blob: 9667c5229f6c29f898763f5d82a231c09c620bcc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
# Use a base image with Git and OpenSSH installed
FROM alpine:latest
# Install necessary packages
RUN apk add --no-cache git openssh
# Create a directory for the Git repositories
RUN mkdir -p /git-server/repos
# Create a user for running the Git server with git-shell as the default shell
RUN addgroup -S git && adduser -S git -G git -s /usr/bin/git-shell && echo "git:*" | chpasswd -e
# Set the working directory
WORKDIR /git-server
# Create SSH directory, authorized_keys file, and set permissions
RUN mkdir -p /home/git/.ssh \
&& chmod 700 /home/git/.ssh \
&& chown -R git:git /home/git/.ssh
# Add your SSH public key and restrict to git-shell
RUN echo 'command="/usr/local/bin/git-init-repo.sh %r",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQgoZvm5U8SKkjZr03YcGdbMDvx2DxuSfXBYjyBJzrE' > /home/git/.ssh/authorized_keys \
&& chmod 600 /home/git/.ssh/authorized_keys \
&& chown -R git:git /home/git/.ssh
# Disable password authentication to enforce SSH key-based access
RUN echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
# Set MOTD
run echo "Connection successful!" > /etc/motd
# Expose SSH port
EXPOSE 22
COPY init-repo.sh /usr/local/bin/git-init-repo.sh
RUN chmod +x /usr/local/bin/git-init-repo.sh
# Copy the entrypoint script
COPY entrypoint.sh /entrypoint.sh
# Make the entrypoint script executable
RUN chmod +x /entrypoint.sh
# Set the entrypoint
ENTRYPOINT ["/bin/sh","/entrypoint.sh"]
|
