Verified Commit 950e1e7f authored by Joakim Saario's avatar Joakim Saario
Browse files

Docker setup: Configure cgit, aur.git and sshd

parent f15dd10b
Pipeline #8277 passed with stage
in 2 minutes and 15 seconds
......@@ -15,7 +15,7 @@ RUN pacman -Syu --noconfirm mariadb mariadb-clients
RUN pacman -Syu --noconfirm php php-fpm
# Install cgit dependencies
RUN pacman -Syu --noconfirm openssh git cgit uwsgi uwsgi-plugin-cgi
RUN pacman -Syu --noconfirm openssh git cgit-aurweb uwsgi uwsgi-plugin-cgi
# Install dependencies.
RUN pacman -Syu --noconfirm gpgme protobuf pyalpm python-mysqlclient \
......@@ -26,12 +26,17 @@ RUN pacman -Syu --noconfirm gpgme protobuf pyalpm python-mysqlclient \
python-python-multipart python-pytest-asyncio python-coverage hypercorn \
python-bcrypt python-email-validator python-lxml
# Create aur user
RUN useradd -U -d /aurweb aur
# Copy various docker-related configs and scripts
COPY docker /
WORKDIR /aurweb
COPY . .
RUN python3 setup.py install --install-scripts=/usr/local/bin
ENV AUR_CONFIG /aurweb/conf/config
# Setup aurweb config
......@@ -49,3 +54,8 @@ RUN make -C po all install
# Configure PHP
RUN sed -ri 's/^;?(extension=pdo_mysql)/\1/' /etc/php/php.ini
# Configure cgit
RUN sed -r 's;(repo.path).*;\1=/aurweb/aur.git;' conf/cgitrc.proto | \
sed -r 's;(header).*;\1=/aurweb/web/template/cgit/header.html;' | \
sed -r 's;(footer).*;\1=/aurweb/web/template/cgit/foot.html;' > /aurweb/conf/cgitrc
......@@ -52,6 +52,30 @@ services:
ports:
- 3306:3306
cgit:
image: aurweb:latest
init: true
entrypoint: /cgit-entrypoint.sh
command: >-
uwsgi --socket 0.0.0.0:3000
--plugins cgi
--cgi /usr/share/webapps/cgit-aurweb/cgit.cgi
volumes:
- aurgit_data:/aurweb/aur.git
sshd:
image: aurweb:latest
init: true
entrypoint: /sshd-entrypoint.sh
command: /usr/bin/sshd -D -h /etc/ssh/hostkeys/ssh_host_ed25519_key
volumes:
- aurgit_data:/aurweb/aur.git
- sshd_hostkeys:/etc/ssh/hostkeys
ports:
- 2222:2222
volumes:
mysql_data: {}
aurgit_data: {}
sshd_hostkeys: {}
#!/bin/bash
set -euo pipefail
init_git_repo() {
mkdir -p /aurweb/aur.git
cd /aurweb/aur.git
git init --bare
git config --local transfer.hideRefs '^refs/'
git config --local --add transfer.hideRefs '!refs/'
git config --local --add transfer.hideRefs '!HEAD'
ln -s /usr/local/bin/aurweb/git-update hooks/update
chown -R . aur
}
if ! test -f /aurweb/aur.git/config; then
init_git_repo
fi
exec "$@"
......@@ -32,6 +32,15 @@ http {
root /aurweb/web/html;
index index.php;
location ~ ^/cgit {
include uwsgi_params;
rewrite ^/cgit/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=$1&$2 last;
uwsgi_modifier1 9;
uwsgi_param CGIT_CONFIG /aurweb/conf/cgitrc;
uwsgi_pass uwsgi://cgit:3000;
}
location ~ ^/[^/]+\.php($|/) {
fastcgi_pass aurweb-php:9000;
fastcgi_index index.php;
......
ListenAddress 0.0.0.0:2222
Match User aur
PasswordAuthentication no
AuthorizedKeysCommand /usr/local/bin/aurweb-git-auth "%t" "%k"
AuthorizedKeysCommandUser aur
AcceptEnv AUR_OVERWRITE
#!/bin/bash
set -euo pipefail
mkdir -p /etc/ssh/sshd_config.d
echo 'Include /etc/ssh/sshd_config.d/*' >> /etc/ssh/sshd_config
generate_hostkeys() {
mkdir -p /etc/ssh/hostkeys
ssh-keygen -t ed25519 -f /etc/ssh/hostkeys/ssh_host_ed25519_key -q -N ''
}
if ! test -f /etc/ssh/hostkeys/ssh_host_ed25519_key; then
generate_hostkeys
fi
exec "$@"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment