aboutsummaryrefslogtreecommitdiffstats
path: root/Dockerfile.rootless
diff options
context:
space:
mode:
authorAntoine GIRARD <sapk@users.noreply.github.com>2020-11-01 01:58:22 +0100
committerGitHub <noreply@github.com>2020-10-31 20:58:22 -0400
commitfe458ce877f520cc7f20116db4ff2a0536ff319b (patch)
tree6bdaa11737eb1317749e11d58da34e4423880604 /Dockerfile.rootless
parentf3bbd46c49fb7a2e3407d4da0db511930c957e3c (diff)
downloadgitea-fe458ce877f520cc7f20116db4ff2a0536ff319b.tar.gz
gitea-fe458ce877f520cc7f20116db4ff2a0536ff319b.zip
docker: rootless image (#10154)
* docker: rootless image * improve docs + remove check for write perm on custom * add more info on ssh passtrough * Add comment for internal ssh server in container config
Diffstat (limited to 'Dockerfile.rootless')
-rw-r--r--Dockerfile.rootless68
1 files changed, 68 insertions, 0 deletions
diff --git a/Dockerfile.rootless b/Dockerfile.rootless
new file mode 100644
index 0000000000..6c98c099dd
--- /dev/null
+++ b/Dockerfile.rootless
@@ -0,0 +1,68 @@
+
+###################################
+#Build stage
+FROM golang:1.15-alpine3.12 AS build-env
+
+ARG GOPROXY
+ENV GOPROXY ${GOPROXY:-direct}
+
+ARG GITEA_VERSION
+ARG TAGS="sqlite sqlite_unlock_notify"
+ENV TAGS "bindata timetzdata $TAGS"
+ARG CGO_EXTRA_CFLAGS
+
+#Build deps
+RUN apk --no-cache add build-base git nodejs npm
+
+#Setup repo
+COPY . ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/code.gitea.io/gitea
+
+#Checkout version if set
+RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
+ && make clean-all build
+
+FROM alpine:3.12
+LABEL maintainer="maintainers@gitea.io"
+
+EXPOSE 2222 3000
+
+RUN apk --no-cache add \
+ bash \
+ ca-certificates \
+ gettext \
+ git \
+ gnupg
+
+RUN addgroup \
+ -S -g 1000 \
+ git && \
+ adduser \
+ -S -H -D \
+ -h /var/lib/gitea/git \
+ -s /bin/bash \
+ -u 1000 \
+ -G git \
+ git && \
+ echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
+
+RUN mkdir -p /var/lib/gitea /etc/gitea
+RUN chown git:git /var/lib/gitea /etc/gitea
+
+COPY docker/rootless /
+COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea
+RUN chown root:root /usr/local/bin/* && chmod 755 /usr/local/bin/*
+
+USER git:git
+ENV GITEA_WORK_DIR /var/lib/gitea
+ENV GITEA_CUSTOM /var/lib/gitea/custom
+ENV GITEA_TEMP /tmp/gitea
+#TODO add to docs the ability to define the ini to load (usefull to test and revert a config)
+ENV GITEA_APP_INI /etc/gitea/app.ini
+ENV HOME "/var/lib/gitea/git"
+VOLUME ["/var/lib/gitea", "/etc/gitea"]
+WORKDIR /var/lib/gitea
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+CMD []
+