ATProto Browser
Experimental browser for the Atmosphere
Experimental browser for the Atmosphere
{
"$type": "sh.tangled.repo.pull",
"patch": "diff --git a/docker/Dockerfile b/docker/Dockerfile\nnew file mode 100644\nindex 0000000..f7c7604\n--- /dev/null\n+++ b/docker/Dockerfile\n@@ -0,0 +1,52 @@\n+FROM docker.io/golang:1.24-alpine3.21 AS build\n+\n+ENV CGO_ENABLED=1\n+\n+RUN apk add --no-cache gcc musl-dev\n+\n+WORKDIR /usr/src/app\n+\n+COPY go.mod go.sum ./\n+RUN go mod download\n+\n+COPY . .\n+RUN go build -v \\\n+ -o /usr/local/bin/knotserver \\\n+ -ldflags='-s -w -extldflags \"-static\"' \\\n+ ./cmd/knotserver && \\\n+ go build -v \\\n+ -o /usr/local/bin/keyfetch \\\n+ ./cmd/keyfetch && \\\n+ go build -v \\\n+ -o /usr/local/bin/repoguard \\\n+ ./cmd/repoguard\n+\n+FROM docker.io/alpine:3.21\n+\n+LABEL org.opencontainers.image.title=Tangled\n+LABEL org.opencontainers.image.description=\"Tangled is a decentralized and open code collaboration platform, built on atproto.\"\n+LABEL org.opencontainers.image.vendor=Tangled.sh\n+LABEL org.opencontainers.image.licenses=MIT\n+LABEL org.opencontainers.image.url=https://tangled.sh\n+LABEL org.opencontainers.image.source=https://tangled.sh/@tangled.sh/core\n+\n+RUN apk add --no-cache shadow s6-overlay execline openssh git && \\\n+ adduser --disabled-password git && \\\n+ # We need to set password anyway since otherwise ssh won't work\n+ head -c 32 /dev/random | base64 | tr -dc 'a-zA-Z0-9' | passwd git --stdin && \\\n+ mkdir /app && mkdir /home/git/repositories\n+\n+COPY --from=build /usr/local/bin/knotserver /usr/local/bin\n+COPY --from=build /usr/local/bin/keyfetch /usr/local/libexec/tangled-keyfetch\n+COPY --from=build /usr/local/bin/repoguard /home/git/repoguard\n+COPY docker/rootfs/ .\n+\n+RUN chown root:root /usr/local/libexec/tangled-keyfetch && \\\n+ chmod 755 /usr/local/libexec/tangled-keyfetch && \\\n+ chown git:git /home/git/repoguard && \\\n+ chown git:git /app && chown git:git /home/git/repositories\n+\n+EXPOSE 22\n+EXPOSE 5555\n+\n+ENTRYPOINT [\"/init\"]\ndiff --git a/docker/docker-compose.yml b/docker/docker-compose.yml\nnew file mode 100644\nindex 0000000..83670ab\n--- /dev/null\n+++ b/docker/docker-compose.yml\n@@ -0,0 +1,16 @@\n+services:\n+ knot:\n+ build:\n+ context: ..\n+ dockerfile: docker/Dockerfile\n+ environment:\n+ KNOT_SERVER_HOSTNAME: \"knot.example.org\"\n+ KNOT_SERVER_SECRET: \"secret\"\n+ KNOT_SERVER_DB_PATH: \"/app/knotserver.db\"\n+ volumes:\n+ - \"./keys:/etc/ssh/keys\"\n+ - \"./repositories:/home/git/repositories\"\n+ - \"./server:/app\"\n+ ports:\n+ - \"5555:5555\"\n+ - \"2222:22\"\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/create-sshd-host-keys/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/create-sshd-host-keys/type\nnew file mode 100644\nindex 0000000..bdd22a1\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/create-sshd-host-keys/type\n@@ -0,0 +1 @@\n+oneshot\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/create-sshd-host-keys/up b/docker/rootfs/etc/s6-overlay/s6-rc.d/create-sshd-host-keys/up\nnew file mode 100644\nindex 0000000..d25eb18\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/create-sshd-host-keys/up\n@@ -0,0 +1 @@\n+/etc/s6-overlay/scripts/create-sshd-host-keys\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/dependencies.d/base b/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/dependencies.d/base\nnew file mode 100644\nindex 0000000..e69de29\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/run\nnew file mode 100755\nindex 0000000..d1e492e\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/run\n@@ -0,0 +1,3 @@\n+#!/command/with-contenv ash\n+\n+exec s6-setuidgid git /usr/local/bin/knotserver\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/type\nnew file mode 100644\nindex 0000000..5883cff\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/knotserver/type\n@@ -0,0 +1 @@\n+longrun\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/dependencies.d/base b/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/dependencies.d/base\nnew file mode 100644\nindex 0000000..e69de29\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/dependencies.d/create-sshd-host-keys b/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/dependencies.d/create-sshd-host-keys\nnew file mode 100644\nindex 0000000..e69de29\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/run\nnew file mode 100755\nindex 0000000..a7efea4\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/run\n@@ -0,0 +1,3 @@\n+#!/usr/bin/execlineb -P\n+\n+/usr/sbin/sshd -e -D\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/type\nnew file mode 100644\nindex 0000000..5883cff\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/sshd/type\n@@ -0,0 +1 @@\n+longrun\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/knotserver b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/knotserver\nnew file mode 100644\nindex 0000000..e69de29\ndiff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/sshd b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/sshd\nnew file mode 100644\nindex 0000000..e69de29\ndiff --git a/docker/rootfs/etc/s6-overlay/scripts/create-sshd-host-keys b/docker/rootfs/etc/s6-overlay/scripts/create-sshd-host-keys\nnew file mode 100755\nindex 0000000..e435536\n--- /dev/null\n+++ b/docker/rootfs/etc/s6-overlay/scripts/create-sshd-host-keys\n@@ -0,0 +1,21 @@\n+#!/usr/bin/execlineb -P\n+\n+foreground {\n+ if -n { test -d /etc/ssh/keys }\n+ mkdir /etc/ssh/keys\n+}\n+\n+foreground {\n+ if -n { test -f /etc/ssh/keys/ssh_host_rsa_key }\n+ ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_rsa_key -q -N \"\"\n+}\n+\n+foreground {\n+ if -n { test -f /etc/ssh/keys/ssh_host_ecdsa_key }\n+ ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_ecdsa_key -q -N \"\"\n+}\n+\n+foreground {\n+ if -n { test -f /etc/ssh/keys/ssh_host_ed25519_key }\n+ ssh-keygen -t rsa -f /etc/ssh/keys/ssh_host_ed25519_key -q -N \"\"\n+}\ndiff --git a/docker/rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf b/docker/rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf\nnew file mode 100644\nindex 0000000..d41844a\n--- /dev/null\n+++ b/docker/rootfs/etc/ssh/sshd_config.d/tangled_sshd.conf\n@@ -0,0 +1,9 @@\n+HostKey /etc/ssh/keys/ssh_host_rsa_key\n+HostKey /etc/ssh/keys/ssh_host_ecdsa_key\n+HostKey /etc/ssh/keys/ssh_host_ed25519_key\n+\n+PasswordAuthentication no\n+\n+Match User git\n+ AuthorizedKeysCommand /usr/local/libexec/tangled-keyfetch -git-dir /home/git/repositories\n+ AuthorizedKeysCommandUser nobody\n",
"title": "Docker support",
"pullId": 14,
"targetRepo": "at://did:plc:wshs7t2adsemcrrd4snkeqli/sh.tangled.repo/3liuighjy2h22",
"targetBranch": "master"
}