1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-30 09:41:11 -05:00
Commit graph

152 commits

Author SHA1 Message Date
zeripath
0a96e59884 Fix #8453 by making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477) 2019-10-12 23:45:00 +08:00
jpellegrini
852b8e2d81 Make AllowedUsers configurable in sshd_config (#8094)
docker/root/usr/bin/entrypoint already allows for the specification
of USER, USER_UID, USER_GID. But since AllowedUsers is hardcoded in
sshd_config, one cannot log in as a user different ftom git.
This change substitutes ${USER} for git in the sshd_config template.

Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
2019-09-05 22:20:55 +02:00
leigh capili
70d2244e49 Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
Signed-off-by: leigh capili <leigh@null.net>
2019-08-24 01:44:24 +02:00
Antoine GIRARD
d4667a4949 drone/docker: prepare multi-arch release + provide arm64 image (#7571)
* drone/docker: prepare multi-arch release

* Add docker-linux-arm64 pipeline

* add arm 64 build to manifest

* tag dry-run + indent

* Fix notify dependency
2019-07-24 13:21:12 -04:00
Christopher Thomas
75d4414386 Implement the ability to change the ssh port to match what is in the gitea config (#7286)
* - rearrange the templates to make it more logical because now ssh_config is a template
- implemented the updating of the port to the same as the port sent to the gitea config

* change the filename back
2019-07-06 21:57:53 -04:00
Marat Radchenko
e07ff2f890 [docker] Add LFS_START_SERVER option to control git-lfs support (#7281) 2019-06-24 01:33:56 -04:00
Sergey Dryabzhinsky
3fd18838aa Repository avatars (#6986)
* Repository avatars

- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less

* Add changed index.css, remove unused template name

* Update en-us doc about configuration options

* Add comments to new functions, add new option to docker app.ini

* Add comment for lint

* Remove variable, not needed

* Fix formatting

* Update swagger api template

* Check if avatar exists

* Fix avatar link/path checks

* Typo

* TEXT column can't have a default value

* Fixes:

- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests

* Fix fmt check

* Generate PNG instead of "static" GIF

* More informative comment

* Fix error message

* Update avatar upload checks:

- add file size check
- add new option
- update config docs
- add new string to en-us locale

* Fixes:

- use FileHEader field for check file size
- add new test - upload big image

* Fix formatting

* Update comments

* Update log message

* Removed wrong style - not needed

* Use Sync2 to migrate

* Update repos list view

- bigger avatar
- fix html blocks alignment

* A little adjust avatar size

* Use small icons for explore/repo list

* Use new cool avatar preparation func by @lafriks

* Missing changes for new function

* Remove unused import, move imports

* Missed new option definition in app.ini

Add file size check in user/profile avatar upload

* Use smaller field length for Avatar

* Use session to update repo DB data, update DeleteAvatar - use session too

* Fix err variable definition

* As suggested @lafriks - return as soon as possible, code readability
2019-05-29 22:22:26 -04:00
Jakob Ackermann
36b68fdb01 [docker] support for custom GITEA_CUSTOM env var (#6608) 2019-05-13 18:19:37 -04:00
Jakob Ackermann
dab38c375d [docker] drop the docker Makefile from the image (#6507) 2019-05-05 22:49:32 -04:00
zeripath
8d0d7bc28d Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) 2019-04-29 14:08:21 -04:00
Jakob Ackermann
62b35964e3 [docker] let the ssh daemon speak for itself and drop the syslog daemon (#6529)
The sshd flag `-e` instructs sshd to output any logs to stderr instead
 of the syslog. Redirect this output to stdout then.

Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
2019-04-16 21:08:25 -04:00
Jakob Ackermann
3f4e2d9d37 [docker] drop the bits argument when generating an ed25519 key (#6504)
From the man page of ssh-keygen:

  Ed25519 keys have a fixed length and the -b flag will be ignored.

[skip ci]

Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
2019-04-04 08:09:38 +03:00
techknowlogick
ec9331510c
Disable auto-migrate in docker container (#5730) 2019-01-17 22:31:14 -05:00
Julian
f59bfe893a docker: stop modifying file permission before migrating database (#5707) 2019-01-12 11:14:01 -05:00
Pierre-Alexis Ciavaldini
0236856924 migrate database if app.ini found (#5290)
* migrate database if app.ini found

* replacing hard-coded user id by env variable

* Update per @zeripath's feedback
2019-01-05 13:16:38 -05:00
Moshi Binyamini
76060613ef Fix bug on modifying sshd username (#5624)
Should fix #5623
2019-01-02 17:42:33 -05:00
Lunny Xiao
6e114f6791 add git protocol v2 support via SSH on Docker image (#5520)
* add git protocol v2 support via SSH on Docker image

