Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3766487
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/Dockerfile b/Dockerfile
index aa3f87f..b769eb4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,33 +1,43 @@
#
# Nasqueron - Phabricator image
#
FROM nasqueron/nginx-php-fpm
MAINTAINER Sébastien Santoro aka Dereckson <dereckson+nasqueron-docker@espace-win.org>
#
# Prepare the container
#
RUN apt-get update && apt-get install -y \
- mercurial subversion python-pygments openssh-client \
- mysql-client \
+ mercurial subversion python-pygments openssh-client openssh-server sendmail-bin \
+ sudo mysql-client \
--no-install-recommends && rm -r /var/lib/apt/lists/*
RUN cd /opt && \
git clone https://github.com/phacility/libphutil.git && \
git clone https://github.com/phacility/arcanist.git && \
git clone https://github.com/phacility/phabricator.git && \
mkdir -p /var/tmp/phd && \
chown app:app /var/tmp/phd
+RUN mkdir -p /var/run/sshd
+RUN mkdir -p /usr/libexec
+
COPY files /
+RUN chmod +x /usr/libexec/ssh-phabricator-hook
+RUN chown -R root.root /usr/libexec
#
# Docker properties
#
VOLUME ["/opt/phabricator/conf/local", "/var/repo"]
WORKDIR /opt/phabricator
+RUN adduser -q --disabled-password --gecos "Phabricator VCS User" vcs-user
+RUN ./bin/config set phd.user app
+RUN ./bin/config set diffusion.ssh-user vcs-user
+RUN ./bin/config set diffusion.ssh-port 2222
+
CMD ["/usr/local/sbin/init-container"]
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..5718e77
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,3 @@
+all:
+ /usr/bin/docker build -t nasqueron/phabricator .
+ docker pull nasqueron/aphlict
diff --git a/files/etc/ssh-phabricator/sshd_config b/files/etc/ssh-phabricator/sshd_config
new file mode 100644
index 0000000..2fda9b3
--- /dev/null
+++ b/files/etc/ssh-phabricator/sshd_config
@@ -0,0 +1,12 @@
+AuthorizedKeysCommand /usr/libexec/ssh-phabricator-hook
+AuthorizedKeysCommandUser vcs-user
+
+Port 2222
+Protocol 2
+PermitRootLogin no
+AllowAgentForwarding no
+AllowTcpForwarding no
+PrintMotd no
+PrintLastLog no
+PasswordAuthentication no
+AuthorizedKeysFile none
diff --git a/files/etc/sudoers.d/phabricator b/files/etc/sudoers.d/phabricator
new file mode 100644
index 0000000..76cd607
--- /dev/null
+++ b/files/etc/sudoers.d/phabricator
@@ -0,0 +1,2 @@
+app ALL=(root) SETENV: NOPASSWORD: /usr/bin/git, /usr/lib/git-core/git-http-backend
+vcs-user ALL=(app) SETENV: NOPASSWD: /usr/bin/git, /usr/lib/git-core/git-http-backend, /usr/lib/git-core/git-upload-pack, /usr/lib/git-core/git-receive-pack
diff --git a/files/usr/libexec/ssh-phabricator-hook b/files/usr/libexec/ssh-phabricator-hook
new file mode 100644
index 0000000..1ea70ab
--- /dev/null
+++ b/files/usr/libexec/ssh-phabricator-hook
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# NOTE: Replace this with the username that you expect users to connect with.
+VCSUSER="vcs-user"
+
+# NOTE: Replace this with the path to your Phabricator directory.
+ROOT="/opt/phabricator"
+
+if [ "$1" != "$VCSUSER" ];
+then
+ exit 1
+fi
+
+exec "$ROOT/bin/ssh-auth" $@
\ No newline at end of file
diff --git a/files/usr/local/sbin/init-container b/files/usr/local/sbin/init-container
index 0f5105e..b8ef8cc 100755
--- a/files/usr/local/sbin/init-container
+++ b/files/usr/local/sbin/init-container
@@ -1,9 +1,11 @@
#!/bin/sh
if [ ! -f .initialized ]; then
# Container is initialized according the environment variables
# passed to the container to setup Phabricator.
/usr/local/bin/setup-phabricator
fi
+/usr/sbin/sshd -f /etc/ssh-phabricator/sshd_config
+
/usr/local/sbin/runsvdir-init
diff --git a/ubuntu/aphlict-docker.conf b/ubuntu/aphlict-docker.conf
new file mode 100644
index 0000000..fca04f0
--- /dev/null
+++ b/ubuntu/aphlict-docker.conf
@@ -0,0 +1,11 @@
+description "Aphlict in Docker"
+author "aeppert@gmail.com"
+start on filesystem and started docker and started phabricator-docker
+stop on runlevel [!2345]
+respawn
+
+script
+ /usr/bin/docker kill aphlict || true
+ /usr/bin/docker rm aphlict || true
+ /usr/bin/docker run -t --rm=true -p 22280-22281:22280-22281 --name aphlict nasqueron/aphlict
+end script
diff --git a/ubuntu/phabricator-docker.conf b/ubuntu/phabricator-docker.conf
new file mode 100644
index 0000000..44862c7
--- /dev/null
+++ b/ubuntu/phabricator-docker.conf
@@ -0,0 +1,14 @@
+description "Phabricator in Docker"
+author "aeppert@gmail.com"
+start on filesystem and started docker and started mysql-phabricator
+stop on runlevel [!2345]
+respawn
+
+script
+ mkdir -p /opt/phabricator
+ mkdir -p /opt/phabricator/repo
+ mkdir -p /opt/phabricator/conf
+ /usr/bin/docker kill phabricator || true
+ /usr/bin/docker rm phabricator || true
+ usr/bin/docker run --rm=true --name phabricator --link mysql-phabricator:mysql -v /opt/phabricator/repo:/var/repo -v /opt/phabricator/conf:/opt/phabricator/conf -p 9000:80 -p 9443:443 -p 2222:2222 -e PHABRICATOR_URL="http://phabricator:9000" -e PHABRICATOR_TITLE="Phabricator" nasqueron/phabricator
+end script
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sun, Nov 24, 18:27 (2 h, 55 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2258274
Default Alt Text
(4 KB)
Attached To
Mode
rDPHAB Docker image for Phabricator
Attached
Detach File
Event Timeline
Log In to Comment