commit
a756277407
4 changed files with 62 additions and 0 deletions
@ -0,0 +1,28 @@ |
||||
# Gitea passthru scripts for Docker |
||||
|
||||
The Docker image for Gitea instructs you to place a passthru script |
||||
at `/app/app/gitea` on the host. If you don't like having files in |
||||
odd locations on your host system, this isn't a great solution. |
||||
|
||||
## passthru |
||||
|
||||
This is a slightly modified version of the passthru script from the |
||||
Docker image documentation. Since `passthru` lives in your project |
||||
directory now, and the original script passes `$0` as the executable |
||||
to run in the Docker image, it has been modified to always pass |
||||
`/app/gitea/gitea` instead. |
||||
|
||||
## watchkeys |
||||
|
||||
This Bash scripts runs as a daemon on your host and watches the |
||||
Gitea `git/.ssh` folder for changes to `authorized_keys`, which it |
||||
reads and modifies to point all the `command` directives at |
||||
the passthrough script instead of `/app/gitea/gitea` and then |
||||
writes to `.ssh/authorized_keys` in the Docker project folder, |
||||
which you will have configured as the home directory for your |
||||
`git` account. |
||||
|
||||
## watchkeys.service |
||||
|
||||
This is the `systemd` configuration file that launches the daemon. |
||||
Modify to taste and create a symlink to it in `/lib/systemd/system`. |
@ -0,0 +1,7 @@ |
||||
#!/bin/sh |
||||
|
||||
# Gitea SSH server as exposed to host |
||||
CONTAINER_SSH_HOST=127.0.0.1 |
||||
CONTAINER_SSH_PORT=3001 |
||||
|
||||
ssh -p $CONTAINER_SSH_PORT -o StrictHostKeyChecking=no git@$CONTAINER_SSH_HOST "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" /app/gitea/gitea $@" |
@ -0,0 +1,16 @@ |
||||
#!/bin/bash |
||||
|
||||
# Path to home directory of 'git' user on host |
||||
GIT_HOME=$HOME |
||||
|
||||
# Path to Gitea '.ssh' directory mounted on host |
||||
GITEA_HOME=$GIT_HOME/data/git |
||||
|
||||
# Path to 'passthru' script on host |
||||
PASSTHRU_SCRIPT=$GIT_HOME/passthru |
||||
|
||||
while read file; do |
||||
if [ "$file" == "authorized_keys" ]; then |
||||
sed "s#/app/gitea/gitea#$PASSTHRU_SCRIPT#g" $GITEA_HOME/.ssh/authorized_keys >$GIT_HOME/.ssh/authorized_keys |
||||
fi |
||||
done < <(exec inotifywait -mq -e close_write --format %f $GITEA_HOME/.ssh) |
@ -0,0 +1,11 @@ |
||||
[Unit] |
||||
Description=Gitea Authorized Keys Watcher |
||||
|
||||
[Service] |
||||
Type=simple |
||||
User=git |
||||
Group=git |
||||
ExecStart=/var/local/docker/gitea/watchkeys |
||||
|
||||
[Install] |
||||
WantedBy=multi-user.target |
Loading…
Reference in new issue