* remove new layer on dockerfile
2018-12-11 12:20:04 -05:00
Fabian Braun
d0f614a25b only chown directories during docker setup if necessary. Fix #4425 (#5064)
Signed-off-by: Fabian Braun <fabian-braun@mailbox.org>
2018-10-30 11:41:41 -04:00
Mura Li
25c49cf930 Update build tags for sqlite_unlock_notify (#5144) 2018-10-23 19:47:59 +08:00
Andrew Phillips
b30f6b4099 Remove UsePrivilegeSeparation from the Docker sshd_config, see #2876 (#4722)
Signed-off-by: Andrew Phillips <theasp@gmail.com>
2018-08-16 01:58:12 +03:00
Tao Wang
823318bfbe Add missing path in the Docker app.ini template (#2181) 2018-07-03 20:44:46 -04:00
techknowlogick
e2721b6190
Remove call to update certs (#4296) 2018-06-21 17:12:56 -04:00
Fluf
b299d7bceb Add Environment Variables to Docker template (#4012)
* Add disable registration as an environment variable

for docker

* Add REQUIRE_SIGNIN_VIEW as env var to docker

* Add variables to template

* Update docker docs
2018-05-23 23:31:12 +08:00
techknowlogick
ecfc401eaa Allow Gitea to run as different USER in Docker (#3961)
* If using a different $USER then rename git user

* Chown based on $USER env

* Target only one part of passwd

* su-exec based on $USER

not a hardcoded value
2018-05-16 23:58:44 +08:00
Jone Marius Vignes
cb87f29b76 Update certificates to enable self-signed certs (#3708)
Why:

* We are using self-signed ssl certificates for internal services, which results in failures when gitea tries to communicate through webhooks with these. We would like to enable gitea to be able to use these certificates without having to build custom docker images.

How

* We add the internal certificates to /usr/local/share/ca-certificates on the host
* We read-only mount /usr/local/share/ca-certificates from the host to /usr/local/share/ca-certificates in the container 
* We do a update-ca-certificates in the alpine container before starting gitea

This should have no consequence for users that do not have the need to handle self-signed certificates, as update-ca-certificates should be idempotent.
2018-03-25 13:47:06 +03:00
Antoine GIRARD
0e26db8bcd Docker multi-stage (#2927)
* Setup docker multi-stage and little sugar at it

* Make codacy happy ?

* Revert back to what the official docker documentation suggest

Codacy don't seems to follow https://docs.docker.com/engine/reference/builder/#maintainer-deprecated

* Update golang version
2018-03-12 11:59:13 +02:00
Piotr Orzechowski
7bab3d2fb1 Enable content trust when building image (#2972) 2017-12-03 18:21:10 +08:00
Antoine GIRARD
dac0f14f34 Docker multi-arch base (#1985)
* Create docker/manifest/base.yml

serve as base for build docker image for most platform (386,amd64,arm,arm64)

* Add make task docker-multi-arch-push-manifest

To update references of a multi-arch image on docker registry.

* Use SED_INPLACE generic sed command

* Delete Dockerfile.aarch64

Delete Dockerfile.rpi

* Use gitea/gitea-base as base

and replace deprecated MAINTAINER by LABEL (https://docs.docker.com/engine/reference/builder/#maintainer-deprecated)

* Fix rebase

* Use sapk/gitea-base as base

* Split makefile for docker

* Fix version to v3.6

Could use in later version edge of alpine official library that support multi-arch for armhf.

* Remove sapk/gitea-base and use directly new official alpine multi-arch
2017-11-16 15:16:40 +02:00
Henrik Bengtsson
9bdce5d21b Launch Gitea with custom UID/GID for 'git' user (fixes #2286) (#2791) 2017-11-05 10:40:31 +08:00
Morlinest
529f9d03ce Fix ordering in app.ini and fix run mode option (#2829) 2017-11-02 23:08:21 +02:00
Tao Wang
d545e32b56 Add environment variable support for Docker image (#2201)
* Add `gettext` dependencies as we need `envsubst` command;
* Modified s6's gitea setup script, instead of `cp` the template if no
`app.ini` exist, it will substitude the envvars and generate the new
`app.ini`;
* Make `/docker/etc/templates/app.ini` a template contains environment
variables;

