Skip to content

Commit

Permalink
Major improvements
Browse files Browse the repository at this point in the history 
* update to the latest alpine version
* support independant git account name from git-server repository location
* update documentation
  • Loading branch information
@fr123k
fr123k committed May 23, 2020
1 parent 72f69a5 commit a325ed8
Show file tree
Hide file tree
Showing 11 changed files with 226 additions and 99 deletions.
5 changes: 0 additions & 5 deletions .gitignore
View file

This file was deleted.

21 changes: 21 additions & 0 deletions .travis.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
sudo: required

env:
global:
- secure: tiAuLlmIpPpapn2Nt9fk2Ykm9rY0c0MIADBhea+Zf8gJK5zRJAE0tbmD9Ub84lTQ8ItUJbCWRB2Fa2lWP4eEzB8iG06rbfa9bbEo05dvzRTlXs61wpSk5gGyxfVhmhegt47vQCe0bMnzb+Ywc64nkYBhJgfDl78GgdzJFRLS7UwumnnZxEPNC7eGn6QcZCr8VZHPsEeB2hk5d6gq4Qiv9bG86UwQGjkP0qU0rPG39B6dtLbb53BsgTHZtLlED11sZco941cyLJ/HaSgcSaKp2Ufl+Mn+H5kYerpLY3vTGxwpU6/94/fgE7ht2dWzTWNoOV3F1Q0rUApSkI94d7G9uRzRcIOnY1Fa6+ZsxjzrStc6WmVmw6LPs1fIvwbHmuckegYX5XvefCWAlRm7Ih15PG5OWN4nXT0czpRe1Yh+upb8pnAjczZQj2hde4VV5xFh7P2PqUxxY2BQPzuIEJKwtbUFBBof3TOwG6DFUbcUjmh4QRz8y+P/1vLelXtbFiEw2ylXlmzFXSeeAfI/R18Kv92EO29D9a+aSU1mi+GTcWigbDFxjrliZqeyxyZZzd61Qt28r0UHhl5iYCrzpZkwdcKggR1J/64uuCkzISKH0wzIOTl+IBM7+XNUuNz9E2lg1XdGJ4a40dmmfv1N7DL/ht0D/zTf+JM+dFXN5HEQJLQ=
- secure: bltFDyxC7dT064zMqiaghvRaLefw6QR8+H+roS6bn17ZQ1fMID4I4DBU2cgUMXwk9kYHhhYV9LjHNOG+rcRIHe3BiD2HLsmtkCQbCtOu7NCoeUmjQazwVBIwfXpZL14sV0TF7PoQo4RY/1/AMZFLyWAuPeRG9LEtEPUsU7y8g5/JqGLamH1iBLj7615xKFuWN0xAyJkNQhbTKqsirnEkh41AUswk3LHInFnyxfbtGB7KjpiFVOrcTpeMmzJJ6vp2ySHb6hxH6R3D31AhHqG/I/vnxWvzt7wFv+zJ5iUq5mIIOcN0xeYpw2Mh8TrZqmEezBpfH3Z0n8H7zB/imeRsY5hgbQct5mRR3mQsUEq/VJr2sE2fVhwMugIx3kJUf5Htmm3woGgoEAmKdg7xyp75PQloWDLQv8h5vfegedMlI6wyoVo86KL0koLHooyMtHU9Bi4fpjfLqwWXoHnlZ2ESqgRGJATmF83sKoWv8v4I6RZXKOaP75BwmeoYKZE47iv3qFEnHZDHnFyCDFQ2NfjK1KEMQh4StzhRDzWcYIhonxxKXkG9yXLTnKScEGDR7qt/YV55p/xxyn9zBvNHrruAxTEFmMl/L/lorhhfDNqVcqyI6FjmwmK3sreq1I/KiuP1iB66Pm7CezCNdhxndwLl7cuc3603Elr9BPm47jqkH0E=

services:
- docker

addons:
apt:
update: true

script:
- make build

after_success:
- echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
- if [ "$TRAVIS_PULL_REQUEST" = "false" -a "$TRAVIS_BRANCH" = "master" ]; then make
release; fi
25 changes: 11 additions & 14 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,16 @@
FROM alpine:3.4
FROM alpine:latest

MAINTAINER Carlos Bernárdez "[email protected]"
LABEL Maintainer="Frank Ittermann [email protected]"

# "--no-cache" is new in Alpine 3.3 and it avoid using
# "--update + rm -rf /var/cache/apk/*" (to remove cache)
RUN apk add --no-cache \
# openssh=7.2_p2-r1 \
RUN apk update && \
apk add --no-cache \
openssh \
# git=2.8.3-r0
git

