A minimal GIT server.
git clone https://github.com/unixtastic/git-ssh-server docker build -t 'unixtastic/git-ssh-server' .
To run this first create a data directory on your docker host to hold git data, ssh authentication,
and possibly git-shell-commands.
Run the container.
docker run -d -p 2222:22 -v /docker_data/git:/git unixtastic/git-ssh-server
You may substitute '2222' with any port number of your choosing.
cd /docker_data/git mkdir .ssh chown -R 987:987 .ssh chmod -R 700 .ssh touch .ssh/authorized_keys chmod 600 .ssh/authorized_keys
Add user public keys to
.ssh/authorized_keys just like you would do for 'normal' SSH.
touch /docker_data/git/.hushlogin to prevent login banners that can confuse git.
mkdir /docker_data/git/mynewproject.git cd /docker_data/git/mynewproject.git git --bare init chown -R 987:987 .
Clone the repo from a client:
git clone ssh://git@myserver:2222/git/mynewproject.git
mkdir /docker_data/git/git-shell-commands chown 987:987 /docker_data/git/git-shell-commands chmod 700 /docker_data/git/git-shell-commands
Add your commands to the above directory. You might want to start with list, which
you can find under
/usr/share/doc on most git client machines.
The SSH host keys are generated at the first run of each new container. This will confuse some git clients and really should be changed.
I fooled with this for a couple of days, and realized that the sshd service wasn't starting up. Even adding "RUN sv stop sshd && sv start sshd" to the bottom of the Dockerfile did not fix it.
So, I changed the CMD to be ("/usr/sbin/sshd", "-D") and it worked right first time. I don't know what the other services were supposed to do, but the one thing that needed to happen on startup was get SSH going, and that wasn't working without manually launching it after the image booted up. Hope this helps someone, or somebody can give a proper fix.
Hi, I am still a bit of a n00b with Docker, so this may be a silly question. I have pulled and started this image, but whenever my server has been restarted, I need to attach the image with bash and do a "service ssh start" in order to be able to get in contact with the SSH server. What am I doing wrong?
I was hoping that was it but unfortunately, still no joy. I did get a bit more time to look into this tonight and found the culprit I believe.
After I ran the following:
docker run -p 2222:22 -v $(pwd)/data/git:/git unixtastic/git-ssh-server ls -la /git
I was met with the following:
$ docker run -p 2222:22 -v $(pwd)/data/git:/git unixtastic/git-ssh-server ls -la /git total 4 drwxr-xr-x 1 1000 staff 170 Feb 8 01:56 . drwxr-xr-x 65 root root 4096 Feb 8 01:56 .. -rw-r--r-- 1 1000 staff 0 Feb 8 01:56 .hushlogin drwx------ 1 1000 staff 102 Feb 8 01:56 .ssh drwxr-xr-x 1 1000 staff 340 Feb 8 01:56 config-repo.git
chown isn't working correctly via boot2docker it seems. After finding this out, I found this issue on the boot2docker github issues list:
The suggested workaround is to use a Docker volume container which I'm not familiar with (but will be soon). Will update you once I get that up and running. If you have any advice/words of wisdom I'm all ears though. :)
Phusion seems to have changed. It's not generating the SSH host keys without a '-f'. I'll update the Dockerfile.
This appears to be SElinux evil-ness. Run the following command on the host and it should work:
chcon -Rt svirt_sandbox_file_t /docker_data/git
Pls let me know if this fixes it for you so I can update the readme.
Thanks for the quick response! No joy unfortunately. I will continue to debug - will update here if I find the reason.
I'm not sure why SSH authentication is failing for you. It MAY be that .ssh/authorized_keys has the wrong ownership or permissions. Please try chown -R 987 .ssh and chmod -R 700 .ssh. If that works I'll update the instructions.
Not sure whether this is something specific to boot2docker or not, but its my only guess at this point. I've been trying for the last few hours to get this running on my laptop (Mac + boot2docker (v1.3.2)) and I can't get the users added.
I've set up the configuration in a bash script as follows which looks good based on your instructions:
mkdir -p data/git/.ssh cd data/git touch .ssh/authorized_keys touch .hushlogin cat ~/.ssh/id_rsa.pub >> .ssh/authorized_keys chown 987 .ssh chmod 700 .ssh mkdir config-repo.git cd config-repo.git git --bare init chown -R 987:987 .
Afterwards running your image (from same directory as the commands above were executed in) with:
docker run -d -p 2222:22 -v $(pwd)/data/git:/git unixtastic/git-ssh-server
Then I get the following when I try to clone:
git clone ssh://git@localhost:2222/git/config-repo.git
Cloning into 'config-repo'...
Wondering if there's something obvious I'm doing wrong or if it's a limitation of boot2docker maybe...?
Thanks for letting me know. I've updated the Dockerfile to set a long random password for the git user.
Hi, thanks for this image, it's very useful.
I ran into a problem, the git account appeared to be locked and I got these messages in /var/log/auth.log
Dec 7 20:45:18 6e553b1bdbdf sshd: Connection from 192.168.0.16 port 47297 on 172.17.0.3 port 22 Dec 7 20:45:19 6e553b1bdbdf sshd: User git not allowed because account is locked Dec 7 20:45:19 6e553b1bdbdf sshd: input_userauth_request: invalid user git [preauth] Dec 7 20:45:20 6e553b1bdbdf sshd: error: Could not get shadow information for NOUSER Dec 7 20:45:20 6e553b1bdbdf sshd: Failed password for invalid user git from 192.168.0.16 port 47297 ssh2
Apparently it needed a password to be set, so I ran:
docker exec 6e553b1bdbdf usermod -p nopass git
and got it working.