* If using a different $USER then rename git user
* Chown based on $USER env
* Target only one part of passwd
* su-exec based on $USER
not a hardcoded value
Why:
* We are using self-signed ssl certificates for internal services, which results in failures when gitea tries to communicate through webhooks with these. We would like to enable gitea to be able to use these certificates without having to build custom docker images.
How
* We add the internal certificates to /usr/local/share/ca-certificates on the host
* We read-only mount /usr/local/share/ca-certificates from the host to /usr/local/share/ca-certificates in the container
* We do a update-ca-certificates in the alpine container before starting gitea
This should have no consequence for users that do not have the need to handle self-signed certificates, as update-ca-certificates should be idempotent.
* Add `gettext` dependencies as we need `envsubst` command;
* Modified s6's gitea setup script, instead of `cp` the template if no
`app.ini` exist, it will substitude the envvars and generate the new
`app.ini`;
* Make `/docker/etc/templates/app.ini` a template contains environment
variables;
Signed-off-by: Tao Wang <twang2218@gmail.com>
I have restructured the docker build process entirely, the binary gets
built outside of the docker build command, now we are managing all
dependencies with real Alpine packages and I have dropped features like
socat or the cron daemon.
Signed-off-by: Thomas Boerger <tboerger@suse.de>