diff options
| -rw-r--r-- | Dockerfile | 21 | ||||
| -rw-r--r-- | entrypoint.sh | 1 | ||||
| -rw-r--r-- | git-wrapper.sh | 16 |
3 files changed, 29 insertions, 9 deletions
@@ -2,24 +2,27 @@ FROM alpine:latest # Install necessary packages -RUN apk add --no-cache git openssh +RUN apk add --no-cache git openssh bash # Create a directory for the Git repositories -RUN mkdir -p /git-server/repos +# RUN mkdir -p /git-server/repos # Create a user for running the Git server with git-shell as the default shell -RUN addgroup -S git && adduser -S git -G git -s /usr/bin/git-shell && echo "git:*" | chpasswd -e +RUN addgroup -S git && adduser -S git -G git -s /bin/bash && echo "git:*" | chpasswd -e # Set the working directory -WORKDIR /git-server +#WORKDIR /git-server # Create SSH directory, authorized_keys file, and set permissions RUN mkdir -p /home/git/.ssh \ && chmod 700 /home/git/.ssh \ - && chown -R git:git /home/git/.ssh + && chown -R git:git /home/git/.ssh \ + && chown -R git:git /home/git # Add your SSH public key and restrict to git-shell -RUN echo 'command="/usr/local/bin/git-init-repo.sh %r",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQgoZvm5U8SKkjZr03YcGdbMDvx2DxuSfXBYjyBJzrE' > /home/git/.ssh/authorized_keys \ + +# RUN echo 'command="/usr/local/bin/git-init-repo.sh %r",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGBUUE8jxGg2bUaPN0+iJY7DLcf1C4E6/5j6AjBN/GTM8IQ0UJzcWj/gapj/tiVrG/iT5IEMiDy3pnzZQcbIugM=' > /home/git/.ssh/authorized_keys \ +RUN echo 'command="/usr/local/bin/git-wrapper",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGBUUE8jxGg2bUaPN0+iJY7DLcf1C4E6/5j6AjBN/GTM8IQ0UJzcWj/gapj/tiVrG/iT5IEMiDy3pnzZQcbIugM=' > /home/git/.ssh/authorized_keys \ && chmod 600 /home/git/.ssh/authorized_keys \ && chown -R git:git /home/git/.ssh @@ -33,8 +36,8 @@ run echo "Connection successful!" > /etc/motd # Expose SSH port EXPOSE 22 -COPY init-repo.sh /usr/local/bin/git-init-repo.sh -RUN chmod +x /usr/local/bin/git-init-repo.sh +COPY git-wrapper.sh /usr/local/bin/git-wrapper +RUN chmod +x /usr/local/bin/git-wrapper # Copy the entrypoint script COPY entrypoint.sh /entrypoint.sh @@ -43,4 +46,4 @@ COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh # Set the entrypoint -ENTRYPOINT ["/bin/sh","/entrypoint.sh"] +ENTRYPOINT ["/entrypoint.sh"] diff --git a/entrypoint.sh b/entrypoint.sh index 77ae84d..5a4bd74 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -10,3 +10,4 @@ fi # Start the SSH daemon /usr/sbin/sshd -D -e 2>&1 + diff --git a/git-wrapper.sh b/git-wrapper.sh new file mode 100644 index 0000000..21d1b23 --- /dev/null +++ b/git-wrapper.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +REPO_NAME=$(echo "$SSH_ORIGINAL_COMMAND" | awk '{print $2}' | tr -d "'") + +init_repo() { + echo "creating repo" + mkdir -p ${REPO_NAME} + cd ${REPO_NAME} || exit + git init --bare --initial-branch=main +} + +if [ ! -d "$REPO_NAME" ]; then + captured=$(init_repo) +fi + +exec git-shell -c "$SSH_ORIGINAL_COMMAND" |