Docker integration

před 7 roky · 16cdbe1956
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,19 +1,5 @@
 .git
 .git/**
 packager
 packager/**
 scripts
 scripts/**
 .github/
 .github/**
 config.codekit
 .dockerignore
 *.yml
 *.md
 .bra.toml
 .editorconfig
 .gitignore
 Dockerfile*
 vendor
 vendor/**
 gogs
 *
 !docker
 !bin
 !public
 !templates
--- a/.drone.yml
+++ b/.drone.yml
@@ -50,21 +50,21 @@ pipeline:
      event: [ push, tag ]
      branch: [ master, refs/tags/* ]

  # docker:
  #   image: plugins/docker
  #   repo: gitea/gitea
  #   tags: [ '${TAG}' ]
  #   when:
  #     event: [ tag ]
  #     branch: [ refs/tags/* ]
  docker:
    image: plugins/docker
    repo: gitea/gitea
    tags: [ '${TAG}' ]
    when:
      event: [ tag ]
      branch: [ refs/tags/* ]

  # docker:
  #   image: plugins/docker
  #   repo: gitea/gitea
  #   tags: [ 'latest' ]
  #   when:
  #     event: [ push ]
  #     branch: [ master ]
  docker:
    image: plugins/docker
    repo: gitea/gitea
    tags: [ 'latest' ]
    when:
      event: [ push ]
      branch: [ master ]

