use git instead of cloudron as user

This commit is contained in:
girish@cloudron.io 2016-02-21 18:52:08 -08:00
parent d69fc238bb
commit 8c5e97b351
5 changed files with 28 additions and 23 deletions

View File

@ -6,27 +6,32 @@ RUN apt-get update && \
ADD supervisor/ /etc/supervisor/conf.d/ ADD supervisor/ /etc/supervisor/conf.d/
RUN mkdir -p /home/cloudron/gogs RUN adduser --disabled-login --gecos 'Gogs' git
# by default, git account is created as inactive which prevents login via openssh
# https://github.com/gitlabhq/gitlabhq/issues/5304
RUN passwd -d git
RUN mkdir -p /home/git/gogs
## TODO: use redis as well ## TODO: use redis as well
RUN cd /home/cloudron/gogs && \ RUN cd /home/git/gogs && \
curl -L https://github.com/gogits/gogs/releases/download/v0.8.25/linux_amd64.tar.gz | tar zxvf - --strip-components 1 curl -L https://github.com/gogits/gogs/releases/download/v0.8.25/linux_amd64.tar.gz | tar zxvf - --strip-components 1
# setup config paths # setup config paths
ADD app.ini.template /home/cloudron/app.ini.template ADD app.ini.template /home/git/app.ini.template
RUN mkdir -p /run/gogs && chown -R cloudron:cloudron /run/gogs RUN mkdir -p /run/gogs && chown -R git:git /run/gogs
# setup log paths # setup log paths
RUN mkdir -p /run/gogs && chown -R cloudron:cloudron /run/gogs RUN mkdir -p /run/gogs && chown -R git:git /run/gogs
RUN sed -e 's,^logfile=.*$,logfile=/run/gogs/supervisord.log,' -i /etc/supervisor/supervisord.conf RUN sed -e 's,^logfile=.*$,logfile=/run/gogs/supervisord.log,' -i /etc/supervisor/supervisord.conf
RUN ln -s /app/data/ssh /home/cloudron/.ssh RUN ln -s /app/data/ssh /home/git/.ssh
RUN ln -s /app/data/gitconfig /home/cloudron/.gitconfig RUN ln -s /app/data/gitconfig /home/git/.gitconfig
ADD start.sh /home/cloudron/start.sh ADD start.sh /home/git/start.sh
# disable pam authentication for sshd # disable pam authentication for sshd
RUN sed -e 's/UsePAM yes/UsePAM no/' -e 's/UsePrivilegeSeparation yes/UsePrivilegeSeparation no/' -i /etc/ssh/sshd_config RUN sed -e 's/UsePAM yes/UsePAM no/' -e 's/UsePrivilegeSeparation yes/UsePrivilegeSeparation no/' -i /etc/ssh/sshd_config
RUN echo "UseDNS no" >> /etc/ssh/sshd_config RUN echo "UseDNS no" >> /etc/ssh/sshd_config
CMD [ "/home/cloudron/start.sh" ] CMD [ "/home/git/start.sh" ]

View File

@ -1,5 +1,5 @@
APP_NAME = Gogs: Go Git Service APP_NAME = Gogs: Go Git Service
RUN_USER = cloudron RUN_USER = git
RUN_MODE = prod RUN_MODE = prod
[database] [database]

View File

@ -36,11 +36,11 @@ sed -e "s/##DOMAIN/${APP_DOMAIN}/g" \
-e "s/##MAIL_PORT/${MAIL_SMTP_PORT}/g" \ -e "s/##MAIL_PORT/${MAIL_SMTP_PORT}/g" \
-e "s/##MAIL_FROM/${MAIL_SMTP_USERNAME}@${MAIL_DOMAIN}/g" \ -e "s/##MAIL_FROM/${MAIL_SMTP_USERNAME}@${MAIL_DOMAIN}/g" \
-e "s/##SECRET_KEY/$(pwgen -1 -s)/g" \ -e "s/##SECRET_KEY/$(pwgen -1 -s)/g" \
/home/cloudron/app.ini.template > "/run/gogs/app.ini" /home/git/app.ini.template > "/run/gogs/app.ini"
mkdir -p /app/data/repository /app/data/ssh mkdir -p /app/data/repository /app/data/ssh
chown -R cloudron.cloudron /app/data /run/gogs chown -R git:git /app/data /run/gogs
( setup_ldap_source ) & ( setup_ldap_source ) &

