summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJean-Philippe Roemer <roemer.jp@gmail.com>2015-11-04 19:19:39 +0000
committerJean-Philippe Roemer <roemer.jp@gmail.com>2015-11-04 19:22:15 +0000
commit9a8aeef478f6b81cbe6d489fdc1efa2fc9f43a6b (patch)
tree0c6f78d0b7e9a09110e8aaba6ca6356f76f3e07e
parent603c7389b8e56740033e51b36b79e61136b46002 (diff)
downloadgitea-9a8aeef478f6b81cbe6d489fdc1efa2fc9f43a6b.tar.gz
gitea-9a8aeef478f6b81cbe6d489fdc1efa2fc9f43a6b.zip
Add syslog & fix `/data/git` rights & SOCAT_LINK env var
- Resolve #1893 - Add syslogd to output sshd log on stdout (via `docker logs`) - Enforce directory rights on `/data/git`, `/data/gogs` & `/data/ssh` - Add `SOCAT_LINK` environment variable to prevent the creation of scout links when they are not needed (see #1815)
-rwxr-xr-xdocker/s6/gogs/setup1
-rwxr-xr-xdocker/s6/openssh/setup3
-rwxr-xr-xdocker/s6/syslogd/run7
-rwxr-xr-xdocker/start.sh41
4 files changed, 33 insertions, 19 deletions
diff --git a/docker/s6/gogs/setup b/docker/s6/gogs/setup
index e64a36d6e6..40bd82b28a 100755
--- a/docker/s6/gogs/setup
+++ b/docker/s6/gogs/setup
@@ -20,3 +20,4 @@ ln -sf /data/gogs/data ./data
ln -sf /data/git /home/git
chown -R git:git /data /app/gogs ~git/
+chmod 0755 /data /data/gogs ~git/
diff --git a/docker/s6/openssh/setup b/docker/s6/openssh/setup
index f263516bca..6df5ef7050 100755
--- a/docker/s6/openssh/setup
+++ b/docker/s6/openssh/setup
@@ -23,4 +23,5 @@ fi
# Set correct right to ssh keys
chown -R root:root /data/ssh/*
-chmod 600 /data/ssh/*
+chmod 0700 /data/ssh
+chmod 0600 /data/ssh/*
diff --git a/docker/s6/syslogd/run b/docker/s6/syslogd/run
new file mode 100755
index 0000000000..f7bdbe36d6
--- /dev/null
+++ b/docker/s6/syslogd/run
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if test -f ./setup; then
+ source ./setup
+fi
+
+exec gosu root /sbin/syslogd -nS -O-
diff --git a/docker/start.sh b/docker/start.sh
index 42bdb3c541..bf679f22cf 100755
--- a/docker/start.sh
+++ b/docker/start.sh
@@ -13,24 +13,29 @@ for f in /data/gogs/data /data/gogs/conf /data/gogs/log /data/git /data/ssh; do
done
# Bind linked docker container to localhost socket using socat
-USED_PORT="3000:22"
-while read NAME ADDR PORT; do
- if test -z "$NAME$ADDR$PORT"; then
- continue
- elif echo $USED_PORT | grep -E "(^|:)$PORT($|:)" > /dev/null; then
- echo "init:socat | Can't bind linked container ${NAME} to localhost, port ${PORT} already in use" 1>&2
- else
- SERV_FOLDER=/app/gogs/docker/s6/SOCAT_${NAME}_${PORT}
- mkdir -p ${SERV_FOLDER}
- CMD="socat -ls TCP4-LISTEN:${PORT},fork,reuseaddr TCP4:${ADDR}:${PORT}"
- echo -e "#!/bin/sh\nexec $CMD" > ${SERV_FOLDER}/run
- chmod +x ${SERV_FOLDER}/run
- USED_PORT="${USED_PORT}:${PORT}"
- echo "init:socat | Linked container ${NAME} will be binded to localhost on port ${PORT}" 1>&2
- fi
-done << EOT
-$(env | sed -En 's|(.*)_PORT_([0-9]+)_TCP=tcp://(.*):([0-9]+)|\1 \3 \4|p')
-EOT
+LINK=$(echo "$SOCAT_LINK" | tr '[:upper:]' '[:lower:]')
+if [ "$LINK" != "false" -a "$LINK" != "0" ]; then
+
+ USED_PORT="3000:22"
+ while read NAME ADDR PORT; do
+ if test -z "$NAME$ADDR$PORT"; then
+ continue
+ elif echo $USED_PORT | grep -E "(^|:)$PORT($|:)" > /dev/null; then
+ echo "init:socat | Can't bind linked container ${NAME} to localhost, port ${PORT} already in use" 1>&2
+ else
+ SERV_FOLDER=/app/gogs/docker/s6/SOCAT_${NAME}_${PORT}
+ mkdir -p ${SERV_FOLDER}
+ CMD="socat -ls TCP4-LISTEN:${PORT},fork,reuseaddr TCP4:${ADDR}:${PORT}"
+ echo -e "#!/bin/sh\nexec $CMD" > ${SERV_FOLDER}/run
+ chmod +x ${SERV_FOLDER}/run
+ USED_PORT="${USED_PORT}:${PORT}"
+ echo "init:socat | Linked container ${NAME} will be binded to localhost on port ${PORT}" 1>&2
+ fi
+ done << EOT
+ $(env | sed -En 's|(.*)_PORT_([0-9]+)_TCP=tcp://(.*):([0-9]+)|\1 \3 \4|p')
+ EOT
+
+fi
# Exec CMD or S6 by default if nothing present
if [ $# -gt 0 ];then