  release:
    image: plugins/s3
--- a/.drone.yml.sig
+++ b/.drone.yml.sig
@@ -1 +1 @@
 eyJhbGciOiJIUzI1NiJ9.d29ya3NwYWNlOgogIGJhc2U6IC9zcnYvYXBwCiAgcGF0aDogc3JjL2NvZGUuZ2l0ZWEuaW8vZ2l0ZWEKCnBpcGVsaW5lOgogIHRlc3Q6CiAgICBpbWFnZTogd2ViaGlwcGllL2dvbGFuZzplZGdlCiAgICBwdWxsOiB0cnVlCiAgICBlbnZpcm9ubWVudDoKICAgICAgQ0dPX0VOQUJMRUQ6IDEKICAgICAgVEFHUzogY2VydCBzcWxpdGUgcGFtIG1pbml3aW5zdmMKICAgIGNvbW1hbmRzOgogICAgICAtIGFwayAtVSBhZGQgbGludXgtcGFtLWRldiBvcGVuc3NoLWNsaWVudAogICAgICAtIG1ha2UgY2xlYW4KICAgICAgLSBtYWtlIHZldAogICAgICAjIC0gbWFrZSBsaW50CiAgICAgIC0gbWFrZSB0ZXN0CiAgICAgIC0gbWFrZSBidWlsZAogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgcHVzaCwgdGFnLCBwdWxsX3JlcXVlc3QgXQoKICB0ZXN0LW15c3FsOgogICAgaW1hZ2U6IHdlYmhpcHBpZS9nb2xhbmc6ZWRnZQogICAgcHVsbDogdHJ1ZQogICAgY29tbWFuZHM6CiAgICAgLSBtYWtlIHRlc3QtbXlzcWwKICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2ggXQoKICB0ZXN0LXBnc3FsOgogICAgaW1hZ2U6IHdlYmhpcHBpZS9nb2xhbmc6ZWRnZQogICAgcHVsbDogdHJ1ZQogICAgY29tbWFuZHM6CiAgICAgLSBtYWtlIHRlc3QtcGdzcWwKICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2ggXQoKICBjb3ZlcmFnZToKICAgIGltYWdlOiBwbHVnaW5zL2NvdmVyYWdlCiAgICBzZXJ2ZXI6IGh0dHBzOi8vY292ZXJhZ2UuZ2l0ZWEuaW8KICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2gsIHRhZywgcHVsbF9yZXF1ZXN0IF0KCiAgdXBkYXRlcjoKICAgIGltYWdlOiBrYXJhbGFiZS94Z28tbGF0ZXN0OmxhdGVzdAogICAgcHVsbDogdHJ1ZQogICAgY29tbWFuZHM6CiAgICAgIC0gbWFrZSBwdWJsaXNoCiAgICB3aGVuOgogICAgICBldmVudDogWyBwdXNoLCB0YWcgXQogICAgICBicmFuY2g6IFsgbWFzdGVyLCByZWZzL3RhZ3MvKiBdCgogICMgZG9ja2VyOgogICMgICBpbWFnZTogcGx1Z2lucy9kb2NrZXIKICAjICAgcmVwbzogZ2l0ZWEvZ2l0ZWEKICAjICAgdGFnczogWyAnJHtUQUd9JyBdCiAgIyAgIHdoZW46CiAgIyAgICAgZXZlbnQ6IFsgdGFnIF0KICAjICAgICBicmFuY2g6IFsgcmVmcy90YWdzLyogXQoKICAjIGRvY2tlcjoKICAjICAgaW1hZ2U6IHBsdWdpbnMvZG9ja2VyCiAgIyAgIHJlcG86IGdpdGVhL2dpdGVhCiAgIyAgIHRhZ3M6IFsgJ2xhdGVzdCcgXQogICMgICB3aGVuOgogICMgICAgIGV2ZW50OiBbIHB1c2ggXQogICMgICAgIGJyYW5jaDogWyBtYXN0ZXIgXQoKICByZWxlYXNlOgogICAgaW1hZ2U6IHBsdWdpbnMvczMKICAgIHBhdGhfc3R5bGU6IHRydWUKICAgIHN0cmlwX3ByZWZpeDogZGlzdC9yZWxlYXNlLwogICAgc291cmNlOiBkaXN0L3JlbGVhc2UvKgogICAgdGFyZ2V0OiAvZ2l0ZWEvbWFzdGVyCiAgICB3aGVuOgogICAgICBldmVudDogWyBwdXNoIF0KICAgICAgYnJhbmNoOiBbIG1hc3RlciBdCgogIHJlbGVhc2U6CiAgICBpbWFnZTogcGx1Z2lucy9zMwogICAgcGF0aF9zdHlsZTogdHJ1ZQogICAgc3RyaXBfcHJlZml4OiBkaXN0L3JlbGVhc2UvCiAgICBzb3VyY2U6IGRpc3QvcmVsZWFzZS8qCiAgICB0YXJnZXQ6IC9naXRlYS8kJFRBRwogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgdGFnIF0KICAgICAgYnJhbmNoOiBbIHJlZnMvdGFncy8qIF0KCiAgZ2l0aHViOgogICAgaW1hZ2U6IHBsdWdpbnMvZ2l0aHViLXJlbGVhc2UKICAgIGZpbGVzOgogICAgICAtIGRpc3QvcmVsZWFzZS8qCiAgICB3aGVuOgogICAgICBldmVudDogWyB0YWcgXQogICAgICBicmFuY2g6IFsgcmVmcy90YWdzLyogXQoKICBnaXR0ZXI6CiAgICBpbWFnZTogcGx1Z2lucy9naXR0ZXIKCnNlcnZpY2VzOgogIG15c3FsOgogICAgaW1hZ2U6IG15c3FsOjUuNwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gTVlTUUxfREFUQUJBU0U9dGVzdAogICAgICAtIE1ZU1FMX0FMTE9XX0VNUFRZX1BBU1NXT1JEPXllcwogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgcHVzaCBdCgogIHBnc3FsOgogICAgaW1hZ2U6IHBvc3RncmVzOjkuNQogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9TVEdSRVNfREI9dGVzdAogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgcHVzaCBdCg.CJAqrylL68UPxR-wlKhIL9waJKRhw6isiol_f9Lx5ao
