dockerfiles/gitserver/start.sh

70 lines
1.6 KiB
Bash
Raw Normal View History

#!/bin/bash
set -e
set -o pipefail
[ "$DEBUG" == 'true' ] && set -x
DAEMON=sshd
HOSTKEY=/etc/ssh/ssh_host_ed25519_key
# create the host key if not already created
if [[ ! -f "${HOSTKEY}" ]]; then
ssh-keygen -A
fi
mkdir -p "${HOME}/.ssh"
# shellcheck disable=SC1091
source /etc/profile
[ "$PUBKEY" ] && echo "$PUBKEY" > "${HOME}/.ssh/authorized_keys"
chown -R git:git "${HOME}"
chmod -R 755 "${HOME}"
# Fix permissions, if writable
if [[ -w "${HOME}/.ssh" ]]; then
chown git:git "${HOME}/.ssh" && chmod 700 "${HOME}/.ssh/"
fi
if [[ -w "${HOME}/.ssh/authorized_keys" ]]; then
chown git:git "${HOME}/.ssh/authorized_keys"
chmod 600 "${HOME}/.ssh/authorized_keys"
fi
# Warn if no config
if [[ ! -e "${HOME}/.ssh/authorized_keys" ]]; then
echo "WARNING: No SSH authorized_keys found for git"
fi
# set the default shell
mkdir -p "${HOME}/git-shell-commands"
cat > "${HOME}/git-shell-commands/no-interactive-login" <<\EOF
#!/bin/sh
printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not"
printf '%s\n' "provide interactive shell access."
exit 128
EOF
chmod +x "${HOME}/git-shell-commands/no-interactive-login"
stop() {
echo "Received SIGINT or SIGTERM. Shutting down $DAEMON"
# Get PID
pid=$(cat "/var/run/${DAEMON}/${DAEMON}.pid")
# Set TERM
kill -SIGTERM "${pid}"
# Wait for exit
wait "${pid}"
# All done.
echo "Done."
}
echo "Running $*"
if [[ "$(basename "$1")" == "$DAEMON" ]]; then
trap stop SIGINT SIGTERM
# shellcheck disable=SC2068
$@ &
pid="$!"
mkdir -p "/var/run/${DAEMON}" && echo "${pid}" > "/var/run/${DAEMON}/${DAEMON}.pid"
wait "${pid}" && exit $?
else
exec "$@"
fi