keays.io
+4
-2
Dockerfile
+4
-2
Dockerfile
···
11
11
12
12
from alpine:edge
13
13
expose 5555
14
-
expose 22
14
+
expose 2222
15
15
16
16
label org.opencontainers.image.title='knot'
17
17
label org.opencontainers.image.description='data server for tangled'
···
21
21
label org.opencontainers.image.licenses='MIT'
22
22
23
23
copy rootfs .
24
+
run chmod 755 /bad-init
24
25
run chmod 755 /etc
25
26
run chmod -R 755 /etc/s6-overlay
26
27
run apk add shadow s6-overlay execline openssl openssh git curl bash
27
28
run useradd -d /home/git git && openssl rand -hex 16 | passwd --stdin git
28
29
run mkdir -p /home/git/repositories && chown -R git:git /home/git
30
+
run mkdir -p /run/s6/container_environment && chown -R git:git /run/s6/container_environment
29
31
copy --from=builder /usr/bin/knot /usr/bin
30
32
run mkdir /app && chown -R git:git /app
31
33
32
34
healthcheck --interval=60s --timeout=30s --start-period=5s --retries=3 \
33
35
cmd curl -f http://localhost:5555 || exit 1
34
36
35
-
entrypoint ["/init"]
37
+
entrypoint ["/bad-init"]
+17
rootfs/bad-init
+17
rootfs/bad-init
···
1
+
#!/bin/sh
2
+
3
+
# Because volume mount
4
+
mkdir -p /home/git/repositories
5
+
chown git:git /home/git
6
+
7
+
/etc/s6-overlay/scripts/create-sshd-host-keys
8
+
9
+
chown -R git:git /home/git/ssh
10
+
chmod 0600 /home/git/ssh/keys/*
11
+
chmod 0644 /home/git/ssh/keys/*.pub
12
+
13
+
./etc/s6-overlay/s6-rc.d/sshd/run &
14
+
15
+
./etc/s6-overlay/s6-rc.d/knotserver/run &
16
+
17
+
wait -n
+1
-1
rootfs/etc/s6-overlay/s6-rc.d/knotserver/run
+1
-1
rootfs/etc/s6-overlay/s6-rc.d/knotserver/run
+7
-8
rootfs/etc/s6-overlay/scripts/create-sshd-host-keys
+7
-8
rootfs/etc/s6-overlay/scripts/create-sshd-host-keys
···
1
1
#!/usr/bin/execlineb -P
2
2
3
3
foreground {
4
-
if -n { test -d /etc/ssh/keys }
5
-
mkdir /etc/ssh/keys
4
+
mkdir -p /home/git/ssh/keys
6
5
}
7
6
8
7
foreground {
9
-
if -n { test -f /etc/ssh/keys/ssh_host_rsa_key }
10
-
ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_rsa_key -q -N ""
8
+
if -n { test -f /home/git/ssh/keys/ssh_host_rsa_key }
9
+
ssh-keygen -t rsa -f /home/git/ssh/keys/ssh_host_rsa_key -q -N ""
11
10
}
12
11
13
12
foreground {
14
-
if -n { test -f /etc/ssh/keys/ssh_host_ecdsa_key }
15
-
ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_ecdsa_key -q -N ""
13
+
if -n { test -f /home/git/ssh/keys/ssh_host_ecdsa_key }
14
+
ssh-keygen -t rsa -f /home/git/ssh/keys/ssh_host_ecdsa_key -q -N ""
16
15
}
17
16
18
17
foreground {
19
-
if -n { test -f /etc/ssh/keys/ssh_host_ed25519_key }
20
-
ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_ed25519_key -q -N ""
18
+
if -n { test -f /home/git/ssh/keys/ssh_host_ed25519_key }
19
+
ssh-keygen -t rsa -f /home/git/ssh/keys/ssh_host_ed25519_key -q -N ""
21
20
}
+5
-3
rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf
+5
-3
rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf
···
1
-
HostKey /etc/ssh/keys/ssh_host_rsa_key
2
-
HostKey /etc/ssh/keys/ssh_host_ecdsa_key
3
-
HostKey /etc/ssh/keys/ssh_host_ed25519_key
1
+
Port 2222
2
+
3
+
HostKey /home/git/ssh/keys/ssh_host_rsa_key
4
+
HostKey /home/git/ssh/keys/ssh_host_ecdsa_key
5
+
HostKey /home/git/ssh/keys/ssh_host_ed25519_key
4
6
5
7
PasswordAuthentication no
6
8
+42
fly.toml
+42
fly.toml
···
1
+
# fly.toml app configuration file generated for naught on 2025-09-25T23:14:35-04:00
2
+
#
3
+
# See https://fly.io/docs/reference/configuration/ for information about how to use this file.
4
+
#
5
+
6
+
app = 'naught'
7
+
primary_region = 'ewr'
8
+
9
+
[build]
10
+
11
+
[env]
12
+
KNOT_SERVER_HOSTNAME = 'naught.keays.io'
13
+
KNOT_SERVER_OWNER = 'did:plc:37hudfm25vmjn57cslybnt34'
14
+
KNOT_SERVER_DB_PATH = '/home/git/knotserver.db'
15
+
KNOT_REPO_SCAN_PATH = '/home/git/repositories'
16
+
KNOT_SERVER_INTERNAL_LISTEN_ADDR = 'localhost:5444'
17
+
18
+
[mounts]
19
+
source="git_home"
20
+
destination="/home/git"
21
+
read_only=false
22
+
23
+
[http_service]
24
+
internal_port = 5555
25
+
force_https = true
26
+
auto_stop_machines = 'stop'
27
+
auto_start_machines = true
28
+
min_machines_running = 0
29
+
processes = ['app']
30
+
31
+
[[services]]
32
+
internal_port = 2222
33
+
protocol = "tcp"
34
+
auto_stop_machines = true
35
+
auto_start_machines = true
36
+
[[services.ports]]
37
+
port = 22
38
+
39
+
[[vm]]
40
+
memory = '1gb'
41
+
cpu_kind = 'shared'
42
+
cpus = 1