 eyJhbGciOiJIUzI1NiJ9.d29ya3NwYWNlOgogIGJhc2U6IC9zcnYvYXBwCiAgcGF0aDogc3JjL2NvZGUuZ2l0ZWEuaW8vZ2l0ZWEKCnBpcGVsaW5lOgogIHRlc3Q6CiAgICBpbWFnZTogd2ViaGlwcGllL2dvbGFuZzplZGdlCiAgICBwdWxsOiB0cnVlCiAgICBlbnZpcm9ubWVudDoKICAgICAgQ0dPX0VOQUJMRUQ6IDEKICAgICAgVEFHUzogY2VydCBzcWxpdGUgcGFtIG1pbml3aW5zdmMKICAgIGNvbW1hbmRzOgogICAgICAtIGFwayAtVSBhZGQgbGludXgtcGFtLWRldiBvcGVuc3NoLWNsaWVudAogICAgICAtIG1ha2UgY2xlYW4KICAgICAgLSBtYWtlIHZldAogICAgICAjIC0gbWFrZSBsaW50CiAgICAgIC0gbWFrZSB0ZXN0CiAgICAgIC0gbWFrZSBidWlsZAogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgcHVzaCwgdGFnLCBwdWxsX3JlcXVlc3QgXQoKICB0ZXN0LW15c3FsOgogICAgaW1hZ2U6IHdlYmhpcHBpZS9nb2xhbmc6ZWRnZQogICAgcHVsbDogdHJ1ZQogICAgY29tbWFuZHM6CiAgICAgLSBtYWtlIHRlc3QtbXlzcWwKICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2ggXQoKICB0ZXN0LXBnc3FsOgogICAgaW1hZ2U6IHdlYmhpcHBpZS9nb2xhbmc6ZWRnZQogICAgcHVsbDogdHJ1ZQogICAgY29tbWFuZHM6CiAgICAgLSBtYWtlIHRlc3QtcGdzcWwKICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2ggXQoKICBjb3ZlcmFnZToKICAgIGltYWdlOiBwbHVnaW5zL2NvdmVyYWdlCiAgICBzZXJ2ZXI6IGh0dHBzOi8vY292ZXJhZ2UuZ2l0ZWEuaW8KICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2gsIHRhZywgcHVsbF9yZXF1ZXN0IF0KCiAgdXBkYXRlcjoKICAgIGltYWdlOiBrYXJhbGFiZS94Z28tbGF0ZXN0OmxhdGVzdAogICAgcHVsbDogdHJ1ZQogICAgY29tbWFuZHM6CiAgICAgIC0gbWFrZSBwdWJsaXNoCiAgICB3aGVuOgogICAgICBldmVudDogWyBwdXNoLCB0YWcgXQogICAgICBicmFuY2g6IFsgbWFzdGVyLCByZWZzL3RhZ3MvKiBdCgogIGRvY2tlcjoKICAgIGltYWdlOiBwbHVnaW5zL2RvY2tlcgogICAgcmVwbzogZ2l0ZWEvZ2l0ZWEKICAgIHRhZ3M6IFsgJyR7VEFHfScgXQogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgdGFnIF0KICAgICAgYnJhbmNoOiBbIHJlZnMvdGFncy8qIF0KCiAgZG9ja2VyOgogICAgaW1hZ2U6IHBsdWdpbnMvZG9ja2VyCiAgICByZXBvOiBnaXRlYS9naXRlYQogICAgdGFnczogWyAnbGF0ZXN0JyBdCiAgICB3aGVuOgogICAgICBldmVudDogWyBwdXNoIF0KICAgICAgYnJhbmNoOiBbIG1hc3RlciBdCgogIHJlbGVhc2U6CiAgICBpbWFnZTogcGx1Z2lucy9zMwogICAgcGF0aF9zdHlsZTogdHJ1ZQogICAgc3RyaXBfcHJlZml4OiBkaXN0L3JlbGVhc2UvCiAgICBzb3VyY2U6IGRpc3QvcmVsZWFzZS8qCiAgICB0YXJnZXQ6IC9naXRlYS9tYXN0ZXIKICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2ggXQogICAgICBicmFuY2g6IFsgbWFzdGVyIF0KCiAgcmVsZWFzZToKICAgIGltYWdlOiBwbHVnaW5zL3MzCiAgICBwYXRoX3N0eWxlOiB0cnVlCiAgICBzdHJpcF9wcmVmaXg6IGRpc3QvcmVsZWFzZS8KICAgIHNvdXJjZTogZGlzdC9yZWxlYXNlLyoKICAgIHRhcmdldDogL2dpdGVhLyQkVEFHCiAgICB3aGVuOgogICAgICBldmVudDogWyB0YWcgXQogICAgICBicmFuY2g6IFsgcmVmcy90YWdzLyogXQoKICBnaXRodWI6CiAgICBpbWFnZTogcGx1Z2lucy9naXRodWItcmVsZWFzZQogICAgZmlsZXM6CiAgICAgIC0gZGlzdC9yZWxlYXNlLyoKICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHRhZyBdCiAgICAgIGJyYW5jaDogWyByZWZzL3RhZ3MvKiBdCgogIGdpdHRlcjoKICAgIGltYWdlOiBwbHVnaW5zL2dpdHRlcgoKc2VydmljZXM6CiAgbXlzcWw6CiAgICBpbWFnZTogbXlzcWw6NS43CiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBNWVNRTF9EQVRBQkFTRT10ZXN0CiAgICAgIC0gTVlTUUxfQUxMT1dfRU1QVFlfUEFTU1dPUkQ9eWVzCiAgICB3aGVuOgogICAgICBldmVudDogWyBwdXNoIF0KCiAgcGdzcWw6CiAgICBpbWFnZTogcG9zdGdyZXM6OS41CiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19EQj10ZXN0CiAgICB3aGVuOgogICAgICBldmVudDogWyBwdXNoIF0K.W-dU1J1yWsWKPzQp5YvXtNAxoTa-vP_OkmBenzqR00c
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,22 +1,44 @@
 FROM alpine:3.3
 MAINTAINER jp@roemer.im
 FROM alpine:3.4
 MAINTAINER Thomas Boerger <thomas@webhippie.de>