# Key generation on the server
# generate host keys
RUN ssh-keygen -A

# SSH autorun
# RUN rc-update add sshd

WORKDIR /git-server/
WORKDIR /git-server

# -D flag avoids password generation
# -s flag changes user's shell
Expand All @@ -34,8 +28,11 @@ COPY git-shell-commands /home/git/git-shell-commands

# sshd_config file is edited for enable access key and disable access password
COPY sshd_config /etc/ssh/sshd_config
COPY start.sh start.sh
COPY start.sh /start.sh
COPY motd /etc

ENV ACCOUNT helmet

EXPOSE 22

CMD ["sh", "start.sh"]
CMD ["sh", "/start.sh"]
17 changes: 17 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@

VERSION=1.0.0
ACCOUNT?=fr123k
REPOSITORIES?=$(PWD)/../
export NAME=fr123k/git-server-docker
export IMAGE="${NAME}:${VERSION}"
export LATEST="${NAME}:latest"

build: ## Build the jenkins in docker image.
docker build -t $(IMAGE) -f Dockerfile .

release: build ## Push docker image to docker hub
docker tag ${IMAGE} ${LATEST}
docker push ${NAME}

git-server:
docker run -p 22:22 -it -v $(REPOSITORIES):/git-server -e ACCOUNT=$(ACCOUNT) --name github --rm ${IMAGE}
189 changes: 145 additions & 44 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,76 +1,177 @@
# git-server-docker
A lightweight Git Server Docker image built with Alpine Linux. Available on [GitHub](https://github.com/jkarlosb/git-server-docker) and [Docker Hub](https://hub.docker.com/r/jkarlos/git-server-docker/)
A lightweight Git Server Docker image built with Alpine Linux. Available on [GitHub](https://github.com/fr123k/git-server-docker) and [Docker Hub](https://hub.docker.com/r/fr123k/git-server-docker/)

!["image git server docker" "git server docker"](https://raw.githubusercontent.com/jkarlosb/git-server-docker/master/git-server-docker.jpg)
## Use Case

### Basic Usage
### Local Jenkins use Local Git Repository

How to run the container in port 2222 with two volumes: keys volume for public keys and repos volume for git repositories:
The major motivation for the local git server docker container is to provide a way for a local jenkins running in docker to use local git repositories instead of github for example.

$ docker run -d -p 2222:22 -v ~/git-server/keys:/git-server/keys -v ~/git-server/repos:/git-server/repos jkarlos/git-server-docker
The following steps describe a way to use the local git server in jenkins without changing the github url of the jobs in jenkins. They can still point to the original github respositories.

How to use a public key:
#### Local DNS

Copy them to keys folder:
- From host: $ cp ~/.ssh/id_rsa.pub ~/git-server/keys
- From remote: $ scp ~/.ssh/id_rsa.pub user@host:~/git-server/keys
You need restart the container when keys are updated:
$ docker restart <container-id>

How to check that container works (you must to have a key):
Setup a domain like `local.github.com` that is then used by jenkins.

$ ssh git@<ip-docker-server> -p 2222
...
Welcome to git-server-docker!
You've successfully authenticated, but I do not
provide interactive shell access.
...
```bash
echo "192.168.65.2 local.github.com" >> /etc/hosts
```

How to create a new repo:
The ip address `192.168.65.2` is specific to your operating system and only works from within a docker container.
**This ip address work on MacOS.**

$ cd myrepo
$ git init --shared=true
$ git add .
$ git commit -m "my first commit"
$ cd ..
$ git clone --bare myrepo myrepo.git
#### Git Config

How to upload a repo:
Add or change the `%{JENKINS_HOME}/.gitconfig` with the following setting.
```
[url "ssh://[email protected]"]
insteadOf = https://github.com/
From host:
$ mv myrepo.git ~/git-server/repos
From remote:
$ scp -r myrepo.git user@host:~/git-server/repos
[url "ssh://[email protected]/"]
insteadOf = [email protected]:
```

How clone a repository:
#### Local Github Server

Run the docker git server container on the port 22 (sshd) and specify the github account like `fr123k`.

`docker run -p 22:22 -it -v $(PWD)/../:/git-server `**`-e ACCOUNT=fr123k`**` --name github --rm fr123k/git-server-docker`

$ git clone ssh://git@<ip-docker-server>:2222/git-server/repos/myrepo.git
If something is not as expected check the [Troubleshooting](#Troubleshooting) section.

