Allow Gitea to run as different USER in Docker (#3961)

* If using a different $USER then rename git user * Chown based on $USER env * Target only one part of passwd * su-exec based on $USER not a hardcoded value
go-gitea · May 16, 2018 · ecfc401 · ecfc401
1 parent 4ceb92f
commit ecfc401
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 2 deletions.
diff --git a/docker/etc/s6/gitea/run b/docker/etc/s6/gitea/run
@@ -2,5 +2,5 @@
 [[ -f ./setup ]] && source ./setup
 
 pushd /app/gitea > /dev/null
-    exec su-exec git /app/gitea/gitea web
+    exec su-exec $USER /app/gitea/gitea web
 popd
diff --git a/docker/etc/s6/gitea/setup b/docker/etc/s6/gitea/setup
@@ -39,5 +39,5 @@ if [ ! -f /data/gitea/conf/app.ini ]; then
     envsubst < /etc/templates/app.ini > /data/gitea/conf/app.ini
 fi
 
-chown -R git:git /data/gitea /app/gitea /data/git
+chown -R ${USER}:git /data/gitea /app/gitea /data/git
 chmod 0755 /data/gitea /app/gitea /data/git
diff --git a/docker/usr/bin/entrypoint b/docker/usr/bin/entrypoint
@@ -1,5 +1,12 @@
 #!/bin/sh
 
+if [ "${USER}" != "git" ]; then
+    # rename user
+    sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd
+    # switch sshd config to different user
+    sed -i -e "s/AllowUsers git/AllowUsers ${USER}/g" /etc/ssh/sshd_config
+fi
+
 ## Change GID for USER?
 if [ -n "${USER_GID}" ] && [ "${USER_GID}" != "`id -g ${USER}`" ]; then
     sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/" /etc/group