 # Install system utils & Gogs runtime dependencies
 ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-amd64 /usr/sbin/gosu
 RUN chmod +x /usr/sbin/gosu \
 && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata

 ENV GITEA_CUSTOM /data/gogs
 EXPOSE 22 3000

 COPY . /app/gogs/
 WORKDIR /app/gogs/
 RUN ./docker/build.sh
 RUN apk update && \
  apk add \
    su-exec \
    ca-certificates \
    sqlite \
    bash \
    git \
    linux-pam \
    s6 \
    curl \
    openssh \
    tzdata && \
  rm -rf \
    /var/cache/apk/* && \
  addgroup \
    -S -g 1000 \
    git && \
  adduser \
    -S -H -D \
    -h /data/git \
    -s /bin/bash \
    -u 1000 \
    -G git \
    git

 # Configure LibC Name Service
 COPY docker/nsswitch.conf /etc/nsswitch.conf
 ENV USER git
 ENV GITEA_CUSTOM /data/gitea
 ENV GODEBUG=netdns=go

 # Configure Docker Container
 VOLUME ["/data"]
 EXPOSE 22 3000
 ENTRYPOINT ["docker/start.sh"]
 CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]

 ENTRYPOINT ["/usr/bin/entrypoint"]
 CMD ["/bin/s6-svscan", "/etc/s6"]

 COPY docker /

 COPY public /app/gitea/public
 COPY templates /app/gitea/templates
 COPY bin/gitea /app/gitea/gitea
--- a/Dockerfile.rpi
+++ b/Dockerfile.rpi
@@ -1,25 +1,44 @@
 FROM hypriot/rpi-alpine-scratch:v3.2
 MAINTAINER jp@roemer.im, raxetul@gmail.com
 FROM hypriot/rpi-alpine-scratch:v3.4
 MAINTAINER Thomas Boerger <thomas@webhippie.de>

 # Install system utils & Gogs runtime dependencies
 ADD https://github.com/tianon/gosu/releases/download/1.9/gosu-armhf /usr/sbin/gosu
 RUN chmod +x /usr/sbin/gosu \
 && echo "http://dl-4.alpinelinux.org/alpine/v3.3/main/"      | tee /etc/apk/repositories    \
 && echo "http://dl-4.alpinelinux.org/alpine/v3.3/community/" | tee -a /etc/apk/repositories \
 && apk -U --no-progress upgrade && rm -f /var/cache/apk/APKINDEX.* \
 && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat tzdata

 ENV GITEA_CUSTOM /data/gogs
 EXPOSE 22 3000

 COPY . /app/gogs/
 WORKDIR /app/gogs/
 RUN ./docker/build.sh
 RUN apk update && \
  apk add \
    su-exec \
    ca-certificates \
    sqlite \
    bash \
    git \
    linux-pam \
    s6 \
    curl \
    openssh \
    tzdata && \
  rm -rf \
    /var/cache/apk/* && \
  addgroup \
    -S -g 1000 \
    git && \
  adduser \
    -S -H -D \
    -h /data/git \
    -s /bin/bash \
    -u 1000 \
    -G git \
    git

 # Configure LibC Name Service
 COPY docker/nsswitch.conf /etc/nsswitch.conf
 ENV USER git
 ENV GITEA_CUSTOM /data/gitea
 ENV GODEBUG=netdns=go

 # Configure Docker Container
 VOLUME ["/data"]
 EXPOSE 22 3000
 ENTRYPOINT ["docker/start.sh"]
 CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]

 ENTRYPOINT ["/usr/bin/entrypoint"]
 CMD ["/bin/s6-svscan", "/etc/s6"]

 COPY docker /

 COPY public /app/gitea/public
 COPY templates /app/gitea/templates
 COPY bin/gitea /app/gitea/gitea
--- a/docker/README.md
+++ b/docker/README.md
@@ -1,111 +0,0 @@
 # Docker for Gogs

 Visit [Docker Hub](https://hub.docker.com/r/gogs/) see all available images and tags.

 ## Usage

 To keep your data out of Docker container, we do a volume (`/var/gogs` -> `/data`) here, and you can change it based on your situation.

 ```
 # Pull image from Docker Hub.
 $ docker pull gogs/gogs

 # Create local directory for volume.
 $ mkdir -p /var/gogs

 # Use `docker run` for the first time.
 $ docker run --name=gogs -p 10022:22 -p 10080:3000 -v /var/gogs:/data gogs/gogs

 # Use `docker start` if you have stopped it.
 $ docker start gogs
 ```

 Note: It is important to map the Gogs ssh service from the container to the host and set the appropriate SSH Port and URI settings when setting up Gogs for the first time. To access and clone Gogs Git repositories with the above configuration you would use: `git clone ssh://git@hostname:10022/username/myrepo.git` for example.