Signed-off-by: Tao Wang <twang2218@gmail.com>
2017-10-31 16:55:46 +08:00
Tao Wang
41cc110e62 Use sqlite3 database as default for Docker image (#2182)
Signed-off-by: Tao Wang <twang2218@gmail.com>
2017-07-26 15:21:23 +08:00
Thomas Boerger
c6b6a61bf1 Fixing multiple docker issues (#386)
* Added stupid docker task to makefile

* Dropped unknown option PrintLastLog from docker ssh config

* OpenSSH should log to docker stdout

* Set random pw for docker git user, otherwise it is locked

* Stop using templates and public within docker
2016-12-15 17:16:55 +08:00
Thomas Boerger
65d0426b91
Use su-exec instead of gosu, much smaller 2016-11-28 17:16:13 +01:00
Thomas Boerger
86aa8e413a
Restructured docker building
I have restructured the docker build process entirely, the binary gets
built outside of the docker build command, now we are managing all
dependencies with real Alpine packages and I have dropped features like
socat or the cron daemon.

Signed-off-by: Thomas Boerger <tboerger@suse.de>
2016-11-28 14:13:18 +01:00
Sandro Santilli
b7263f31a5 Replace GOGS with GITEA in variable names
Still use GOGS_WORK_DIR and GOGS_CUSTOM env variables
as a fallback if the equivalent GITEA_* are not set,
warning user about the need for change.

Does not change "gogs" to "gitea" in webhook type name
Because "gogs" hook type is part of the API (routes) and used
in templates...

Closes #87
2016-11-07 16:05:18 +01:00
Rémy Boulanouar
2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
rugk
28dc5bb566 Replace gogs.io http links with https version (#3386) 2016-08-05 17:35:40 -07:00
Unknwon
160956dd31 Update Docker README 2016-07-15 14:32:42 +08:00
Jean-Philippe Roemer
bcd4adb3a0 Update docker/build.sh script to use glide & make (#3079)
* docker: update build script to use glide + make

- docker/build.sh will now use glide to fetch dependencies
- glide is built from source to keep compatibility with arm
  (no pre-prebuilt binary for arm)
- docker/build.sh will also now use the provided Makefile
  It will generate an error when trying to get git build has as we do
  not ship the 88mo .git directory during the build (should not cause
  any problem as the variable it sets was not set previously)

* docker: fix docker arm build

- drop gosu version back to 1.7 as gosu binary for armhf is broken
- see tianon/gosu#19

