diff --git a/cgit/centos7/Dockerfile b/cgit/centos7/Dockerfile new file mode 100644 index 00000000..026fdfcc --- /dev/null +++ b/cgit/centos7/Dockerfile @@ -0,0 +1,20 @@ +FROM registry.centos.org/centos/centos:7 + +MAINTAINER Mohammed Zeeshan Ahmed + +RUN yum -y update && yum clean all + +RUN mkdir -p /srv/git /opt/scripts + +ADD ./fix-permissions.sh ./install.sh ./passwd.template ./run.sh /opt/scripts/ + +RUN chmod -R 777 /opt/scripts && . /opt/scripts/install.sh + +WORKDIR /srv/git + +EXPOSE 8080 8443 + +USER apache + +ENTRYPOINT ["/opt/scripts/run.sh"] +CMD ["cgit"] diff --git a/cgit/centos7/cccp.yml b/cgit/centos7/cccp.yml new file mode 100644 index 00000000..7adff7dd --- /dev/null +++ b/cgit/centos7/cccp.yml @@ -0,0 +1 @@ +job-id: cgit \ No newline at end of file diff --git a/cgit/centos7/fix-permissions.sh b/cgit/centos7/fix-permissions.sh new file mode 100755 index 00000000..a4f15b03 --- /dev/null +++ b/cgit/centos7/fix-permissions.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +# Fix permissions on the given directory to allow group read/write of +# regular files and execute of directories. +set -eux +find "$1" -exec chown ${2} {} \; +find "$1" -exec chgrp 0 {} \; +find "$1" -exec chmod g+rw {} \; +find "$1" -type d -exec chmod g+x {} + \ No newline at end of file diff --git a/cgit/centos7/install.sh b/cgit/centos7/install.sh new file mode 100755 index 00000000..3a768f04 --- /dev/null +++ b/cgit/centos7/install.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash + +set -eux; + +# Initialize variables +HTTPD_CONF="/etc/httpd/conf/httpd.conf" +HTTPD_WELCOME="/etc/httpd/conf.d/welcome.conf" +CGIT_CONF="/etc/cgitrc" +CGIT_REPOS="/etc/cgitrepos" +INSTALL_PKGS="cgit highlight policycoreutils-python httpd nss_wrapper gettext"; + +# Setup necessary packages +yum -y install epel-release && yum -y install ${INSTALL_PKGS}; + +# Fixup Configurations +rm -rf ${HTTPD_WELCOME}; +sed -i 's/^Listen 80/Listen 8080\\\nListen 8443/g' ${HTTPD_CONF}; +sed -i 's/^Listen 8080\\/Listen 8080/g' ${HTTPD_CONF}; +sed -i 's/^Group apache/Group root/g' ${HTTPD_CONF}; +echo -e "scan-path=/srv/git\n" >> /etc/cgitrc; +touch ${CGIT_REPOS} && echo -e "include=${CGIT_REPOS}\n" >> /${CGIT_CONF}; +mkdir -p /etc/httpd/logs && touch /etc/httpd/logs/error_log && touch /etc/httpd/logs/access_log; + +# Fix the permissions +for item in "/srv/git" "/etc/cgitrepos" "/etc/httpd" "/var/www"; do + . /opt/scripts/fix-permissions.sh ${item} apache; +done + +chmod -R 777 /etc/httpd/logs diff --git a/cgit/centos7/passwd.template b/cgit/centos7/passwd.template new file mode 100644 index 00000000..744ecd84 --- /dev/null +++ b/cgit/centos7/passwd.template @@ -0,0 +1,14 @@ +root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/bin:/sbin/nologin +daemon:x:2:2:daemon:/sbin:/sbin/nologin +adm:x:3:4:adm:/var/adm:/sbin/nologin +lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin +sync:x:5:0:sync:/sbin:/bin/sync +shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown +halt:x:7:0:halt:/sbin:/sbin/halt +mail:x:8:12:mail:/var/spool/mail:/sbin/nologin +operator:x:11:0:operator:/root:/sbin/nologin +games:x:12:100:games:/usr/games:/sbin/nologin +ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin +nobody:x:99:99:Nobody:/:/sbin/nologin +apache:x:${USER_ID}:${GROUP_ID}:Apache User:${HOME}:/bin/bash \ No newline at end of file diff --git a/cgit/centos7/run.sh b/cgit/centos7/run.sh new file mode 100644 index 00000000..a49297bb --- /dev/null +++ b/cgit/centos7/run.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +export USER_ID=$(id -u); +export GROUP_ID=$(id -g); +envsubst < /opt/scripts/passwd.template > /tmp/passwd; +export LD_PRELOAD=libnss_wrapper.so; +export NSS_WRAPPER_PASSWD=/tmp/passwd; +export NSS_WRAPPER_GROUP=/etc/group; + +if [ $1 == "cgit" ]; then + exec /usr/sbin/httpd -DFOREGROUND; +else + exec $1 +fi \ No newline at end of file