 Files will be store in local path `/var/gogs` in my case.

 Directory `/var/gogs` keeps Git repositories and Gogs data:

    /var/gogs
    |-- git
    |   |-- gogs-repositories
    |-- ssh
    |   |-- # ssh public/private keys for Gogs
    |-- gogs
        |-- conf
        |-- data
        |-- log

 ### Volume with data container

 If you're more comfortable with mounting data to a data container, the commands you execute at the first time will look like as follows:

 ```
 # Create data container
 docker run --name=gogs-data --entrypoint /bin/true gogs/gogs

 # Use `docker run` for the first time.
 docker run --name=gogs --volumes-from gogs-data -p 10022:22 -p 10080:3000 gogs/gogs
 ```

 #### Using Docker 1.9 Volume command

 ```
 # Create docker volume.
 $ docker volume create --name gogs-data

 # Use `docker run` for the first time.
 $ docker run --name=gogs -p 10022:22 -p 10080:3000 -v gogs-data:/data gogs/gogs
 ```

 ## Settings

 ### Application

 Most of settings are obvious and easy to understand, but there are some settings can be confusing by running Gogs inside Docker:

 - **Repository Root Path**: keep it as default value `/home/git/gogs-repositories` because `start.sh` already made a symbolic link for you.
 - **Run User**: keep it as default value `git` because `start.sh` already setup a user with name `git`.
 - **Domain**: fill in with Docker container IP (e.g. `192.168.99.100`). But if you want to access your Gogs instance from a different physical machine, please fill in with the hostname or IP address of the Docker host machine.
 - **SSH Port**: Use the exposed port from Docker container. For example, your SSH server listens on `22` inside Docker, but you expose it by `10022:22`, then use `10022` for this value. **Builtin SSH server is not recommended inside Docker Container**
 - **HTTP Port**: Use port you want Gogs to listen on inside Docker container. For example, your Gogs listens on `3000` inside Docker, and you expose it by `10080:3000`, but you still use `3000` for this value.
 - **Application URL**: Use combination of **Domain** and **exposed HTTP Port** values (e.g. `http://192.168.99.100:10080/`).

 Full documentation of application settings can be found [here](https://gogs.io/docs/advanced/configuration_cheat_sheet.html).

 ### Container options

 This container have some options available via environment variables, these options are opt-in features that can help the administration of this container:

 - **SOCAT_LINK**:
  - <u>Possible value:</u>
      `true`, `false`, `1`, `0`
  - <u>Default:</u>
      `true`
  - <u>Action:</u>
      Bind linked docker container to localhost socket using socat.
      Any exported port from a linked container will be binded to the matching port on localhost.
  - <u>Disclaimer:</u>
      As this option rely on the environment variable created by docker when a container is linked, this option should be deactivated in managed environment such as Rancher or Kubernetes (set to `0` or `false`)
 - **RUN_CROND**:
  - <u>Possible value:</u>
      `true`, `false`, `1`, `0`
  - <u>Default:</u>
      `false`
  - <u>Action:</u>
      Request crond to be run inside the container. Its default configuration will periodically run all scripts from `/etc/periodic/${period}` but custom crontabs can be added to `/var/spool/cron/crontabs/`.

 ## Upgrade

 :exclamation::exclamation::exclamation:<span style="color: red">**Make sure you have volumed data to somewhere outside Docker container**</span>:exclamation::exclamation::exclamation:

 Steps to upgrade Gogs with Docker:

 - `docker pull gogs/gogs`
 - `docker stop gogs`
 - `docker rm gogs`
 - Finally, create container as the first time and don't forget to do same volume and port mapping.

 ## Known Issues

 - The docker container can not currently be build on Raspberry 1 (armv6l) as our base image `alpine` does not have a `go` package available for this platform.
--- a/docker/build.sh
+++ b/docker/build.sh
@@ -1,36 +0,0 @@
 #!/bin/sh
 set -x
 set -e

 # Set temp environment vars
 export GOPATH=/tmp/go
 export PATH=${PATH}:${GOPATH}/bin
 export GO15VENDOREXPERIMENT=1

 # Install build deps
 apk --no-cache --no-progress add --virtual build-deps build-base linux-pam-dev go

 # Install glide
 git clone -b 0.10.2 https://github.com/Masterminds/glide ${GOPATH}/src/github.com/Masterminds/glide
 cd ${GOPATH}/src/github.com/Masterminds/glide
 make build
 go install



 # Build Gogs
 mkdir -p ${GOPATH}/src/github.com/gogits/
 ln -s /app/gogs/ ${GOPATH}/src/github.com/go-gitea/gitea
 cd ${GOPATH}/src/github.com/go-gitea/gitea
 glide install
 make build TAGS="sqlite cert pam"

