website/content/blog/lightweight-gitc-docker-compose.md

203 lines
5.2 KiB
Markdown
Raw Normal View History

2023-01-21 02:14:40 +00:00
---
2023-01-25 18:20:29 +00:00
date: 2023-01-20 21:14:03-05:00
2023-01-21 02:14:40 +00:00
draft: false
math: false
2023-01-25 18:20:29 +00:00
medium_enabled: true
medium_post_id: b86160f97df9
tags:
- Git
title: Deploying a Lightweight Git Server with CGit using Docker-Compose
2023-01-21 02:14:40 +00:00
---
In this post, I'll talk about how we can setup CGit within a docker-compose setup. We'll be using the [ClearLinux CGit](https://hub.docker.com/r/clearlinux/cgit) container.
## Configuring Apache Webserver
Within the CGit container, an apache webserver is setup to execute the CGit CGI scripts. This configuration is very similar to the [default one](https://github.com/clearlinux/dockerfiles/blob/256680f7c6be8423081e67153de0bff1206f6b63/cgit/httpd-cgit.conf) provided by ClearLinux. However, the default holds your repositories in the `/cgit` subfolder as I wanted it on the root `/` folder.
/etc/httpd-cgit.conf
```apache
ServerName localhost
# Next two lines changed for new document root
DocumentRoot /var/www/cgit
<Directory "/var/www/cgit">
AllowOverride None
Options ExecCGI FollowSymLinks
Require all granted
</Directory>
# cgid module is required to run the cgit binary
LoadModule cgid_module lib/httpd/modules/mod_cgid.so
<IfModule cgid_module>
ScriptSock /var/run/cgid.sock
</IfModule>
# Path to cgit stylesheet, graphics
Alias /cgit-data /usr/share/cgit
<Directory "/usr/share/cgit">
AllowOverride None
Options None
Require all granted
</Directory>
# Path to cgit binary
# Next line changed
ScriptAlias / /usr/libexec/cgit/cgi-bin/cgit/
<Directory "/usr/libexec/cgit/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
```
## Configuring CGit
Now to configure `cgit` itself, we need to create a file called `cgitrc`. Order matters in the declarations, and from what I can gather you should have your `scan-path` near the end of the file.
To enable cloning and have it discoverable:
```ini
enable-http-clone=1
clone-prefix=https://URL/TO/WEBSITE
```
To download snapsots of the references
```ini
snapshots=tar.gz zip
```
To enable the git config to override the owner and description fields
```ini
enable-git-config=1
```
Cache up to 1000 output entries
```ini
cache-size=1000
```
Root Page configuration
```ini
root-title=Brandon Rozek's Repositories
root-desc=
repository-sort=age
# Start all URLs from the root directory
virtual-root=/
```
Server the appropriate mime-types of certain files
```ini
mimetype.gif=image/gif
mimetype.html=text/html
mimetype.jpg=image/jpeg
mimetype.jpeg=image/jpeg
mimetype.pdf=application/pdf
mimetype.png=image/png
mimetype.svg=image/svg+xml
```
Styles for the website
```ini
css=/cgit-data/cgit.css
logo=/cgit-data/cgit.png
favicon=/cgit-data/favicon.ico
source-filter=/usr/libexec/cgit/filters/syntax-highlighting.sh
about-filter=/usr/libexec/cgit/filters/about-formatting.sh
readme=:README.md
readme=:README
```
Where to find the repositories
```ini
scan-path=/var/www/cgit/
```
## Setting up the container
I prefer using `docker-compose` to help manage all my containers. The first two volumes map the configuration files we created and the last volume holds our repositories.
```yaml
cgit:
image: docker.io/clearlinux/cgit
container_name: cgit
hostname: cgit
volumes:
- /etc/cgitrc:/etc/cgitrc
- /etc/httpd-cgit.conf:/etc/httpd/conf.d/httpd-cgit.conf
- /var/www/cgit:/var/www/cgit
restart: always
```
## Populating it with Repositories
Within `/var/www/cgit`, start cloning your repositories:
```bash
git clone --bare REPO_URL
```
If you enabled gitinfo then for each repository you can run `git config -e` and add the following
```ini
[gitweb]
owner = Name <Email>
description = Insert your project description here
```
### Aside: Reverse Proxy
In my setup, I have an `nginx` container that handles all of the traffic. Therefore, I don't have users enter to the cgit container directly. I handle this by adding the following reverse proxy configuration.
```nginx
server {
listen 80;
listen [::]:80;
server_name GIT.SERVER.URL
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name GIT.SERVER.URL;
ssl_certificate /path/to/chain;
ssl_certificate_key /path/to/private/key;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://cgit;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
# Needed to get around HTTP2 Streaming Errors
proxy_hide_header Upgrade;
}
}
```
## Conclusion
After all the configuration, you should be able to pull it up using `docker-compose`.
```bash
docker-compose up cgit
```
## References
These references talked about setting up cgit outside of docker, but they helped me understand the various configuration files needed.
- https://russellhaering.com/running-cgit-under-nginx/
- https://jakesthoughts.xyz/blog/setting-up-cgit.html
- https://www.yaroslavps.com/weblog/minimal-git-server/
- https://blog.stefan-koch.name/2020/02/16/installing-cgit-nginx-on-debian
- https://bryanbrattlof.com/cgit-nginx-gitolite-a-personal-git-server/
2023-01-25 18:20:29 +00:00
- https://matejamaric.com/blog/git-server/