if [ ! -e /home/git/repos/.keys ] && [ ! -e /home/git/repos/.admins ]; then su -s /bin/bash -c '~/gitrepo.sh create-user \"$ADMIN_USER\" \"$gitpass\" && ~/gitrepo.sh user-set-admin \"$ADMIN_USER\" true' git; fi" >> /usr/local/bin/gitrepo-sanity-check && \
+    echo "su -s /bin/bash -c '~/makekeys.sh' git" >> /usr/local/bin/gitrepo-sanity-check && \
+    echo 'exec "$@"' >> /usr/local/bin/gitrepo-sanity-check && \
+    chmod +x /usr/local/bin/gitrepo-sanity-check
+ENTRYPOINT ["/usr/local/bin/gitrepo-sanity-check"]
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
diff --git a/compose/sshd_config b/compose/sshd_config
new file mode 100644 (file)
index 0000000..0109bf1
--- /dev/null
@@ -0,0 +1,39 @@
+Port 22
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+#Privilege Separation is turned on for security
+UsePrivilegeSeparation yes
+# Lifetime and size of ephemeral version 1 server key
+KeyRegenerationInterval 3600
+ServerKeyBits 1024
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+# Authentication:
+LoginGraceTime 120
+PermitRootLogin no
+StrictModes yes
+RSAAuthentication yes
+PubkeyAuthentication yes
+#AuthorizedKeysFile %h/.ssh/authorized_keys
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+RhostsRSAAuthentication no
+HostbasedAuthentication no
+PermitEmptyPasswords no
+# Change to yes to enable challenge-response passwords (beware issues with some PAM modules and threads)
+ChallengeResponseAuthentication no
+PasswordAuthentication no
+X11Forwarding no
+PrintMotd no
+PrintLastLog no
+PermitUserEnvironment no
+AllowTcpForwarding no
+GatewayPorts no
+PermitTunnel no
+TCPKeepAlive yes
+UsePAM yes
diff --git a/compose/supervisord.conf b/compose/supervisord.conf
new file mode 100644 (file)
index 0000000..354d4f8
--- /dev/null
@@ -0,0 +1,34 @@
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisord.log
+pidfile=/var/run/supervisord.pid
+
+[program:git-daemon]
+command=git daemon --user=git --base-path=/home/git/repos /home/git/repos
+priority=1
+autorestart=true
+
+[program:sshd]
+command=/usr/sbin/sshd -D
+priority=2
+autorestart=true
+
+[program:php]
+command=/usr/sbin/php5-fpm -F
+priority=3
+autorestart=true
+
+[fcgi-program:fcgiwrap]
+socket=unix:///var/run/fcgiwrap.sock
+socket_owner=www-data:www-data
+socket_mode=0660
+user=www-data
+command=/usr/sbin/fcgiwrap
+priority=4
+redirect_stderr=true
+autorestart=true
+
+[program:nginx]
+command=/usr/sbin/nginx -g 'daemon off;'
+priority=5
+autorestart=true
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644 (file)
index 0000000..dbc1a64
--- /dev/null
@@ -0,0 +1,15 @@
+version: "2"
+volumes:
+  "repos":
+services:
+  git: 
+    build:
+      context: .
+      dockerfile: compose/git.Dockerfile
+    restart: always
+    ports:
+      - "9418:9418"
+      - "80:80"
+      - "22:22"
+    volumes:
+      - "repos:/home/git/repos"