Page MenuHomeDevCentral

No OneTemporary

diff --git a/Dockerfile b/Dockerfile
index aa3f87f..b769eb4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,33 +1,43 @@
#
# Nasqueron - Phabricator image
#
FROM nasqueron/nginx-php-fpm
MAINTAINER Sébastien Santoro aka Dereckson <dereckson+nasqueron-docker@espace-win.org>
#
# Prepare the container
#
RUN apt-get update && apt-get install -y \
- mercurial subversion python-pygments openssh-client \
- mysql-client \
+ mercurial subversion python-pygments openssh-client openssh-server sendmail-bin \
+ sudo mysql-client \
--no-install-recommends && rm -r /var/lib/apt/lists/*
RUN cd /opt && \
git clone https://github.com/phacility/libphutil.git && \
git clone https://github.com/phacility/arcanist.git && \
git clone https://github.com/phacility/phabricator.git && \
mkdir -p /var/tmp/phd && \
chown app:app /var/tmp/phd
+RUN mkdir -p /var/run/sshd
+RUN mkdir -p /usr/libexec
+
COPY files /
+RUN chmod +x /usr/libexec/ssh-phabricator-hook
+RUN chown -R root.root /usr/libexec
#
# Docker properties
#
VOLUME ["/opt/phabricator/conf/local", "/var/repo"]
WORKDIR /opt/phabricator
+RUN adduser -q --disabled-password --gecos "Phabricator VCS User" vcs-user
+RUN ./bin/config set phd.user app
+RUN ./bin/config set diffusion.ssh-user vcs-user
+RUN ./bin/config set diffusion.ssh-port 2222
+
CMD ["/usr/local/sbin/init-container"]
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..5718e77
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,3 @@
+all:
+ /usr/bin/docker build -t nasqueron/phabricator .
+ docker pull nasqueron/aphlict
diff --git a/files/etc/ssh-phabricator/sshd_config b/files/etc/ssh-phabricator/sshd_config
new file mode 100644
index 0000000..2fda9b3
--- /dev/null
+++ b/files/etc/ssh-phabricator/sshd_config
@@ -0,0 +1,12 @@
+AuthorizedKeysCommand /usr/libexec/ssh-phabricator-hook
+AuthorizedKeysCommandUser vcs-user
+
+Port 2222
+Protocol 2
+PermitRootLogin no
+AllowAgentForwarding no
+AllowTcpForwarding no
+PrintMotd no
+PrintLastLog no
+PasswordAuthentication no
+AuthorizedKeysFile none
diff --git a/files/etc/sudoers.d/phabricator b/files/etc/sudoers.d/phabricator
new file mode 100644
index 0000000..76cd607
--- /dev/null
+++ b/files/etc/sudoers.d/phabricator
@@ -0,0 +1,2 @@
+app ALL=(root) SETENV: NOPASSWORD: /usr/bin/git, /usr/lib/git-core/git-http-backend
+vcs-user ALL=(app) SETENV: NOPASSWD: /usr/bin/git, /usr/lib/git-core/git-http-backend, /usr/lib/git-core/git-upload-pack, /usr/lib/git-core/git-receive-pack
diff --git a/files/usr/libexec/ssh-phabricator-hook b/files/usr/libexec/ssh-phabricator-hook
new file mode 100644
index 0000000..1ea70ab
--- /dev/null
+++ b/files/usr/libexec/ssh-phabricator-hook
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# NOTE: Replace this with the username that you expect users to connect with.
+VCSUSER="vcs-user"
+
+# NOTE: Replace this with the path to your Phabricator directory.
+ROOT="/opt/phabricator"
+
+if [ "$1" != "$VCSUSER" ];
+then
+ exit 1
+fi
+
+exec "$ROOT/bin/ssh-auth" $@
\ No newline at end of file
diff --git a/files/usr/local/sbin/init-container b/files/usr/local/sbin/init-container
index 0f5105e..b8ef8cc 100755
--- a/files/usr/local/sbin/init-container
+++ b/files/usr/local/sbin/init-container
@@ -1,9 +1,11 @@
#!/bin/sh
if [ ! -f .initialized ]; then
# Container is initialized according the environment variables
# passed to the container to setup Phabricator.
/usr/local/bin/setup-phabricator
fi
+/usr/sbin/sshd -f /etc/ssh-phabricator/sshd_config
+
/usr/local/sbin/runsvdir-init
diff --git a/ubuntu/aphlict-docker.conf b/ubuntu/aphlict-docker.conf
new file mode 100644
index 0000000..fca04f0
--- /dev/null
+++ b/ubuntu/aphlict-docker.conf
@@ -0,0 +1,11 @@
+description "Aphlict in Docker"
+author "aeppert@gmail.com"
+start on filesystem and started docker and started phabricator-docker
+stop on runlevel [!2345]
+respawn
+
+script
+ /usr/bin/docker kill aphlict || true
+ /usr/bin/docker rm aphlict || true
+ /usr/bin/docker run -t --rm=true -p 22280-22281:22280-22281 --name aphlict nasqueron/aphlict
+end script
diff --git a/ubuntu/phabricator-docker.conf b/ubuntu/phabricator-docker.conf
new file mode 100644
index 0000000..44862c7
--- /dev/null
+++ b/ubuntu/phabricator-docker.conf
@@ -0,0 +1,14 @@
+description "Phabricator in Docker"
+author "aeppert@gmail.com"
+start on filesystem and started docker and started mysql-phabricator
+stop on runlevel [!2345]
+respawn
+
+script
+ mkdir -p /opt/phabricator
+ mkdir -p /opt/phabricator/repo
+ mkdir -p /opt/phabricator/conf
+ /usr/bin/docker kill phabricator || true
+ /usr/bin/docker rm phabricator || true
+ usr/bin/docker run --rm=true --name phabricator --link mysql-phabricator:mysql -v /opt/phabricator/repo:/var/repo -v /opt/phabricator/conf:/opt/phabricator/conf -p 9000:80 -p 9443:443 -p 2222:2222 -e PHABRICATOR_URL="http://phabricator:9000" -e PHABRICATOR_TITLE="Phabricator" nasqueron/phabricator
+end script

File Metadata

Mime Type
text/x-diff
Expires
Sun, Nov 24, 18:27 (2 h, 55 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2258274
Default Alt Text
(4 KB)

Event Timeline