+1

.containerignore

reviewed

··· 1 1 + .git

+37

Containerfile

reviewed

··· 1 1 + FROM golang:1.25-alpine AS builder 2 2 + 3 3 + ARG TAG='v1.11.0-alpha' 4 4 + 5 5 + ENV KNOT_REPO_SCAN_PATH=/home/git 6 6 + ENV CGO_ENABLED=1 7 7 + 8 8 + WORKDIR /app 9 9 + 10 10 + RUN apk add --no-cache git gcc musl-dev 11 11 + RUN echo "${TAG}" > /VERSION && \ 12 12 + echo "Building tag: ${TAG}" && \ 13 13 + git clone -b "${TAG}" https://tangled.org/@tangled.org/core . 14 14 + RUN go build -o /usr/bin/knot -ldflags '-s -w -extldflags "-static"' ./cmd/knot 15 15 + 16 16 + FROM alpine:latest 17 17 + 18 18 + EXPOSE 22 5555 19 19 + 20 20 + ARG UID=1000 21 21 + ARG GID=1000 22 22 + 23 23 + RUN apk add --no-cache shadow s6-overlay execline openssl openssh git curl bash 24 24 + 25 25 + COPY --from=builder /usr/bin/knot /usr/bin 26 26 + COPY --from=builder /VERSION / 27 27 + COPY rootfs / 28 28 + 29 29 + RUN groupadd -g $GID git && \ 30 30 + useradd -u $UID -g $GID -m -d /home/git -s /bin/bash -p "*" git && \ 31 31 + mkdir -p /etc/ssh/keys && \ 32 32 + mkdir -p /app && \ 33 33 + chown -R git:git /app /home/git && \ 34 34 + chmod 755 /etc && \ 35 35 + chmod -R 755 /etc/s6-overlay 36 36 + 37 37 + ENTRYPOINT ["/init"]

+1

rootfs/etc/s6-overlay/s6-rc.d/generate-motd/type

reviewed

··· 1 1 + oneshot

+1

rootfs/etc/s6-overlay/s6-rc.d/generate-motd/up

reviewed

··· 1 1 + /etc/s6-overlay/scripts/generate-motd

rootfs/etc/s6-overlay/s6-rc.d/knotserver/dependencies.d/base

reviewed

This is a binary file and will not be displayed.

rootfs/etc/s6-overlay/s6-rc.d/knotserver/dependencies.d/generate-motd

reviewed

This is a binary file and will not be displayed.

+3

rootfs/etc/s6-overlay/s6-rc.d/knotserver/run

reviewed

··· 1 1 + #!/command/with-contenv ash 2 2 + 3 3 + exec s6-setuidgid git /usr/bin/knot server

+1

rootfs/etc/s6-overlay/s6-rc.d/knotserver/type

reviewed

··· 1 1 + longrun

rootfs/etc/s6-overlay/s6-rc.d/sshd/dependencies.d/base

reviewed

This is a binary file and will not be displayed.

+3

rootfs/etc/s6-overlay/s6-rc.d/sshd/run

reviewed

··· 1 1 + #!/usr/bin/execlineb -P 2 2 + 3 3 + /usr/sbin/sshd -e -D

+1

rootfs/etc/s6-overlay/s6-rc.d/sshd/type

reviewed

··· 1 1 + longrun

rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/knotserver

reviewed

This is a binary file and will not be displayed.

rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/sshd

reviewed

This is a binary file and will not be displayed.

+7

rootfs/etc/s6-overlay/scripts/generate-motd

reviewed

··· 1 1 + #!/usr/bin/with-contenv bash 2 2 + 3 3 + KNOT_VERSION=$(cat /VERSION 2>/dev/null) 4 4 + 5 5 + sed -e "s/{{version}}/${KNOT_VERSION}/g" \ 6 6 + -e "s/{{hostname}}/${KNOT_SERVER_HOSTNAME_MOTD}/g" \ 7 7 + /home/git/motd.template > /home/git/motd

+3

rootfs/etc/ssh/sshd_config.d/authorized_keys_command.conf

reviewed

··· 1 1 + Match User git 2 2 + AuthorizedKeysCommand /usr/bin/knot keys -o authorized-keys 3 3 + AuthorizedKeysCommandUser nobody

+2

rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf

reviewed

··· 1 1 + HostKey /etc/ssh/keys/ssh_host_ed25519_key 2 2 + PasswordAuthentication no