-
Notifications
You must be signed in to change notification settings - Fork 15
/
Dockerfile
55 lines (46 loc) · 1.37 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
FROM alpine:3.21.0
RUN set -ex; \
apk add --no-cache \
git=2.47.1-r0 \
openssh=9.9_p1-r2 \
;
# Generate SSH host keys
RUN ssh-keygen -A
# Define variables
ENV GIT_USER=git \
GIT_GROUP=git
ENV GIT_HOME=/home/${GIT_USER}
ENV SSH_AUTHORIZED_KEYS_FILE=${GIT_HOME}/.ssh/authorized_keys \
GIT_REPOSITORIES_PATH=/srv/git
# Create the git user and enable login by assigning a simple password
# Note that BusyBox implementation of `adduser` differs from Debian's
# and therefore options behave slightly differently
RUN set -eux; \
addgroup "${GIT_GROUP}"; \
adduser \
--gecos "Git User" \
--ingroup "${GIT_GROUP}" \
--disabled-password \
--shell "$(which git-shell)" \
"${GIT_USER}" ; \
echo "${GIT_USER}:12345" | chpasswd
# Restrict git user to git commands
# See `git-shell(1)`
COPY git-shell-commands ${GIT_HOME}/git-shell-commands
RUN set -eux; \
cd ${GIT_HOME}/git-shell-commands; \
cmds="ls mkdir rm vi"; \
for c in $cmds; do \
ln -s $(which $c) .; \
done
# Delete Alpine welcome message
RUN rm /etc/motd
# Set up entrypoint script and directory
ENV DOCKER_ENTRYPOINT_DIR=/docker-entrypoint.d
RUN set -eux; \
mkdir ${DOCKER_ENTRYPOINT_DIR}
COPY docker-entrypoint.sh /
COPY 10-setup.sh ${DOCKER_ENTRYPOINT_DIR}
EXPOSE 22
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/sbin/sshd", "-D"]