ionchy.ca / knot-docker
forked from tangled.org/knot-docker
this repo has no description
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+52 -4
Dockerfile
docker-compose.yml
license.txt
readme.md
rootfs
etc
ssh
sshd_config.d
authorized_keys_command.conf
+22
license.txt 
···

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
MIT License


     

       
2

       
+

       



     

       
3

       
+

       
Copyright (c) 2025 Tangled Team


     

       
4

       
+

       



     

       
5

       
+

       
Permission is hereby granted, free of charge, to any person obtaining a copy


     

       
6

       
+

       
of this software and associated documentation files (the "Software"), to deal


     

       
7

       
+

       
in the Software without restriction, including without limitation the rights


     

       
8

       
+

       
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell


     

       
9

       
+

       
copies of the Software, and to permit persons to whom the Software is


     

       
10

       
+

       
furnished to do so, subject to the following conditions:


     

       
11

       
+

       



     

       
12

       
+

       
The above copyright notice and this permission notice shall be included in all


     

       
13

       
+

       
copies or substantial portions of the Software.


     

       
14

       
+

       



     

       
15

       
+

       
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR


     

       
16

       
+

       
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,


     

       
17

       
+

       
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE


     

       
18

       
+

       
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER


     

       
19

       
+

       
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,


     

       
20

       
+

       
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE


     

       
21

       
+

       
SOFTWARE.


     

       
22

       
+
+3
rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf 
···

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
Match User git


     

       
2

       
+

       
  AuthorizedKeysCommand /usr/bin/knot keys -o authorized-keys -git-dir /home/git/repositories


     

       
3

       
+

       
  AuthorizedKeysCommandUser nobody
+6 -1
Dockerfile 
···

       
20

       
 

       
label org.opencontainers.image.vendor='tangled.sh'


     

       
21

       
 

       
label org.opencontainers.image.licenses='MIT'


     

       
22

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       
23

       
 

       
copy rootfs .


     

       
24

       
 

       
run chmod 755 /etc


     

       
25

       
 

       
run chmod -R 755 /etc/s6-overlay


     

       
26

       
 

       
run apk add shadow s6-overlay execline openssl openssh git curl bash


     

       
27

       
-

       
run useradd -d /home/git git && openssl rand -hex 16 | passwd --stdin git


     

       

       

       
     

       

       

       
     

       
28

       
 

       
run mkdir -p /home/git/repositories && chown -R git:git /home/git


     

       
29

       
 

       
copy --from=builder /usr/bin/knot /usr/bin


     

       
30

       
 

       
run mkdir /app && chown -R git:git /app


     
···

       
20

       
 

       
label org.opencontainers.image.vendor='tangled.sh'


     

       
21

       
 

       
label org.opencontainers.image.licenses='MIT'


     

       
22

       
 

       



     

       
23

       
+

       
arg UID=1000


     

       
24

       
+

       
arg GID=1000


     

       
25

       
+

       



     

       
26

       
 

       
copy rootfs .


     

       
27

       
 

       
run chmod 755 /etc


     

       
28

       
 

       
run chmod -R 755 /etc/s6-overlay


     

       
29

       
 

       
run apk add shadow s6-overlay execline openssl openssh git curl bash


     

       
30

       
+

       
run groupadd -g $GID -f git


     

       
31

       
+

       
run useradd -u $UID -g $GID -d /home/git git


     

       
32

       
+

       
run openssl rand -hex 16 | passwd --stdin git


     

       
33

       
 

       
run mkdir -p /home/git/repositories && chown -R git:git /home/git


     

       
34

       
 

       
copy --from=builder /usr/bin/knot /usr/bin


     

       
35

       
 

       
run mkdir /app && chown -R git:git /app
+5 -1
docker-compose.yml 
···

       
1

       
 

       
services:


     

       
2

       
 

       
  knot:


     

       
3

       
-

       
    build: .


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
4

       
 

       
    environment:


     

       
5

       
 

       
      KNOT_SERVER_HOSTNAME: ${KNOT_SERVER_HOSTNAME}


     

       
6

       
 

       
      KNOT_SERVER_OWNER: ${KNOT_SERVER_OWNER}


     
···

       
1

       
 

       
services:


     

       
2

       
 

       
  knot:


     

       
3

       
+

       
    build:


     

       
4

       
+

       
      context: .


     

       
5

       
+

       
      args:


     

       
6

       
+

       
        UID: 1000


     

       
7

       
+

       
        GID: 1000


     

       
8

       
 

       
    environment:


     

       
9

       
 

       
      KNOT_SERVER_HOSTNAME: ${KNOT_SERVER_HOSTNAME}


     

       
10

       
 

       
      KNOT_SERVER_OWNER: ${KNOT_SERVER_OWNER}
+16 -2
readme.md 
···

       
29

       
 

       
The command above for example will build the latest commit on the `master`


     

       
30

       
 

       
branch.


     

       
31

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
32

       
 

       
<hr style="margin-bottom: 20px; margin-top: 10px" />


     

       
33

       
 

       



     

       
34

       
-

       
When using compose, it can be specified as a build argument which will be


     

       
35

       
 

       
passed to the builder.


     

       
36

       
 

       



     

       
37

       
 

       
```yaml


     

       
38

       
 

       
build:


     

       
39

       
 

       
  context: .


     

       
40

       
-

       
  args: { TAG: master }


     

       

       

       
     

       

       

       
     

       

       

       
     

       
41

       
 

       
```


     

       
42

       
 

       



     

       
43

       
 

       
This will for example tell docker to build it using the `master` branch like


     
···

       
29

       
 

       
The command above for example will build the latest commit on the `master`


     

       
30

       
 

       
branch.


     

       
31

       
 

       



     

       
32

       
+

       
By default it will also create a `git` user with user and group ID 1000:1000,


     

       
33

       
+

       
but you can change it with the `UID` and `GID` build arguments.


     

       
34

       
+

       



     

       
35

       
+

       
```sh


     

       
36

       
+

       
docker build -t knot:latest --build-arg UID=$(id -u) GID=$(id -g)


     

       
37

       
+

       
```


     

       
38

       
+

       



     

       
39

       
+

       
The command above for example will create a user with the host user's UID and GID.


     

       
40

       
+

       
This is useful if you are bind mounting the repositories and app folder on the host,


     

       
41

       
+

       
as in the provided `docker-compose.yml` file.


     

       
42

       
+

       



     

       
43

       
 

       
<hr style="margin-bottom: 20px; margin-top: 10px" />


     

       
44

       
 

       



     

       
45

       
+

       
When using compose, these can be specified as build arguments which will be


     

       
46

       
 

       
passed to the builder.


     

       
47

       
 

       



     

       
48

       
 

       
```yaml


     

       
49

       
 

       
build:


     

       
50

       
 

       
  context: .


     

       
51

       
+

       
  args:


     

       
52

       
+

       
    TAG: master


     

       
53

       
+

       
    UID: 1000


     

       
54

       
+

       
    GID: 1000


     

       
55

       
 

       
```


     

       
56

       
 

       



     

       
57

       
 

       
This will for example tell docker to build it using the `master` branch like