* docker: update gosu to 1.9

Signed-off-by: Jean-Philippe Roemer <jp@roemer.im>
2016-05-11 13:11:59 -04:00
Jean-Philippe Roemer
69e00f9948 docker: update documentation for container options (#2965)
- Created a Container options section in `docker/README.md`
- Add documentation for SOCAT_LINK
- Move CROND documentation to the new section
2016-04-12 10:46:32 -04:00
Unknwon
ac53bb593d #2878 print error of JSON unmarshal and always returns a valid object 2016-03-26 16:42:20 -04:00
Mike
9d44cd79ee update README.md
minor grammar fix
2016-02-28 21:17:19 -05:00
Unknwon
d320915ad2 Minor fix for #2710 2016-02-27 11:31:24 -05:00
Jean-Philippe Roemer
db14949209 Update Docker REAMDE.md
- Remove the known issue about `.dockerignore` being ignored during DockerHub automated build as this has been fixed
- Added a note on the fact that we currently do no support building the container on RPi1
2016-02-26 17:07:31 +00:00
Jean-Philippe Roemer
7845075bd2 Dockerfile & Dockerfile.pi updates
- Upgrade of gosu to v1.7
- Change in docker/build.sh to use `--no-cache` to prevent APKINDEX creation when installing dev dependencies
- Manual upgrade of Alpine on Raspberry Pi when building to make sure the environment is the same as the standard Dockerfile
2016-02-25 20:43:40 +00:00
Unknwon
779bb890fa Minor docs update for #2605 2016-02-12 08:18:12 -05:00
Jean-Philippe Roemer
f4bc9263d9 Add the ability to run crond inside the Docker container
- Add the crond init script for s6
- Add the RUN_CROND configuration variable to setup crond
- Crond will not be run by default (hence the `down` file in the service directory)
- `start.sh` check if RUN_CROND = "true" || "1" and remove this file to tell s6 to run the initscript
- Resolves #2597
2016-02-12 02:48:55 +00:00
Unknwon
894946c319 Merge pull request #2573 from prologic/add-note-wrt-ssh-on-docker#2409
Add an important note about mapping the ssh port on the container to the host
2016-02-06 20:22:43 -05:00
Jean-Philippe Roemer
12c8953381 Update Dockerfile to update alpine to v3.3 & fix virtual package and repository pinning on RPi
- Dockerfile now uses alpine:3.3 as base
- Dockerfile.rpi now uses v3.3/community repository without pinning
- Go package is no longer fetched using repository pinning
- Fixes problem while using repository pinning & virtual package at the same time
2016-01-28 21:31:45 +00:00
Unknwon
a849ac0164 Merge pull request #2446 from jgsqware/develop
Add Docker Volume from 1.9
2016-01-26 13:45:24 -05:00
Jean-Philippe Roemer
9032bd097b Update Dockerfile & build script and add /etc/nsswitch.conf:
- Add nsswitch.conf to configure LibC Name Service inside the container
- Change my email in the Dockerfile
- Update build script to install software as a `build-deps` virtual package so that adding a package to it will be automatically	removed at the end of the build script
2016-01-25 13:07:37 +00:00
juliengarcia
eb14fbf95f Add Docker Volume from 1.9 2016-01-20 16:54:38 +01:00
James Mills
f36c82c3b3 Add an important note about mapping the ssh port on the container to the host 2016-01-19 22:24:40 -08:00
Ivan Marban
4ea75dfcbe Remove RSA1 keys as only SSH version 2 is used 2016-01-06 10:26:37 +01:00
Unknwon
9cd16c5b12 #1692 add organization APIs 2015-12-17 02:28:47 -05:00
Unknwon
351dfc95a9 prepare release 2015-12-12 21:58:54 -05:00
Unknwon
5d95ffe3eb #2155 The owner has reached maximum creation limit of 0 repositories 2015-12-11 15:11:13 -05:00
Unknwon
b1a53f6d8e add quay.io as another Docker option 2015-12-07 19:40:24 -05:00
Unknwon
e538ff2770 fix #1829 and fix #890 2015-12-04 21:30:33 -05:00
Jean-Philippe Roemer
3deddabfd8 Add set -x & set -e to docker/build.sh for better debugging 2015-11-16 16:49:40 +00:00
Jean-Philippe Roemer
0cbf56855a Update s6 path following package update 2015-11-16 16:48:09 +00:00
Jean-Philippe Roemer
14a8a46bec Add logging when socat link creation is deactivated 2015-11-04 19:43:25 +00:00
Jean-Philippe Roemer
7679aa1a21 Fix typo & cleanup start.sh code 2015-11-04 19:34:26 +00:00
Jean-Philippe Roemer
9a8aeef478 Add syslog & fix /data/git rights & SOCAT_LINK env var
- Resolve #1893
- Add syslogd to output sshd log on stdout (via `docker logs`)
- Enforce directory rights on `/data/git`, `/data/gogs` & `/data/ssh`
- Add `SOCAT_LINK` environment variable to prevent the creation of scout links when they are not needed (see #1815)
2015-11-04 19:22:15 +00:00
Jean-Philippe Roemer
f7c7837fc8 Docker socat link: default port fix
- Remove port 80 & 443 unused by the container
- Add port 3000 used by gogs application
2015-10-21 16:55:55 +01:00
Jean-Philippe Roemer
02289479ef Docker socat link creation
- `start.sh` will now verify that the port is not already used by another service
- Resolve #1807
- Log when a service is created, or could not be created
- Keep track of which port is already used, including goes & sshd port
2015-10-21 16:27:56 +01:00
