back interdiff of round #1 and #0

docker: fix config #198

closed
opened by knotbin.com targeting master from [deleted fork]: fix-docker

(i be traumatized) fixes knotguard options, along with some more config improvements and fixes in docker compose and dockerfile

options
unified split
files
docker
Dockerfile
docker-compose.yml
rootfs
etc
s6-overlay
s6-rc.d
knotserver
run
ssh
sshd_config.d
tangled_sshd.conf
guard
guard.go
keyfetch
keyfetch.go
REVERTED
docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/run
 
···

       
1

       
1

       
 

       
#!/command/with-contenv ash


     

       
2

       
2

       
 

       



     

       

       
3

       
+

       
exec s6-setuidgid git /usr/local/bin/knotserver


     

       
3

       

       
-

       
exec s6-setuidgid git /usr/local/bin/knot server
ERROR
guard/guard.go

Failed to calculate interdiff for this file.

ERROR
keyfetch/keyfetch.go

Failed to calculate interdiff for this file.

REBASED
docker/docker-compose.yml

This patch was likely rebased, as context lines do not match.

NEW
docker/Dockerfile
 
···

       
1

       
1

       
 

       
FROM docker.io/golang:1.24-alpine3.21 AS build


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
ENV CGO_ENABLED=1


     

       

       
4

       
+

       
ENV KNOT_REPO_SCAN_PATH=/home/git/repositories


     

       
4

       
5

       
 

       
WORKDIR /usr/src/app


     

       
5

       
6

       
 

       
COPY go.mod go.sum ./


     

       
6

       
7

       
 

       



     
···

       
34

       
35

       
 

       
EXPOSE 22


     

       
35

       
36

       
 

       
EXPOSE 5555


     

       
36

       
37

       
 

       



     

       
37

       

       
-

       
ENTRYPOINT ["/bin/sh", "-c", "chown git:git /app && chown git:git /home/git/repositories && /init"]


     

       

       
38

       
+

       
ENTRYPOINT ["/bin/sh", "-c", "chown git:git /app && chown -R git:git \"$KNOT_REPO_SCAN_PATH\" && /init"]
NEW
docker/rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf
 
···

       
5

       
5

       
 

       
PasswordAuthentication no


     

       
6

       
6

       
 

       



     

       
7

       
7

       
 

       
Match User git


     

       
8

       

       
-

       
  AuthorizedKeysCommand /usr/local/bin/knot keys -o authorized-keys


     

       

       
8

       
+

       
  AuthorizedKeysCommand /usr/local/bin/knot keys -output authorized-keys -internal-api http://$(echo ${KNOT_SERVER_INTERNAL_LISTEN_ADDR:-localhost:5444}) -git-dir ${KNOT_REPO_SCAN_PATH:-/home/git/repositories} -log-path /tmp/knotguard.log


     

       
9

       
9

       
 

       
  AuthorizedKeysCommandUser nobody