blob: 063f15f138f18b57fd1993c1e9bbfde27282347c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
# Alpine Linux Cgit
Docker image for running a cgit instance.
Primarily designed for a single user though it wouldn't be too hard to alter
the [`entrypoint.sh`](../tree/entrypoint.sh) to add and support multiple users with
separate keys, permissions and such.
This runs fastcgiwrap, nginx and a SSH server for a self hosted private
git server.
Password authentication for SSH is entirely disabled
## Building
```shell
$ docker build -t cgit .
```
## Configuration
Mostly by environment variables:
```bash
# You can supply authorized keys via environment variables in addition
# to adding them directly to git's home directory `.ssh/authorized_keys`
# AUTHORIZED_KEYS="CHANGEME"
SSHD_PORT="${SSHD_PORT:-8022}"
NGINX_LISTEN="${NGINX_LISTEN:-8080}"
# This is shown on the cgit user interface by default, you may
# wish to change it
FULL_NAME="${FULL_NAME:-Default Cgit User}"
# Bash is installed by default, feel free to change this
CGIT_SHELL="${CGIT_SHELL:-/bin/ash}"
# UID and GID used by the `git` user inside of the container
CGIT_UID="${CGIT_UID:-3500}"
CGIT_GID="${CGIT_GID:-3500}"
# Threads for fcgiwrap
CGIT_THREADS="${CGIT_THREADS:-1}"
# Where the SSH host keys will be stored,
SSH_HOST_KEY_DIR="${SSH_HOST_KEY_DIR:-/var/hostkeys/}"
NGINX_WORKER_PROCESSES="${NGINX_WORKER_PROCESSES:-1}"
NGINX_WORKER_CONNECTIONS="${NGINX_WORKER_CONNECTIONS:-1024}"
```
No SSL configuration is provided since it's expected that you will toss
this behind a proxy.
## Volumes / persistence
By default there are no volumes, you will want to specify them for
`/var/git` and `/var/hostkeys`
`/var/git` is the home directory for git where you should put your
repositories, cgit configuration, scripts and optionally your ssh
keys
`/var/hostkeys` is where the SSH server's host keys will be stored.
If omitted new host keys will be generated on each run leading to
some scary warnings since SSH is trust on first use and stores the host
keys.
## Examples
### Calling docker directly
```shell
$ docker run -it --rm \
-e CGIT_UID=1000 \
-e CGIT_GID=1000 \
-e "AUTHORIZED_KEYS=$(cat ~/.ssh/id_ed25519.pub)" \
-v $(pwd)/homedir:/var/git \
-v $(pwd)/hostkeys:/var/hostkeys
cgit
```
### `docker-compose`
`docker-compose.yml`
```yaml
version: '3'
services:
cgit:
build:
context: .
image: cgit
volumes:
- ./homedir:/var/git
- ./hostkeys:/var/hostkeys
ports:
- '127.0.0.1:8080:8080'
- '0.0.0.0:8022:8022'
```
And then
```shell
$ docker-compose up -d
```
|
