bulding gitolite container

.github/workflows/gitolite.yml

@@ -0,0 +1,39 @@
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'gitolite/*'
+      - '.github/workflows/gitolite.yml'
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+        
+      -
+        name: Log into registry
+        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: gitolite/
+          platforms: linux/arm/v7, Linux/amd64, linux/arm64/v8
+          push: true
+          tags: ghcr.io/sstent/gitolite:latest 
+          

gitolite/.dockerignore

@@ -0,0 +1,4 @@
+.git
+Dockerfile
+LICENSE
+README.md

gitolite/Dockerfile

@@ -0,0 +1,23 @@
+FROM alpine:3.10
+
+# Install OpenSSH server and Gitolite
+# Unlock the automatically-created git user
+RUN set -x \
+ && apk add --no-cache gitolite openssh \
+ && passwd -u git
+
+# # Volume used to store SSH host keys, generated on first run
+# VOLUME /etc/ssh/keys
+
+# # Volume used to store all Gitolite data (keys, config and repositories), initialized on first run
+# VOLUME /var/lib/git
+
+# Entrypoint responsible for SSH host keys generation, and Gitolite data initialization
+COPY docker-entrypoint.sh /
+ENTRYPOINT ["/docker-entrypoint.sh"]
+
+# Expose port 22 to access SSH
+EXPOSE 22
+
+# Default command is to run the SSH server
+CMD ["sshd"]

gitolite/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Jonathan Giannuzzi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

gitolite/README.md

@@ -0,0 +1,45 @@
+# Docker image for Gitolite
+
+This image allows you to run a git server in a container with OpenSSH and [Gitolite](https://github.com/sitaramc/gitolite#readme).
+
+Based on Alpine Linux.
+
+## Quick setup
+
+Create volumes for your SSH server host keys and for your Gitolite config and repositories
+
+* Docker >= 1.9
+
+        docker volume create --name gitolite-sshkeys
+        docker volume create --name gitolite-git
+
+* Docker < 1.9
+
+        docker create --name gitolite-data -v /etc/ssh/keys -v /var/lib/git tianon/true
+
+Setup Gitolite with yourself as the administrator:
+
+* Docker >= 1.10
+
+        docker run --rm -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" -v gitolite-sshkeys:/etc/ssh/keys -v gitolite-git:/var/lib/git jgiannuzzi/gitolite true
+
+* Docker == 1.9 (There is a bug in `docker run --rm` that removes volumes when removing the container)
+
+        docker run --name gitolite-setup -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" -v gitolite-sshkeys:/etc/ssh/keys -v gitolite-git:/var/lib/git jgiannuzzi/gitolite true
+        docker rm gitolite-setup
+
+* Docker < 1.9
+
+        docker run --rm -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" --volumes-from gitolite-data jgiannuzzi/gitolite true
+
+Finally run your Gitolite container in the background:
+
+* Docker >= 1.9
+
+        docker run -d --name gitolite -p 22:22 -v gitolite-sshkeys:/etc/ssh/keys -v gitolite-git:/var/lib/git jgiannuzzi/gitolite
+
+* Docker < 1.9
+
+        docker run -d --name gitolite -p 22:22 --volumes-from gitolite-data jgiannuzzi/gitolite
+
+You can then add users and repos by following the [official guide](https://github.com/sitaramc/gitolite#adding-users-and-repos).

gitolite/docker-entrypoint.sh

@@ -0,0 +1,41 @@
+#!/bin/sh
+
+# if command is sshd, set it up correctly
+if [ "${1}" = 'sshd' ]; then
+  set -- /usr/sbin/sshd -D
+
+  # Setup SSH HostKeys if needed
+  for algorithm in rsa dsa ecdsa ed25519
+  do
+    keyfile=/etc/ssh/keys/ssh_host_${algorithm}_key
+    [ -f $keyfile ] || ssh-keygen -q -N '' -f $keyfile -t $algorithm
+    grep -q "HostKey $keyfile" /etc/ssh/sshd_config || echo "HostKey $keyfile" >> /etc/ssh/sshd_config
+  done
+  # Disable unwanted authentications
+  perl -i -pe 's/^#?((?!Kerberos|GSSAPI)\w*Authentication)\s.*/\1 no/; s/^(PubkeyAuthentication) no/\1 yes/' /etc/ssh/sshd_config
+  # Disable sftp subsystem
+  perl -i -pe 's/^(Subsystem\ssftp\s)/#\1/' /etc/ssh/sshd_config
+fi
+
+# Fix permissions at every startup
+chown -R git:git ~git
+
+# Setup gitolite admin  
+if [ ! -f ~git/.ssh/authorized_keys ]; then
+  if [ -n "$SSH_KEY" ]; then
+    [ -n "$SSH_KEY_NAME" ] || SSH_KEY_NAME=admin
+    echo "$SSH_KEY" > "/tmp/$SSH_KEY_NAME.pub"
+    su - git -c "gitolite setup -pk \"/tmp/$SSH_KEY_NAME.pub\""
+    rm "/tmp/$SSH_KEY_NAME.pub"
+  else
+    echo "You need to specify SSH_KEY on first run to setup gitolite"
+    echo "You can also use SSH_KEY_NAME to specify the key name (optional)"
+    echo 'Example: docker run -e SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" -e SSH_KEY_NAME="$(whoami)" jgiannuzzi/gitolite'
+    exit 1
+  fi
+# Check setup at every startup
+else
+  su - git -c "gitolite setup"
+fi
+
+exec "$@"