keays.io / knot-docker
forked from tangled.org/knot-docker
Community maintained Docker config for the knot server
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+76 -14
Dockerfile
fly.toml
rootfs
bad-init
etc
s6-overlay
s6-rc.d
knotserver
run
scripts
create-sshd-host-keys
ssh
sshd_config.d
tangled_sshd.conf
+4 -2
Dockerfile
··· 11 12 from alpine:edge 13 expose 5555 14 - expose 22 15 16 label org.opencontainers.image.title='knot' 17 label org.opencontainers.image.description='data server for tangled' ··· 21 label org.opencontainers.image.licenses='MIT' 22 23 copy rootfs . 24 run chmod 755 /etc 25 run chmod -R 755 /etc/s6-overlay 26 run apk add shadow s6-overlay execline openssl openssh git curl bash 27 run useradd -d /home/git git && openssl rand -hex 16 | passwd --stdin git 28 run mkdir -p /home/git/repositories && chown -R git:git /home/git 29 copy --from=builder /usr/bin/knot /usr/bin 30 run mkdir /app && chown -R git:git /app 31 32 healthcheck --interval=60s --timeout=30s --start-period=5s --retries=3 \ 33 cmd curl -f http://localhost:5555 || exit 1 34 35 - entrypoint ["/init"]
··· 11 12 from alpine:edge 13 expose 5555 14 + expose 2222 15 16 label org.opencontainers.image.title='knot' 17 label org.opencontainers.image.description='data server for tangled' ··· 21 label org.opencontainers.image.licenses='MIT' 22 23 copy rootfs . 24 + run chmod 755 /bad-init 25 run chmod 755 /etc 26 run chmod -R 755 /etc/s6-overlay 27 run apk add shadow s6-overlay execline openssl openssh git curl bash 28 run useradd -d /home/git git && openssl rand -hex 16 | passwd --stdin git 29 run mkdir -p /home/git/repositories && chown -R git:git /home/git 30 + run mkdir -p /run/s6/container_environment && chown -R git:git /run/s6/container_environment 31 copy --from=builder /usr/bin/knot /usr/bin 32 run mkdir /app && chown -R git:git /app 33 34 healthcheck --interval=60s --timeout=30s --start-period=5s --retries=3 \ 35 cmd curl -f http://localhost:5555 || exit 1 36 37 + entrypoint ["/bad-init"]
+17
rootfs/bad-init
···
··· 1 + #!/bin/sh 2 + 3 + # Because volume mount 4 + mkdir -p /home/git/repositories 5 + chown git:git /home/git 6 + 7 + /etc/s6-overlay/scripts/create-sshd-host-keys 8 + 9 + chown -R git:git /home/git/ssh 10 + chmod 0600 /home/git/ssh/keys/* 11 + chmod 0644 /home/git/ssh/keys/*.pub 12 + 13 + ./etc/s6-overlay/s6-rc.d/sshd/run & 14 + 15 + ./etc/s6-overlay/s6-rc.d/knotserver/run & 16 + 17 + wait -n
+1 -1
rootfs/etc/s6-overlay/s6-rc.d/knotserver/run
··· 1 - #!/command/with-contenv ash 2 3 exec s6-setuidgid git /usr/bin/knot server
··· 1 + #!/bin/sh 2 3 exec s6-setuidgid git /usr/bin/knot server
+7 -8
rootfs/etc/s6-overlay/scripts/create-sshd-host-keys
··· 1 #!/usr/bin/execlineb -P 2 3 foreground { 4 - if -n { test -d /etc/ssh/keys } 5 - mkdir /etc/ssh/keys 6 } 7 8 foreground { 9 - if -n { test -f /etc/ssh/keys/ssh_host_rsa_key } 10 - ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_rsa_key -q -N "" 11 } 12 13 foreground { 14 - if -n { test -f /etc/ssh/keys/ssh_host_ecdsa_key } 15 - ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_ecdsa_key -q -N "" 16 } 17 18 foreground { 19 - if -n { test -f /etc/ssh/keys/ssh_host_ed25519_key } 20 - ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_ed25519_key -q -N "" 21 }
··· 1 #!/usr/bin/execlineb -P 2 3 foreground { 4 + mkdir -p /home/git/ssh/keys 5 } 6 7 foreground { 8 + if -n { test -f /home/git/ssh/keys/ssh_host_rsa_key } 9 + ssh-keygen -t rsa -f /home/git/ssh/keys/ssh_host_rsa_key -q -N "" 10 } 11 12 foreground { 13 + if -n { test -f /home/git/ssh/keys/ssh_host_ecdsa_key } 14 + ssh-keygen -t rsa -f /home/git/ssh/keys/ssh_host_ecdsa_key -q -N "" 15 } 16 17 foreground { 18 + if -n { test -f /home/git/ssh/keys/ssh_host_ed25519_key } 19 + ssh-keygen -t rsa -f /home/git/ssh/keys/ssh_host_ed25519_key -q -N "" 20 }
+5 -3
rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf
··· 1 - HostKey /etc/ssh/keys/ssh_host_rsa_key 2 - HostKey /etc/ssh/keys/ssh_host_ecdsa_key 3 - HostKey /etc/ssh/keys/ssh_host_ed25519_key 4 5 PasswordAuthentication no 6
··· 1 + Port 2222 2 + 3 + HostKey /home/git/ssh/keys/ssh_host_rsa_key 4 + HostKey /home/git/ssh/keys/ssh_host_ecdsa_key 5 + HostKey /home/git/ssh/keys/ssh_host_ed25519_key 6 7 PasswordAuthentication no 8
+42
fly.toml
···
··· 1 + # fly.toml app configuration file generated for naught on 2025-09-25T23:14:35-04:00 2 + # 3 + # See https://fly.io/docs/reference/configuration/ for information about how to use this file. 4 + # 5 + 6 + app = 'naught' 7 + primary_region = 'ewr' 8 + 9 + [build] 10 + 11 + [env] 12 + KNOT_SERVER_HOSTNAME = 'naught.keays.io' 13 + KNOT_SERVER_OWNER = 'did:plc:37hudfm25vmjn57cslybnt34' 14 + KNOT_SERVER_DB_PATH = '/home/git/knotserver.db' 15 + KNOT_REPO_SCAN_PATH = '/home/git/repositories' 16 + KNOT_SERVER_INTERNAL_LISTEN_ADDR = 'localhost:5444' 17 + 18 + [mounts] 19 + source="git_home" 20 + destination="/home/git" 21 + read_only=false 22 + 23 + [http_service] 24 + internal_port = 5555 25 + force_https = true 26 + auto_stop_machines = 'stop' 27 + auto_start_machines = true 28 + min_machines_running = 0 29 + processes = ['app'] 30 + 31 + [[services]] 32 + internal_port = 2222 33 + protocol = "tcp" 34 + auto_stop_machines = true 35 + auto_start_machines = true 36 + [[services.ports]] 37 + port = 22 38 + 39 + [[vm]] 40 + memory = '1gb' 41 + cpu_kind = 'shared' 42 + cpus = 1