back round 2 view raw

Add authorized_keys_command.conf to Dockerfile #4

closed
opened by ionchy.ca targeting main from ionchy.ca/knot-docker: main

I couldn't push or pull from any repositories until I set -git-dir following the instructions in knot-hosting, so maybe this file should just created when creating the Dockerfile?

options
unified split
Changed files
+9 -1
Dockerfile
rootfs
etc
ssh
sshd_config.d
authorized_keys_command.conf
+3
rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf 
···

       

       

       
     

       

       

       
     

       

       

       
     
···

       
1

       
+

       
Match User git


     

       
2

       
+

       
  AuthorizedKeysCommand /usr/bin/knot keys -o authorized-keys -git-dir /home/git/repositories


     

       
3

       
+

       
  AuthorizedKeysCommandUser nobody
+6 -1
Dockerfile 
···

       
20

       
 

       
label org.opencontainers.image.vendor='tangled.sh'


     

       
21

       
 

       
label org.opencontainers.image.licenses='MIT'


     

       
22

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       
23

       
 

       
copy rootfs .


     

       
24

       
 

       
run chmod 755 /etc


     

       
25

       
 

       
run chmod -R 755 /etc/s6-overlay


     

       
26

       
 

       
run apk add shadow s6-overlay execline openssl openssh git curl bash


     

       
27

       
-

       
run useradd -d /home/git git && openssl rand -hex 16 | passwd --stdin git


     

       

       

       
     

       

       

       
     

       
28

       
 

       
run mkdir -p /home/git/repositories && chown -R git:git /home/git


     

       
29

       
 

       
copy --from=builder /usr/bin/knot /usr/bin


     

       
30

       
 

       
run mkdir /app && chown -R git:git /app


     
···

       
20

       
 

       
label org.opencontainers.image.vendor='tangled.sh'


     

       
21

       
 

       
label org.opencontainers.image.licenses='MIT'


     

       
22

       
 

       



     

       
23

       
+

       
arg UID=1000


     

       
24

       
+

       
arg GID=1000


     

       
25

       
+

       



     

       
26

       
 

       
copy rootfs .


     

       
27

       
 

       
run chmod 755 /etc


     

       
28

       
 

       
run chmod -R 755 /etc/s6-overlay


     

       
29

       
 

       
run apk add shadow s6-overlay execline openssl openssh git curl bash


     

       
30

       
+

       
run groupadd -g $GID -f git


     

       
31

       
+

       
run useradd -u $UID -g $GID -d /home/git git


     

       
32

       
+

       
run openssl rand -hex 16 | passwd --stdin git


     

       
33

       
 

       
run mkdir -p /home/git/repositories && chown -R git:git /home/git


     

       
34

       
 

       
copy --from=builder /usr/bin/knot /usr/bin


     

       
35

       
 

       
run mkdir /app && chown -R git:git /app