diff --git a/cmd/http-server/Dockerfile b/cmd/http-server/Dockerfile new file mode 100644 index 0000000..5cf1d13 --- /dev/null +++ b/cmd/http-server/Dockerfile @@ -0,0 +1,35 @@ +FROM debian:jessie + +# Setup Container +VOLUME ["/repos"] +EXPOSE 80 + +# Setup APT +RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections + +# Update, Install Prerequisites, Clean Up APT +RUN DEBIAN_FRONTEND=noninteractive apt-get -y update && \ + apt-get -y install git wget nginx-full fcgiwrap && \ + apt-get clean + +# Setup Container User +RUN useradd -M -s /bin/false git --uid 1000 + +# Setup nginx fcgi services to run as user git, group git +RUN sed -i 's/FCGI_USER="www-data"/FCGI_USER="git"/g' /etc/init.d/fcgiwrap && \ + sed -i 's/FCGI_GROUP="www-data"/FCGI_GROUP="git"/g' /etc/init.d/fcgiwrap && \ + sed -i 's/FCGI_SOCKET_OWNER="www-data"/FCGI_SOCKET_OWNER="git"/g' /etc/init.d/fcgiwrap && \ + sed -i 's/FCGI_SOCKET_GROUP="www-data"/FCGI_SOCKET_GROUP="git"/g' /etc/init.d/fcgiwrap + +# Create config files for container startup and nginx +COPY nginx.conf /etc/nginx/nginx.conf + +# Create pre-receive +COPY dehub /usr/bin/dehub +COPY "pre-receive" /pre-receive + +# Create start.sh +COPY start.sh /start.sh +RUN chmod +x /start.sh + +ENTRYPOINT ["/start.sh"] diff --git a/cmd/http-server/README.md b/cmd/http-server/README.md new file mode 100644 index 0000000..714a68b --- /dev/null +++ b/cmd/http-server/README.md @@ -0,0 +1,9 @@ +# dehub-server + +This directory provides a simple Docker image which can be spun up to run a +dehub-enabled server (i.e. one in which incoming commits will be verified prior +to being accepted into their branch). + +The Dockerfile being used is based on +[gitbox](https://github.com/nmarus/docker-gitbox), so thank you to nmarus for +the great work there. diff --git a/cmd/http-server/nginx.conf b/cmd/http-server/nginx.conf new file mode 100644 index 0000000..a8af3b7 --- /dev/null +++ b/cmd/http-server/nginx.conf @@ -0,0 +1,43 @@ +user git git; +worker_processes 1; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 15; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + server_names_hash_bucket_size 64; + + server { + listen 80; + server_name MYSERVER default; + + access_log /var/log/nginx/MYSERVER.access.log combined; + error_log /var/log/nginx/MYSERVER.error.log error; + + #git SMART HTTP + location ~ /(.*\.git.*) { + client_max_body_size 0; + fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; + fastcgi_param GIT_HTTP_EXPORT_ALL ""; + fastcgi_param GIT_PROJECT_ROOT /repos; + fastcgi_param PATH_INFO /$1; + include /etc/nginx/fastcgi_params; + fastcgi_pass unix:/var/run/fcgiwrap.socket; + } + } +} diff --git a/cmd/http-server/pre-receive b/cmd/http-server/pre-receive new file mode 100644 index 0000000..60e12ef --- /dev/null +++ b/cmd/http-server/pre-receive @@ -0,0 +1,3 @@ +#!/bin/sh + +exec dehub -bare hook --pre-receive diff --git a/cmd/http-server/run.sh b/cmd/http-server/run.sh new file mode 100644 index 0000000..69ad918 --- /dev/null +++ b/cmd/http-server/run.sh @@ -0,0 +1,6 @@ +docker run \ + --rm -it \ + --name gitbox \ + -p 8080:80 \ + -v $(pwd)/srv:/repos \ + gitbox diff --git a/cmd/http-server/start.sh b/cmd/http-server/start.sh new file mode 100644 index 0000000..720f0ae --- /dev/null +++ b/cmd/http-server/start.sh @@ -0,0 +1,93 @@ +#!/bin/bash + +set -e + +QUIET=false +#SFLOG="/start.log" + +#print timestamp +timestamp() { + date +"%Y-%m-%d %T" +} + +#screen/file logger +sflog() { + #if $1 is not null + if [ ! -z ${1+x} ]; then + message=$1 + else + #exit function + return 1; + fi + #if $QUIET is not true + if ! $($QUIET); then + echo "${message}" + fi + #if $SFLOG is not null + if [ ! -z ${SFLOG+x} ]; then + #if $2 is regular file or does not exist + if [ -f ${SFLOG} ] || [ ! -e ${SFLOG} ]; then + echo "$(timestamp) ${message}" >> ${SFLOG} + fi + fi +} + +#start services function +startc() { + sflog "Services for container are being started..." + /etc/init.d/fcgiwrap start > /dev/null + /etc/init.d/nginx start > /dev/null + sflog "The container services have started..." +} + +#stop services function +stopc() { + sflog "Services for container are being stopped..." + /etc/init.d/nginx stop > /dev/null + /etc/init.d/fcgiwrap stop > /dev/null + sflog "Services for container have successfully stopped. Exiting." + exit 0 +} + +#trap "docker stop " and shuts services down cleanly +trap "(stopc)" TERM INT + +#startup + +#test for ENV varibale $FQDN +if [ ! -z ${FQDN+x} ]; then + sflog "FQDN is set to ${FQDN}" +else + export FQDN=dehub + sflog "FQDN is set to ${FQDN}" +fi + +#modify config files with fqdn +sed -i "s,MYSERVER,${FQDN},g" /etc/nginx/nginx.conf &> /dev/null + +# create the individual repo directories +while [ ! -z "$1" ]; do + dir="/repos/$1.git"; + if [ ! -d "$dir" ]; then + echo "Initializing repo $1" + mkdir "$dir" + git init --bare "$dir" + git config -f "$dir/config" http.receivepack true + git config -f "$dir/config" receive.denyNonFastForwards true + chown -R git:git "$dir" + fi + + mkdir -p "$dir/hooks" + cp /pre-receive "$dir/hooks/" + chmod +x "$dir/hooks/pre-receive" + + shift +done + +#start init.d services +startc + +#pause script to keep container running... +sflog "Services for container successfully started." +sflog "Dumping logs" +tail -f /var/log/nginx/*.log