 # Cleanup GOPATH & vendoring dir
 rm -r $GOPATH /app/gogs/vendor

 # Remove build deps
 apk --no-progress del build-deps

 # Create git user for Gogs
 adduser -H -D -g 'Gogs Git User' git -h /data/git -s /bin/bash && passwd -u git
 echo "export GITEA_CUSTOM=${GITEA_CUSTOM}" >> /etc/profile
--- a/docker/etc/nsswitch.conf
+++ b/docker/etc/nsswitch.conf
@@ -13,4 +13,3 @@ ethers:         db files
 rpc:            db files

 netgroup:       nis

--- a/docker/etc/profile.d/gitea.sh
+++ b/docker/etc/profile.d/gitea.sh
@@ -0,0 +1,2 @@
 #!/bin/bash
 export GITEA_CUSTOM=/data/gitea
--- a/docker/etc/s6/.s6-svscan/finish
+++ b/docker/etc/s6/.s6-svscan/finish
@@ -0,0 +1,2 @@
 #!/bin/bash
 exit 0
--- a/docker/etc/s6/gitea/finish
+++ b/docker/etc/s6/gitea/finish
@@ -0,0 +1,2 @@
 #!/bin/bash
 exit 0
--- a/docker/etc/s6/gitea/run
+++ b/docker/etc/s6/gitea/run
@@ -0,0 +1,6 @@
 #!/bin/bash
 [[ -f ./setup ]] && source ./setup

 pushd /app/gitea > /dev/null
    exec su-exec git /app/gitea/gitea web
 popd
--- a/docker/etc/s6/gitea/setup
+++ b/docker/etc/s6/gitea/setup
@@ -0,0 +1,19 @@
 #!/bin/bash

 if [ ! -d /data/git/.ssh ]; then
    mkdir -p /data/git/.ssh
    chmod 700 /data/git/.ssh
 fi

 if [ ! -f /data/git/.ssh/environment ]; then
    echo "GITEA_CUSTOM=/data/gitea" >| /data/git/.ssh/environment
    chmod 600 /data/git/.ssh/environment
 fi

 if [ ! -f /data/gitea/conf/app.ini ]; then
    mkdir -p /data/gitea/conf
    cp /etc/templates/app.ini /data/gitea/conf/app.ini
 fi

 chown -R git:git /data/gitea /app/gitea /data/git
 chmod 0755 /data/gitea /app/gitea /data/git
--- a/docker/etc/s6/openssh/finish
+++ b/docker/etc/s6/openssh/finish
@@ -0,0 +1,2 @@
 #!/bin/bash
 exit 0
--- a/docker/etc/s6/openssh/run
+++ b/docker/etc/s6/openssh/run
@@ -0,0 +1,6 @@
 #!/bin/bash
 [[ -f ./setup ]] && source ./setup

 pushd /root > /dev/null
    exec su-exec root /usr/sbin/sshd -E /var/log/sshd.log -D
 popd
--- a/docker/etc/s6/openssh/setup
+++ b/docker/etc/s6/openssh/setup
@@ -0,0 +1,29 @@
 #!/bin/bash

 if [ ! -d /data/ssh ]; then
    mkdir -p /data/ssh
 fi

 if [ ! -f /data/ssh/ssh_host_ed25519_key ]; then
    echo "Generating /data/ssh/ssh_host_ed25519_key..."
    ssh-keygen -t ed25519 -b 4096 -f /data/ssh/ssh_host_ed25519_key -N "" > /dev/null
 fi

 if [ ! -f /data/ssh/ssh_host_rsa_key ]; then
    echo "Generating /data/ssh/ssh_host_rsa_key..."
    ssh-keygen -t rsa -b 2048 -f /data/ssh/ssh_host_rsa_key -N "" > /dev/null
 fi

 if [ ! -f /data/ssh/ssh_host_dsa_key ]; then
    echo "Generating /data/ssh/ssh_host_dsa_key..."
    ssh-keygen -t dsa -f /data/ssh/ssh_host_dsa_key -N "" > /dev/null
 fi

 if [ ! -f /data/ssh/ssh_host_ecdsa_key ]; then
    echo "Generating /data/ssh/ssh_host_ecdsa_key..."
    ssh-keygen -t ecdsa -b 256 -f /data/ssh/ssh_host_ecdsa_key -N "" > /dev/null
 fi

 chown root:root /data/ssh/*
 chmod 0700 /data/ssh
 chmod 0600 /data/ssh/*
--- a/docker/etc/s6/syslogd/finish
+++ b/docker/etc/s6/syslogd/finish
@@ -0,0 +1,2 @@
 #!/bin/bash
 exit 0
--- a/docker/etc/s6/syslogd/run
+++ b/docker/etc/s6/syslogd/run
@@ -0,0 +1,6 @@
 #!/bin/bash
 [[ -f ./setup ]] && source ./setup

