FROM alpine AS build
RUN apk add --update go git gcc musl-dev
RUN git clone https://tangled.sh/@tangled.sh/core /src
WORKDIR /src
ENV CGO_ENABLED=1
RUN cd cmd/knotserver && go build
RUN cd cmd/keyfetch && go build
RUN cd cmd/repoguard && go build
FROM alpine
RUN apk add --update git openssh-server su-exec
RUN addgroup -g 1000 git && \
    adduser -D -u 1000 -G git -h /home/git git && \
    mkdir -p /home/git && \
    chown -R git:git /home/git
COPY --from=build /src/cmd/knotserver/knotserver /usr/bin/knotserver
COPY --from=build /src/cmd/keyfetch/keyfetch /usr/bin/keyfetch
COPY --from=build /src/cmd/repoguard/repoguard /usr/bin/repoguard
COPY keyfetch_sshd_config /tmp/keyfetch
RUN cat /tmp/keyfetch >> /etc/ssh/sshd_config && rm /tmp/keyfetch
COPY ssh_host_ed25519_key /etc/ssh
COPY ssh_host_ed25519_key.pub /etc/ssh
RUN chmod 600 /etc/ssh/ssh_host_ed25519_key
RUN chmod 644 /etc/ssh/ssh_host_ed25519_key.pub
COPY gitconfig /home/git/.gitconfig
RUN passwd -u git
CMD ["/bin/sh", "-c", "chown -R git:git /home/git && /usr/sbin/sshd && su-exec git knotserver"]