Add syslog & fix /data/git rights & SOCAT_LINK env var

- Resolve gogs#1893 - Add syslogd to output sshd log on stdout (via `docker logs`) - Enforce directory rights on `/data/git`, `/data/gogs` & `/data/ssh` - Add `SOCAT_LINK` environment variable to prevent the creation of scout links when they are not needed (see gogs#1815)
konstantinbrazhnik · Nov 4, 2015 · 9a8aeef · 9a8aeef
1 parent 603c738
commit 9a8aeef
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 19 deletions.
diff --git a/docker/s6/gogs/setup b/docker/s6/gogs/setup
@@ -20,3 +20,4 @@ ln -sf /data/gogs/data ./data
 ln -sf /data/git /home/git
 
 chown -R git:git /data /app/gogs ~git/
+chmod 0755 /data /data/gogs ~git/
diff --git a/docker/s6/openssh/setup b/docker/s6/openssh/setup
@@ -23,4 +23,5 @@ fi
 
 # Set correct right to ssh keys
 chown -R root:root /data/ssh/*
-chmod 600 /data/ssh/*
+chmod 0700 /data/ssh
+chmod 0600 /data/ssh/*
diff --git a/docker/s6/syslogd/run b/docker/s6/syslogd/run
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if test -f ./setup; then
+    source ./setup
+fi
+
+exec gosu root /sbin/syslogd -nS -O-
diff --git a/docker/start.sh b/docker/start.sh
@@ -13,24 +13,29 @@ for f in /data/gogs/data /data/gogs/conf /data/gogs/log /data/git /data/ssh; do
 done
 
 # Bind linked docker container to localhost socket using socat
-USED_PORT="3000:22"
-while read NAME ADDR PORT; do
-    if test -z "$NAME$ADDR$PORT"; then
-        continue
-    elif echo $USED_PORT | grep -E "(^|:)$PORT($|:)" > /dev/null; then
-        echo "init:socat | Can't bind linked container ${NAME} to localhost, port ${PORT} already in use" 1>&2
-    else
-        SERV_FOLDER=/app/gogs/docker/s6/SOCAT_${NAME}_${PORT}
-        mkdir -p ${SERV_FOLDER}
-        CMD="socat -ls TCP4-LISTEN:${PORT},fork,reuseaddr TCP4:${ADDR}:${PORT}"
-        echo -e "#!/bin/sh\nexec $CMD" > ${SERV_FOLDER}/run
-        chmod +x ${SERV_FOLDER}/run
-        USED_PORT="${USED_PORT}:${PORT}"
-        echo "init:socat | Linked container ${NAME} will be binded to localhost on port ${PORT}" 1>&2
-    fi
-done << EOT
-$(env | sed -En 's|(.*)_PORT_([0-9]+)_TCP=tcp://(.*):([0-9]+)|\1 \3 \4|p')
-EOT
+LINK=$(echo "$SOCAT_LINK" | tr '[:upper:]' '[:lower:]')
+if [ "$LINK" != "false" -a "$LINK" != "0" ]; then
+
+    USED_PORT="3000:22"
+    while read NAME ADDR PORT; do
+        if test -z "$NAME$ADDR$PORT"; then
+            continue
+        elif echo $USED_PORT | grep -E "(^|:)$PORT($|:)" > /dev/null; then
+            echo "init:socat | Can't bind linked container ${NAME} to localhost, port ${PORT} already in use" 1>&2
+        else
+            SERV_FOLDER=/app/gogs/docker/s6/SOCAT_${NAME}_${PORT}
+            mkdir -p ${SERV_FOLDER}
+            CMD="socat -ls TCP4-LISTEN:${PORT},fork,reuseaddr TCP4:${ADDR}:${PORT}"
+            echo -e "#!/bin/sh\nexec $CMD" > ${SERV_FOLDER}/run
+            chmod +x ${SERV_FOLDER}/run
+            USED_PORT="${USED_PORT}:${PORT}"
+            echo "init:socat | Linked container ${NAME} will be binded to localhost on port ${PORT}" 1>&2
+        fi
+    done << EOT
+    $(env | sed -En 's|(.*)_PORT_([0-9]+)_TCP=tcp://(.*):([0-9]+)|\1 \3 \4|p')
+    EOT
+
+fi
 
 # Exec CMD or S6 by default if nothing present
 if [ $# -gt 0 ];then
Original file line number	Diff line number	Diff line change
Expand Up		@@ -20,3 +20,4 @@ ln -sf /data/gogs/data ./data
		ln -sf /data/git /home/git

		chown -R git:git /data /app/gogs ~git/
		chmod 0755 /data /data/gogs ~git/