mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-23 22:01:22 +00:00
cb87f29b76
Why: * We are using self-signed ssl certificates for internal services, which results in failures when gitea tries to communicate through webhooks with these. We would like to enable gitea to be able to use these certificates without having to build custom docker images. How * We add the internal certificates to /usr/local/share/ca-certificates on the host * We read-only mount /usr/local/share/ca-certificates from the host to /usr/local/share/ca-certificates in the container * We do a update-ca-certificates in the alpine container before starting gitea This should have no consequence for users that do not have the need to handle self-signed certificates, as update-ca-certificates should be idempotent.
44 lines
1.3 KiB
Bash
Executable file
44 lines
1.3 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
/usr/sbin/update-ca-certificates
|
|
|
|
if [ ! -d /data/git/.ssh ]; then
|
|
mkdir -p /data/git/.ssh
|
|
chmod 700 /data/git/.ssh
|
|
fi
|
|
|
|
if [ ! -f /data/git/.ssh/environment ]; then
|
|
echo "GITEA_CUSTOM=/data/gitea" >| /data/git/.ssh/environment
|
|
chmod 600 /data/git/.ssh/environment
|
|
fi
|
|
|
|
if [ ! -f /data/gitea/conf/app.ini ]; then
|
|
mkdir -p /data/gitea/conf
|
|
|
|
# Set INSTALL_LOCK to true only if SECRET_KEY is not empty and
|
|
# INSTALL_LOCK is empty
|
|
if [ -n "$SECRET_KEY" ] && [ -z "$INSTALL_LOCK" ]; then
|
|
INSTALL_LOCK=true
|
|
fi
|
|
|
|
# Substitude the environment variables in the template
|
|
APP_NAME=${APP_NAME:-"Gitea: Git with a cup of tea"} \
|
|
RUN_MODE=${RUN_MODE:-"dev"} \
|
|
SSH_DOMAIN=${SSH_DOMAIN:-"localhost"} \
|
|
HTTP_PORT=${HTTP_PORT:-"3000"} \
|
|
ROOT_URL=${ROOT_URL:-""} \
|
|
DISABLE_SSH=${DISABLE_SSH:-"false"} \
|
|
SSH_PORT=${SSH_PORT:-"22"} \
|
|
DB_TYPE=${DB_TYPE:-"sqlite3"} \
|
|
DB_HOST=${DB_HOST:-"localhost:3306"} \
|
|
DB_NAME=${DB_NAME:-"gitea"} \
|
|
DB_USER=${DB_USER:-"root"} \
|
|
DB_PASSWD=${DB_PASSWD:-""} \
|
|
INSTALL_LOCK=${INSTALL_LOCK:-"false"} \
|
|
SECRET_KEY=${SECRET_KEY:-""} \
|
|
envsubst < /etc/templates/app.ini > /data/gitea/conf/app.ini
|
|
fi
|
|
|
|
chown -R git:git /data/gitea /app/gitea /data/git
|
|
chmod 0755 /data/gitea /app/gitea /data/git
|