From 350aad4ae98d1ea94bde354168eebb0e59a9f5cc Mon Sep 17 00:00:00 2001 From: Jonathan Chan Date: Fri, 5 Sep 2025 17:40:50 +0200 Subject: [PATCH] Add authorized_keys_command.conf with correct git directory --- rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf diff --git a/rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf b/rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf new file mode 100644 index 0000000..ec43e5b --- /dev/null +++ b/rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf @@ -0,0 +1,3 @@ +Match User git + AuthorizedKeysCommand /usr/bin/knot keys -o authorized-keys -git-dir /home/git/repositories + AuthorizedKeysCommandUser nobody -- 2.51.0 From ebb28c223c6d7f73232fe516141ef0eca10ddc6a Mon Sep 17 00:00:00 2001 From: Jonathan Chan Date: Sat, 6 Sep 2025 02:45:24 +0200 Subject: [PATCH] Add UID and GID arguments to Dockerfile This lets you specify the UID and GID of the `git` user during build. The repository and app directories are owned by this `git` user. --- Dockerfile | 7 ++++++- readme.md | 11 +++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9cc349e..f053dc1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,11 +20,16 @@ label org.opencontainers.image.url='https://tangled.sh' label org.opencontainers.image.vendor='tangled.sh' label org.opencontainers.image.licenses='MIT' +arg UID=1000 +arg GID=1000 + copy rootfs . run chmod 755 /etc run chmod -R 755 /etc/s6-overlay run apk add shadow s6-overlay execline openssl openssh git curl bash -run useradd -d /home/git git && openssl rand -hex 16 | passwd --stdin git +run groupadd -g $GID -f git +run useradd -u $UID -g $GID -d /home/git git +run openssl rand -hex 16 | passwd --stdin git run mkdir -p /home/git/repositories && chown -R git:git /home/git copy --from=builder /usr/bin/knot /usr/bin run mkdir /app && chown -R git:git /app diff --git a/readme.md b/readme.md index d77f4aa..2aee5df 100644 --- a/readme.md +++ b/readme.md @@ -29,6 +29,17 @@ docker build -t knot:latest --build-arg TAG=master . The command above for example will build the latest commit on the `master` branch. +By default it will also create a `git` user with user and group ID 1000:1000, +but you can change it with the `UID` and `GID` build arguments. + +```sh +docker build -t knot:latest --build-arg UID=(id -u) GID=(id -u) +``` + +The command above for example will create a user with the host user's UID and GID. +This is useful if you are bind mounting the repositories and app folder on the host, +as in the provided `docker-compose.yml` file. +
When using compose, it can be specified as a build argument which will be -- 2.51.0 From e58c057cb8955cebcfc3573edf23f4f45a5cf33c Mon Sep 17 00:00:00 2001 From: Jonathan Chan Date: Sat, 6 Sep 2025 02:51:49 +0200 Subject: [PATCH] typo --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 2aee5df..ce455fb 100644 --- a/readme.md +++ b/readme.md @@ -33,7 +33,7 @@ By default it will also create a `git` user with user and group ID 1000:1000, but you can change it with the `UID` and `GID` build arguments. ```sh -docker build -t knot:latest --build-arg UID=(id -u) GID=(id -u) +docker build -t knot:latest --build-arg UID=$(id -u) GID=$(id -u) ``` The command above for example will create a user with the host user's UID and GID. -- 2.51.0 From beb70707f74db58079d11fad4f7e8c2b6d4e3313 Mon Sep 17 00:00:00 2001 From: Jonathan Chan Date: Sat, 6 Sep 2025 02:56:17 +0200 Subject: [PATCH] another typo I swear the Dockerfile itself is correct I am just typoing the README --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index ce455fb..8bea590 100644 --- a/readme.md +++ b/readme.md @@ -33,7 +33,7 @@ By default it will also create a `git` user with user and group ID 1000:1000, but you can change it with the `UID` and `GID` build arguments. ```sh -docker build -t knot:latest --build-arg UID=$(id -u) GID=$(id -u) +docker build -t knot:latest --build-arg UID=$(id -u) GID=$(id -g) ``` The command above for example will create a user with the host user's UID and GID. -- 2.51.0