diff options
| -rw-r--r-- | .gitattributes | 1 | ||||
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | README.md | 7 | ||||
| -rw-r--r-- | cgitrc | 68 | ||||
| -rw-r--r-- | docker-compose.yaml | 81 | ||||
| -rw-r--r-- | entrypoint.bash | 28 | ||||
| -rw-r--r-- | header.html | 25 | ||||
| -rw-r--r-- | root-readme.html | 16 |
8 files changed, 227 insertions, 0 deletions
diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fcadb2c --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +* text eol=lf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e561504 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/repositories/
\ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..c0e2943 --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +# git.zue.dev + +> Server configuration for my git server, powered by Docker. + +## Abstract + +This repository contains the necessary configuration files and instructions to set up an opinionated self-hosted git server using Docker. The server is designed to be secure, efficient, and easy to manage, allowing users to host their git repositories without relying on third-party services. @@ -0,0 +1,68 @@ +# https://linux.die.net/man/5/cgitrc + +root-title=git.zue.dev +root-desc=If it's on this site, I'm working on it. +root-readme=/root-readme.html +header=/header.html + +# enable commit graph on repo "log" page +enable-commit-graph=1 + +# disable showing owner of the repository +enable-index-owner=0 + +# enable printing the number of modified files for each commit on the repository log page +enable-log-filecount=1 + +# enable printing the number of added and removed lines for each commit on the repository log page +enable-log-linecount=1 + +# use git config to set any repo specific settings +enable-git-config=1 + +# enable showing remote branches +enable-remote-branches=1 + +# enable snapshot downloads +snapshots=tar tar.gz tar.bz2 tar.xz zip + +# disable cache to make sure cgit always shows the latest changes +cache-size=0 + +scan-path=/srv/git + +# this has to be empty for cgit to work with a reverse proxy +virtual-root= + +# +# Search for these files in the root of the default branch of repositories +# for coming up with the about page: +# +readme=:README.md +readme=:readme.md +readme=:README.mkd +readme=:readme.mkd +readme=:README.rst +readme=:readme.rst +readme=:README.html +readme=:readme.html +readme=:README.htm +readme=:readme.htm +readme=:README.txt +readme=:readme.txt +readme=:README +readme=:readme +readme=:INSTALL.md +readme=:install.md +readme=:INSTALL.mkd +readme=:install.mkd +readme=:INSTALL.rst +readme=:install.rst +readme=:INSTALL.html +readme=:install.html +readme=:INSTALL.htm +readme=:install.htm +readme=:INSTALL.txt +readme=:install.txt +readme=:INSTALL +readme=:install
\ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..204c145 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,81 @@ +services: + git: + build: + context: . + dockerfile_inline: | + # This Dockerfile sets up a simple SSH server for hosting git repositories. It installs the necessary packages, creates the required directories, and configures SSH to allow access using authorized keys. + + # Start with a base Debian image + FROM debian:13.4 + + # Install dependencies and clean up apt cache to reduce image size + RUN apt-get update && apt-get install -y --no-install-recommends \ + openssh-server \ + git \ + && rm -rf /var/lib/apt/lists/* + + # Create the privilage separation directory as openssh-server post-install script doesn't do it in docker build context + RUN mkdir -p /var/run/sshd + + # Create a git user and set up the home directory + RUN useradd -m -s /bin/bash git + + # Create the repositories directory and set appropriate permissions + RUN mkdir -p /repositories && chown git:git /repositories + + # Disallow password authentication for security reasons + RUN echo "PasswordAuthentication no" >> /etc/ssh/sshd_config + + # Copy the entrypoint script into the container + COPY entrypoint.bash / + + # Make the entrypoint script executable + RUN chmod +x /entrypoint.bash + + # Expose port 22 for SSH access + EXPOSE 22 + + # Define our entrypoint + ENTRYPOINT [ "/entrypoint.bash" ] + environment: + AUTHORIZED_KEYS: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0kwVbA9ZdXOAuiyPeXsJ7HSujPtCIYtFPl2GdajHDT0SwsZDUMNr/p6Y9DyQjOI1zqD73ndGSOIe6EY7adB3L6ZSODvDwFlGMtP5sXE0UESOcJJdU7m4wHWieM3xal5nz1Y2BJyp2x04Ol5+kpak9A4MqUcHz29Z4ubgPG/UUWENoKZIfHXSCZfvJBO82InrvieAu/dpKzmtkXNJ9bP+fSkiNnCOVo+ZvCbIuZm8tOoQIhshzdeVhfNmdUj9LNErkoGoJ+CA13eXYlqT9B8o45E+M8lLxQr/RpzCk/3likszBzVqITB6Vkrvey8BcHhcbrs+5LYbxvb6s+1bsRHNAwO+w7SgrD3eX8AQqFKvb6xzrFji+996NWSC2hVLcKZyDvSM2p6ws4IDLFLD64IS+73SEZv2fN847j0vmqJqXYPpB/jQKuUG+rWeonkDXBfPjFrHtp75nk5bSBBDi+LQBGW52nz6/gtOWP46USV46BW2zF+YFSyw/2Ta7DMhrvXlLWuDV/CpK0FytpHjQWjHoiDfrZfiDAOu8sPIiH7hjZevHqzNJ+xOZDNqNbYqxxB1gLeK4u6xX9c4Jkk259r09tMutFACbzxxPQr3LYBKW8IrPcX1rfuE4+aZ1UysfjG/2FmKOPeWca9tVSQUK7RSThvzWDGdm0gXxI0HrPwmfZQ== zuedev + ports: + - "2222:22" + volumes: + - ./repositories:/repositories + + cgit: + build: + context: . + dockerfile_inline: | + # This Dockerfile sets up a CGit server using an Alpine Linux base image. It configures CGit with custom settings and serves the repositories from a specified directory. + + # Start with a base Alpine image that has CGit installed + FROM joseluisq/alpine-cgit:2.9.0 + + ENV USE_CUSTOM_CONFIG="true" + + # Copy the custom cgit configuration file into the container + COPY cgitrc /etc/cgitrc + + # Copy the root readme file into the container + COPY root-readme.html /root-readme.html + + # Copy the header file into the container + COPY header.html /header.html + develop: + watch: + - action: sync+restart + path: ./cgitrc + target: /etc/cgitrc + - action: sync+restart + path: ./root-readme.html + target: /root-readme.html + - action: sync+restart + path: ./header.html + target: /header.html + ports: + - "8080:80" + volumes: + - ./repositories:/srv/git:ro
\ No newline at end of file diff --git a/entrypoint.bash b/entrypoint.bash new file mode 100644 index 0000000..80e7c91 --- /dev/null +++ b/entrypoint.bash @@ -0,0 +1,28 @@ +#!/bin/bash + +# This script is the entry point for the git server container. It sets up the necessary environment and starts the git sshd service. + +# Do we have an authorized_keys environment variable? +if [ -n "$AUTHORIZED_KEYS" ]; then + echo "Setting up authorized_keys..." + mkdir -p /home/git/.ssh + echo "$AUTHORIZED_KEYS" > /home/git/.ssh/authorized_keys + chmod 600 /home/git/.ssh/authorized_keys + chown -R git:git /home/git/.ssh +else + echo "No AUTHORIZED_KEYS environment variable found. Exiting." + exit 1 +fi + +# Set the correct permissions for the git user +chown -R git:git /home/git + +# Start the SSH service in the background +echo "Starting SSH service..." +/usr/sbin/sshd -D -E /var/log/sshd.log & + +# Wait for the SSH service to start +sleep 2 + +# Watch the SSH log for any errors +tail -f /var/log/sshd.log
\ No newline at end of file diff --git a/header.html b/header.html new file mode 100644 index 0000000..5054151 --- /dev/null +++ b/header.html @@ -0,0 +1,25 @@ +<!-- import DarkReader --> +<script src="https://cdn.jsdelivr.net/npm/darkreader@4.9.125/darkreader.min.js"></script> + +<!-- import hljs --> +<link + rel="stylesheet" + href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.11.1/styles/default.min.css" +/> +<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.11.1/highlight.min.js"></script> + +<!-- run main script --> +<script> + document.addEventListener("DOMContentLoaded", (event) => { + // apply syntax highlighting to all code blocks + document.querySelectorAll("pre code").forEach((block) => { + hljs.highlightElement(block); + }); + + // set fetch method for DarkReader to use the same origin policy + DarkReader.setFetchMethod(window.fetch); + + // auto-enable dark mode if user has set it as their preference + DarkReader.auto(); + }); +</script> diff --git a/root-readme.html b/root-readme.html new file mode 100644 index 0000000..b13036c --- /dev/null +++ b/root-readme.html @@ -0,0 +1,16 @@ +<h1>About</h1> +<p> + This site is a self-hosted instance of + <a href="https://git.zx2c4.com/cgit/" target="_blank">cgit</a>, a web + interface for Git repositories. It is configured to serve repositories from my + personal git server and is primarily intended for my own use. However, it is + publicly accessible and may contain repositories that are of interest to + others. If you find something useful, feel free to clone it and use it as you + see fit. +</p> +<p> + Have an issue to report or a + <a href="https://git-send-email.io" target="_blank">patch to submit</a>? Send + it to: + <a href="mailto:git@zue.dev">git@zue.dev</a> +</p> |