external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
aurweb/docker/git-entrypoint.sh
Kevin Morris a1e547c057
feat(docker): allow configurable SSH_CMDLINE in git service 
Signed-off-by: Kevin Morris <kevr@0cost.org>
2021-11-20 19:04:38 -08:00

87 lines
2.3 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
set -eou pipefail
SSHD_CONFIG=/etc/ssh/sshd_config
AUTH_SCRIPT=/app/git-auth.sh
GIT_REPO=/aurweb/aur.git
GIT_BRANCH=master # 'Master' branch.
if ! grep -q 'PYTHONPATH' /etc/environment; then
echo "PYTHONPATH='/aurweb:/aurweb/app'" >> /etc/environment
else
sed -ri "s|^(PYTHONPATH)=.*$|\1='/aurweb'|" /etc/environment
fi
if ! grep -q 'AUR_CONFIG' /etc/environment; then
echo "AUR_CONFIG='/aurweb/conf/config'" >> /etc/environment
else
sed -ri "s|^(AUR_CONFIG)=.*$|\1='/aurweb/conf/config'|" /etc/environment
fi
mkdir -p /app
chmod 755 /app
cat >> $AUTH_SCRIPT << EOF
#!/usr/bin/env bash
export AUR_CONFIG="$AUR_CONFIG"
exec /usr/bin/aurweb-git-auth "\$@"
EOF
chmod 755 $AUTH_SCRIPT
# Add AUR SSH config.
cat >> $SSHD_CONFIG << EOF
Match User aur
PasswordAuthentication no
AuthorizedKeysCommand $AUTH_SCRIPT "%t" "%k"
AuthorizedKeysCommandUser aur
AcceptEnv AUR_OVERWRITE
EOF
# Setup a config for our mysql db.
cp -vf conf/config.dev $AUR_CONFIG
sed -i "s;YOUR_AUR_ROOT;$(pwd);g" $AUR_CONFIG
sed -ri "s/^;?(user) = .*$/\1 = aur/" $AUR_CONFIG
sed -ri "s/^;?(password) = .*$/\1 = aur/" $AUR_CONFIG
AUR_CONFIG_DEFAULTS="${AUR_CONFIG}.defaults"
if [[ "$AUR_CONFIG_DEFAULTS" != "/aurweb/conf/config.defaults" ]]; then
cp -vf conf/config.defaults $AUR_CONFIG_DEFAULTS
fi
# Set some defaults needed for pathing and ssh uris.
sed -ri "s|^(repo-path) = .+|\1 = /aurweb/aur.git/|" $AUR_CONFIG_DEFAULTS
# SSH_CMDLINE can be provided via override in docker-compose.aur-dev.yml.
sed -ri "s|^(ssh-cmdline) = .+$|\1 = ${SSH_CMDLINE}|" $AUR_CONFIG_DEFAULTS
# Setup SSH Keys.
ssh-keygen -A
# In docker-compose.aur-dev.yml, we bind ./data to /aurweb/data.
# Production users wishing to include their own SSH keys should
# supply them in ./data.
if [ -d /aurweb/data ]; then
find /aurweb/data -type f -name 'ssh_host_*' -exec cp -vf "{}" /etc/ssh/ \;
fi
# Taken from INSTALL.
mkdir -pv $GIT_REPO
# Initialize git repository.
if [ ! -f $GIT_REPO/config ]; then
curdir="$(pwd)"
cd $GIT_REPO
git config --global init.defaultBranch $GIT_BRANCH
git init --bare
git config --local transfer.hideRefs '^refs/'
git config --local --add transfer.hideRefs '!refs/'
git config --local --add transfer.hideRefs '!HEAD'
ln -sf /usr/bin/aurweb-git-update hooks/update
cd $curdir
chown -R aur:aur $GIT_REPO
fi
exec "$@"
Reference in a new issue View git blame Copy permalink