diff options
| -rw-r--r-- | Dockerfile.cgit | 15 | ||||
| -rw-r--r-- | Dockerfile.debian | 50 | ||||
| -rw-r--r-- | docker-compose.dev.yaml | 32 | ||||
| -rw-r--r-- | docker-compose.yaml | 109 |
4 files changed, 122 insertions, 84 deletions
diff --git a/Dockerfile.cgit b/Dockerfile.cgit new file mode 100644 index 0000000..8c2e2a3 --- /dev/null +++ b/Dockerfile.cgit @@ -0,0 +1,15 @@ +# This Dockerfile sets up a CGit server using an Alpine Linux base image. It configures CGit with custom settings and serves the repositories from a specified directory. + +# Start with a base Alpine image that has CGit installed +FROM joseluisq/alpine-cgit:2.9.0 + +ENV USE_CUSTOM_CONFIG="true" + +# Copy the custom cgit configuration file into the container +COPY cgitrc /etc/cgitrc + +# Copy the root readme file into the container +COPY root-readme.html /root-readme.html + +# Copy the header file into the container +COPY header.html /header.html
\ No newline at end of file diff --git a/Dockerfile.debian b/Dockerfile.debian new file mode 100644 index 0000000..be25622 --- /dev/null +++ b/Dockerfile.debian @@ -0,0 +1,50 @@ +# This Dockerfile sets up a simple SSH server for hosting git repositories. It installs the necessary packages, creates the required directories, and configures SSH to allow access using authorized keys. + +# Start with a base Debian image +FROM debian:13.4 + +# Install dependencies and clean up apt cache to reduce image size +RUN apt-get update && apt-get install -y --no-install-recommends \ + openssh-server \ + git \ + cron \ + && rm -rf /var/lib/apt/lists/* + +# Create the privilage separation directory as openssh-server post-install script doesn't do it in docker build context +RUN mkdir -p /var/run/sshd + +# Create a git user and set up the home directory +RUN useradd -m -s /bin/bash git + +# Create the repositories directory and set appropriate permissions +RUN mkdir -p /repositories && chown git:git /repositories + +# Disallow password authentication for security reasons +RUN echo "PasswordAuthentication no" >> /etc/ssh/sshd_config + +# Copy the entrypoint script into the container +COPY entrypoint.bash / + +# Copy cron jobs +COPY etc/cron.d/* /etc/cron.d/ + +# Set appropriate permissions for the cron jobs +RUN chmod 0644 /etc/cron.d/* + +# Copy scripts +COPY scripts/* /scripts/ + +# Set appropriate permissions for the scripts +RUN chmod +x /scripts/* + +# Copy git home overlay +COPY home/git/* /home/git/ + +# Make the entrypoint script executable +RUN chmod +x /entrypoint.bash + +# Expose port 22 for SSH access +EXPOSE 22 + +# Define our entrypoint +ENTRYPOINT [ "/entrypoint.bash" ]
\ No newline at end of file diff --git a/docker-compose.dev.yaml b/docker-compose.dev.yaml new file mode 100644 index 0000000..9016d8e --- /dev/null +++ b/docker-compose.dev.yaml @@ -0,0 +1,32 @@ +services: + debian: + build: + context: . + dockerfile: Dockerfile.debian + environment: + AUTHORIZED_KEYS: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0kwVbA9ZdXOAuiyPeXsJ7HSujPtCIYtFPl2GdajHDT0SwsZDUMNr/p6Y9DyQjOI1zqD73ndGSOIe6EY7adB3L6ZSODvDwFlGMtP5sXE0UESOcJJdU7m4wHWieM3xal5nz1Y2BJyp2x04Ol5+kpak9A4MqUcHz29Z4ubgPG/UUWENoKZIfHXSCZfvJBO82InrvieAu/dpKzmtkXNJ9bP+fSkiNnCOVo+ZvCbIuZm8tOoQIhshzdeVhfNmdUj9LNErkoGoJ+CA13eXYlqT9B8o45E+M8lLxQr/RpzCk/3likszBzVqITB6Vkrvey8BcHhcbrs+5LYbxvb6s+1bsRHNAwO+w7SgrD3eX8AQqFKvb6xzrFji+996NWSC2hVLcKZyDvSM2p6ws4IDLFLD64IS+73SEZv2fN847j0vmqJqXYPpB/jQKuUG+rWeonkDXBfPjFrHtp75nk5bSBBDi+LQBGW52nz6/gtOWP46USV46BW2zF+YFSyw/2Ta7DMhrvXlLWuDV/CpK0FytpHjQWjHoiDfrZfiDAOu8sPIiH7hjZevHqzNJ+xOZDNqNbYqxxB1gLeK4u6xX9c4Jkk259r09tMutFACbzxxPQr3LYBKW8IrPcX1rfuE4+aZ1UysfjG/2FmKOPeWca9tVSQUK7RSThvzWDGdm0gXxI0HrPwmfZQ== zuedev + ports: + - "2222:22" + volumes: + - ./repositories:/repositories + + cgit: + build: + context: . + dockerfile: Dockerfile.cgit + develop: + watch: + - action: sync+restart + path: ./cgitrc + target: /etc/cgitrc + - action: sync+restart + path: ./root-readme.html + target: /root-readme.html + - action: sync+restart + path: ./header.html + target: /header.html + ports: + - "8080:80" + volumes: + - ./repositories:/srv/git:ro
\ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml index 22a97a4..a49d7e3 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,97 +1,38 @@ services: - git: + debian: build: context: . - dockerfile_inline: | - # This Dockerfile sets up a simple SSH server for hosting git repositories. It installs the necessary packages, creates the required directories, and configures SSH to allow access using authorized keys. - - # Start with a base Debian image - FROM debian:13.4 - - # Install dependencies and clean up apt cache to reduce image size - RUN apt-get update && apt-get install -y --no-install-recommends \ - openssh-server \ - git \ - cron \ - && rm -rf /var/lib/apt/lists/* - - # Create the privilage separation directory as openssh-server post-install script doesn't do it in docker build context - RUN mkdir -p /var/run/sshd - - # Create a git user and set up the home directory - RUN useradd -m -s /bin/bash git - - # Create the repositories directory and set appropriate permissions - RUN mkdir -p /repositories && chown git:git /repositories - - # Disallow password authentication for security reasons - RUN echo "PasswordAuthentication no" >> /etc/ssh/sshd_config - - # Copy the entrypoint script into the container - COPY entrypoint.bash / - - # Copy cron jobs - COPY etc/cron.d/* /etc/cron.d/ - - # Set appropriate permissions for the cron jobs - RUN chmod 0644 /etc/cron.d/* - - # Copy scripts - COPY scripts/* /scripts/ - - # Set appropriate permissions for the scripts - RUN chmod +x /scripts/* - - # Copy git home overlay - COPY home/git/* /home/git/ - - # Make the entrypoint script executable - RUN chmod +x /entrypoint.bash - - # Expose port 22 for SSH access - EXPOSE 22 - - # Define our entrypoint - ENTRYPOINT [ "/entrypoint.bash" ] + dockerfile: Dockerfile.debian environment: AUTHORIZED_KEYS: | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0kwVbA9ZdXOAuiyPeXsJ7HSujPtCIYtFPl2GdajHDT0SwsZDUMNr/p6Y9DyQjOI1zqD73ndGSOIe6EY7adB3L6ZSODvDwFlGMtP5sXE0UESOcJJdU7m4wHWieM3xal5nz1Y2BJyp2x04Ol5+kpak9A4MqUcHz29Z4ubgPG/UUWENoKZIfHXSCZfvJBO82InrvieAu/dpKzmtkXNJ9bP+fSkiNnCOVo+ZvCbIuZm8tOoQIhshzdeVhfNmdUj9LNErkoGoJ+CA13eXYlqT9B8o45E+M8lLxQr/RpzCk/3likszBzVqITB6Vkrvey8BcHhcbrs+5LYbxvb6s+1bsRHNAwO+w7SgrD3eX8AQqFKvb6xzrFji+996NWSC2hVLcKZyDvSM2p6ws4IDLFLD64IS+73SEZv2fN847j0vmqJqXYPpB/jQKuUG+rWeonkDXBfPjFrHtp75nk5bSBBDi+LQBGW52nz6/gtOWP46USV46BW2zF+YFSyw/2Ta7DMhrvXlLWuDV/CpK0FytpHjQWjHoiDfrZfiDAOu8sPIiH7hjZevHqzNJ+xOZDNqNbYqxxB1gLeK4u6xX9c4Jkk259r09tMutFACbzxxPQr3LYBKW8IrPcX1rfuE4+aZ1UysfjG/2FmKOPeWca9tVSQUK7RSThvzWDGdm0gXxI0HrPwmfZQ== zuedev - ports: - - "2222:22" volumes: - ./repositories:/repositories + network_mode: service:tailscale + depends_on: + - tailscale cgit: build: context: . - dockerfile_inline: | - # This Dockerfile sets up a CGit server using an Alpine Linux base image. It configures CGit with custom settings and serves the repositories from a specified directory. - - # Start with a base Alpine image that has CGit installed - FROM joseluisq/alpine-cgit:2.9.0 - - ENV USE_CUSTOM_CONFIG="true" - - # Copy the custom cgit configuration file into the container - COPY cgitrc /etc/cgitrc - - # Copy the root readme file into the container - COPY root-readme.html /root-readme.html - - # Copy the header file into the container - COPY header.html /header.html - develop: - watch: - - action: sync+restart - path: ./cgitrc - target: /etc/cgitrc - - action: sync+restart - path: ./root-readme.html - target: /root-readme.html - - action: sync+restart - path: ./header.html - target: /header.html - ports: - - "8080:80" + dockerfile: Dockerfile.cgit + volumes: + - ./repositories:/srv/git:ro + network_mode: service:tailscale + depends_on: + - tailscale + + tailscale: + image: tailscale/tailscale:v1.92.4 + hostname: gitlab + environment: + - TS_AUTH_ONCE="true" + - TS_STATE_DIR=/var/lib/tailscale + - TS_EXTRA_ARGS=--reset volumes: - - ./repositories:/srv/git:ro
\ No newline at end of file + - ./tailscale-data:/var/lib/tailscale + - /dev/net/tun:/dev/net/tun + cap_add: + - NET_ADMIN + - NET_RAW + restart: unless-stopped
\ No newline at end of file |