 pushd /root > /dev/null
    exec su-exec root /sbin/syslogd -nS -O-
 popd
--- a/docker/etc/s6/syslogd/setup
+++ b/docker/etc/s6/syslogd/setup
@@ -0,0 +1 @@
 #!/bin/bash
--- a/docker/etc/ssh/sshd_config
+++ b/docker/etc/ssh/sshd_config
@@ -1,16 +1,33 @@
 Port 22
 Protocol 2

 AddressFamily any
 ListenAddress 0.0.0.0
 ListenAddress ::
 Protocol 2

 LogLevel INFO

 HostKey /data/ssh/ssh_host_ed25519_key
 HostKey /data/ssh/ssh_host_rsa_key
 HostKey /data/ssh/ssh_host_dsa_key
 HostKey /data/ssh/ssh_host_ecdsa_key
 HostKey /data/ssh/ssh_host_ed25519_key

 AuthorizedKeysFile .ssh/authorized_keys

 UseDNS no
 AllowAgentForwarding no
 AllowTcpForwarding no
 PrintMotd no
 PrintLastLog no

 PermitUserEnvironment yes
 PermitRootLogin no
 AuthorizedKeysFile	.ssh/authorized_keys
 ChallengeResponseAuthentication no
 PasswordAuthentication no
 UsePrivilegeSeparation no
 PermitUserEnvironment yes
 PermitEmptyPasswords no

 AllowUsers git

 Banner none
 Subsystem sftp /usr/lib/ssh/sftp-server
 UsePrivilegeSeparation no
--- a/docker/etc/templates/app.ini
+++ b/docker/etc/templates/app.ini
@@ -0,0 +1,24 @@
 [repository]
 ROOT = /data/git/repositories

 [repository.upload]
 TEMP_PATH = /data/gitea/uploads

 [server]
 APP_DATA_PATH = /data/gitea

 [database]
 HOST = mysql:3306
 PATH = /data/gitea/gitea.db

 [session]
 PROVIDER_CONFIG = /data/gitea/sessions

 [picture]
 AVATAR_UPLOAD_PATH = /data/gitea/avatars

 [attachment]
 PATH = /data/gitea/attachments

 [log]
 ROOT_PATH = /data/gitea/log
--- a/docker/s6/.s6-svscan/finish
+++ b/docker/s6/.s6-svscan/finish
@@ -1,5 +0,0 @@
 #!/bin/sh

 # Cleanup SOCAT services and s6 event folder
 rm -rf $(find /app/gogs/docker/s6/ -name 'event')
 rm -rf /app/gogs/docker/s6/SOCAT_*
--- a/docker/s6/crond/down
+++ b/docker/s6/crond/down
--- a/docker/s6/crond/run
+++ b/docker/s6/crond/run
@@ -1,9 +0,0 @@
 #!/bin/sh
 # Crontabs are located by default in /var/spool/cron/crontabs/
 # The default configuration is also calling all the scripts in /etc/periodic/${period}

 if test -f ./setup; then
    source ./setup
 fi

 exec gosu root /usr/sbin/crond -fS
--- a/docker/s6/gogs/run
+++ b/docker/s6/gogs/run
@@ -1,8 +0,0 @@
 #!/bin/sh

 if test -f ./setup; then
    source ./setup
 fi

 export USER=git
 exec gosu $USER /app/gogs/gogs web
--- a/docker/s6/gogs/setup
+++ b/docker/s6/gogs/setup
@@ -1,23 +0,0 @@
 #!/bin/sh

 if ! test -d ~git/.ssh; then
    mkdir -p ~git/.ssh
    chmod 700 ~git/.ssh
 fi

 if ! test -f ~git/.ssh/environment; then
    echo "GITEA_CUSTOM=${GITEA_CUSTOM}" > ~git/.ssh/environment
    chmod 600 ~git/.ssh/environment
 fi

 cd /app/gogs

 # Link volumed data with app data
 ln -sf /data/gogs/log  ./log
 ln -sf /data/gogs/data ./data

 # Backward Compatibility with Gogs Container v0.6.15
 ln -sf /data/git /home/git

 chown -R git:git /data /app/gogs ~git/
 chmod 0755 /data /data/gogs ~git/
--- a/docker/s6/openssh/run
+++ b/docker/s6/openssh/run
@@ -1,7 +0,0 @@
 #!/bin/sh

 if test -f ./setup; then
    source ./setup
 fi

 exec gosu root /usr/sbin/sshd -D -f /app/gogs/docker/sshd_config
--- a/docker/s6/openssh/setup
+++ b/docker/s6/openssh/setup
@@ -1,23 +0,0 @@
 #!/bin/sh

