commit
a756277407
4 changed files with 62 additions and 0 deletions
@ -0,0 +1,28 @@ |
|||||||
|
# Gitea passthru scripts for Docker |
||||||
|
|
||||||
|
The Docker image for Gitea instructs you to place a passthru script |
||||||
|
at `/app/app/gitea` on the host. If you don't like having files in |
||||||
|
odd locations on your host system, this isn't a great solution. |
||||||
|
|
||||||
|
## passthru |
||||||
|
|
||||||
|
This is a slightly modified version of the passthru script from the |
||||||
|
Docker image documentation. Since `passthru` lives in your project |
||||||
|
directory now, and the original script passes `$0` as the executable |
||||||
|
to run in the Docker image, it has been modified to always pass |
||||||
|
`/app/gitea/gitea` instead. |
||||||
|
|
||||||
|
## watchkeys |
||||||
|
|
||||||
|
This Bash scripts runs as a daemon on your host and watches the |
||||||
|
Gitea `git/.ssh` folder for changes to `authorized_keys`, which it |
||||||
|
reads and modifies to point all the `command` directives at |
||||||
|
the passthrough script instead of `/app/gitea/gitea` and then |
||||||
|
writes to `.ssh/authorized_keys` in the Docker project folder, |
||||||
|
which you will have configured as the home directory for your |
||||||
|
`git` account. |
||||||
|
|
||||||
|
## watchkeys.service |
||||||
|
|
||||||
|
This is the `systemd` configuration file that launches the daemon. |
||||||
|
Modify to taste and create a symlink to it in `/lib/systemd/system`. |
@ -0,0 +1,7 @@ |
|||||||
|
#!/bin/sh |
||||||
|
|
||||||
|
# Gitea SSH server as exposed to host |
||||||
|
CONTAINER_SSH_HOST=127.0.0.1 |
||||||
|
CONTAINER_SSH_PORT=3001 |
||||||
|
|
||||||
|
ssh -p $CONTAINER_SSH_PORT -o StrictHostKeyChecking=no git@$CONTAINER_SSH_HOST "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" /app/gitea/gitea $@" |
@ -0,0 +1,16 @@ |
|||||||
|
#!/bin/bash |
||||||
|
|
||||||
|
# Path to home directory of 'git' user on host |
||||||
|
GIT_HOME=$HOME |
||||||
|
|
||||||
|
# Path to Gitea '.ssh' directory mounted on host |
||||||
|
GITEA_HOME=$GIT_HOME/data/git |
||||||
|
|
||||||
|
# Path to 'passthru' script on host |
||||||
|
PASSTHRU_SCRIPT=$GIT_HOME/passthru |
||||||
|
|
||||||
|
while read file; do |
||||||
|
if [ "$file" == "authorized_keys" ]; then |
||||||
|
sed "s#/app/gitea/gitea#$PASSTHRU_SCRIPT#g" $GITEA_HOME/.ssh/authorized_keys >$GIT_HOME/.ssh/authorized_keys |
||||||
|
fi |
||||||
|
done < <(exec inotifywait -mq -e close_write --format %f $GITEA_HOME/.ssh) |
@ -0,0 +1,11 @@ |
|||||||
|
[Unit] |
||||||
|
Description=Gitea Authorized Keys Watcher |
||||||
|
|
||||||
|
[Service] |
||||||
|
Type=simple |
||||||
|
User=git |
||||||
|
Group=git |
||||||
|
ExecStart=/var/local/docker/gitea/watchkeys |
||||||
|
|
||||||
|
[Install] |
||||||
|
WantedBy=multi-user.target |
Loading…
Reference in new issue