Limian Wang
b854d3ba40 fix typo in README for Docker 2015-10-13 15:22:33 -07:00
Jean-Philippe Roemer
9acf02ad7f Fix bug introduced in #1759 preventing ssh server to launch
- ssh/setup: test directive now check if a file exist in key path instead of a folder
- ssh/setup script was hanging waiting for an input about rewriting the key
  as the test case was returning true, when it should have been false
  (check if file is a folder instead of a file)
2015-10-12 22:13:22 +01:00
Jean-Philippe Roemer
533c6a8e08 Edit comment to make it clear that we are talking about container version 2015-10-12 21:52:20 +01:00
Jean-Philippe Roemer
bfed40eec4 Docker repository path backward compatibility fix:
- resolve #1765
- create link to old git repository path: `/home/git/gogs-repository`
2015-10-12 21:28:26 +01:00
Jean-Philippe Roemer
9cba6ff84b Volumed data setup changed to allow #1759
- Volumed subfolder now created up in the ENTRYPOINT script, this way
  they are created before S6 even starts making VOLUME.
- The subfolder will be created during VOLUME creation too as ENTRYPOINT
  script will be run before /bin/true
- SSH Keys will now be created on a single key basis not replying on the
  existence of /data/ssh folder
2015-10-12 18:46:45 +01:00
Jean-Philippe Roemer
fc427432ed Docker Container Restart Fix
- Fix s6 fifodir error on container restart
- Add .tags* to .gitignore (Atom auto ctags generation)
2015-10-10 21:03:19 +01:00
Jean-Philippe Roemer
5981f1edcd Remove fixed issue 2015-10-02 23:32:46 +01:00
Jean-Philippe Roemer
ad5e0b833c Docker Container: Init 1 & Initialisation
- Now using a setup script before starting the app. The separation of
the run script and the setup script will make service initialisation a
little bit clearer
- Now calling start.sh script as ENTRYPOINT and S6 as CMD. This way
when running the container with just a shell script, the start.sh
script will be launched before, making debugging easier
- Added note about `.dockerignore` ignored during Docker Hub Automated
Build
2015-10-02 23:13:39 +01:00
无闻
e5310cdbc1 Merge pull request #1731 from ogarcia/develop
Several bugfixes in Docker build
2015-10-02 15:59:10 -04:00
Unknwon
e34d0063c3 Update Docker README for #1708 2015-10-02 15:44:59 -04:00
Óscar García Amor
3e7d8db7a2 Several bugfixes in Docker build
- Removed unnecessary variables
- Fixed symbolic links creation
- Fixed enter point
- Less intermediate containers
2015-10-02 21:18:13 +02:00
Jean-Philippe Roemer
3cad8d9492 Use app/docker folder for SSH Configureation 2015-10-02 11:31:05 +01:00
Jean-Philippe Roemer
e63e0b3105 New approach to Gogs Docker Container
- VOLUME for ‘/data’
- Usage of S6 as PID 1 Process
- Usage of ‘socat’ so linked container (like databases) are binded to
localhost
- OpenSSH, Socat Link and Gogs are supervised using S6
- Size of container reduced to ~75Mo
2015-10-02 10:56:36 +01:00
Unknwon
42a38dfca3 #1665 improve docs 2015-09-21 10:44:40 -04:00
Unknwon
91220a2501 #1665 improve Docker docs 2015-09-21 10:13:47 -04:00
Unknwon
86d3c5cbb3 update Docker info 2015-09-17 19:18:49 -04:00
Unknwon
232c22208c remove rsync 2015-09-06 18:53:59 -04:00
Unknwon
a35911486f fix error in docker doc 2015-08-19 20:41:42 +08:00
Unknwon
90528b2610 fix docker docs style 2015-08-19 20:37:39 +08:00
Unknwon
bd1d7d1509 Able to set SSH port when install, update Docker docs 2015-08-19 20:36:19 +08:00
Unknwon
81b8427438 new UI on admin/monitor 2015-08-19 00:34:11 +08:00
Unknwon
c20ae8edc5 update Docker README 2015-08-18 22:29:02 +08:00
codeskyblue
4095ef2820 add pam for docker 2015-08-17 09:12:47 -04:00
Unknwon
398bb772d8 update docker README 2015-08-17 19:38:49 +08:00
codeskyblue
9371fbe71a add docker ssh support 2015-08-17 15:17:18 +08:00
codeskyblue
0510f712e7 pass test in my foreign machine test 2015-08-17 03:07:47 -04:00
codeskyblue
54b8172a24 some modify, I need to move my workenv to foreign county, network in china is so slow. 2015-08-17 14:32:11 +08:00
Tiago Pires
a5f9077e5a Update docker image.
Shrink docker image.
Update from fig (deprecated) to docker-compose.
Update README.md.

Signed-off-by: Tiago Pires <tandrepires@gmail.com>
2015-07-20 15:19:46 +01:00
Alban Garrigue
7d109573cb openssh-client provide ssh-keygen. GOGS needs that binary to add a ssh key to a user 2015-02-22 16:42:59 +01:00
Alban Garrigue
81fcc0db0c $DIRECTORY variable is never set 2015-02-22 13:06:46 +01:00
euank
f059866a21 Set user.name & user.email in Dockerfile
The previous setting would cause all repo creations to fail, as
described in issue #328.
The previous commit also resolves this issue, but it seems saner to
create the user in the Dockerfile than at runtime.
2014-12-27 19:10:33 -08:00
morpheyesh
995a805a31 spellcheck 2014-12-24 13:20:10 +05:30
Tristan Storch
863a4d5bc4 Use variables, when the're there
Why not use the environment variables, when they are there...
2014-09-03 18:44:15 +02:00