## Basic Usage

### Arguments

* **Expose ports**: 22
* **Volumes**:
* */git-server/keys*: Volume to store the users public keys
* */git-server/repos*: Volume to store the repositories
* **/git-server/**: Volume to store the repositories
* **Environment Variables**:
* **ACCOUNT**: Name of the git account
* **DEBUG**: If exits enable debug logging of the sshd to the file `/var/log/auth.log`. Useful for troubleshooting

### Git Repository Volume

The volume has to be mounted to /git-server mount point.
It has to contain the `.keys` folder with all the public keys
for the ssh authentication.

* -v (local_git_repository):/git-server/

Example mount directory that is above the current one as a git repository.

`docker run -p 2222:22 -it `**`-v $(PWD)/../:/git-server`**` --name github --rm fr123k/git-server-docker`

### Git Account Name

The name of the git repository.
* -e ACCOUNT=(name of the git account) default: helmet

For example
`docker run -p 2222:22 -it -v $(PWD)/../:/git-server `**`-e ACCOUNT=fr123k`**` --name github --rm fr123k/git-server-docker`

### Git Account Name

The name of the git repository.
* -e DEBUG=true

For example
`docker run -p 2222:22 -it -v $(PWD)/../:/git-server `**`-e DEBUG=true`**` --name github --rm fr123k/git-server-docker`

### Local SSH Git Server

How to run the container in port 22 (sshd).

`docker run -d -p `**`22:22`**` -v ~/git-server/repos:/git-server/ fr123k/git-server-docker/`

### Local Git Repositories

**After adding git repository described below the docker container has to be always restarted.**
How to create a new repo:

```bash
mkdir local-git-repo
cd local-git-repo/
git init --shared=true
git add .
git commit -m "my first commit"
```

How to upload a repo:

From host:
```bash
mv local-git-repo ~/git-server/
```
From remote:
```bash
scp -r local-git-repo user@host:~/git-server/
```

How clone a repository:

```bash
git clone ssh://[email protected]:22/helmet/local-git-repo.git
```

## Troubleshooting

### Validate Local SSH Git Server

How to check that container and the authentication keys works.
`ssh [email protected] -p 2222`
The expected output looks like this.
```
Welcome to git-server-docker!
Provided to you from
https://hub.docker.com/r/fr123k/git-server-docker/
https://github.com/fr123k/git-server-docker
You've successfully authenticated, but I do not
provide interactive shell access.
Connection to 127.0.0.1 closed.
```

### SSH Keys

How generate a pair keys in client machine:

$ ssh-keygen -t rsa
```bash
ssh-keygen -t rsa
```

How upload quickly a public key to host volume:

$ scp ~/.ssh/id_rsa.pub user@host:~/git-server/keys
```bash
scp ~/.ssh/id_rsa.pub user@host:~/git-server/.keys
```

## Docker Image

All `make` commands can only be from the folder where the Makefile is located.

### Build

### Build Image
How to build the docker image:

How to make the image:
```bash
make build
```
or
```bash
docker build -t git-server-docker .
```

$ docker build -t git-server-docker .

### Docker-Compose
### Run

You can edit docker-compose.yml and run this container with docker-compose:
How to run the image:

$ docker-compose up -d
```bash
make REPOSITORIES=$(PWD)/../ ACCOUNT=fr123k git-server
```
or
```bash
docker run -p 22:22 -it -v $(PWD)/../ :/git-server -e ACCOUNT=fr123k --name github --rm "fr123k/git-server-docker"
```
15 changes: 0 additions & 15 deletions docker-compose.yml
View file

This file was deleted.

Binary file removed git-server-docker.jpg
View file
Binary file not shown.
2 changes: 1 addition & 1 deletion git-shell-commands/no-interactive-login
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
printf '%s\n' "Welcome to git-server-docker!"
printf '\n'
printf '%s\n' "You've successfully authenticated, but I do not"
printf '%s\n' "provide interactive shell access."
exit 128
6 changes: 6 additions & 0 deletions motd
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
Welcome to git-server-docker!

Provided to you from

https://hub.docker.com/r/fr123k/git-server-docker/
https://github.com/fr123k/git-server-docker
9 changes: 4 additions & 5 deletions sshd_config
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,8 @@

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
SyslogFacility AUTH
LogLevel DEBUG

# Authentication:

Expand All @@ -50,9 +50,8 @@ RSAAuthentication yes
PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysFile /home/git/.ssh/authorized_keys
# but this is overridden so installations will only check /home/git/.ssh/authorized_keys
AuthorizedKeysFile /home/git/.ssh/authorized_keys

#AuthorizedPrincipalsFile none

Expand Down
Loading

0 comments on commit a325ed8

Please sign in to comment.