 # Check if host keys are present, else create them
 if ! test -f /data/ssh/ssh_host_rsa_key; then
    ssh-keygen -q -f /data/ssh/ssh_host_rsa_key -N '' -t rsa
 fi

 if ! test -f /data/ssh/ssh_host_dsa_key; then
    ssh-keygen -q -f /data/ssh/ssh_host_dsa_key -N '' -t dsa
 fi

 if ! test -f /data/ssh/ssh_host_ecdsa_key; then
    ssh-keygen -q -f /data/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
 fi

 if ! test -f /data/ssh/ssh_host_ed25519_key; then
    ssh-keygen -q -f /data/ssh/ssh_host_ed25519_key -N '' -t ed25519
 fi

 # Set correct right to ssh keys
 chown -R root:root /data/ssh/*
 chmod 0700 /data/ssh
 chmod 0600 /data/ssh/*
--- a/docker/s6/syslogd/run
+++ b/docker/s6/syslogd/run
@@ -1,7 +0,0 @@
 #!/bin/sh

 if test -f ./setup; then
    source ./setup
 fi

 exec gosu root /sbin/syslogd -nS -O-
--- a/docker/start.sh
+++ b/docker/start.sh
@@ -1,65 +0,0 @@
 #!/bin/sh

 create_socat_links() {
    # Bind linked docker container to localhost socket using socat
    USED_PORT="3000:22"
    while read NAME ADDR PORT; do
        if test -z "$NAME$ADDR$PORT"; then
            continue
        elif echo $USED_PORT | grep -E "(^|:)$PORT($|:)" > /dev/null; then
            echo "init:socat  | Can't bind linked container ${NAME} to localhost, port ${PORT} already in use" 1>&2
        else
            SERV_FOLDER=/app/gogs/docker/s6/SOCAT_${NAME}_${PORT}
            mkdir -p ${SERV_FOLDER}
            CMD="socat -ls TCP4-LISTEN:${PORT},fork,reuseaddr TCP4:${ADDR}:${PORT}"
            echo -e "#!/bin/sh\nexec $CMD" > ${SERV_FOLDER}/run
            chmod +x ${SERV_FOLDER}/run
            USED_PORT="${USED_PORT}:${PORT}"
            echo "init:socat  | Linked container ${NAME} will be binded to localhost on port ${PORT}" 1>&2
        fi
    done << EOT
    $(env | sed -En 's|(.*)_PORT_([0-9]+)_TCP=tcp://(.*):([0-9]+)|\1 \3 \4|p')
 EOT
 }

 cleanup() {
    # Cleanup SOCAT services and s6 event folder
    # On start and on shutdown in case container has been killed
    rm -rf $(find /app/gogs/docker/s6/ -name 'event')
    rm -rf /app/gogs/docker/s6/SOCAT_*
 }

 create_volume_subfolder() {
    # Create VOLUME subfolder
    for f in /data/gogs/data /data/gogs/conf /data/gogs/log /data/git /data/ssh; do
        if ! test -d $f; then
            mkdir -p $f
        fi
    done
 }

 cleanup
 create_volume_subfolder

 LINK=$(echo "$SOCAT_LINK" | tr '[:upper:]' '[:lower:]')
 if [ "$LINK" = "false" -o "$LINK" = "0" ]; then
    echo "init:socat  | Will not try to create socat links as requested" 1>&2
 else
    create_socat_links
 fi

 CROND=$(echo "$RUN_CROND" | tr '[:upper:]' '[:lower:]')
 if [ "$CROND" = "true" -o "$CROND" = "1" ]; then
    echo "init:crond  | Cron Daemon (crond) will be run as requested by s6" 1>&2
    rm -f /app/gogs/docker/s6/crond/down
 else
    # Tell s6 not to run the crond service
    touch /app/gogs/docker/s6/crond/down
 fi

 # Exec CMD or S6 by default if nothing present
 if [ $# -gt 0 ];then
    exec "$@"
 else
    exec /bin/s6-svscan /app/gogs/docker/s6/
 fi
--- a/docker/usr/bin/entrypoint
+++ b/docker/usr/bin/entrypoint
@@ -0,0 +1,11 @@
 #!/bin/sh

 for FOLDER in /data/gitea/conf /data/gitea/log /data/git /data/ssh; do
    mkdir -p ${FOLDER}
 done

 if [ $# -gt 0 ]; then
    exec "$@"
 else
    exec /bin/s6-svscan /etc/s6
 fi