docker: fix config #198

closed

opened by

knotbin.com 7 months ago targeting master from [deleted fork]: fix-docker

(i be traumatized) fixes knotguard options, along with some more config improvements and fixes in docker compose and dockerfile

options

unified split

Changed files

+4 -3

docker

Dockerfile

docker-compose.yml

rootfs

etc

ssh

sshd_config.d

tangled_sshd.conf

+2 -1

docker/Dockerfile

··· 1 FROM docker.io/golang:1.24-alpine3.21 AS build 2 3 ENV CGO_ENABLED=1 4 WORKDIR /usr/src/app 5 COPY go.mod go.sum ./ 6 ··· 34 EXPOSE 22 35 EXPOSE 5555 36 37 - ENTRYPOINT ["/bin/sh", "-c", "chown git:git /app && chown git:git /home/git/repositories && /init"]

··· 1 FROM docker.io/golang:1.24-alpine3.21 AS build 2 3 ENV CGO_ENABLED=1 4 + ENV KNOT_REPO_SCAN_PATH=/home/git/repositories 5 WORKDIR /usr/src/app 6 COPY go.mod go.sum ./ 7 ··· 35 EXPOSE 22 36 EXPOSE 5555 37 38 + ENTRYPOINT ["/bin/sh", "-c", "chown git:git /app && chown -R git:git \"$KNOT_REPO_SCAN_PATH\" && /init"]

+1 -1

docker/rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf

··· 5 PasswordAuthentication no 6 7 Match User git 8 - AuthorizedKeysCommand /usr/local/bin/knot keys -o authorized-keys 9 AuthorizedKeysCommandUser nobody

··· 5 PasswordAuthentication no 6 7 Match User git 8 + AuthorizedKeysCommand /usr/local/bin/knot keys -output authorized-keys -internal-api http://$(echo ${KNOT_SERVER_INTERNAL_LISTEN_ADDR:-localhost:5444}) -git-dir ${KNOT_REPO_SCAN_PATH:-/home/git/repositories} -log-path /tmp/knotguard.log 9 AuthorizedKeysCommandUser nobody

+1 -1

docker/docker-compose.yml

··· 30 - "${KNOT_SERVER_PORT:-443}:443" 31 - "${KNOT_SERVER_PORT:-443}:443/udp" 32 volumes: 33 - - caddy_data: 34 restart: always 35 profiles: ["caddy"]

··· 30 - "${KNOT_SERVER_PORT:-443}:443" 31 - "${KNOT_SERVER_PORT:-443}:443/udp" 32 volumes: 33 + - caddy_data:/data 34 restart: always 35 profiles: ["caddy"]