View File

@ -1,7 +1,7 @@
[program:gogs] [program:gogs]
directory=/home/cloudron/gogs directory=/home/git/gogs
command=/home/cloudron/gogs/gogs web -c /run/gogs/app.ini -p 3000 command=/home/git/gogs/gogs web -c /run/gogs/app.ini -p 3000
user=cloudron user=git
autostart=true autostart=true
autorestart=true autorestart=true
; https://veithen.github.io/2015/01/08/supervisord-redirecting-stdout.html ; https://veithen.github.io/2015/01/08/supervisord-redirecting-stdout.html
@ -9,4 +9,4 @@ stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0 stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0 stderr_logfile_maxbytes=0
environment=HOME="/home/cloudron",USER="cloudron" environment=HOME="/home/git",USER="git"

View File

@ -115,7 +115,7 @@ describe('Application life cycle test', function () {
browser.get('https://' + app.fqdn + '/' + username + '/' + reponame); browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
browser.findElement(by.id('repo-clone-ssh')).click(); browser.findElement(by.id('repo-clone-ssh')).click();
browser.findElement(by.id('repo-clone-url')).getAttribute('value').then(function (cloneUrl) { browser.findElement(by.id('repo-clone-url')).getAttribute('value').then(function (cloneUrl) {
expect(cloneUrl).to.be('ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git'); expect(cloneUrl).to.be('ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git');
done(); done();
}); });
}); });
@ -123,14 +123,14 @@ describe('Application life cycle test', function () {
it('can clone the url', function (done) { it('can clone the url', function (done) {
var env = Object.create(process.env); var env = Object.create(process.env);
env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh'; env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
execSync('git clone ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env }); execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
done(); done();
}); });
it('can add and push a file', function (done) { it('can add and push a file', function (done) {
var env = Object.create(process.env); var env = Object.create(process.env);
env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh'; env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
execSync('touch newfile && git add newfile && git commit -a -mx && git push ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + ' master', execSync('touch newfile && git add newfile && git commit -a -mx && git push ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + ' master',
{ env: env, cwd: repodir }); { env: env, cwd: repodir });
rimraf.sync('/tmp/testrepo'); rimraf.sync('/tmp/testrepo');
done(); done();
@ -144,7 +144,7 @@ describe('Application life cycle test', function () {
it('can clone the url', function (done) { it('can clone the url', function (done) {
var env = Object.create(process.env); var env = Object.create(process.env);
env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh'; env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
execSync('git clone ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env }); execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
expect(fs.existsSync(repodir + '/newfile')).to.be(true); expect(fs.existsSync(repodir + '/newfile')).to.be(true);
rimraf.sync(repodir); rimraf.sync(repodir);
done(); done();
@ -161,7 +161,7 @@ describe('Application life cycle test', function () {
it('can clone the url', function (done) { it('can clone the url', function (done) {
var env = Object.create(process.env); var env = Object.create(process.env);
env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh'; env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
execSync('git clone ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env }); execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
expect(fs.existsSync(repodir + '/newfile')).to.be(true); expect(fs.existsSync(repodir + '/newfile')).to.be(true);
rimraf.sync(repodir); rimraf.sync(repodir);
done(); done();
@ -187,7 +187,7 @@ describe('Application life cycle test', function () {
browser.get('https://' + app.fqdn + '/' + username + '/' + reponame); browser.get('https://' + app.fqdn + '/' + username + '/' + reponame);
browser.findElement(by.id('repo-clone-ssh')).click(); browser.findElement(by.id('repo-clone-ssh')).click();
browser.findElement(by.id('repo-clone-url')).getAttribute('value').then(function (cloneUrl) { browser.findElement(by.id('repo-clone-url')).getAttribute('value').then(function (cloneUrl) {
expect(cloneUrl).to.be('ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git'); expect(cloneUrl).to.be('ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git');
done(); done();
}); });
}); });
@ -195,7 +195,7 @@ describe('Application life cycle test', function () {
it('can clone the url', function (done) { it('can clone the url', function (done) {
var env = Object.create(process.env); var env = Object.create(process.env);
env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh'; env.GIT_SSH = __dirname + '/git_ssh_wrapper.sh';
execSync('git clone ssh://cloudron@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env }); execSync('git clone ssh://git@' + app.fqdn + ':29418/' + username + '/' + reponame + '.git ' + repodir, { env: env });
expect(fs.existsSync(repodir + '/newfile')).to.be(true); expect(fs.existsSync(repodir + '/newfile')).to.be(true);
rimraf.sync(repodir); rimraf.sync(repodir);
done(); done();