diff --git a/.github/workflows/gitolite.yml b/.github/workflows/gitolite.yml new file mode 100644 index 0000000..79685e6 --- /dev/null +++ b/.github/workflows/gitolite.yml @@ -0,0 +1,39 @@ +on: + push: + branches: [ master ] + paths: + - 'gitolite/*' + - '.github/workflows/gitolite.yml' + pull_request: + branches: [ master ] + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - + name: Checkout + uses: actions/checkout@v2 + + - + name: Log into registry + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - + name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - + name: Build and push + uses: docker/build-push-action@v2 + with: + context: gitolite/ + platforms: linux/arm/v7, Linux/amd64, linux/arm64/v8 + push: true + tags: ghcr.io/sstent/gitolite:latest + \ No newline at end of file diff --git a/gitolite/.dockerignore b/gitolite/.dockerignore new file mode 100644 index 0000000..4d0742b --- /dev/null +++ b/gitolite/.dockerignore @@ -0,0 +1,4 @@ +.git +Dockerfile +LICENSE +README.md diff --git a/gitolite/Dockerfile b/gitolite/Dockerfile new file mode 100644 index 0000000..b20fe6f --- /dev/null +++ b/gitolite/Dockerfile @@ -0,0 +1,23 @@ +FROM alpine:3.10 + +# Install OpenSSH server and Gitolite +# Unlock the automatically-created git user +RUN set -x \ + && apk add --no-cache gitolite openssh \ + && passwd -u git + +# # Volume used to store SSH host keys, generated on first run +# VOLUME /etc/ssh/keys + +# # Volume used to store all Gitolite data (keys, config and repositories), initialized on first run +# VOLUME /var/lib/git + +# Entrypoint responsible for SSH host keys generation, and Gitolite data initialization +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] + +# Expose port 22 to access SSH +EXPOSE 22 + +# Default command is to run the SSH server +CMD ["sshd"] diff --git a/gitolite/LICENSE b/gitolite/LICENSE new file mode 100644 index 0000000..5917af8 --- /dev/null +++ b/gitolite/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016 Jonathan Giannuzzi + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/gitolite/README.md b/gitolite/README.md new file mode 100644 index 0000000..de49e1d --- /dev/null +++ b/gitolite/README.md @@ -0,0 +1,45 @@ +# Docker image for Gitolite + +This image allows you to run a git server in a container with OpenSSH and [Gitolite](https://github.com/sitaramc/gitolite#readme). + +Based on Alpine Linux. + +## Quick setup + +Create volumes for your SSH server host keys and for your Gitolite config and repositories + +* Docker >= 1.9 + + docker volume create --name gitolite-sshkeys + docker volume create --name gitolite-git + +* Docker < 1.9 + + docker create --name gitolite-data -v /etc/ssh/keys -v /var/lib/git tianon/true + +Setup Gitolite with yourself as the administrator: + +* Docker >= 1.10 + + docker run --rm -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" -v gitolite-sshkeys:/etc/ssh/keys -v gitolite-git:/var/lib/git jgiannuzzi/gitolite true + +* Docker == 1.9 (There is a bug in `docker run --rm` that removes volumes when removing the container) + + docker run --name gitolite-setup -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" -v gitolite-sshkeys:/etc/ssh/keys -v gitolite-git:/var/lib/git jgiannuzzi/gitolite true + docker rm gitolite-setup + +* Docker < 1.9 + + docker run --rm -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" --volumes-from gitolite-data jgiannuzzi/gitolite true + +Finally run your Gitolite container in the background: + +* Docker >= 1.9 + + docker run -d --name gitolite -p 22:22 -v gitolite-sshkeys:/etc/ssh/keys -v gitolite-git:/var/lib/git jgiannuzzi/gitolite + +* Docker < 1.9 + + docker run -d --name gitolite -p 22:22 --volumes-from gitolite-data jgiannuzzi/gitolite + +You can then add users and repos by following the [official guide](https://github.com/sitaramc/gitolite#adding-users-and-repos). diff --git a/gitolite/docker-entrypoint.sh b/gitolite/docker-entrypoint.sh new file mode 100755 index 0000000..9eaf8ca --- /dev/null +++ b/gitolite/docker-entrypoint.sh @@ -0,0 +1,41 @@ +#!/bin/sh + +# if command is sshd, set it up correctly +if [ "${1}" = 'sshd' ]; then + set -- /usr/sbin/sshd -D + + # Setup SSH HostKeys if needed + for algorithm in rsa dsa ecdsa ed25519 + do + keyfile=/etc/ssh/keys/ssh_host_${algorithm}_key + [ -f $keyfile ] || ssh-keygen -q -N '' -f $keyfile -t $algorithm + grep -q "HostKey $keyfile" /etc/ssh/sshd_config || echo "HostKey $keyfile" >> /etc/ssh/sshd_config + done + # Disable unwanted authentications + perl -i -pe 's/^#?((?!Kerberos|GSSAPI)\w*Authentication)\s.*/\1 no/; s/^(PubkeyAuthentication) no/\1 yes/' /etc/ssh/sshd_config + # Disable sftp subsystem + perl -i -pe 's/^(Subsystem\ssftp\s)/#\1/' /etc/ssh/sshd_config +fi + +# Fix permissions at every startup +chown -R git:git ~git + +# Setup gitolite admin +if [ ! -f ~git/.ssh/authorized_keys ]; then + if [ -n "$SSH_KEY" ]; then + [ -n "$SSH_KEY_NAME" ] || SSH_KEY_NAME=admin + echo "$SSH_KEY" > "/tmp/$SSH_KEY_NAME.pub" + su - git -c "gitolite setup -pk \"/tmp/$SSH_KEY_NAME.pub\"" + rm "/tmp/$SSH_KEY_NAME.pub" + else + echo "You need to specify SSH_KEY on first run to setup gitolite" + echo "You can also use SSH_KEY_NAME to specify the key name (optional)" + echo 'Example: docker run -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" jgiannuzzi/gitolite' + exit 1 + fi +# Check setup at every startup +else + su - git -c "gitolite setup" +fi + +exec "$@"